1. No, punishment per se is not justified. Or at least even if it might theoretically be in some cases, trusting the state with this power is not a good idea.

2. However, society does need to be protected in extreme cases, and this is properly the state's job. Ideally this can be done through preventative measures, ranging from police patrols to education. But yes, some people (hopefully a small number) may have to be physically restrained in order to keep them from harming others. This isn't intended as "retribution" or "punishment" but rather simply as a protective measure for the general public. How long should such people be physically restrained? For the amount of time that is necessary to protect society, based on the best available scientific data on the subject. Therefore generally short sentences (3 years) for most crimes, with a strong focus on rehabilitation and reintegration into society, so you don't create hardened criminals where that wasn't the case before. And sentences of about 10-20 years for very serious crimes (almost exclusively violent crimes), mostly on the basis that elderly people very rarely commit violent crimes, so even for murder, there is little risk to society if you release a 50-year-old from prison, and very little benefit in incarcerating him or her further. And finally indefinite sentences (or possibly involuntary commitment in an institution) for the tiny minority of people who are extremely dangerous or psychotic or otherwise cannot ever be safely released.

This is roughly the system currently implemented in Scandinavia, and to a lesser extent in other parts of Europe.

I'm not sure #1 has changed in terms of proportion of papers, though there are certainly more total papers. If you read through 19th-century scientific journals and conference reports, there is a lot of really mediocre stuff, not only mediocre in retrospect but just kind of filler at any time. Someone saw a thing and wrote it up and well here it is hope this helps. And then writes in again a few months later with an update on how it's going, no results but promising some results later. The proportion of papers that are really impactful, with important results of long-term value, is small.

Didn't the NFSv4 design decision to use Kerberos for authentication mean that some kind of time sync would be needed anyway whether NFS itself mandated it or not, since Kerberos relies on synchronized clocks?

A surprising number of things are starting to rely on these curated lists to handle "most" cases. The valid-key flip-side of this key blocklist is the public-key pinning list, which is also pretty half-assed.

With a different (non-crypto) bit of web technology, there's also the mess of how to determine what the "real" domain of a site controlled by an entity is. E.g. in the UK, a domain like example.co.uk is a third-level domain, but is conventionally treated as domain 'example' with suffix '.co.uk', not as domain 'co' in TLD 'uk', and subdomain 'example'. Whereas in dot-com, a domain like foo.example.com would be treated as domain 'example' in TLD 'com', with subdomain 'foo'. How to tell which is which? Yes, some human maintains a giant list, which browsers all build in.

Yeah, that's common across the region; Saudi Arabia does it too. Seems a bit unnecessarily old-fashioned, since with computerized passport control these days you could keep someone from traveling by just flagging them in the computer, no need to actually confiscate the passport. But maybe keeping the physical passport is a better intimidation tool?

It's an old-school feudal state mixing in a little bit of a hot modern idea, corporate oligarchy. The businessmen and sheikhs (many of whom are related) run the place, and jailing foreign workers if they get inconvenient is one of their main tools to retain control. Usually you don't hear about it because most of the workers aren't from the USA.

Yeah I can see Linux being important, I just didn't think companies put much stock in the certifications themselves, vs. work experience or interviews or other such screening methods. There was a period in the '90s when certs were a big deal, Microsoft's MSCE and Certified Novell Administrator and Cisco's CCNA and whatever, but in the 2000s the certs started being more ignored, at least in my experience, b/c they weren't that reliable a demonstration that the employee was actually any good. Maybe they're back, or the RHEL ones are taken more seriously?

the almost-death of Blackberry may help Microsoft somewhat here. Microsoft's strongest market is basically "business", mostly traditional business that isn't "hip" enough to be using Apple products. People who want nice Exchange integration, connections with Office 365, etc. Previously that market was totally sewn up by Blackberry, but as they're collapsing Microsoft might grab some of that market.

Well, the majority of web-facing servers anyway. According to Netcraft, about 30% of servers run Windows/IIS, and just about all the rest run either Apache/Linux or nginx/Linux (plus a few running *BSD, of course).

I can see companies caring about Linux expertise; after all, the vast majority of servers run Linux, so if you're hiring for someone doing devops you probably want them to know their way around Linux. But 44% prefer people with "Linux certification"? I know some companies care about stuff like RHEL certifications, but I didn't think it was that many.

When was that part of SV culture? Even if you go back to the old-school SV firms, they were pretty negative on telecommuting, and ran regular offices. What era and kind of company do you have in mind? If you go back to the '60s-'90s even, Silicon Valley companies like Intel, Sun, Apple, SGI, Oracle, etc. required regular office time. You could certainly shift your schedule at many of them (e.g. come in at 10am, not 8am, as long as you stay late too), but you couldn't work from home, or get away with less than 40+ hours in the office (often 50+).

From a monetary, stock-price perspective, at the moment the main value in Yahoo is that they own a significant stake in Alibaba, a huge Chinese conglomerate. Their stake in Alibaba at current prices is worth about $34 billion, and Yahoo's current market cap is ~$40 billion. Even assuming a discount on their Alibaba stake due to some overhead that would be involved in unwinding it, it still represents more than half of Yahoo's stock value.

Why do I have to pay more for a book, when I order it from Amazon.com, than Amazon pays for that book?

Do you understand the difference between "retail" and "wholesale" prices?

That is actually what "metadata" means in the current privacy debate. The NSA was claiming their snooping wasn't such a big deal because they were only collecting "metadata", which meant basically logs of senders/recipients (or phone callers/callees) along with things like message size (call duration), etc. I think it's reasonable to point out that GPG does nothing to stop this kind of dragnet collection, though it's also true that it's not "useless" as a result.