Step 1: Plug iOS device into a Mac.
Step 2: Unlock iOS device.
Step 3: Click on YES when the iOS device asks if it should trust the computer.

The critical part is Step 2, which you can only perform if you know how to unlock the device. In other words, if you know the passcode. But if you know the passcode, then you can do _anything_ with the phone. That's what the passcode is there for.

So basically, this security "expert" found a way for a thief to enter my home through the backdoor, as long as the thief has the keys for my front door.

No, you'd have the key. If you wanted to share the file publicly, then there's no point in keeping it encrypted, so you'd provide the server with the key and it would decrypt, saving you the cost of downloading and reencrypting.

The client just needs one key, the RSA (or equivalent) public key. You'd need to copy this between devices, but it's relatively small (under 1KB). It's small enough to fit in a version 40 QR code quite easily, so you could set up mobile devices by displaying the QR code on your laptop screen and point the mobile device's camera at it, if you don't have any sensible way of transferring files between devices. The client then has to download the file and the associated key, decrypt the key with the locally-stored key, and then decrypt the file, but that's not something that's exposed to the user.

One becquerel = 27 pico curie.

One trillion becquerel = 27 curie.

Sounds a lot less frightening now.

However, one curie is an awful lot of radiation. You wouldn't go near that. On the other hand, becquerel and curie are measures of "radiation per hour", so "1 trillion becquerel released" doesn't make sense.

The anonymous poster pointed out a simpler mechanism, which is used in practice on file stores that want to be encrypted on the server. This technique also has a number of advantages. Using a symmetric cypher is generally faster than an asymmetric one and using a different key for each file is just good practice anyway as it limits the damage that certain kinds of trojan can do. If you're sharing with everyone, then you may as well just give the server the AES key and ask it to decrypt the file. If you're sharing with just a few people, then sending them a (fixed-size) key for each file is not too much overhead.

The thing that's really put me off the surgery is the improvement in contact lens technology over the last 10 years. My sight is sufficiently bad in one eye that I'd have to have an implanted contact lens, although the other could be fixed by burning the cornea. The contact lenses that I have now; however, are so thin that I don't notice that I'm wearing them most of the time and can be worn overnight. I put them in at the start of a month and then change them a month later. There's a slightly increased risk of eye infection, but they come with six monthly checkups to prevent this. I was wearing the previous generation of lenses (which were noticeably thicker) for about 10 years without serious issue, but with slight irritation around the eyelids caused by the thickness of the lens (and my eyes sometimes getting very dry, because it took a long time for the lens to dry out, so I'd forget to blink sometimes). With the newer ones, it's basically as if I had fully working eyes and if my prescription changes then I can put in different lenses next month.

I used to be a programmer with no degree. I'd like to think I was pretty darn good at it... I knew several languages (C, C++, Python, Perl, Java, and several more) that I had taught myself. I did this for about 9 years, before I finally got a degree in CS, and then got a Master's in CS shortly afterward.

One thing this did for me is open up my mind quite a bit. I'm still a good programmer, but I now know programming isn't it. There's a lot more that goes on when it comes to developing good software, and though I could code up some pretty good stuff really quickly, now my code is better, more thought out, and most importantly, I am much more likely to ask the question "Is this really the problem we're trying to solve?" leading to actually useful code instead of neat stuff it turned out really wasn't what was needed.

In addition, I'm better at interacting with people. I used to have the attitude "This makes no sense to me, therefore it's stupid" and now I realize that maybe I don't have all of the information, there's something I don't know (this is key!) which would help me understand and realize my position isn't exactly right, and so I don't just get mad and storm off anymore when things don't make sense.

Getting a degree made me a more well rounded person... I found a love for history, music and literature that I didn't quite have before. I can have conversations that don't just involve the latest tech and video games. (though I still love talking about that stuff)

I guess my point is... a degree doesn't make a great programmer, but a degree can help make a better person (which is the whole point really... it's not to "learn a trade", it's to expand your horizons and explore the world and become a critical thinker) and so given the situation, I would likely lean toward hiring a great programmer with a degree over a great programmer without one.

There are techniques that allow searching within encrypted files, but they rely on the client creating the index. You can then search the index for an encrypted search term and, if you know the keys, interpret the answer. Getting this right is quite tricky (there are several research papers about it), so he's right, but it's not impossible.

The main reason that I suspect DropBox discourages encryption is that they rely a lot on deduplication to reduce their costs. If everyone encrypted their files, then even two identical files would have different representations server-side if owned by different users, so their costs would go up a lot.

I, for one, am in favour of removing bread from the human gene pool.

Yes, almost certainly. The market for compiler engineers is very much a sellers' market at the moment. Universities neglected it for so long that most people graduate from undergraduate degrees with basically no knowledge of how a compiler works (if they're lucky, the know how compilers worked in the '80s), so there are 10 jobs for every person.

In The Humane Interface, written in 2000, Jef Raskin made the same complaint. The time between turning a computer on and having written a program to add two numbers together on, say, a C64 or a BBC Model B, was about 30 seconds. On a modern computer of the time, you wouldn't even have finished booting - starting the IDE would take even longer. The problem is, this misses the point. There are lots of scripting languages with REPL environments, including a POSIX shell and PowerShell on Windows, that can do this as a single command once the computer is running (on OS X, you can add numbers in Spotlight, so it's even quicker - just hit command-space and type the sum). If you want to write a more complex application, it's vastly easier today. Extend that simple calculator to show an editable history and show equations, and you'll find it a bit easier today. Now extend it to be able to print - if you've ever written applications to print in the era before operating systems provided a printer abstraction then you'll know how painful that was.

I don't understand why you think 'yum install gcc' is somehow different from 'download and run the installer for the VS command-line tools'. Especially on a modern Linux distro, where libraries come with -devel variants to save you the 10KB taken up by the headers in the normal install, so you end up having to install a load of headers as well to get the system useable.

I was a consultant for a few years and didn't find that it did. Most of my customers found me, as a result of my open source work (usually to work on the same projects, sometimes to work on projects in similar fields). Contract negotiation didn't take very long (they list some requirements, you mutually agree on a date, you pick a number, if they haggle then you politely decline).

Or buying _The Essential Hal Clement, Volume 2: Music of Many Spheres_

Seeing photos of these always reminds me of Hal Clement's hard SF short story ``The Mechanic'' --- still copyrighted though, so not at: http://www.unz.org/Pub/AnalogS...

Well worth tracking down a copy of the book _Space Lash_ to read it though.

Let me guess, they outsourced this particular code to EDS?