https://www.google.co.uk/search?tbm=isch&q=calvin+and+hobbes+surest+sign+of+intelligent+life

When I were a lad, we used to dream of having 2.5K of Ram. Would have been like having a hard disk to us.

True, but to the extent that 'Windows' is generic, other OSes do freely use the term.

1) Write a simple cost-benefit calculation.
Estimate the cost of your test suite and estimate the cost of your current bug-fixing. Business folks aren't mugs when it comes to profit and loss calculations.
2) Don't pre-judge the outcome.
You _may_ be wrong. You may find that the cost of building the test suite is more than the cost of the bug fixing
3) Guesstimate the cost of business reputation and lost sales caused by customers finding bugs.
Ask someone in sales to help you with this. (No, don't believe Scott Adam's view of marketing people. They may not be engineers but they know the value of a lost customer).
4) Briefly justify all your guesstimates
You're don't know any of the numbers really but you can outline the reasoning they are based on and let the owner replace your reasoning & estimates with his own.
5) Let him convince himself.
the owner may have some hard-to-express reason why he doesn't buy it, and that reason my be simple short term cashflow. If so, redo your calc taking his point on board (e.g. do a 1-month profit/loss not a 1 year) and pass it back. You're responsible for doing the best you can, he's responsible for making sure there's money to pay salaries.

But at the end of the day, don't complain at someone who's paying you to fix bugs in a sluggish economy. At least he's keeping you in work for the year.

the key statement in TFL is it 'makes security reasoning explicit and direct'. It addresses the software architecture problem that you mostly cannot reason confidently about the security of an application -- you cannot be confident that even a team of infallible programmers could produce a secure system because there is no way to exactly explain the right rules that would result in a secure system.

In this respect, application software architecture mostly lags behind network, OS and DB security architecture, where authentication and access control work in a way that allows for reasoning about the security, i.e. you can assert 'if this authentication and access control is implemented correctly then these resources will be secure, except from bugs in a lower layer of the architecture.'

Example: when you create user accounts on a *Nix or windows machine, you do not have to inspect all the applications on the system to confirm that none of them let user X access user Y's home directory. You can reason that the O/S's access control stops applications from doing that unless certain conditions are satisfied (eg user X is listed in the sudoers file).

This what you _can't_ do with most application software. An example : data driven applications which store data for thousands or millions of users will typically not create thousands or millions of DB logins each with controlled access. Instead, the application will use a single login for all users and rely on logic embedded in - and scattered throughout - the application code to stop user X seeing user Y's data. To verify "X cannot see Ys data" requires all the application data retrieval code to be inspected. All maintenance of this code risks introducing a leak.

This project appears to offer to close that gap in application security architecture. It's progress. Yes there are frameworks out there that address application level security, but having it embedded in the language is the right approach.

Whilst your statement may be true, it is not a refutation. Scientists do continue to use science to describe and understand the universe, and atheist scientists continue to try to use science to suggest the nonexistence of an omnipotent being.

Oh, and could you point us to the technical papers where "the omnipotent being theory" is examined? Thanks.

When a scientist reaches for the word "inevitable" - and Hawking is not at all the first major scientist to do this - you have to ask, what place does empirical data have in this theoretical framework. "Inevitability" is not an empirical quality.

"the Big Bang was inevitable due to the law of gravity" (as the article puts it) is not an empirical statement. It's not science.

No -- what we also know is that all life ever examined on earth shares the identical 'genetic code' and decoding machinery i.e. uses the same base pair "letters", the same "dictionary" to translation "letter" sequences into amino acids, the same plan of DNA being a double helix which is split and transcribed by complex moving parts that build proteins by 'reading' that DNA So a typical argument for "life only evolved once" is: 1) All life on earth shares this identical code and transcription-and-assembly machinery 2) This is either (a) a remarkable co-incidence (b) proof of intelligent design (c) because all life on earth is in fact related by genetic descent from one common ancestor that had it or (d) there is some as-yet-undiscovered Reason for it. The usual preferred option is (c)