I've got a better idea: how about not requiring me to pay for somebody else's elective health care, regardless of whether it's for contraception or not, and regardless of what my religious beliefs (if any) are?

Handling water may possibly become my first Arduino or RaspPi project, if I can get through my newbie ignorance, and learn some new tricks as an old dog.

We have flood irrigation that comes in from an acequia every couple weeks (used to be every week, but times are changing) at an irregular rate at irregular time-of-day. (You can't deal with this, just using timers, and the amount of water pressure is tiny compared to what you usually have on a typical garden hose, so lots of cheap ubiquitous gadgets don't work here.) I leave a floodgate open (i.e. remove a coffee can from the end of a tube), go to work, go back home for lunch, go back to work, go home at end of day. For various reasons that you can probably imagine, it's bad to leave the floodgate open after we have collected a certain amount of water. Things work out fine if it happens to finish at lunch time (or if it's so slow that it hasn't finished until end of day), but otherwise, someone has to leave their workplace and go home to deal with it.

That is lame, in a way that really does (slightly) matter.

Thus I'm tempted to either build a sensor (or just cheeze out with a webcam, though that's less geeky) and some kind of remote-controllable motorized floodgate.

AFAICT nobody sells anything for this; it's up to me. As it happens, there are lots of guides online for building this kind of stuff, but they're all within the context of Dwarf Fortress! Yeah, right, as if I want a gate that'll remain stuck open just because there's a butterfly or elephant carcass in the way.

Lower tech solution: find retired neighbor to do it, in exchange for beer or something. This is actually the cheapest/smartest way to do, but rubs me the wrong way. I'm sure you all understand.

After going through customs a couple times, I'm pretty sure the US government considers them to be the same thing.

This is all about more gov control, taxes, regulation to protect us from ourselves.

Sorry, I clicked the links but I think I might have missed an important part of one them. Could someone please tell me what the word "this" in the above quotation refers to? What is about more government control, taxes and regulations?

If the price is right, of course they will. Just because you're a lazy bastard doesn't mean everyone is.

It's kind of amusing that your link starts with the assertion: "America is the name of a whole continent."

Which is, of course, incorrect. There is no continent called America.

That's not discrimination. That's Progress.

Nobody uses the term "American" to refer to a resident of one of the two American continents. That would be as dumb as referring to somebody as a "Eurasian", or an "Afro-European." Argentinians aren't "American;" if you insist on referring to them as residents of a continent, then they are "South Americans."
The "USian" name is an attempt by the PC brigade to solve a problem that doesn't actually exist. In English, the term "American" when applied to a person always refers to citizens of the United States of America.

Maybe what you need is an anti-watch that uses anti-time: not only does it not tell you what time it is, but suppresses other clocks around you.

"What time is it?"

"It's time for me to press the 'temporary disable' button on my anti-watch. Ah, according to Big Ben, it's 10:38."

Our greatest protection was giving-a-fuck.

It's still available, and occasionally used in some limited contexts. There's pretty much no problem that won't be quickly fixed by the people exercising this power.

But we usually refuse. Giving-a-fuck is somehow a "nuclear option" these days, not to be exercised lightly. "Whoa there, this might be a crappy situation, but I'm not going to 'throw away' my vote!"

Hey man, maybe this tax is a good idea, but the whole "Gas is much too cheap in the US," thing is a pretty dumb thing to say. There is no such thing as "too cheap." By all means, end the gas subsidies and externalities (e.g, middle east wars, not having to pay to plant forests to soak up CO2 pollution, etc) and add any taxes that are appropriate (e.g. fuel usage and road wear maybe aren't an exact match but they're pretty close; so I'd say gax taxes to pay for highways are a pretty decent idea), but even 10 cents per gallon wouldn't be "too cheap" because nothing can ever possibly be too cheap.

That said, gas sure is cheap. I can buy gas cheaper than I can buy Coca Cola and it's sure worth a lot more.

Crazy? Sounds like a fun card game, to me.

However, anything is better than nothing,

The only thing worse than knowledge that you are insecure enabling you to behave accordingly, is a false sense of security so that you don't.

That one is easy: don't assume a false sense of security. There, problem solved. I don't know how anyone would ever get into that position, but I agree that if they do, we should give them a common-sense reality check.

you can't trust google to provide the endpoints if you want to be secure FROM google.

I think everybody gets that. It's irrelevant to the problem at hand (that a quarter century after PGP, people are still sending plaintext) though, and all implementations of OpenPGP fall outside the scope of addressing the "is my computer running the software that I think it's running?" question. Don't get me wrong, it's a good question for people to be asking. But it doesn't necessarily mean it's stupid to run Google's code; running Google's code merely comes with a convenience/security tradeoff that most people here won't want to pay, or won't want to pay in certain situations. Please, see beyond that point.

You face that same issue every time you use https in your web browser. That doesn't mean you have stopped using https, does it? Do you really get a sense of security (which you know is always going to be false) when you use https? Of course not. You get a sense of securER. The same thing will apply to users of this extension.

We really have to stop bringing up the "false sense of security" bugbear every time someone tries to make things better. Think about what users are going to do, after they have been using Google's version for a few years, have absorbed some of the concepts and habits, and then a story eventually gets out that Google (or a middle) got caught sending a compromised version to someone. That will be a good day, not a bad one.

If someone points a gun to my head...

IMHO once people are pointing guns at you, you have serious problems. And yet even then, if the attacker happens to be your government, or someone within reach of your government, you still have recourse. Unless they pull the trigger, then you know that it happened, so you can challenge it in court, or call the cops on the assailant after he leaves, or whatever.

But that isn't really the kind of situation that people are talking about much, in 2014.

The TLA's are certainly authorised to make these demands; It's their job

Looking at the TLAs' behavior provides a good illustration of why crypto needs to be at the endpoints, rather than trusted to service providers: the TLAs have not been making those demands!

We're not hearing about them barging into peoples' homes, pointing guns at them, showing them warrants, and telling them "give me the key to this information about you, or else." We have a legal system for handling that kind of situation, most people are pretty happy with it, and a citizen from 1814 would recognize it. Just read the Bill of Rights, and you get all sorts of images of stories where cops with British accents hatefully sneer, when their Samuel-Adams-esque criminal suspect tells them "oh yeah? See you in court, limey bastard!" and they have to grudgingly go along with the new laws. America, fuck yeah!

Something quite different has been happening, because we have been deploying tech in a way that the confrontation doesn't need to happen, and all our old laws are circumvented. The tech we're using, doesn't fit our needs.

This isn't to protect against government coersion of the business.

This isn't, but it's a step in that direction. You're right that a Google plugin running in a Google browser, certainly doesn't protect against that. That's what I was saying, and then labeled as a minor point.

Nevertheless, it could help educate users on the necessary key exchange and trust concepts, and get them used to decryption as something done by their user agent, where a service provider should normally lack the capability to do it. And if this is really OpenPGP compatible, then it has a fully interoperable upgrade path, to something that does protect against coercion of third parties.

The people who want things easy but less secure, can talk to the people who make the effort to learn how to do things. People could shift at their own pace, but all be part of the same network effect. (I gotta admit, that excites me. I've gotten so jaded, and used to thinking of network effects as usually-bad things.)

In 2015, Joe User uses Google's implementation, and an attacker goes to Google and makes them offer a compromised Chrome-or-plugin to Joe, which Joe unwittingly accepts, and then it extracts his key and sends it out. Joe never knows what happened. A couple years later in 2017, Joe User has moved his keyring to gpg, and an attacker goes to Google and makes them offer malware to Joe. Joe accepts and runs the malware, but it never extracts the key, because Chrome doesn't have it anymore.

At that point, either the malware has to be nastier (break out of its process, use a local elevation exploit, etc -- other purely technical problems that we're always trying to solve anyway), or, if that's not on the table or doesn't work: then suddenly WE'RE BACK IN AMERICA, and the attacker has to show their warrant to Joe.

And that last thing, is the goal. If we can get it to go that way, then we'll have due process again. I want suspects to be saying things like "I'm calling my lawyer, officer," not middlemen saying, "What does the legal department say about this? Should we comply? Eh.. it's not like it's any skin off our noses anyway. The customer will probably never find out it happened, so the cost to our reputation should be quite minimal."

At first glance, this looks like a good idea which should be encouraged and nurtured. Even if they fuck up something.

The downside is that it's pretty crazy to be doing stuff like this in a scripting language inside of a machine that downloads new versions from somewhere, at the drop of a hat, and where the machine itself (Chrome) is remotely-coercible. (In other words, point a gun at Google's head, and they will extract your key the next time you enter your passphrase.) But really I think this is a minor point! (bear with me; I know that sounds like a bombshell.)

It's good to for people to start using OpenPGP, even if they do some things wrong, and for it to get more mainstreamed. It'll get 'em familiar with the concepts (and they need to learn them all; take anything out and you have a broken system), and then some day they will graduate to the real thing (actual PGP or GnuPG, outside the vulnerable context of today's web browsers) and do things more carefully on their own time while remaining interoperable with their associates.

I know I am a dead-horse beater on this, but OpenPGP, after all these years, really is still the very best, top-notch, number one PK system we have. It's not merely good; it's right. And the applications for the WoT go far beyond merely securing communications from snooping, though it happens to be excellent that that. Three cheers for Google not inventing something gratuitously nonstandard (and therefore, probably deficient)!