That is logical from several standpoints, but people's emotions prevent it.

People from a region want certain jobs, and they demand results from government leaders, not logic.

How can you get jobs? Entice businesses to move in or to form. How do you encourage business? Tax breaks and other government money. Money to entrepreneurs. Money to small businesses. Money to relocated or new offices.

In the short term that means results to the politicians, meaning re-election. In the short term it means more jobs. In the short term it means growth. In the short term it means an improvement in local life. In the short term it means getting re-elected. Most of society does not think about the long term handcuffs, but in the short term, it means the results most people want, so longer term consequences are ignored.

That's why the uniform taxes won't work. Not because it isn't logical in itself, but because it deprives governments of one of the most powerful incentives (rather than punishments) in their toolbox.

When I go to a restaurant I know sends out coupons, I will ask if they have any behind the counter, and they often do.

When I go to stores that are known for discounts, I ask for them.

Yesterday I needed new tires on my vehicle. At checkout I asked if they had any discounts available. He gave me 10% off.

About a month ago I went to a rock chip repair shop I asked if they had any deals running. The clerk said there was a radio special running and I needed to say their station name for a huge discount... Then he told me the name of the station and smiled, waiting for me to repeat it.

There are opportunities to negotiate everywhere.

No, it will continue.

Instead of negotiating for salary, it becomes a negotiation for pay grade.

"You are offering a job on pay grade #37, but I assure you, my background and history mean I should be on #43."

Same negotiation rules apply, just a different name for the salary.

Even in suburbia it can work out.

My DSL (vdsl2 modem) is 48 Mbps down 16 up. All the time, not a shared cable loop. My comcast friends pay a similar amount and have similar speeds --- but only during non-peak times. We found the cable loop is shared in the neighborhood, and peak evening hours most cable-using homes in my neighborhood struggle to get a steady 10 down.

While VDSL2 doesn't compare well against fiber to the home, it can compete well with most cable offerings.

Yes, for both.

Many people in various government and private organizations noticed. People were fired for playing games at work even though the game was inside excel, especially people at strict grunt-level jobs like calling centers where getting caught playing games on the clock was a terminal offense.

The question that many businesses and agencies immediately put to Microsoft were along the lines of "If there is the very large undocumented video game embedded in there without telling us, what else is secretly in your product?", and also "We needed to buy so many thousand machines up to this higher spec to make room for Office 97, how many of those megabytes are spent in the games rather than necessary components?"

I'm sure it was not a comfortable time for those product managers.

For that type of thing I would document it internally as a utility or debugging aid. Then it is no longer an undocumented feature, instead an obscure but documented testing aid.

Undocumented, unapproved, untested functionality is generally a bad thing. But fix it through a tiny bit of documentation, get approval to add a command sequence to get the debug information, and let the test team know the debug command exists, and you're good to go.

It all depends on who they happen to be, and how you define an Easter Egg.

I worked in games for many years and we included quite a few Easter Eggs. But they were not hidden from the studio. They were approved by management, tested by QA, and documented internally. We tried to keep them quiet to see how long it took for them to be found.

The article is right -- large corporations that are risk averse tend to crack down hard on undocumented Easter Eggs. I think that is correct for a business, to crack down hard on undocumented, unapproved, untested features.

The key detail is who knows about it, and how appropriate it is for the product.

Critically: Did it get approved and tested, and is it okay for the user? An Easter Egg that has been approved by designers and product managers, tested by QA, and is a happy surprise to the user is a good thing. If it was not approved, but the programmer intentionally threw in the feature without testing and without documentation, yes, the business should crack down.

The trickier ones are the ones that are approved and tested, but not quite what the customer expects. Microsoft's bouncing text screensaver used to have an Easter Egg that typing "volcano" for the text caused a cycle of volcano names. Fun, for sure, but if your screen savers were used for the machine name, and the machine name happened to be "volcano", then it is an unexpected negative behavior.

Someone working on Excel, a product used inside government agencies and nearly every major business, including secret unapproved features? Yeah, that's absolutely a fire-able offense.

Someone working in a smaller company, with management approval, adding in a small feature to change the color scheme to red and green on Christmas day? Potentially a fun little Easter egg... unless the user is making a major presentation on that day to group that doesn't respect the Christmas holiday, then better make sure there is a way to turn it off.

In strangely relevant news this week: Nevada brothel seeking paid testers; men, women, and couples for quality assurance. Fucking professionals, indeed!

When I interview after seasonal layoffs, one of the questions I ask of my potential employers is: "What is your company culture? What do you do around here?"

Some companies the people look confused for a moment, then say things like "we have standup meetings every morning, that is part of our culture. If you are asking about parties and such, we have a summer party and a christmas party. Is that what you mean?"

Other companies the workers get excited and start talking. "We have a monthly birthday bash with cake and icecream in the lunch room, in the summer months those are barbeque parties out on the grounds. Two or three times a year we go to the movies on a pre-release. Most of the cubicles have nerf guns and the secretary buys bulk packs of nerf darts when too many vanish behind cubicle walls. We have email distribution groups for people who visit the gym for lunch hour, people who play games and Magic the Gathering over lunch, a group for soccer players that usually play on Tuesdays, a group who play Ultimate on Wednesdays, a group who play golf every other Thursday, ...."

I am much more interested in working at the latter.

The frustrating thing is that the EFF knows, or should know, that this was already decided in a previous case. They submitted applications that included both automobile parts and video games. I've contacted their legal team as a reminder, but here it is for the masses:

This was all dealt with in the Lexmark v Static Control Components case. Lexmark accused them of several things, but the most notable were the DMCA 1201 and the Lanham Act. The 6th circuit wrote an opinion on the matter, and the SCTOUTS ultimately held with the opinion 9-0. In the earlier opinion:

Generally speaking, “lock-out” codes fall on the functional-idea rather than the original-expression side of the copyright line. Manufacturers of interoperable devices such as computers and software, game consoles and video games, printers and toner cartridges, or automobiles and replacement parts may employ a security system to bar the use of unauthorized components. To “unlock” and permit operation of the primary device (i.e., the computer, the game console, the printer, the car), the component must contain either a certain code sequence or be able to respond appropriately to an authentication process. To the extent compatibility requires that a particular code sequence be included in the component device to permit its use, the merger and scènes à faire doctrines generally preclude the code sequence from obtaining copyright protection ...

If we were to adopt Lexmark’s reading of the statute, manufacturers could potentially create monopolies for replacement parts simply by using similar, but more creative, lock-out codes. Automobile manufacturers, for example, could control the entire market of replacement parts for their vehicles by including lock-out chips. Congress did not intend to allow the DMCA to be used offensively in this manner, but rather only sought to reach those who circumvented protective measures “for the purpose” of pirating works protected by the copyright statute. Unless a plaintiff can show that a defendant circumvented protective measures for such a purpose, its claim should not be allowed to go forward.

Both the 6th Circuit and SCOTUS were clear in the matter that the DMCA provision referred to copyright protections on creative content like books and movies, and not codes for operations of devices, explicitly mentioning automobile and replacement parts as exempt.

Actually it does work. Just not so well for web sites and servers.

For all their other issues, a CA network works reasonably well for hardware-level communications trust. I can look at the algorithm type selected and trust that math ensures that eavesdropping is hard. I can also have some degree of confidence that the site really is who they say they are... but I also know there is a high risk they may have been hacked or compromised by anyone from government agencies to skript kiddies. There is no need for a fake cert when it is easy for them to infiltrate their networks through legal or illegal means. A CA doesn't mean I can trust the server or their services, only that the connection is slightly more safe from eavesdropping.

A web of trust solves a different problem. It is focused mostly on authentication and social trust, not eavesdropping. I can give corporate secrets to my co-workers because people I already trust connected us, but I don't trust strangers on the street who claim to be co-workers because I cannot authenticate them as being part of the company.

When it comes to authenticating people under a WOT model, I have high trust in those I have personally verified, and progressively lower trust in those I have not personally verified. Those in HR or IT can use their own key to sign all their employee keys and I can set a level of trust on those because I have personally met the HR or IT person. It works much like real life social rules, my direct friends I can trust, the friends-of-friends less so, the friends-of-friends-of-friends I will be skeptical of. Key servers can (and do) provide easy access to see who else trusts an individual, letting me quickly build a web of trust, where just like in the physical world I can decide how much trust I give anybody I personally know, and I can decide to trust no one, to trust only those few people I know well, or to trust anybody who comes along.

The parallel with real life social trust is exactly why they work so well for email and similar social uses. That is how people have been doing it for ages.

The reason it doesn't work too well on random web sites is that the web of trust model cannot be automated, or used to verify servers rather than people.

What does it mean to trust a bank's signature? I may be able to verify my bank's digital certificate matches the card I got in their lobby. I probably have a WOT with a few friends and friends-of-friends that get me connected to individual workers at the bank. But that breaks down on a bigger scale when you are trusting servers rather than trusting people. I may know a teller at the bank as a human, but how does that give me any trust of the servers? Sure I probably know people who work at Discover Card's call centers, but just because I know some people why should I fully trust that DiscoverCard's servers have not been compromised? I may know some people working at Google, but does that mean I can trust that their million servers to not give up information to the NSA? No way, because the WOT method focuses on individuals and people rather than hardware.

WOT works well for social connections and personal identities. It doesn't work so well in other contexts. The need for a 'volunteer CA' is not the reason it breaks down. It breaks down because social trust models do not map well to hardware trust models. And for the interwebs that is okay because my trust level to any web site is incredibly low, I can assume they are likely hacked and NSA-backdoored, all I'm looking for is protection from casual eavesdropping.

I still see them far too often. My normal password patterns are different than the ones presented but still several words long. Many places requiring accounts still greet me with "Password must be between 6-8 characters, and must contain at least one uppercase letter, lowercase letter, number, and symbol."

I also too-frequently get "Passwords must not contain a space". It prevents me from entering my password of "correct horse battery staple", which is really annoying.

Yes, that's the UK, where even farmland has a dense population.

Consider locations in the US like Wyoming (253,348 square km) compared to the entire UK (243,610 square km) but with a population of 584,153 compared to the UK's 64.1 million. Or states like Alaska, North and South Dakota, and Montana.

Wyoming is such a good comparison because the land mass is similar to the UK. Remove EVERYONE from the entire UK except the people of Cornwall, allow those in Cornwall to spread far and wide, wherever they want anywhere on the isles, and then hook them up with new infrastructure regardless of location. That's about how sparse one of the least populated states is.

Most Europeans fail to understand just how sparse the US really is. While the US is nowhere near as sparse as Australia or parts of Africa, except for a few cities most of the US is quite sparse. I've talked with quite a few people traveling from Europe who flew into Las Vegas and traveled to the Grand Canyon. It is a four hour drive -- 120 miles -- of desert, cactus, and sagebrush that most European visitors were shocked could even exist. Where are the people? How could there be so much empty space? Who owns the land? Google finds some images for comparison: Here is Alaska (the largest state) overlaid over Europe. Another, the lower 48 states overlaid over Europe. The trip from Lisbon to Copenhagen is just a portion of historic Route 66, and is less than half the distance of the country.

In these US states hooking up a single remote dwelling might mean deploying many miles, thirty miles, fifty miles, or even more, to reach the single dwelling. Nobody, not even the federal government, is going to mandate that kind of deployment for £130.

Linus is doing systems level work. At systems level work, there are a lot of mediocre and bad programmers who use the common language of C++. Those who know c well are unlikely to be the mediocre and bad programmers.

That is really a truism across all fields and languages.

In the business world with business logic, there are a lot of mediocre and bad programmers who use the common language of Java. You can filter out many of them by adding a skill requirement of some other less-used languages inside that realm of business software development.

In a field where everyone is doing Ruby development and you don't want mediocre/bad Ruby programmers? Require them to also demonstrate proficiency in another language.

In a field where everyone is using C#? Require them to also demonstrate proficiency in C++ or some other language.

If you only require a single thing you can get unskilled individuals with only a single skill. If you require multiple skills you are more likely to get more talented individuals, since the talented, higher producers tend to pick up a wide range of skills.