Though it's simple enough to be implemented in one line of BBC BASIC

Any language that doesn't require carriage return + linefeed can do anything in one line.

And Basic comes with a ton of library fuctions that makes things easier to do. No need to initialize memory, dispaly, setup graphic or keyboard interrupts, etc.

If visiting a web site implies JavaScript consent, then why doesn't it imply SWF or JVM consent?

Plugins such as SWF, JVM or ActiveX imply having better access to the system (e.g. clipboard, save files to disk, etc.) than regular JavaScript (which is supposed to be limited to the browser). Plugins wouldn't have been necessary if JavaScript can do anything the plugin could. The situation may changed since the introduction of plugins and Javascript, but the implication remains the same.

That, and because I said so.

Click to play is built into Chrome these days.

Users shouldn't have to hunt for a specific browser just to keep safe. Likewise, they shouldn't have to hunt for a specific extension to keep safe either, as those features should be built-in to the browser.

Also, the main security flaw is automatically executing anything that gets fed into the browser - and JavaScript security issues had remained unchecked for 10+ years, and still are as demonstrated by visitng a random webpage only to be directed to "Your java is outdated, please update". (Did they learn nothing from the Boot-Sector Virus era?)

1) Choosing a password should be something you do very infrequently.

Choosing a password should only need to be done once per site, not "infrequently".

2) Our focus should be on protecting passwords against informed statistical attacks and not brute-force attacks.

Passwords are generally leaked because someone either got the list of passwords, tricked the user into entering the password on the wrong area (e.g as with any phishing site), .extracted them from a local store on the person's hardrive because Firefox still doesn't auto-block random plugins be default, or used the rubber-hose decryption algorithm.

3) When you do have to choose a password, one of the most important selection criteria should be how many other people have also chosen that same password.

So, don't use a single password that appears on a dictionary attack. Trivial.

4) One of the most impactful things that we can do as a security community is to change password strength meters and disallow the use of common passwords."

It's moot when the various websites come up with inconsistent password types, where your randomly generated password is rejected because it didn't happen to include a capital letter (even though it contains a punctuation mark), is rejected because it contains punctuation, is rejected because it's too long, etc.

Disallowing common passwords is as easy as downloading a list of common passwords and refusing anything with an exact match. If you have free extended strings, there's more than enough variation to kill anything statistical, leaving only the dumb users that pick something obvious that most sheeple do.

PETA don't like animals having any relationship with humans.

Not quite true - PETA is okay with using animals as long as VP MaryBets Sweetland can get the insulin shot. Everyone else should avoid anything to do with animals.

Even Mozilla backed down on blocking 3rd party cookies, and it is open source.

That's because Mozilla developers need to focus on keeping their bellies full.

If Mozilla backed down, that's probably due to financial issues - where they could simply withhold funding, and instead focus on partnering with Microsoft to port Internet Explorer and Active X over to Linux.

And then I'm hard pressed to think of an open source browser which actually respects our privacy, doesn't have ads, and which runs on multiple platforms.

I haven't seen an ad-supported browser since Opera decided to shed its shareware model.

The big two browsers - Mozilla Firefox and Chromium - are close enough to these requirements. If you disagree, you'll have to find skilled developers, get a way to feed them, and keep them around long enough to write your own browser.

Even if Windows slows down over time, there's easy ways to deal with it.

Since Windows XP, you have a program called "MSConfig" that allows you to remove any startup programs, especially ones that are pure redundancy or are otherwise not useful.

And with modern systems - Web browsers slow down the system more than anything junk that accumulates in the OS. I've had both Firefox and Chrome running at the same time, with the resulting commit charge around 8GB, sometimes approaching 12GB. Once I stopped using one of the two browsers, the constant thrashing stopped, and everything else is much more responsive. (Firefox is still freezing, but that's a memory leak issue.)

And guess what, it is trivial to disable Java support for browsers

Only if you know where to find the option.

In Firefox Aurora version 34.0a2, I click the three lines button to get a menu, then click on options. None of the listed tabs lead towards disabling plugins, or making them manually activated by clicking.

In general, if you have to look in more than one place to configure your software, it's not trivial even if it's easy.

1) gamers that don't run basic AV

Basic AV = not automatically executing stuff.

If you mean something like real-time protection from common AV packages, then those are technically reactive to threats and don't detect new things within the past ~24 hours or so.

2) gamers that don't run sandboxing software over their browser (Sandboxie for example, shits TRIVIAL to use and is even foolproof!)

Browsers should be self-sandboxing, which has been the case since the start of HTML, until someone foolishly added JavaScript/plugins. Those two shouldbe disabled by default, and in the event that JavaScript or plugins are required for a site, they can be made click-to-play.

3) people DOWNLOADING programs for competitions...
4) actually wanting to play CS Go. The worst sin of them all.

No objection here.

5) Twitch still hasn't word-banned people typing these messages and any variants. It's not like their servers would break, they already have filters in place.

Word-banning is a clbuttic mistake.

There is nothing wrong in being a genious in something and not being able to explain how you do it. The common term for that is: intuition.
You ignore that someone who is doing stuff by intuition might have 30+ years in experience to do just that.

In case of the "iniuition" found in the Star Trek chess game:

• The "less logical" is most likely a lower-strength chess player (e.g. capatin Kirk, Troi, etc), and is matched against a high-strength chess player (e.g. Spock, Data, etc.)
• The weaker player makes a winning move, which was either "illogical", "emotional", etc. In reality, picking the winning move would be logical.
• Games such as chess - especially on a high-rank logician such as Spock/Data (known to be able to calculate stuff to excessive significant digits), are likewise able to avoid sudden mate-in-one situations and would probably attempt to shake off mate situations in several turns. (Current computers can see 10 moves ahead, maybe more; Star Trek computers should technically see much further as long as they aren't limited by plot.)

Compare this to Babylon 5, where there was a chess paring, where the player that lost admitted to have made a mistake (e.g. didn't notice that he opened himself to a mate-in-one.)

Also, I'm not saying that intuition isn't valid. Only the cheap plastic imitation used in Star Trek is the issue, when it's used to plainly bash things like "logic".

"I'm pro-science, but I'm against what I'll call "Spock-ism," after the character from the TV show Star Trek. I reject the idea that science is logical, purely rational, that it is detached and value-free, and that it is, for all these reasons, morally superior.

"Spock-ism" is really a Straw Vulcan where logic is forcefully neutered.

For example, Counceller Troi beats Lieutenant Data in a game of chess, claiming that it's a game of intuition. This ignores that computers can consistently win games of chess against anyone relying on intuition, and where intuition needs to be first built up on logic. (Really, just play chess intuitively against modern AIs on their maximum setting.)

1) I suspect videos tend to be larger than Anim-GIFs by an order of magnitude

While empirical evidence: animated gifs tend to have a lower framerate (maybe sub 24 fps?) than a comparable video file, and are usually smaller than 360 pixels across.

Loading an animated gif tends to be longer/slower than the comparable Youtube video.

Additionally, browsers can't detect the difference between an animated GIF and non-animated until it starts downloading (unless there's some new HTML tags that I haven't seen.) On the other hand, browsers can detect if a plugin/video is going to be activated before downloading them, and can trivially add a click-to-play dialog to prevent sudden download surprises.

Modern browsers have options for disabling auto-play of Anim-GIF, while similar control for video might be up to a 3rd party plugin

I haven't seen an option for that in Chrome or Firefox without going third-party - and usually you've already downloaded a chunk of data.

Meanwhile, Chrome can auto-block plugins, allowing you to right-click on a plugin and run it - this occurs before the video/flash content is downloaded, saving bandwidth.

The CS2 versions tend to be depreciated - and I think you need to actually have a registered version to actually download them now (i.e. you need to pass some entitlement.)

Also, at least one of the packages required for video editing (I think it's Adobe Premiere Pro 2.0), doesn't work at all on Windows Vista or later. There may be a fix, but I couldn't find it offhand.

Obviously there should be a way to report copyright issues. However to do so there should be a deposit required, say $1000.

A.k.a. justice for the rich rather than the starving artist.

The actual fix is to require the plaintiff to sign the whole statement under penalty of perjury rather than just that they represent someone - or at the very least, put a punishment for flinging out fradulent DMCA takedown in the same way filing frivilous lawsuits is punished.

If its so easy then you should have it done by teatime.

"Easy" is besides the point, and said easy portion is not a bottleneck.

Let's look at MinGW/MSYS, which I discovered omits certain critical definitions (e.g. EILSEQ etc.) from a recent download. Fixing them is "easy" but not of that helps the hard portion - getting the fix into the main repository so that others don't have to keep fixing it in the build environment - especially when that bug causes a violation of ANSI C specification.

Something like that can be picked up in an easy smoke test (e.g. ensuring that MinGW/MSYS packages are self-hosting). Yet, it hasn't.

Writing software is easy. Getting it distributed, or even trying to get everyone to agree on the color of the bike shed, is hard.

Nobody in the FOSS community wants it to be ported

The alternative is to write a framework that's superior to C#, .NET or other propriatery technologies - and get it deployed so that anyone can dive in with minimal difficulty (including initial learning time.)