Because of silly copyright that is why.
Because of silly copyright that is why.
Supposedly Chromebooks are starting to win over Windows on laptop-like devices:
"Yes, you read it right, Chromebooks have overtaken sales of Windows notebooks. "
This why the Internet Of Things people keep talking about is going to be so awesome !
Lot's of products are failing and it's going to get a whole lot worse soon:
They were already warned about the problems in 2011, there was a talk at Usenix conference about it:
They did say: business models are a problem.
So maybe that's the cause.
And a lot of less failure tollerant, because when you start adding all kind of extra features you need lots more and more locking. And more locking makes it much more brittle.
I think the author should just try using Fuse.
Bruce Scheier said it best:
Metadata Equals Surveillance
Maybe because I'm so aware of what is possible I've kind of given up ?
Anyway, the most likely use case for the DNS-lookup/TCP-connect and tracking would be webmail, a lot of webmail I know doesn't even have real links. They use redirects.
I already know what is possible and there is nothing you can do to prevent tracking or fingerprinting if all users don't use Tor and the same browser without any plugins and lots of features disabled in the browser.
So while I agree tracking is bad and I think we should do something about it, getting rid of it completely is going to impossible.
but what people forget is that *adobe already succeeded*.
While bandwidth has gotten better, latency has actually gotten worse:
This makes it hard to make good working protocol which is trying to use the maximum bandwidth. Even just TCP isn't working as it's supposed to most of the time.
Your browser probably includes a WebRTC support, or soon will. And that means support for Opus, it's a state of the art free and open audio codec:
Yes, video still needs to improve and prioritizing audio still needs to be done too. This all takes time, Adobe started on this problem a long time ago.
Give it time.
Apache and Varnish for example won't log it, because they only logs HTTP-requests.
nginx logs it like this by default though:
IP-address - - [timestamp] "-" 400 0 "-" "-" 0.000 - - (8000 4000 10 14480) - -
But it's very normal to have such logentries in a nginx log, so I doubt anybody will look for them.
haproxy could end up logging it as well, depending on the type of settings. But usually it will be set up the proxy HTTP requests for HTTP (port 80) or HTTPS (port 443), not TCP-connections. So similar to Apache and Varnish. The default is to log nothing.
Well, the people that build the Internet Protocols agree with you:
"Newly designed protocols should prefer encryption to cleartext operation. There may be exceptions to this default, but it is important to recognize that protocols do not operate in isolation. Information leaked by one protocol can be made part of a more substantial body of information by cross-correlation of traffic observation. There are protocols which may as a result require encryption on the Internet even when it would not be a requirement for that protocol operating in isolation.
We recommend that encryption be deployed throughout the protocol stack since there is not a single place within the stack where all kinds of communication can be protected.
The IAB urges protocol designers to design for confidential operation by default. We strongly encourage developers to include encryption in their implementations, and to make them encrypted by default. We similarly encourage network and service operators to deploy encryption where it is not yet deployed, and we urge firewall policy administrators to permit encrypted traffic."
W3C also had a similar statement I can't seem to find right now.
W3C for example is developing policy certain features will only be available when the website uses HTTPS:
Or you want attackers to inject extra code in a webpage where you enable your webcam ? I would think not.
They were hacking cars in 2011 through the infotainment system by just inserting a CD in the drive.
See the Usenix talk:
Nothing has changed, they are still worthless at building secure systems.
In the talk they said: it's the wrong business model.
No large car company builds their own systems, they just buy parts from other vendors as cheap as they can.
To bad that it's misleading.
It doesn't send any requests. It just opens a connection.
Which means it will do a DNS-lookup, open a TCP-connections and maybe set up a SSL/TLS-connection.
There are no HTTP-requests being send.
But you are Americans and you keep doing those things.
They were already allowed these freedoms.
Travel/transport was just very unreliable.
If you think the exchange protocols are better, why not use OpenChange ?:
Do you suffer painful elimination? -- Don Knuth, "Structured Programming with Gotos"