A correction.. IE uses the windows certificate store. It doesn't hold it's own set of certs. I know firefox used to have its own set of certs. I'm not sure if that's still true. I'm pretty sure chrome also uses the windows certificate store. In most cases, using the windows cert store is the right thing to do. I can understand why mozilla would want to manage some of this themselves. If they need to roll their own cert store for their cross-platform support, it might just be easier to do that than keep up with all the differences between platforms.

But the main idea is that if you trust the windows cert store, when things like this happen, the cert will be invalidated for everything, not just IE, or Safari, or whatever. Companies can also then add their own certs, regect some, etc in a central database. It's annoying for an IT dept when individual apps do their own thing and don't respect the platform's settings.

The people working on features like this very rarely wrote the original code. If someone handed you 50 or 100k lines of assembly code with little/no documentation and needed you to make a few fixes or add a feature, it's pretty easy to miss some of those assumptions. And it's especially true now since virtually no one writes assembly code. New products are written in modern languages like c# or java specifically for these kinds of things. A lot of language features were actually developed to manage problems like trust in an enforceable way. There are going to be issues like this cropping up for years to come but it's certainly a situation which is getting a lot better each generation as more and more components are re-engineered with modern security.

They review flagged videos. Every action is a one-off. This result is expected and not at all surprising. Trying to build an argument around hypocrisy here is just misleading.

I keep earplugs at my desk as well as headphones. I have my own office but conversations bounce around the halls here pretty badly. It's typical for there to be two or three conversations happening within listening distance.. The earplugs block out 100% of that quiet chatter which is awesome for avoiding distractions.

If you're trying to make a case against socialized medicine, keep in mind that most countries do provide financial incentives to do better. Eg they get a bonus for convincing someone to stop smoking. In the US, the medical industry would seem to benefit (make money) from smokers.

Only the more modern GPU support it. And of those, there are still different levels of support. Even if it's supported, you would probably get much better perf on an nvidia card by using cuda for example. So in today's world, you can't just use an onpencl-powered encoder, it depends on what hardware you have.

Not really true. Siri can search. But siri can also do other things. I can't exactly type "remind me to pick up my paycheque when I get to work on friday" into google. Wolframalpha can also answer some pretty interesting queries that google can't touch. I suspect that with future versions, we'll see more and more useful stuff sneak into siri. Maybe partnerships with more companies, eg comcast: "siri, record tonight's episode of dancing with the stars". It's kinda gimmicky right now but if it works really well for your voice, it can be really nice at times, like when you're driving.

Is that actually what it responds with? I don't have siri so I can't verify that. But the query works fine through wolfram.

http://www.wolframalpha.com/input/?i=What+is+the+status+of+flight+647+on+United+Airways%3F

My personal expectation would be that the question would be routed to wolfram which would respond with the primary answer: "en route to San Francisco, California (KSFO) from Washington, District of Columbia (KIAD)."

If it doesn't work, I'd think of this as an edge case as one of their service providers does in fact have the answer.

I find the wolframalpha stuff far more interesting. A lot of people don't understand wolfram and don't think to ask computational questions. People assume a question like "what was the distance between the moon and mars yesterday" would require a ton of work to figure out. But siri would happily direct that one to wolfram and get an answer. It also has a lot of good integration. It's pretty good for what could still perhaps be considered a v1 implementation. I'd love it if siri had some more persistent data-driven/repeat-query aspects. Like "remind me to schedule a BBQ when there's a sunny weekend coming up". (yes, I live in seattle.).

Sorry, I meant most every smart phone currently on the shelves for purchase employs full-disk encryption. In most cases, manufactures implement it to allow corporate exchange email access. If the device supports exchange, it typically has full-disk encryption (early iphones were an ugly exception..). One of the exchange activesync requirements is that the device supports a secure remote-wipe. iphone 3GS and newer have full hardware encryption. Android 3.0+ devices use hardware encryption, and all WP7 devices use it. I'm sure blackberry does as well but I don't know their history very well. So the result is that these devices all support the remote wipe feature. That means if you enter the pin wrong a number of times or remotely trigger the wipe, the encryption key is deleted. That way, it doesn't take hours to securely delete all the data from the disk. The only thing that needs to be deleted is the encryption key. The flash always has some encryption key set. That's why setting up the remote-wipe or PIN-based wipe doesn't require you to spend an hour reformatting and encrypting your entire flash storage.

Yup, that's what I meant.

To elaborate, on the PC side, that 'dedicated hardware' would be a TPM chip. You find those in most business-class notebooks now. If you have one, you can use bitlocker with just a numerical pin. The TPM chip will hold the full encryption key and only provide it to the OS when the correct key is provided. Too many failed attempts would wipe the key. And, as you suggest, you can have the full key saved securely somewhere else as a backup. You might need it if you forget your key, enter it in a bunch of times, or need to recover the data from the disk using a different machine.

You may have missed the point that all data on most phones is already fully encrypted. Hardware encryption/decryption doesn't use that much power. It's also not slow. Another example: intel's 320 line of SSDs. They're still the very low 0.1-0.2 watt SSDs (compared to around 1-2 watt for a standard laptop hard disk) with awesome SSD perf.. they have full-disk hardware encryption built in as well. Basic encryption is only expensive when done in software.

WinMo 6.5 (and possibly earlier as well) had a nice option. After the limit - 1 attempts, you had to correctly answer a basic (for an adult) math question correctly to try again. There was also a warning about this being a final attempt and any more bad guesses would delete all the data. That took care of young kids and friends who don't realize that failed attempts wipe the device. I've had my ipad wiped a number of times at parties and such when someone picks it up and enters a few pins out of boredom.

I never owned one of those older windows mobile phones.. but I hear people (ahem, parents) who've upgraded complain about that on occasion.

On a decent device, the PIN should be stored in specialized hardware. When you get it right, it releases the encryption keys to your data. If you guess wrong several times, the key (and therefore your data) should be destroyed. If the OS internally has easy-access to all the data without your PIN, we can expect data to be easily compromised using the vulnerability of the day. A secure design would use full-disk encryption to facilitate fast remote-wipe operations. But to protect the data when a wipe hasn't happened, the user data should be encrypted with the PIN as I described initially. The encryption key could be available to encrypt income mail and data while the handset is locked. Then, when unlocked, the phone can finish merging the new data into the email/whatever database. As soon as you lock your phone, it shouldn't be possible to brute force the PIN to access your mail due to the max number of guesses enforced by hardware.

But in addition to this, if the device doesn't require a PIN to unlock the full-disk encryption on boot, it's vulnerable to viruses being installed on the device. Then that could monitor the device and record any PIN entered by the user. I don't really know of any phones that actually implement a really good security scheme. Your best bet is to avoid having sensitive data on your phone. For example, you could use HTTPS to access gmail rather than adding the account to the phone itself. Of course, for most of us non-criminals, we don't really care. It's usually our employers who own the IP saved in our phone.

Having access to your own data produces a very positive feedback loop. If you can see your schedule drifting, you can reorient yourself to correct it quickly. I keep track of a few things such as when I wake up, go to sleep, get to work, leave work, and a small handful of personal metrics such as a numeric value for how effective I was at work on a given day.. I've learned a lot from it. For example, I have a better idea now of how my level of engagement (# of hours worked) relates to how effective I am. If I spend a few more hours, I tend to be significantly more engaged. It helps me figure out the difference between burnt out and disinterest. After a crappy week, I might choose to work all weekend or turn off my work email and relax. Depending on what kind of funk I'm in, it can help me decide how to right the ship.

So when I see a boring graph, I see someone who has figured themselves out. It's figuring yourself out so you know what you need to track in order to effectively manage yourself.