...it is arguably "stealing reputation" (depriving another of their reputation and taking it for yourself).

I've referred to it as "reputation fraud," but yes, we appear to be in general agreement.

I see this old semantic game blooms anew on Slashdot. "It isn't stealing". Fine. It's fraud. Don't worry that your reputation is shot and/or somebody else is trading on your good name. It isn't stealing. Oh... the victim feels much better now.

I don't understand; what are you complaining about? You're correct. It isn't theft, it is fraud. So why call it theft when it's clearly something else?

If you call it by the correct name, you'll get community support, even among the "copying is not theft" crowd. OTOH, if you call it stealing, then you'll get mired in a gigantic semantic dogpile as hundreds of people re-litigate what constitutes "stealing."

We don't even need to raise the "Is it stealing?" question in this case. It's clearly fraud. So call it "fraud." Geez...

WHAT THE FUCK IS THIS DOING ON SLASHDOT?!?

You want to spread whiny, partisan, maliciously misleading horseshit? Go to RedState or Breitbart; that's their stock in trade. It doesn't fscking belong here. Get this garbage off Slashdot now.

I think if James Clapper or Keith Alexander joined the board of DropBox you'd see the same issues. But they haven't.

Being a donor to one of two political choices (or often both) is one thing. That's very, very far removed from power. Actually having started wars whilst being Secretary of State is entirely different.

She gave speeches strongly advocating war in Iraq, and was an integral part of the whole process that led to a war which killed over 100,000 people. It was later solidly established that the people at the very top of the Bush administration knew their excuses for war were BS and kept repeating them anyway, and ignoring all the evidence that they were wrong.

I keep reading about how intelligent this woman is. But given the things she's done, she sounds pretty goddamn dumb to me. It's not everyone who can say their mistakes led directly to mass death.

Much though I love NSA related conspiracy theories, especially lately, I think "the NSA writes a pile of crap and gives it away for free in the hope it becomes inexplicably popular" is perhaps not the best one available. OpenSSL has been around for a loooong time with virtually no resources put into it, which is one reason it sucks. The other reason being that the original author wrote OpenSSL in order to teach himself C (and it shows).

Recall that SSL was not very widely used up until a few years ago, and it's only in the last 18 months that suddenly every man and his dog wants a secure website. It's not surprising that core libraries that do it are subpar. Even very large companies like Google or Microsoft have typically only had one or two people who really understood and cared about SSL.

Unpopular though it is, if you can take a small(ish) performance hit, you could use a Java HTTPS server that proxies to your app. The Sun/Oracle JSSE SSL stack (in the Oracle VM, not Android) is pure Java and thus immune to these sorts of errors. In JDK8 it supports TLS 1.2, ECDSA, perfect forward secrecy and the use of AES-NI for hardware accelerated constant time stream ciphering.

I would say it is a problem with mailing lists. They are taking mail, rewriting it to say something different, then delivering it in such a way that they claim they didn't change it (with broken digital signatures). This isn't Yahoo breaking mailing lists. This is just mailing lists doing something stupid. The fix is for them to stop doing MITM attacks on people's mail or to do it, but to resign the mail themselves so they take responsibility for it.

It's not like DKIM is new by the way, mailing list developers and admins have had this coming for years. But you won't find a more backward or stubborn bunch than crusty postmasters who ran mailing lists the same way since the 80's.