So your contention is that the NSA is ceiling cat?

> "The Washington Post cites this incident as a reminder that Java has become an Internet security menace."

That should read "The Washington Post cites this incident as a reminder that advertising has become an Internet security menace."

Adblock+ -- part of a sensible security policy.

Why are all the insightful posts in this thread being modded "funny"?

C++ is *way* too big a language already. It's got the PL/1 problem (yeah, get off my lawn) -- when everyone only understands 0.8 of your language (or some amount under 1.0) it winds up being a different 0.8 for everyone. And this means that virtually any programmer will write code that is unreadable to another. (and if there is one thing that over 25 years of programming has taught me is that code readability trumps almost everything else).

Interestingly enough, IBM created PL.8 (an 80% subset of PL/1) for internal use. The original XL compiler back-end for RS6000/PPC was written in PL.8

/ Really -- my lawn -- get off of it!

Canadian designed CANDU reactors support the thorium fuel cycle, and have a long and excellent safety record.

I'm very happy to hear that they aren't just encrypting cross DC links. I always suspected Google had world-class talent in this area -- I'm glad to have it confirmed. It's good that google's security people are aware and upset about the taping.

An excellent question -- and not one I have an answer to.

I think that perhaps they should get Bruce Schneier to help design their systems for them.

| They should also assume that some of their own employees are moles.

I mention that they should assume that.

They aren't getting *nearly* paranoid enough. They should be encrypting the data on disk, on network connections between machines in the *same* data center, not just between centers. In fact the data should remain encrypted at all times unless absolutely necessary to have in clear-text to process it -- and that should never leave the CPU. It should remain clear-text only for the absolutely minimum time required.

They should assume that hostile agencies (foreign *and* domestic) have tapped every last network link they own. As well as most routers and processing machines. They should also assume that some small percentage of their workforce are working on behalf of one of these adversaries. Given these assumptions they should design a system that can remain as secure as possible given these circumstances.

Merely encrypting the network links between their data centers is not nearly enough to thwart the likes of the NSA, CSEC, GCHQ or other nameless agencies.

Apple's AirPort line of routers is one of the few consumer grade families of network gear that are not abandonware -- updates are provided fairly regularly. I believe that under the covers they're running VxWorks with a custom IP stack from Apple. As far as I know, there are no back-doors or security problems with them. (I would not be at all surprised to find out that the NSA has infiltrated one -- they are designed and the firware is written in the USA.) I've been using them for years -- they're very reliable -- never need to be rebooted, and they perform well. Yes, they cost a little more, but then it looks like you get what you pay for. -- Ian.

I have to agree with the parent poster in every respect (another 17" macbook pro user here)

The problem with this is that it sounds like raving paranoia. And if it is paranoia and untrue, technically it's just a software update away from being true. And as a theory, it's not really falsifiable.

I certainly won't be buying one of these things.

Pedant. :-)

How about comparing on the most recently available hardware...

My point is that, while open source drivers are a good thing, they are of limited usefulness unless they are competitive with closed source ones for performance, stability and completeness of functionality.

How is the stability and performance compared to their drivers on Windows for the same hardware?

Functional parity (GL version and extensions) would also be nice.

Nice use of the passive voice. I imagine this process won't feel so passive in the first person. Neither will recovering it from the other "expelled" material.

The most dangerous thing to security is a disgruntled employee.

If your regulations increase the likelihood of annoying your employees, they are actively counter-productive to security.