At this point, I'd be tempted to make any would-be astronaut pass the 'n months in standby and hard vacuum before the signal from mission control wakes you up' test, because Our Robot Overlords have gotten considerably better; but it'd be no worse, and possibly better, than the John Glenn launch a few years back.

'Anonymised' is mostly a weasel word. It isn't always impossible; but the more interesting the dataset is, the more likely it is that there's a clever re-identification attack with good odds of success. If you are serious about preventing those, you tend to have to nuke the data so hard that they aren't of much interest anymore.

Unless robustly demonstrated to the contrary, it's an essentially worthless claim.

If you don't trust an OS vendor, isn't using a network monitoring tool on a different host entirely, with physical access to the wire, pretty much the only way to go? If they were so motivated, the OS would basically be a rootkit with device drivers and a userspace API...

TFA specifically notes that the behavior described was observed with all visible 'privacy' settings adjusted. Presumably the story is even cheerier if those aren't switched off.

I'd go with 'no' and 'no'. Yes, the end goal is to discover the cause, the mechanism, and the effect as precisely as possible; but the universe of possibilities is absurdly gigantic, easily larger than you could ever afford to study.

So what do you do? You start by trying to cut the search space into more manageable chunks with this sort of study, which doesn't provide the level of precision you ultimately want; but can (relatively) cheaply and easily provide some leads on what is worth looking at in greater detail and what isn't.

ChromeOS tends to ship on Tivoized hardware, which isn't exactly Gnu-Freedom; but, in terms of the software on top of the bootloader, what are the deficiencies? I know it ships a proprietary Flash, and whatever bullshit makes Netflix work; but is there anything else?

If memory serves, the tricky bit was that any evidence we had based on receipts or equivalent, either ours or those of other Good Guys, would be both embarassing and largely obsolete; since the Iran/Iraq war was not exactly a moral triumph on our part, and it long enough past that any remaining munitions would be hazmat but close to useless for military purposes. Evidence of anything more recent, though, was hampered by being almost entirely bullshit.

Hence the ha-ha-only-serious joke told during the farcical run-up to the war: "How do we know Iraq has chemical weapons? We have the receipts."

A few of you had questions about the 'work/life balance' at this company. I take it that those have been settled?

I can definitely appreciate the value of some skills that fall under 'coding', some logic, thinking about breaking down problems in a rigorous way, gaining the ability to make a computer do boring stuff programmatically rather than one-by-one by hand.

However, my understanding(both in personal experience and from what I've read on the subject) is that actually-good, especially actually-really-scary-good, programmers have to be born and then polished, and that just throwing more practice at the unsuited doesn't actually improve them as much as you'd hope.

Is the theory that current education, lacking in CS, is failing to identify promising candidates? That we should be ensuring more suitable people go into CS rather than other areas that require similar talents? That the world really needs more rote-learned java monkeys to keep wages safely low?

Tell that to basically anywhere in the first world... Unfortunately, despite our best efforts, countries seem to go through a generation or two where modern sanitation and medicine have kicked in; but modern prophylaxis hasn't, which goes really badly; but once you get past that, results have been excellent the world over.

The Tor Browser is better than 'just route all traffic through Tor'; but unless you trust that your machine isn't carrying 12 strains of cyber-syphilis, you probably want a non-persistent liveCD OS if you are doing something sensitive.

While that is a possibility(albeit one that could theoretically be ameliorated, barring hardware-level backdoors, by 'here's how to build Tor from mainline and replace our firmware' documentation), I'd be more worried about the fact that Tor isn't dead simple.

The project itself has a list of handy warnings concerning What Not To Do on Tor and expect the anonymity to keep working, even assuming there are no unknown attacks and vulnerabilities at play. Tor has no magical ability to scrub dangerously identifying information from the assorted dumb, lazy, or just plain user-hostile chatter generated by various programs on your computer. It also, as a necessary side effect of its design, exposes some traffic to the exit node, which requires that you be careful about SSL/TLS for anything that the exit node shouldn't see.

That's what makes me nervous about the projects(hardware or software, boxes like this or Android VPN plugins, or whatever) that make it dead easy to route all traffic through Tor. Unless you know exactly what you are doing, that probably isn't what you want. Your day-to-day OS is very likely to be far too dangerously chatty(which means that you really shouldn't use it at all, unless booted to a liveCD; with the Tor browser bundle, that passes only traffic from the Tor browser as a distant second best); but you definitely shouldn't just plug it into the magic Tor box. Some applications you just don't want going through Tor at all. If the traffic is intrinsically personally identifying the best case is that you'll gain nothing and the worst case is that you'll be less secure than you were.

Things that keep people from running the browser bundle on their poxed XP machines and expecting anonymity are good; but Tor simply isn't easy to use, even if it is made easy to set up, and that can bite you in the ass.

They certainly are reluctant about it at times; but the military has the convenient 'reality is what shoots you even when you try to pretend it isn't there' incentive to remain members of the reality-based-community.

Would you prefer advice on escapist fantasy or birth control? I can provide either.