They propose to pay customers $0.05 / generated kWh instead of the $0.20-$0.30/kWh that customers pay in California. So you would have to generate an excess 160 kWh /month to cover the $8 fee (per installed kW of capacity). Your non-solar neighbor who uses your 160kWh of generated electrons will pay the utility $32-$48 for them, while reaping the benefit of lowered stress on the grid.
The main problem with Prop 65 is that it was done by ballot proposition -- through California's initiative process. That is, the proposed law was voted up or down by the people AS IS. As opposed to being created through the normal legislative process that would have allowed for sensible changes (as well as probable neutering by opponents). The initiative process is a form of direct democracy intended to bypass/override the legislature. As such, it is difficult to tweak Prop 65 legislatively for needed fixes that would make it more effective.
This is one example of why most things that are proposed should not actually be done through the initiative process, IMHO. As a Californian, my default bias on ALL ballot propositions has become NO until proven well-written.
That said, I'd rather have Prop 65 as imperfect as it is than nothing. It occasionally gives me actionable information.
They aren't recommending you don't use DoH. Just that you don't allow individual apps to bypass your enterprise resolver. In fact I use the same strategy at home (with DoT) to enforce ad and tracker blocking. It's just common sense really.
From the document:
>[...] NSA recommends that the enterprise DNS resolver supports encrypted DNS, such as DoH, and that only that
resolver be used in order to have the best DNS protections and visibility.
>Raw IPs can be used as well, but that doesn’t negate my point.
And in fact if you have enterprise-wide visibility on DNS requests, you have the opportunity to detect the use of an IP that was not returned in a request. Making it immediately suspect.
They are responding to the very recent emergence of applications (like Firefox) that (optionally) use their own encrypted DNS, thus bypassing the enterprise's ability to apply security policy based on DNS. (Visibility on DNS is also useful to help detect some malware.) I'll allow it.
Is there a database of already analyzed objects? For example, can I search on the sha256sum of my IoT device's firmware and see if someone else has done the heavy lifting?
Given the features and cost, what are the likely class of suitable applications for Precursor? It looks like the guts of a typical (consumer) router e.g., or a set-top device, but maybe not a commodity IOT thing (overkill and cost) and certainly not an iPad (performance, for one).
> A 2020 version of this might be "why there aren't more Teslas."
It's interesting how many electric car companies are active in China, most of which westerners haven't heard of. (Check for example the video of the "Chengdu Motor Show" by FullyChargedShow on YT.)
Relevant to the topic at hand, it seems that the "More Googles" are more likely to be arising in China, mostly outside my reality bubble. Some helped by market segregation enforced by the current political situation. That's orthogonal to the overall topic, but not irrelevant.
I generally support the EFF and think netizens need far more protections than they have, and those need to come through legislation. But I don't get why this mandated interoperability is a good idea.
Mandating data portability is one thing, but having the government decide that a company must provide an api seems absurd to me (so far: it's a new idea to me).
In the meantime, dear EFF:
- Why hasn't the EFF created boilerplate privacy agreement clauses that companies could adopt to prove their ubiquitously claimed "utmost concern for user privacy"?
- Why isn't there a vision of how companies could maintain the provenance under which each datum has been acquired (and therefore when they can/can't be shared/sold/etc.)?
- What meaning does any privacy agreement have (no matter how consumer friendly) if it can be changed at any time?
- Why do NO companies promise to protect user data in the event of an acquisition (in fact they promise the opposite).
These seem like action items right down EFF's lane and I keep waiting year after year for the basics to be covered. I criticize as a friend (and small donor).
Given the TERMS OF USE under TP-Link's privacy policy [ https://www.tp-link.com/us/about-us/privacy/ ] it seems like they consider it illegal to do any of this. Their terms, along with the "we don't even pretend to care about your privacy rights" attitude have made me question any further purchase of TP-Link products.
Relevant quotes:
"By using the Products or Services in any way, you agree to the Terms. "
"Also, modifying, translating, adapting, or otherwise creating derivative works and improvements, decompiling, decoding, reverse engineering, disassembling, or otherwise reducing the code used in any software in connection with the Services into a readable form in order to examine the source code or construction of such software and/or to copy or create other products based (in whole or in part) on such software, is prohibited."
They propose to pay customers $0.05 / generated kWh instead of the $0.20-$0.30/kWh that customers pay in California. So you would have to generate an excess 160 kWh /month to cover the $8 fee (per installed kW of capacity). Your non-solar neighbor who uses your 160kWh of generated electrons will pay the utility $32-$48 for them, while reaping the benefit of lowered stress on the grid.