If you have that few settlers come into a continent as large, virgin and as rich as North America (compared to tiny European countries that had been exploited for millennia in most cases, with very few natural resources) it seems to me that the US standards of living should've been 10x what the rest of the world had, if you take into account that Europe suffered through two world wars on its soil (where the second one especially nearly destroyed it industrially for many years) the US standards of living should've been more like 50x higher for several decades afterwards.

By any metric you can think of unfortunately I don't see life in the US being 10x better than in the rest of the developed first world for the average person (life expectancy, happiness, schooling, health, ...), I mean, as far as you can find out the majority of personal bankruptcies in the US is due to medical expenses, where in the rest of the world getting sick does not automatically mean losing all you've worked for in your life.

Nowadays with the whole 'money = free speech' it seems the table is tilting even more towards large class disparities in the population, and a much bigger division by the haves and have nots. Despite this perversely, due to endless straw-manning by interested parties, a lot of people appear, from the outside at least, to vote for politicians that are actively out to make their life worse: it is of course quite hard to develop an informed opinion when large amounts of money, advertising and content are funneled towards muddying any issue and transforming it into either a partisan dilemma or a who-do-you-like-most uninformed decision.

The general culture of the land also seems to have an extremely strong sense of being defensive any time the country is criticized in any way shape or form, in all countries I've lived in or visited there is not as much animosity when it comes to recognizing their nation's shortfalls: ask any European in several countries, say, about bureaucracy or lack of competitiveness or the impossibility to fire people etc. etc. and you'll never hear the end of it, ask any American about health care (unless of course the ones that have gone bankrupt) and you will just get partisan talking points, these days usually about Obamacare.

The cult of "rugged individualism" that seems to permeate American society is good for some things (very low barriers to starting a business, for example, a feeling of personal responsibility, etc.) but unless it's tempered by some sort of "compassionate government" it is not conducive to having a harmonious society where yes, there are still differences in social status, but they are not as extreme, and there is no risk of anybody in one of the wealthiest nations in the world ending up destitute because their genetic luck ran out and they were in an accident or became sick with an expensive-to-treat condition.

The US might be great from a military power standpoint, no doubts about that, and from a 'can-do attitude' as well, but society should be about a lot more than who has the most money, who can make more money, it's should not be a competition, as much as the gospel in the US seems to be that we are all born equal we really aren't: our parents' social situations are different, our genes are different, many of us have disabilities, everybody should not be held to the same standard in a win-or-die kind of situation.

People should stop thinking "I don't care if by doing X to prevent 'abuse' by that moocher society will be worse for everybody, as long as there are no 'moochers' it's totally fine if everybody is in misery but the really lucky ones", but the odds of that happening are pretty low, when interested parties will do their best to frame all policy decisions in a "you're against the 'moochers' or you are a 'moocher' yourself".

The best country in the world would be a country where everybody has the opportunity to excel, and nobody runs the risk of failing due to its inbuilt safety nets, the US could certainly afford this if there was the will to make it so, now that would be American Exceptionalism I would gladly stand behind.

... so much of the internet depends on for security just one reviewer for a commit seems way way way too little, honestly checking anything into openssl (or gnutls) should be at least a 4-step approval process (submitter -> mantainer for that area -> overall library mantainer -> security officer), for any code that includes buffers/malloc especially if related to user supplied data the final security review should be a panel.

Everybody makes mistakes, everybody can have a 'brown paper bag' coding moment (especially around Christmas/New Year's like it happened in this case), 2 people having a 'brown paper bag' moment at the same time around the holidays is definitely not that unlikely, for something as important as a crypto library on which so many things depend a single reviewer is just not enough.

I do feel for the original developer, and hope that he won't suffer more about this than he already is (any developer worth their salt feels quite bad about bugs they introduce, let alone if they lead to this many problems), we've all made coding mistakes, no matter how experienced we are, so the focus should not be on "who" but more on "what kind of process can we introduce so this does not happen again".

Moving away from C in my opinion would just be a band-aid, other languages don't expose you to this particular bug, that's fine, however for security software choosing a vetting process for what goes in the codebase is a lot more important than choosing what language it's written in, not to mention that it's not that "hard" to write "secure C" especially if one leans on all the various available tools/libraries and writes proper unit tests, in this case for example had the malloc decision not been influenced by performance reasons (on unspecified platforms) this would not have been as big of a deal as it was.

it is a generally well regarded and vetted package that supports a fairly rich set of cryptography tasks out of the box.

I would see that as a drawback for using it in webservers: if I am writing something internet-facing I want to use the smallest and simplest possible library that does the job, maybe it would be time to fork openssl into openssl-core / openssl-extras and have openssl-core have only the most minimal set of functionality related to securing connections and that's it? I would honestly also only support a few platforms for -core to simplify the code analysis even more (the more ifdefs, the more possible issues)

say, for example, cut the rope 2, which was not free but where you had to use consumable powerups to get certain items in the levels (the "clovers") in order to unlock some levels, only after a major outcry the developer changed it so you could get access to the extra levels if you got 3 stars on all the others. You also get a 'daily gift' (usually a powerup or two) just so you are semi-forced to check in every day, and there are also other obnoxious mechanics so as soon as you spend a little bit of time thinking about a level the "level solution" powerup starts blinking annoyingly. And this is on a non-free game!

I had insta-bought all previous cut the rope games pretty much and 3 starred most of the levels in all of them (great mechanics, om nom is cute) and I had gotten a lot of my friends into them, but I have honestly given up in disgust with cut the rope 2 (only gone through 1-2 worlds) and will not give the developer a dime for "powerups" or any further games they will release.

In terms of "pure" f2p I am actually enjoying hearthstone, I had never played a card game before but it is definitely fun (after you lose enough games to get matched up with similar "f2p" opponents without tons of rares/legendaries), it took me losing about 15-20 games in a row before I ended up at a level where I more or less win 50-60% of the time and my opponents also only have "standard" cards. I figure blizzard is losing money on me as a player, but I figure the wow subscription I have been paying for many years more than covers this (if at all I think Blizzard should give a free card pack every month to WoW subscribers as a random gift, if it was retroactive it'd be even better ;) )

you would use the HSM (or a usb key on a trusted computer with your passwords, for lower security scenarios, say, where you have a colo and/or don't want to buy an hsm) to 'prime' the system to avoid having the issue where you either have to leak a little bit of info or you don't know for sure if the first few users' passwords are correct or not right after a reboot, as part of the reboot process you would log in in turn with all these known usernames/passwords in order to get the system up to an initialized state so it can validate 'real' users properly.

why would you need multiple people assigned to this job? seems to me if you are really concerned you could 'prime' this system by using an attached HSM with however many random accounts/passwords you'd like to be logged in at bootup: outside of somebody physically breaking into your server room and stealing your keycard it would seem quite secure to me...

Until the Chinese actually try to live on the moon for any period. Horrible temperature profile, little to no water excepting maybe at the poles, some of the nastiest dust in existence getting in to everything, hard vacuum.

Mars is a paradise compared to the Moon which is why if you are talking about a colony it makes a lot more sense than the moon or just about anywhere else in our solar system Only problem is the transit time.

Chances of NASA sending an astronaut anywhere are approximately zero at this point so whether is ethical or not is kind of a moot point.

Uh. . . . . don't nuclear power plants GENERATE electricity? All you would need to do is cut them loose from the transmission lines and put in the control rods until the event is over.

Someone should probably generate contigency plans to safely cut transmission lines at as many key points as possible and they could mitigate the effects of this kind of disaster.

Also helps that a lot of our long distance communication infrastructure is fber optic now and immune to this kind of event.

who asked for maintenance? I just want to be able to reinstall the same version I was already running before, if to do so I have to click a 'this is unsupported, you are on your own' checkbox then whatever, I just want to:

- if I have an old device and I wipe it, I want to be able to reinstall the applications I ALREADY HAD ON IT even if new versions are available (which would not run on it)

- if a developer releases a bad update (significant changes in functionality, crash bugs in my scenario, redesign, whatever), I want to be able to downgrade to the previous version I ALREADY HAD

developers would totally be free to say 'if you want this issue fixed you need to upgrade to version x.y.z', that's fine with me, but as things stand now the state of walled garden app markets is not very good: if in my job I told my customers that they have to force upgrade to every release (major OR minor) I put out and they won't be able to downgrade after doing so I would (rightly) go out of business very quickly.

that works until your old version has a major security hole and your choice becomes moving to the new version or risking being exploited: for example I've always run my ipad2 on ios5 until ios7 was released, then ios6, but now I *had* to update to ios7 due to the ios6 patch for the major security hole not being available to me (given that my ipad2 can run ios7 itunes only gave me the choice to update to that).

I completely agree with this article, I also think there are no reasons but greed to prevent itunes from installing old applications on your old idevice, I have an old ipod touch 1st gen that still works perfectly, have a lot of still very useful apps on it, but if something happened and I had to wipe it I would not be able to reinstall pretty much any of them due to the itunes store not allowing me to, it's a really bad state of affairs (for users) but then again that's what happens when you buy into a walled garden ecosystem, you are at the mercy of what's more convenient/makes more money for the company, not what's best for you.

what about a story when a kid became deaf? why isn't the deafness-measles connection more in the news? it's a lot more common than death as a side effect but of course not a lot of fun to deal with

thing is that measles doesn't have only death as a serious side effect, much more common is deafness and inner ear disorders, which make your life not a lot of fun, believe me, and those are not necessarily always linked in the stats (esp. considering that the risk for things like meniere's goes up A LOT if you've had measles as a child, but you might not get it until decades later)