And then I realised we are nowhere near April 1. Maybe '10' is going back to year designations... Hang on that was 4 years ago. I can't help but to think that when they pull things like this (eg: 'ME') it is inevitably going to end in disaster, except this time they some actual competition from Google and Apple in the mobile space (which is on the verge of taking over the desktop)
On both Firefox and Chrome, the efforts to require permission to install an extension can be bypassed if the installer has local access to manually tell the config files that it has been 'approved' even when it has not, and this is quite prevalent.
Of course it's not going to affect technical folk who avoid installation of spyware to begin with, but this is a sensible security step for the masses.
Chrome/Chromium doesn't have extensions on Android so that platform is not applicable to this move.
Chromebook laptops can be unlocked and replaced with Chromium builds.
Chromium is open source so if you don't like it, fork you own copy and get whatever useless toolbars that install without permission that you want.
Currently, all mailing lists implementations break DMARC specs. At first glance it would appear that the Mailing List specs and the DMARC specs are incompatible with each other...
HOWEVER, There IS a way to be compliant with both specs.
The mailing list is just a transport agent of list messages right? Well it can also be the transport agent of how users' actual email addresses are handled, between their real email address and usernames that obfusicates their actual email address.
* User "Bob Smith" emails TESTLIST@DOMAIN.ORG
* Mailing List implementation on DOMAIN looks up "BOB.SMITH@YAHOO.COM" and determines his username to be "USER-ADF2S89T"
(more friendly usernames like "BOBSMITH-YAHOO" might also be possible if verified/allowed by the list owner, even "BOB.SMITH_AT_YAHOO.COM" could be his username if he has no intention of hiding his email address and is not scared of spam bots)
* Mailing List implementation on DOMAIN rewrites the message FROM and/or SENDER fields to "USER-ADF2S89T@MAILING-LIST-USERS.DOMAIN.ORG" instead of his actual email address
* A mail transport agent is set up on MAILING-LIST-USERS.DOMAIN.ORG to forward any messages that are sent to USER-ADF2S89T to BOB.SMITH@YAHOO.COM so the author/sender are still contactable.
This is compliant with the Mailing List specs because "USER-ADF2S89T@MAILING-LIST-USERS.DOMAIN.ORG" 'belongs' to John Smith (Just in the same way that JOHN.SMITH@YAHOO.COM 'belongs' to him too even though he doesn't own YAHOO.)
This will also have the following benefits:
- Actual email addresses are completely hidden from Spam Bots. This is huge. Mailing Lists are are huge source of email addresses that spam bots like to harvest.
(It may be possible to have a web interface or mailing list -request command to reveal the users' actual email address - using a CAPCHA if the requesting user is not trusted - so users can't hide behind their special address)
- List Managers might like the option for users to be able to update to their new their email address while keeping the same username(s).
(If users are representing their company, companies might like an option - maybe with the use of a TXT record on their domain - not to allow their users to do this so they can't keep 'representing' their company after they lose access to their company email address)
- This way DMARC can be freely implemented by everyone, including the mailing list server itself, so users can't spoof each other when posting to the mailing list, nor can they use their "USER-ADF2S89T@MAILING-LIST-USERS.DOMAIN.ORG" address to send mail 'FROM' this address.
And getting past the PIN? And how useful would an iPhone be without Wi-Fi/Cellular Internet connectivity?
You can't even restore the firmware without it verifying with Apple. Unless it is an old model that can be defeated offline, it would be more valuable for spare parts.
An AOSP phone without Google Play, let alone Amazon App Store or any other established Android App Store, sounds like a Niche phone for programmers/hackers.
I suspect that it is designed to succeed the legendary Maemo operating system & N900/N9 phones, than a serious attempt to build a future Operating System.
I expect that it will be highly prized among the hacker community, totally hacked to death with an onslaught of Linux-based operating systems including Ubuntu phone, Firefox OS, CyanagenMod, and Maemo itself. Maybe a few surprises with some left-field operating systems finding their way on there as well.
Just cover your head in tinfoil, hat shapes work best, and then they can take as many photos as they want but your brain waves remain safe
I doubt this was written by a lawyer. This might be an impediment to being picked up by a serious project because they can't take the risk that the WTFPL doesn't actually mean anything from a legal perspective.
Web Developers have learnt from the past, there will never be a supported code that will be dependant on a specific version again.
Cross-compatibility and Browser Independence is a main focus that hasn't been in the past. Most websites are not locked into a particular browser, so there are more options if things go pear-shaped in a particular browser. If for example Firefox drops XP support and there is a bug with the old version, the customer can change to Chrome until another solution is put in place.
IE6 was the exception, because it was too difficult in many codebases to update it for compatibility beyond IE6 in the short term, for time(=money) reasons. As soon as the codebases were updated (or the solution replaced) to work beyond IE6, IE6 was kicked right out the door. IE6 didn't stay king because so many people loved that browser so much that they didn't want to change, it was because they HAD to keep using it for some reason. It is not uncommon for companies still relying on IE6 to have Firefox installed for general web browsing and IE6 only for the specific app they need. You can bet your ass they have retirement plans on how to eventually get off IE6 (& now also XP) altogether.
Unsupported code (eg: unmaintained websites) that won't work with new versions - Yes that is inevitable.
Supported code - No.
If it is a supported codebase - The web developer's solution would be to update it to work with the new version, not make it work with the old. If that means that it will break compatibility with the old version, then so be it, it is industry practice not to support unsupported software.
It's worth pointing out that Mozilla & Google are not supporting XP - They are supporting their browsers. If there is a problem in XP, they are not going to help you with it.
MitM is a Politically bad idea, not technical. If the proxy servers in the middle have enough bandwidth and resources, the performance could theoretically even be an improvement. I most certainly agree (from a Political perspective) it is a dangerously slippery slope.
From a technical perspective, it doesn't make the internet (banking, shopping, etc or other https activity) any different because a government/ISP MitM filter is no different to a Malicious Hacker MitM attack, which is already feasible. Also, I maybe wrong about HTTPS, but I believe that the Private SSL key would need to be installed on the MitM server, otherwise the MitM server would need to use a different certificate - a red flag - than the real server.
I wouldn't be surprised if government spying agencies are doing their own MitM attacks already on a BGP level, and in the case of HTTPS websites, compromise any private SSL keys they need to do it without detection.
Technically speaking that is, not politically.
I remember reading about this on one of my ISPs' blog a while ago.
I am in a similar situation where I have a couple of Google Apps accounts that I ONLY use for work-related purposes. NOTHING ELSE. Never authorise anything to use them keep it all on my personal. Sure enough LinkedIn has slurped some contacts from sent items. I use different passwords for everything. I hardly have even used LinkedIn, much less with a work related email account open (I hardly open them). The ONLY way they could have stole it (That is the only thing running at the same time) would be a mobile app either from my Android or iOS device. I have these work accounts set up permanently on these devices and foolishly it seems loaded the LinkedIn app.
Funny enough ALL these email accounts have been getting spam lately from "Dr OZ" to their actual address, which is strange when I use disposable email addresses for EVERYTHING, including client contact. The only thing I use the actual address for is to log in and set up the mail client. These email addresses must have been slurped from a mobile app, not sure if it was LinkedIn or another app.
Well Yes and No.
No - I don't agree that the subject matter that has been actually leaked was right for governments to have done in the first place. eg: The deliberate killing of innocent civilians in Iraq. That is wrong.
Yes - I do agree that leaking information is harmful to government and beneficial to enemies, because the enemies can use what the government did wrong as a recruiting tool to gain support against them. With all the negativity against governments having all this data, I would say that it is working pretty well for the enemies of the government.
Note - Being an enemy of the government doesn't necessarily mean you have done anything wrong, it just mean that you don't agree with the governments actions. For example, the EFF is an enemy of the government, even though they are not doing anything wrong.
TL;DR - Governments should stop doing things wrong instead of hiding what they do wrong, because it is what they do in the first place that was leaked which is aiding the 'enemy' (anyone who disagrees with the government) recruit other people against the government (anyone who supports Leaking of coverups), rather than the act of leaking in itself.