If you're not investing your energy in your personal time in furtherance of your mastery of your craft, you're doomed. The world will swiftly leave you behind and it's nobody's fault but your own. The coding skills you have today are obsolescent in 18 months. It may be wise for your employer to invest in your continuing education and foolish to not do so, but it's not the employer's responsibility. It's yours. You made the choice to be in a line of work where very little is permanent.

If you're not comfortable with that, consider masonry.

Hi.

the Nyquist limit of the audio sampling hardware of a cell phone over instruction rate of a modern CPU is a pretty small fraction.

The "audio" in question is most likely all below 24 kHz, that being the Nyquist limit for the 48 kHz sampling hardware, unless it happens that some phones can actually sample faster, and have microphones that can respond to higher frequencies.

The instruction rate of the CPUs in question is many times that frequency.

It doesn't sound likely.

Using multiple cores turns out to help the attack (by shifting down the signal frequencies).

Say what? Through what mechanism would multiple cores shift down the frequency? And what about parallel instruction streams contributing to noise?

TEMPEST was a details-secret government requirement meant to defeat means of eavesdropping on classified computer data from its electromagnetic emissions. I guess they need to include audio too.

My impression is that the noise comes from the power supply, not the CPU. I can certainly hear it with some computers, and it is related to work on the video card in my experience. I'm astonished that you can actually pull data from that, and in fact I'd like to see independent confirmation before I believe it.

The problem with ID based encryption is revocation. If someone loses their key the best you can do is to tell people that it is bad. And any mechanism that could tell you the key status could be used for key binding.

So the only applications where it really works is in low level device type schemes where the crypto is installed during manufacture.

The CA model was never designed to do more than support Internet commerce. It was designed to be secure enough to exchange credit card information.

CAs are not useless against defending against intelligence services, they are only vulnerable to being suborned by a limited number of such agencies, the ones that they have plant in. And any defection is visible on the Internet. Hence the use of schemes such as Comodo CertSentry and Google's Certificate Transparency which are designed to prevent covert subornation of a CA by making the results of the attack visible.

One of the many reasons security is hard is that you have to defend against all the attacks, not just one particular one that someone is obsessing about. Nobody has proposed a replacement for the CA model that works as well within the existing constraints.

Peter Eckersley proposed a scheme 'Sovereign Keys' that solves the hard problems of PKI by pretending that the system administrator will never ever make a mistake. Moxie's 'Convergence' is three years old now and we are still waiting for an actual written specification. The problem with Convergence is that it depends on a notary infrastructure that doesn't have a business model. So it is hard to see how the world of commerce is going to be keen on moving to an infrastructure that we know will have scaling issues.

The CA model isn't prefect but it is the only part of the Internet security apparatus that fails rarely enough for the failures to still be news. McAfee fails to spot viruses on an hourly basis. There are serious security fixes for Windows, OSX and Linux every single month. Those don't make the news because they aren't news any more.

The market for the proposals that are 'stronger' is essentially the same as the constituency that use PGP every day and use Tor and keep their money in BitCoin. It is not a negligible constituency but the people who are in it have to spend about a quarter of their waking moments managing their security.

Web of Trust isn't perfect either. Choosing between the two is pointless because neither meets every need that the other meets. So instead of having the argument over which one to pick we should work on ways that let people use both in a seamless connected fashion.

The IETF is the official name of the 'Elders of the Internet' mentioned in this video.

https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=1&cad=rja&ved=0CDgQtwIwAA&url=http%3A%2F%2Fwww.youtube.com%2Fwatch%3Fv%3DiDbyYGrswtg&ei=LdGtUubBH9TMsATK0oDICw&usg=AFQjCNFBy44NoDrPLOCiq1g54j1FoZ9dgw&sig2=1mVXPzNhCXnfxb_jPPP3Zg

Even at the height of the troubles, the number of deaths in the UK due to terrorism never exceeded 500 and the UK murder rate was a fraction of the US murder rate at the time.

Most of the guns used by the IRA were bought in the US through NORAID, the US fund raising arm.

Newtown took place in the heart of gun-nut country, not the inner cities.

The number of gun deaths in rural America are way higher than in Europe.

The typical gun murder is of a family member. Those happen just as often in rural America, in fact they are rather more frequent because guns are easier to come by.

Most countries that regulate guns also regulate sales of ammonium nitrate fertilizers which is by far the next most popular tool for mass murder.

The US does not regulate ammonium nitrate particularly well which is why that factory in Texas was located next to two schools and the likely perpetrator could not even be prosecuted for the murders despite having made two pipe bombs.

Very few firearms deaths are caused by career criminals. The vast majority are suicides and accidental shootings. Making guns illegal would practically eliminate those causes of death. Only criminals would have guns to leave round the house for the kids to use.

The UK does not have idiotic mandatory sentences for low level drug possession or peddling. But carry a firearm during a crime and you get ten years almost automatically. Fire the gun and its fifteen. Anyone involved in the crime kills someone and its a whole life sentence.

Its just a hobby, you folk don't have the right to cause 50,000 deaths a year for your hobby. Moreover I don't think the general public is impressed by the NRA attempting to save their hobby at all costs by attempting to persuade the politicians to ban video games instead.

The purpose of the 2nd amendment was to stop the federal government outlawing slavery by making it illegal for the states to organize slave patrols.

The people who wrote it did not believe in freedom. They were slave owners.

Actually its only 99.995%

And the issue is not the 99.995% of owners who don't commit murder, its the 0.005% who do.

And given that the total number of firearms deaths is three times the number of murders, the number of 'responsible' owners is far smaller. There is a child under 5 killed with a firearm every week in the US.

Any gun that is accessible enough to be used in 'self-defense' within 1 minute 20 seconds is going to be accessible to a child.