This isn't true. While AMD's main focus is on their proprietary driver, they do pay for developers to make an open source driver. Important recent driver work includes enabling uvd, better power management, and continued work on enabling the 7000+ series. Intel doors seem to get more done, but AMD is working with the community too.

Also, Intel still refuses to use the gallium 3d architecture. Gallium is supposed to help centralise various pieces of writing a graphics driver, making less work for everyone. By not using gallium, less work is shared, meaning more work for the other 3d drivers. So while they are definitely a Linux friendly company, they sure aren't perfect.

I'll give you the blog post. I've always read the project as being the security first, and privacy as the tack on to "sell it." My focusing on security came from that stance. I'll move that goal post then. If you want to ignore the security aspect, then Personas loses its (IMO) big benefit. But it doesn't become a privacy nightmare either. The key to remember is websites already have emails (many using them as the login id anyways), so BrowserID keying off that isn't a direct problem. Its decentralized manner means anyone can claim an email address, or an infinite amount if they want, so multiple IDs are just as possible.

Now you are just cherry-picking my quotes. The tracking ability of independent websites co-operating has not changed. And realistically, as long as you identify yourself the same way across sites, this won't change. If you change your identity (Facebook/G+/OpenID/Email/etc), then they can't track you (according to our discussion of tracking). BrowserID can't change that. Even if BrowserID sent a unique ID to each website, each website would then require an email address anyways. Guess what? You are back to being tracked.

Now, what BrowserID does give you is independence from your Identity Provider tracking you. Under Facebook/G+, it is trivial to see how this occurs. Under OpenID, it is the same. Under BrowserID, the Identity Provider never knows what sites you talk to. In fact, email verification does not provide this security. If your email provider reads your emails (as Google does), Google knows what sites you are talking too. So regarding your points:

True. OpenID and BrowserID are decentralized, which is there primary draw.

Incorrect. Facebook/G+ gives you an identity. That is there entire purposes. So not only do Facebook/G+ know who you talk to, the sites can easily co-operate to know this too. And I've checked their API documentation.

Partially correct. As pointed out above, your email provider can track you still. And removes the benefit of removing multiple passwords, which is the real benefit being pushed.

To ensure there is no goal post moving, this is my stance:

1. You are no less protected from privacy invasion from random sites. So not a concern for adoption, and a problem most people don't even care about. For those who do, there are already methods to work around the issue as I've explained earlier (using multiple addresses, mailinator is 100% supportable, etc).
2. You are isolated from the Identity Provider, giving the advantage over Facebook/G+/OpenID.
3. You lose the multiple passwords, which is the real security benefit. This is the claimed benefit. And it is successful.

Now, if you can prove any point above is violated, then I'm interested in discussing this further. Please bring proof of the violation. Otherwise I'm done here.

I'm not putting words into your mouth, I'm saying nothing has changed. How many websites don't track your email address? And how many people change their email address across websites? If you change the email, then you have no change in your privacy level. If you don't, then your privacy stays the same too. Nothing changes.

If you are so worried about being tracked, it should be important. BrowserID stops one company from tracking you across every website you login too just by having you use their service. Of course if companies compare notes, then yes they can track your email address. But that is no different then before, and no different with OpenID.

It's not about increasing privacy. It's about increasing security by killing extra passwords. That is its goal. It is about a decentralized single sign on. And BrowserID is working on that goal quite well.

According to this overview, that is not true. There are keys generated and used, but they are only valid for up to 24 hours (mentioned inside the above document). So yes you can just sit down at a computer and login to your favourite site, the computer will just generate a new key pair. It can even destroy the key pair once you are done, ensuring no one else can steal your identity.

And yes the private key can be re-used, but the public key is what expires and that is the signed component that matters. Thus after 24 hours, it doesn't matter that you have the private key.

Except that it is not irrelevant. Websites already have your email address, and in most of the cases it is a pretty good identifier of the person. Most people I know have only one main email they use, the only exception being work emails. None of them use multiple emails to avoid tracking. And guess what most websites use as your identifier? Your email address. The fact BrowserID standardized on it doesn't reduce privacy for most people, and for those who care there are easy workarounds (regardless if you use multiple gmail/yahoo/etc addresses, mailinator, or domain catch-alls).

It improves upon those systems in one way, the authentication source never knows where the person signed into. OpenID requires this knowledge due to how the protocol works (and it's not centralized btw). Facebook/G+ are the same. And using your friend's computer to login still works. The credentials stored in your browser are temporary.

The reason the above is true is that the email provider and the website do not talk to discuss an individual user's credentials. So your email provider (ex. Google) don't know where you are logging into. And your browser only stores a token for an individual site that is valid for a short time (with a limit of 24 hours I believe). So any browser can be used, because the really authority is your email provider, not your browser.

The goal of BrowserID isn't to reduce user tracking across sites. Its goal is to reduce the use of passwords, something it does pretty well. The objection to it was that it requires the site to know your email address, but most sites know this anyways. So privacy is not diminished, however the use of passwords (which most people don't handle well) is dramatically reduced. So yes, it improves security.

And just to add another point, if you own a domain and use a catch-all for multiple email addresses, nothing stops you from setting up an identity provider that authenticates all your email address by your one password, making multiple email addresses even easier to deal with.

I have issues with Persona, but this isn't one of them. The core BrowserID protocol is well thought out.

I still don't like Mozilla's Persona. For a system meant to be distributed and open, it sure relies a lot on Mozilla services. I like the idea of BrowserID (the underlying specification to Persona), I just really dislike how everyone has to rely on Mozilla to use Persona.

Except that mailinator could in theory implement an identity provider for its email addresses. There would be no security, but they could. Realistically it would be no worse then using mailinator now.

And most people have one email, and use it everywhere. This specification doesn't decrease their privacy because of that. If you are not already using multiple email addresses, you lose nothing by using browserid.

Well discoverability and installation of software outside the more approved channels is a challenge, its only that way because no standard has been created. Its not that its made intentionally bad, its that the old method (download source code, compile, install, run) is showing its age for people "who just want it to work"(tm). If you have an easy solution to this problem, there are many people who would be interested (myself included). There are lots of solutions out there trying to solve the problem, but they all have their individual issue.

Um ... And that's a problem because? I never once stated that an app store is bad. Having an official distribution channel, that's built to high standards is good IMO. Its when a company (or group of people) decide it will be the only channel allowed that I have an issue.

I haven't investigated the Ubuntu Software Center (not an Ubuntu user), so I don't know how it works. That being said as long as I can get its software for whatever distro I choose, and I run whatever software I choose on Ubuntu, its fine by me. And the same goes for Kindles, Androids, Win 8, and IOS.

I have absolutely no problem with app stores having a curated listing of items. Its when that stores is the only method I can get software I have an issue. That's why I don't mind Google's Play Store (for apps), while its the default on my phone I can easily enable side-loading of apps on to it.

And that's exactly how my Linux distro's work as well ...

I know Animas's OneTouch Ping also is remotely controllable from its meter. It isn't a closed loop, but you could definetly pour a good amount of insulin into someone.

Also, studies have shown that people cannot accurately predict there glucose levels. While people can tell they are off (especially low), exact numbers are hard to produce.

While such software in of itself is not evil, and having an opt-in system to allow people to use such software to block out parts of the Internet they either do not want to see or are trying to protect someone else (think of the children!), I personally start having issues when its government mandated and no way to get around in a simple manner.

If my ISP (if it doesn't already) offered a mechanism to filter the Internet for me with a account specific password to get around it, I would not complain. However if tomorrow they put in a forced filter that I had no way to opt-out of, especially on a per-site basis, then I would have a problem with them.

To keep this on track, remember the article is talking about situations where governments force people to accept this, thus controlling what people can see and thus trying to think. Just using filtering software is not evil, and you are not forced to visit the whole Internet without it. Its forced censorship that is evil.

Except of course being able to generate a million spoofed tcp syn packets that overload different servers w/o taking client resources (beyond bandwidth), or any other similar kind of attack you can think of when you forge packets. Its just not for authenticating streams you know ...

The real reason why is that the Linux kernel has no stable API or ABI, thus any driver compiled for one release will not work at all every on a different release. Read Documentation/stable_api_nonsense.txt in any recent kernel's folder for the reasons.

It seems the same for me too. I know they've taken out many concepts from the curriculum that sounded really interesting (imaginary numbers as a prime example). I find that we try to equalize the playing field too much. Instead of equalizing the field, we should make sure that everyone has a chance. Not everyone can write a book, and not everyone can comprehend quantum mechanics. That doesn't mean writing a 3 page novel or understanding quantum mechanics as 20th physics should mean a 90% in school. Instead what people are good at they should excel at, and everything else has support structures they can use (tutoring, extra help from teachers, etc.) Dumbing everything done just means that once you need all the skills and don't have them, you won't be able to preform.

I guess my real point is that while we shouldn't discriminate against any single group, we should make sure anti-discriminative behaviour doesn't negatively affect people trying to be better too.