You are an idiot, several times over.

For one other, not everybody is fanatically partisan. I don't like Eich because he wanted to enshrine religiously motivated discrimination into law. I support gay marriage, and will continue to do so until the law gets out of marriage entirely and makes all the benefits which legally married couples receive instead available to everybody. I use Firefox just as much as I used to (it's not my primary browser, but I keep it installed and use it semi-regularly). The Democratic party receives more of my votes than the Republican party but I do not like Obama, Hillary, or the DNC; I voted for a third-party candidate. I will call anybody acting hypocritically a hyprocrite. For example, you took a non-partisan discussion (equality and corporate politics) and tried to imply that it was partisan (specifically, that Microlith is a blind supporter of the Democratic party) when in fact you just revealed your own partisan bias without refuting a single one of Microlith's points.

Flamebait doesn't have to be off-topic. Off-topic stuff is supposed to get modded off-topic, not flamebait. Flamebait is saying things to get people pissed off, like talking about Congress outing and ostracizing religious people, and linking to a news story about the "gay mafia" (about as idiotic a term as I've ever heard).

The other of the post emself admitted it was flamebait.

You distort facts to imply that they mean something other than what they mean, then act like you expect us to believe your "interpretation". For example, I don't really care what the Democratic party claims - I don't vote any party's line (nor do I support Obama generally speaking, except by comparison to some), and I look at voting records instead of claimed positions - but I doubt you'll find many on either side of the aisle who disagree with the claim that they support the constitution. The constitution explicitly gives the Judicial branch the ability to do what it did to Proposition 8 (overturn it on the basis of higher law). This is to prevent the tyranny of the majority over a disliked minority group, which is one of the obvious failures of a pure democracy. As for "activist judges", you do realize that 5 of the 9 current justices were Republican presidential nominations, right?

Oh, and lots of people who call themselves "orthodox" or "fundamentalist" members of the religions you listed are fine with gay marriage. *Your* view might be that this is inherently contradictory, but their view is that however unrighteous those people are is a matter between them and God but secular law should be fair to all, or that a God of love would not turn His back on somebody on account of who they love, or any of many other arguments. You will probably find many more such people like that than you will find people who believe that the wrathful or gluttonous are nearly so bad, and that (heterosexual) adulterers deserve death. As such, it is quite obvious that religious folk can go about their daily lives without trying to enforce their religious beliefs on others. If you personally cannot, that is a failure of you personally, not of society or even of religion.

Oh, and the bit about tolerance? You really didn't think that part through, did you... it's about creating a tolerant society, not about personally tolerating everything. You present a false dichotomy: tolerate everything including intolerance, or don't be "about tolerance". Try this thought on for size: "we advocate tolerance towards every individual's nature, but oppose those who choose to be intolerant of the nature of others." It may help some people to think of it as advocating tolerance towards the ways in which God created us, and opposing those who are intolerant of some of God's creations. After all, sin is supposed to be about (making the wrong) choice, right? Are we not innocent and pure, until we choose to be otherwise? Well, religious belief is a choice. Sexual orientation is not.

Finally, there's the fact that you cite Fox News, which is just stupid around here. Even assuming that the story was both accurate and unbiased (having read both sides, Fox's account is generally the first but far from the second), that's just asking for trouble. The stories were widely reported; you can find better sources than that.

For the first story, Emmanuel is, to the best of my knowledge (though IANAL), not allowed to deny or revoke business licenses on the grounds of an implied intention to discriminate; an actual act of discrimination or at least a policy requiring it would be required first.

For the second story, that's straightforward: if you run a business open to the public, you are not permitted to discriminate against certain classes of people and refuse them service. This has probably been law since before you were born, in the case of racial discrimination (incidentally, at least one religion in the US held that black skin was the "mark of Cain" and thus they were justified in refusing to interact with them) and for that matter in the case of religion (which, unlike skin color or sexual orientation, is a matter of choice) or several other classifications. Oregon had simply expanded the list of classes against which a public business may not discriminate to include sexual orientation. If "Sweet Cakes by Melissa" had in fact been a Christian bakery - that is, a religious entity only open to Christians - they would probably have won their case. They were not.

For the third story, I'm amused that you chose an article that, aside from using a deliberately inflammatory leading question as a title, really doesn't support your views at all. The conclusion of that article is essentially thus: "he stepped down because of internal opposition to having somebody whose expressed views were contrary to company policy running the company". Or, in a simple answer to the title headline (and usually the right answer, when a headline asks a leading question): "No".

I'd congratulate you on reading something other than Fox News, but it looks like you didn't actually read that article before linking it. Oops.

Offtopic warning
Speaking of Fox News' credibility (off-topic but it was fun doing some research), I'll grant that the popular version of the story of Fox News winning a court case on the right to intentionally spread lies appears to be misleading, but some digging suggests that Fox does not, in fact, believe themselves under any requirement to tell the truth. The Fox News station WVTV was sued after it fired two reporters for threatening to tell the FCC that they were being required to insert untrue material into their news stories. WVTV won the lawsuit (on appeal) on the grounds that the reporters where not whistleblowers (which would have protected them) because “We agree with WTVT that the FCC’s policy against the intentional falsification of the news – which the FCC has called its “news distortion policy” – does not qualify as the required “law, rule, or regulation” under section 448.102.”
http://www.campaignfreedom.org... (see comments as well)
http://www.relfe.com/media_can...
http://www.foxbghsuit.com/sj04...
http://www.spj.org/a-ethics.as... (1998)

Normally I might agree, but Firefox doesn't need to market in the same way that other companies do. Their income comes from very non-traditional sources, and their products are free. That's not to say I *like* the idea of marketing running the place, but I think it's better than it sounds. Mozilla's marketing has been about awareness, much more than about trying to sell something.

Oh, please. OS X / Darwin's implementation of the Unix standard is screwier than half the Linux distros I've used. It's the same from Mac to Mac, sure, but that doesn't mean much; the same applies from SLES machine to SLES machine or from Nokia N900 to Nokia N900. Their filesystem layout is weird, they don't use standard files for some things, or do so bizarrely (some years back, I found their fstab manpage to be wrong and the file itself to be basically useless). Their user system is not entirely conventional.

There is no such singular thing as "the real Unix command line" but I could get a (descendent of) Bourne shell on versions of NT earlier than OS X existed.

The cool feature of Pacemaker is that it checks TLS *clients*, actually. There are other tools for server checks (one of which is included with Pacemaker) but it's actually very important to make sure any clients you have are invulnerable to Heartbleed as well. Software that ships with bundled or integrated OpenSSL libraries - and I've seen quite a few - could be vulnerable to this.

If the server (or client, for that matter) was hit with Heartbleed *during* (or shortly after) the session, the symmetric encryption key may have been retrieved and an attacker who had recorded the whole session could then decrypt it. If the session was ongoing and they were in position to do so, they could MitM it.

Similarly, if the attacker used Heartbleed during the key exchange, they might have leaked the private information (from either endpoint) needed to derive the symmetric key, even if for some reason they didn't get they key directly. Same impact as above.

If the attacker had used Heartbleed to steal the authentication private key prior to your session, they could have hit you with a MitM attack (appearing to be the authentic server) and you wouldn't have known.

If the attacker recorded your session but did not MitM it *or* use Heartbleed on the server while the symmetric key was in memory, you're safe (even if they stole the private key beforehand, much less afterward). That's the beauty of PFS.

So does IE10.

Internet Options -> Advanced -> Security (scroll near bottom) -> "Check for publisher's certificate revocation" and "Check for server's certificate revocation" are both checked for me. I know at least one of those options dates back to IE6, in fact, although it may have been inactive by default back then. I don't know when those options were made default, but at a guess I'd say IE8 or IE9.

As a side note, if you are running Vista or later but *not* on IE11, you have TLS 1.1 and 1.2 disabled by default. They're easy to turn on (same place as above, just scroll a bit lower).

Your requests are, unfortunately, somewhat contradictory. You ask for a smarter AI (that doesn't put ranged units in front, for example) and then ask for one that processes faster. You complain about the late-game AI time (where the decision trees are *huge*), then say you want the AI to give a harder game without handicaps.

Don't get me wrong, I want to see optimizations too. But, I think they did a pretty decent job of balance, especially in the expansions (the original game was kind of bad in many ways, AI included). Diplomacy has gotten a *lot* better, partially because the AI's motivations are more transparent.The AI unit management is non-ideal, but it's rarely outright bad anymore (and can in fact be really good at specific goals, like "capture that barbarian camp"). As for handicaps, the AI *does* play dumber/friendlier at the lower difficulties, and always has; the point at which the AI starts needing to cheat, and the degree of its cheating, has crept up over time though.

Those are good critiques of Civ5. There are a more, of course, but *most* of them boil down to the original release of the game being, basically, too big a change for them to get it right.

Let me say that again: Civ 5 was *badly* flawed at release, because it was too big a change.

For example, in a game where each unit (and tile, since they go together) is so much more precious than they were before, the 10HP system (where even a curbstomp battle costs 10% of your health, and the enemy rolling just a *little* too well can easily kill a unit that should have been wounded but near-guaranteed to survive) is stupid. They fixed that in the first expansion, and it made combat *much* better.

Then there's the silliness where ranged units turn into melee units as they upgrade. That is, sadly, still present in a few units (chariot archers, etc.) but it's way less common than it once was, and there are actual ranged units in the late-game now.

The original culture system was undeniably silly. The new one is better in many ways, although the lines between things that give faith and things that give culture and things that give tourism still feels a bit arbitrary. I mean, shouldn't world wonders *inherently* give tourism? Shouldn't religious buildings have a cultural impact as well? It's weird.

On the other hand, there are good things that I think you missed, too. You complain about three ways to trade in C5:BNW, but I see more than that (unit transfers are not explicitly trades, but they achieve much the same thing, and AI goodwill is effectively a commodity you can sometimes trade) and Alpha Centauri had the same things (Econ tech + treaties, direct trade over comlink, vote-buying in council). The tech tree has plenty of absurdities, but what else is new? That's hardly something Civ5-specific, and the power level progressions throughout the game are pretty good.

If they prematurely (i.e. before they said they were going to) EOL their products, yet continue to have any meaningful funds, a lawsuit would almost certainly follow. Not a great way to make money.

There have been a number of sites.
SSLLabs scanner has been updated to check for Heartbleed, and also will report when the cert validity starts (handy if you want to see whether they're using a new cert). https://www.ssllabs.com/ssltes...
LastPass has a pretty decent scanner that just focuses on Heartbleed (without all the other info that you get from SSLLabs): https://lastpass.com/heartblee...
There are some others out there as well, of course.

There's even one for client-side testing (almost as critical):
Pacemaker is an awesome little POC script (python 2.x) for testing whether a *client* is vulnerable (many that use OpenSSL are...). https://github.com/Lekensteyn/...

0.9.8 doesn't support any protocol newer than TLS 1.0, so while it's safe from heartbleed it's also old and verging on deprecated.

Also, it's not that rare for software to use its own copy of OpenSSL, either is a bundled library or statically compiled into the program. I don't actually know of any Mac software that I'm sure does this, but that's not saying much since I don't use a Mac. Things I would expect to find it in are cross-platform programs that use OpenSSL but want a newer branch than 0.9.8 (Python maybe?)

Well, Microsoft's CAPI (CryptoAPI) actually, not IIS. IIS uses CAPI, but IIS is no more a crypto toolkit than Apache or lighttpd are. A vuln in CAPI (they've happened before) could also affect clients (IE, Outlook, anything else using the platform APIs...).

Besides, we're still waiting on a NSS issue. NSS isn't so much *broadly* used - I know of only a few product families that use it - as it is *heavily* used. The product families in question are Mozilla anything (Firefox, mostly; the N stands for "Netscape") and Chrome (for PCs). Very few browsers (though not zero; Chrome on Android 4.1 uses a vulnerable version of OpenSSL) are/were vulnerable to Heartbleed, but they'll get their turn eventually!

Clearly, the solution is railgun-based point defense! Sure, it'll have a lower rate of fire than the current CIWS units, but imagine the light show you'd get from the sparks when of a pair of opposing slugs run into each other at a combined mach 12 or so?

Impractical today, of course, but technology marches on. In the meantime, it isn't actually that hard to deflect the projectile enough... if you can hit it at any meaningful distance. That's going to be quite impractical (just hitting it at all is likely impractical) so for the moment, yeah. Add to that the ability to scale up the gun faster than people can realistically produce defense (my WAG there, but I suspect it's true nonetheless) and offense is taking a lead right now.

On the other hand, that's been true for a long time in a different way, which also brings me to the best defensive measure I can think of: a few hundred feet of H2O. Phalanx can't hit a torpedo, either...