Re: Cost?
As a USian, I am incredibly jealous that you have access to 4G service that is both cheap and reliable enough to make that a realistic usage scenario.
5648 publicly visible posts • joined 20 Feb 2015
"Ofcom's top tech bod, Mansoor Hanif, recently gave the Wi-Fi industry a roasting, telling them to shape up to 5G or face sliding into irrelevance."
Not a chance.
It makes no sense to me to replace one already hard-to-secure technology (WiFi) with an even harder-to-secure technology (5G). I absolutely don't want my LAN to be using the same transport as the internet. Period.
"Hypervisor attacks ARE a thing, you know?"
Oh, yes, I know very well -- which is why I cringe whenever I hear people advocating VMs as some sort of security panacea. I was not claiming they are! My primary defense against client side scripting is to disallow it and avoid websites that require it. There are one or two that I need to access, though. I acknowledge that it puts me at risk, but running inside a VM does reduce my vulnerability. It certainly doesn't eliminate it, though!
"If I was really paranoid I suspect I'd disable tabs and possilby even run each browser instance in a VM"
I guess that I'm half-paranoid. I am not really a user of tabs in the first place (not for security reasons, but because I find it better from a usability standpoint to run multiple instances of a browser rather than having a bunch of tabs in a single instance), but if I have to use a site that doesn't function without allowing Javascript, I always do that from inside a VM.
"problem is most sites which "rely on JS", use it for functionality that could be achieved without JS"
Yep. And well-designed sites will continue to work properly even if they can't run scripts in the browser -- they just drop the bells and whistles (which, half of the time, makes the web site faster and easier to use anyway).
My standard practice is that if a site doesn't work properly without Javascript, then I just don't use the site. There are very, very few websites which are actually indispensable.
"Let's go back to static pages where you have to keep clicking next page to scroll through thousands of items instead of dynamically loading them then."
For this particular example, I really, really wish that sites would go back to behaving that way. Dynamic loading is something that gets in my way on a daily basis.
"so be careful that when a person steals your phone they don't also take your finger."
No need to take your finger. Anyone's fingerprints are easy to obtain (they're probably on the case of that stolen phone), and once you have them then it's pretty simple to fool the fingerprint reader and unlock the phone.
"Honestly, how likely is that?"
In the long run? Very likely. It is all but inevitable that the ubiquitous surveillance being forced on everyone will cause, at some point, widespread harm. When that happens, the shit will truly hit the fan.
At this point in time, though, I figure the only reasonable approach to take is that of self-preservation. When the disaster comes, I would prefer not to be a part of it, which means subverting as much surveillance as possible right now. There's no point in expecting the law to protect you at this point in time. Only tears lie at the end of that path.
"That's BS for people who want to make money out of your data without paying for it."
I don't think paying for it is the important qualifier here -- I think getting your permission is (paying for it might be a condition you require to give permission, though).
Without them doing that, they aren't just people who want to make money from your data, they're straight-up thieves.
"The slurping is one thing... it's what is done with the slurped data that's the troubling part."
I consider both of those aspects about equally troubling, but the slurp is arguably the more important part. If the data isn't slurped, then it can't be abused. Once the data is slurped, there is literally no way of knowing what is being done with the data, so you can't know whether or not it's being abused. That makes the whole thing a matter of trust.
But note that when I use the term "slurp", what I mean is "spy" -- data which is collected without my consent. If I have given my informed consent, then I have decided that I trust whoever I give consent to. Without consent, there can be no trust.
"If large data processors like Google and Facebook help write the "ethics", they are writing the law that governs themselves."
Having two of the least ethical companies in the tech industry (where there is plenty of competition for the "unethical" crown) help to determine what is and is not ethical sounds like a fantastic idea!
"4) Publicly announce that the mast that all the loonies have been protesting about and camping outside is in fact a dummy mast and that their illnesses are all psychogenic."
That would accomplish nothing at all. It won't change any minds or reduce the unwarranted fears even a little.
However, if you changed step 4 to "Remove the dummy mast with a lot of fanfare and moaning about how much it hurts to do so" would likely work. Everyone nearby would feel better (both physically and emotionally) and you'd still have the real, functioning sites.
"I'd like to see a test/certification offered for users who don't want the basics"
Ummm, but savvy users are probably not using the equipment Comcast is supplying anyway. Why pay Comcast rental fees on that stuff when it's easy (and not terribly expensive) to buy and use your own kit instead?
I have to use Comcast as my ISP, but there isn't a single piece of Comcast-supplied gear in my house.
"However TP-Link routers now contain most of the bits I was using in DD-WRT."
Do you actually trust the firmware that comes with a consumer level router? I 100% don't. Even if the factory firmware did everything I needed, the first thing I'd do is still replace it with something that I can have a bit more faith in. If I couldn't replace it, then I wouldn't use that router.
"So a patch in progress will allow admins to turn on STIBP if needed, but not by default."
This is great news. My long-term mitigation plan is to get rid of my Intel-based machines entirely, and until then I want to pick and choose which mitigations I'm willing to accept. This is one I am not.
"I don't really quite understand why features vanish. It's not like old features increase raw materials cost or some such."
I think a lot of this comes from the "simplicity" fad that's all the rage right now, by developers who confuse "simplicity" with "eliminating features".
That said, every feature a product has does have an ongoing cost. More features mean more lines of code, and every line of code comes with an ongoing cost in terms of maintenance and increased complexity of the code base (which makes future changes more expensive to implement).
"Even Thunderbird didn't go far, and it has an ill-thought GUI that is far from intuitive (i.e., why you have to drag a file to a small are of the screen to attach it???). "
While it has plenty of faults (although the attachment issue you cite isn't one of them -- I've never attached anything to my emails that way), Thunderbird remains one of the best email clients around. That's not praise for Thunderbird, it's condemnation of the state of email clients these days.
"This business model certainly seems to work for Google, Facebook, etc."
The business model may "work" in terms of generating revenue, but it has societal downsides that seriously outweigh the benefits. Google, Facebook, etc., shouldn't be doing this (in the way they are) either. We don't want others joining this awful trend.
"Yes, you're paying more, but you're getting something for that money."
I don't care about warranty and support, but I do care about the loss of important features. I'm certainly not going to pay a premium for a phone that doesn't, at a minimum, do at least what my current phone does for me.
"are you guys really copying that volume of data on and off your phones that often that it's a such a chore?"
Yes.
"what exactly is this multi gigabyte data that people are capturing so frequently on their phones??"
The music I carry with me, mostly, but also document collections, and large datasets of various sorts. Oh, and I also run a webserver on my phone that I use to quickly distribute information to others. This isn't data captured on my phone, this is data I want to access on my phone, or data I'm moving to a different place.
"it's no different at all to what Google do"
It's not? So Apple has weaponized all of their products to be surveillance machines, and is following me around both the internet and meatspace, spying on everything I do that they can see in order to compile an ongoing dossier about me even if I don't use any of their products?
Somehow, I seriously doubt that.
"At least Google location services can be switched off."
Yes, and doing so doesn't actually make that data collection stop.
"in a civilised society, Amazon should be falling over themselves in their rush to assist the authorities in such circumstances"
This argument assumes that the government is reasonably sane and just. I don't think that's the case in the US right now, and until/unless it becomes so, I think this argument is a nonstarter.
"Unfortunately the Linux community is in denial about the reasons for the continued Ubiquity of Windows."
I don't agree. I think that the Linux community tends to be fully aware of those reasons. I think where people get confused is that they think there is a great yearning in the Linux community that it topples Windows. Outside of a small (but vocal, since tech journalists are a major portion of this) group, I don't think that the Linux community is willing to compromise Linux to the degree necessary to achieve that goal.
"We need the community to finally stop masturbating on their own fantasies and instead join together in a creative orgy of cooperation on one distro to finally push Windows aside forever."
I sincerely hope this doesn't happen. The variety of Linux distros is a strength, not a weakness. A distro aimed at being a drop-in replacement for Windows is likely to include an awful lot of things that will only make Linux worse for those of us who currently choose it. Having some distros with that as the goal is fine, as long as there are other distros that I can use.