Interesting question! I would assume that some invoice must be generated, but it can be in electronic form (e-mail). Getting this right internationally is still a major problem as far as I'm aware, but would love to know if there is a (cheap enough) service that solves it...
Opera had something called Unite just before it went under; it was a web-server that ran on the browser and allowed you to connect to friends p2p for sharing, etc., it wasn't quite there but it had the concept of the 'net as _the_ social network without intermediates.
I was really excited by the concept and thought we were on track to have "the next Facebook". Primarily it needed caching to handle self-hosted content not being always on.
Still hopeful we can move on that direction so we can self-host and publish to different platforms, etc..
This doesn't make sense to me. Ok, so I understand that it is time consuming to take the first measurement, but I would assume that the first bra would be expensive, but all the next ones would be much cheaper (if it's the same model) or getting cheaper and cheaper with each order. What am I missing?
As the article says, they're all custom-fabricated to match the exact dimensions of a specific person. These are one-off, custom bras. There's little economy of scale possible.
It sounds like the plan is to eventually automate fabrication in order to achieve such economies of scale; that they're currently doing it manually in part because they didn't yet have enough information to properly automate.
Am I missing something? Google gives me the creeps as much as it does to any sane person, but if I understand correctly, DDG is comparing just the variation of results on each page. This doesn't mean that you're still in the (same) bubble when you log out.
How about comparing the logged-in data with logged-out / private tab data? Did they find these two sets related? If not, G could be just implementing some sort of A/B testing on grand scale (learning from clicks and making search algorithm better).
EDIT: a better solution would be if the store itself allowed you to inspect the source that went into building the plugin. Then you would only need to trust the store itself, which you already do (when you trust the browser).
It's quite common among many groups of people to download and install locally as it also protects you from unwanted automatic updates. For instance, those using MetaMask or Scatter to interact with a blockchain are often advised to install the extension offline.
Not sure if I understand this correctly, but the attacker's JS must load the pages in question to see if they are in cache, right?
Wouldn't that put also them in cache, which means that next time this technique is used it will not work? Even more, there is now plausible deniability: "I never saw these pages, I guess some JS must have been snooping around and put them to my cache..."
And the logical workaround is disabling cache, which helps fight against other tracking techniques too.
All in all, this doesn't sound so worrying. Unless I missing something?
Execute better. It depends on the idea what this means, but in general your product should be a better choice for the customer than the competitor's. You probably won't be able to achieve that for all customers, but the more you convince you are better for them, the more market share you will have.
Or do like Uzbekistan has done, force all local computer stores to install a trusted root CA in the operating system before it gets to the hand of the end user. You can transparently MITM TLS1.2 if the system trusts the mitm operator CA. Maybe 0.01% of people even know where to look to examine their windows 10 machine's trusted CA list.
Naturally! Well - except for the diplomatic disaster this would turn into if you did it on foreigners.
I think most people exaggerate the technical capabilities of the Chinese government and how interesting they are for them. Sure, we shouldn't be naive, but a drop of realism is always good.
The difference is in the degree! I don't think the Chinese could or would decrypt all foreigners traffic (and I did mean TLS but use the more well-known SSL name) but if the question is "As someone with a trip to Beijing on the horizon, aside from using a VPN, are there any other best practices to keep data secure while traveling there?", the answer is very clearly don't connect to the internet.
I don't know the person who asked the question, whether he is a realistic government target or just some normal person but there are enough reports of cache poisoning, VPN control/blocking and Chinese hijinks to know that if you are worried about them, don't connect. Mind you, the same fear applies to the US and UK as well.
