If anything, nanny-state filters are a leftist thing. See: Iceland.

Congratulations, you've just landed aninstall contract AND a software support contract. Jesus, are you new to capitalism?

Actually, yes it does. We have limited resources to go after and fix problems, and sometimes the cost of oversight is higher than the amount recouped.

True. But when you have a pinhole leak and a gaping hole in the hull they're not equatable.

The fact that the doctors were trusted as both the authenticating-client and the key-holder was the issue here. Not biometric authentication. There was no promise that the doctors were not the malicious users themselves, but rather the authenticating-client here had an inherent incentive (getting paid without working) to help defeat the system. So, for all the criticism of biometric systems here -- we're missing the point, the implementation was incorrect to start. Attacking the medium is misguided, and also composed of (mostly) stupid arguments.

If this was a story of doctors having others falsify their time-cards or sharing keys it wouldn't have the same "people who like x auth method are idiots", but since it involves some slightly higher tech punch-in... well, here we are.

There's no such thing as a secure system. Just an inconvenient-to-defeat system; the weakest link/low-hanging fruit and all that. Biometric merely provides another authentication factor that can be used - so pointing to cases where people helped defeat their own locks is akin to saying that your buddy let me make copies of his keys, just look insecure keys are! It's silly. Correct implementation is key before you judge a system.

Terrible sit-com.

Confirmation that Tyler Perry fans are idiots.

How does melting ice and world flooding equal arid land and scarce water?

Best post in this thread, right here.

I have a completely secure computer for you, it's called a rock.

Yes, running a no-script browser is techincally safer, but it's also technically useless as you're missing out on the content provided by those scripted services. Do you manually type in captcha hashes? Do you ignore all video posted anywhere? You'll never run a single script, ever? A browser is inherently insecure as it's entire purpose is to download and render remote scripts.

It's very ignorant to insist that you're bullet-proof, or to insist that it's a Java only (or even worse a "browser plugin") issue. Java is not uniquely bad, it's just the latest target. The correct approach to security is mitigation of threat, not summary denial of vulnerability.

This is a good reminder that with web-security you're only as secure as the weakest link. A new exploit pushed from a popular dev site on a trusted platform like Java is going to hit you hard and you can't avoid it directly. The real story here is how quickly / properly people responded, and how well defensive infastructure and policy stopped the intrusion. There's months and months of good security analytical reading right here. We can also compare company to company as it hit more than one.

It's where you target a page used by multiple targets. Here a mobile developers forum was hit, that forum was not the real target but the people who use it frquently were. "Poisoning the watering hole" if you will.

Usage statistics are a form of data collection to use in ad targeting.

Wallet is the most glaring example. What advertising data could you want more than what people are buying, and when? Blogger is indexable, and works with account targeted ads based on interest. Chrome pushes html standards that allow more dynamic delivery of Google's products in general -- they even explicitly state that in the Chrome mission statement.

fermion is 100% correct. Google is a business first.

I didn't 'score you down' even once. And no, paranoid much?

They have this amazing thing called soap and water. Enough off-topic crap. The point is that word-choice is the most pedantic of disagreements.