Sure, in the same way that the literacy test for voting applied to everyone.

Our internal training has shifted entirely to passphrases, to the point that we had to write our own internal training video because every training video we looked at talked about traditional ways of creating a complex password. We found that when people were encouraged to come up with a sentence, they usually came up with something in the range of 25-35 characters, well past the minimums.

Microsoft seems to be doing these kinds of migrations lately.

I think their old ways of poorly documenting things even internally came back to bite them. I've seen some things written by people who were at one time Microsoft devs working on Windows 7, 8, and 10, who said that a lot of removed functionality came because trying to figure out what the old code was supposed to be doing was nigh impossible, and figuring it out sometimes just didn't fit the schedules or budgets. If a feature didn't seem to be widely used as a percentage of the userbase, then it often got dropped.

Maybe some rewrites are being taken too far, but anyone who has dealt with code that goes back potentially more than 30 years is almost certainly going to find some really bad and/or confusing implementations.

NIST SP 800-63 has formalized this. Specifically, look up Section 3.1.1.2 in SP 800-63B-4, released just this year. Minimum length 15, max length at least 64, but no other requirements, including complexity or regular rotation. Unicode is supposed to be accepted, normalized against a standard process (that one I don't remember, but it's documented), with one code point counting as one character. Filtering for known bad passwords or patterns is strongly encouraged.

I pushed through an implementation at our company last year, explaining why, showing the NIST draft. A bunch of people protested because it was different, but the CIO told them to live with it because their entire argument was "but we've done it this way for 30 years!" Some critical vendors complained when we started pushing them to comply (or at least implement SAML), but we only have a couple of vendors not complying now, and they should be compliant soon. Users are largely happy with the change, and they complain a lot less when we see suspicious activity and force a rotation.

A foolish way to die, but that exposed end of the concrete barrier is unforgivable.

Slashdot is one of the very few sites that I choose to allow ads. That's about to change.

I thought the first movie was essentially Pocahontas with blue people. I haven't seen the others.

Rails doesn't scale.

I have a combination of prescriptions that mean that I can't use contact lenses. I see quite a lot of people wearing glasses, and Zenni, Warby Parker, and the other online companies have said they sell a decent number of frames with plano lenses (meaning no prescription), presumably for people who want the look.

Eventually, you won't be able to tell. Someone will come in wearing glasses, and the tech is going to be too small and streamlined. There are also companies working on embedding augmented reality capabilities in contact lenses fed by tiny cameras placed just out of the field of vision. You'd be able to see them only in very specific circumstances. Power feed is a primary challenge right now, but it's probably not an unsolvable problem.

Just looking at the technical side, the cost to the end-user of streaming that much data would be exorbitant. Compressed video or even once-per-second snapshots would eat up all the mobile data, and the battery life would be measured in single digit hours.

No one else is going to risk making a part that one of the big defense contractors has under copyright with an exclusivity lock even if the US government says they can. The smaller ones just can't afford the effects of a lawsuit or the risk of treble damages if they do. That's why forcing a right to repair into the contracts is so important.

For a long time slashdot was blocking them for me, as some sort of legacy reward. That stopped, but the ads have been unobtrusive so I left it unblocked. Last week I started seeing an ad that stayed on the screen when scrolling. I was about to start blocking, but that ad has disappeared. So for now this is one of the few sites I don't block.

I guess this is it. I wasn't able to force myself to listen to the whole thing, but then I'm an old fogey.

https://ancillary-proxy.atarimworker.io?url=https%3A%2F%2Fwww.youtube.com%2Fwatch%3F...

It's mostly a contracting issue. Sometimes, if a customer wants full rights to all documentation and design details (or source code or whatever), they have to pay more. If they want exclusive full rights, they have to pay even more. This can be beneficial for some things, not so good for others. If you want to customize your ERP system (SAP or something like that), you'll generally bring in an outside company to do it. You could demand all the source code for everything they did and pay more for it, but if you don't have the necessary expertise on tap to make use of it, it's just throwing money out the window.

The taxpayers paid for the goods along with their research and development.

Not always. Companies do undertake their own research on their own dime, hoping to later sell it to government or other contractors. To take a simple example, a government that purchases a Cessna Citation jet for travel purposes is mostly buying off the shelf. They may customize it with their own communications gear, but they didn't pay for the R&D that went into it. Textron (owner of Cessna and part of RTX) paid for that and is making it up over time with sales of the jet.

A more complicated example is Anduril, which started developing families of weapons on its own and then started getting contracts to further the development process. How much of that should the government own, or at least get access to, if they didn't pay for it?

I agree that the government should be able to fix its own things through contractors of its choosing, and it should get access to all necessary design data. But it's still a contracting issue.