Forget earthquakes. On a typical sunny day the Zocalo is filled with Aztec ceremonial dancers stomping, peddlers selling imported Korean and Chinese goods, and hundreds or even thousands of tourists. I hope they're planning to use glass block rather than traditional "windows"; and will even that stand up to all the foot and hand-cart traffic?

On the other hand, sewage / drainage isn't as big a problem there as it would be in a coastal city. Mexico City is at an altitude of 7,900 feet, and a couple centuries ago they drained the lake-bed by digging tunnels along the lowest nearby mountain-pass.

... and Visio 2k10, at work. Everything else I use is supported (or originally for) Linux: Lotus Notes, Lotus Symphony, Rational, Oracle SQL Developer, Oracle SQL*Plus, WebSphere, emacs, gimp, xfig (I have Cygwin installed). PuTTY is a little bit easier to configure with funny fonts/colors/scrollback per host than xterm, but that's what programs like Gnome Terminal are for.

At home, my kids use Windows ME to play some games, but everything else is Linux, and my kids play games on that too. Family finances, personal e-mail, genealogy ... all on Linux. In the past we've had Windows XP and Windows 2k3 server, but not currently.

There are some border cases where things are apparently not supported as well; for instance I haven't been able to share a webcam using Skype (at home) on Linux, and SameTime for Linux apparently doesn't currently do desktop sharing. On the other hand, a lot of stuff is faster on Linux on the same hardware; boot time on my wife's laptop went from over a minute to just a few seconds (sometimes tens of seconds) by wiping it and installing Ubuntu.

If you can do that, more power to you. In my case, I need the Java plugin for a number of core work functions:

• The corporate expense-reporting application
• The desktop/webcam/slide-sharing portion of the corporate standard audio/video-conferencing platform
• The corporate standard e-learning platform (which was used to deliver "data security and privacy" training 4Q last year)
• The download-assistant at the internal site where I obtain official copies of our software products (customers use a different interface to the same site, with the same Java applet to download "images")
• The drag-and-drop-to-upload function of one of our document-management products

My employer is a Java licensee, we have our own VM, I would hope that makes our Java plugin less vulnerable.

I might be able to get away with disabling the Acrobat plugin, but I need some sort of PDF viewer because a lot of the documents I have to read are only available to me in PDF. I might be able to get away with disabling Flash, although other divisions' salesmen have been publishing some videos they want me to watch on YouTube, and the old version of a system I'm helping write a replacement for uses Flash on its front page. (You didn't mention QuickTime, but the above-mentioned audio-video-conferencing platform exports recorded conferences as either QuickTime or Windows Media, which means I need a player for at least one of those formats.)

I guess I could run a pluginless browser (say Konqueror?) in a low-privilege account in a VM, or on a remote server, and use only that to access third-party vendor and customer websites... but Java was supposed to solve the "running code in a browser" problem when it first came out, right?

Really this is a black mark for Oracle, even though they didn't write the MySQL database: they've been owners of that website for over a year now, and they were selling "unbreakable Linux" way before that; what kind of system-administration process is in place that allows an unknown party root access to one of a company's high-profile front pages?

On the other hand, to make the analogy more detailed: "Someone broke into the factory (or farm, or dairy) within the past month. We've shut down the factory while we check for contamination. We believe the production process itself is tamper-proof, but we're verifying everything just to be sure." Food with an expiration date before (one month ago + normal shelf lifetime) is still safe to use in any case; so anyone currently running a supported commercial distro (think RHEL) or the stable version of a community distro (think Debian) shouldn't need to worry right now.

So you probably won't read this because you posted "anonymous", but if you're encouraging someone to be "serious" please get your facts straight...

Joseph Smith never set foot in Utah, or anywhere within 1,000 miles of its modern borders. He was shot by a masked, "anonymous" lynch-mob in summer 1844; at that time he was serving as the democratically elected mayor of the city of Nauvoo, with about 10,000 residents in it; wagons didn't start rolling across the Mississippi River westward until about February 1846.

Actually, the first question on the referendum is basically "how important would this feature be?" If you are eligible to vote and you are against the feature, you can certainly vote "0" on that item, "?" on the rest, and include any specific comments in the free-text field at the end. Enough "0" votes and the board may decide to postpone or rethink the feature.

Not strictly true. First of all, you can use Mono instead. Secondly, if managed code is exposed as a COM object, you can interact with them from native code compiled with some other compiler (such as Borland or Intel or g++). Finally, if you're feeling really adventurous, you could try dynamically loading mscoree.dll and invoking CLRCreateInstance, similar to creating a Java runtime for JNI or an embedded perl instance.

If you read the original article, they say that middleboxes actually do behave for at least 80% of the connections they tested (at least 90% when going to a random high port on the server, not port 80). The other 20% can be detected by the fact that they don't pass new TCP options on the initial SYN packets, and so an extension can fall back to "plain vanilla" TCP if appropriate. Hence, the following two extensions should actually work widely (although not universally) on the current Internet:

• Multipath TCP (Internet draft). This should allow load-balancing or failover between two hosts where at least one has multiple IP addresses (is multi-homed), including the case where one end has and IPv4 and and IPv6 address or has multiple IPv6 addresses from multiple networks (including, for example, 6to4 and Teredo).
• TCP Crypto (Internet draft). A way to encrypt the TCP stream, not as an application running over TCP (as is SSL) but as an option in TCP itself. Redundant if either every protocol is SSL-ized or if IPsec is universally deployed, but perhaps useful at present.

These extensions are deployable now, on TCP/IPv4 and TCP/IPv6 equally. (There is no "TCPv6". RFC 1705 mentions TCPv6, but that was only an "informational" memo written when people were still talking about "IPng".)

Doesn't even have to be full name. My mother-in-law gets calls from bill collectors from time to time looking for a man with the same last name, same first initial. When my wife or I would answer the phone we just said we knew no such person; no idea if there's just one such person or more than one.