Posts by Daniel Feenberg 16 publicly visible posts • joined 14 Jun 2008
The current system had important business justifications when it got started For Microsoft, having a different driver for every printer model helped discourage use other operating systems. Since many printer vendors would only provide a Windows driver, it made OS2 and Linux second-class operating systems. That helped Windows go from "dominant" to "monopoly". For printer vendors, having their name on the list of drivers that popped up when you started to install a printer was a little advertisement for their brand. A truly compatible printer wouldn't need a new driver, but the user might not realize it was supported via another vendor's driver.
anonymous coward no doubt means RDP - Remote Desktop Protocol which Microsoft provides free for Windows and OSX under the name RDC- Remote Desktop Connection. or mstsc. The cMS client also works with Linux servers xrdp software. We use it extensively. It is OK, much better than most MS products and better than the free as in speech alternatives we have tried, but everyone tells us there are security risks that require a VPN or tunnel which users do find complicated. The Teradici website provides no suggestion of how that software might differ from RDC.
Duo Security offers a variation on the phone as second factor. One of their authentication options is to make a voice call to your phone, and ask for a pin to be entered on the phone keypad. Wrong pin, no login. This means that a stolen phone or SIM won't work to authenticate. It also means that landlines will work as a second factor.
It depends on how the 2FA is implemented. If the 2nd factor is a dongle, or an SMS message use as a second password you are absolutely on point. If the second factor is a voice call to your phone, and you respond with a PIN on the phone keypad, then the protection is real. The intruder would have to intercept the phone call and know the PIN to succeed. The difference is that the second factor requires two-way communication on the alternate channel. So the MITM on only one channel won't work. The intruder may be able to steal your phone number, but he still needs the PIN.
An alternative to SMS is to have the server make a voice call to the user, and accept a PIN from the user's keypad. DUO Security offers a system like this and given a suitable modem I think it wouldn't be difficult to do oneself. This also overcomes the objection that a phone number can be stolen (redirected to another phone) without stealing the physical phone, by social engineering the wireless company. Without the PIN, just receiving the call wouldn't authorize access.
Recently Dell refused a purchase order from me, because I had raised the quantity from 6 to 7 (and kept the same unit price). They had to send another quote, which for some reason had a lower price. So they should have accepted the first PO.
I do know why vendors ignore potential customers that call them (as opposed to the potential customers that they cold call). It is because sales people believe that the only reason you would call them is that you have bad credit with your current vendor.
The Alcock and Brown flight was from Newfoundland to Ireland, the Lindberg flight was from New York to Paris, which is about twice as far. The prize offered was for the later route. If the video says "first transatlantic flight" it is wrong, but the xenophobic conclusion of the OP is unjustified.
In the US nearly all urban areas have weekly free trash collection, but a few charge by the bag or by the month (usually limited to two cans/household/week). But some don't do anything. One that doesn't collect rash is Wellesley Massachusetts which is one of the wealthiest communities in the states. In that town the residents have to take their own trash to the dump, and each Saturday morning at the dump is a prominent social event with much gossiping and sometimes speechifying by candidates.
Only the most law abiding communities can sustain charging by weight or volume - otherwise it would result in litter.
More important than the relatively small speed differences among SSDs is the quality of the wear leveling. It seems likely to me that this varies greatly, and that the variation could be sufficient to be relevant. I don't see an easy and optimal technique, so there must be various methods, with various properties. At these prices, I'd like to know more.
On our rather esoteric web site (www.nber.org) that browser string accounts for 5% of the last week's 5.04 million hits. So it isn't killing us yet, but then what fraction of their users have upgraded so far? It certainly seems tempting to serve up an error page to the user, asking that they disable the "feature", should they eventually select one of our pages.
Why should they be scanning pages before the user clicks? Perhaps they don't have the proper hooks into the browser? Or don't know how to use them?
Daniel Feenberg
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2025
