Actually it just proves how valuable people think he is. Look at the rest of our society. We allow all kinds of people who are of some particular talent: athletics, musicians, actors, politicians, certain academics, and others get away with things the rest of us would surely be fired over and quite possibly prosecuted and imprisoned.

I am not say its a good thing, but our society in general allows individuals who attain a certain celebrity status a degree of entitled behavior and allowances are made when they break the 'rules' the rest of us live by. The more actual talent and the less 'replaceable' they are the more outrageous we let them behave. Some of them over step and hilarity ensues and others remain decent people and don't take advantage of their position at all.

Linus however is no different in this regard. He does it because he CAN get away with it. The rest of us ARE WILLING to put up with it; that has been proven over and over again. He knows how far he can go and does not go farther.

I agree the major distributions have botched almost all of those. Can you site any MAJOR bugs in release ( ie even numbered minor version kernels without -rc etc on the end of them) that issues?

I can't recall any. Like any large complex software project Linux has had its share of bugs but I have been using it in various capacities for 15 years and I can't recall anything in a non-development release that made me go "Good God how did that get past QA".

It seems that a lot of internet companies make their money from adds. If this buisness model was so bad it would have stopped decades ago.

So how do you propose web sites to be funded. People don't like a pay wall, ISP will not pay you for their customers visit. If your site doesn't meet the need for the greater common good then you probably won't have the government or some other large grant funding you. However you have costs to pay for. The add model is the best we can get unless you know of some superior buisness model.

The 'you can skip in 5 seconds' ads amaze me. Presumably the people using them know that they have 5 valuable seconds that everyone can see, yet they uniformly squander them. I've almost never seen an ad that tells me anything interesting in the first 5 seconds, which isn't that surprising, but it's really surprising to me that most don't even tell me what the product is. Several that I've seen use the first 4 seconds to fade from black, then get 1 second of something incomprehensible before I hit skip.

Every time you upload a file, you generate a random symmetric key. You encrypt the file with this key and the key with your public key. If you want to download the file, you get the file and the encrypted key and then you decrypt the key with your private key and then decrypt the file. When you create the account, you upload your public key.

When you want to share a file with everyone, with no access control, you download the encrypted key, decrypt it, and provide it to the server. The server can then decrypt the file.

When you want to share a file with a limited set of users, you download each of their public keys (which you can cache in the client) and the encrypted symmetric key, decrypt the key, and then encrypt it once for each user. They will then only be able to access it with their client.

I'm not sure who you're 'we' as in 'internet community' is. We do have standards and off-the-shelf libraries for everything required to implement this and others have done so in the past (one of my colleagues during her PhD did back around 2006, to give one example, others have implemented more complex and flexible schemes more recently). Note that this is the simple textbook scheme for doing this kind of system. It's been implemented before and doubtless will be again. If you check the research literature then you'll find more interesting schemes.

The only problem is if you want to be able to access it from the browser, without some kind of plugin (Google actually does compile OpenSSL with Emscripten to do ASN.1 parsing, but I wouldn't recommend using it for encryption).

Right the entire conflict is evil and it needs to end, but for it to end the West needs to quit meddling and and the various Palestinian groups need to accept reality.

Its not the Wests fault for creating Israel. Sure we did but all throughout history wars have been fought and lines on maps have been redrawing various peoples have been pushed out of one spot or another by other groups. There has to be some statue of limitations on these things. 70 years on I think we need to acknowledge we are no-long responsible for the security of Israel ( that needs to on them now ) and we don't owe the children of the displaced Palestinian peoples anything either. Which leaves the situation like this:

Israel faces and existential problem. They can't appease the Palestinians without abandonment of the fundamental character of their nation. Nobody can reasonably expect a people to do that.

Hamas has and does advocate and conduct violence against Israel, the can and do hide weapons among their civilian population they have and will use their tunnels or any relaxed restrictions on the embargo to transport weapons or materials from which weapons can be made into Gaza.

The Palestinians face an existential problem, They can't make peace with Israel without surrendering what they believe to be their homeland; nor can they accept the status quo as a settlement neither of the current Palestinian territories is economically viable on its own. They cannot feed the people they have with their own production they cannot produce enough of anything else of value to purchase food, their existence is dependent on charity. They could not do this with open boarders either.

Nobody can expect the Palestinians to lie down and accept that.

Because the threats they face on their boarders Israel can't accept much movement where lines on the map are concerned and remain defense able. Its a fundamental impasse.

----
So every couple years we have these little dust-ups and thousands die and more end up suffering. Then some arrogant fools arrange another ceasefire thinking its humanitarian. Next various groups again in the name of humanitarianism provide food and energy to Palestine, which leads to another generation born into a community which cannot support them and life of no real opportunities or hope. Finally we repeat the bloodshed. Its stupid more people have died badly than if we just backed off and let Israel, the Palestinian groups, and the other local nations states just slug it out and finish things once and for all.

Frankly we should have recognized the coup that took place in Egypt and cut off the foreign aid and imposed an travel ban. If we had let Egypt collapse into a failed state (and it would without tourism and aide monies) it would give the Palestinian refuges some place to go or force Israel to fight a war that actually resolves the matter once and for necessitated by no longer having Egypt's assistance to keep arms out of Palestine. Maybe over a few decades a new stable system could emerge;

Rght now its just an endless cycle of violence and we are its enablers. I really believe the most humanitarian thing we could do is just resolve the get out of the conflict and stay out of the conflict no matter what.

Even with a tunneled VPN there is a lot of traffic shaping they could do that probably would not interfere with most online commerce and business users activities.

Web browsing is very busty. You simply allow full bandwidth when connections start. Then you count packets per second and packet sizes, which you can do encrypted or not. Unless deliberate steps to introduce noise are taken media streams are going to be characterized by relatively fixed size packets are fixed rates. Connections for things webpage loads or form posts and Outlook syncs probably will be in most cases to short lived for your analysis phase to complete and won't be affected at all.

Bigger file transfers (assuming you don't want to throttle them too) will in most cases show more variation in packets per second as network conditions change, because in most cases they running as fast as things will allow, wherever the bottle neck might be, unlike streams which are hopefully running at a negotiated rate that is fully sustainable.

Ooh. We'll have a look. Thanks!

Hi @dotdancohen, We're using Matias Quiet Click switches. We're definitely aware that different folks have different preferences and assuming we can make the numbers and logistics go, we hope to offer several other Matias Alps options including their louder variant.

The ÂTron isn't for sale. (Nor is the Fingerworks or any of the other weirder stuff.)

I'd love to hear/read more about the leather keycaps.

And yep, I've actually been documenting my prototypes on GH :)

Yep. It's not for everybody. This is the first thing we're making. If it goes well enough, we'll definitely be looking at a 'traditional' layout option.

Bamboo is certainly on the list of wood-like things we're considering.

We're not planning to make them PS/2 compatible out of the box, but we'd love firmware patches. (and or design help) to make them so. If you can do it with an Arduino Leonardo, you'll be able to do it with one of our Keyboards

Right because there is no way a little traffic analysis can't tell the difference between some typical GET and POST request sent on an SSL channel and video stream. /sarcasm off

It might be slightly harder to tell the difference between a video stream and a large file download but by no means impossible. You can do this much with (relatively) inexpensive COTS routing and fire-walling equipment now.

Nope just SSL or just tunneled ipsec for that matter won't cut it; you going to have to put some traffic analysis thwarting measures in there too, which means even more waste than the tunnel overhead. So ultimately VZ is making things worse for themselves in terms of network traffic, unless they are only going to allow busty stuff like webpage downloads.

Still even the typical slashdot'ers home setup is very much on the losing end of the arms race as things stand today. The only reason VPN success is VZ isn't really trying that hard.

No, you'd have the key. If you wanted to share the file publicly, then there's no point in keeping it encrypted, so you'd provide the server with the key and it would decrypt, saving you the cost of downloading and reencrypting.

The client just needs one key, the RSA (or equivalent) public key. You'd need to copy this between devices, but it's relatively small (under 1KB). It's small enough to fit in a version 40 QR code quite easily, so you could set up mobile devices by displaying the QR code on your laptop screen and point the mobile device's camera at it, if you don't have any sensible way of transferring files between devices. The client then has to download the file and the associated key, decrypt the key with the locally-stored key, and then decrypt the file, but that's not something that's exposed to the user.

This bill actually does very little. The DMCA is written very broadly, and has been commonly interpreted as to prohibit cell phone unlocking. Because Congress, in the 90s, when they enacted the stupid thing, was aware that the DMCA could go too far, but didn't want to be cautious or have to keep reexamining the law itself, they gave authority to the Library of Congress to add exceptions to it in specific cases. The process for these exceptions is that every three years, anyone who wants an exception has to plead their case. If found worthy, they get an exception. But the exception only lasts until the next rule making session, three years hence. Then it has to be reargued from scratch or lost.

Two rule making sessions ago, the Library of Congress found that cellphone unlocking was worthy of an exception. But in the most recent rule making session, they did not find it worthy, and the exception was lost; it went back to its default state of being illegal.

This law could have amended the DMCA to permanently allow cellphone unlocking. Or it could've directed the Library of Congress to always find that cellphone unlocking is allowed. But it does neither of these.

Instead it only reinstates the rule from two sessions ago for the remainder of the current session. Next year it will have to be argued again, from scratch, to the Library of Congress, or lost, again. And even if argued, it can be rejected, again.

This is less than useless. It's only a temporary patch, it doesn't even have an iota of long term effect (the rules don't take precedent into account, and this doesn't change it), and we've wasted all this effort getting it instead of something worthwhile.