Your criticism amounts to "If it doesn't completely solve the problem for everybody its no good." and that is false.

Yes some will switch to various simple password patterns t.password for twitter... f.password for facebook... or maybe fb.password... etc. That's still an improvement. Even simple patters require some effort to break.

Some fraction will use a harder patterns that aren't immediately obvious. That's an improvement. Lets say my password is "stupidgdog" for google. Maybe your automated phishing tools will try stupidfdog on facebook... but maybe not.

Some fraction will use a slightly harder pattern.

Lets say I use stupidgHdog as my google password. My new pattern is still simple. its "stupid" + "first name of domain" + "next letter in alphabet capitalized" + "dog"

With just one sample, are you really sure your automated phishing tools going to figure out that facebook is: stupidfGdog ? And twitter its stupidtUdog?

And that's still pretty lazy as passwords go.

Some smal fraction will take the hint and use much harder patterns. That will take several fished passwords for the user and probably some human eyes to figure out. This is an improvement.

Lets say my google password is: C69.7Germanium what's my facebook password?

Here... I give you twitter on this pattern too: N47.8Vanadium.
With 2 samples passwords you've got enough of a pattern to try and brute force it... letter + 3 digits + element... 26* 1000 * 118... 2.6 million passwords to try.

Very doable if its a targeted search on a particular user... but your probably not going to spend the time looking at each fished password and then write a script to do that specific search... for just one random user. Probably.

And some fraction of people will switch to using a password safe or something, and thats an improvement too.

Fair enough. Still...

"Password Alert is also available to Google for Work customers, including Google Apps and Drive for Work. Your administrator can install Password Alert for everyone in the domains they manage, and receive alerts when Password Alert detects a possible problem."

The intersection of administrators who might think its a good idea with end users that use the same password on other sites might be large enough to be at least a little bit fun.

Yeah, if it were integrated with something like password safe or password gorilla or keypass etc.

Or I suppose it could be tied into the A/V products which already have anti-phishing extensions -- McAfee for example, already has a password safe and antiphishing ... seems almost a no-brainer for them to integrate them in this way. The password safe component could dump a list of hashes and domain names and if you try entering a password that matches the hash throw up an alert. And then maybe flag the page for A/V's phishing lists so if a page is generating alerts like crazy visitors it can be blacklisted -- preventing other users from even reaching the domain/phishing page.

Put on the popcorn and wait for the fireworks show that arises when people who use the same password they use for google on other sites.

Still its an interesting idea, that might be usable in a general purpose extension that maintains hashes and URLs and then hashes every input box and compares it to the databse / urls -- and if it finds a hash match but the URL is wrong throw up an alert.

Way more useful than a google only one that only works in chrome and only when you are signed in.

No good reason for Grandma to use Chrome anyway, or anyone else for that matter.

This is needlessly cynical. I don't dispute the TLAs love mass surveillance. But there is a legitimate concern where law enforcement can justify and obtain a legal warrant for someone's electronic records/communications but not have any way to actually legally act on the warrant.

Ie... if they have your encrypted laptop AND a warrant they ARE allowed to break into it, but they can't. This is a legitimate issue.

"Rubber hose decryption" is not legal, nor should it ever be.

In a sense, encrypted data is like the contents of one's mind more than its like other property; in that there is currently no legal way to ensure they can get at it.

Their desire for a backdoor is pretty reasonable, in a way, but the problem is what they are asking for is a key which is far too much. There is no good solution here.

a) Giving them the power to demand the key is fine, but what if they demand the key of someone who genuinely doesn't have it? Is he guilty and imprisoned for not having something? That's bullshit.

b) Giving them a back door so they can just come and go as they please is giving them far too much power and ripe for abuse.

c) Not giving them a back door and requiring they break has the issue that properly encryption can't currently be broken.

The sanest and only reasonable choice is 'c', but it is not really a solution to the legitimate problem... its just the only one that doesn't trample on the innocent.

No the car analogy isn't valid, because the police do have access to everyone's cars and homes. They get a warrant. They bring a crowbar. Done.

That's the issue with encryption, they can get a warrant giving them the legal right to get in. But there is no crowbar.

I'm not in favor of this, but we do need to understand it is a somewhat unique situation. Strongly encrypted data is not like other property.

I'd like to point out that the traffic problem in cities is not caused by all the cars that are full of people.

But then we'll all bitch about that married couple that work near each other and get to use the carpool lane, and would carpool even there were no HOV lanes... so they aren't removing any cars from the road.

Yes. Exactly. "Most". For the odd time you don't have it though it really sucks. The hotel with only wired in the room. Or the day your wifi router craps on you and you need to wire in to fix it. Or the office that has wired everywhere because ethernet just works, whereas wifi has all sorts of issues... signal strength, bandwidth contention, more prone to random disconnects, etc.

An RJ45 ethernet port adds like a nickle to the cost of a laptop. And if it has to be a couple mm thicker so be it. Fill the space with some more battery.

if a vendor wants to offer an ultraportable without one that's fine. But any vendor that removes ethernet from their entire laptop lineup from ultraportable to pro-desktop-replacment has its head firmly stuck in its ass.

Sure. But just with them though.

There's no allure to the woman who also slept with their best friend, and the mailman, and the neighbor, and the guy at 7-11, that weirdo on the bus...

Ok, yes, that's a problem. But its also not a problem.

I accept Microsoft might develop all that crap.
I accept Microsoft might turn all that crap on, or make the default rout. Note I don't necessarily LIKE it.

I also know it all going to be something I can turn off because: enterprise and government.

Those customers aren't going to put up with xbox integration, or MSN cloud signin, or always on microphones, or desktop search talking to bing. Or any of that crap... so I know that not only will I be able to turn it all off, but that it will be pretty easy too. No hacking, probably even GUI tools for it, with preset policy's I can just flip, save, and apply to any computer I buy, easily.

So while I know Microsoft might WANT 'my brainz' I also know they'll ensure they fully support not giving them 'my brainz' in a way that Google never will.

Sure google has apps for enterprise but its a bastard stepchild that is peanuts compared to their search and advertising division.

Microsoft will provide for what the enterprise wants. So when I read about horrible Microsoft feature X... I ask myself "would an enterprise put up with that?" and if the answer is no, I don't worry about it. And so far that's never let me down.

I do worry about Windows as a subsription service. -- Enterprises by and large are already on one. And I figure the 4k drm garbage will be real... enterprises by and large won't give a shit whether the pc's will play hollywood 4k movies or not.

But requiring an MSN account to sign into windows? Yeah I'm not worried about that. Requiring xbox integration? Nope. Not worried. Requiring always on Mic? Nope.

And I don't need to look at my phone to know whether someone important is calling, because that's what distinctive ring/vibration is for.

I said why in the parent post, and in the post I made before that too.

https://itunes.apple.com/us/ap...

"lololololol" right back at you. What's the domain called? Maybe you thought I meant the itunes application? If so your retort is understandable, but you still misunderstood.

How do you get third party apps without using Apple services (for example without using itunes.apple.com) smart ass?

If only there was some way of getting apps for it without relying on apple, that might actually be true. But there is not, so its not.

Android wear might completely dependent on google than I thought; I really don't know. I speculate that if you can run it cyanogenmod you don't need google services to use it... but perhaps not. It doesn't really matter... I'm not advocating an android wear anyway.

Without Apple so is your apple watch. Because without itunes (itunes the service not itunes the app), there are no 3rd party apps for it.

How do you KNOW that? How do you know its important until you answer it?

And if you don't know, but expect it might be important, then you'll need to check. Checking your phone to see who is calling is just as obnoxious as checking your watch. Moreso probably because after checking your watch, you have even less time to answer it so your panic answer dance will be that much more urgent.

Its pretty easy. Certainly not difficult enough nor something that occurs frequently enough for being able to do it from my watch to to even register as a "layer" of value.

As I said, it works with cyanogenmod meaning the "single manufacturer" is less critical to its continued operation or functionality. Google could vanish off the face of the earth tomorrow and android would live on.

False.

Lol. Seeing as they are inextricably tied to itunes and ios, calling it non-apple functionality means what exactly?

The pebble has non-apple functionality, you can toss your iphone in a ditch buy and android and keep using your pebble.

Android wear at least works with android not-tied-to-google (cyanogenmod) and may work with other OSes such as sailfish etc.

The apple watch? Not so much.

I'm extremely doubtful.

Sort of, but better tiering of notifications really should just be part of the phone OS. iOS in particular is terrible at letting you filter notifications -- android is better but only because you have more 3rd party app options, but the OS is severely lacking.

I think if our phones were better at tiering notifications, that would moot a lot of the point of a smartwatch doing it.

Meh, when my phone rings in my pocket and I know I don't want to answer it without even looking, I can easily click the side button to ignore it, through my pocket. I can't imagine spending literally hundreds of dollars to avoid this scenario.

Not quite equally. Android is a single platform but not a single manufacturer, and android is a lot more open, rumor has it works with cyanogenmod for example, which might mean it could work with other phones firefoxos,sailfish, ubuntuphone, etc...

I'm not sold on the smartwatch concept, but if I were, this is the sort of product I'd be interested in.

Christ, I literally suggested my own possible use for this watch.

In exchange for wearing a 2nd device you need to charge every day or so. Not much of a win.

Thereby saving you time only if you can ignore most notifications, or actually wasting more time as you first check your watch, then pull out your phone every time instead of just pulling out your phone.

Lol. true, but how much is that worth, right?

But retains the pointlessness of wearing a fitness band.

Functionality handled better by a non-smart watch. (which runs for months, even years on a single battery...) and which can cost next to nothing, or be as arbitrarily expensive as you like. Which can be a cheap throwaway you could lose, or a family heirloom worn by your grandparents ....

Or you can buy one that will be obsolete within a year or two.

Separate money from wallets? Bring smiles to Apple fanbois faces? Usher in a new wave of corporate privacy invasion?

True enough. And I'm honest enough with myself to think I'd like to be able to read texts and view alerts while mountain biking without having to stop and pull my phone out of my backpack. Then again, between the gloves and full body armor I'm wearing I'm not sure a smart watch would really be comfortable or all that usable.

Honestly my main complaint with the apple watch is the lock in to apple. I don't want a device that only works with a iphone. What if an owner doesn't want a new iphone next year because company Z has the better product. Now he has to abandon his smart watch too?

THAT is the main source of my derision for the device. If you want a smart watch fine, but have the sense to buy one that works with any phone.