If/when Microsoft shifts to Webkit, they really, really, REALLY need to install it as an unprivileged application, and make certain that it just BROWSES. It doesn't need hooks into dozens of programs, it doesn't need privileges, it doesn't need much of anything. A few plugins, addons such as Mozilla and Google offer for their own browsers. Leave it at that.
A browser on Windows should be just as much, and no more than a browser on any Unix-like. The browser shouldn't even be used for updates, as Microsoft has done for all these years. A separate and distinct updating program is a requirement, with no overlap in privileges.
I love it when people spout this shit. Here, let me enlighten you:
1. Internet Explorer is not just an unprivileged application, it's sandboxed as well. It has less access to the system than the user it's running as does. 2. Internet Explorer does not hook into anything. In fact, Internet Explorer is just dumb chrome around Trident, which is just a bunch of libraries functionally equivalent to the Gecko or WebKit libraries. They aren't special libraries with more access or anything like that either. 3. Internet Explorer isn't used by Windows Update. Hell, even Trident isn't.
It's missing the "giant fucking memory leak" and "takes half an hour to start" features that Opera invented too. (Hint: 3 tabs should not consume 1.7GB of fucking memory).
Dating sites have always worked that way. Haven't you noticed how sites (especially AFF and their like) say "not real members" in really microscopic print on their ads?
Disingenuous. "They DO not pass through supernodes" is not the same as "They CAN not pass through supernodes."
Microsoft had at that time already obtained a patent describing recording agents that can be placed in a multitude of devices, including routers. There is also the note of a recording agent software that represents “a software module that logically and/or physically sits between the call server and the network.” According to Microsoft, the agent will have access “to each communication sent to and from the call server,” which clearly refers to the general infrastructure of a VoIP service and network.
Disingenuous. "They DO NOT pass through supernodes" clearly says that calls do not pass through supernodes, whether they can or not. Furthermore, the patent on recording agents is completely irrelevant - it's clearly something useful for.. oh, I don't know... Unified Communications Systems like Lync.
While we don't know the full details of how Skype handles its key exchange, what is clear is that Skype is in a position to impersonate its customers, or, should it be forced, to give a government agency the ability to impersonate its customers. As Skype acts as the gatekeeper of conversations, and the only entity providing any authentication of callers, users have no way of knowing if they're directly communicating with a friend they frequently chat with, or if their connection is being intercepted using a man in the middle attack, made possible due to the disclosure of cryptographic keys by Skype to the government.
If both ends are sufficiently vicious, my understanding is that the call will likely fail. I have seen Skype fail before. (Remember, it is just Kazaa after all).
Regardless, Skype still insists that the calls are end-to-end encrypted, which would mean the traffic would just be an amorphous TLS blob anyway.
Proving my point again. You quoted Skype's response to claims their source code was leaked, and not their response to claims that calls are being routed through the supernodes, which was responded to thusly:
As part of our ongoing commitment to continually improve the Skype user experience, we developed supernodes which can be located on dedicated servers within secure datacenters. This has not changed the underlying nature of Skype’s peer-to-peer (P2P) architecture, in which supernodes simply allow users to find one another (calls do not pass through supernodes). We believe this approach has immediate performance, scalability and availability benefits for the hundreds of millions of users that make up the Skype community.
(Emphasis mine). Which is very specific, non-evasive, and the exact opposite of your claims. No surprises there.
Actually, I just checked and TFA is completely wrong. The certificate issued to cloud1.browser.ovi.com has subject alternate names for cloud1 - cloud13. Which means it is perfectly valid, and there is no dodgyness occurring at all.
Also, that Lync (formerly Office Communicator) is completely unrelated to Windows Live Messenger? If anything, they'll be looking to phase that out in favour of Yammer.
It's funny you say that, because you can also log into Skype with a Facebook account. And do you know why? Because Skype powers Facebook's real-time voice/video chat features.
You know, that very article itself also completely counters that point. Perhaps next time you try to invent a conspiracy theory, you should find a source that doesn't prove the exact opposite of your rumours?
No, because the wildcard character may only be in the leftmost part of the CN component of the certificate. A certificate issued to "*" would be completely invalid for all purposes.
Actual truth: Most of the CAs are Symantec, using multiple names to make it appear there is actually competition. Graph: Huge lump of CAs making it look like they aren't all Symantec.
Nah, because the games are still property of the companies that developed and/or published them, not Valve. For Valve's games (all, what, six of them?) yeah, you're right - but the third party games are the issue.
No, it's not their copyright. The games on Steam are the property of the developers/publishers, not Valve. Stripping the DRM from them and releasing them would be a violation of those developers' copyrights.
No, the GPL FAQ actually covers this very question - legally the company, including you as an employee, are considered one legal entity, therefore it is not distribution and the GPL does not take effect.
Rebellion are pricks anyway. They're the studio that sued Stardock/Ironclad for trademark infringement because their game has the word "Rebellion" in the title.
Slashdot Mirror
If/when Microsoft shifts to Webkit, they really, really, REALLY need to install it as an unprivileged application, and make certain that it just BROWSES. It doesn't need hooks into dozens of programs, it doesn't need privileges, it doesn't need much of anything. A few plugins, addons such as Mozilla and Google offer for their own browsers. Leave it at that.
A browser on Windows should be just as much, and no more than a browser on any Unix-like. The browser shouldn't even be used for updates, as Microsoft has done for all these years. A separate and distinct updating program is a requirement, with no overlap in privileges.
I love it when people spout this shit. Here, let me enlighten you:
1. Internet Explorer is not just an unprivileged application, it's sandboxed as well. It has less access to the system than the user it's running as does.
2. Internet Explorer does not hook into anything. In fact, Internet Explorer is just dumb chrome around Trident, which is just a bunch of libraries functionally equivalent to the Gecko or WebKit libraries. They aren't special libraries with more access or anything like that either.
3. Internet Explorer isn't used by Windows Update. Hell, even Trident isn't.
It's missing the "giant fucking memory leak" and "takes half an hour to start" features that Opera invented too. (Hint: 3 tabs should not consume 1.7GB of fucking memory).
Really? In Firefox 17 on my work desktop (NO addons at all), Ctrl+Tab is in last used order, not sequential. Is it different on yours?
Dating sites have always worked that way. Haven't you noticed how sites (especially AFF and their like) say "not real members" in really microscopic print on their ads?
You won't get paid, Facebook will. And the feature already exists, in a limited fashion.
Yes, except that Facebook gets the money, not you.
There better be a way to disable this dumbass function as a recipient.
Disingenuous. "They DO not pass through supernodes" is not the same as "They CAN not pass through supernodes."
Microsoft had at that time already obtained a patent describing recording agents that can be placed in a multitude of devices, including routers. There is also the note of a recording agent software that represents “a software module that logically and/or physically sits between the call server and the network.” According to Microsoft, the agent will have access “to each communication sent to and from the call server,” which clearly refers to the general infrastructure of a VoIP service and network.
Disingenuous. "They DO NOT pass through supernodes" clearly says that calls do not pass through supernodes, whether they can or not. Furthermore, the patent on recording agents is completely irrelevant - it's clearly something useful for.. oh, I don't know... Unified Communications Systems like Lync.
http://appft1.uspto.gov/netacgi/nph-Parser?Sect1=PTO2&Sect2=HITOFF&p=1&u=%2Fnetahtml%2FPTO%2Fsearch-bool.html&r=1&f=G&l=50&co1=AND&d=PG01&s1=20110153809.PGNR.&OS=DN/20110153809RS=DN/20110153809
The only conclusion you can make is that:
While we don't know the full details of how Skype handles its key exchange, what is clear is that Skype is in a position to impersonate its customers, or, should it be forced, to give a government agency the ability to impersonate its customers. As Skype acts as the gatekeeper of conversations, and the only entity providing any authentication of callers, users have no way of knowing if they're directly communicating with a friend they frequently chat with, or if their connection is being intercepted using a man in the middle attack, made possible due to the disclosure of cryptographic keys by Skype to the government.
http://paranoia.dubfire.net/2012/07/the-known-unknows-of-skype-interception.html?m=1
Actually, no, that's not the only conclusion you can make. It's the only conclusion that you are willing to make, because you're a tinfoil hat nutter.
If both ends are sufficiently vicious, my understanding is that the call will likely fail. I have seen Skype fail before. (Remember, it is just Kazaa after all).
Regardless, Skype still insists that the calls are end-to-end encrypted, which would mean the traffic would just be an amorphous TLS blob anyway.
Proving my point again. You quoted Skype's response to claims their source code was leaked, and not their response to claims that calls are being routed through the supernodes, which was responded to thusly:
(Emphasis mine). Which is very specific, non-evasive, and the exact opposite of your claims. No surprises there.
Actually, I just checked and TFA is completely wrong. The certificate issued to cloud1.browser.ovi.com has subject alternate names for cloud1 - cloud13. Which means it is perfectly valid, and there is no dodgyness occurring at all.
You realise Facebook video chat is Skype right?
No, thought not.
Also, that Lync (formerly Office Communicator) is completely unrelated to Windows Live Messenger? If anything, they'll be looking to phase that out in favour of Yammer.
Citrix (Gotomeeting) and Cisco (Webex) are likely chomping at the bit right now.
It's funny you say that, because you can also log into Skype with a Facebook account. And do you know why? Because Skype powers Facebook's real-time voice/video chat features.
Supernodes don't route calls. Think of them as being directory assistance.
You know, that very article itself also completely counters that point. Perhaps next time you try to invent a conspiracy theory, you should find a source that doesn't prove the exact opposite of your rumours?
No, because the wildcard character may only be in the leftmost part of the CN component of the certificate. A certificate issued to "*" would be completely invalid for all purposes.
The prosecutor that stepped down from the case and delegated her authority to the State AG to prosecute the case?
Yup, definitely a coverup. Mod parent -5 Wrong.
Actually, yes. The HTML5 Geolocation interface is indeed supported by IE10.
Actual truth: Most of the CAs are Symantec, using multiple names to make it appear there is actually competition.
Graph: Huge lump of CAs making it look like they aren't all Symantec.
Nah, because the games are still property of the companies that developed and/or published them, not Valve. For Valve's games (all, what, six of them?) yeah, you're right - but the third party games are the issue.
No, it's not their copyright. The games on Steam are the property of the developers/publishers, not Valve. Stripping the DRM from them and releasing them would be a violation of those developers' copyrights.
No, the GPL FAQ actually covers this very question - legally the company, including you as an employee, are considered one legal entity, therefore it is not distribution and the GPL does not take effect.
Only if it's GPLv3. GPLv2 wouldn't require them to give you the keys as the "Tivo Clause" hadn't been written yet.
The sites pretty much all stopped getting updated when Fox stopped paying us (I also used to work on an IGN site).
Rebellion are pricks anyway. They're the studio that sued Stardock/Ironclad for trademark infringement because their game has the word "Rebellion" in the title.
They can go to hell.