I was totally with you until you said:
--snip--
  That 97% think that man is causing climate change does not mean that it is right. It simply means it is the best theory that fits the observations
--snip--

This is only a statistic about published papers. The statistic might say more about which models are most considered for publication than which models best fit the observations.

A better study might look at the scrutiny applied to these 97% vs the *rejected* papers that disagreed with the 97%.

Again, all we have here is a statistic about paper publishing.

They might as well have scanned over the "common" media (TV, newspapers, etc) and generated similar statistics.

You cannot do these type of studies and from these data conclude what the "best" theory is. You can only say what is the most popular. Well, most popular *published*.

Here is how I know you haven't a clue what you are talking about, and why I hope you will just go away and stop pontificating:

Attacker compromises the device...
    Really? Really? Just like that, compromises my cell phone, which is never out of my possession?
    How is it you hand waive all that process away?
And waits for the user to log into google
    Again, Really? Do you even have a clue how Google authenticator works?
    You don't log into google with the authenticator. You log in with some other computer over a ssl connection.
      Then google asks you for a code from the authenticator app. Guess what: The app doesn't even talk to google
        except at install time. You can put your phone in airplane mode and still get a code from the authenticator.
        So even a compromised phone (something you seem to think is trivial, but never bother to explain) won't do you
        any good because it does not contact google.

        You then key this number into the computer talking to google over a ssl connection. It compares it to the
          number your authenticator would have rendered for that particular 30 second window. If its good you get in
          but again you are in a ssl pipe.

        So you capture nothing. NOTHING.

Attacker captures the response to the authentication request and forwards it to their own server
    No it doesn't, because you captured nothing. It was in an SSL pipe from some compute you don't even know about.
    Further the code has been USED, and its no good any more. Its a one time code.
    Further Google would see you trying to create your own connection and would immediately you to get a code off of your authenticator...
        but wait, you don't have an authenticator synced with that account, and the old number is no good..

You would have to already have an ssl compromised machine in place and lure a google user into signing on via that specific machine.
But wait, that wouldn't work either because
google already detects this. Even Schneier does believe this would work even with National authorities forcing bogus certificates.

Even if you had a pre-compromised computer and an elaborate SSL spoofing setup in place ahead of time, on a computer that you knew I would have to log in from, you can only compromise that single session, and when you attempted to change anything so that you could log in again in the future, I would be locked out of the account, and would therefore know the account had been compromised.

So just stop hand waiving into existence imaginary compromised devices, and thereby supposing into existence the hardest part of the whole operation.
If this was so easy, it would have already been done. Yet every attempt to bypass Two Factor has been done via apps that would not support Two Factor, and which required an application specific password, which in the end, is just another password.

Sure, but that's due to stupidity, not actual risk. You'd probably need a *very* dirty bomb for the fallout to be half as dangerous as all the toxic chemicals and heavy metals already saturating the area today. The whole cold-war dog and pony show completely warped the general publics perception of the actual risks of radioactivity. Most people would much rather have a coal plant in their back yard than a nuclear reactor as well, doesn't mean the coal plant isn't actually far more dangerous.

Of course I suppose if you're measuring effectiveness in terms of public reaction rather than actual damage, then sure, a dirty bomb might be the way to go. Heck, you could probably save yourself a lot of trouble by just throwing a few glow-in-the-dark watches into your bomb and "leaking" a nice scary video to the media. Or hey, how about a banana-bomb Lots of nice scary radioactive potassium in those...

I suspect most such examples are preserved by environmental happenstance. As any archaeologist can tell you, lots of biodegradable material can in fact survive for hundreds or thousands of years if conditions just happen to be right. Well either that or they simply weren't as biodegradable as you would think... hotdogs that still look fresh decades later spring to mind.

And yes, stomach blobs and the like are one of the major things I was thinking of - the crap can re-accumulate in some really inconveient locations. Also, generally speaking plastics aren't actually biologically inert - they have a nasty tendency to mimic hormones and other complex molecules just well enough to wreak havok. Of course the massive quantities of pharmecuticals and synthetic hormones we dump into our waterways are no doubt far worse on that front.

I think that Google Authenticator tries to prevent mitm attacks by having any given token usable exactly once in addition to having a very short lifespan.

So any putative man in the middle must get to Google before you do and immediately proxy everything you want to do from that point on to prevent you from discovering the attack.

If you lose your phone you can still can log in with your emergency passwords and lock

I think you underestimate authenticator.

There are similar schemes that use a single purpose hardware fob that simply displays 6 or 8 digits with no network connectivity (just a very accurate clock).

Who can the know, or How can they know?

If I learn that your password is kjwrxe72 when you log into Slashdot, guess what password I will try first when I find out your email address.....

PayPal CIO wants to ditch all passwords.

He is suggesting as an alternative something from the FIDO Alliance.

It could be something as simple as the Google Authenticator that generates number that last for mere moments.

I'm assuming you meant (2), otherwise you're going to need to clarify your statement.

Yes it does. Now, can you name *any* such leap in the realm of human endeavour? I can't. Those "leaps" are more accurately "rapid climbs", or more probably gradual climbs whose consequences at some point crossed a tipping point that suddenly catapulted into popular awareness.

The long and the short of it: Not Much!

They claim it was for "important accounts" but how important would the account be that was being used in a study?

Lots of people re-use passwords on "nothing accounts" simply to prevent having to remember a gazillion passwords.
That doesn't mean they reuse all passwords.

Its probably more important to not log in using the same user name on many different sites than it is to have passwords consisting of crazy strings of random characters that you can't even type consistently let alone remember. If someone guesses your re-used password in one site they have a much better chance of guessing your other logins.

>The wealthy are wealthy because they have money that they can put to work
FTFY
If you suddenly won $50,000 you could, with reasonable skill and ambition, leverage that into a moderate income stream.

If on the other hand you inhereited daddy's $100,000,000 portfolio you're going to have to work really hard *not* to make money hand over fist. Wealth accumulation is a self-catalyzing process.

Or just grind it into powder. Making a dirty bomb isn't exactly rocket science, but it's not exactly effective either. If you're dealing with a subcritical quantity of radioactive material you won't be able to contaminate a very large area to the point of being actively dangerous in the short term. Using the same explosive to disperse a chemicaly toxic or infectious payload would likely be far more effective.

Which is why several above suggest measuring the heat generated by the router or perhaps the heat induced into the soil.

However, the amount of heat that a router puts off seems hardly sufficient to induce that much heat into the soil, and any plant sensitive to what ever amount of heat is generated would have a hard time existing in nature where soil temperatures can vary by 10 degrees within a foot or two.
Further, there is radio radiation everywhere in the modern world.

Personally I think Outgassing of the router makes the most sense.

Hmm, and exactly what crime would you be committing? Littering? Vandalism? Public nuisance?

We (hopefully) still live in a nation where the authorities are still (sort of) bound by the rule of law. Certainly the legal tools are all in place for them to "disappear" anyone they want to, but it seems like thus far they are hesitant to actually exercise those powers without pretty solid reason, or at least they do a good job of making sure nobody hears about the abuses, which with today's social media would be an impressive feat.

>That's odd
Not really - traditional chemotherapy attacks all replicating cells throughout the body - including hair follicles, bone marrow, and digestive tract, the cause of most of the dramatic chemo side effects. The EM technique on the other hand is targetted at just the specifc region of the body around the tumor, leaving the rest of the body completely unaffected.

>but scientists do
Oh, have they done exhaustive tightly-controlled experiments to find the limits at which biological systems begin to respond dramatically? And not just cross power levels, but also across frequencies, and across different signal modualtions at a given frequency? Not to mention different combinations of signals? No, they haven't. There have been very few studies into the subject at all, and most of those have been focussed on detecting large-scale damage to adult humans, many of which have had inconclusive results. Biochemistry is radically complicated, to the point where we still have almost no understanding of anything beyond the most basic reactions. To claim that we know that no signal or combination of signals can cause one particular kind of protein to fold in a slightly different manner is utterly preposterous, and that's potentially all that's necessary to kill an organism.

Note that I'm not claiming it's the microwave emmissions that kept these seeds from germinating - it's a frakking high-school science experiment, if they were measuring gravity they'd probably be doing good to get within 20% of the actual value, but for some random person on the internet to claim to know where the error comes from is ridiculous. They got a very unexpected response from a casual experiment in relatively untested territory. That's not cause to say "obviously they did X wrong", if anything it's a great chance for them to sit down and think of all the possible error sources, and design a new experiment that eliminates as many as possible. That's real science. If the new experiment still shows the same effect then it should be documented in detail so that other groups can attempt to replicate it because it's not impossible that they've actually found an edge case where low-energy signals are in fact causing damage.

As for farmers not noticing it (assuming it really is an EM effect) - I imagine a fairly minute number of farmers actually subject their fields to sustained 2.4GHz radiation at the intensities you'd get right next to a wireless AP. And of those that do, how many are growing garden cress? It could be that garden cress seeds rely on contain some relatively uncommon molecule that is particularly vulnerable to the vibrations induced by a 2.4GHz EM signal.