Unless you do your crypto on your own machine, and your machine is not compromised, any such service is insecure. As soon as your cloud storage provide has your crypto keys, you need to assume your encryption compromised. There are several ways to implement it:

1. Use GPG and ecrypt each file before storing it on-line.
2. Pay for a normal Linux hosting server with ample storage. Export the raw block device using NBD (network block device). Encrypt it on your device using dm-crypt or luks and mount it. This encrypts the entire disk.
3. Use some kind of cloud storage, but do encryption in javascript on the browser, in your machine, without sending encryption keys anywhere. Look at http://openpgpjs.org/ I don't know any cloud services that would allow doing that.

--Coder

I do agree with a lot of points listed here. Rolling your own development team is not easy, nor cheap.

However, when you hire companies to do contracts this big, you end up with horrible horrible mess. First, you get to hide the bigest contractors available (because the project is big), like Accenture or similar. And they are the worst, and have the worst (cheapest) people available working for them. The only selling point they have is the headcount, not quality of developers. And they will assemble a new team for this project, from random guys, with flaky qualifications and skills, and often no prior experience.

And all those companies are for-profit. Which means they will find ways to overcharge you by A LOT. Like 10x-20x the cost of a good sized team for several years.

In the end, a project like this that has been outsourced to big IT companies is almost guaranteed to cost you a fortune, and end up a failure.

Now it's possible (and likely) to end up with a failed project with an in-house team, but choosing in-house development vs contracting is not as clear cut as you seem to suggest.

--Coder

Maybe that 1% of time Oracle DB is the right solution, and then you need it and you need to pay DBAs and consultants to do the tuning.

But in other cases, Oracle is an overkill. And Postgres with minimal effort will Just Work, while just the effort to set up Oracle and keep it running is going to be expensive (DBAs, consultants) and horrible. Especially if you can spend all the money you saved on licences on proper hardware. And I have experienced more bugs in Oracle than in Postgres, both in weird query optimizer behaviour, and outright incorrect data handling. And there is no way to get them fixed, at least in timely manner, not even with most expensive support options.

And don't get me started on Oracle enterprise applications- they are horrible. And given the history of company of overcharging their customers and delivering crap, I wouldn't trust them with any project.

About the only thing produced by Oracle that I enjoy is Java. And I still shudder every time I think that it is owned by Oracle, although they seem to be doing a reasonably good job getting new versions out of the door.

--Coder

Well, I've been running Debian Sid on my desktop (and now laptop) for last 10 years. Works well enough for me...

I know Debian doesn't spend that much time polishing the desktop experience, but installing vanilla XFCE and tweaking it a bit is all I need. And having all the power of Debian at the fingertips is very nice.

--Coder

I do agree bootup times don't matter if you run a server. For a laptop, a tablet, a mobile, even a desktop that gets turned off startup times are important. For tablets, laptops and mobiles, they are VERY important.

I agree that complexity is evil. I have no experience with systemd nor with upstart, so I cannot comment on them. However, dependency graph and parallel execution should not be THAT difficult or complex :-/

--Coder

You need to remember that most of the time Debian is not about developing new stuff, it's primarily about PACKAGING and DISTRIBUTING existing stuff.

From "package a bunch of software into an usable system" standpoint it is a smart decision to wait until the dust settles and things are tried and proven. Especially if you are producing system as stable as Debian Stable.

--Coder

• Keeping things simple
• Time estimates
• Dealing with changing and unclear requirements
• Dealing with clueless management- especially getting enough time/resources to do things right
• Legacy systems- especially when management doesn't want to invest into cleaning them up and fix long existing problems.
• Bad design- especially when due to political reasons you cannot change bad design, or you don't have enough time/resources to do it.

These things are not hard as in O(e^N) hard, and you won't learn about them in your CS class. But you have to deal with them every day in real world

Sorry for incorrect moderation. I'm posting this so that my moderation is cancelled.

By the way, do you have any sources for the claims regarding connection between time estimates & funding? I'm not saying I don't believe you, but it would be interesting to see more details regarding this issue.

--Coder

Model S is the only "long-range battery electric luxury car" out there. In that, there is no competition. All the hybrids still retain their internal combustion engines, and with them all the added weight and complexity and breakage and exhaust and dirt and oil. So you cannot compare hybrids with battery electric vehicles, as they are completely different thing. Hybrids, even plugin hybrids, are not "long-range battery electric cars". All other battery electric cars are not long-range, and are not big/luxury cars.

If you are comparing "luxury cars", then you need to add BMW, Mercedes, Audi, Jaguar into equation, and compare it on things like performance, interior, feeling, ride, design etc. I doubt Cadillac would fare well in this comparison.

I wish Tesla cars got to Europe sooner...

--Coder

It's the way of higher management. If it succeeds- it happened due to my leadership. If it fails- it failed due to incompetent workers, incompetent committees, incompetent scapegoats, sub-optimal company structure, etc. Incompetence is easier to forgive than greed-driven risk-taking or things designed to fail after they have enriched you.

--Coder

They are called sea turtles. Or if not, then sharks, tunas & swordfish. Go breed more of these, or stop killing them off in such numbers and let their populations recover!

--Coder

Ok, I'm a Java developer, working on Linux. 99% of benchmarks you see on-line are benchmarks of some stuff on Windows, which is immediately skewed towards intel because lots of Windows DLLs are built with Intel compiler which disables optimizations and advanced features on non-intel CPUs, even if those features are supported.

Also, most benchmarks are some synthetic benchmarks (compiled with Intel compiler), or some 3D games, or some video transcoding. I do none of that, and what I do I do not do it on Windows. I am yet to see a site that benchmarks Java compilers, Java IDEs, databases, application or Java web servers, etc. on Intel vs AMD vs ARM platforms on Linux. The only site that comes close is Phoronix. And if you look at their Linux benchmarks, difference between AMD and Intel CPUs is much less than on Anandtech or Toms Hardware. Intel is still making faster CPUs, but not that much faster.

--Coder

All these ARM SOCs are nice but they all have weird closed up GPUs that have crap close sourced drivers that barely work.

There are projects to reverse engineer Adreno (Qualcomm) and Mali (ARM) GPUs and implement drivers for them, but these projects are nowhere near production ready. And as far as I know Qualcomm has other issues with openness- they are denying release of hackable Android for their devices because it contains some secret proprietary BLOBs, without which it won't work.

So when it comes to Linux hardware support on ARM, it feels like 90s all over again... I'd rather buy a small x86, it will be larger, more expensive, it will consume much more power, but at least open-source hardware support is going to be nice and I won't need any BLOBs.

--Coder

http://www.lib.ru/ANEKDOTY/quiche.txt

It's something from the old days

I don't use Chrome much, but is there a master password that you can set?
If there is no master password, then no matter how the data is stored, it's as safe as plain text anyway. Even with master password, dictionary attacks will get you quite often.
And you can transfer/import/export the data encrypted with master password between different installations without decrypting it.

--Coder