So responsible disclosure works because even if the threat is never disclosed fully by the person who found it, it might be discovered by some one else independently.

Not all companies think this way. Some seem to think that threats about legal action against the finder, will keep not only the finder from publishing, but everybody else as well. Or they seem to think that such threats can give the finder sufficient incentive to ensure, that nobody else will find the problem.

I am not entirely sure how such companies think, but they do try to cover up security vulnerabilities, which were found by outsiders by threatening those outsiders.

Give duckduckgo.com a try.

I looked on a few of the search results and found them to be from the bing crawler. This could mean that it is simply a thin layer of alternative UI built on top of bing, in which case the search results would be the same. It may be more than a thin layer, but somehow I doubt that Microsoft gave them access to the raw crawl data in order to build an index for an alternative search engine. Either way, using data directly or indirectly from the bing crawler means that Microsoft can influence, what shows up in the results.

"Doe.... Ray.... Egon!" *smirk*

The developmental years of my life would have been very different if not for his specific influence on them. Fare well Mr. Ramis, and thank you.

Just like facebook isn't so bad since you can easily switch to another social network site... oh wait what do you mean these kind of sites are basically worthless as long as only a handful of people use them?

Your comparison is totally wrong. The usefulness of a search engine does not depend on how many people use it. If a Google competitor could give me a better UI and better search results, would I stay away from them, just because nobody else used it? No, because the value of a search engine to the user is not in its number of users.

facebook OTOH would be useless without the users. If you were the only user on facebook, it wouldn't be any use. What's even worse, there is zero integration between social networking sites. At least I do not know of any two social networking sites, where a user of one site can connect to a user of the other site. And this is the main area where social networking sites as a technology is so far from mature, that I do not consider it ready for prime time, and hence I have never invited anybody to a social networking site, and I won't do until that problem is fixed. Email does not suffer from that problem. There is actually a standard for exchanging emails between sites. Social networking has more features but zero standardization. Social networking needs to get to the same level of standardization as email. And you need to be able to download a backup of all your connections and upload it to a new provider, should you wish to do so. Just like you can use IMAP to download all your email from your current provider and upload it to a new provider.

Search engines are built on open standards, and thus anybody can create a search engine and start crawling the same web as all the others. And even when the first user comes to the site, there will be content to search in.

this is the failure of the so-called american dream.

To most people the american dream is just a dream - hence the name. How large a fraction need to be able to live the dream in order for the rest to be able to keep dreaming? Is it one in a million people or perhaps only one in a hundred million? Is the american dreal really an ideal to strive for? You can work hard throughout your life, if you are lucky it pays off, and you become rich. Everybody else is just working hard without ever getting any richer. This is the american dream in a nutshell.

The only reason the countries accept it as tax payment is because they can control its value.

Does the government of a country really control the value of its currency? They can influence it, but if external factors become too strong they can no longer control the value of the currency.

The landscape has changed.

The landscape has changed, but not enough. Microsoft have engineered a situation where the majority of people have little chance of finding a PC without Windows, thus ensuring Microsoft an income which they can spend a percentage of to maintain status-quo. And based on previous stories, it appears Microsoft is even getting subsidized from the sales of certain devices with no Microsoft software on them.

Until deciding not to pay anymore money to Microsoft is a real option for consumers, I am going to see Microsoft as a problem, that needs to be solved.

They may have been fined for their practices. But the fines are not nearly as large as the value of the position they gotten themselves through those practices.

But right now it is effectively MS vs. Google, which might be much worse. Because duopolies generally are worse than monopolies.

I disagree. I believe things would have looked much worse today, if MS had not been having competition from Google.

It is much easier for a consumer not to pay any money to Google than it is for a consumer not to pay any money to Microsoft. It is also not hard to use another search engine than Google. But every time I try, I find that both the search results and the UI tend to be worse. So I always come back to the Google search engine, just because it really seems to work better for me. As long as it is that easy to switch to another search engine, I am not worried about Google being able to maintain their position simply by making a better product than their competitors.

Sure Google makes moves, I disagree with. But not enough to put them behind their competitors. I am actually more worried about Yahoo and bing getting too close, leaving us with one less competitor for Google.

if their election process at least ensures that the one to be prez gets the plurality of the votes

Be careful about cause and effect.

In some countries you may become president because you got the majority of the votes. That would be typical in a democracy.

In other countries you may get the majority of the votes because you are the president. That is definitely not a democracy.

Close to 90% of the newsletters, notification emails, etc... etc... that I subscribe to regularly end up in my spam folder, and I (for the hundredth time) have to tell Gmail that it isn't actually spam.

It's worse than that. Sometimes Gmail refuse to accept the mail in the first place, which means it will be impossible for the intended recipient to go to the spam folder and mark it as not spam. Also Gmail may refuse to accept legitimate emails even if the recipient has created a filter to never mark such messages as spam.

Money has intrinsic value.

The intrinsic value of money is less than the value of the paper it is printed on. The real value of money is entirely due to the number of people who accept it as payment. Most countries' currencies are accepted as payment by more people than bitcoin is, which is why the value of bitcoin is still quite uncertain. There may be cases where the population of a country do not accept the official currency of that country as payment. But when that happens, they tend to choose using another country's currency as payment rather than something like bitcoin. That may change in the future, but for now I have yet to hear about any person who could handle all his income and expenses in bitcoins.

at this point in the US's history, I can't tell the diff between capitalism and corruption.

I see your point.

Under Communism, man exploits man, and they censor the Internet.

I think that is not communism but rather corruption. I suspect communism might be so prone to get corrupted, that many people cannot tell the difference between communism and corruption.

In Russia suicide terrorists bomb airports.

"utilizing multiple IPv6 addresses per interface inside your LAN" Have you ever actually tried that

Not on my own LAN. But I have been using my laptop on LANs which were configured like that.

with increasing numbers of per-interface addresses?

Who says the number has to increase? Each interface should only have one static and a handful of temporary addresses. The temporary addresses are removed at the same rate at which they are added.

increasing numbers of AAAA RRs?

You don't put temporary addresses in your AAAA records. If something need a AAAA record, you use a static address for that. So it is static address on the server side and temporary address on the client side.

NAT66, adjusting only the high order ("prefix") bytes at the external gateway is vastly more simple

Sure that is the simplest form of NAT, which you can possibly do. However it does not give you any of the anonymity or topology hiding, which is often given as motivations for using NAT in the first place.

Yes, you can avoid renumbering that way. But there are drawbacks as well. You will break any protocol, which is not strictly a client-server protocol. And you will break any algorithm, which looks at assigned addresses and behaves differently depending on whether you have a routable IP address or not. Is this breakage of protocols you may be using on a daily basis really worth it, in order to avoid a bit of extra work in the rare case, where you may have to renumber your network?

the only requirement for NAT-friendliness is that the host implementations do not tell higher layer protocols the truth about what's in the high order bytes.

How would you make anything but a strictly client-server protocol work with that requirement? Let's keep it simple and consider just the following scenario. Two clients (which could be both on the same LAN or on separate LANs far from each other) each resolve the IP address of a single server. Each client contact the server and indicate they want to communicate with each other. The server informs each client about the address of the other, such that a direct communication channel can be established between the clients.