You shouldn't have to trust your upstream routers. Instead you should assume they're compromised and use end-to-end encryption. HTTPS and SSH, for example, specifically protect against active attackers such as malicious routers.

Those guys are doing it wrong. First, automatically assigning 2 IP addresses per VPS, no questions asked, is extremely wasteful, is part of the problem, and is actually in violation of ARIN rules which state that there must be valid justification for every IP address issued. At least they're going down to just one address by default. Linode, in stark contrast, only issues one IPv4 address by default and really puts you through the ringer if you want more. AFAIK they'll only give you extras if you're running HTTPS vhosts with distinct certificates (and they check too!).

Second, while I commend them on offering IPv6, they only give you 3 addresses??? IPv6 has been designed to support large allocations of addresses to end-users. Comcast currently routes a /64 to each customer (1 subnet, or 2^64 addresses), and many hosting companies also route /64's or larger to each server. Heck, Hurricane Electric's free IPv6 tunnel service will route you a whole /48 (65536 subnets, or 2^80 addresses).

It's single-stakeholder in the sense that it's an entirely political body, comprised of governments whose interests probably include tighter control of the Internet. I doubt they'd be any less tyrannical than the US with copyright enforcement, but they'd probably be more tyrannical with unpopular speech such as blasphemy, which is currently quite well protected by the 1st Amendment.

I'd rather see the Internet overseen by a neutral, international, non-profit, non-governmental organization headquartered in Switzerland, similar to the International Red Cross. I think such an organization could live up to those ideals.

That far outweighs the miniscule extra sales they'd get from the few people who'd actually care.

It's not about the sales to the few people who would flash their phones. However, it's those few people who will innovate and experiment and improve the platform, leading to many more sales down the road to ordinary consumers. We've already got three mobile platforms where the only innovation possible by outside developers is just to develop new apps within the constraints of the platform. A truly "new" phone would allow developers to innovate everywhere

They say they're trying to make something different from iPhone/Android/Windows, but this is disappointingly old and uninnovative thinking:

"The phone will be a smartphone for mass market. It will not be a tech phone intended for Linux hackers. Consumers are not able to hack the kernel or flash new software for the device."

They're right to be going straight for mass market (unlike OpenMoko), but why are they considering these mutually exclusive? What's wrong with letting people flash the device if they want to? The best way to get a new and innovative phone would be to make it truly open.

This is getting out hand.

First, X network transparency is not used just by sysadmins. At my university it's used every day by students who ssh into lab computers and run X software. They're not sysadmins. Many aren't even power users. They just know that if they ssh from their laptops (be it Mac OS X or Windows with an X server installed), they can simply run an app and it works. They don't care if it's slightly more smoothy drawn; they just want to get their work done. This guy's girlfriend (who doesn't even know what X is) X forwards Thunderbird from her desktop to her laptop. One of the libraries in the Australian Museum in Sydney has (or had, I haven't been there in a while) a row of thin clients which X forward web browsers from a server in some back room. These are real world examples of non-sysadmins using X forwarding.

But I don't really care if it's sysadmins or non-sysadmins using this. The fact is, the people behind Wayland are removing functionality from a very core part of a Linux system, largely so they can provide slightly prettier graphics. This is not a tradeoff that should be made for any feature, whether it's used by sysadmins, or scientists, or writers, or artists.

And it's not true that X will always be there. X is being kept around solely to help the transition. What do all these people do once apps start becoming Wayland-only?

I don't think running a VNC server bound to 127.0.0.1 with port forwarded through a ssh tunnel (ssh -L5900:localhost:5900) is much more complicated neither insecure.

Is this a joke? Here are some of the missing steps in the VNC "solution":

• Starting the VNC server, with all the right arguments, on the remote end
• Making sure applications on the remote end will display on the VNC server (e.g. setting your DISPLAY variable)
• Starting the VNC client on the local end, with all the right arguments
• Determining what port number to use - if there's another VNC server running already on 5900 (on either end) you would conflict - this would definitely happen in practice if you have ssh sessions to several systems open at once
• Securing the VNC server against unauthorized access if there are other users on either the remote or the local end

One of the features that always distinguished X from other display systems like Mac and Windows has been network transparency. You can ssh to another Linux system, start an X application, and that X application will appear on the system you ssh'd from. This is immensely useful and evidence of a well-thought-out design, but it's an afterthought to Wayland. They say they might be able to render to a VNC server, but VNC works like crap and is full-desktop forwarding rather than individual window forwarding.

It's extremely ironic that when X was created in the 80s they recognized the importance of distributed systems and network transparency, but now it's 2012, the Internet and the cloud is king, yet network transparency isn't a core feature.

All this because you can't cross-fade when switching VTs in X or have a "rotating cube" animation (see "Is wayland replacing the X server").

Seriously. Who don't more people ask this? Check out the Wikipedia article Terrorism in Australia and notice not only the shortness of the article, but also the distinct lack of aviation attacks. It will only take one death from cancer caused by these body scanners and they will have caused more aviation deaths in Australia than terrorists.

This is very disappointing, especially after the EU passed strict body scanner regulations, which both banned X-ray scanners and required passengers be allowed to opt-out of non-X-ray scanners. Germany scrapped all body scanners, not just because of the health concerns, but because they actually don't work . I know someone who accidentally took his pocket knife through security and the body scanner didn't detect it. These things aren't making anyone safer: between the decreased effectiveness and the cancer risk, they're actually making flying more dangerous.

1. A deeply intellectual corporate cultural, with 70% of its workforce having PhDs (I don't know if this is still true.) This includes the "20%" concept, whereby all Google staff is given free-reign to research what interests them 1 day out of 5. Google, to me, recalls the days of business-as-research-endeavor, the era of Xerox Parc and Bell Labs and the intellectual energy they represented.

You mean the Bell Labs which allowed their staff to do whatever interested them five days out of five? Sorry, there's no comparison. Google is business-to-make-money, not business-as-research.

A few mailboxes (20 out of 200) had the wrong mail migrated into them. We don't even know the source of this problem yet, but the university could very well have TOLD Google to put sally.smith's e-mail into sally.jones' new mail box.

This isn't a google apps security problem. Please RTFA and get off your high horse.

No, why don't you RTFA and get off your high horse. According to an article linked from TFA, Google acknowledged the problem was on their end, and an earlier comment from a Brown sysadmin indicates that Google upgraded their migration tool right before this happened. It may have "only" been 20 out of 200 accounts, but the problem is squarely Google's fault; stop blaming the Brown sysadmins.

My impression is that this incident is a fuckup at the customer end of things

No, according to this article, "The problem was on Google's end. They acknowledged a bug," and according to this comment, Google had upgraded their IMAP migration tool right before this happened.

Sounds like a case of insufficient testing on Google's part before rolling out the new version of their tool.