Wow, that'll be a great session title for the next BlackHat conference.
The VHF ACARS data was probably intercepted by the NSA and was the basis for the info provided to the WSJ. Note the original article said "intelligence sources."
The satellite ping BS was essentially a "uh, we didn't want anyone to know we were intercepting ACARS data." They walked that back pretty fast.
I thought Sat links were expensive, but it's only $7/MiB transferred over BGAN/inmarsat. However, they would need the hardware installed and someone would be eating that connection charge - and it if it wasn't Boeing, Malaysian Airlines, or Rolls Royce, then the connection didn't exist. I'm pretty sure you don't get SATCOM hardware for free when you buy your 777, but I have no idea about the specific deal that Malaysia Airlines has.
"Spaghetti code" is what developers say when they're confronted by code that exceeds their capacity to understand complexity.
The "leaks" seem more like they can track the path of a user through a website, given the structure of the links and the relative size of the pages. I don't think they claimed they could tell what the data was on the page, but sometimes the fact that a user is on a given page is enough (depending on the structure of the site).
For youtube, they'd have to figure out the relative sizes of all the pages, which might be difficult to do (and the size will change depending on he comments and browser used).
Testing is hard. The tools you have make it even harder.
How do you build a bad certificate? Fuck, using the openssl tools is hard enough. Does anyone who uses them really understand WTF is happening? I know I don't - I just follow the instructions.
How would you go about building a bogus cert? Beats me. I'm pretty sure you can't do it with the standard tools. And who the heck is going to write their own cert building tools?
And yet, this stuff is at the core of transport security.
Nobody in real life uses higher math in front-end web development. They might use multiplication and division to do layouts. It's debatable whether anyone actually uses algorithms. Data structures would be handy, but it's also arguable whether web developers actually understand them or not - especially if you talk to any DBA about how website A uses the RDBMS.
Web frameworks would be handy. There are general things about frameworks that don't change.
What would be good would be some discussion around the process of building a website, from customer requirements to deployment. How to choose a technology, payment processor, server technology, etc.
Try pulling your data out of most services and importing it. Good luck with that.
I was responding to the other posters and to the OP in general. Architects are necessary once you have to move to something more than (1) a single desktop or (2) away from stock LAMP.
A company with architects implies that it's infrastructure is somewhat complicated.
Developers hardly ever use the programs they write, much less understand the environment in which their program runs. What are the business requirements? Regulatory requirements? Technology limitations? Why are those present? Who set them and why?
These are things architects worry about.
You, as a developer, usually have no visibility into them in a large company unless you ask. And even if you ask you may not understand them, because it's far, far away from your personal experience.
if you don't understand why architects are needed, you should be hyper-aware that you're clueless when you go to your next job that requires you to design an architecture. And you will probably fail.
That's fine for you, because you'll learn. It'll be bad for the company you work for, because they'll have spend money and time on a solution that doesn't work, or at least doesn't work well.
As a note, back in the day Apple stayed afloat by selling its stake in ARM.
How much easier can it get than EBNF?
This is exactly when you use gotos in real life. If you look at low-level implementations it's easier to use goto and hit cleanup code than it is to unwind a ridiculous amount of crap.
Also, it's funny - Apple's style guidelines used to require curly braces around all statements in the if, even if it's a one liner. Guess those unix guys have subverted the paradigm.
The joke is there's no such thing as safe recursion - there's making recursion safer, which is what checking your stack does - and which you usually can't do from inside your high level language.
Making recursion safe isn't safe recursion; it's hacking your runtime because your runtime isn't enforcing runtime boundaries.
From the slides:
"Toyota used dangerous recursion"
Not like that safe recursion that other vendors use.
What is privacy these days? The USPS tracks every letter, or at least takes a picture of it (who knows what they do with that). The phone company always knew who you called, but they didn't care. Your mailman sort of knows what mail you got. Your friends, etc know what you like.
The question isn't about privacy, because that was always an illusion. The question is who do you want to know what?
Do I want google, and by extension advertisers (or entities in the advertising programs), to know anything about me? Amazon? Apple? My phone company? The government?
At least in the US, everyone sort of has an advertising profile. Who gets access to it and why? You have no real control over that.
Sometimes, advertising can be convenient. When you're looking for a car, it'd be nice to get a whole bunch of, say, test drive for dollars coupons.
Sometimes, it can be bad - like when you get medical condition related ads at home when you didn't want anyone else to know.
At some point the public needs to have the ability to take control of this information somehow. It's unclear how that's going to happen. Are online footprints considered property rights?