that I would pay Netflix $75-100 per month for full streaming access to everything they have, plus recent TV shows.
Does not have to be 1080p either. 720p is just fine.
Up to $1200 per year for movie and show consumption at home??? Wow. Think what you could do with that money and time, if you just kick your TV out of your home.
Silent updates is the worst idea ever. Something that worked yesterday, stops working today - and I have no clue why.
It is OK for some users to enable automatic updates (e.g. if you use only a Web browser and no specific plugins), but even then: Make the users aware about each update. Most users are far better off with a planned update.
How often did your AV actually block a virus that would have been executed otherwise (this questions excludes emails with attachments that you would have never opened? It never has happened to me within the last 10 years. So what's the value of an AV for a user, who knows what he does?
However, I have seen many people with AV that have been infected nevertheless (especially by downloading and installing games from dubious sources). So, what's the value of an AV, if some viruses come through?
Note: Software patches and firewalls are different, but AV is snake-oil.
1. Cheap security, sell certs
2. Get hacked, face huge liability claims
3. Transfer all money to parent company
4. Close shop
5. Profit $$$
Conclusion: If an CA can declare "bankruptcy" so simple, without having enough money to face liability, the certs of such a CA are worth nothing. We shouldn't trust those CAs in the beginning. What about a mandatory liability insurance for CAs? The insurance will check that you operate securely, I bet
The only solution is delegate the "trust" relationship in a way that it economically VERY interesting that the delegate checks the trustworthiness of the CA. E.g. your bank for certs that is used for online payments - if the (by the bank trusted) CA fails, it's the bank that pays the damages. Unfortunately, I do not have yet an idea of certs used by "free" Webmail (e.g. gmail).
You got the problem completely wrong. Let's say my bank is highly knowledgable, they figured out that there are 10 CAs they can trust one hundred percent and the others are a bit dodgy, and they use one of the 10 CAs that are hundred percent trustworthy. The problem is that any of the dodgy CAs can create a certificate for the bank's website that will be trusted by your browser until it is found out and revoked, without the bank being involved at all.
No, the idea is that you only trust the CAs that have been trusted by the bank and not the dodgy CAs (so no more default lists of hundreds of 'trustworthy" CAs). Did I explain it that badly that this was not obvious?
However, the real problem stays: There are hundreds of CAs out, which are trusted by default by your browser. You probably never heard about most of them. They operate in different countries - you cannot sue them easily from your country. All of them can (technically) also issue certs for all Web sites (even for Web sites that have an existing cert from somebody else).
That's not the real problem. The real problem is that what happened to Diginotar could happen to a really big CA, and then removing it from the browser breaks half the web.
Well, it can only happen to CAs, which do not know security (and since we have hundreds of them in our browsers, it is very likely that there are others that are as bad as DigiNotar). However, reducing the number of CAs is not a solution, as this will just elevate the risk for a each security breach at a CA. The only solution is delegate the "trust" relationship in a way that it economically VERY interesting that the delegate checks the trustworthiness of the CA. E.g. your bank for certs that is used for online payments - if the (by the bank trusted) CA fails, it's the bank that pays the damages. Unfortunately, I do not have yet an idea of certs used by "free" Webmail (e.g. gmail).
And it is a BIG problem, that each CA can issue a cert, even for Web sites that already have a cert from another CA (as it happened for gmail in the DigiNotar case).
DigiNotar got what it deserved.
However, the real problem stays: There are hundreds of CAs out, which are trusted by default by your browser. You probably never heard about most of them. They operate in different countries - you cannot sue them easily from your country. All of them can (technically) also issue certs for all Web sites (even for Web sites that have an existing cert from somebody else).
The whole CA system in broken. I would rather like to trust only CAs that have earned the trust. E.g. CAs that have been validated by my bank for online payments (but not for my email).
Absolutely true.
We should have a hierarchy of different levels of trust. E.g. if my bank trusts a CA for credit card payments, I should be able to see in my browser that a secure Web site for payments is trusted by the payment trust chain. I will trust this site, because my bank trusted it (and will reimburse me, if the trust was not merited).
For emails, e.g. I only trust my two email providers, and I got there certs pushed to my mobile phone for enhanced security.
Etc.
The whole "One CA is trusted for everything" is insane.
I agree that most 'software patents' are fairly obvious garbage. But to say *all* are garbage is not true.
Lets start with the one that started it all. The LZW one. This is the one that pissed everyone off.
Garbage does not mean "unusable" - but that it should not have been patented. For LZW it is even obvious: It's pure mathematics. Do you want to patent any advancements in mathematics?
We've added these friends to your profile automatically.
If you do not want that we add these frinds automatically in the future you can opt out. This easy 30-steps-opt-out process is described somewhere in our FAQ.
Run your own recursive DNS resolver with DNSSEC validation.
Why would this help as long as the root DNS servers are located in the US?
Whilst the technology exists for the cloud to deliver fault tolerant distributed storage, when you choose to put data in the cloud, you are choosing to relinquish control of the data. You are placing it in the hands of someone else. Quite probably an organisation that you do not know intimately. Quite probably an organisation that is based in a different legislative region - probably another country.
Which is the real issue: No way for a European company to use a US cloud provider - Amazon, Azure, Google. The Patriot Act is prohibitive here.
That being, stopping wasting their money on buying patents, and using their considerable amount of cash to push the elimination of software patents.
Best post ever!
So the only thing you can't opt out is that other people write your name next to a picture without your consent.
Which is a huge problem, if it is combined with face recognition.
Even if that is illegal, it is beyond me how it is the responsibility of FB to police such behavior.
The real problem is that FB stores the tag and uses face recognition - if FB only stores the names on people who have expressively given their consent, it's OK (so, Opt-in). And, it should be always illegal to keep a huge database with face recognition on people who have not opt-in to this special service. This has nothing to do with "policing".
The whole damn site is a privacy violation.
You could say that about the entire Internet.
You could say that about spoken language. What's your point?
Happiness is twin floppies.
