Pardon? Dell is installing Firefox on a customer's machine before shipping it to them. How is that any different from my installing it on a customer's machine *after* it's shipped to them? What if the customer ships their machine to me, I install Firefox, and then ship it back?
I don't see how they can legally install it on a user's PC in a way that bypasses the user accepting the license agreement. The user must be given a chance to reject it.
They also cannot make the offer of Firefox be contingent on a sale.
"My teenage brain wasn't wired for going home and learning things I spent all day learning."
No teenage brain is.
People are different - even teenagers.
I used to look forward to school starting, because I got glorious new maths, physics and chemistry books. I spent the first couple of weeks going through all the exercises and tests at home, and then was bored out of my mind for the rest of the school year. Sometimes I stole my three year older brother's assignments, so I could have fun solving problems.
Some of us buy our salt based on how it taste. I probably have 5-6 different salts in the kitchen, and they taste different because of the part that isn't NaCl.
I don't want a pure salt. I want a contaminated one that has the right contaminants in the right amount for it to taste good.
That said, I've started to hate Whole Foods and Fresh Market. Especially in Fresh Market, nothing is fresh. Their bread and candy is so stale it's ridiculous, and their vegetables were harvested while so unripe that they could survive the weeks of transit and storage before they hit the store.
Luckily, I have a nearby grocery store that actually sells fresh products. Eggs and vegetables from local farms, and even milk without vitamin D (which is added because it prolongs shelf life - don't believe the hype about it being good for you - it's only good for you if you don't get enough through other means. If so, take a pill and drink fresh unadulterated milk - it tastes so different it's astonishing that people accept the Vit-D contaminated stuff).
The only thing I can't get fresh anywhere here in the US is bread and bakery products. People here have been so thoroughly indoctrinated that they think 2 days old bead is fresh, and that lemon "custard" and frosting (shelf life of weeks) are good substitutes for egg custard and real cream (shelf life of hours).
Did you choose not to read the whole statement that you quoted and just pick out the piece you wanted?
Oh, I read it. It just wasn't worth a comment.
I get it, it's hard to believe your own government has become corrupt. The truth is that we have become very corrupt, and until we have open investigations and trials we won't know the extent of corruption.
What would that solve? The investigations and trials would be done by the very same government, who would control what would get into the open. You'd need open investigations and trials to ensure that the investigations and trials were really "open", and then open investigations and trials to ensure...
What might solve the problem rhymes with evolution.
In this case, I doubt it -- the TLA can et the DNS history directly from your ISP.
Sure they can, - if you and your ISP are in the US.
But even so, it means they would have to target you and the ISP first. And unfortunately, it looks like our finest no longer bother to only collect data on suspects, with reasonable suspicion as justification, but instead cast nets and see what they can drag up.
So when they see that aa.darko.de hosted an islamist FPS, they hash aa.darko.de and get 98af902dda8088d7204251fe2ff6d7fc, and then search the collected Steam DNS logs for this DNS hash. Those that match are then further targeted.
A couple of years ago, one would think this to be far fetched. After what's been disclosed since then, I think we should expect things like this to happen.
All in the name of public safety, of course. Don't you feel better already?
You see, when they're sending hashes back, they're collecting a history on each user that they can then store for as long as they feel like. They know which suspect site you've visited (after all, THEY hashed the domain in the first place; they know what it is), and the system can be easily abused.
It probably already is.
How much would you bet that there isn't a copy of the DNS history going to a three letter agency, and Steam not being allowed to disclose this?
They explain that these are non-www servers, so you can't visit them.
You don't have to visit them. Doing a name resolution query willl put them on the list, whether there's anything to visit or not.
Did you know that antivirus software, for example, may do a name resolution query on the hosts and IP addresses listed in the Received headers in an e-mail? That puts entries in your DNS cache, without you visiting anything. How about web boards that allow embedded images? A user can put [IMG]http://some.malicious.site/[/IMG] in a post, and there does not have to be a web server on that address for your browser to look up the address, and the OS cache it.
There are so many ways that your DNS cache can be full of entries that you have no control over, that it should never be used for evidence of anything. And what Steam does here is using it as secondary evidence.
Never mind that Windows should never allow unprivileged processes to display the complete DNS cache in the first place.
Also, the people that identify themselves as "Tea Party" types are NOT all racists.
True, in the same way as not all snakes with a rattling tail are venomous rattlesnakes.
Reading the parent post again, he might be deluded into thinking this is about sending the client's DNS request to a proxy server. That's obviously not what we're talking about.
The point of using a proxy server here is to avoid having the client contact any DNS servers, no matter what the method is. When the OS doesn't know what hosts you contact, the OS can't log it.
Some proxies can function this way. SOCKS5 proxies do, for example. SOCKS4 cannot. Arguably the most popular proxy in the world, squid, does not handle DNS.
Uh? It most certainly does.
$ telnet myproxy 3128
Connected to myproxy.
Escape character is '^]'.
GET http://slashdot.org/ HTTP/1.1
HTTP/1.0 200 OK
Server: Apache/2.2.3 (CentOS)
Set-Cookie: betagroup=51; path=/; expires=Thu, 18-Feb-2016 00:08:24 GMT
If squid didn't do DNS for you, you would have to provide the IP address. It does,so you don't.
A transparent proxy is a completely different implementation.
I was talking about [b]configuring[/b] a proxy server. In which case you forward all requests to that proxy, and the browser does not do lookups.
DNS names are easily enumeratable, the only reason to emphasize that it's hashes is if you're clueless or dishonest.
From a privacy perspective, they are sending back DNS names, saying that's hashes is only fooling people.
Oh? If they're really easily enumerable, pray tell, which DNS name does the following hash point to?