How do I know? Well, (a) Google's leadership says so and AFAICT there is no law that allows the government to compel them to lie, publicly or internally and in fact there are laws that make it a crime for executives of publicly-traded companies to lie about issues which could affect the stock price (which this definitely does!); (b) as a Google employee who manages sensitive user data I have some visibility into how requests for that data are handled; and (c) as someone who is familiar with Google culture I find it inconceivable that such a thing could be happening on any kind of significant scale without being outed -- like most of silicon valley, and like geeks in general, Googlers tend to be pretty iconoclastic and anti-authoritarian.

If the speculation has been floating around that long, without a shred of evidence to support it in spite of the large-scale conspiracy that would be required to keep all such evidence suppressed, I think that's pretty compelling evidence that it's not true. You can never completely prove a negative, of course, but you can asymptotically approach certainty.

I think you're overstating what he's saying. He's saying that the government can't get access to the stuff we don't want people to know without getting an appropriate court order. That's not inconsistent with suggesting that if there's stuff you don't want people (the government) to know, then you shouldn't be doing it... because the government still can get it. They just need to be able to convince the appropriate magistrate that they have a good reason. Oh, and they have to be targeting you specifically.

Sure, they could resort to rubber-hose cryptanalysis, targeting key Google employees. If it were to come out, though, it would make the Snowden leaks look very, very mild. As one of said key Google employees (I work on security infrastructure), I've been given to understand that if I am ever approached in any way by the government, I am to immediately consult with Google legal counsel, and that any request that I not talk to counsel would be illegal (I think it would violate the constitutional guarantee of due process).

Certainly, as long as the order or warrant is issued by the appropriate court, is not excessively broad, etc., and then Google will add it to the statistics for the transparency report.

In an information-theoretic sense that is undoubtedly true. In that sense, though, I'd argue that nothing that touches a networked computer is safe.

YMMV, of course, but I actually am pretty comfortable with it. Of course, I have visibility into how Google manages user data, which helps. There is the possibility that a future version of Google may behave differently, but I think that possibility is at least a decade or two away, because I think it would take that long for the company's culture to change enough to make it possible.

Perhaps. I think the general belief about what data Google has overstates the reality by a wide margin, and further even where it's accurate it overstates Google's (current) ability to actually make use of the data.

In any case, if you're concerned with it, Google provides you with the tools to opt out. I encourage you to use them. Personally, I turned on web history, location history, route all of my email through gmail, use Hangouts for SMS, etc., etc. I find the value I get from the services to outweigh the risk I perceive. If you see that balance differently, you should act accordingly.

I do, but as a Google engineer involved in security and privacy infrastructure I'm in a position with much greater than normal visibility into exactly what is done and how.

Governments can ask, and Google will say "No, please come back with an order."

Governments can order, and Google will comply, as long as the order was issued by proper authority, isn't excessively broad, etc. And then Google will add the order, and the number of accounts it affects, to the next transparency report.

That's not perfect, but it's much, much better than the government being able to snarf all the data with no accountability at all.

"When I compare Windows 8 to Apple's approach with OS X for desktops and iOS for smaller devices, the Apple method makes a lot more sense to me."
IMO you can see computing portability as a spectrum, at one end you have the desktop (highly capable, not portable at all), at the other you have the smartphone (highly portable but very restricted capabilities). In between you have a whole plethora of devices of different prices, capabilites and levels of portability.

Apples soloution is to draw the line between tablets and laptops. Tablets get treated like smartphones, laptops get treated like desktops. Google also puts their smartphone OS on tablets (and doesn't really play significantly in the desktop or laptop space). Treating tablets like smartphones certainly has it's merits but it means you often end up carrying two devices, a tablet for media consumption and use on the go and a laptop for when you need to sit down somewhere and work. MS is weak in the smartphone market and by making a smartphone-like tablet they would be setting themselves up to be equally weak in the tablet market but by making a tablet system that can turn into a laptop by plugging in a keyboard unit they have a unique selling point that the other tablet OS vendors don't.

I think they are realising that throwing desktop/laptop users under the bus to support their tablet vision was a bad idea and I hope they can come up with a soloution that satisfies both. The general impression I get is that 8.1 is not as bad for desktop use as 8 but it's still widely considered to be inferior to earlier versions in that environment.

I believe you're confusing Vogons with wizards. Too much pipeweed, Gandalf?

What we do, and have done for many years, is just pad to the nearest X bytes, where X is roughly size / 30. That's small enough that it makes little difference in speed, but many resources end up being the same size.

Consider as an example the Mayo clinic web site. Each page is maybe 5KB for the html itself. The graphics for the logo, nav bar, etc.are separate requests, cached after the home page. 80% of the html is template stuff - the header, the footer, the nav bar, overall page structure. Maybe 20%, or 1KB, is different on each page. Most pages have 500-1,000 bytes of unique content. So pad up to the nearest 100 bytes. You aren't going to notice any slowdown from an extra 50 bytes, but if most pages are an even multiple of 100 and their sizes generally don't differ by more than 1,000 bytes, about 10% of all the pages on the site will pad out to the same size as the requested page - foiling the attack.

It seems to have worked. The bad guys discuss our security system on the crack forums regularly, but there's been no mention of a successful sized-based attack.

All a smith needs is coal, steel or iron, wind, and water. The only tool he would have a hard time building himself would be the anvil, those are usually cast. The forge isn't all that hard to construct (maybe the fan or bellows) and all the other tools are trivial to make.

The only real cost is steel and fuel unless you have your own mine.

I took a blacksmithing workshop in college and one of the things the 74 year old instructor stressed most was that a blacksmith who doesn't make his own tools isn't much of a blacksmith. He taught us how to make all sorts of tools.

Who makes hammers and tongs? The blacksmith. Who writes compilers? Programmers. Maybe I'm getting old but a programmer who can't write a compiler or interpreter isn't much of a programmer (I wrote an interpreter once, years ago).

Do the Go-pro carrying quad-copters fly in a different atmosphere than commercial aircraft? No? Then at some point the two can come in contact with each other. The FAA needs to have some regs that govern the places where these two could meet. "No flying anything (toys, kites, balloons, drones) within X of an airport" seems perfectly reasonable.

Such tools have been around for a long time in the Windows world. The reason is division of labour. One of the dirty secrets about malware that lots of people hate to hear is that vast quantities of it get in through people pirating software and movies (which demand special "codecs"). After all why bother finding zero day exploits when you can just bind your malware to a Photoshop crack and watch hundreds of thousands of people come to you?

The opportunity is so vast that the black market divided into different job categories. There were the spammers who would buy bots from bot bot herders. The herders would buy "installs" of their bots from installers. The installers would buy binders from binder developers, obtain cracked versions of popular programs, use the binders to join the bots with the apps and then upload them to torrent sites. The installers weren't programmers so binders needed point and click GUIs, but that's OK, the value add they provided was knowing how to get around the blocks the torrent sites tried (uselessly) to put in place to stop this, along with simple brute force of numbers.

Often binders would also be combined with tools called crypters, which do what you'd expect, they just polymorphically encrypt the newly bound crack+app. Crypter developers competed based on how "FUD" their product was (fully undetectable). When AV companies learned to spot their decryption stubs, they'd modify it a bit and release a new version.

I watched this market for a little while a few years ago which is how I know all this lingo. It appeared to be a large and thriving industry. All driven by the greed of pirates.

You'll note the second amendment says "Congress shall not", it says what Congrss may not do. It does not claim to give citizens any right at all. Instead, it says Congress may not abridge THE right. Not that they must give you some new right, but that they must not violate THE right, the right you already have, by virtue of being human.

The plain wording of the Constitution simply recognizes that you have these rights and the government shouldn't violate them. Nowhere dies it define what exactly "the freedom of speech" is. Perhaps the reason the founders didn't feel the need to define these rights is because they were already defined in the existing law, English common law. I think you'll find that at the time they wrote "THE freedom of speech", they understood that freedom to include unpopular speech, but not shouting fire in a crowded theatre, libel, and a few other things.

This fact, that the ConConstitution speaks of protecting pre-existing rights, is crucially important. If your rights were not pre-existing as part of bring human, they must have been given to you by government. What government can give, government can take away. The Constitution rejects that view. Because your rights are endowed by your creator, legal documents can neither remove the nor define them. The Constitution doesn't define the freedom of speech because it can't. If it could, it could define freedom of speech as freedom to say approved things. The definition is elsewhere, as it must be.

So a bank or similar isn't what you need. Fine. The GP's point is still valid: it sounds like your problem isn't software development, it's your job. There are plenty of really enjoyable software jobs around, for whatever your definition of "enjoyable" is (assuming you actually like coding, and you probably do otherwise you wouldn't have liked it in the past). You just need to find one, which means you first need to figure out what kind of environment will fulfill your needs.

Personally, I'm in my mid-40s, still writing code, and I expect to be gainfully and happily writing code until I'm ready to retire. I've gotten progressively pickier about what kind of place I want to work, but that's okay. In my case, my primary criterion is the number of idiots I work with; as long as that is sufficiently low, I can find challenging and interesting problems in any industry and problem space.

Nah, I think it's mostly because JPEG is good enough. JPEG2000, for example, also provides perfectly acceptable performance and quality, with significantly-reduced file sizes. But unlike JPEG, JPEG2000 decoders aren't already available everywhere. The slightly-reduced file size isn't sufficient justification for the risk that some users might not be able to see the photo. An improved JPEG encoder helps (a little) with file size without incurring the need for a new decoder, so it's immediately useful.

The last ten years or so,, I've found that I just don't care that much any more about music. I actually listen to a lot of music these days, but that's an environmental issue, not because I like it. I listen to music pretty much all day every day while at work because I work in an open plan office and the headphones, and the music they play, are the way I eliminate distractions so I can focus. I don't really listen to the music, though... I have no idea at any given time what song played last, for example. I do, however, find that I get tired of repetitive music. Subscription Internet radio is perfect... I can start it playing from a vast collection of music, almost guaranteed I'll get few if any repeats, and completely guaranteed the music won't be interrupted by people talking (which would distract me).

When I'm driving or something and want some audio to actually pay attention to, I listen to audiobooks, not music.