So if I install a gas furnace and start hauling tanks in every month (I'm out in the sticks), someone will pay me twice what I'm paying now for heating? Cool. Sign me up.

OK. Let me know when you want to install that heat pump, and I'll start bitching about the inefficiency of light bulbs. Until then, they are just as efficient as the electric furnace I can't afford to replace.

What's inefficient? My house needs both light and heat. 100% efficiency as far as I'm concerned.

I don't think that's quite right. The shouting is about people advocating a ban on some weapons. I'm a strong 2nd amendment advocate, but I think there are a lot of people who should refrain from having guns. They just don't have the self discipline. On the other hand, 313M people in the US, 270M guns, and only ~8K murders by gun last year. Either we are exceptionally lousy shots, or maybe people have more restraint then I am giving them credit for.

Since her employer is a governmental body, doesn't this violate her rights under the 4th amendment to be secure in her private papers, and the 5th amendment in that she can not be forced to incriminate herself by allowing them access to her account?

We also have: fool, hoax, hoodwink, bamboozle, con, pull a fast one on, put one over on, gull, euchre, hornswoggle, or flim flam
if we want to be more precise.

A variable user interface based on where the request is coming from. When you do that to Google, don't they call that cloaking?

Absolutely right. Our job as software developers is to write software that's invisible, because we are the only people that are interested in software and computers. Everyone else is interested in getting a job done. If our code gets in the way of that, then to some extent we have failed, and excuses or pointing a finger at competing OSes doesn't get the job done. No one said software was easy, and good UI code has to be among the hardest code to write simply because half of the human/computer interface is completely irrational .

So was this a mistake or deliberate on the part of the bank employee? What possible email address could be the right one to send this data to? bob123@hmail.com ? And are we to understand that none of this is automated, when loan information on thousands of accounts is transferred from A to B the addresses are typed in by hand? And this information was being sent, why? What did these accounts have in common? How many of these transfers happen daily? The gmail account address came from somewhere; someone's address book, a mailto on a web page, something like that. Surely they already knew the identity of the account's owner. So, would it better for a bank to appear incompetent to its customers, or for it to be known that one of your employees was trying to commit identity fraud? Which one is more actionable on the part of the bank's customers? Of course you send a second email, to yourself, asking that you don't open the first email. That's just basic deniability in case you ever get discovered.

These youngsters and their cams! I seem to remember this started out as a finger daemon, or maybe that was a different set of bored grad students.

So basically you're at the end of an uncontrolled firehose tethered to a boat? Didn't Buster Keaton or Charlie Chaplin do this?

Bob. At least I know his name, and can actually talk to him, the developer, before making a decision. Megacorp may have lots of resources, but they aren't my resources. They have an interest in getting me out of the shit only if they can profit from it and even then only if they can profit from it more than they can by expending those resources elsewhere. More likely in this situation their resources are going to be directed into their legal department to get them out of the shit. Bob, on the other hand, really wants his software to work well as a point of pride, and will be positively giddy to take the relatively small amount of money, compared to Megacorp's support contract, that we will offer him to fix his code right frickin now. Bob and 10 of his best buddies will be living on caffeine and sugar until they get a patch out the door because this is the brass ring, getting paid to work on code you otherwise would work on for free. Bob, because if he screws me then I and my large organization can crush him and his buddies like bugs. I'm not in a dominant position when doing business with Megacorp, I am with Bob, so from a very Machiavellian standpoint I'm better off doing business with Bob.

Plone is somewhat of a hairball, multiplied by the bits of Zope3 that have been included. If you look up "overengineering" or "java envy" in the dictionary, you will see the Zope3 logo. This is unfortunate because Plone has by far the best UI of any CMS that I've seen. And Zope2, while somewhat wooly, had some very interesting ideas in it. I would really like to like Plone, but even creating a new skin is a major undertaking, requiring the special buildout tools, and learning their special dictionary of CSS tags. It's very "One True Way". I'm not building a cathedral, just a website. I think a better tool in most cases is Django. The chief advantage is that it is less tightly coupled, making it easier to integrate other python products and just generally making it more approachable. YMMV.

Right. Most people just call this camouflage, and it's been an effective strategy for millions of years. In fact, it's been so effective that I have to question whether this aphorism is true at all, or if it's just being misapplied here. Certainly denying you have security holes in your code is a bad idea, particularly if the bad guys already know about them. But making a machine on a net appear to be something other than it is, that sounds pretty effective to me, if it's done right.

Jimmy Carter. Maybe not all that effective, but honest and decent.