Try asking the US Post Office to print stamps with the flag of jihad and see what happens.

No, you don't understand FATCA at all. Go and read how the law works and then come back. Actually don't bother - I already explained to you how the recursive "pass thru provisions" work and you ignored me, instead insisting that the law works differently to how it actually does.

Additionally, the idea that borders stopped changing after 1948 (do you mean 1945?) is ridiculous. What do you think happened after the fall of the Soviet Union? What do you think happened in Iraq when America invaded it?

Can the Earth be considered to be in the same league as Jupiter/Saturn

They are not considered to be in the same league. The classes are: Gas giants, terrestrial planets, dwarf planets.

By every definition of Imperialism I've ever seen the Russians are doing a lot more of it then the US. Putin is trying to increase his sphere of influence with the Eurasian Union. eat bits of neighbors who rock his boat, refusing to give up control of a region that included a major military base, etc.

Hardly. If you buy the western line that the rebels in east Ukraine are all reporting directly to Putin then yes, but nobody with any knowledge does buy that line, it's clearly nonsense. Putin told them not to have a referendum, they ignored him. The rebels asked Russia to annex east Ukraine, Putin ignored them. He certainly did not order anyone to shoot down a civilian air liner.

Meanwhile, in the last few years the USA has formally established the global American empire for the first time. Yes, before 2010 it was largely a matter of pressure and the belief by world leaders that America would engage in economic warfare against anyone, including so called "allies", who defied it. But then America passed a law called FATCA that turns every bank or financial institution in the world into an arm of the IRS recursively. Not just institutions that trade with America, but all of them, every last one, with institutions exposed to the US economy punished unless they in turn enforce Washington's will upon their trading partners and so on. America has also started passing recursive trade sanctions, sanctions that say "you're either with us or against us and if you're against us, you get sanctioned in exactly the same way". They did this for Iran, for example.

Now tell me. What is a country that can tax anyone it likes, anywhere in the world, and punish anyone it likes, anywhere in the world, and force anyone to take part in their economic wars, anywhere in the world, regardless of what those people actually want? The ability to tax and the ability to draft into an army is the defining characteristic of an empire. Russia can't do shit to me here in western Europe but America can and will ruin me if I get on the wrong side of them. That makes me an unwilling citizen of the American empire.

They're not making technology for the sake of making better technology, they're doing it purely to monetize it and make money -- for example, Oracle's insistence on keeping that stupid ask.com toolbar in the Java installer.

Yes, that really sucks, but it's probably the only direct way Java makes money. Otherwise it's basically a charity, right?

Fortunately the last installer at least will not try and reinstall this crap on upgrades. So you get asked once. More importantly if you're wanting to distribute desktop apps, you don't have to request that the user installs Java anymore, it can be bundled. And the crapware was only ever a Windows thing. Mac and Linux users don't suffer from it.

My gut sense is that the Java team at Oracle know this is horrible and are doing their best to chip away at it, but can't go to management and ask them to give up the only direct revenue stream the entire project has.

I think the problem is Oracle isn't innovating, isn't advancing the technology, some aspects of it are essentially dead, the Java Community Process is largely ignored ...

Eh, this wasn't my experience so far.

There are many things that suck about Oracle, but so far what I've seen is that they've increased investment in Java, they're resolving a lot of basic, every day problems people face when writing regular apps and overall Java is getting a lot better. There sure was a time when Java stagnated .... when Sun owned it. Now? Well, Java 8 resolves a lot of the more irritating problems with the language (lambdas make a huge difference, even though they're just syntax sugar), but more importantly the Java team have accepted that the real language innovation will happen with other languages that target the JVM and they've got serious about making the JVM a multi-language runtime. For example, in Java 7 they did a lot of work to support dynamic languages and in Java 8 they built on that work to make a fast Javascript implementation on the JVM. It's not as fast as V8 at the moment but it's certainly a respectable showing. Meanwhile Scala, Clojure, Kotlin etc are busy creating the next-gen languages that the Java team is too conservative to tackle.

With respect to community involvement, I don't personally give a shit about some "community process". What I care about is: can I check the sources out of version control, email the developers with a question and get a response the same day? Can I file bugs and have them be fixed? My experience with the JavaFX component of the OpenJDK is yes yes and yes. In fact I've kind of been blown away by how responsive the JFX team are. Right now I'd say they've got a great UI toolkit (easily as good as Cocoa), but it only got good in the last couple of years, so they're relatively unknown and as a result you get fantastic service - for free!

Most importantly the JavaFX team aren't trying to create some uber-platform that replaces the operating system. They've built a tool that bundles the JVM and creates native installers/DMGs/packages for each platform. Finally you can use Java as if it were just a big library. No applets, no Web Start, no fucking about - just make an app that looks normal to your users, but shares 99.9% of the code across platforms. Which is what it always promised.

If Yahoo ends up holding the private keys, then it's completely untrustworthy and useless.

Let's hypothesize that Yahoo does this the worst way possible, so we can play to everyone's fears. Let's say the users aren't even going to have the key on their machines ever, and instead, Yahoo explicitly announces they have your private key, and their server will do all the decryption and signing for you (your machine won't even be doing it in Javascript), and they're under US jurisdiction and therefore subject to CALEA and NSLs, and furthermore just to make things worse, let's just say that they even publically admit that they would happily provide keys to any government who asks, without even a warrant or sternly-worded letter. But when you ask 'em if they really mean every government, "even Russia?" they reply with "no comment" so you're not sure they're really publically admitting everyone to whom they'll give the key.

There. Did I cover all the bases? Did I leave anyone's pet fear out?

Sorry, let's add a few more things. Let's say Yahoo's CEO is a Scientologist, all their network admins are required to be either Holocoaust Deniers or Creationists, and every employee is required to have at least 25% of their investments in MPAA companies. The receptionists all have iPhones, the corporate mission is the next president of the USA must have either Clinton or Bush as their last name, and henceforth all their web ads will be for either Amway or Herbalife. All the interns are spies for Google and Microsoft and Chinese industries, except for a few which are spies for Mossad, FSB, or Al-Qaeda. The head janitor is being blackmailed by two unknown parties for his participation in a kiddie porn network, and the top sysadmin hasn't heard about Heartbleed yet, the top programmer (who bears the title "Grand Wizard" on his business card) doesn't believe in comments, their implementation of OpenPGP uses a 1938 Luftwaffe cipher as its entropy source for generating session keys, and the company weather station's thermometer was installed on a south-facing patio that gets direct sun all day long.

You may possibly harbor doubts about trusting this company. Yet in that situation, switching to Yahoo email would be more secure than what most people have right now, with plaintext email. So how's that "useless?"

Now all I have to do is get my father, my mother, my sister, my half-sister, my grandmother, my wife, and my assorted friends to learn what PGP is and how to read the emails I send them.

You jest, but don't you see how popular webmail providers adding insecure PGP implementations to their platforms would be a pretty good first step to doing exactly what you say?

What a silly feature. Just put "Cc: BackupDood" at the top of your email, and you get the same thing.

Where did it say in there that users would hand over private keys to a third party?

It's implied by the fact that it's webmail. Does your browser have an OpenPGP library? Does it check all the Javascript that it downloads and executes, against some repository's whitelist? You have to assume the key isn't handled safely, unless you can answer Yes to these questions. And a lot of webmail users expect the server to be able to search and that's obviously impossible unless the server can read, so it's not like the unsafeness stems just from potential trickery.

That said, the more interesting question is what social effect this might have. Even "bad" use of OpenPGP could start conditioning more people to being familiar with, tolerating, expecting PGP. Get into a better frame of mind, and better habits can come later. And with good habits, some security could eventually emerge. The security wouldn't be there for Yahoo webmail users, and yet some users might end up having Yahoo webmail to thank for it.

And let's face it, the barriers to secure communication are almost entirely social; we choose to have insecure communications. Anyone who is working on that problem is working on The Problem.

There is no way for anybody outside of Google to know whether the original claim is correct or not.

That's not quite true actually. VirusBulletin is a third party spam filtering company that made a blog post stating that based on their own measurements, Gmail was indeed dramatically better at stopping hijackings than other providers.

I wonder which ones are already subverted.

None of the leaked documents from Snowden appear to mention compromised CA's, or at least no kind of compromise at scale. This is most likely because (1) CA's are not the weakest link, the browser security is and (2) they need to find their targets traffic streams before they can do the MITM attack, which would mean doing MITM on all SSL connections which would be detected almost immediately. A compromised CA would be useful only if they were unable to exploit the targets computer, and they needed to view SSLd traffic anyway, which does not appear to be a common situation for them circa 2013.

Google has only one way to know if a CA is trustworthy: running its own.

No. They can develop a system that involves every certificate produced by every CA being published in public audit logs, and then make Chrome verify that any given cert is in those public audit logs, thus allowing savvy site operators to find fake certs issued in their name (also useful for old fashioned phishing). And in fact that's exactly what they are doing.

SSL DNS certs are not expensive. You can get them for free (as pointed out) or for perhaps $20 per year. Your hosting costs are almost certainly higher than that.

Yes, for news and such it doesn't make that much sense. Still, HTTPS would at least prevent your ISP from monitoring your browsing activity.

It's actually a lot more than that. HTTPS isn't just about protecting passwords anymore, not post Snowden.

Let us recall one of the more interesting things we learned about SSL via the NSA leaks: the Five Eyes countries apparently have not broken SSL yet despite that the internet is still not capable of stopping them. The reason is a system they've built called QUANTUM.

QUANTUM is a series of systems that work together. Imagine it like being a giant set of guard towers on the internet backbone. QUANTUM is called that because it's based on deep packet inspection and insertion. The first part is a massive set of DPI devices that trawl unencrypted internet traffic passing through intercept points. These DPI devices can be configured by NSA/GCHQ analysts to look for selectors - personal identifiers like email addresses, IP addresses, cookies and so on. QUANTUM does not run on every internet link and cannot see through encrypted traffic, but that doesn't matter: it's like a searchlight crawling the grounds of a prison at night. It doesn't matter that it can't light up everywhere simultaneously - once tasked it will keep searching until it finds you. Given enough time and good selectors, it will always find you, simply because the average internet user makes many different unencrypted connections to many different websites.

Once QUANTUM locates an un-SSLd traffic stream that matches your selectors, the next step begins, this is called QUANTUM INSERT. You see these DPI devices are not only capable of reading traffic but also injecting packets directly onto the backbone as well. This allows them to race legitimate answers from the real servers, and redirect the victim to an entirely different server (this is probably based on racing DNS lookups although I think the leaked docs were fuzzy on this aspect). These races are called "shots" and interestingly, they don't always succeed - sometimes the NSA is slower than the real server. But QUANTUM keeps trying and eventually you end up connected to this new FOXACID server, which then proceeds to act as an HTTP proxy for the real request and injects an exploit kit. That then pwns your system such that the NSA can now see all your encrypted traffic, along with turning on your microphone and so on.

An observant reader will notice something very important about the above description. The longer you can stay in the SSLd web, the longer it will take for QUANTUM to hack you. That means you directly benefit from a website being SSLd even if all it contains is cat pictures and you don't even log in. Once QUANTUM has figured out your IP address, any non-SSLd HTTP connection is a useful foothold.

There are over 30,000 deaths in the US alone in automobile accidents; even supposing automated vehicles cut that number by 90%, 3,000 multi-million dollar settlements every year would destroy the automobile industry in the US.

3,000 multi-million dollar settlements sounds like a lot of money, but the 30,000 multi-million dollar settlements that we're already paying insurance premiums to pay for, is even more. Yet the system is apparently economically viabile even in 2014 when the costs are ten times higher. A scenario where where the accident rate is a tenth, is a scenario where insurance costs a tenth, so the total cost of a vehicle is somewhat less. This would be good for the auto industry, not bad.

If you tell someone they have a choice of two cars, one where they pay $70/month to State Farm (called "careless human's liability insurance"), and another where they pay $7/month to Ford (called "careful AI's liability insurance fee", because you're not buying insurance from Ford's AI, but rather, funding its insurance), that second one is more likely to result in a car purchase.