If the attacker is already root, they have access to everything on your system anyway.

Not quite. Root access means a compromised single host. Access to a list of WiFi passwords means compromising all the WiFi networks the machine in question has been given access to, so you'd still want that encrypted.

Yawn. Yet another tech answer to what isn't a tech problem to start with. I suspect there will be gazillions more coming your way over the next few months because all the Silicon Valley entrepreneurs want to milk that market before people realise they've been had: IT IS NOT A TECHNICAL PROBLEM.

For a US based company it is 100% pointless to install any defence mechanism if some random official can walk in and ask for corporate data - the owner has to offer the data., unlocked.

For any organisation outside the US, it should simply ask the question: what are the chances that a US based organisation will NOT have a backdoor in its technology if such can be legally prescribed? As you have seen with Lavabit and Silent Circle, there are in principle only two ways forward: comply, or close shop. I leave you to note the clear risk in using security products from those who provide security products who have not closed down yet. Note: I'm not stating that all US sourced security products HAVE been provided with a backdoor, merely that it is legally possible to force the suppliers to implement them.

Eventually, someone will realise the real risk to the US economy: it's a profound lack of trust. This will take decades to fix, mainly because it involves a fight to either repeal those emergency laws or introduce some independent transparency and supervision. Meanwhile, whole swaths of Silicon Valley people will continue to sell what is at best privacy theatre, but which also risks becoming nothing more than security theatre as well.

Because backdoors and security do not combine very well.

Funny, that was about the first thing I thought too.

Wrt your other complaints I could, of course, observe that other platforms offer a much finer granulation of access control, even AFTER installation, but we still have to acknowledge that being asked is better than not being asked at all, as was the case before..

I gather from your use of the "K-12" term that you're in the US (keep that in mind when you ask such questions).

Your challenge is that you're up against several decades of brainwashing to make you (and parents) believe that your privacy isn't worth anything that that it's somehow bad to insist that the state and companies respect the rights they signed up to when they accepted the Universal Declaration of Human Rights in 1948 (actually there's also such a thing as the right of the child, but both Somalia and the US declined to underwrite that - don't know enough about that to draw a conclusion).

You see, this is the origin of the term "free" in "free" services - all you need to give up is some privacy. So it's not free, you pay with your privacy. What is interesting is that the worst offenders have managed to turn the debate on its head.

You don't have to defend your right to privacy. It's yours, and it's supposedly inalienable. Those who want to invade your privacy have to explain themselves.

Bonus argument for parents: personal details on sites tend to be one programming mistake away from disclosure. Your guiding principle for providing anything to a 3rd party on the Internet is that it is equivalent to giving it to your worst enemy. What's worse, the Internet doesn't forget - this means you're giving information to enemies you haven't even made yet..

Isn't there also something like "trademark through use"? He's been using the phrase for ages, and has the domain registered in his name for a long time - that should have some value (and if it doesn't, it's damn well time it did IMHO).

The OP is right insofar that a browser is only one part of the chain of events that ties an identity (and associated habits) to you. Even when you use something Firefox or Opera in so-called "private" mode, your traffic still originates from the same point, creating a common item between things that happen (and BTW, you should set your browser to be something else than the default "OS + browser ID").

The expensive way to address that is to route your traffic via some privacy proxy. The expensive way to do this (used by most VIPs and privacy conscious celebrities) is to use specialist companies which map this traffic via VPNs to any part of the planet. The cheap way to do this is by using Tor, but it would be decent of you to then keep your Internet use as much as possible to text as other people are paying.

Thanks for that pointer. Just cooking up a website, and it's precisely the structure I was looking for. Thnx again.

Since RFIDs landed in passports it's been a fairly badly held secret that the only thing that limits the range of such devices is the quality of the antenna and the transceiver.

The only reason those terminals work on proximity is because they use crap aerials. All it takes is a larger aerial and you can get up to max 10 meter range (beyond that the S/N ratio becomes an issue).

The only real question is why card companies are pretending they don't know this.

When have you ever known a card company to limit its opportunity to get you into interest paying debt? Why else do you think they put a payment limit on NFC transactions?

Sadly, what you have done is not enough.

You missed Google fonts. Practically EVERY Wordpress template contains them as it's one of the few resources available to create a better design without having to license fonts for download. Google doesn't do that out of the gentleness of their non-existing hearts: every time you load a Wordpress page which uses Google fonts you create a hit on their fonts API.

Granted, if you nuke cookies they will not have a fully accurate lock on you as a person, but that's where geolocation comes in - Google does not HAVE to be accurate, all they need is a reasonable approximation. In principle we should ALL use the web via proxy, but it's ridiculous that I have to defend what is my RIGHT because setups like Google are allowed to break the law with impunity (at least in Europe)?

The ISP was also providing email, but yes, the technically correct expression should have been "email provider".

There is a degree of irony in this. Many years ago, I was behind the cleanup of a VERY large email provider in Hong Kong who had so many spam problems in their client base that we had to start with a network containment process before we started to tackle the clients, so it's not that I'm unfamiliar with the problem or unsympathetic to Spamhaus - I just observe that from a neutral perspective, Spamhaus is not perfect.

Realistically, they can't be, because the sheer volume of spam they deal with makes anything but automation impossible and it is thus important that you have measures in place to detect being blacklisted. It may not be your fault, but you will suffer the effects.

Believe me, if we were blocking legitimate mail, our users would complain. It's not happening.

How would they know they're not receiving email? I'm all for what Spamhaus does and have used their lists on many mail servers, but I have also been on the receiving end when they had it wrong.

I was abroad, and the ISP I was using was blocked. Spamhaus basically tells you "talk to the ISP", but if you're dealing with a large ISP the theory that they will pay any attention to you doesn't always work. It wasn't difficult to solve (just grabbed a Yahoo account), but Spamhaus *can* get in your way, especially if you hang off a shared IP address.

Avoiding due process. It means they can get hold of data, and you cannot prove they have it. One of the main games since 9/11 has been to gain more powers (laughingly labeled "emergency" powers) against far less oversight so abuse would no longer be an issue.

I think there should be no barrier against law enforcement access to information, provided the need is proven (read: no fishing expeditions) and there is a clean, clear and reliable audit trail which is accessible a while later (not immediately because you could disturb ongoing operations). If the services do not want that transparency and independent oversight, I have a simple question for them:

"What do you have to hide?"

Grin, I switched to OSX from Windows/Linux in 2010 after I bought a Macbook Pro for research for a book. To be honest, I wasn't planning to, but the month I gave myself to get used to the platform turned into the last month I ran Windows (still have a tiny Win XP VM somewhere, but that doesn't get much used). The next month I spent swearing at myself I hadn't tried this earlier :)

The usual caveat applies, of course, it works for me, and the businesses I'm set up. It may not work for everyone, but so far, our deployment is pretty boring standard and others we know are now looking at leaving the Windows camp too.

What works for me:
- it works. Want to work: open lid, enter password, go. Ready: close lid, done. No hangups, no fuss, it just works. Set up dual screen? It takes seconds and it remembers the setup per screen as well. Need to give a Linux box a cabled ethernet link when there is only WiFi around? No problem - System Preferences, Internet sharing, go. I haven't even looked on how to do that in Linux, but I'm positive it will take more than the 4 seconds it took on the Mac - that was a complete jaw dropper.

- great hardware. I bought the high res screen, so my MBP has a 1680x1050 resolution, which matches the screen I used to use for my PC. About the only think I positively do NOT like is the mouse and the small bluetooth keyboard when I'm at home, so I have the cabled version and a Logitech Anywhere MX as mouse (IMHO the most perfect mouse ever invented, but I digress)

- low software costs. If I see how massively useful apps like Omnigraffle Pro, Pixelmator and Artboard are, versus how much they cost (admission: I would have paid more for that quality), the price and license limits of a single copy of Microsoft Office are plain ludicrous, and it's not be half as usable due to this %&Ã* ribbon idiocy (let's not mention what they have done to Visio's UI, shall we? I don't want to swear). In this context it's also worth observing that proving license compliance is a lot easier - saves time when FAST gangsters want to play games.

Thus, the new office we're planning will only have one single copy for format translation - all other machines will run LibreOffice and we will multi-license all the apps mentioned above (the App Store has support for commercial use which makes license management easy). Our business doesn't involve document production other than the occasional PDF, so that works for us.

I have in one machine a Unix command line and a commercial grade portable desktop, so to me, a combination of Linux on servers and OSX on the desktop is the best usable mix. YMMV, of course.