Paleface no ask question with forked tongue, paleface get correct answer.

Weeellll... you end up with something that's been run through gcc -wall, which is a long way from "free of known errors". Now admittedly "free of known errors" is a nice circular definition meaning "free of things gcc warns about", but even then it's not necessarily the case, there's plenty of code that ships with avalanches of warnings when you build it, but no-one's bothered fixing it up.

At best, you get something that doesn't produce warnings in gcc and clang. At worst you get code that hasn't been changed from the default release because the maintainers decided none of the warnings were serious.

Barely. If you look at what they're offering it's FindBugs, clang, gcc, and cppcheck. Completely bog-standard tools that anyone should be using anyway, but they're being paid $23M taxpayer dollars for it. Shee-it, I could do the same thing with $10K to cover the cost of renting some EC2 space, and I'll spend the remaining $22.99M on coke and hookers (seriously, how can they have spent $23M on this? One person could set it up in a few hours, the only constraint is how many VMs you need to spin up if lots of people sign up for it).

This looks very much a DHS solution, vast sums of money spent on something that should be nearly free. Not to mention that while gcc -wall, clang, and FindBugs aren't bad as far as free software goes, they're nowhere near the level of commercial offerings like Fortify, Coverity, and others.

OK, so in terms of cost/benefit it's more of a TSA solution then strictly a DHS solution.

This also relates to the problem of the "cure for cancer" that will never be found because "cancer" isn't a single illness but a generic name for a huge range of different ones, with a wide range of etiologies and manifestations. A single "test for cancer" seems about as likely as a single "test for virus".

As you say, it's a cool study, but like far too many other studies I think it got released to the PR department of the research institute a bit too early (I've experienced this myself on several occasions).

Not quite. As of November, the official CAs will claim that they've stopped issuing those types of certs. When something like the SSL Observatory points out that they're still issuing them, they'll say that this (and the other 8,192 times they did it) was a one-off mistake and they've updated their policies to make sure it never happens again. Then when they get caught again they'll say that it was test certificates that accidentally escaped. After that, they'll stop responding to reports. And we'll all be much, much safer, and phishing will be eradicated once and for all.

They'll offer to replace it, but only if you pay the shipping costs to send it back to Shenzhen.

It's not big brother, it's anyone. All of the IPMI systems used by Intel, Dell, HP, etc, are unaudited cesspits of remote-rootkit capabilities full of buffer overflows, authorisation bugs, parser errors, and so on. It's hard to know where to begin, but here's one starting point. Hack like it's 1999.

Intel SSD's have had AES encryption built in for years, it's no big deal. What they've added with their IPMI support is a capability for remote attackers to get at the encryption, which is kind of a big deal if you're worried about your privacy.

Microsoft have already done that. In Windows 8 they unified the Windows interface around the design for the vast number of Windows cellphones out there, leaving the totally insignificant Windows desktop/laptop market to wither. The overwhelming market response has justified this decision, in as little as twenty years Windows 8 could even overtake XP.

So you use it to drive an NPN transistor in common-emitter mode, say a 2N6338.

It's not money, it's access to goods (and pretty much everything else). If you wanted anything in East Germany (or Poland, Hungary, Romania, Russia, ...), you had to take shortcuts. My west German relatives used to visit their east German relatives with the car packed with luxury goods like tins of paint (for their roof), which were unavailable to most people in the east unless you knew how to game the system. All this study seems to be showing is that if you grow up in a society where you need to be able to game the system in order to get anywhere, you end up gaming the system in order to get somewhere.

I think this phone came from slightly further back on the horse. You probably wouldn't want to look in there too much.

It's important to note that in order to truly experience the noticeably superior audio from a Soundblaster ZxR you need to pair it with an appropriate Purity Audio Ultra GT preamp (retail $53,000), WAVAC SH-833 monoblocs ($350,000 each, you'll need two sets) driving Moon Audio Titan 2's ($510,000 each), with the equipment on an NTT Audiolab RC4 stand ($18,000) and Walker Audio speaker cables ($13,500 a pair, you'll need two pairs because you're bi-amping) alongside a PurePower 2000 power conditioner ($2,800).

Actual measurements of music reproduction quality rather than liberal use of the listener's imagination as in the HotHardware review have shown that even the crappiest DACs built into a cheap motherboard or laptop produce sound that's as good as anything from a professional sound system of 5-10 years ago. The important factor beyond that point is (a) noise immunity of the low-level signal portions (the inside of a computer isn't a good environment for those) and (b) the speakers. Whether you're using a Creative Labs or Intel Express chipset DAC doesn't make any difference.