Because, if you publicize how you caught their error, they can fix it.

Exactly. They publicized the methods solely for marketing purposes -- so they could write a "ME TO" article, showing how their "researchers" are "On top" of security, and stealing thunder from the developer of the free Decryption software.

Because we're big Symantec, and we can't have third parties scooping us on antimalware techniques.

It also helps their product by making sure the authors of ransomware learn from mistakes, so future ransomware is more robust, AND therefore, users will have greater damage by ransomware in the future, increasing the demand for Symantec's products.

Someone secretly replaced the circle with an ellipsoid

While the proof of concept exploit used an unencrypted attack, the vulnerability can still be exploited AFTER the session is encrypted.

Since the IDS probably cannot decrypt the SSL connection... it is unlikely to detect an attack that occured after encryption was negotiated, and the extension message is invisible to the IDS

Using NaCl as you describe to make the water conductive also results in the evolution of Cl - chlorine gas - more than oxygen.

Use Sulphuric acid, or Sodium Hydroxide instead of NaCl.

4th grader in what country? Your USA-centrism is showing.

In other first world countries; any 2nd grader should know this.

I'm not sure how you think safety problems could be fixed *before* they are discovered.

Through defensive design. By requiring that system design promotes safety; therefore, there are unlikely to be serious safety issues. The key is to design systems that are anti-fragile, AND that are robust such that random safety issues aren't emerging after product release.

Not only is fixing safety problems *after* they are discovered reasonable, it's really the only possibility.

This is not a valid excuse for designing and releasing or using systems with inherent vulnerabilities that are therefore likely to have safety impacting issues later, and therefore: incurring this extra liability.

It is useful to people who refrain from doing certain things they might benefit from because they are *not* 100% safe.

As you mentioned.... the benefit is minimal or uncertain, BUT the risk is real. Everything that there is a risk of happening, eventually happens given enough time!

Most people drive their car less than 2 hours a day, BUT rely on their smoke detector to help protect their lives 10+ hours a day.

The fact that your automobile is very dangerous, is no reason for engaging in reckless behavior, in other areas: however --- it just adds to the probability of random death.

You are about 14 times as likely to die in a car accident as a house fire. Every day you drive a car is as dangerous as going 14 days without any smoke detector at all.

This assumes you are an average driver. But perhaps I am a far-safer-than-average driver driving a far-safer-than-average car.

Maybe your roads aren't as dangerous as the average. There is plenty of room for outliers here.

You can't possibly be sure that you are X times as likely to die in a car accident.

You claim to have calculated risks which are actually impossible for you to have calculated, which is the reason, that I know your claim about the relative likelihood is definitely false (That which cannot be true due to an absolute condition, is guaranteed to be false.).

Maybe you will die in a car accident and I can say "I told you so". It's all about balancing risk vs. reward. I want my house nice and toasty when I come home.

The Idea "I want my house to be nice and toasty when I come home; even if there is this substantial chance that some Chinese hacker can kill me"; is a bit of a depraved notion. The fact is it's not possible to calculate the "risk" part of risk/reward. The fact is any danger of incalculable risk is not worth it, if the danger is great enough. The reward has to be such that: the absence of the reward is as bad or nearly as bad as the maximum potential negative impact of potential hazards that may exist.

However, it would probably drive the companies bankrupt.

It should suffice to retain copyright but make publicly available: complete machine-readable compilable corresponding source code, with a grant of permission for any third party to publish patches, compile binaries, and redistribute them after taking reasonable steps to ensure they distribute them only to lawful possessors of a copy of the original software.

During hydrostatic testing with water, there were two pipeline bursts. One caused a landslide that blocked parts of I-280 at Woodside CA. No fire, of course; just water and mud, since this happened during testing.

!

They should make it mandatory that they do all that testing every 6 months.

I realized before I signed up with comcast that break even point on buy/rent modem is 2 years.

Chances are, if there are any problems --- the technician will blame your non cable-co provided modem.

Otherwise i'd go grab an Arris Surfboard sb6141 for $80 instead of paying the $8 a month rental fee.

In my experience... the cable co. overcharges for buying a modem also... like $200 to buy the modem; which is not brand new, but has been in use for over 4 years.

Also... the ISP's website only lists a small number of modems, and their representatives explicitly stated must use one of their modem's -- can't use your own: it's not supported by us and won't work, they say.

$0.99 - Convert box rental (Equipment fee)
$18.99 - Converter box software update and 30-day license installation (Service fee)

What ICANN say you can't do is hold a domain to ransom because the customer owes you money - for hosting fees for instance - you have to transfer the domain and pursue the debt through normal means.

What the ICANN rules say is the losing registrar can't hold the domain hostage for any fee-based reason at all, with two narrowly defined exceptions, that do not include "failure to pay a transfer out fee".

ICANN do not forbid a registrar from charging a transfer-out fee; However, the losing registrar cannot stop the transfer based on failure or refusal to pay a transfer-out fee.

The losing rergistrar has to immediately accept the transfer upon authorization of the admin contact.

If they want to charge a "transfer out" fee, they can bill the fee and try debt collection procedures (Which you can dispute) --- the losing registrar cannot hold up your transfer due to your failure to pay or due to your dispute.

Obviously... if you want to fight the transfer fee, authorizing a CC payment and then hoping to do a chargeback is the wrong thing ---- Don't authorize a payment for a charge you dispute -- giving a CC number to authorize payment for an otherwise disputed charge is tantamount to admitting you owed the fee; applying for chargeback after authorizing could be considered an act of fraud.

Left is a generic term.

Ah.... but Turn is also a generic term, and one component's left may be another component's up/down or right :)

What do you mean the left signal isn't supposed to be "flip vehicle counterclockwise about vertical axis" ?

though I'm sure it'd take little more than an editing of the hosts file

Not if you use the Windows Defender that comes with Windows 8: Windows 8 has been confirmed to not only ignore, but also modify the hosts file. As soon as a website that should be blocked is accessed, the corresponding entry in the hosts file is removed, even if the hosts file is read-only.

You'd rather save $30 and risk your life to some script kiddie.

No. It's not necessary, because you are just lumping on additional requirements --- most people will not pay the costs to get a certified central system professionally installed with a 24x7 monitoring company watching their alarm, AND this is not required or recommended for the average residence anyways. It's quite possible to design a smoke detector so that it has a monitoring module that is completely isolated from the alarm and has no ability to interfere with the action of the alarm, BUT can use a network connection to give you a remote heads up about the status of the alarm when you are not at home.

It's this little piece of marvelous technology, you have apparently never heard of called a Dry contact relay output. Which can provide an isolated digital input to a monitoring module, which you connect to the internet.

Of course an alarm monitoring company can also quickly call the fire department for you, before you notice you have a message from the 'alarm app' if you want, BUT you are not at home (Or else you would hear the audible alarm).

The point of having the remote notification is to keep you more informed when you otherwise wouldn't be, of alarm conditions when you're not there, BECAUSE most people don't get certified central alarm systems installed: you wouldn't know about an alarm when you were not at home, anyways.

Of course the gaining registrar charges a fee for transfer -- which covers the domain registration.

The issue is with losing registrars attempting to tack on a fee for customers selecting a competing registrar.

If this is just on the .UK domain... then be sensible, and register a .COM or a .NET in the first place.