Funny, I was stumbling through some Private Snafu shorts last night, and watched this gem. I find it very interesting to look back at the films from the WWII era and see how much (or how little) society has changed.

As for the Bavarians camping on Mein Kampf, you'd think that they would have figured out that most parents have - the more you demonize something (alcohol, MJ, sex et al), the more the teenagers will find it appealing. If they want to destroy the financial incentive associated with the work, release it GPL-style. Make sure derivative works have to be GPL'd as well. Just stuffing the master copy under a mattress is ineffective.

I guess he just threw a rock to see what would happen at some point.

So your version of God isn't all-knowing and all-powerful? I'm not buying that a God who is capable of creating billions of planets, stars, and systems wouldn't have a firm grasp on probability and interstellar trajectories. Maybe we should consider that your God is bored (he does control everything, right?) and has set up the universe as a giant Rube Goldberg machine for His entertainment. He would have to accede to non-interference for the exercise to have any value.

Funny, I can buy a house "used" and not be obligated to pay the original builder a dime. A house can even appreciate in value beyond the original purchase price. The original developer still gets nothing from the profits of the sale. There is no grand conspiracy to deprive house builders of something they're owed, because they aren't owed squat.

This is just another example of software companies trying to cherry-pick the distinction between "owned" and "licensed." Your CD is scratched and won't read anymore? Sorry, you own the product and you'll need to buy another one as a replacement. Oh, you want to sell the product to someone else? Nope, you didn't really buy it, you purchased a license which isn't transferrable. Unadulterated cash-grab, it is.

So, you're in a position to guarantee that Gawker et al. are going to implement the authentication mechanism to the theoretically-correct ruleset? I don't think I'm going out on a limb when I say "I think not."

I'm not trying to be pedantic, but people are the weakest link in any security method. I can easily see the following scenario unfold:

Boss: I'm getting complaints about people being unable to log in.
ITGuy: They're probably running pop-up blockers.
Boss: So?
ITGuy: You need to tell our visitors to allow pop-ups on our sites.
Boss: I'm not telling thousands of customers that they have to change their system configurations. Do you realize how many customers we lost when we switched over to this god forsaken external authentication mechanism? If we lose any more customers, I'm going to be out of a job. And I can guarantee you that you're out of a job before I am. Just fix it.
ITGuy: Well, I could embed the login window on the main page using Javascript, then proxy the authentication session through one of our servers. It won't be as secure, but would be transparent to the user.
Boss: Great. Do it.

So for a while, this company uses the external authentication as it should be used, and once the customers are comfy with using their Facebook account credentials, they won't blink when the login page changes slightly and embeds the login procedure. Boiled frog meet man-in-the-middle. Do we see yet? The risk isn't, and has never been, in the authentication mechanism. The risk is in the implementation.

Yes, this is the real problem. The original question was "what is the security risk?" not "how should this work in theory?"

So, you're logging-in through the Gawker portal, trusting that Gawker won't peek at the user/pass as they hand it off to Facebook or Twitter or whoever for authentication, right? Doesn't sound like an opportunity for a Gawker-in-the-Middle opportunity?

Further, since they're brokering the connection between you and the comment forum, they'll have access to the authentication credential, which would allow them to snoop your social media resources for as long as the credential is valid - they'd just need to spoof your user session.

You don't need one or two documents, a small business needs several hundred. Each standard references several others in part or whole.

Same thing applies to your residence. Municipal governments purchase the IBC code (2012 Full Set $556.00), the NFPA code (2008 edition $82.00), the NEC code (2008 edition plus CD $182.25), et cetera, ad nauseum. There is *one* copy of each codebook available in a library somewhere, and no, you may not check it out - it has to stay available for anyone to look at in order to maintain the "ignorance is no excuse" cop-out. So please, go purchase all the relevant code documents associated with residential construction in your area and tell me when it starts to get financially significant.

Law enforcement needs to be prohibited from having a profit motive. If they profit from certain behavior, they are no longer doing "law enforcement" ... they're a business at that point. You can call it "revenue enhancement" or "budget augmentation," but it's still a stinky turd.

I have often proposed the Red Light Lottery. Fines collected from red light cameras need to be removed from the municipality's purview entirely. If you put it in the General Fund, which at first glance seems to benefit all, you'll shorty discover that the law enforcement budget is fudged somewhere else to net-out the money. To be effective, the money must be removed from the politicians' hands. The only recourse is to return it to the people. In the Red Light Lottery, every month some number of non-citation-receiving drivers are eligible to "win" a percentage of the fee pool. The state isn't allowed to take a cut, nor is it allowed to tax said lottery windfall at 99%.

Yeah, I know ... won't happen. Politicians won't ever do something like this because it damages their ability to be in control. If they had to issue a bond referendum every time they wanted to install these red light cameras, there would be rioting in the streets. That's why they finance the things through the manufacturers, paying a percentage of the take indefinitely.

It's difficult to find specific numbers for "launch costs," as they're different for each mission. Wallops has some numbers on their website indicating that a LEO insertion will require a vehicle that costs $5M-$10M. That doesn't include any of the facility costs, nor the collateral costs like clearing the downrange area of ships and payload recovery. A typical 100kg payload launch program on a mid-sized sounding rocket from Wallops will run you about $12M total.

"Miracle" is exactly the word I would have used. These aren't orbital launch vehicles. The biggest one, the Terrier-Malamute, will drop into the ocean about 700km from the launch site. That's about half-way to Bermuda. Granted, that's with a launch angle of 77 degrees, and I expect they might be able to extend the downrange performance a bit by reducing the launch angle (which they won't do.) But the only land mass that's anywhere near the performance envelope of these vehicles is Bermuda. Last I checked, Bermuda hadn't petitioned for admission into the Axis of Evil.