A surprising number of things are starting to rely on these curated lists to handle "most" cases. The valid-key flip-side of this key blocklist is the public-key pinning list, which is also pretty half-assed.

With a different (non-crypto) bit of web technology, there's also the mess of how to determine what the "real" domain of a site controlled by an entity is. E.g. in the UK, a domain like example.co.uk is a third-level domain, but is conventionally treated as domain 'example' with suffix '.co.uk', not as domain 'co' in TLD 'uk', and subdomain 'example'. Whereas in dot-com, a domain like foo.example.com would be treated as domain 'example' in TLD 'com', with subdomain 'foo'. How to tell which is which? Yes, some human maintains a giant list, which browsers all build in.

Yeah, that's common across the region; Saudi Arabia does it too. Seems a bit unnecessarily old-fashioned, since with computerized passport control these days you could keep someone from traveling by just flagging them in the computer, no need to actually confiscate the passport. But maybe keeping the physical passport is a better intimidation tool?

It's an old-school feudal state mixing in a little bit of a hot modern idea, corporate oligarchy. The businessmen and sheikhs (many of whom are related) run the place, and jailing foreign workers if they get inconvenient is one of their main tools to retain control. Usually you don't hear about it because most of the workers aren't from the USA.

Yeah I can see Linux being important, I just didn't think companies put much stock in the certifications themselves, vs. work experience or interviews or other such screening methods. There was a period in the '90s when certs were a big deal, Microsoft's MSCE and Certified Novell Administrator and Cisco's CCNA and whatever, but in the 2000s the certs started being more ignored, at least in my experience, b/c they weren't that reliable a demonstration that the employee was actually any good. Maybe they're back, or the RHEL ones are taken more seriously?

the almost-death of Blackberry may help Microsoft somewhat here. Microsoft's strongest market is basically "business", mostly traditional business that isn't "hip" enough to be using Apple products. People who want nice Exchange integration, connections with Office 365, etc. Previously that market was totally sewn up by Blackberry, but as they're collapsing Microsoft might grab some of that market.

Well, the majority of web-facing servers anyway. According to Netcraft, about 30% of servers run Windows/IIS, and just about all the rest run either Apache/Linux or nginx/Linux (plus a few running *BSD, of course).

I can see companies caring about Linux expertise; after all, the vast majority of servers run Linux, so if you're hiring for someone doing devops you probably want them to know their way around Linux. But 44% prefer people with "Linux certification"? I know some companies care about stuff like RHEL certifications, but I didn't think it was that many.

When was that part of SV culture? Even if you go back to the old-school SV firms, they were pretty negative on telecommuting, and ran regular offices. What era and kind of company do you have in mind? If you go back to the '60s-'90s even, Silicon Valley companies like Intel, Sun, Apple, SGI, Oracle, etc. required regular office time. You could certainly shift your schedule at many of them (e.g. come in at 10am, not 8am, as long as you stay late too), but you couldn't work from home, or get away with less than 40+ hours in the office (often 50+).

From a monetary, stock-price perspective, at the moment the main value in Yahoo is that they own a significant stake in Alibaba, a huge Chinese conglomerate. Their stake in Alibaba at current prices is worth about $34 billion, and Yahoo's current market cap is ~$40 billion. Even assuming a discount on their Alibaba stake due to some overhead that would be involved in unwinding it, it still represents more than half of Yahoo's stock value.

Why do I have to pay more for a book, when I order it from Amazon.com, than Amazon pays for that book?

Do you understand the difference between "retail" and "wholesale" prices?

That is actually what "metadata" means in the current privacy debate. The NSA was claiming their snooping wasn't such a big deal because they were only collecting "metadata", which meant basically logs of senders/recipients (or phone callers/callees) along with things like message size (call duration), etc. I think it's reasonable to point out that GPG does nothing to stop this kind of dragnet collection, though it's also true that it's not "useless" as a result.

Letting the market set the prices is precisely what solar advocates don't want. They want to be guaranteed a 1:1 credit for their feed-in, rather than being paid wholesale spot prices for what they feed into the grid.

I could see that in a proportional-representation system. If 10% of the population is really into homeopathy, they could vote for a party that represents those interests. But the UK has a first-past-the-post system, like the US, meaning members are elected by getting the most votes in a specific district. Is Tredinnick's district really majority in favor of astrology being funded by the NHS? My guess is no, and that he's elected despite this issue, not because of it. Incumbents are very hard to knock off, especially outside of marginal districts (his district is a Conservative stronghold, and the UK has no party primaries), so he keeps winning regardless of whether his district's residents think astrology is useful or not.

Unfortunately it's real. Tredinnick has been infamous for these sorts of comments for years now.