But even here, again, when you look at a typical OS X desktop system, now many people:

1. Have apache enabled AND exposed to the public internet (i.e., not behind a NAT router, firewall, etc)?

2. Even have apache or any other services enabled at all?

...both of which would be required for this exploit. The answer? Vanishingly small to be almost zero.

So, in the context of OS X, it's yet another theoretical exploit; "theoretical" in the sense that it effects essentially zero conventional OS X desktop users. Could there have been a worm or other attack vector which then exploited the bash vulnerability on OS X? Sure, I suppose. But there wasn't, and it's a moot point since a patch is now available within days of the disclosure.

And people running OS X as web servers exposed to the public internet, with the demise of the standalone Mac OS X Server products as of 10.6, is almost a thing of yesteryear itself.

Nothing has changed since that era: all OSes have always been vulnerable to attacks, both via local and remote by various means, and there have been any number of vulnerabilities that have only impacted UN*X systems, Linux and OS X included, and not Windows, over very many years. So yeah, nothing has changed, and OS X (and iOS) is still a very secure OS, by any definition or viewpoint of the definition of "secure", when viewed alongside Windows (and Android).

An oversimplification. The US, UK, and allies variously broke many cipher systems throughout WWII. Still the US benefitted from this.

What if the Germans were using, say, Windows, Android phones, SSL, Gmail, Yahoo, and Skype, instead of Enigma machines?

I presume you wouldn't say it was "wrong" of the United States to crack the German and Japanese codes in WWII...

...so when US adversaries (and lets just caveat this by saying people YOU, personally, agree are legitimate US adversaries) don't use their own "codes", but instead share the same systems, networks, services, devices, cloud providers, operating systems, encryption schemes, and so on, that Americans and much of the rest of the world uses, would you suggest that they should be off limits?

This isn't so much a law enforcement question as a question of how to do SIGINT in the modern digital world, but given the above, and given that intelligence requires secrecy in order to be effective, how would you suggest the United States go after legitimate targets? Or should we not be able to, because that power "might" be able to be abused -- as can any/all government powers, by definition?

This simplistic view that the only purpose of the government in a free and democratic society must be to somehow subjugate, spy on, and violate the rights of its citizens is insane, while actual totalitarian and non-free states, to say nothing of myriad terrorist and other groups, press their advantage. And why wouldn't they? The US and its ever-imperfect system of law is not the great villain in the world.

Take a step back and get some perspective. And this is not a rhetorical question: if someone can tell me their solution for how we should be able to target technologies that are fundamentally shared with innocent Americans and foreigners everywhere while still keeping such sources, methods, capabilities, and techniques secret, I'm all ears. And if you believe the second a technology is shared it should become magically off-limits because power might be abused, you are insane -- or, more to the point, you believe you have some moral high ground which, ironically, would actually result in severe disadvantages for the system of free society you would claim to support.

One of NSA's chief missions is breaking encryption. So (for the US folks among us) it's okay when it's the German or Japanese codes in WWII, but somehow sinister when the reality is that much of the world now shares the same tools, systems, services, networks, encryption standards, etc.?

In a free society governed by the rule of law, it is not the capability, but the law, that is paramount. And for all of the carping and hand-wringing about what NSA is doing because its capabilities continue to be laid bare, where is the worry about what states like China and Russia are doing?

The whole idea is that the chemical weapons are destroyed FIRST...they are being destroyed AT SEA, not "destroyed" by simply dumping them into the ocean.

The fact that the other blog entries hosted at the same site as TFA include:

- Rihanna Displays Illuminati Hand Gesture at Latest Music Award Performance

- SSDI Death Index: Sandy Hook 'Shooter' Adam Lanza Died One Day Before School Massacre?

- 15 Citizens Petition to Secede from the United States

- Will U.S. Troops Fire On American Citizens?

- Illuminati Figurehead Prince William Takes the Stage with Jon Bon Jovi and Taylor Swift

- Has the Earth Shifted â" Or Is It Just Me?

- Mexican Government Releases Proof of E.T.'s and Ancient Space Travel ...should give you a hint as to the veracity of the content. (And yes, I realize it's simply a blog site with a variety of authors and content.)

As should the first comment, from "LibertyTreeBud", saying:

"Why not add it to some new vaccine? Or, perhaps add it to the drinking water and feed it to the live stock? These creatures will do anything for profits. Lowest bidder mentality rules."

What "creatures", exactly? The international organization explicitly charged with the prohibition and destruction of chemical weapons? What alternatives are people suggesting, exactly?

If you want a real article discussing this situation factually, not the tripe linked in the summary, see: http://www.bbc.co.uk/news/world-middle-east-25146980

...he's Canadian.

And stop being so cynical. Sometimes stuff can be cool without being "viral marketing".

It turns out that having a universal unique idenitifier is really handy. There are reasons you WANT to be able to be affirmatively and uniquely identified as "you", but you want that capability under your own control. Even with PKI (a system that could be trusted, anyway), someone has to hold a central database. Guess who that would likely be? And if it shouldn't be "the government", then who?

...just do the same thing we do with cryptographic tools that are considered munitions, which is ensure they aren't exported, and make efforts to provide/limit them to US persons instead of making it freely downloadable for anyone.

It's not the DOD. It's the State Department Office of Defense Trade Controls Compliance, and it's about EXPORT.

Yes, it is about "controlling firearm dissemination"...for EXPORT. That's why the State Department Office of Defense Trade Controls Compliance is involved. If you've already made up your mind that the true motive relates somehow to American citizens in a country with as many privately owned firearms as people, no amount of logic or reason will change your mind.

No, then it would have a classification marker struck from it. This document was never classified, but it was also never released publicly.

The point isn't that DOD thinks the files are going to disappear, and it doesn't matter anyway since the purpose isn't to "disarm Americans" or "keep the files out of the hands of Americans" or some other utter garbage.

There are treaties and various arms control export restrictions (ITAR) at stake, and US-based corporations or entities cannot provide arms in violation of these constructs. If this sort of thing is on the Pirate Bay or elsewhere, DOD trade control doesn't care.

It was a guide for open source research, published by one office from 1997 to 2007, and not updated in the last six years. Remember that before you rail on it.

Yes, and just like eyewitnesses to an accident, it's shown that such "points of view" are often wrong or misinterpreted.

Just one example of many: the statements by people near the Pentagon on 9/11 that it "sounded like a missile". How many of those people have actually ever even *heard* what a commercial jetliner sounds like traveling at nearly cruising speed just hundreds to dozens of feet off the ground "sounds like", much less a missile? This is then used as "proof" that it couldn't have been a plane, and probably was a "missile", despite all evidence to the contrary (including numerous statements from people saying they clearly saw the plane, sometimes in the same sentence as the cherry-picked quotes where they say it "sounded like a missile").

This is why we have professionally trained (usually) journalists and experts, because they do the filtering and analysis for us. I'm sorry, but NO individual is capable, his or her self, of becoming an authority on everything related to every major event that occurs with the end result being better analysis than what has already been done by investigators and task forces of experts. Sure, have a questioning mind and all that, but don't assume everyone in the "media" or the "government" is always lying to you, and random, out-of-context, and/or misinterpreted (or outright wrong) assertions by "citizen journalists" (or anyone else) are gospel.

You're acting as if information was "withheld"...it wasn't. There is no mechanism to release every single piece of evidence collected by every agency to the internet and "crowdsource" it.

What was "crowdsourced" was information that was already on the internet. Furthermore, the FBI did, in fact, release the relevant snippets of video and pictures from the private security cameras and other sources.

Sorry, but "crowdsourcing" is not always the answer, and this was not a success, much less a rousing one.