Sounds to me that this problem is simple to solve, even with a naive solution. Take for example a simple key agreement algorithm like Diffie-Hellman which (for the unfamiliar with the subject) allows 2 parties to reach a secret key (called K) with a simple set of math and shared parameters (which the hackers can get but can't really use them for their advantage/finding K).

With a simple key agreement and some fast cryptographic algorithm (maybe AES) all conversations could be secure no matter what the network security was. It can even be implemented on top of current protocols AFAIK. And if people suggest that the CPU power might be too great then I just would like to remember that nowadays almost every phone has a browser (even if it's a WAP browser) and that HTTPS already uses key agreement and encryption.

I also view this (suggestion of) improvement as raising the bar in protecting the public's privacy because with this protocol in place it would be very difficult/expensive for authorities to break and eavesdrop on people conversations. With a warrant however, the network providers (cell carriers and other phone services) could put in place a way for authorities to get the key to decrypt the conversation taking place.

I for one can't wait to see a green lock next to my in-call HUD.

They do have a "Report Phishing" option though. Sad thing is that most people don't know what phishing is or even realize they've been victims of it until it's too late, at which point they rarely go back to gmail to report the phishing attempt.

How come most of the northern part of Africa and Middle East are as red as China? As far as I know those countries aren't that rich or industrialized to have more pollution than most of EUA and Europe... Could it be they're counting sand as air particle pollution agents?

The Windows Forms (the original Microsoft UI toolkit which Mono folks call M(anaged)WF) is very platform specific. That doesn't mean it won't work on other platforms. A good set of features is available on Mono and you can run a lot of MWF applications on Linux/OSX without code changes. That's not to say it will ever be perfect without some tuning or picking a better (cross platform) toolkit like GTK# which will work almost everywhere Mono supports (e.g. it even runs on Nokia devices!).

The CLR and ECMA are standards so this means anyone can implement C# and the CLR freely. The libraries are not standards which means MS could (theoretically) sue claiming intellectual property or something like that. However, MS and Novel have agreements on this (they even contribute code to each other on .Net iirc) and it's unlikely that Microsoft would profit anything from this thus unlikely they'll want to sue/block it anytime soon.

I'm not too familiar with Wine but my guess is that since Wine is a purely reverse engineer effort they're right in the gray area without any sort of protection from law or otherwise. But since Microsoft has everything running for them (they release new APIs much faster than Wine can keep up) they simply don't bother with it.

Mono does have a solution. There is a flag you can turn on so make it happen. It's just not on by default because it affects performance for obvious reasons (attempting to find a match). But of course my point is a simple as, if you code it right you don't need to!

Jesus. All I said is, people sometimes do stupid things like hardcoding paths into the application. .Net provides API to get directory separators and such, but if people don't use them it can't simply make it work by magic.

The more common problem is hardcoded file names being case sensitive in most *unix file systems. Surely your precious Java can't fix that can it? If not why don't you apply for a job at Sun and show them how trivial it is to fix everything for every one.

Of that example is very trivial. Not everyone is a programmer so I didn't want to go into details but you need to consider there is more to it than simply replacing C: with /.

The CLR is a standard as well as the C# language. Which means that except for a very few set of very core libraries/classes (like String) the majority of APIs aren't standardized.

Yes, Mono tries to keep up, but not everything is like you lay it down. For instance, the C# 3.0 and 4.0 standard was implemented before the respective releases from Microsoft. As soon as the standard is out Mono starts implementing it and tries to keep up with any changes the beta releases do. Usually it's up to date by the time the final release is out.

As for newer APIs someone needs to implement the changes/new ones. Some APIs aren't ever implemented for the lack of interest. But the point is, if you want to be cross platform with C#, you can. ASP.Net, Linux, Windows, OS X and even stuff like iPhone and Android.

Mono can run way more apps than Wine, specially if you include ASP.Net sites.

Of course, most programmers do stupid mistakes that make it impossible to run in another environment than Windows. The most common one is handling paths like "C:\..." in which case there's nothing Mono can do.

The sources for the main libraries are available from Microsoft and they even include installers so you can see them while debugging an application. I said kinda because the Microsoft license isn't exactly compatible with everything else out there and it isn't exactly built around a community you can simply commit a patch.

Don't talk about you know nothing about. Wine is an effort to reverse engineer something that is ill documented, not a standard and huge moving target. It might never worked or work well in every scenario though.

Mono on the other hand is based on the standards which makes it much easier to implement, make it compatible and test. Not every API is ported though, but I can tell you from experience you can create well performing apps that run cross platform with Mono and .Net without a single source code changes (or binary for that matter). Even ASP.Net runs out the box.

If the submitter wishes to learn C# (and I think he should) I even go as far as suggesting he does it on Mono/Linux. Not because I think Linux is great but because it will help you understand the implications of cross platform development which in some little cases the .Net platform did a poor job although it's a primary objective of the whole framework.

Oh, and btw the .Net source code for the core APIs is kinda open source so you can read it too.

That's true if you're the casual finder, but not if you live of security research.

I do know it isn't as simple as looking at the code and sometimes you don't even do that, the point was that finding a bug on something as widely tested and used and a browser isn't as simple as proof-reading a book.

Finding a bug in a book is a matter of reading, proof reading and testing every example on the book to see if it works well. You could say it's an exact science because you can simply define a couple rules and follow them until you find a small mistake.

Finding a bug on a software isn't that simple. For starters there are millions of lines of code and unlike books a single line can affect millions of other line's logic paths/assumptions/etc. There is no single method you can apply to find a bug and that's why security research is so hard.

No matter how good a security researcher you are, you can never be 100% sure before hand that you can find a bug. Add that to the fact that the rules usually are something like "Critical Bugs only" and you've very few chances of success.

If you're not being paid a steady check to work on something like Mozilla or Chrome, chances are that 500$ isn't enough to make you learn their code, test and find something that you might never even find.

If you work on something you usually like to get paid. It's considered insulting to pay just 500$ for a bug simply because you can get a much higher paycheck if you sell it on the black market. So, if you're into security research to make money, 500$ is an insult to people's time.

Personally I've always believed that from a Darwinist point of view the only logical explanation is that the Egg comes first. From the summary of the story they're making it sound like, it it lays eggs then it's a chicken, which is not always the case. The truth is that genetically you usually have mutations before being born, so any creature that laid an egg (or even without eggs, e.g. mammal) gave birth to to a mutant freak that so happened to be a chicken.