I think you have come up with a great criteria for deciding when to be honest.

As someone who has lived a very honest life I can say with confidence, it doesn't work. It's made my life less happy, not more. I still do it out of habit, and also for the feeling of moral superiority I get, but if anything I am thinking about being less honest rather than more so. It just creates too many problems, especially if you are an entrepreneur or business person.

I use http://gitblit.com/ A great open source github clone. 5 second install, also hosted on github.com.

Anyone know if what netty uses by default or SSLServerSocket are vulnerable? The article says SSL > 1.0 is ok.

Not SSL > 1.0 - TLS > 1.0. Big difference. TLS 1.0 is roughly the security era of SSL 3.0, perhaps even newer.

Yes, TLS 1.0 is almost identical to SSL 3.0. The name change occurred when Netscape handed stewardship of the protocol to the IETF.