What is the alternative, assuming you don't have the understanding and ability to verify it? Are you making your own? Good luck.

BS. "sensitive stuff" here is an encrypted blob. It does not live solely on Dropbox servers. A physical lockbox (your analogy, not mine) would be a single physical item. Leaving said item at some shady place means that, at the very least, they could destroy it. Physical locks are also much easier to bypass if you don't care about destroying the box, as opposed to brute forcing a well designed encryption scheme.

If you re-read my post, you'll see that i don't use those services.

You asked (in the post I replied to), "What if he doesn't trust the implementation of the encryption in the password manager?"
There's a long list of options that anyone should be able to easily discern if they are at the point they don't trust a particular implementation, and that was my point. What was wrong with all of the other options I supplied (which should have been obvious next steps)?

And the original post asked what we use. What do you use?

These "what if's" are getting a bit silly. I'm not saying he should trust that implementation, but if he has reason not to, I'd hope that he's also smart enough (or believes he is) to pick an encryption scheme he does trust. We're really just talking about how paranoid someone wants to get with passwords that will be used on a lot of hosts, many of which are problem secured weakly. IE. seems like you're trying to create a flow chart out of this thread :-)

* 1password +dropbox or similar stuff? - don't trust dropbox
* 1password + your own sync or backup? - don't trust 1password encryption
* clipperz + your own sync or backup (btw, clipperz is open source)? - not sure what you/he may not trust
* name-your-own-encryption + a text file? - maybe you don't trust your own network connected OS
* any of those, put inside a vm?
* any of those, put inside a vm using full disk encryption in the vm?
* ... with the vm files mounted via loopback encrypted again?
* any of those on separate hardware (Raspberry Pi, an old android phone, HDMI dongle PC, etc)? ... this list can keep getting longer and longer.

The orig question was "what do you use?", not "what should I use if I'm a paranoid schizophrenic that doesn't trust anything, especially the aliens that keep talking to me in my sleep?"

To answer the orig question: I use an encrypted text file. I occasionally check out some of the offerings out there like lastpass, keepass, clipperz, etc, and even recommend those to others, but my simple encrypted text file has served me well for a long long time, and it is by far the fastest interface there is (vim). There is a security risk with it - one could do memory scraping while it's open to read the buffers, or use a key logger to snag the password for the master key, etc; and there's portability issues - it's trivial for me to get access setup once I'm on a linux OS anywhere in the world, but I don't always have that on me, and that hasn't been a problem.

Ad-supported music is not a crappy source of revenue. Ad-supported internet streaming music IS a crappy source of revenue.

Every user you add, adds to the bandwidth, cpu, power, etc requirements for internet based streaming. There's also a very direct and easily tracked log of exactly how many streams to how many distinct devices were happening at the same time, and when.
The old radio broadcast reaches fewer people with one tower, but seems to be doing ok still, even with far fewer listeners these days. That *was* very big business.

IMO, the "fix" is to cut out the middle men, starting with the streaming services. With things like AWS (Amazon Web Services) and the like, there is no reason that a generic streaming software VM couldn't be used individually be all artists, with metadata pushed to distributed lists. IE. why do bands use myspace/facebook/etc for their pages?!?! I think it'll get there someday, but there's way too many people pushing to be middle men, all the while complaining about the middle men.

Wow, people are slow. Ban them from future flights on your airline if they violate policy.
That can be temperred in various ways: 3 strikes rule; time based ban (ex. banned for N months); pay a big fine to re-instate priviledges; etc.
It'd even be more flexible, and probably more effectiive, than this law.
BTW, how do you expect them to enforce this law? They'll probably just end up asking the person to stop using their phone, and nothing will be done about it... no different than if it were just their policy.

Are you fucking kidding me?!?

So we're all in agreement now that there is no technical reason to ban cell phone usage (ex. using data services during the entire flight is fine);
And you're fine with people talking, or kids screaming;
And you're simply more annoyed by phone calls because you can't listen in to the other side of the conversation as easily (as and aside, if they were on speaker phone, would you be ok with it?);
So you think it's perfectly fine to legislate away the (potentially) more annoying voice phone calls?

Don't get me wrong... if an airline wants to make it a company rule, or even a per-flight rule or per-ticket-class rule, that voice calls are not allowed on their flights, fine. I'd probably even look for and prefer those flights. But how does that justify a law?

Reminds me of smoking bans (which I am against), but at least they have some semblance of credibility in that the health of the staff is being protected. Otherwise, they're just as stupid. Bars were allowed to ban smoking in their establishments without the smoking ban law, and the market should have decided - you don't have to go to a bar; you don't have to go to a bar that allows smoking; there's a grey area for people working there (I don't think they have to work there, so the ban is wrong, but at least I can appreciate that argument). There's no legal justification for banning voice calls on planes while allowing text and data.

Completely agree.

Maybe if the difference you could save were significantly higher than $1, it may be more interesting. Ex. if you could do this on amtrack going cross country and swap along the way to save $100 on the trip, but it's just $1 on the daily commute. If you are that strapped for cash, you'd get a buck faster by just asking people for a dollar, or save more by just hopping the turnstyle (as phmadore points out below).

If they're going to talk arbitrage of these tickets, they should at least include senior discounts into the mix. Swapping with one of them would save you even more. How about city workers or college students (anyone with a heavy discount... I'm assuming they do that there, since they do it in other places)? They could even lease their cards on the days they don't use them, and that'd surely save more than $1.

Lastly, the price difference is silly. You want to encourage people to use mass transit, especially for long trips where they'd otherwise be driving into the city. Why charge them more!?!

IMO, there's also another glaring flaw in Johnson's premise that students gave better student evaluations of teachers who graded more leniently. There is a HUGE assumption there that the various teachers running the same classes were all equal in their quality of teaching. Why is it so difficult to believe that some teacher was able to reach and educate more of his students than someone else?

Statistically, I understand there should be some sort of even distribution, but the sample size (in number of teachers per course) is not large enough to be of statistical value.

One year, I had an art history teacher whose class was at 7:30am, in a dark lecture room, with a dim projector on the whole time, and spoke through an ancient 3" amplified speaker with an voice that was already monotone and droned on and on and on. I got a D-. The next year, I did more research on the available teachers, and found the one that engaged the most and who had more people getting higher grades. He was fun, taught in a well lit class in mid-day, involved us in projects to learn (ex.create an interactive presentation of some artist with a group of other students for homework, as opposed to filling in the blanks on a test in a dim room with projected images), and I got an A+, go figure.

I'll admit his tests were slightly easier (fewer exact date type questions (what year was this created, versus during what time period), multiple choice on name questions, rather than having to fill it in spelled perfectly, etc), but I also learned a LOT more, and neither graded on a curve.

I also take some offense to applying various curves or rankings etc to students. Given a class of 30 people, it's almost guaranteed that you'll have some years where half the class are "A" students, and some years where there's hardly a one, and that's assuming that the teaching and material are equal.

Overall, I'd agree that there is grade inflation. Jacking with the grades isn't going to fix all the underlying problems, and it will create other problems. He notes that one of the most likely reasons are student evaluations - so untie those from teacher review (instead, to review a teacher, do so as one should for reviewing any employee... go watch them while they're actually working, and only use the reported figures to identify people that should be reviewed first or may need help).

AFAICT, their "API" is just HTML, CSS, and Javascript.
RTFArticle (I know it's unheard of): https://forums.plex.tv/index.p...

They had replied:

The only part of that section that vaguely relates to their comment is 2.4(iv):

Perhaps the reviewer does not have a good grasp of the english language. That does not say, "Application may only use Panasonic APIs for every line of code they write". That agreement just says that they can't use those API's for uses other than this platform - like using the same API to talk to a Samsung TV (which probably isn't possible, since its their own API).

Seems like he's honestly trying to do a good thing that will be used by at least some other people. What's the point of an IPTV is you can't use it for the services you need - you'd still need some other box then, so the IPTV part is redundant then. That said, IF (big IF) the jQuery is the only problem, then it shouldn't be hard to rewrite it.

Inline it (jQuery).
When they ask how it communicates, tell them how, not what functions/callbacks you use in your code.
Ex. The server communicates using the standard Plex web API (or whatever it's called), documented _here_. The RCP calls are made using the standard XMLHttpRequest, with wrappers to ensure compatibility with the evolving web browser landscape. yada yada yada.

I'm sure it's a PITA, but I get the feeling the submitter said too much - explaining how jQuery internals work is going to seem like an over complicated nightmare. If they specifically ask about that weird looking "$.ajax" stuff, just tell them it is a simple wrapper that compensates for the subtle differences in XMLHttpRequest implementations. If the code finally gets to someone that can read it, they'll probably be quite familiar with jQuery and quite happy you are using it than some custom cobbled together hack :-)

I can't if you're being sarcastic. I hope so.

If your version of net neutrality says they can prioritize traffic that they feel their customers need more than others (ie. SMTP over torrent), you are giving them free reign to say, "we feel the most important traffic is this proprietary protocol XYZ that we just came up with and which we use exclusively, which delivers streaming video from our servers and select partners. And the least important traffic is Netflix."

The point of net neutrality *should* be, IMO, something akin to a common carrier status - they're all zero's and one's, and they are not allowed to differentiate or prioritize any of those on any given link. They can simply route them through china and around the world and back, or shove everything to/from 69.53.0.0/16 though a single T1 to MAE-EAST (though that does hit on a slipery-slope grey area).

That may be what it's supposed to say, but there's a lot more to what's in the bill. It's also impossible to implement such a broad definition as you are providing (there are different routes over different connections whose travels take very different distances and paths). I agree with the intent of what you're saying, but it's the details that make much of this moot.

Doesn't matter though, because that doesn't apply to the example. He's comparing traffic patterns of two different customers using different on premise equipment with entirely different plans (consumer versus business class).

Expanding on this... the post summary says he tested from both a verizon customer connection, and from a business class connection, and that both took the same path (eg. traceroute). In that scenario, the transit ilnks are the same (minor assumptions needed here), but that doesn't mean the link to the user is the same (the last mile) or the links from the local hub to verizon. Over subscribing home user cable, dsl, and dial up has been common practice for ages - that's not going away.

A couple more points:

1. The example has nothing to do with net nutrality. Net nutrality means that your connection to {some service / ex. Netflix} is not rate limited in preference to paths to {some other service / ex. Hulu or ISP's own service} from your same connection.

2. The source matters here. You can't compare service levels between different offerings. If you have dial up, and your friend has value level DSL (0.5 - 1 Mbps down / 384 Kbps up), and another guy has the fastest consumer DSL (7.1 - 15 Mbps down / 768 Kbps up), and another guy has FiOS (really fast), and your office has a T3/DS3 (symetric 45 Mbps), you can't complain about "Net Nutrality" when one is slower than the other.

A better example test would be two services running on Amazon cloud (or two services in any given colo), where both should be able to achieve the same speeds, and can be tested to do so from a tertiary point (another ISP), but when using your connection you notice a substantial difference in performance to those two services - meaning one is getting preferential treatment.

There may be cases where the net nutrality flag can be thrown and the remote services could be on completely different networks, but that gets far more difficult to prove through testing. Any point along the separate paths could be a problem; they could have different peering agreements and varying connections to exchange points; the services themselves could preform very differently and have substantially different infrastructure; etc etc etc.

In the end, the post is saying that a business class connection is getting better service. I'm shocked and appalled! NO SHIT!

The tool is scary and all, but none of your points apply to this tool or why it is bad.

All your points are making assumptions based on the interpretation of the data.

For example, the amount of talking done in a meeting... I would be looking at the extremes as cases to investigate further - both the guy that drones on the entire meeting and has difficulty making his point, and the guy that didn't make a peep (or just said "OK" a couple times). The same could be done by actually sitting in on the meeting, or virtually sitting in (conferenced in), or close to it by reviewing meeting minutes. The data *could* be used in a good way to help identify the meeting groups that do need assistance more than others.

Same goes for talking to others. Some of that is good. Zero is bad (and note, introverts have no problem chatting with others; it is a numbers thing - they'd rather talk to one person at a time than a group). And they guy that does nothing about wander around talking to people all day and hiding in others offices is bad too (most likely)... at the very least, it raises some red flags that would be just as easily seen by directly involved management, and would (theoretically) allow fewer managers to effectively manage more employees - which in my mind, would be a good thing (the fewer managers in the world, the better, so long as things are still running smooth).

With the sheer volume of data these things would create in even a mid-sized office, the data is only going to be good at identifying edge cases. Doesn't seem too bad to me. That said, the risk for abuse is awful. Using data from these as a means to fire someone is very ugly. Managing purely by numbers is awful. But, AFAICT, this tool doesn't force that.

Pan handlers have long since known this is NOT true. You leave some in the cup so it looks like other people felt comfortable enough to donate, but not so much that people think you have more than enough already. On the scale of Linus, leaving a couple hundred bucks in there seems about right.

I wouldn't be so quick to judge the price point. There are a lot of features that, if done right, would not only make it worth it, but would make it something that doesn't exist today... and something I really really want.

One of the features that all the current streaming boxes/sticks are missing is a dedicated control interface, separate from the TV itself.
I'm know I'm in a very small minority here - my primary TV is a projector. If I want to turn on some tunes, I don't want to have my 100" display fired up wasting bulb life, lots of power, and displaying nothing of real value. My phone, while home, is usually in the kitchen charging; My computer is locked when not using it; My laptop is put usually put away... using one of those to manage a media device is awkward and inconvenient (at least as its primary means of management).

Same thing goes for TV/movies... If I just want to see what's on, I don't want to fire up everything. If there was just a little screen next to the TV, or on the entertainment stand, or on the end table, etc.. then I could use that while other stuff is or isn't running. For example, even when the projector is on, it's usually doing something already - watching a show or movie - so I don't want to switch inputs to something else just to look around for something to stream.

Speaking of streaming... why are almost all of the current devices so horribly limited? Many don't allow you to stream from other devices on your own home network. If they do, they usually require DLNA, and only DLNA. Why can't they support CIFS/SMB/NFS/etc? For example, the PS3 has WAY more than enough horsepower to be a simple mp3 jukebox, but the interface is absolute garbage for any collection more than a handful of cd's. Amazon could EASILY fix this (as could just about anyone... but if they did it right, it'd certainly make their product a LOT more valuable in my eyes).

Now add in games... who's to say this thing won't have some real guts behind it? A high end video card and some nice controllers, and they'd be able to stage themselves for some serious titles. Speaking of controllers... the current consoles only ship with ONE, and adding a new one is another $50-$60. They could break that mold as well. They could also allow any android or iphone device to act as a controller (for most titles at least), which is something no one else is doing (as far as I'm aware).

And then there's all the other comments that have been posted - Amazon has music and video content and distribution already, and a giant network and more servers at their disposal than any other console maker, and those new VM's targeted at exposing graphics... there's plenty there to offer, and a solid foundation to plug into.

Point is, there's plenty that could make this worth the price tag. It's all speculation until some real information comes out. My guts says this leak is just testing the waters. This will probably be used more as a threat to the existing consoles (ie. open up your console to us, or we'll make our own) than something they'll actually produce... but if they actually make something, I expect it to have a mix of features that don't exist right now (outside of build it yourself).