I run in pretty geeky circles and even given that, the number of time I've GPGed a file for anyone other than my own personal archives, I could probably count on 1 hand. Because let's face it. It's a pain in the ass.

That's not a very long list, assuming that you are correct!

I don't necessarily disagree with this point, but I will happily answer the question.

As I'm sure you are well-aware, security is not a binary value (secure vs. insecure). Because any security measure can be defeated given enough time and money, it's more of an economics problem (perceived value of defeating the security measure vs. cost to defeat security measure). There's also a convenience factor in there, because if the security measure makes life too difficult, then no one will use it properly (passphrases written on sticky notes, mouse movers to prevent screens from locking, etc.).

I haven't googled for it, but I doubt that there are any known exploits against Excel encryption other than brute-forcing the passphrase. MS surely would have fixed it if there were. We also don't know how sensitive the information is and who might be trying to get it. Is a simple Excel encrypt good enough? We don't have enough information to know, but I suspect that it's fine.

I can even envision a situation where Excel encryption is better than a PKI solution like GPG. Imagine a situation where a firm is under investigation and has to turn all email over to opposing counsel. Opposing counsel is reviewing emails and encounters this encrypted spreadsheet. What happens now?

In the case of Excel encrypted: Them: "Give me the passphrase!" You: "Uhh, that was like a year ago. I don't remember it." So now they have to choose whether it's worth brute-forcing or to just move on.

In the case of GPG encrypted: Them: "We have the private key from discovery, so give us the passphrase!" You: "Uhhh, I don't remember the passphrase." Them: "Bullshit! You just signed an email with it 5 minutes ago, dumbass!"

Ridiculous? I dunno. But anyway, I think that Excel encryption has its place in a business setting. It's not like you're protecting nuclear launch codes.

Why are you holding this up as an answer to be ridiculed? This is a perfectly fine way to approach the problem.

Many sensitive documents are in Excel format and Excel has an encryption function (same with the PDF standard). If I were to send a sensitive Excel file to someone, I would most likely just encrypt it within Excel, send it on its merry way, and then just deliver the password to you out of band (like via the telephone). That is secure enough for most corporate purposes. It's not like I'm sending you nuclear launch codes or anything.

Obviously that doesn't work in the general sense because not all document types have specs that support encryption, but what's wrong with taking the easy route? I can pointy-clicky encrypt an Excel file much more quickly than you can organize a key exchange, verify each other's keys' authenticity, etc. Your way would be more secure, true, but sometimes, you just need to email a fucking Excel file and get on with your life.

Can I be snarky for a moment and just enjoy the irony of a sentence that wonders what should be considered to be "general knowledge", and it has the word "knowledge" misspelled? :) Continuing with the theme, I'm sure I just made a run-on or something in the midst of my pedantry.

OK, back to business. This is a hard question to answer for a senior developer, what should be considered to be "general knowledge". I think that to be a successful developer at the senior level, you really need to know a little bit about a lot of things, and be able to look up what you don't know.

By way of example, as a developer, if I were to see something like "192.168.0.0/24", I recognize that immediately as an IP address range in CIDR notation. Mind you, I have no earthly clue how to compute that range--I'm not a network guy--but I know what it is in the general sense. Enough to google for "CIDR calculator" in order to compute the range in a format that I understand.

Part of being a developer is having a decent working knowledge of security concepts. Like "Oh, I'm sending a file across the public Internet. Someone could intercept that. I'd better protect it somehow with encryption." Maybe the developer doesn't quite know what type of encryption to use yet. Should the connection be encrypted, or the file? Or both? Is it required to verify the authenticity of the file? Should it be signed? Or is it good enough to verify the remote host? Or some type of login?

Incidentally, I disagree with OP that the answer of "The person started off by asking me if it was an excel file, a PDF, etc." was totally unacceptable. Excel and the PDF standards both have encryption support, so if the "sensitive data" were an Excel file, the path of least resistance would be to pointy-clicky through the menu and click "Encrypt this here spreadsheet" (or whatever the command is). Likewise with the PDF, but with Acrobat instead. Of course this does not solve the general problem of "how do I protect sensitive data?", but maybe he doesn't want to bother looking up and verifying your public key, installing GPG or setting up S/MIME or whatever if a simple solution exists. If I were to send you a spreadsheet of salary data for the company, you can bet I'd just encrypt the fucker within excel and tell you the password via some other channel like the telephone.

Name them, please. I'm not aware of any.

I agree 100%. I wonder what their collection rate on ETFs is. Seems like the carriers should be required to unlock their phones for anyone who asks as long as customer allows the carrier to hold their ETF in escrow until the contract is completed. For customers with good credit, they could even waive the escrow.

Why are they overcomplicating their project by trying to build a drone that can cross the Pacific ocean and back? Not that I'm confident that they'd even be able to build one that can even go a few hundred miles, but round trip from the west coast to the Korean Peninsula is gonna be 12 freakin' thousand miles, minimum.

Yeah, good luck with that.

FYI, that's a promotion and it will reset to 1GB of 4G data in January 2016.

Shouldn't that be the expected situation?

I didn't watch the motherfucking autoplay video at my desk at the office where my fucking coworkers had to hear a fucking autoplaying fucking shitpile of shit video*, but I would expect 50% of female-run companies to outperform male-run companies just by chance, alone.

Do female CEOs do better than a coin flip? If so, then I guess that's news. And if not, then I suppose that's news, too.

* For all I know, the video was an exemplary piece of journalism, but I'm still a bit incensed that it autoplayed. Not cool.

Ehhh, as gaffe-prone as Bachmann is, I think that you have not accurately reported her statement.

Having read the article that you linked to, it says that Bachmann said that she "had been approached by a mother who claimed her daughter suffered from mental retardation from complications due to the vaccine." That is very different from claiming that "the HPV vaccine would make kids autistic."

You might be tempted to argue that she shouldn't brought that point up in serious conversation because it was obviously bullshit, and I would tend to agree with you. However, I think she sufficiently hedged on this one, that she was just relaying a conversation.

That being said, I wouldn't be surprised if a few random unlucky folks have had serious complications from Gardasil. Most vaccines have like a 1:10,000,000 chance or something of serious complication. The reason we vaccinate anyway is because we have a several order of magnitude higher chance of serious complication from the disease that we are vaccinating against, so we accept the 1:10M risk in getting, say, the MMR vaccine, because we don't like the fact that 1:500 kids who contract measles will die from it.

It really depends on your goal. If your goal is to be more physically fit, then of course increased physical activity is the only way to achieve that.

However, if the goal is weight loss, that goal almost certainly will only be achieved in the kitchen. Reason: in adults, increased physical activity will make your body want to increase its food intake, and that increase, in the typical case, is way more calories than were burned during the increased physical activity.

I get what you're saying. I used to be an athlete in my teens as well, and I ate like crazy, any garbage I could find. But between a teenager's metabolism and working out 3+ hours daily, I couldn't put on a pound of weight. But most adults don't work out 3+ hours per day, and neither do we need to eat more to compensate for a growing/developing body. So if we, as adults, want to lose weight, it's going to be by eating less in nearly all cases.

This is correct. The processed food producers were only too happy to substitute sugar (or in the US case, HFCS because it's much cheaper that sugar here due to corn subsidies) for oils because HFCS and sugar are so much cheaper and have a longer shelf life due to oil's tendency to go rancid.

Most everyone is well aware that in order to lose weight, they must eat less. The problem is, most everyone lacks the willpower to deny themselves over the long run.

Think about it. Hunger is one of the strongest human emotions. Many wars have been fought over hunger. When their bodies are saying, "I'm hungry! I'm hungry!" most people can say "no!" once, twice, maybe a few more times. Most most cannot say "no!" in the long term.

And that is what the best diets address: the need to change your lifestyle so you don't have to constantly say "no!" to yourself, because if you do, most everyone will falter, eventually. But if you change your lifestyle and eating habits toward foods that make you feel sated for longer, you actually stand a chance.

FYI, it's Gardasil, and I don't think anyone has ever claimed (incorrectly, obviously) that the HPV vaccine causes autism spectrum disorder.