RemainAfterExit=yes

I agree with most of what you've said. However, I don't think it's lust for power, it's lust for money. Yes, the weapons industry was threatened by the Cold War ending and America needed a new enemy to keep that industry running. The terrorists became that new enemy. However, it's a relative small amount of people to whom this cause applies. The rest of us simply repeat and believe their call: fear the terrorists!

Personally, I believe mainstream media are partly to blame with their 24/7 "breaking now" mentality.

Of course, people started to become numb for that. Remember, the media's job is not to bring the news, but to sell the news. Keep that in mind when reading / listening to the news.

Politics is mostly to blame for that. Even here in the Netherlands we have awareness campaigns like 'Netherlands against Terrorism'. We don't have any significant terrorist threat in the Netherlands. None of us has ever seen a terrorist and will most likely never do. So, the only thing that campaign does is put fear in our minds.

I agree. But I also believe that if someone took the time and specially the courage the tell the people the truth, he/she would get even more votes. But to do so, that person first needs the proper understanding of this matter. And that's where the problem starts.

And the reason for this all: fear. Fear for terrorists, fear for being held responsible, fear for the unknown. We live in a world in which we no longer accept any kind of risk. No matter how low that risk. Well, at least risks we are aware of. We fear terrorists, we fear ebola, we fear being robbed in the streets while at the same time we smoke, eat unhealthy food, practice dangerous sports and get in the car. Every day we do things that are more dangerous than the things we fear most.

Yes, terrorists should be stopped, but not at all cost. And there is no way to make 100% sure no terrorist will ever hit us. So, stop pretending we can! Stop wasting our time, money and privacy to give us false security! And if a terrorists hits us and kills 20 people, is say: that's bad but it isn't the end of the world. Life goes on. In the same time more people are killed for other reasons and we don't even hear about them!

Look at Boston. Despite all the anti-terrorist measures in America, it was still possible to do this kind of attack. And what happened to Boston? Nothing, they moved on. And that's how it should be done. Yes, it's easy for me to say because I haven't lost any family or friends in that attack. But that is the right way to look at it for politicians. Respond to it with logic and common sense and not with fear and emotion. Because that only makes it worse!

Penguins are simply parasites living on property no one wants anyway.

Than how can a penguin be a parasite?

PHP done right. I challenge you to find a security leak.

What a cheap flame. And how not original. And you're wrong. SQL injections can be done with every language. To solve this, all it takes is a programmer who understands what he's doing and knows about a vulnerability that has been known for about 20 years and for which there is NO excuse for not knowing it.

It's not really hard do to it right, even in PHP. And there is a simple proof for that.

You might want to take a look how the Banshee PHP framework deals with SQL. With its SQL driver and the security_audit script, it's really hard to have an SQL injection error in your code.

Having a strong password is not really relevant. If it complies to the basic rules of password strength, it's good enough. Because cybercriminals will not try to guess or crack your password. They'll hack the server or your computer, probably via malware or an exploit. What's more important is: did the website developer stored the password in a secure way and did you use a different password for every website?

First, know that it's not that I think all CAs are bad and evil. It's just that I don't know them and I don't know their procedures. Every CA that I 'trust' but has issued certificates only to websites that I never visit is a potential threat. Because that trust can be broken but I don't suffer from removing them from my list.

If you want to do this right, request a list of issued certificates from every CA and check if you ever need a secure connection with any of those websites. If you do, keep the CA. If not, remote it. Because this is quite some work, the best thing to do is remove the obvious ones, like CAs from China, Turkey, Taiwan and other countries from which you don't visit websites, keep the ones you clearly need (likely CAs from your own country) and make your own choice about the rest.

I encourage you to try PolarSSL. It's really good and easy to learn. I replaced OpenSSL with PolarSSL in my own open source project within a few days and the only thing I regret is not doing it earlier.

From a technological point of view, it's a good protocol. It works and when implemented correctly, it's very secure. However, a PKI is not much about technology. It's mostly about organisation. In other words, it's not about PK, but all about I.

And that's were most things go wrong. Yes, Heartbeat was about technology, but people who paid attention moved away from OpenSSL a long time ago. There are more than enough alternatives. GnuTLS and PolarSSL for example. Apple's gotofail was also about technology, but name me one piece of software that is 100% bug free.

The real problem with HTTPS is how it's organized. When I install a browser (or get one via the OS), I also get a shit load of CA's which I'm supposed to trust. CA's from China, Turkey, Taiwan and other countries from which I don't even speak the language. I will never need a certificate from one of those CA's, because I will never need a secure connection with any website protected by their certificates. If the people from Iran were wise enough to realize that they don't need Diginotar because they don't speak Dutch, they would never be at risk because of Diginotar's epic failure. The first thing I do when installing a web browser is get rid of all the irrelevant CA's. Just to be sure, just to be safe.

And that's what's wrong with HTTPS. That's what needs to be fixed. Trust shouldn't be imposed by a browser maker. Trust should be earned.

Never mind my previous post. The weblog article has been changed, so the claim of not being vulnerable seems to be false.