Unless the "back door" is something like reducing the randomness of key generation, or leaking bits in IVs, or... and many HSMs that serve on-line systems are on networks. They should be as isolated as possible, and of course well-secured physically, but nothing is perfect, employees with physical access can be bribed or coerced, etc.

If you assume your opponent has the resources of a major government agency, and may have colluded with your vendors, securing your data is a really, really hard problem. It's not impossible if you have the resources, but it's far from easy.

Indeed. A very obvious approach for cryptographic keys generated inside of HSMs is to reduce the entropy. Suppose for example, if you ask the HSM to generate a 128-bit AES key and it provided one selected from a set of 2^50 possibilities. It would be virtually impossible to detect that the effective keyspace is dramatically reduced, but if the NSA knows what the 2^50 possible keys are, they can brute force the space and decrypt your data.

There are lots of other subtle tweaks that could dramatically reduce the security in ways that are almost impossible to detect.

When the fuzzy matching doesn't give you what you're looking for click on "Search tools" (just above the results), then the "All results" pulldown and "Verbatim".

I tried to use your example to demonstrate, but even without verbatim mode I couldn't find a search result in the first half-dozen pages that mentioned "UITableView".

However, I did notice one thing that was kind of funny: Next to the results pulldown there's a time pulldown. When I set it to "last hour" the top hit was your post above.

Interesting. I prefer a manual in most cars, but in a truck or SUV I'd much rather have an automatic. If you look at a given model with automatic and standard transmissions, the automatic will have a higher rated towing capacity... and towing substantial loads with it will be easier, especially in more complex situations. For offroading, it's debatable, but I think an automatic is generally the better choice there as well. It certainly takes a lot more skill to manage tricky offroad situations with a manual, though I suppose there may be some where an expert driver is better off with a manual transmission.

It's not at all surprising to me that trucks and SUVs with manual transmissions are hard to find... there's not much demand for them because most of the things you need such a vehicle for are better-served by an automatic.

Apple keyboards have a power button on the keyboard. It's not the location or difficulty of hitting the key that matters, it's how it's handled. The approach currently used by Apple (but not invented by Apple, BTW) of "tap = request to shutdown, requires confirmation" and "press and hold means forcible power off" works just fine.

Neither did old keyboards, but that's not the point. The point is that the operating system's low-level keyboard drivers have special handling for it, at a level that can't be modified by trojans unless they can muck with the deepest parts of the system internals -- and if they can do that then they already completely own the machine anyway.

If you define the scope of the right to be forgotten to include only information that you put out there on sites with which you have a relationship (e.g. Facebook, Google+, Twitter, etc.), then it's not only possible, it's easy. If you expand it to information posted by other people on the same sorts of sites that explicitly references you, then it's still possible and technically easy, but it gets to be a little sticky from a content ownership perspective. Do I have the right to delete something you wrote just because it mentions me?

If you expand it to include all information on-line everywhere then it becomes darned near impossible. Even deciding whether or not a particular piece of content refers to or is about a given person is really hard -- and may be fundamentally ambiguous, perhaps even intentionally so -- and then there's the problem of tracking down someone who is capable of removing the data, on top of questions about ownership.

The laws make the NSA less free to spy on organizations in the US. Given a completely non-US Internet, the NSA wouldn't have to concern itself with legal restrictions, other than not being seen to violate international law, at all.

Inside the US, the NSA is supposed to be constrained to acting within the constraints of due process. Granted that it appears that due process is less constraining than we thought it was, and that the NSA doesn't seem to have been complying even with that. But on balance, I suspect an organization like the NSA would trade the ability to issue National Security Letters through the FISA court for having all constraints removed in a heartbeat.

You mean, like the way you can delete your Twitter, Facebook and Google+ posts today? Assuming this is about social media like the summary implies, this law irrelevant, because you can already do it. I suppose it might prevent the social sites from taking the ability to delete stuff away, but it's not clear why they'd ever do that anyway.

Uh, huh. And what if you don't realize that your code has subtle failings that may have significantly altered your results? Anyone trying to reproduce your results but doing it right will fail, but be unable to explain why their results differed. Without your code peer review of your work is both harder and less valuable.

Unless deterring review is the researcher's intent, of course.

Or if it is re-used, which is one of the potential benefits of publishing it alongside the paper.

Also, since the purpose of research papers is to transmit ideas, clear, readable code serves readers much better than functional but opaque code... and that assumes the code is actually functional. Ugly code tends to be buggier, precisely because it's harder to understand.