Am I the only one who read the read the article?

The Mylar system supports searching of the encrypted data and encryption with multiple, separate keys allowing multiple users to have access to specific records without requiring any key sharing.

The server can operate in a completely compromised fashion (in theory), as the data is all encrypted on the client side, before it goes to the server, and the server will never have the plaintext or the key to decrypt the ciphertext.

They seems to be operating under the assumption that it is much harder to compromise all the clients than a single server...unfortunately I don't think that claim holds up as there is nothing to prevent compromise of the clients if the server is compromised, via simple XSS-like attacks, which will be trivial since it will be same-origin.

IMHO, the only way to make something like this really work, would be hardened browser clients, with special encryption APIs which cannot be directly accessed by code that the server can inject (NOT JavaScript).

The foremost point of prison is to keep bad individuals where they can't harm the general populace, and to punish them for their actions, with the hope that they will correct their behavior.

Using a time dilation drug does in lieu of actual time served does nothing to help keep them off the street.
Using a time dilation drug as well as a normal sentence amounts to psychological torture or near torture, and won't help with any corrective process which might have prevented repeat offense.

Bottom line: drugs like this have no place in or penal system, regardless of the ethical ramifications of using them on prisoners.

When cryptographers say that a PRNG is deterministic (in a bad sense), they usually mean it violates one of the following rules (or similar):

1) It should be realistically impossible for an outsider to determine or guess all the values that constitute a seed.
2) No matter how much of the "random stream" an attacker has seen, they should not be able to realistically determine the next value in the stream (without all the sources of entropy throughout the process).
3) Given the initial seed, an attacker should not be able to determine the random value at a point in the future because that value should constantly be affected by both new "entropy" inputs including the number of times, size, and amount of random data previously requested.

My company does it, and it isn't for malicious reasons of spying on their users. It is done so that IDS and IPS can actually detect malware downloads and C2 communication over SSL. I suspect that's the primary reason most other companies do it as well. If they don't the company can't adequately detect or remediation most modern malware.

Detection of exploit kits via HTTP monitoring is one of our primary indicators of compromise, so this information is vital.

A lot of people don't trust their car manufacturer to be in charge of firmware pushes. That makes perfect sense. Maybe the best approach, would be utilizing special software on existing smartphone platforms. This solves many issues at once. Car owners don't have to worry about their car "phoning home" or the dealer pushing "fixes" without their knowledge, while simultaneously giving the car owner, and the dealer the advantages of a remote software update. If you want it, you can install the dealer's smart app, and hook your phone up to your car for an update.

There are, of course, new issues. You need to properly sign and validate your updates, to make sure they are delivered to the cars uncorrupted, in the correct format, and that no one else can use the functionality to hack the car.

Yes...just like when your router goes down, you loose internet...

After I found that my ASUS RT-15U was running telnet with a default password, open to the world which I couldn't kill or change the password on, I swore of embedded device routers.

I have replaced it with a small Debian box with dual NICS, and bought a 24port switch from TPLINK. It was the best decision I have ever made. Perfect reliability, complete control, via IPTABLES. I've got auto blocking of malicious ips trying to hit my ssh or port scanning me via DenyHosts and PSAD.

A couple other custom scripts and DNSMASQ, dhclient, snort, and python, and I have all the other services and features I want, and ONLY the services and features I want.

...when their virtual boss tokens get hacked by their competitor or APT.

I always end up going back to a customized XFCE, but about every 6 months, I decide to try something else, and usually end up wiping my system and reinstalling before I'm done.

My wife has a mildly customized XFCE setup, and she loves it. It almost never gets changed or tweaked.

Out of the four harddrive failures I have had in the last ten years (I often replace smaller drives with bigger ones before they fail), 3 of them were Seagate drives and one was a hitachi. I will never by Seagate again. Meanwhile my other Hitachi drives and Western Digital drives still spin on.

Though this tool might prevent DOM traversal and node name referencing, it most certainly will strive to keep the website layout the same, from the user's point of view. Therefore, a simple bypass is to look for inputs via relative page positioning. That should completely bypass the anti-bot automation functionality. This type of check would be easiest to perform at a lower-level, but it certainly can be done via bot injected Javascript.

I got an older version of this: http://www.amazon.com/Cables-Unlimited-USB-2545-Eco-Friendly-Battery-Free/dp/B001EBJ9XS/ref=pd_sim_sbs_pc_1 (but without the idiotic double scroll wheel). Best thing I ever bought. No batteries to charge or replace.

Communities make laws that represent the majority in their community. They also commonly erect statues that represent something about their community. We don't throw out laws when one person's views are represented. How is it that a conservative community can't display a symbol with historical significance which represents the majority view? It isn't being "forced" on anyone (unlike a law). If you don't like the statue, don't look at it. There might be a case if tax payer dollars were used, but they weren't. If at some point the majority in the community no longer feels represented by the statue, then they can elect council members who will tear it down.

Wake me up when they have created the world's smallest graphene violin!

Each year it is a national joke some of the idiotic studies that get federal grants. If the federal government is paying for it, then it makes perfect sense that the grantee should justify why the research will benefit the country.