Comments - Why Google Won't Kick Flash... - TechHui2024-03-29T14:48:01Zhttp://www.techhui.com/profiles/comment/feed?attachedTo=1702911%3ABlogPost%3A76372&xn_auth=noI had a long reply but Ning a…tag:www.techhui.com,2011-03-01:1702911:Comment:760242011-03-01T09:44:27.082ZBrianhttp://www.techhui.com/profile/Brian268
I had a long reply but Ning ate it... and I'm not typing that out again ;)<br />
<br />
Basically while I do agree that many users will benefit from this, I'm skeptical whether the overall threat profile will diminish. Information is big business - and as long as there is little recourse for consumers whose information was mishandled - businesses will not generally put a big priority on protecting it.<br />
<br />
That's just reality. Companies already have the law on their side when it comes to protecting their IP.…
I had a long reply but Ning ate it... and I'm not typing that out again ;)<br />
<br />
Basically while I do agree that many users will benefit from this, I'm skeptical whether the overall threat profile will diminish. Information is big business - and as long as there is little recourse for consumers whose information was mishandled - businesses will not generally put a big priority on protecting it.<br />
<br />
That's just reality. Companies already have the law on their side when it comes to protecting their IP. Until we as individuals have more rights over information that can negatively impact us - this is all academic.<br />
<br />
In that sense, large ecosystems like Google can be good. Their business model requires people.. and for people to be doing lots of stuff within it. In order for us to stay within it, they have to treat us fairly well. They can exercise clout and a mutualistic relationship can come about.<br />
<br />
Because security in the 21st century is about companies protecting their business model from parasites - who are often their users as well. First, the more *nix based sy…tag:www.techhui.com,2011-03-01:1702911:Comment:763882011-03-01T06:23:37.292ZJames Pakelehttp://www.techhui.com/profile/JamesPakele
<p>First, the more *nix based systems the better, I'm including OSX and iOS in this as well. Thought not impervious by any means the system inherently restricts access to system files and services. This lessens the impact of things spreading. I realize this may be beside the point but just thought I'd throw it out there.</p>
<p>Second, it takes the management of security out of the hands of users who are usually very lax in keeping up with patches and updates and into the hands of server and…</p>
<p>First, the more *nix based systems the better, I'm including OSX and iOS in this as well. Thought not impervious by any means the system inherently restricts access to system files and services. This lessens the impact of things spreading. I realize this may be beside the point but just thought I'd throw it out there.</p>
<p>Second, it takes the management of security out of the hands of users who are usually very lax in keeping up with patches and updates and into the hands of server and database administrators. I've witnessed offices systems and operations come to a halt because ONE person had a virus on a USB key and their out of data virus scanner let it by. Again nothing is bullet proof and yes some admins aren't up to snuff but a cloud or server centric system usually means that the people responsible for providing the system with security are more knowledgeable than the average user. </p>
<p> </p>
<p>I agree that Google is heading the problem off by providing two step verification to their services, which I did enable. It is't as cumbersome as I thought it would be. And, yes, if Google wants you to trust them with all your data they need added security steps. Although, I admit, I put everything on their servers even before that.</p>
<p> </p>
<p>So, shifting the burden does offer some elevated resistance to attack. By taking the responsibility out of the hands of people that believe if they enter their FaceBook user name and password they can find out who's been visiting their page. But you are correct it does make the honey pot a lot more appealing. </p>
<p> </p>
<p>With the shift being accompanied by machines like the CR48 (or it's market models) it makes the platform a lot more secure, by locking down many of the possible entry points. On a ChromeOS machine, you can't install anything, this includes viruses. The CR48 is also equipped with a mechanism does a step by step verified boot that restores system files that have been tampered with from</p> Also I think you haven't quit…tag:www.techhui.com,2011-03-01:1702911:Comment:763872011-03-01T04:38:41.954ZBrianhttp://www.techhui.com/profile/Brian268
<p>Also I think you haven't quite realized your own paradigm - the concept of "my machine" is meaningless once your hardware is a throwaway and your computing environment can instantly appear anywhere. It's just the machine you happen to be using at that time.</p>
<p> </p>
<p>With the shifts we're already seeing in group workspaces, away from closed offices, it will be interesting to see the impact on collaboration and group dynamics.</p>
<p>Also I think you haven't quite realized your own paradigm - the concept of "my machine" is meaningless once your hardware is a throwaway and your computing environment can instantly appear anywhere. It's just the machine you happen to be using at that time.</p>
<p> </p>
<p>With the shifts we're already seeing in group workspaces, away from closed offices, it will be interesting to see the impact on collaboration and group dynamics.</p> While I agree with many of yo…tag:www.techhui.com,2011-03-01:1702911:Comment:763852011-03-01T04:35:50.407ZBrianhttp://www.techhui.com/profile/Brian268
<p>While I agree with many of your points, I'm a little lost on how any of this prevents malware from spreading or how it makes information more protected, etc. As the value of a platform increases, so does the value of targetting it.</p>
<p> </p>
<p>The fact that Google has recently added out-of-band authentication mechanisms such as sending a code to a cellphone tells me they see the coming storm.</p>
<p> </p>
<p>While cloud computing may help to shift some of the burden off the user's device…</p>
<p>While I agree with many of your points, I'm a little lost on how any of this prevents malware from spreading or how it makes information more protected, etc. As the value of a platform increases, so does the value of targetting it.</p>
<p> </p>
<p>The fact that Google has recently added out-of-band authentication mechanisms such as sending a code to a cellphone tells me they see the coming storm.</p>
<p> </p>
<p>While cloud computing may help to shift some of the burden off the user's device and onto the infrastructure, this doesn't make the platform as a whole more resistant to attack. In some ways it can be said to weaken it. Simply centralizing the infrastructure may make it easier to watch, but that doesn't necessarily make it easier to protect. This manageability aspects are arguably cancelled out by the fact that if it is compromised, the impact is far more substantial.</p>
<p> </p>
<p>So in other words you may go from a high risk (lots of devices, hard to manage), low magnitude (impact of any one or several compromises is contained) = moderate vulnerability scenario to a low risk (dumb devices, easy to manage), high magnitude (compromise of infrastructure is a nightmare) = moderate vulnerability scenario.</p> I admit, I didn't see what th…tag:www.techhui.com,2011-02-27:1702911:Comment:763742011-02-27T20:17:10.491ZJames Pakelehttp://www.techhui.com/profile/JamesPakele
<p>I admit, I didn't see what the big deal with Flash was at first. However, when I realized that just by including Flash in the Android, Google has enabled every web app out there, whether in the Chrome Web Store or not, I saw the genius in it. With Apple refusing to include Flash and alienating them every chance they get they are just giving Google more ground and putting themselves deeper in to the corner. </p>
<p>I admit, I didn't see what the big deal with Flash was at first. However, when I realized that just by including Flash in the Android, Google has enabled every web app out there, whether in the Chrome Web Store or not, I saw the genius in it. With Apple refusing to include Flash and alienating them every chance they get they are just giving Google more ground and putting themselves deeper in to the corner. </p> Very insightful post James. I…tag:www.techhui.com,2011-02-27:1702911:Comment:765522011-02-27T19:55:26.406ZKevin Luttrellhttp://www.techhui.com/profile/KevinLuttrell
<p>Very insightful post James. I concur completely. The problem with Apple's spin machine regarding Flash is that it worked when the iPhone and iPad were the only kids on the block and the Flash 10.1 player hadn't been released-- so most consumers took Apple's statements at face value and lined up at the throne of Steve Jobs to worship Apple and decry Flash. Although Apple's stuff does look cool, the functionality in the market is leveling off. In other words, Android and iPhone offer basically…</p>
<p>Very insightful post James. I concur completely. The problem with Apple's spin machine regarding Flash is that it worked when the iPhone and iPad were the only kids on the block and the Flash 10.1 player hadn't been released-- so most consumers took Apple's statements at face value and lined up at the throne of Steve Jobs to worship Apple and decry Flash. Although Apple's stuff does look cool, the functionality in the market is leveling off. In other words, Android and iPhone offer basically the same functionality these days. However, by not including Flash support, consumers see a big hole in the content they want to view-- and realize that Apple's BS regarding Flash was all smoke and mirrors. The Flash player is a plugin but so what. It's stable, works on all platforms equally well, and is extremely versatile for developers. It's no surprise that Google is moving full steam ahead with their support.</p>
<p>(note: this isn't an attack on HTML5 or an HTML5 vs Flash debate so simmer down with that line of thinking)</p>