Your country had those safeguards, they were thrown away under the guise of national security when the government pulled out the patriot act and other assorted legislation that they conveniently had ready to go for the occasion.

So how many people in Guantanamo have had their day in court yet? If you're linked to someone who is linked to terrorism, you're a suspect. If you have discussed things in sms or email that are critical of the government, you're a suspect. If you have been in close proximity with suspected terrorists, without even knowing it, you may be a suspect. You want to take a punt on whether or not you can be declared an unlawful enemy combatant?

Pretty much. Entire story needs to be tagged "Nope!"

There are patches to fix the vulnerabilities, they just haven't been backported by the developer to the old version of owncloud. The official owncloud path is to upgrade to the supported release. If Ubuntu want to support the old version, it is up to them to backport fixes to the old version(s) themselves, as the FreeBSD ports team often do with the ports tree.

If it's trivially easy, why haven't you done it?

I don't think you understand how software gets included in a distro. The developer doesn't ask for it to be included generally, it is often packaged by some third party who likes the software and wants a debian/redhat/etc. package for it. The developers distribute via source, if a distro wants to include their own custom package for it, that's their own doing.

The developer may have nothing to do with Ubuntu, packages for distributions are often developed by a third party who takes the official sources and packages it up themselves. The developers often do not package anything directly and have no interest in maintaining packages for other people's operating systems. They distribute via source.

As I understand it, this package is not part of the official ubuntu distribution, but part of the third party not officially supported packages, so that should not preclude it from being updated.

It is up to the package maintainer to backport security fixes if they want them. If they don't want to remove the package fair enough, but they should be popping up copious warnings, and maybe push a package update that alerts via script (even if it doesn't secure the package) that "THIS PACKAGE IS INSECURE AND UNMAINTAINED - it is recommended you deinstall and upgrade via original sources" or similar. This is similar to how FreeBSD ports work.

Seriously, why the hell would a company sell their competitor's stuff in their own store when they had just been sued by them? Even if they weren't sued, apple have their own line of audio gear now. It's just stupid to promote your competitor's product in your own store.

systemd is written in C. Terse, poorly commented C. The non-type-safe language with an abysmal history of buffer overflows, by a team of muppets responsible for some of the most bug-ridden, garbage the Linux world has ever seen included in a major distribution (Pulse Audio).

Excuse me if my confidence is not there.

Init scripts, be they BSD style or sysV style can be easily customized, extended, replaced or de-bugged by anyone with a modicum of shell scripting experience. They have not proven to be a cross-platform compatibility problem, as systemd has already.

In 20 years of dealing with plain text unix log files, I am yet to have corruption in them, certainly not to the point where I could not view the logs at least partially.

The fact that these logs are getting corrupted most likely IS due to systemd, the developers simply don't give a fuck. "Assuming the corruption came from another source" is exactly the problem.

Also, what do you do if files are corrupted? You attempt to at least retrieve partial contents. Log files contain valuable information. Or we would not bother logging it!

They are only hiring confessed music/tv pirates now?

No, like various other unix shells that fixed shellshock 30 years ago.

Sure, there are things that init does not do. That does not mean that systemd is the solution, or even that the architecture systemd has decided to use is a good idea.