the songs I hear on Pandora are often ones I've never heard before. I've bought CD's based on its generated recommendations

I have "trained" Pandora such that it doesn't play anything new any more. However, in the process of "training", I did find quite a few new artists and bought CDs or MP3 downloads.

A google search of Lindsey Stone shows the images that she wanted to suppress, and lots of stories about her experience with her bad reputation.

It looks like anything done by reputation.com has been washed away by the more recent stories about her.

But a lot of people were able to make really important contributions to computer science and the war. What exactly makes Alan Turing a god, and not, say, Claude Shannon? Or Richard Feynman? Or Enrico Fermi?

Or Tommy Flowers -- the man who designed Colossus.

I mean, it's important and all, but there's different levels of issues. Heartbleed and shellshock are one thing- this is a sketchy manufacturer doing something sketchy.

Did you miss the part about how this software breaks the whole certifcate validation process? This is worse than Heartbeat for anyone who has an infected laptop. Any HTTPS website can masquerade as another HTTPS website and, because of the way Superfish works, the browser won't detect anything wrong.

Great question! I had wondered about this myself - How does C&P really make the card more secure if you still basically just need a photocopy of it to use it? Or do they have an entirely different mode of operation when used online (like easy generation of disposable one-use card numbers)?

If I want to send money from my UK bank account to a destination account that I haven't sent money to recently (using the bank's website), I have a little card reader that reads my card, validates the PIN (offline) and then processes a number from the website into a response that I put back into the web page to validate that I have the physical card and know the PIN.

On the back of your card is CHECK ID and it looks absolutely nothing like the signature on the piece of paper. What happens then?

The bank laughs at you and tells you that, because you were using the card without signing it, you are responsible for any losses.

The thing I don't like about it, is on the signature block on the back of the card I just write check id

Massive FAIL there, Psyko. If your card is ever stolen, instead of the CC company being responsible for losses you are!

Your next creditcard (in a couple years) will probably have a chip-and-pin system,

My Citibank card (issued a year or more ago) has a chip, but it's not a chip-and-pin card: it's chip-and-signature. That's right, push the card into a chip reader (not in the USA, naturally) and the machine prints out a form to sign.

I have a T-Mobile phone with Wi-Fi calling; it keeps turning the feature on by itself; and it sucks with dropped calls continually.

T-Mobile has had this service for years, and it used to work really well. In-call switching between cellular and WiFi, etc..

My current phone has the same feature, but I can set it to use the cell network if possible and only make calls over WiFi if the cell network isn't available. Because of this setting, I don't use the WiFi calling very much, but it is great for making and receiving calls while abroad without paying huge roaming fees.

Because all the "problems" you cite are generally overblown or not problems at all.

While that may be true, the same could be said for all the claimed advantages of systemd -- that they are overblown or not really advantages.

this will not have been done out of charity purposes. my guess is that MS gave something on the order of 2 billion dollars.

It's probably part of this deal

You can also do that with the systemd journal. Where's the problem?

That systemd's journaling log is not required for security, thus removing one more justification for the use of systemd.

Each entry is digitally signed with the hash of the previous entry. So any attacker that gets root can rewrite an entry, but in order to make the digital signatures pass verification he's got to rewrite the digital signature ....

Or, I could just send the logs to a remote, hardened log server so that an attacker has no way to modify the logs immediately prior to the compromise.

i never said I wanted to undo SS. But I do think people should be given an option. I would much rather put my SS money in an IRA or something that is mine, and mine alone. I worked hard for my money, I want to keep it.

You are so naive. In the UK, many people had final salary pension schemes. The schemes were run by the employers (only fair since they guaranteed certain payouts). The schemes had to be fully funded, so that the benefits would be paid out if the employer went bankrupt. Well, guess what, the laws changed in respect of taxation on these schemes and suddenly the private pensions were under-funded.

Yes, maybe you could do well investing your own money, but do you really want to bet against a future government making a tax grab on that money? It's not just the present goverment you have to worry about, but every government in power until you die.

The point is that under GNU your labor will almost certainly be forced to be free as in "not paid"; that's the practical consequences of the license. Under BSD you don't have that problem at all.

Under the GPL, companies can collaborate in ways that are possible but less likely with BSD. With BSD, there is a strong incentive for an individual company to put out closed-source binaries with some extra "secret sauce" over and above the open-source versions. Think of it as a tragedy of the commons or prisoner's dilemma where there is a strong incentive to defect. Using the GPL, this isn't possible.

Instead, the GPL promotes collaborative projects. Look at the Linux kernel, which gets contributions from many, many companies.