At least in Europe cards are not stored by retailers - card tokens are. And tokens can only be used by same retailer - they will not work it different merchant ID. It is actually so secure that tokens are considered non-sensitive. I've emailed a spreadsheet full of them to payment provider once.
Also majority of retailers use hosted payment pages - they redirect you to payment provided page or use iframe and they cannot even see your card info. They only get back bunch of codes and token (if requested and part of contract). Any follow up payments can be done using token.
Nobody wants to touch card info - too much hassle for no realistic gain. There are some that used to due to legacy reasons, but are moving off it. I helped design migration like this for one of them.

Physical payments are other issue. There are practical attacks - most common are skimmers installed on/in cash machines. Damn common - i've seen few of them just around my place in London. Thus I never use street facing cash points - always ones inside shops or banks.
There are also replay attacks for contactless ones. The only thing to protect yourself is to keep your card in metal wallet. Or just use your phone - it doesn't transmit until screen is on - thus makes it much harder to skim.
There is also PSD2 that is slowly coming in EU (and UK). That pushes security up - for example requiring strong customer verification (PIN or biometric) every 5th transaction.

That is correct. In UK one of the big charities (30-odd hospitals, 100+ gyms), Nuffield Health is offering long covid rehab as clinicians actually recognise it as a problem. Few thousands of people went through it - and that is just this one charity.
Also PACS is an aweful name - it is also used in medicine for picture archiving and Comms systems - where you store x-ray, MRI and so images. Google will go mental with it as both will point to same websites...

To be honest, I've seen this rubbish at UK IT consulting companies a lot. Hiring people for a project, with a very specific skill set, knowing that they will let them go afterwards. It was cheaper than getting a contractor, even including 1 month resignation period.
Or getting some kids fresh off uni to fill the seats on a project and 3-6 months later when their probation period comes to an end letting them go as bad fit. Not because they were bad, just because it was cheaper to let them go and hire somebody else in few months than keeping them on a bench.

Or you can install Firefox mobile with Adblock and Noscript and just add shortcut to desktop? As a bonus - if you switch to "Desktop view" you can even read messages without Facebook Messenger. So far I found 1 website that does not work with this combo - NewsThump...

So you're saying that homeopathy is like.. Tinkerbell?

The original post from Kapersky doensn't make the unhackable claim.

Then again, it doesn't miss the mark by much...

The risk isn't just about your data. If a device is roped into a botnet, at the time it's supposed to be delivering a carefully calibrated and timed dosage it's instead DOSing some system for all that it's worth. These devices are surely never tested under "extreme load" scenarios because they're not intended to be used that way.

It kind of is, actually - since that's the entirety of what their application does.

Because, for example, you hear the song on the radio. Or it's playing during a commercial on TV. Or in any of various other situations where the audio is originating from a place that the device isn't connected to.

While I wasn't at ChefConf this year, I know several people who attended this discussion. By selective quoting, the 'reporter' has completely misrepresented the statement.

The contextually mangled quote used in the article: "“t’s definitely possible,” Russinovich says. “It’s a new Microsoft.”

THe actual quote as far as I can determine: "You never know, it's definitely possible. Crazy stuff happens."

No OSS was harmed in the making of this post.

How much of this is really from his mind, vs just being paid sufficient sums to allow his name to be stamped on it?

So you're suggesting what, a minimum dollar amount of charity before such a thing can be considered worthwhile? Anything less than 10% and you might as well not bother?

I never get tired of this game, and I still go through month long stretches of time where wheneve rI have spare time, I start playing it.

Lately I've discovered nethack 4 - it's an unofficially blessed fork of nethack and some fo the same core developers are contributing to it. The game mechanics and strategies are the same, but the user interface (still all character based by default) is a lot nicer. It also is a complete architectural change to a client-server model - and one fo the benefits of that is that save files have gotten a lot more robust & streamlined.

I'm not sure that I'd call permadeath 'controvertial'. It's a turn-off for a large portion of the gaming population, so they won't play that style of game. No controversy, though...