This situation is what Facebook is for.

Make a bunch of links in the site, state, "Click for daily specials" and link to Facebook.

And, for you whankers that are going to claim "I don't use Facebook", a business can make it so the profile is completely public so no account is needed.

In other words; "Don't let the perfect be the enemy of good."

Likewise, it's easy for one industry in a country to be ahead of the same industry in the US.

Cell phone usage was faster in places that had NO PHONES before that. Beating out the US.

Tiny little compact places full of small people in tiny apartments got fiber optic sooner than the gigantic US with lots of space between places that would be hooked up, and competing options for TV and data.

Little twisty road countries with no hills and only 40 KM between major cities and their entire border have better ratios of people biking to work, beating out the gigantic and spread out not to mention hilly in many places US.

Finding one little piss ass country that has something better when one is cherry picking for something better is easy, unsurprising and boring. Find a country that has almost all of the stuff in the US has, and does _ALL_ of it better and I'll be impressed.

Malware is the primary reason why I have aggressive ad blocking strategies.

I don't see ads on the internet.

If I never had to clean up some poor sap's computer of malware caused by ads, I wouldn't care about ads. I have the bandwidth to handle it. I just don't want my shit infected.

That part in bold is irrelevant.

Often these are a distraction to get the manpower (management in a tizzy, IT busy) doing lots of stuff while they break in somewhere else. Customer accounts are not the target. The infrastructure NOT under attack at the time IS.

It also could be as simple as "no particular reason" sometimes it is random boredom. They chose this target because they thought the logo looked stupid, or they figured they could actually accomplish something over larger perhaps "more deserving" banks.

The great unwashed masses fucking EXPECT them to render in exactly the same way.

That's why.

'But it looks different at home .... blah blah blah"

If that quote above, didn't give you fits of anger, you haven't done enough web development and need to shut up on the subject you don't know anything about.

It will be 911 times 2356?

Google has already fucked with the icon in the address bar.

They have started to reject certain encryption protocols and now state "no public audit records available" for quite a number of domains and certificates. These changes went out a couple weeks ago.

So the "but they didn't start fucking with it yet!" comment is not valid. They'll request feedback and then do what they are already planning to do anyway.

Harder for whom?

I am going to bet, that the big players in the data collection game already have a way to sniff traffic in SSL mode because they stole the root keys, certificates, intermediates, and even your certificate a long time ago.

Do you really think Network Solutions or GoDaddy are going to fight off the NSA or Mosad? (if they even _wanted_to?)

They are most certainly going to far.

Last week, with the latest update of Chrome, they started putting a yellow warning triangle on any cert with SHA1 encryption. While SHA1 should be avoided, they are issuing what is basically a big "FUCK YOU" type warning. There were a number of CAs that didn't provide an option for anything else up until last year, so basically Google is forcing site owners to pony up for a new cert ahead of cycle, or do the paperwork to re-issue a cert and then re deploy it.

Likewise, Chrome is now bitching about lack of "public audit records" that have barely begun to be deployed with CAs, Let alone something that every certificate and domain have yet.

The changes mentioned in the article are not the first attempt at screwing with the function of the symbols in the address bar.

That little lock is one of the FEW things that end users have properly picked up on as part of security, now Google is undermining that. Instead of getting certs to "their standards" (who the fuck voted them boss on this?) they are going to end up teaching users what happens up there doesn't matter.

For a long time, people feared the Internet turned into something only the sanctioned big players could play in, assuming it would be media producers, TV networks, large telcos and internet providers.

Instead, we have Google doing it. If they succeed, the "little guy web site" is going to disappear from the internet.

My response is going to be "Chrome doesn't work right anymore, switch to Internet Explorer" Not going to bother complying to a standard that is unreasonable and unwanted at this time. Sure, in the FUTURE, however rushing shit through in a few months is pant-on-head retarded and extremely arrogant at the same time.

Link?

In IE 6.0, you can enable TLS 1.0. It is not on by default.

It is deep in the "Internet Settings" in "Security". Scroll down the list and find where it mentions TLS.

IE 6.0 does not do TLS 1.1 or later, so when TLS 1.0 gets shut off, you are done with it.

I believe RC4 is only in SSL 3.0 so that being on or off doesn't matter.

PS, most sites already have 3.0 off, so you may be in the clear already.

For someone asserting they know all kinds of "unknoiwn" details, you sure are behind.

The description above is called a "Constant Velocity Transmission" and both Nissan (recently) and Subaru (since the 70's) have these. Subaru has had MOST of their new non-performance car fleet use CVTs for the last three years. Nisssan's CVT uses a "pusher" belt made of stacked plates connected by a chain. Subaru, a regular chain.

This is not "specialists" parts anymore. This is just a different type of automatic transmission.

True, "going back to the old" works sometimes, often that is because materials and engineering concepts have advanced far enough to actually make the stuff work now. That doesn't mean tinkering with, or taking another try at these old methods isn't worthwhile.