I completely agree with this - and it gets even worse: who gets trusted? SSO works in a corporate Windows domain because the answer to "who gets trusted" is "the company's internal systems...and it's the company's data anyway." Logging into the company's AD/Exchange/Sharepoint is just fine, because the systems authenticating stuff and the systems storing stuff are effectively the same.

Now on the greater internet, who do we trust? I have a friend who trusts Apple with basically everything, a friend who trusts Google with literally everything, a friend who trusts Microsoft with more of everything than not, and me, who trusts my own systems and no one else's. You own Nine-Times.com, a vBulletin forum for cat enthusiasts. You trust Google and Apple, but not Microsoft. two friends can SSO in, the other two of us can make internal accounts for the forum. Google friend owns androidfanbois.com, another vBulletin site. He allows Google's SSO. Three of us need accounts now.

So, we then do something like the US Federal Government having a standardized "internet identity", available to anyone who wants it. Well, we can forego corporate fanaticism this way, but now we've legislated digital identities and said goodbye to even the illusion of anonymity, and have a digital treasure trove of data for not only hackers and identity thieves (do you REALLY think the federal government is going to have bulletproof security on this thing?), but now you tell me that the NSA isn't tapping all of *that* "metadata", and I've got a password storage device for you. More to the point, if you google 'voyager529', you will indeed see my photo in the very first set of image results, and have a pretty good idea of who I am and what I do. I have a completely separate digital identity that is *not* tied to 'voyager529' in any sense.If the federal government gets in the online identity business, I sincerely doubt I'd get two.

We've eliminated corporate, and we've eliminated government, which leaves us with two obviously-even-worse options: self-signing and crowdsourcing. Self-signing gives us no real concept of who the person is, which is why Usenet devolved into the spam garden it is today. Requiring X number of people already joined to a website to validate that you are who you say you are turns logging into stuff into a popularity contest.

Passwords get stuck to monitors and under keyboards. Password managers are treasure troves to compromise and aren't cross compliant. Possession-based authentication (RFID card, NFC/Cell phone, etc.) makes losing your wallet ten times worse and you still need an issuing authority to oversee unique cards tied to a particular human. Biometrics are nice, but cross-device biometrics still have the problems of password managers, and having all ten fingers enrolled is a good idea, because one lapse in tomato slicing safety precautions and you won't be accessing your Gmail for a week.

No matter how we slice it, "proving that a person is the correct person on the internet" is a problem inherently tied to the problems that 1.) one's authentication MUST be represented as data, and 2.) computers, by design, perfectly replicate data VERY efficiently. Adhering to the first requirement while preventing the second is a problem whose solution will revolutionize computing again.

It's not a silver bullet, but it is a partial solution. 1337hax0r will vpn/proxy from another address intentionally, but he then has to get his whole botnet to do so. Sending internet traffic overseas slows things down tremendously to the point where an end user would be more likely to notice and run an antivirus.Maybe it'll cut it down by 10%, maybe by 75%, who knows...but even a 10% decrease is 10% in the right direction, with relatively minor inconvenience to customers.

Herein lies the matter at hand. You're absolutely right...however, I'm pretty sure Apple would readily say that no iPhone owner actually owns any of the servers running iCloud. Same with Google and their Drive servers, or Microsoft and their OneDrive servers, and are thus trusting their nude selfies to a complete stranger's hard drive.

"Victim blaming" means saying that it's Lawrence's own damn fault that the photos are circulating the internet, and I understand how the following will come across that way...BUT...it's also a relatively fair assumption that most people who are saying 'stop victim blaming' would also say that they may have given more thought to syncing photos to iCloud if they were instead told, "do you want your photos to automatically store themselves on a complete stranger's hard drive that you have virtually no access to?", they may be a bit more hesitant about iCloud syncing.

The better analogy would be this: you have naked photos in a photo album. Since you are a member of your local gym, they give you a locker for free, along with a combination lock. The gym offers to have the stuff from your bedroom automatically moved to the locker (it's a TARDIS locker...), and you agree, in case your house burns down. The gym gets broken into, and all the lockers get ransacked, meaning that your nudes end up in a pawn shop. It's entirely possible for you to have nude photos without also putting them in a gym locker, especially at a gym who offers TARDIS lockers to all of their >100 million gym members.

Between OwnCloud, Torido, PogoPlug, Western Digital MyCloud drives, Synology devices, FreeNAS, BitTorrent Sync, and old-fashioned USB cables, it's completely possible to have ZERO compromise here - all your photos backed up in real time in the event that a phone is lost/damaged/stolen, and that backup living on your own hard disk without annual fees or super-low storage limits, or disable cloud sync entirely and let your photos back up via iTunes. It may not be advertised or all-but-required for an iPhone to work, but it's completely possible for a computer novice to take a single afternoon and set something like this up if they care enough to do so. In this manner, your initial point is very much reinforced - what you do with YOUR personal equipment and how you store it and how it can be accessed isn't my business. that point is mitigated, however, when it involves the use of a hard disk belonging to a third party. You don't have to justify to me if you decide to put your data on Apple/Google/Microsoft/Amazon hard disks, but they also have very little incentive to justify their setup to you, either. What you (and Jennifer Lawrence, and every other human on this planet) do with your data is indeed none of my business. Knowing the options and gauging one's own risk threshold is very much your business (and Jennifers, etc.), but all the "don't blame the victim" logic in the world doesn't change the fact that "the cloud", by definition, means "a stranger's hard drive"...and if you wouldn't put nudes in a complete stranger's gym locker, don't put them on a complete strangers hard drive.

Nuance ate Scansoft and several other companies. Nuance now owns Paperport, Dragon NaturallySpeaking, and Swype. Will Samsung ditch the desktop products if this goes through?

Consider the division of the police force with which he works. His section sees computer crimes day in, day out. He is tasked enforcing computer laws for the city of London (i.e. not metro area, so he's likely dealing with financial crimes "on the internet" and similar), which is a rather tall order...and I sincerely doubt he's particularly concerned about Joe sixpack getting a movie off the pirate bay.
We can laugh about how out of touch he is and how ludicrous it is to suggest a website license, but it's also a reasonable fear that the same infrastructure keeping the pirate bay resilient to the *AA's could as easily be used for worse things that could have a more profound effect on the economy of the region.

No problem, but I'm not Merlin, or affiliated with him at all - just have had positive experiences with the firmware.

So a known group of people both stole a tablet from you and modified your router? That sounds rather interesting, to say the least.

Well, for it to be an actual security risk, the thieves would have to have not only your tablet, but your address. Now that could make sense if you had a break-in where it was stolen, but it again seems to be a rather unique set of fugitives who would break-and-enter, steal your tablet, root it in order to extract your wi-fi passwords, and then use that to plant data on your hard disk via a LAN and reconfigure your router.

Yes, but given the cost of an actual SWAT team, the cops would have to know you've got data, and feel that sending a set of garden variety police officers is too hazardous...which again would lend credence to the thought that it should have actually happened already; if you're a threat requiring a SWAT team, waiting for months seems like a bad idea.

Whether the Geek Squad is a quality service or not is not the reason Charter recommended them to you. The guy at Charter telling you to have the Geek Squad take a look at your computer is less of a risk to his job than "have the random neighborhood computer guy take care of it for you".

What does a tazer have to do with anything at all?

So let me get this straight...your router was hacked, a tablet was stolen, illicit data was planted on your hard disk and...your video card is broken? I must be missing something.

So your existing computer had a video card fail, but it was a dual head video card, and it failed, so instead of adding a new video card to a computer that was handling two screens just fine, you needed a new one because it "almost demands a dual vid computer"? Or, you didn't have a dual head video card, and you were worried that your computer couldn't handle two monitors? I've got 15 year old computers that are capable of that. No matter how I try to make this sentence work, I cannot. Now don't get me wrong, if you just wanted a new computer, then rock on; I'm glad you purchased one. Blaming the purchase of a new computer on the fact that the video card in the old one died, however, still doesn't make much sense to me.

Ultimately yes, but just letting time pass you by isn't the greatest method, either. Don't rush into something, but to be completely frank, there's still plenty of your story that I can't make sense out of.

I'll assume that when you use the term 'laptop' here you meant 'tablet', since you referred to a Xoom earlier. That being said, I don't think it matters. Either your assessment of what happened wasn't quite on base, or if it was, changing the wi-fi password wouldn't have helped you much anyway.

So much wrong here...

1.) I'm a fan of Padavan's firmware myself, but it looks like it's only available for the 65u and not the 66u. Asus is actually pretty good about keeping the stock firmware up to date even on the relatively old n56u, so even stock isn't necessarily a bad deal. TomatoUSB and DD-WRT also install on this router. There were plenty of options if you were doing it yourself. If Merlin did you wrong, sticking with it is a fool's errand.

2.) Either you installed the Merlin firmware on your router, or your saying that the Merlin firmware was installed without your consent - the sentence is unclear. If you installed it intentionally, did you not lock it down? If it was installed without your consent (seems like a particularly interesting virus that would do that...), why not blame the individual flashing router firmware maliciously, instead of the individual who makes the aftermarket alternative? Wouldn't the correct software to blame be the one that allowed itself to be flashed without your knowledge?

3.) If your router was flashed with Merlin, wouldn't the correct response be to either flash it back to stock, or purchase a new router?

4.) Charter may have told you to call the Geek Squad, because their responsibility for getting your devices online essentially ends at the modem. If your computer was as compromised as you say it was, they weren't going to send a tech out to fix your computer. Saying to talk to "your friendly neighborhood computer guy" is wildly varying in its quality, and they'd be hard pressed to correctly point you in their direction anyway. As much as the Geek Squad isn't generally liked here (and with good reason), it's at least a company big enough that Best Buy locations are easy to find, and they'd have at least some idea that they will repair your computer, certainly moreso than anywhere else.

5.) Why buy a new computer instead of reformatting the one you had? If it's the "free Internet users", you'd find your internet slower, at worst. If it's a case of malicious hacking, they're probably not on your wi-fi.

6.) If the hackers were offended by the contents of your hard disk, how did they communicate this with you? If they reported you to the feds, you can first get the hackers on some sort of variant trespassing or criminal mischief (IANAL; point is that they committed crimes as a part of submitting the fraudulent report). Did the local PD really send in a SWAT team as an avenue of first resort for a computer crime? Did the hacker stick solely to secondary hard disks besides your system drive? If you pulled them out so the hacker couldn't get to it, while I wouldn't recommend this under ordinary circumstances, why didn't you simply hand over the drives to the LEOs? They were offline and contained data that incriminated someone else and basically cleared you, right?

So, to sum up your story: you had a router that was flashed with aftermarket firmware without your consent, or possibly with your consent, but either way was configured to leave lots of ports open and leave your system vulnerable (i.e. not its default configuration). You didn't notice this until two months later. Your first move was to call your cable company, and when they said "get your computer fixed", you bought a new computer, but not a new router, and reinstalled the stock software on neither. The hacker planted nefarious data on your computer and bragged about it on that drive, thus leaving clear evidence that it was planted by them, not acquired by you, and no charges have been filed...and this is a cautionary tale not to have a wi-fi connected thermostat.

Every system that can be accessed by a legitimate user can be accessed by an illegitimate user because the correct user must be able to access it themselves. Thus, any system can be fooled by sufficiently impersonating the legitimate user. This has been true since the beginning of computing. It will be true until the end of computing.

Here's my attempt...

1.) ZFS does software RAID as its normal mode of existence. It's naturally contested as to whether this is a good thing, but it depends on context. ZFS doing software RAID on a busy MySQL server? Not great. ZFS doing software RAID on a FreeNAS box whose lot in life is to shuffle data two and from a bank of hard disks? Better.
2.) Datasets. These are best described as the lovechild of folders and partitions. Like partitions, they can have their own mount points, their own permissions, storage quotas, and their own compression settings. Like folders, it's possible to have dozens of datasets on a volume, and then let the dataset use as much of the volume's storage capacity as needed, and dynamically expand or contract them as necessary.
3.) Snapshots. If you're used to Windows, think "Shadow Copies", but easier to work with.
4.) Deduplication. This *can* be dangerous, but deduplication can be enabled on a per-dataset level, so if you have a known set of data that has massive duplication (e.g. a dozen Windows VM disks for a test environment), it can save a whole lot of hard disk space.
5.) ZFS brings a lot of the functionality of the more expensive SCSI cards to commodity hardware with basic drives, and can do its thing with a hodgepodge of disks. This is useful if you're like me and think it's useful to have a RAID-6 array with drives from several vendors to help mitigate the risk of a homogenous manufacturing run.
6.) Not a feature of ZFS directly, but ZFS and FreeNAS/Nas4Free/Nexenta have a rather symbiotic relationship. If a NAS is built running a BSD distribution explicitly designed for storage, these distros make it extremely easy to manage the storage array and use the data transfer protocols best suited for the task at hand - all support FTP, SMB, iSCSI, and NFS, with some more exotic stuff generally available as well.

Not 20, not living in a dorm, and not living in 1995.

Most of my friends have laptops, and amongst the reasons we play older titles is so that they don't need $5,000 Alienware laptops to join. Setup time isn't terrible, especially since "connect to the wifi" is all it really takes (though we do prefer hardwired where practical)...that, and newer games don't work over a LAN anyway.

"Coordinating everyone's free time" is something that literally everyone does when they throw a party...so gaming is a less acceptable activity to do at a social gathering than getting completely drunk, or pretending to like people you're stuck talking to?

There are advantages for a LAN party, too: we don't deal with 14-year-olds calling us fags the whole time. We have zero lag, ever. We have zero need for headsets, and it's a whole lot of fun to rag on the person sitting next to you. When we play in cooperative mode, planning attacks is much easier.

Finally, when the PSN gets DDoS'd, we're still gaming =).

Yes, it will likely happen. However, that is, in my opinion, insufficient disincentive, for the following reasons:

1.) If it "accidentally breaks" 50% of the time, it still means that half the time it's working, which is higher than the 0% we have now.
2.) secondary units could be kept in the glove box; most juries would have a very difficult time believing that both cameras failed, or that a known-dangerous situation wouldn't warrant having both cameras on anyway, or that both police officers involved both had faulty cameras, or if only one went in that he/she was not following protocol....basically, the lack of evidence when there damn well should be would lend more credence to the victim than the police officer, leaving it in the officer's best interest to keep it working (or report it malfunctioning sooner than later).
3.) It would help curb selective enforcement; officers would be more likely to more fully follow protocol.
4.) random footage audits, like random drug tests, would assist in internal investigations; officers whose cameras are 'accidentally broken' during an audit would be much easier to penalize, again, keeping it in the officer's best interest to avoid having a malfunctioning camera.
5.) "I have nothing to hide" is a reason frequently given for giving up one's privacy when prompted to do so. If it's true, then "I have nothing to hide" should most certainly hold accurate for people on the public payroll.
6.) A highly trivial reason, compared to the major ones: checking cameras and footage in and out is a good way to add a few dozen jobs to the local precincts.

It will happen, of course...but if it even partially helps the situation at hand of "he said she said" where either no one trusts the cop (in cases where the officer was either genuinely right or ultimately wrong, but in a split-second decision situation), or victims of police brutality are further victimized by the 'ol boys club', then I'd say it's a hell of a much better use of both my tax dollars and Seagate hard drives than the use of either by the NSA.

The GP's point was that Starcraft is possible to play on a server unlikely to get DDoS'd. When my friends and I play Starcraft, it's over a LAN with no internet access at all. If you wish to DDoS my game server, you'll have to trespass to do it.

Targeting any given company's game servers doesn't affect the titles who don't require that players be online to play them.

That's already been done.

The challenge DropBox faces with a self-hosted iteration of its software is that it stops being 'simple'. Existing Dropbox clients would have to be completely rewritten to go from asking "username and password, please" to "username, password, server address, and port, please". Even if we hand-wave away that problem by assuming that users can either correctly type a server name and port number, or that Dropbox will still have 'accounts' but essentially become a DynDNS clone and simply handle network traversal and matching users to their data repositories, we then have to deal with the Dropbox Server software. There may be a market for Dropbox to sell drives like these, but I don't see Western Digital wanting to partner with Dropbox to provide redundant functionality to their existing apps, and I don't see consumers paying more for a Dropbox branded drive if they're already in the "self-contained NAS" market - a handful might, but now Dropbox, for all intents and purposes, finds itself with all the challenges of being an external hard drive vendor...with the added bonus of directly competing with the vendors from whom they're sourcing their parts.

The obvious alternative to this would be for them to sell their software and let it run on a LAMP/WAMP stack, on whatever hardware is on hand, and market it to the enthusiast/enterprise market, like UnRAID or Nexenta. That might be a short term win, especially if they do some fancy stuff with LDAP/Active Directory integration. Conversely, I see it potentially being a support nightmare based on how it deals with storage. Will it install on an Ubuntu desktop containing a hodgepodge of hard disks? Would it be more like FreeNAS where it makes its own software RAID, but requires hardware to be dedicated (or its own VM)? Even at that, how do they bill for the software? One-time use seems like it wouldn't be a good long-term plan, but I don't see too many users being okay with Dropbox charging them an annual fee to use their own hard drives. CALs could be a useful method (arguably the most workable one), but they'd have a hard time managing their consumer-friendly image on one hand with Oracle-style licensing on the other.

Levie is right; 'free' isn't a business model. Dropbox's 2GB number is only sustainable because they're betting that a certain number of those users will go for a paid tier. Either every Dropbox customer will pay, or they start advertising, or they data mine. To my knowledge, those are the three business models that have sustained themselves on the internet. 'Everyone Pays' may be a viable model if Dropbox can do things like sell gift cards for their service (for users unable/unwilling to fork over their Mastercard) and come up with the right formula of how much customers are really willing to pay for storage+ubiquity+simplicity. Although Levie must certainly be feeling the pinch from Microsoft's 1TB of OneDrive for $60/year, the one client we attempted to migrate to that service went back to dropbox VERY quickly because the desktop client was utter crap; I'm left to believe that Dropbox's simplicity still has an edge just yet. Conversely, I don't think that $50/month for 500GB is worthwhile, either - That's only slightly less than it'd cost to buy a 500GB hard disk outright from Newegg every month.

Dropbox is still a well-recognized brand that I'm certain many consumers are still willing to pay a premium for, and Microsoft and Google are competing not only with more storage for less money, but with integration as well - editing a spreadsheet in Sheets or Excel and seamless saving of attachments is not the kind of thing that Dropbox can effectively compete with. Dropbox's best bet right now, in my half-asleep opinion, is to see how much value-add they CAN provide to their existing tiers. I can't quite fathom what that is (a trivial example off the top of my head would be an IM client add-on), but one thing is for sure: they can't easily compete against companies who sell their own gigabytes by selling someone else's gigabytes.

According to one of the comments in TFA, https:/// worked fine, so they were only blocking HTTP. This leaves all the other suspects to their devices - the cornucopia of IM clients, VPN traffic, torrent traffic, usenet, diaspora/retroshare, in-game discussion via Steam or Second Life, IRC, etc. Sure, some of those are summarily blocked, but it seems they're doing such a poor job of acting in malice that I'd deem it sufficient to chalk the issue up to incompetence instead.

Your question begats two other questions:

1.) The site redirects to the T-Mobile USA website. I don't know how this works for other subsidiaries, and/or in other countries.
2.) The site explicitly specifies "Unlimited LTE". If you're torrenting at 20KBytes/sec, then your point certainly stands. If you're saturating an LTE tower during peak usages, then that's a different story...but it requires actual LTE service.

I can't speak for where you live specifically, but here in the northeast, I can tell you this much:

1.) T-Mobile is, in most metro-ish areas, as reliable as any other carrier. Also, it's not beyond the realm of realisticness to presume that users torrenting on their phone aren't torrenting while driving - if you're stationary and have four bars of LTE signal, T-Mo is pretty damn solid.

2.) I've gotten 2.5MBytes/sec down on my phone. Not during peak hours, of course, and somewhat varied based on what tower I'm connected to, but >1MByte/sec is quite common - and triple the speed of my home DSL.

3.) T-Mobile still offers kitchen-sink unlimited data plans if you pay enough. On those, they have a cap on tethering, but on the phone, you can download as much as you want. Since Android has a handful of bittorrent applications, it's entirely possible to be torrenting on an unlimited, uncapped data plan.

I don't blame T-Mo for doing what they're doing. Torrenting, by nature, takes a significant amount of bandwidth, requires lots of network connections, pounds the Carrier NAT with connections that can't be completed, requires a metric ton of extra routes, and doesn't stop seeding unless the user sets it as such.

If there's a protocol that's terrible from a cellular provider's standpoint, it's bittorrent. Blocking it on cell phones is about the least objectionable form of "network non-neutrality" that a carrier could implement. On a similar note, I don't know that T-Mobile's music streaming policy is terribly unfair, since they're whitelisting all the major streaming music providers. If they made Pandora free while Slacker had to pay, that's not 'net neutral'. Since everyone who streams audio is included, it's a blurry area for net neutrality.