Props to Suess for his developing BBS software that became widely used, but this was in no way "the first online bulletin board". I was using the PLATO IV NOTES app, used by thousands around the world, at least four years before Suess built his BBS.

You have a debit card, which uses a PIN. In the US,only a handful of banks, none of them major, issue credit cards that have a profile requiring a PIN, whereas in most of the rest of the world, Chip-and-PIN is ubiquitous.

A major difference is that in the US, the liability for fraudulent transactions falls on the merchant or the card issuer, not on the card user. It is different elsewhere.

Back in 2005, Intel introduced its Centrino brand for Wi-Fi products, with a logo that featured a color close to T-Mobile's magenta. T-Mobile complained (or maybe sued) Intel and it tweaked the color a bit to satisfy them.

Yes, you are wrong. Fortran may not be what the "cool kids" are using, but there is a LOT of new Fortran code being written for scientific and engineering applications. Fortran also continues to evolve - Fortran 2018 was published last year. What's being written is not utility routines like LAPACK, but full-on applications in domains such as weather forecasting and optical analysis.

COBOL is indeed still widely used, and well-paying consulting gigs are still available, but the COBOL standards committee disbanded last year due to lack of involvement, though I read recently of an attempt to revive it.

The password managers I have used all allow for a local, encrypted copy to be saved and provide a way to decrypt the collections without relying on an external service (with the master password, of course). Even if the password manager goes belly-up and/or the cloud server becomes inaccessible, I still have complete access locally to my saved data.(LastPass, for example, by default stores a local encrypted vault copy that is used if the server can't be reached.)

There's a lot of FUD about risks of password managers, but few seem to understand that those risks are far lower than if you try to manage passwords yourself. I see people brag about writing in a notebook, or keeping an encrypted spreadsheet, but these don't help if you don't have access to them. My uncle used to write passwords in a notebook with a "mental encryption" that only he understood - at least for a while. I got him to move to LastPass before he died at 96, and this allowed his other nephew (primary executor) to take over the accounts for my aunt (who was unable to do so herself.) LastPass' "Emergency Access" feature gives me peace of mind should something happen to me and my wife needs access to my accounts. (She also uses LastPass but has very few logins.)

There are multiple reasons why so many users continue to reuse passwords and to choose hacked passwords. None of them involve the user being "stupid".

1) Bizarre and often undocumented site policies on which characters a password may contain, leading to choosing simple ones
2) Sites that limit password length or insist on a 4-digit PIN as the password.
3) Sites that require frequent password changes in the name of "security" but instead encourage simplistic derivations (add current month number to prefix, etc.)
4) Sites that interfere with password managers, such as blocking auto-fill or making the manager think the username has changed to asterisks
5) Password managers that are difficult for non-experts to use reliably, and that's pretty much all of them. I use LastPass and, while it mostly works ok for me, it still sometimes does bizarre things.
6) Users who think that they are unimportant to hackers or that their accounts have no value, thus they can't be bothered with a strong and unique password for each site.

Several password managers do automate password changes with hundreds of popular sites, and this mostly works, but first you have to convince the user that it's a good thing to do so. I have relatives who insist on reusing simple passwords, even using a password manager to store them, because they don't trust the password manager.

None of the browsers I have seen include what I would call good password managers. They can remember and fill in ok, but don't help users pick good passwords and generally don't store the passwords securely as external managers typically do. If the major browsers could up their game here, it would help. Chrome's extension is a good first step, but people have to ask for it first.

I use Google Trips on iOS to find things do nearby when I am traveling. That's how I learned about Het Zinneke (Zinneke Pis) in Brussels!

For some years now, an ISO/IEC working group, WG23, has been compiling lists of programming language vulnerabilities, both for specific languages and generically. The documents list for the WG is a bit of a mess, with the main link to the current draft getting a 404, but you can find links to sections on individual languages there. Some language committees are actively participating in WG23, but the C++ committee, I am told by another member, refuses to do so.

I too use Jolly Roger, and subscribe to the service where my Google Voice number multi-ring forwards to them and a bot picks up if the number appears on a known-telemarketer list. Google Voice itself does a pretty decent job of filtering spam calls, but some get through.

Absolutely correct. It would have been a LOT worse if nothing had been done.

I recently retired (as a senior developer) from a very large technology company that, in recent years, pretty much ONLY hired "junior developers". "Recent College Graduate" was the term used, and even then it was difficult to find promising candidates. The company also "strongly encouraged" hiring of women and "underrepresented minorities" (that is, not from India or China). I was not a hiring manager, but I did interview candidates and reviewed CVs - nearly all of them were from foreign-born applicants.

Yes, the senior people such as myself were expected to train the newcomers, and we did, gladly, because we wanted there to be continuity in the product development. In my conversations with peers at other firms, it was largely the same - junior programmers were much easier to get hired than senior ones.

If I could offer one piece of advice to aspiring software developers, it's to look outside of Silicon Valley. There are lots of great opportunities at companies with offices in the south, midwest and northeast. We were not looking for specific skills, other than being familiar with C or C++. (None of this new-age Python or R crap...) Nothing you learn (other than basic programming) in college is directly applicable to the real world of commercial software development - we'd teach you what we needed - but finding people willing to move outside of the west coast comfort zone was very difficult.

That said, we did find really great junior people who are well on their way to becoming the senior developers of the future.

I'm not doubting you, just stating that my experience was different. MyVoice was not mentioned at all until I brought it up, though the agent did say he had intended to ask if I wanted it.

Ah, reading too fast. The story seems ok, but my experience doesn't match that of user maiden_taiwan.

I am a Fidelity customer. I received a mailing from Fidelity describing the My Voice feature but it said I had to call in and specifically request that it be enabled. Fidelity is NOT enabling it by default for customers, at least based on what I can see.

However, this is not entirely a seamless experience. When you call in, you still have to enter your username or SSN using the phone keypad (for a username, you press the digit the letter is on, case doesn't matter, and * for special characters. Without My Voice, you also enter your password this way! Since I have a strong, unique password I ended up creating a note in LastPass with the keys to press.) Then you have to speak to have it detect your voice. I was told I could unenroll at any time.

I'm not exactly thrilled with voice being the authentication mechanism, but it's better than what they had before. Fidelity, at least, doesn't use 2FA for typical operations; their web site says they may ask for it (a code sent by SMS, I'd guess) for certain transactions, but they've never asked me for this in the past.

I wrote release notes for operating systems and compilers for nearly 40 years, and it was never an easy task. New features aren't the issue - they're usually straightforward to describe. It's bug fixes that sometimes had me tearing my hair out. For each one, based on the developers' notes and (sometimes) the original problem description, I had to figure out what I could tell a reader that would help them recognize the exact problem that was fixed. In many cases, the problem was exposed only under specific combinations of uses (especially for compiler bugs), and there was no clear-cut way of describing these.

Worse, from support and development's view, were customers who had not reported a problem themselves, but saw a description that vaguely matched what they were seeing and they'd complain that "the bug wasn't fixed". Of course, THEIR version of the bug was different from what was behind the release note.

The primary purposes of release notes, in my view, are to highlight changes in behavior or requirements that users need to know about. Lists of bug fixes are a high-effort task for low user benefit, and indeed my former employer stopped providing bug fix lists in recent years.

The little snippet release notes for apps are very vague summaries of changes, and I don't at all blame developers from writing "Bug fixes and performance improvements" over and over. Yeah, the entertaining notes are, um, entertaining, but I agree that they're more a promotional thing than an attempt to educate users.