Which is kinda the point the OP is making. The only way to read the story is to click on the misleading headline and give the author the pageview they are gunning for by crafting a misleading headline.

That's kind of my thoughts on it, too. And who is at a disadvantage in this scheme? Is it the person entered in row 13,428? Or anybody who was entered on July 16th? The chances of ending up at an advantage or a disadvantage are themselves probably pretty random.

If only there was a state out there that was full of people that knew how to make cars. Perhaps if such a place existed, it may have been a better place for Tesla to HQ than silicon valley was.

Makes me glad I took the somewhat drastic step of disabling SMBv1 on my network. As an added bonus, this makes it so Windows XP and Server 2003 are useless :).

That was about the third thought I had when Apple announced the change. Square developed this card reader that attached to the iPhone, but rather than going through the proprietary Apple connector (where Apple would demand a royalty) they used the good old standard headphone jack (where Apple doesn't get paid).

Obviously I can't prove that...

This was my first thought when I read the summary as well. S/MIME is even built into the default mail app in iOS... not sure about Android (or any of its manufacturer variants).

The biggest problem with S/MIME is managing the certificates. People generally won't want to deal with having a different private key on every device they use for their email... especially when you consider that doing so would require the sender to sign with the correct public key for the device the recipient wants to read it from. Not gonna happen. So you need to have a private key that can be securely copied to every device the user checks email on.

And, of course, the second biggest problem is webmail. Though I have no doubt if S/MIME were to really take off there would be an API for decrypting message in a browser window while keeping the private key private. It would make it impossible to read messages on some random computer... but then again, putting your password into a random computer isn't really a good idea anyway :).

Sadly this probably means tons of mixed content security errors are about to start happening. Everybody who linked to an image in their blog with the full URL (http://site.com/image.png) will have images that used to load with no problem start throwing up security errors. I had this problem when I got the Let's Encrypt certificate for my blog. Had to go back and change all the images I had loaded in my previous posts to use my new https URLs. Fortunately, I don't post often so there weren't too many...

I'm pretty sure that my SSL VPN would not be included in this survey as we don't publish it and only give the URL to those that need it... But if it were, it would be in this insecure category because of an untrusted certificate. Except it's not. The certificate is signed using our internal CA which is trusted on all company computers. We don't want people connecting using their personal computers so I'm not at all concerned with putting a globally trusted cert on it. Other than that, it is secure. We don't use SHA1, we do use TLS rather than SSL, and we use FS. So while they would call it a fail, I would not.

This

Like many people on this site, I work in IT. I get requests for access to data all the time. Some are obvious that they should be granted (a new manager is hired and they ask for access to the management section of the file server). Some are obvious they shouldn't be granted (an engineer asks for access to our controlled documents, which by company policy are restricted to only 2 people [uncontrolled versions are available to larger groups]). Some are less obvious. In those cases, I typically push the request up to somebody who has the authority to authorize (or reject) the request... though not the ability to grant the access.

A request asking that all employees social security numbers and birth dates be published to the public most definitely would fall in the "obvious they shouldn't be granted" category. Seriously, who thought for one second that was a good idea. If I had a request come in to put that list together for anybody, let alone public consumption, you can bet I wouldn't rush to get it done (article says it was same day turn-around). I'd run it as high up the flag pole as I could and get a top level sign-off on it... even if the message said it had been approved by the company lawyers. Somebody should have figured out that Social Security Numbers and Public Access don't go in the same sentence.

My thoughts exactly. And they also have minute bundles you can purchase. Really? I mean outside of prepay, does anybody even use "minutes" anymore?

There is one feature that appeals to me: the ability to do Remote Start via the app. But it's not available on my model year and definitely not worth $200/yr.

My Fusion is a 2011 with the old 2 line display. No touch screen, so all my sources are physical buttons (well, kinda... there's an "Aux" button that has the USB, 1/8" jack, and Bluetooth Audio in it).

Do you find that Sync Services has any value? It just seems odd to me that they couldn't have found a better way to communicate with the system than using your phone as a modem, thus requiring a subscription service. I'm not really into that side of things, but couldn't they have used Bluetooth to transfer the required information?

My other vehicle is a Ford Fusion. It has the Microsoft Sync system built in, though similar to your Mazda, it also has Sirius radio. I bought this vehicle used, but Sirius/XM was nice enough to include a 3 month free trial for me (like you said, to try to hook me... and to get my contact info). I used the 3 month trial which also happened to be football season. I actually did enjoy the talk stations from time to time and did like being able to tune in a game when I wasn't at home to watch it. But, as you said, nowhere near worth the price they want for it. I still get calls and letters from time to time offering me a "great" introductory rate. I ignore them all.

I recently took a trip to Canada. I had the thought that it would have been nice to start a trial as I was pulling out of the driveway (I wasn't ever going to be more than 50 miles from the US/Canada border ... down in the area next to Michigan ... so I'm assuming I would still be able to pick up service. I hadn't set it up, though, so I had to think of other solutions. So I just loaded up Pandora on my phone and blue-tooth streamed it until I got to the border. Then played the music that was stored on the phone. Way cheaper, and streaming Pandora avoided the stagnant music issue I would have had just playing music from my phone the whole trip (not to mention International roaming rates).

Unfortunately, my car does have a physical button for Sirius, but it's only one button in the mix of a whole slew of others, so I can ignore it.

My GM vehicle (an Acadia) does also have XM in it, but like your Mazada it's a touch screen so the vast majority of the time, the "XM" isn't even displayed anywhere... just those darned OnStar buttons.

I've gotta believe that this concierge service is mostly GM's OnStar. I think the biggest surprise for me in the statistic that 43% of the people never use it is that 57% have. Though I guess just trying it out one time to see how it works would no longer qualify you for the "never used it" category.

The simple fact is that most people don't want to be hit with a $100 (lowest tier paid annually) to $420 (highest plan paid monthly) per year bill on top of their car payment*. I have a vehicle that has OnStar built into it and I would much rather rip the whole thing out (including the buttons they spread through-out the car) and replace it with a simple BlueTooth connection to the stereo.

* https://www.onstar.com/us/en/p...

My question is, how does this apply to DenyHosts?

My guess would be that I'm still safe... try root at all, instant ban. Try an invalid account, grace one time (even I make a typo sometimes). Try a valid account more than 3 times? Banned. Unless, of course, this attack somehow bypasses the mechanism DenyHosts uses to detect those invalid logins... but I don't know that I saw enough information in the article to answer that question.

So what does it do?

$ is just an alias to the jQuery object (so, as I recall, $.bind() is equivalent to jQuery.bind()...) which would mean that $.bind() is not the right answer (without even using the fact that you asked the question as a hint to what the answer is).