Funny you mentioning Zip and Office encryption. Neither of those ciphers is broken. If you read the papers you are linking to you'll find that the zip attack exploits its byte-by-byte CBC mode. With only a byte, dependencies between sequential bytes can be put into a solvable matrix. Expanding the block to even 4 bytes would make this attack infeasible. Office encryption break likewise exploits the CBC weakness, due to Office reusing IVs. The cipher, RC4, happens to be one of your published algorithms. This just illustrates that the cipher is only one part of any cryptosystem, and the way you use it also matters. If you know enough to make your blocks large enough, like 16 bytes, and are aware that IVs need to be unique, there is no reason you couldn't design your own secure cipher. Cryptographers are not supergeniuses. All it takes is some attention to detail.

This is the "bad" sort of security through obscurity, because its sole protection is that no one will care enough to try breaking your encryption cipher.

It's not "no one", it's "no one who is able to break it". There is a big difference. When there is only a handful of people in the world who are capable of breaking your cipher, and there is no chance of them taking an interest it, I'd say your cipher is pretty damn secure.

its similar to turning off wifi beaconing or using MAC authentication on unencrypted wifi.

It is instead more similar to using a regular wooden door with a regular keyed lock to protect your house instead of a 6" thick high-strength steel vault door with an electronic lock. Define your threat before you decide on what security measures to take. If you don't, you will go bankrupt and will still get your stuff stolen in some other way. For most of us, a wooden door provides enough security because we need windows for light and can't afford the bulletproof 1"-thick ones. Likewise, most of us protect our data from regular criminals who aren't smart enough to do cryptanalysis. Against such adversaries, any cipher that has no readily available tools will do.

cryptanalysis can break your encryption even without access to your encryption algorithm

I doubt it. That may have been true back when people used substitution ciphers and encrypted plain text. Today's ciphers scramble large blocks and precompress to increase data entropy. I seriously doubt anybody but a top-notch cryptoanalyst can decrypt even the simplest attempt at a cipher from anybody who knows anything at all about cipher design.

Such a cryptoanalyst is likely to be found only at some high level government agency like the NSA and he will likely be too busy to spare any time to decrypt your inane emails to your mistress. Consequently, I would postulate that if you design your own cipher and avoid becoming the next Snowden, your data will be just as safe as if you had used AES.

Those are the elephants. They now want to introduce lions to thin the herds.

I'm not sure that thinking is involved in the scenarios you describe. I might freak out, despite the thinking, logical part of my brain telling me that they cannot possibly harm me.

There are no illogical parts in the brain, and yes, they all think. The difference between conscious and unconscious thoughts is merely that you are paying attention to the former. We have the latter because it would be very inconvenient to consciously perform all the functions necessary for life, like breathing or swallowing. These autonomous functions work exactly the same way as your cortex does, you just don't have to explicitly babysit them. Emotional triggers are part of this autonomous set. Pigions programmed yours in the past and so it freaks out, and you are unable to stop it because you do not have direct control for the convenience reasons state above.

You can reprogram any emotional trigger, it just takes more effort. If you are afraid of spiders, for example, you can gradually desensitize yourself by spending a lot of time around Terelian Hookspiders. In this same manner you can reprogram any fear, love, taste, and even your core moral values. It just takes a lot of effort and dedication. Most of us simply don't want to change these things because we consider them part of our personalities and the idea of changing them can feel like suicide.

Heinlein's "Door into summer" describes Flexible Frank robot with exactly those capabilities.

> These traits are a result of hormones acting on the brain

What do you think controls the release of hormones? The thinking part of the brain, of course. You don't feel fear until you see that you are in danger, and you don't feel love until you recognize the one you love. These things don't happen automatically - you have to think to make them happen, and once the AI has been programmed to think of these things, it is only a small step to simulate hormone release and its effects. You can think of hormones as global variables of state.

Dude, I wish OSS gaming would reach 1999 levels. It is more at 1988 levels.

Exactly. I didn't even know Bill Gates knew how to play chess. That is not a skill required to either pass the SATs or to run a company.

Obviously, Google has reached the singularity point. Its software is doing something magical to fix itself that no puny human can understand.

But, using the BSD license takes away an incentive to contribute to the free software project.

Only if you are already in the GPL camp. To me, using the GPL license takes away an incentive to contribute to the free software project for the very same reason: each license promotes the values of its supporters. I strongly dislike the values of the GPL and of the FSF that created it, so I do not contribute to GPL projects.

How long, I wonder, shall we have to wait? There was rapid scientific progress in the 19th and 20th centuries, but when looking at the longer timescales, that is an aberration. For most of history technological progress was slow and rare, and the next millenium may just as likely to be similar to the 500-1500 period, when nothing much happened.

How about "I don't care enough about your stupid website to create yet another password just to download some mod file, so maybe I'll go to BugMeNot and see if somebody already created a damn account."

I'd second that. In my experience, Seagate is more reliable than WD. Of course, I don't go through thousands of drives, but a 26% failure rate just sounds unbelieveable. Something is fishy with the survey, or maybe it is just their specific workload that is particularly bad for Seagate drives.

> Use make *without* autoconf.

Don't use make without autoconf.

When a packager builds your project, the very minimum that needs to happen is installation to a fakeroot prefix to subsequently create a package from it. If there is no ./configure --prefix=/pkgroot equivalent, the poor packager will have to comb your whole damn tree to find out where you put your configuration options. If he's lucky, you have put them on top of the Makefile.

The second reason is to turn features on and off. At the very minimum, ./configure --with-debug needs to be present to allow building a debuggable executable in case of problems.

If you don't like autoconf, fine. Just write your own script to do these tasks. It can be done in 10k of bash code or less. Actual portability takes a little more, but is quite doable, considering how few platforms there are used today. Supporting only four - Linux, Windows, MacOS, and BSD - is more than enough for pretty much every project.