See here for an explanation: https://security.googleblog.co...
TL;DR is the entire TLD is on the HSTS preload list.
The problem with the monorail is that it was designed as spectacle, not as transit, yet even as spectacle it fails because it's so out of the way that most people never even stumble across it, and if you do take it, all you see are the backs of hotels. It's even priced as spectacle. $2.75 gets you anywhere in New York City via the subway and bus, but it costs $5 to take the monorail just to go 4 miles along the backs of casinos in Las Vegas.
The monorail should have been built in the middle of the Strip. The Strip is a dystopian nightmare highway bifurcating one of the most walked streets in the United States. It's so dangerous that in many places there aren't even any at-grade pedestrian crossings; you have to go up stairs/escalators set back from the strip, go across a bridge, and then back down, often being forced to detour through one or two casinos in the process. It's the ultimate triumph of automobiles over people for no goddamn reason at all.
The mass transit should have been run right down the middle of the Strip. Instead it was forced to the margins where it remains unused, when it was really the car traffic that should have been forced to the margins. Las Vegas should do a NYC-style "Summer Streets" a few times per year and entirely close down the Strip to car traffic for half a day and let pedestrians use it as they'd like, like Mardi Gras. Then people would realize what they've been missing.
FYI, the HSTS preload list is used by all major browsers (Chrome, Firefox, IE, Edge, Safari, Opera, etc.). This is a good thing, of course; online security shouldn't be enforced conditionally depending on which browser you're using.
The linked article got it wrong. This isn't about Chrome adding TLDs to the HSTS list, it's about the TLDs' owner (which also happens to be Google) adding them to the global HSTS list.
I hate how deficient PC laptop screens are nowadays. They've somehow managed to get worse over time, not better. I'm still using an aging Dell laptop that's six years old because it has a 1920x1200 screen and I cannot even find a replacement that is similarly specced.
The only company that gets it is Apple, but their Retina display laptops start at $1,700, which is an absurd premium, and I'm not interested in running OS X anyway.
Here's what I've learned recently: If I ever discover a major security hole, do not even attempt to release it responsibly. Instead, layer up behind some proxies and Tor and leak it into a blackhat forum or IRC channel. That way the security hole will eventually get fixed, and I can't be prosecuted.
Well, not so much of a joke as an inevitability, but yeah, a lot of the great inventions seem obvious in hindsight. Yet, for some reason, no one figured it out for awhile.
If you've ever used Usenet, and you've used parity files to recover missing segments of data, then you know exactly how this technique works.
Frankly, I'm surprised it took so long for someone to apply it to lossy network environments. It seems obvious in hindsight.
"How to make a million dollars: First, get a million dollars." -- Steve Martin