Keep in mind that you would have to have control of the registrar that issued the domain. With SSL today anybody on the trusted CA list can impersonate any website anywhere. With DNSSEC Verisign certainly could impersonate .com websites, and Iran certainly could impersonate .ir websites, but neither party could impersonate the other's websites. That is a BIG reduction in the vulnerability space, even if it isn't perfect.

If the NSA really does has everybody under their thumbs, then face it, you aren't going to be able to evade them using anything likely to ever become mainstream. We can't judge every security improvement solely on whether it solves "the NSA is out to get me."

Well, if they want to launch their rockets from next to schools, then they shouldn't be surprised when their kids get blown up by artillery fire. That is probably their objective in any case - it makes for good PR.

Is firing artillery on schools wrong? Of course. Is firing rockets from nearby a school wrong? Of course. The one is still a consequence of the other.

I don't really see the Palestinians achieving their goals with the methods they're currently using. I get the impression that their plan is to keep blowing up the odd house until God comes down and wipes out the infidels for them. Or maybe they're just happy dying in the attempt.

Conducting military operations 100m away from a civilian building is inappropriate. If a conflict broke out in just about any civilized nation that required basing soldiers within 100m of a hotel, the hotel would be evacuated. Heck, the whole city would probably be evacuated.

Well, then don't launch rockets from within Gaza then. Those rockets generally aren't targeted at military targets anyway, so there is nothing legitimate about firing them off in the first place.

When conducting war you have a responsibility to minimize the danger to non-combatants. That includes not basing your soldiers in close proximity to non-combatants (and 100m is close proximity).

The alternative is to return to tactics like WWII bombing, and that isn't in anybody's interests. Those fighting in Gaza (whatever they want to call themselves) are not acting as soldiers - they're basically acting as terrorists.

Meh, it seems that more and more the blame is shifting to whoever wrote the requirements or the project manager. But, without fixing all that other stuff, there isn't much they can do either.

The whole reason Agile was created was to try to deal with some of these pressures, which many consider unavoidable. The problem is that many companies just don't grok it, and insist on a fixed scope in a fixed time at a fixed cost. This approach fits in better with annual planning cycles. If you have a million dollars, a set of objectives, and a year to achieve those objectives it makes sense from the manager's perspective to tell the developers to just deliver that whole set of objectives. The problem is that after a year it turns out the objectives weren't quite right, the situation was more complex than people realized, a million dollars wasn't quite right, and so on.

Heck, if they want to stop the continuous decline of contributors of any gender they'll do that stuff. I don't really care enough to deal with the fuss that is Wikipedia. If I want to post something informative I'll do it on my blog, which will get picked up by high-reputation feed aggregators and get plenty of visibility on Google and will be available for all posterity. Maybe somebody else will wikify it for me, which is great. I would love to just post initially on some site where everybody can collaborate to make it better. The thing is, I just want to contribute - I don't want to defend every word I write and debate whether it should be expunged or not. I'm all for improvements, and I'm sure my word on any subject is not the last (that's what comments are for!), but my sense on Wikipedia is that if I took the time to write something instead of improving on it there are many who would just campaign to remove what I wrote entirely.

In the world of millions of things I could be doing with my spare time, Wikipedia just doesn't rank up there.

Sure, but can we be sure we have found every one of them?

It isn't just the boomers that are a problem either - I imagine their attack subs can carry cruise missiles.

But, think about it. The only way a war could start and stay contained is if the US sends troops to the Ukraine, the Russians don't do anything to interfere with them arriving there, and the US troops just fight along a front with the Russians to push them back to the border. How likely is that? It would certainly be a bloody war - nobody fights that way since WWI.

The more likely scenario is that the US mounts invasions of Russia from somewhere OTHER than Ukraine, which would put Russia on the defensive. They would immediately have to pull out of Ukraine or they'll end up being encircled, or losing a city in the north like Moscow or St Petersburg. Since that would be all-out war the US would preemptively attack all Russian Naval assets, expecting them to retaliate with unrestricted conventional warfare otherwise. We are now talking about a global unrestricted conventional war between the US and Russia, that we hope stays conventional even though the US is fighting on Russian territory, and will likely capture quite a bit of it assuming they can get enough ground troops over there before the real shooting starts (there is a logistics challenge here as Russia is huge and the US isn't basing thousands of troops in Latvia or anything like that). If the gloves are off, then you also have to factor in things like special forces, sabotage, and so on. I'm not sure that Russia's only option for striking the US is submarines.

I'm sure this would make for a great Clancy novel, but nobody really wants to actually see this stuff happen. I think the US/EU would let Russia march right up to the border of Germany before they'd do something about it. Maybe they'd stop them at Poland this time or something. I doubt that they're ready to draw the line at Ukraine, or even the baltics. Everybody is just going to want to pretend that it isn't happening, or that Russia just wants a bit more buffer.

In general there hasn't been any kind of move towards making non-init-oriented stuff part of PID 1 in systemd, or requiring the use of any of the satellite software. I don't think you have two points you can even draw a line through here...

An obvious application for storing configuration in a database is when you have a cluster. Suppose I have an application with 400 settings. I have 10,000 nodes. Some settings are unique to each node, some are unique to a group of nodes, and some settings are common across all of them.

With a normalized database you could store every value once, and make one change to have it propagated to all your nodes. If you have a pile of text files in /etc then you either:
1. Really have the database storing the true values and just regenerate all your text files, which is really just the database design with a text-file compatibility layer.
2. Come up with some way of editing 10,000 text files across 10,000 systems to make the right changes to each one, trying to stay on top of all of them if that really is the master source of configuration for each one.

Most of the new configuration management paradigms are built around the concept that systems are not hand-built, but they're machine-built on-demand.

Tend to agree. The US wouldn't have any problem with the rebel forces, but just about anybody else would. Now that Russia is pulling out all the stops even the US would take care before intervening - they have some serious air defenses that are potentially effective against even stealth aircraft. I suspect the US could still overwhelm them, but it wouldn't be bloodless even if limited to an air war, and I doubt any battles would remain contained to the region.

My point is that using text files vs something else is a design decision with both pros and cons. I can understand why individuals have their preferences, but that does not make either design outright wrong.

I'm sure everybody has both made plans and is pretending to be surprised. That's just politics. Nobody says what they really think.

Does Germany want Russia invading the Ukraine? I'm sure the answer is no. If push comes to shove are they going to put principle above gas prices? Probably not, but we'll see. The downing of the airliner was taken seriously because so many of the dead were EU citizens, but even then it was just sanctions.

I'm not entirely convinced the US/EU would commit to warfare if Russia invaded Lithuania, which is a NATO member. I'm very skeptical that they're going to do more than sanctions over Ukraine. A shooting war with Russia means the entire US East and West coasts are within range of sub-launched cruise missiles, completely setting aside the doomsday scenarios. There was an uproar over closing a few lanes of bridges into Manhattan last year - imagine what will happen if key bridges along coastal rivers are destroyed? It doesn't take much disruption to have a huge impact on the economy.

There is actually a deeper issue than corporate security competence.

Imagine that a bunch of soldiers stormed the front door to their datacenter with APCs, tanks, and artillery support. They then removed hard drives and proceeded across the border to some other country. Would you consider this a bank security problem?

Banks don't have this problem because the government provides physical security against these kinds of threats. Sure, the bank is expected to lock the doors and have some guards, but they aren't expected to stop an attack of arbitrary determination.

With the internet we benefit from the free exchange of data across national borders. However, at the same time this means that computer security can be subjected to attacks of arbitrary sophistication, and national governments have generally not intervened.

Now, I'm sure more could be done to secure the average corporate network, the reality is that state actors are free to develop more and more sophisticated attacks free of interference. If I wanted to hack into some foreign bank I probably would have the FBI kicking down my doors before I got too far with it. The same is not true of an NSA agent doing the same thing.

I think the only real solution to this sort of problem involves border control. Establish agreements with nations to cooperate on prosecuting computer crime, and heavily firewall communications or block them entirely at the borders. Parties to the agreement would agree to not accept traffic from countries that aren't parties to the agreement. The downside to such a policy is obvious - far less freedom of communication, and that will probably support dictatorships and such abroad since we'll effectively be providing the firewalls for them.

Either that, or we just accept that data stored on networked computers is going to be insecure. There is no reason to think that security is a game where the defenders can ever win - that certainly hasn't been our experience in physical security.

I actually wonder how relevant CISC even is to people doing assembly programming these days. There is no reason you can't pull an LLVM-like move and target something other than the native instruction set when you are programming.

That is basically all the x86 does anyway - convert CISC instructions into microcode. There is no reason that an assembler couldn't do the same thing, further blurring the lines between assembly and compiled code. If the whole point of writing assembly is to optimize your code, and a RISC processor could run your code faster after low-level-compilation than a CISC processor could run it natively, then RISC is what you really want anyway.

Do you actually want to discuss this? If so, please do so politely.

You said "If /etc becomes a database, you lose the ability to use your standard tools on it, which, gasp, tend to work on text files, because it's the one single truly universal /and/ human-digestable format."

My point is that there is nothing human-digestible about a couple of magnetic domains in a sea of trillions of magnetic domains on a piece of metal. You need a lot of software to access it, and most of it isn't particularly interchangeable.

Sure, text files have certain advantages, but they have lots of disadvantages as well. If I'm spawning 3 million instances of some application server, and they all have slight configuration tweaks, it makes more sense for them all to check in with some kind of configuration management server or receive their state information at boot, rather than building a unique disk image for each one just so that I can stick a text file on it.