Mostly likely the vector would be a Trojan that legitimately requires the microphone, like an oral translation app.

This is probably why ISPs like Comcast are trying to set up unrestricted "Guest" networks in addition to your own network. It's probably a deal with these Smart TV bastards so that the TV will never be without a connection, even if you don't give it access to your network.

The real fault seems to be in classes like AnnotationInvocationHandler or PriorityQueue (both part of the Java library), whose readObject() methods trustingly call some methods on their child objects.

AnnotationInvocationHandler calls map.entrySet(); PriorityQueue calls compare(). You just make sure the child object executes malicious code when executing those methods. For the child object, you can find a utility class such as LazyMap (from Commons) that executes a function while calling entrySet(). The function can be another utility class that executes some method by reflection (e.g. a Runtime method). These utility classes are all over the place to support functional-style or config-as-code programming.

But I think the real fault lies in those classes that execute child code during readObject(). It doesn't lie in the Commons classes that are used for the children.

"Literally" does not mean "very much like".

Actually*, "very", or "verily" (from Middle English "verray" = true, real) does (literally) mean "literally".

* And for that matter, so does "actually". In fact, it seems that almost every word ever invented that means "truly" or "actually" or "literally" or "completely" gets degraded though overuse of hypberbole to eventually mean "quite a lot".**

** Including "quite".

For comparison, the Little Ice Age --- frozen rivers, advancing glaciers, and famine --- was a cooling of less than 1 degree C (if you can believe Wikipedia).

I used to own some snakes. The recommended practice was to put the heat lamp at one end of the cage, giving the reptile a choice of temperatures. Maybe there's a lesson here.

Games don't get worse as they age. Don't hundreds of years of chess and poker teach us that? How about Scrabble or Monopoly? Is Tetris no longer fun? Prettier graphics aside, if games are outdated after a few years, they're either poor games to begin with, or the game was deliberately designed to be obsolete and no longer fun after you "solved" it, or it's a completely illusory perception encouraged by game makers who want to sell you more stuff.

Man, now I feel so stupid for sitting at my desk all day using my desktop with its two 30" monitors. I could just do all my work on my mobile! And thanks for setting me straight on that 5K Retina IMac. I don't want to make a mistake and buy something "half-assed".

People usually point to the "expected value" as an argument that it's a bad bargain.

But it seems to me that the expected value is meaningless unless the experiment is performed often enough for the Law of Large Numbers to even out the results.

So, if a person plans to buy daily a ticket at 1/100 odds, you can make an expected-value argument. But if they plan to buy daily a ticket at 1/175000000 odds ... well, yes it's inadvisable, but it's hard to make an expected-value argument.

No, it was given (symbolically) to Americans for not voting in another Bush.

Yeah! When I purchase something, please make sure my account can't be identified as the one to subtract from!

While offenders may deserve shame, it is:

1. 1. Not fair that some offenders get shamed and some don't (on top of paying the normal penalty), depending on the whims of the police; in the U.S. this would be a violation of the Equal Protection clause;
2. 2. Illegal that the police are effectively adding their own punishment, without any legal basis, on top of the punishment put into law by elected lawmakers --- if lawmakers had wanted public shaming to be part of the punishment, they could have made it so;
3. 3. Unconstitutional that the punishment will apparently be put on accused rather than convicted people.

I wouldn't want to get hurt and not have my medical insurance card or ID, when my phone battery happens to be dead.

There was a Doctor Who novel, I think this one, The Murder Game by Steve Lyons, where there was an "Assassination program"... a sophisticated malware package that just required to be configured with the victim's name, and it would search out means to physically kill them via computer-controlled objects.

I'm no expert, but even today it sounds almost possible. You need: (1) a way of tying victims to physical objects and locations (DMV records, toy purchases, planning permission applications, ... ), (2) hacks for physical objects (cars, street lights, Mindstorm Legos, home automation systems, ...), (3) a worm/virus base to spread the code to computer systems physically near the objects.

If that sounds like an implausible engineering effort, remember that malware packages are incrementally improved on and made more powerful over time... it would start out with some simple and unlikely-to-succeed algorithms, and evolve into something with a huge array of killing options.

(Maybe at that point people would start taking privacy seriously.)