From the *actual* draft:

This document describes two alternative methods for an user-agent to
            automatically discover and for an user to provide consent for a
            Trusted Proxy to be securely involved when he or she is requesting an
            HTTP URI resource over HTTP2 with TLS. The consent is supposed to be
            per network access. The draft also describes the role of the Trusted
            Proxy in helping the user to fetch HTTP URIs resource when the user
            has provided consent to the Trusted Proxy to be involved.

The entire draft is oriented around user consent and transparency to the user... where is the problem here?

The linked article by Lauren Weinstein is very heavy on sarcasm, scorn and flippant one-liners, but pretty light on technical details. From what I can discern, her primary concern is that ISP's will force all of their users to consent to them acting as a trusted proxy or refuse to serve them.

This is pretty far fetched, imho. First of all, the backlash from the average consumer would be staggering. If, every time they go to their bank's web page, they get a scary security notice "do you want to allow an intermediary at "trustedproxy.verizon.com" to see your private data?" they answer, every time, will be "hell no". And if they are then unable to access their bank account because of this... well, that's not going to be a pretty picture for L1 support.

Second, the *last* thing most ISPs want is to have to deal with yet more PCI concerns. If they end up storing your cc number and ssn in a plain-text cache, that introduces all sorts of potential problems for them.

It seems like the primary use case for this technology is in serving media-heavy content that SSL screws up, like streaming video over ssl etc... so, it would allow caching etc for various media streams that really don't need SSL. And the user could make the decision for whether they want to do it or not.

This seems like a pretty smart thing to me, I'm not sure what all the hand-wringing is about. Maybe I'm missing something obvious?

A while ago I was also accepted to the glass explorers program. I was pretty excited at the time, and was planning to go ahead and get one. I'll admit to being a bit of a Google fanboy, though recently they've lost some of their shine in my eyes.

At the time, there were a few compelling reasons why I decided to wait, which I summarized here: Why I'll Wait on Glass

One thing to consider, is that along with the $1,500 price tag, unless you live close to one of the fitting centers, you'll also have to book airfare and hotel, which can be as much as the Glass itself, so that really raises the price a lot. At least, this was the case when I was invited to the program, it may have changed.

For those who don't like clicking G+ links, here's my full original post:

Why I'll Wait on Glass

So, I received my invitation to purchase #googleglass and become a #glassexplorers . Google notified me that I had 14 days to make my purchase and schedule a pickup date.

I've put a lot of thought into this, and decided not to move forward with the purchase. I'm outlining my reasons below, and I hope that the amazing folks on the Glass team can take this post with the spirit that it's intended: as constructive, objective feedback from a developer who is a huge Google fan.

When I first heard about Glass, I was gobsmacked. The notion of having a powerful, wearable computing device with an array of sensors, camera and floating UI always available to the user, with speech recognition and integration with wireless services - well frankly, I had trouble containing my excitement.

At the local bar, I waxed on (to annoying lengths, I'm sure) about how this was a revolution in technology. How it would change the world and the way we interact with it.

I shared my excitement with my family, and when I was selected as a #glassexplorers they had to pull me down out of the clouds.

I was busy planning apps that I was going to develop, I had visions of an app where I could say "ok glass, find my car" and a floating 3d compass arrow would appear and guide me.

I had visions of walking into my house and saying "ok, glass turn on the lights, lock the doors, arm security", and seeing an interactive display of all my devices. I would be able to say "ok, glass show front camera" and I would be able to look out of the security camera on my front porch.

I had ideas for interactive augmented reality games, where the user could scan the sky for alien UFO's and see 3d spaceships through the Glass display window.

I eagerly refreshed myself on OpenCV, preparing for all the computer vision awesomeness I would be able to develop (I'd already done some of this work on android tablets, using the native sdk).

With all of these visions in my head, I set out to begin development. Finally the new api was released. I sat down at my main development box, pulling up the docs, expecting to see all of the richness of the Android API plus Glass specific enhancements.

What I got was: Cards. A completely non-interactive API where I had to broker every request through a complex chain of servers where eventually, at some point, some static text or images may or may not popup on the user's screen.

I was actually in disbelief. I was sure I was missing some documentation somewhere. I poured through the docs, trying to understand what I was looking at. I felt that I must be missing something really obvious. From what I could tell, the amazing awesomness that was Glass, was limited by the API to being essentially nothing more than a SMS messaging system, similar to text messages on my cell.

None of my applications were possible. I couldn't talk to the accelerometer or other sensors. All I could do was go through a strange "add my app as a contact" process so that I could post text messages with some limited media to the user's timeline. That's it. Interactivity was limited to glorified hyperlinks that would post a message to Google's servers, then post a message to my servers, where I could eventually reply with a minimalistic message back to the user after who-knows-how-much latency.

Basically, this revolutionary piece of hardware and engineering was being hobbled by an API that was less effective than a twitter feed. It's like having a Lamborghini, but the only way you can drive it is by calling up an operator and saying "Ok, turn left. Where am I? Ok, go straight. Where am I now? Ok, turn right".

I decided to wait a while, certain that the really smart folks at Google were going to announce an additional API, that this was just the early state of things. Soon, there would be a native API that would allow me to do all of the wonderful things I had planned.

So, I've been waiting. Last week I got a message that my Glass was ready for me to pick up. I thought about it, thought about it some more and decided: I'll keep waiting.

That's true, however, there are two really important points here.

1) No one that I know of, no matter how far afield, follows the rules laid down in Leviticus, which was why I was so annoyed with the poster.

2) The fact that old testament rules aren't followed strictly is internally consistent. My understanding is that these old rules were superseded by the teachings of Jesus who was mostly all about not harming others.

Of course, the poster that I originally replied to is either unaware of this, or was specifically misrepresenting these things, which I felt it was necessary to call out.

No, just being revisionist and - once again - misleading.

Your phrasing, use of exclamation points, and flippant "Yup, good book that" were all clear indicators of your tone.

Saying something does not make it so. The OP did not take the position you stated. Your post was clearly intended to be derogatory and sarcastic.

Congratulations, the moderators of slashdot agreed with you. You sunk to the level of hipster group think and won karma points. Well done.

You don't need to justify yourself, you "won". I should have never wasted my time trying to help you improve your critical thinking and writing.

Please ignore my points, and carry on as you were.

No, I disagree. It was clear that the purpose of your comment was to score points by sneering at the Bible. It was clear that the OP's post was a joke, and poking fun at creationists. The OP was taking a sarcastic tone to illustrate some of the poorly reasoned arguments that are made by new-earth creationists.

You post, however was not that. You post cherry picked individual lines from the Bible in order to specifically misrepresent them, take them out of context in a sort of elitist, intellectually superior tone by applying current moral standards to a culture of thousands of years ago. By doing that, you treated an important book with total disregard and disrespect.

That was inappropriate.

You post was inaccurate, misleading and childish. It lowered the quality of the discussion.

Well, it depends on what assumptions you are making about me.

I never said I agreed with the things that I mentioned, or suggested that Leviticus contains a list of rules to live by, or what religion, if any, I ascribe to.

What I disagree with is the casual disrespect and misrepresentation that the OP treated the Bible with.

Regardless of religious preference, such an important historical document should be treated with more respect. Also, regardless of religious preference, it is a fool who goes through life believing that there isn't a great deal of wisdom contained in the Bible. Or the Koran (Quran). Or the Bhagavad Gita. I would defend any of those texts with the same fervor.

I know that it is cool to make fun of religions, especially Christians, here. It's a guaranteed way to score yourself some easy Karma (ironic!). In this case, however, I took exception to the condescending, disrespectful tone and willful ignorance of the poster.

Those points were specifically cherry picked in order to make a distorted point and to trash the Bible: "Yup, good book that"

It was done by applying current moral standards, two thousand years later, to a people, civilization and culture that were *vastly* different.

The poster made no attempt at intellectual honesty, and strictly went for "cool points". This sort of thing lowers the quality of the discussion for everyone. Even if slashdot tends to be something of a hip, liberal echo-chamber - most of us here value reasoned, intelligent debate. The poster didn't do that, so I (quite appropriately) called him out on it.

Ok, I try to avoid getting involved in religious conversations like this, but you are coming across as a typical ignorant elitist here, sneering down at things you clearly don't understand. We all get that you aren't religious, but that doesn't give you the right to present skewed information taken out of context. So, I'm going to completely waste my time here and present some *actual* information on each one of your points in the vain hope that in the future you will temper your snark.

What you aren't saying, is that at the time selling children into slavery was a common practice throughout much of the "civilized" world. This 'law' was put in to place to *protect women*. The reason why is that normally when a child was sold into servitude, they would be freed after a period of time. Since (by far) the reason that women were taken as 'servants' or ('hand-maidens' depending on the interpretation) was as second wives or concubines, it was grossly unfair to the woman to then release her from service after she had been used as a sex object for years. No one would want to marry her, and she was essentially screwed. To protect against that, this law was put into place saying essentially, that if you're going to take this woman on, you have to care for her forever, you can't just have sex with her for a few years while she's pretty and then kick her out once she gets older.

Again, you're totally cherry picking here. Leviticus rules of cleanliness were generally *good* things. At the time, they simply didn't understand biology, and sanitary practices were spotty at best. This was the origin of laying down some rules for sanitary practices, which is a good thing, even if they seem strange to us now. And by the way, Leviticus' admonishments were by no means limited only to women:

Leviticus 1-5:
"Speak to the children of Israel, and say to them: 'When any man has a discharge from his body, his discharge is unclean. And this shall be his uncleanness in regard to his discharge; whether his body runs with his discharge, or his body is stopped up by his discharge, it is his uncleanness. Every bed is unclean on which he who has the discharge lies, and everything on which he sits shall be unclean. And whoever touches his bed shall wash his clothes and bathe in water, and be unclean until evening."

This was relating to abnormal discharge, no one really understood STD's, they were just doing their best at the time. But great job completely misrepresenting Leviticus as anti-female in order to push some sort of agenda.

Again, you're totally misrepresenting the law here. A the time, this was incredibly progressive. Slavery was rampant and commonly accepted, to limit the bounds of slavery and who could be enslaved was a great step in the right direction. Considering that even the U.S. still hadn't worked out slavery issues as of only 140 years ago, applying 21st century morals to a progressive law created to put bounds and limits on slavery thousands of years ago... well, that's just childish.

I don't even understand your point here. Are you saying this is still a problem? I mean, I agree - we need to stop the rampant slaughter of all the people who work on Sundays in America. Oh wait... you mean, this doesn't happen? At all? So, clearly it was a law intended for another time - a time that penalties were pretty damn harsh for just about any infraction. There's some question about how tightly this was interpreted and enforced even at that time. To casually insult and discard the bible in it's entirety because of some parts of it are written for a totally different time, culture and moral code is asinine. At the very least, it gives us a stunning historical insight into humanity.

Your other points are similarly cherry picked and disingenuous. You take an insulting an elitist attitude about things that you don't know the first thing about, and I'm giving you the benefit of the doubt by assuming you're just ignorant. If you're actually educated on these subjects, then you're willfully misrepresenting these things, which is much worse.

I get that you're just fishing for cool points with this whole post, but your snide, disrespectful attitude just makes you look childish and uneducated. Religious or not, the Bible in an incredible historical document that should be treated with respect and educated thoughtfulness, not snarky cherry picking and misrepresentation.

This doesn't make any sense to me. Are you telling me that paying SS and Medicare are optional, that I have a choice in it? No? Then they are part of my total tax burden, just like military spending - and as a self-employed developer, I can tell you that the burden of paying both sides of SS is significant.

This sort of viewpoint of "well, those don't count because they have a separate fund" is the sort of thinking that has gotten us into this situation.

Your concluding statement isn't accurate at all.

The "mandatory" spending on entitlement programs dwarfs military spending: http://en.wikipedia.org/wiki/U...

We have a spending problem, but it's not limited just to the military budget, and it is simply not true to say that the military spending "dwarfs" the rest of the debt components. In fact, the truth is quite the opposite.

This has a nice visual breakdown of federal income and outlay: http://www.washingtonpost.com/...
Also, refer to the GAO's citizen's report for FY 2012: http://www.fms.treas.gov/fr/12... chart 3 is a nice pie chart representation of spending, please note that for FY 2012 HHS and SSA together ("entitlement spending") were 45% of the total federal budget, military spending was 21%, 30% if you include the VA.

Yes, we need to cut military spending and reduce our involvement in foreign conflicts, but that's just one part of the work that needs to be done. We need to reduce spending in all of these areas.

Just to escape from the politics for a moment, I actually ran into an interesting injection type attack against mongodb and php. The attack exploits the fact that php auto assigns certain variables to arrays, which when parsed my the mongo driver are interpreted as commands.

From here:

you can inject using something like:

I thought this was pretty cool, except for the fact that the project I was involved in was *riddled* with security holes as a result. The devs didn't believe that you could do a sql injection with mongodb until I started logging in with their users in the dev environment using the above trick.

Yes, it really would. At one point just about every major piece of technology and science we have today would have been considered supernatural/metaphysical. Given the abundance of anecdotal evidence of "parapsychological" effects, it is completely reasonable to perform controlled experiments in order to evaluate whether those effects can be reproduced. That is the very nature of science.

It is also completely reasonable and scientific to periodically continue to perform those experiments as our tools and understanding grow, and to continue to ensure that the earlier falsification was justified and correct.

String theory?

With the exception of Plex, that plays content locally. Www.plexapp.com

Alright. Looks like I need to drop the HTC Sense keyboard.. lol.

Chromecast is pretty great, but as it is merely an extension on the pc/mac within chrome all you can do is view a single tab of the browser, or use one of the services. I'm not concerned with broadcasting my entire desktop or laptop environment to my tbs, I just want access to all of my tvs, movies and music in he. With plex media server and plex apps, I now have easy, user friendly access to all my media on my tvs or other devices (cell, tablet, and my roommates can access my media content on their devices as well).

Thanks, but I'll stick to plex and chromecast