What mail reader in this day and age automatically activates malware? It's been a long time since outlook had any issues like this since Microsoft figured out that 'active content' was a very bad idea.

There is a lot of work being done now on behavioral analysis, with some products like Invincea and Cylance based on this idea. From the limited testing that I have done with them, they seem pretty effective. Of course, malware authors could just start changing their behaviors to avoid these tools, but if malware doesn't act like malware anymore, it stops being malware. And of course you forgot reputation services like those already being implemented by browsers and OS vendors. These force malware users to keep moving their sites and C&C around, making it just that much harder. Which is a good thing. Today, what we call "antivirus" is already using these two approaches to some extent.

I think the parent's point was that it might be unclear how to find an official taxi in a strange country (what do they look like, how to locate them, etc.), but finding an official Uber taxi is always the same process. I don't think he was knocking Bangkok's official taxis.

It is unclear (at least to me) how much the alteration of the original pathogen might affect it in other ways. Biology often involves trade-offs. The changes might make it less resistant to current antibiotics, or make it easier for humans to resist naturally. So you could take Ebola and make it airborne somehow, but that change would likely involve tradeoffs that would reduce the impact.

With a link to "Men Shouldn't Be Overlooked as Victims of Partner Violence" at the bottom, it seems easy enough to explain.

FTFY

I got the impression from the article that a lot of miners do the same thing. Maybe this miscreant targeted miners that he knew or guessed were slack in that regard. Or maybe just got lucky.

Apparently he was able to spoof some control messages to the miners since their only validation was IP address. It is an interesting question: since they should have known about this BGP vulnerability which has been used before, why didn't their minerserver communication have stronger validation? The answer would be, I think, that they didn't bother since it happens so rarely. Probably from now on they will start using another layer of validation. Yet another example of how security happens in the real world: it doesn't get used until the pain gets bad enough.

I had the same thought. I suppose you could store the key encrypted, and then do all the encryption/decryption in the browser. So Yahoo would provide the browser the encrypted key and some Javascript would do the decryption. The article specifically mentions public keys though, which makes me think they must be working on providing a directory of public keys for Yahoo accounts as well. Another option would be using a browser extension. I guess we will find out in time.

I wondered why the text in the video said "no soda can"

I wonder if the pressure of sunlight or solar wind on the panels could add up to a significant factor with this low level of tolerance.

You are confusing this with 'probe the rosette' which is entirely different.

The ESA overview uses the terms 'orbit' and 'orbiter' many times when describing this craft so I am a little confused. How could Rosetta follow the comet for 15 months, when they had to power it off for years just to get there, if it isn't orbiting the comet? Maybe it is simply sharing the comet's orbit around the sun? Maybe just a difference in what is meant by 'orbit'

Inflation is quite low right now relative to Weimar Germany, for example. Or the inflation experienced by Zimbabwe and Argentina at various points in the past.

Of course, the company which reveals this offers a $120/month breach notification service so they have a strong incentive to exaggerate. I'm not saying we should immediately discount these claims but let's make sure our grain of salt is in there.