Automatic transition mechanisms are beyond useless in todays dual stack world. They are not now nor will they ever be sufficiently reliable for production use and therefore universally ignored for purposes other than owning end users. Microsoft themselves shut down their own teredo servers due to stated reason of non-existent demand.
The only thing continuing to have teredo, isatap and 6to4 enabled by default on billions of machines does is help end users get owned.
Price floors are always a good thing, and are the hallmark of civilized society.
I agree. Price floor on the inhalation of oxygen and transmission of bytes per mile transmitted over the Internet are a good thing.
The limit to the number of taxis is also, generally, a good thing
Artificial scarcity tends to erode legitimacy. Nobody ever benefits from this save an entrenched few and everyone else suffers as a result of longer wait times, unnecessarily high costs or proliferation of criminal enterprise.
History is rife with examples of what happens when governments leverage their monopoly on violence to enforce artificial scarcity. Organized crime growing out of prohibition. Shutting down legal prostitution has contributed to sprawling global human trafficking networks and the war on drugs have pushed states to the brink of failure. The drug trade is the worlds largest enterprise.
You can't rule by consent AND make laws that ban shit a sufficient number of people are willing to do anyway regardless of its legality. This can only work against outliers otherwise society generally suffers as a result.
The mere fact ride sharing was so explosive and popular is evidence enough government has got it wrong.
Having your own WiFi suffer as a result of unnecessary contention from long distance lower bitrate connections from neighbors hurts you and everyone else trying to use WiFi.
A theoretical problem, not a proven problem. But do continue to fiddle with your tin-foil hat...
If signal level is not sufficient to support a given symbol rate decreasing rate to compensate necessarily increases channel utilization. This is a basic fact.
It's about as theoretical as saying licking lead paint causes brain damage.
There's no rumblings, Comcast's Wifi routers do, already, broadcast a separate WiFi signal (xfinitywifi)
Nope, they broadcast a separate SSID over the same already contentious ISM band.
It's actually a very useful service.
Having your own WiFi suffer as a result of unnecessary contention from long distance lower bitrate connections from neighbors hurts you and everyone else trying to use WiFi.
The Internet is no longer a niche only a few people care about (see SOPA). Republicans are in for a surprise when democrats run ads with this shit against them and it proves to be effective. Trumps own base is against this. FFS INFOWARS is against it.
This issue is an overwhelming loser with the public. Nobody believes ISPs should be allowed to stalk you online and no amount of weaving shit into gold is going to mask the smell. From what I remember public polling on this was something like 11% of the general public favoring the republican bill.
The justifications offered by MS are as ridiculous as they are hilarious.
"Activity for run of the Transient Account Manager that determines if any user accounts should be deleted for devices set up for Shared PC mode to help keep Windows up to date. Deleting unused user accounts on shared devices frees up disk space to improve Windows Update success rates"
Seriously so you have to know how many local accounts, when I add, change and remove them. When they first login and their sids I keep on my own machine because there is some insanely comical correlation between local accounts and available disk space?
It's not like you are not already explicitly stealing volume information via Census.Storage and SetupPlatformTel.SetupPlatformTelActivityEvent. And who the fuck installs software without check for available disk space first? Is the success rate of an action really undeterminable prior to taking it because disk space? I don't think even Microsoft is stupid enough to believe their own BS.
Also love the generic key/value data access schemes where the full list of available keys that can be transmitted are not specified anywhere.. Only the top level interface to transfer the data.
FieldName - Retrieves the event name/data point. Value - Retrieves the value associated with the corresponding event name
If your going to be transparent don't be transparently slimy. You may impress end users with better things to do with reams of context deprived technobabble but there are plenty of people in the world as smart or smarter than the people who compiled this crap.
A few years back they were saying the average temperature has nothing to do with the output of the sun. I found that strange. Now they are saying that things will be hotter than predicted because the sun is hotter?
Suns output increases by about 10% per billion years while it remains close to the main sequence.
50,000,000 years ago is 5% of 1 billion
Industrial revolution started about 300 years ago. 300 is 0.000003% of 1 billion.
Change in solar output since 50 million years ago is a small but substantial 0.5% percent. Change during the period of concerted human meddling is less than a rounding error at 0.0000003%
To put all of this into perspective an increased solar output of only 10% of todays output is sufficient to trigger irreversible moist earth runaway leading to surface temperatures measured in thousands of degrees.
The value of IoT is explicitly not derived by normal exchanges of value for cash it's derived by leveraging the customer on the back end to sell their data and push advertising.
I'll admit, having a system that can tell when i'm leaving work in order to turn the water heater back on that's been off since the morning
The only reason to put a water heater on a timer is to save money by consuming energy off peak when it is cheaper. These schemes do not save any measurable amount of energy unless your away from home weeks at a time.
or could turn on the air conditioning or heat woul be pretty cool The one bit of kit that would actually be useful to me would be an HVAC thermostat that didn't require me to switch between heat and cooling modes for the heatpump
Micro-managing temperature to save money when you have a heat pump accomplishes the exact opposite result. The most efficient operation comes when you set a temperature and don't mess with it.
Before everyone loses their shit over these "rollbacks to privacy", let's remember that these rules that are being rolled back didn't exist until fucking October. So it's not like we're losing some sort of magic protection that we've always had. If you weren't losing your shit over your ISP tracking you six months ago, there's no reason to lose your shit over it today.
CISA seems like a good enough new reason to "lose your shit" over ISP tracking.
The fact protections are being retracted due to lobbying by telecom industry might cause people concerned with such an egregious example of regulatory capture to "lose their shit".
Since previously I "lost my shit" on the topic of ISP cyber stalking when it was made public what AT&T and crew were doing to their customers I am entitled to "lose my shit" regardless.
What attitude would you like to have? Because it doesn't matter. Despite your Matrix-fueled self-aggrandizing fantasies, your opinion counts exactly nothing.
Nobody is completely powerless. Everyone has some degree of influence and everyone has some capacity to increase the amount of influence they have in exchange for sufficient input of effort.
Whining about being totally helpless while doing exactly nothing is in my matrix-fueled self-aggrandized fantasy p a t h e t i c.
It makes you no different from the typical whiner who complains about their government while not even bothering to vote.
You are not in any position to fight this. You have never been. You will never be.
I have never been involved in W3C process nor have I contributed any code or participated in any related working groups. DRM is not my fight. I myself don't care enough about this topic to do anything other than publically object, make half-assed attempts to build public consensus for the same and refrain from using the technology myself.
Now you can be angry, cry, pull your hair and despair over this or behave like an adult being and understand that some things are way beyond your ability to do anything about them, and you should just accept them and move on with your life.
I'm not the type to accept bullshit I judge to be harmful. I might be forced to deal with harmful behavior but acceptance.... dream the fuck on... not a snowballs chance in hell.
Spend quite a bit of my own time working code and standards to address problems I care most about seeing resolved. I don't despair over being "outnumbered and outgunned".
Seriously, is your life over just because DRM becomes a standard? If it's the case your life has never been worth anything to begin with. Sorry for you.
Hyperbole is a drink best sipped rather than guzzled from a beer bong.
I ask this question every time Chrome and spying are brought up but no one can ever answer. Can anyone provide packet logs of Chrome supposedly spying? We all have definite proof of Windows 10 but people clam up when I ask for proof of Chrome.
Wireshark is free. Max out all Chrome privacy settings, run Chrome and see for yourself what it does.
I've been there and found it's impossible to make it stop calling home. You can't even launch Chrome with a default blank page and have it sit there doing absolutely nothing without calling home.
The most in your face aspect of Chrome was realizing even after blocking various Chrome related hosts via DNS was the use of Google's primary search engine URL itself seemingly used as an application data collection channel.
If you really like Chrome your better off with Chromium.
This. Tim Berners-Lee is not an influence on the development of the internet anymore, and has not been for a long long time. Google and Facebook call the shots. It pains early adopters and self-styled "pioneers" like me, who had to download the earliest browsers via FTP on dial-up connections, to say that but the war is lost. Our numbers dwindle, we're outnumbered and outgunned, on the prairies we used to roam they've built cities. We're barely tolerated guests. It's not going to get any better.
Seriously, he's not a god. He can't stop Google and so on pushing DRM if they want to (which they did, regardless of whether he accepted that he was powerless in this case).
He can say no.
I really don't understand the FSF anymore. "Let's go after the symptoms instead of the disease! Let's divide our own supporters! Let's act like if we just pretend that if DRM isn't an official web-spec, it won't still be a de-facto web-spec!" What difference will any of that make, really? It's a pathetic waste of everyone's time and donation money.
Suppose a few member states of the UN would like to get together and discuss how they can best coordinate the commission of human rights abuses to benefit themselves.
Since the UN is powerless to do anything about such meetings conducted outside the UN they should allow working group meetings to take place within the UN to facilitate that coordination beeccaause...ummm.... it's.... going to happen anyway.
Why would someone run a Microsoft web server vs. Nginx on OpenBSD?
Just asking, cuz I honestly can't fathom a situation where this would be desirable??? Maybe I'm missing something?
When most of these systems were created there were basically only two options. Apache or IIS.
Apache forked worker processes to handle each incoming web request separately. This gave it high reliability vs IIS as sloppiness or programming defects simply vanished when a forked process died.
With IIS errors accumulated until IIS went bonkers and crashed.
Yet apache sucked for data driven applications because you couldn't maintain connection/application state in-process without running some kind of proxy to something having equivalent complexity and consequences of simply running a web server in-process to begin with.
Now tools and process models are significantly more advanced across the board regardless of individual platform preferences.
Non-falsifiable means no practical condition exists where a statement can be evaluated as any more or less valid.
The statement "This is Slashdot M$ is bad because M$!" is an example of a non-falsifiable statement. This device conveys blanket dismissal of any MS$ actions because "Slashdot" regardless of merit and is therefore equivalent to saying nothing at all.
It's extremely falsifiable, the problem is, if you read through this thread you see plenty of examples of it. Would you care for me to start copying and pasting them into a post for you?
Whether the condition holds or not is irrelevant. For example you may well find examples of people expressing: "I hate Windows because Microsoft wrote it". This does not render a non-falsifiable statements any more falsifiable.
OP post was the 10th chronologically and did not respond to or quote anyone in particular. Not a single one of the preceding posts NOT A SINGLE ONE offered a justification of "Microsoft is bad".
It's obvious to me it was intended to be a device to dismiss negative opinions of Microsoft without having to offer any merit based information in return. Simply because this is Slashdot anyone offering a negative opinion should be dismissed or discounted simply because everyone always says negative things about Microsoft.
9. Game mode: It "ensures" your computer is always maximizing its resources for an optimal gaming experience.
Fascinating a "game mode" would be needed to keep system processes from interfering with the operation of games.
Preoccupying CPU caches with Microsoft P2P networks to facilitate forced updates and constant data collection must be taxing on otherwise idle W10 systems regardless number of available cores.
Microsoft's corporate strategy seemingly is want everything you don't have by destroying everything you do.
Years ago was just a few loud Linux zealots you'd find at any neighborhood IT shop. Now I talk to people almost weekly willing to put up with lost functionality and usability issues to get away from Microsoft.
Numerous times in recent months I've sent long emails detailing what would have to be done fully expecting customers to say "F" that and fold only to be surprised by willingness to proceed.
Customers keep talking and Microsoft keeps doing the opposite. Entrenchment is not a cloak of invincibility not even for Microsoft.
There are plenty of registrars that do this in countries where the laws govern the application of domain names. I didn't get my domain in my own country because of this. I didn't want to go through the hassle of registering a business name, providing identification and tax documentation and then paying 5x more for the domain and hosting as a result of this.
For what it's worth I am not asserting anyone who wants a domain should be vetted in any way. I'm only saying if your going to hand out domains and certs like candy the domain registrar is the best place to do that instead of doing it separately in a different insecure step elsewhere.
Yes. It's worth remembering why we stepped away from this approach. The
To reduce operating costs and increase profits?
ability to encrypt separately to the high cost of the ability to encrypt + validate kept a large portion of the internet unencrypted. DVs lowered the bar to encryption which cuts out a whole lot of risk factors.
I have no problem with DV itself. I have a problem with vetting of actual organizations being rendered meaningless and I have a problem with CA's being in the business of handing out DV certs.
Err no you can't MitM with a certificate that doesn't match the domain you're talking to.
No need to break a trust chain or develop exotic methods to subvert crypto when the chain of trust itself is an illusion. Consider the following 7-step plan:
1. Gain access to the victims wires 2. Go to any of a zillion different CA's or LE. 3. Submit CSR or equivalent to chosen CA 4. Follow automated validation procedures 5. Leverage access to victims wires to screw with unsecured DNS requests and or unsecured web requests to fool automated validation procedure. 6. Install valid certificate assigned to you by a legitimate CA. 7. Leverage your new certificate to MITM your victims systems to your hearts content.
WaffleMonster's point as I understand it is that DV should never have existed, that the choice should have been between OV and cleartext passwords.
Once OV effectively died the function should have been handed over to domain registrars who maintain a relationship with domain owners. Registrars are best positioned to hand out certificates as standard feature of domain ownership. CA's have no business touching DV.
As for cleartext passwords INCLUDING cleartext over TLS there is no excuse for continued use of insecure authentication protocols. Many are being owned because they were taught it swell to enter passwords into adhoc web forms whether encrypted or not. A certificate-less HTTP session secured by TLS-SRP provides protection from impersonation. DV does not even pretend to try.
Slashdot Mirror
Automatic transition mechanisms are beyond useless in todays dual stack world. They are not now nor will they ever be sufficiently reliable for production use and therefore universally ignored for purposes other than owning end users. Microsoft themselves shut down their own teredo servers due to stated reason of non-existent demand.
The only thing continuing to have teredo, isatap and 6to4 enabled by default on billions of machines does is help end users get owned.
Price floors are always a good thing, and are the hallmark of civilized society.
I agree. Price floor on the inhalation of oxygen and transmission of bytes per mile transmitted over the Internet are a good thing.
The limit to the number of taxis is also, generally, a good thing
Artificial scarcity tends to erode legitimacy. Nobody ever benefits from this save an entrenched few and everyone else suffers as a result of longer wait times, unnecessarily high costs or proliferation of criminal enterprise.
History is rife with examples of what happens when governments leverage their monopoly on violence to enforce artificial scarcity. Organized crime growing out of prohibition. Shutting down legal prostitution has contributed to sprawling global human trafficking networks and the war on drugs have pushed states to the brink of failure. The drug trade is the worlds largest enterprise.
You can't rule by consent AND make laws that ban shit a sufficient number of people are willing to do anyway regardless of its legality. This can only work against outliers otherwise society generally suffers as a result.
The mere fact ride sharing was so explosive and popular is evidence enough government has got it wrong.
Having your own WiFi suffer as a result of unnecessary contention from long distance lower bitrate connections from neighbors hurts you and everyone else trying to use WiFi.
A theoretical problem, not a proven problem. But do continue to fiddle with your tin-foil hat...
If signal level is not sufficient to support a given symbol rate decreasing rate to compensate necessarily increases channel utilization. This is a basic fact.
It's about as theoretical as saying licking lead paint causes brain damage.
There's no rumblings, Comcast's Wifi routers do, already, broadcast a separate WiFi signal (xfinitywifi)
Nope, they broadcast a separate SSID over the same already contentious ISM band.
It's actually a very useful service.
Having your own WiFi suffer as a result of unnecessary contention from long distance lower bitrate connections from neighbors hurts you and everyone else trying to use WiFi.
The Internet is no longer a niche only a few people care about (see SOPA). Republicans are in for a surprise when democrats run ads with this shit against them and it proves to be effective. Trumps own base is against this. FFS INFOWARS is against it.
This issue is an overwhelming loser with the public. Nobody believes ISPs should be allowed to stalk you online and no amount of weaving shit into gold is going to mask the smell. From what I remember public polling on this was something like 11% of the general public favoring the republican bill.
The justifications offered by MS are as ridiculous as they are hilarious.
"Activity for run of the Transient Account Manager that determines if any user accounts should be deleted for devices set up for Shared PC mode to help keep Windows up to date. Deleting unused user accounts on shared devices frees up disk space to improve Windows Update success rates"
Seriously so you have to know how many local accounts, when I add, change and remove them. When they first login and their sids I keep on my own machine because there is some insanely comical correlation between local accounts and available disk space?
It's not like you are not already explicitly stealing volume information via Census.Storage and SetupPlatformTel.SetupPlatformTelActivityEvent. And who the fuck installs software without check for available disk space first? Is the success rate of an action really undeterminable prior to taking it because disk space? I don't think even Microsoft is stupid enough to believe their own BS.
Also love the generic key/value data access schemes where the full list of available keys that can be transmitted are not specified anywhere.. Only the top level interface to transfer the data.
FieldName - Retrieves the event name/data point.
Value - Retrieves the value associated with the corresponding event name
If your going to be transparent don't be transparently slimy. You may impress end users with better things to do with reams of context deprived technobabble but there are plenty of people in the world as smart or smarter than the people who compiled this crap.
Z0MG they collect UR privacy settings before and after upgrades!! They must want to make sure your privacy settings have been successfully forgotten.
Fields.TelClientSynthetic.PrivacySettingsAfterCreatorsUpdate.PreUpgradeSettings
Fields.TelClientSynthetic.PrivacySettingsAfterCreatorsUpdate.PostUpgradeSettings
HKLM_SensorPermissionState.SensorPermissionState
HKLM_LocationPlatform.Status
HKCU_LocationSyncEnabled.AcceptedPrivacyPolicy
HKLM_AllowTelemetry.AllowTelemetry
HKLM_TailoredExperiences.TailoredExperiencesWithDiagnosticDataEnabled
HKLM_AdvertisingID.Enabled
A few years back they were saying the average temperature has nothing to do with the output of the sun. I found that strange. Now they are saying that things will be hotter than predicted because the sun is hotter?
Suns output increases by about 10% per billion years while it remains close to the main sequence.
50,000,000 years ago is 5% of 1 billion
Industrial revolution started about 300 years ago.
300 is 0.000003% of 1 billion.
Change in solar output since 50 million years ago is a small but substantial 0.5% percent. Change during the period of concerted human meddling is less than a rounding error at 0.0000003%
To put all of this into perspective an increased solar output of only 10% of todays output is sufficient to trigger irreversible moist earth runaway leading to surface temperatures measured in thousands of degrees.
The value of IoT is explicitly not derived by normal exchanges of value for cash it's derived by leveraging the customer on the back end to sell their data and push advertising.
I'll admit, having a system that can tell when i'm leaving work in order to turn the water heater back on that's been off since the morning
The only reason to put a water heater on a timer is to save money by consuming energy off peak when it is cheaper. These schemes do not save any measurable amount of energy unless your away from home weeks at a time.
or could turn on the air conditioning or heat woul be pretty cool
The one bit of kit that would actually be useful to me would be an HVAC thermostat that didn't require me to switch between heat and cooling modes for the heatpump
Micro-managing temperature to save money when you have a heat pump accomplishes the exact opposite result. The most efficient operation comes when you set a temperature and don't mess with it.
Before everyone loses their shit over these "rollbacks to privacy", let's
remember that these rules that are being rolled back didn't exist until fucking October. So it's not like we're losing some sort of magic protection that we've
always had. If you weren't losing your shit over your ISP tracking you six months ago, there's no reason to lose your shit over it today.
CISA seems like a good enough new reason to "lose your shit" over ISP tracking.
The fact protections are being retracted due to lobbying by telecom industry might cause people concerned with such an egregious example of regulatory capture to "lose their shit".
Since previously I "lost my shit" on the topic of ISP cyber stalking when it was made public what AT&T and crew were doing to their customers I am entitled to "lose my shit" regardless.
What attitude would you like to have? Because it doesn't matter. Despite your Matrix-fueled self-aggrandizing fantasies, your opinion counts exactly nothing.
Nobody is completely powerless. Everyone has some degree of influence and everyone has some capacity to increase the amount of influence they have in exchange for sufficient input of effort.
Whining about being totally helpless while doing exactly nothing is in my matrix-fueled self-aggrandized fantasy p a t h e t i c.
It makes you no different from the typical whiner who complains about their government while not even bothering to vote.
You are not in any position to fight this. You have never been. You will never be.
I have never been involved in W3C process nor have I contributed any code or participated in any related working groups. DRM is not my fight. I myself don't care enough about this topic to do anything other than publically object, make half-assed attempts to build public consensus for the same and refrain from using the technology myself.
Now you can be angry, cry, pull your hair and despair over this or behave like an adult being and understand that some things are way beyond your ability to do anything about them, and you should just accept them and move on with your life.
I'm not the type to accept bullshit I judge to be harmful. I might be forced to deal with harmful behavior but acceptance.... dream the fuck on... not a snowballs chance in hell.
Spend quite a bit of my own time working code and standards to address problems I care most about seeing resolved. I don't despair over being "outnumbered and outgunned".
Seriously, is your life over just because DRM becomes a standard? If it's the case your life has never been worth anything to begin with. Sorry for you.
Hyperbole is a drink best sipped rather than guzzled from a beer bong.
I ask this question every time Chrome and spying are brought up but no one can ever answer. Can anyone provide packet logs of Chrome supposedly spying? We all have definite proof of Windows 10 but people clam up when I ask for proof of Chrome.
Wireshark is free. Max out all Chrome privacy settings, run Chrome and see for yourself what it does.
I've been there and found it's impossible to make it stop calling home. You can't even launch Chrome with a default blank page and have it sit there doing absolutely nothing without calling home.
The most in your face aspect of Chrome was realizing even after blocking various Chrome related hosts via DNS was the use of Google's primary search engine URL itself seemingly used as an application data collection channel.
If you really like Chrome your better off with Chromium.
This. Tim Berners-Lee is not an influence on the development of the internet anymore, and has not been for a long long time. Google and Facebook call the shots. It pains early adopters and self-styled "pioneers" like me, who had to download the earliest browsers via FTP on dial-up connections, to say that but the war is lost. Our numbers dwindle, we're outnumbered and outgunned, on the prairies we used to roam they've built cities. We're barely tolerated guests. It's not going to get any better.
With an attitude like this you deserve even less.
Seriously, he's not a god. He can't stop Google and so on pushing DRM if they want to (which they did, regardless of whether he accepted that he was powerless in this case).
He can say no.
I really don't understand the FSF anymore. "Let's go after the symptoms instead of the disease! Let's divide our own supporters! Let's act like if we just pretend that if DRM isn't an official web-spec, it won't still be a de-facto web-spec!" What difference will any of that make, really? It's a pathetic waste of everyone's time and donation money.
Suppose a few member states of the UN would like to get together and discuss how they can best coordinate the commission of human rights abuses to benefit themselves.
Since the UN is powerless to do anything about such meetings conducted outside the UN they should allow working group meetings to take place within the UN to facilitate that coordination beeccaause...ummm.... it's.... going to happen anyway.
Why would someone run a Microsoft web server vs. Nginx on OpenBSD?
Just asking, cuz I honestly can't fathom a situation where this would be desirable??? Maybe I'm missing something?
When most of these systems were created there were basically only two options. Apache or IIS.
Apache forked worker processes to handle each incoming web request separately. This gave it high reliability vs IIS as sloppiness or programming defects simply vanished when a forked process died.
With IIS errors accumulated until IIS went bonkers and crashed.
Yet apache sucked for data driven applications because you couldn't maintain connection/application state in-process without running some kind of proxy to something having equivalent complexity and consequences of simply running a web server in-process to begin with.
Now tools and process models are significantly more advanced across the board regardless of individual platform preferences.
Idiot developer is right. I'm not an expert web developer, but to me, coupling the web application to the web server seems like a terrible idea.
IIS applications use well known published interfaces same as your uwsgi application.
What do you mean non-falsifiable?
Non-falsifiable means no practical condition exists where a statement can be evaluated as any more or less valid.
The statement "This is Slashdot M$ is bad because M$!" is an example of a non-falsifiable statement. This device conveys blanket dismissal of any MS$ actions because "Slashdot" regardless of merit and is therefore equivalent to saying nothing at all.
It's extremely falsifiable, the problem is, if you read through this thread you see plenty of examples of it. Would you care for me to start copying and pasting them into a post for you?
Whether the condition holds or not is irrelevant. For example you may well find examples of people expressing: "I hate Windows because Microsoft wrote it". This does not render a non-falsifiable statements any more falsifiable.
OP post was the 10th chronologically and did not respond to or quote anyone in particular. Not a single one of the preceding posts NOT A SINGLE ONE offered a justification of "Microsoft is bad".
It's obvious to me it was intended to be a device to dismiss negative opinions of Microsoft without having to offer any merit based information in return. Simply because this is Slashdot anyone offering a negative opinion should be dismissed or discounted simply because everyone always says negative things about Microsoft.
Seems it hit a little too close to home for someone.
It hits too close to home when I see people constantly invoking the same fallacies to communicate their perspectives.
9. Game mode: It "ensures" your computer is always maximizing its resources for an optimal gaming experience.
Fascinating a "game mode" would be needed to keep system processes from interfering with the operation of games.
Preoccupying CPU caches with Microsoft P2P networks to facilitate forced updates and constant data collection must be taxing on otherwise idle W10 systems regardless number of available cores.
M$ is bad because M$!
Did you see {thing} they did(not) do? It is bad because they did(not) do it!
Ever get tired of posting the same worthless non-falsifiable statements?
Microsoft's corporate strategy seemingly is want everything you don't have by destroying everything you do.
Years ago was just a few loud Linux zealots you'd find at any neighborhood IT shop. Now I talk to people almost weekly willing to put up with lost functionality and usability issues to get away from Microsoft.
Numerous times in recent months I've sent long emails detailing what would have to be done fully expecting customers to say "F" that and fold only to be surprised by willingness to proceed.
Customers keep talking and Microsoft keeps doing the opposite. Entrenchment is not a cloak of invincibility not even for Microsoft.
There are plenty of registrars that do this in countries where the laws govern the application of domain names. I didn't get my domain in my own country because of this. I didn't want to go through the hassle of registering a business name, providing identification and tax documentation and then paying 5x more for the domain and hosting as a result of this.
For what it's worth I am not asserting anyone who wants a domain should be vetted in any way. I'm only saying if your going to hand out domains and certs like candy the domain registrar is the best place to do that instead of doing it separately in a different insecure step elsewhere.
Yes. It's worth remembering why we stepped away from this approach. The
To reduce operating costs and increase profits?
ability to encrypt separately to the high cost of the ability to encrypt + validate kept a large portion of the internet unencrypted. DVs lowered the bar to encryption which cuts out a whole lot of risk factors.
I have no problem with DV itself. I have a problem with vetting of actual organizations being rendered meaningless and I have a problem with CA's being in the business of handing out DV certs.
Err no you can't MitM with a certificate that doesn't match the domain you're talking to.
No need to break a trust chain or develop exotic methods to subvert crypto when the chain of trust itself is an illusion. Consider the following 7-step plan:
1. Gain access to the victims wires
2. Go to any of a zillion different CA's or LE.
3. Submit CSR or equivalent to chosen CA
4. Follow automated validation procedures
5. Leverage access to victims wires to screw with unsecured DNS requests and or unsecured web requests to fool automated validation procedure.
6. Install valid certificate assigned to you by a legitimate CA.
7. Leverage your new certificate to MITM your victims systems to your hearts content.
CA's have no business handing out DV certs.
Backdrop also looks nice if your into CMS scene. No need to waste time supporting projects run by intolerant dipshits.
WaffleMonster's point as I understand it is that DV should never have existed, that the choice should have been between OV and cleartext passwords.
Once OV effectively died the function should have been handed over to domain registrars who maintain a relationship with domain owners. Registrars are best positioned to hand out certificates as standard feature of domain ownership. CA's have no business touching DV.
As for cleartext passwords INCLUDING cleartext over TLS there is no excuse for continued use of insecure authentication protocols. Many are being owned because they were taught it swell to enter passwords into adhoc web forms whether encrypted or not. A certificate-less HTTP session secured by TLS-SRP provides protection from impersonation. DV does not even pretend to try.