What more could be said? You risk bricking the device, and having the manufacturer say just that.

Don't upgrade firmware yourself out of warranty, unless you have a proven recovery procedure, that you are prepared to follow.

Unless you are a hacker, and prepared to take extreme measures, such as leveraging an EEPROM programmer to restore the original image..

Have a manufacturer authorized service provider handle the upgrade, and make sure you transfer a risk of failure to them, or don't do it.

If a manufacturer suggests you upgrade... which is unusual, usually they won't provide support to customers out of warranty -- if they do, make sure and get it in writing, and get a promise in writing that they will provide a replacement if the upgrade breaks it.

Or else... pay the manufacturer for out-of-warranty service, and send in the unit.

It's certainly not reasonable to be expecting support, for free, after expiration of the support, though. The manufacturer is not in the wrong refusing to spend money, that wasn't part of the warranty or expected cost of their sale of the hardware to you.

But if it produces sufficiently less noxious pollutants, it can be a net gain. For example, if you had to burn 3 gallons of ethanol for 2 of gasoline

I think it's more like: You had to burn 1.5 gallon worth of gasoline in order to farm and produce the 2 gallons worth of Ethanol in the first place..... just because you had to burn that other energy separated by time and place, doesn't mean Ethanol is more efficient, even if it physically burns more cleanly -- it only seems that way because you aren't considering what you already had to burn to produce that clean-burning ethanol.

Modern standards would also have found a more ethical method to test the original smallpox vaccine.

And countless lives could have been lost that were saved, because the test method would take longer, and require more rigorous standards that would require much more testing before allowing a vaccine on the market.

While the "less" ethical method might have been more obvious and able to be executed immediately

The omissions are just as important as the inclusions when reading the law. Is somewhere in detailed define what is "service" what is "repair" and what is a "facility"?

<Policeman> I'm afraid i'm going to have to write you a ticket, for 45 miles per hour in a 25 zone.

<Driver> No thanks.. I am excluded from the 25 zone. The law says drivers must obey posted speed limit signs, but not ALL speed limit signs. It also doesn't define exactly what counts as a speed limit sign. The definition is intentionally vague on that point, and as you know, that means, the law requires the most permissive interpretation possible.

<Driver> 5 miles back, there was a 45 mph sign posted. I obey all speed limit signs, which have been approved by my appointed beancounter committee, and that 45mph sign was approved -- the signs must meet certain standards, before I will authorize them. They must be in pristine condition, and they must have been there in unadulterated form for no less than 5 years: they must be adjacent to certain properties I have a private business relationship with involving quid pro quo, then I will allow for an application to be submitted, for them to become vehicle manufactured authorized speed limit sign locations.

Contrary to popular belief we have no explaination for gravity, spacetime, or the other fundamental forces

False. We have no falsifiable, measurable, or experimentally verifiable explanation for gravity, spacetime, or other fundamental forces.

Explanations abound, but there is almost inherently no way that science can test any coherent explanation that came up.

As far as good scientists are concerned... if you can't measure something, and you can't test it -- then it is irrelevent.

It may be true or false -- you don't know -- it falls into the realm of 'belief' or 'religion' instead of science, if it is not testable.

It always amuses me that Mendel's pea plant experiments would not get past peer review these days.

Scientists' methods evolve with the peer review process. If it wouldn't get past peer review back then, he would likely have done something differently, so that it would meet the peer review standards of his day... assuming he intended to be published :)

I suspect that eventually, we will have a coherent explanation for all observable physical phenomena

Most likely we'll have a coherent (but wrong) explanation, as usual.

And in a couple hundred years, there will be someone with more groundbreaking work :)

Stay as long as you want, and fix as many as you can. When your done, let us know. Well look at your fixes and let you know if you got the job.

Asiding from being illegal... it's also unreasonable, and creates a risk of seriously bad PR, when the community inevitably becomes aware, if the practice continues; and work quality may be seriously poor as a result of having the potentially inexperienced working on customer equipment without adequate supervision.

I mean, are there actually people out there that feel their job can be compromised by handing over thirty minutes of talking to a potential employer? The only thing I'd be worried about is if they started asking me to name names for other people they could hire.

In other words, they had problems getting people to come interview, so they need free referrals from you, for people to compete against you, for more employer-favorable negotiated compensation / employment terms? :)

Is this serious? Here's a big red warning sign for me: if my job can be jeopardized by twenty minutes of talking, I'm probably in the wrong industry. I can tell you how to implement a solution but it's the actual work and planning and care that should be paid for cash money.

I don't know about 'care'; but if the solution was simple enough to not require real work, AND if that person really has no other problems worth hiring someone of my calibre; then I might consider not getting hired a blessing in that case, as it would save me from getting bored -- and leave me free to pursue other jobs that would be a better fit.

They are, but only to their authorised repair services.

The regulation reads 'shall make available to service and repair facilities'

It doesn't say authorized service and repair facilities; it doesn't say service and repair facilities that the manufacturer prefers; it doesn't say service and repair facilities except independents

There's no listed exception there at all....

Therefore: if there exists a place that is a service facility or is a repair facility, that requested literature and parts, and there is refusal to offer sufficient literature, or parts, then they would be in potential violation

What else can they do? Should I be encrypting all my disk partitions?

If you run the software; then you trust the vendor. Full stop.

If you don't trust a software vendor, don't run their software, and especially not their operating system.

Java was blocked by an update to Apple XProtect Definitions.

Software update is responsible for providing the updated definitions.

Uh this was a zero day active exploit. Are you saying you WANT to deal with that? Apple did you a favor. Are you so confident in your staff's ability to avoid getting owned. That's a lot of very sensitive info you would be compromising.

Sometimes being able to work, AND being vulnerable: is not as bad as a complete work stoppage.

There is a risk that you might be targetted by a zero day exploit, that might be successful. Say that risk is 1%; and the cost of a breach is 15 million$; mostly spent in legal fees, compliance fees -- sending letters to customers about the data breach, settling any legal complaints, etc.

Now let's say you rely on Java for many critical business functions, and you have a 50% work stoppage, if your workers can't start Java -- they can't access CRM, ERP, customer support systems, billing, Order taking, etc.

The work stoppage for 1 hour costs $3 million.

Now: What is worse: A 1% risk of losing $15 million, OR a 100% risk of losing $3 million, due to shuttering of the business applications, not being able to take orders, and losing customers, due to CSR unable to provide satisfaction, without working CSR applications?

Let's try a bank analogy....

A new zero-day vulnerability has just been discovered in a certain vendor's ATM; that allows a criminal to possibly use a simple technique to enumerate account numbers of other bank customers, and withdraw arbitrary amounts of money from their account without entering a PIN number.

Upon discovering this, does the bank immediately shut down all their ATMs, for fear, a thief will abuse it? [Despite angering all their customers, denying everyone access to their money, and losing 20+ millions of dollars a day due to account closures -- versus the 2 or 3 million in expected losses due to thievery]

or do they begin discretely working with the software vendor to develop a patch, while putting in place monitoring to search for signs of abuse?

with 30 years of prior use its not so simple to just move on - yes we may be foolish, but what can one do at this point?

Since Java was not commercially available until 1995; it's not possible that there is 30 years of prior use.

Although the point is well taken that Apple broke for some users a business line application with its security policy decision .

For consumer devices it's the right choice. IT needs to override Apple's policy decision, for their businesses; and not allow vendors to make configuration changes like blacklisting software -- without IT validating the change.

Apple's security policies should always be what will keep the greatest number of users in the safest situation -- even while inconveniencing the few who are using an uncommon functionality.

Change control 101. The proper response was for IT to disable blacklisting in the first place, and carefully monitor any blacklisting activity by the software vendor, to determine if they need to do anything for their Enterprise environment.

It's just one of the risks you take, if you allow an outside vendors to define patterns, version, or identity of applications that are not allowed to run, or patterns that are deemed risks; and change those patterns without review.

Apple hasn't told me how to do it. Yes, some hackers figured it out.

Did you call Apple Enterprise support? Does your organization have the proper agreements in place with Apple, for them to support use of OS X by a business (instead of ordinary consumer use) ?

Did you voice the concerns with your Apple rep?

It is up to you to gauge how much time is left on the yellow and whether to stop or not.

This is impossible to do reliably, unless you are a repeat visitor to that specific traffic light, and it has not been changed since -- because different signals have different yellow light durations; it is frequently different at each light, and there is often less than 2 seconds to make that decision.

They should display something that allows drivers to at a glance see how long is remaining before red.

Possibly red LEDs that light up on the center line of the road itself, starting a distance out, representing time at speed limit to red, and approaching the light, as the remaining green time decreases....