This is why I dislike this law. It pout one innocent american in jail indefinitely and one innocent swiss in a horrible position as the "jail door keykeeper". Not to mention travelling abroad might have put him into prison too.
Suppose that the data resides in Swizerland (Swiss privacy laws prohibit moving data overseas - don't know exact details, but the idea should be obvious). Suppose the credentials to give the data is only on the hands of a swiss administrator - no american has access to the data/server/credentials in Swizerland. In this case no matter who in the company orders to give him the credentials, the administrator in Swizerland cannot give them or he would be breaking the Swiss law.
[...] we refuse to accept old, working stuff.
To me the situation has been exactly the opposite. I had a job where I had to fight to get old crapware rewritten because "it provably works" (although it has e.g. access after "free"). I have never seen an old software that would work with the new requirements in the new environment. Quite contrary, old software slowly but surely deteriorates with #ifdefs, code nobody dares to remove, hacks that just happen to work as they change timing, you name it. Just like good-old OpenSSL.
Same with bridges btw, 20th century bridge would hardly suffice today (price, time to build, etc.).
But the companies exists solely to make profit to their owners. Which means "time to market", which means "security is not an option - until it is really needed".
For example, I am certain that 99% of Facebook/Twitter/... users don't give a shit how secure it is - especially as they know NSA has unlimited and unaccountable access into it.
Wrong. Open source can provide advantages, but only if all processes etc. are followed. Most often they are not.
So what you are effectively saying is "we (foss) did a great job, let's pat each other on the back! Then let's continue our marvellous path of joy and glory".
(translation: we, the cowboy coders, are totally ignoring fatal problems in processes and attitude and won't fix them 'cause we "are better". if the sarcasm was lost in translation, your bad).
First, I detest the excuse "some one is worse - or at least you cannot prove it is not, therefore we are actually quite good!"
Then, I call bullshit. Closed source do get "CVE'd" and the companies can be held liable. Foss developers cannot be sued (and get as much money as from G/M/A/...).
But do continue with the same attitude. After next exploit, and 10 more later, just say "yes, someone out there is worse, especially now as we have fixed ALL known vulnerabilities". Although the new version out next month will probably introduce more new holes than what were fixed.
I knew this excuse would used again and again, long before Heartbleed. I complained loudly (see my history) for your though to be fatally flawed.
The problem is, that this kind of thinking generates more holes than fixes.
But then, I think you were sarcastic and the moderators missed it.
Speed limits are overly conservative, and it is entirely possible to drive fast and drive safely. [...]
I don't pay much attention to speed limits. [...] slowing down when there is additional risk. Additional risk includes [...]
You are a dangerous idiot. Quite ofthen the speed limit is not to protect you, but others. Quite often the (low) speed limit is due to "addition risk", a risk that might be difficult or impossible for the driver to see. Which you have decided to neglect, because you think you are a "better driver". Hint: your reaction time is most likely not significantly smaller than others.
No, that is not what they are after. They want you to pay for the information.
So that you would not get it freely from "illegal" or "gray" (hard to say whether illegal or not) sites.
So that if you do, they can send you the "600€ or face prosecution" -letter.
"taxi driver is thinking"
This is exactly my point. And you missed it.
If I have understood correctly, in (someparts of?) USA, if you drive the getaway car in a bank robbery and someone dies, you will be charged (and probably convicted) of murder. Although, in a way, what you did is nothing more than what a taxi driver does. Right?
I have, and never will, understand the Coke-phenomenon.
To me all colas are "too strong", they kill the taste food - so they cannot be drank with food. But still people do. For thirst - no, again, too much sugar or other sweeteners, it does not take the thirst away. But still people do.
By far the best drink is tap water, for thirst and with most foods (unless you fancy a nice beer or wine, but that is different story entirely).
Apparently there are even cola-connoisseur like you (not that there's anything wrong about it).
Don't get me wrong, I occasionally do drink a soft drink, but that is mostly to get some sugar into blood stream.
Newspapers have editors who can be kept responsible for the content in the newspaper, search engines do not.
Then EU does have "government", "police", "judicial system" and "newspapers" as separate entities unaffectable by others (government cannot directly control police, judicial system or newspapers, neither can police control any of the other entities, and so on).
We should not stop bashing OpenSSL, ever (although I do admit it is "product of the community").
Just to remind people that this kind of development is not acceptable, not "even" in FOSS world.