Clearly he intended this bill as a talking point.

It would have been funnier if he remembered to include the /s sarcasm tag in the legislation.

That's right. Especially when you have somewhere that escaped and could probably tell them exactly where to look.

I can see the officers now: "Quiet! Don't talk! No spoilers! .... Now we'll close our eyes and count to 100, then we'll start looking. Off you go."

I'm not talking about the initial 'lengthy' report, which contains sufficient detail to draw a valid conclusion and provide an appropriate declarative warning. I'm talking about the little weasel worded 'disclaimer' tossed in at the end implying we don't have sufficient info to draw a conclusion, but we'll imply one anyway.

The Chinese government standard operating procedure is to spy on the population, so it is expected they are probably doing so and were caught in the act. I would have expected a much stronger warning:

"The payload is clearly designed for spying and data extraction, with permissions allow full access to sensitive data. Although at this time we have no evidence it has been used to date, we recommend the App be removed, avoided, and/or the phone in question be sandboxed and not used for anything sensitive."

In other words, we saw a puff of smoke, and assumed it must be due to arson.

Why can't these guys wait until they've completed sufficient research before publishing such hype. Oh wait, 'journalism', as you were.

Some cars already have this - autodimming rear view mirrors. Well my car has it anyway.

Antibiotics?

Why would a distro include either of these mail servers in their default installation? They're both like a sieve when it comes to letting an attacker exploit the system. Especially when solutions exist that have been designed from the ground up with hardened security as their primary focus.

There's qmail (the original secure mail server system), but I don't recommend it since it is limited in functionality due to lack of active development (primary due to the original licensing clauses). But, I must say, there has never been a serious security exploit for this system.

And there's Postfix, which was also designed with security in mind, and is under active development. Since Postfix isn't as strict as qmail, it is much easier to configure into a reliable modern secure mail server.

Parking cameras? It's a Porsche, the valet parks it.

Porsche is all about drivability. Tesla is all about 'living room on wheels'.

Buying a Porsche is buying a driving experience. Traditionally they hug the road extremely well, have virtually no throttle lag. Steering feels super connected to the bitumen you're driving on. And high speed cornering is a dream.

I haven't driven this new electric model, but if it lives up to the expectations as a "driver's" car like their other models, then I don't even seen Tesla competing remotely in the same market segment.

Drivers don't want auto-everything. They don't want boat like driving dynamics, they want go-carts. Most of the features you've listed are a turn off for the people that are buying this sort of vehicle.

That depends on what you mean by performance. The Tesla Model S that I drove felt like a typical american boat. Yeah, it was fast off the mark in a straight line, but when it came to cornering it has nothing on any decent sports car.

The real trick here is if Porche has been optimising for drivability around corners and not just straight line freeway use.

Think of like a 'meta' plural. Like the second derivative.

Medium -> Media -> Medias -> Mediases ... etc

This is what I say about only being allowed to eat half a chicken for lunch. It leaves me hungry, and forces me to binge out on cookies, cakes, and donuts all afternoon until dinner time. If I could have just eaten a whole chicken bucket, then I would have been full and maybe only needed a litre or two of Dr Pepper to tide me over.

There's no conflict there. If I have a guy working for me, or a friend, associate, contractor, whatever. Then, if I allocate some shares/funds/assets to that guy, it doesn't suddenly mean I'm in some sort of equal partnership with him.

On the other hand, if he's a co-director of a company, or we are both working on a project where he is not directly employed by me, then it would stand to reason that he was some sort of partner.

Without any evidence of the original agreement, it is difficult to impossible to determine the actual state of the relationship.

Example: The Voice
Premise: Lets find great singers and showcase talent!
Who do you think the show producers pick:
1) Excellent singer, emotionally stable, wholesome upbringing, no difficulties growing up, comfortable living arrangements, working easy hours, adversity score: low
2) Mediocre singer, emotionally unstable, $parent died/dying of liver cancer, lost house in bush fires, lived on street for 6 months, adversity score: high

I thought so.

That is correct. The theory of revocation and the practical implementation were not aligned at the beginning. The design catered to both systems, with expiration being the online and offline usable last line of defence. Also, the clients/servers could simply use the expiration as a suggestion, and how and when they dishonoured the cert was browser specific. This allowed browsers to let the user optionally ignore expired certs and in more recent times allow browsers to force a maximum time limit that might be much earlier than the certâ(TM)s internally expiration duration.

An expiry on the order of 3 to 18 months still allows a relatively secure manual renewal system to be implemented. The organisation I work for has a monthly renewal process (certs expire in 3 months). Each month the smart cards are presented to the HSMs to generate the new certs and keys to trigger the renewal from the certificate authority. The monthly process means it doesn't get forgotten, and if a month is missed for whatever reason (eg. hardware or comms problems), then the certs still work for 3 months. It means old systems only need to sit in quarantine for 3 months, and limits the exposure for stolen keys.

This is just a short process that happens 5 minutes before one of the monthly retrospectives. Not much effort for an organisation.

Shortening to 1 day would be great for short term security, but then we're stuck dealing with holidays, weekends, broken system processes, etc, and are then forced to set up automated renewals. That not only opens the risk of hijack (either from a hacked system, or a subverted internal resource/admin), but also means that a short term equipment/network/process failure means the cert is likely to expire before anyone can do anything about fixing it.