The first part is also pragmatic. Releasing a security fix is a lot of work, not just for the developers, but also for everybody else. So you only do that if you have reasonable suspicion that the bug is a security risk. They were good reasons to believe that it is not the case here, although in the end they did not apply in every situation.

If you treat every bug as a security issue, you end up with the Google situation where only one version, the latest, is ever supported. And for libc that is not an acceptable option.

I had some pre-1.0 versions, but no internet connection. The first version I really used was 1.0.8 -nli one via the university 128kBit link. Luckily that got better soon afterwards.

And later I was really excited about KDE 1.0. I think it had many good ideas and was quite nice to use, if a bit RAM hungry. Unfortunately many of those nice ideas got removed in KDE 2.0 :-(

>All hardware is prone to not coming back up after the power was cut (or turned off in the case of a laptop I have), SSD is not special in this.

But OCZ SSDs were. The failure of OCZ drives doubled the industry average failure rate, that is how bad they were. Returns were in the double digit percents.

And still I hear your statement that this could happen to any company. Which is true. But OCZ ignored the problem and pretended it did not exist, instead of showing a bit of generosity towards the (rightly) disappointed customers. This I will not forget, and like me many others.

run anywhere.

Unless you have the wrong Java version. Or it turns out to be not quite as portable as promised. Or there is an issue with security settings. Or you are in Russia.

Yes, but that is a well known problem. In every core meltdown, lack of information has been a serious issue. Guess why? Because the sensors melt, too. An expert may be able to guess what is going on, but it is beyond the skill of a typical operator.

Non-nuclear power has well known consequences. An important one for coal is the release of mercury, lead and radon (!) into the atmosphere. Of course industry has downplayed it, but it is very easy to verify.

As for state owned power - it depends on whether you trust the system. If it is totalitarian, so is the management of power plants.

In case of a nuclear accident, the industry will always downplay and deny everything that is not perfectly obvious. Has always been, and probably will always be. This is the main reason I do not trust nuclear power that is run for profit.

Which is exactly why politicians cannot touch the NSA. It is a typical problem when the secret service gets too powerful. Nothing new here.

I have both, and the Kindle has an easy of use about it that more flexible Nook cannot match.

Easy of use can be much more important than most geeks think.

No, the year of the Linux desktop is over.

We used to have Gnome 2, KDE 2 and 3, OpenOffice, Mozilla, Flash Player and many useful tools against Windows XP. It was superior technology, but the impact was limited (LiMuX?).

OpenOffice is in ruins (and hardly better than 10 years ago), the Gnome community is split, and KDE keeps getting fatter. Meanwhile Windows 7 is a half decent operating system, and Office 2007 has upped the game considerably. Even Google targets Linux only for some of their products.

The battle for the desktop is over and lost.

Apple ][e is what you need - with a CPM card.

Yes, it is the Amazon store integration that makes the Kindle so great. Buying a book and reading it is a very seamless experience, no matter how you buy it.

The Nook is much more flexible, but also much more complicated to use. And once it is rooted, it gets worse (plus you are stuck on an absolutely ancient version of Android). There is a lot of potential in the Nook, but it is just not quite there yet.

I completely agree. W3C seems to be always behind reality, trying to describe it, but not define it. IETF did a lot of very useful work, but they have been branching out into rather obscure protocols recently. Where is HTTP/1.2? Surely HTTP/1.1 is not perfect?

And Google did what Google does: they threw together a prototype and checked how it would work. And it seems it is working very well for them, but maybe not so much for others.

I would also advocate to separate some of the concerns. Transmitting huge amount of bulk data is a problem that is (mostly) solved with HTTP/1.1. Encryption less so, session tracking is a bit of a pain, and server push is really ugly in HTTP/1.1.

PS: Concerning the original submission, there is nothing wrong with encrypting cookies. Instead it is the proper thing to do if you do not trust the client, which you should never do.

I did not matter one bit when XP was released, it matters when a better alternative was available. Windows 7 is not even 5 years old, and 4 years ago Windows XP was still being sold with new netbooks. Those machines do not even run Windows 7 properly unless you upgrade the RAM.

> we don't bar people based on race or nationality alone.

You don't? That does not align with my experience. How about Syria or Cuba?