Projects at power stations, oil refineries, steelworks and chemical plants for example

Those are not R&D projects, they are implementation projects where there is no science left. Three hours for backup, one hour to physically replace the old server, three hours to restore, one hour to test and put online. Everything is known, everything had been practiced before in dry runs, and there are plans B, C and D just in case.

Government projects that (I suspect) were mentioned are blue sky R&D projects. Take, for example, a new fighter airplane. It doesn't exist. How much will it cost to design one? How long? Nobody can tell for sure; it's a "pay as you go" work - and that's how these projects go over budget and over schedule. Some bugs are still haunting F-22, for example - like that oxygen supply system. Seemingly an easy system to build, isn't it? But several pilots are dead because of it. You can plan all you want, but if an essential team member gets hit by a bus you can throw those schedules away. How much time do you need to debug a fault that happens only once in a month, and you strongly suspect that it is caused by unexpected interaction between 120 threads that your system is spawning and joining in real time? Can you predict the date when the bug will be identified and squashed?

They would want to use automatic weapons

What for? Could you please elaborate? What gangbanger would want to carry a replica of M16 and a few magazines full of ammo? What target would that be useful against? Handguns are far more practical for what criminals are doing. Full auto weapons are only useful for laying suppressive fire, preferrably against a massed enemy. A terrorist might want one (see Mumbai,) but a common criminal, IMO, has no use of it.

With a lifetime measured in tens of rounds, it really isn't all that special.

A large number of handguns are used to make either zero or one shot in their entire history. Not everyone religiously, every week, goes to the range with a thousand rounds and comes back with only empty brass. Many concealed carry firearms are never discharged. Barrel durability is not a concern at all. Barrels of big guns (like those on ships) are designed only for a few hundred shots - and they are far more expensive than a few grams of plastic. A printed gun is a problem only if you are a professional who shoots frequently - a soldier, or a target shooter, or a hunter. Even police officers are safe - they rarely shoot; whenever they do, it's a big deal.

primer and powder can also be made by hand I thought

You can make black powder, for all the good it will do to your precious firearm. You cannot make a modern propellant without mastering the chemical and extrusion problems. A few of your attempts will result in an explosion.

You cannot make a primer. The oldest chemistries of primers are known, but they are very unstable. I do not know off the top of my hand what primers are in use today, but Wikipedia lists lead azide, lead styphnate and tetrazene. The technology of producing and loading a highly sensitive substance is quite specific; I recall reading about blending of these crystals under a layer of ethanol, for example, but I don't know if it is in any way related to reality. This is a highly explosive process, and it has to be automated and perfected over a hundred years to get to where we are today. Probably there is no chance of making primers in somebody's garage without *exact* description of *all* technological processes and parameters, and without all the necessary equipment.

In the end, it's not an impossibility. There are hundreds of people in the country who know all about these processes because they run them every day at ammo factories. If need be, those people could become a core of garage-based manufacturing of primers and propellants. So far that hasn't happened, and the real secrets are safe. Wikipedia may describe 90% of the technology, but the remaining 10% always takes 90% of the effort. You can easily classify making of primers and propellants as rocket science.

Where have you seen an engineering project that was (a) completely finished and (b) on schedule? A "Hello, World," perhaps, in Perl?

By law, the government has to give the contract to the lowest bidder. Not the best one, and not the most honest, but to the lowest one. This means that the contractors *have* to bid low, and hope to make it up later on, during the contract. Some contracts (cost plus) allow that. A contractor who bids exact or a little over does not get the job. Fair and honest estimates are bred out of government contracting by laws.

This was a server to server connection, from one of Slashdot's SMTP hosts to my MX.

Connections to IMAP are also protected by TLS, but they look different - like this:

May 19 08:03:31 xxx cyrus/imaps[28590]: accepted connection
May 19 08:03:31 xxx cyrus/imaps[28590]: starttls: TLSv1 with cipher AES128-SHA (128/128 bits reused) no authentication
May 19 08:03:31 xxx cyrus/imaps[28590]: login: lan.xxx.com [vvv.www.xxx.yyy] tftp plaintext+TLS User logged in
May 19 08:03:31 xxx cyrus/imaps[28590]: seen_db: user tftp opened /var/lib/cyrus/user/t/tftp.seen

As you can see, here it's Cyrus who reports the login. TLS between SMTP hosts is handled by Postfix. There is not much in common between the two, except that Postfix delivers to Cyrus. When I send an email, my MUA uses TLS to connect directly to Postfix (the submission port, or 25/tcp.) It looks like this:

May 20 00:09:25 xxx postfix/smtpd[2239]: connect from lan.xxx.com[vvv.www.xxx.yyy]
May 20 00:09:25 xxx postfix/smtpd[2239]: setting up TLS connection from lan.xxx.com[vvv.www.xxx.yyy]
May 20 00:09:25 xxx postfix/smtpd[2239]: Anonymous TLS connection established from lan.xxx.com[vvv.www.xxx.yyy]: TLSv1 with cipher AES128-SHA (128/128 bits)
May 20 00:09:25 xxx postfix/smtpd[2239]: D47EC487ED2: client=lan.xxx.com[vvv.www.xxx.yyy], sasl_method=LOGIN, sasl_username=tftp
May 20 00:09:25 xxx postfix/cleanup[2243]: D47EC487ED2: message-id=<050401ce5529$0be9e0e0$23bda2a0$@xxx.com>
May 20 00:09:25 xxx postfix/qmgr[1394]: D47EC487ED2: from=<tftp@xxx.com>, size=2853, nrcpt=1 (queue active)
May 20 00:09:28 xxx postfix/smtpd[2239]: disconnect from lan.xxx.com[vvv.www.xxx.yyy]

Postfix is easy to configure to use TLS. CA-signed certificates give you nice log entries, but in general they are useless because it doesn't help anyone to know what company owns a given server. So I use self-signed certificates (make my own CA.) I then import that CA's certificate for IMAPS use.

Today it doesn't take any effort whatsoever, nor any money, to have all connections of your SMTP/IMAP server encrypted every which way. Many servers on the Internet are already configured this way - and all popular email hosts, like Google and Yahoo, are using TLS. The man with a tap at the router will not gather much.

If you run MS Exchange - even as the dirt cheap Small Business Server - then you get TLS included automatically. SBS generates a self-signed certificate, but you are encouraged to spend money on signed bits. (It is not required.)

May 19 17:16:37 xxx postfix/smtpd[28927]: connect from unknown[aaa.bbb.ccc.ddd]
May 19 17:16:40 xxx postfix/smtpd[28927]: setting up TLS connection from unknown[aaa.bbb.ccc.ddd]
May 19 17:16:44 xxx postfix/smtpd[28927]: Anonymous TLS connection established from unknown[aaa.bbb.ccc.ddd]: TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)
May 19 17:16:48 xxx postfix/smtpd[28927]: 3B1D5487E1F: client=unknown[aaa.bbb.ccc.ddd]
May 19 17:16:53 xxx postfix/cleanup[28932]: 3B1D5487E1F: message-id=<1369008893.841070-20720-slash-slashdot-daemon-91.v22.ch3.sourceforge.com@slashdot.org>

Most people would find it inconvenient when an important electronic receipt comes with all important fields blacked out. When I buy for a company online I forward these receipts to the accounting. What would I do if the email doesn't say what I bought, how much I paid, what c/c I used, and so on?

I understand that it is perfectly possible to have a purely HTTPS online store, without using email at all. You could print your receipts securely on your local printer (or into PDF) and submit those. However hardly any store on the Internet operates this way. And even if we make that additional step and revolutionize e-commerce, still we would have a partially broken system that has a huge disconnect between the arbitrary identity of the user and the verified identity of the credit card (thus allowing anyone to buy with a stolen c/c.)

In practical terms, email is not easily interceptable. En route it is usually encrypted with TLS. That is easy because SMTP servers do not insist on authentication of peers. So only the two endpoints, those that hold private keys, have access to the content.

One could say that the SMTP server itself is vulnerable. Well, it is, unless you run your own. I do. It's trouble-free. On top of that, nothing prevents the server from encrypting stored emails so that it's hard for an operator (or an intruder) to gain access. For example, generate keypairs for each account, and make sure that the SMTP/database box has only the public half. To read mail (and decrypt) you have to log in with your password, which just happens to decrypt the private key - and that can happen on a completely different (IMAP) box, and only in RAM, and only while you are using the server.

So for all practical purposes it is easier - and probably safer - to keep the current practice. Most retailers black out the c/c number anyway; the last four remain, but how many cases are known of actually recovering the full number this way? (Just send a Google Glass wearer to the checkout line at any store and capture as many cards as you care to.) The rest is not very likely to get stolen. As I understand, most thefts of login data occur directly from databases because they are either not encrypted, or encrypted with a symmetric algorithm, and the key just sits right there (it has to, otherwise you cannot encrypt.)

But if people want change, it should begin at the basics - with secure and sufficiently trustworthy authentication and encryption; this means that everyone gets issued at least one keypair inside of a dongle. Once you have that, everything else becomes trivial. As I understand, DoD has implemented exactly such a system with a common access card.

the rather ramshackle habits of securing one transmission via HTTPs on the one hand and then not securing a future transmission in any way shape or form on the other hand

How would one secure an email? Existing S/MIME and PGP are not commonly used.

A company cannot abandon email because it's the only notification method that is guaranteed to be delivered to the purchaser of goods. If you just show a confirmation number on the screen in big bold red letters and ask to write it down, 99% of customers will not notice that. Some may not even see it because they walked away or closed the browser as soon as the transaction went through.

So the problem here is far deeper, it's not just lazy programmers. Perhaps it won't be solved until every one of us has a personal FIPS 140-2 USB or smart card processor on a keyring.

They're coming from somewhere, folks.

Yes, there are writings of all sorts out there. It doesn't really matter who produces them and how. It's far more important to know what percentage of readers reads them.

You seem to be throwing out these cardboard stereotypes about suicidal people, criminals, old people, everyone. There's such insane variety around any kind of label you can imagine and you seem to be ignoring all of it.

That is true. Even if Slashdot would be capable of providing enough writing space for a ten-volume manuscript, it is still necessary to have a better command of the subject. I am not a professional in this particular area and don't have access to specific, statistically significant cases. My opinion is based on personal observations and on what I read. My opinion may be right or wrong, but I have it and it's mine. And you have yours.

BTW, if your friend is depressed, I don't think you should give him a map to the nearest tall building. You are free to persuade him - and he is free to listen to you or not to listen. Usually people do listen, especially those who don't have physical, material reasons for their decision. (That's what I read!)

It doesn't matter how much you argue otherwise, crime is a symptom of youth and as they age people generally turn away from a life of crime.

... at least because they are not physically capable anymore of the exertion that is required to do it. Quite possible. Still, plenty of young ones around to ruin one's day. And not so young too - look at the FBI's list of most wanted criminals; most of them are well past their teens. (But, of course, those are unusually bad; statistically, they don't matter.)

not only should we not try to prevent it, but it should even be easier.

It's already easy enough. You just can't make it easier. What you can do is to make it less painful. Is the fear of pain a deterrent? Perhaps, to some. But the car exhaust (CO) will kill you painlessly; some sleeping pills (barbiturates) will do the same. Heroin will do you in as sure as a bullet; and not only you won't suffer a pain, you will be rewarded with the final performance. It's far easier for most suiciders to just park their car in the garage, close the door, and let the CO kill them, than to look for a gun and then shoot themselves. It is very painful, by the way, and very messy - shooting yourself is not a good way to leave this world.

The society will not notice the outcome of their decision anyway; there are 6+ billion people on the planet already, it's not like we are endangered species or something. If someone wants to make room, it's their right. Not that I encourage them, of course. They are just free.

I know a guy who committed suicide and a girl who attempted suicide and no one is happy that he succeeded or that she failed

Romeo and Juliet, something like that? Those were successful all the way through. Does the society want them dead? Not really. But, darwinistically speaking, the society benefits from mentally stable people, not from head cases. Those *should* evolve out, in the grand scheme of things. Like taxes, if you support a certain behavior you get more of it. There are people who try to commit suicide repeatedly (and fail N-1 times out of that.) Then firemen are summoned, the police, and the doctors... what for? In the USA the Constitution guarantees your right for pursuit of happiness, but it does not define what form it may take. If you cannot live without your man|girl, don't. Will I be sad? Probably. But I cannot tell you to suffer for years, if not for the rest of your life, just because it is in my personal interests, either political or religious, to keep you alive. That would be awfully selfish of me. On that subject:

can't you at least acknowledge that more people killing themselves is a bad thing?

Bad thing... bad thing... bad to who? What metric are you using, and whose viewpoint? Per the blind and deaf quadriplegic, his life is over already. Per his brother, he must be kept alive until brother's own child can inherit his house. Per his wife, he should die immediately, so that she inherits. Per his aunt, Jesus the God personally told her that suicide is a sin, so the poor injured man must be kept alive for as long as possible - even though he suffers physically and mentally. Who is correct here, in this sea of incompatible interests? (This is a dramatization of a real world scenario that played out in Florida.)

So when you say "bad thing" you need to qualify this statement. The nature doesn't have bad things. Things can be declared good or bad only by an observer who has an opinion.

Actually I'm guessing the ones who don't get caught or killed stop on their own once they pass their mid-twenties.

I'm not sure where you live, but in most countries criminals cannot stop. There are the usual socioeconomic reasons for that. There is not enough jobs even for citizens who never jaywalked. What chance, in your opinion, a man with a burglary or a theft under his belt has? How many store managers will be happy to give him the keys to the money box? The only jobs that are left for them are menial jobs, like digging of ditches. Maybe one can become a licensed professional, like an electrician or a plumber, but that's not easy - there is a requirement for apprenticeship, and with that see above.

Can a criminal reform? Yes. Most of those success stories are from white collar crime, where for example an accountant made a "mistake" toward his own bank account. Just once in his whole life. He won't do that again. Kevin Mitnick is a good example. Some violent criminals embrace religion in prison and also become ex-criminals. The vast majority, however, is stuck in the vicious circle forever. They don't know how to live differently, and the society rejects them even if they try to end their wrong ways; they become career criminals.

With regard to "hardened killers", there is no shortage of those. Gang initiation rituals sometimes include killing of someone. There are obvious reasons for a gang leader to require that. Many homeowners are injured and killed during home invasion. Nobody would be concerned about an imaginary problem; the people are concerned because the problem is very real. It is exacerbated by the fact that most homes in the USA are open to anyone; you are separated from the street with just one flimsy glass door. Burglars throw a stone through that door (in the back of the house, usually,) and if nobody comes out to investigate then they come in and gather valuables. If you are unfortunate enough to catch them in the act, they may kill you. Many burglars are desperate druggies in search of money to buy another dose; they won't even consider your life sacred; they will kill you for $10 (that has also happened.)

I cannot say much about the distribution of violence among criminals. But my own understanding is that meek criminals do not exist. They simply cannot survive among their own kind. If they are lucky enough to get arrested early, they are most likely to mend their ways. The survivors, on the other hand, are someone to fear - they are graduates of a school that does not forgive a weakness.

Gene Roddenberry was never very good at going more than 40 years into the future with any of his technology detail predictions.

It doesn't really matter how far into the future the author of the script is looking. The only thing that matters is how the viewers are going to accept that.

Try to make a movie today about a programmer's day at the office, and then show it to the audience of 1900's. Will that work with them? But a good old western will work because the audience understands what's going on. You can look 1,000 years into the future, where humans become invisible energy beings. How do you film those?

Is it feasible that the Starfleet insignia doubles as a communicator, but is not able to transmit video - or even still images? That you cannot triangulate on that signal? That it cannot automatically report medical trouble? These functions are already common among special operations troops, even though we haven't mastered the art of subspace communication yet, as far as I know. But these, and many other omissions and deficiencies give the script writers the tools to construct situations where the protagonists have to actually invent a solution, instead of casually teleporting away from danger. The same story happened to K-9 and the sonic screwdriver of Doctor Who - they became a universal solution to all the problems. That's why the Doctor gave them away. (No sane person would do that, of course, considering how often these devices saved his $behind.)

Should the you who's having a really crappy day have the power to kill the you who will have a lifetime of other days?

Unconditionally YES. No man can be called free if he doesn't have this ultimate freedom - and the responsibility that comes with it.

People have moments of weakness, if possible I'd like to make it less tempting for those moments to end with their own death.

I believe in free will and self-determination. It is wise to keep dangerous temptations away from children - they don't know any better. But once a person becomes an adult, this restriction is lifted and he is free to do whatever he wants - as long as it doesn't clash with the same right of someone else. If he was wrong... too bad, he should have asked for an advice, or perhaps he should have thought about it a bit more. If someone, after all, suicides - respect his decision; he had his reasons; one day you may have yours. None of us live forever, as far as I know, and not everyone is excited about spending his last ten years of life in a bed, paralyzed, unable to even eat on his own, and over those ten years burning through the entire education fund that was being saved up for your grandchildren. When your time is up, it's up - deal with it. Many suicides are just an easy escape from a painful and terminal illness.

If every criminal is armed, and constantly committing home invasions, then sure, I might be in favour of a lot more guns, but I don't think that's the world.

Do you think criminals commit home invasions just on some special days, like Santa Claus? They go out and burglarize residences until they are caught or killed. There are very few criminals who were successful for a while but then, before they were arrested, suddenly saw the light and became honest workers. Most soldier on until stopped. Criminals are not very smart. Smart people don't need to rob houses; we get paid big bucks for sitting in our chairs and pressing keys on the keyboard.

By the way, all criminals are always armed, as far as the victim is concerned. Not everyone carries a gun, but a crowbar will be plenty sufficient for an old man (that happened too, and more than once. Burglars don't like witnesses; dead men tell no tales.) I read that knife crime in UK is off the charts, and I can understand why - knives are cheap, silent, deadly, easy to make, and easy to dispose of. Gun crime is also rising as a side effect of that - criminals need guns to defend themselves against criminals with knives. It's not a mutual appreciation society, you know.

With strong gun control, even if a few tragic scenarios happen where someone could have really used a gun, I think a lot more tragic scenarios will have been avoided.

We are firmly in the land of hypotheticals at this point. I'd better stop now :-)

I swing a bat the inertia is going somewhere, that somewhere is the intruder.

My point is that the inertia is a two-edged sword. You cannot redirect the strike when the target moves. That's why karate fighters don't usually swing huge tree trunks around. It's fine if you can do it and hit the opponents; but if the opponents are not drunk you will not hit them at all, and your weapon will pull you to the side.

You're expecting the average person to shoot the criminal in the eye of their choice while the criminal has a close family member at gun point

No, not at gun point. Even the police is not going to go head first into that situation. You need a sniper now, and a hostage negotiator. Your task is only to prevent the criminal from taking a hostage. If you can do it with a bat, more power to you. I'm not that brave.

With regard to accuracy under stress, it's easier to do if you have a superior weapon. You can always try to defend yourself and your family with scissors, but YMMV.

If you are questioning just the technical accuracy... it's trivial. The typical distance for handgun targets is 10 to 25 yards. Test yourself one day.

Suicides are more likely with guns, that's actually reasonably well established (and kinda obvious).

If someone wants to kill himself, he will do it eventually. And if someone doesn't want to kill himself, a gun will not hypnotize him into that. I, personally, don't care either way. A free man has power of life and death over his own body.

I like how you're crediting the steady fall in violence in society to the advent of firearms.

As they say, "God created men; Samuel Colt made them equal" :-)