Sorry, but accepting Flash is potentially devastating to me
Ars Technica Why Ad Blocking is devastating to the sites you love:
If you read a site and care about its well being, then you should not block ads or you subscribe to sites like Ars that offer ads-free versions of the site. If a site has advertising you dont agree with, dont go there. I think it is far better to vote with page views than to show up and consume resources without giving anything in return.
Let's be clear here: I don't run an ad blocker. I do run a Flash blocker, because Flash is unstable and insecure. And no, I will not white-list you to let you load Flash automatically.
And before you ask, you can't have my root password either.
I also don't keep a list of sites I'm not welcomed at. For the half dozen times a year I read a story on Ars (at most), I'm not going to feel guilty either.
Look, in the comments you have admitted you don't control the content of the Flash:
We don't allow ads with non-user initiated sound. So unless you interact with the ad you shouldn't hear a thing. If you ever do then let us know so we can fix it/nuke it.
If ads make sound uninvited, tell you?!? Are you serious? What if they use some new Flash exploit to root around and steal my private key, or otherwise execute arbitrary code on my computer?
Should I tell you then, too?
The first step to getting on my white list is to write your own Flash, not just serve someone else's. Taking people's security that cavalierly probably should be criminal.
You can't just say "Oh, that's on Adobe." By now you know what an insecure mess Flash is.
If you serve me HTML ads, I'll be happy to view them. I'm not sure if you've heard, but it turns out that you can do a lot of cool things with HTML.
Also I just checked, and Javascript can (indirectly) detect my Flash blocker. There's no reason you should try to blame users like me rather than take the responsibility on yourself. The difference between my Mac and an iPhone is that you're able to detect the latter without much effort, but the former would take a little more effort on your part.
Look, I'm sorry I cost you a fraction of a penny. But the potential pain for me in choosing to run Flash is far, far greater. And if you really cared about your users, you'd know that and have moved on from Flash already. Don't try to lay a guilt trip on me!
I'll see you in six months. Not intentionally, that'll just be the next time I have reason to visit Ars. Maybe you'll have this sorted out by then.
Of course, we know this. But it's still a bit shocking to me to see something like this.
John Terry, the apparent creator, hard coded his username and password to his gmail account in source code. All right, not the smartest thing in the world to do, but then I noticed that every time a user adds their account to the program to back up their data, it sends and email with their username and password to his personal email box!
Apple claims fix to Time Machine security bug
Apple claims to have fixed the issue where applications could run automatically out of a Time Machine backup. Look for CVE-2008-0038 in Apple's About the security content of Mac OS X 10.5.2 and Security Update 2008-001 .
Thanks to Apple for mentioning me. I certainly would have reported the bug regardless, but it's a nice bonus.
The only thing I wish had happened differently was an earlier acknowledgement from Apple that they realized what I was describing and agreed it was a security problem. I didn't find out Apple considered it a problem until January 22nd, when they asked how I'd like to be credited for discovery. Most of that time I wondered if I should file more details in an attempt to convince them it really was a problem.
Note: I'm saying "claims" only because I haven't installed the update and verified the fix yet. I have no reason to disbelieve Apple. 
iPhone Dev Center forces "challenge-response" system
The new iPhone Dev Center forces a challenge response system. This is a problem at the best of times, but it's especially bad when the available questions are so lame.
What is the name of your hometown?
Google will give you this.
What did you study in college?
Google will give you this. Or you could just guess. It isn't really a mystery.1
What was your first job?
Google will give you this.
Favorite pet's name?
You can't find this on Google, but you could ask any of my friends.
Name of oldest sibling?
Google will give you this.
I'd rather lose access to an account forever than have someone else get into it. This kind of system needs to remain optional. So whatever's in the iPhone Dev Center? I won't see it. The only impact on me that the reorganization had was locking me out.
- Hint: A lot of other software developers probably studied the same thing. [↩]