Err... sending them business, I mean.

We're talking about the lines that they put in the ground, not the in-home installers. And I'd expect most independent contractors to be glorified employees, just under month-to-month contracts.

But even if they contract other companies to do the digging work, they're still paying a lot less for them than you would be as an individual, because those companies know that you are a one-time job, and they need to get as much as they can out of you, whereas the Comcasts of the world are repeat customers that will keep sending you business.

It's only expensive because you were paying for it. The cable companies employ people to run cables, which makes those employees basically a sunk cost. They have to have those people to do repairs on an ongoing basis. When they aren't doing repairs, it costs the cable nothing to have them run lines to new houses, beyond the cost of the wire, which I suspect is somewhere between a third and a sixth of what you paid. (Over the long term, this isn't true, but when it comes to short-term variation, it is.)

Moreover, it costs $200 to rent a trenching machine for a day, and probably less than that to hire someone for a day to run the thing. So basically, even by the most conservative estimate, you overpaid for your installation by about $1,600, all of which went into the pockets of middlemen. Cable companies don't pay middlemen; they pay workers. So even in the worst case scenario, where all their workers were fully booked so that they had to hire new people to handle running your cable, they'd still pay less than half what you paid.

So at your price, it would have been about an 8-year payoff. At half that price, it would be a 4-year payoff. In the telecom world, a four-year payoff is amazingly quick, from what I've read. Your cable company just couldn't be bothered. It had nothing to do with cost, or if it did have something to do with cost, it was only because they were pushing the high up-front cost onto you as a means of ensuring that you could actually afford the service. Either that or they are nearly bankrupt and couldn't afford the $3,000, in which case you probably just wasted your money. Hard to say which.

Hacker News has a fairly good track record causing something resembling the Slashdot effect at least on lower capacity servers. Its pretty rare you hear anyone comment that they got a traffic surge when their blog appeared on the front page of Slashdot any more, though it is quite common to hear comments about traffic surges from Hacker News.

Iraq used chemical weapons to pretty good effect to stave off Iranian human wave attacks during the Iran Iraq war. If they hadnâ(TM)t it would have somewhat increased the likelihood that Iran would have won the war. With the help of chemical weapons Iraq fought a much larger country to a stalemate.

The Reagan administration and numerous western companies were fine with Iraq using chemical weapons against Iran during that era. They didnt want Iran to win that war.

And have a trivial exploit as a result too. It's a good thing that people who write bad Python and Java code are using those languages.

It's all operating system cached writes, they're not even getting to the disk's write cache.

Python's file flush() function does not flush data to disk. You have to call os.fsync(f.fileno()) for that.

Same problem with the Java code. flush doesn't make sure data is on disk. You have to use sync or force or something.

This is an excellent way to introduce the smart scientist/moron coder archetype to people though, so it's not completely useless.

SSDs and disk speed have nothing to do with this. None of these writes are hitting disk. All they've shown is that when you cache a write to disk, the operating system might add data to it more efficiently than the slow Python and Java string code can expand a string.

I hereby propose to rename it "Software As a Disservice", or "SAD".

There's minimal evidence that healthy eating alone lowers your long-term body weight. That's part of the point really. Any diet change, be it fad dieting or more sustainable health eating choices, they are all capable of short-term weight loss. Keeping that weight off on the long-term is is a so much harder problem, it's barely related to what works for losing a large amount of weight in the first place.

If you read studies about people who lose and keep weight off, like Long-term weight loss maintenance, the common factors that always show up are both very low calorie counts and constant feedback. Basically, chart your weight all the time, and cut your calories if it ever goes up. That is brutally difficult to sustain for years at a time. If you follow any sort of hunger-driven diet, with healthy foods or not, you will probably go back to whatever weight your body likes over time. That's how hunger works.

Agreed. Flash really should apply the patch, and if it fails, it should refuse to load the Applet.

None of the pages about this bug—not the article, not the CVE, and not the Adobe explanation—tell what the actual attack vector is. They just say that they're vulnerable to XSS. Does that mean that the Flash code can be used on somebody else's domain? Does it mean that the Flash code can in some way be tricked into loading content from the wrong domain on behalf of page JavaScript? If so, and if Flash code uses only non-hardcoded URLs, does that mitigate the problem?

The thing is, even if you got rid of all the insecure Flash applets out there, a malicious person could still host one somewhere. So depending on the nature of the attack, the only real way to fix it might be for Flash to deliberately break every Flash applet linked against the old SDK. If the attack is dependent upon the flash being hosted from the same domain as the content you're trying to steal (e.g. cookies), then the right way to fix it is for web developers to eradicate Flash from their websites.

Not true, not in the slightest. Google has fought hard to minimize the information they have to give to governments, and to be as transparent as the law will allow about what they do give. Remember that Google created the transparency report, and was the company that managed to negotiate permission to share aggregated data about National Security Letters. Many other companies have followed suit, but Google led the way.

No, Google has been shown to comply with legal requirements, and to fight questionable requests in court. Snowden also revealed that the NSA was tapping Google's fiber. Google responded by encrypting the data on that fiber.

Cite? Since Google is a publicly-traded company, it should be easy to point to that line item in their SEC filings.

No, told by the Chinese government to participate in government-mandated censorship or GFTO. Google participated for a while and then decided it wasn't what they ought to be doing, and so chose to GTFO of the biggest market on the planet (albeit one in which they had a small market share.

That grass-roots FLOSS development only happened after the GPL does not mean it was necessary to create it, nor even caused directly by it. Giving away free software to promote consulting and support revenue can be a profit center independently of other motives. I can easily imagine an alternate 2015 where there was no Stallman, so instead consulting companies shared boring infrastructure code to split its development costs.

Good old dictionary.com says paranoia is baseless or excessive suspicion of the motives of others. There are a few examples where I think Stallman is excessively paranoid. I personally like using the web only over e-mail to avoid "survellance". Wander that deep down the rabbit hole, and the all powerful three letter agencies out to get you will also have secret exploits for Lynx. Seriously, it's all in the Snowden documents! And I totally did remember to take my medication!

However, there are way less examples that seem extreme like that today then there used to be. Re-writing your hard drive firmware with secret monitoring tools? In 2015 evidence that might be happening is reasonable news, not paranoia.

I've seen plenty of examples of companies who do not want to share code unless compelled to. There are software compliance tools for lawyers whose main purpose is checking corporate source code repos to make sure there's no GPL code. But the number of corporate contributors to all the BSD distributions says the GPL is not mandatory to develop open code. Did it help? Sure. I think open source software as a way to share overhead on boring infrastructure code was inevitable though, even if there was no "free software" (tm).