A trillion (10^12) hashes per second can still check only 100 million (10^8) passwords per second if checking each requires 5000 rounds of PBKDF2. In the common PBKDF2 built on HMAC, each round is two hashes, making a 5000-round PBKDF2 take 10,000 (10^4) hashes.

At which point you may be on the wrong side of the tradeoff between security and convenience. If you have 100 subscribers behind a proxy with a single public IPv4 address, and ten of them forget one password, good luck fielding customer support calls for all of them.

The problem comes when well-known sites don't implement it right, such as by implementing only Facebook Connect and nothing else. The Huffington Post, for example, requires each commenter to have a valid subscription to mobile phone service and give a globally unique number capable of receiving SMS to Facebook.

Many systems in use have similar "limitations and configuration".

Many systems in use "can never be modified" by end users.

Some banks have started charging a $60 per year fee to send paper statements instead of e-mail. What will you do once all banks with ATMs in your home town do this? Switch to an online bank that can't accept cash deposits?

Moral blindness isn't pretty. Lord have mercy on you, if you can't tell the difference between the Sermon on the Mount and, say, The Protocols of the Elders of Zion.

And lose access to several websites. Slashdot, for example, redirects HTTPS hits to HTTP for non-subscribers because ad networks have been slow to implement HTTPS. And a lot of shared web hosts don't support HTTPS because their policies haven't been updated in the six months since the last major Server Name Indication-ignorant desktop web browser (IE on Windows XP) reached end of support in April. But HTTPS support is the second biggest reason I stopped going to TV Tropes in favor of All The Tropes (after licensing).

Wow. You just said that The Holy Bible is fungible with Mein Kampf.
Care to amend that?

Well, THAT was certainly a well-sourced statement.

What difference, at this point, does it make? The rich have their shelters; the poor, their vote-bribe handouts; in our age, the fool is the law-abiding middle-class person who still goes to work and pays taxes.

They can if you sign ownership-equivalent rights to your SIM over to them when you begin service.

Does T-Mobile offer any low-voice-usage plans comparable to what I currently get for $7 per month from a Sprint subsidiary?

According to Wikipedia, CDMA2000 can use a CSIM (CDMA2000 subscriber identity module). But unlike GSM and its successors (UMTS, HSPA, and LTE), CDMA2000 makes use of a CSIM optional, and CDMA2000 with CSIM is more common in Asia than in North America, where Verizon and Sprint have traditionally programmed the subscriber identity directly into the handset. But a single UICC card can act as a removable user identity module for all three cellular flavors: SIM for GSM, CSIM for CDMA2000, and USIM for UMTS, HSPA, and LTE.

You skipped music.

I have Google Play Sound Search installed on my Nexus 7 tablet. But it supports only known commercial recordings, not my own singing or piano playing. Shazam has the same limit.

That'd be fine if the accidental ripoff had been pointed out before All Things Must Pass went gold. Otherwise it would have involved an expensive recall, withdrawing copies that had already been shipped to stores.

OK, I was probably wrong about 8.0 given AC's comment.

Yawn.