The user/admin can also flick the switch to allow unsigned code which was my entire point - trojans are a security risk because of the person who installs them and not some inherent flaw in the OS.

There is not a single OS that is not vulnerable to a trojan. If this was a virus, drive-by download, or infection of a repository, then that would be disconcerting, but there will always be people who fall for trojans and the OS they use has little to do with it.

Now is the perfect time to build out a test server, fire up your applications, and start looking for all of the regressions. File the bug reports early and make sure that all of them are fixed before you even attempt to deploy this to your servers. Lately Oracle has been one of the worst offenders for regressions to the point that it seems like they threaten death to developers who test anything other than the new features.

Actually, the usual saying is "I was only following orders" and is usually meant to rationalize behavior of people in organizations that started out somewhat innocuous but descended into immorality. In this case, we found out that an agency that was created from the outset to spy on other countries is currently spying on other countries. Out of all of the horrible things that have been revealed about the NSA, this is the least surprising.

Just because something was done well does not make it patent-worthy. You can't just create a patent titled "Phone Unlock That Doesn't Suck". Apple may have made one of the best interfaces for smartphones at the time, but that doesn't make necessarily make the features of that phone novel or patentable (at least in countries with sane patent laws).

Clearly the proper metric that used here is to charge for LTE data use per individual (or even per GB).

No, the proper metric is to charge whatever ridiculous rates for whatever ridiculous service dipshits are willing to pay to achieve maximum profitability. That's Economics 101.

Seriously, who writes checks anymore? They should just use their bank's bill pay system like a normal person.

This technology could be useful when you need privacy, like when you just have to talk shit on someone who is in the same room as you, but you can't dictate the message out loud. But for the most part, this seems like a highly inefficient form of input and is probably just a spaghetti-against-the-wall submarine patent in the event that someone else implements the feature and it takes off.

According to another poster who claims to work for a large ISP these modems/routers are remotely accessible so the ISP/law enforcement don't not need to walk to your home to retrieve any information they need from it. However these devices don't have the memory required to store the DHCP logs you talk about. Any relevant information would be sent by the router to the ISP during the signon process and be kept there.

So this person is claiming that there is a back door in these devices that can be exploited without the network owner ever knowing. That sounds even worse than my original concern. Of course, it's only supposed to be accessed by the authorities, but once you open a back door it's really hard to only let the "good guys" in and keep the "bad guys" out.

Your scenario only makes sense if that criminal specifically wants to implicate you.

Why wouldn't they want to implicate someone else for a crime? Implicating someone else throws the trail off of the real perp.

Otherwise the whole "stealing Xfinity credentials and driving to be in range of your home Wifi" exercise would be pointless as for simple anonimity it would be much easier for him to pick any Internet cafe or even his home (no credentials to steal) and just use something like Tor.

Tor is not really anonymous and internet cafes are full of witnesses. Parking your car at 3:30 in the morning in a neighborhood full of Xfinity hotspots would leave fewer witnesses.

Now if someone wanted to implicate you by spoofing one of your MAC addresses, then using Xfinity credentials that don't belong to you would be stupid.

I agree that it wouldn't make a lot of sense, but confusion is a tool that has been used by malicious people for thousands of years. It throws the scent off of the real perp, buying precious time to get away or cover up the evidence.

Who are you to rate this scenario as 'low probability' rather than 'totally implausible'? Some kind of fantasy world super hero with an arch enemy?

Who are you to say that it is "totally implausible"? Besides, the fact that you and many other people would consider it "totally implausible" is all the more reason for someone to attempt it. :)

What I meant to say is that the MAC address of the "visitor's" computer is tied to the IP address granted by the WiFi router. Any digital detectives worth their salt would want better evidence than the username of an account which could be easily hacked or phished. They would want to tie the activity to the device that was used to commit the crime. The best way to do that would be to get the MAC address of that device. While it may be possible that Comcast's web app scrapes the MAC address from the OS and sends it during the log in process, given the large variety of devices they would need to support, that is highly unlikely. Instead, the only likely way to get that data is to retrieve it from DHCP logs of the WiFi router that granted the wireless connection. Which means you will likely be inconvenienced when a crime has been committed from your wireless router. Add on top of that the fact that most cyber criminals would be smart enough to spoof their MAC, preferably with the address of someone who lives at the residence that owns the router, and there could now be strong evidence that YOU were the one that committed the crime. I will admit that the odds of this happening to you are relatively low, but the consequences are great, and in my opinion, not worth the risk.

It's BOTH of their faults. It is the government's job to know what the hell they want and to provide solid requirements. If the government is not doing a good job of providing concrete requirements, it is the job of the contractor to extract those requirements from them or come up with their own requirements and get the government to formally approve them. If that is not done, then the requirements continually change, the project drags on way past it's deadline, and since time is money, the project goes way over budget. In those cases, the contractor is usually the one that looks bad, so it is to their benefit to demand concrete requirements rather than forge full-steam ahead on loose or incomplete requirements.

Ballmer told the board last June that if he didn't get what he wanted, he wouldn't be CEO any more

So Microsoft could have declined to buy Nokia's handset business, retained the $7b they would have spent on it, and have gotten rid of Ballmer sooner? That just has win all over it. And in classic fashion, they stumbled once again and made the completely wrong move. At this point, watching Microsoft implode is starting to transition from hilarious to slightly sad. After what they've done to the software industry, they deserve to suffer, but at some point they're going to need to start making smart moves if they want to continue providing serious competition.

As the parent said, the IP address that will come up is not the cable modem's owner so there's no reason why searching for it would turn up the name and address of the cable modem's owner

That IP address is still tied to the MAC address of the cable modem's owner, so where do you think law enforcement will go for answers? Sure, there's plenty of reasons to exonerate the modem's owner, but at the very least they will be inconvenienced by law enforcement officials and at worst, some aggressive departments would try to levy charges just to put someone on the hook. The odds of that happening might be low, but you have to ask yourself if it's worth the hassle.

Or else explain why we have not seen thousands of such cases in Spain, France, Germany, Japan where such setups have been in place for years

They have different cultures where law enforcement may be more concerned with convicting the actual perpetrator rather than just getting a conviction. I admit this is pure speculation since I am not familiar with law enforcement in those countries, but I do know that in the U.S., many police departments and prosecutors are more concerned with increasing their percentage of solved crimes and convictions than making sure they got the right people.

It sounds like they're put in a separate virtual wlan than you are, and are given a separate IP.

I'm sure law enforcement officers and a jury would easily understand these concepts and there won't be any people unfairly put on trial for an outsider abusing this feature.

Are we talking about candy bars, or carrots?

Fruits, vegetables, pasta, pretzels, occasionally candy (although no chocolate since that has fat that leads to the digestive issues). I believe the reason that I have lost the weight is that my calories per portion went down significantly even though my carb intake went up. The point is, people don't need to demonize one type of nutrient and avoid it altogether to lose weight and become healthier.