you would use the HSM (or a usb key on a trusted computer with your passwords, for lower security scenarios, say, where you have a colo and/or don't want to buy an hsm) to 'prime' the system to avoid having the issue where you either have to leak a little bit of info or you don't know for sure if the first few users' passwords are correct or not right after a reboot, as part of the reboot process you would log in in turn with all these known usernames/passwords in order to get the system up to an initialized state so it can validate 'real' users properly.

why would you need multiple people assigned to this job? seems to me if you are really concerned you could 'prime' this system by using an attached HSM with however many random accounts/passwords you'd like to be logged in at bootup: outside of somebody physically breaking into your server room and stealing your keycard it would seem quite secure to me...

who asked for maintenance? I just want to be able to reinstall the same version I was already running before, if to do so I have to click a 'this is unsupported, you are on your own' checkbox then whatever, I just want to:

- if I have an old device and I wipe it, I want to be able to reinstall the applications I ALREADY HAD ON IT even if new versions are available (which would not run on it)

- if a developer releases a bad update (significant changes in functionality, crash bugs in my scenario, redesign, whatever), I want to be able to downgrade to the previous version I ALREADY HAD

developers would totally be free to say 'if you want this issue fixed you need to upgrade to version x.y.z', that's fine with me, but as things stand now the state of walled garden app markets is not very good: if in my job I told my customers that they have to force upgrade to every release (major OR minor) I put out and they won't be able to downgrade after doing so I would (rightly) go out of business very quickly.

that works until your old version has a major security hole and your choice becomes moving to the new version or risking being exploited: for example I've always run my ipad2 on ios5 until ios7 was released, then ios6, but now I *had* to update to ios7 due to the ios6 patch for the major security hole not being available to me (given that my ipad2 can run ios7 itunes only gave me the choice to update to that).

I completely agree with this article, I also think there are no reasons but greed to prevent itunes from installing old applications on your old idevice, I have an old ipod touch 1st gen that still works perfectly, have a lot of still very useful apps on it, but if something happened and I had to wipe it I would not be able to reinstall pretty much any of them due to the itunes store not allowing me to, it's a really bad state of affairs (for users) but then again that's what happens when you buy into a walled garden ecosystem, you are at the mercy of what's more convenient/makes more money for the company, not what's best for you.

what about a story when a kid became deaf? why isn't the deafness-measles connection more in the news? it's a lot more common than death as a side effect but of course not a lot of fun to deal with

thing is that measles doesn't have only death as a serious side effect, much more common is deafness and inner ear disorders, which make your life not a lot of fun, believe me, and those are not necessarily always linked in the stats (esp. considering that the risk for things like meniere's goes up A LOT if you've had measles as a child, but you might not get it until decades later)

if you have a set of slides there is no flexibility, if you are giving a chalk talk (and you actually know what you are talking about) you can tailor the talk to the audience, if you know a part is understood you can skip things, if you find a point that is more difficult to understand you can add context, provide more examples etc.

Slide talks are best at presenting facts, not that great at conveying information (since there is no flexibility), and quite bad at fostering discussion (since your audience generally won't be very engaged), so the decision here to stick to chalkboard talks seems like a good idea.

the same thing that you would do if you don't vaccinate and your kid gets measles and ends up permanently deaf, in the end it's about probabilities, the probability of measles having bad side effects seems a LOT higher than the probability of vaccines having bad side effects, ergo it should be obvious what to do.

This said people are not rational, the odds of getting run over crossing the street are much higher than a lot of other events people worry way more about...

Windows:
- microsoft security essentials
- windows firewall control (commercial)
- cygwin
- notepad++
- sysutils (procmon etc.)
- ultramon (commercial)
- launchy
- sharpkeys
- autohotkey
- visual c++ express
- 7-zip

Mac:
- little snitch (commercial)
- macports
- better touch tool
- keyremap4macbook
- iterm2
- alfred
- geektool
- menumeters
- caffeine
- xcode

Linux:
- whatever distro-specific set of packages gets me all the dev stuff
- (if needed) whatever distro-specific repository gets me extra packages (say, epel)
- kde
- xfce
- various personal customizations done over the years (xmodmap, ...)

Everywhere:
- firefox (noscript, requestpolicy, adblock, flashblock)
- emacs
- python / virtualenvwrapper / git ...
- bash customizations (powerline, bash completions, personal scripts)
- libreoffice and latex
- truecrypt
- virtualbox
- dropbox
- gimp

these are the baseline, beyond that it depends from what I am using the actual computer for