Yes they are a good idea because you have to consider the threat model. If you were say a political target, or perhaps a famous actress you might have people gunning for your directly in which case you might be right it might not be the best idea to have all the goods in one place.

For most of us though the risk is $WEBSITE we used gets hacked and password hashes (you hope they are at least hashed) leak. If you don't have an obscenely long password 15chars+ that is also not a diction word, name of someone or something popular, etc; someone with a couple video cards will very shortly have the clear text brute forced. They will then go about using your set of credentials and all the others they bruteforced on every other major website out there (use a big bank?) to see if they work.

So for most people YES password managers are GOOD because they encourage passwords to be unique, long, and to have good entropy when used on public sites that are targets.

Now a bunch of folks are going to argue that the corpus of password manager software out there frequently suffers from terrible implantation, used unsound cryptographic methods etc. They are right! If you are use one of those that replicates between devices STOP NOW. Use one on your phone or something that you take everywhere. Make SURE IT IS NOT PART OF ANY CLOUD BACKUP/SYNC etc. Make your backups to an SD card or to your PC on your own wireless or via cable.

For attackers to get hold of the data to try and break into it they will now probably have to pop your box, get some malware running etc, at which point they don't need to download the cipher text and try and crack it, they will just wait for you to unlock it and get what they need from the keylogger or screen shots, clipboard etc directly. So while it would be better if you used a sound tool, as long as its not itself malware and phoning your passwords home or something its probably fine. Hell even a password protected excel sheet is probably good enough (but not advised).

Yes and fortuitously the Constitution defines a process by which it may be amended. Mind you that process was intentionally designed to require many parties with diverse interests to agree, so as to ensure the need is real and it isn't abused.

I agree with your statement but what people *need* to understand about exercise is that its not really about the calories you burn while you are doing its about your overall metabolism.

If you say go hiking most weekends in summer and cross country skiing most weekends in winter, you are going to have a great deal more muscle tissue on your legs are arms than someone who spends their weekends in front of their xbone. You will also have cardio-pulmonary development to support sustained high output.

That muscle tissue and elevated metabolism is going to sit there burning more calories during the week while you sit in the office at your desk. So in the context of exercising to lose weight its not really about the energy expenditure in performing the direct act, its about about turning your body to "run hotter".

Yes that right wing nutjob Harry Reid.

You are probably right but there are some things to consider here.

1) Transporting nuclear waste by rail is not exactly blue sky research. I don't think anyone seriously doubts we can find a way to get that done. Which is not say it will not take a great deal of thinking, research, testing, around the safety engineering of it or that it would be expensive to do.

2) It may prove politically impossible to ever transport these materials on a large scale. After the recent accidents with oil on rail, have the public pretty squeamish, about hazardous materials moving thru their back yards. Decades of propaganda have lots of people afraid and opposed to atomic* or nuclear* in general. In the wake of Fukushima we have already seen major western nations shutter their nuclear generating. If these trains were ready to roll today and there was a disposal site, politics would never let it happen. So there may be no need to undertake 1.

3) For practical reasons there may never be any disposal site. First for technical reasons breaders probably still make more sense, and solve the spent fuel problem. If we move in that direction most of the spent fuel isn't spent at all and it may be better to keep where it is now so its accessible. Reduces the need for 1, although only partially we still might need to move the stuff between sites.

4) Politically there may never be a disposal site. Reid has basically killed Yucca. If we can't muster the political will to put a storage facility in sparsely populated low economic value desert I don't know how we'd ever get it done anywhere else.

5) Environmentally it has been determined that even Yucca, most promising spot identified today is really not as ideal as we once thought. There may not be anyplace that is really 'good' to use as a radio active waste dump. Again killing the need for 1.

So in light of the fact that 1 is a known obstacle which we are confident is solvable, while the fundamental issues are more open questions it probably does make more sense to try and resolve the other issues first.

Umm yes it is contrary to the rule of law unless you:
A) have an established process by which a leader can be impeached
B) follow process A

The winner won because the whole "should we split up the country" issue breaks down geographically and the pro-Russia part of the country more or less could not vote. Just like the pro-Western groups in Crimea more or less could not vote. Either both of those 'elections' is legitimate or neither is. The Fact is neither election was anything close to what we would regard as inclusive, free, and fair.

I am not buying any of the propaganda about the current leadership and its legitimacy. The Fact is the previous president was compelled to leave office via extra-legal means.

Fled vs Ousted is really a Symantec argument as nobody does what would be described as "fleeing" except under duress, otherwise its just "leaving" and nobody is saying he just left. It comes down to if you want to add a connotation of cowardice and guilt or not.

You can spin things as much as you like. If you want to say we helped oust a corrupt, leader who was trying to give the nation away to his Russian counter parts. That might be true, but you cannot claim it was done by standing up for the rule of law. That is plainly false.

I remain convinced that better maneuvering around this issues was perfectly possible. A little more prudent and careful action could have gained us the westernized Ukraine we wanted without escalating apparent tensions with the Russians it jsut would have taken a few more years.

"sovereignty" what a fucking joke. They ousted a lawfully elected president, using an unlawful process at our urging. Lets face it when Obam says "elections have consequences" he means "election have consequences, if the elected is me". We have seen this with Morsi as well.

I am not saying Yanakovich was good guy; but we could have taken all their air out of this thing at the start if we would have backed Russia, in insisting the rebels/rioters just go home. Putin did not like Yanakovich either but had more or less backed him publicly at the time. It would have been much more politically challenging for him to get away with invading Ukraine while the sitting Russian leaning president was in office and than after he lost the next election to a European leaning one. Now we a situation where people can argue about the the legitmacy of the current office holders, Putin can and does make the very correct argument they are no more or less legitimate than the separatist leaders.

We could have avoided all this if Obama had been a little more patient and not tried bring Ukraine under Western influence so aggressively and quickly. It would have happen, was happening just needed time.

Now this is really Russia's game to loose. Ukraine is strategically more valuable to them than us. We have more immediate threats to deal with ISIS, Assad, IRAQ, Hamas, North Korean, and the African coast. All of those pose much greater economic and security risks to us than what happens in Non-NATO Eastern Europe.

The problem with 'Big Data' is everyone is trying to use it as a substitute for actual hypothesizing and experimentation.

I am not suggesting it isn't useful, it is, and it can be a huge help in identifying non-intuitive relationships that may exist. Its not being marketed that way though! Everyone is trying to sell it as the solution to all their unresolved problems and knowledge gaps.

At the end of the day all it can ever show is correlation, never causation. All the fancy AIs we add on top are really just correlation engines as well. One day real-soon-now WATSON or something like it will diagnose your cancer. It won't 'discover' the cure though, it will just apply the 'KNOWN' treatment that statistically correlates with the best outcome, hopefully excluding some which correlate with especially un pleasant side effects.

Same is true with the financial markets. Big Data alone will never discover a unified theory that explains market behavior. It will probably make a handful of people stupid amounts of money based again or event correlation and speed. As long as those are the drivers though we will remain forever at risk of sudden meltdowns.

I have worked with lots really sharp guys from India, mind you they have been here in the US. Which implies selection bias, they were ones who had the interest, ability, and resources to get here. I have worked with lots of guys and from all over Europe an South America as too. Some great some not so great.

I don't think 'where' has much to do with it, talent is talent and it cares not about the label applied to map marking ones place of birth.

That said I don't think much of these programs. I expect 'my government' to look out for the 'general welfare' of 'my fellow countrymen'. I think the long term economic wisdom of importing all these workers from elsewhere is highly questionable. Based on intuition, labor statistics, and anecdotes, I fail to to reach the conclusion that the vast vast majority of tech jobs could not be filled by current citizens. Its not even clear it would alter the long term cost structure of these companies much; even if it did hurt the next few quarters.

So I suggest we dispense with all of the crap, the unsubstantiated economic voodoo, the nationalism, and the Xenophobia. Lets stop incentivising off-shoring and importing of workers. Lets not disincentivise it either. Get rid of the tax loop holes; dump payroll taxes entirely. Just allocate what is required for entitlements like SS and Medicare from the general fund. Get rid of the tax exemption on benefits make them taxable as regular income. Provide that no employer may require an employee to participate in their benefits program. That will make the heal-care market place more open and take that dimension mostly out of labor competitiveness.

Then adopt a permissive immigration policy, no quotas no incentives. Let as many people come as want to but require they prove at least one of the following:

1) An offer of gainful employment
2) Existing financial resources on which they can live for at least two years.

Well no argument there but there are appropriate places to install filters and in appropriate ones. Its the job of the firewall to prevent connections to outside resources or possibly a proxy or gateway server, not the DNS servers because if the ip can be discovered some other way the control is bypassed.

Naturally in a high security environment you might need to control DNS. It can after all (at least with a cooperative) remote server be used for ingress and egress. You might configure an internal DNS server to return records only for zone on which it is an authority and perhaps whitelist specific external zones like our.trusted.partners.com; but you certainly are not going to say allow it to resolve any .com and not any .mail|.food|.biz that makes no sense.

Right so we can repeat the problems where dip shit network admin decided to not read any documentation and used something other than RFC1918 address space for internal routing. Now Bob in customer service is trying to get to the clients website which happens to be in the same IP range internal hosts uses, and wonders why he can't.

Seen it. You can't just exclude conflicting TLDs because sooner or later someone might need a resource on one of those tlds.

Right,

There is a universal truth out there nobody, not even Vixie, fully understands DNS in terms of all its interactions with it self scaled globally and what assumptions (correct or otherwise) software that uses it makes.

I fail to see how this proposed behavior solves anything. Most software out there was written to assume that if you get back an address DNS resolution worked, if there was a problem you get back something like NXDOMAIN. Lots of apps are not going to report any problems if they get back 127.0.53.53, there are going to sit and wait for the connection to time out or depending on how the system is configured report connection refused. Leaving the user with no way to know the name was wrong.

Its not good for developers writing new code either, because now they have to do somethig like this:

Try addr = gethostbyname($hostname) //stupid hack to test for 127.0.53.53
raise NSException.NXDOMAIN if addr == aton("127.0.53.53")
dosomethingwithaddress(addr)
catch NSException => e
echo 'Name resolution problem' + e.msg >> $strerr
end

Which is ungly confusing and stupid.

Of course the real issue here nobody is taking care of is the security one. Bob is happily using his laptop to read his mail on the corporate network connected to mail.some_now_public_tld and then he goes to the coffee shop, the guys operating some_now_public_tld fixup their dns to answer for mail and wait for Bob to send his credentials. It will work too because Its a certain that the same folks who thought it was a good idea to ignore the rfcs and use some_now_public_tld are the same ones who still think its okay to run services with no authentication to the client. So Bobs mail app not configured to use SSL etc never checks any server cert and just sends his password.

Wait how does executing code delivered over a clear text channel without some other strong attribution and integrity controls in place not count as stupid or insecure.

Then we have slashdot here were we shove our session cookies back and forth in clear text. Not ideal but I don't execute code from slashdot (noscript) and I don't reuse my user name ore password elsewhere. So that lowers my exposure somewhat.

The browser makes need to at this point:
Disable the execution of any script or content of any script tag that was not transferred securely or loaded from local media; by default. Perhaps provide a white-list function to accommodate legacy intranets and stuff. They should similarly deny embedded objects like flash, sliverlight, acrobat, etc in those situations.

This would do a lot to protect people from both inject attacks and various forms of phishing. It would also really push site operators and web hosts to make sure SSL is available everywhere.

He admits to the acts but not to the intents. Intent is a big part of criminal culpability. He would also dispute many of the claimed harms done.

I work in Information Security, much of what I do phishing, exploit development, etc would be illegal except for intent and harm. There is no harm because any property I obtain or gain control of is not converted for my use but promptly returned unimpaired. I have no intent to illegally convert anything for my use or disclose any information about your organization but rather to fully comply with the NDA and scope of activities agreement I signed with your boss.

And for those reasons it isn't fraud when I call you pretending to be from the IT Directory from the European Subsidiary needed you to install the emgency "patch" I am about to e-mail you.

The law is not as simple as "what you did" why you did it matters and so does what the outcome was and even what the potential outcomes were.

Two comments on that.

The wise cracks tend to actually be moderated as "funny" by simply not including a funny moderation options a site would probably do a lot to discourage modding comments of that type up. A site could also easily offer user preferences for not including funny up mods when determining how to sort comments for display time.

A bit of levity might not directly contribute to the conversation by may encourage others to participate who otherwise would not have. IT may also inspire creative thinking in others leading to additional insight. Humor is something many people use to tackle issues they find challenging.