The + operator was removed despite being there for a long time.
Also there's a whole bunch of wrong info in the article. The most blatant one is that they claim google by default performs an AND search, which even a cursory use of google will demonstrate is not true.
>Search for X and Y. This will return only results related to both X and Y. Note: It doesn’t really make much difference for regular searches, as Google defaults to “AND” anyway. But it’s very useful when paired with other operators.
The author must be using a different google than me. It's been many, many years since google functioned as an AND search. It very frequently decides to drop one or more words from my search if there is a low number of results, it's extremely annoying. Once you could force the old behaviour with +<term>, and then later with quoting ("term"). Both of those now also tend to drop search terms for me.
If anyone has an actually reliable way to get a real AND search out of google, I'm all ears.
More precisely, an expiration timestamp is embedded in the repository metadata.
Packages in debian and derivatives are not signed. Instead, the manifest that lists all the available packages and their checksums is signed. That's also where the expiration data is stored.
Onion services can have various goals. Hiding the server is a very common one, but it's not always the case.
For example facebook runs an onion server for their service, they don't need to hide the service itself. So they configure their Tor relays with no anonymity on the service side (HiddenServiceSingleHopMode 1) and get better performance.
Such non-anonymous onion services can have many goals, for example:
* Reducing load on Tor exit nodes
* Providing users a secure, authenticated connection without depending on the CA system (assuming you got the URL through a secure channel the first time, you know only the key holder can provide service on that host).
* NAT traversal for services that otherwise have no need for anonymity
It's not so much that they can't be used 24/7, but that Li-Ion batteries really don't like staying at 100% charge (nor 0% either for that matter).
If you can configure your laptop to only charge the battery to ~80% or so, you'll extend the battery life significantly. The optimal range for long-term storage is ~40-60% charge.
I'm okay with cheap/counterfeit goods for some items, if I know what I'm buying and the price reflects that. I'm not okay with paying full price and receiving a worse product than I paid for.
Examples of things I would not buy knockoff/counterfeit would be power supplies, battery packs or anything dealing line voltage due to the obvious fire hazard. Examples of things I am fine with buying off aliexpress might be flash programmers, project boxes, clothes, etc.
Also, the examples I gave off amazon were not counterfeits, but rather wrong products. I bought a 12TB HDD and received a 6TB one from the same brand. Obviously I'm not okay with that, having paid full price for the 12TB one.
I haven't played any of these games either, and the kinds of "press a button in time to make stuff happen" events you describe are something I really hate in games, so I don't think I will.
That said, your description of the illusion of choice in the story... sounds like every story-based videogame ever. I've been playing games since the 90s, and I can't really think of any such games off the top of my head where your choices will lead you down a completely different path.
Commonly the game will have different ending cutscenes depending on your choices, but the main story quest always takes you to the same locations.
Deus Ex was lauded for giving you choices, but you always took the same general path through the game. Maybe you saved that character and then you meet him again for a short conversation much later - but it didn't really matter.
Planescape Torment is often described as the best story-driven RPG ever written. While it had lots of optional sidequests and offered the option to roleplay your character in loads of different ways, in the end you always took the same path through the main storyline.
These are just two examples of higly rated, character- and story-driven games that happen to be among my favorite games of all time.
It's understandable, after all creating content costs money, and content that won't be seen except by a tiny minority of players seems like a sunk cost to the developers.
Probably they will be the only sellers for these items, so no counterfeit problem there. I doubt this will fix the situation for other items.
Personally I've switched away from amazon, after twice in a row getting a box with a switched item (HDD and SSD, respectively, both replaced with smaller and cheaper versions, and both "Sold by and shipped from Amazon"). Amazon support was good, they replaced the product, but it's a hassle to have to return-ship and wait. Now I either buy off aliexpress (if I'm okay with cheap/counterfeit, which is fine for many items) or local stores (if it's a product where I really care about quality).
The article is actually rather vague about whether the op-ed was written by Hagar. It says:
> To try to understand his viewpoint, Ars attempted to reach Hagar by phone and email in September. In the course of this process, we learned that he did not actually submit many of these op-eds.
Since the article claims to be about one op-ed piece submitted to many places, it seems reasonable to assume he wrote it, but that the mentioned PR firm then submitted it far and wide.
It's also not clear from that wording if they actually spoke with Hagar (they "attempted to reach" him), or if this information comes from another source.
In any case, it's still an obvious smear campaign.
What's stopping firmware from patching GRUB to patch the kernel to do things it's not supposed to do? There is nothing inherent to Linux that makes it invulnerable to this kind of thing.
If you can't trust the underlying hardware or firmware, you cannot trust the machine.
Going a bit off-topic, I can't access this CloudFlare blog using a Tor browser (using the "standard" security level) without a CAPTCHA.
Didn't we discuss just last week an article[0] by CloudFlare where they said they'd solved this problem and Tor users wouldn't need to solve CAPTCHAs for CloudFlare-fronted services anymore?
What happened to that? I've actually seen way more CloudFlare CAPTCHAs through Tor since that article came out.
For what it's worth, I haven't seen a CAPTCHA browsing cloudflare sites for a long time (months?), until just today I've gotten two (out of several tens of CF-backed sites visited). Could be related to these changes, not sure.
Thanks to CloudFlare for working with Tor on these issues. The browsing experience for us legit Tor users is much better than it used to be.
I hope that eventually, .onion services can get DV certs so their proxy can serve that cert if the user connects directly, bypassing the need to connect through an exit node for the first connection.
One thing I'm curious about:
> While bad actors can still establish a fresh circuit by repeating the rendezvous protocol, doing so involves a cryptographic key exchange that costs time and computation.
Is there some way for the destination .onion service to scale the difficulty of this rendezvous challenge, so this proof-of-work scheme can continue to work? It would be sad if they get to the point where it's no longer an effective rate limit and have to go back to serving CAPTCHAs for every new circuit.