Tied to a video display, which would take much more sophisticated development, it might be easier. It's a fascinating idea for people like Stephen Hawking, or as a fall back device for people whose more sophisticated tools may need repair.

I hope that this youngster talks to Lady Ada, over at http://www.adafruit.com/, about publishing a do-it-yourself kit for this.

I'll beg to differ: the real problem for day to day use is the freezing. It's been unusable for at least the past year.

The only reason that "anaconda's base supports all" is because anaconda, and kickstart tools, have the ability to support '%pre" scripts that allow manual use of hte command line partitioning tools to tune the partitioning as desired, and completely skip anaconda partition. Anaconda has never, and from all signes will never, be able to support all disk management and partitioning tools.

Since it's a Python based wrapper for the actual system tools used, features can be added. But there will be inevitable mismatches between configurations manageable through anaconda, and configurations manageable through command line tools for new disk and filesystem tools. And anaconda's use in system critical critical tools like kickstart mean that it _must_ be thoroughly tested before updates. This will slow feature addition in a way that gparted, or other tools, need not support.

> The sane choice of course would be for the facebook app to limit mobile data usage by culling data-heavy features as video autoplay

Don't you mean "The sane choice would be to drop FaceBook" ? The service, and its encouragement of careless video and image uploading, is extraordinarily and unnecessarily bandwidth heavy, especially with the constant pre-caching of both advertising and facebook poster content one has no _intention_ of ever actually selecting, but which winds up pre-cached because you opened someone's web page to read their post or check a social announcement.

> Uh, tell me how to adjust an init.d script such that:
> 1. You add support for running the daemon with an ionice level which was missing from the original script.
AND
> 2. The next distro upgrade won't blow your changes away, and you won't have to manually re-combine your changes with their new init script which adds some new feature yours lacks?

Usualy, you make such changes in /etc/sysconfig/[daemon]. If you need to completely rewrite the daemon init script, you turn off the old script, write a new script with a new name such as 'daemon-ionice', make sure it has a 'Provides: daemon' line, and use that for init options. This is also the common approach if you need to run multiple copies of the same daemon, running on alternative configurations, such as SSH or Tomcat.

I'm afaid it is _exactly_ how X works. The X "server" needs to reside on your local host to see remote X applications displayed locally.

The X 'server' does not need to reside on the remote machine, but the components for X are so interwoven on most remote host environments that it's quite risky to pick and choose components.

> Can you provide an alternative service that is "focused on end-to-end user security"?

No. That's partly because the barrier to entry is so high, which I did mention. So services like a Skype replacement, or full blown custmer-privacy-centered services, are quite difficult to get started. And services like Dropbox admit, themselves, that they are not immune from subpoenas. (See https://www.dropbox.com/transp... for what little they're permitted to publish about search warrants or subpoenas.)

I may have been unclear. "Good luck with that" getting a good quality, genuinely effective customer privacy ensuring technology and service off the ground.

> I don't need luck because it already works fine with services like DropBox and Skydrive

Neither of these are focused on end-to-end user security. The centralized password management for both systems, and presence of most deposited contents unencrypted, are profound price savings and software simplifications for those companies. But it puts both systems at risk of precisely the sort of overseas, strong-arm warrant or subpoena that Microsoft is facing right now from US courts for email stored in Ireland.

> You can quite easily turn off iCloud and use whatever service you want

I'm afraid I must say "good luck with that". The bar to replace services that are built into Iphones or Ipads by Apple, as a supported service and built directly into their operating systems, is quite high.

Good for you, then, that you are doing real work in the field. I'll applaud your technical work in discovering and publishing this vulnerability, and I hope you'll feel able to publish more details ASAP{.

As you are actually doing security work I'll urge that you be aware of why and how people might use your practice of genuinely responsible disclosure against their own customers or clients. There often comes a time when you have to make choices about whistle-blowing: exposing the flaws more widely to force change, or to protect potential victims. It can cost you business to do so, as well, which is a real financial incentive not to publish even if no one actually pays you for your silence. I'm afraid that I'm often bound by contracts and NDA's from disclosing security problems even to other departments of the same company: they're not part of the group I'm contractually working with, so I can't notify them directly of the problem.

There are often legal, ethical, business and technical issues that I face regularly that can distort 'responsible disclosure', so I do hope you're more aware of them in the future for your own work.

>> We call this responsible disclosure.

> are you accusing me of being a liar

I'd not done so. I don't discount responsible disclosure as existing: I'd certainly want to see a zero-day exploit reported to the authors, first, so that they can get a chance to publish a patch before the flaw spreads in the wild, and I _report_ flaws directly to vendors and authors when I encounter them.

I've explained other, more selfish reasons that a vendor or a security researcher might decline to publish full details, reasons that could be and often are hidden behind the explanation of "responsible disclosure". Ignoring such motives would be naive. Vendors can, and do, hide behind rubrics of "responsible disclosure" to avoid the effort, especially significant redesign efforts, to actually fix the problem. Microsoft and CERT are the classic example of this. Microsoft product flaws are reported to CERT and remain undisclosed, for years, under "responsible disclosure" policies that provide little incentive to actually fix the dangerous, longstanding flaws..

I've certainly seen the problem personally when reporting or trying to fix security flaws. Given the length of my career, I've even seen architectural security flaws that have never been fixed because they would force a change in workflow, and that was unacceptable to the vendor or to the users. And I've had numerous business partners I've worked with get upset when I disclosed their security vulnerabilities to their own engineering staff, who'd not reviewed the consequences of their choices or had been deliberately kept out of the loop by their own supervisors.

Your immediate response of "are you accusing me of being a liar" is.... well, it seems based on my thinking that you actually work in security. I'm afraid that based on your apparent naivete, I can't conclude that. The idea that claimed "responsible disclosure" is always just that would be frankly naive.

Like racial, national, religious, and age discrimination, gender discrimination can often be hidden behind other practices. The old Youtube video about hiring only H1B candidates is an excellent guideline on how to hire only members of your preferred social groups. ( https://www.youtube.com/watch?... ) Simply fillin your preferred gender, age, skin color, religioon, or nationality for the word "H1B" in the presentation.

One of the most powerful forms of gender discrimination in the technology world is the inevitable discrimination against mothers who need maternal leave, or women who may become pregnant. Illegal or not, it colors every hiring review of younger women, for logical even if illegal reasons.

It can also protect profits to make sure that the announcement of the vulnerability smears all vendors and thus includes your competitors tools, not merely your own company's flawed products. This is called "sponsoring more research before publication". I'm afraid that it's a noticeable source of funding for security researchers, and can also buy valuable time to sell off as much of the flawed inventory as possible while or until the fix is provided for newer products.

I'm afraid that there are people who think this way, putting their short term corporate sales well before customer safety or product quality. And their ability to preserve profits, and to _hide their failures_, can often lead them to positions of great corporate power.

> Let there be no doubt that Microsoft's actions in this controversial case are customer-centric.

Nonsense. It is protecting their millions, even billions of dollars of international business, especially for their hosted email services, to make a public display of fighting this court order. It also helps protect their US business: publicly refusing a US order helps provide a history of customer privacy awareness when they try to resist a Chinese or Russian or EU court order for US held data.

And this is not an NSA "Patriot Act" order, which don't require judges and can be far, far broader than a typical search warrant or subpoena.

For the packaging, make a deal with whoever cleans up at an assembly line for desktops. Plenty of PC vendors wind up with pallets of packaging to dispose of.