You are wrong on this point, you do not have to download the whole ISO to verify it. Bittorrent combines all the files to be transfered into one big data chunk and then splits up the chunk into pieces which are individually hashed. The resulting .torrent file ends up recording all the hashes from the individual pieces plus a "master" hash which is the hash of all the individual hashes. The master hash is used to check that the .torrent file itself is not corrupted.

This means that if if someone modified an ISO to contain child pornography and then tried to seed this in the same swarm as the unmodified ISO, the pieces containing the data with pornography will fail the individual hash check, thrown away and redownloaded from the swarm. If a single peer repeatedly sends a data piece where the hash check fails, the protocol will assume that his copy of the data is corrupted and ignore that peer. Bittorrent will never upload an incomplete piece to others because until you have the complete piece, you can not be sure that the data in it is correct. The Bittorrent protocol guarantees that the data you have downloaded matches the data described in the .torrent file so if anyone wants you to download child pornography, they will need to give you a .torrent file which says that this data should be included.

If seeding fake data would work, movie studios would have done this years ago. As the protocol stands, seeding fake data will slow the downloading process down because pieces will fail the hash check, get thrown away and downloaded again, but as long as there is at least one person who have the correct data, you will get it eventually

To be fair, the bug was caused by the Debian OpenSSL package maintainers, not by the OpenSSL developers themselves. Here are some information for the bug in question.

While this bug in Cyanogenmod is different and the developers themselves are responsible for it, it was not shipped in any official build. If it did, it would have been a totally different matter.

Relying on MAC address filtering for security is a terrible idea because it is so easy to circumvent. All a potential attacker needs to do is to wait until at least one legitimate wireless device is connected, and then steal that device's MAC address. This can be done easily with open source tools and is pretty much the same security-wise as hiding the SSID broadcast. It just slows an attacker down for a minute or two.

According to an article at Reuters the dispute is "uncollected sales taxes for purchases that its residents made" from December 2005 to December 2009. The $269 million figure also includes interests and penalties.

RIPE probably cares a lot about IANA's pool running out and they will surely spread all their troubles downstream to all of the account holders.

It's the great chicken and egg dilemma. Why would anyone use it if there are no browsers that supports it?

I'm curious about how the "Social Authentication" feature will play out, especially for the facebook users eighter view the friendslist as a sort of competition or who play games that reward users who have many friends playing the game and therefore add friends by the truckload without having any real idea of who they are. There's probably a lot of people playing the latest Zynga game or whatever is popular these days, with an extremely large list of "friend" who they don't know and don't want to know, other that they share the same game interest and it's a win-win in relation to that game. If facebook starts asking questions about these 'friends' then I fear many users will fail the social authentication and then what?

There is some disagreement about the java dependencies. According to OpenOffice.org, you do NOT need Java "If you do not require database tables or accessibility integration or some wizards" and I would not call this a very heavy relianse. Read more on OpenOffice.org wiki. I would imagine the same text applies to LibreOffice at this stage.

If you had read TFA, you'd have seen that Coverity is not releasing any details until January to allow Google and vendors to fix things.

and where I live, DST does not make much sense eighter. The reason being, apart from the short transitional periods, it doesn't make much of a difference anyway. In the summer, we got sunlight 24 hours every day so it doesn't really matter what timezone you follow. And of course in the winter, its the opposite and if you manage to see the sun at all you should consider yourself lucky.

I use the AdThwart extention . Works good for me but your milage may vary.

Indie filmmakers are already starting to use bittorrent as point of distribution. Check out The Tunnel They have run into some troubles getting the movie listed at IMDb mostly because they have failed, according to IMDb, to provide distribution information.

My first reaction to this: If a commercial company has started doing it now, for how long has the terrorists been intercepting the ADS-B signals? I doubt they would go out of their way to tell anyone about it. It's like most security flaws, even if it is now known that a flaw exists, that does not mean nobody knew about it. And people exploiting it would very much prefer that it remains unknown.