This is the same philosophy as not being the fastest when chased by the bear... but being just faster than the slowest guy.
I do this often. Enough security to make it obvious that it is more secure than others, but not so much that it attracts attention. For example, a steering wheel Club is a joke... but given the choice, the would-be thief will go for the car right by, sans the steering wheel lock. Same with a trailer. The locking wheel chocks I use can be bypassed, but it is likely that a thief will find someone who just has a cheap padlock on the trailer tongue and grab that for their new portable meth lab.
I do like using locks as a way to keep honest people honest. It isn't 100%, and a determined thief can still get the item in question, but it stops opportunists.
That way, if a thief does get past some basic security, then I have done my part legally, and can file a claim in good faith.
Insurance is a must, but it doesn't hurt having at least a little bit of security. One doesn't need to lock all their computers in metal cages, but a Kensington cable is a polite reminder to someone that the item in question doesn't belong to them.
On RVs and cars, a "protected by Glock" sticker is something that can be used as probable cause for a stop and search in some cities/states. It isn't a good idea because it attracts attention... the wrong type of attention by both the bad guys and the local LEOs.
At least with the Alpine sticker, not even the desperate druggies go after car stereos these days, so one is probably safe there.
If I were to go with a bumper sticker, it would probably be the local "100 club" or similar sheriff charities.
The Glock window decal may not mean much... it just means the burglar will shoot first, or escalate things to an armed home invasion. Dogs, on the other hand can be a good deterrent... even a 10 pound wiener dog can bark enough that it might get attention, provided the dog isn't the type that yaps at everything that moves.
My primary concern with my home security is the meth-head, smash/grab type of thief. To protect against that, I encrypt all hard disks and backup media, as well as have some offsite storage (also encrypted). That way, when something does get stolen, it is "just" a theft of hardware, and I don't have to worry about the data being used for blackmail or extortion. I can get a police report, hand it to my insurance company for the claim, and go on.
What I might end up doing is building a NAS for backups that is located "off the beaten path", such as in the attic, or somewhere that isn't obvious. It can be found by a determined party because it would either have an Ethernet jack or a Wi-Fi presence, but a smash and grab intruder wouldn't think it is there, much less hunt for it, especially after they get an armload of equipment.
What would be a better solution is Apple making it cross platform. This way, no matter what platform one is on, iMessages go through. This would establish iMessage as a standard, and that would be better for Apple on the long term, than only allowing their devices to use it.
Swap SIM card to an iDevice... switch iMessage off, swap back. Don't forget to make sure your iPads, iPods, and Macs don't have the number checked either.
Generators may not be the best example, because of economies of scale. It is cheaper to run a couple gigawatt power plants than thousands of kilowatt generators. A diesel generator tends to be for backups, or perhaps a conversation piece when you fire it up to make sure it still works every few weeks [1].
Servers are different. A cloud provider will be using the same type of hardware that their clients will be using, be it blade enclosures, 1U x86 servers, an EMC VNX backend, Cisco Nexus fabric, ASA firewalls, and so on. The big question... do you pay for the servers sitting in your data center, or do you pay for them sitting in some data center Bog knows where. Either way, those servers will get paid for.
[1]: If you can hear people over the noise it makes.
V2V sounds good, but I wonder about people who will hack it. For example, making a fake "traffic is gridlocked here" alert might make one's commute a lot better, or triggering a car to panic stop because it thinks another is doing the same can cause actual harm.
Security isn't something that can be strapped on anymore. It has to be "baked in", in multiple layers, and thoroughly tested as well as every other feature. I hope the makers of V2V technology has this in mind that is being deployed.
First thing one should do with almost all Android devices (GPE devices are a cautious exception) is to re-ROM them. I've not really been impressed with Verizon's text app myself, so I prefer a replacement.
In any case, having the ability to encrypt phone and SMS conversations in an app, completely separate and independent from the OS is a boon. An eavesdropper would have to go from being passive to actively interacting with the apps or actively reading/scanning memory for keys to upload.
With newer versions of Android demanding a password on reboot to decrypt/data, the time it takes to type in a second password isn't that much, assuming the ROM one is using is stable enough not to require frequent power cycles.
All and all, we need more of this stuff. It would be nice to have programs PGP/gpg compatible and some standard so all apps use one's private key (similar to client certificates, but not using the TLS/SSL mechanism, but using PGP's WoT.)
I wonder if the bootloader is unlockable so one can make their own ROM for it. The ideal is the ability to type in "fastboot oem unlock", flash a ROM, then relock the bootloader. That way, if someone wants to reflash, they have to re-unlock the bootloader (triggering an erase and TRIM cycle of the/data partition.)
$15,000 gets one a i-MiEV from Mitsubishi. No, this isn't a luxury car, but it is a decent city runabout. A cow-orker has one, and for commuting and running around in the city, it is close to ideal.
For long trips, it suffers the same problems as the Leaf, but if one has two cars, it may be a decent choice because it doesn't require stopping at gas stations, and it requires very little upkeep (no oil changes.)
I've wondered about that myself -- have a vinyl record for sale, but include a card with a key on it so someone can go to a download site, pick up their choice of an ISO image, the sounds in FLAC, or their format of choice. Best of both worlds, a true artifact with a lot of space for good cover art, and high quality music (which could even be studio quality, not just CD spec.)
Give me a break here. Assuming the laser isn't powerful enough to melt the foil pits, the type of laser in my CD player is going to make no difference to the media life whatsoever. It might be that the mechanism that holds the disk in place may be better or worse, but a read laser? I'd be more concerned about oxygen getting between the sandwiched polycarbonate and attacking the foil or issues with the hub than I would about the read laser's quality or type.
Blackberries excel in the security arena. While someone puts an iPhone on airplane mode and runs off with it, a Blackberry can be set to erase itself if it doesn't get a network connection in a certain time interval. No other platform offers this assurance.
Blackberries also used their own servers. Servers secure enough that countries demanded RIM give them access or else kick them out of the country. No wayward CAs, no bogus certs... it may not be perfect, but BIS is/was a secure way of doing mail.
BES, OTOH, I'm neutral about. It is nice having an authentication mechanism separate from SSL/TLS, but historically, BES was fiddly. It is likely rock solid now, but it got a bad reputation.
I don't think RIM is doomed. Should people/companies actually value security, they are the only game in town for serious security on a device level.
I've always wanted an e-Ink display on consumer routers. Press a button, up comes the password. When the router is completely reset, the default password is randomly re-generated [1], and shown on the display. Of course, this is easily changed, but it would help ensure that router "A" isn't going to have the same default as "B", and that if someone hands the router to another party after it is reset, the previous party won't be privy to the default passcode.
I've wondered what happened to "data diode" technology. Yes, you can pay a large chunk of change for one. However, for low volumes of data, it is hard to beat two computers connected by a serial cable with the return wire cut, to ensure that data only goes one way. This provides the needed monitoring info, but blackhats won't be able to get past the serial cable without physical access or social engineering.
For more data than that I've thought of using a signal-level Ethernet tap (one that doesn't have a MAC address since it allows one machine to sniff traffic on the signal level) as another method of moving data one day. However, there is something simple and assured about a serial cable.
As for updates, sticking a SD card [2] into a computer, copying a signed flash image, sticking that into the embedded system, and telling it to shutdown and reflash isn't difficult [3]. It isn't as easy as autoupdates, but it will keep a degree of separation that is needed for security. Plus one doesn't really want autoupdates on a SCADA system. It is a bad practice to autoupdate anything production, much less a system as expensive as embedded machinery.
[1]: Regenerated using some basic sane password rules to slow down guessing, of course.
[2]: USB devices can present themselves as anything. A SD card is always a drive.
[3]: Would be nice if the system had a way to handle multiple firmwares. That way, if the firmware was corrupted, one could go back to the previous. Ideally, there should be a "1.0" firmware burned into a ROM that cannot be altered, then 2-3 places for update ROMs.
We went through this exact thing with bicycle frames about 10 years ago. CF is lighter and more rigid than aluminum, but if it gets a crack or gouge in it, the frame can't be mended... it has to be tossed, and the only real way to "recycle" CF is to toss it into a thermal depolymerization machine and "boil" the epoxy and CF (using lots of water and heat) back to crude oil.
CF has its place, but on a vehicle where weight is less a limiting issue than on bicycles, it might be best off to stick with recyclable stuff like aluminum because of the volume of vehicles made. Aluminum can be recycled fairly easily... CF can't be used for much once it hits the scrapyard.
Some games, like NWN/NWN2 or older C&C versions were bought before the companies were bought out by EA.
I wish EA would go private like Dell, so it wasn't beholden to the lash of next quarter's earnings to shareholders. Then, it could do some cool stuff with all the IP it is sitting on.
Wing Commander re-releases, done as the Origin-style "interactive movies", using a full studio come to mind. Or single player games that when you finished them and put in a code, you got sent a T-shirt or a plaque, and that was paid for in the game's price.
IMHO, were EA not having to focus on next quarter's earnings above all else, it would just be good business to keep legacy servers going, even if the server for an old game was just a VM or two on a cast-off 1U Compaq in a server closet somewhere. Long term, EA would make more money (the long tail effect,) and also have good will.
This is where I see a niche market. A company that provides multiplayer access for legacy games... stuff like older C&C games, NWN, and many other games that are still playable, but may not be worth it financially to keep the servers up.
Given the choice, I'd go with a paid subscription model because one is paying for the servers, not the game, so the multiplayer access is for all the games. One could also add stuff like the NWN/NWN2 vault for easy download of player-made content as well as FPS maps/scripts.
However, I don't know if a sub model is viable, so what might work is getting newer indy games to use it, perhaps adding a couple dollars to the price of the game in order for it to use the multiplayer functionality for a couple years.
Maybe this might be something for gog.com to make? GogNet anyone?
It isn't that expensive, all things considered. Not cheap ($1-2k), but not too pricy for something that is going to pretty much be installed with little to no upkeep needed for 20+ years. Panels are around 75 cents a watt. A decent MPPT charge controller is several hundred, or you can go with more panels and a PWM controller. A pair of six volt "golf cart" batteries is about $400. A 1500-2000 watt PSW inverter is about $400 as well.
Again, not cheap, but not too expensive, and once set up (assuming everything is wired correctly), it is about as expensive as a decent online (not standby) UPS, and will provide stable power for a long time.
There is the opposite which seems to be the way to go, especially with the fees for on-grid solar power.
As usual, batteries are the biggest problem. However, with even a few 12 volt batteries paralleled, one can get 300-400 amp-hours of capacity. Add a solar array that has about 400-500 watts, MPPT charge controller, and a decent PSW inverter, and this won't run an air conditioner, but it could be a circuit that all one's low-wattage parasitic devices (cell phone chargers, a laptop, etc.) Add to the battery bank and a panel or two, and one's desktop machines can have independent power. One can also have multiple circuits, one for chargers, one for a low-draw fridge, one for the computers, all completely separate from utility power.
Instead of jobs, I'd look for internships as well. Internships get you actually in front of people who hire, and this is quite important, as showing on a resume that you worked for a company or two will put you further ahead than someone with a degree but no documented work experience other than a Starbucks position.
Professors can be of help, but a lot of them tend to work isolated from the "real" world. Their world has little pressure from H-1Bs and offshoring (other than foreign competition when it comes to textbook publishing,) so they may not know or care about trying to find work once one gets the degree.
Projects can help too. If one is a good coder, joining and looking at an OSS project might be a help come resume time. Doing a coding project that is something other than the usual smartphone/tablet app is going to get one noticed.
Finally, keep an eye on the market. What was needed four years ago may not be needed now. However, embedded programming always needs good people. It isn't a commodity job (thus the offshore dev houses are not worth the time), so it can be a niche for a career.
I will use web UIs in a pinch, and usually they are what I have available, but I will say that I'd far rather use a time-tested MUA (Thunderbird, even Outlook) than most Web based UIs. IIRC, (and I could be wrong) No Web based client supports S/MIME except Exchange/OWA, and that is with a browser add-on. PGP/gpg can be done by manual copy/paste, but the Symantec Encryption Desktop (i.e. PGP) plugin or enigmail make it a lot easier to use.
E-mail isn't something that has changed much, so having the Web UI changing as if it were a fashion is more annoying than useful.
I'd say we have it better now, because crypto isn't "illegal" like it was when ITAR was the law of the land. However, because online connections are required, coupled with layers of complexity added to even the humble desktop, the crypto may be good, but the key is still stored under the doormat for anyone to fetch.
If a criminal runs their books offline with no net connection, using a USB flash drive for physical transportation or moving encrypted data to an online PC, tripwire may not be needed.
It wouldn't take much to scare criminals into moving their unencrypted stuff offline, then the DOJ has hosed themselves since all the juicy stuff they wanted easier access to is now inaccessible unless physical attacks are used.
Usually one of three things happen with a F2P game:
1: It is malware. When you look at the permissions and a "free" fleshlight app demands everything under the sun including su access, something isn't kosher.
2: It is a game that is extremely grindy where you can spend hours doing repetitive tasks, or shell out $10 for some currency (brains, smurfberries, crowns) to make life easier.
3: It comes with 1-2 characters/weapons/etc., and you have to spend a buck each if you want anything fun to play with while playing the game. Essentially like DLC in consoles.
4: You are buying some fluff (like your vehicles with a different color) that don't change gameplay, but are a cool aesthetic.
5: It is pretty much a demo, with a couple levels, and you buy the rest.
Number 4 and 5 make sense. #1 won't get the game past the permissions menu, and a report. #2 or #3 will get the app tossed off the device and a one star review.
Slashdot Mirror
This is the same philosophy as not being the fastest when chased by the bear... but being just faster than the slowest guy.
I do this often. Enough security to make it obvious that it is more secure than others, but not so much that it attracts attention. For example, a steering wheel Club is a joke... but given the choice, the would-be thief will go for the car right by, sans the steering wheel lock. Same with a trailer. The locking wheel chocks I use can be bypassed, but it is likely that a thief will find someone who just has a cheap padlock on the trailer tongue and grab that for their new portable meth lab.
I do like using locks as a way to keep honest people honest. It isn't 100%, and a determined thief can still get the item in question, but it stops opportunists.
That way, if a thief does get past some basic security, then I have done my part legally, and can file a claim in good faith.
Insurance is a must, but it doesn't hurt having at least a little bit of security. One doesn't need to lock all their computers in metal cages, but a Kensington cable is a polite reminder to someone that the item in question doesn't belong to them.
On RVs and cars, a "protected by Glock" sticker is something that can be used as probable cause for a stop and search in some cities/states. It isn't a good idea because it attracts attention... the wrong type of attention by both the bad guys and the local LEOs.
At least with the Alpine sticker, not even the desperate druggies go after car stereos these days, so one is probably safe there.
If I were to go with a bumper sticker, it would probably be the local "100 club" or similar sheriff charities.
The Glock window decal may not mean much... it just means the burglar will shoot first, or escalate things to an armed home invasion. Dogs, on the other hand can be a good deterrent... even a 10 pound wiener dog can bark enough that it might get attention, provided the dog isn't the type that yaps at everything that moves.
My primary concern with my home security is the meth-head, smash/grab type of thief. To protect against that, I encrypt all hard disks and backup media, as well as have some offsite storage (also encrypted). That way, when something does get stolen, it is "just" a theft of hardware, and I don't have to worry about the data being used for blackmail or extortion. I can get a police report, hand it to my insurance company for the claim, and go on.
What I might end up doing is building a NAS for backups that is located "off the beaten path", such as in the attic, or somewhere that isn't obvious. It can be found by a determined party because it would either have an Ethernet jack or a Wi-Fi presence, but a smash and grab intruder wouldn't think it is there, much less hunt for it, especially after they get an armload of equipment.
What would be a better solution is Apple making it cross platform. This way, no matter what platform one is on, iMessages go through. This would establish iMessage as a standard, and that would be better for Apple on the long term, than only allowing their devices to use it.
Swap SIM card to an iDevice... switch iMessage off, swap back. Don't forget to make sure your iPads, iPods, and Macs don't have the number checked either.
Don't ask how I know...
Generators may not be the best example, because of economies of scale. It is cheaper to run a couple gigawatt power plants than thousands of kilowatt generators. A diesel generator tends to be for backups, or perhaps a conversation piece when you fire it up to make sure it still works every few weeks [1].
Servers are different. A cloud provider will be using the same type of hardware that their clients will be using, be it blade enclosures, 1U x86 servers, an EMC VNX backend, Cisco Nexus fabric, ASA firewalls, and so on. The big question... do you pay for the servers sitting in your data center, or do you pay for them sitting in some data center Bog knows where. Either way, those servers will get paid for.
[1]: If you can hear people over the noise it makes.
V2V sounds good, but I wonder about people who will hack it. For example, making a fake "traffic is gridlocked here" alert might make one's commute a lot better, or triggering a car to panic stop because it thinks another is doing the same can cause actual harm.
Security isn't something that can be strapped on anymore. It has to be "baked in", in multiple layers, and thoroughly tested as well as every other feature. I hope the makers of V2V technology has this in mind that is being deployed.
First thing one should do with almost all Android devices (GPE devices are a cautious exception) is to re-ROM them. I've not really been impressed with Verizon's text app myself, so I prefer a replacement.
In any case, having the ability to encrypt phone and SMS conversations in an app, completely separate and independent from the OS is a boon. An eavesdropper would have to go from being passive to actively interacting with the apps or actively reading/scanning memory for keys to upload.
With newer versions of Android demanding a password on reboot to decrypt /data, the time it takes to type in a second password isn't that much, assuming the ROM one is using is stable enough not to require frequent power cycles.
All and all, we need more of this stuff. It would be nice to have programs PGP/gpg compatible and some standard so all apps use one's private key (similar to client certificates, but not using the TLS/SSL mechanism, but using PGP's WoT.)
I wonder if the bootloader is unlockable so one can make their own ROM for it. The ideal is the ability to type in "fastboot oem unlock", flash a ROM, then relock the bootloader. That way, if someone wants to reflash, they have to re-unlock the bootloader (triggering an erase and TRIM cycle of the /data partition.)
$15,000 gets one a i-MiEV from Mitsubishi. No, this isn't a luxury car, but it is a decent city runabout. A cow-orker has one, and for commuting and running around in the city, it is close to ideal.
For long trips, it suffers the same problems as the Leaf, but if one has two cars, it may be a decent choice because it doesn't require stopping at gas stations, and it requires very little upkeep (no oil changes.)
I've wondered about that myself -- have a vinyl record for sale, but include a card with a key on it so someone can go to a download site, pick up their choice of an ISO image, the sounds in FLAC, or their format of choice. Best of both worlds, a true artifact with a lot of space for good cover art, and high quality music (which could even be studio quality, not just CD spec.)
Give me a break here. Assuming the laser isn't powerful enough to melt the foil pits, the type of laser in my CD player is going to make no difference to the media life whatsoever. It might be that the mechanism that holds the disk in place may be better or worse, but a read laser? I'd be more concerned about oxygen getting between the sandwiched polycarbonate and attacking the foil or issues with the hub than I would about the read laser's quality or type.
Blackberries excel in the security arena. While someone puts an iPhone on airplane mode and runs off with it, a Blackberry can be set to erase itself if it doesn't get a network connection in a certain time interval. No other platform offers this assurance.
Blackberries also used their own servers. Servers secure enough that countries demanded RIM give them access or else kick them out of the country. No wayward CAs, no bogus certs... it may not be perfect, but BIS is/was a secure way of doing mail.
BES, OTOH, I'm neutral about. It is nice having an authentication mechanism separate from SSL/TLS, but historically, BES was fiddly. It is likely rock solid now, but it got a bad reputation.
I don't think RIM is doomed. Should people/companies actually value security, they are the only game in town for serious security on a device level.
I've always wanted an e-Ink display on consumer routers. Press a button, up comes the password. When the router is completely reset, the default password is randomly re-generated [1], and shown on the display. Of course, this is easily changed, but it would help ensure that router "A" isn't going to have the same default as "B", and that if someone hands the router to another party after it is reset, the previous party won't be privy to the default passcode.
I've wondered what happened to "data diode" technology. Yes, you can pay a large chunk of change for one. However, for low volumes of data, it is hard to beat two computers connected by a serial cable with the return wire cut, to ensure that data only goes one way. This provides the needed monitoring info, but blackhats won't be able to get past the serial cable without physical access or social engineering.
For more data than that I've thought of using a signal-level Ethernet tap (one that doesn't have a MAC address since it allows one machine to sniff traffic on the signal level) as another method of moving data one day. However, there is something simple and assured about a serial cable.
As for updates, sticking a SD card [2] into a computer, copying a signed flash image, sticking that into the embedded system, and telling it to shutdown and reflash isn't difficult [3]. It isn't as easy as autoupdates, but it will keep a degree of separation that is needed for security. Plus one doesn't really want autoupdates on a SCADA system. It is a bad practice to autoupdate anything production, much less a system as expensive as embedded machinery.
[1]: Regenerated using some basic sane password rules to slow down guessing, of course.
[2]: USB devices can present themselves as anything. A SD card is always a drive.
[3]: Would be nice if the system had a way to handle multiple firmwares. That way, if the firmware was corrupted, one could go back to the previous. Ideally, there should be a "1.0" firmware burned into a ROM that cannot be altered, then 2-3 places for update ROMs.
We went through this exact thing with bicycle frames about 10 years ago. CF is lighter and more rigid than aluminum, but if it gets a crack or gouge in it, the frame can't be mended... it has to be tossed, and the only real way to "recycle" CF is to toss it into a thermal depolymerization machine and "boil" the epoxy and CF (using lots of water and heat) back to crude oil.
CF has its place, but on a vehicle where weight is less a limiting issue than on bicycles, it might be best off to stick with recyclable stuff like aluminum because of the volume of vehicles made. Aluminum can be recycled fairly easily... CF can't be used for much once it hits the scrapyard.
Some games, like NWN/NWN2 or older C&C versions were bought before the companies were bought out by EA.
I wish EA would go private like Dell, so it wasn't beholden to the lash of next quarter's earnings to shareholders. Then, it could do some cool stuff with all the IP it is sitting on.
Wing Commander re-releases, done as the Origin-style "interactive movies", using a full studio come to mind. Or single player games that when you finished them and put in a code, you got sent a T-shirt or a plaque, and that was paid for in the game's price.
IMHO, were EA not having to focus on next quarter's earnings above all else, it would just be good business to keep legacy servers going, even if the server for an old game was just a VM or two on a cast-off 1U Compaq in a server closet somewhere. Long term, EA would make more money (the long tail effect,) and also have good will.
This is where I see a niche market. A company that provides multiplayer access for legacy games... stuff like older C&C games, NWN, and many other games that are still playable, but may not be worth it financially to keep the servers up.
Given the choice, I'd go with a paid subscription model because one is paying for the servers, not the game, so the multiplayer access is for all the games. One could also add stuff like the NWN/NWN2 vault for easy download of player-made content as well as FPS maps/scripts.
However, I don't know if a sub model is viable, so what might work is getting newer indy games to use it, perhaps adding a couple dollars to the price of the game in order for it to use the multiplayer functionality for a couple years.
Maybe this might be something for gog.com to make? GogNet anyone?
It isn't that expensive, all things considered. Not cheap ($1-2k), but not too pricy for something that is going to pretty much be installed with little to no upkeep needed for 20+ years. Panels are around 75 cents a watt. A decent MPPT charge controller is several hundred, or you can go with more panels and a PWM controller. A pair of six volt "golf cart" batteries is about $400. A 1500-2000 watt PSW inverter is about $400 as well.
Again, not cheap, but not too expensive, and once set up (assuming everything is wired correctly), it is about as expensive as a decent online (not standby) UPS, and will provide stable power for a long time.
There is the opposite which seems to be the way to go, especially with the fees for on-grid solar power.
As usual, batteries are the biggest problem. However, with even a few 12 volt batteries paralleled, one can get 300-400 amp-hours of capacity. Add a solar array that has about 400-500 watts, MPPT charge controller, and a decent PSW inverter, and this won't run an air conditioner, but it could be a circuit that all one's low-wattage parasitic devices (cell phone chargers, a laptop, etc.) Add to the battery bank and a panel or two, and one's desktop machines can have independent power. One can also have multiple circuits, one for chargers, one for a low-draw fridge, one for the computers, all completely separate from utility power.
Instead of jobs, I'd look for internships as well. Internships get you actually in front of people who hire, and this is quite important, as showing on a resume that you worked for a company or two will put you further ahead than someone with a degree but no documented work experience other than a Starbucks position.
Professors can be of help, but a lot of them tend to work isolated from the "real" world. Their world has little pressure from H-1Bs and offshoring (other than foreign competition when it comes to textbook publishing,) so they may not know or care about trying to find work once one gets the degree.
Projects can help too. If one is a good coder, joining and looking at an OSS project might be a help come resume time. Doing a coding project that is something other than the usual smartphone/tablet app is going to get one noticed.
Finally, keep an eye on the market. What was needed four years ago may not be needed now. However, embedded programming always needs good people. It isn't a commodity job (thus the offshore dev houses are not worth the time), so it can be a niche for a career.
I will use web UIs in a pinch, and usually they are what I have available, but I will say that I'd far rather use a time-tested MUA (Thunderbird, even Outlook) than most Web based UIs. IIRC, (and I could be wrong) No Web based client supports S/MIME except Exchange/OWA, and that is with a browser add-on. PGP/gpg can be done by manual copy/paste, but the Symantec Encryption Desktop (i.e. PGP) plugin or enigmail make it a lot easier to use.
E-mail isn't something that has changed much, so having the Web UI changing as if it were a fashion is more annoying than useful.
I'd say we have it better now, because crypto isn't "illegal" like it was when ITAR was the law of the land. However, because online connections are required, coupled with layers of complexity added to even the humble desktop, the crypto may be good, but the key is still stored under the doormat for anyone to fetch.
If a criminal runs their books offline with no net connection, using a USB flash drive for physical transportation or moving encrypted data to an online PC, tripwire may not be needed.
It wouldn't take much to scare criminals into moving their unencrypted stuff offline, then the DOJ has hosed themselves since all the juicy stuff they wanted easier access to is now inaccessible unless physical attacks are used.
Usually one of three things happen with a F2P game:
1: It is malware. When you look at the permissions and a "free" fleshlight app demands everything under the sun including su access, something isn't kosher.
2: It is a game that is extremely grindy where you can spend hours doing repetitive tasks, or shell out $10 for some currency (brains, smurfberries, crowns) to make life easier.
3: It comes with 1-2 characters/weapons/etc., and you have to spend a buck each if you want anything fun to play with while playing the game. Essentially like DLC in consoles.
4: You are buying some fluff (like your vehicles with a different color) that don't change gameplay, but are a cool aesthetic.
5: It is pretty much a demo, with a couple levels, and you buy the rest.
Number 4 and 5 make sense. #1 won't get the game past the permissions menu, and a report. #2 or #3 will get the app tossed off the device and a one star review.