RANT

Started by Mario, May 04, 2019, 04:36:36 PM

Previous topic - Next topic

Mario

Today Mozilla, by accident, disabled most Firefox plug-ins world-wide, including plug-ins important for security like UBlock and NoScript.
They forgot to renew a certificate (similar to SSL/HTTPS) and millions of users ended up with disabled plug-ins.
Tracker networks suddenly able to track you again, unwanted ads showing, Javascript no longer blocked,... potential disaster.

Microsoft forcefully shipping updates which break some machines. Not that many, mind. But still.
I envision shipping Windows updates to about 1 billion (!) Windows computers (last number I have, correct me if I'm wrong) makes it impossible to get it 100% right.
But normal users no longe can block Windows updates (at least not for long).

Yesterday when I started my rented (Office 365) a splash screen informed me that Microsoft has changed their privacy policy (of course for my good - hah!).
And I had only the choice between "Send data about how you use Office to Microsoft" and "Send more data and maybe some of your documents to Microsoft".
I could not close the dialog and use the software I have paid for without making a choice. They just stuck it down my throat, so to speak.

Opening the Google or FB or Twitter or whatever web site regularly blocks, informing you about changes in the privacy policy you have to agree to - unless you don't want to use the service anymore.
The privacy policies are written by armies of high-paid lawyers who work day and night to write them in favor of the company - not in favor of the user.
You can either accept it (and read all the 200 pages together with your own army of lawyers) of you have to stop using Google, Facebook and others.
They may demand your first born some day (on page 700, under section 18292.2728.b) and you either have to agree or stop using their service.
...

We are too dependent these days on a few major companies these days, its truly frightening.
And users these days are truly users (in the bad sense), not understanding much about how their computers, smart phones, tables or TVs work.
The older generation (starting with things like C16 or C64) had to know lots about computers to make them work.
Today, users buy a PC or phone and then trust others with their most private data. Without any knowledge about how all that works, where the risks are etc. Frightening!

What happens when the Adobe license server has a cramp and forces all Lightroom and Photoshop installations into "trial mode" for a few days?
How many dollars will this cost users who depend on Photoshop or Lr and cannot longer work?

What happens if the Adobe cloud (or Google cloud, Dropbox, OneDrive) is down for a day or more?

What if somebody hacks something and Facebook and Google and Microsoft disable your email account or log-in by accident?

What if your phone vendor messes up a security update and bricks your smart phone when it installs?

We all rent more and more, and own less and less. We pay for "software as a service" but no longer own the license. If we don't pay anymore, the software is dead.
While my CS* Photoshop version still runs, even if the license server of Adobe is off-line, I wonder how long Lr and Ps will run. Or Office 365.

(I do all screen shots for the IMatch help etc. in a PaintShopPro5 version I've bought in 1998 I believer. Works great. Best tool for the job I've found  ;)

Before all the SaaS (software as a service) we bought a license for a software and then used it until it no loner worked or we wanted to upgrade.
Now we (have to) rent, and if we don't pay anymore, we have nothing.
Adobe is just "testing" a 20$ /month (instead of 10$ /month) Lightroom subscription. You get 1 TB storage in the Adobe cloud for the 10$. Which binds you even more... ::)

I'm not sure I like this. It makes us totally dependent on 3rd parties and their (hackable and at constant risk) infrastructure.

This is why I sell IMatch as a perpetual license and use a very user-friendly license and locking model for IMatch Anywhere.
Even when my servers are offline or I'm getting hit by the bus and meeting the big compiler in heaven, you can continue to work with IMatch as long as it runs...

Ger

Mario, thanks for this post. I share your concerns on both subscription services as well as the data-hungry giants.
I avoid subscription services as much as possible by using alternatives where possible: IMatch, darktable are have great feature sets that often beat the big names.
Same for the data companies (DuckDuckGo and startpage.com for searching; OpenStreetMap as mapping software).

So... for IMatch... don't get hit by a bus and rely on your C++ compiler for some more time!

Ger

jch2103

Quote from: Mario on May 04, 2019, 04:36:36 PM
This is why I sell IMatch as a perpetual license and use a very user-friendly license and locking model for IMatch Anywhere.
Even when my servers are offline or I'm getting hit by the bus and meeting the big compiler in heaven, you can continue to work with IMatch as long as it runs...
I and very many (all?) of your users very much appreciate this. It's certainly on of the reasons I chose IMatch. Thank you!
John

lbo

Quote from: Mario on May 04, 2019, 04:36:36 PM
We are too dependent these days on a few major companies these days, its truly frightening.

so true. Nevertheless people prefer "ease of use" over "being in control", e.g. by using proprietary messengers over good old email.

Quote from: Mario on May 04, 2019, 04:36:36 PM
This is why I sell IMatch as a perpetual license and use a very user-friendly license and locking model for IMatch Anywhere.
Even when my servers are offline or I'm getting hit by the bus and meeting the big compiler in heaven, you can continue to work with IMatch as long as it runs...

Which dependencies on photools servers exists?

IOW which limitations will IMatch users experience if these servers don't work as expected?

Mario

No functionality in IMatch depends on any of my servers, with the exception of:

1. Update Check
2. Help System
3. IMatch News App (which displays the feed from this community)

lbo

Quote from: Mario on May 05, 2019, 12:41:08 PM
No functionality in IMatch depends on any of my servers, with the exception of:

1. Update Check
2. Help System
3. IMatch News App (which displays the feed from this community)

what about the crop factor database?

DigPeter

Good to get it off your chest.  There is nothing we can do about it  >:(

Mario

#7
Quote from: lbo on May 05, 2019, 01:19:59 PM
what about the crop factor database?

This is used only once for each camera you have, then cached locally forever. If the database does not work, IMatch assumes a default crop factor. The Map panel will still work OK.

Good news: if you don't like this, feel free to come up with your own solution. The Map Panel is open source, after all. You (or somebody else) could add a hard-coded value instead of the server lookup in case I turn off all my servers  :)

Jingo

Logged into work yesterday and immediately saw the issue with firefox... luckily, I was working with the nightly build and there was a quick config setting to get me up and running again BUT agree... this is the problem with relying on outside tech for support.  Where I work, hardware vendors store the data/software for clients in server farms... 15 customers per farm.. one goes down, they all go down.  It has its benefits of course (shared code so update once...) but it has its bad too (a bug for one is a bug for all).  The glorious future of software!!!

Mario

Regarding FF: I did not disable the certificate check via about:config but manually re-enabled my two important add-ons (UBlockOrigin and Noscript) in the extensions.json file. After disabling and re-enabling all extensions in FF it worked again.

Luckily I made a copy of the extension.json with my patches - because the problem came back today (FF overwrote the extension.json after a couple of hours...)?

Jingo

Quote from: Mario on May 05, 2019, 02:07:33 PM
Regarding FF: I did not disable the certificate check via about:config but manually re-enabled my two important add-ons (UBlockOrigin and Noscript) in the extensions.json file. After disabling and re-enabling all extensions in FF it worked again.

Luckily I made a copy of the extension.json with my patches - because the problem came back today (FF overwrote the extension.json after a couple of hours...)?

Yes... I didn't want to go through the process with the .json files because I have about 15 important addons... the certificate check hack was just easier.  Eventually, the bkg fix will flow through and I'll re-enable the check again...

Carlo Didier

Quote from: Jingo on May 05, 2019, 02:17:46 PM
Yes... I didn't want to go through the process with the .json files because I have about 15 important addons... the certificate check hack was just easier.  Eventually, the bkg fix will flow through and I'll re-enable the check again...
What normal average user would even know what a json file is? That's for geeks and IT professionals.

Mario

Quote from: Carlo Didier on May 06, 2019, 11:04:56 PM
What normal average user would even know what a json file is? That's for geeks and IT professionals.

Yep. For most users the recommended action was to go via about:config and disable the global security check. Also not something that average users would do.
Anyway, as far as I know, the update shipped yesterday solved the problem for many FF versions. Not necessarily the ESP versions used for some Linux distributions. This will take a few extra days.

Jingo

Yup.. but then again - most "average users" are not using Firefox anyway.. and especially not installing Addons.  Agree the update yesterday fixed this.. the skeptic in me says that this is just a way to get ALL users to update the latest version!   :o

Mario

Quote(...) way to get ALL users to update the latest version!
Not a bad thing, then. Considering all the nasty things that can happen to browsers on web sites. Even the major web sites,