Yes, the article is sensationalist. While EMP could be a real problem, a bigger problem is that any attack that could generate a big enough EMP to knock out the electronics over half a continent would likely cause much worse problems, like World War III and Nuclear Winter. Even if it only costs a little bit, is it worth the effort to guard against EMP? Computer security is another area that you have to constantly ask if it's worth the trouble, and will proposed measures actually help? Yes, we've had many embarrassing security breaches, but that could be better if the alternative is to spend so much on security that it's cheaper to suffer the occasional breach. However I think the consensus is that we would spend less if we invested a little more in security.

Also, we have a lot of other, worse problems we're not doing much about either. Climate Disruption. Asteroid impact. And as for healthcare, how about the AIDS denial in South Africa?

We have also noted for some time that we have a lot of infrastructure that's vulnerable to terrorism. Terrorists could blow up a few critical bridges (or maybe just close a couple of lanes), poison water supplies (maybe by peeing in them), bomb stadiums when a big game is on, torch oil refineries and terminals, and no doubt many other things. Why hasn't this happened? Is it that they're trying but our security services are unsung heroes who have already foiled dozens of plots we never heard about? Or more like that the threat isn't that big, as the effort it takes to pull off something like that is more than is appreciated?

Small employers have ripped me off a few times now. Whenever they want to pay you as a contractor (handled by the 1099 form in the US) instead of as an employee (the W2 form in the US), watch out. Mind, though, the W2 isn't proof against employer cheating either, it's only a little more protection than the 1099.

Startups will share the risks without properly informing their workers and getting consent to do so, and at the same time arrange not to share the rewards, should they be successful. The first official word you may get that the company is failing is that they can't make payroll, and this of course occurs when they owe you a month of pay. They knew money was running out and that if sales didn't pick up or more like start, they would be unable to pay everyone, but they refuse to talk or think about that because that's defeatism. Just before the end, they will likely crank up the stress levels, try to drive everyone to work extra extra hard. They're deluding themselves that mere hard work can get through the crisis, when the problem is that their idea was actually not much good. When it doesn't work, the crying and wailing comes out of the closet. How can you whine about the month of pay they owe you, when their precious business failed? Can't you see they're hurting more than you? Oh, and they'll beg you to keep working for free. Surely the business will succeed with just a little more time and effort.

Only way I've found to avoid getting screwed by a failing startup is to read between the lines. If it's not going well, get out before the money runs out. If they're lying to themselves, they sure aren't giving it to the workers straight. The government can't help you. Yeah, you can sue the employer, and win, but if the business really is broke you will get nothing. Compared to collecting, suing and winning is easy.

Life isn't fair that way. Hard work often isn't rewarded. The Protestant Work Ethic sometimes is a cruel delusion. All those conservatives who think "get a job" is the magic that separates a good citizen from a lazy mooching bum ought to experience failure after failure.

I wonder if zeroing out memory can go even deeper than the OS. Like, why not have RAM that can zero itself on command? Just turn off the DRAM refresh for a fraction of a second, and viola!

Memory moves have been made much faster by bypassing the CPU, for instance with hard drives with the DMA mode rather than PIO mode. So they are using a DMA from a /dev/zero device or more like a 4k page of zeroes to a range of memory? What you're describing sounds like an excellently lazy method. Zero newly allocated the memory when it is the object of a pagefault, not eagerly when allocated. Though nowhere near as bad as a PIO (or just PO?) method of pushing zeros out of the CPU and into memory, I'm guessing that is still a small performance hit. Is it?

Oh yes, Tax Act tries to use that to prod you to upgrade from the free version. In the free version, you can't print to a file, you can only print to a printer. This is easily gotten around with a utility like PDFCreator.

PDFCreator can't help with tax websites that won't let you efile unless you pay, but it can get you around ones that try to hold your data hostage and not allow you to save to disk, only to paper.

From the start, the design of C emphasized speed and efficiency over all else. "Trust the programmer" was one of the mottoes. If the programmers are doing something weird, assume they know what they're doing, and maybe print a warning, but allow it. C was, by design, weakly typed, and minimalist, especially when it comes to checking for errors because such checks take time.

Often, we've seen efforts to improve C's safety that were eventually sidelined because they were a performance hit. The iostream library is safer, but much slower than stdio. Which one do people prefer? stdio! C libraries are full of routines that do not do bounds checking, for the sake of performance and simplicity. gets() is an infamous one. The language itself is so easy to to use insecurely. Pointers can be set to point absolutely anywhere, and those places both read and written at will. If the OS, with help from modern CPU memory management facilities, didn't set boundaries and kill programs whenever they stepped over the bounds, there'd be nothing to stop them.

Another idea was adding instructions to dynamic memory allocation to do memory wipes. Before freeing the memory, the computer was instructed to zero it out. This resulted in as much as a 10% performance hit, and was quickly abandoned. Wiping memory has been proposed at the OS level as well. But there are always apps that don't need that because they aren't doing anything sensitive.

That brings up a big problem with the article. Where should responsibility for security lie? With the OS? I think trying improve a language's security is the wrong approach. That's what they sort of tried to do with Java. It's like trying to prevent bank robberies by securing the steering wheels of all potential getaway vehicles. Yes, make languages easier to use and less prone to bugs, but don't specifically target security.

Try Tax Act. The free version will nag you to upgrade, but you don't have to, and they no longer put income limits on the efiling.

Limits were always one of the many stupid things the IRS did. The IRS wants everyone to efile, not send in paper, becuase it saves them money. Then they try to charge extra for efiling, which drove people to file paper. Also heard that the chances of being audited are lower for paper filings, another reason not to efile. I didn't know about being forced to go with paper to deal with identity theft, but it figures. We've never had that problem, and we've always gone with whichever way was cheaper. We were not going to pay an additional $15 or whatever the charge was, to efile.

Yeah, I've experienced that. They owed my parents a refund, and didn't pay the full amount. No explanation was given, not even so much as a note saying that they were keeping back some money. We checked and rechecked the figures, could find nothing wrong, and thought it must be a mistake on their end.

Took several calls to figure things out. It wasn't a mistake in their math. The previous year, my parents changed banks, and had problems updating the information with EFTPS, the US govt's electronic tax payment system. They tried to take money from the wrong bank, and penalized my parents for that. The penalty wasn't $30, like a bank might charge, no, it was 2% of the amount they tried to withdraw. Makes the banks look friendly and reasonable by comparison. They waited nearly a whole year between imposing and collecting the penalty. Make it more difficult to learn what the issue was.

It's hard to guess what to fear the most, with all the conflicting information and the certainty that organizations have concealed and buried information, and blocked studies. Cigarettes have been known to help smokers keep their weight down, and some become obese after quitting. We know nicotine is addictive, and we know the entire tobacco industry lied to congress about it. We know they embraced propaganda and lies as a mere tool for furthering their business, and they show no concern about their reputation, acting as if they really believe they are behaving ethically. The worst part is that the public has grudgingly allowed this behavior out of a sense of indifference and powerlessness.

Other industries have sat up and taken notice. They have embraced ther own programs of willful ignorance and disinformation. Big Oil and Coal sought to discredit facts about Global Warming. Wall Street has done its utmost to stop markets from being policed, and is still doing it even after the disastrous downturns known as the Dot Com Crash and the Great Recession. The Telecoms Industry is still pining for the glory days of Ma Bell, trying to take control of the Internet in the same way that Ma Bell used to control the telephone network, hoping to wreck network neutrality rules. Big Media, Big Pharma, and the likes of Monsanto and Microsoft are in bed together over intellectual property laws, spreading as much confusion as possible over the issue, with perhaps "copying = stealing" being the most notorious lie.

History is not much comfort. Big Tobacco didn't invent anything new with their "doubt is our product" disinformation and propaganda campaign, they merely improved and adapted to new communcation channels. In the past we've had notorious incidents such as the Radium Girls. People used not to even know what radioactivity was, then didn't understand for years how toxic and dangerous radiation is. We know much better know, but we still dabble in nuclear power in neglectful and unsafe ways. It's not that nuclear power can't be used safely, it's that it won't be. Can people be trusted to run a nuclear power plant responsibly? Not to cut corners, build inadequately, skimp on safety, defer maintenance, delay inspections? In the wake of Fukushima, it seems the answer may be "no". Asbestos was another recklessly used substance. Then there are the pesticides and herbicides DDT and Agent Orange and the chemical known as dioxin and their damaging effects, as told in Silent Spring.

Those are only the biggest, most well-known lies. Bisphenol A has finally been subjected to the glaring light of negative publicity, but there are many others, phthalates for one. Bisphenol S may not be much safer, being more stable under heat and light, but still too good at mimicking estrogen once loose. How about lead in faucets? We've known that lead is toxic for years, but incredibly, we're still using it to deliver not just any water, but drinking water! They've rationalized the use of lead as safe because it is alloyed with other metals, and claimed not to leach out. The industry has cozened regulators into accepting tests that are far too forgiving and unrealistic. What few honest studies there are about the matter that haven't been squashed and suppressed suggest that they are wrong, and lead does leach out, and in enough quantity to cause health problems. Mercury in dental fillings also leaches out. At least we've stopped the use of leaded gasoline.

Jenny McCarthy is a muckraker, but it is the background of lies and deceit that empowered her.

Microsoft makes an especially good example of the results of ignoring security for convenience. Does AT&T deserve leniency and approval for trying to make life convenient? Not when they could have easily had the same convenience with real security.

Why should the law jump when AT&T whistles? Consider this scenario. Alice leaves the door to her business unlocked, and the lights on, and Steve observes this. Steve sends a fake invitation to Bob for an after hours party at Alice's business. Bob goes, and enters. For some extra fun, Steve also tells Bob where some food is, and that he should help himself to it. Alice throws a fit and calls the police. Now what? Obviously, it's overzealous to arrest Bob for trespassing and looting. The police might do so anyway, for several reasons. Maybe they have to follow a policy that emphasizes getting control of every situation as fast as possible, and so they burst in with guns drawn, scream at Bob and throw him to the floor, and tazer and handcuff him for good measure. Maybe Bob was stupid, should've been suspicious and knocked first, or not gone at all? But that's expecting a lot of Bob. If Alice had simply locked the doors, Bob would've been unable to walk in, and the entire incident would've come to nothing. Alice should shoulder some responsiblity for not making things as clear as easily possible to Bob. No, a "no trespassing" or "closed" sign with hours is not good enough, not when it is so easy to just lock the door. A locked door is the clearer, more universal message, and very easy to do. Not everyone reads the same language, and some can't read at all.

No, it isn't safe to assume that. Add one more thing to the scenario above. Steve programs a web page to hide all the complexity, so that Bob can't readily tell he has stumbled into something private. Again, it is so easy to stop both Bob and Steve by just locking the door.

On the contrary, we cannot have the law being abused to take the place of security. Too many people would fake the security and rely on the law to make it work. Too many are already doing exactly that. It's a costly and unreasonable burden upon the public. Pay for your own security. That includes designing a reasonable system, implementing it properly so that actually works, and performing tests and audits. Just because perfection is hard is no reason to excuse sloppy security work. DRM, for instance, fails the reasonability requirement. We have had our publicly funded police forces and courts misused to confiscate prescription drugs, improperly demand license fees from users rather than producers (SCO scared and bullied a few users into paying for a license to use Linux), and of course conduct a massive campaign to hold back technology in the name of stopping piracy. ISPs are pretty well free of being burdened with requirements to keep years and years of logs, for fishing expeditions, but there is still danger it could become the law.

It is also better not have doubt about whether some security effort was meant to be real but was bungled, or was indeed faked and, after being breached, is claimed to have been a real effort all along and therefore the breaches are worthy of prosecution. This is especially true on a system that is not experimental, but is instead an implementation of well known, effective methods. AT&T wasn't doing anything new, no, they just plain blew it. Saves us all a lot of time and money arguing over a pointless aside.

We even have cases of security law being gamed. We don't need someone setting up a honey pot to snare particular victims, then running to the law to complain that mean, bad people broke in, ask that the seeming perpetrators be thrown in prison, and kick back and watch as the full paranoia and wrath of the law is released upon their enemies.

Owners should install working locks on their doors and use them, not demand that the government spend enough money, no matter how much, to watch every door all the time because they can't be bothered to spend the trivial amount of money needed to have a working lock.

Heck yeah, we know who Monsanto is. They're the scum who want to patent plant reproduction, and sue farmers for farming. If anything can give a company lots of bad press everywhere, not just in geek circles, it's victimizing innocent farmers with complicated legalese over a grossly obvious right. Aside from the huge problem of that ultimately leading to needing their permission to eat, they don't care if that also leads to the RIAA and MPAA winning the right to force DRM on everyone, and Big Pharma patenting our own genes and us having to pay them license fees just to exist. And some thought paying a levy for breathing the air was draconian.

I've always wanted to take a road trip south out of the US. Drive to South America, see the Amazon, Brazil, and Argentina, visit the telescopes in Chile, swing back through Peru and look at Incan ruins. But it has never seemed even remotely safe to try it. Also, it still isn't possible to drive the entire distance. There is no road connection between Panama and Columbia, so you must employ a ferry, or stop and turn around there. Is that why your plan is to turn back there? I hear that Columbia is especially unsafe, and your ferry ride should bypass that entire nation. A gringo driving through Columbia is just asking to be kidnapped and held for ransom.

It's a different world, this attitude of dealing with corruption by playing along, working within this system and its unwritten rules. Wouldn't be better to change the system, rather than help perpetuate it by participating, no matter how unwillingly? McAfee wanted to travel, without waiting for such corruption to be cleaned up. Admittedly the wait may be a very long one. The West has changed its approach in recent years. Now businesses based in the West have many more legal obstacles against playing the game and bribing authorities, on the idea that corruption will never be cleaned up as long as the powerful can so easily profit from it, and that allowing it to go on is too costly to everyone else.

Yes, and disingenuousness. They say they are ending the free service because there is too much abuse. Google, Yahoo, MS, and others can still offer free email, despite all the spam, but Dyn can't continue the free version of a service that is much simpler and easier to manage than email? And, wasn't there plenty of abuse 5 years ago, 10 years ago? They could handle it then, and now they can't?

That's like saying the US didn't need railroads either. Before the Ttranscontinental, there were 3 basic ways to travel between the east and west coasts. 1) Overland. Time: almost 6 months at first, then down to 4 months as the trails improved. Might not make it if attacked by Indians, or you became ill with cholera, or you took a wrong turn and ended up lost and dying of thirst in a desert, or trapped and starving and frozen in a snowed shut mountain pass. 2) Take ship around the southern tip of South America. Time: 4 months. Safer than overland, but still somewhat risky, uncomfortable, and more expensive. 3) Take ship to Panama, cross, then continue on another ship. Time: 1 month, if lucky and there was a ship wih room on the other side. The Transcontinental took 1 week. Also, the army had to maintain and man forts all over the west, at great expense, to protect citizens from Indians. Took too long to travel, they had to be near at hand. When the railroad came and "annihilated space and time", the forts were no longer useful and were quickly abandoned.

Like the railroads did, the Internet saves huge amounts of time and money. The phone system can't gather and deliver data at any efficiently remotely approaching the Internet. Call brokers to check commodity prices, are you mad? Takes many hours to check everywhere by phone, by which time some prices would change. Instead, what farmers did was simply not check everywhere, they would only check a few local dealers. And as for snail mail, please. Same day delivery is fantastic, for goods. But for information, it is hopelessly outclassed.

I thought it was: 1st world = the West-- the US and its allies, 2nd world = USSR and its allies, 3rd world = non aligned-- all the nations that weren't interested and didn't want to take sides in the Cold War, and even resisted pressure to choose a side. Most of them also happened to be very poor, which reduced the interest of the 2 sides in them.