If IAU gets to redefine popular language to align with scientific language having specific and unambiguous meaning why can't "Cloud" banner be wrestled out the clutches of marketeers?
Everything is networked running off some datacenter somewhere... saying "the cloud" is like saying "the thing".. you might as well say nothing at all as this conveys about the same amount of useful information.
Please I implore you all to stop being a bunch of sissy care bears enough with "cloud". Let the meme die already.
It isn't enough to simply look at the world as is. You must consider the world with universal deployment of kill switches and fully understand likely consequences as much as possible.
Stolen phones can be taken apart and sold for parts... Thieves doing this may well end up making more money than phone as a whole can be sold in an underground market.
If users have ability to opt-out then anyone taking phones by force could demand victim "opt out" putting owner in increased risk of harm v. lift 'n dash encounter lasting seconds. Further thieves could demand credentials to your online account linked to the phone and lock you out of it.
As they say "the road to hell is paved with good intentions"..
There are technical solutions that could work such as a "fused" opt-in where physical device can never be opted out after an opt-in without mainboard replacement or some kind of secondary duress password to covertly signal theft... yet it seems obvious nobody is going to implement fuses and secondary passwords.
The argument that calling the carrier/police is not enough seems to hinge exclusively on the notion of phones sold overseas out of reach of carriers...
This as far as I can see means anything that would actually work while not putting victim at increased risk is also by necessity as oppressive as hell. Users should NOT have the means to lock their devices themselves as it puts them at increased risk of harm and to be effective it must either work OOB of both normal cell network/IP Internet or implement a heartbeat/watchdog with a central server to continuously prove continued availability which is one massive single point of disaster.
The OOB signal could be some kind of special backhauled PDP anchored to US carrier? I don't know enough to even guess how it might be implemented or if it is even possible.
As most technical solutions to political and or social problem I'm drawing a blank imagining a scenario whereby kill switches make a positive contribution to the world.
If people really want to cut down on theft maybe they should use common sense when wielding expensive toys in public.... or... ah... gulp... um...... a... device vendors could always.......u... know... make them cost less.
Would you mind posting a pic of the wheel that you have engineered that would do better? thanks. Make sure to consider launch weight, and sustained temeratures below 255deg F among other things.
1. Nationally require body cameras always rolling while on-duty. Knowing you won't get away with unprofessional behavior = priceless.
2. Total national outlaw of plea deals because coercion is morally indefensible. This is supposed to be the "land of the free" not North Korea.
3. Total ban on performance/incentive structures having effect of perverting justice. This includes linkages between career status/advancement and prosecution rates and officer ticketing/arrest quotas.
At the same price point you can get last few years model of a real full featured laptop on ebay or newegg with much faster processors, more RAM and... ah... usable amounts of storage. 32GB?
They don't own you. However they are the authority for which names are added to the root zone.
They don't even own the root servers.
If ICANN continues to act in contravention of the best interests of the network there will eventually be consequences. Being an "authority" implies having obtained legitimacy. Acting recklessly and illegitimately for monetary gain undermines authority.
The RBDMS vendors that squatted on a TLD were not rational actors.
My example referenced reserved words rather than TLDs as an example of need for ALL sides to act rationally in potentially conflicted namespaces. http://en.wikipedia.org/wiki/R...
They knew or should have known that new TLDs could be added to the DNS at anytime.
Just because a namespace is conflicted does not automatically follow it must not be utilized due to unpredictable future in which ICANN is driven by self-interest rather than the greater interests of the Internet community.
ICANN knew or should have known from volumes of negative feedback it received this would happen yet they failed to act conservatively and did so for selfish reasons. Even if it can be argued separately operators acted irresponsibly it does not absolve ICANN of irresponsible behavior. Grownups don't get to simply ignore the world as it is because they claim to have the "authority" to do so.
If they wanted a reserved name they could have requested one or heaven forbid registered one.
Absolutely people have nothing better to do than waste huge sums of money registering TLDs further enriching ICANN whenever they create a TLD for limited use within their administrative domain.
This is like vendors that squatted on 1.0.0.0 address space.
Dirty space is allocated responsibly by RIRs only after efforts to clean it or where scarcity induced pressure overrides the possibility of a more conservative policy. Toward the end operators ended up with crud from the bottom of the tank by design.
Up until exhaustion if you ended up with a dirty block you at least had the ability to "take it back".
Firstly ICANN didn't just assert ownership of the root. They inherited it along with the rest of the IANA.
ICANN does not own me or anyone else. They can't force anyone to participate in their global experiments.
And the administrators gambled that no one else would ever register that tld. Sorry they just lost that bet.
I don't think there is anything wrong with making rational assumptions about the future. I gamble on the expectation RDBMS vendors act rationally with regards to staking claim to any new reserved words or system vendors to refrain from exercising their right to make irrational changes to APIs that would break everyone's software.
In this case it is clear ICANN is NOT a rational actor. Thankfully it takes little effort to opt out of their little experiment.
Except if you have an AS and playing in BGP, there is a responsibility to maintain your equipment because it is a global network.
Being a global network everyone has responsibility including responsibility to refrain from unnecessarily advertising disaggregated routes.
FWIW, if everyone was IPV6, this problem would have been far worse. TCAM can hold twice as many v4 routes as v6, and the v6 by nature are more fragmented.
The only difference WRT entry count scarcity based disaggregation no longer occurs. There can be less if operators elect to act responsibly.
The success of Amazon online and Walmart offline suggests that regardless of what they say they want, people actually like to have a one stop shop where they can get everything - provided the prices are kept low.
I stopped dealing with Amazon after they started enforcing minimum purchases and intentionally having "free shipping" take over a week including multiple days of "sitting" on orders before shipping...can only assume to create artificial demand for "prime" subscriptions. What always happens when companies get too big. It's after-all their "fiduciary duty" to maximally leverage their market position.
Wal-Mart is hardly one-stop shopping. They have the same lowest-bidder crap as any other department store. Anything quality oriented or slightly niche they simply don't carry.
Of course it would be a bad thing if those stores were to become absolutely the only ones
The question is why are "bad things" not also applicable to mobile phone space?
but that's not what's happening with App Stores. The Apple App Store isn't the only app store, it's just the only one for iOS.
I assume *everyone* knows Google, Apple, Microsoft, etc have their own app stores.
Anyone who owns an iPhone does not have a choice where they can purchase software or install free software for the mobile computer they have purchased.
And people choose to enter into the iOS ecosystem, be they users or developers. They could choose to go for the more open model of Android, but they didn't.
I hear mobile app developers love having to port all of their shit to multiple platforms each with different programming languages, APIs and tool-chains. Few major iOS titles exist without an Android version.
Failure here is market allowing OS vendors to get away with not treating operating systems as a commodity which could only benefit developers and users alike. My own opinion too much value is bottled up in the walled gardens for this to be sustainable over long haul. AOL will repeat itself and the castle walls will crumble under their own weight.
For iOS users, the one stop curated store is seen as a feature, not a problem. And for iOS developers also.
I've heard this very same "feature" doublespeak levied against those complaining about non-user replaceable batteries.
When customers are faced with artificial restrictions yet elect to purchase anyway they are doing so because they either don't care, are willing to tolerate the restriction or see no other viable alternative. It is NOT because they are electing to EMBRACE artificial restrictions. Successfully pushing product with restrictions should never be confused with provision of additional value to the customer.
Are you an iOS user or developer?
Never, I refuse to support vendor controlled execution environments regardless of the vendor doing it. I believe it is morally indefensible and ultimately dangerous to society for any single vendor or trio of such vendors to wield this kind of power.
At least most Android devices can sideload APKs even if device is otherwise loaded with vendor crapware, google spy shit and locked down (no root or locked boot loader)
Trust me, it's not only a functioning market it's a difficult one. If your mobile app "doesn't provide much value", the sales will be tiny.
I trust my own eyes. All app stores are loaded with ubiquitous mounds of trash and feature customers unwilling to pay more than a couple dollars (cuz evrythng elz 1s ***FREE***) even for excellent software...so ads and spyware says the long tail... This is a symptomatic of market failure of app store concept.
People generally are not inundated with listing of thousands of Cheezy B-movies now playing at the movie theatre... Gamers don't go to gamestop to be treated with walls upon walls of lame games f
Really what it comes down to is that national laws are starting to conflict with people who have never stepped foot in the country. We as a planet are in need of international law reform with regards to copyright and the variety of internet "crimes".
2. I disagree strongly. Apple's control over it's app market is one of the few things keeping it (mostly) safe. While not perfect, it's a far cry from the stygian hell that is the play store. 3/4s of what you find on the play store I would call malware outright
This is like saying improvements in Google search algorithms are responsible for reducing total garbage in search results while neglecting to understand Google's business model is actually funding production of the same garbage they claim to be fighting.
In the very same way structure of the market itself is generating crap. If you get rid of the app stores and allow a functioning market driven by *CONSUMER DEMAND* the garbage goes away on its own.
Regarding safety operating system enforced jailing of the execution environment while a very difficult problem is at least achievable. Validating general purpose apps to be harmless is well beyond current technical capability of humanity.
This doesn't solve the problems listed, it makes them worse. By having multiple stores you decrease each apps visibility, unless the developers do much more work to list their apps in every store. Taking time that would otherwise be devoted to developing more or better apps.
Let me ask you another question. In the real world here on earth do you think we would all be better off if all stores and malls were replaced by a single entity offering one global channel with one set of take it or leave it rules for buyers and sellers?
What makes the app environment different? Why is one channel for apps viewed as acceptable yet any talk of making a single entity like Amazon or Umbrella Corp the one only channel for purchase of physical goods viewed as lunacy of the highest order?
What really holds back app stores and the platform in general is placing the OS vendors, developers and carriers above the users and resulting market distortions caused by having control and extracting value across the whole channel.
In a world of multiple app stores distribution channels would naturally arise allowing interested venues to pick up apps which best serve their customers creating an environment where word of mouth and popular demand controls distribution rather than shady algorithms or the jackass with the spyware app who successfully suckered a few million people into downloading it.
Lots of app developers hate this because most of them by volume are in fact bottom feeders who seek to collect payment without doing much to provide value in return and an honest to god real functioning market would put an end to their bullshit.
Of course, after the sideload, their phone gets compromised, and they then hit the lawyers and press and blame Apple for allowing them to step out of the walled garden.
Remind me again who's fault it is when an app is able to bypass operating system enforced jail and gains global access?
Seeing as OS vendors are never held liable for their security failures the scenario you paint is hard to take seriously.
Allow and encourage third parties to run their own app stores. Make it easy for users to add competing app stores to their phones just like they can add "search providers" to their web browsers.
Support side loading applications without ANY limitations.
Provide options for filtering search results by app demands for permissions. These options should be long term set and forget knobs which do not require constant attention while searching the store.
Fragment the heck out of any rankings don't just have one global rank create tens of thousands of views able to be influenced by a smaller subset of overall user base. This lets word of mouth rather than momentum dominate global trends.
And no I don't mean out of badges or the venue is full.
If you want to do something Altruistic start by giving the grey hats and assorted 0-day hoarding outfits you work for the one finger salute.
Instead of continuing to make money working symptoms of security problems actually do something meaningful to address underlying cause especially if it means certain implosion of your industry.
From reception of Keith Alexander it became crystal clear my friends have grown up and too many have become hypnotized pay checks.
some of the 7600 routers (the older bricks) - I can also understand - but seriously - if you are a core internet provider, why the hell are you using a 6500 router for the BGP routing table of the internet? Put that thing in a dorm room and buy yourself an ASR 9000
Worth remembering the Internet is a global network and not all participants in the default free zone have the same buying power.
Are there incentives of any kind for operators to think twice before making piecemeal routing advertisements? Is there any cost for multi-homing every rinky-dink company who thinks they are important enough to warrant such misuse?
Now that IPv4 resources are gone do operators pay out any penalty when they go off and start announcing random piecemeal/24's right and left?
I don't care if the penalty is simply a listing on a global wall of shame.
While IPv6 stands to reduce absolute need for disaggregation it will only be effective in doing so if there is some mechanism by which unnecessary advertisements carry a cost.
The fact is, TCP v6 was defective by design, because of what it does not have, and that is a mechanism for a long transition period between ipv4 and ipv6. If we had such transition period, ipv6 would now be widespread. The transition period means that ipv4 and ipv6 networks can communicate with each other.
It's 2014... can we all just take a breath and realize there is simply NO solution to the pigeonhole problem that does not resemble CGN?
The only operationally viable solution for IPv6 deployment in a production environment (e.g. solution with minimal breakage) is dual stack with IPv4 CGN as needed.
The more complex but entirely doable part is ipv4->ipv6. Since ipv6 is larger address space than ipv4, ipv4 cannot directly see a lot of ipv6 addresses. The answer lies in the DNS system. When a user on an ipv4 network askes for the IP address associated with a DNS address which only has an ipv6 address associated with it, somewhere upstream, an upstream router and DNS server will conspire to 1) give the user (ipv4 peer) a fake IPv4 address for a DNS address 2) give the information on the ipv6 to fake ipv4 mapping to the router 3) which the router uses NAT to rewrite the packets headed out from from the fake ipv4 destination address to the real ipv6 destination address.
While your deploying NAT-PT and fielding calls from angry customers burned by IP literals embedded in web sites and protocols your competitors are just deploying IPv6 dual stack and calling it a day.
You could even write an HTTP and other application protocol proxy that would automatically rewrite all ipv6 addresses in HTML with ipv6 TLD addresses.
As https deployment continues to increase suggesting solutions applicable only to http sites is not operationally viable to say nothing of added systems and operational costs of deploying proxy servers to facilitate more hackery.
ISPs as a complementary measure could also offer 6over4 gateways as well, and then over time transition to allowing raw ipv6 over their networks, a transition which can be gradual.
Or just deploy IPv6. The complexity and cost at scale of these hacks are worse than dual stack deployment.
Because every time IPV6 comes up, people say "you won't need a firewall",
IPv6 capable consumer routers have SPI (Same as NAT - no incoming connections) except without resorting to packet mangling or dangerous ALGs.
I don't want devices with a globally unique ID, because the marketing assholes any everybody else don't need to know "this is Bob's fridge".
If not turned on by default, enable IPv6 privacy extensions on the fridge console next to the designer ice cube shaper display.
Vendors have thus far proven themselves incapable of providing "connected" products not intentionally designed to maximally violate your privacy or otherwise place you at mercy of vendor operated "cloud service".
The second Bob's fridge connects to the Internet expect it to immediately call home with a complete inventory, share it with the vendors "partners" and serve ads for good measure. This is the reality of "IoT" the reality the marketeers are clamoring for anyway.
You might think IPv6 is scary but at least it restores the network of peers allowing for credible deployment and management scenarios whereby end users have any chance at all of avoiding being treated as string puppets.
It's as simple as that. It doesn't matter if you turn on mobile data as long as that is under the control of the phone's operating system, and it doesn't matter if you pay attention to your cell phone bill, as traffic to and from specific government servers is likely exempt from the monthly traffic calculations just as the provider's own servers are likely to be. It doesn't matter if you monitor your wireless network, since questionable transmissions are likely to only go through mobile data, as that's harder to monitor.
Trust is subjective/context dependent and tcpdump works just fine on mobile interfaces from an Android terminal.
I trust Cyanogenmod as much as I trust most any generic Linux distro with a few minor tweaks (baseband without shared memory)
Myself, I carry a phone with me all the time, but I simply do not treat it as a secure device. If you want to take private pictures with your girlfriend, for instance, your phone is not the camera you want to use. End of story.
Cameras share downsides of mobile devices (small, can be lost or stolen) and none of the upsides (No lock screens or encrypted file systems)... where even long since deleted pictures can be recovered easily years after the fact.
If I had a stash of pictures I didn't want getting out I would feel safer with them on some kind of password encrypted store on mobile phone running an open source ROM vs typical camera with SD card.
Slashdot Mirror
After big data they will hire people to think and actually produce useful/actionable insights.
After that they will hire thinking machines.
After that .. with the last vestiges of humanity in zoo's for the amusement of machines .. it's anyone's guess.
Cloud this cloud that... I'm sick of clouds.
If IAU gets to redefine popular language to align with scientific language having specific and unambiguous meaning why can't "Cloud" banner be wrestled out the clutches of marketeers?
Everything is networked running off some datacenter somewhere... saying "the cloud" is like saying "the thing" .. you might as well say nothing at all as this conveys about the same amount of useful information.
Please I implore you all to stop being a bunch of sissy care bears enough with "cloud". Let the meme die already.
It isn't enough to simply look at the world as is. You must consider the world with universal deployment of kill switches and fully understand likely consequences as much as possible.
Stolen phones can be taken apart and sold for parts... Thieves doing this may well end up making more money than phone as a whole can be sold in an underground market.
If users have ability to opt-out then anyone taking phones by force could demand victim "opt out" putting owner in increased risk of harm v. lift 'n dash encounter lasting seconds. Further thieves could demand credentials to your online account linked to the phone and lock you out of it.
As they say "the road to hell is paved with good intentions"..
There are technical solutions that could work such as a "fused" opt-in where physical device can never be opted out after an opt-in without mainboard replacement or some kind of secondary duress password to covertly signal theft... yet it seems obvious nobody is going to implement fuses and secondary passwords.
The argument that calling the carrier/police is not enough seems to hinge exclusively on the notion of phones sold overseas out of reach of carriers...
This as far as I can see means anything that would actually work while not putting victim at increased risk is also by necessity as oppressive as hell. Users should NOT have the means to lock their devices themselves as it puts them at increased risk of harm and to be effective it must either work OOB of both normal cell network/IP Internet or implement a heartbeat/watchdog with a central server to continuously prove continued availability which is one massive single point of disaster.
The OOB signal could be some kind of special backhauled PDP anchored to US carrier? I don't know enough to even guess how it might be implemented or if it is even possible.
As most technical solutions to political and or social problem I'm drawing a blank imagining a scenario whereby kill switches make a positive contribution to the world.
If people really want to cut down on theft maybe they should use common sense when wielding expensive toys in public.... or ... ah... gulp... um... ... a... device vendors could always .... ...u... know... make them cost less.
Would you mind posting a pic of the wheel that you have engineered that would do better? thanks. Make sure to consider launch weight, and sustained temeratures below 255deg F among other things.
http://www.harborfreight.com/1...
1. Nationally require body cameras always rolling while on-duty. Knowing you won't get away with unprofessional behavior = priceless.
2. Total national outlaw of plea deals because coercion is morally indefensible. This is supposed to be the "land of the free" not North Korea.
3. Total ban on performance/incentive structures having effect of perverting justice. This includes linkages between career status/advancement and prosecution rates and officer ticketing/arrest quotas.
4. Total ban on mandatory minimum sentencing.
Having awarded contracts for TLD's they are try to minimise the impact on those labels that didn't make the black list or that they were unaware of.
Minimization arguments are useless when there was never any articulable benefit to begin with. Selfish can't be justified no matter how hard you try.
That all being said they are the legitimate party to decide what gets added to the root zone.
If they keep it up they won't be.
At the same price point you can get last few years model of a real full featured laptop on ebay or newegg with much faster processors, more RAM and ... ah... usable amounts of storage. 32GB?
They don't own you. However they are the authority for which names are added to the root zone.
They don't even own the root servers.
If ICANN continues to act in contravention of the best interests of the network there will eventually be consequences. Being an "authority" implies having obtained legitimacy. Acting recklessly and illegitimately for monetary gain undermines authority.
The RBDMS vendors that squatted on a TLD were not rational actors.
My example referenced reserved words rather than TLDs as an example of need for ALL sides to act rationally in potentially conflicted namespaces.
http://en.wikipedia.org/wiki/R...
They knew or should have known that new TLDs could be added to the DNS at anytime.
Just because a namespace is conflicted does not automatically follow it must not be utilized due to unpredictable future in which ICANN is driven by self-interest rather than the greater interests of the Internet community.
ICANN knew or should have known from volumes of negative feedback it received this would happen yet they failed to act conservatively and did so for selfish reasons. Even if it can be argued separately operators acted irresponsibly it does not absolve ICANN of irresponsible behavior. Grownups don't get to simply ignore the world as it is because they claim to have the "authority" to do so.
If they wanted a reserved name they could have requested one or heaven forbid registered one.
Absolutely people have nothing better to do than waste huge sums of money registering TLDs further enriching ICANN whenever they create a TLD for limited use within their administrative domain.
This is like vendors that squatted on 1.0.0.0 address space.
Dirty space is allocated responsibly by RIRs only after efforts to clean it or where scarcity induced pressure overrides the possibility of a more conservative policy. Toward the end operators ended up with crud from the bottom of the tank by design.
Up until exhaustion if you ended up with a dirty block you at least had the ability to "take it back".
Firstly ICANN didn't just assert ownership of the root. They inherited it along with the rest of the IANA.
ICANN does not own me or anyone else. They can't force anyone to participate in their global experiments.
And the administrators gambled that no one else would ever register that tld. Sorry they just lost that bet.
I don't think there is anything wrong with making rational assumptions about the future. I gamble on the expectation RDBMS vendors act rationally with regards to staking claim to any new reserved words or system vendors to refrain from exercising their right to make irrational changes to APIs that would break everyone's software.
In this case it is clear ICANN is NOT a rational actor. Thankfully it takes little effort to opt out of their little experiment.
Step 1: Do not blindly delegate * to root servers or upstream DNS provider on systems you control.
Step 2: Tell ICANN to go fuck itself
Except if you have an AS and playing in BGP, there is a responsibility to maintain your equipment because it is a global network.
Being a global network everyone has responsibility including responsibility to refrain from unnecessarily advertising disaggregated routes.
FWIW, if everyone was IPV6, this problem would have been far worse. TCAM can hold twice as many v4 routes as v6, and the v6 by nature are more fragmented.
The only difference WRT entry count scarcity based disaggregation no longer occurs. There can be less if operators elect to act responsibly.
The success of Amazon online and Walmart offline suggests that regardless of what they say they want, people actually like to have a one stop shop where they can get everything - provided the prices are kept low.
I stopped dealing with Amazon after they started enforcing minimum purchases and intentionally having "free shipping" take over a week including multiple days of "sitting" on orders before shipping...can only assume to create artificial demand for "prime" subscriptions. What always happens when companies get too big. It's after-all their "fiduciary duty" to maximally leverage their market position.
Wal-Mart is hardly one-stop shopping. They have the same lowest-bidder crap as any other department store. Anything quality oriented or slightly niche they simply don't carry.
Of course it would be a bad thing if those stores were to become absolutely the only ones
The question is why are "bad things" not also applicable to mobile phone space?
but that's not what's happening with App Stores. The Apple App Store isn't the only app store, it's just the only one for iOS.
I assume *everyone* knows Google, Apple, Microsoft, etc have their own app stores.
Anyone who owns an iPhone does not have a choice where they can purchase software or install free software for the mobile computer they have purchased.
And people choose to enter into the iOS ecosystem, be they users or developers. They could choose to go for the more open model of Android, but they didn't.
I hear mobile app developers love having to port all of their shit to multiple platforms each with different programming languages, APIs and tool-chains. Few major iOS titles exist without an Android version.
Failure here is market allowing OS vendors to get away with not treating operating systems as a commodity which could only benefit developers and users alike. My own opinion too much value is bottled up in the walled gardens for this to be sustainable over long haul. AOL will repeat itself and the castle walls will crumble under their own weight.
For iOS users, the one stop curated store is seen as a feature, not a problem. And for iOS developers also.
I've heard this very same "feature" doublespeak levied against those complaining about non-user replaceable batteries.
When customers are faced with artificial restrictions yet elect to purchase anyway they are doing so because they either don't care, are willing to tolerate the restriction or see no other viable alternative. It is NOT because they are electing to EMBRACE artificial restrictions. Successfully pushing product with restrictions should never be confused with provision of additional value to the customer.
Are you an iOS user or developer?
Never, I refuse to support vendor controlled execution environments regardless of the vendor doing it. I believe it is morally indefensible and ultimately dangerous to society for any single vendor or trio of such vendors to wield this kind of power.
At least most Android devices can sideload APKs even if device is otherwise loaded with vendor crapware, google spy shit and locked down (no root or locked boot loader)
Trust me, it's not only a functioning market it's a difficult one. If your mobile app "doesn't provide much value", the sales will be tiny.
I trust my own eyes. All app stores are loaded with ubiquitous mounds of trash and feature customers unwilling to pay more than a couple dollars (cuz evrythng elz 1s ***FREE***) even for excellent software...so ads and spyware says the long tail... This is a symptomatic of market failure of app store concept.
People generally are not inundated with listing of thousands of Cheezy B-movies now playing at the movie theatre... Gamers don't go to gamestop to be treated with walls upon walls of lame games f
Attract trolls and then whine about it once they have answered your clarion call. Sounds like a plan.
Really what it comes down to is that national laws are starting to conflict with people who have never stepped foot in the country. We as a planet are in need of international law reform with regards to copyright and the variety of internet "crimes".
No thanks.
2. I disagree strongly. Apple's control over it's app market is one of the few things keeping it (mostly) safe. While not perfect, it's a far cry from the stygian hell that is the play store. 3/4s of what you find on the play store I would call malware outright
This is like saying improvements in Google search algorithms are responsible for reducing total garbage in search results while neglecting to understand Google's business model is actually funding production of the same garbage they claim to be fighting.
In the very same way structure of the market itself is generating crap. If you get rid of the app stores and allow a functioning market driven by *CONSUMER DEMAND* the garbage goes away on its own.
Regarding safety operating system enforced jailing of the execution environment while a very difficult problem is at least achievable. Validating general purpose apps to be harmless is well beyond current technical capability of humanity.
This doesn't solve the problems listed, it makes them worse. By having multiple stores you decrease each apps visibility, unless the developers do much more work to list their apps in every store. Taking time that would otherwise be devoted to developing more or better apps.
Let me ask you another question. In the real world here on earth do you think we would all be better off if all stores and malls were replaced by a single entity offering one global channel with one set of take it or leave it rules for buyers and sellers?
What makes the app environment different? Why is one channel for apps viewed as acceptable yet any talk of making a single entity like Amazon or Umbrella Corp the one only channel for purchase of physical goods viewed as lunacy of the highest order?
What really holds back app stores and the platform in general is placing the OS vendors, developers and carriers above the users and resulting market distortions caused by having control and extracting value across the whole channel.
In a world of multiple app stores distribution channels would naturally arise allowing interested venues to pick up apps which best serve their customers creating an environment where word of mouth and popular demand controls distribution rather than shady algorithms or the jackass with the spyware app who successfully suckered a few million people into downloading it.
Lots of app developers hate this because most of them by volume are in fact bottom feeders who seek to collect payment without doing much to provide value in return and an honest to god real functioning market would put an end to their bullshit.
Of course, after the sideload, their phone gets compromised, and they then hit the lawyers and press and blame Apple for allowing them to step out of the walled garden.
Remind me again who's fault it is when an app is able to bypass operating system enforced jail and gains global access?
Seeing as OS vendors are never held liable for their security failures the scenario you paint is hard to take seriously.
Allow and encourage third parties to run their own app stores. Make it easy for users to add competing app stores to their phones just like they can add "search providers" to their web browsers.
Support side loading applications without ANY limitations.
Provide options for filtering search results by app demands for permissions. These options should be long term set and forget knobs which do not require constant attention while searching the store.
Fragment the heck out of any rankings don't just have one global rank create tens of thousands of views able to be influenced by a smaller subset of overall user base. This lets word of mouth rather than momentum dominate global trends.
Damn talk about picking winners and losers. Our laws suck so we'll wave them just for you. California the state of kings and proud of it.
And no I don't mean out of badges or the venue is full.
If you want to do something Altruistic start by giving the grey hats and assorted 0-day hoarding outfits you work for the one finger salute.
Instead of continuing to make money working symptoms of security problems actually do something meaningful to address underlying cause especially if it means certain implosion of your industry.
From reception of Keith Alexander it became crystal clear my friends have grown up and too many have become hypnotized pay checks.
some of the 7600 routers (the older bricks) - I can also understand - but seriously - if you are a core internet provider, why the hell are you using a 6500 router for the BGP routing table of the internet? Put that thing in a dorm room and buy yourself an ASR 9000
Worth remembering the Internet is a global network and not all participants in the default free zone have the same buying power.
Are there incentives of any kind for operators to think twice before making piecemeal routing advertisements? Is there any cost for multi-homing every rinky-dink company who thinks they are important enough to warrant such misuse?
Now that IPv4 resources are gone do operators pay out any penalty when they go off and start announcing random piecemeal /24's right and left?
I don't care if the penalty is simply a listing on a global wall of shame.
While IPv6 stands to reduce absolute need for disaggregation it will only be effective in doing so if there is some mechanism by which unnecessary advertisements carry a cost.
The fact is, TCP v6 was defective by design, because of what it does not have, and that is a mechanism for a long transition period between ipv4 and ipv6. If we had such transition period, ipv6 would now be widespread. The transition period means that ipv4 and ipv6 networks can communicate with each other.
It's 2014 ... can we all just take a breath and realize there is simply NO solution to the pigeonhole problem that does not resemble CGN?
The only operationally viable solution for IPv6 deployment in a production environment (e.g. solution with minimal breakage) is dual stack with IPv4 CGN as needed.
The more complex but entirely doable part is ipv4->ipv6. Since ipv6 is larger address space than ipv4, ipv4 cannot directly see a lot of ipv6 addresses. The answer lies in the DNS system. When a user on an ipv4 network askes for the IP address associated with a DNS address which only has an ipv6 address associated with it, somewhere upstream, an upstream router and DNS server will conspire to 1) give the user (ipv4 peer) a fake IPv4 address for a DNS address 2) give the information on the ipv6 to fake ipv4 mapping to the router 3) which the router uses NAT to rewrite the packets headed out from from the fake ipv4 destination address to the real ipv6 destination address.
While your deploying NAT-PT and fielding calls from angry customers burned by IP literals embedded in web sites and protocols your competitors are just deploying IPv6 dual stack and calling it a day.
You could even write an HTTP and other application protocol proxy that would automatically rewrite all ipv6 addresses in HTML with ipv6 TLD addresses.
As https deployment continues to increase suggesting solutions applicable only to http sites is not operationally viable to say nothing of added systems and operational costs of deploying proxy servers to facilitate more hackery.
ISPs as a complementary measure could also offer 6over4 gateways as well, and then over time transition to allowing raw ipv6 over their networks, a transition which can be gradual.
Or just deploy IPv6. The complexity and cost at scale of these hacks are worse than dual stack deployment.
Because every time IPV6 comes up, people say "you won't need a firewall",
IPv6 capable consumer routers have SPI (Same as NAT - no incoming connections) except without resorting to packet mangling or dangerous ALGs.
I don't want devices with a globally unique ID, because the marketing assholes any everybody else don't need to know "this is Bob's fridge".
If not turned on by default, enable IPv6 privacy extensions on the fridge console next to the designer ice cube shaper display.
Vendors have thus far proven themselves incapable of providing "connected" products not intentionally designed to maximally violate your privacy or otherwise place you at mercy of vendor operated "cloud service".
The second Bob's fridge connects to the Internet expect it to immediately call home with a complete inventory, share it with the vendors "partners" and serve ads for good measure. This is the reality of "IoT" the reality the marketeers are clamoring for anyway.
You might think IPv6 is scary but at least it restores the network of peers allowing for credible deployment and management scenarios whereby end users have any chance at all of avoiding being treated as string puppets.
It's as simple as that. It doesn't matter if you turn on mobile data as long as that is under the control of the phone's operating system, and it doesn't matter if you pay attention to your cell phone bill, as traffic to and from specific government servers is likely exempt from the monthly traffic calculations just as the provider's own servers are likely to be. It doesn't matter if you monitor your wireless network, since questionable transmissions are likely to only go through mobile data, as that's harder to monitor.
Trust is subjective/context dependent and tcpdump works just fine on mobile interfaces from an Android terminal.
I trust Cyanogenmod as much as I trust most any generic Linux distro with a few minor tweaks (baseband without shared memory)
Myself, I carry a phone with me all the time, but I simply do not treat it as a secure device. If you want to take private pictures with your girlfriend, for instance, your phone is not the camera you want to use. End of story.
Cameras share downsides of mobile devices (small, can be lost or stolen) and none of the upsides (No lock screens or encrypted file systems) ... where even long since deleted pictures can be recovered easily years after the fact.
If I had a stash of pictures I didn't want getting out I would feel safer with them on some kind of password encrypted store on mobile phone running an open source ROM vs typical camera with SD card.