Michigan Amish also have TV sets and Dish TV. I see the dishes cleverly mounted to try and hide them.... The amish are not as pure as they want you to believe.
The arguments I'm used to hearing go something like "but it's obviously unethical, they should just responsibly report and disclose vulnerabilities they find". But this is a total crap argument. The options Exodus has aren't "sell to governments" or "responsibly disclose for little to no fee". The options are "sell to governments" or "go out of business". So maybe someone will say "fine, they should go out of business, then we will all obviously be safer!".
But, well, it's not really clear that's the case. If Exodus (or Vupen, or whomever) quit, it's not like suddenly the government would stop looking for exploits. And if the US government did, it's not like China or Russia would. And if they did, it's not like criminal organizations would stop. You aren't going to stop vulnerabilities from happening or being sold. Game theoretically, it seems like the right choice is to keep the US government snatching up what vulnerabilities it can to keep in its back pocket for espionage. Not doing so would be a huge blow to US intelligence agencies, when every other major government out there is working on the same capabilities.
So what you're saying is that what Exodus is doing is unethical, but criminals would do the same thing anyway, so we might as well ignore Exodus' unethical behavior because they're on "our side?"
Fuck that, and fuck you!
Doesn't that put them dangerously close to criminal like the guys that sell zero days to the Russian mob?
I'm thinking yes but it will be ignored because their customers include bad guys within the U.S. government.
Us schmoes with our mortgages are under iron clad obligations to pay down to the last penny.
On the contrary: this is why debtor's prisons were abolished in favor of bankruptcy laws. The elites realized that it's more efficient to keep the schmoes working instead of locking them up when they (inevitably!) default.
Instead of announcing they will stop processing on saturday to increase profits. they would have announce it as, "here at netflix we love our employees so starting now we will be giving all of them saturdays off. It's because netflix is an honest company that loves it's employees."
We all know it's as far from the truth as possible, but it's all fluffy and feely that makes people smile..
Or those that wants to watch a movie that is not on the streaming side. well over 50% of what I want to watch is not on netflix streaming OR hulu plus.
In the case of TOR, the site already knows you're accessing from a TOR exit node. At that point, making your browser indistinguishable from every other instance of the TOR Browser is probably good enough.
Plus, you can install Ubuntu on your Chromebook and have the [best|worst] of both worlds!
Thanks for the insult. It hardly stung.
Unless you worked at Netscape in the mid-1990s, no insult was intended.
All I meant is that by the very early 1990s, we (and by "we" I mean people smarter than me; I was clueless at the time) had a pretty good idea that CAs wouldn't work well outside of real power hierarchies (e.g. corporate intranets). But then a few years later the web browser people came along and adopted X.509's crap, blowing off the more recent PKI improvements, in spite of the fact that it looked like it wouldn't work well for situations like the WWW.
Unsurprisingly, it didn't work well. Organizing certificate trust differently than how real people handle trust, 1) allows bad CAs to do real damage, and 2) undermines peoples' confidence in the system.
A very nice way of saying this, is that in hindsight, the predicted problems are turning out to be more important than we thought most people would care about.
Keeping the same organization but with new faceless unaccountable trust-em-completely-or-not-at-all root CAs won't fix the problem. Having "root CAs" is the problem, and PRZ solved it, over 20 years ago.
I expect you to start the project shortly.
It's a little late to start, but I do happen to still be running an awful lot of applications (web browser being the most important one) which aren't using it yet.
The rent is too damned high!
The proper conclusion is that SOME combination of rampant surveillance by the government, totalitarianism, socialism, and poverty in East Germany lead to a greater willingness to lie and cheat. They have not even attempted to control for the confounding factors sufficiently to pin it on socialism.
Honestly, were I to make a guess, I would rank socialism as the least likely among those conditions to be the actual cause of the measured difference. I would place the fact that the Stasi employed a full third of the population to tattle on the other two thirds near the top of the list. Why not lie to someone who is 33% likely to report you to the authorities if you tell the truth?
If they really want to draw a solid conclusion, they need to compare with other populations as well.
There are those who say you need to use RequestPolicy and Ghostery and AdBlock and NoScript (and some other stuff, like a cookie blocker) to catch everything....