...which are completely freaking worthless if they're turned off by default. 99.9% of users will never visit and study every available config option, and the other .1% will be wondering why it's not the default setting if it's so great.

Your post is like those who insist that MySQL has safe data settings for those who know how to enable them, while ignoring the fact that almost everyone uses the configuration as shipped. Unsafe by default is an insane and undefensible way to distribute software. In fact, I can't think of a good justification for ever allowing the unsafe values to be set.

Yep - same here. For me it's:
1 - wireless mouse
2 - HID keycard (how I get into the VPN at work)
3 - data port (charge phone, music recording input)
4 - wireless headset or professional headphones

Of course, the point is moot because I just bought a new laptop last month. I could get by with 3 (the keycard is only necessary to connect to work and then can be unplugged unless I need to hit an HR website, but that also requires me to use IE 8 or lower and I just go in to the office when I need to do that - we have machines specifically for dealing with HR's shitty outdated software).

For me, still one. I never use a hub when away from my desk, and always use one when I'm at my desk. Think of it as a docking station and that's pretty much my usage pattern. If I can get a thinner or lighter laptop by throwing away the "extra" ports, I'd leap at the chance.

That is the oddest mortality unit I've heard in a long time.

Well, not every day (or even every month), but that's not impossible at a nice anniversary meal with wine, steaks, and dessert.

(It helps if you live in San Francisco and get used thinking of a $12 burger and fries as a cheap lunch.)

This one?

"As a general thing, I have not 'duped the world' nor attempted to do so... I have generally given people the worth of their money twice told."

The one you're likely thinking of is irrelevant here, because I've spent more on dinners than I did on my Sport watch that's due for delivery today. You say "suckers", I say "people who don't mind spending $350 on a watch they'll be using every day and that's easily worth the money in sheer entertainment value".

They do, and the problem is that they treat it exactly like one. When you buy a lock, do you immediately re-key it? No: you use it as-is. Now maybe if the key looked very suspicious, like say it was a perfect sine or square wave or it was completely smooth, then you might ask the blacksmith whether that's normal. I bet those shopkeepers would be asking the same of their POS installer if the password was "123456" or "111111".

But to their (and my) untrained eye, "166816" looks reasonably random. It looks as random as my Schlage house key does. Maybe there's a locksmith forum where experts are making fun of me for not changing my obviously default lock. After all, they can tell at a glance that I have the standard factory issue! How stupid am I for using it without making my own pattern!

No, I think you're exactly wrong. People think of these passwords as keys. They use the ones manufacturers give them. They hand them out to the same staff that have keys to the front door and cash drawers. They don't routinely change them when people quit. They don't audit their usage. They treat them just like the little medal danglies on the ring in their pocket, no more, no less. We've done a very poor job of telling them why they should think otherwise.

Or you could just buy it directly through the device like everyone else does. I haven't bought music through a desktop iTunes app in a long time.

I hereby present you with today's Indignant Goldberg award for simultaneously finding the most convoluted way possible to perform a common operation and also bitching about its difficulty.

So much this. In the Slashdot echo chamber we presume that everyone in the world should be the security experts we are. No one outside forums like this thinks the way we do. Your average mom & pop grocer doesn't know about security, can't imagine what a "default password" is or why it would be bad, and sees a POS as an appliance much like a refrigerator or stove.

Tell a restaurateur that they're stupid for not changing the default password, and they're likely to tell you how your stupid home food storage and cooking methods are likely to give you listeriosis. We are experts in our domain, and expecting everyone else to care about it (especially while remaining ignorant of their specialties) is a major failing on our part, not theirs.

I bought a MacBook Pro because it gave me hipster cred, not because it runs all the Unix software I need for work better than Windows ever could or because it runs all the desktop software I like that's not available for Linux. I have a daily OmniFocus reminder to use Emacs to write a love letter to Tim Cook.

I certainly didn't buy an iPhone because it's a nice phone that integrates well with my Mac software, and I only bought an Apple Watch because the brain implanted kool aid told me to and not because I think it's an attractive watch with tier-one support from a highly rated electronics manufacturer.

I love only shiny things and I'm a sheeperson with an IQ of 43. Baaah. I'm not influenced by things like "build quality", "enormous ecosystem", or "meets all my requirements better than the alternatives that I've used extensively at work". Those things are crazy talk.

260 meters * ~3.28 m/ft (or 3,28 in some parts of the world) = 853 feet.

I live in the US and work with both US and Europeans, so knowing at least rough conversions is a necessity. When I say it's a little cool at 16 degrees today it makes a big difference when I'm talking to US or Germany - that's like -9C or 61F. It may be confusing because I sometimes jokingly call it balmy when it is freezing.

Gatekeeper was never really designed for corporate style use, but to be honest, neither was the mac itself. For that matter, Windows PCs aren't really designed for corporate use, either.

My worry is that it works like Gatekeeper, though. The Windows Store is a hideous mess, especially on the free side - a lot of programs that should be free come up as low voted "lite" versions that do nothing without you paying for the real program. A prime example of this is .7z - the default programs (and there are about 20) are all view only unless you pay their fee and all you get is a touch interface 7zip, a program which you can download and use free on non-touch devices. I got so frustrated finding one that I just gave up and installed 7zip (this was a touch supporting laptop). Uninstalling one of these crapware programs is completely unintuitive to a desktop user, as well (supports the touch paradigm only). I actually had no idea how until my wife got a Windows Nokia phone.

And yes, I think the Windows Store is far worse than the Android store in this respect - way too many "lite" programs or trialware that does little or nothing without you paying for them. With android you usually get advertisement injection with this sort of free program. I'd rather have that than shakedown-ware. For reference, on android I had no problems finding a free .7z extractor (and it compresses, too!). It was the first hit I got and had 4.2 stars (first I got on Windows was 2 stars).

No, I don't mind paying for software, but when the program is free on the same platform just with a different interface I draw the line. Set up a paypal account and ask for donations if you are a poor college student. Be sure to state that you are a poor college student on the download page - I'm a sucker for pity pay donations. My worst fear is a Gatekeeper-like app locking the vast majority of users to some money grubbing bottom feeder developers like people that make money this way. This is capitalism at its worst, profiting off of someone else's creation.

The law was written in 1983 and updated a tiny amount in 1986. It was a time before the internet, and was specifically written with ATMs in mind. Even worse, they used one of the most ambiguous and horribly loosely written laws in existence, the Espionage Act of 1917 as the blueprint. This is the same law the US government used to charge Edward Snowden with espionage, which is supposed to be when you give confidential information to foreign governments, not someone that is not supposed to have it (seriously, that is what the law defines as espionage).

So yes, access without authorization makes a lot of sense when used for ATMs. When applied to the internet, it makes using practically any for-profit web site illegal to visit and requires you to use your actual name, not an alias (that is also illegal according to this law - you are misrepresenting yourself).

What did Aaron do? He put public domain documents on the internet that a school was charging something like 10 cents a page for copies. Since this was a "financial transaction," this was a 25 year felony crime according to a law written for ATMs. Not exactly sure how it got to 35 years, as I remember that law was 25 max. Incidentally, I know several people more legitimately charged with that - they were pirates arrested in the 1980s (affiliated with the Super Pirates of Minneapolis and Midwest Pirate's Guild), but most were underage and served no time.