Indeed. That is why I wrote "governments" as in the sum of all of them. One corrupt one is enough to break things.

$10'000 gets you something like 4-5 consulting days from good security experts and that is with the $10'000 paid in every case. In that time you can only hack really bad security. Don't expect anybody good to even try this unless they are bored and not interested in the money.

This is a cheap stunt.

The difference between India and some other countries is that India is 2nd-rated enough to be caught immediately when they do something like this. That makes them more stupid, but less of a threat than, say, the US.

Anybody that looked into the SSL certificate system has known that for a very long time. Quite a few people used to use self-signed certificates, as as least there somebody that bothered to find out could be sure it was secure.

I think the fundamental brokeness of the SSL certificate system is because of deep naivety with regard to the trustworthiness of governments and because of active sabotage of by said governments way back. I hope at least that issue is fixed after Snowden. Governments are even more evil than any of their members and cannot be trusted for any purpose.

This may have some use against script-kiddies, bot-nets and similarly non-sophisticated adversaries. It is worse than nothing against other adversaries, as it creates a false sense of security.

I guess they have never heard of smaller batteries or (for multi-cell cases) step-up converters. It is quite simple to, say, take a 6 cell battery pack and convert one cell to a step-up regulator and retain one cell. Gives you 4 cells (i.e. stainless-steel containers) to fill with whatever you like. The same effect can be had by using smaller batteries than originally in the pack.

Indeed. If they automatize things, we will at least have consistent low quality...

I do not know what the reviews for the paper were. I only know it got into a well-known "Tier-I" conference. I do know my 10-Minute assessment was right, because more than a year later, the authors (minus the first one) had their follow-up paper where they basically admitted all defects and scientific misconduct by the first author. And I do know nothing happened to anyone. This was "mainstream-research", the conference is large and well-known.

That would be exceedingly stupid. The real problem is that the US paid this guy and thereby demonstrated that it does not have "friends", just servants and victims. That is not an attitude that is compatible with being a member of the modern world.

I think what is missing is that a) more reviewer actually need to be experts and practicing scientists and b) doing good reviews needs to get you scientific reputation rewards. At the moment,investing time in reviewing well is a losing game for those doing it.

I agree that good reviews do not need to be binary. You can also "accept if this is fixed", "rewrite as an 'idea' paper", "publish in a different field", "make it a poster", etc. But all that takes time and real understanding.

That would work if the NSA would be hacking devices anywhere. They do not do that. Not because of any ethical concerns or because they cannot, but in order to protect their tools and methods. Whenever they hack something, they risk losing the vulnerability used. As vulnerabilities are expensive and not in unlimited supply, they cannot use them for minor things such as a sensor point somewhere.

Use TOR and select an US exit-relay. Very simple to do, for example with the TOR-browser bundle. Start, select "verify TOR", select Altlas, select new identity, if the exit-relay is not in the US. Repeat until US exit relay is obtained.

But be aware that using TOR puts you into the NSA's "extremist" database...

One very common scenario for knowingly faked "results" is this: PhD Student has his/her funding running out and gets set an ultimatum (explicitly or implicitly). PhD student fakes something, sometimes looking pretty good at first glance. Advisor is too stupid, lazy or full of him/herself to notice. Paper gets published because advisor is "respected" in the community.

I have seen this happening quite a few times, including one case where all authors, except the first one (the PhD student), wrote what was basically a retraction a year later. But did anything happen to these people? No. The PhD student still has his PhD, despite his results being essentially worthless. The other authors still have their reputation. The faked publications were not retracted. I did recognize the fake in 10 Minutes by numerous inconsistent things and numbers that did not add up and did not make sense at all. None of the reviewers apparently did. Just when people tried to reproduce the results and failed were some question asked. But as I said, no consequences for blatant scientific misconduct by several people. For me, this nearly cost me my PhD as my advisor was not even capable of understanding the fake after I explained it to him in detail and somehow though they were doing something vastly superior to my work. While the low-point of my scientific work, it made me understand that most so-called "scientists" do not qualify for that distinction.