Odd. My university mandates one course in either statistics or probability for every engineering student. Mayhaps every school should put that requirement in.

Remember who "they" is. Of course they call it a service pack. Wouldn't want any expectations raised now, would they?

Alright. So who wants to put down bets on how many service packs are eventually released for 7?

The F1 key threat isn't that bad. It's the power button that creates a real vulnerability.

Another one bites the dust...

Good for them, but I still don't see a noticeable reduction in my spam mail. Gotta keep working at it, guys.

I wonder if this can somehow be extended to other forms of data scrubbing besides two-dimensional color images. I've got a waveform capture of a really small, and really noisy, electric motor current that I want scrubbed without losing the shape I think I'm supposed to get out of it.

That works on drag racers (the kind that are dozens of feet long and have engines that put out thousands of horsepower, not simply people with average cars driving in a straight line). They spin their tires to both lay down rubber and to heat the tires. The average street racer gets no straight-line acceleration/speed benefit from spinning tires.

Small addendum: some cars have enough power to spin any set of tires when the driver stomps his foot down. One point of skill for people who own such cars is to be able to launch your car from a halt as fast as you can without spinning the tires.

And a bunch of us (well, technically I'm an EE, but still a fan od Porsche) who do like Porsche consider their latest two hybrids (see also the Cayenne) to be sort of a "sell out." Then again, they've been breaking from their expected image a lot in the past decade: an SUV, two hybrids, a {gasp} 4-door (see Panamera).Whatever is this world coming to?

One alternative to consider, as unlikely as it may be, is this: China [already] has a really bad rep among the online communities for openness and free speech. Some third party comes along, having assembled a botnet, and wants to further smear China's name. So they tell their botnet to attack the webpages of those who oppose China's rights abuses. The world assumes it was China and hates them all the more.

Now, before a flood of hate-replies come, let me say a few things. (1) It is less likely than not that the above scenario happened. Anyone wanting to oppose China's rights abuses wouldn't attack those pages. ("The enemy of my enemy is my friend" mentality.) The perpetrator would have to hate China but not care about the rights abuses. (2) I personally think that China is responsible. This post is just a small attempt to keep people thinking rationally instead of letting their emotions take over completely. (3) We probably will never truly figure out who really did it anyways.

The most secure, and usually the most difficult, method of password management is in your brain. There is no perfectly secure way of storing passwords, but using your brain alone is approaching that limit.

(BTW, I use about 8 different passwords, following three different common themes.)

Another point of how the social contract affects us is privacy laws. Many of the laws regarding a person's privacy are based upon a "reasonable expectation of privacy." With the popularity of social networking and other web-based activities, I believe that the amount of "expected privacy" is going down over time. How soon before it's expected that you have no privacy (and the laws change in the government's favor to reflect that)?

It could very well be deliberate that they are making identity theft easier. Think of this scenario: political blogger U. B. Scammin posts something about how Pres. L is promoting bad stuff (oppression of free speech, unlawful arrests, whatever else he's done in the past, just pick something). He posts on a blog. Instead of just the standard arrest/torture/execution or whatever, Pres. L decided to get back at the person and ruin their life. He sends one of his agents to find Scammin's account number and then go do horrible things with it (con little old ladies from their life's savings, host sites of kiddie porn, pick something). Now wait a little bit, then expose his "horrible actions" to the public. Instant shame and a good excuse to lock him up.

I've read several of the posts so far and have noticed a few people relating how this is no different from Western countries, that there is a great similarity between them. I do not profess to be an expert of law in any country, but I did notice one difference with regards to current US law:

With Belarus, you are automatically tracked. Once you do something, it's logged and [probably] viewed by the authorities. In the US there is a slight difference: in order for a law enforcement agency to observe the activity of a specific person, they [usually and ideally] have to subpoena it or provide a warrant for the information to an ISP. This is an extra protection of rights offered in the US that is not apparently offered in Belarus.

( Yes, I acknowledge that certain agencies {cough} ...NSA...{cough} have the capability to and probably do go around the system anyways. And yes, due to the amendments to FISA (Foreign Intelligence Surveillance Act), they can monitor the public as a whole as long as they are not targeting a specific person (i.e. looking for something rather than someone). )

Quite so. A good topic to research (in addition to side-channel attacks) for more information on is TEMPEST (protecting against "spurious emmisions" that may leak information). From there you can find information on many, many methods of side-channel attacks. Examples include measuring the emag field from keyboard presses, monitoring CPU times & power consumptions, reading screens in reflections, and many more.

Again, this article highlights that all the software in the world can't protect against some hardware attacks. (For example, a hardware keylogger between the keyboard and the computer.)