The key distribution and storage is often, but not always, the weakest point of attack. The exception is if you have plaintext or some pattern to look for (like an http or email header). This is why secure communications frequently are free of keywords and just contain a bunch of fields.

Snowden is a clueless kid.

Why do you say the NSA "is evil"? They have no operative arm, or actually *do* anything. If they come across criminal activity they can tip off the FBI, but what they have isn't admissible evidence, so the FBI gets to do its own investigative work. Their job is to uncover and watch for activities by people who wish to harm the United States or its people - exactly what we who pay their bills want them to do, as well as to act as an expert advisor to the federal government. Do you think governments shouldn't look after the safety of their nations? Do you think any responsible government doesn't? Maybe after airplanes are flown into skyscapers, or there's a mushroom cloud over Miami, or hoover dam blows up, we go "oops, maybe we should have paid a little more attention to people who wish to harm us?" Problem is, it's a little late then.

You have to realize that security classifications depend on the time something needs to remain secure. For battlefield comms this might be 6-8 hours, for HQ comms 5-10 days. The classification then is used to select a cipher based on a professional estimate of how long it takes someone with the resources of a major government to break it. Information that needs remain protected indefinitely goes under lock and key, in a cabinet, safe, vault, with or without a guard stationed. Maybe inside a protected facility. Access is registered (so compromises can be tracked down) and based on whitelists. Keys are numbered and tracked. Physical protection is the only way something can be protected indefinitely. So saying something like AES is safe because "the NSA uses AES for its own encryption systems" is meaningless without knowing which security classification it's for - i.e., how long they estimate the cipher can withstand a sophisticated attack by someone with the resources of a major government.

You never want a compiler to vectorize code. You want interfaces to vectoring hardware that you use to vectorize operations on your data. Just like you don't want compilers to provide multidimensional arrays - memory isn't multidimensional, so there's no natural layout. Instead you implement the arrays you need - even if they look the same the complexity contract and implementation is completely different for statically dimensioned (e.g. template params in C++) vs dynamically dimensioned (can be resized); sparsely populated either an entire row in a dimension, by specific dimension, or by any dimension (for instance only have data in rows 0, 5, 10383484387373, colums -4948484, 0, 338383 - implying sparsely populating only the intersecting cells); where indexes are arbitrary types (say complex), etc. NONE of this has a natural representation. Just like vectored operations in a NUMA architecture require careful data management for maximum throughput - so if you want to apply this to a sparse data set for instance you need to think through how this is to be done rather than just think a compiler can spit it out for you (other than in the most trivial demos that lack real-world requirements).

The people who are smart and knowledgeable enough also aren't concerning themselves with the NSA. They already know someone with the resources of a major government can brute force or less any cipher. This is why security classifications are based on the time duration for which a secret can be assumed to stay that way. For most battlefield comms it's a few hours.

So what if the NSA can use a billion-dollar grid to crack a handful of key pairs or TLS session keys per day? We expect them to be able to. It's their job to be able to, so we can find out what our enemies are up to. And they're no different from any other intelligence agency on the planet in this regard, except they work for a country at war (the Taliban still hasn't laid down arms or shown a willingness to discuss cease-fire terms) so have the resources and plenty of enemy communications to break.

All ciphers can be used as random number generators. The seed is the key, and to get a random number you encrypt zeros. Works with any cipher. If you need to generate a PK pair to exchange a symmetric, revolving session key for a stream or block cipher, you can collect entropy (e.g. urand) and use that to vector the cipher, then use the cipher to generate random numbers for the PK generation.

- Doesn't meet the 'reliable' standard as adopted by the nuclear industry

This is already part of their regularly scheduled work. It's easy to sell research and enhancements to an existing product, and there's staff to do it. This is a non-issue.

This is also already the case. If your 20% project gets internal traction it will likely become your 80% job.

I completely disagree with the notion that the 20% back burner stuff isn't important to Google at this point. In a big organization it's hard to sell ideas without accompanying them with a working prototype. So the 20% research and prototyping new product ideas is more important than ever, or Google will cease to evolve. There's no benefit in large corporations stagnating; in fact, they represent a massive focus of resources. The corporate normal shouldn't be a slow fade into the eternity of history - the normal should be constant product evolution and progress.

This is because a business is not allowed to compete with the USPS. You can't compete with a better mail delivery service more than you can compete by printing better money. It by definition has to be something other than mail, which includes charging so much no one will confuse you for the USPS. The USPS is an anachronism in the first world and it's embarrassing that our government still runs our mail service.

That's not the problem USPS is facing. The problem they're facing is that when you turn 65 the people who are 30 are paying your pension that was supposedly part of your compensation for 40 years. In effect they owe YOU money. If they do poorly and don't have money you might find that their liability to you is worthless. In effect, the taxpayers end up paying for it. The right thing to do is that when the liability is accrued money is put aside (i.e. invested, or a lien placed on real estate, or some other asset used to balance the liability) so that when it comes time to collect what they owe you there's something there that's yours. This is the state Congress wants to get the USPS to. It's a recognition that it can't keep writing "IOU" on a piece of paper and tell you it's part of your compensation package.

Actually, every privately owned company by law is required to fully fund their liabilities to be considered solvent. That's why they hate liabilities like unused vacation and go to great lengths to avoid them. This just hit the USPS hard in part because it was a sudden change and in part because Congress overestimated its liabilities. Here's a good rundown: http://www.bloomberg.com/news/2012-08-02/understanding-the-post-office-s-benefits-mess.html

Of course they won't, unless the government subsidizes the delivery. Which is no different from what it does now, except 1) it's free to contract with anyone based on an open bidding process, 2) expenses are accounted for as they're accrued. In other words, it will become clear exactly how much it costs to deliver mail to Podunk. Government can then make a proper cost-benefit calculation and determine if it's worth delivery once a week, twice a week, once or day, or on weekends. There's no point having daily mail delivery to a crossroads with 7 residents. For a small place like that once per week might be perfectly adequate. Unless they wish to make up the difference out of pocket, obviously.

A much greater factor is that the USPS has a key to your mailbox and possible front gate, and will leave mail for you regardless of whether you're home or not.

It's different in that you don't have to sit and wait for it and doing the backup will consist of only the actual copying. That said, updatedb already scans (for locate), so modifying this to spit out a list of actual state changes (atime,ctime,mtime) since the last run, and using this to construct one or more rsync commands might be the easiest approach. Updatedb also notices when things are removed, permitting these to be removed from the clone as well (and perhaps moved into an archive for later time travel, making it useful as an actual backup).