My understanding is that Chrome and Mozilla both use NSS. It's a bit outdated, so I could be wrong (given that Google forked webkit, I can imagine them forking NSS too).

Actually, with a quick Google search, it seems that Chrome on Android uses (used?) OpenSSL for certain functions. I'm curious to know if secure communication via Android devices can be compromised via those functions. At first glance, I'd say no, but I don't have enough domain knowledge to make this assertion.

NSS is thus far secure, but I really, really would like to see the results of multiple full and independent audits. If there's a problem in NSS, that would be about as big as it can get.

Like I said, it's a bit frightening that there are such large and somewhat obvious holes in these major crypto libraries found within three months of each other, but it's good to know that they're being found and fixed.

Well, it's not good that almost every major audit-able crypto library has been found to have trivial exploits (still waiting on issues in the Chrome and Mozilla SSL libraries).

It's good that eyes are looking, and people are finding these things. I imagine that without Snowden's revelations, nobody would have bothered to check. And these bugs would have been found much later or not at all, allowing espionage organizations to compromise many more private communications in the interim.

While the idea that the NSA or some other agency had a hand in these bugs is largely a conspiracy theory, the answer to whether they knew about these flaws and exploited them should be pretty obvious. After all, the NSA has probably done the very same code audits for the purpose of finding holes they can exploit.

And before somebody says a closed-source implementation wouldn't suffer these problems, quite frankly, if all of these libraries were closed-source, we wouldn't know if there was a vulnurability at all, or for that matter if any found would be fixed. There needs to be more eyes auditing the security code, not fewer.

The He-filled WD version is just a bit larger, and has a giant laser in the center that can blow up a city.

Here's an informative blog piece by one of the testers:

http://www.violinist.com/blog/...

Well, regarding #1, #3, and #4 (I've never heard about #2, so I can't comment):

The recent surge in California wine prices, as well as the recent surge in popularity of California wine, is due to Californian wine beating out the French in a competition. I say recent because wine snobs have existed for centuries.

There was actually a guy who tried to show what a sham the whole art thing was by forging many famous original works and then burning the original. In my opinion (strictly my opinion), just because someone is talented doesn't mean someone else is just as talented, or talented in a different way. While the "market value" of an original might be overinflated due to the relative ease of a forgery, the true value of the work itself does not fluctuate with copies. And there could be separate value to the forgeries too, as that itself requires no small amount of talent. In particular, the forgeries of the Rembrant forger you most likely had in mind do in fact have value.

There is no subjectivity in digital signals.

There are two things to say to that:

1) You can always check yes, even if you're not. Nobody's stopping a potential renter from lying on the application. AirBnb isn't liable for anything if the renter is lying.

2) It may not be their job or even their social repsonsibility, but it does sound predatory. They're taking advantage of people who don't know the local laws to pad their numbers (particularly of units available in those areas). There can be legal repercussions (see #1).

I'd imagine if the NSA did have their hands in helping to secure internet communications, every country would have been up in arms last year, and the internet would be completely fractured by now.

Their non-involvement was a good thing, not a bad thing. Now, we currently know there are better things that can be done to secure the internet, but not having implemented them yet does not mean things are bad right now either.

Maybe you should start with the half that's alive?

10K years is more than enough for anybody.

You do. Just don't think you're any better than them, or that your speech is any "freer" than theirs.

But this affair isn't a matter of free speech. This is a matter of persecution. This is the mob forcing someone from their job when they've done nothing wrong professionally (Javascript notwithstanding).

You're naming politicians here. It's not helping your argument.

Being bigoted towards a bigot is still bigotry.

And yet, he has not had the opportunity to do any of these things before he was forced out. In fact, he's stated that nothing would change about Mozilla's stance towards the LGBT community and its issues. Yet he was judged not by his ability nor his performance, but by his beliefs. How is that not being bigoted?

If OkCupid was actually doing more than just attention-seeking, they would've boycotted Javascript (and put up banners for JS-enabled browsers to tell their users to disable JS). And I'll bet a fair amount of people here develop in and/or work closesly with Javascript.

Anybody, especially organizations, who advocated for Eich to step down should boycott JS too, if they truly believe their own righteousness. Don't see that happening anywhere...

You seem to have fail at separating personal from professional.

It has everything to do with his personal beliefs.

If he had fired a bunch of LGBT-supporting employees at Mozilla, or defunded the LGBT club (if they have one) there, that would be crossing the line between personal and professional. Only then would all this outrage be justified.

Did he do anything like this during his short tenure? I certainly haven't heard.