Russia is doing this sort of thing pretty extensively. On one of the national forums I happen to frequent we know who these people are - in fact, they are not really in hiding (though they never officially confirm or deny their identity). Human psychology works in curious ways, though - even though the perpetrators are well known, the rest of the community still gets into extensive discourse that includes these people and even allows them to steer discussion in whatever direction they need to. I have to give it to these guys - they are well prepared and master mass psychology quite well.

What are the chances that next step for mr O'Hagan would be writing a "tell-all" article series, followed by a book "revealing to the public the intimate details about one of modern day most controversial characters". I bet that would pay a heck of a lot better than a ghostwriting job for a fugitive stuck at a 3rd world country embassy.

Seems like Assange isn't particularly savvy about choosing his friends.

It is correct and, if you have 10.6 handy - you can verify that under that system Safari is using OpenSSL. To do so, simply move /usr/lib/libssl.*.dylib elsewhere and try to run Safari. It will fail due to missing libraries.
On 10.9 Safari will happily run with OpenSSL libraries removed.

You are welcome to dig through otool -L output to find how it's linked up, but the fact remains - Safari was switched over from OpenSSL to homegrown crypto sometime after 10.6.

iOS 6.1.6 is not available for iPhone 5. It is only available for devices for which there is no iOS 7, unfortunately. First thing I checked.

:( But I *really* don't want iOS 7. I think this is all planned by Apple to move remaining holdouts to the current iOS. Fuck.

Snow Leopard (10.6) is not vulnerable to this bug, since Apple did not switch from OpenSSL to their own SSL/TLS library back then yet. Just verified on my 10.6 box (to verify visit https://www.imperialviolet.org:1266/ )

On the other hand, iOS 6.1.5 is - and now I have a choice of using insecure iPhone or upgrading to 7.x. For now I've switched from Safari to a 3rd party browser that does not have this bug - but email is still vulnerable and so can be other components. That said, I have little trust in SSL even when it works as designed, so I won't lose much sleep over this.

Dumb. We are in for more than that. It took a decade to get OpenSSL clean with many more eyes on it.

Curious. This would seem to result in a failure every time. Without reading the code further - how could auth ever succeed? Or did it ignore the failure return code and relied on hash update results anyway?

Switching away from OpenSSL that is widely used and audited for generations of releases to homegrown crypto is a mistake on Apples part. This is most certainly not the last security flaw in their code we will see.

Funny, if you happen to be Russian and of that generation - this is pretty much how "bioplastic" drive was described in a sort-of-science-fiction book about "Neznaika in a sunny town" :) Here is the relevant page:
http://vseskazki.su/avtorskie-skazki/n-nosov-rasskazi/neznajka-v-solnechnom-gorode.html?start=28

I've been waiting for this one for a while.

I can't stand "military fiction"? WTF is it anyway?

Disclaimer: I am an Apple product user. I like my iPhone 5. However, I tried and could not like iOS 7 (my primary iPhone is still on 6, and I'll stick with it for as long as possible), and admittedly for a few years I felt about my iDevices about the same as anything else - they serve the purpose, annoy me sometimes, whatever. Mildly ambivalent.

At the same time, I wasn't too excited about wearable computing. Watch-like devices that came out so far seemed to be trying the form factor without actually having figured out their purpose. They were poor answers to questions no one asked.

Then Apple does this. I have no idea what specifically "this" is but admittedly a "bio-metric" angle is intriguing. I am now somewhat curious and even a little excited to see what they will develop. This may be in part because as I got older, I've got a lot more careful about maintaining my health (whatever is left of it anyway). As part of that quest, I've been through a number of dedicated health-metric devices - and virtually all of them so far came up extremely short in both functionality, usability and integration. In fact, ironically, the most used "health" device is my iPhone which I consistently use for nutrition and fitness tracking.

So - great angle from Apple. Wish I could work on that project :)

Suddenly, study abroad begins to sound ever more attractive :)

Don't confuse debit cards (that do have a PIN in US, as anywhere) and credit. The difference is crucial and in principle. With direct debit cards account holder is liable for any losses due to fraud (though banks claim they will help, by law it's the responsibility of account holder). With credit cards card issuer is liable by law for any fraudulent charges. I'll take the second option, thank you.

First, chip & pin is how Europe does not, not the "rest of the world". In my travel around Asia I haven't seen chip & pin cards or machines anywhere (anecdotal evidence it may be, but it definitely isn't universal). I got a (rare) US chip & pin card just in case for my travels a few years ago, and so far had not a single chance to use it - not even on a recent trip to Germany. In places that could "go either way" that card still fell back to signature mode (though, perhaps, that's more of an issue of how VISA presents it).

Secondly, chip & pin has one interesting issue in US market - tipping at restaurants and such places. The (imho vile) practice of inflating one's bill by 20-25% post-consumption is not particularly common in the chip & pin world. Since chip & pin transaction has to be fully concluded at pin entrance, we would have to tip at restaurants through hand-held machines brought to our table, while waiter is standing there looking on anxiously. I am guessing tip rates can then go to 50%?

All my phones from last 10 years are still around and being used, if I can help it.
Smartphones:
iPhone 4 is still very much alive and kicking, used essentially as an iPod/music device/game device/development/whatever. I also take it when I travel to use with foreign SIM cards, to avoid risking newer iPhone 5.
iPhone 3 was also alive until last summer, but unfortunately got stolen during a trip abroad. Sure hope someone is enjoying it. Curiously, thieves in Bangkok were considerate enough to take the phone but leave the wallet that was right next to it in my bag.

Dumb phones:
I had a few "prepaid" Virgin Mobile phones laying around, reactivated and used sporadically for visitors from abroad or as needed. Unfortunately, they had to be discarded ever since Virgin Mobile stopped selling short term prepaid plans (and they cannot be activated directly on Sprint network due to their policy). Too bad, they all worked just fine.
An old Sprint phone has been recently revived and reactivated through one of the non-contract Sprint resellers - give it to kids as a "safety' device.
An old quad-band GSM phone from ATT is a spare, taken abroad to use with local SIM cards sometimes (but lately iPhone does that better).

The only phone I parted with voluntarily in the last 10 years was a Samsung Galaxy (forget which revision). I tried hard to like Android (hoping to develop applications for it, wanted to get some system experience), could not like it though and sold it on eBay.