What kind of impact is Let's Encrypt going to have on the CA industry? I'm not that familiar with the current state of the CA companies, nor do I understand this industry well enough to know if this is going to be a major hit to them or not.
Is there any reason why a company would prefer a CA other than Let's Encrypt?
The impact depends largely on their ability to get their root certificate into all of the browsers. It'll be interesting to see what happens with older versions of browsers as well, since if they start with a brand new root certificate then I'm not sure what happens with the older browsers.
If they can get their certificate into all of the browsers then it's possible they could achieve broad adoption for domain-verified certificates. There will still be a market for other validation types (organization validated and extended validation, for example) though.
> since if they start with a brand new root certificate then I'm not sure what happens with the older browsers.
IdenTrust will cross-sign Let's Encrypt root cert. I imagine they will keep it cross-signed, for backwards compatibility, once LE has their root cert in all the browsers.
You can't exactly undo cross signing without creating a new root CA - at some point they'll probably stop sending their root CA with the handshake (which is required when cross signing).
It will cost existing CAs a lot of business. We already had free certs from StartSSL, but they were for non-commercial purposes only.
I imagine a lot of shared hosting companies who currently resell SSL certs to their own customers will be switching to this next year.
I will certainly use them, and will only recommend them and nobody else. The only reason I'd ever look at one of the old CAs now, is for EV certs. But 99% of the time, people don't need an EV cert.
It's very, very hard for traditional CAs to compete with free, trusted in all major platforms and with dead simple set up. Hopefully this sort of scheme, combined with the added trust of Certificate Transparency, can kill off most traditional CAs.
The only reason I would still buy 1 certificate is for wildcard support.
Wait. Where can I get free certs today? Or did you mean once this service goes live?
I've used StartSSL, but somehow messed up the process and can't issue a new cert unless I pay to revoke the current. Even then their free certs expire in a year.
The only other free cert I found was from Comodo, but it expires after 90 days.
So, I wouldn't exactly say the only reason to pay for a cert is for wildcard support.
Yes, I was saying once this service goes live. But currently I've had 0 issues with StartSSL including renewals and getting multiple certs for a single domain. You do not need to revoke to get more certs from it in my experience at least. Paying for certs is just generally pointless right now even.
This is probably to late for your use, but there is a neat Mac utility called iExplorer that lets you browse your iDevice's filesystem and copy files off of it. I'm pretty sure you could have grabbed the files using a trial of iExplorer.
I'm curious to hear what you specifically like about Stitcher. I have tried, and own, almost all of the major podcast apps and it was my least favorite experience so far. Their whole business model seems to be to scrape other people's content, download it, compress it, serve it up from their own servers and slap additional ads on it.
Some things that turned me off of Stitcher:
* Includes it's own advertisements on top of the ads already in the podcasts themselves.
* Increasingly difficult to skip past the Stitcher ads and if you want to remove ads you have to pay a monthly fee.
* Can't browse the episodes of a podcast without actively listening to a podcast?
The UI just wasn't that intuitive for me. Part of the problem might have been that I was looking for a "podcast app" and this was more a "radio app" built out of my podcasts. Using something like PocketCasts or OverCast has been a much better experience to me:
* No additional ads.
* No extra monthly fees.
* Easier browsing/control of your podcast episodes.
What am I missing about Stitcher? I could see it being useful for podcast discovery, or for when someone is new to podcasts. I just struggle to understand it's insane popularity over other podcast apps.
I have no love for Stitcher. Back when I did the iTunes / sync dance a few podcasts I listened to mentioned it, so I tried it out. It's what got me back into podcasts, by making the process so much more convenient, but I don't really like how it works.
I'm one of the people that bought Launcher when I first heard about it. I often switch between one of several bluetooth devices and adding a link that takes me straight to the bluetooth settings from the notification center was a huge speed boost for me.
With tools like these out there, what can we do to protect ourselves? Besides not downloading binaries over HTTP (which still wouldn't protect you if a CA has been compromised) what other steps can someone take? I hate how vulnerable and yet utterly essential our browsers have become.
The SMS thing works ok - I can receive but not send. Phone calls have never worked for me which is a shame as this was one of the features I was really looking forward to. Mail is pretty unstable. Other than that, I've been enjoying using Yosemite from Preview 1.
It's flaky at best. Sometimes calls show up, sometimes they show up a few seconds later. Often times, they don't disappear when you accept it on your phone.
By treating them as they are - completely different things. The phone call stuff just makes the Mac a Bluetooth headset and routes the audio accordingly. After whatever wizardry they use to connect the phone to the computer is done, it should be easy.
The MUD that I played on in middle school and high school, Viking MUD, is still around. http://www.vikingmud.org
I think the directions to the main areas will be burned into my memory forever. On this MUD, when you reached level 20 (which took around a week) you had a choice to make your character "eternal" and continue adventuring or you could choose to make your character a "wizard" who could create new areas yourself and write scripted actions for your area. However, you could no longer take part in the actual game itself. Scripting the areas I had created was some of the first programming experience I ever had.
A big difference between most of the games today that I play and some of those old MUDs was that there were very serious consequences to dying. You lost a level and all your gear if you died and it was extremely easy to die in the game, both from NPCs or other players in certain zones. Dropping from say, level 28 to 27 represented a solid week of hard leveling effort that was lost. I remember I died 3 times in one evening and almost wanting to cry I was so upset. It did make the game that much more intense though because the stakes were so high.
I still login occasionally but it is rare to see more than a few players who aren't idle. I remember that the quality of the community was very high. I don't know if it was because there was a relatively high bar to join and interact with the game that self-selected those kinds of people or what. You had to have the technical chops to connect to the internet, download and install a MUD client and then connect to the appropriate server. Then to be successful at the game itself you had to have a lot of patience, have a good memory and be able to read and react quickly.
