As has been stated a million times before, the patch can be written such that it only works on the particular phone it was made for.

Pretty sure there's a built-in Python module to manage inmates' sentences.

Their code servers don't have to be accessible from the outside. Juniper has many employees, and hacking a single one of them is probably sufficient to sneak in a backdoor.

> 2 years to spot a backdoor?
I assume they have a fairly large codebase. Without the tip from Snowden, maybe they would never have discovered it at all?
It sounds pretty weird that they've discovered two completely separate and unrelated backdoors at the same time.

Third-party cookies can be disabled in firefox from the settings, it's just not done by default.

Your browser contains enough uniquely identifying information that you can be separated from all other visitors without
using cookies anyway. If websites are not allowed by law to track you, they probably won't. If you take away their third-party
cookies, they'll just use something else (see panopticlick or evercookie).

There is no such thing as "track cookies", which is why I said engineers should be part of the debate.
A unique identifier (session) stored in a cookie can be used to keep you logged in, to track you, or both. What they choose to do with
the cookie is decided on the server-side and not visible to you.

Unless you're suggesting disabling all cookies altogether, which would explain your posting as an anonymous coward.

Why not write these bills in collaboration with software engineers, who have a clue?

We don't want more ridiculous things like the mandatory "by visiting this site you agree with our website using cookies" messages.

I call bullshit

Even "provably secure" algorithms (which doesn't mean what you think is does) can have weak implementations.

Relying on closed-source (or open-source with non-repeatable builds) software for high cryptography needs is insufficient.

I assume OP uses it for TLS, SSH and VPN, like most of us do.

Even if they did, they could not use it for mass surveillance. Signing certs on-the-fly would be detected
by most browsers on most relevant websites (through HSTS).

Even for targeted attacks, they would have to have performed MITM forever (i.e. since the victim's OS was installed) to
get away with it.

I am skeptical to the idea tbh. For commonly used commands the effort of learning them is relatively small and the rewards are great (if I ever had to type "change the permissions such that" instead of "chmod" I would just give up and use GUI) .

I believe the tradeoff of CLI is between working more efficiently (by typing commands and not having to use your mouse too often to interrupt your flow)
and a steeper learning curve (learn commands and their params, config file locations and their syntax etc.).

This shell seems to provide a lot of features that most of the people are not interested in, or already use specialized tools for those tasks. It is unclear to me why would one prefer to use such a shell to execute SQL or modify the DOM of a webpage rather than spawn a full-featured querying tool, respectively Firebug.

Their syntax coloring looks pretty poor, and they seem to ask you to "double-click" whenever you want to do anything. I am currently using terminator + fish, which I can highly recommend. It makes me way more productive, has very interesting completion features and uses a really large number of colors to make things more easily distinguishable.

The fact that you can move things around is quite cool, but I don't see any significant advantages, although I've only watched the first ~6 mins of video. Can someone competent perhaps voice his opinion on what does this bring?

My bad, it's n^s instead of s^n. I don't know where the factorial is coming from in your analysis. Or how it magically disappeared
at the end of your comment.

You have a space of `m' accounts, `n' common passwords and `s' threshold.
The first step is to find a subset of `s' people who all have easy passwords. There is no better
way than to pick all such subsets, so that gives binom(m,s).
For such a subset, you have to try all assignments of passwords. You have s
people, each of which can have one of n passwords. That's s^n tries.
The total time is binom(m,s) * s^n * C, where C is the time it takes to test if your guess is correct.