There possibly IS a host of other problems besides the kernel. We still ran(run) OpenSSL/OpenSSH and Apache on those boxes so the automatic exploits that run against them may be numerous however they are typically very well sandboxed (better than some current *NIX'es) so although you won't get access to any data, they make for a great bot.

I actually have two different-era SPARC we are still supporting (the latest I believe runs Solaris 5, the first one still has an early IBM Token Ring card bridged by a very dusty device to Ethernet).

I understand there are some tracks in the US that allow you to take advanced college-level classes but those seem to be elected rather than mandatory. I'm not talking AP-courses that prep a (rich) kid for college. I am talking about 'basic, mandatory by the state education'.

I went to one of the worst schools in my area, inner-city (positioned next to a red light district) only because they were the only one with an electrical/electronics track education in the area. They closed a few years after my graduation due to an increasing crime problem amongst students. My elected classes were an additional 8-12h/week on top of the regular school hours (no course replacement)

If you don't mind making most foods and fuel unaffordable for the poorest. If you do decide to end all federal subsidies, you include immense amounts of farming and oil subsidies which the 'visible' subsidies between farming and oil are ~$500/person in the US.

If you don't raise wages, a family of 4 would suddenly have to spend $2000/year more on foods and fuel alone (~$160/month). That is not even including the $6000/year that the US government gives away to other big business such as banks and tech companies, retirement funding etc just to keep these companies from destroying either the environment or the workforce.

I would love to see our money go to 'better' companies but then you also need to stimulate a workforce that works 15-20h/week at double the current wages.

There is simply not enough work left in the US to keep everyone employed and things have gotten way too expensive to keep anything but farming here. The US is also lagging massively behind in education starting all the way at first grade and it will take at least 20 years before the first students capable of doing a proper job will graduate IF you reform the education system. As a comparison, I graduated from a "foreign" school at 18 (basically high school) with mathematics and science at a level of a second year bachelor's student in the US (some things I learned in the last year mathematics classes were multi-variable calculus, linear algebra, differential equations and geometry and an introduction to chaos theory).

So why don't they hire experts instead of relying on paid-for-someone-else "experts"?

I don't think I have to point out some thing that was widely covered by media about a year ago: http://arstechnica.com/tech-po...

Copper as in either cable or DSL has been paid for under FCC Title II. Verizon FiOS has classified itself as Title II to get the subsidies and tax breaks for it's rollout. ISP's have been collecting and permitted to keep federal and state "taxes" on every bill to implement higher bandwidth services since at least the nineties.

HTML5 is a document rendering specification. How in the hell does it allow for malware in HTML5?

The issues sit in the JavaScript implementations which leverage HTML5. You can disable JavaScript or have it quarantined correctly (like any good browser should do)

Most of these newcomers do it. They'll give you both an IPv4 address and an IPv6 range. Even TWC is doing it, I currently have IPv6 connectivity directly to my computer (which is behind IPv4 NAT).

If TWC/Comcast threatens to pull out, I would let them and give the copper to the newcomers. The copper in your street (cable, phone, even fiber) has been paid several times over by the taxpayers from federal, state and/or local funds. Give it back already or charge a reasonable price.

Try putting in a (Tomato/OpenWRT/DD-WRT) router and enable the fq_codel (or a similar) QoS algorithm - Multiple video streams, torrenting, surfing and video calling at the same time all became much better/possible.

You think there is no oversell on business-grade or even carrier-grade bandwidth? Even in a datacenter, the bandwidth is oversold easily at 100:1, unless you're actively peering with someone (at which the point is moot) you're being oversold to an extent. If you want dedicated bandwidth between 2 points, you can typically get that at a 10x price point but that will still be on the same network but at the cost of someone else's bandwidth (residential or business-grade).

Business-grade is typically just residential-grade (same bandwidth, same connections) but with some extra services (better tech-support, fewer limits, phone lines, dedicated IP's etc).

Why not? What the state does is paid for by the public (through taxes) and thus whatever the state does is either property or in the domain of the public. How would "the people" assert copyright on something against "the people" (the same entity).

500TB is nothing these days. You can easily buy any system and it will support it. Look at FreeBSD/FreeNAS with ZFS (or their commercial counterpart by iXSystems). If you want to have an extremely comfortable, commercial setup, go Nexenta or with a bit of elbow grease, use the open/free counterpart OpenIndiana (Solaris based).

You can build 2 systems (I personally have 3, 1 with SAS in Striped-Mirrors, 1 with Enterprise-SATA in RAIDZ2 and 1 with Desktop-SATA in RAIDZ2) and have ZFS snapshots every minute/hour/day replicated across the network for backups, both Nexenta and FreeNAS have that right in the GUI. The primary system also has a mirrored head node which can take over in less than 10s. As far as sharing out the data: AFP/SMB/NFS/iSCSI/WebDAV etc. whatever you need to build up on it.

My system is continuously snapshotted to it's primary backup so that in case of extreme failure (which has not happened in the 7 years since I've built this system) I can run from the primary backup until the primary has been restored with perhaps a few seconds of data loss (don't know if that's acceptable to you but in my case it's not a problem in case we do have a full meltdown)

Where are those systems limited to 16TB? I wouldn't touch them with a 10-foot pole because they're running behind (within a few years a single hard drive will surpass that limit).

/dev/urandom will not wait (block) for sufficient entropy and thus is (theoretically) more vulnerable to attacks than using /dev/random. You should ALWAYS use /dev/random if you are worried (paranoid) about the cryptographic strength of your result.

I was talking about seeding your randomness and how to test entropy is definitely a necessity. If you sneak in some vulnerability, most likely you'll want to be able to predict the random numbers generated at certain points in time but still make it look like you have sufficient randomness for people that are not in the know. How do you test against that?

Why does the OP not trust /dev/random? If you're using a hardware device (eg. Intel processors or another dedicated chip), there is a greater chance it was compromised by US/Chinese intelligence than whatever kernel algorithm which you can check the source code for.

The OP stated that /dev/random cannot be trusted, if you don't trust open, tested code which you can compile yourself, what do you trust? If you're building it yourself, you're doing it wrong.

The problem with selling closed source to the scientific community is that there are already open source alternatives to your product, regardless of your market, because generally it's easier for a scientist to program something as part of their job (they generally have a lot of time and are highly motivated) than procure something that costs $10k+ (because then you'll need grants or other sources of income etc).

You may have a customer base for a while until the open source stuff settles out the bugs and user friendliness but at some point your company will stagnate the product and you will die. MATLAB/Mathematica/IDL is slowly going that way and there are a number of other small companies that have already gone the way of the dodo or have been bought out by bigger companies (eg. SPSS) because they can't implement requirements as fast as a community of scientists can unless you can afford a small army of field-specific scientists to work for you as is the case with The Mathworks and Wolfram.

I personally would throw open the entire codebase and monetize your product as a service. If you can't figure out a way to monetize your product in an open sourced fashion, you've already lost to the inevitable open source alternatives that are springing up left and right.