4340 posts • joined 31 May 2010
I believe this is why certain categories of worker are exempt (with the worker's consent.) Alberta's laws are not all that different, and we have one of the most powerful economies in the world. :)
Sync.com is a Canadian cloud storage provider with data stored in a Canadian datacenter. Their client encrypts the data before sending it up to the cloud. They claim not to be able to decrypt the data.
They are still in beta, however, and mobile clients to not exist. It is $50/yr for 500GB. Sync.com now has a new paid subscriber.
Not perfect, but a hell of a lot better than Torture'n'murder's happy fun time NSAbox.
Re: Why was this rejected El Reg?- 'Put it on its own subnet and VLAN, wall it off from everything'
Well now, that's a larger discussion. I'm not sure how much you know about systems administration, so I have to make a few wild guesses in how to explain it.
I am presuming you know how to put multiple systems on their own subnets or VLANs. (I.E. all Windows XP boxes will be on 10.0.100.0 /24 while you rprimary network is 10.0.1.0 /24). If not, the rest of this comment can't help you as you need a lot more fundemental networking knowledge than I can lay down here. (We're talking "design of your network" level stuff that will probably take a few hours of back and forth.)
Presuming you know what a router is and how subnets and VLANs work, let's look at how you can take a system that's pesudo-isolated via subnet/VLAN and really wall it off from the outside world.
1) The Windows XP firewall of it's own is shite. Ditch it and get something better that lets you lock things down more granularly.
2) Deny all by default, then whitelist IPs you want to allow.
3) Get a UTM that supports a SOCKS proxy. This proxy will be your Windows XP box's access to the outside world (and will have to be whitelisted at the XP box.)
4) Have the UTM block all websites/services/applications except those explicitly allowed. Allow those you really need.
5) If you need to allow services through to this Windows XP box - and not just basic websites - get a Palo Alto Networks box. Nothing else will do.
6) Disable *all* protocols you don't absolutely need. IPX/SPX, NetBEUI, IPv6, etc. Even Microsoft file services. If it doesn't absolutely need to be there, bin it.
Garbage in = garbage out. By restricting what can get "in" to that machine down to the very barest minimum core you can minimize the risk of it becoming infected. Frankly, I would bet the security of a Windows XP machine so defended over the security of a fully patched Windows 8.1 machine that is "defended" by nothing more than Antivirus and a NAT box any day.
If you need more help than that, I'd point you at the spiceworks forums, or encourage you to reach out by e-mail. I would be able to either provide you some consulting services directly or get you in touch with a local sysadmin who can do all of the above (and more) to make sure your systems are hardened.
Re: XP Strategy: ''Put it on its own subnet and VLAN, wall it off from everything'.
Hi there, I use this method in practice with my Windows NT, Windows 98 and Windows 2000 systems. The solution is simple: use a proper IDS+Firewall solution to control the access of this subnet to the net.
If you are impoverished, consider a "unified threat management" device. I've used the Netgear devices to great effect, though I honestly prefer Juniper's boxes. You could always build your edge device from a Linux box running snort and squid as well.
The goal here is to figure out what websites you absolutely need to access and whitelist those sites. Then you monitor absolutely every attempt to reach any other website and set up alerts. You use the UTMs + blacklists to make sure that the worst of the baddies are filtered, and the IDS (or IDS components of the UTMs) to do inline analysis of the stream and check for anything untowards.
If you need internet access - no matter how limited - on your XP box, I strongly recommend heading towards a "read only" XP environment (or at least use Deep Freeze) so that when you get infected (and even with all those defenses, it's a when, not an if) you can revert to a "known good" state.
Re: Usb dongles?
Where to even begin...
A) Lots of dongles are supplied by the vendor and are parallel, serial or even SCSI (!) only. In some cases the vendor wants several hundred thousand + application upgrade (which doesn't work with the $7M industrial device, natch), and so on to get a USB dongle. In other cases the vendor simply doesn't exist anymore, or no longer supports the application. Your view of this issue is simplistic and small.
B) A VM is not the solution to all ills, no matter how hard you want it to be.
C) Lots of software will detect that you are using a server OS and promptly refuse to work. You can't shim everything.
D) Anything you can disable by GPO I can enable with a virus. You can't "enable" a glued USB port.
Your solutions are all based on the mentality of a whitepaper-wielding MCSE. Sorry, but we're off the reservation as of today.
Re: Ghostbusters ref?
Get out of my miiiiiinnnnndddd!
Re: Choose your poison @Trevor Pott
Now Talisker I have tried, and compared to Glenrothes it might as well be turpentine.
Next time you're in a decent liqour store, do yourself a favour and buy some Glenrothes.
Re: Choose your poison
Well, on your recommendation, I shall try it.
Re: Choose your poison
"fine Irish whiskey"
These exist? I'll take a single malt, please. Speyside or from the highlands. Glenrothes, if you have it...but Glenmorangie will do.
Internet. Of. Things.
You have been warned.
Re: @ xperroni (was: What legit email admin ...)
Re: Try them both on a 13" retina display..."
Sir, I just howled with laughter so hard that tears were streaming down my face. Thank you. I haven't laughed like that in years. God damn, I needed that.
"is it because they are afraid it would not work? Well, if these other people did it, why can't we?"
Legacy software and/or industry-specific software combine with the back-breaking cost of VDI/VDA/App-V/Thin-App and any other variant on "remotely delivering legacy Windows-based software to non-Windows endpoints.
It takes time, money and expertise to move staff from Windows to Linux, even if you have like-for-like applications across the board. When you have industry-specific stuff dragging you down...
...look, Mainframes are still around for the same bloody reason. Some of them run a dozen layers of emulation so that they can keep an application written in the bloody 60s going, because all the business logic for the entire organization lies in that ancient code. Microsoft will be the same.
The world is moving on. We are moving to newer operating systems and to companies we trust ever-so-slightly more than Microsoft. One Chromebook, iPad, Android all-in-one, Linux desktop and SaaS application at a time.
What you aren't seeing is a wholesale move from Microsoft's Windows to another single platform. Instead, you are seeing a diversity of platforms being experimented with, chosen and carefully refined to meet the needs of the niche that embraces them.
There may never be another "general operating system" like Windows again. The time for a one-size-fits all monopoly is behind us. The future belongs to task-specific devices, operating systems and applications delivered in the manner that best suits the customer, not the developer.
Competition. It's occurring right now, and no matter how much some folks want to desperately deny it, the world has changed forever from the days of Redmondian supremacy.
Microsoft is culturally incapable of making the changes required to foster trust amongst its customer base. That will be its mortal wound. Maybe it will shrink back to a small cluster of die-hard fanboys like Apple, and then come through the looking glass punching above its weight. maybe.
But it won't have the same market conditions Apple did. There won't be just one or two major players to contend with. There will be an army of quality developers catering to every niche, each with a fiercely loyal userbase. It isn't just turning the ship around that's going to be a bitch: the hearts and minds already lost will spread dissatisfaction and affection for the enemy virally. Countering that may not be possible.
Re: I suspect this is brinkmanship.
"so until that date, (unless there is a hideously bad vulnerability discovered) there is no difference from before."
Pffft. Even *I* have unpatched vulnerabilities for XP in my back pocket, and I'm not a professional black hat by any means. Please...XP is wide open and in a little under 48 hours from now killing it dead will become a bloody sporting event.
Re: maybe (What about our dependence on fossil fuels)
Atoms. You can split them. You can fuse them. Energy is released. With the exception of the overly anxious and the very "special", everyone on this planet is aware that we have the technology to meet our energy needs for some time, but choose not to, because of the meddling influence of special interests.
Fossil fuels are temporary. When the new surge of natural gas supplies in the US is gone, we'll see the pivot towards atomic power. In a goddamned hurry.
Re: Real Greens.
Re: Shut the right one down
We have abundant cheap energy. Both in the form of fission for base load and the big ball of fusion in the sky to provide us lots and lots of cheap power (directly, or as wind) for bursty things. All that lovely stuff you want to do that involves neat disposal of waste, extraction, recovery, etc? We can do a lot of that with the "bursty" (I.E. generally available for 8-10 hrs a day) power, whilst using base load for the rest. (Including things like keeping smelters at minimum temperature, etc.)
What it requires is kicking a bunch of NIMBYs in the ASCII and making them realize that without fission, we're all fucked.
Spiceworks can be extended by add-ons to be actually a lot more useful than the OOBE.
This. This is what I want. Start menu on my primary monitor, massive "quick launch" replacement on my second monitor.
Re: Re:Linux running most of the world's servers
>it's only "good enough" until it's "not good enough anymore"
Yes. Name one thing that's not true of. The Pyramids at Giza have been "good enough" for their function (serving as mausoleum and memorial to the grandeur of the kings who commissioned them) for some several thousand years. Eventually, they will fall and be "not good enough anymore." That looks to be quite some time from now, and the lifespan is being extended through maintenance.
I have hammers that are decades old, a clock-radio as old as me, and my neighbor drives a car twice as old as me. All of which are "good enough" until such a point in the unknown future as they become "not good enough anymore."
I fail to comprehend the special wisdom of this statement.
> It isn't broke now, but it will break eventually
Which is pretty much reiterating the above statement. Yes. All things break. What you don't seem to be getting is that:
A) there are enough spare computer parts to keep the computer portion of the exercise in these lathes going for the next decade, at least. Realistically, I've got enough gear on the shelf to get 30 years out of those buggers.
B) The mechanical portion of the unit will make it deceased after the last computer component has burned itself out.
C) The software is the only bit in which there is an artificially planned obsolescence, and (wonder of wonders) the people owning the $7M machine are disinclined to honour the software vendor's desire to introduce artificial scarcity.
So yeah, it's "good enough until it's not good enough anymore." That day is quite some time in the future. Long enough to earn a profit from the unit and either eventually replace it. More likely, the owners will simply retire before the thing gives up the ghost entirely. They mortgage everything they have to buy the unit, they run it (and several others) for a few decades, they pay off the units, make a reasonable profit, retire and die.
It is good enough until it's not. And that's perfectly okay by everyone.
Re: Re:Linux running most of the world's servers
As per one of my previous comments, this isn't possible, as the second part of it's job involves proprietary drivers for ISA cards.
Re: @Trevor_Pott -- This is the fault of Trevor's clients
Microsoft are entirely aware of this article, and the comments. I believe the exact phrase used by one of my contacts was "you just don't understand why it's important that XP die, do you?" As I mentioned in my article: Microsoft talks to loyalists, not critics. That this doesn't appear to be changing at any point in the future is a large portion of my vanished faith in them as an ongoing supplier of business-critical technology solutions.
If you only listen to loyalists you only design products for people who would buy any crap you pushed out anyways. If you listen to critics you can not only understand why you're losing customers, but what you need to do to staunch the bleeding and eventually heal the wounds. Again, as mentioned in the article, to do this would require a culture change from Microsoft. One not in evidence.
Well, I'd love to share exactly how I plan to solve the issue with this machine, but then I'd be spoiling a future article! :)
Re: Re:Linux running most of the world's servers
"Drivers for CNC lathes should be open source"
I agree entirely
"and should allow easy migration to new operating systems."
Again, I agree entirely
"Purchasers should demand this"
Once again, we agree.
"to prevent vendor lock-in."
And now you're living in a dream world. Customers can whine and cry and stamp their feet all they like, but the options are "buy what exists or go out of business/don't start your business." You don't get a say in what is on offer. Developers don't give a fuck and customers have zero pull.
Life sucks and then some fish eat you.
Re: This is the fault of Trevor's clients
@DougS: for the particular folks discussed in this article the machines themselves were designed in the mid-90s, originally with Windows NT 4, though they didn't make it out the door and on the floor until very near the turn of the millennium. They were upgraded a few years later to Windows XP, specifically because the manufacturer wanted to stay with as secure a system as possible.
There are two components to the machine: one is a DOS (or OS/2?)-based controller that accepts raw inputs of files via NetBEUI. That's build into some card that's buried deep within the machine's guts. The second is the Windows XP system that sits on top of a motherboard with a bunch of ISA slots. This has two roles: the first is to drive something very much like an X/Y cutter as well as some sort of pre-polishing unit that makes the whole system go from "block of metal to 99.9% finished piece" in one go.
The second purpose of the Windows XP machine is to run some proprietary software made of out of ground demon that converts a primitive turn-of-the-millenium CAD format into whatever byzantine machine code is required by the system itself. That file is fired off over NetBEUI to the machine for machining, then the Windows XP system coordinates the X/Y cutting and polishing.
The XP box has TCP/IP on one NIC in order to accept input from the proper workstations and NetBEUI on the other side in order to talk to the machine's controller. The XP box is built into some freaking case of ultimate sharp edges and wrist-slitting death about 19 panels into the machine.
The company that made these went out of business ages ago. I remember being part of the migration of the systems from NT4 to XP. (I was not a part of the original purchase decision,) and I have been called back recently to secure the XP boxes for another 10 years of service.
And the CNC folks are only one group I have to deal with. The Photo Lab I work with has a bunch of stupid expensive photo printers that do roughly the same thing as the above; receive specially formatted images into a local buffer along with some metadata, then print onto gigantic printers. These things are still running Windows 2000 because we could not for the life of us get the drivers for the proprietary cards - let alone the stupid software - working under Windows XP.
All efforts by multiple individuals and companies around the world to get these systems ported to Windows 7 have failed, and not for lack of time or money going into the project. The original manufacturer was bought up at least three times. The current owner of the IP won't release any documentation. We're trying to reverse engineer everything, but it's a complicated pig and we're in way over our heads.
I wasn't part of the purchasing decisions on those either, but I inherited them and I have to make 'em go. There are newer printers running Windows 7, and we'll do this dance once more in 2020.
In both cases - and frankly, I could bring up several dozen others, from bakeries to fire halls - alternatives simply did not exist at the time of purchase. If you wanted a widget to perform the specified tasks at the specified rates using the specified materials you had exactly one vendor who made a device and this is how they chose to make it.
Should the people making things like CNC lathes and high-end photographic printers have been making control units out of Microsoft's client OSes? Hell no. That was an idiotic decision on their parts. Is it fair to blame the shop owners who bought the only thing they could buy to make their businesses go? I guess that's a question you have to ask yourself. You seem to think that's cool beans. I call it blaming the victim.
Is it fair to blame Microsoft? Maybe, maybe not. Microsoft did choose to sell these operating systems to the companies manufacturing this equipment. They've never been particularly nosy about how their software got used and that led us to the world we're in today.
Like it or not - and regardless of who you choose to "blame" - the reality is that Microsoft's absolute and total dominance of the endpoint market in the late 90s and throughout the 00s is what got us into this mess. Microsoft's software was what developers and businesspeople were familiar with. So it ended up everywhere. Even in warships!
Microsoft has no legal obligation to support an OS forever. I would personally argue that it is the height of self-importance and arrogance to expect them to support it for free even as long as they have chosen to.
Where I part ways with those who run Microsoft - as well as a number of commentards - is that I believe that part of Microsoft's moral, ethical and social obligations are to offer ongoing paid support at a price affordable by the kinds of SMBs who are ultimately the victims of this mess, without the minimum floor of several hundred systems.
Additionally, I feel that Microsoft's choices in this matter will have long-term repercussions in the trust that customers will be willing to put into Microsoft, something that Microsoft - and many commenter - don't seem to agree with. In fact, several folks seem to feel that I, my clients and everyone else int he world is somehow morally obligated to trust Microsoft. I can't even begin to understand that mindset.
You claim that there aren't enough companies that would pay for this to be viable, I say that's absolute bullshit. I work with some of the most underfunded SMBs in the first world and they would fall all over themselves to get in on that. To say nothing of the banks, governments, etc that would be on it like white on rice. Hell, for $65/year, I'd keep several of my old laptops on Windows XP just because it saves me the hassle of porting their stuff to Mint.
I've talked the numbers over with some of my contacts at Microsoft, RedHat and a few other companies. Largely, they agree with my figures, though they feel I am underestimating how many individual units worth of XP support would get sold at that price.
There is consensus that XP support could be maintained for a decade or more profitably. The biggest issue they have is finding developers that would be willing to shackle the rest of their careers to that OS, so we have some lovely debates about how much money it would take per dev to get them to sign on the dotted line.
Microsoft can make a profit supporting XP for another decade at prices affordable to SMBs without a floor cost in system counts, period. They choose not to. Why is not something they are willing to discuss openly, other than to say that "Windows XP is 13 years old and it is time for anyone using out of support operating systems to move on. Windows 8 provides numerous advantages that will enhance productivity and prepare businesses for the future of working in the cloud."
So if you want to blame someone, that's on your head. That's your morality and your ethics that's causing you to point fingers. I don't really blame Microsoft. They have a choice. They made that choice. I am highlighting the fact of that choice and the real-world impacts of that choice.
The choices Microsoft make determine whether or not I trust them in the future, with what I might trust them and how far. In the meantime, I will help my customers harden their XP systems for continued use. The world will keep turning, but I won't be advocating using Microsoft's software for anything truly mission critical; especially where there aren't many alternatives. Hopefully, my clients will have the option of heeding that advice. They certainly haven't had the choice in the past.
Re: Re:Linux running most of the world's servers
I am curious about how easy writing a driver is when there exists no documentation on the equipment because the vendor has gone out of business. I also wonder how many developers would be willing to "develop a driver in a day" for such a device when screwing up the driver means having 1000lbs of hot metal spinning at 10K RPM come flying at them?
Are you volunteering?
Hence the cost of $500k per dev...
Re: XP will only be insecure if connected
Indeed sir, however, my "how to survive the XPocalypse" article is a few days down the road. I have a list of methods, refined from keeping NT4 and Windows 2000 systems going all this time...
Re: Baker quits Mozilla as well
It's called "tyranny of the minority". A smaller number of influential people can impose their will on society at large, especially if their will is to enforce a now defunct, but previously extant social norm. Poll after poll in first world nations shows majority support for equal rights, including support for gay marriage. Indeed, the bigots are having a harder and harder time getting their way; even notoriously conservative courts are caving to popular pressure and saying that it's illegal to discriminate against gays.
Now, you may personally be a bigot, that's up to you...but the world has moved on. The only bit that should matter to you is whether or not you are willing and able to adapt to the new social reality.
Re: Baker quits Mozilla as well
Also: support for equal rights isn't "a minority." Not even in America. I think you missed the last decade.
Re: Baker quits Mozilla as well
He can have whatever opinion he wants. Privately. As soon as he tries to use his power/money/influence to deny rights to others, however, I will use whatever power/money/influence I have to counter him.
It is just as much a right of free speech to boycott any company that hires him, any product that he works on and to raise a pubic hew and cry against his actions.
Free speech applies to everyone, but actions most definitely have consequences. He chose not only to express speech, he chose to act and the outcry was a consequence of his action.
Do remember that only in corporatist America is money considered speech, the rest of us understand the difference between convincing others with the validity of your argument and putting money towards hiring the best and brightest group dynamics PhDs to put into practice 100 years of applied psychiatry in order to manipulate the world to suit your agenda.
With luck, one day, you (and America) will understand the difference too.
Re: can't afford to test?
The overwhelming majority of my clients can't afford a testlab, yet they need $100K worth of storage. They need storage to make their business go, but for them that $100K of storage is a *huge* chunk of annual revenue.
Buying one because without it the business ceases to function is something that can be managed, with sacrifice. Buying two is likely not even possible, given the revenue situation, and certainly not because the nerds "need to test things on the second one" but can't really articulate what they need to test or why.
This is why people like me build up test labs: multiple businesses combined can afford a proper lab, and someone to run it (me) even when they couldn't afford it on their lonesome. Testlab as a Service, wot?
I understand LSI is in a bit of disarray following the acquisition. Methinks very, very few people will be getting to review these beasties.
Latency is a mostly factor of distance. Some latency can be dealt with by refining the server's config, but mostly it's just down to "the speed of light says no."
Azure can't solve that, no matter how many buzzwords are applied.
"Trevor sucks at Titanfall"
I've never played Titanfall, but yes, I'll admit to sucking out loud on this one. My reflexes in other FPSes are bad enough for me to be among the crappy "cannon fodder" players in any FPS.
Josh, however, is a professional gamer who cut his teeth on Quake. He can hit you with a rocket/rail combo whilst spinning multiple 360s and bouncing around the map enough to make me puke with nausea. The man is a bloody *god* when it comes to this stuff. He isn't the best of the best, but he's good enough to be set apart from the rest.
Some times storage is included in a VM package. Additional storage is extra. All depends on the AUUUGH! PRICING TENTACLE MONSTER!
"A Linux-based Standard A5 instance with 14GB of memory, two CPU cores and up to 4TB of attached disk storage will fall from $0.320 per hour down to $0.22"
AKA $1927.2 /year
Locally redundant storage: 1TB = 294.912 /year
Zone redundant storage: 1TB = 368.64 /year
Geo-redundant storage: 1TB = 589.824 /year
*Does not include cost of Azure bandwidth or your own bandwidth to move files.
Re: @Trevor Pott
My understanding of how this works comes from reading Michael Geist's blog (he's a PhD who makes it a business to know about such things) and talks with the OpenMedia.ca folks. (Digital media lobby here in Canada.)
You are 100% correct in that CSEC believes it does not need court approval for metadata collection. This, however, is in violation of our charter of rights and freedoms and is currently winding it's way through court. Unlike in the US, we can challenge activities of our spooks, even when they are "secret."
Again: hearings are indeed held in secret when national security is on the table, (as is logical) and the only folks in the room as those with security clearances, but the forms and rules of a proper trial are followed. It is not a deliberation by judges nor dictation by fiat.
How secret decisions are allowed to remain is currently under review by both politicians and the judiciary. There is an acknowledged requirement for some decisions to remain secret while national security interests remain active, however, pretty much everything about the rest of our laws says no judicial decisions should ever be private.
The generally agreed upon middle ground is that decisions will be reviewed regularly and declassified as soon as possible instead of kept classified for decades past any possible relevance. Who exactly sits on the review panel and the frequency of reviews are currently the subject of political manoeuvrings, but the government has been warned that the judiciary will brook no US-style "forever secrets" in order to cover up political blunders or breaches of law by the government.
So yes, things are not as open as I would ideally like, but our judges are still pretty firm on the concept that nobody - from spooks to politicians - is above the law. The spooks disagree, and the next two or three years of suits about this will be quite entertaining...but at least we can take the bastards to court here.
What's really interesting is the push from many politicians - and several members of the judiciary - to have foreign data stored within Canada given the same rights and protections as data belonging to Canadian citizens. America barely acknowledges that non-Americans deserve basic human rights; There is basically zero chance that within my lifetime the USA is going to declare that I, a dirty furriner, have the same rights to privacy, due process and so forth as an American citizen.
So yeah, Canada has a ways to go to clean this up, but I think we're on the right track towards a more free and equitable society. Unlike the US, I think the worst of this big brother bullshit is behind us here.
I don't believe that this is being done (from the political side) because of morality and goodwill. I think that politicians are biting on this because they see a real economic advantage to cultivating high privacy standards here in Canada. "Put your data on this side of the border, eh? We're close enough to the yanks that you can suck the money out of 'em, but our laws are ever so slightly less asstastic."
Re: @Trevor Pott
So far as I understand, the judges who review national security issues have an extremely limited mandate, and their decisions can be challenged in the Supreme Court. (Though the hearing will be sealed until the court makes a decision.) The laws they implement aren't secret, nor are the legal interpretations they arrive at. What is kept secret (for obvious reasons) are the details of cases involving national security.
What should be pointed out is that these judges don't exist simply to rubber stamp requests for spying. They handle all cases involving national security. In any rational world, it makes perfect sense for such a panel of judges to exist, so long as there exist concepts such as "national security."
I've never had an issue with the concept of a court that handles secret things. I've had all sorts of issues with how those courts are run, specifically, the ability to challenge decisions and the ability to even gain access to the results of past judgements. I.E. are the people expected to be held to the standards of what amount to secret laws?
There are lawyers in this country with security clearance. Even if their clients cannot be party to a a suit, they can be represented appropriately.
Have the conservatives done a shitload of damage to our rights and freedoms since taking over? Yes...but the difference between Canada and the US is that we can (and do!) challenge this crap in court...and win. The conservatives try to give sweeping powers to CESC and CSIS; the Supreme Court kills the laws on constitutional grounds and then makes the government go back to the drawing board and come up with something that's actually constitutional. It doesn't take decades here; it takes only a few years.
More to the point, to my knowledge there is no concept of "you aren't able to sue the government for that because you aren't clear to see the information about whether or not you have standing." If you believe there's something untowards going on, you can get a lawyer with clearance and the trial can be held, even if you cannot yourself participate. (Bizzare, but there it is.)
And if the government loses one of those...it isn't covered up. If the government does something unconstitutional then it must be declassified. At least, such is the theory. We are currently seeing how this will all play out in practice.
I agree wholeheartedly that governments will be governments, but the separation of powers still exists here in Canada, despite the PMO trying to eliminate it. The government can be as corrupt as it wants, the court will slap them down and the mounties will still haul their asses off to jail one asshole at a time.
Ultimately, there's the difference. I don't believe for a second in the American courts. I don't believe for a second that they will stand up for your rights or freedoms. Your government has gotten away with obliterating the fourth amendment of your constitution without a fight and they are working damn hard at obliterating the first.
My government would like to do the same thing. Our courts repeatedly deny them the option. For now, at least, there's the gap: we are still nominally in control of our government.
It's getting worse. Day by day. Conservative judicial appointment by conservative judicial appointment. But we're a long way from as corrupt as America. A long way.
Re: @Trevor Pott
"However, Canada has the CSEC and its own FISC-like secret courts"
Wrong. We have CSEC, but no secret courts. CSEC still works out in the open, and our Supreme Court has absolutely zero issue with slapping those bastards - or the conservative government - upside the head with a trout if they get out of line.
Besides, even if we did have secret courts, they'd be our secret courts, not American ones. The only laws in play with be those of my own nation. That's a huge difference, especially as regards my legal, moral and ethical obligations to protect the data of my clients.
As for Switzerland, their legal processes regarding privacy are far better than anywhere else. I trust them more than any other country on earth, and far more than I trust America or Americans.
It isn't about keeping the information secret, it's about due diligence. It is about doing everything I can to keep that information away from those who would misuse and abuse it. America has misused information, is misusing information and will misuse information in the future. That country nor her people can be trusted. They conduct economic espionage even against their allies, and they spy on innocent civilians (even amongst their allies) and then hand that data off to people like their bottom-of-the-barrel border patrol. There, power corrupts quickly and absolutely.
So even if Canada's spooks are just as secretive (and I don't believe that for a second), Canadians and Canadian data have a path to address any issues within the framework of Canadian law. We have no rights and now powers to address abuse by Americans...and abusing information is simply what they do down there.
"So, judging by the comments here, despite Microsoft going out of their way to tighten up their privacy, that's still not good enough?"
Microsoft are not going out of their way at all, and they certainly aren't tightening privacy nearly enough. They also are one of the few major technology companies not out there fighting the good fight to the tune of a few billion to ensure that their lobbying might is used to pressure the government into reducing the instances where our mails can be read by busybodies or spooks to as near zero as is realistically possible.
In addition, Microsoft have the technology available to them to decouple their cloudy services from America, but choose not to. They have this "cloudOS" thing: install a private cloud on your own servers, on the servers of service providers, or use the Microsoft Azure public cloud. But they don't offer Office 365 for Service Providers. They don't offer the backend for Hotmail or many of the other "cloudy" services. If you want this stuff your only choice is an American company, and that is completely, utterly and totally unacceptable.
If I am going to shot my stuff int eh cloud it will be with a Canadian (or Swiss) company that hosts in Canada (or Switzerland) and has no American legal presence what soever. Zero legal attack surface in the USA is the only acceptable means to obtain privacy. Microsoft can choose to do this tomorrow. Until they do, they absolutely haven't done enough.
"Microsoft can't win because despite zero evidence to support the position, people still believe Microsoft are the bad guys."
Microsoft are the bad guys. Microsoft have repeatedly said "fuck you" to developers, customers and partners. It isn't ever any one thing with them...it's the hundreds and thousands of things over the years that ultimately boil down to their attempt to force the market to conform to their wishes instead of finding out what the market wants and providing that.
I could provide Microsoft with a list of over 100 specific action items that would not only rebuild trust amongst developers, partners and customers it would increase their profits and ultimately serve their long-term strategic interests. I have to believe that Microsoft, for all it's money, has people smarter than me working for them. Thus it is that I am absolutely Microsoft chooses not to implement any of the tactical changes required to rebuild trust. From that I deduce that they don't give a bent fuck about developer, partner or customer trust.
We are, to Microsoft, their chattel. We exist to serve them. They have forgotten that in markets where competition exists, the exact opposite is true.
Re: Mobile SIP Clients
I use an Asterisk server for company phone provisioning. We use Polycom phones, some desktop clients, the native Android client, etc. TL;DR comparison: 3CX is way easier to get set up and it seems to be a heck of a lot easier to use advanced features with. Call quality is about the same.
For any clients that want the ability to twiddle the knobs of their own deployment, 3CX is the easiest SIP system I've encountered yet. That makes they worth serious consideration for future rollouts, at least to me. I dislike faffing about with phones, so "easy" sells. :)
I wonder how accurate those stats are. I number of XP boxes are hanging around running industrial machinery so they never hit the web. A bunch more have automatic update disabled, lest the AU flaw that pins your CPU all day long bite you. I suspect there are quite a few more XP boxes out there than are officially counted.
Re: chess playing
Explain to me how any chess grandmaster does anything other than "brute force" the game? They think multiple steps ahead, exploring dozens if not hundreds of simultaneous potential scenarios. Experience teaches them which moves are "generally good" and which are "generally bad." All of this is just a less efficient way of doing what the computer does, less accurately.
Re: " all intelligent devices - notebook, slabbies and smartphones"
"I don't understand why my initial post attracted so many downvotes"
Have you considered "because you're a tool?"
DNT is nothing but a parlor trick for the masses and you know it. Beyond licensing there is a lot to be upset with MS about. How they've treated partners, for one. For another, their outright hostile attitude towards their customers.
Microsoft tries to force the market instead of responding to it. At the end of the day, that's the crux of it. Google responds to the market. Both of them track you, but Google's better at it.
- Just TWO climate committee MPs contradict IPCC: The two with SCIENCE degrees
- 14 antivirus apps found to have security problems
- Apple winks at parents: C'mon, get your kid a tweaked Macbook Pro
- Feature Scotland's BIG question: Will independence cost me my broadband?
- Driverless car SQUADRONS to hit Britain in 2015