This goes directly against prior decisions by the European Court of Human Rights. There is very clear and unambiguous legal precedent, that a person under criminal investigation need not bear witness against himself. For example. in Marttinen v Finland the Court interpreted the article 6.1 that reads inter alia "In the determination of ... any criminal charge against him, everyone is entitled to a fair ... hearing ... by [a] ... tribunal ...". The Court wrote in its decision:

If the defendant is not able to have this sentence overturned in domestic courts, he should hire a lawyer who can bring this case before the European Court of Human Rights ASAP to obtain a decision against the Government of UK. The court will also award compensation for the inhumane treatment of the defendant by the Government, and obligate the government to compensate for the legal expenses.

That might be somewhat mitigated by the fact that the deal and the alteration to the software were done in 2004, but the first researcher analyses to hint of problems with this algorithm weren't published until 2006. When making the change, the developers were not necessarily told that NSA had paid RSA to use that algorithm. It might have passed as just another security improvement to the product.

I was also skeptical when I first saw the news articles (like this one) that said that RSA had published a statement where they supposedly refuted the existence of that NSA deal. The existence of the deal was originally broken by Reuters in this article, where they cite "two sources familiar with the contract" as their sources. But then, after more in-depth analysis of the RSA blog post where they supposedly "denied" the existence of the deal, it was revealed that actually RSA neither denied nor acknowledged that such deal existed in their statement. They are just using general wording to give an impression, that they would certainly never do such thing. But they are not directly denying the existence of the deal.

Now, thinking logically, it's pretty damn clear that they would have denied that such a deal was ever made, if they were in the position of making such a claim. But given they don't directly deny the claims presented by Reuters, it would seem a much more logical explanation that the deal indeed was made, and RSA just went into damage control mode after the publication of the Reuters article. Lying to the public would have meant more damage if Reuters would have later been able to present the actual paper of the deal, so I suppose we can take their lack of directly denying this deal's existence as an admission of sorts. This is also the reason why speakers are canceling their appearance in the conference ("Your company has issued a statement on the topic, but you have not denied this particular claim.")

So, I think we have grounds to believe that there is actually quite much truth to the original story by Reuters. As they say, the deal was "handled by business leaders rather than pure technologists". I am pretty sure that this is a yet-another example of a major manager-level f*ck up. Tech companies very often have all the expertise on the technical personnel level, while managers are a "necessary evil" who often have much fewer insight into the technical field where the company actually operates. Of course, anyone with even the slightest idea of how the IT security field functions, would never ever endanger their company's credibility (at least for such little reward as $10 million), because deals like this tend resurface in the public sphere sooner or later. All we can assume that someone in the management made a very major f*ck-up and made this secret deal with NSA without much consulting from the technical folks. But I am pretty sure that now that this deal has surfaced in the public sphere, it will end up costing RSA a great deal more in lost sales than what the "business leaders" anticipated they could gain in short term from making the deal with NSA.

The website where the story article is hosted is pretty terrible. It's apparently based entirely on some sort of JavaScript hacks. I can only zoom one photo before the JavaScript code crashes. Then, when I try to reload, it loses the position I was on the page. I also dislike those texts and images that change brightness and scroll in dis-syncronization with the rest of the page. Not to speak of those "Share" buttons jumping out from behind page elements when I move my mouse cursor around. This page, although apparently meant to be "artistic", is sadly just a staple of horrible and dysfunctional web design.

Err.. Well, let's just say I am sure he would have implemented as general of a solution as was possible within the constraints imposed by the rules, if that was the entrant's goal. Make no mistake, I have tremendous respect for this competition and the entrants. Sad to see there are such lamers on Slashdot showing an unreasonably hostile attitude for someone simply taking interest in someone else's work. You don't happen to be employed by the copyright mafia by any chance, do you?

Well in a way, yes for both. He only uses standard C libraries, so there is indeed no PNG library or an HTTP server #included. But due to the size limitations, the code can probably only produce one exact type of PNG image and the HTTP server can only serve one page, so those are not "proper" implementations by any means. For example, the HTTP server ignores the request path and the result of accessing http://localhost:8224/ http://localhost:8224/foo and http://localhost:8224/foo/bar is alwyas the same – pretty useless for a "real" HTTP server. If you look up the .C file, it's typeset in an artistic manner, resembling one of the ball bearings in the rendered end result. So, the point, like with many other IOCCC entries, is to demonstrate how some seemingly very complex tasks can be achieved by short, obfuscated C files.

I found this one a pretty mind-blowing entry. When compiled and run, it creates a web server at http://localhost:8224, which can be opened in a browser to display a ray-traced 3D scene of steel ball bearings on a checker-pattern surface, arranged to display the current time. Quoting the description:

Unlike the PC emulator entry, it does not require a binary blob and all the code and data fit within the 4 kilobyte limit.

There might be more to that entry than meets the eye. Quoting its description:

The BIOS binary is over 12 kilobytes, so it raises the question as to which extent the emulation might be actually achieved by the BIOS.

Is this finally it? The year of Linux on the desktop? Remember that Android is essentially just a Linux that runs the GUI on Dalvik (Java). It can be fairly easily rooted and the existing kernel and ABI interfaces employed to make X etc. run on the Android's Linux base. This could mean that people can fairly easily install a one-download "upgrade" on their off-the-shelf Windows PCs, and employ the full Linux ecosystem without loosing any of their pre-existing Windows features and applications.

What's your point? Has someone claimed that he was not guilty of breaking the law of the time? Of course no one can change the fact that it was back then illegal and Turing was obviously guilty. Pardon does not mean pretending a law wasn't broken; it just means that for whatever reason people of high power have concluded, that the person's conviction should be undone. Yet, lack of conviction is not the same as not being illegal — jaywalking clearly is illegal in most jurisdictions, yet very few people are ever convicted of it. Since no one can change the past, a pardon and an apology are pretty much the best the government can do.

In 2009, Prime Minister Gordon Brown already apologised for the "inhumane" treatment of Alan Turing on the behalf of his government.

The corruption in India is indeed rampant and throughout. One of the most astonishing forms I have seen are the "living dead", where authorities are bribed to declare you dead, so that someone can meanwhile and unbeknownst to you make a claim to your inheritance. For this particular poor fellow, it took mere 19 years of battling against the authorities until a court finally acknowledged him actually being alive.

Indeed. Even Google, Apple and Amazon full-heartedly agree that paying taxes is not a duty of the tech companies.

Anyone else have trouble accessing the article on Firefox? I get presented a certificate error, but without the button to bypass it, and the HTTP site auto-redirects to the HTTPS site. Looks like the exact same as Bugzilla #799836.

So I am basically locked out from viewing Mozilla's own blog when using their very own browser? I don't have Chrome on this machine. I can't believe I am about to install Chrome just to view Mozilla's own blog!

It's obviously not "legal", as per the Ars article you posted (thanks for the interesting read BTW) these Google Play components are proprietary closed-source apps, that are only available under a license to the Open Handset Alliance members, which Jolla is of course not, since it's manufacturing a non-Google approved version of Android. So while you might be able to install Play on your Jolla, I would think its impossible for Jolla to ship their phone with Google Play pre-installed. Though depending on other restrictions on the phone, it might be possible to make an easily downloadable "pirate" package that will install unlicensed Google Play on the phone, so that non-technical users can benefit from the full Android ecosystem.

What comes to Google "blocking" this hack, I am quite skeptical. If they add some software detection that you are running the Play services on a licensed device, we know from PC world that it will be hacked and people will start distributing "cracked" copies of the APK (Android application package). But AFAIK, Android phones support DRM as well, which can make things little tricker if Google one day really wants to shut off this competition.