Would we be so fortunate as to do so this quickly, though? 600 some odd years ago, almost no one was aware of the full extent of the planet's land masses, much less that there were actual people living on those other land masses. After that settled down, not a lot happened for the next several hundred years in terms of advancement of human life's extent and discovery of new civilizations. Then, suddenly, in the 60s, we're extraplanetary.

It would be amazing, but unlikely IMHO, to see a single generation of people live to see Apollo 11 and the discovery of extraterrestrial life. I think we're going to have to look a lot further and for a lot longer before we bump into anyone out there.

Tor's integration with systemd, if any, would be very very tiny. Basically systemd would be responsible for managing the start/stop cycle of Tor and collecting any log files.

This is entirely optional, though. You can always run Tor without it being integrated into systemd's service management facility at all. If you need it in the background and headless, just run `screen -mdS tor [tor_cmdline]`.

I do not believe that Tor would be automatically running on a default Fedora install. You would have to enable it yourself.

While it is true that free distribution makes it difficult to impossible to make money on software *distribution*, this does NOT mean that it is now impossible to make a profit while producing software!

One way is to profit from other aspects of the technology ecosystem. This includes selling support (or "patches/enhancements delivered for a price") for software, which is plenty profitable if you ask Red Hat. Another approach is to sell things that are inherently not copyable at zero cost, like hardware. I don't mean literally selling hardware like Intel; I mean hosting a cloud platform or something like that where you install your software and sell it as a service. Microsoft Azure. Amazon EC2. Google Cloud Engine. Another approach is to sell content, a la Spotify or Amazon Video on Demand or iTunes.

Companies can amortize software development as a cost of doing business. If every company does this, not only will it greatly increase net utility (all the individuals who "just want to use it one time" but can't afford the $1,999 sticker shock for enterprise software, for instance), but it will also reduce the amount of investment needed from each individual company, because each company will be contributing. Although from an individualistic perspective each company has an incentive not to contribute, if *no one* contributes, there will be no software commons, and thus each company will have to reinvent the wheel themselves (or pay another vendor an arm and a leg for exorbitant license fees to do so for them).

It's entirely possible for a large company like Google, Amazon, Red Hat, Microsoft, Adobe, etc. to open source their software while still turning a net corporate profit by selling other things that are not inherently copyable -- things which integrate closely with and use their software. At the same time, by making it open source, they can benefit from the long tail of drive-by patches that reduces the overall cost of their software investment.

It's simple. Aim for net utility as a principle of doing business. Reduce your assets to their essence and sell them based on their essential properties. Software is essentially copyable, so let it be copyable. Ever hear the term "software wants to be free"? So let it be free. Focus your profiteering on something that can't easily be copied for the cost of a few megabytes of data, and help build a better world by contributing to the software commons (and eating your own dogfood if you're able).

If you work at a large tech or services company, rest assured that your top execs are scrambling right now to figure out how to emulate IBM's exploitation of the loophole that lets them lay off employees with the performance management system without technically laying them off.

This is bad news for all US salaried job holders, but especially those in large enterprises with a lot of low-profit business. Even if the job you work is profitable in essence, these companies would gladly dump you in exchange for an H1-B or just replace you with higher-margin work. Even profitable, high-performance employees are on the chopping block nowadays in the quest for ever-increasing profits.

Considering I have never spent a penny on any Apple product or service, and have no stock invested in Apple, I'm not sure how the label "fanboy" makes any sense whatsoever.

Just because *you've* not had any particular problem doesn't mean that problems don't exist. I have the unfortunate pleasure of having a reputation as a person who is knowledgable in general about computing, so pretty much everyone I know who isn't technically savvy themselves will invariably come to me when they have problems.

I've had to deal with a small handful of old laptop HDD crashes, USB port failures, botched Firefox updates, malware, etc. in my years of being unable to say "no" to a desperate user who needs my help to fix their shit. But I can count the number of these instances on one hand per incident type.

On the other hand, I have responded to maybe 100 different requests that go along the lines of "my WiFi won't connect" or "my WiFi is slower than dial-up" or "my WiFi keeps dropping out". Sometimes these instances involve Apple devices; sometimes not. Often times, they involve devices from different manufacturers. Very often, they involve people who live in tight spaces like apartments or dorms, where WiFi from next door (and downstairs, and upstairs...) can pollute the WiFi spectrum within your own dwelling.

Maybe I'm just really unlucky and I have friends who make poor choices in their purchase of WiFi-using devices, but the disproportionate ratio of WiFi-related problems to non-WiFi problems suggests to me that there are metric tons of devices out there with broken WiFi implementations.

The reputation and legacy of WiFi as a protocol will be judged by whether it could be implemented reliably and consistently, so don't say "that's not a critique on WiFi itself". If even a significant minority (say, 30%) of the implementors can't be arsed to do it *properly* in such a way that you don't get pathetic issues like a link that's capped at 2.8 kbit/s, that should say a lot about the spec, the standards organization, and the verification & validation (or lack thereof) surrounding WiFi.

And while we're on about anecdotal personal evidence, I've got a Note 4 and a current-generation Linksys USB adapter that both claim to speak 5 GHz 802.11ac, and I get random dropouts when the devices are within 10 feet of one another and not being moved.

I randomly fire up a wifi heat map on my phone when I get the dropouts, and not a single other device in the area is talking on 5 GHz. I don't own a cordless telephone and there are no other dwellings near enough that a cordless phone could be the problem. 2.4 GHz, while noisier, exhibits the same problem. I've tried with 3 different driver releases too, and the problem persisted after a Note 4 OTA claiming to fix WiFi issues.

Then again, my personal experience is just one data point. There's no way I'd claim that to be any kind of a representative sample. I've got a few dozen friends/colleagues/associates -- technically savvy and otherwise -- who would be eager to tell you about their (sometimes ongoing, sometimes former) WiFi woes.

The problems with "Wi-Fi" are numerous. The end result is that generally speaking, Wi-Fi is a hot mess of broken tech that doesn't work. In the rare case that it DOES work, even the most trivial of changes in the environment or in the client can completely break it.

1. Early versions of the spec were too loosely worded, and allowed for too many "interpretations".

2. Vendor extensions are still a major problem. Many vendor extensions are not compatible with one another, and a device that has a vendor extension enabled
may work very poorly (or not at all) with a device lacking said extension.

3. Actual implementations of Wi-Fi are all over the map in terms of quality, with ridiculous things like: advertising support for an extension that it doesn't actually support; criminally severe bugs in a production implementation; vendors that try to work around bugs that other vendors introduced but in turn create yet more bugs, causing a vicious cycle of workarounds to workarounds; "hide and go seek" with extensions and spec interpretations; ridiculous driver implementations that hold exclusive access over very coarse-grained locks in the OS kernel for long periods of time, causing freezes and/or panics; poorly designed antennas; buggy firmware that never gets updated; etc.

4. The spectrum WiFi uses is open to be used by literally anything else that complies with a few simple rules, such as the maximum Tx power on that frequency band. As a consequence, random electric devices can freely leak a certain amount of random interference (noise) in the 2.4 GHz and 5 GHz WiFi bands, which destroys the ability for WiFi to operate. Ever lose your WiFi when you turn on your vacuum cleaner, or microwave? That's what's happening.

5. The spectrum WiFi uses is used by other communications protocols that are not Wi-Fi. While some effort is made to interoperate between a few of them, such as cooperation between Bluetooth nodes and WiFi nodes (such that they don't "trample over" one another if they use the same frequency), the interoperation protocols, specifications, and implementations have the same problems as the Wi-Fi specs themselves, as stated above.

6. Recent increased focus on power saving has caused some rather extreme power saving techniques to be employed in Wi-Fi firmware and drivers, which sacrifices performance, range and reliability for a few microwatts or milliwatts of energy. Paradoxically, some of the proponents of these techniques actually think that's OK, and are still trying to make the problem worse.

7. There are a large number of complex physical parameters that affect whether two WiFi transceivers will be able to communicate, which 99% of users don't understand at all. The power saving techniques mentioned above reduce the variety of possible configurations (that is, device orientations and distances, mainly) under which the signal will be reliable and high-performance.

8. Vendors that produce Wi-Fi transceivers, or products that integrate them, usually perform inadequate testing to certify the device as interoperable with a very large array of existing and upcoming other products that use Wi-Fi. Especially in the case of smartphones, the possible number of clients and basestations that may be interacted with is tremendous: Smart TVs; DSL modem/routers; cable modem/routers; other smartphones; enterprise APs and repeaters; laptops; tablets; cars; IoT devices -- all these things need to be tested. With a LOT of work -- and I mean a LOT -- eventually a Wi-Fi stack can be designed in such a way that it operates at least decently well with all modern incarnations of the above, but that says nothing about older implementations, which people love to keep around for a decade or more, and expect them to work. A sufficiently general Wi-Fi stack that works okay with all of the above will probably have so many heuristics for bug detection, compromises, polling tests, etc. that they won't work especially well even in an "ideal" scenario, and may even try to implement contradictory rules depending on the specific model of the device being communicated with... basically, it's nearly an effort in futility to develop such a thing, let alone have it work *WELL* with everything.

If USB and its "device class" specifications (Mass Storage, Battery charging spec, RNDIS, audio class, etc.) is a ringing success story of how standardization can promote interoperability, Wi-Fi is a textbook case study of how faux "standardization" can go so, SO horribly wrong that the only way I can see to fix the problem is to abandon the 2.4 GHz and 5 GHz spectra entirely, and come up with a new, non-WiFi communication protocol that is much more tightly specified, open standard, general purpose, and functions on some other band that does not overlap with the WiFi bands (since those bands will be eternally trashed by millions of WiFi devices for at least 20-25 years after the last WiFi device is manufactured).

This is a little story about four people named Everybody, Somebody, Anybody, and Nobody.
There was an important job to be done and Everybody was sure that Somebody would do it.
Anybody could have done it, but Nobody did it.
Somebody got angry about that because it was Everybody's job.
Everybody thought that Anybody could do it, but Nobody realized that Everybody wouldn't do it.
It ended up that Everybody blamed Somebody when Nobody did what Anybody could have done.

Basically, there needs to be a team of people (whether volunteers, paid employees, or a mix) who are dedicated to spending a specific number of hours explicitly assigned to working on security testing of a piece of software, and then have those hours held accountable. Meaning, if they have no results over a long period of time, or aren't putting in the hours, even if they're just volunteering, then their position on the team should be vacated for someone else willing to do the work.

Features are completely different, and most types of non-security bugs are also different. In general, people implement features because they find it genuinely fun to do so. Also, as long as the software has users, the absence of a feature will not normally cause millions of dollars in damage, loss of reputation, or identity theft. The consequence of the absence of a feature is usually annoyance or inconvenience, but is upper bounded by what that feature would provide if available, rather than being upper bounded by the limits of human cruelty and deviousness, which are MUCH higher bounds than even the most major features.

This is why it's OK to let features develop "organically" in a bazaar fashion. Even bugs can be developed this way: if nobody is encountering the bug, who cares if it's there? And bugs that are encountered frequently will get complained about and/or fixed directly by the core devs or a drive-by patch. Security, on the other hand, almost requires a deliberate, cathedral model to provide any guarantees.

Bringing small aspects of cathedral development philosophy -- the best parts of the cathedral only -- into projects that were once purely "bazaar-only" projects like OpenSSL, can only be a good thing.

That's no problem. They'll just get their buddies in Congress to write them up a law that says that whatever they do is fine. Or, if that causes too much of a ruckus, they'll just provide Congress with a long laundry list of the things they do, then get Congress to copy and paste that into the law.

Same as it ever was....

EXACTLY. As long as the tax code is ridiculously complicated, we're going to need ridiculously complicated bureaucracy and IT systems to manage and enforce that complexity. Let's see how well our new GOP overlords in Congress manage to legislate an actual reduction in tax code complexity, now that they have the gavel all to themselves in both the house and the senate.

Let's not bring the cart before the horse. If you want an IRS that can run on a shoestring budget, make a shoestring tax code that I can print on my home inkjet printer -- THE WHOLE CODE -- in under 5 minutes.

Otherwise, shut the fuck up and fund the IRS so they can do what they are required to do by law.

Most root exploits I've seen have two components to them: the attack vector, and the payload.

The attack vector is usually a series of commands that have to be run to get the payload onto the device. This part is fully auditable and usually "open source" in the sense that you can perform these commands yourself. If someone sends you a .bat script with a bunch of adb commands, you can always open up the script and read it and make sure nothing is malicious in there.

The real problem is that 99% of the root exploits out there have to upload some kind of a binary file to the device, which is then executed. In MOST cases, the source code to this binary is not disclosed, perhaps to make it harder for the manufacturers to fix the exploit, or to keep their attack methods secret, in case the code might expose some more general pattern of attack that would enable the manufacturers to close a whole series of root exploits.

So basically you are trusting someone who compiled a Linux binary *whose job is to obtain escalated privileges on your device* to then not use those privileges to install some kind of tracking malware, data siphon, or cookie exfiltrating software, or even just a rootkit providing them a backdoor, which initially does nothing but can be activated at any time when the author feels they need something from your device (like participating in a botnet, perhaps?).

I'm a little surprised that the comments so far haven't really tackled the crux of your question, which was NOT "how do I find root exploits", but "are they trustworthy". Remember, folks, just because it's posted on XDA, doesn't mean it's trustworthy. Anyone can register an account on XDA; absolutely anyone.

I've read statements from root exploit authors who've said in plain language that they have no motivation to bundle malware in their root exploits and thus don't ever do so, but that's like the NSA saying they don't spy on Americans. We have no way of verifying the statement, and several reasons to suspect the contrary.

If you are in doubt, I would suggest that you forego root exploits altogether. Instead, you should simply refuse to buy any Android device where the manufacturer does not provide you a means to unlock the bootloader. Once you have a (legit) unlocked bootloader using official tools from the manufacturer, you can then proceed to install any ROM you want -- even an open source ROM that you could audit yourself -- which then gives you root access. Remember, on an Android device, root is far less powerful than an unlocked bootloader, so that's really what you should be aiming for anyway, to have a truly "open" device as an enthusiast.

"...within 125 miles (200 kilometers) of the lunar surface at its closest point, and out to a range of 3,293 miles (5,300 km) at its highest point..."

Thanks to Kerbal Space Program, I know what those are called! The first one is the periapsis and the second one is the apoapsis. :D (Yes, I know, common knowledge, but it's cool that a game taught me a thing or two about spaceflight...)

Too bad real life has the Ferram Aerospace mod enabled; this craft very likely would be unable to reenter the atmosphere and land (or splash down) without breaking up, because it's not designed to withstand the heat and drag forces.

Circa 1990, I had a 486 DX PC running DOS with two floppy drives: the standard 3.5", and the older 5.25". This was during the transition from the larger and lower density 5.25" to the more modern "High Density" 1.44MB disks. The BIOS would check to see if there was a disk in each drive in their initialization order: first "A:", the 3.5"; then "B:", the 5.25". We had a 180 MB HDD, so we didn't ordinarily boot up the computer to a boot disk except for recovery or for specific legacy software that required it; instead you'd boot DOS from the HDD, then insert a disk to install the software to the HDD, or (for older programs) run them directly off the disk.

Anyway, the disk drives were almost comical in the audible noise they made when the BIOS asked them to determine if there was a disk inserted. I distinctly remember that the sound of the two drives was in harmony, like music: two "BOOOOO-doop!" noises, one about two octaves higher than the other, in sequence, each lasting about 1.5 seconds, with a 0.5 second pause in between.

I was 5 at the time, but that was my intro to computers. It was the first PC our family owned.

Many devices containing software are intentionally designed to be hard to fix/repair. With the exception of open source applications running on a PC, or open source operating systems on said PCs, an increasing number of appliances and "gadgets" have software that is completely locked down. If the software out of the factory is not 100% perfect and there is some kind of a defect, the consumer's only option in most cases is to buy a different device.

Worse, since the software is the same between each unit produced, the consumer could go through the RMA process dozens of times and still have the problem. If the manufacturer does not acknowledge and fix the problem, the user is SOL.

This is largely a consequence of consumers not truly owning the devices they buy anymore, due to companies valuing their "IP" over (digitally-infused) consumer appliance serviceability. Try fixing a shoddy driver on an Android smartphone from a major US carrier (90% of them are locked down) and let me know how you make out, with "brief" engineering knowledge. Ditto for the faulty ECU in your car, or the faulty temperature regulator in your fridge, or...

The only situations where the OP may have a valid point are with things that have not yet been designed, in mainstream models at least, with significant digital components. For example, if your toilet starts leaking, the knowledge and technique to repair this low-tech item probably hasn't changed in at least 40 or 50 years. But these examples are quickly vanishing, as even toilets are starting to have digital components. Usually, you are *lucky* if your manufacturer provides you with some kind of instructions on how to buy and replace the complete electronics package in something like a dishwasher or a washing machine. If you are attempting to repair it without actually chucking the whole component and installing a new one, good luck -- provided you're not an Electrical or Computer Engineer.

One of the coolest client-side features of most SSH clients (at least OpenSSH and PuTTY support it) is the ability to turn any SSH connection into a SOCKS5 proxy, provided the server will let you. If your Internet connection has a restrictive stateful firewall on it that blocks your access to many useful legitimate sites, you can just stunnel out over TLS and then have the ability to go outbound on any port (including SSH's default port of 22) using your SOCKS5 proxy. I've used RDP over SSH over TLS before to get around restrictive filters.