You don't bring swimwear into a sauna. If she isn't comfortable being nude there are multiple other ways to refresh yourself, in the pool, showers or wherever. Nobody forced her into the sauna in the first place.

If 10% of people are gay, then this impacts 10% of nerds. I don't run Apache, but I don't bitch when they put an Apache story on the front page. Get over it.

This is how organized religion dies -- to thunderous applause.

As they fade into irrelevance day after day, and people discover that they actually value the freedoms their churches have been suppressing, I expect people will abandon them at an even faster pace.

hang on... didn't bunnie huang do the "chumby", and didn't barbie try doing something like this - putting an interactive wifi and mic aspect into one of their barbie dolls... with a huge back-lash as a result? so (a) why is there an expectation that this will succeed (b) why was the patent granted when there is clear prior art???

this is why debian has the GPG key-signing parties, and why all packages are GPG-signed by the package maintainer when they compile it, why the ftp masters sign the package when it's uploaded, and why the release files which include the checksums of all the packages are also GPG-signed. under this scenario there are an extremely limited number of extremely paranoid methods by which debian may be compromised. even the scenario of "cooperation between long-term sleeper agents within debian's ranks" would have a one-shot opportunity to get away with introducing malicious code, following the discovery of which their GPG keys would be revoked, the perpetrators kicked out of debian, their packages pulled immediately pending a review, and the already-effective procedures reviewed to involve multi-person GPG signing that would make it even harder for compromise to occur in the future.

now, if you recall, there was an announcement a couple of years back that the development of Mozilla's B2G was declared to be "open" to all, so i contributed with a thorough security-conscious review of how to do package distribution. it turns out that Mozilla is *NOT* open - at all. several other contributors have learned that the Mozilla Foundation is in direct violation of its charter.

basically, the Mozilla Foundation *completely* ignored the advice that i gave - which was that the use of SSL as a distribution mechanism would be vulnerable to *exactly* the kinds of attacks that we see the NSA attempting to do on google. they went so far as to enact censorship, preventing and prohibiting me from pointing out the severe security flaws inherent in their chosen method of package distribution. i remain deeply unimpressed with many aspects of so-called "open-ness" of well-funded software libre projects.

http://iopscience.iop.org/0295...

just to throw an appropriate spanner in the works, it's worthwhile mentioning the above article which notes a significant statistical correlation between variations in the measurement of the effect known as "gravity", and the (appx) 6.5 year cyclic variation of the earth's length of day.

now, before you go all "ooer" or "waah! gravity varies! we're all gonna dieeee spinning off into space", it's worthwhile pointing out that the author mentions, in the conclusion, that there *might* be some sort of unknown systemic errors in (a) how gravity is measured (b) how the length of day is measured which *happen* to coincide and give the *impression* that there is a statistical correlation between gravitational variation and the length of the earth's day. he does however state that in light of how the measurements are taken it would seem to be very unlikely that there are such systemic errors.

so, anyway, the point is: gravity appears not to be as simple as we assumed, hence why some long-distance space probes (Pioneer for example) have anomalous unexplained behaviour.

While I applaud Paul, Wyden, and the other Senators who have pledged to do everything in their power to block the spying-allowed version of this renewal; Sen. Paul's "filibuster" was pure PR stunt for his presidential campaign. It was during the discussion of a completely unrelated bill, and wasn't even an official filibuster.

The TV market is bad, but the watch market is not great.

What they should be trying to crack is the in-car nav/infotainment systems - the iCarStereo. Current nav systems are somewhere between total-suckage and so-distracting-they-cause-accidents. Bluetooth pairing is painful when it even works, calling systems don't integrate with smartphone phonebooks, there is no way to share contact addresses, and the voice controls are no better than someone reading a "Car navigation is attempting to quit, cancel or allow?" dialog box. And the interfaces are so poor as to command the driver's full attention for seconds, looking for touch-screen items or clicking the right button, taking focus off the task of driving.

People would trade their old cars in for one equipped with an Apple iCarStereo if it solved those problems. A watch? It will take a lot of luck for it to be more than a fashion item that falls off the radar in a few years.

I think adblockers are great - for the end user to own and maintain. I've been running filtering proxies of one type or another since the last millennium. (And nothing will teach you the nuances of regex like the challenge of stripping out unwanted HTML tags.) It's for me to decide what I want my browser to display.

But just as it's wrong for my ISP to inject their own ads, it's also not the place of my ISP to censor them out of my data stream. That's my decision, not theirs.

Yes, they *could* have used some kind of special 'data diode' isolation device, but then the researcher probably wouldn't have been able to jump networks in the lab, or, as stated in TFA, "He told WIRED that he did access in-flight networks about 15 times during various flights but had not done anything beyond explore the networks and observe data traffic crossing them".

Car networks (CAN bus) have a similar weakness in that the infotainment systems have previously been breached, allowing attackers access to cross over to security systems and unlocking the doors.

What if the protection on planes is so bad that a passenger can use the inflight entertainment system to gain virtual access to the controls of the plane?

Suppose you are a security researcher and find this out. What do you do? Tell boeing! They... do nothing. Tell the airline! They.... do nothing.

It all starts with a belief issue. You hack into the entertainment system, compromise the firewall and see plane-control messages flying around on the network you now have gained access to. This is enough for a sufficiently technical person to be convinced of having gotten too far for comfort. At that point you know you are only one step away from taking control of the airplane.

Tell anybody less technical about it and they will not be convinced that you'd be able to move the plane. For example, today with this news today someone already voiced: "he might only THINK he moved the plane" (... while in fact the pilots initiated that maneuver).

So... to prove to the world that there indeed is a dangerous situation, you need to actually make the plane move.

And this is where everybody gets their panties in a knot. Suddenly the guy who reports that the planes are not secure enough is the bad guy and needs to be thrown in jail.

Examples of people reporting security problems and being ignored include: On a saturday night two men walking their dogs notice that the bank has left a window open. A person can just climb into.. the bank! So monday morning they walk into the bank, tell them about it, bank says thank you and... nothing happens. Next weekend, window is again left open. So they tell the bank again. And again. After a few times, to prove the point, they decide to climb in, and photograph what access they have once inside the bank. They got into a lot of trouble for that. But since then, the window has been closed.

Personally I have reported security problems in computers without going that extra mile of "making the plane move". In one instance I've reported such a misconfiguration to over 100 system administrators. Two hours later, saturday afternoon, the first response: "Thanks, fixed". Come monday morning, one response: "we know, not a security issue, get lost.". And all others were "no response". A year later more than 50% of the computers where I reported the configuration error were still vulnerable.

With laws being written in such a way that the "white hats" (*) can be thrown in jail, we create an environment where the white hats are either ignored or thrown in jail. Before you know it, the "white hats" are too afraid to report anything and stop reporting real problems. In that situation, you only find out the problems when a bad guy ends up crashing a plane.

Boeing: invite the guy over to show you the problem. Once that hole has been closed, invite him over, pay his hotel an meals for a week while he hacks at a "fixed" plane on the ground at your facilities. Credit him for making aviation safer.

(Do this, before someone makes it stick that: "Boeing created this system with such bad security that it put passengers at risk.").

(*) the researchers that report the problems they find without causing real harm,

If there is no tie between the entertainment and nav systems, then it becomes difficult to explain the seatback display of the current flight information. At some point the data has to move from one system to the other. That takes a lot more than "no tie".

yep - count me in. i'm currently up to about the same level of exercise as you - about 2 hours a day: tennis or street-skating. tennis is for my eyes - and the social interaction. street-skating is because i find the explosive (sprinting) nature of tennis is causing huge knots in my arm and leg muscles. without this, i am... yeah, not a nice person either :)

As a male, white middle-aged STEM researcher: Yes, there is pervasive, often painfully (and legally prosecutable) obvious sexism in science. And while I can imagine that many fields are even worse, that doesn't put science off the hook.