The hunted2 becomes the hunter2?

Or perhaps more kindly: even if the data are completely accurate, they're averages that don't necessarily apply to every, or even any, particular case. I can't make a decision about something like this on the basis of what the mean or median cost/benefit would be, but only of what (as best I can estimate them) my own are.

Actually the law is still up in the air on this in the US. Judges have, in the past, held that a defendant was not obligated to reveal a password. There is no "law" about this, it's mainly interpretation of the 5th Amendment.

This. You are likely not too save much money if you like sports in general, and get all the sports channels, or movies in general, and get all the movie channels. But if you are croquet (and no other sports) and documentaries (and no other movies), and get the Croquet Network and the Documentary Channel, and nothing else, you might come out ahead.

Then you are probably part of a large and successful clan of Saudi industrialists of Yemeni origin.

You're thinking about this bass-ackwards. For a stable corporate release, use the ESR of Firefox. Don't try blocking things in DNS--for two reasons. First, there are now lots of mobile machines likely to be on the corporate networks (personal laptops, tablets, smartphones), and there's no reason to block them. Second, lots of corporate machines are notebooks, so they are going to be online outside of the LAN, and will autoupdate there. So better to go with a different release path than to try to do this at the firewall.

Sure, the damage is done, but at least you know who did it. For a firm dealing with medical, financial, or other sensitive data, that's kind of important.

Actually I doubt you'd have a case against Cisco or even the company; it would be the employee who knowingly initiated a connection that could be snooped on who would be at fault, if anyone.

In security, you have to start with the assumption that everyone is untrustworthy until proven otherwise.

No, they're not quite the same thing. But in the case of ring species, by normal standards A and B would be the same species and B and C would be the same species but A and C would not.

For some people, yes.

Actually, no. http://en.wikipedia.org/wiki/Ring_species

People who don't have one. In many parts of the world, people can't afford personal computers, and only have access to them at work, at internet cafes, etc.

What about users at the office or at a public computer (e.g., library) who have no control over the browser they're using?

Actually, there used to be an IE for Mac.