Is or should? Which one? Do you know what you are talking about, or are you just giving us your opinion?

And which war crimes are you talking about? Real ones (you know the actual definition of war crimes, right?) or what "should" be considered war crimes if it was up to you?

There's no "basic assumption", it's just the only real good way we know how to do these things. The industry, as a rule, is only interested in information security if they are forced to. In my experience, 99% of organisation won't lift a finger about security without a legal threat, ideally backed by a big fine in case of non-compliance. We are far, far away from any hope of seeing the industry self-regulate over something like this.

Well, it certainly matter for regulation purpose. If you handle data that need to be covered under a specific standard (say, PCI), you'll seek out a certified data center. In this context, the certification isn't about security, it's about risk transfer. It's the provider who become liable if there's a breach if it can't show to have respected the standard properly.

Now as security references, they certainly have their problems. We can take solace in the thought that they help enforce the bare minimum at the very least. As a security professional, I would say their best benefit is how well they can be used as a big stick, "encouraging" management to perform necessary changes. It's a hard sell to convince an average manager to invest in security for the sake of security. But if there's a legal penalty associated with whatever standard must be put in place, as well as a big dollar sign attached to it, they'll suddenly start to listen. That's a language they understand.

"Like the majority of the population, I turn into an absolute shrinking violet when pressured by intimidating authority, but I struggle with what I see to be blatant social devolution."

No. You're not like "the majority of the population": you have a problem with authority, while most people don't. The TSA is completely useless, and their presence is a sad statement of what the US has become, but it doesn't mean that personally complying to a TSA control is some kind of horrible event that you should struggle with and go out of your way to avoid.

You want to resist them as some form of political statement? I then encourage you, as this is necessary for things to change. But don't confuse this with protecting your bruised ego. There are plenty of times in your life you'll face "intimidating authority", and in most of these occasions, this authority will be legitimate, and will have a good reason to act so. Learning to cope with such personal feelings is important for your own psychological health.

It was a joke guys. I'm sorry the sarcasm wasn't limpid enough for slashdot.

Fact: asteroids have been striking our planet from the beginning of the Earth until present. Fact: Asteroids are going to continue falling on our planet until the end of time.

Clearly, this means we shouldn't do anything to protect ourselves. And if for some reason we strongly suspect that some of our own actions have the side effect of raising the chances of an asteroid striking us, well, we shouldn't do anything about it.

"They take one of two routes: deny the science, or pretend the problems don't exist."

First, the analysis presented by the author is fraudulent, nonsensical, and just a creation of the liberal elite. Second, there's simply no issue with how politicians deal with scientific facts, I don't know why anyone would say something like that.

After hand-waiving away the cannabis legalization and the software patent petitions, it would have been amazing to see the White House answers this one candidly. "After seeing such public pressure on the matter over decades, this administration has decided to come clean with the Martians and our contacts with them."

Lawyers are also trained to know, understand and work with the law. Giving that an important role of politicians is to create and modify laws, it's no wonder there's a lot of lawyers among them. The opposite would be surprising.

A story on Turing could exploits a lot of interesting angles. He's an important figure in computer science AND in cryptography. His most prestigious work was done with WWII in the backdrop, and helped the allies tremendously. Finally, he has the total romantic yet misunderstood hero story - his contribution was a war secret, he was condemned for his homosexuality by the state he helped so much, and died a Plato death.

There's a kickass script to be made out of that.

Oh and DiCaprio is a fine choice. Great actor, versatile enough to pull it out and to let the character be the story.

As a information security professional, I've always seen the whole "security by obscurity" issue somewhat misleading. By repeating the mantra, I feel many people forgot its true meaning.

Security shouldn't RELY on obscurity. That's true. But it doesn't mean obscurity, by itself, doesn't provide security benefits.

There are many examples where this is obvious. For example, would you publish your network topography on your public website? Of course not. Even if you were convinced that its security and access control are air tight, the cost of keeping such documentation "obscure" is negligible versus its usefulness by a potential attacker.

The problem arise when obscurity is used in lieu of proper security. Unfortunately, it still happens too often. But while the presence of obscurity may be seen as suspicious by an outside party trying to evaluate the security of a system, it shouldn't be considered as evidence of its insecurity, as it sometimes is.

Finally, I understand the "many eyes" argument, and how public disclosure of the security details of a system can help improving it. After all, nobody would think about trusting a crypto algorithm that hasn't been made public and scrutinized accordingly. But this logic cannot be generalized for all systems in all context.

No, it doesn't. For any other hashing algorithm of similar speed, the same results could be obtained. It's not a weakness of the algorithm, it's a weakness of only checking for passwords of 6 characters and less. That's not a very big space.

Why settle for the *lesser* evil? Vote Cthulhu

A MOTORcycle uses a motor for propulsion, while a BIcycle use a bi.

If the human brain is a machine, and if we can build machines, then there's no reason we couldn't build an AI able to have experience just like your surgeon.

The actual process by which we could re-create the human brain doesn't really matter; that's just the implementation details. The important point is that there's no known natural process that stop us from doing it. Just that should be an incentive enough for trying.