If anyone played those games and thought "well how could all this batshit stuff all happen in the same place?" now you have your answer.

Where did it actually say that? They know the credentials given to Fazio were used to access the Target systems as the point of entry, but they don't know how the miscreants came into possession of them. The most likely method was a spear phishing attack that allowed a keylogger on to one of the PCs at Fazio. It's simply too far fetched to think that someone trolling with a script happened across Fazio, then just realized they could use it as a backdoor into Target, and then also be in possession of some very sophisticated malware that, oh gee look, matches the Target POS systems exactly down to the firmware rev number.

That's not entirely true. It's not clear how many other targets the miscreants who hit Home Depot, Target, etc had, but they did a lot more than scripted attacks (they used social reconnaissance, then spear phishing, then multiple point-of-entry probes, for starters) in order to get inside, and once inside they put a hell of a lot of work into pulling off their attack, and mixed that with a ton of luck in order to actually succeed. The Target hack actually would have been dead from the start if Target trusted their FireEye consultants who tried to warn them of the impending data theft.

"Alert Logic warned that Grinch could be as severe as the Shellshock flaw that roiled the Internet in September"

While a big deal, Shellshock was very limited in scope and the large scale exploit implications were stamped out very quickly through updates to vulnerable web front-ends (which was just about the only exploitable path, despite so many proclamations that the sky was falling and every internet-connected linux device will get rooted in a matter of days). If this is as severe as Shellshock, I will take notice but at the same time sigh that it's not going to be very bad at all.

Sidereal timekeeping is done to the absolution rotation of Earth as opposed to the rotation relative to the sun (which changes as we orbit) so a Sidereal hour is shorter than a solar hour. You would need to find a $10 watch that drifts at exactly +0.275% which is not impossible but rather hard to do on the first try.

This is it exactly. The solutions to the problem of not having phone-like features attached to your wrist (where you can't forget them) are either a: purchase a several hundred dollar bit of tech that you clearly dont know suits your needs, or b: tie your phone to your fucking wrist.

I read it more like "this new gizmo permits generating anything! As long as you have some other way of generating it, then this thing won't get in the way at all!"

The word "enables" sounds more like technology that actually does something, and even that's a stretch. The word "permits" sounds like it's just a link in an otherwise useless chain.

The term "end-to-end crypto" says nothing about who else might have the crypto key. Just blindly assuming that no one in the middle has it, it is a real shortcoming. The only way for a system like you are imaging (where only the caller and receiver have the key) to even work is for you to somehow establish a trusted key with every person you call, on the fly. How do you know no one is in the middle, ready to intercept the key before the first call? The only reason SSL/TLS is reliable is that there is a huge infrastructure of trusted root certificates to validate against (and you have to trust that third party who holds those certs). Guess what they are going to do for encrypted phone calls? The exact same thing.

Knowing that you are talking to who you say you are, and that no one outside of the org you *already* trusted to generate the software and the keys, is the only real assurance. Choosing the right provider of that infrastructure is obviously important. Given that Verizon is a huge, federally regulated company, do you really think anything passing through their hands is going to be immune from law enforcement attempts at seizure? No company at that level, moral or immoral, is going to be immune to state pressure. You should know that by now.

So all the SSL keys that have been generated by the root CAs aren't "worth anything", because the issuer has a copy of the private key? Seems like a funny system we spend billions of dollars on every year...

TFA is a plain ol' troll. CALEA indeed requires any switching systems used for voice traffic (land lines and cell phones) to allow for electronic eavesdropping of all calls going through them. The only caveat is that replacing/upgrading every switching system is completely impractical, even in decades-long time frames, so the FCC has been granting extensions for non-compliance. If Verizon went to the FCC saying that they were going to put software in that started to roll back CALEA compliance from any call that happened to be made using a pair of their cellphones running their provided encryption software, they would have thrown the book at them. New systems *do* have to be CALEA compliant.

My kingdom for a modpoint! This whole submission is a troll right down to the last line, "Apparently, in Verizon-land, "end-to-end encryption" means something entirely different than it does in the real world." Thinking that a large, federally regulated business is going to push a system without a central keystore (what they meant to jab at instead of the "end-to-end" nature) is laughable. Trying to make Verizon out as the bad guy over this is just taking away time that could be spent making them out as the bad guy over legitimate moral shortcomings. But, trolls will be trolls.

It's best to simply define secret as "that which you and you alone know".

The FAA has only pursued "drone" (R/C) pilots who stay below 700' AGL when they fly for commercial purposes (aka as a business). Plus, you can fly manned ultralights without a license; the FAA steps in with licensing when the craft is above a certain size or carries more than 1 passenger. So, yes and no. I should have said "The FAA typically only cares about unmanned flight when..."

You must have a hell of an arm, because the FAA is only responsible for airspace above 700 feet AGL unless you happen to be on or very close to an airport, plus FAA typically only cares when it's a powered craft being used for commercial purposes. And, until there is a standard frozen-drone-through-the-inlet test on jet engines to prove that a strike would be survivable for the aircraft, they do have a duty to take action to prevent a mid-air collision that could kill many tens or hundreds of people.

There was, and is, and will continue to be, a huge difference in what you can do with a 3d printer that costs a few hundred (currency units) and one that costs a few thousand or tens of thousands of (currency units). A Maker who is not interested in mass producing things but instead wants to create a few interesting objects at a time will probably see a huge benefit to being able to just order up the object (instead of outlaying a huge amount for a printer) from a service that has both a very high quality printer, and a delivery chain to get it to them very fast. How many Makers like that are there? Who knows.