The trouble with these things is that they want to "phone home" too much. For energy conservation, Nest talks to a Nest, Inc. server and tells it too much. The info it needs (outside temp, power grid load status) is freely available from read-only web sites. (Given a ZIP code, the National Weather Service site will return info in XML.) But no, it has to talk to the "cloud" and give out personal information. That's totally unnecessary.

The hipsters should arm themselves. Michigan's gun laws aren't too restrictive, and with the money saved on housing they should be able to afford to arm and train themselves well. Your average hoodlum barely knows how to operate his gun, which is often a piece of junk, so the bar isn't too high.

I'm sure that's true if you're counting traditional engineering fields, meaning not including software engineers. I'm not sure it would still be true if you included software. Of course many would argue that software engineering isn't yet mature enough to be a real engineering discipline, but it definitely is a big part of "tech", which is the subject of discussion.

When I step on my scale, it tells me if I need to carry an umbrella today (based on the weather forecast it downloaded). Then it sends my weight etc. to my iPhone where it's merged with information from my fitness wristband and my diet tracker. Based on that, I get suggestions like "you've been going to bed a little later than usual. You should catch up." or "drink more water today" or "try to walk this much further than you did yesterday".

I think that's not so shabby.

And, of course, they completely miss the irony in their own statements.

I have several Teletype machines from the 1926 to 1940 period. All are in good working order. They're completely repairable; it's possible to take one apart down to the individual parts and put it back together. But they're high-maintenance. There are several hundred oiling points on a Model 15 Teletype. There are things that have to be adjusted occasionally, and manuals and tools for doing that. Every few years, the entire machine has to be soaked in solvent to clean off excess oil, then relubricated and adjusted. This is the price of building a complex machine good for a century or more.

(The Model 33 of the minicomputer era is not one of the long-lived machines. This was by design. The Model 35 was the equivalent long-lived, high-maintenance product; the 33 required little mainenance but had a llimited life.)

The problem is C. Programs in all the languages that understand array size, (Pascal, Modula, Ada, Go, Erlang, Eiffel, Haskell, and all the scripting languages) don't have buffer overflow problems.

It's not an overhead problem. That was solved decades ago; compilers can optimize out most subscript checks within inner loops.

I've proposed a way to retrofit array size info to C, but it's a big change to sell. There are many C programmers who think they're so good they don't need subscript checks. Experience demonstrates they are wrong.

Shouldn't be too hard... in the sense that solving the Halting Problem shouldn't be too difficult. I conjecture that with an appropriate set of assumptions it's possible to use Rice's Theorem to prove that security analysis is equivalent to the Halting Problem.

Of course, static analysis can catch some vulnerabilities, and can highlight potential vulnerabilities. That's what Coverity does. But I don't think any mechanical process can defeat a creative attacker.

This analysis is based on an erroneous assumption which is derived from an inductive fallacy. Specifically, the author assumes that because one researcher who found one bug believes he could have found a second for roughly the same level of effort means that the researcher believes this process could be repeated indefinitely. I'm certain that if Kohno were asked he would deny the validity of this assumption. I'm sure he would say that his team could find a handful of similar bugs for similar level of effort, but once the pool of low-hanging fruit bugs was exhausted, the cost and difficulty would rise.

One thing I haven't heard discussed is whether affected companies should be notifying their end users about whether they were affected and when it was fixed. I haven't heard from my bank, for example. Where they ever vulnerable? Should I update my password? If they were vulnerable, is it fixed now or would I just be handing an attacker my new password if I were to reset it today?

I wrote up a proposal called Heartbleed headers for communicating this information to site visitors. While I'd like it if everyone picked my idea as the new standard way for doing this, I just wish admins would start using something. We're so close to having a browser plugin be able to tell you "you need to update your password on this site" as you browse. How nice would that be?

The desk I have is motorized. Push a button, takes about five seconds. Another option is to get a desk that is always positioned at standing level and a tall chair. That seems cheaper and more convenient but there are some downsides. One is that you have far fewer options in chairs than if you're getting normal-height chairs. Another is that changing the level of the desk is difficult, which is particularly problematic if the seating gets rearranged regularly.

The reason was different. Diesels cost about 3x as much as steam locomotives pre-WWII. But by the 1950s, diesel engine manufacturing was a production line process and the price had come down.

The real advantage of diesel over steam was that steam locomotives are incredible maintenance-intensive. Here's daily maintenance. That's what had to be done every day, by a whole crew. That's just daily. Here's 120,000 mile maintenance, done about once a year for a road locomotive. This isn't an oil change; this is a full teardown, boiler replacement, and rebuild.

Electric cars don't have that big an edge over IC engines at this point.

We could send radio signals that far, with the big dish at Arecibo. If they have intelligence, and radio, we can communicate with a 1000-year round trip time. Maybe we should transmit some of the proposed canned messages to other civilizations every month or so.

If there is other intelligent life out there, it looks like they're a very long way away. Too far to talk to round trip, even at light speed. None of the known extra-solar planets within a few light years look promising.

Right. Traditional pneumatics is rather dumb - most of the time it's on/off, with air cylinders pushed up against hard limit stops. Positional control of pneumatic cylinders works fine, but it takes proportional valves, feedback sensors, and a fast control system. Until recently, industrial systems tended not to get that fancy.

I was interested in using pneumatics for running robots back in the 1990s, but the available proportional valves back then were big and expensive. One useful model of muscles is two opposed springs, and a double-ended pneumatic cylinder can do just that. You can change both position and stiffness, separately. You can simulate a spring, and recover energy. Someone did that at CWRU a decade ago, but the mechanics were clunky. Festo does that elegantly with their new kangaroo. Very nice mechanical engineering.

Shadow Robotics has a nice pneumatic robot hand. Shadow has been doing pneumatic flexible actuators for many years, but now they have good controllability.

One of the most important pieces of career advice I've received is to make sure that people who cause pain feel the pain. It is not my job to be a whipping boy who suffers for every bad decision I tried to warn someone about. If management insists that I do something really goofy, then they should not be spared from the consequences of their plans. Insulating them only enables them to keep making bad choices and inflicting them on codependent organizations.

You say "rubbing their nose in it". I say "making sure decision makers understand the results of those decisions".