I've long believed that suicide is nobody's fault except for the one who committed the act. However, I very much want to blame the DA for pushing him to commit suicide. I realize it's an emotional response, but there must be some basis in fact. At what point does provoking someone who then commits suicide become the moral and ethical responsibility of the provocateur?

I know I'm responding to a troll, but it hits upon an issue I've been thinking about for some time. It's well known how DAs threaten disproportionate punishments in order to get a plea bargain. And it's easy to see how this might get someone who was previously not seriously considering suicide to start doing so. Where should the line be drawn? Online/offline bullying? Threats of imprisonment? Threats of physical violence and/or torture? Or is it never someone else's fault?

I do not think that means what you think it means.

"Security through obscurity" is being deliberately insecure and relying on other people not knowing about the insecurity as your defense.

Something like this relies on the fact that choosing a random address is much easier than guessing a random address that was previously chosen. This flaw results in forcing the victim to choose a non-random address when they intend to choose a random one. And "address spraying" works by increasing the size of the target the attacker must hit from a single exact address to a large number of ranges which covers most of the available addresses.

Mega holding a copy of your encrypted key does not reduce security, and slightly improves security. A password generally has a laughably low number of bits. Anyone who knows or can guess your password can get your key and thus your files. Not very surprising. There is no way around the crypto entropy being limited by the password entropy. However, if your password has 2048 bits of entropy, then the attacker must crack 2048 bits of entropy to recover your key and your files.

Password entropy is an incredibly difficult problem to solve. xkcd has what has become the canonical example of this. 28 bits of entropy for a "typical" password. 44 bits of entropy for 4 random words strung together. The mega key is 2048 bits, which is roughly equivalent to 186 random words strung together or about 311 completely random typed characters. Anyone attempting to crack your crypto is going to attack the password, not the mega key.

The security increase comes from two factors. The net effect of padding your password so that its length is unknown, and the real world security from using a known, trusted and tested security algorithm.

In summary, your encryption isn't any more or less secure than the password you use. If it helps, you can think of the key stored on the servers as a salt, and the password you type in as the actual key.

(Also, if they were so inclined, why would they capture the decrypted key rather than just capturing the password itself?)

Sort-of. If you make a mistake in your crypto, you can make things substantially less secure. A mistake, such as using the same key for both encryption steps. Also, encryption is not necessarily additive. Encrypting something multiple times with different keys may not improve the security, or may improve the security less than the cumulative total number of key bits indicate.

As an example, let's take the caesar cipher. If you encrypt twice with a key of 13, you end up with no encryption at all. If you encrypt once with a key of 15 and a second time with a key of 12, you end up with exactly the same security as encryption once with a key of 1.

"Just following orders" is wrong not because someone higher up gave the order. It's wrong because despite the government condoning the action, the person doing it should know better. Therefore "everyone does it" is pretty much the same thing as "just following orders".

ITYM assault weapon.

[...]

I don't know what it says about me, but I wasn't. It's a bit frightening that I read and grokked it without a second thought. It didn't register until I reread it a couple of times.

Oddly enough, this is pretty much exactly what a general contractor does. Although they tend to do other things rather than watching TV.

I agree. My first thought on reading the headline and summary was that Cisco claimed it was fixed, so DefenseCode released it into the wild.

Specifically, the site argues that the scriptures say that foreign substances should not be injected into the body and also that that the human body is perfect and shouldn't be altered in any way. (A few other things are thrown in for good measure, but this is the crux of it.)

Personally, I think their interpretation has so many holes it would be laughable if the idea wasn't so dangerous and widely accepted. It also falls under the "If your religion requires human sacrifice, is murder protected by the Constitution?" heading.

This is a solved problem. Specifically, the problem of choosing which companies can legitimately provide proof of identity.

Allow the use of OpenID, but only by identity providers that put up a bond or have insurance. For example, states that require auto-insurance typically allow self-insurance by putting up a sufficiently large bond. Allow cases of compromised ID to make a claim against the bond/insurance if there is negligence by the identity provider. You can also look at how the the public notary system works.

Finally, there are already laws in place against using a false ID, ID theft, and against lying on government forms. Those can easily be extended to cover the use of OpenID on .gov websites.

If only they had tried rocket jumping, all of this could have been avoided.

Much of it comes from the frustration of purchasing an app only to find out within the first few seconds of using it that it was a waste of money. (I was thinking specifically about business and productivity apps, but it applies to games and entertainment as well.)

To expand on that a bit, take a look at http://ask.slashdot.org/story/12/07/14/0058200/ask-slashdot-building-a-personal-foss-cloud

There has always been this much Dotcom-dislike on /. There isn't really any ill-will, just a general dislike of his character; "arrogant douche" sums it up nicely.

With that said, we still want him to win, because there are so many things wrong with the whole affair, such as shutting down a multi-million dollar business without a trial.