One thing that does help is virtualization and downsizing equipment. For example, moving from a desktop to a laptop, buying (or building) a decent server for virtualization, and even using low power devices for LAN services (I use an older Android phone to run a caching DNS service) can make a significant difference.

Especially with older hardware. Almost everyone has that old computer with sturdy hardware that works well. However, those older machines can eat a lot of power.

One idea I've found that works, provided this is possible (i.e. you own the property), and one has the electrical ability, is to have a dedicated circuit for the little devices that comes from an inverter [1] and a set of batteries that charge from a PV panel array.

This doesn't have to be expensive. A common setup winds up being two 6VDC golf cart batteries in series (12 volts total), 2-3 PV panels, a decent charge controller [2], and an inverter. This won't run your air conditioner unit, but it will be big enough to handle a number of low amperage devices, and one can build a decent setup for well under $1000.

In fact, I did a jerry rigged setup to light a shed on the far side of a friend's farm using a cast off extension cord (it had the proper gauge wires when stripped), a cast off 200 watt panel, a $8 PWM charge controller from eBay, an old deep cycle battery, and a DC-DC converter so I could use some 340 lumen SunJack LED bulbs (with built in switches) that run from a USB port. All of this cost well under $100. The SunJack LED bulbs would run 8-10 hours on a 1.2 amp (or 12,000 mAh as the packaging says), so a 200 amp-hour battery that only has 50-75 amp-hours left can run the bulbs for a very long time without solar.

Another added benefit of having all the devices on their own circuit is that they are essentially on a UPS, so if power fails, they will still keep running.

[1]: Don't skimp here... buy a reliable PSW (pure sine wave) inverter, and go for a 1500-2000 watt model even though running at full tilt will discharge the batteries quickly. This is so that if one plugs something in that has an inrush current (refrigerator compressor, microwave), the inverter can handle it.

[2]: You can go with a MPPT controller, which allows for higher voltage panels (as it converts the voltage higher than what the batteries use into a lower voltage with more amps), or have more panels to handle how a PWM controller "lops" off any voltage it doesn't need.

What I don't understand is why they did this to both of his eyes.

You'd think it would be far more prudent to dose one eye, and put a patch over the untreated eye to prevent interference.

... how could this have any hope of not being classed as a destructive device?

A guy whose evidence is "I've seen stats", without linking to them shouldn't be lecturing about hard evidence.

On PC platforms perhaps. Not on server platforms.

Dominance where exactly? A helluva lot of Windows development is still done in C/C++. Java still has massive penetration in the enterprise. I'll admit that .NET is a big player in the Windows world, but considering the Windows market appears to be at best static, and as a platform, compared to other computing devices (enterprise computing, mobile computing, etc.) is in absolute terms possibly even declining, I'd say .NET could hardly be described as dominant.

Platter technology will end up being pushed to the NAS/SAN, which is why WD is making their red line of drives.

Perhaps HDDs, now that speed and capacity are secondary, they will start evolving down the path of reliability, perhaps replacing tape as an archival medium.

NAS drives are going to be a big market, especially with devices like Apple's new MacBook with limited expansion capability, so people will use WiFi Direct hard drives as their main backup source, as opposed to USB drives. In this use, capacity is limited on the MacBook, and speed is limited, so drive makers (hopefully) will end up working on leapfrogging each other for reliability and security.

I have a third option: An admin passphrase that is a lot longer than my user passphrase, but had more retry attempts. That way, if the short passphrase gets typoed, I can still unlock the device with the admin one.

You are right about backups... that is why I have three of the USB tokens, just in case.

Had a similar choice when giving a laptop to a relative. I went SSD instead of SSHD because SSDs are physically more resistant to shock.

However, if given the choice with a desktop... I'd probably still use SSD, just because when I delete a file and fstrim the drive, the file is -gone- for good, since the drive controller will come around, write "1"s to all the pages that file used and call it done. Of course, keeping good backups when using SSDs is wise, just due to this exact thing.

I wonder if the ideal password manager would be one that would use a typed in password as a seed/IV (hash a seed and the sitename), with exceptions stored for sites which don't allow passwords generated with that tool to work. Some sites require a number, a capital letter, lower case letter, a symbol (well, not all symbols work), or some other random, annoying combination of the above.

Of course, the ideal password manager would store the password database with a master volume key, then each device accessing it would have the MVK encrypted to its public key. This way, if someone wants to add a device, they just allow access on another device. If someone wants to remove access, it is doable, but it would be wise to re-encrypt the DB to a new key for security. This is how PGPDisk did its encryption, and it completely deters brute-forcing, should someone get access to the data stored on the cloud, since there is no password, so the attacker has to deal with the entire key's keyspace.

Since the private key is on the device, the user just needs a PIN to unlock (with a timeout after too many wrong attempts), rather than a longer passphrase. Both iOS and Android have secure storage (KeyChain for example) which makes this easy to implement securely.

I prefer 2FA when possible. Even a very tough password means nothing if by some means, it gets sniffed by some keylogger, or the password database on a cloud provider gets brute-forced.

For storage where one is using a passphrase for encryption, as opposed to authentication, I like using cryptographic tokens. TrueCrypt used to work with a PKCS#11 library so I could store a keyfile on a set of Aladdin/SafeNet eTokens. This not just made the key immune to brute force guessing... someone who physically possesses the token has three guesses of my unlocking passphrase before the token locks itself forever and zeroes out the stored keyfile. This also works with Symantec's PGP version, except that generates a public/private keypair, the private keypair always remaining on the token, while the public part is used for the file/drive encryption.

If 2FA isn't possible, then as above, some mechanism to help with password reuse is very wise. This is useful just in case some website decides to store passwords in plain text, so a person's secure "correct horse battery staple" is now compromised and added to every blackhat's brute forcing library.

All consumer level ones are that shitty. Time Machine does have some OS level protection, but most just dump data to an external drive. Overwriting the files or just a format of the filesystem can easily destroy that backup.

Windows Server Essentials 2012 R2 has "pull" functionality to grab data from desktops. Another utility is Retrospect which can have a client installed on desktops.

Of course, the ideal would be a backup appliance like an EMC Avamar that deduplicated. Think Time Capsule, except that the appliance initiated the backups, stored them securely, and did the deduplication. Add decent disk encryption (perhaps a startup password or PIN entered on the appliance's webpage to mount the backup drives), and this would help versus malware.