You're quite right, actually. I didn't really want to go into all that detail with my post though, and knowing the "average" IT guy I think I'm still safe saying that they'd say "Hey, that should be in a datacenter!". ;)

Before everyone gets all spun up on government waste, inefficiency, etc - I'd like to point out that numbers like these are never accurate. (For the record, I work for the feds, in the IT field).

The problem with "The feds have X datacenters" as a metric is that various audits occur at different times and by different auditors. These auditors almost always have differing definitions for what a datacenter actually is.

In one audit, a group can come through and define "Datacenter" as a big room where servers are co-located and services run on behalf of others. They'll find 2 at my center. Then a year later, a different group comes in and defines "Datacenter" as anywhere that more than 5 computers are running and left on all night. They'll find 200 at my center. Yes, this actually happened! The auditors came through dozens of science labs, found project servers sitting in the labs, and labeled each lab a datacenter.

Now here is the trick to why the statistics are complete mush. A normal IT guy would walk through the lab and say "Hey, that server should be in a datacenter!" -- but the auditors make the reverse conclusion. "Hey, this lab is a datacenter".

Yes, there is waste in the federal sphere and we absolutely need to take action to be more efficient at all levels. However, this article is basically pushing a number that came from someones' imagination, and pretending it's meaningful.

Duh, how could I not think of a prompt + whitelist. :P

Then again, that presents the "NoScript" problem. While techies generally tend to use noscript, I pretty much see non-techies clicking "Temporarily allow all this page" on every page they visit that "doesn't work right" without even looking at the URL lists. So, a prompt to whitelist content would probably just get the same treatment. Better than status quo I suppose, but not a panacea either.

Wouldn't this feature also kill things like OpenID and other "Single Sign On" services?

If one strace's the chrome flash plugin process one discovers that in 10 seconds it issues 56,000 system calls -- 53,000 (95%) of them are useless gettimeofday() calls

Per my co-worker: That's probably why flash sucks so bad on MacOS. Apple won't give them the time of day!

She didn't make it up, she quoted a senior official - the Boeing payload manager at KSC (Mike Kinslow). This is the first public mention that I've seen, but it is in the planning stages (as a recent addition, which is why this is the first public mention of it).

One of the well documented problems is that if you cut wood that is "too wet" then the brake will activate, thinking that it's hit flesh.

So really the article should say "Each time you cut wood that's too damp (which you have no way to determine beforehand) you pay $169 to replace the blade and brake". That puts into focus why some woodworkers who know how to be careful do not WANT the safety feature.

So what DO you do when the battery charger bursts into flames on orbit?

I'll reinforce your point here. Knowing something about the fire response strategy on ISS you do the following:

1) If you actually are lucky enough to witness the charger burst into flames, remove the power from it, hit the fire alarm, put on a mask, and expend a CO2 based fire extinguisher on it. The mask keeps you from asphyxiating yourself with the extinguisher.

2) If you don't physically see what happens (which is most likely, ISS is big and some modules may go unattended for hours) - the combustion products will trip off a cabin smoke detector in the module. That will stop ventilation inside the module and ring the alarm. In most cases, this will put out a fire in zero g - fires tend to smother themselves without gravity to force convection currents.

Meanwhile, not having any knowledge other than a smoke alarm from a module, the crew will converge in a safe haven in the vehicle away from the fire. Two (of the 6) may go forward to investigate with masks, fire extinguishers, and a hand held device to detect combustion products (mainly so they know if they are entering a lethal pocket of CO or other gases). Hopefully the module isn't a total fog of combustion products - if it is, the crew is likely to isolate it and leave it. If you don't know what the fire source is (because you can't see it), it may well end up that the entire module ends up getting powered down to ensure an electrical fire isn't being fed. This of course has some pretty serious ramifications as well - shutting down power to a module is not a simple event to reverse (since all the computers, cooling, lights, etc. go down with it). It's likely that collateral damage to a module's systems would happen if that were done.

Even if you do understand what happened and know it's out, the harmful gases from burning plastic aren't going to just go away on their own, they have to be scrubbed out with deployed fans and special canisters. It would take weeks to clean up.

Fighting a fire in a closed environment is very different than something you would do in your home. In zero gravity, most of the control is by prevention - don't use flammable materials, stop ventilation on a detected fire so it doesn't spread, don't use things that generate poison air when they burn, etc. Even a minor fire that many of us have encountered at one time or another (smoked electronics, plastic bag on fire, etc.) would be an extremely serious event in space. That's why so much time is spent making sure equipment conforms with fire prevention standards.

Sounds like an excellent idea for foreign espionage. Set up a private shell company, then invite a bunch of former officials who know exactly how the real systems work, to get together in a hotel you've bugged and start pretending they're responding to a cyber attack of some sort.

Official1: "Call the NSA Task force Orange, tell them to begin operation Stork."
ForeignAgent: (making notes) Operation Stork.... NSA... means X..."

FYI, NASA does not have a pension plan and has not for years. Lately, we're all on the "TSP" - Thrift Savings Plan. It's the government equivalent of the 401k.

There's another important factor in the paranoia about data breaches and risk that's often VERY overlooked.

As part of the chain of responsibility, the CIO community (the individual CIOs at the 11 NASA centers, and the federal CIOs in general) are very risk-averse. Why might that be? Well, in addition to the normal slamming your agency has to endure if there's a data/privacy breach, the CIOs and decision makers may also be civilly or criminally liable for negligence if it can be shown that they were permitting workplace practices that went against federal regulations. A few CIOs that I know are actually carrying personal liability insurance (out of their own pockets) to cover themselves in case such accusations are leveled.

Now, imagine you're the person tasked with pushing the envelope technologically (Hey, it's what NASA does) but the only thing your bosses ever remind you of is that it's your ass on the line if anything is ever breached, inappropriately stored or transmitted, etc -- and that fines and jail time aren't out of the question. That's enough to make someone pretty risk-averse!