Realistically 1) most people don't use a PIN code, 2) those that do use their birthday MMDD or DDMM.
If you think someone where you work/live might have to tools to lift your fingerprint from a beer bottle or spacebar, you probably have more serious problems than the contents of your iPhone.
I'm sure security nuts will put their iPhone in a shielded box with a coded lock on it, in addition to using (and painfully entering on each unlock) a high entropy passphrase that's as long as possible.
More power to them.
TouchID is a good enough to prevent my daughters from seeing the naughty texts I send to my wife (none of your business either), and that's more or less the level of security TouchID is designed for.
A single good programmer does the job of 5, and you can pay her 2x. That's not magic, it's just a very refined skill set, focus and no communication barrier of multiple people.
So depending on the project, small team can be replaced by a single good programmer, or the project is just too large and you need many many people and communication infrastructure.
The more common definition of the Passive Income Hacker is "lifestyle business", i.e. a business where you don't seek a 10-100x exit.
I have to disagree with this one, of all of the people I know that have "lifestyle businesses," they were as committed to the early stages and aggressive as most of the "startup" guys I know. While some of them, after years of work, got to "minimal interaction with the business," most of them still work it hard for a standard week. The only difference between them and the "start-up guy," is they don't ever want to exit.
I've always seen the PIH "movement" (if we can call it that), much more opportunistic than many "lifestylers" - there's a big difference between being committed to something for life, and and trying to find a way to make money by doing as little as possible.
That last part is not to say that all PIH's are opportunists working on things that make money even if they could care less about them - but the movement is distinct from that of "lifestyle" business, where the goal is to make enough for a good life, doing something you enjoy/love.
Clearly stackexchange is showing pro-db bias. I'm a huge fan of unstructured data in filesystems as well, that's how the service behind my prototypesapp.com is built.
I also happen to think MySQL-backed websites are the bane of the internet, further testament to the pro-db bias of the average web developer.
A properly built sql store (or, increasingly, nosql) is definitely a necessity for large service. But what is "large"?
I once heard the rule of thumb that a db is necessary when the size of the data you store in it becomes larger than the size of the db code. I kind of like it.
It really depends on your structure I think. In the days of PHP3 I saw a lot of developers that built .txt-backed websites, with complicated parsing that would break when you looked at it.
In my opinion, they would have been better of with a database, or a more clever design like yours probably is.
A lot of my first work was rewriting PHP3 sites that used text-files to PHP4 with MySQL. Some of them had 200mb articles in text-files, and for every request they parsed this file, and didn't know why it was slow.
Unstructured data is as bad as unstructured code. Typically, your data will become more complex over time, and structure helps a lot with ensuring that this is not a painful thing to do. Relational databases are well-studied and present a well-understood abstraction, with design patterns (normal forms) that significantly improve the maintainability of databases. Sure, relational DBs are not the only solution; I personally find Lisp s-expressions to be an easier to use Q&D store (of course, I am also a Lisp programmer, and most of my code does not have to deal with untrusted data), and lots of people are using YAML these days (and of course, there is XML).
Whether something like this ever becomes widespread depends on WebGL becoming popular, which in turn depends on WebGL becoming sufficiently secure.
In an interview on the Debug podcast, Don Melton describes hardening WebGL, which involves hardening the whole stack down to the hardware level, as a significant challenge.
IE is never going to support WebGL. They want to be the gate keeper of video games.
They lost it with application and the cloud but they're holding on to the game segment pretty tightly. That's a theory a few programmer have with microsoft and why they chose to create directx.
This is definitely not the best way to base a marketing campaign on privacy issues.
That said consumer products are traditionally ad supported, and regular consumer appear to tolerate it, mostly.
Internet advertising is quite unlike TV or print advertising though, and consumers are definitely not sufficiently informed of how much they're being tracked, particularly by products of companies like Google and Facebook, that live on advertising in one way or another.
Google Web Analytics (reportedly used on half of the websites on the net) and the "like", "tweet" and "+1" buttons are arguably much more likely to track your interests than GMail, even if you have never signed up for a single Google, Twitter or Facebook service. My guess is the creatives who build the campaign either had no idea or didn't know how to communicate it in a personified way, which has more emotional impact.
So Microsoft's campaign sucks, and I have a fundamental anti-Microsoft bias that stems from their despicable business conduct in the 80s and 90s, but Google isn't any better these days, Schmidt's comments on the "creepy line" make me shudder. Perhaps it can be a good starting point for discussing privacy issues.
Privacy shouldn't be a competitive advantage, it should be a sacred right of anybody who has children or financial/health/private issues.
If you think someone where you work/live might have to tools to lift your fingerprint from a beer bottle or spacebar, you probably have more serious problems than the contents of your iPhone.
I'm sure security nuts will put their iPhone in a shielded box with a coded lock on it, in addition to using (and painfully entering on each unlock) a high entropy passphrase that's as long as possible.
More power to them.
TouchID is a good enough to prevent my daughters from seeing the naughty texts I send to my wife (none of your business either), and that's more or less the level of security TouchID is designed for.