Better car analogy: When a defect (mistake in the fundamental design or implementation of the car) is found that affects its safety, a recall is issued, and the manufacturer fixes it for free. Regardless of warranty status of age of the vehicle.

Imagine being starving and having no ability to do anything for yourself. You need the fish to get yourself at a basic level before someone teaches you to fish. You need to know the value of the fish and know that understanding how you can acquire your own fish is beneficial and will improve your life quality. You need to understand the value of water condensers, farming techniques, etc, first. Then you learn them. You need both levels.

One of the key concepts taught in *any* decent MBA program is risk management. For a software development company, having more than one person available to make emergency fixes to code is much cheaper than the cost in not being able to deploy a fix in a reasonable amount of time, so any decent MBA graduate will make sure that there is always a backup person available for his purpose.

You clearly have not worked for any amount of time on minimum wage.

This is true...
...if you have a valid policy set up for SELinux to enforce. This can be very difficult to construct, especially when you're trying to control the behavior of something like a VM.

For a student lab environment, this is likely to be overkill; if you have students in grades 9 thru 12 finding and exploiting holes in a VMM, you've got much bigger problems.

True...assuming you don't already have an IBM mainframe.

Schneier started his career as a computer security and cryptography guy. Over the past five to ten years, he has largely gotten out of that specialty and more into general security practices, and, more specifically, how trust, security, and society all interoperate. He has largely made it his business to determine what works and what does not to solve large scale societal problems that have anything to do with "security," be that real security or not.

This statement is incorrect.

Most standardized tests where a graphing calculator would be useful, in fact require such a calculator. The current set of AP tests require/recommend a TI-84 or TI-85. The SAT itself highly recommends a graphic calculator.

Cool story. The SAT specifically does not allow calculators with a QWERTY keyboard. The TI-92 (the original one with the symbolic algebra solving system) had one and was, therefore, not allowed for the SAT. So, TI came out with the TI-89, which runs almost the exact same software as the TI-92, specifically so one could use an SAS-equipped calculator on the SAT. This is why the TI-89 is such an odd beast and somewhat harder to work with; the software was not really designed for that form-factor.

When you use a federated single-sign-on capability like this, your password is NEVER sent to the service provider (the one you're logging in to using you Yahoo/Facebook/Google/etc account). It is only sent to the authenticating service (the identity provider), who already has it, and then that provider generates a signed message in a specific format (OpenID, SAML, etc) that vouches for your identity to the other site. In this model, your password is actually exposed LESS than if you create an account at the site in question.

If the other site can handle proper authentication of the user, secure storage of credentials using a suitable hash algorithm and a good amount of salt, and generally follows all of the best practices associated with these functions, and can provided federated single-sign-on using a mature, tested, and generally accepted protocol like OpenID or OAuth, then you absolutely says that you can trust another site to provide your authentication function for you. Well, maybe you can, depending on your business model and risk tolerance. Whatever you decided, I *highly* doubt that you can securely and safely store your users' credential information in a more secure manner than Facebook can.

Really? You just used VMware? The predecessor for all of these? Well...OK then but please do not pretend to offer an informed opinion on VM software.

If the airplane's design allows you AS A REGULAR PASSENGER to do so, then yes.

This is why 4.3 will be made of wood. Sonic screwdrivers don't work on wood.

The Unix permissions model that is part of the Linux kernel within Android is used extensively and is central to application isolation within Android. It's just not used as you think it is. Each app runs under its own UID and each app has full permission to its own directories and resources (owner has full control) while no other apps have any permissions to those resources (by default, this can be changed by the app's developers and by you, assuming you have root-level access to your phone).

Which is exactly what Google interviews are like.