You base the choice about which router and firmware to run on a measly side-feature, that also locks you into the router vendor? What. The. Fuck.

My bad. Somehow I was assuming the server is in your home LAN.

It's a common notation among official OpenBSD developers to refer to individuals by their mail user name - without the openbsd.org domain. You see it in almost every commit and in mails when the person's role as an official developer is emphasized.

OpenVPN with --tls-auth protecting the TLS layer. That protection made OpenVPN safe against Heartbleed. Doesn't work if you have untrusted users, obviously.

Don't VPN directly into your LAN. Use a hardened node in a heavily firewalled DMZ and use SSH from there.

OpenVPN and OpenSSH simultaneously having a vulnerability is pretty unlikely.

If you've never heard of him, you're not part of any important "tech community". Period.

The whole design of including a variable-sized payload into a heartbeat is completely retarded.

This was either deliberate or Seggelmann is the dumbest fuck on earth.

Wait, you assume it was a mistake?

I've read an assessment that says if you wanted to plant a perfect backdoor, it would look exactly like this.

Wrong, in 1.0.1.

An inherent property of security theater is that both success and failure lead to increased funding.

"It worked!" "Great, but we need to prepare for future's technology. Let's expand the system."

"It didn't work!" "We need to expand the system."

This madness needs to be stopped.

Genius!

Just use a current search engine but with a future database and actch all terrorists! Why didn't anyone think of that?!

If you don't increase your mining more and more, others will do it and your global share of future Bitcoins shrinks and shrinks, since more and more mining power means less and less Bitcoins per GH/s due to difficulty adjustment.

So far, all I've gathered from his disclosures are gross violations of rights. What did he disclose that is not that?

Snowden did nothing wrong. He broke a wrong law. That's not wrong.

How about only hashing files with identical file sizes?

Sounds awesome - and you're not even running any applications yet. Some people just don't have that amount of time to piss away, though.