I am in a similar situation where I have a couple of Google Apps accounts that I ONLY use for work-related purposes. NOTHING ELSE. Never authorise anything to use them keep it all on my personal. Sure enough LinkedIn has slurped some contacts from sent items. I use different passwords for everything. I hardly have even used LinkedIn, much less with a work related email account open (I hardly open them). The ONLY way they could have stole it (That is the only thing running at the same time) would be a mobile app either from my Android or iOS device. I have these work accounts set up permanently on these devices and foolishly it seems loaded the LinkedIn app.

Funny enough ALL these email accounts have been getting spam lately from "Dr OZ" to their actual address, which is strange when I use disposable email addresses for EVERYTHING, including client contact. The only thing I use the actual address for is to log in and set up the mail client. These email addresses must have been slurped from a mobile app, not sure if it was LinkedIn or another app.

Well Yes and No.
No - I don't agree that the subject matter that has been actually leaked was right for governments to have done in the first place. eg: The deliberate killing of innocent civilians in Iraq. That is wrong.

Yes - I do agree that leaking information is harmful to government and beneficial to enemies, because the enemies can use what the government did wrong as a recruiting tool to gain support against them. With all the negativity against governments having all this data, I would say that it is working pretty well for the enemies of the government.

Note - Being an enemy of the government doesn't necessarily mean you have done anything wrong, it just mean that you don't agree with the governments actions. For example, the EFF is an enemy of the government, even though they are not doing anything wrong.

TL;DR - Governments should stop doing things wrong instead of hiding what they do wrong, because it is what they do in the first place that was leaked which is aiding the 'enemy' (anyone who disagrees with the government) recruit other people against the government (anyone who supports Leaking of coverups), rather than the act of leaking in itself.

WiFi is going to be cheaper.

5 years ago it would be considered a "Hacking" crime to bring to light such a trivial adjustment to the way you access a website by changing it's URL in a small way, but now it is grounds for class action against the operator for actual lax security.

It would be like Obama completely bugging his wife's car, not because she is under the protection of the Secret Service, but because he wants to watch everything that she is up to without her knowledge. GPS Tracking, Sound, Video, the works - he can watch her every breath.

And then when she realises that he has been spying on her, he would say "Well you wouldn't mind if you have nothing to hide! I'm just cleaning out the dirty dishes!"

"Is there a structural problem with computer-aided pilot's ability to fly visual approaches?"

No, Just Pilot error. The 777 has constantly landed at SFO everyday for years without issue and the cause of the Asiana has been well-documented.

Synology have been moving from the personal to the enterprise space as of late with their "DiskStation" NAS line of products. Some of their high end "NAS" boxes can get pretty powerful. There is a function of the DiskStation is called "Cloud Station", essentially a Dropbox clone.

Basically what you would be doing is having your own on-premises 'Dropbox appliance'. It is very easy to setup/integrate with it's user-friendly interface for the admin, and then all you really need to do then is forward the ports and install the client software.

They should have saved this exploit for jailbreaking than to report it, comsidering the chances of an in-the-wild infection are low. Public charge stations are quite uncommon.

From the article, these are the following supported browsers:
Microsoft Windows XP: Internet Explorer 6.0, Netscape 7.2, Firefox 1.0.3, Mozilla 1.7.7."
Firefox is still available (Windows link) and is fairly independent from the underlying OS, so it would probably work on Vista+/Mac/Linux too (If you can find Mac/Linux links).

Still a pain to have to pick and choose browsers. It is easier for the average person to use the offline version.

Even easier for the hacker to compromise such an outdated website and input their benefits claim directly into the database tables
(and already approved for their 10 fake identities of course).

Then how come you are posting as VertexCortex and not Anonymous coward, still needs to be a mechanism to make sure you are VertexCortex. Ideally you should be able go hit "Login" on your browser, and your browser automatically logs you in for you while using two factor in the background (once you have already two-factored with your browser when you sat down) so Slashdot knows 1. You are VertexCortex (to load your preferences and posting abilities as your name) and 2. You have proven yourself (It doesn't need to know how, it just needs to kniw that you have)

The thought process of a developer is that it is usually a user problem, and therefore it is the user that needs fixing, not the user.

The cold reality is that using passwords at all is the problem.

Passwords are an antiquated solution to a simple problem from the very start of multi-user computing. It is simple but exponentially ineffective as it scales.

The human mind is not set up to remember multiple, complex passwords. There are very few humans who are gifted with this ability to remember literally hundreds of different passwords without writing it down, I would put someone who can in the realm of an academic genius who can remember entire textbooks or recite Pi for hours before they eventually have to take a break for physical reasons.

Normal people write it down or keep it to a narrow set of passwords depending on which level of complexity the system will allow. Both bad security practice.

And passwords that expire every 45 days with annoying complexity requirments? You're going to drive users nuts trying to think of new ones each time that eventually they will come up with the simplist password the system will allow and increment by 1 each time they have to change eg: Password1, Password2, Password3, etc.

There are hacks out there, eg: KeePass and LastPass, but this is a workaround to the underlying problem. The websites that Force you to use Facebook are even worse (as they force you to handover all your personal details while you are at it, which just as easily can be used for identity fraud. Many Banks, Telcos etc. only authenticate with your DOB). OpenID is better but the implementation makes it common to sign in from the website your are trying to access, making it susceptible to being spoofed.

Realistically, we need to kill the password. Two factor authentication all the way. It needs ONE trust relationship between the user and the authenticator. This could be a user ID and a token. The authenticator can have then multiple trust relationships with participating websites.

The authenticator should only provide two data points: (1) The user ID of that website (different ID to other websites so that the user can be tracked with the same ID across websites) and (2) That the user has authenticated themselves. Thats it. Most websites don't need to know your name, DOB, Vanity username, email address or anything else about you. If they need this, ask - but only if actually required - and give the user a clear option to decline or provide only partial data.

The only thing that most websites or other computer systems need is a way to tell which user profile to load up, and that the user requesting it is really the same user. A password does not prove that,

He isn't offering the money as a token to indicate how strongly he believes in an idea. $100 isn't going to break the bank for him.

What is he really doing is offering the chance to boast "I won a bet against Stephen Hawking" (You know... The guy who is regarded by most people to be the smartest person in the world) as the prize for some very extreme research.

He is giving the encouragement to push the boundaries of what we know about science in the quest of knowledge, and this is exactly what science is about.

So even when he "loses" the bet, he wins, because he has helped science go further by challenging everything that we know, instead of just following what the "smartest" people think,

They are just saving it up for a real target, which could up come pretty soon. Those things aren't cheap.

Seriously, can someone suggest some FOSS solutions that do just this. I have a whole bunch of mbox stores forked at different times. I want to put it all together, remove the duplicates and then run queries to weed out what I need and what to turf! I have hoarded for too long. Gmail came out in 2004 and they said "Archive instead of delete!"... Well now my Inbox is practically unmanageable! Google get most things right but not that one unfortunately.

With an operator no doubt facilitating illegal actions of their customers, and refusing to no doubt enfore court orders to disconnect their customers for said actions, couldn't a case be made to disconnect them from THEIR upstream providers because they are now acting illegally but not following court orders, presuming that their upstream providers follow court orders, and the upstream upstream until you get to a legitimate entity. It seems quite an shortcoming of the law that they can act with impunity while allowing their customers to bring down the very fabric of the world wide web.