I rue the day Paul became an improvement.

Not everyone is able to contribute freely to the common good. Some folks need a paycheck. This allows for either to coexist. And Mozilla Foundation benefits either way by having an increased demand, regardless of the proprietary/free leanings of most people.

Good move, Mozilla.

What, you want it returned to Syria? They didn't order it from China on alibaba.com, you know.

That, and his use of "instagramming".

I seriously misunderestimated him.

Actually, a few hundred PIN pads with built-in skimmers and GPRS modules were distributed around Europe a few years ago.

And how many ordinary companies making a routine purchase of seemingly ordinary keyboards test them in labs for key loggers?

Commercial keyloggers (including devices like black market skimmers) can use GPRS cards, they can scout for open WiFi access points and transmit their payload once a day at 2:00 AM, or they can sit on a whole file waiting for a harvester to show up and retrieve the data via Bluetooth, 900 mHz, or some other wireless technology. The retrieval patterns are designed to evade detection.

The only people investigating this stuff today are forensic investigators hired by people who are already victims, and independent security firms with nothing better to do.

2% is still a big problem. When you are trying to hack in, you don't care much which account lets you in the door. Get in first, then escalate your privileges.

2% means if I try these top ten bad passwords on about 50 accounts, I'll probably get a strike. If an account is locked out after three tries, then i can try the top three out on about 200 accounts, and might still have success.

Strontium Bad?

I was wondering about that, too. Maybe they'll have the drone autonomously fly to the target's address, then have a human pilot land it on the doorstep, guiding it via GPRS, 4G, or something similar.

A security vulnerability implies that at some level, there had to have been the faintest vague attempt at being secure.

He exploited a vulnerability, to be sure, but he seems uncomfortable calling it a security vulnerability.

Disposal at sea and open pit burning (both of which were practiced by the British and the Soviets) are now prohibited by the Chemical Weapons Convention. So they won't be dropping barrels of anything over the sides of the ship, or simply pouring the weapons into a fire. They have to be broken down carefully so that what remains is much less dangerous than what they started with.

The weapons are mostly organic compounds, so the bulk of the waste is hydrogen, oxygen, nitrogen, and carbon. Some weapons have used arsenic, chlorine, fluorine, phosphorous, and other elements. Initially they were disposed of by single stage incineration, but that produced smoke that was toxic in its own right. Modern disposal techniques use multiple stages of heat, filtration, oxidation, electrolysis, or even detonation of the weapons. Bleach is an effective oxidizer, but gives off chlorine. Hydrogen peroxide and high temperature steam will also break down many of the compounds. Sarin [2-(fluoromethyl phosphoryl)oxypropane], which the Syrians are accused of using in this war, can be broken down by a low temperature burn, followed by a scrubbing process, followed by a second high temperature burn. Any solid materials remaining after the scrubbing and filtration processes are then buried.

A UK firm was having great success using electrolysis of silver nitrate in a nitric acid solution, which was very effective at breaking up and oxidizing the compounds, but they have ceased that research. The French are building a detonation chamber, where the entire warhead is placed in a blast chamber and detonated. The high pressures and temperatures perform an initial breakdown of the agents that destroys most of the chemicals, and the remaining chemicals are treated through an incineration and filtration process. One advantage is that it destroys both the chemical weapon and the explosive, meaning they don't have to have a separate hazardous process to handle the high explosives (which might be in a less-than-safe state of stability.)

Destroying the Poisons of War, by the Royal Society of Chemistry, is an interesting read on the history of the topic.

And the U.S. Army, who is in the process of decommissioning their Utah disposal facility at Tooele, has been drilling test holes in their disposal plant and sampling the soil beneath. So far, they have found no traces of any of the weapons they had been destroying. This plant was originally commissioned in the 1970s, so the engineering, the chemistry, and the processes have proven highly successful at safely destroying the US stockpiles over the long term. They know how to do it.

The Tooele base in Utah successfully destroyed over 13000 tons of nerve and blister agents over the last few decades, without causing any problems to the environment or the people involved. They take this with the seriousness it deserves.

TFA (and I emphasize the 'F') is titled "Sea hosting 100-million year old species..."

It is filled with misinformation and hyperbole. And it fails to account for the largest environmental hazard posed by these weapons: their being stolen and used by a third party, or the disposal plant being attacked, causing the uncontrolled release of the toxins. The navy can operate safely in the sea, much safer than anyone can operate a land based plant anywhere on the globe.

The entire article is a troll. Nobody's talking about dumping the chemical weapons into the sea. They're going to move the chemicals to a U.S. Navy ship where they'll be neutralized by incineration. By cooking them hot enough, the molecular bonds will break and all they'll be left with are the constituent elements.

Despite the scary suppositions about performing this task over the sea ("what if there's a leak???"), it's actually far safer for the world if the U.S. Navy disposes of them right there in the middle of the Med. If they wanted to dispose of them on land, they'd have a couple of challenges -- the first of which is finding a stable country willing to accept a chemical weapons processing plant. Guarding the lines hauling the weapons to the processing site would be an ongoing problem. And securing the site against local attacks is another. One thing the U.S. Navy can do very very well is guarantee the security of one of their naval ships at sea. The chemicals will have a much safer journey to neutralization than anywhere else.

You mean like CV dazzle makeup?

It might be popular in Ibiza clubs, but I don't see it walking down Main Street, Anytown, USA.