I seriously doubt there is an ISP in the world that would dare charge Google to send data to their customers. The negotiations would be swift: "OK, we won't."
Google is more than google.com. The ISPs want to force them to pay for Youtube traffic whilst getting free access to the search engine.
There is a whole world of hurt coming for someone.
Garbage. The comment he was replying to was indulging in "ad hominem" and he was attacking that argument by pointing out that it wasn't even attacking the right person. The parent poster didn't even claim that Bruce is right.
I hereby declare a new logical fallacy; "Argument by yourlogicalfallacyis.com"
But freedom is useless if crime and terror hit a certain level.
This is the wrong way round. Freedom is what helps stop "crime and terror" hitting that level. If the people are not free then the police concentrate on rounding up "politicals" and feel free to profit from taking things from the population. If you are in a free country then the police are afraid of ignoring the public and concentrate on stopping "crime" including "terror".
It's not a coincidence that the safest countries are the ones which have been long term democracies with high levels of freedom whilst the most dangerous are failed states and effective dictatorships.
Even if it's fully open, with 0 binary blobs. How many qualified specialists, with serious math background, do you think are out there looking through complex encryption functions checking through flaws in math? Ever heard of Obfuscated C Code Contests? Openness of the code does not guarantee absence of backdoors even if the code does get a lot of eyeballs looking at it.
Firstly; if the Obfuscated C Code scares you then I guess you should look up the underhanded C contest. Notice especially the bits where malware is disguised as small programming bugs. When you say "Openness of the code does not guarantee.." you are 100% right. However, don't forget, "the perfect is the enemy of the good". We don't always need a guarantee; sometimes improvement is enough:
1) Given that there have been plenty of discoveries of problems (e.g. just today a flaw in Android's RNG was reported) there must be quite a few people who are checking.
2) All it takes is one person. You don't need to do anything to benefit if I check it for you.
3) There is a vast increase in the risk for the attacker if it's open source;
4) Security problems tend to happen in generally insecure code. If code is open source you can avoid this:
Several of the things I mentioned are things that most people won't do most of the time. Having them as options means that they will be available when you actually really need them.
defenders can spot the hole and
Is harder to hide a backdoor when the code of the OS is open source and the apps are in html5.
This helps a bit, but not as much as you would think. When they say "unlocked" what they mean is that this phone comes unlocked for use on multiple operators but probably (unless this changes close to market time) not not unlocked for using your own OS. That makes the whole phone OS close to a binary blob that you can't replace and which they will be able to change without you having true control. If you use cyanogenmod you might argue that the reduced number of binary blobs would allow some kind of auditing. However without true openness like replicant it's almost impossible to be sure.
Maybe worth calling up our ZTE friends and persuading them to provide an easy way to unlock the bootloader on the EBay phones.
how would the phone differentiate from the "dlink" AP at the owner's regular coffee shop and the eavesdropping "dlink" AP?
The AP broadcasts its MAC as the BSSID. You could ask before signalling to an AP which has an unknown BSSID. Also, since the phones know where they are, you could ask whenever you see the same name in a different location.
No protocols have to be changed, and none of your posts are informative (at least not on this article). It's so simple and obvious that you don't have to broadcast to listen.
I think you are talking at cross purposes. You are asking for a protocol which allows you to connect automatically to open wifi and stay anonymous. As you say, that's impossible with a fixed MAC address. The posters you are discussing with wants to have their phones connect automatically to chosen WiFi access points without giving away the MAC address but to otherwise require manual intervention. What they ask for is possible simply through listening, though only as long as you never connect to a hidden access point.
Amazingly though, in order to find out if the network can actually route to the internet, which is what the station is trying to find out... you have to associate to the AP. As well, many people disable SSID broadcasting, necessitating probes to determine if that network is actually present.
It's so simple and obvious!
The interesting thing here is that cellphone networks have a bunch of interesting work done on the privacy here. They use random temporary identities and tunnelling of data back to the home network which should allow hiding of your identity from local passive attackers. The implementations are not perfect (an active attacker can use flaws in the GSM protocol for man in the middle attacks ; the crypto is/was a bit poor ; 3G phones are subject to fall back attacks etc.) but someone who is just listening to a GSM/3GPP phone should not see enough information to do tracking and someone who forces out enough information to do tracking should be clearly breaking the law (both computer hacking and radio frequency laws).
If the MAC address was a large random number which changed regularly and the standard was to start a VPN tunnel (back to the TOR network?) then untrackable connectivity would be possible. Of course it's not an accident that this is not the way things work.
$695 is still way too high.
There are many ways to set price. There's a range between cost (nobody will build it for less) and the maximum value someone can get out of it (no point in buying something for more). You don't show in any way it's outside this. The real question is the value that you can get out of it. That's what should decide how much you can pay for it. You need to compare it with other similar devices, not a bunch of non wireless enabled development boards.
In my view the device is new, but the fundamentals of the value are something we have seen before. I guess there are three devices to look at; OpenMoko, the Nokia N900 and the Nokia N9. There are a bunch of things which would work on those devices which are impractical on other devices. Here are some ideas off the top of my head; maybe other people can add theirs:
Compare these ideas with the closed competition. Windows phones, where you can't even really jail-break, are the worst it is true. iOS phones are also pretty limited (software from the app store only unless you get a developer key) but even Android phones which are supposed to be "open" end up as garbage here. Instead of having the full GNU/Linux you are limited to just small bits re-implemented by Google.
If you want to develop new personal device or wireless network ideas, this is going to be worth thousands of dollars to you. Even if you just want a device which does what you tell it to then it's likely to be worth hundreds more.
If you aren't a developer; you don't have any ideas about how to do something with wireless devices and you don't need a portable computing device, then you may well be right, it's not worth it to you. For a person who just uses it as a phone/PC, the competition would be something like a Samsung S4 - on sale for something like $600. In that case your questions about the level of testing would really matter. For most of the people who read this site, though, it's a chance to get a device which will be able to do things no other current device can do and that can really be worth much more than Canonical are asking for it.
You may want to look at my signature and posting history (not to mention the recommendation that everyone start's using Tor from the original submission). I guess maybe you could say that the editors deleted the part at the end because they didn't get the comment, but I assume they did it because they thought it was obvious.
Generally though I agree people who just accept this are beyond scary to the extent of being a serious threat. There is a definite space for some limited secret monitoring and much police work couldn't be done without it. Mass gathering of data just has so much opportunity for abuse that it's unreal.
Then again, maybe I'm recommending Tor as an INFO-OP muaaahhaaahahahaha. Or even better as a counter INFO-OP (you'll stop using it if you see it in an obvious INFO-OP like this one) ha.
Anything free is worth what you pay for it.
