Can we finally put the to bed the idea that being the first (or near first) mover into a specific market is important in carving out a long-term leadership role in that space, and perhaps have people focus instead on making a superior product instead?

For starters, the 1.25 Billion estimate of Sony's lost is pure bullshit.

Even the TJX numbers are not likely a realistic representation. If you go back and review their stock price in the time frames which the breach was announced and subsequent news was released, a small hit seemed to occur, but it did not have a long term impact. The sad reality is that their security efforts were a joke, and yes it costs them, but quite likely not more than it would have cost them to have put forth a considerable effort on security in the first place.

Where things could get interesting would be if companies were legally held liable for failures to secure information of others which they opted to hold. Make the cat painful, to the point where the impact could shake even a very strong company. This would force a real discussion in board rooms, is the default behavior of trying to capture everything on everyone really in the best interest of the company? Should we dump info we do not have a use for? Should we limit what we gather in the first place?

If this were the starting point, then insurance could be interesting. Once a company has completed their first level pruning, then insurance could be sought. The insurance company would then insist to know what data you have? Where is this data? Who has access? How is it defended? Then they could set a rate based on the risk and the liability cost faced by stepped up legislation. In most cases this quote would be high, very high, which should be the tip of that a company should then prune more data, reduce access, and improve security, thus hopefully getting the company to a reasonable position that they should have been with at the begging, but have not been because it was not in their financial interest to do so.

large numbers of people follow the advice os someone who has no training, no proof, or even a decent grasp of cause and effect.

Perhaps you have not spent much time at these gatherings, but the amount of crossover between the them and the bone breakers is rather limited. It is more likely that additional mean spirited T-shirts will be created AND displayed.

Does it seem strange that someone working for the Federal Government (DHS) is asking other Federal Employees to stay away?

Here is Harry Lewis thoughts on the matter...

http://harry-lewis.blogspot.com/2013/03/email-privacy-at-harvard.html

For those not familiar, Harry Lewis was not only the Dean of Harvard College for a number of years, he is also a Professor of Computer Science.

They could simply ignore your appeal, which you would then win by default.

They could simply make a new claim, costing you another $35 dollars, Rinse, wash, repeat until you no longer have money.

But there are no cost for claims to be made against people. Hence they can flood the zone, send claims to ant account that gets email. The incentives on this program are simply wrong.

While not the right fit for everyone Harvard Extension School.

http://www.extension.harvard.edu/

At the bachelor's level they on offer a Bachelors of Liberal Arts (ALB), but they offer a great deal of flexibility in selecting courses including many interesting computer science courses. A considerable number of courses can be taken on-line, but there is a residency requirement. Although it is fairly common for people to commute from quite a distance to attend courses to meet the residency requirement, personally commuted from Virginia to complete my ALM degree.

How about the negative impact caused by hundred of thousand (perhaps a million?) passengers each day being feed an obvious line of BS?

On the off chance that some flight somewhere in the US has an message of actual importance and/or value, it is more likely to be believed and properly acted upon if the recipients have not come to expect nothing but a constant flow of mistruths from the FAA/air crews.

A throwaway device as part of a magazine, finally we have an android device where the complete failure of generally available updates will not disappoint their users.

If companies that went about gathering and/or storing sensitive information for others, then screw it up and allow that information into the wrong hands faced real liability for their failures perhaps more companies would do a better job of protecting their information. Or even better, some may opt to not gather/store the data in the first place.

Fortunately for them, their business partners have established such a low level of success that they can do nothing and show that they have exceeded the industry standard.

......as bad as the handset makers/carriers for Android phones are at getting updates out, most of these handsets will be obsolete by the time this 'update' gets pushed out.

Who cares?

If the only way these things will sell is at firesale prices, then you can guarantee that there will be no long term supply, hence not worth the ongoing efforts of a developer. Just bury them in the desert next to the unused Atari cartridges and move on with your life.