Sure, I know and like DNSBLs including Spamhaus's, but this is a distinct application from XBL. Specifically, removal needs to be rapid in order for it to be useful for rejecting customer Web traffic. That's an engineering requirement that email anti-spam systems don't have, since SMTP is designed to retry for days if necessary to get a message through. Moreover, hosts that send any legitimate email are very few compared to hosts that send Web requests; and even though email admins are frequently dense, unresponsive, or victim-blaming, they're still a level above typical users in knowing what the fuck is going on with their computer.

One approach would be to have each DDoS victim continually (e.g. every hour) assert which addresses were attacking it, and only list those addresses which are currently attacking. This way, as soon as a host stops attacking, it will drop off the list. This has weaknesses — for instance, an attacker can use your host all night while you're not using it, without you noticing — but it's still an improvement over what we have today. And it still depends on each subscribing site having a good enough backchannel to the listing service to stay open during the DDoS. Back in the day we'd do it with a dedicated modem line — the bandwidth requirements are really quite minimal — but nobody knows what that is any more.

Sites under DoS attack should publish (through a channel not congested by the attack) a list of the IP addresses attacking them, through some trustworthy third party. Then, other sites should subscribe to that list and refuse service to those addresses until they clean up and stop attacking.

For instance, consider your uncle who uses AOL. His computer is infected with botnet garbage and is participating in a DoS attack against (say) Slashdot. Slashdot sends a list of attacking IPs, including your uncle's, to Team Cymru (the third party). Cymru aggregates these and publishes a list, updated every three hours. AOL subscribes to that list. When your uncle goes to check his AOL email, he gets an error: "We regret to inform you, your computer has been hacked, and is being used by criminals to break the Internet. You can't get to your AOL email until you kick the criminals off by installing an antivirus program and running a full scan. Click here to install Kaspersky Antivirus for free. Thank you for helping keep criminals from breaking everyone's Internet. Sincerely, Tim Armstrong, CEO, AOL."

Then your uncle gets mad and calls up AOL and complains. They try walking him through using the antivirus program, but he just curses them out and says he'll go to Hotmail instead. He tries ... but Hotmail also subscribes to the same list and tells him the same thing: "Your computer is infected with malware and is being used to attack other sites on the Internet. You cannot obtain a Hotmail account until your computer is clean. Click here to install Microsoft Antivirus." He gives up and calls AOL back, and they help him get his computer cleaned up. Within half an hour, it's off the botnet; and within three hours, it's off the list of attacking hosts, and your uncle can get his AOL email again.

Even if Silent Circle is secure, that doesn't mean that the cell phone is secure. The safest mobile innernet device is probably an iPod Touch.

I think it would be more harmful to those people junking up the web if we made a browser extension that clicked on every +1, like, and follow button you surf past.

They should have released office applications for iOS at 2x the price of their iWork equivalents. Then they should have moved all that into the metro style, and released basically the same metro designs for Windows 8.

That might have cost them more than it produced in revenue, but now the result is that millions of people have been delightedly using their iPads for a couple years, and they're doing ok without MS Office. Even enterprise users. And MS still doesn't have an announced plan to bring Office to Metro (Windows 8 Style, whatever).

Including Office in Windows 8 RT might attract a lot of people to the platform. But it might also be the only way they can get Office deployed on a lot of tablets. Like, great, but also technically shovelware. I'd love to say that Microsoft has their work cut out for them, but that implies that they are working on the right things now. Dunno. I hope it works.

Uh... You aren't contradicting his valid point. He didn't say HTML5 was failed. He said it was a mistake to do HTML5 to the exclusion of other client platforms. How can you disagree with that? He's running a giant software company - they can support a few platforms. They will have different merits.

I wish HTML5 fans hadn't convinced the world it was the 2nd coming of Christ. My favorite web apps worked great with HTML4. Now every web page tries to run enough JavaScript to lift itself into orbit.

Advertisers agree to honor DNT only from browsers that display the setting behind a door labelled "beware leopard".

It's bullshit anyway - any standard based on advertisers behaving ethically is a nonstarter. Apple's default no-third-party cookies seems worthwhile, if circumventable. Why not do more of that? If there are Moz people working on the DNT standard, I feel like they are being suckered.

If it's google's display advertising business you're concerned with, I don't really understand your concerns. If it's any of the many less scrupulous parties that you are concerned with, they're just going to ignore DNT.

PvP launched 5 months before Penny Arcade according to Wikipedia. It might not make any sense now, but when Penny Arcade launched, they appeared to consider themselves the fresh young upstarts and PvP the entrenched old-guard of videogame web comics.

Wikileaks used to be stronger for his leadership. Now he's accused of being a rapist, and the accusations aren't going away. If he secures his freedom without facing these allegations, Wikileaks will never be respected again.

Assange claims he can't face these allegations because he will be extradited to the U.S. and I expect that is correct. That either means that they beat him, or that he really is a rapist. So what if we gave him the benefit of the doubt? He has still been beaten. The question is whether beating Assange also means they have beaten Wikileaks.

Openleaks sounded like a total pile of crap when it first launched. I hope that there are other capable people that share the core values of Wikileaks. Every day until Assange hands over leadership and control to those people, Wikileaks is further diminished.