However I disagree that it is a bad idea and that the implementation is bad. Regardless of how software _should_ behave, Firefox operates in how software is actually run for their users. DNS is a source of security vulnerabilities and headaches.
Demanding a higher level abstraction is not always an option for many, but using Firefox often is. This is especially important for mobile, where a lot of people don't have access or knowledge to set in place a system wide proxy after rooting their phones, but it is very easy to install Firefox mobile.
What about web browser usage on library or campus computers? Often they will have several browsers installed as well.
The point is that making security more available and easier to use where it matters most is a good idea.
I just spent some time searching, and I actually don't see much in the way of clients. Most search results seem to be talking about how wizz-bang dns-over-https is, or talking about firefox's implementation.
If you know of a DNS over HTTPS client for Windows, please link it!
I think the forced upgrades were a good thing. The security model on Windows 10 and continued support of updates to 10 is overall a Good Thing for the average Windows User. The majority of users on Windows run their systems in extremely non-secure ways and skip updates and upgrades completely. This is a danger to the internet as a whole.
To me it ultimately comes down to this: I can't force my older relatives to update their machines or even stop them from running ancient versions of Windows. On that front, Windows 10 made things better.
Better? Better!?! Don't even get me started on how much support time the constant stream of automated reinstalls causes, even when it works. (Last iteration, about a week ago: Win10 decided it dislikes Avast, reminding me very much of Windows' ancient brouhaha with DR-DOS) "Yeah, yeah, you wanted to get things done, where do you want to go today and stuff, whatever. Nope, you're gonna look at this pretty percentage for an hour and hope it doesn't end in Rolling back."
I agree that keeping on ancient Windows is a chore now, and keeping systems up to date is good for the users and the Net in general; but thanks to the WinX forced-upgrade and the unreliable updates, I've deployed some more Ubuntu clients. For some mysterious reason, those don't need to jump into your face with YOU WILL REBOOT NOW PUNY HUMAN.
(And really, I would love to have a system that has a good security model, even if that means Windows...but this is far outweighed by the abovementioned trampling of the user: whoops you turned your back for a few minutes, oh well, you didn't need to save or close that properly anyway)
That's a nice take - it's still understandable that many of us would rather be in control of the software we're using, though, isn't it? It's - irksome.
If one of my prod servers were forcefully updated - with no warning, therefore no chance to make backups - I'd be furious. If my main dev machine was bricked as a result of forceful updates, as I seem to recall it happened to some folk...
It feels like they disregard users in that sense, and it's sad.
I think this is a "damned if you do, damned if you don't" kind of situation. On the one hand, the user definitely thinks it's in their best interest to be in control of their software. On the other hand, history has shown that the average user doesn't make good decisions when it comes to said software. Microsoft will catch the blame for the insecure operating system, or they'll catch the blame for forcing users to update their software.
I'm no Microsoft fan, but I really do believe they did the less-wrong thing in this case.
All of their competitors are doing it, and offering arguably compelling experiences based on that data.
That said, they should probably treat personal information sharing like they treat the modification of system settings. Notify the user that an app or service wants to share info, and get their permission to proceed.
With the GDPR stuff happening recently, I wouldn't be surprised if a future version of Windows 10 had a feature like this.
While I have my share of horror stories with WinX malware (if it installs even despite an explicit refusal, it doesn't deserve a more charitable title), running critical systems (literal life support?!) on a desktop OS is irresponsible bordering on criminal, IMNSHO. Even MSFT has embedded and server OS lines for that.
So security is the highest priority, the overriding concern that justifies taking away your right to control the equipment you bought?
Okay. Then stop messing with the operating system. Stop changing anything except as needed for security patches. If nothing changes except security improvements, the rate of updates and the probability of update breaking something will both dramatically decrease - which would be good not only for usability and reliability, but also security, because it would tilt the incentive much more in the direction of immediately accepting all updates.
No?
Okay. Now we've established that security is not in fact the highest priority after all. That, in short, the argument based on security being the highest priority was bullshit. So let's stop repeating it. If Microsoft behaves as though the highest priority were job security for individual Microsoft employees, then let's acknowledge that.
> I can't force my older relatives to update their machines or even stop them from running ancient versions of Windows. On that front, Windows 10 made things better.
Unless your older relative is on a metered internet connection that charges downloads by the MB, costing them hundreds of dollars[1] on a speculative download that the user did not ask for.
Windows 10 updates are not purely well-tested security updates, however. They include feature changes and cause compatibility problems. Some computers are even stuck at on older Windows 10 versions and can't be updated. If Windows 10 was Windows 10 LTSB, people would be much keener on automatic updates.
Contractors don't get those. In theory they get paid higher as compensation for not getting them, in practice they generally get the same money with less benefits.
A simple solution in this vein is to white list your the EIP addresses of your NAT. This would give access to all resources in a private subnet (this is useful for Lambda's running in subnets).
> And somehow in the more affluent parts of the city where I live, Comcast, Google and AT&T are all competing. AT&T and Google are both offering gigabit internet for $70 a month.
Google is offering service in limited areas of 8 cities and have put on hold any future expansion. That is not comparative to the rest of the country and shouldn't be used as an example of competition. The country has no real competition for internet service providers.
That would actually be perfect for long range interstellar probes. A constant source of energy for thousands of years, even that small, would propel a craft to reasonably high speeds. Give a spacecraft a few pounds and you'd have something really great.
So given that, assume you put an array of batteries together, what is the formula for Batteries of qty=N allowing a range of Z AU comm ability to earth / current-AU-distance == distance-from-earth before we will not be even able to receive said comms...??
So how far can they get on N batteries before we cant hear them?
Is there such a thing as "solar-syncronous" and "galactic-syncronous" orbit such that we can deploy a TON of little relays that would speed up comms to each probe to the Earth?
I.E. we have however many in a sphere around the solar system, then at some AU distance out, that the extending probes can contact more efficiently?
Assume that the little diamond batts can only reliably transfer a signal by AU/.00X - then we need to create grids of these little guys at AU/.00X intervals to relay the signals within the power capabilities of the probes...
or is this a stupid thing to say?
---
This begs the questions; what is the best method/technology for sending messages between sensors through space?
We can still hear the Voyagers, how long do their signals take to get here? How much data do they send? How long will their batteries last? How far until they go dark? (they are already like 34 times as far from us as we are from Jupiter.)
If you put a radio at ~10X the distance of Pluto, you can use the sun as a gravitational lens, and communicate with another star using milliwatts of power:
But if it's for interstellar probes, we could use just carbon-14 and keep the diamond...? Unless we're wrapping it in a diamond to protect the electronics.
> I was riding my bike the day after the procedure.
Please do not spread terrible medical advice which you were surely told not to do. That's great you turned out fine but it is not ethical to promote such behavior.
Think of it as someone saying their children turned out fine without immunizations. Your words can become incredibly dangerous once you begin questioning doctors if you are not trained or have added knowledge in the area of specialty.
I asked my doctor if there's _anything_ I shouldn't do and he said 'No'. He told me an anecdote about a patient of his that HAD a bit of pain after flying for most of a day directly after the procedure (being cramped being probably a reason for that), but he explicitly said that there is no reason to hold back. "Be reasonable, be sensible".
But I honestly don't even know what drove you to comment here. I never said 'Ride a bike on the next day' nor am I a doctor or even TRIED to give out medical advice. Instead I explicitly called out (and tried to dispell) the 'OMG it is so painful' FUD.
Your comment is a) irrelevant (I don't give medical advice) and b) assuming things that are completely unrooted in reality and wrong.
However I disagree that it is a bad idea and that the implementation is bad. Regardless of how software _should_ behave, Firefox operates in how software is actually run for their users. DNS is a source of security vulnerabilities and headaches.
Demanding a higher level abstraction is not always an option for many, but using Firefox often is. This is especially important for mobile, where a lot of people don't have access or knowledge to set in place a system wide proxy after rooting their phones, but it is very easy to install Firefox mobile.
What about web browser usage on library or campus computers? Often they will have several browsers installed as well.
The point is that making security more available and easier to use where it matters most is a good idea.