It is annoying that Amazon Instant Video doesn't directly have an option to cast to a Chromecast. You can, however, configure[0] Amazon Instant Video to use Flash instead of Silverlight. Once you switch to using Flash, you can use the "Cast Tab" feature of the Google Cast extension to watch your video on a Chromecast, assuming you're using Chrome.
I didn't know that the chrome://settings/passwords page existed until I read your comment. I actually just checked it out, and when I clicked the "Show" button on the password box, Chrome made me re-authenticate with my Windows password before it would show the password.
I don't know if this is a new feature, only available on Windows, etc., but it seems like this may be less of a concern now.
I did find it weird that I had to re-authenticate with my Windows password and not the password that Chrome is syncing passwords with, but it's better than nothing.
I bought a YubiKey[0] a while back and was able to get it to do exactly what you're talking about--even on Windows, which I use most often. It wasn't necessarily easy to set up, but it has been working pretty consistently. It would have probably been easier if I had known more than just the basics of GPG.
I have since switched to using my YubiKey and GPG for SSH authentication on pretty much everything, as well as using it to sign my tags in my public git repositories. I don't think I would want to go back to moving keys between devices or setting up unique keys on each device now that I've got my YubiKey set up. Worth the investment, in my opinion.
True, but I don't think anyone really buys an MSDN subscription just for installing a copy of Windows. I haven't looked into the actual licensing terms, but my MSDN subscription (not the cheapest version) only allows me to claim five license keys per Windows version through the UI. If you need six licenses just to make up the cost of the cheapest MSDN subscription, you're probably using your MSDN subscription incorrectly.
Generally if you have an MSDN subscription, you're using it for other products like Visual Studio, and the free copies of Windows are just for helping you get a development environment set up.
I have a VMware ESXi box at home that I use to run a Windows VM with a video card passed through. I've been using it to stream Heroes of the Storm with Steam's In-Home Streaming and I get a consistent 30 FPS (1920x1080) with no noticeable lag.
Admittedly, it's not exactly the same as the setup in this article since it's not streaming over the internet, but I would assume that as long as your latency is low and bandwidth is high, you'll have no problem with this setup.
I'm just wondering. Theoretically, you have an additional hop.
Game server <--> Amazon <--> Home
From a pure latency point of view, this is probably not an issue. However, whatever events you see on screen, the game server sees you reacting slower, because your keyboard basically has a delay of 20-30ms (Home --> Amazon).
Maybe, it depends a bit on the game you play, if this has any negative consequences or not.
Edit: This could be somewhat compensated by the faster connection of Amazon <--> Game server (just assuming that it's faster than a connection from home).
The very first thing I noticed as soon as I opened the browser is that the tabs don't touch the top of the screen when the browser is maximized [1]. This makes closing tabs much more difficult since you can't just move your mouse all the way to the top of the screen and middle click--you have to consciously stop moving the mouse before it leaves the tab.
I can understand why they don't touch the top of the screen: the tab stacking shows up above the tab. My suggestion would be to expand the tab to the top of the window, and then just make the tab stacking show up inside at the top of the tab. If not that, at least make the tab's bounding box touch the edge of the screen and leave the tab stacking on top of it.
I found a few more issues while typing this up:
1. The browser seemed to think my CTRL key was stuck or something. Typing in my password on imgur made it switch tabs and zoom out multiple times when I went to type some of the numbers in my password.
2. Copying the image URL from the address bar after I uploaded it didn't copy the protocol. The protocol was hidden since it's http, but that adds an extra step of typing "http://" when I wanted to paste it here.
The browser looks like it has promise. I like the look-and-feel. I like that the address bar is the progress bar when the page is loading. Being able to add notes and screenshots also seems like it would be incredibly useful.
Overall, I'd give the browser another shot once you've made some more progress.
I'm still of the opinion that the space at the top makes sense. I sometimes drag windows to the top to maximize, and like the inverse operation of dragging from the top to restore -- behaves consistently like any other regular Windows application that doesn't mess around with their titlebars.
While Fitts' law is useful, that behaviour actually drives me mad as someone who is used to the three mouse buttons having discrete behaviours on the actual caption bar. Suddenly 'tab' is above 'window' in the hierarchy for control.
I can understand that. For me, though, I use middle click to close tabs significantly more often than I move the browser window to another monitor. So I'd rather live with having to click an empty space farther to the right of the tabs when I actually do move the window.
I could learn to use CTRL+F4 to close tabs, but I find that slower than just middle clicking the tabs.
I can't stand custom drawn windows because they break standards that have been in place on the OS for ages. I submitted a request to Vivaldi to please give us an option for a native window that shows the full window title area instead of custom drawing the window.
I doubt that they're going to offer an alternative mode because the developers seem more concerned with making their own custom behavior instead of just fitting in with my OS. They did a lot of work to break the functionality of a native window.
Using a VPN would encrypt your traffic, preventing Verizon from injecting a UIDH header. You could then clear your cookies and websites would not be able to re-add them via the UIDH header since it isn't being sent.
This isn't to say that the websites can't identify you via some other means, just that they no longer have the guaranteed UIDH header to identify you.
No the header injection happens after the request leaves your browser. However, adblock can prevent the request going to Turn and other ad sites in the first place. But then the website owner (eg Facebook) can work with the ad network to pass your info to them on the server side, although I'm not sure how widespread this is.
How about if I wanted to actively subvert the header? Would there be a way to beat Verizon's network to the punch by injecting the same header myself and populating it with garbage data?
The only way around that would be to take advantage of bugs in their parser. HTTP is a moronic spec, and it allows inane things. For instance, these are valid HTTP headers:
X-LineWrap: Hi my name is
Header Boy
The value of X-LineWrap should be "Hi my name is Header Boy". Edit: Actually I'm not sure if the space before the comment counts or not. Terrible text protocol formats FTW.
X-Comment: This is the value (but this is a comment!)
The value of X-Comment should be "This is the value".
X-MoreFun: I don't recall (offhand) how
this header value should
(really, the spec is a mess)
be interpreted.
The value of X-MoreFun should be (I think): "I don't recall how this header value should be interpreted.".
So, you might get lucky if they have a non-compliant parser and the target site has a compliant parser. In that case:
X-UIDH: garbage1
garbage2
Might get turned into:
X-UIDH: verizontrackingvalue
garbage2
In which case, a compliant HTTP parser would read the value as "verizontrackingvalue garbage2", which might be enough to mess up their tracking.
Also, HTTP has special handling of headers that are "comma separated lists". This should only apply to special-cased built-in headers. But you could try sending multiple X-UIDH headers, with commas in the values, to trick an overly ambitious parser. Maybe.
Anyways, this all depends on bugs in HTTP parsers, which probably exist. (Can you tell I despise the HTTP format?) But if exploited enough to matter, they'd simply patch them.
I think the real point to take out of this is how important it is to have secure backups of your encryption key. Making sure that the encrypted data is backed up is common sense. Backing up the encryption key is just as important.
If I were to lose my encryption key, I would absolutely expect to lose my data. That's how encryption works. That's how encryption should work. If I can get my data back without the encryption key, someone else can too.
[0] https://www.amazon.com/gp/video/settings (near the bottom of the page)