Well, in my mind, the article is saying "can't help peeking at" to mean exposing yourself to it needlessly. We can agree that being exposed to credit information, medical records and the like is a daily part of life at a Sr. level. The issue is people who can't help themselves from looking at private crap that they don't need to see. Admins reading exec emails, poking through HR shared folders, and looking at Medical or Credit data in databases, just to look.

I mean, we have to have this power to do our jobs, we don't have to abuse that power just to satisfy our boredom or curiosity.

The people "peeking" at info are by definition Not Professional.

Yeah, I kind of do to. Those chairs suck. I think the problem is that all the really good designs are patented forever, so we can't just start having the Chinese stamp out stackable Eames chairs by the millions. Perhaps my sarcasm has turned into another fine reason for patent reform?

Another reason for it is that until later in high school I was way taller than most kids in my class, and the chairs are for average height. I'm sure short people had similar problems.

Why do people really need to worry about this? Kids play, they get hurt, they get better, and stronger, and hopefully smarter. I propose we buy little Aerons for all schoolkids because those plastic stackable chairs suck and will hurt their backs. Many kids aren't athletic, and that's fine, but many/most kids like playing throw/hit the ball games, and they should be allowed to.

/'bout the biggest pair you've ever seen, dingleberry!

First question: Are you a good enough programmer to use radio buttons or checkboxes to build a multiple choice quiz?

Well, I don't think Blackwell built his unicycle to be better than a bike, he built it because it was a neat experiment and because he could. He didn't even know how to ride a unicycle before building it, he learned to ride a unicycle just to try to build a powered unicycle. I don't think he'd ever suggest you like, buy one, or anything. He even gives full hardware specs and all the software he wrote to control his devices for free.

Trevor Blackwell built both a couple of two-wheeled versions, but also built a unicycle about half a decade ago. He just figured "If Dean builds it with two wheels, and I can build one with two wheels, I'm gonna build one with one wheel":
Two wheeled original version
Unicycle version

Check out the video link on the Unicycle page, it's pretty amusing to watch him try and stop.

Yeah, I'm interested to see how this plays out, it's clear the current CA system is pretty badly broken/breaking, Moxie's BlackHat talk was a pretty interesting take. Once lots more notaries come online it will be easier to see how to mitigate problems like I mentioned without giving up some of that agility and being forced to check with something that isn't going to be fooled.

I really love the idea of Convergence on the face of it, but I had one serious question:

Convergence seems to solve the problem of a government (Iran) placing fake certs in front of their users and decrypting their GMail and FB SSL connections, and what have you. But what if the fake cert is placed much closer to the target website which is being spoofed?

If you have a bottleneck in front of the target website you want to spoof, can't the attacker take advantage of that and put a fake cert /there/ since, if there are no other paths, all of the notaries would see the same cert, and pass it as "good". For instance, if you take the case of a large multi-hundred-million dollar website hosted in the middle of the ocean, with one pipe feeding that island, if the attacker places their fake cert and proxy at that link, then every notary in the US would agree to pass the false cert. Similarly, if, say, a major backbone carrier had a secret room, through which passed all their data, and in which sat the FBI, they could place a proxy and fake cert there, and all notaries would see that cert and pass it as real.

That could be mitigated by having at least one notary running DNSSEC, but then you can't have a consensus, you have to have all notaries agree, and require the DNSSEC one to agree. This would work, but in that case, just use DNSSEC (Which I do /not/ like the idea of on its face).

I had looked at those 3rd party docs a bit, but they're super expensive, like triple what a dock for a Lenovo T500 would be. And to me a lot of the point is to save the ports from breaking by unplugging/replugging a few times a day, especially the mini-DVI port, we've had a few users that have gone through them, and I think mine is starting to be a problem. I'm not sure my company would go for it, but I can hope.

The "support not scaling" came from a friend who worked at a large, mostly Mac, multi-location company that we've all heard of and use. His problem was that if one of their laptops died, he'd have to call customer service, who'd tell him to take it to an Apple store, he'd say "no, here's what's going to happen, you're going to send me an empty box with a shipping label on it, I'm going to send the machine back to you, then later, you'll send it back fixed". They'd do it, but it was a hassle. Again this was a few years ago, and I seem to recall that they were working on Corporate Support as an initiative at some point recently. Maybe they fixed it. We usually deal with resellers, so if something breaks, send it back to the reseller and have them deal with it. Still, it's nothing like HP enterprise support, log into site, generate ticket, problem gets fixed (at least for server products, I have no experience with HP in the desktop/laptop space).

Huh, I organically seem to have come to the same conclusion. I lean back about 30deg or so which means I'm staring about dead center into my monitors, maybe a bit lower. It means my upper arms are not straight up and down, and I don't have a 90deg bend at the elbow, but my arms and wrists are straight all the way to the keyboard. Also, I've found that armrests on my chairs (Aerons for home and work) do more harm than good and cause elbow pain, so they're lowered out of the way, I don't miss them, and no more elbow pain.

No RSI to speak of yet after 25 years of constant typing.

That's what I said above: "We only automatically block IPs which send mail to our honeypot addresses", and I know for a fact that the only mail sent from said IP was in response to user action, with a user buying something, getting a password reminder, uploading something, etc. I know I'm not full of shit, so why were those specific ranges blocked?

I've wondered if the honeypot addresses weren't super-obvious or guessable.

This is not to say that the company I was with at the time wasn't a huge bunch of borderline-spammers, but in talks with Spamhaus they specifically told me they only (repeatedly) blocked my IPs because they got mail from those IPs. What they blocked was not a network where users lived, it was hosted web-farm only, so it's not like someone's desktop was turned into a spambot either. I really think they just had it in for us.

They are hugely annoying to deal with if you send any volume of mail at all. I worked at a job in which we sent tens of thousands of order status emails per day (were there upsell attempts? Of course there probably were, but the thrust of the mail was "thanks for ordering, have a confirmation number"), and all it takes is a couple of people marking them as spam to get Spamhaus to start blacklisting you, your upstream ISP, your dogwalker's busdriver's cousin's hairdresser, etc.

I know they claim that they only blacklist IPs which send to honeypot email addresses, but I find that claim to be dubious at best, considering the IPs I've had blacklisted in the past.

What makes anyone think the Obama administration is any less authoritarian than any previous administration? Did I use the word Democrat or Obama once? Nope. Until we set aside "right" and "left" and start acting for what is "right" rather than "wrong", we all lose.

The point isn't "Jake's mail should be encrypted". Jake, being a pretty well known crypto advocate and analyst, knows this. The point is that the government has seized his records and communication, with no apparent cause. Likewise, he was one of three Wikileaks affiliated Twitter users who had all access records handed to the government, and DMs as well I believe. He's been detained at nearly every re-entry into the US for the last couple of years.

The point isn't "sucker should use crypto" or "well obey the law then", it's simple harassment of a citizen for acting, not illegally, but in ways the govt. and large private interests don't like. Had he broken a law, they've had their chance to pick him up at any number of border crossings rather than just sit him in a room and stare at him for two hours while planes are missed, etc. This is just the price of being a staunch activist for privacy and strong ubiquitous crypto today.