Do they have any without LED headlights? I'd like to buy one but I don't want to be an asshole.

The last common ancestor of Triceratops horridus, Passer domesticus, Diplodocus carnegii, and all of its descendants.

It means someone went to public school.

Nuremberg defense.

But *I* didn't kill my wife, the guy I paid to did!

I'm not sure he is talking about what I think he is talking about with untrusted certs. Self signed certs are MORE secure as long as the party at both ends understands the process. You simply cannot have a true secret when there is a 3rd party. Certificate authorities are only there to make the process acceptably easy for those who don't know what is going on.

You don't give your certificate to a third party by getting a signed certificate. You generate a signing request, which contains a check sum of your certificate and the details of the certificate. Then your upstream CA signs this signing request.

The private part of the certificate never leaves your computer. Clearly you do not have the faintest idea how the SSL protocol works

You are not understanding the issue.

The key is protected by a code, that is 4-5 digits long. After ten tries, the iPhone destroys the key or enables a timer, meaning you have to wait before next try. What FBI is asking is that Apple make a custom iOS that does not ask you to wait, or destroy the key. And inputting all combinations of four digit codes is doable. If you use five seconds per code, plus a second for checking, that's 60000 seconds for all codes - or 30000 seconds for half (which, on average, will do the trick). That's a bit over 8 hours for half, or 17 hours for all. It's not gonna be a fun job, but it is totally doable. As long as they have a custom iOS that doesn't ask them to wait for an hour after multiple failed attempts, or simply destroys the key.

We're upset because you're peddling snakeoil. Here is an excercept generating the hardware ID:
If Dir("gethwi.bat") "" Then Kill "gethwi.bat"
Open "gethwi.bat" For Append As #1
Print #1, "w32tm /stripchart /computer:us.pool.ntp.org /dataonly /samples:5 >gtime.dat"
Print #1, "systeminfo >gsys.dat"
Print #1, "getmac >gmac.dat"
Print #1, "exit"
Close #1
Shell "gethwi.bat", vbHide

You use this information to generate an ID. But you don't even hash it with a one way hash, which means it's possible to forge a reply to give an desired result. A good one way hash would at least make that impossible. It is also not scaling very well - you will need a lot of support for pissed customers who changed parts of their computer or changed timezone.

Furthermore, you do no authentication of the answer from the server. Anyone can send the response, and be accepted. You do not have any security. It would be trivial either remove your DRM by jumping over it, or supplying the very wrong values. A race condition would also work - overwriting the gsys.dat, gtime.dat, gmac.dat before your program reads it. Or simply replacing the code snippet above with a batch file which state echo "Desired values..." > gsys.dat.

So take an evening, think about how you can bypass your system. Try my suggestions. Fire up an debugger, and have a look at the software.

Yeah, nearly. I didn't say it was FULLY crackproof, but you have to know what you're doing in order to bypass it. Which is why server authentication is BUILT IN. So, unless you've got a direct proof-of-concept exploit, such as faking burned in MAC address codes, along with simple bios info (which amazingly, can be brought up via windows commandline), I would make the educated guess that you're upset in regards to me further maintaining already solid code which someone else can build on.

Or what happends if the software is modified, with a neat little jump instruction where it wants to run the verification? Or what if you just write an API wrapper that gives the desired input?

NSA is buying security holes to use against us. This is part of what Snowden revealed with the leaks.

Offering a bounty, even though it is not as much as the security problem could fetch on the grey market, creates a certain loyalty towards the vendor, and makes it easier to go to them, and ensure the hole gets patched. It also attracts more eyeballs to your software, as finding a problem means money. Google has gone even further - by offering grants for research into specific products, where you get money for checking security of the software, not just finding security prolems.

So I believe it is a good thing; it probably means more holes will be reported directly to the vendor, and not sold for exploit. It probably attracts eyeballs as well...

Except that Cloudprint sends the printjob to google, which then sends it to the printer. It means that both the printer and computer needs internet connectivity, not merely network connection.

It's because the working class organizations (consumer organisations, trade unions) are so strong in most parts of the EU and especially Norway, they have gained a lot of rights and limitations to the powers of capital.

Indeed. We have fought for our rights, and we've won them over time. And we've made a soceity where fear is not a driving power.

Just looking at things like the recent uprise in USA about police shootings is shocking in most of Europe. Here, police does normally not shoot people. In Norway, it's literaly years between when the police shoots and kills someone. In most of Europe it's major news when it happens. In a country like Germany, with 80 million people, it happens 3-4 times a year.

I would claim that Europe is freer than America. Granted, we can't carry guns where we want, but the risk of crime is lower, and the living standard is on average higher.

I agree with the concepts your are talking about, but I cannot imagine an IT shop failing to check the background of a system administrator who will be working with banking systems, for example. Think about the fallout if Deutsche Bank hired a database administrator with prior convictions for banking fraud, only to see that employee steal 100 million from the bank.

Of course it's checked for some positions, and finance is one of those. But in general, it's not legal to ask about it. If you apply as a programmer the employer can generally not even ask.

I'm going to bet that criminal convictions are pretty important in the relevant areas, even in Europe. They probably do a better job of discriminating which information is relevant and which positions are sensitive.

In general no. For the jobs I've applied to (electrical engineering for some pretty big companies) it's not been asked about. They have no right to ask, and no right to know. On defence projects the individuals participating has had background checks by the intelligence service, but failing that would not mean losing job - only not being allowed to work on defense projects.

In Europe they might not have to ask before running a criminal background check. And lying on the application might not make a difference when it comes time to terminate an employee.

In most European countries the employee have to sign and/or submit the application for a background check. The result will be sent straight to the employer, but the application has to be filed by the employee.

In Norway, I can not even get a written copy of my record unless I provide a valid reason. I can get it read out to me, but not in writing. That is to stop companies from asking without reason. The reason is printed on the record, and misuse is illegal. So if I get one for a visa application, and my employer uses that for anything but visa application, they look at civil liability for the information misuse, and criminal liability for the failure of threating information in the proper way.

Now, while this sucks for the felon trying to land a job, it also sucks for the company, and lets face it, the recidivism rate among past felons is generally pretty high. Why should a company want to risk it's own livelihood or existence just to give you a second chance?

I think there's a circular logic somewhere there. If you don't have a job, I guess you have a lower threshold for crime. If you have a job, and everything to loose, I guess crime is not so tepmting.

In most of Europe, criminal convictions is simply irrelevant to jobs. Some jobs require your record, but mostly not the full - only a limited record. For instance, if you work with kids, you need a record clean of child abuse and sexual assaults. But for a general job in IT? Noone would even ask about your record. I have not been asked ever - except for a visa application to the USA.

I believe the European system is better at integrating convicts back into soceity, stopping them from committing more crime.