There are some problems with a completely peer-to-peer system. I would love this to happen, so I have given it some (not much) thought..
Identity: you want to maintain the same user ID across multiple computers (+mobile phones, etc). You need name resolution, going from username to IP address. This could be solved with a DHT, but DHTs are kind of slow and unreliable. You also need authentication. This could be solved using public key crypto. Because all the login data are distributed to all the clients (that's the only way it can be saved), the passwords have to stand up to an offline attack. One could use a trick like hasing the password thousands of times to make an offline attack more difficult.
Connectivity: As most computers are behind NAT, and UPnP is probably not available for the majority, it is *impossible* to make connections to new computers. So initial connections will only go to computers which are globally accessible. After that, it is possible to connect most computers using UDP NAT traversal, but it's error prone. So not having those fixed points of access like the MS skype servers will make things slower. This is not just for voice and file transfers, but also for the underlying protocol data. Even with IPv6, the RFCs recommend that end users have a stateful firewall, so the problem wouldn't go away.
Spam: spam could be handled by requiring both users to add eachother as contacts independently (if you allow "friend requests", spam bots could send thousands of those)
Trust: It would be possible for an attacker to intercept all traffic and act as a man in the middle, because there is no ultimate source of trust. This could be mitigated by storing public keys locally, and throwing a fit if the public keys on the network changed. When adding a new contact, some serious crypto would have to be done to verify that the public key you store for that contact is the right one (similar to authentication, maybe a similar solution could be done).
Contacts: all contacts would have to be stored on distributed storage. Users expect to have their contacts available when they put in their credentials. So there may be a lot of storage required on each node if there are millions of nodes in total.
Size: I don't think people have made P2P networks with close to a billion users.
65 Mbps up is pretty great too. I wonder why they don't do symmetric, because the upstream tech is probably symmetric, though maybe they use fewer fibre connections for the upload. It seems to be uncapped, so this would be pretty awesome if I could get it and if I could afford it. Some people should run Tor exit nodes (probably not allowed).
Fedora is really a bad example. Fedora is really good, but they push new buggy tech all the time. (Fedora user here, but I would use FreeBSD if the graphics driver was better)
It doens't even have to be an accident. If you give the site access to post messages, they could do it when you click "buy". Of course, there would be outrage for the "anal intruder", but for a book or a piece of music, it may get by. What if you're a kind and caring friend, who is a lot of fun to be around, but you also happen to secretly love nickleback... One "like" mesage and you lose all those "internet people " as friends. Facebook is all about sharing, and shouldn't be in the business of SSO
SuperGenPass is kind of nice for the paranoid, as it never saves anything! It hashes the domain name and a master password, to compute a unique per-site password. You can easily generate passwords on any computer (with the usual caveats if using an untrusted computer) by using the "mobile" version, or installing the bookmarklet, which is entirely client-side. It doesn't handle well if a site doesn't accept 10 character alphanumeric passwords, or if they require you to change the password regularly (then you have to e.g. append 1,2,3,.. to the master pw).
I find it hard to believe that any significant number of people pirate apps on mobile. I have rooted my Nexus S, one of the devices that Google intentionally makes it easy to hack, and it was *not* trivial (easy for computer geeks, but some command-line stuff required). Even allowing for things that hackers re-flash their OS more and install multiple times, and pirates can install all games for free, there's no way there will be more hacked games than legit ones (unless the game really sucks). So let me know when they find the bug in their "piracy rate" software...
But what is the cost of a large unemployed population ?
Should be about the same as a large population that does useless work. Anyway, it's time to upgrade the global financial system, as the current one crashes all the time. (Not that I have a better proposal)
With a generic OS you can do full disk encryption to protect the data in case the server is stolen. Truecrypt works on windows, probably even with software RAID, but I haven't tried it with RAID. If you do this, remember to encrypt the backups as well (in fact, even if you don't encrypt the main server, it's important to encrypt the backups as they can be easily stolen). Overall, I don't know what to recommend. A NAS box is easier to manage, but less flexible. If you only access a couple of GB of data frequently, you can add enough RAM to fit all the frequently accessed files, for better performance (e.g. prevent delays when opening a file).
I will not be upgrading any time soon. As far as I can tell, I need to back up everything, un-root, upgrade, then reinstall all the applications and settings, e-mail accounts, etc. It's not Google's fault, they have a fair system where they sync everything to their server and then put it back. I just installed Debian to get an IPv6 tunnel application, but that will probably be just as painful the second time. It's great to have the freedom to choose though, and the Nexus S is a pretty good phone
There are so many benefits to having a desktop! In arbitrary order: 1) No-compromise performance and responsiveness. With a laptop you are limited by cooling, and even if the laptop doesn't crash it gets uncomfortable to work on a hot laptop. 2) Storage: PCs can typically have 5 hard drives. 3) Ability to customise: Add graphics, TV cards, sound cards, extra network cards and more exotic components, using PCI or PCI express. For example, PCI sound cards have about a factor 10 lower latency than USB sound cards. If you prefer to suspend to RAM, you can get ECC memory to verify that there's no corruption, 4) Legacy connections: desktops can have parallel and serial ports at little cost. 5) Mobility: This is a big stretch, but moving a desktop can be easier than moving a laptop with 8 dongles hanging off it.
For me it's all about 1,2 and 3. I just have Phenom II, and I could probably get a laptop with a faster CPU, but on the desktop I can overclock and disable frequency scaling (while using it interactively), which give a 10 % boost in performance and 30 % better responsiveness, respectively. When I get the cash to upgrade, it will be cheaper to upgrade the desktop than to buy a new machine, and it's also a better experience, as I don't have to re-install the OS. I'm very sensitive to small delays, getting distracted if I have to wait for two seconds, and the desktops I use have consistently been more responsive than my laptops (my current desktop only after disabling CPU scaling). Maybe the new Intels are better in that regard, I haven't got to experiment with the second or third generation "iN"-processors.
It's like if someone left their car unlocked, and did not have car insurance, and they had their car stolen. Then the FBI had to drive them to and from work in a police car for 6 months.
No, a BIOS virus is a concern. Software can flash the BIOS (there are windows UIs for it). It's also possible to flash the firmware of graphics cards, and possibly other hardware.
Still, are these magnetometers anywhere close to sensitive enough?
it was bad on the nexus s on android 2.3 (?, the one before 4.0). In the compass app i could turn my phone around 180 degrees, and the needle almost followed along , now pointing almost in the opposite direction. I just tried it again now, on 4.0, and the compass works pretty well, it seems to have a precision of a few degrees when rotating the phone. I imagine there's some smart signal processing going on. Btw, I thought the exact same as the parent(and I don't have a good answer, just my experience)
If this prediction comes true, it's the ultimate lock-in for data. People complained in the 90s and 00s about how MS Office files weren't readable in other programs. Well, you could still back them up and distribute them as you wished, and MS couldn't take them away if they didn't like you. Text, image and video files on the desktop can be opened in different applications depending on the need, while in the cloud it's at the mercy of the provider. If the present is anything to go by, most providers aren't going to have public APIs for interoperability.
(There are of course advantages to thin clients, which are harder to implement in "fat" clients, and even harder in a P2P setup, but the lock-in problem is pretty fundamental)
Oh dear 2 self-replies is too much, but I must clarify something: when doing encryption of single files, you need to worry about temporary files *even if they are deleted when you're done*. If the files are written to permanent storage it will be possible to recover them, even though they are deleted from the filesystem.
Sorry, I forgot something: While full disk encryption gives excellent security, there is the chance that your box gets "pwned" by a virus or a targeted attack. I keep the really sensitive stuff in files encrypted with GnuPG. You have to be really careful when using GnuPG to not leave any temporary plaintext files around. I recommend using a Truecrypt volume instead if you don't have 100 % control over what temporary files the editor creates.
I'm going home to my parents on holiday and I want to put my full disk encryption password at their house. The data isn't super-valuable if I'm dead, but if I suffer some specific memory loss I want to be able to access my computer. I've been thinking about this, but the only thing I can come up with is to put the full password somewhere safe in their house (I'm also doing off-site backups with a different password). If the password is used exclusively for gaining access to the computers when I'm physically in front of them, it's a form of 2-factor authentication, because it requires both the password (something you know or "something someone else has") and the device (something you have).
This isn't the same problem as the original poster has, but I consider the storage to be the simple part: put it on your computer, and use full disk encryption for the computer (I only encrypt/home and swap, but usually it's easier and more secure to encrypt everything). Use a password manager for web/online passwords (I use SuperGenPass, which isn't a password manager, it's a password generator, but it works similarly). You can store the master password on the computer, but you should probably keep it separately. Then you're left with the hard part; giving someone access to your encryption password and master password. I opt for the simple "put it in a safe place, make sure it isn't used for multiple purposes". User Nightshade posted a link above to http://en.wikipedia.org/wiki/Secret_sharing , which could give a more secure password storage, requiring more than one person to conspire to get your password. I think this would be too much of a headache for my family or myself after a memory loss.
I've been using thunderbird for years and never have had much trouble with the mail client. Its pretty stable. Probably won't hurt anything to temporarily take resources off of it. But I hope they don't discontinue it entirely. I feel its way better than Outlook.
I haven't created any new accounts recently, but have they fixed the default for IMAP folders to download messages? Some time ago, the default was to not download messages unless the user opened them, and even then it was unclear whether or not they were available off line. One of the major advantages of desktop mail is to read them and search them off line. While most messages are ephemeral, there is some truly valuable reference information that gets put in emails (e.g. on mailing lists). And it's great to look up details while travelling without having to bother with how to get connected.
This is off-topic, but some of the information in mailing lists is better to put in wikis, because it's easily available for everyone. Is there a wiki that works with fat clients (client-server, filesystem based or even P2P), and is thus available off line? I looked for one to keep my notes for work, but I didn't find any wiki that allowed others to access it, allowed me to work from different computers, and also could work independently of a server. It's not that I'm off line all the time, I just like the speed, and I'm afraid whenever I put much work into a HTML form, if the PHP session expires, if I move to a different connection, etc.
The problem is that on my PC, I can modify the game in arbitrary ways -- I can remove a license check, I can cheat (BIG problem in MMOs), etc. The reason I can do this is that the OS has no good way to stop me -- even if Windows tried to prevent me from running unsigned code, I can run a program before Windows even boots up to get around that restriction.
If you think about it, Secure Boot doesn't actually protect against that! Assuming there are still non-Secure Boot computers available, or even VMs, you can create a piece of software that runs before Windows and reports to windows that Secure Boot is active, even if it's not. Then you can run any code you want. As a different poster (I can't find it now) said, Secure Boot authentication only goes one way, and Windows has to trust the hardware. Thus, it's not useful for DRM, it only limits what you can do with a given piece of hardware. The software that runs after Secure Boot is limited, but there is no way for the software to ensure that the Secure Boot loader is "proper" and not some other software.
Slashdot Mirror
There are some problems with a completely peer-to-peer system. I would love this to happen, so I have given it some (not much) thought..
So it would probably be slow with current tech.
65 Mbps up is pretty great too. I wonder why they don't do symmetric, because the upstream tech is probably symmetric, though maybe they use fewer fibre connections for the upload. It seems to be uncapped, so this would be pretty awesome if I could get it and if I could afford it. Some people should run Tor exit nodes (probably not allowed).
What, there is a steam client for Linux? I was just trying to install it on wine, and it keeps crashing ( http://appdb.winehq.org/objectManager.php?sClass=version&iId=19444 ). What a coincidence that this /. post comes 1 hour later....
Fedora is really a bad example. Fedora is really good, but they push new buggy tech all the time. (Fedora user here, but I would use FreeBSD if the graphics driver was better)
It doesn't solve the problems that SSO addresses, namely1) spam accounts, 2) access from multiple computers
It doens't even have to be an accident. If you give the site access to post messages, they could do it when you click "buy". Of course, there would be outrage for the "anal intruder", but for a book or a piece of music, it may get by. What if you're a kind and caring friend, who is a lot of fun to be around, but you also happen to secretly love nickleback... One "like" mesage and you lose all those "internet people " as friends. Facebook is all about sharing, and shouldn't be in the business of SSO
SuperGenPass is kind of nice for the paranoid, as it never saves anything! It hashes the domain name and a master password, to compute a unique per-site password. You can easily generate passwords on any computer (with the usual caveats if using an untrusted computer) by using the "mobile" version, or installing the bookmarklet, which is entirely client-side. It doesn't handle well if a site doesn't accept 10 character alphanumeric passwords, or if they require you to change the password regularly (then you have to e.g. append 1,2,3,.. to the master pw).
Bah. Correction: you don't need to install a new rom on it to pirate I suppose (e.g. http://www.youtube.com/watch?v=4bat86GeYTU with 750k views)
I find it hard to believe that any significant number of people pirate apps on mobile. I have rooted my Nexus S, one of the devices that Google intentionally makes it easy to hack, and it was *not* trivial (easy for computer geeks, but some command-line stuff required). Even allowing for things that hackers re-flash their OS more and install multiple times, and pirates can install all games for free, there's no way there will be more hacked games than legit ones (unless the game really sucks). So let me know when they find the bug in their "piracy rate" software...
But what is the cost of a large unemployed population ?
Should be about the same as a large population that does useless work. Anyway, it's time to upgrade the global financial system, as the current one crashes all the time. (Not that I have a better proposal)
With a generic OS you can do full disk encryption to protect the data in case the server is stolen. Truecrypt works on windows, probably even with software RAID, but I haven't tried it with RAID. If you do this, remember to encrypt the backups as well (in fact, even if you don't encrypt the main server, it's important to encrypt the backups as they can be easily stolen). Overall, I don't know what to recommend. A NAS box is easier to manage, but less flexible. If you only access a couple of GB of data frequently, you can add enough RAM to fit all the frequently accessed files, for better performance (e.g. prevent delays when opening a file).
Check for read errors, .. .
find /media/CDROM -type f -exec cat \; >/dev/null
or something. CDs have a large amount of redundancy, but maybe it's degraded sufficiently
I will not be upgrading any time soon. As far as I can tell, I need to back up everything, un-root, upgrade, then reinstall all the applications and settings, e-mail accounts, etc. It's not Google's fault, they have a fair system where they sync everything to their server and then put it back. I just installed Debian to get an IPv6 tunnel application, but that will probably be just as painful the second time. It's great to have the freedom to choose though, and the Nexus S is a pretty good phone
There are so many benefits to having a desktop! In arbitrary order: 1) No-compromise performance and responsiveness. With a laptop you are limited by cooling, and even if the laptop doesn't crash it gets uncomfortable to work on a hot laptop. 2) Storage: PCs can typically have 5 hard drives. 3) Ability to customise: Add graphics, TV cards, sound cards, extra network cards and more exotic components, using PCI or PCI express. For example, PCI sound cards have about a factor 10 lower latency than USB sound cards. If you prefer to suspend to RAM, you can get ECC memory to verify that there's no corruption, 4) Legacy connections: desktops can have parallel and serial ports at little cost. 5) Mobility: This is a big stretch, but moving a desktop can be easier than moving a laptop with 8 dongles hanging off it.
For me it's all about 1,2 and 3. I just have Phenom II, and I could probably get a laptop with a faster CPU, but on the desktop I can overclock and disable frequency scaling (while using it interactively), which give a 10 % boost in performance and 30 % better responsiveness, respectively. When I get the cash to upgrade, it will be cheaper to upgrade the desktop than to buy a new machine, and it's also a better experience, as I don't have to re-install the OS. I'm very sensitive to small delays, getting distracted if I have to wait for two seconds, and the desktops I use have consistently been more responsive than my laptops (my current desktop only after disabling CPU scaling). Maybe the new Intels are better in that regard, I haven't got to experiment with the second or third generation "iN"-processors.
It's like if someone left their car unlocked, and did not have car insurance, and they had their car stolen. Then the FBI had to drive them to and from work in a police car for 6 months.
Yeah, that's why he had to clean the cubicle afterwards
No, a BIOS virus is a concern. Software can flash the BIOS (there are windows UIs for it). It's also possible to flash the firmware of graphics cards, and possibly other hardware.
Still, are these magnetometers anywhere close to sensitive enough?
it was bad on the nexus s on android 2.3 (?, the one before 4.0). In the compass app i could turn my phone around 180 degrees, and the needle almost followed along , now pointing almost in the opposite direction. I just tried it again now, on 4.0, and the compass works pretty well, it seems to have a precision of a few degrees when rotating the phone. I imagine there's some smart signal processing going on. Btw, I thought the exact same as the parent(and I don't have a good answer, just my experience)
If this prediction comes true, it's the ultimate lock-in for data. People complained in the 90s and 00s about how MS Office files weren't readable in other programs. Well, you could still back them up and distribute them as you wished, and MS couldn't take them away if they didn't like you. Text, image and video files on the desktop can be opened in different applications depending on the need, while in the cloud it's at the mercy of the provider. If the present is anything to go by, most providers aren't going to have public APIs for interoperability.
(There are of course advantages to thin clients, which are harder to implement in "fat" clients, and even harder in a P2P setup, but the lock-in problem is pretty fundamental)
Oh dear 2 self-replies is too much, but I must clarify something: when doing encryption of single files, you need to worry about temporary files *even if they are deleted when you're done*. If the files are written to permanent storage it will be possible to recover them, even though they are deleted from the filesystem.
Sorry, I forgot something: While full disk encryption gives excellent security, there is the chance that your box gets "pwned" by a virus or a targeted attack. I keep the really sensitive stuff in files encrypted with GnuPG. You have to be really careful when using GnuPG to not leave any temporary plaintext files around. I recommend using a Truecrypt volume instead if you don't have 100 % control over what temporary files the editor creates.
I'm going home to my parents on holiday and I want to put my full disk encryption password at their house. The data isn't super-valuable if I'm dead, but if I suffer some specific memory loss I want to be able to access my computer. I've been thinking about this, but the only thing I can come up with is to put the full password somewhere safe in their house (I'm also doing off-site backups with a different password). If the password is used exclusively for gaining access to the computers when I'm physically in front of them, it's a form of 2-factor authentication, because it requires both the password (something you know or "something someone else has") and the device (something you have).
This isn't the same problem as the original poster has, but I consider the storage to be the simple part: put it on your computer, and use full disk encryption for the computer (I only encrypt /home and swap, but usually it's easier and more secure to encrypt everything). Use a password manager for web/online passwords (I use SuperGenPass, which isn't a password manager, it's a password generator, but it works similarly). You can store the master password on the computer, but you should probably keep it separately. Then you're left with the hard part; giving someone access to your encryption password and master password. I opt for the simple "put it in a safe place, make sure it isn't used for multiple purposes". User Nightshade posted a link above to http://en.wikipedia.org/wiki/Secret_sharing , which could give a more secure password storage, requiring more than one person to conspire to get your password. I think this would be too much of a headache for my family or myself after a memory loss.
I've been using thunderbird for years and never have had much trouble with the mail client. Its pretty stable. Probably won't hurt anything to temporarily take resources off of it. But I hope they don't discontinue it entirely. I feel its way better than Outlook.
I haven't created any new accounts recently, but have they fixed the default for IMAP folders to download messages? Some time ago, the default was to not download messages unless the user opened them, and even then it was unclear whether or not they were available off line. One of the major advantages of desktop mail is to read them and search them off line. While most messages are ephemeral, there is some truly valuable reference information that gets put in emails (e.g. on mailing lists). And it's great to look up details while travelling without having to bother with how to get connected.
This is off-topic, but some of the information in mailing lists is better to put in wikis, because it's easily available for everyone. Is there a wiki that works with fat clients (client-server, filesystem based or even P2P), and is thus available off line? I looked for one to keep my notes for work, but I didn't find any wiki that allowed others to access it, allowed me to work from different computers, and also could work independently of a server. It's not that I'm off line all the time, I just like the speed, and I'm afraid whenever I put much work into a HTML form, if the PHP session expires, if I move to a different connection, etc.
The problem is that on my PC, I can modify the game in arbitrary ways -- I can remove a license check, I can cheat (BIG problem in MMOs), etc. The reason I can do this is that the OS has no good way to stop me -- even if Windows tried to prevent me from running unsigned code, I can run a program before Windows even boots up to get around that restriction.
If you think about it, Secure Boot doesn't actually protect against that! Assuming there are still non-Secure Boot computers available, or even VMs, you can create a piece of software that runs before Windows and reports to windows that Secure Boot is active, even if it's not. Then you can run any code you want. As a different poster (I can't find it now) said, Secure Boot authentication only goes one way, and Windows has to trust the hardware. Thus, it's not useful for DRM, it only limits what you can do with a given piece of hardware. The software that runs after Secure Boot is limited, but there is no way for the software to ensure that the Secure Boot loader is "proper" and not some other software.
"The disc was comprised by a man "
Carl Sagan is truly a hero, being the first man to be shaped into a disc and then travel to deep space.