I hope the "insightful" mod is in regard to the lack of proof, and not the ridiculous car analogy. The biology and functionality of the human brain is several orders of magnitude more complex than the mechanics of an automobile, to say nothing of the fact that fuel efficiency is completely off-topic, even as an analogy. That's comparing apples and solid rocket boosters.

Honest question: what activities are recommended for improving focus? I've identified a general decline since high school in my ability to focus on things that aren't highly stimulating. I did some brief searching a while back, and most of the advice just boiled down to, "make a conscious effort to not let distractions (internal or external) break your focus, and over time, your ability to focus will improve." I've wondered if there are specific activities (marathon video game sessions?) that can more easily hone one's ability to focus. An analogy would be (for me) riding a bicycle to get exercise. I just generally enjoy heading out on a bike and exploring, so as a side effect, my physical fitness improves. Can I find a similar solution for improving focus?

I guess the whole "rootkit" aspect isn't really necessary for the scenarios I described, though. Since one can write their own apps on Android, you could just write your "Pen Testing Suite" and toss it on the phone, without mucking about trying to hide it as a rootkit.

IMHO, the news here isn't the threat of a malicious rootkit, but the functionality that can be used for other purposes. In a penetration testing scenario, this would be a sweet little tool. Hide an Android phone somewhere in the target facility (or vehicle), and then you can silently call it from across the city/country/world and activate wifi/GPS/camera/microphone.

My android phone also uses USB for charging and data transfer, so it wouldn't be hard to hang it off the back of a PC, place it out of sight, and never worry about the battery running down (my phone doesn't show up to the computer's OS until you tell the phone you want to connect).

It seems that there are lots of people in this thread saying that Google can't pull this off, and most of the excuses are centered around a need to develop on, or use tools for, Windows. It's not hard to figure out the solution here-- Linux for the core OS, and any specialized (non-replaceable/windows-only) tools or development that has to run under windows can be done in a sandboxed VM.

Clearly, this shouldn't be considered if it doesn't provide a comprehensive solution to the problem. It's the same reason we shouldn't be expanding solar, wind, and nuclear power generation in unison...we should definitely wait for just one technology that will serve all our needs, and not attack issues with a multi-pronged approach.

Ditto on not needing OpenSSL installed, but be careful with echo. On the systems I've used, echo by default includes a newline character, which also gets hashed, so you need to not include that if you want a 100% reproduce-able algorithm:

echo -n salt.site.password |md5sum
echo -n salt.site.password |sha1sum

Also, I find the Hashr extension for firefox handy.

You're confusing "should be" vs. "real-world." Even if the actual POS machines are dumb terminals, they'd connect back to the server, which is probably Windows. Marketing Department and/or Customer demand says that more POS systems will be sold if Corporate can push out pricing updates to the servers and check inventory levels across the Internet, instead of having leased lines all over the place. And since there's Internet connectivity, you need Antivirus. The fact that POS machines aren't quarantined the way they should be isn't the worst of it. I walked up to my bank branch once, and the ATM was showing a WinXP BSOD.

Well, you've eliminated every "user-error" vector I can think of, except one. What were your password reset settings on the account? I'm guessing that with the rest of your measures, you didn't have an easily-guessable answer, but I'm curious.

I'm inclined to doubt that the students are the ones printing most of their emails. In my experience, it's usually the older generation(s) that seem to want to print everything, so it's probably faculty/professors printing out every damn thing. I have two theories on this:

1) Younger people are still more used to digesting content directly from an electronic screen, so they don't feel a need to convert it to dead-tree form for a more "natural" medium.

2) Younger people are probably more likely to trust that the email will still be there*, and they are able to use search tools to find it, whereas older generations may feel (even subconsciously) that if they don't print it out and put it in their hard-copy filing system, they may not have access to it again. I think the only reason my mother has cut down on her printing of every "interesting" email is that she has spammed herself into oblivion with mailing lists & such, to the point that printing everything would be cost prohibitive.

*Assuming there's not a ridiculous "all email will be deleted within 90 days, and no archiving or auto-forwarding allowed" policy, like with my employer.

It does break the brakes, but not fully. The goal of switching off is that you will (hopefully) also brake the breaks.

Don't worry. You've just demonstrated that you're a person I wouldn't want to work for, anyway.

Who says he is blindly following advice? In my experience, asking a large group of experienced people, many of whom are more likely to be more well-versed than I am on the topic, is an extremely valuable research technique. It doesn't mean I'm going to blindly trust whatever I'm told; it means that I have a wealth of new, highly-relevant information with which to make my decision. In this case, slashdot is google on steroids.

Exactly. I'm not saying Adobe should strip out javascript, just fucking disable it by default. And *if* I need it, *if* I turn it on, at least give me the option to only leave it on for that session. There aren't enough adjectives for my opinion of what Adobe has done to Acrobat Reader.