So the argument is someone steals my password, steals my money, gives it to a money mule... then I get my money back from the bank, and someone that doesn't cost me in the end? Even disregarding the fact that those costs are going to get passed on to me somehow... The inconvenience of having to deal with identity theft is not always minor (and there's probably collateral damage here as well).

My biggest beef with banking is that I don't, but should, have the ability to send money with end-to-end authorization, by way public key crypto. If, say, Amazon could verify that I authorized a purchase using my public key, then network security, and banking security, is irrelevant. Bitcoins have offered a very secure example of how this could work, assuming that you have good local security (your private keys are safe).

A nice solution I use for myself (home and work) is to use the ssh-agent distributed with GnuPG. I have an OpenPGP card (http://g10code.com/p-card.html) which holds my private key and cannot be retrieved. The card itself is PIN protected. I don't have to worry about my private key ever showing up in the filesystem or backups.

This works nicely with the -A option to ssh, which sets up a control channel back to the authentication agent on my desktop. I can ssh to server A, then ssh from A to B using my local smart card. If I'm ssh'd to server A and need to leave my desk, I can unplug the card and immediately break the authentication chain.

If I were setting up an SSH scheme in a large organization, this would be my first line of defense.

Linux/*BSD servers offer some rather flexible alternatives to these:

AD: OpenLDAP + Heimdal
DNS/DHCP: ISC Bind + ISC DHCP (with ddns)
GPO: OpenLDAP, PAM, RADIUS + your preferred hacks
Exchange: A capable IMAP server (i.e. Cyrus or Dovecot) + ICal server (Cyrus plus patches)
SQL/IIS: The usual suspects

It's easy to get into the mindset that a proprietary Ecosystem is hard to replace. If you take away the implied requirement that Microsoft has to exist on the Desktop (but but... it doesn't support Outlook Calendaring), the pieces start to fall into place.

In all cases, the open alternatives offer a more flexible solution, and in most cases, a far more efficient one.

Whatever flexibility you get from a graphical interface (Server Manager) is going to get trumped by a well honed script.

You have publicly advocated for teaching evolution as fact, rather than theory.

In an imprecise world, scientific theory serves a purpose of assigning better understood, and predictable, behavior to large systems, like evolution and the theory of relativity. Most don't dispute the theory of relativity because it is testable. Due to its very nature, the theory of evolution is difficult to use as a yardstick to predict what happens when, say, you put a petri dish of living organisms in a dark room over night.

Shouldn't it be more important to teach the scientific method, and the understanding of what scientific theory is, than to teach that scientific theories are important only when they are taught as fact?

At work, we use gpg to encrypt our password file for specific recipients, and place that file in a dropbox share. On occasion, we'll generate a snippet of the file and encrypt it for a specific user (junior admin) and place it in the same location.

Arbitrary complexity is often contrary to trustable security. If you really trust your encryption scheme, then it shouldn't matter where you store it (windows share).

I rather doubt that. I have all of my important equipment protected by surge protectors, including the phone line which enters my house and plugs into my DSL modem. I've gotten hit via lightening over the phone line before. But if you want to trust the "I'll unplug everything when I hear lightning" approach to test your theory, be my guest.