Reliance doesn't require a contract. Both providers reasonably should have known that service wasn't available at the address.

He put his faith in two organizations no one trusts.

In fact, he reasonably relied on their assurances that service was available to his detriment. It seems to me that he should be contacting an attorney.

Knowing the ins and outs isn't necessary. Knowing generally what it's used for is, just as much as any developer should know "don't store plaintext passwords". I'm not offhand familiar with how to securely generate a salt, and I use a library that does that, but I certainly know that there's a Wrong Way to handle passwords.

How many deployment avenues don't use cryptographic signatures? Usually you're either producing downloadable code, in which case the packages or tarballs are generally signed, or deploying to an HTTP or similar server, in which case you should at least understand what the purpose of TLS is.

They are trying to make as much money as they can, and nothing else.

And they make money by ensuring that there are drivers.

That's if you're trying to permit AJAX requests cross-site, and that's pretty easy. The difficulty with the JavaScript image-decoding shims is that they're trying to intercept the browser's ordinary page-loading flow, and at least Firefox (the one major browser that doesn't support WebP) won't let JavaScript hook into third-party img loads.

What in the world are you talking about? I have an application that's focused on processing and displaying user images. Are you seriously claiming that it would be better practice for me to deal with reinventing the storage wheel instead of saving everything to S3 and serving it from there?

Same-origin policy is a nightmare for use with CDNs. I really wanted to use WebP for image handling for the application I'm working on, but Firefox adamantly refuses to merge a patch adding WebP support, and the JavaScript shim can only access the images if they're pulled of the same host. Images loaded from a CDN aren't accessible to the JS decoder.

No, the actual number of defensive gun uses is only around 7000 per day in the United States.

and still no merge of the working WebP patch that was proposed four years ago because NIH.

The code that I saw, which basically reached out of its container and hit the "retweet" button on itself, was definitely a clever hack.

The Moto X, or an enhanced version of it? In addition to the now-standard voice control, it automatically detects when I'm driving and goes into a "driving mode" that will suppress some notifications and use text-to-speech for calls and texts.

Hardly "insightful". If corporate greed were allowed to take its natural course, I'm quite sure that plenty of companies would be happy to offer faster access at lower prices than I currently have available, but local governments won't let them. It's regulatory capture, not the profit motive, that keeps the incumbents fat and lazy.

I'm trying not to pick up any extra bad habits, and I figure having one MOBA is plenty. ;-) I like the completely-free-to-play model, which Dota 2 also uses, and Valve's legitimate efforts to support their products on Linux.

Local friends got me playing WC3 DotA, and I moved over to Dota 2 when Valve got the native Linux client working reliably. I also keep Civ 4: BTS around when I really have to be unproductive but can't sign up for an hour-long game.