Outside of any potential technical difficulties of selling Chrome (code base, licensing, patents, etc. Presumably Chrome as a 'brand' would also be packaged, and so on) just who do they expect would *buy* it? And who gets to set the price?

One also suspects that if foreign companies attempted to buy Chrome, there would be protests/lawsuits/whatever.

Or rather, if someone bought Chrome, how would the purchaser expect to make money with Chrome? Charge for it? Or do... exactly what Google is doing now? And if there is no way to make a profit from the purchase, why would anyone be interested in buying Chrome?

I like flying for a holiday but I can skip it. Lets ban fossil fuel planes and use trains.

If the EU is going to force the situation so people can install software on their phones from anywhere, that would imply people could install software which is not GDPR compliant.

So, how would the EU expect to enforce the GDPR? Why wouldn't 'free' versions (or cloned knock-offs) of software (that incidentally harvest all personal information) start showing up for downloads hosted in places outside the reach of the EU?

> Following their designation, gatekeepers will have six months to comply with the requirements in the DMA, at the latest by March 6, 2024.

Six months? Really? To engage in major software changes to some government whims? From start to finish with some sort of certified compliance and without accidentally violating some other regulations/accounting/business contracts in the process?

It sounds like this group is trying to re-invent https://solidproject.org/

From: https://en.wikipedia.org/wiki/...
Solid [1] is a web decentralization project led by Sir Tim Berners-Lee, the inventor of the World Wide Web, developed collaboratively at the Massachusetts Institute of Technology (MIT). The project "aims to radically change the way Web applications work today, resulting in true data ownership as well as improved privacy"[2] by developing a platform for linked-data applications that are completely decentralized and fully under users' control rather than controlled by other entities. The ultimate goal of Solid is to allow users to have full control of their own data, including access control and storage location. To that end, Tim Berners-Lee formed a company called Inrupt to help build a commercial ecosystem to fuel Solid.

The very first app from a third party app store will be an application that turns the phone itself into an app store, so the user can 'share' everything to other phones over WiFi/BlueTooth.

The second app will be a combination app store and onion routing network so that groups of phones can join together in ad hoc onion routing networks -- every high school, college, etc. will end up with a floating ad hoc onion cloud that is over WiFi or other local networks so the students can share apps/movies/music with each other without being easily traced.

Not Beanie Babies. More like Pet Rocks.

One aspect of this vulnerability is that the attacker does not need to have opened or connected directly to the vulnerable Java program. The Java program just has to be exposed to an exploit string from *some* source such that the program logs it with a vulnerable version of log4j. At which point the program opens its own outbound connection to the exploit server. (The port number can be specified to 80 or 443 so it looks like outbound HTTP or HTTPS traffic, so just blocking outbound connections to LDAP default ports won't save you.)

So I have moderate expectations that there will be a burst of systems exploited at the end of the month when automated billing/accounting/auditing/etc. systems start processing this month's data for the end of month or end of year reporting. It will be something like the software which drives the business bulk mailing label printer or something -- some minor Java utility that has nothing at all to do with the network -- somewhere in the processing chain which will dutifully try to execute the exploit.

I am curious if the example referred to where the system apparently reproduced an entire chunk of code with command and copyright notice was the system actually cutting and pasting, or if it has simply 'learned' that those text items were 'supposed' to be there from processing other code.

In either case, if it is not actually applying any understanding of the code, then this is a glorified, automated, cut-and-paste coding system -- which means if the source material is poisoned with errors, security holes, or backdoors, then the system is just going to cut-and-paste the problems into what is generated.

Isn't this just a variation on https://inrupt.com/solid ?
Where everyone maintains their own data and selectively shares it?

For one, I'd like to see a standard for social network and blog-like content so that one can change vendors and download own content as desired. It would be a kind of personal CMS data structure.

Probably should look at: https://solidproject.org/

It's easy to see all the things wrong with the modern Internet, and how the reality of most peoples' experience online doesn't align with the dreams of its early creators.

That's a somewhat presumptuous statement in implications -- that the dreams of the early creators are the correct ones for the modern Internet. Perhaps they are, perhaps they aren't. If this is just going to be a "You young folks should listen to your elders and do things the way we intended! You should follow our dreams, not yours!", that's going to be fairly weak sauce. (Proof by authority.)

It's entirely possible that the reason why 'all the things wrong with the modern Internet' happened is because the original dreams weren't necessarily good or practical ideas. It ought to start with a critique of those first to establish whether or not in hindsight all those 'original dreams' were a good idea -- whether or not all the 'wrong' things that happened were in spite of, or because of those dreams, then it can argue about "Getting it right" rather than waving a cane and shouting "You kids get off my lawn!"

It's generally held that once an attacker has physical access to a device, the device is going to be cracked. So this is not a real surprise.

It would be more interesting to see data on the cost/effort/time it takes for police to do so based on phone model, and also to plot how the cost/effort/time changes from year to year. (That is, how fast after a brand new phone is released does the situation go from "There's no tool available to break into this new model", to "We have a 90% chance of getting into the phone in a week", to "Give me five minutes to open this up.")

This is also going to be an interesting suspect pressure argument-- law enforcement will claim, "See? We can already unlock it, so why don't you make it easier for everyone and unlock your phone for us?" to try to convince people to voluntarily unlock their phones.