No, they don't prevent passive eavesdropping, because they don't prevent impersonation - if you cannot validate the heritage of the SSL certificate presented, then anyone could be presenting their own.

Highlighting self-signed SSL certs as the various browsers do is done so the user does not make the same assumptions about the site as they would a third-party signed SSL cert - because you simply cannot make the same assumptions, and its dangerous to do so.

At least with HTTP sites, people know and accept they are not secure - with a self-signed cert they are just as exposed due to inability to assume the cert is authentic and what the site intended to be used, but you are suggesting they can safely assume they are OK to use the site! Absurd!

No, I disagree with you completely - a self signed cert does *not* protect your connection from anything, unless the client already knows what to look for to ensure the cert they have is the cert you intended them to use. And that's where third party signed certs come in.

A self-signed cert that is silently accept it is much much worse than no SSL at all, because it allows the user to make assumptions about their use of the website which are absolutely not true. Assumptions which can be very damaging. I wouldn't ever send payment details over HTTP, as most people wouldn't at this point in time thanks to the decade and a half of education thats been going on - but I also wouldn't send payment details over a self-signed SSL connection. Ever.

Anyone suggesting self-signed certs should be silently accepted are part of the problem, not the solution.

You realise all browsers do that, and for a good reason, right? Self-signed SSL certs actually break part of the point of how SSL certs are used on the web...

I have to ask, why did you find solely using IE amusing? I have a Surface 2 RT, so I use IE a lot, and to be honest its no different to using Safari on IOS or whatever the default browser under the hood is on my Kindle. It works, it really just does. I don't give any thought to the fact that I'm using IE, and it doesn't cause any issues when browsing, so why so amusing?

Nice counter argument - "make my argument for me, and if you didnt then your argument doesnt stand!!"

Before a ballot, I have to verify that the machine is running the right code base, that the code base has been authenticated and signed off, that its loaded correctly, that it tests OK, and that its not been tampered with.

With paper ballots, I just have to check to make sure the ballot has the right names on it. And I can do that while handing them out to the voter.

If an electronic voting machine breaks in a ballot, omg, are all the votes still there?! How do we verify that? How do we do the tally?

If a ballot box falls over, or a pencil breaks, its not so much of a problem.

Between ballots, I have to store the electronic ballot machine in a dry, covered environment. Meanwhile I can throw the ballot box in my shed and forget about it.

There isn't a situation here where paper ballots do not come out cheaper.

Why should it have native support for ext2 or ext3?

How much does maintenance and auditing of the machine cost? How long does that take, how often does it have to be done, and what do you do with the machines between polls?

It costs a lot more to verify the security of an electronic voting machine than it does a wad of paper ballots.

"Same as Columbus"? Does that mean they are going to try and secure Samantha Cristoforetti's place in the history books as the first person to discover the International Space Station, in direct contradiction to evidence suggesting other people made it there first?

If you are talking about AF447, then it was pilot error - those pilots should have easily been able to determine the situation and recover the aircraft. Instead, they didn't follow procedure, did exactly the opposite of what they should have in that situation (as defined in the flight operations manual) and crashed the aircraft.

The original issue that caused the autopilot trip would not by itself have led to the stall that ultimately caused the crash - that took pilot intervention.

They did the work...

If Aereo simply sent the received signal, unchanged, unaltered, and as-is to your device, chances are they wouldn't have ended up in court. What they actually did was reencode the signal and rebroadcast it to you. Entirely two different things.

  And its also why your contrived example falls down. Because they didn't run a wire which carried the same signal, they altered the signal.

Who is going to be fined? (I assume that is what you meant) The people doing the manipulation, so the people aNonnyMouseCowered allege that are manipulating the market. Who would do the fining? The SEC, the FCA or another countries financial authority. Wouldn't take much for them to do it either.

There is no statute of limitations in play here, as his case is actively being pursued and he is acting as a fugitive to that pursuance. He can stay in the embassy for 50 years and the case could still be taken up in the courts.

You mean, market manipulation? Something several big banks just got fined millions of dollars for in the forex markets? That should be an interesting one to watch...

Thats great - doesn't help me tho if the goal is to replace residential grid power with locally generated solar power tho, does it?