If you're using Google Fonts for font hosting then you don't link the fonts directly; you link a CSS file on the Google servers that in turn links the font files. And they already serve different CSS files based on your user agent. Thus, from my understanding, for any site using Google Fonts this can be enabled transparently for supporting browsers without the site developer even knowing about it.

If you're going to add a backdoor why not have one that just unlocks the phone without having to involve its original owner. That is, a backdoor that can be used without creating a witness who now knows about it!

There's a "Cast..." item wasting space in my context menu but I don't own a Chromecast.

ScreenOS uses Dual EC in a strange, non-standard way. Rather than generating all of their random numbers with Dual EC (which would be slow), they only use Dual EC to generate a seed for a fast 3DES-based generator called ANSI X9.17. Since that generator is actually FIPS-140 approved and generally believed to be sufficient to the purpose, it's not clear what value Dual EC is really adding to the system in the first place -- except, of course, its usefulness as a potential backdoor.

The good news here is that the post-processing by ANSI X9.17 should kill the Dual EC backdoor, since the attack relies on the attacker seeing raw output from Dual EC. The ANSI generator appears to completely obfuscate this output, thus rendering Dual EC "safe". This is indeed the argument Juniper made in 2013 when it decided to leave the Dual EC code in ScreenOS.

http://blog.cryptographyengine...

Perhaps this? https://ancillary-proxy.atarimworker.io?url=https%3A%2F%2Fwiki.mozilla.org%2FTelem...

I'm not asking why we have regulation. I'm asking why the Londoners have regulation that requires taxi drivers to memorize the entire city map.

I'm not defending Uber, but what, as a passenger, do I gain by having the wetware in the taxi driver's head do the path-finding instead of the software on his computer? Even if the software is inferior right now it will continue to improve, unlike humans, and if the Uber driver takes longer to get me to where I want to go then I will continue to use his wetware competitors.

That's nice and all, but nothing of what you said explains why it's a problem that Slashdot doesn't give you a numeric score describing how controversial a post is.

Most likely referring to this bug or one of its duplicates: https://ancillary-proxy.atarimworker.io?url=https%3A%2F%2Fbugzilla.mozilla.org%2Fs...

Has Apple ever removed a major competitor's app from the store? After it was approved?

Software updates sometimes change the internal format of its database. What makes you think that a company that produces a buggy new version is capable of creating bug-free code to backport the upgraded data to the old format?

He disagrees about which subjects are valuable. I don't see any hypocrisy in that, just a difference of opinions.

Hire competent programmers or hire cheap programmers and install a database firewall instead. Some companies are going to opt for the cheap programmers.

Other than that, I guess you could use the database firewall if you have an old legacy system of questionable quality.

You're right, but there's no need to open the box if you're buying it only to prove a point by returning it. The retailer still suffers administrative overhead from having to deal with you.

The battery on my MBP is built-in. I'd expect most other brands to allow you to replace the battery without resorting to screwdrivers.