You have the same key problem with SSL/TLS certificates -- can't use your cert without your private key on the VPS.

Considering it costs around $250 to "register" your nationally Registered Trademark with the Trademark Clearinghouse (http://trademark-clearinghouse.com/) in order to even purchase ANY new gTLD in Sunrise, it's not too far fetched to purchase a "block" that covers hundreds of TLDs for a few hundred dollars. Alternately, trademark holders can purchase domains in Sunrise at a few hundred dollars each which is what the registries charge.

I don't disagree that the whole new gTLD "market" is a cash cow for ICANN, the new registries, and registrars (middle-men).

ICANN allowed it and now they're back pedaling since these brand and trademark holders pretty much have to purchase their brands in every new gTLD anyway, so the ICANN fee of 18-25 cents per domain really adds up.

Many registry operators have them, they are called "blocks" where you put a block on your TM'd string like "slashdot". For example, the Donuts registry which has over 200 new gTLDs allows you to buy a "block" which applies to all their TLDs for a fairly reasonable fee (a few hundred dollars).

.sucks does have blocking... but it kinda sucks (-:

I'm not sure where you got your numbers from, there are only 919 root-delegated Top Level Domains. There are a few hundred more pending new gTLD application with ICANN so the total for the next few years won't exceed 1200. (There are plans for a second round of new gTLD applications. The first round cost each applicant $185,000 USD.)

Definitions:
TLD = Top Level Domain
gTLD = Generic Top Level Domain (.com, .net, .org, .info, .biz)
new gTLD = New Generic Top Level Domain recently allowed by ICANN (.club, .bike, .software, .guru, .ninja, .computer, .sucks, .wtf, .porn, .xn--io0a7i, .google, .canon etc etc)
sTLD = Sponsored Top Level Domain aka "restricted TLD" (.aero, .pro, .tel, .museum, .travel, .edu, .coop etc)
ccTLD = Country Code Top Level Domain (.uk, .me, .io, etc)
Extension = a sub-domain you can register under (.co.uk, .de.com, 0.bg, .com.au etc)

Sponsored TLDs are restricted. For instance, you need a "UIN" delegated by the "Travel Industry" for a .travel domain, only legit museums can get a .museum domain, and only licensed professionals can get a .pro domain, which is why you don't see many of them (and never get spam from them either).

All legacy gTLDs are unrestricted. For awhile, .info domains were sold super cheap ( $5) so scammers bought them up.

Most new gTLDs are unrestricted, while some are restricted like .berlin and .nyc (need to be local to the city) and .bank (need to be a real financial institution and get audited every 2 years and sign your domain with DNSSEC, etc).

ccTLDs can do whatever they want and are not governed by ICANN.

For now, you can "blacklist" new gTLDs without much consequence, because people and businesses are only starting to use them. Keep in mind scammers/spammers/annoying-people register CHEAP domains, so you might want to blacklist .xyz (cheap) but not .bank (expensive). But in the future, legitimate activities under new gTLDs will occur so you might want to allow them over time.

But really, why block at the TLD level and not based on content and RFC compliance?

You can get a $15 .sucks domains -- BUT it must be hosted on the registry's website, which provides a "moderated forum" for expressing speech about something you think sucks.

The $2500 for trademark holders is extreme relative to other new gTLDs. Many charge a few hundred dollars for "trademark enabled sunrise registrations" (where you must have a registered trademark with the ICANN approved Trademark Clearinghouse (TMCH) which costs a few hundred dollars a year to maintain).

What if you skipped Pastebin and any other "internet" site and only posted your GPG messages on a .onion site? Then you don't need to use a TOR exit node. For just a few users it might also be suspicious, but hard to track. But if thousands of users were doing it, there could be enough noise to hide in.

And like one of the consultants in the article said, why not just use GPG on Pastebin?

Focusing on NIST and the NSA

Choose a safer curve

That or there's just nothing to say since it's not real news.

I love that Slashdot has been doing this for years and wish more news sites did the same. (Ideally The Onion would report actual news today only.)

To follow that, the security problems we're discussing might not even be on the end user's devices themselves.

The biggest holes seem to be with the corporations data security (or lack thereof) and willing sharing of personal information to even less secure third parties.

If you're worried about identity theft, malware from some shady website may not be as big of a concern as a data breach involving thousands of customers.

You mean like DANE?

Agreed. Those "story arc avoiding episodes" are commonly referred to as the Monster of the Week and were always the most enjoyable X-Files episodes.

I've always wanted something like this projector + camera shining down on a pool table.

It could record all of the shots, and easily show you a prior table position so you could "un-do" a shot as well as re-play slow motion video of a "break" or other action. Based on varying games, it could count and keep score (cutthroat, multiple iterations of "4 ball run", etc etc) by just displaying the scores somewhere on the table.

For interactivity, it could "visualize" the line of an intended ball strike by viewing your cue stick and anticipating the output (it wouldn't be perfect with only a top-view camera, but good enough). Once you find your desired "line" a voice or other gesture control could "freeze" the drawn lines, allowing you to more easily aim.

Fun stuff, and I didn't even watch the video (:

Looks nice, but not secure. They don't offer HTTPS for their website. When you login to your account, it's "re-branded" https://idp.secureserver.net/. Seems like they're too cheap to buy their own cert and host their own gateway to the domain management console.