Given that the authors were anonymous is it postulated that the NSA hunted them down and was ready to doxx them for not complying? What leverage could they possibly have had?

Is there a point to continue auditing a platform whose entire developer team has abandoned whilst urging all users to seek other encryption tools? At this point the audit is probably going to be interesting (related to the aforementioned dev abandonment), but not exactly useful... If you are still using Truecrypt, you have already been warned.

Not funny. Anyway, having the private key is a valid way to authenticate inbound (if so configured) and its often enabled by default as it is thought to be a pretty good way to do it (until you put the same keys on a quarter of a million devices).

That part was a little bizarre (if you are physically connected directly from PC to router it doesnt matter much what ID the PC might have) but as a whole it creates a pretty tight way of ensuring integrity of the router configuration. In particular, not allowing any inbound access from the WAN until a hard password is set, and not allowing any association to the WLAN until a hard encryption key/passphrase is set. However, these are two steps most users don't want to bother with (and more importantly, will call tech support to help them with when they fail to complete the tasks). Security, as we have currently designed it, is pretty hard for the layperson. Vendors optimize their devices for the path of least resistance (read: path of least tech support) to minimize costs, and we shouldn't be a bit surprised.

They are identified as having the same fingerprint (which is derived from the same source as the private key). So, someone with the private key for one device (ahem, anyone who has a copy of the firmware and knows how to use binutils) can authenticate to all devices.

Given that they were deployed by one particular provider (Telefónica de España in this case) they probably requested a special firmware from the vendor for their CPE to allow remote management. And then did a bad job of keeping the master key safe (by putting a copy of it on 250,000+ devices). And then the vendor used it elsewhere, too.

Honestly, after the Carna botnet, does anyone think the internet isn't a raging sea of completely compromised devices?

How bleak. Let's be realistic, if aliens did come and wanted our planet, they would probably enslave some/most of us in the process. I mean what's a conquered planet without a bunch of servants to run it for you?

And considering what we know about FTL travel (that it is really truly impossible) even an alien with super advanced near-light-speed technology would take decades to travel from system to system. In that amount of time, their bitter rage is sure to be tempered by boredom, so when they show up they might feel the need to just chat for a bit. Space gets pretty lonely, you know?

That's ok, any form of encryption used in 1983 is sure to be mere seconds away from cracking with any modern PC.

Can this be the end to the monthly "Hey guys whats the best way to back up my mp3s and family pics, no i mean really back them up, like for YEARS" on ask slashdot? From now on when one of those submissions gets greenlit, a link to this is going to be the only reply. Are we agreed?

The big downside is that the Google Docs UI is dramatically different from Word/Excel/etc. If they need more than just a place to throw text and actual layout work is being done, the users will need to retrain on the Google Docs way of getting things done. It's not impossible, but it's also not easy either.

This. SharePoint does it in a fairly elegant and comprehensive way if you are a Microsoft shop. If you don't want to invest the time into installing/learning SharePoint, just look into Shadow copy or one of the many delete-less for the server, so you can go back in time if changes do get clobbered. For a more user-friendly but less controllable solution, every cloud file storage platform (Onedrive, google drive, dropbox, box, etc) offers this feature in a pretty straightforward way, and they have all have paid team collaboration solutions as well to managed shared files. And if you really want to flip them the fuck out, move to an online doc platform like Office 365 or Google Docs where you can actually do collaborative editing within the documents.

If you are right then the title should really be "Ask Slashdot: What Portion of Hiring Managers Are Bad At What They Do?"

TFA explains that it's both:

You are right, the "deep web" is not the same thing as the/a "darknet" or "dark web". They don't do a good job of keeping that clear in the headline. From TFA's own citation on wikipedia:

However the article does assert that this Memex project is indexing both unpublicized content on the general internet (the deep part) plus anonymized content on Tor and other privacy services (the dark part).

That all depends on the kind of leadership required of the role. If you are going to be an architect and guiding implementations of public key encryption platforms, you will need a deeper understanding than what a google search will turn up because making something out of shitty advice on the internet will probably turn out pretty shitty (and you won't know the look of shitty advice when you see it). If you just need to be familiar with the concept while you work on something else, then sure "LMGTFY" will pass.