http://www.gandi.net/ offers free IMAP/POP with their domains. Hosted in Europe (as far as I know).

The argument that there's nothing to worry about because other aspects of email communication is insecure is like saying that I shouldn't lock the door to my house since a house is fundamentally insecure, having windows that are easy to break.

My point is that, just because certain aspects of email communication is insecure doesn't mean we need to accept even more insecurity from our email provider.

The author also forgets to mention that the authorities have relatively easy access to people's email communications. Read http://projects.washingtonpost.com/top-secret-america/ to understand how troubling the American government's peaking into personal stuff is.

Facebook began using HipHop (their PHP compiler) at a time when they already had 200 million users and a website that by definition is very hard to cache. So in other words, PHP without Facebook's custom compiler was able to handle a site having 200 million frequently returning users. I'd say that's pretty good.

Sources: http://www.h-online.com/open/news/item/HipHop-Facebook-s-PHP... and http://en.wikipedia.org/wiki/Facebook

But it wasn't all running on a single VPS.

If OP had thrown more hardware (and hardware costs) at the equation his problems would have reduced.

"I fully believe this issue is a failure of Apple and a breach of trust by Apple, not by app developers."

So the companies that willfully ignore Apple's app rules and normal ethics are in no way to blame?

I would prefer generic credit card processing.