>but rather low ranking analysts whose job at the conferences are to assess the material presented and report back

So? I work for a private company. I 'report back' on the cool shit I saw, let people know what was around, what was popular, etc. It's a learning experience. Saying they 'report back' is useless. If you go to a con and don't talk with other people about the stuff you saw there it's almost wasteful.

I think I know what you meant though - they go and see what all the 'underground hackers' are up to.

Handling them in the browser is a good idea, but still needs a lot of work to make it workable:

- What happens when their computer crashes?

- How do they transfer these certificates to other devices (multiple computers, phones, tablets, etc)?

- How do they keep them in sync across multiple devices if they need to regenerate the certificate?

- Certificates would be super easy to steal once you get access to a device (arguably easier to steal than installing a keylogger to get passwords)

The only way I can see it working for most users is through a third-party management solution (Google, iCloud, whatever).

> If there really is a problem, it may be worthwhile to move it to an "advanced settings" panel, but removing it entirely is a terrible idea.

Is this not the equivalent of 'about:config'? In reality it is the advanced settings panel, just without the pretty dialog to go with it.

But about:config voids my warranty.

Then ask for a refund.

> break the laws of thermodynamics as we know it

Not a giant leap to imagine for a species that's been able to construct a Dyson Sphere in the first place ;)

> This destroys a non-technical user's grasp of the differences between static HTML and programatically manipulated HTML. It hides the setting amidst hundreds of other obscure settings, and does not emphasize the extremely powerful tool that JavaScript is, and the fact that it is optional.

Most 'non-technical users' don't have a clue about HTML, Javascipt, static features, etc. To them the internet consists of Facebook, Google and Youtube.

Arguably users who want to disable Javascript could be classified as 'technical', at least enough to be able to Google either a) how to do it from within Firefox, or b) install a plugin such as NoScript to do it for them.

Right. Non-technical users do not think that way, at all. Javascript and HTML are implementation details of the website they are using. Even people who hire IT consultants tend not to understand these things much, although they might think they do.

I can imagine most web developers who freelance have dealt with a complaint from a client who had mistakenly turned off JavaScript, at least once.

Non-technical users do not even know what a browser is, much less anything about HTML or JavaScript.

What exactly is a non-technical user?

I read threads like this all the time: someone talks about "non-technical users" or "your grandma" or "pointy-haired bosses" or the like, and then goes to great length to discuss, in detail, the capacities or cognitive styles or knowledge base of members of these hypothetical categories.

It all seems like a bunch of arbitrary assumptions.

I don't know about anyone else's experience, but these assumptions are pretty dead-on in my own personal experience. Non-techies(my mom, or somebody who only uses home computers for email & turbo-tax and some super-locked-down PC at work) don't have a clue what/how it's doing what it does. The blue "E" on the desktop is the internet, sometimes it's even the whole computer when they say "My computer doesn't work". They most _definitely_ don't have a clue what HTML or javascript is, or what that blue "e" on their desktop is. That being said, not to come off as some arrogant know-it-all, I admit I know very little about how my car works. I just take to the dealer and do the suggested maintenance. I'm sure I'm paying more than I should somewhere but I don't care... however, I'm starting to think it's more dangerous not to know how a computer and the internet work than it is to not know how your car works.

Cars are regulated and require state inspection. A computer OTOH is still a mad max device.

The "non-technical" user is real, in my experience. I worked tech support at a school where the teachers at the school would accidentally delete icons on their desktop and change every setting in the browser one day trying to print something. I've also volunteered as in-person support at Firefox events. Watching people bring in their computers full of crapware and with things modified all to hell before they finally asked for help. These people aren't dumb, they just lack the technical literacy sometimes. But they are most certainly not hypothetical.

> in spite of there being laws banning the transfer of personal data outside Australia, most people are quite lax about the issue and take the view that the risks are too small to be counted.

I can tell you from working in the finance industry in Australia and APEA, larger companies/banks take this very seriously due to compliance obligations with regulators (APRA, MAS, HKMA, etc).

Google Music is available in Australia (as of last month or so), but the All Access streaming is not.

This is true for places that have good conditions and internet. You have to remember, power outages are a daily occurrences in even built up places such as Bangalore, and internet connectivity isn't crash hot anyway. Latency of the website won't have as much of an impact in these conditions (IMO, anyway)

Not even EFI, just regular BIOS...

> Let's say that a software bug results in someone getting hit and injured by a self-driving car. Who's liable?

The same person who is liable if your current car has a fault tomorrow that causes you to crash, presumably.