Apple isn't the best option though.

Technically the soc is excellent, can't deny that. Trouble is it's hobbled by the operating system. And ports.

the answer to that one is actually kind of obvious, IMHO where do put large number of gold bars that does not result in people asking a lot of questions?

Safety deposit boxes? - I guess if spread it around enough separate banks, you have some privacy accessing the box (usually) but you still are not the only one handling it, gold is very very put much of it a given box and it might raise questions. One nosy bank manager might become a real problem quickly.

Bury it in the woods? - That works unless someone finds it, how undisturbed can make the local landscape appear? Did anyone say a local sheriff, game warden, etc get curious about that pickup beside the road?

Even transport carries a lot of risk, - what if you get pulled over, and an over zealous officer decides to search the car? Sure legally you might be able to get the discovery excluded from evidence but you're not getting the gold back..

Given it someone else? - Who do you that both won't ask questions, is dishonest enough to help you do something they reasonably can guess isn't on the up and up, and also trusty worthy enough to not help themselves?

40 million in gold without some documentation as to why you have it is rather a problem. Even you hammered it into look alikes of 17th century Spanish coins and claimed you found it diving off the Florida keys, a whole lot of entities are going to show up asking questions and asserting it should be theirs, just look what Mel Fisher went thru!

1000X ^^THIS

I am not say we never as nation need to conduct clandestine operations, but having an entire clandestine service is fundamentally at odds with the concept of representative governance, day light, and democracy.

The CIA should not exist. It should be shuttered and actually operations running agents and gathering intel should be returned to the DOD, and even if for reasons of operational security a considerable amount of activity has to be done off the record, the people running those activities should be far enough down the chain of command that when gross failures occur and are discovered there can be accountability.

IE some General officer can say "you dun fuk'd up, you're demoted/fired bring your people in and shut down the operation" vs our current system of congressional hearings where everyone shouts at each other, the people in questions just lie and evade knowing full well any hard evidence of their obvious purgery went in the shred bin already.

I guess that is what gets most fraudsters in the end. Seems like the guy made a career out of false claims and progressively bolder lies. Probably started to believe he could away with anything.

This isn't just taking shortcuts though this wholesale negligence.

Once in a while you hear such and such President/CEO of ACME never really graduated from Some Small University. They lied to get past the HR gate got hired as manager or director of Widget production 15 years ago where they were not an officer not responsible for signature on public records etc, later got promoted and nobody went back and checked up on stuff.

This though, the claims this guy made were shall we say rather remarkable for such a short career, service in multiple military branches, a graduate degree, pilot, managing a lot of people, etc.. A bunch of things that should have said to anyone reading the resume, this sounds perhaps a little puffed up, maybe I should check on SOME of this stuff which should have produced a few easily obtained artifacts. Obviously zero effort was made to verify any of it. Clearly nobody did any DD here not the hiring manager, not OMB..

I can't say I have run down every line on every CV of everyone I have hired but I usually at least go, ok says he was such and such at XYZ corp, lets look their about-us page on wayback machine, ok there is a picture of him a title that is near enough...so that checks.. oh he is a licensed PI, ok I can check the states website for that.. Then you just consider the claims, like ok says he graduated in 2000 and in 2003 was president of XYZ corp, again you check out XYZ oh fine it looks like they have about 4 employees and rented office in suburban Cincinnati; whatever, on the other hand if it is a 4000+ people and they have a XYZ Parkway named after them, you pick the phone and check that out.

I'm even seeing tiny firmware moving to Rust.

An awful lot of firmware moved over to C++ yonks ago, too before Rust was on the cards. There have been a few hold outs where reasonable C++ compilers didn't exist, usually on platforms so small you really can write it in C or even ASM without that much penalty.

Last time I wrote C in anger was on some 8051 base bluetooth controller years ago. The compiler was IAR Embedded C/C++ 9 I think (2010 ish?). Eventually after trying to write C++ I kept bumping into so many missing things I gave up trying to figure out what passed for C++ in their minds an wrote C instead.

Still, no allocation, some basic logic and a few FIR filters. It was fine.

All of them? How do you know?

Answer non of that matters. Almost all of those laws do not apply to the president, other federal employees, and in some cases legislators yes but the president largely is except for law that would prohibit him from trading based on his knowledge of confidential information.

He IS obligated by his oath of office to act in the interests of the United States, but he can profit from that as far as the law goes mostly.

disagree that is precisely the same question as "the script at dfgjkdf.bit.ly would like to save a file, allow?" as far as the ordinary user is concerned. They have no idea if it is a good idea to allow that or not and at the moment can't take the steps to even try to figure that out.

No the SaaS/Ad guys are the ones that want that API. The whole thing is opaque to the user. That is f'ing terrible for you and me! I can't for example (easily anyway) find the data I created stored by that API to backup, use in some other application, etc. It is all opaque to me. Again as for as Joe Normie is concerned they still have complete control over that data in terms of lock in etc. They just don't have to pay to store it for him. Which brings us to how they are actually going to use it, they will use it cache a bunch of app assets while they continue to offsite any actual information to where they can mine it.

It is very typical of an American to pick the worst instance of anything they can find in order to prove they're better than the very worst thing you can find! Good for you!

Meanwhile you have roads that are more dangerous than anything in Western Europe. I look forward to your excuses as to why this is the case.

Do you claim to write no bugs?

or hear me out on this rather than wasting actually resources, the browser APIs could just add something like sleep(rand(250)) in the path of read() along the i/o thread.

for the same of breaking the side channel attack it probably does not need to even be a particularly good secure random implementation as long as the seeds are unique to browser process/session.

The entire web security model is broken.

Experienced web developers don't understand Same Origin Policy, Content Security Policy, and often even cookie scope completely. As you say no end user ever could without becoming at least a capable amateur web guy/gal themselves.

To use a car analogy:
Asking for permissions at this point would be like a Toyota Corolla popping up a dialog on the dash board "Would you like to advance timing by 1.5 degrees?" while the driver is cruising along I-70. The percentage of drivers who could think about the question intelligently is small, the number of them familiar enough the current state of that specific car in terms of tune, conditions, etc without doing additional analysis no practical while operating is even smaller.

The simple inescapable reality of the browser sandbox is waaaay to open. The problem is that is how the SaaS, Ad, CDN, Surveillance capital, guys want it! And low and behold one of the biggest players in all of these spaces are the ones that make the worlds most popular browser engine... Realistically there is no way the oridiary end user can have useful online experience and maintain any sort of operation security/privacy/etc on the modern web.

Either we accept it or we come up with some kind of replacement application delivery solution, that has a much much more restrictive sandbox model, that operates from default deny, and forces application designers to be extremely choosy about what resources outside their package they fetch/contact/open/write/etc to, a lot more like mobile packages. From an end user privacy/opsec standpoint the WWW-browser/agent is DEAD.

Bullshit, all the memory safety could be implemented with some set of factory and clean up functions that are always the 'owners'. All the bounds checking could be implemented with some macro version/replacements of C's control flow constructs.

There is literally nothing stopping you from doing everything RUST does in plain C, except for the fact it would result in a confusing syntax and nobody would want to work on your project.

Ditto you could certainly build just about all of C++ in C as well, in fact the first C++ compilers actually transpiled to C.

Remember is really is just a macro assembler, and a standard library. C can do anything precisely because it isn't much to begin with. That isn't a knock on Kernighan or Ritchie, I think C was brilliant engineering solution that allow precisely enough abstraction to make a portable systems language that was efficent for humans and still compact enough to compile on wide range of often very limited hardware of the time. However it is important to remember a key element of engineering is that engineers solve problems within a mixture of physical and declared constraints. When you change the constraints, the solution should at some point change as well. I love C, I am not saying C has outlived it usefulness or anything of the kind, but it might actually be the case that C isn't the right solution when it comes for kernel development targeting general use (as opposed to embedded or specially integrated) computer systems anymore. We are not trying to run entire universities on time sharing systems with less than 4MB or primary storage..

Unfortunately not.

All programmes write bugs, not all programmes believe they do.