Gold lost all intrinsic value when society gained the ability to metalwork with harder, more durable metals than gold. Why tie a currency to it?

This ARPANET thing has been going just fine without the government getting involved. Let's keep it that way!

The variable could contain a newline and then set an arbitrary HTTP header (set-cookie, for instance) or it could redirect the user to anywhere on the internet, including reflexive XSS attacks on arbitrary sites, etc.

i'm saying wouldn't it be better to have your testicles inside your body and evolve sperm that develop at a higher temperature? its pretty ridiculous to have such an important organ dangling outside unprotected. i never understood why.

Here's a hint: we got to where we are via random mutation and natural selection, not design.

You're both wrong. There are two things that can kill: power, and frequency.

To get from being healthy and alive to cooked requires a change in energy as lots of chemical bonds need to be destroyed. This requires work to be done, and the rate at which work is done is power. This is the traditional killer in most electrocutions. I say it's the power and not the work that kills, because if the power is low enough, you can probably survive indefinitely. Power is current*voltage, and it's measured in watts. A static shock is easily 10kV - air doesn't breakdown and conduct until you've got 3 million volts/meter, so the 5mm static shock you might get when you rub your feet on the carpet is around 15kV. But you didn't move all that much charge with that action, so the current is necessarily very low, as is the power.

If you want to know how fast a microwave will cook a hotdog, a great place to start is the power rating (watts) of the microwave. If you want to know how fast an electric oven will get to temperature, the right place to start is the power rating (watts) of the microwave. You two are arguing over whether it's the 120V that kills the hotdog or the 10A that kills the hotdog, when it's very clearly the product (1020W) that does it. That's why the wattage of the microwave is a selling point.

Frequency: You actually don't need to cook someone to kill them, which means without that much work/power it's possible to kill someone. The trick is inducing cardiac arrest. The frequency turns out to be much more important than the total work done. Tasers don't do much work, for instance, but they have killed people. Someone with more of a background in the electrochemistry of the nervous system and the heart could probably chime in more on this.

Everyone knows drives are most vulnerable when the heads are engaged, and the spinning platters should cause a single destructive action to potentially spread to the entire circumference. Why not do a write operation to the entire disk and hit it with a hammer during the write? Do that properly and the heads should go flying off in pieces into the platters, and the platters spinning with the loose head material should ensure nothing survives.

In practice, I'd run the sniffer on the machine if there was already one there. The absence of the sniffer revealing traffic does not mean there is no traffic, but if the sniffer shows traffic it's a safe bet it's real. Frankly I've yet to hear of any rootkits that would let the sniffer still work and not show the compromised traffic, I think it's more of an in-theory than in-practice. Because I mean, I suspect users who know how to operate sniffers are an edge case for botnet authors. If you've got the sniffer on the machine and can easily run it, why not? A fine alternative is setting up a span port (monitor port) on the switch. I work with managed switches all day, so I'm spoiled in this regard - I don't really think that's an option for the OP however, linksys switches tend to be pretty dumb.

Or a freezer!

One needn't compromise a router in order to gain access to it. They can be given access, after all.

There are thousands of network engineers and similar who work for ISPs, who routinely capture traffic as part of their jobs. It takes only one of them to disregard the rules/the law/their job and run a longer trace, or to run a trace to capture one specific thing and inadvertently capture passwords. Or worse yet, it takes only one of them to have their credentials or machines personally compromised.

It might be a bit farfetched, but once you start working in this business and you see how many engineers have pretty advanced credentials, you realize that any one of them could become a determined attacker and do quite a bit of damage -- or, a sufficiently determined attacker could get a job as a network engineer.

Not if you use troy (or standard) ounces for both.

Where's the BBC story that's mentioned? I think the editors left a link out.

Perhaps what browsers should do is have a separate class of errors for whenever there's a password field in the form. Given how often people google, comment on blogs, or what-have-you, I'm not about to tolerate an additional click for every POST. But I will tolerate an additional click for every POST where one of the fields was a password.

Library calls cause context switches?

I thought the whole deal with libraries is that they get mapped into the local process space. I certainly don't have a 'libc', 'gtk,' or 'libffmpeg' process running, yet I'm running processes that use that library. Where is the context switching to, exactly?

If you had meant system calls, I don't think there are many (any?) things that are implemented as system calls that could have been implemented as cheap library calls, in other OS, unless I'm missing something.