Depends.

I once worked for a company that wrote web banking software. The laptops/desktops/etc of certain employees had a 'driver' that continually monitored the USB ports. If anything plugged into it that had storage on it but not the proper corporate auth key to connect as an approved storage device? It would automatically send an email to the IT department, immediately shut off the entire USB subsystem in the OS, and it stayed that way until the device was re-imaged (in many cases making the device completely useless). It also got you immediately perp-walked out of the building and freshly unemployed, unless you could immediately give them a reasonable (and provable) explanation as to why it happened.

Now in this case, I suspect that if the bad stick presented itself to the OS as a keyboard/mouse/whatever, it may circumvent that (I say "may" because I don't know if it would be able to dump any non-keyboard/mouse-related data onto the machine w/o presenting itself as storage.)

Either way, if you're that worried about it, then epoxy the USB ports shut (well, except on the phone for obvious reasons...)

...same way a lot of them made MCSE back in the dot-boom: braindump websites.

Wait - you can still work as a paralegal or in a similar support role until you pass the bar as a full-blown lawyer, no?

You kidding? I'd love to go myself - you see, some of us actually want to know what's out there, and to see it first-hand.

I meant "heartless" in the vein that they have no heart for it.

Give the physiologic changes that microgravity brings, I'd be surprised if sex was even possible without some engineering and pharmaceutical assistance...

Sadly, you're right. The same fuckers that make that decision are probably the same ones who think that artificial insemination is vastly superior to sex. Objectively they'd be right for the purpose of reproduction, but they're still a bunch of heartless assholes for basing public policy on it.

Agreed again - open the damn thing to commercial exploitation and see how fast NASA catches up.

Well, there's always the Core Installation... well, if you really like PowerShell.

(...and seriously, bash is 10 miles more flexible, effective, intuitive...)

Worse, really - even McCarthyism required some sort of evidence by way of associations, party memberships, and etc.

In this case, you don't even get that.

Well, not entirely "no point"... (and I didn't even have to bring up zones ;) )

...more like an awesome way for Google to grab a profitable patent in exchange for the prize money.

Seriously - if you can pop those kind of specifications, you can make a hell of a lot more than a million bucks from the patent alone.

A cheapie SunFire v200/210 will run like a tank, but you'll be crippled by the server's top speed, and they do put out the heat if you push up the load average (and HVAC costs should always be factored in, yo.)

You'll also need to buy a lot of those pizza boxes to make up for the processing power that you can find in a box half its age, let alone the newer iron.

Sometimes you have to run the old stuff (I work in an environment where we have testbed boxes, and SunFires are a part of that, along with ancient RS/6000 gear, PA-RISC HPUX gear, etc. I can tell you right now that the old stuff cranks out a lot more heat (and in many cases eats a lot more rackspace) than the equivalent horsepower found in just a handful of new HP DL-360's.

So is HVAC - go figure.

links FTW, bitches!

(...then again, it would seem rather trivial to make/create an extension that blocks or modified the canvas tag contents, no?)

Given that they likely had to add a few custom bits to insure anonymity, and likely modified or ripped out a few other bits, odds are good that the customizations are where the issue lies.

(...then again, perhaps the bug(s) can be found in the std. packages, but the researchers wanted to scare a smaller organization into becoming a customer first?)

I'm 100% certain "in due time" would come a lot sooner if the Tails OS maintainers coughed up the right fee, which means that this is most definitely NOT responsible disclosure.

I get that security researchers have to eat too, but damn - this sort of reeks of extortion. Maybe I'm wrong, but I know if I had a code project and some company said they knew I had holes but refused to tell me upon asking, extortion would be the first effing thought that would come to mind.