Comment Re:No warning? (Score 1) 54
Remember that Japan is located in a very active place regarding underground activities.
Yes, I think see what you mean. Apps like "Hangout", "Google Video", "Google Books", that kind of apps?
The difference here is that these are always present, but don't interfere with the content of your account. When my Android phone installed Google Video, it didn't replace another Video app, didn't become the "default" video viewer, and wasn't added anywhere except the applications menu. Unless I actively looked for it, I would not find it.
Now, when google decided to add some free music to my music library, it did show up while I was browsing *my* music, and I had to do something to remove it. But I think there's a difference between new app/services being pushed, and content being added to a user account. The former is part of the system's evolution, while the later is more akind of pop-up ads.
About today's topic: from the summary, it looks like there's two issues: first is automatic download on user's devices (even those not using this feature at all), and no obvious way to remove this. I believe the issue is more about this than pushing new services.
it doesn't have to be turned on after you finish signing certs until its time to sign another batch...
To be fair, with OCSP you need something that's online all the time your certificates are used. But unless you have hundreds of peoples checking your certificates simultaneously, any low-end contraption can handle it.
Are you connecting to that self signed cert that is university owned or that self-signed cert that is setup by my evil laptop on the wifi network?
[...]
With BYOD you simply cannot use a self-signed certificates. Your potential attack surface than increases.
That's why the previous poster said "Or the college provides an easy way for the BYOD people to acquire the college's cert."
You don't have to trust any self-signed certificate that the web server throws at you. You go to the official, public website of your uni/work/whatever (or to the IT dept. if they want to do this by hand), and grab the CA cert there. You trust this website, it can have a regular certificate issued by any public authority, and using this newly downloaded cert. as a CA, you can safely connect to anything your workplace have in it's private network.
The only hindrance is that the users have to install this certificate once. Through easy GUI.
I'm more curious about why "different computer draws the image slightly differently".
Slight rounding differences, shape edge antialiasing behavior, font antialiasing behavior, installed fonts, and the like are the big ones I can think of. HTML5 Canvas behavior isn't specified down to the bit level.
Maybe it should. Providing an API and saying "it kinda work like this, most of the time, your mileage may vary" doesn't sound very good.
yes, but, there is so much layers that are supposed to smooth the hardware difference:
Now, I perfectly understand why neither the browser, the OS API, and the driver would bother to provide perfect results: we're trading performances for accuracy. After all, if I draw my circle with 0.1 pixel of error, it will look good because of antialiasing. But I still think that software results that are independant of external input should not vary from one hardware to another. There is only one good output for a deterministic software function when always providing the same input.
Imagine the horror if different processors would return different values when computing 1/0.999 just because they have different hardware (oh wait, this one kinda happened
"Experience has proved that some people indeed know everything." -- Russell Baker