The "boringification" of computers will bring us back to the 70s.
If we have to prove _everything_ on your computer, from your calculator or Pokemon, how much do you think a license of windows will cost? $250,000?
Linux/FreeBSD/OpenBSD/Minix will be dead (no one to sponsor certification and then put it in the public).
Crazy "best-practices" (change passwords every couple days, password must include symbols, letters, numbers, upper-case and lower-case in a random order, but be no shorter or longer than eight characters)
Must have a full team of lawyers to prove that everything done fit the letter of the law, and that any hacks are not your responsibility
"Shinyness" is what allows you to have free VSCode and Atom.
Sure, I miss the 70s when you could get a text editor measured in bytes (but, btw, electron is probably more secure than 70s unix) but I definitely like the cost/convenience of modern software.
SNAP (Food stamps) give about $255 a month. That means that out of UBI, about $300 is left over for rent.
2. If everyone in the US gets $587 a month, that's 1.5 trillion a year.
The current US federal budget is 3.8 trillion.
That's about a quarter of current US federal budget, and we still have to give an actual livable stipend to the truly poor (SNAP, section 8, medicare), some kind of defense, leave some for state/city tax, federal infrastructure programs (freeways/trains).
> That's about a quarter of current US federal budget
Only some will be given free money, and almost all of them will be spent since receivers are poor and cannot save it, would be quite a boost to the economy. It's a very direct way of implementing Keynesian policies.
One would hope that the participants have been given a long term guarantee that this program will apply to them, perhaps 5 or 10 years. Without the guarantee, the results would be unreliable.
I'm pretty sure it's actually a typo. Approximately 30% of income is capital income, but that includes dividends and interest payments, not just capital gains.
> Entire point of SSL/TLS is to ensure end to end authenticity and confidentiality.
The point is that country A can strongarm a certificate authority under their domain to sign any certificate they want. So if A wants to MITM google or github they can, and there's no way for you to know which certificate is the real one and which is the fake.
3. Can't do it "accidentally". That's why a lot of people have 2 foot high fences, not that you can't jump over them but to create the atmosphere that this is private, and if you get caught there you can't say "oops".
1. key pinning wasn't part of this policy, and regardless implementations are few and doing it correctly is problematic at best.
2. Certificate transparency is not implemented in all clients (and won't be).
3. I do understand the 2 foot high fence, and I've re-iterated repeatedly that I don't believe that TLS is a bad idea or that it provides no benefits. My original comment was meant to point out that a blanket "https everywhere" policy for the federal government is a bad idea.
4. malicious or friendly routers can MITM. Would you go to defcon, attach to an unknown wifi source, and pass your banking credentials?
>access to free lawyers at least for the poor etc is more important than access to the legal databases
That itself is a problem, while we have public defense lawyers, we don't have public preventive lawyers (who I can call and ask if what I'm about to do is altogether legal and what can I do to avoid run-ins with the law).
That's not really the service we want because those lawyers won't be able to give definitive answers for all but the simplest cases. What I think you really want is a government sponsored law office that is given special privileges.
1. They are tasked to give well researched legal advice in all fields.
2. Their advice should be minimally restrictive.
3. If a person faithfully follows the advice of the office the office assumes criminal and civil liability.
Individuals are not capable of evaluating the law without the aid of legal professionals. Worse, individuals don't have the ability to evaluate the quality of lawyers. This system would allow individuals to be secure that they're not heading into legal gray areas or situations where the legality is truly unknown until there's a trial.
I like this kind of system because it's in the best interest of such an office to give the most accurate advice possible.
> 2. Their advice should be minimally restrictive.
> 3. If a person faithfully follows the advice of the office the office assumes criminal and civil liability.
The problem is these two are in conflict. If the office gets in trouble for approving something they shouldn't then they'll have the incentive to be overly restrictive in what they approve.
A better solution is to make this office a subdivision of the justice department and then if they say you're allowed to do it then you can't be prosecuted for it. And if they say you aren't allowed to do it then you can hire your own lawyer to appeal the decision to a court, and they get penalties for being wrong.
This sounds like a process for giving any citizen standing to challenge a law, which I think would be a very significant change to the way the system works today. It naively sounds like a good change, but I suspect there would be some ill effects - e.g, companies asking over and over about slightly different ways to manage taxes to try and find a loophole, people on both sides of the Obamacare contraception mandate trying to prove that loopholes did or did not exist in the law...
You say that like it's a bad thing. Then people would actually know what the law is.
If you don't want people looking for loopholes then don't put so many in the law. When you pass thousands of pages of tax code and then companies spend a lot of time trying to save themselves billions of dollars, what did you expect to happen? That's what happens already.
I think it would be easy to DDOS the proposed system and yes, I think that would be bad. Feel free to explain why either that would not happen or why it would not be bad.
All the well known rockets use cryogenic fuel at least in their ascent stages: Space Shuttle, Saturn V, Soyuz. They certainly can't rely solely on NASA's or Russia's data, but it will/has undoutably helped.
>And the reason people initially used Facebook, Skype, and WhatsApp is not that they were easier to use or better. It's advertising. Notice how all of these are proprietary software made by companies with the means to advertise their software? You can bet people would use GnuPG, Diaspora, and XMPP if they had been advertised by companies like Facebook and Microsoft.
I know quite a few non-techies who use VLC, Firefox, LibreOffice, and other OS advertising-less projects. The difference is:
1. Facebook, Skype and WhatsApp solved problems others didn't and became big. Now it's too late to fight.
Had Diaspora been around before FB, and as easy to work with (put name here, picture here, password here, friend here. You're all set up. Let's go), or XMPP been around before Skype (which is a very old program in internet time), or Kontalk,Signal, etc. been around before WhatsApp (find friends by number, not by username), they probably would have taken off (at least to some degree).
Google came late onto the Desktop scene (Chromebooks) and are not successful while the incumbent (MS) is good.
MS came late onto the mobile scene and failed, while the incumbent (Google) is good.
I'd be willing to guarantee that with a name like Diaspora, it could have never achieved mass adoption under any circumstances. Most people won't know what that word means. The name sounds terrible and unfriendly, more like a disease than a social network your mother would want to join. Diaspora is another example of engineers not understanding how to make a product, top to bottom, for the general public.
I tend to agree. Naming is important and if you target masses (non-engineers, non-geeks etc.), you should name your product so that even a 5 years old kid would understand it without a second thought and memorize instantly. An anecdote, but I have harder times convincing people to use LibreOffice than OpenOffice for no reason other than a name.
It was. XMPP, aka Jabber, started late 1998, the first version of jabberd appeared in 1999, the standards group started in 2002 and the RFCs were ratified in 2004. Jabber.org, the first IM service on top op Jabber/XMPP opened its doors in 1999.
Skype was first released in 2003, about 4 years after Jabber had already become a thing.
Just because something was there first doesn't make it win nor does it mean it will remain the primary/principle protocol/option :).
> It was. XMPP, aka Jabber, started late 1998… Skype was first released in 2003…
But XMPP didn’t have VoIP until 2005.[0] More importantly, XMPP and SIP don’t have a great story for NAT traversal and privacy. And corporations are shying away from open standards, e.g. Google Hangouts federation, or when Apple FaceTime was supposed to be an open standard.[1]
A very long time ago, before even Jabber was around, I played with PGPfone[2] on my 33 MHz laptop.[3] No FPU. 128-bit symmetric encryption. For voice, the processing power problem is solved to overkill. But PGPfone proved to be useless because it didn’t traverse NAT.
The ultimate lesson from PGPfone: NAT is inherently repressive. It divides the Internet into haves and have-nots, and most everybody is a have-not. If you want to contact another have-not, you must do it through the graces of someone who has public IP address space. That is why I started advocating for IPv6 long before any of my peers.[4]
Sounds right, maybe Diaspora or XMPP would not become popular if they were advertised today. Software like VLC, Firefox, LibreOffice would because they're not communication platforms.
Chance might play a larger role than advertising in the early game, for communication platforms.
> 1. Facebook, Skype and WhatsApp solved problems others didn't and became big. Now it's too late to fight.
Facebook was at least the third widely adopted social network. It made it largely by targeting its marketing towards college kids. and expanding strategically and somewhat methodically. Other than its marketing, the only other reason Facebook did well was by becoming a programmer friendly platform. It was no better for users than the other ones.
They've got enough money out of insurance to build themselves a new satellite, the problem is that they need that satellite yesterday, not today.
On the other hand, SpaceX isn't living off poor blokes who were hoodwinked by a starry-eyed agent. Their customers are professionals with lawyers and accountants taking care of things, so I don't feel that SpaceX is particularly unethical.
If we have to prove _everything_ on your computer, from your calculator or Pokemon, how much do you think a license of windows will cost? $250,000?
Linux/FreeBSD/OpenBSD/Minix will be dead (no one to sponsor certification and then put it in the public).
Crazy "best-practices" (change passwords every couple days, password must include symbols, letters, numbers, upper-case and lower-case in a random order, but be no shorter or longer than eight characters)
Must have a full team of lawyers to prove that everything done fit the letter of the law, and that any hacks are not your responsibility
"Shinyness" is what allows you to have free VSCode and Atom.
Sure, I miss the 70s when you could get a text editor measured in bytes (but, btw, electron is probably more secure than 70s unix) but I definitely like the cost/convenience of modern software.