So you're saying I can send an email to a root CA, and as long as the clear, unsigned from field looks serious they'll sign my cert for a domain? Can you DEMONSTRATE this? TFA sure didn't.
By registering an email account like "admin" or "ssladmin", an attacker could contact certification authorities and request a new certificate pretending to be a staff member of the service.
Would it really be that simple? Wouldn't a CA require any correspondence from the mail site be signed with one of their certificates?In TFA the author never succeeds (or tries) to get a CA to go along.
Which printer are you allowed to send to? Who pays for it? Is the printer a member of a pool? Is that printer down this week and are the jobs being rerouted? How will you open your document at home when work's keyserver is ten routers away?
Even if you devise a print service running parallel to the other home-office WAN services, it's still going to have to replicate all of the permissions and policies of the file service/intranet/whatever. The whole idea of the VPN is you get a box (or a program) that suddenly makes all of the rules you run your network by extend out over the WAN to everyone who is invited, thus hiding the WAN-ness of the whole mess from the applications that run on the network, thus making the LAN services much more useful without having to change them.
But yeah sometimes you "just wanna print something." Thus CUPS. Any solution that extends printing out over the WAN is going to inevitably require the user to intervene much more than with "mere" printing, and devices security policies, have passwords, configure routers, and before you know it, you have, like the old joke about LISP, implemented a buggy half of a VPN.
Shouldn't you be able to print your report for the office from home or on the road on a laptop?
I can set that up for you today with a VPN, which after all is a much more general and thoroughgoing solution which encompasses security, privilege and policy issues as well as merely printing.
Or more specifically one universal printer driver.
Postscript? It doesn't control the paper handling, as you point out, but there are a lot of different solutions on offer along these lines. Xerox printer/copiers run a web server that allow you to upload print jobs through a web interface and set paper handling/stapling/job deferment/billing etc. through an HTML form. A generalization of this would be nice, but what's the difference between typing the IP address of the nearby printer to submit a job and typing http://print.google.com/ to submit a job, fundamentally?
Printing sucks on Linux, Windows, Mac, and every other platform because it is a very large problem, and abstractions tend to hide controls that are necessary to produce decent results.
I don't know what you're doing wrong or right, but CUPS is excellent.
Also what should be done if an document overflows from the size of the printable area. (If you are printing things to go in a button machine, you want the image to not be scaled. If there is an important disclaimer at the end of the page you want the page scaled so the disclaimer shows.
This is a client issue, not a printer issue. The printer should treat all information as semantically neutral, letting the client know what the page geometry is and making its own adjustments accordingly.
Also brightness of the paper, and color of the paper are issues if you actually care about what the finished product looks like.
Spot colors are another factor for the print driver to deal with.
ColorSync. Again, the technology for all of this stuff has been around since the 80s. The only real difference here is Google is trying to commoditize it over the WAN, since making it easier to run is an important part of making Google app/Chrome TCO lower, demand higher, thus ad revenues higher.
You can criticize all you like, just don't be annoyed when people point out your criticism is as ineffective and specious as it is when other companies are on the receiving end. Tu quoque?
now that everyone associates "new PC" with HP, Dell, Compaq or Apple, why should they add extra glitz to their products if they don't need to?
It's weird because in these new markets the old line vendors do need to differentiate their product and push it hard if they want adoption. Their approach, in general, has been utterly feckless and they all basically lean on Google and Microsoft to do all of the work for them, and then applying their effort not on consumers but on resellers, to get favorable placement and tie-ins. When people want an Apple, they want an Apple. When people want an Android phone, they want an Android phone, so they show up at a shop, and basically, whichever hardware vendor made the most favorable arrangement with the shop, that vendor's phones sell better.
It's almost as if they enjoy being the tail on Google and Microsoft's dog, and don't mind being commoditized and having to duke it out in price with a hundred Chinese knockoffs.
It seems strange to be so self-righteous about marketing, in a forum on a site that is basically a big community PR platform for VA Linux. It might seem like it fosters open debate, but overall the selection of issues and the guidance in the summaries is strongly tilted toward facilitating dialogue about how awesome Linux and the GNU interpretation of open source are, with a regular diet of Apple/science/general tech stories to draw in new readers.
Everybody markets, and you are constantly acting under marketing's influence. Marketing's awesome! You saw the TRON trailer, right? That's marketing.
You're wearing denim jeans right now, right? Marketing.
You may fancy yourself an expert on a few things, capable of making objective decisions, but in most aspects of your spending life, I assure you, you're responding to very basic stimuli induced on you by marketers. And it's completely legal, legitimate, fair, and even necessary.
This continuing slashdot obsession with disqualifying goods (from any manufacturer) because they're well-marketed is bizzare.
You shouldn't be asking why Apple is so effective at marketing... Apple is merely competent. You really should ask yourself, why, if HP and Dell have such good products, they invariable allow their products to be introduced as blurry pictures on Gizmodo or Ars Technica, give them unrememberable names, and are so inept in their follow through and promotion that anybody who actually cares to develop or add value to their product might as well blow their brains out now and save the trouble.
Quality is determined by (unbiased) reviews and by using the product yourself. Apple does do well in this regard, but the difference compared to other products is not as great as the sales figures suggest.
How on earth do you quantify this to the extent to prove that there's a disparity? I think you're resting on a deeply flawed premise, namely, that there's an objective standard of quality independent of the individual buying decision. Do you have some sort of model that can map the (unbiased) reviews of a product to a price?
I mean, what gives some reviewer the superior knowledge necessary to make pronouncements on the quality of a product? So much for the bazaar... Of course, Linux fanboys always keep the strawman of the "stupid kool-aid drinking MS/Apple fanboy" close by, to shame and ridicule those who don't meet their ideological and moral standards.
Are you saying that there is tradeoff between marketing and quality, and that they're essentially zero-sum?
Aside from the success of a product in the open market, are you suggesting that there should be some sort of separate, virtuous way of evaluating its quality? Something more morally/politicaly favorable to your personal preference, perhaps?
Google's stuff is open and pretty much free-of-charge.
As long as they can read your email, your documents, your voicemail messages, perform data mining on your publicly-available personal information in order to constantly present you with targeted advertising.
While I appreciate your comment, take it from somebody who's been on a picket line: don't expect your opinions and public shaming to make much of a difference when there's money to be made.
And that's marching in front of an employer's door -- I actually had to get out of bed to do that. Everyone I see criticizing this decision is doing it from the comfort of their (often enough Apple) keyboards.
If you block you're not going to eat into your battery as much as if you were polling-- the issue with letting the 3rd parties do whatever they want in the background is you can't prevent them from polling.
You might not even need to block explicitly; I haven't seen how this API works, but if it resembles Grand Central Dispatch you can register blocks of code to run whenever a port has new data-- the port is a "dispatch source" that spins off a block you write. You never block or poll, you just register your handler alot like a signal handler and kevents essentially starts the ball rolling.
Again, has nothing to do with the topic of multitasking.Again, has nothing to do with the topic of multitasking.
The point I'm making is that most of the multitasking debate is basically driven by bullet-point-ism that has no relation to what the market is actually demanding from their phones, and that having really really good multitasking doesn't have any effect on a phone's success or failure. You see here that Palm can build an awesome phone with all of these features people on the/. lurve ("javascript apps!," "'true' multitasking!", "isn't APPLE!" "isn't ATT!" "screws with iTunes!") and it's basically irrelevant when the phone features that actually matter are long battery life, ease of use and good reception.
The real objection is not about whether you like to see ads or don't like to see ads. No. The objection is that the moment you see a single ad you did not wish to see, you have lost control over the device. That's completely unacceptable when you are already paying.
With respect, they showed Skype running in the background and accepting calls; they didn't go into the specifics of how any of this was implemented or what the API "looks like," but it's clear that if you're an app developer, you at least have to ability to launch code that runs while other apps are running, are able to listen on ports and post UI notifications while other apps are running, and are able to change the window (like adding the "Skype" top windowframe) while other apps are running.
The phone could always multitask, it was a question of wether or not 3rd parties would be permitted to.
I hope the $cientologists lost a boatload on this one.
The backers of the film were primarily: Intermedia, a German film funding entity -- basically a hedge fund that uses the (then) favorable German tax laws on film production to make money for its investors; and Travolta himself, though he only put in $5 million. Warner put up something like $20 million in marketing.
There was a huge lawsuit after the film failed to turn a profit, because Elie Samaha -- persident of Franchise, the company the put together the funding/distribution package -- had lied to Intermedia and grossly understated the budget of the film. Intermedia had agreed to put up $35 million of the budget for the film, with the understanding they were going to get the foreign distribution rights on a $75 million Hollywood sci-fi action movie. However Samaha had lied to Intermedia about the budget and simply put in none of his own money, thus the film was quite anemically-budgeted, which definitely hurt it.
So aside from the $5 million JT put into it (and he probably made that back in his acting fee), the CoS itself lost no money. The production was really careful about avoiding any links to the Church itself... though they probably made a tidy amount on the sale of the book and character rights to the film and toy companies.
Fundamentally the use of a self-signed cert versus a CA-signed one has to be left to the bank customer, I think, and if they choose to go the self-signed route they should be taking a small affirmative step, since they're the one that wants the security anyways. There's no more secure method of key exchange than a signing party; smart cards can be hacked, a piece of paper with human handwriting cannot.
We're going for a solution for the safety-conscious/paranoid person... for normal people there's absolutely no problem with the PKI as it stands, since, as I said before, all of their bank info can just be subpoenaed the old fashioned way anyways.
Slashdot Mirror
So you're saying I can send an email to a root CA, and as long as the clear, unsigned from field looks serious they'll sign my cert for a domain? Can you DEMONSTRATE this? TFA sure didn't.
Would it really be that simple? Wouldn't a CA require any correspondence from the mail site be signed with one of their certificates?In TFA the author never succeeds (or tries) to get a CA to go along.
Which printer are you allowed to send to? Who pays for it? Is the printer a member of a pool? Is that printer down this week and are the jobs being rerouted? How will you open your document at home when work's keyserver is ten routers away?
Even if you devise a print service running parallel to the other home-office WAN services, it's still going to have to replicate all of the permissions and policies of the file service/intranet/whatever. The whole idea of the VPN is you get a box (or a program) that suddenly makes all of the rules you run your network by extend out over the WAN to everyone who is invited, thus hiding the WAN-ness of the whole mess from the applications that run on the network, thus making the LAN services much more useful without having to change them.
But yeah sometimes you "just wanna print something." Thus CUPS. Any solution that extends printing out over the WAN is going to inevitably require the user to intervene much more than with "mere" printing, and devices security policies, have passwords, configure routers, and before you know it, you have, like the old joke about LISP, implemented a buggy half of a VPN.
I can set that up for you today with a VPN, which after all is a much more general and thoroughgoing solution which encompasses security, privilege and policy issues as well as merely printing.
Postscript? It doesn't control the paper handling, as you point out, but there are a lot of different solutions on offer along these lines. Xerox printer/copiers run a web server that allow you to upload print jobs through a web interface and set paper handling/stapling/job deferment/billing etc. through an HTML form. A generalization of this would be nice, but what's the difference between typing the IP address of the nearby printer to submit a job and typing http://print.google.com/ to submit a job, fundamentally?
I don't know what you're doing wrong or right, but CUPS is excellent.
This is a client issue, not a printer issue. The printer should treat all information as semantically neutral, letting the client know what the page geometry is and making its own adjustments accordingly.
ColorSync. Again, the technology for all of this stuff has been around since the 80s. The only real difference here is Google is trying to commoditize it over the WAN, since making it easier to run is an important part of making Google app/Chrome TCO lower, demand higher, thus ad revenues higher.
You can criticize all you like, just don't be annoyed when people point out your criticism is as ineffective and specious as it is when other companies are on the receiving end. Tu quoque?
It's weird because in these new markets the old line vendors do need to differentiate their product and push it hard if they want adoption. Their approach, in general, has been utterly feckless and they all basically lean on Google and Microsoft to do all of the work for them, and then applying their effort not on consumers but on resellers, to get favorable placement and tie-ins. When people want an Apple, they want an Apple. When people want an Android phone, they want an Android phone, so they show up at a shop, and basically, whichever hardware vendor made the most favorable arrangement with the shop, that vendor's phones sell better.
It's almost as if they enjoy being the tail on Google and Microsoft's dog, and don't mind being commoditized and having to duke it out in price with a hundred Chinese knockoffs.
It seems strange to be so self-righteous about marketing, in a forum on a site that is basically a big community PR platform for VA Linux. It might seem like it fosters open debate, but overall the selection of issues and the guidance in the summaries is strongly tilted toward facilitating dialogue about how awesome Linux and the GNU interpretation of open source are, with a regular diet of Apple/science/general tech stories to draw in new readers.
Everybody markets, and you are constantly acting under marketing's influence. Marketing's awesome! You saw the TRON trailer, right? That's marketing.
You're wearing denim jeans right now, right? Marketing.
You may fancy yourself an expert on a few things, capable of making objective decisions, but in most aspects of your spending life, I assure you, you're responding to very basic stimuli induced on you by marketers. And it's completely legal, legitimate, fair, and even necessary.
This continuing slashdot obsession with disqualifying goods (from any manufacturer) because they're well-marketed is bizzare.
You shouldn't be asking why Apple is so effective at marketing... Apple is merely competent. You really should ask yourself, why, if HP and Dell have such good products, they invariable allow their products to be introduced as blurry pictures on Gizmodo or Ars Technica, give them unrememberable names, and are so inept in their follow through and promotion that anybody who actually cares to develop or add value to their product might as well blow their brains out now and save the trouble.
How on earth do you quantify this to the extent to prove that there's a disparity? I think you're resting on a deeply flawed premise, namely, that there's an objective standard of quality independent of the individual buying decision. Do you have some sort of model that can map the (unbiased) reviews of a product to a price?
I mean, what gives some reviewer the superior knowledge necessary to make pronouncements on the quality of a product? So much for the bazaar... Of course, Linux fanboys always keep the strawman of the "stupid kool-aid drinking MS/Apple fanboy" close by, to shame and ridicule those who don't meet their ideological and moral standards.
Are you saying that there is tradeoff between marketing and quality, and that they're essentially zero-sum?
Aside from the success of a product in the open market, are you suggesting that there should be some sort of separate, virtuous way of evaluating its quality? Something more morally/politicaly favorable to your personal preference, perhaps?
Apparently having competent public relations is cheating -- or something. You act as if Apple was putting a gun to the heads of the Gizmodo editors.
As long as they can read your email, your documents, your voicemail messages, perform data mining on your publicly-available personal information in order to constantly present you with targeted advertising.
While I appreciate your comment, take it from somebody who's been on a picket line: don't expect your opinions and public shaming to make much of a difference when there's money to be made.
And that's marching in front of an employer's door -- I actually had to get out of bed to do that. Everyone I see criticizing this decision is doing it from the comfort of their (often enough Apple) keyboards.
Windows ain't done, until Lotus won't run...
No, they just say you have to use their CLI, or else your application wears the Scarlet Letter of Untrust when the user runs it.
malloc() does return null every now and then...
I haven't rebooted my iPhone this year, and I play Monopoly too, so I dunno.. cannot reproduce bug in ticket.
"Simple" in the sense of its formal defintion -- its rules are very simple -- not in subjective complexity.
If you block you're not going to eat into your battery as much as if you were polling-- the issue with letting the 3rd parties do whatever they want in the background is you can't prevent them from polling.
You might not even need to block explicitly; I haven't seen how this API works, but if it resembles Grand Central Dispatch you can register blocks of code to run whenever a port has new data-- the port is a "dispatch source" that spins off a block you write. You never block or poll, you just register your handler alot like a signal handler and kevents essentially starts the ball rolling.
The point I'm making is that most of the multitasking debate is basically driven by bullet-point-ism that has no relation to what the market is actually demanding from their phones, and that having really really good multitasking doesn't have any effect on a phone's success or failure. You see here that Palm can build an awesome phone with all of these features people on the /. lurve ("javascript apps!," "'true' multitasking!", "isn't APPLE!" "isn't ATT!" "screws with iTunes!") and it's basically irrelevant when the phone features that actually matter are long battery life, ease of use and good reception.
You need multitasking like this when your OS is so flaky that you need to run a third-party app that reboots your phone every night.
So you don't own your radio or television?
The three-hour battery life part or the going bankrupt by catering to whims of tech forum trolls part?
With respect, they showed Skype running in the background and accepting calls; they didn't go into the specifics of how any of this was implemented or what the API "looks like," but it's clear that if you're an app developer, you at least have to ability to launch code that runs while other apps are running, are able to listen on ports and post UI notifications while other apps are running, and are able to change the window (like adding the "Skype" top windowframe) while other apps are running.
The phone could always multitask, it was a question of wether or not 3rd parties would be permitted to.
Maybe if you hate on the iPhone and its users enough, someone will finally love you.
The backers of the film were primarily: Intermedia, a German film funding entity -- basically a hedge fund that uses the (then) favorable German tax laws on film production to make money for its investors; and Travolta himself, though he only put in $5 million. Warner put up something like $20 million in marketing.
There was a huge lawsuit after the film failed to turn a profit, because Elie Samaha -- persident of Franchise, the company the put together the funding/distribution package -- had lied to Intermedia and grossly understated the budget of the film. Intermedia had agreed to put up $35 million of the budget for the film, with the understanding they were going to get the foreign distribution rights on a $75 million Hollywood sci-fi action movie. However Samaha had lied to Intermedia about the budget and simply put in none of his own money, thus the film was quite anemically-budgeted, which definitely hurt it.
So aside from the $5 million JT put into it (and he probably made that back in his acting fee), the CoS itself lost no money. The production was really careful about avoiding any links to the Church itself... though they probably made a tidy amount on the sale of the book and character rights to the film and toy companies.
There's no more secure method of key exchange than a signing party;
Well, that's a little extreme and I regret writing it.
Fundamentally the use of a self-signed cert versus a CA-signed one has to be left to the bank customer, I think, and if they choose to go the self-signed route they should be taking a small affirmative step, since they're the one that wants the security anyways. There's no more secure method of key exchange than a signing party; smart cards can be hacked, a piece of paper with human handwriting cannot.
We're going for a solution for the safety-conscious/paranoid person... for normal people there's absolutely no problem with the PKI as it stands, since, as I said before, all of their bank info can just be subpoenaed the old fashioned way anyways.