It's not like people will start spending loads more money that they don't have just because they perceive it as a little bit more convenient.
You might be surprised. One of the reasons the banks pushed contactless is that they've found that convenience correlates very highly with spending amounts. They've pushed out quite a few things that have made fraud a little easier, knowing that the increase in total number of transactions will cover the increase in losses from fraud.
If someone steals my credit card, I can report it stolen and there's no liability to me. The bank cancels it immediately and the thief has a very good chance of being caught if he tries to use it. If you have a wallet stolen, thieves will often simply discard the cards, because they're traceable and of little value. The only exception to this is in muggings, where the banks hand out little pin sentry terminals for Internet banking and some enterprising crooks realised that this let them validate pins, so would force people to provide their pins and check them instantly.
In contrast, a mobile phone is something that has resale value in itself. Even with the various remote disabling features, most phones are stolen for export, typically to the middle east where the mobile providers don't respect the stolen device lockouts and so the stolen phone can just be reset to factory defaults and used.
Apple has done a bit better than Android with the security. Their Secure Element provides a separate core with its own NVRAM that stores the card details and signs the transactions, and doesn't provide a mechanism for exfiltrating the card details. Both Android and iOS, however, have had kernel-level vulnerabilities in the last year and anyone using one of these could exfiltrate the keying material from most Android phones and could run code to make an Apple phone authorise transactions that it shouldn't.
In contrast, my credit card is never connected to the Internet, so is only vulnerable to local attacks. It does support contactless payment, but the range is very short (a few cms, making it effectively a physical attack), the number and size of transactions are limited each day, and the liability is set up so that I am not responsible for any fraudulent contactless payments.
You also use the police, whether you want to or not, that represents a good hunk of your local tax burden
And even if you don't use the police specifically, you use the legal framework that is enforced by the police and courts. Those property rights that libertarians seem to believe are the source of all freedoms aren't worth squat if a stronger and better armed person decides that you shouldn't have them anymore.
You probably also rely on the FDA and EPA to ensure that the food and water that you eat and drink are not full of toxins (admittedly, in some parts of the USA, this works better than others).
It sounds silly when you put it like that, but there's actually a lot of sense to it. How about this: 'large concentrations of power bad, checks and balances good'. Wait, that actually sounds like something your founding fathers said, maybe there's something to it. When any entity - corporate, individual, or government - concentrates enough power, the possibilities for abuse become huge even without malicious intent.
Seriously? Do you live in the middle of nowhere? Amazon here gives free delivery on every purchase over about £20 (maybe £25?). Delivery on cheaper things is typically about £1. I've never had to pay anything like that for Amazon delivery, even when ordering from Amazon France for delivery to the UK. I don't think I've ever paid close to $75 for delivery of anything I've ever bought online from anywhere.
ARM's Mali GPU also does a trick in hardware that's similar to one of the things listed here. It stores a hash of every square region in the frame buffer and only writes back the new value to RAM if it's changed. The power cost of communicating with the DRAM is far more than the cost of computing the hash, so if you get a modest hit rate then you end up saving a noticeable amount of power.
It can't change fast enough to work as an activity light, and since it maintains an image effectively forever until updated it's not trustworthy for lower rate status monitoring like power on
Even cheap electronic paper can be updated once per second with fairly low power requirements. For activity, the lights have basically been useless for decades: unless you're the only one on the network and are sending pings one per second, they're basically always on. It would be far more use to have a few more pixels and display a logarithmic scale bar of total throughput. For power on, something that alternated between - and | once per second would let you know that there was power flowing, without needing a static light.
It's also worth noting that electronic paper does fade over time, just far more slowly than a conventional LCD. If you requirements are only that it holds its image for 10 seconds, then you could manufacture the paper to far lower tolerances and end up with something that would be completely white (well, uniform pale grey) well under a minute after power off.
That said, a conventional reflective LCD will have all of the same advantages and none of the disadvantages.
The same PCI EIDE card cost $20 for PC or $100 for Mac "back in the day"
Back in the day, Macs came with OpenFirmware and so required different ROMs on the PCI cards. This typically added to the cost (the FORTH code in OpenFirmware provided a complete interface, whereas the tiny bit of PC BIOS code did far less and so required a smaller ROM chip) and had a far smaller market to amortise the run over. Amusingly, given your argument, quite a few companies I know bought graphics cards from Apple, because they worked fine in any OpenFirmware system and Apple sold you precisely the same card as Sun, but at a quarter of the cost. For a few models, the hardware was the same, so you could get the PC version and reflash it with the OpenFirmware firmware, but that typically voided the warranty and didn't always work.
That analogy doesn't quite hold, because the taxes are paid to Ireland, not the EU. It's more akin to one US state deciding that a company doesn't need to pay state taxes. This kind of thing is completely legal in the USA, which is why states in the US have seen a race to the bottom for various tax rates. The problem with the ruling is that, until a few months ago, everyone thought that this was legal in the EU too. It has, however, always been illegal for an EU nation to subsidise a particular company (with a few carefully regulated exceptions).
The recent ruling is saying that an agreement that says that Apple doesn't have to pay $21B that it would normally have had to pay is equivalent to the Irish government giving Apple $21B. I have a lot of sympathy with that interpretation (you give me $1 and I give you back $1 is very similar to you not giving me $1 in the first place), but it's a little bit surprising that this kind of clarification would happen after decades of lots of similar deals. It's also quite surprising that Ireland hasn't been fined: If this is illegal state subsidy, then the state providing the illegal subsidy is more in the wrong than the company accepting it, yet it appears that their punishment is to receive $21B that they didn't expect. I would be very happy to be punished by the EU in exactly the same way...
They don't read most (if any) of the bills that they vote on, why should they read the constitution that they swear to uphold? It doesn't help that the majority of the constitution is written in dated legalese and largely impenetrable to mere mortals (there's a reason why, of the 4487 words in the constitution, a couple of hundred make up the vast majority of all of the parts people quote, and most of those are from the [somewhat more readable] amendments).
How long has it been since you've daily had something on your wrist 24/7?
About a decade. I take my current watch off when I sleep. It took me a while to find one that I like, because most watches aimed at men seem to be designed to compensate for something and are huge and bulky. I have a very thin Skagen watch with a titanium mesh band, which weighs very little and doesn't catch on anything. I might be interested in a smart watch, but the current generation are a good 4 times thicker than my current watch, and if I carry a bulky thing on my wrist then I'm likely to knock it into things and break it.
Speaking as someone who maintains a C compiler for a slightly less conventional architecture, that's far from all that it does. For example:
It assumes that pointers are strongly ordered, which implies that either pointers do not carry bounds information or that the bounds information never changes (for example, during a realloc).
There's no requirement that your computer have registers, but you're write about the assumption that instructions are executed in sequence. Until C11, there was no notion of parallel execution in C (yes, it was decades after SMP existed and years after multicore became mainstream that C even provided a way of implementing a mutex without relying on assembly). Volatile only gave ordering guarantees (and not liveness guarantees - there's no guarantee that a write to a volatile variable in one thread will ever be seen by a read in another thread) for a single address.
The language as defined by the standard doesn't assume that pointers can be manipulated as integers. It makes intptr_t optional and if it's present the only guarantee that's required is that storing a void* in an intptr_t and then casting it back to a void* gives you the original value. An implementation that only supports this will break all real-world C code, however, and the de-facto standard requires that you support arbitrary pointer arithmetic on pointers stored as integers.
Similarly, the C standard doesn't permit ordered pointer comparisons between pointers to different objects, but almost all real-world code depends on it (all of the common implementations of trees and hash tables do pointer compares between different objects). This strongly implies a flat linear address space and maps very poorly to modern NUMA systems or even to protection domains on a typical embedded core's MCU.
If you want to understand more, read our recent PLDI paper Into the Depths of C: Elaborating the De Facto Standards. C is neither a good fit for modern architectures, not a good fit for modern program requirements (for example, it assumes that an address space contains a single security domain).
Even in places that try to crack down on cash, it's generally fine to carry small quantities of the stuff. One possible compromise would be a fully anonymous payment network that can only handle small quantities from each sender. For this kind of thing, you want a few million people to be able to pay a few dollars a day each. That's not likely to be very useful for money laundering, but would be enough to keep anti-establishment news outlets in business doing investigative journalism.
its not like direct access to your checking or savings account (I would never do either of those, that's dumb)
Do you not have something equivalent to the Direct Debit Guarantee in the UK? We can happily let companies pull money from our accounts (well, less happily than if they provided their services for free), can cancel their ability to do so in a couple of clicks, and can undo any transactions that we dispute, at which point if they actually do believe that we owed them the money then they have to pursue it through the courts. I'd have thought any vaguely modern banking system would have something similar.
Most of the complaints are about the wired network, not the wireless. Wireless networks have some rent seekers, but there's just about enough competition that you can't get away without at least some network upgrades. In contrast, the US has spent a vast amount of taxpayers' money subsidising the phone companies to replace ageing copper infrastructure with something that can handle high speeds, and had most of that money spent on shareholder dividends rather than upgrades to any of the unprofitable areas.
Only Linux did. *BSD still puts system stuff in/etc, all third-party packages into/usr/local/etc. You can lock down/etc quite hard, and it contains all of the configuration required to boot and recover the system./usr/X11R6/etc went away because it eventually contained just Xorg.conf (and not even that if you're on a fairly recent system where automatic configuration works and you're happy with the defaults), and it didn't make sense to have a separate directory for zero or one files.
The blog post also seems to imply that you'd need root access to actually install the exploit
It's not an exploit, it's a rootkit. A rootkit is a tool for retaining undetected access to a compromised system, not a tool for compromising the system in the first place.
Note that this is a rootkit. The purpose of a rootkit is to retain access to a system that you've already compromised, without being detected. The goal is that normal system administration tasks won't suddenly lock you out. For example, when the user updates their coreutils package, the package installer doesn't fail because your evil binaries have the wrong signature and your binaries are not replaced by uncompromised ones.
They do add new features to an 8-year-old OS, they just bundle them with a bunch of new UI tweaks and sell it as a new product. The problem is that they don't have a revenue model for selling what most business customers want: the same OS for 10+ years, with support for new hardware and up to date security patches. This is why old UNIX vendors stayed around and why RHEL still does well: for a lot of companies, the new shiny doesn't matter at all, they just want to be able to guarantee that things that worked last year will work next year, even if they need to replace broken hardware. Microsoft has managed to persuade a lot of companies to pay for Office as a subscription service, but not Windows. If companies were paying $50/year/seat for Windows 7, I suspect that MS would support it well into the 2020s.
I haven't tried it for a long time, but in 2003 I had a Matrox G550 and later upgraded to a Radeon R200. Both supported dual monitors in FreeBSD (I presume Linux support was at least as good, as much of the relevant X code was originally written and tested on Linux). It worked in both dual screen and Xinerama mode (one virtual screen, windows could span between them). On one of the cards, you only got 3D acceleration on the primary monitor, but Windows had the same issue. The main problem was that in Xinerama mode there wasn't a way for applications to find out the size of one screen, so things ended up spanning them and needed to be manually resized, whereas in dual screen mode they always ended up in one screen and could be moved between them but not span both (OS X has recently moved to this model, because it's very hard to do the single-screen, multiple displays, thing when you have different resolutions). A few year later, xrandr support became solid and it was possible to unplug and plug in extra monitors on the fly. That's still fairly flaky with some GPUs, but KMS has made it a bit better and it's generally stable on the older ones.
First all the people who think their lives are so important that people will be lining up to spy on their mundane existence need to get over themselves.
That's not what people think. Some people remember the McCarthy era, when seemingly innocuous events in your past could be used against you. Did you give money to a charity that sent food to America's allies in the second world war? Better hope those allies weren't Russian, and if they were then no one finds out about it or your career can be ruined if you're in the way of the wrong person. Back then, it took a lot of investigative work, but if everything is recorded and indexed then you're just a database query away from having a list of all of the things that someone has done the next time that someone decides to introduce a Committee for Unamerican Activities or a Committee for Public Safety.
Other people are concerned more about aggregation. I'm not interesting, and you're not interesting, but when you start to aggregate information about you, me, him, her, and so on, then you get a lot of information that can be used to subtly manipulate political opinions. It's hard to think of many people you'd trust with this kind of power, and the people who are collecting it are probably not on the list.
The cost of insurance is (expected-loss + insurance-company-overhead + insurance-company-profit). If you self-insure, it is just the expected loss.
Not true. The cost of insurance is (expected loss * probability of loss + insurance company profit / overhead). The cost of self insuring is either 0 or the expected loss. It only makes sense to self insure if you have a large number of things that you can average the risk over. It's also often a good idea to take a middle path. For example, the university that I work for gets a good deal on travel insurance, because the underwriters only have to cover very rare (and expensive) payouts. For smaller things, the university covers them itself out of overhead - these things are small and (averaged over all of the staff and students that qualify for the insurance) statistically easy to predict. They know roughly how much the payouts are going to be each year and budget for it. It wouldn't make sense to pass this onto an insurer, because we'd be paying them more than we're getting back. For particularly unusual events, we are covered, because then we average the risk not just among our own staff and students, but among the other tens or hundreds of thousands of people covered by the underwriter's policy. We will, on average, pay more than we get back, but in any given year we might get a lot more back than we pay and it's far easier to budget for that.
The dual mission of the NSA is the problem: they have to compromise enemy systems and secure their country's own. This is difficult, because those systems are typically running the same software. If they find a flaw in OpenSSL, do they keep it to use as an offensive tool, or do they fix it so that they're no longer vulnerable when the next person finds the same vulnerability? To date, the answer has almost always been keep it. If Obama wants to end the arms race, then he needs to switch the NSA's mission to always favour defence over offence.
If a language doesn't intend to change, then that's fine: disband WG14, declare C11 the final version, and let the language die a slow death. If WG14 is going to keep refining the language, then it must do so with a goal in mind (it is doing, by the way).
Computers change and applications change and therefore so do the changes in requirements for programming languages. C was a fine systems programming language (well, okay, it was a not-terrible one) when you wanted an abstract machine that was basically a PDP-11. Even modern microcontrollers don't really look like a PDP-11 anymore though, so the utility of C is diminishing.
The company in question has one of the top 10 largest Linux deployments in the world. If they can't make Linux work, then that doesn't reflect well on Linux.
Slashdot Mirror
It's not like people will start spending loads more money that they don't have just because they perceive it as a little bit more convenient.
You might be surprised. One of the reasons the banks pushed contactless is that they've found that convenience correlates very highly with spending amounts. They've pushed out quite a few things that have made fraud a little easier, knowing that the increase in total number of transactions will cover the increase in losses from fraud.
If someone steals my credit card, I can report it stolen and there's no liability to me. The bank cancels it immediately and the thief has a very good chance of being caught if he tries to use it. If you have a wallet stolen, thieves will often simply discard the cards, because they're traceable and of little value. The only exception to this is in muggings, where the banks hand out little pin sentry terminals for Internet banking and some enterprising crooks realised that this let them validate pins, so would force people to provide their pins and check them instantly.
In contrast, a mobile phone is something that has resale value in itself. Even with the various remote disabling features, most phones are stolen for export, typically to the middle east where the mobile providers don't respect the stolen device lockouts and so the stolen phone can just be reset to factory defaults and used.
Apple has done a bit better than Android with the security. Their Secure Element provides a separate core with its own NVRAM that stores the card details and signs the transactions, and doesn't provide a mechanism for exfiltrating the card details. Both Android and iOS, however, have had kernel-level vulnerabilities in the last year and anyone using one of these could exfiltrate the keying material from most Android phones and could run code to make an Apple phone authorise transactions that it shouldn't.
In contrast, my credit card is never connected to the Internet, so is only vulnerable to local attacks. It does support contactless payment, but the range is very short (a few cms, making it effectively a physical attack), the number and size of transactions are limited each day, and the liability is set up so that I am not responsible for any fraudulent contactless payments.
You also use the police, whether you want to or not, that represents a good hunk of your local tax burden
And even if you don't use the police specifically, you use the legal framework that is enforced by the police and courts. Those property rights that libertarians seem to believe are the source of all freedoms aren't worth squat if a stronger and better armed person decides that you shouldn't have them anymore.
You probably also rely on the FDA and EPA to ensure that the food and water that you eat and drink are not full of toxins (admittedly, in some parts of the USA, this works better than others).
It sounds silly when you put it like that, but there's actually a lot of sense to it. How about this: 'large concentrations of power bad, checks and balances good'. Wait, that actually sounds like something your founding fathers said, maybe there's something to it. When any entity - corporate, individual, or government - concentrates enough power, the possibilities for abuse become huge even without malicious intent.
Seriously? Do you live in the middle of nowhere? Amazon here gives free delivery on every purchase over about £20 (maybe £25?). Delivery on cheaper things is typically about £1. I've never had to pay anything like that for Amazon delivery, even when ordering from Amazon France for delivery to the UK. I don't think I've ever paid close to $75 for delivery of anything I've ever bought online from anywhere.
ARM's Mali GPU also does a trick in hardware that's similar to one of the things listed here. It stores a hash of every square region in the frame buffer and only writes back the new value to RAM if it's changed. The power cost of communicating with the DRAM is far more than the cost of computing the hash, so if you get a modest hit rate then you end up saving a noticeable amount of power.
It can't change fast enough to work as an activity light, and since it maintains an image effectively forever until updated it's not trustworthy for lower rate status monitoring like power on
Even cheap electronic paper can be updated once per second with fairly low power requirements. For activity, the lights have basically been useless for decades: unless you're the only one on the network and are sending pings one per second, they're basically always on. It would be far more use to have a few more pixels and display a logarithmic scale bar of total throughput. For power on, something that alternated between - and | once per second would let you know that there was power flowing, without needing a static light.
It's also worth noting that electronic paper does fade over time, just far more slowly than a conventional LCD. If you requirements are only that it holds its image for 10 seconds, then you could manufacture the paper to far lower tolerances and end up with something that would be completely white (well, uniform pale grey) well under a minute after power off.
That said, a conventional reflective LCD will have all of the same advantages and none of the disadvantages.
The same PCI EIDE card cost $20 for PC or $100 for Mac "back in the day"
Back in the day, Macs came with OpenFirmware and so required different ROMs on the PCI cards. This typically added to the cost (the FORTH code in OpenFirmware provided a complete interface, whereas the tiny bit of PC BIOS code did far less and so required a smaller ROM chip) and had a far smaller market to amortise the run over. Amusingly, given your argument, quite a few companies I know bought graphics cards from Apple, because they worked fine in any OpenFirmware system and Apple sold you precisely the same card as Sun, but at a quarter of the cost. For a few models, the hardware was the same, so you could get the PC version and reflash it with the OpenFirmware firmware, but that typically voided the warranty and didn't always work.
That analogy doesn't quite hold, because the taxes are paid to Ireland, not the EU. It's more akin to one US state deciding that a company doesn't need to pay state taxes. This kind of thing is completely legal in the USA, which is why states in the US have seen a race to the bottom for various tax rates. The problem with the ruling is that, until a few months ago, everyone thought that this was legal in the EU too. It has, however, always been illegal for an EU nation to subsidise a particular company (with a few carefully regulated exceptions).
The recent ruling is saying that an agreement that says that Apple doesn't have to pay $21B that it would normally have had to pay is equivalent to the Irish government giving Apple $21B. I have a lot of sympathy with that interpretation (you give me $1 and I give you back $1 is very similar to you not giving me $1 in the first place), but it's a little bit surprising that this kind of clarification would happen after decades of lots of similar deals. It's also quite surprising that Ireland hasn't been fined: If this is illegal state subsidy, then the state providing the illegal subsidy is more in the wrong than the company accepting it, yet it appears that their punishment is to receive $21B that they didn't expect. I would be very happy to be punished by the EU in exactly the same way...
They don't read most (if any) of the bills that they vote on, why should they read the constitution that they swear to uphold? It doesn't help that the majority of the constitution is written in dated legalese and largely impenetrable to mere mortals (there's a reason why, of the 4487 words in the constitution, a couple of hundred make up the vast majority of all of the parts people quote, and most of those are from the [somewhat more readable] amendments).
How long has it been since you've daily had something on your wrist 24/7?
About a decade. I take my current watch off when I sleep. It took me a while to find one that I like, because most watches aimed at men seem to be designed to compensate for something and are huge and bulky. I have a very thin Skagen watch with a titanium mesh band, which weighs very little and doesn't catch on anything. I might be interested in a smart watch, but the current generation are a good 4 times thicker than my current watch, and if I carry a bulky thing on my wrist then I'm likely to knock it into things and break it.
It assumes that pointers are strongly ordered, which implies that either pointers do not carry bounds information or that the bounds information never changes (for example, during a realloc).
There's no requirement that your computer have registers, but you're write about the assumption that instructions are executed in sequence. Until C11, there was no notion of parallel execution in C (yes, it was decades after SMP existed and years after multicore became mainstream that C even provided a way of implementing a mutex without relying on assembly). Volatile only gave ordering guarantees (and not liveness guarantees - there's no guarantee that a write to a volatile variable in one thread will ever be seen by a read in another thread) for a single address.
The language as defined by the standard doesn't assume that pointers can be manipulated as integers. It makes intptr_t optional and if it's present the only guarantee that's required is that storing a void* in an intptr_t and then casting it back to a void* gives you the original value. An implementation that only supports this will break all real-world C code, however, and the de-facto standard requires that you support arbitrary pointer arithmetic on pointers stored as integers.
Similarly, the C standard doesn't permit ordered pointer comparisons between pointers to different objects, but almost all real-world code depends on it (all of the common implementations of trees and hash tables do pointer compares between different objects). This strongly implies a flat linear address space and maps very poorly to modern NUMA systems or even to protection domains on a typical embedded core's MCU.
If you want to understand more, read our recent PLDI paper Into the Depths of C: Elaborating the De Facto Standards. C is neither a good fit for modern architectures, not a good fit for modern program requirements (for example, it assumes that an address space contains a single security domain).
Even in places that try to crack down on cash, it's generally fine to carry small quantities of the stuff. One possible compromise would be a fully anonymous payment network that can only handle small quantities from each sender. For this kind of thing, you want a few million people to be able to pay a few dollars a day each. That's not likely to be very useful for money laundering, but would be enough to keep anti-establishment news outlets in business doing investigative journalism.
its not like direct access to your checking or savings account (I would never do either of those, that's dumb)
Do you not have something equivalent to the Direct Debit Guarantee in the UK? We can happily let companies pull money from our accounts (well, less happily than if they provided their services for free), can cancel their ability to do so in a couple of clicks, and can undo any transactions that we dispute, at which point if they actually do believe that we owed them the money then they have to pursue it through the courts. I'd have thought any vaguely modern banking system would have something similar.
Most of the complaints are about the wired network, not the wireless. Wireless networks have some rent seekers, but there's just about enough competition that you can't get away without at least some network upgrades. In contrast, the US has spent a vast amount of taxpayers' money subsidising the phone companies to replace ageing copper infrastructure with something that can handle high speeds, and had most of that money spent on shareholder dividends rather than upgrades to any of the unprofitable areas.
Only Linux did. *BSD still puts system stuff in /etc, all third-party packages into /usr/local/etc. You can lock down /etc quite hard, and it contains all of the configuration required to boot and recover the system. /usr/X11R6/etc went away because it eventually contained just Xorg.conf (and not even that if you're on a fairly recent system where automatic configuration works and you're happy with the defaults), and it didn't make sense to have a separate directory for zero or one files.
The blog post also seems to imply that you'd need root access to actually install the exploit
It's not an exploit, it's a rootkit. A rootkit is a tool for retaining undetected access to a compromised system, not a tool for compromising the system in the first place.
Note that this is a rootkit. The purpose of a rootkit is to retain access to a system that you've already compromised, without being detected. The goal is that normal system administration tasks won't suddenly lock you out. For example, when the user updates their coreutils package, the package installer doesn't fail because your evil binaries have the wrong signature and your binaries are not replaced by uncompromised ones.
They do add new features to an 8-year-old OS, they just bundle them with a bunch of new UI tweaks and sell it as a new product. The problem is that they don't have a revenue model for selling what most business customers want: the same OS for 10+ years, with support for new hardware and up to date security patches. This is why old UNIX vendors stayed around and why RHEL still does well: for a lot of companies, the new shiny doesn't matter at all, they just want to be able to guarantee that things that worked last year will work next year, even if they need to replace broken hardware. Microsoft has managed to persuade a lot of companies to pay for Office as a subscription service, but not Windows. If companies were paying $50/year/seat for Windows 7, I suspect that MS would support it well into the 2020s.
I haven't tried it for a long time, but in 2003 I had a Matrox G550 and later upgraded to a Radeon R200. Both supported dual monitors in FreeBSD (I presume Linux support was at least as good, as much of the relevant X code was originally written and tested on Linux). It worked in both dual screen and Xinerama mode (one virtual screen, windows could span between them). On one of the cards, you only got 3D acceleration on the primary monitor, but Windows had the same issue. The main problem was that in Xinerama mode there wasn't a way for applications to find out the size of one screen, so things ended up spanning them and needed to be manually resized, whereas in dual screen mode they always ended up in one screen and could be moved between them but not span both (OS X has recently moved to this model, because it's very hard to do the single-screen, multiple displays, thing when you have different resolutions). A few year later, xrandr support became solid and it was possible to unplug and plug in extra monitors on the fly. That's still fairly flaky with some GPUs, but KMS has made it a bit better and it's generally stable on the older ones.
First all the people who think their lives are so important that people will be lining up to spy on their mundane existence need to get over themselves.
That's not what people think. Some people remember the McCarthy era, when seemingly innocuous events in your past could be used against you. Did you give money to a charity that sent food to America's allies in the second world war? Better hope those allies weren't Russian, and if they were then no one finds out about it or your career can be ruined if you're in the way of the wrong person. Back then, it took a lot of investigative work, but if everything is recorded and indexed then you're just a database query away from having a list of all of the things that someone has done the next time that someone decides to introduce a Committee for Unamerican Activities or a Committee for Public Safety.
Other people are concerned more about aggregation. I'm not interesting, and you're not interesting, but when you start to aggregate information about you, me, him, her, and so on, then you get a lot of information that can be used to subtly manipulate political opinions. It's hard to think of many people you'd trust with this kind of power, and the people who are collecting it are probably not on the list.
The cost of insurance is (expected-loss + insurance-company-overhead + insurance-company-profit). If you self-insure, it is just the expected loss.
Not true. The cost of insurance is (expected loss * probability of loss + insurance company profit / overhead). The cost of self insuring is either 0 or the expected loss. It only makes sense to self insure if you have a large number of things that you can average the risk over. It's also often a good idea to take a middle path. For example, the university that I work for gets a good deal on travel insurance, because the underwriters only have to cover very rare (and expensive) payouts. For smaller things, the university covers them itself out of overhead - these things are small and (averaged over all of the staff and students that qualify for the insurance) statistically easy to predict. They know roughly how much the payouts are going to be each year and budget for it. It wouldn't make sense to pass this onto an insurer, because we'd be paying them more than we're getting back. For particularly unusual events, we are covered, because then we average the risk not just among our own staff and students, but among the other tens or hundreds of thousands of people covered by the underwriter's policy. We will, on average, pay more than we get back, but in any given year we might get a lot more back than we pay and it's far easier to budget for that.
The dual mission of the NSA is the problem: they have to compromise enemy systems and secure their country's own. This is difficult, because those systems are typically running the same software. If they find a flaw in OpenSSL, do they keep it to use as an offensive tool, or do they fix it so that they're no longer vulnerable when the next person finds the same vulnerability? To date, the answer has almost always been keep it. If Obama wants to end the arms race, then he needs to switch the NSA's mission to always favour defence over offence.
Computers change and applications change and therefore so do the changes in requirements for programming languages. C was a fine systems programming language (well, okay, it was a not-terrible one) when you wanted an abstract machine that was basically a PDP-11. Even modern microcontrollers don't really look like a PDP-11 anymore though, so the utility of C is diminishing.
The company in question has one of the top 10 largest Linux deployments in the world. If they can't make Linux work, then that doesn't reflect well on Linux.