Are you sure you're understanding the post correctly?

If I buy a REIT at $15 per share, and it appreciates to 20/share, I currently don't pay taxes on the capital gains unless I sell. He's saying I should pay tax on $5 per share, my profit, even if I didn't actually "realize" the gain by selling the shares.

If the REIT is still only worth 15/share at the end of the year (their prices really usually do not appreciate rapidly, since they pay out 90% of their earnings), then I don't pay any capital gains taxes, only the taxes on the dividend income.

He also suggests "only publicly traded stock would be marked to market," so your non-fungible shopping mall example would be excluded until the gains were realized. Even if it were somehow included, the tax would be based on the appreciation in value. If it's not worth more than you spent on it, then there is no capital gain.

A "wealth tax" is, for example, a property tax (which already exists in the US in many states). A wealth tax requires you to pay a percent of the total value of the property.

I'm not saying mark-to-market is without problems, or even that it's the right solution, but where exactly is the argument that it's a wealth tax?

I realize many feel this way, but this sentiment isn't well founded. Facebook is much more secure than your other user/pass auth mechanisms.

You're worried about facebook being a "skeleton key" of the internet. The fact is, if I could hack into your email account I could just go to almost every website you use and re-set your password. You would have little recourse even after you changed your email password. At least with facebook, if someone gets into your account you can verify your identity by identifying friends in pictures, among other mechanisms facebook has implemented, before having a new password sent to your primary email.... and if I think my facebook/google/openID/whatever password has somehow been compromised, I can re-set it in one (or a few) place(s) instead of 100 places. They've really done a very good job with this stuff.

The flaw described here wasn't a flaw in the implementation of Facebook Connect. What happened with Hulu is not any less likely to happen with a user/password implementation. They just mixed up the relationship between userID's and data in their own database (or something to that effect).

Regarding control of data, ... when you use Facebook Connect, the website has to request permission to any data of yours it wants to receive. For most blogs/forums/etc, it shouldn't need anything except "basic information" (name, gender, and unfortunately friend list but maybe you can make that private). If it asks for more hit "refuse" and choose one of the OpenID options. If you login with google's open ID they don't even get your name or google ID... they basically get no identifying information at all whatsoever.

You say you use a strong password for all websites, but where do you store all those passwords? In your browser, viewable by anyone who uses your computer for a few minutes, and which can't easily be shared with other computers (work/home) or onto your phone (my blackberry certainly doesn't)? Or do you store your passwords in lastpass, which has already once accidentally leaked its user data (sure the leaked data was encrypted, but it can be brute forced)? There really isn't an easy answer, and these openID/oauth mechanisms are both really nice and far more secure than existing u/p methods. I wish more websites would start offering them.

I made a simple webpage (pilotpad.com) to try out single-signon mechanisms. What I learned encouraged me that it really is more secure... but even close friends were afraid of what my site would do to them if they clicked that frightening "connect with facebook" button... in practice, sites that want to acquire users still need to support user/pass type auth for the time being, but I really hope this will change.

This could be about percent of new monthly recurring revenue... bringing in new business is worth the commission. "20% commission" doesn't necessarily mean "20% of all revenue."

umm.... that was *three* times. ugh. This article makes me sad. :-(

no... it wouldn't "look through" all 50 TB of data. Actually reading all 50 TB of data would make it take a long long time to see your inbox.

I don't know what their architecture is exactly, but they probably something like $mysql_host = 'sqlhosts' + ($friend_id MODULUS 1000);

Sure, 100 friends might be on 100 different servers. That doesn't mean they need to scan through every row checking to see if it's a friend of yours. It's the same thing as using indexes, but distributed.

as far as I know, the Japanese have way better phones. I thought they didn't like the iPhone?

They'd probably just keep their email on their "cool" phone, and get their friends to carry their "lame" iphone to class.