No, it doesn't. S/MIME, PGP-mail, etc. Of course that only works if the party you're e-mailing can also use client-side e-mail encryption.

Google is working on enabling OpenPGP-encrypted e-mail for Gmail with a Chrome extension: https://github.com/google/end-...

Meh. Everything is bigger than Hollywood.

Okay, that's a little bit of an exaggeration, but honestly, on the scale of major first-world institutions that people know and recognize, Hollywood is pretty small potatoes. Apple alone rakes in more than double the entire worldwide film industry's take. 2013 worldwide film industry revenues: $88B, and Hollywood is only about 2/3 of that. 2014 Apple revenues: $183B. IBM also is also bigger than Hollywood. Google is about as big as Hollywood. Ford is bigger than Hollywood. GM is bigger than Hollywood. Exxon Mobil is more than six times as large as Hollywoood.

The film industry is almost noise in the US national economy. It's chump change.

Where Hollywood is a heavyweight, though, is in politics. It has massively disproportionate power in comparison to its segment of the economy. Why? Simple: political power is about influence, not money, and Hollywood has direct access to the voters' brains. Large quantities of money can also buy access to said brains, but there is no amount of money that could buy as much political advertising as Hollywood can pack into its entertainment output. And any individual actor of note can stand up and say something and get press coverage that would cost tens of millions if purchased, free.

Luckily, Hollywood isn't politically homogeneous, so to a large degree the politics of our entertainment media reflect the same varied sets of opinions found in the nation as a whole. Not perfectly, but largely. There are some areas in which the interests of Hollywood are highly homogeneous, however, such as around copyright law, and there they wield incredible clout.

Anyway, my core point here isn't about that, it's just that Hollywood's visibility and influence makes it seem much bigger than its actual economic status.

You know it's not a contest to come up with the worst bullshit. If you're left with one person 95% of the time when you have 249 possible wrong answers, it's like being left with 4000 people when you have 999999 wrong answers. If all those are too close to tell apart you'll misidentify >99.9%.

Imagine for example that you wanted to find people by height and weight, as measured to nearest cm and kilo. It might work decently on a small group, but if you scale it up to a million people there'll be a lot of duplicates and then you're just guessing, double the population and you halve the chance of being right.

If you're going to pirate the software, you might as well go ahead and pirate the full version; then you won't have to poke at it.

OTOH, if you're going to legitimately use the software, you ought to pay for it.

It might destroy a few of the more brittle fundamentalist strains, but most religions would quickly adapt. People are quite capable of modifying their beliefs to deal with new facts, when necessary.

Developers and a ton of other professionals. If Linux/FLOSS could replace Windows, Office, Outlook/Exchange, Sharepoint and SQL Server that's probably 15 of Microsoft's $26 billion dollar revenue. Open source has not managed to commodify basic business and collaboration tasks, despite so many years of trying. It's not all about smartphones and tablets.

There will -always- be flaws. However, part of a company selling security is how they respond to issues, and here, BlackPhone has performed quite well. There was a problem, they fixed it, and that is what matters.

I agree that how a company handles incident response is important and the BlackPhone guys have apparently handled this well.

However, there are several things that are troubling about this story which lead me to not trust BlackPhone and question the security experience of the people designing it.

The first thing we notice about this exploit is that the library in question appears to be written in C, even though it's newly written code that is parsing complex data structures straight off the wire from people who might be attackers. What is this, 1976? These guys aren't programming smartcard chips without an OS, they're writing a text messaging app that runs on phones in which the OS is written in Java. Why the hell is the core of their secure messaging protocol written in C?

The second thing we notice is that the bug occurs due to a type confusion attack whilst parsing JSON. JSON?! Yup, SCIMP messages apparently contain binary signatures which are base 64 encoded, wrapped in JSON, and then base64 encoded again. A more bizarre or error-prone format is difficult to imagine. They manage to combine the efficiency of double-base64 encoding binary data with the tightness and simplicity of a text based format inspired by a scripting language which has, for example, only one kind of number (floating point). They get the joy of handling many different kinds of whitespace, escaping bugs, etc. And to repeat, they are parsing this mess of unneeded complexity .... in C.

Compare this to TextSecure, an app that does the same thing as the BlackPhone SMS app. TextSecure is written by Moxie Marlinspike, a man who Knows What He Is Doing(tm). TextSecure uses protocol buffers, a very simple and efficient binary format with a schema language and compiler. There is minimal scope for type confusion. Moreover, the entire app is written in Java, so there is no possibility of memory management errors whilst trying to read messages crafted by an attacker. By doing things this way they eliminate entire categories of bugs in one fell swoop.

So yes, whilst the BlackPhone team should be commended for getting a patch out to their users, this whole incident just raises deep questions about their design decisions and development processes. The fact that such a bug could occur should have been mind-blowingly obvious from the moment they wrote their first line of code.

Virtually every *nix app runs over abstraction layers such as QT, GTK, Pango, Cairo etc. Assuming there are wayland backends for these layers then porting isn't as hard as you think. There may be vestigal bits of X to clean up and some edge cases that need more effort (screengrabbers, video players, browser plugins etc.) but porting the majority of apps will just port over. Aside from that, if you *did* have some ancient X app you could still fire up X over wayland just for that.

X will probably stick around as a core component for a few more years in most dists and then it'll be pushed off to the side as an optional package, available for those who want it but not installed otherwise because it won't be needed.

X11 is an arcane and largely obsolete framework. The fact it needs so many damned extensions to be any way functional is precisely the reason that developers are keen to get rid of it. It's not secure, it's filled with arcane and obsolete code and it's terribly inefficient both locally and remotely. Fortunately it'll be moved aside and replaced by wayland over the next few years.

Not necessarily.

Jobs' brilliance wasn't in his management, it was in his design sense, personal charisma, and knowing when to throw his company behind developing and pushing a new product (OS X, iPod, iTunes, Tablets).

Tim Cook doesn't have the same epic level of charisma but that could change, and he clearly hasn't screwed up the management part, but we've yet to see his signature on the design and product fronts. I think you can call Apple Pay and the iWatch products of the Tim Cook era so their success will be the first real test of whether he can keep the Apple innovation machine turning.

Oh fuck that. I can plug my Nexus into my Windows machine, create folders, copy files, view any video format I want. Or I can have an iDevice, have to use the evil that is iTunes, convert to formats that Apple has decreed as sacred, and basically give up all control of the device. IOS devices are good for people who never want to go beyond the parameters Apple sets.

I think you would have a hard time figuring out what Occupy WASN'T protesting about. That's why the Tea Party has succeeded to some extent, and Occupy has failed. The Tea Party, by and large, set the parameters for what it was fighting, and stuck to them. Occupy was all over the map.

Can't speak for the iPad, because the only real interaction I had with one was a day with an iPad 2, which I found a bit heavy. Further, I really do dislike IOS and have since even abandoned my iPhone for a Nexus 5.

That all being said, I do use my Nexus 7 a lot. For me it is the perfect form factor. A 10" tablet is really too big, and my phone is on the smallish size. I pretty much do all my recreational reading, and a fairly large portion of my work-related reading on my Nexus 7, and it's small enough to be rather book-like in size, but large enough that it renders PDFs, ePubs and most web pages fairly well. I'm not going to get that readability out of a smartphone, and a 10" tablet or notebook is just too big.