No one wants support for toasters and washing machines. We're talking general purpose compute hardware. TCP is also supported on all these devices. Quite frankly, it's probably easier to implement, if you are not fighting a locked-down OS like iOS.
How to do you factor in the military demand for Starlink?
If you follow the war in Ukraine, there is absolutely no denying that Starlink is a total gamechanger. Mostly because it's inherently hard to jam, but also got acceptable latency allowing for unrestricted FPV strikes. Because of this, Ukraine seems to have achieved Russian air-defense degradation to the point of limited "free hunting" in the deep.
In that use case, even "AI in space" kinda make sense to me, for future drone developments. One-way drones don't have to waste expensive compute for autonomy, when the compute can be in space above. This would save one RTT for drone control, too. For cheap, jamming resistant swarm (semi-)autonomy, to overwhelm AD, it seems like the perfect solution.
The cat is out of the bag, there is no way the military will ever let go of this capability. Cheap drones are the future, LEO sats provide the comms. There will be long running service contracts.
I see the civilian use rather as a "peace time" subsidiary, now, but the main customer will be the military. And due to SpaceX's launch platform and commercial offering, it's giving the US a hard technological edge in warfare, since it's difficult to afford a LEO sat network without cheap launches and civilian co-pay.
I am too stupid to make a proper economic argument, but it seems like a clever and sustainable business model :D Would love to hear your thoughts!
Famous last words. https://t.me/kcpn2014/3890
The [Russian] Analytical Center of KCPN has conducted a large-scale study of the [Ukrainian] hidden military infrastructure, which provides Ukrainian forces with stable communications along the entire line of contact. The focus is on the “BakhmutTelecom” project — a military mobile network operator (3G and 4G) that was deployed practically under our noses back in 2023. We often attribute many of the enemy’s successes to Starlink, although in reality these are the result of organizational, not technological, advantages.
The civilian cover for “BakhmutTelecom” is J&Y LLC, which in fact serves as infrastructure for purely military tasks. The network comprises around 2,500 towers, 36 or 50 meters tall, arranged in three tiers. They are interconnected via underground fiber-optic cables and microwave relay links.
It's true, it was a bit hyperbole. No civilian really knows what's up. Should have stated it accordingly. It's the apparent observer's consensus.
Yet, the Russian cut-off from Starlink was incredibly notable, organizationally and the recovered FP-1/FP-2 drones featured Starlink terminals, so no use denying that.
Ukraine certainly didn't build 3G/4G in occupied territory. Consider the radio horizon for a 50m tower. In proximity to targets, it absolutely can be jammed, and Russia is very capable of doing so. We see none of that in those deep strikes. Those drones seem to be completely resistant to EW, which implies a connection from above (can only be effectively jammed from above AFAIK). The latency seems notable, but stable.
Now, of course, Starlink alone wouldn't have defeated AD by itself, magically. That's mostly good strategy and intel. However, Starlink made those FP-1/FP-2 deep strikes way more effective and simple (compared to using relays and mesh networking, hoping EW hasn't caught up). Starlink allows to have stable video feeds until impact. No need for autonomy, radio tracking, terrain mapping... just a reusable pilot and a cheap drone. That's huge and a significant tech advantage. If Russia had this (and the intel) for their overwhelming numbers of Geran drones, Ukraine would be in a very bad situation, I think.
Apart from that, Starlink was also instrumental in exfiltrating information about the Iranian protests. It's just a jamming/censorship resistant technology evidently effective against most competent adversaries.
That said, due to the importance of Starlink, I think escalation to/focus on orbit denial attacks seems likely, for any nation which can't afford their own LEO sat network, or existentially utilizes censorship/information control. Especially since (low) LEO debris will deorbit rather timely, it's not exactly a permanent damage to human space flight. Therefore Starlink's military success may be self-limiting and temporal, since the satellites themself are not at all immune to asymmetric attacks.
> I wouldn't call this "known security issues", it's an inherent problem with any signup or forgot password page.
It's not inherent, though! Easy, definite fix: Reverse the communication relation. If the user has to open their mail app anyway, you could simply require them to send an email to you, instead of vice versa. This would solve the problem completely. (If spoofing the sender could be done reliably, the service wouldn't be involved in the first place.)
Now, it would slightly increase friction and lower convenience. That's why it's not done. It's inherently incompatible with dark patterns, data collection and questionable new user acquisition, but this too could be solved through standards and integration - without making Cloudflare de facto infrastructure necessity!
Possible convenient, better solutions: Have the browser send this mail, either by passing a template to the mail app, integrating SMTP into the browser/addon, or instate a novel authentication protocol, which in fact may remove the human interaction completely.
As if 2FA security was the main motivation for asking for email, and/or phone anyway. Companies want user IDs, if possible UIDs, as soon as possible to increase user data value and gain marketing opportunities. I once had a "welcome mail" after typing in the address, before sending the form. Yeah...
'Inherent' has an absoluteness, which I disproved. Relying on email, is inherently troublesome, I agree.
But as I said, it's not about what's technically, or ethically mandated, but what's ensuring users won't get annoyed (getting bombed with mails is bad PR). Companies collect all these IDs for their (future) shareholders first and foremost. Asking for email doesn't alert people. Phone number would be more alarming, but that's still becoming the norm. They would ask for a picture of your passport too, but ... oh, wait!
Casually integrating Cloudflare into everything (incl. TLS termination lol), only makes data collection incentives greater. Let's not give in by declaring Cloudflare a fundamental necessity. Or do, but don't complaint about your disowned life as cattle.
Cloudflare has a stranglehold on the internet, but its marketshare is much lower than the incumbant email giants. Aprroximately 70-90% of all email goes through Google & Microsoft. You're trading one benevolant toll keeper for another... except those two give you no recourse should you end up on a sh*tlist or don't meet their unspecified and forever changing criteria for being a recognised mail provider.
Things I hadn't had on my bingo cards, in this or any universe: Me really looking forward to a new PewDiePie video! Guy has become a wholesome tech entertainment retreat for me. It's like Martijn Doolaard, but Linux instead of Alps... I can't stress enough how wholesome and pleasant the content has become. Or maybe it's been always like that, and I was just an ignorant snob...
Granted, I have SponsorBlock installed, so the occasional predatory supplement stuff gets cut, but he also kinda made clear he's rich enough and not in it for the money anymore - and I tend to believe him. PewDiePie won life, chose sanity and took the anti-corruption path. Bless him and his family, and God please, let it be real!
I think, it's not unreasonable to see basically a verifiable reference single-purpose gaming OS everyone has to use in competitive esports games. Steam and Linux are probably positioned well there.
Would be hilarious, if all gaming ultimately settles on a hardware independent console platform running on a locked-down linux! This would really please and piss off every faction at the same time. But honestly, not the worst compromise IMO.
Privacy minded Linux users probably also know, spoofing your user agent is likely to increase fingerprint entropy and actually decreases privacy. It may have been true in the past, but I don't think anyone even recommends it anymore.
There's still plenty of web sites that check the OS and if it's not Mac OS, Windows, or Andoid it's no service for you. Faking your UA is not always about privacy, it's about defeating stupidity.
You should only do this on websites that actually require it otherwise you're almost certainly going to cause more problems than you'll solve.
Messing with the UA header is going to get you flagged by every bot detection tool because when you change your header from "Firefox on Linux" to "Chrome on Windows" your fingerprints don't add up anymore and you look exactly like a poorly written bot. You're likely going to see more captchas, you might get blocked or rate limited more often, and get placed under increased scrutiny, orders held for verification, silently filtered or shadow banned, etc.
Browser yes, but OS? Rarely, I have issues with Firefox, but never had Chromium not working, too.
It any case, it would be silly to assume services measuring OS popularity would put up such limitations. And more likely than not, people are changing their UA as a work-around on a case-by-case basis than make it a default, since that's gonna cause trouble.
In the last decade, the only time, I actually had to touch the UA is when breaking ToS with curl :D
The only websites that really do this anymore are ones that are delivering native code for those platforms or those that require DRM that only work on those platforms.
Even when that is the case (what is a minority of the time), just because I'm using Linux, it doesn't mean that I don't want to download some Windows software.
But well, I haven't had to spoof my browser's UA for a few years. If some site refuses it, I'll just move on. (Including some that started doing it after I brought thousands of dollars worth of stuff from them.)
The EFF's "Panopticlick" paper was published in 2010 [1], together with Firefox/Tor research that knowledge became mainstream. Therefore privacy guides don't recommend it. The Arch wiki linked above has this warning in bright red:
> "Changing the user agent without changing to a corresponding platform will make your browser nearly unique."
Sorry, I am not sure, if arguing about nuanced reality is the battleground, where I see you thriving.
> They offer free accounts for non-commercial use with the caveat that all of your documents must be public.
Major caveat! Also online access required.
And if you decide to upgrade, the next tier is 1,410€ per year.
For that amount of cash, FreeCAD can abuse and torture me quite a bit. Lol.
Also at the rate FreeCAD is developing and improving now, if more people would drop just 1k€/ donations into FreeCAD/OCCT, chances are your pains will ease rather sooner than later.
The recent base Framework 13 would cost you $1,170, Ryzen AI 5 340, with 16GB RAM, 512GB SSD and 4 full featured (USB4) USB-C ports. Note: You can buy the RAM and SSD separately, Framework even links PCPartsPicker (no price for 2x8GB RAM, so price is for single 16GB). How much storage space does your last gen M4 Macbook Air come with? 256GB would be irrelevant for most anyone, as you cannot upgrade... unlike with a Framework, where you can upgrade everything.
You are comparing dissimilar things, anyway. On a recent Macbook, you are hard stuck with MacOS. If you don't want MacOS (or ARM for that matter), Macbooks could be free and it's still the worse deal. Macbooks are subsidized by pushing you into the increasingly locked-down software/hardware ecosystem, where Apple is rent seeking. Paying for a firewall, or virtualization environment is mostly unheard of in the Linux world. It's like a cheap printer, where the real cost is DRM protected ink.
On a Framework you have excellent support for both Windows and Linux. You are free to do whatever you want.
The recent base Framework 13 would cost you $1,170, Ryzen AI 5 340, with 16GB RAM, 512GB SSD and 4 full featured (USB4) USB-C ports.
$1,170 for a laptop that uses one of AMD's lowest end laptop chip. The M4 Macbook Air can be had for $750 often. It's superior in every single way as a laptop including vastly superior performance, battery life, screen, touch pad, build quality, portability.
You can buy RAM and SSD for many other much cheaper Windows laptops too. I don't see why anyone should buy significantly overpriced Framework laptops.
You are comparing dissimilar things, anyway. On a recent Macbook, you are hard stuck with MacOS.
macOS is excellent, much better than Windows nowadays. If you're a dev, macOS is also generally superior to Linux since dev tools often come out on macOS before Linux. macOS is also generally a much better machine when you're not doing dev work.
You can argue about how Framework is better here and there but in reality, Framework only makes sense for 0.001% of laptop buyers, maybe less.
No one wants support for toasters and washing machines. We're talking general purpose compute hardware. TCP is also supported on all these devices. Quite frankly, it's probably easier to implement, if you are not fighting a locked-down OS like iOS.
reply