I agree wholeheartedly. I think part of this phenomenon is driven by the fact that people that fall into this behavior are performing a biased comparison. They're comparing all the crap that's current with the cream of the crop from the past. There was just as much crap movies being produced 20 years ago, but we all forgot about those movies, because they were crap!

The issue is that many banks provide credit-backed (Visa, MC, etc) debit cards that are tied directly to one's checking/savings account. If that number gets lifted then yes, the money is drawn directly from the account in question. Granted, only an idiot would use their debit card in a way that exposes them to fraud like this, but it's not a matter of disputing a pending bill - that money is gone, and does not come back until an investigation is completed. I doubt that Anonymous cares enough to differentiate between the types of cards with which they are performing this stunt and exclude the debit card numbers.

This is true . . . however I feel I should expand on this, if I may. One of the support features you get from a paid subscription to RHN is bugfixes/updates shipped directly from their yum repos. If you're not subscribed, you need to figure out a different patching vector yourself. If you want to guarantee security patches are easily applied as soon as RedHat releases a fix, then a subscription may be worth the cost.

So can I. That's because that's how averages work, by definition.

Since SVN is a version control system, it can be used for things other than development. For example, I use the SVN repo at my office to store config files for my networking equipment. Makes it real easy to verify historical changes and provides a roll back point if necessary. Since SVN operates over HTTP(S), I could see the draw to use it for remote document/media storage as well. It may not have all the latest whizbang features one is looking for, but it will get the job done.

Or, what I'd suspect is more likely, it's a workstation plugged directly into a broadband modem, thus getting a publicly addressable IP right on the NIC.

FROM: DoNotReply@ac.playstation.net

Dear *,
To reset your PlayStation(R)Network password, please click on the link below. This link will expire in 24 hours from the time that it was sent. The link will direct you to a PlayStation(R)Network web page and allow you to enter and confirm your new password.

. . .

Sure looks like it came from PSN to me.

False. I reactivated my account by following a link provided in an email from my workstation. And, at the time I asked myself "wait, how do they KNOW it's me???". Short answer: they didn't.

Nothing is 100% 'Hackproof'. Even your example outlined, exploits have been found that allow execution of privileged code on the host system from within the VM.

Are . . . are you implying that DST exists to adjust for some error in our calendar system? If that were the case, wouldn't Arizona's current date have shifted as compared to other States, since they chose not to observe a completely optional practice?

You may want to read up a bit before posting further nonsense: http://en.wikipedia.org/wiki/Daylight_saving_time

I was thinking the same thing . . . any reputable magazine already has a web presence - why would I need Hulu to navigate to http://www.some-magazine.com/ for me?

Ummm, because he's not an American citizen? One can't be a traitor to a community one is not a member of. But don't let that stop you from being a douche. Carry on.

It would seem you two are having completely different conversations at each other.

You're saying that in order to properly diagnose & address a malfunction with a complicated piece of machinery takes skill that the average layman lacks. This is true. But the point GP is raising is that you don't need the same skill-set to understand the underlying purpose of a complicated piece of machinery when it is in working order. This is also true.

. . . it's about usabilty and "good enough" security . . .

If I had any mod points, I'd give 'em to you for this comment alone. Security is not about actually being impervious to attack. It's about making yourself or your assets appear to be a less-than-appealing target to hopefully force any would-be "villain" to chase after lower-hanging fruit. If someone is seriously gunning for something you have they'll find a way to get it, regardless of the barriers presented.

GP is guilty of generalizing, and you're guilty of providing an entirely anecdotal counter argument - "I've never personally witnessed what you're claiming, so it must never occur". It can, and it does. Whether or not that's standard operating procedures for most ISPs of today or the past is something else entirely.