My draft response to the proposals
(to be submitted this week, hopefully)
137 publicly visible posts • joined 18 Jul 2007
The problem here is that a piece of dubious AdWare is able to serve Google Ads.
And, er, that's it.
The fact that an Ad for RCN shows up - as a result of the adware - when the user is on the RCN site is down to the adware, rather than Google or RCN directly.
Last I checked, Google didn't promote or endorse Adware (quite the opposite, in fact). Did Ben Edelman contact Google to alert them of this issue? What response did he get? -That- would be the story. Instead, this is just another "Google is not not evil" piece of puffery with little substance.
My home network has a /48 allocated to it. When I hit Google, I do so over IPv6, because my upstream DNS resolver is registered in Google's v6 programme as one of the resolvers it should always return AAAA records for (as opposed to normal, where they only return them if you look up ipv6.google.com to avoid breakage):
[mo@pip ~]$ host www.google.com
www.google.com is an alias for www.l.google.com.
www.l.google.com has address 220.127.116.11
www.l.google.com has address 18.104.22.168
www.l.google.com has address 22.214.171.124
www.l.google.com has address 126.96.36.199
www.l.google.com has IPv6 address 2001:4860:a003::68
Excepting my iPod touch (see iPhone comments from Jez above - and rdar 6747399) and PSP, I think every device on this network has a public, routeable […and firewalled] v6 address. I'd be reading this via IPv6 now if El Reg had v6 transit to its servers. Even The Pirate Bay has an IPv6 tracker.
Indeed, that's the problem: hosting providers aren't willing to support v6. I asked ours and they told us they had no plans at all. MInd you, the more people who ask, the more providers will start to think about it. Same with ISPs (though it's arguably easier to get a tunnel into your network that's suitable for browsing as compared to one for hosting critical stuff).
I think the point of Google's statements isn't that 2009 will be the year of IPv6, but that it'll be the year that IPv6 gets talked about a lot more, and will probably see a lot more growth than it has previously. Lots of people *are* taking an interest, and a lot of the hassles in getting set up from years gone by just don't exist anymore. Getting a tunnel is easy, if you know how.
This is the most inane "critical" article I've read on cloud computing in a while.
Traditional software running on web servers:
1. customers all install a piece of software.
2. vulnerability is discovered
3. vulnerability is exploited, with the help of Google
4. over the course of the next year or so, customers patch the vulnerability
1. customers sign up to service
2. vulnerability is discovered
3. vulnerability is exploited
4. SaaS vendor patches vulnerability and _all_ of the customers are instantly patched
I'm failing to see how SaaS is somehow worse than the traditional route, except in the very narrow scenario where you've got the in-house technical resources to roll out your own security patches before your vendor does (good luck if it's not open source, eh?)
The DoC has operated the root zone forever, and the only alternative is worse (IANA itself), so bitch about it *now* isn't likely to achieve much unless a viable alternative is mooted.
But, that has little to do with DNSSEC, other than cementing authority that's already pretty firmly held.
The solution is to distribute the public keys of the TLDs alongside the root NS hints. That _file_ can be signed (e.g., by PGP), which the OS/DNS resolver vendors (who are the ones who pick up the root hints file and distribute it to their users) can verify that it was generated and signed by somebody that they—on behalf of their users—deem trustworthy.
The benefit of this over simply signing the root zone is that it's not any more complicated than the key-distribution mechanism that'll be required for the root zone signing key anyway, and it makes the signature of the root zone irrelevant for most purposes: because the TLD signatures can be verified without referencing the root, it can be signed by the US, or IANA, or nobody at all, and it doesn't make one bit of difference. If the world has a falling-out with the DoC (or IANA), it's a matter for the world's Internet users (via the resolver distributors) to decide who the new trustworthy source of TLD keys is. They could even form a web of trust whereby each vendor picks a TLD, verifies its key in person, and distributes it to the others; no single-point root key distribution required.
Of course, the danger with this is that it would demonstrate how irrelevant IANA really is.
""Was there a single reason they could advance as to why all new PCs should not come with optional porn filters on as default?""
a) You'd have to have a selection and certification process for said filters, which would be incredibly costly and inefficient
b) Not all PCs are created equal
c) The vast majority of PCs sold go nowhere near children and are wiped/imaged on receipt anyway (thus making the cost incurred a complete waste of money to British business)
d) Not all PCs are sold with an operating system in the first place
e) What happens when the OS installed on the PC doesn't have a filter available for it?
f) How do you classify "sold" and "PC" anyway? Tricky, you see. What about a dedicated server?
g) Are resellers and manufacturers legally liable if the filter doesn't work? Does that not mean parents would, by default, abdicate all responsibility because "the computer does it"?
h) Porn isn't illegal [generally] in the first place. Why filter it?
i) When I was a kid, I saw plenty of porn, without the aid of the Internet. I bet the generation before me did, too. (It never did me any harm…)
j) Would there be clear instructions on how to turn said filters off? Do you think the same people who can't manage to operate a virus scanner would be able to i) switch it off when required, or ii) prevent children from doing the same?
So, er, what's so newsworthy?
…nobody had ever heard of it?
Seriously, it really hacks me off when companies do this: the only time you hear about a potentially good service is when they announce they've canned it through lack of interest, yet no attempt was made to market the service to anybody of any note.
…nobody seems to care what effect this might have on Pixar, eh?
Anyway, he's done what he said he'd do: told the board, and everyone else, that he's unable to continue running Apple—on a temporary basis, at least. Let's hope, purely for his sake, that he gets better; and let's hope that Apple continues to do what Apple does and demonstrates that the ringmaster isn't the be-all and end-all of the circus.
It's PDF rather than SVG because Mac OS X's underlying graphics engine—Quartz—natively renders graphics in terms of PDF-like streams (it's not actually PDF itself, but an internal representation of the primitives, but it means that displaying a PDF is an utterly trivial operation).
Rendering SVG, on the other hand, is fine in a web browser but horrible for basic UI elements given the architecture.
The iPhone/iPod touch is certainly capable of running a full-blown client. It'd be a shame if all we got was the 'Lite' version (which would only work on the iPhone—not the iPod touch).
The biggest thing I use Skype for is SMS from the desktop, to be honest. I'd pay a couple of squids to have that as an iPod touch app.
Even if you figure out a way to reliably, without destroying e-commerce in the process, 'rate' websites in a way which doesn't get broken as soon as the content changes, what happens to IRC channels, newsgroups, P2P networks, e-mail lists, SNMP connections, LDAP lookups, and every other application which uses the Internet? What happens when we don't use HTTP and HTML any more, and we don't have 'web sites'?
It's not that the creators of the Internet talked about something Governments can't touch (mainly because they were, er, government contractors), it's that they deliberately designed it to be open-ended and massively flexible. It's not that Governments can't touch it, it's that the only way they can control it in the manner that they'd like to is by destroying it, and that would do more harm to the economy than Woolies, Zavvi and Adams closing ever will.
’cos on the Mac, passwords are stored on the Keychain, and if you don't unlock your Keychain in the first place, Safari can't decrypt squat.
The default configuration is for your Keychain to be unlocked when you log in, but you can change that easily enough, and set it to to auto-lock under various circumstances, which means you'll be prompted for your Keychain password whenever Safari wants to auto-fill a login form. Hit Cancel and it won't auto-fill a thing.
If memory serves, other auto-fill data is stored in the same way.
It's thorny for two reasons, though one far moreso than the other:
1. Trademarks are granted in specific categories (McDonald’s restaurants and McDonald’s Shoe Emporium are two different kinds of business who might hold a trademark on the same thing)
2. The companies aren't actually *displaying* the trademark, the user is just searching for it. To the letter of the law, they've actually not done anything wrong (unless the ad text contains the mark in question).
Users know that sponsored links are just that, which reduces the risk of “likely confusion”, and so are likely to be aware that the sponsored links may include competitors (which could well be to the consumer's advantage, after all).
If the advertisers aren't actually claiming to _be_ the company associated with the trademark, I say let them bid.
One route would be to simply offer programmes as free rentals on iTunes UK for 7 days. BBC WW and Channel 4 (and Sky, and many others) already *sell* the programmes on iTunes, and we know the iTunes Store supports rentals now. I suspect some hefty negotiating regarding the logistics of it would have to be done, but that's a business, not a technological issue.
It's not the ideal, universal solution for several reasons, but if they want a unified platform which isn't tied to any of the channels.
So if the next version of AIR is going to use Squirrelfish, does that mean Adobe will contribute ActionScript language features (packages, classes, method/property visibility, etc.) to it?
By the sounds of it, ECMA's going to end up irrelevant—even though they rejected ECMAscript 4 as proposed by Adobe, all of the runtimes will likely end up with support for all of the proposed ES4 features *anyway*. Possible exception of Microsoft's, but Adobe could possibly pull a clever trick in bundling a WSH engine along with the Flash player to render this moot.
I thought everybody knew this?
Disable PithHelmet, specifically. Inquisitor possibly.
Third-party add-ons which work through the Input Manager mechanism won't have been tested/updated for the new release.
3.2 is absolutely rock-solid for me, running without third-party add-ons.
Terrorism is the current hot potato killer issue.
How ridiculous does it get before people start to say “actually, hold on… this is entirely disproportionate?” I know it IS disproportionate now, but it's still an (admittedly vocal) minority actually saying as much. Perhaps everybody should be monitored to ensure that errant pedestrians can't stray onto a busy road and get themselves knocked down? Perhaps police officers should be stationed at the doors to every local pub to ensure that drink driving doesn't occur? Perhaps all kitchen knives should be licensed to qualified “home chefs” to ensure that knife crime is kept to a minimum?
Sorry, Mr Hoon; you were an idiot in defence, and you're still an idiot now. The biggest civil liberty of all is to live without repression, either from terrorists OR from the Government. At the end of the day, if you can't have that, it doesn't matter who's doing the repressing, as many other governments of dubious repute across the world have demonstrated.
Cheap application of some kind doesn't have five-nines uptime.
If you don't want the trouble of installing, configuring, patching, feeding, watering, developing and otherwise maintaining your own global e-mail infrastructure, you either pay for it or get it for free. Either way, you get what you pay for.
Last I looked, Google Apps was quite explicit about exactly what guarantees you get for your money (free or premier). The fact is, the occasional glitches pale into insignificance as compared to the cost of running the infrastructure yourself for many people. You don't get something for nothing, though.
My iPod touch receives push notifications of e-mail when I've got other things running (it 'pings' at me at exactly the same moment my Mac does, give or take half a second, when new mail arrives)
Are you perhaps confusing push e-mail notification with the generic push notifications SDK which was removed during the 2.1 beta timeframe, and is expected to make a return once Apple is damned sure it's got the infrastructure right for running it?
Tell us what the Apple Bug Reporter problem ID is so that anybody who also suffers from it can dup it in Radar.
Second, have you checked the permissions on ~/Library/Preferences/com.apple.LaunchServices.plist and checked that it contains what it's supposed to?
Something LaunchServices-related is evidently kicking off before FileVault has decrypted the home directory, and so it's hanging on to the default values instead of the customisations. It might well be an interaction between FileVault and a third-party app.
I think creationism is bunkum (lots of natural things don't demonstrate a huge amount of intelligence in their design, unless you can also attribute malice)
However, being able to explain why creationism isn't science and evolution is is entirely sensible, and that sort of analysis is a skill that children should be taught (logical, rational, reasoning applies to a whole bunch of things, after all).
The money quote is:
“teachers need to be in a position to be able to discuss science theories and explain why evolution is a sound scientific theory and why creationism isn’t”.
This is entirely spot on. Teachers AND children need to be able to do this.
It probably does it the same way MySpace for the iPhone (launched months ago, incidentally) does it: by not rendering any of the actual pages, and instead presenting the information from them within a useable native UI.
Indeed, the MySpace iPhone app is quite nice… at least, compared to actually having to use the MySpace site, at any rate.
It's pretty simple, really…
With e-mail providers, you have many many choices. You are under no obligation to pick the one which is free and serves targeted ads. Personally, I do… for some things. For others, I have a server (which I own) in a rack (which I rent) which handles things instead.
If you want free e-mail, there's going to be a trade-off. There has been for as long as free e-mail has existed. If you don't like it, pick another option.
Let's see, the serviced offices I'm in? Free wifi for all tenants and visitors (there's a Café on the middle floor), with encrypted/authenticated VPN access to the tenant’s VLANs if required.
If I go into the city centre, I can't move for useable networks. My iPod touch has Wifi most places, thanks to a £3.99/month subscription to The Cloud (the only exceptions seem to be places where BT OpenZone or T-Mobile have muscled in first, with their exceptionally expensive Wifi-only packages). If I really have to, I can fall back to my 3G phone, but in all honesty it's rare most places I go.
Femtocells are currently even more bluesky than metropolitan WLAN. It's probably more likely to happen (although very likely restricted to the enterprise space), but it's hardly the case that people are dropping Wifi for cellular all over the shop.
The icon is retarded.
However, defaulting to compatibility view JUST for intranet-mode sites is entirely sensible. it completely avoids the problem that Microsoft has had in the past—that enterprise customers and the entire rest of the world had differing requirements.
Let intranets be viewed in compatibility mode. None of us web developers will actually care, because all of the stuff WE deal with will be standards-compliant.
Meanwhile, enterprise developers who are stuck with a horrific godawful legacy mess won't have to scramble to fix them.
The fact that IE has "security zones" is something that was completely forgotten about in the debate over the IE8 meta tag, and making use of them is a rather elegant sidestep of the whole problem.
a) Pay more for calls than contract customers, text messages and data services
b) Pay outright for the handset (versus "free" [subsidised] for contract customers)
c) Find the handsets are locked to the network
d) Aren't able to make use of certain services available to contract customers (i.e., they're simply not available)
e) Often can't get the same handsets as contract customers
Far from “contract customers propping up the networks”, PAYG customers make the networks an absolute mint, because they end up charging an absolute fortune for any real-world level of usage. History has shown that the number of mobile users is only going to go up over time for the next foreseeable future, and unless one network is absolutely head-and-shoulders better or worse than the others, there's no point in treating PAYG customers like dirt to work around the lack of contractual lock-in, because (where customer numbers are concerned), what comes around, goes around—you'll have customers leave, and others join you, but ultimately you'll probably have the same share of PAYG customers you did a year ago, unless you're really good or really bad.
If Ofcom is at a loss to figure out what to do with PAYG customers, allow me to suggest… given that the handset is paid-for upfront (which covers the cost of an 18-month contract with no optional extras), decree that everything else must be comparable in terms of cost: same bundles, same call rates, same features. The only exceptions permitted will be those on technical or logistic grounds (i.e., you have to do everything out of prepaid credit, you can't start things on the next billing cycle, or have the cost of things spread over x months into the future).
Far from losing customers, the networks would soon discover that although many people use PAYG phones and have every intention of doing so (the numbers are not to be sniffed at), the basic ability to switch networks at the drop of a hat is far outweighed by the fact that most people don't actually want to all that often.