I did not provide quality judgement. I merely suggested that there may be *some* beliefs that justify appropriate protest. Whether *this one* is such or not is not really the point.

What if that CEO just "gave some money years ago" to Nazis? Now as CEO he is promising to promote "inclusive policies" . Would Jewish people working for this company be justified in asking him to step down?

See, it *is* about the kind of belief that is being dealt with.

In any case, CEO has a right to his opinion and employees have a right to theirs. They are *asking* for him to step down. That's what free speech is for. They can ask, and he can do as he sees fit.

Russia is doing this sort of thing pretty extensively. On one of the national forums I happen to frequent we know who these people are - in fact, they are not really in hiding (though they never officially confirm or deny their identity). Human psychology works in curious ways, though - even though the perpetrators are well known, the rest of the community still gets into extensive discourse that includes these people and even allows them to steer discussion in whatever direction they need to. I have to give it to these guys - they are well prepared and master mass psychology quite well.

What are the chances that next step for mr O'Hagan would be writing a "tell-all" article series, followed by a book "revealing to the public the intimate details about one of modern day most controversial characters". I bet that would pay a heck of a lot better than a ghostwriting job for a fugitive stuck at a 3rd world country embassy.

Seems like Assange isn't particularly savvy about choosing his friends.

It is correct and, if you have 10.6 handy - you can verify that under that system Safari is using OpenSSL. To do so, simply move /usr/lib/libssl.*.dylib elsewhere and try to run Safari. It will fail due to missing libraries.
On 10.9 Safari will happily run with OpenSSL libraries removed.

You are welcome to dig through otool -L output to find how it's linked up, but the fact remains - Safari was switched over from OpenSSL to homegrown crypto sometime after 10.6.

iOS 6.1.6 is not available for iPhone 5. It is only available for devices for which there is no iOS 7, unfortunately. First thing I checked.

:( But I *really* don't want iOS 7. I think this is all planned by Apple to move remaining holdouts to the current iOS. Fuck.

Snow Leopard (10.6) is not vulnerable to this bug, since Apple did not switch from OpenSSL to their own SSL/TLS library back then yet. Just verified on my 10.6 box (to verify visit https://www.imperialviolet.org:1266/ )

On the other hand, iOS 6.1.5 is - and now I have a choice of using insecure iPhone or upgrading to 7.x. For now I've switched from Safari to a 3rd party browser that does not have this bug - but email is still vulnerable and so can be other components. That said, I have little trust in SSL even when it works as designed, so I won't lose much sleep over this.

Dumb. We are in for more than that. It took a decade to get OpenSSL clean with many more eyes on it.

Curious. This would seem to result in a failure every time. Without reading the code further - how could auth ever succeed? Or did it ignore the failure return code and relied on hash update results anyway?

Switching away from OpenSSL that is widely used and audited for generations of releases to homegrown crypto is a mistake on Apples part. This is most certainly not the last security flaw in their code we will see.

Funny, if you happen to be Russian and of that generation - this is pretty much how "bioplastic" drive was described in a sort-of-science-fiction book about "Neznaika in a sunny town" :) Here is the relevant page:
http://vseskazki.su/avtorskie-skazki/n-nosov-rasskazi/neznajka-v-solnechnom-gorode.html?start=28

I've been waiting for this one for a while.

I can't stand "military fiction"? WTF is it anyway?

Disclaimer: I am an Apple product user. I like my iPhone 5. However, I tried and could not like iOS 7 (my primary iPhone is still on 6, and I'll stick with it for as long as possible), and admittedly for a few years I felt about my iDevices about the same as anything else - they serve the purpose, annoy me sometimes, whatever. Mildly ambivalent.

At the same time, I wasn't too excited about wearable computing. Watch-like devices that came out so far seemed to be trying the form factor without actually having figured out their purpose. They were poor answers to questions no one asked.

Then Apple does this. I have no idea what specifically "this" is but admittedly a "bio-metric" angle is intriguing. I am now somewhat curious and even a little excited to see what they will develop. This may be in part because as I got older, I've got a lot more careful about maintaining my health (whatever is left of it anyway). As part of that quest, I've been through a number of dedicated health-metric devices - and virtually all of them so far came up extremely short in both functionality, usability and integration. In fact, ironically, the most used "health" device is my iPhone which I consistently use for nutrition and fitness tracking.

So - great angle from Apple. Wish I could work on that project :)

Suddenly, study abroad begins to sound ever more attractive :)

Don't confuse debit cards (that do have a PIN in US, as anywhere) and credit. The difference is crucial and in principle. With direct debit cards account holder is liable for any losses due to fraud (though banks claim they will help, by law it's the responsibility of account holder). With credit cards card issuer is liable by law for any fraudulent charges. I'll take the second option, thank you.