On 7/14/15 10:35 AM, John Young wrote: Cloud and browser together constitute the most invasive programs since religion was invented and rewarded to absolve overrreaching and abusive authority. You don't think ODBC (which was Microsoft's fault, via ANSI) was worse? CORBA? Windows itself? SMB file servers? We are in massively better shape than we used to be. Both cloud and browser are deliberately designed to mislead users about their threats to privacy and security. Iterations, adjustments, corrections of errors, automatic upgrades, official endorsements, repeatedly easy hacks, futile hearings of maladies long known and ignored, concentration of computer power, reduction of alternatives, foretell disaster as if natural, expected, bearable, and better than DIY, desktop, solo solutions, mavericks, and worst of all, openness. Even narrowly true levels of security are better than what we used to have. Certainly we need to keep getting better. Cloud and browser are like imperial dogma, what's good for the empire operators is good for the people. Although cloud and browser to succeed must have access to all the people's private data to assure they remain peaceable. It's getting better. Fund Firefox to keep the pressure on. Sysadmins are the Cromwells, the Hacking Teams, the Kasperskys, violating law with impunity. sdw At 01:02 PM 7/14/2015, you wrote: Everything will be run in the cloud and browser because it is, overall, a better computation model. However, that doesn't preclude you from running a cloud locally. Although pretty much proprietary to Google & Amazon until recently, Docker et al and related VM/container management APIs that are mappable to all kinds of implementations will allow apps, administration, networking, etc. to be fluid between commercial and various types of private clouds. In a lot of ways, this is an elegant solution and could arguably be much more secure than desktop apps in Windows. Assuming your container system isn't running in Windows, which is becoming an option; one that I won't trust easily. sdw On 7/14/15 8:52 AM, [1]dan@geer.org wrote: Discussing security policy post-OPM debacle in a setting to which I have access (sorry to be oblique), it was said by a CxO "We have to prepare for the day when no software we depend on is run on premises." I did not handle this well (think sputtering as an alternative to white rage). At the same time, I am probably in a bubble in that I suspect that nearly everyone I see with a computer (of any form factor) is already in that situation or, save for Javascript piped in from the cloud to run locally, soon will be -- denizens of this list and a few others excepted. Echoing Lenin echoing Chernyshevsky, "What is to be done?" or, perhaps, "Is anything to be done?" --dan -- Stephen D. Williams [2]sdw@lig.net [3]stephendwilliams@gmail.com LinkedIn: [4]ht tp://sdw.st/in V:650-450-UNIX (8649) V:866.SDW.UNIX V:703.371.9362 F:703.995.0407 [5]AIM:sdw [6]Skype:StephenDWilliams [7]Yahoo:sdwlignet Resume: [8]http://sdw.st /gres Personal: [9]http://sdw.st facebook.com/sdwlig twitter.com/scienteer References 1. mailto:dan@geer.org 2. mailto:sdw@lig.net 3. mailto:stephendwilliams@gmail.com 4. http://sdw.st/in 5. AIM:sdw 6. Skype:StephenDWilliams 7. Yahoo:sdwlignet 8. http://sdw.st/gres 9. http://sdw.st/