Ignoring for a moment whether or not rights are subjective.

Earlier on you awkwardly defined rights as "things that it is wrong for the government to interfere with its citizens doing". Rights are much better defined as entitlements or permissions granted by agreement.

As another poster pointed out this is an issue about freedom of speech versus the right to privacy.

In this case you clearly seem to value freedom of speech over the right of privacy. However, that doesn't make it right (no pun intended) for you to say that the original poster doesn't "understand what a right is".

Yes, they are.

Nothing you just said counters the statement that "rights are highly subjective".

It's you who doesn't seem to understand that rights are highly subjective.

Right Mister investigative journalist, how do you disprove the following:

• Go to http://uk.asus.com/news_show.aspx?id=15908
• On the left side there's an advertisement for the Eee pc which links to http://www.asus-uk.com/eeepc/about/

Ok so by your own admittance we've proven that asus-uk.com at the very least is in fact an official Asus website. Right now let's take it one step further, here's a link to another page on that same domain:

• http://www.asus-uk.com/eeepc/1008HA/

Still asus-uk.com right? Read the page and see that it states: "It's better with Windows®" and links to http://www.itsbetterwithwindows.com/

I'd like to hear how you're going to wiggle your way out of this one. Oh it was just the UK branch, you say? Oh, it was just a lone mad sales guy? Asus was never serious about putting Linux on their netbooks, laptops or whatever from the get go. If you've ever used an Eee pc you'd know that the custom Xandros distro stuff was a disaster and anyone worth their salt would immediately replace it a properly configured distro (in a lot of cases Ubuntu). Asus well never get any money from me again.

Your entire post did nothing to counter the statement made by the GP that Firefox users are stingy or even elaborate as to how you yourself could not be called stingy. Judging by some of the other posts you've made you certainly sound stingy to me.

It doesn't really have anything to do with a conspiracy. I know some people will immediately go in a frenzy for me even recommending this but if you haven't consider reading some of Chomsky's political stuff such as Manufacturing Consent or Media Control. Then to balance everything out take a look at the criticism section from Wikipedia's article on Chomsky. But most important of all, stay critical and form your own opinion.

They're not? Correct me if I'm wrong but if there's a keylogger on your system your private key has already been compromised and all that the attacker needs is the passphrase. It may even be possible to simply do stuff behind the users back while the passphrase is cached.

Same reason I'm not sure if your idea about introducing another machine or VM and then remoting into that makes sense. A dedicated machine would help but you'd actually need to have a KVM switch.

Exactly, the confusion here might be in the terminology. Password versus passhrase.

Anyways, just using keys doesn't magically make everything more secure, it just negates brute force password attacks. From the few high profile cases I remember the compromise was the result of somebody's private key being compromised (e.g. the Debian compromises).

The only true solution is a combination of the principle of least privilege, sandboxing (SELinux etc.), proper monitoring and a whole host of other security measures.

I'd say that it depends on a lot of factors really.

First of all it depends on how mission critical the services that run on that system are considered and what kind of chances you're willing to take that a particular package might break something. The experience and available time of your system administrator also plays a significant role.

There's also the very highly unlikely scenario that a certain update might include "something bad", for example when the update servers are compromised. See Debian's compromises at Debian Investigation Report after Server Compromises from 2003, Debian Server restored after Compromise from 2006, and Fedora's at Infrastructure report, 2008-08-22 UTC 1200.

I currently manage just a single box (combination of a public web server and internal supporting infrastructure) for the company I work at and have it automatically install both security and normal updates.

I personally trust the distro maintainers to properly QA everything that is packaged. Also, I don't think any single system administrator has the experience or knowledge to be able to actually verify whether or not an update is going to be installed without any problems. The best effort one can make is determine whether or not an update is really needed and then keep an eye on the server while the update is being applied.

In the case of security updates it's a no-brainer for me, they need to be applied ASAP. I haven't had the energy to setup a proper monitoring solution and I've never even seen Red Hat Network in action. So if I had to manually verify available updates (or even setup some shell scripts to help me here) it would be just too much effort considering the low mission criticality of the server. If there does happen to be a problem with the server I'll find out about it fast enough then I'll take a peak at the APT log and take it from there.

Since you basically need root access to do updates this definitely poses a security hazard as when your client is compromised there is direct access to the server. Then again, an attacker could always use a keylogger to capture the password anyways.

If you even attempt to do this I'd setup a different user account specifically for the process of updating and limit the rights accordingly and then I'd restrict the commands that can be executed (you can do this per key).

There may actually be better ways but I'm not a very experienced sysadmin. Most experience I have is from managing a single web server and my local desktop obviously. Be sure to correct me (in a friendly manner) if I'm wrong.

Then again, if you do this from the same machine as your normal account is located on you'll still have the same issues in case of a compromised client. Probably just best to limit every single account to just that what is specifically needed and setup proper host based intrusion detection (OSSEC?) to be notified when something goes wrong. This stuff is hard...

Uhm, IBM Lotus Symphony is basically a fork of OpenOffice.org 1.1.4.

This information is quite disturbing to me. This sucks. I've been completely disappointed with the battery performance of my new ThinkPad (I previously had a R51, which also didn't have a very great battery life).

I have a X61t (model 7767BFG) with a 4 cell 2000MaH battery (model 93P5031) and another separate 8 cell 4500 mAh (model 93P5032). With the usage you described using the 8 cell I would be able to get 1.5-3 hours of battery power (not exact numbers since it's been a while since I tried).

Running 2.6.27-14-generic.

47,- euros a month for unlimited access? Is it bound to a specific route?

I live in The Netherlands and my costs far outweigh that number. For the sake of simplicity let's assume I travel the same route 5 days a week.

A yearly subscription for the train between on a route of +/- 55km would cost me 132.40,- euros a month. Because I recently graduated I received a subsidized public transit subscription which allows me to currently bring this down to about 100,- euros a month (ignoring any taxes, again for the sake of simplicity). Add to that the fact that just traveling back-and-forth between the train station with the bus (+/- 10km) costs me about 4,- euros per trip. That's 80,- euros without a subscription, I could possibly bring that down to about 60,- euros a month with a subscription.

So in a best case scenario (without the subsidized subscription) using public transit costs me roughly 2300,- euros on a yearly basis.

Back on-topic. What I'm wondering is just how much spending is included with the bill that mandates this website. I actually opened it with the intention of at least somewhat reading it, but it has a gazillion more pages than I'm willing to read right now. Starting with a bill that mandates actually reading the bills sounds like a plan to me.