First of all, everybody knows Sony is crap. So don't buy their shit and complain afterwards.
But second, they offered to cancel the whole deal, but Vincent refused. Another reason to not complain. Although most laptops are sold with Windows, it is possible to buy one without. Dell for example sells FreeDOS / Ubuntu laptops. He should have picked that one.
Apparently there is not enough market for non-Windows laptops. If where him, I would simply buy the laptop I want, removed Windows, installed Linux and used the Windows license to install Windows as a virtual machine. Always fun / nice / useful to have a small Windows installation at hand. Just in case.
No, MVC is no magic bullet. I never said that. But MVC, or any other architecture that offers the same structure, is a basic requirement for writing readable, maintainable and proper code.
You want proof for Drupal not being secure? How about this: https://www.drupal.org/security. I'm sure you've seen it before.
To prove that something is secure, you have to prove the absence of security bugs. Proving that something is not present is practically impossible.
I can tell you, but not prove, that I have many Banshee based websites and none of them has ever been hacked. I even have used Banshee professionally and had the web applications I created with it audited by IT security companies. No security flaw has ever been found.
WordPress (core) is probably the most secure CMS out there
Because of the mess, it's easy to make a mistake and introduce a security flaw when changing or extending something. If you ask me, that's exactly the reason why so many plugins are insecure. Because it's hard for the plugin developers to understand the logic and structure of the Wordpress main codebase. Wordpress the most secure CMS? With this codebase? No, not now, not ever!!
that's more of a function of popularity than inherently "bad" code
I fully disagree. Yes, more bugs will be found when more people look at the code, but for bugs to be found, they have to be there in the first place. You won't find many bugs in a proper piece of code, no matter how many people use it and look at its code. So, I think it's a bad excuse.
- No, it doesn't use the PDO library. So? Its SQL library protects against SQL injection and it has a audit script to check for any bypass of this library.
- No, the tablemanager_model.php is not vulnerable for SQL injection. Everything goes via the Banshee SQL library.
- No, passwords are stored via PBKDF2, using SHA256 and 100,000 iterations, which is much stronger.
- No, not probably more issues. It's secure. If you don't agree, provide us with some real proof.
Next time, try to understand the subject you are talking about, before you make false claims and accusations.
"Help Mr. Wizard!" -- Tennessee Tuxedo