Just think of all the countries and companies that grab this data, group by email address, then start to identify preferences of people around the world. Its not just for identity theft. The possibilities are endless! And horrifying.

ICANN specifically set aside all two character TLDs to be for country specific codes. There's only a few cases where they kept ex countries TLDs around and phased them out over several years. It would be an entirely new precedent if they did keep it. So I wouldn't depend on it

Why do you think this is going to replace air traffic control work? It's picking which gate to park the plane at. This was done by airline and airport operations teams, not ATC. Imagine if you could automatically pick gates to reduce the time a plane spends taxiing and/or minimize time passengers spend walking. That's 100% a useful application for computer optimization algorithms. Humans aren't going to do that better and it's not a function of safety that tower or ground control needs to do.

The alternative is to let certain countries de facto claim a region because others are too afraid to call them on their BS

.net core is the future but Mono is still important for running legacy .net framework applications like ones that use WinForms or WPF. That's pretty much it. Anything new should go straight to .net core.

I think this a problem with applications with a privacy focused user basis. It becomes very black and white where any type of information being sent somewhere is bad. I respect that some people have that opinion and more power to them, but being pragmatic about this is important. I personally disabled this flag, and I recognize how this is edging into a risky area, but I also recognize that the Mozilla CTO is somewhat correct and if we have the option between a browser that blocks everything and one that is privacy-preserving (where users can still opt for the former), businesses are more likely to adopt the privacy-preserving standards and that benefits the vast majority of users.

Privacy is a scale. I'm all onboard with Firefox, I block tons of trackers and ads, I'm even somebody who uses NoScript and suffers the ramifications to due to ideology reasons, but I also enable telemetry in Firefox because I trust that usage metrics will benefit the product.

For those who aren't aware. This is talking about when cell phones roam into other networks, they now encrypt the traffic back to the home provider which means law enforcement struggle to tap it (legally or illegally).

PET is privacy enhancing technologies

https://github.com/hakluke/how-to-exit-vim/blob/master/README.md

Fears raised over ‘Chinese spy cranes’ in US ports

There are concerns that the machines are effectively Trojan Horses for Beijing and could be used to sabotage sensitive logistics

Unexplained communications equipment has been found in Chinese-made cranes in US ports that could be used for spying and potentially “devastate” the American economy, according to a new congressional investigation.

The finding, first reported by The Wall Street Journal (WSJ), will stoke American concerns that the cranes are effectively Trojan Horses for Beijing to gain access to, or even sabotage, sensitive logistics.

The probe by the House Committee on Homeland Security and the House select committee on China found over a dozen pre-installed cellular modems, that can be remotely accessed, in just one port.

Many of the devices did not seem to have a clear function or were not documented in any contract between US ports and crane maker ZPMC, a Chinese state-owned company that accounts for nearly 80 per cent of ship-to-shore cranes in use in America, according to the WSJ.

The modems were found “on more than one occasion” on the ZPMC cranes, a congressional aide said.

“Our committees’ investigation found vulnerabilities in cranes at US ports that could allow the CCP [Chinese Communist Party] to not only undercut trade competitors through espionage, but disrupt supply chains and the movement of cargo, devastating our nation’s economy,” Mark Green, the Republican chair of the House Homeland Security Committee, told CNN.

The Chinese government is “looking for every opportunity to collect valuable intelligence and position themselves to exploit vulnerabilities by systematically burrowing into America’s critical infrastructure,” he told the WSJ, adding that the US had overlooked the threat for too long.

The Telegraph has contacted ZPMC for comment.

‘The new Huawei’

A spokesman for the Chinese embassy in Washington DC said claims that Chinese-made cranes pose a security risk are “entirely paranoia.”

The US investigation began last year amid Pentagon fears that sophisticated sensors on large ship-to-shore cranes could register and track containers, offering valuable information to Beijing about the movement of cargo supporting US military operations around the world.

At the time, Bill Evanina, a former top US counterintelligence official, said: “Cranes can be the new Huawei.”

“It’s the perfect combination of legitimate business that can also masquerade as clandestine intelligence collection,” he told the WSJ.

In recent years, a handful of Chinese crane companies have grown into major players in the global automated ports industry, working with Microsoft and other companies to connect equipment and analyse data in real-time.

Also, the law requires that publicly traded companies be greedy

The law doesn't actually state you need screw over your customers and maximize profit. It says that executives have a fiduciary duty, which means they must act in the best interest of the shareholder, not themselves.

That does not mean they have to suck out every single dollar of profit. Executives have some leeway in this and can very easily explain that napkins lead to happier customers and longer term retention which means long term profits.

It's purely a short-term, wall street driven, behavior also driven by executive pay being also based in stock so they're incentivized to drive up the price over the next quarter so they can cash out.

It's true that Mozilla does collect telemetry and that Mozilla Corp is for profit, however Mozilla Corp is owned by Mozilla Foundation. That ownership structure is either a way to get around limitations on non profits, or its an opportunity for the Foundation to directly influence the Corp to be better.

However, I'll still use Firefox/Thunderbird because: Usage stats such as number of accounts or filters is in no way comparable to my username and password. One is basic metadata and stats, the other is a massive risk. You can opt out of the telemetry, the only way to opt out of sharing your password is to not use the new Outlook.

I take a more pragmatic approach to privacy based on my trust. I understand the value of telemetry, but change it depending on the company. Big Tech I have less trust in, Mozilla, while they have issues, are on average far better for privacy vs big tech.

As a developer, I understand the value of telemetry and the risks that come with collecting any data. I pick Firefox because it challenges the homogeney of Google's influence and it looks like I'm going to pick Thunderbird because I' haven't seen a better option.

Attestation depends on a few things:

1. The website has to choose to trust a given attestation provider. If Open Source Browser Attestation Provider X is known for freely handing out attestations then websites will just ignore them
2. The browser's self-attestation. This is tricky part to implement. I haven't looked at the WEI spec to see how this works, but ultimately it depends on code running on your machine identifying when it's been modified. In theory, you can modify the browser however you want, but it's likely that this code will be thoroughly obfuscated and regularly changing to make it hard to reverse engineer. In addition, there are CPU level systems like Intel SGX that provide secure enclaves to run code and a remote entity can verify that the code that ran in SGX was the same code that the remote entity intended to run.

If you're on iOS or Android, there's already strong OS level protections that a browser attestation can plugin to (like SafetyNet.)