Your employees can attack from within with impunity.
Not so, and I think you'll probably admit that particular statement a lil bit of FUD really. What this ruling does is prevents you from charging people with a statute meant for hacking when you should be charging them with statutes related to trade secret infringement (and probably suing them too).
Unfortunately the way most systems are designed security is an afterthought, once you're past the gates, there's no limits on the number of records you can download etc. If an employee's access rights to your system allow them to access data and whether or not they are allowed to access that data is dependant on company policy and what they intend to do with it then CFAA isn't really the proper law to apply. Instead you should be charging them with stealing your trade secrets and if appropriate industrial espionage, etc. Those crimes carry more than enough punishment without the need to scream OMGHAX!!!
In the US maybe but in Europe no. Essentially the European position is that when you are sold something as a consumer the default legal contract kicks in, this is between you and the retailer not you and the manufacturer. This includes an implicit term that the good are free of defects (except those explicitly disclosed to you) and fit for the purpose sold. You wish to return? It goes to the retailer who may then deal with their suppliers to handle returns themselves.
They were the breadbasket of Africa in the 70s, until the blacks took over and chased all the white farmers out.
Surely there must be a few 'blacks' there that saw the kind of mechanized farming the 'whites' were performing and learnt how to do it. We are not talking degrees in agriculture here, just practical knowledge of how to farm. Why are the smart, enthusiastic, hard workers getting anywhere? Don't try and tell me they don't exist.
There were blacks who knew how to farm efficiently, however these farm labourers were chased out along with the white farmers who owned the farms. The land didn't go to black folk who knew how to farm, it went to the so called "war veterans", aka people who backed the right political side. They also parcelled up the land into smaller parts. The result of all this was subsistence farming.
The problem wasn't just that the system for taking over land was corrupt, but that it was completely mismanaged. Strangely if the party elite had actually taken their corruption far enough, parcelled out whole farms amongst themselves and kept on the existing labourers it would probably still be a breadbasket. Alternatively they could have been patient and taken the land over but kept the white farmers on as tenants and then used the money to fund decent projects for the country (though realistically they would have skimmed off the top from this too).
China is 1.5 billion people. all of anglosphere and europe AND russia combined, cannot match that market. and its a growing market. not a saturated one.
China as a nation has a big GDP yes, but the per capita GDP is right down there with the Dominican Republic. There are a lot of people in China, but as a market western companies can only target the relatively small subset with relatively large disposable incomes. All of the migrant workers etc need their money to eat and clothe themselves and don't have much left over. Also you need to bear in mind that the rules aren't the same across China, some businesses are only possible in the Special Economic Zones. The other big problem is it is really hard to judge how big the market is, the only accurate figures are a state secret and that makes a lot of businesses nervous.
Firstly you utterly missed my point, I'm not saying there's anything wrong with needing the paperwork. I'm just suggesting that perhaps investigating alternative fuels might be a good idea if at all possible. Even if they're more expensive to produce, the savings to be had from reduced handling costs should make up for that. If you've worked in a chemical plant then you should know Hydrozene itself is not amazingly expensive to manufacture, what's expensive is ensuring that it only goes where you want it to; getting state permits to transport hazardous materials; and insurance against things going wrong. You can't replace everything hazardous you use, but what I am saying is that if you can you should.
Also, you know it's nothing like fueling your car, the gear you use to fuel your car is commodity kit, and not designed to be used by specialists. NASA on the other hand is in the business of building and fueling a considerable number of one off devices, and each of those will need its own risk assessment. There's a good reason for that too, if you breathe in fumes from petrol it's not amazingly good for you but you probably won't die, if you breathe in the fumes from hydrozene you are going to be very ill if not dead.
Going Green is probably just an excuse here, it's the money. Because it's toxic and corrosive it's hard to handle and thus expensive to handle. First you have the expensive equipment and protective gear, and then we have the paperwork... Think about it this way, every time you use the stuff you're generating reams and reams of risk assessments and paperwork. That paperwork is essentially a writeonly document which has to be produced everytime they come up with a slightly different way to do things.
I don't know if you've ever tried to obtain Halon lately but you'll find even if your system is still grandfathered it's nigh on impossible to get hold of, they've pretty much stopped making it. It's the same with the CFC's used by the shuttle's foam, being allowed to make it didn't mean the raw components are easy to come by. If they'd wanted to continue using CFCs they'd have to had to pay for a supply line to be available and maintained, whether they needed a lot or a little. The problem wasn't that they went green, the problem was that the alternative they chose wasn't the right one and they didn't want to invest the time and money working around that properly.
If everyone was in the same jurisdiction and employed as permanent staff you might be right. However laws vary from country to country and even state to state so you need to be cautious about what advice you give. This is particularly true when handling contractors which a lot of firms do these days to avoid "headcount" without realising that IP law treats them quite differently.
If you are a direct hire doing the work you were hired for, for a company, in company time using company resources then yes they do own it under "work for hire". If you are a contractor doing work for a company, you own it unless your contract vests the IP, even if it doesn't you are probably granting an implicit license. However outside of that it gets a hell of a lot more murky.
Take for example a Janitor that goes home at night and paints a painting, would the IP rights for that painting vest in his employer? Certainly not, even if it was written into his contract that all IP he produces vests in the company a judge would likely rule that application of it unconscionable.
Basically if you're a direct hire and what you created is related to your duties, it probably vests in your employer (depending on your contract). However if it's definitely outside the job you were hired to do then it's time to seek legal advice because ownership depends on jurisdiction, whether company time or materials were used and the contract you're employed under.
The problem with most managers when confronted with this situation is they automatically assume the law is always on their side. However, because copyright law was in fact designed to regulate the creative industries where working practices are often quite different from an office, the law can get quite tricky. If you're manager in this situation, seek advice from company council and above all do not attempt to bully or coerce because if you're wrong, or even if you're right you may create grounds for additional action (AKA cost the company a lot more than your pay check) in a situation that could have been resolved peacefully.
Which is why you disallow "simple" (aka 4 digit number) passwords in your provisioning profile. What Elcomsoft are doing is brute forcing the 4 digit password, which is protecting the rest of the keys, which you increase the keyspace by having a normal password the problem becomes intractable.
That's not a phone that's a brick:P. And I really meant mass market, devices with US type one encryption aren't available to folks without security clearance.
100%? Remember the Etisalat incident. The fact is we don't have full remote attestation for any phone on the market (the NSA might have one or two that do this but I mean on the mass market).
My point is it doesn't require specialised equipment or deviation from what most would call best practice. Any office where you're worried about standardised mobile devices should already have a patch panel, managed switches, a real router and if they have wi-fi at all non-consumer grade wifi access points (cisco or similar). If you're too small to have/need managed switches and VLAN's frankly you're just playing at being "enterprise". Anyway, it is often easy to support them without allowing them onto the LAN, the server active sync needs to connect to is the usually same one that provides outlook web access and done on the same IIS instance.
Support specifically for the iPhone is simple, put all the settings into a readonly encrypted and signed provisioning profile which is only removable with a full device wipe or a password. It takes about an hour to write and properly test a provisioning profile, I'm excluding the time where you decide what your policy is because you should already have one. Any more support than that isn't my problem, check it's not server side and affecting everyone, get them to restore their device and if that fails send them to an apple store.
This isn't special snowflake, this is good for productivity and the psychology of this is obvious. Any mobile is a very personal thing and an employee using their preferred device is more likely to check their email more often and not turn the damn thing off and shove it in a drawer. They're also more likely to understand the device, it's productivity features and make use of them.
Also for the record, calling the managing director a special snowflake tends to get you fired. Senior staff are usually where these devices turn up first.
Ah, now that is different, because now you're talking about a malicious policy violation and I know it happens. Only way I can think of to detect a jailbroken phone is probably to check for deviceuseragent running earlier versions of iOS in the first instance. Usually the more recent versions of IOS are confined to tethered jailbreaks. There is apparently Mobile Device Management software which can detect jailbroken phones, but I've not had any personal experience. The only guaranteed detection method is of course a physical inspection, should you have reason to believe that a phone has been jailbroken. The problem is it's not just iPhones that can be jailbroken, Androids are certainly jailbroken and Nokia's can be hacked too. The only reason why you don't get jailbroken blackberries is because frankly the hardware is boring. Can you suggest a phone that you can be 100% certain about? I'm not really sure such a phone exists.
I feel your pain, I used to work in Education IT back in the day. I'm assuming you must be running unmanaged switches? If there is ONE investment I must plead with you to get your boss to make this year, it is for a couple of decent managed switches. Pupil wires two network ports together? No problem Spanning Tree Protocol turns off the ports. Rogue device connected to the network? No problem it goes on the port isolated private VLAN'd quarantine network because you have RADIUS server authenticating devices. Rogue DHCP server? No problem all packets are dropped at the switch. Plus all errors at the switch can be sent to a syslog console so that you know that something's up even if you've not been called. The time it will save you if done right, especially on a large site is amazing. Plus you can put the curriculum and admin networks on the same switch VLAN them and control what passes between them with a firewall.
Assuming we're going with the GP post's question RE an iPhone my answers to your questions would be as follows:
1. The Managing Director bought it because he got annoyed about the blackberry outage.
2. Sadly the Managing Director controls your budget, ergo he says what you do and don't support.
3. It's an iPhone, it supports ActiveSync and provisioning profiles but you should know this already, given you read slashdot.
4. Because you set the policy on the exchange server to require good passwords on all devices connecting via ActiveSync. If you don't know this you really shouldn't be administrating an exchange server.
5. See point 3.
6. You know it's encrypted because you googled iPhones and know that the any iPhone 3GS or above has encrypted memory. Thus why wiping is so quick, it just deletes the encryption key.
7. See answer 6.
8. See answer 3. Provisioning profiles.
9. See answer 3. Provisioning profiles.
10. Private VLAN it and employ port and wireless isolation.
You've not given any questions here that you should even be asking users apart from questions 1 and 2 which are legit questions. The rest are stuff where you do the research and tell them the answer.
It is very easy to create a "knock-out" version of a creature which lacks the enzyme to synthesise a particular essential nutrient. This is done to mice and bacteria all the time for experimental purposes. The problem is that plants are harder to contain than animals when it comes to breeding, often it means plucking every stamen off the mutant plant, and in large samples, a couple inevitably get missed. All it takes is a wild-type pollen to land on a mutant-type stamen and you've got a new plant which is heterozygous for the mutant knocked out allele and the wild type. This is then fitter than it's homozygous mutant brethren because it can exist in environments where they can't. Thus natural selection screws up your experiment.
In that case I'm revoking your declaration of independence, that relied heavily on "Natures God" and "Divine Providence" for it's authority. I believe you owe about 400 hundred years back taxes? Of course I'm being facetious but your ignorance of historical context is inexcusable.
Congress shall make no law respecting an establishment of religion, or prohibiting the free exercise thereof
The founders of your great nation, had come from a place (Europe) where religion was heavily involved in politics. In the English House of Lords, you have the Lords Spiritual, bishops governing by right of being part of the Established Church. In Italy you had the Vatican playing politics like it was a game, seeing who would be next to get their uncle made pope. Wars were fought over Calvinism and Catholicism. These were Established religions referred to in the First Amendment, and you can understand why the founders of the US wanted nothing like that to happen in the US.
This however had nothing to do with personal expressions of faith, as it was expected then as now the politicians expressed their faith publicly. You might disagree with this personally, but this was the 18th century and it is what it is. Indeed it can probably be argued that Jefferson wanted to erect a wall of separation between church and state, but he didn't quite get that far, didn't have the votes. This is why you end up with the fudge that is the First Amendment, congress is able to say "one nation under god" because that is not establishing a particular religion, and is inline with the traditions of the time when the nation was founded. They cannot however grant churches seats in the senate. You want to change that? Fine, use your democratic rights, write a constitutional amendment and get it ratified.
It's not exactly security secret information, the only time where it might be useful to know it is when you're on a LAN and if you are then you can get it from ARP anyhow. If someone has it they can probably guess what model your machine is or maybe your wifi chipset if you're on that. That information might be useful for an attack, but usually only within a LAN context where as I said before they'd have it anyway.
But you raise a good point giving away your permanent address to everyone you connect outbound? Well you don't have to, on modern ipv6 stacks you get a EUI-64 address as your permanent address, and along with it a random dynamic address assigned as your temporary. Windows 7 and Mac OS X do this already, RFC 3041 described here. If you want anyone to be able to connect to you permanently only then do you give them your permanent address (back to my mac, VNC connections, etc). But for all outbound connections you always use your temporary.
Referrer information is typically a function of the browser and is passed in your HTTP headers you're sending to the site you're going to. Normally referrer information doesn't persist when you click a HTTP link from a HTTPS page but do when you click a HTTPS link from a HTTPS page. According to the article what Google are doing here is ACTIVELY interfering with the normal functioning of this information. Adding javascript tricks to prevent it being passed to HTTPS pages when it's not a paid link and using similar tricks to ensure advertisers do get that information, regardless of HTTP(S) status. If google didn't give a beep about web masters collecting referrer data on non-paid links, they wouldn't be using the javascript tricks.
I know you're trolling but ask a semi-legitimate question. A better question is what value is there in keeping it around? And the answer is none, it's been replaced and we can't afford to keep it around. Fortunately neither can the Russians, thus the New START treaty enables both sides to get rid of their warheads, whilst inspecting that the other side got rid of theirs. This means it's in America's national interest for the warheads that are active to be the most useful ones, and that's not necessarily the ones with the biggest boom.
Also a dismantled rusting nuke is better than a rusting nuke. These things are getting old and it either needed upgrading or replacing. Interestingly it's already been replaced by the B61, so why it was still sitting around I'm not entirely sure. Anyway as you probably know old bombs with decaying conventional explosives in them sometimes go off by accident because the conventional explosive gets unstable. Now nuclear bombs have safeguards against that accidental detonation, especially the more modern ones, however you would NOT want to have to clean up the mess one of these made even if it was just detonated with a conventional explosive.
Slashdot Mirror
Your employees can attack from within with impunity.
Not so, and I think you'll probably admit that particular statement a lil bit of FUD really. What this ruling does is prevents you from charging people with a statute meant for hacking when you should be charging them with statutes related to trade secret infringement (and probably suing them too).
Unfortunately the way most systems are designed security is an afterthought, once you're past the gates, there's no limits on the number of records you can download etc. If an employee's access rights to your system allow them to access data and whether or not they are allowed to access that data is dependant on company policy and what they intend to do with it then CFAA isn't really the proper law to apply. Instead you should be charging them with stealing your trade secrets and if appropriate industrial espionage, etc. Those crimes carry more than enough punishment without the need to scream OMGHAX!!!
Ignore this post I had forgotten certificates.
Actually scratch my previous assertion. Some distributions of SSH use OpenSSL (not in the SSL tunnel sense, but for certificates etc).
None. SSH does not use SSL.
In the US maybe but in Europe no. Essentially the European position is that when you are sold something as a consumer the default legal contract kicks in, this is between you and the retailer not you and the manufacturer. This includes an implicit term that the good are free of defects (except those explicitly disclosed to you) and fit for the purpose sold. You wish to return? It goes to the retailer who may then deal with their suppliers to handle returns themselves.
They were the breadbasket of Africa in the 70s, until the blacks took over and chased all the white farmers out.
Surely there must be a few 'blacks' there that saw the kind of mechanized farming the 'whites' were performing and learnt how to do it. We are not talking degrees in agriculture here, just practical knowledge of how to farm. Why are the smart, enthusiastic, hard workers getting anywhere? Don't try and tell me they don't exist.
There were blacks who knew how to farm efficiently, however these farm labourers were chased out along with the white farmers who owned the farms. The land didn't go to black folk who knew how to farm, it went to the so called "war veterans", aka people who backed the right political side. They also parcelled up the land into smaller parts. The result of all this was subsistence farming.
The problem wasn't just that the system for taking over land was corrupt, but that it was completely mismanaged. Strangely if the party elite had actually taken their corruption far enough, parcelled out whole farms amongst themselves and kept on the existing labourers it would probably still be a breadbasket. Alternatively they could have been patient and taken the land over but kept the white farmers on as tenants and then used the money to fund decent projects for the country (though realistically they would have skimmed off the top from this too).
China is 1.5 billion people. all of anglosphere and europe AND russia combined, cannot match that market. and its a growing market. not a saturated one.
China as a nation has a big GDP yes, but the per capita GDP is right down there with the Dominican Republic. There are a lot of people in China, but as a market western companies can only target the relatively small subset with relatively large disposable incomes. All of the migrant workers etc need their money to eat and clothe themselves and don't have much left over. Also you need to bear in mind that the rules aren't the same across China, some businesses are only possible in the Special Economic Zones. The other big problem is it is really hard to judge how big the market is, the only accurate figures are a state secret and that makes a lot of businesses nervous.
Firstly you utterly missed my point, I'm not saying there's anything wrong with needing the paperwork. I'm just suggesting that perhaps investigating alternative fuels might be a good idea if at all possible. Even if they're more expensive to produce, the savings to be had from reduced handling costs should make up for that. If you've worked in a chemical plant then you should know Hydrozene itself is not amazingly expensive to manufacture, what's expensive is ensuring that it only goes where you want it to; getting state permits to transport hazardous materials; and insurance against things going wrong. You can't replace everything hazardous you use, but what I am saying is that if you can you should.
Also, you know it's nothing like fueling your car, the gear you use to fuel your car is commodity kit, and not designed to be used by specialists. NASA on the other hand is in the business of building and fueling a considerable number of one off devices, and each of those will need its own risk assessment. There's a good reason for that too, if you breathe in fumes from petrol it's not amazingly good for you but you probably won't die, if you breathe in the fumes from hydrozene you are going to be very ill if not dead.
Going Green is probably just an excuse here, it's the money. Because it's toxic and corrosive it's hard to handle and thus expensive to handle. First you have the expensive equipment and protective gear, and then we have the paperwork... Think about it this way, every time you use the stuff you're generating reams and reams of risk assessments and paperwork. That paperwork is essentially a writeonly document which has to be produced everytime they come up with a slightly different way to do things.
I don't know if you've ever tried to obtain Halon lately but you'll find even if your system is still grandfathered it's nigh on impossible to get hold of, they've pretty much stopped making it. It's the same with the CFC's used by the shuttle's foam, being allowed to make it didn't mean the raw components are easy to come by. If they'd wanted to continue using CFCs they'd have to had to pay for a supply line to be available and maintained, whether they needed a lot or a little. The problem wasn't that they went green, the problem was that the alternative they chose wasn't the right one and they didn't want to invest the time and money working around that properly.
If everyone was in the same jurisdiction and employed as permanent staff you might be right. However laws vary from country to country and even state to state so you need to be cautious about what advice you give. This is particularly true when handling contractors which a lot of firms do these days to avoid "headcount" without realising that IP law treats them quite differently.
If you are a direct hire doing the work you were hired for, for a company, in company time using company resources then yes they do own it under "work for hire". If you are a contractor doing work for a company, you own it unless your contract vests the IP, even if it doesn't you are probably granting an implicit license. However outside of that it gets a hell of a lot more murky.
Take for example a Janitor that goes home at night and paints a painting, would the IP rights for that painting vest in his employer? Certainly not, even if it was written into his contract that all IP he produces vests in the company a judge would likely rule that application of it unconscionable.
Basically if you're a direct hire and what you created is related to your duties, it probably vests in your employer (depending on your contract). However if it's definitely outside the job you were hired to do then it's time to seek legal advice because ownership depends on jurisdiction, whether company time or materials were used and the contract you're employed under.
The problem with most managers when confronted with this situation is they automatically assume the law is always on their side. However, because copyright law was in fact designed to regulate the creative industries where working practices are often quite different from an office, the law can get quite tricky. If you're manager in this situation, seek advice from company council and above all do not attempt to bully or coerce because if you're wrong, or even if you're right you may create grounds for additional action (AKA cost the company a lot more than your pay check) in a situation that could have been resolved peacefully.
Which is why you disallow "simple" (aka 4 digit number) passwords in your provisioning profile. What Elcomsoft are doing is brute forcing the 4 digit password, which is protecting the rest of the keys, which you increase the keyspace by having a normal password the problem becomes intractable.
That's not a phone that's a brick :P. And I really meant mass market, devices with US type one encryption aren't available to folks without security clearance.
100%? Remember the Etisalat incident. The fact is we don't have full remote attestation for any phone on the market (the NSA might have one or two that do this but I mean on the mass market).
My point is it doesn't require specialised equipment or deviation from what most would call best practice. Any office where you're worried about standardised mobile devices should already have a patch panel, managed switches, a real router and if they have wi-fi at all non-consumer grade wifi access points (cisco or similar). If you're too small to have/need managed switches and VLAN's frankly you're just playing at being "enterprise". Anyway, it is often easy to support them without allowing them onto the LAN, the server active sync needs to connect to is the usually same one that provides outlook web access and done on the same IIS instance.
Support specifically for the iPhone is simple, put all the settings into a readonly encrypted and signed provisioning profile which is only removable with a full device wipe or a password. It takes about an hour to write and properly test a provisioning profile, I'm excluding the time where you decide what your policy is because you should already have one. Any more support than that isn't my problem, check it's not server side and affecting everyone, get them to restore their device and if that fails send them to an apple store.
This isn't special snowflake, this is good for productivity and the psychology of this is obvious. Any mobile is a very personal thing and an employee using their preferred device is more likely to check their email more often and not turn the damn thing off and shove it in a drawer. They're also more likely to understand the device, it's productivity features and make use of them.
Also for the record, calling the managing director a special snowflake tends to get you fired. Senior staff are usually where these devices turn up first.
Ah, now that is different, because now you're talking about a malicious policy violation and I know it happens. Only way I can think of to detect a jailbroken phone is probably to check for deviceuseragent running earlier versions of iOS in the first instance. Usually the more recent versions of IOS are confined to tethered jailbreaks. There is apparently Mobile Device Management software which can detect jailbroken phones, but I've not had any personal experience. The only guaranteed detection method is of course a physical inspection, should you have reason to believe that a phone has been jailbroken. The problem is it's not just iPhones that can be jailbroken, Androids are certainly jailbroken and Nokia's can be hacked too. The only reason why you don't get jailbroken blackberries is because frankly the hardware is boring. Can you suggest a phone that you can be 100% certain about? I'm not really sure such a phone exists.
I feel your pain, I used to work in Education IT back in the day. I'm assuming you must be running unmanaged switches? If there is ONE investment I must plead with you to get your boss to make this year, it is for a couple of decent managed switches. Pupil wires two network ports together? No problem Spanning Tree Protocol turns off the ports. Rogue device connected to the network? No problem it goes on the port isolated private VLAN'd quarantine network because you have RADIUS server authenticating devices. Rogue DHCP server? No problem all packets are dropped at the switch. Plus all errors at the switch can be sent to a syslog console so that you know that something's up even if you've not been called. The time it will save you if done right, especially on a large site is amazing. Plus you can put the curriculum and admin networks on the same switch VLAN them and control what passes between them with a firewall.
Assuming we're going with the GP post's question RE an iPhone my answers to your questions would be as follows:
1. The Managing Director bought it because he got annoyed about the blackberry outage.
2. Sadly the Managing Director controls your budget, ergo he says what you do and don't support.
3. It's an iPhone, it supports ActiveSync and provisioning profiles but you should know this already, given you read slashdot.
4. Because you set the policy on the exchange server to require good passwords on all devices connecting via ActiveSync. If you don't know this you really shouldn't be administrating an exchange server.
5. See point 3.
6. You know it's encrypted because you googled iPhones and know that the any iPhone 3GS or above has encrypted memory. Thus why wiping is so quick, it just deletes the encryption key.
7. See answer 6.
8. See answer 3. Provisioning profiles.
9. See answer 3. Provisioning profiles.
10. Private VLAN it and employ port and wireless isolation.
You've not given any questions here that you should even be asking users apart from questions 1 and 2 which are legit questions. The rest are stuff where you do the research and tell them the answer.
/s/wild-type pollen to land on a mutant-type stamen/wild-type pollen to land on a mutant-type carpel/
It is very easy to create a "knock-out" version of a creature which lacks the enzyme to synthesise a particular essential nutrient. This is done to mice and bacteria all the time for experimental purposes. The problem is that plants are harder to contain than animals when it comes to breeding, often it means plucking every stamen off the mutant plant, and in large samples, a couple inevitably get missed. All it takes is a wild-type pollen to land on a mutant-type stamen and you've got a new plant which is heterozygous for the mutant knocked out allele and the wild type. This is then fitter than it's homozygous mutant brethren because it can exist in environments where they can't. Thus natural selection screws up your experiment.
In that case I'm revoking your declaration of independence, that relied heavily on "Natures God" and "Divine Providence" for it's authority. I believe you owe about 400 hundred years back taxes? Of course I'm being facetious but your ignorance of historical context is inexcusable.
Congress shall make no law respecting an establishment of religion, or prohibiting the free exercise thereof
The founders of your great nation, had come from a place (Europe) where religion was heavily involved in politics. In the English House of Lords, you have the Lords Spiritual, bishops governing by right of being part of the Established Church. In Italy you had the Vatican playing politics like it was a game, seeing who would be next to get their uncle made pope. Wars were fought over Calvinism and Catholicism. These were Established religions referred to in the First Amendment, and you can understand why the founders of the US wanted nothing like that to happen in the US.
This however had nothing to do with personal expressions of faith, as it was expected then as now the politicians expressed their faith publicly. You might disagree with this personally, but this was the 18th century and it is what it is. Indeed it can probably be argued that Jefferson wanted to erect a wall of separation between church and state, but he didn't quite get that far, didn't have the votes. This is why you end up with the fudge that is the First Amendment, congress is able to say "one nation under god" because that is not establishing a particular religion, and is inline with the traditions of the time when the nation was founded. They cannot however grant churches seats in the senate. You want to change that? Fine, use your democratic rights, write a constitutional amendment and get it ratified.
It's not exactly security secret information, the only time where it might be useful to know it is when you're on a LAN and if you are then you can get it from ARP anyhow. If someone has it they can probably guess what model your machine is or maybe your wifi chipset if you're on that. That information might be useful for an attack, but usually only within a LAN context where as I said before they'd have it anyway.
But you raise a good point giving away your permanent address to everyone you connect outbound? Well you don't have to, on modern ipv6 stacks you get a EUI-64 address as your permanent address, and along with it a random dynamic address assigned as your temporary. Windows 7 and Mac OS X do this already, RFC 3041 described here. If you want anyone to be able to connect to you permanently only then do you give them your permanent address (back to my mac, VNC connections, etc). But for all outbound connections you always use your temporary.
Referrer information is typically a function of the browser and is passed in your HTTP headers you're sending to the site you're going to. Normally referrer information doesn't persist when you click a HTTP link from a HTTPS page but do when you click a HTTPS link from a HTTPS page. According to the article what Google are doing here is ACTIVELY interfering with the normal functioning of this information. Adding javascript tricks to prevent it being passed to HTTPS pages when it's not a paid link and using similar tricks to ensure advertisers do get that information, regardless of HTTP(S) status. If google didn't give a beep about web masters collecting referrer data on non-paid links, they wouldn't be using the javascript tricks.
That would be fun, but the trouble is if it fizzled, or only the conventional explosives detonated, the fallout would be a right mare to cleanup.
How does this help our nation?
I know you're trolling but ask a semi-legitimate question. A better question is what value is there in keeping it around? And the answer is none, it's been replaced and we can't afford to keep it around. Fortunately neither can the Russians, thus the New START treaty enables both sides to get rid of their warheads, whilst inspecting that the other side got rid of theirs. This means it's in America's national interest for the warheads that are active to be the most useful ones, and that's not necessarily the ones with the biggest boom.
Also a dismantled rusting nuke is better than a rusting nuke. These things are getting old and it either needed upgrading or replacing. Interestingly it's already been replaced by the B61, so why it was still sitting around I'm not entirely sure. Anyway as you probably know old bombs with decaying conventional explosives in them sometimes go off by accident because the conventional explosive gets unstable. Now nuclear bombs have safeguards against that accidental detonation, especially the more modern ones, however you would NOT want to have to clean up the mess one of these made even if it was just detonated with a conventional explosive.