This is what I have been saying for a dogs age. Security "professionals" have this all wrong because they neglect a very simple concept - NOT ALL ONLINE DATA IS EQUALLY IMPORTANT.

Frankly, I don't care if someone hacks my slashdot account. I don't care if someone hacks the account to the deals forum I visit. The worst that will happen is it will be a minor inconvenience to get the password reset, and they might post some troll information about me.

The only accounts that I have that I care about security are my banking accounts, my Facebook account, and my email account. That is pretty much it. I don't even care about Twitter really.

By forcing all random accounts to have strong passwords, you make the password management problem a lot more difficult than it should be for the average user.

Furthermore, all of these random one-off sites should be using OpenID / Google Login / Twitter / Yahoo / Facebook Login / SOMETHING, some form of identity federation... preferably supporting multiple of these. There is no reason that a mom & pop shop website should be managing identity credentials in this day and age, it is not required. Everyone on the planet has an account with SOME ONE of these providers, or an OpenId provider.

To extend your anoalogy... say you hate broccoli. But, every time your friends want to go out to eat. they always go to this trendy broccoli restaurant. They refuse to try other restaurants because all their friends eat at this one, and they see nothing wrong with this one, at least nothing bad enough for them to leave all their friends.

You can thus either find new friends, or eat broccoli.

This is why everyone uses Facebook.

If you are super paranoid and don't want anything sent to Google then just install Cyanogenmod and don't install any Google apps.

or "the soccer mom effect"

You need to look up Google Dashboard.

Not only do they tell you all the information they have on you, they allow you to backup most of it, and delete it if you want. Try to do the same with Facebook or Microsoft or any other provider.

There are a lot of companies and organizations where this would be considered a benefit since they would no longer need to construct special buildings to block wireless from leaving high-security rooms / the building.

.. which means that as usual IE will be holding back web development for another 5 years. I am being serious. This is an ongoing problem for anyone who developers client-facing sites especially when long-term support is part of the requirement. Most companies simply can't justify having one group of engineers working on WebGL and then another group working on some other IE-only implementation... they do not have resources like this. You have limited resources and need to choose one solution that works across as many users as possible. And as much as the /. crowd hates to admit it, IE still comprises a good 40% of the browser share so something that excludes those people is not an option. Which means WebGL will not be a mainstream option for more years to come because a) IE drug their feet in adoption, and b) they won't move to a rapid release cycle.

The guy was not just building traps. He knew what they were being used for. That is the difference here.

Building traps for a client = legal.

Building traps for a client when you know they are using them to do illegal activities = illegal.

Great so this guy has been running this server for the past 9 years sucking down $30 / month in power for what purpose exactly?

.. I wish there was a "This video was funded by public donations" under the NASA ad at the end. I can see a lot of people in the theatre being needlessly jaded by the idea that their tax dollars were spent advertising a government agency, when that isn't the case here.

This seems like a really dumb move. What the team has done now is to raise the exposure level of this vulnerability by a HUGE margin. Now all any script kiddie needs to do is find a mirror of the code from 24 hours ago or any other recent period, which is likely quite trivial to do with an open source project as large as postgresql, and hunt for the vulnerability. They know it will be pretty bad since they did this action!

Let's see, which is better for my use as a criminal

- A gun that will "last for generations" and keep a permanent record of the ammo fired from it in the form of bullet striations

- A gun that I can fire 30-60 times and then literally dispose of in a fire leaving zero provable trace for anyone to link me to it

Why on earth would a criminal want a gun that would "last for generations" as opposed to one that can be used and then destroyed?

Look. I work in a major US tech company and am involved with hiring from a technical level, and I can tell you first hand that the quantity of quality people in North America IS lacking. Out of all of the employees you hire, maybe 1 of the 10 is the rockstar you need for your project... the rest are OK, sure, but when you are working under tight timelines and need creative solutions on a global stage, you don't need a bunch of churned-out code monkeys, you NEED those rock stars.

This is NOT about cheap labor. Do you think it is cheap to pay a lawyer to handle the visa process (about 10K minimum), to handle the annual renewal (about 5K minimum), to pay global relocation expenses (another 10K)? On top of this, the wages and benefits we're talking about here in Silicon Valley are some of the highest in the country. We're not bringing people over from India and paying them 40K / year to work on Facebook - it is just not happening, it is a myth.

There are two problems we have here
- We are not getting enough kids into STEM at an early age. Only kids who are really into STEM in middle and high school are the ones who go onto be the rock stars this country needs to compete. Someone who goes to university just to get a job in CS that pays well on graduation, and does not have a PASSION for technology, is not going to be this rock star.

- The US, like most countries in the OECD, has a declining birth rate. The US is one of the only remaining countries in the first world that still has replacement population birth levels, but very soon (maybe end of 2014), it won't anymore. Combine declining birth rates with accelerating boomers retiring and you have a very poor economic picture. WE NEED more skilled immigrants just to maintain the economy. Otherwise, you are going to have a very very scary picture developing in the next couple of decades.

Just walk into any store and buy a prepaid visa with cash. Use prepaid visa to buy bitcoins. Done and done.