If people who download music can be classified as file-sharing terrorists, then a calling every instance of murder 'terrorism' doesn't sound like much of a stretch.
Hearing the word 'terrorism' coming from a news figure or politician is now a strong indicator that you are listening to a dangerous, scheming, untrustworthy authority figure who is trying to manipulate you through fear. It should make you want to vote the scumbag out; or at least turn off the TV they're bullshitting you through.
Oh, I know it's far from producing perfect replacement parts, and in some cases it could never print a replacement part. ABS and PLA are not adequate substitutes for some materials. And some materials have properties that will never work in a hot-end extrusion process.
But it will work in a lot of cases. The choice for most parts is based on the materials available, not their mechanical properties. If you needed a polyethylene part for some specific mechanical reason (tolerance, strength, elasticity, precision, whatever) if at all possible you'd have them injection mold the rest of the non-structural parts out of the same material at the same time, rather than set up a second job with a different plastic, even if a different plastic might be cheaper. Those other parts are the kinds of parts you could successfully squirt out of ABS in a 3D printer.
And 3D printing technology is not standing still. People are figuring out ways to incorporate many different plastics with the printing mechanisms. Others are producing plug-in cartridge systems, so the consumer can easily select from a broader assortment of appropriate materials. Hobbyist printers are gaining extra heads, extra axes, and more capabilities. I also think clever people will soon solve the screw thread problem, perhaps by incorporating slow-setting plastic in holes that use a metal screw as a part of a secondary molding process.
Maybe you can't print a nylon gear today, but maybe you will be able to tomorrow.
I think TFA was incorrect when they said "it will shock you". They should have said "it will startle non-technical people." But that's not as pithy, and not as attention grabbing, and doesn't get your article re-blogged on Slashdot.
I was thinking that, too. They could install a second cable, tying the bottom of the elevator to the bottom of the counterweights and looping it through a pulley at the bottom of the shaft. That way they could fully control acceleration unbounded by gravity. They could accelerate the elevator slightly faster than the speed of gravity for the first fraction of a second, leaving the occupants floating about the cabin in mid-air, and then match the acceleration of gravity until it's at the end of the free-fall period. It would truly be the fastest elevator possible.
Apart from the spilled coffee, dropped laptops, tumbled wheelchairs, shrieking, cursing, rushed prayers, and the several heart attacks induced each day, I can see no downside to this elevator!
The problem isn't specific to OpenSSL or libssl or libcrypto, it's the overall idea in info security that "This is the One True Solution, thou shalt not Roll Thine Own crypto, lest thou livest in a state of Sin."
It's important to keep in mind this paranoia is completely justified. I've seen some really poor home-grown crypto implementations, written by well intentioned but completely inept developers. And I know most older libraries never defended against side channel attacks. OpenSSL is a product people trust to keep current defending against the latest cryptanalytic attacks. And after this little gaffe, I suspect people will keep a much closer eye on it.
The reason heartbleed made the news was that of scale. All this paranoia led to a monoculture. And the monoculture enabled B.O.R.E. - Break Once, Rob Everyone.
I can picture a "fabricator" which is loaded up with strips of resistors, capacitors, transistors, LEDs, diodes, ICs, and mechanical items, such as spring wire, soft wire, hard wire, screws, and a roll of thin sheet metal. It could 3D print the housing, cut and bend wire as needed to create hinges, closures, battery terminals, etc., and print a circuit board. A pick-and-place tool could grab the chips, solder them to the printed circuit board, and then close it up with a sheet metal cover.
Such machines would not be cheap (to start with), and would be really expensive to stock with an adequate supply of components. An appliance repair shop might invest in one, but Joe Sixpack won't. At least not this year.
What I don't get is... what would you even print? If I think about the things that I interact with on a daily basis that could be 3D printed with what I know about today's technology, I come up with a pretty small list...
My list is really close to zero, too, which is why I haven't bothered getting one. My friend has a veritable rainbow of little ABS geckos littering his desk. He's printed a few useful things, but for the most part he's only printed decorative items (and that's taking a few liberties with the word "decorate".) I don't need little plastic tchotchkes to make my day complete.
Where I think it may eventually shine is instant repair parts: a new door for the DVD-RW drive, a new button for the mouse, etc. But I don't want to own a $1000 printer to produce a replacement printed from $0.10 worth of plastic. I'd rather go to the local Office $(VAR), look up the part in a catalog, and ask them to print me the part for a dollar or two.
I think the bigger problem is that everything about encryption software encourages a monoculture. Anyone who understands security will tell you "don't roll your own encryption code, you risk making a mistake." I would still rather have OpenSSL than Joe Schmoe's Encryption Library, simply because at this time I trust them a bit more. Just not as much as I did.
Another problem is that the "jump on it and fix it" approach is fine for servers and workstations. It's not so fine for embedded devices that can't easily be updated. I'm thinking door locks, motor controllers, alarm panels, car keys, etc. Look at all the furor over the hotel card key system a few years back, when some guy published "how to make an Arduino open any hotel door in the world in 0.23 seconds". Fixing those required replacing the circuit boards - how many broke hotels could afford to fix them, or even bothered to?
The existence of a "reference implementation" of security module means that any engineer would be seriously questioned for using anything else, and that leads to monoculture. And in that world, Proprietary or Open doesn't matter nearly as much as "embedded" vs "network updatable".
Many Interneted Thingies work fine on your own cloud. You can find alternatives that don't feed the big Googly database, but you have to shop carefully. Fitbit and Nest don't give you the option; but some of the home automation systems like Vera need no clouds at all.
Would you like your food data shared with your insurance company? How about your weight? Your BMI went above 22 this month. Not good, lower it or else. Your running? You didn't meet your jogging goals for the week. That's it, we're raising your health care premiums. That's a lot of beer you're drinking, and you put a lot of miles on your car, so it looks like we'll have to cancel your auto policy because statistically you're likely a drunk driver.
If you say "OK, share my data", it can go a lot of places you may not intend.
A lot of the animosity towards Monsanto comes from their overall behavior. Creating the terminator gene is first to mind. Next are the numerous allegations about misconduct: complaints that they do inadequate studies, they hire certain researchers expecting certain study outcomes, that they tamper with study results, and that they have bribed government officials. However, most of those reports come from the wacko anti-GMO crowd (who are really a bunch of anti-anything idiots), so it's hard to know if there's a shred of truth to any of the complaints.
The biggest gripe I have is their drive to produce pest- and herbicide-resistant crops. Every one of these is putting other farmers' crops at risk, because they're creating pesticide-resistant super-bugs and herbicide-resistant super-weeds. Those bugs and weeds don't limit themselves to Monsanto-seeded fields, they're natural organisms that spread, and those bugs are now attacking non-Monsanto crops, and the weeds are infesting non-Monsanto fields. Monsanto knew this was going to happen from the start of the program, they estimated it would take about 20 years for it to happen (it actually took less than 10 for the corn rootworm to evolve Bt resistance), yet they went ahead and did it anyway.
Had they focused their modifications only on creating high yield and high nutrition crops, instead of trying to fight the resistance battle, their overall agricultural activities would have been a lot more responsible.
LED lamps do not put out nearly as much heat as High Pressure Sodium (HPS) lamps. I have a (disconnected) 400W HPS that I could easily have cooked on the top of the reflector, and probably broiled meat directly beneath it. I replaced it with a 144W LED floodlamp, and now I can hold the operating heat sink in my hand; the glass lens pane on the bottom is at room temperature. I am no longer concerned about fire safety in my house.
One major difference, though, is I'm growing orchids, which require far less light than cannabis. I need only two 144W LED floodlamps to illuminate a 72 square foot area. The pot growers will cram as many 400 W lamps in a grow operation as they can, sometimes a dozen or more in a single small room, whatever they can draw from the circuit breaker panel. They'll keep a large external vent fan running year round, including the dead of winter, to keep the room from igniting.
If I were to grow pot, I'm sure I'd need a lot more light fixtures, but even a dozen LED lamps in the same room probably wouldn't risk burning my house down.
Oracle consultants were in the midst of the mess, they saw the failings, they repeatedly reported to the state that the project was going off the rails, and yet they still managed to cash their paychecks.
Had the consultants actually threatened them with "either you hire a professional to do the systems integration or we're off the job," and had they then removed themselves from the failing project, they'd be 100% blameless. But they didn't walk away, they just wrote some CYA memos and collected their money.
Oracle gets to take as much blame as anyone for their mess.
Hes not saying "dont do that", hes saying "dont be an obnoxious obstacle when this stuff comes up." Tell them theyre doing it wrong, if they insist, fulfill the request to the best of your ability, and make sure you have records of where you told them they were doing it wrong.
That would be fine if it were true, and if it were the end of it. But it's not. The enablers take over. If the bad ideas aren't stopped early by facts, their owners proceed down whatever path they've concocted, and the further they get without objection the more convinced they are that it's the correct path. An enabler will not tell them they're on the wrong path; or they'll say it once, but never correct them again for fear of losing their job (only a blocker says "you're still on the wrong path".) Without honest feedback about the mistakes being made, you can go a long way before realizing that you've led yourself astray.
One big problem is the belief that all problems can be stopped by governance processes. Therefore, all these processes are designed to be a form of change prevention. The idea is that by preventing incorrect changes, you avoid risk. But a process cannot distinguish between an incorrect change and a valuable change until after it has executed, so it must slow them all down equally. A process also handles the unknown poorly - it is designed to handle only certain changes, and everything else is awkward or not streamlined.
Change approval processes also encourage lies. When someone has to get a change through a process, they will tick whichever checkboxes will get them through the process with the least amount of effort, struggle, or paperwork; they will not voluntarily tick the box that ensures a microscopic review of their change, even when it may be appropriate.
Worse than all of the above, governance processes are hugely inefficient in that they're after the fact: create a large pile of changes, try to deploy it, then wait around days, or weeks to learn only then that the changes aren't approved. The feedback from governance is so late that the developer has long moved on to other tasks. Stakeholders get their changes in months instead of minutes.
Another sign the process is off the rails is if the disapproval is issued due to failure to follow the process, not with problems in the task being attempted. Too many failing processes leads further around the vicious cycle of process 'improvement', that then creates a process to follow the process, inserting delays into the delays. (Yo, dawg, I heard you like process, so I put process in your process...)
If you ever want to read a story about how bad process can get in the real world, read Red Plenty by Francis Spufford. He tells an interesting tale of just how far the Soviet Union's bureaucracy went, including goofiness such as one process that valued a machine by weight. The more modern machine that doubled production weighed less than the older machine it replaced, therefore the older machine was more valuable, and the budget rules that ensured progress did not permit replacing a more expensive machine with a cheaper machine.
Instead of after-the fact governance process, strive for continual, automated testing, starting with Test Driven Development. Have a repeatable method for delivering products that have quality built in from their very design. Once you've established the trust, you can minimize the processes. Something else valuable is a fail-forward philosophy: if you acknowledge that bugs will happen no matter what ("Failure is always an option"), you can often survive by putting in place the ability to recover from defects within minutes by being able to push out new patches. So instead of trying to avoid all risk by using a big process, you can get away with minimal process by accepting a little risk. This is a great approach because everything moves fast, especially the delivery of benefits.
"Yes men", or "enablers" as you call them, are the root cause of the out-of-control bureaucracy problem.
Management wants desperately to have processes that can be followed by minimum wage desperate people. They want to believe that they're incredibly smart and insightful, and that their knowledge of their business is so absolute and perfect that a process is easily applied to every situation. The enablers then create the real problems by saying "yes, we'll make this work," when they are actually lying. The problems then get worse, because the enablers also feel that every status report must be green, otherwise their process is not as perfect as they said it was.
The transparent lies breed more processes to control the mistakes that never seem to get fixed, despite the change review board processes. Nobody ever questions the process, because they'd be seen as a blocker. Change becomes impossible, because the middle-management process owners who have been lying "yes" will lose their jobs if their process is removed.
The process explosion reaches critical mass as each failed process begets two more to control it. The business goes into a death spiral of bloat and inefficiency.
Everything is painful. The smart middle managers flee early, leaving only the enablers behind, and they refuse to see or acknowledge any problems. The loyal people have their jobs turned into paperwork and outsourcing. With luck, the board will recognize the out of control costs, and bring in a lean outsider. An organization this bad off may need to fire 50%-90% of the people. Or the board may go the wrong direction, and outsource the whole damn mess, further eroding their ability to change.
This philosophy has caused more damage to business and productivity than any other idea, ever.
Avoiding this is simple, in theory. Tell the truth, and don't be afraid to change your mind if shown evidence that you're wrong.
He had a space shuttle model that he put together one time, and as far as know it still remains in the shape of the space shuttle. It didn't grow dinosaur engines, it didn't have wooden castle doors, it never had gears and shafts and pistons protruding from the wings, it just stayed a space shuttle model. The castle, on the other hand, was sometimes a tube, sometimes a fort, and sometimes a box, depending on what he was playing.
He's now 25 years old, and I don't suppose he's all that interested anymore. However, he's probably not too far from having a kid of his own to take it apart and remake it in the shape of a zombie tractor ninja robot.
The problem is that it's all the frickin' strike-on-box junk nowadays. Good old fashioned strike-anywhere matches are getting harder to find. You have to dig deep through grandma's junk drawer to find a box, and then you still have to sneak them out to the garage to see which of grandpa's mysterious cans of fluids are the most flammable.
I saw a video on Youtube titled "A magazine is an iPad that does not work." It featured a 1-year-old child tapping images on a magazine, expecting something to happen, and being somewhat frustrated that nothing does. There's a kid who may never throw a ball in his or her life.
Now I'm trying to figure out if that actually matters or not -- I certainly don't see ball-throwing as a necessary skill for life anymore, it's now strictly a form of recreation. We're no longer hunter-gatherers, we don't have to climb trees to get fruit or throw spears at boars to eat meat. We may be missing out on a lot of the experiences in the world by avoiding such activities, but we don't truly need them to survive in this age of McFood, Amazon, and Farmville.
Slashdot Mirror
If people who download music can be classified as file-sharing terrorists, then a calling every instance of murder 'terrorism' doesn't sound like much of a stretch.
Hearing the word 'terrorism' coming from a news figure or politician is now a strong indicator that you are listening to a dangerous, scheming, untrustworthy authority figure who is trying to manipulate you through fear. It should make you want to vote the scumbag out; or at least turn off the TV they're bullshitting you through.
Oh, I know it's far from producing perfect replacement parts, and in some cases it could never print a replacement part. ABS and PLA are not adequate substitutes for some materials. And some materials have properties that will never work in a hot-end extrusion process.
But it will work in a lot of cases. The choice for most parts is based on the materials available, not their mechanical properties. If you needed a polyethylene part for some specific mechanical reason (tolerance, strength, elasticity, precision, whatever) if at all possible you'd have them injection mold the rest of the non-structural parts out of the same material at the same time, rather than set up a second job with a different plastic, even if a different plastic might be cheaper. Those other parts are the kinds of parts you could successfully squirt out of ABS in a 3D printer.
And 3D printing technology is not standing still. People are figuring out ways to incorporate many different plastics with the printing mechanisms. Others are producing plug-in cartridge systems, so the consumer can easily select from a broader assortment of appropriate materials. Hobbyist printers are gaining extra heads, extra axes, and more capabilities. I also think clever people will soon solve the screw thread problem, perhaps by incorporating slow-setting plastic in holes that use a metal screw as a part of a secondary molding process.
Maybe you can't print a nylon gear today, but maybe you will be able to tomorrow.
I think TFA was incorrect when they said "it will shock you". They should have said "it will startle non-technical people." But that's not as pithy, and not as attention grabbing, and doesn't get your article re-blogged on Slashdot.
So what you're saying is they secretly reached a secret agreement to keep secret the terms of the not-quite-secret agreements.
I was thinking that, too. They could install a second cable, tying the bottom of the elevator to the bottom of the counterweights and looping it through a pulley at the bottom of the shaft. That way they could fully control acceleration unbounded by gravity. They could accelerate the elevator slightly faster than the speed of gravity for the first fraction of a second, leaving the occupants floating about the cabin in mid-air, and then match the acceleration of gravity until it's at the end of the free-fall period. It would truly be the fastest elevator possible.
Apart from the spilled coffee, dropped laptops, tumbled wheelchairs, shrieking, cursing, rushed prayers, and the several heart attacks induced each day, I can see no downside to this elevator!
The problem isn't specific to OpenSSL or libssl or libcrypto, it's the overall idea in info security that "This is the One True Solution, thou shalt not Roll Thine Own crypto, lest thou livest in a state of Sin."
It's important to keep in mind this paranoia is completely justified. I've seen some really poor home-grown crypto implementations, written by well intentioned but completely inept developers. And I know most older libraries never defended against side channel attacks. OpenSSL is a product people trust to keep current defending against the latest cryptanalytic attacks. And after this little gaffe, I suspect people will keep a much closer eye on it.
The reason heartbleed made the news was that of scale. All this paranoia led to a monoculture. And the monoculture enabled B.O.R.E. - Break Once, Rob Everyone.
I can picture a "fabricator" which is loaded up with strips of resistors, capacitors, transistors, LEDs, diodes, ICs, and mechanical items, such as spring wire, soft wire, hard wire, screws, and a roll of thin sheet metal. It could 3D print the housing, cut and bend wire as needed to create hinges, closures, battery terminals, etc., and print a circuit board. A pick-and-place tool could grab the chips, solder them to the printed circuit board, and then close it up with a sheet metal cover.
Such machines would not be cheap (to start with), and would be really expensive to stock with an adequate supply of components. An appliance repair shop might invest in one, but Joe Sixpack won't. At least not this year.
I sometimes need to print business documents out for legal purposes.
Then fax them.
Pro tip: be sure to fax the original signature, or the contract isn't valid. :-)
What I don't get is... what would you even print? If I think about the things that I interact with on a daily basis that could be 3D printed with what I know about today's technology, I come up with a pretty small list...
My list is really close to zero, too, which is why I haven't bothered getting one. My friend has a veritable rainbow of little ABS geckos littering his desk. He's printed a few useful things, but for the most part he's only printed decorative items (and that's taking a few liberties with the word "decorate".) I don't need little plastic tchotchkes to make my day complete.
Where I think it may eventually shine is instant repair parts: a new door for the DVD-RW drive, a new button for the mouse, etc. But I don't want to own a $1000 printer to produce a replacement printed from $0.10 worth of plastic. I'd rather go to the local Office $(VAR), look up the part in a catalog, and ask them to print me the part for a dollar or two.
I think the bigger problem is that everything about encryption software encourages a monoculture. Anyone who understands security will tell you "don't roll your own encryption code, you risk making a mistake." I would still rather have OpenSSL than Joe Schmoe's Encryption Library, simply because at this time I trust them a bit more. Just not as much as I did.
Another problem is that the "jump on it and fix it" approach is fine for servers and workstations. It's not so fine for embedded devices that can't easily be updated. I'm thinking door locks, motor controllers, alarm panels, car keys, etc. Look at all the furor over the hotel card key system a few years back, when some guy published "how to make an Arduino open any hotel door in the world in 0.23 seconds". Fixing those required replacing the circuit boards - how many broke hotels could afford to fix them, or even bothered to?
The existence of a "reference implementation" of security module means that any engineer would be seriously questioned for using anything else, and that leads to monoculture. And in that world, Proprietary or Open doesn't matter nearly as much as "embedded" vs "network updatable".
I RTFA, and all it says is 440 meters in 43 seconds. I'd like to know the acceleration profile for this thing, it sounds like fun!
But it's ... it's not ... cool.
Apparently what is cool is to buy a gaudy plastic band to wrap around the edge to make up for this design defect, then bedazzle the shit out of it.
Make it harder sells it better
Work 'em faster Apple's stronger
More than ever iPhone after
iPod works the Android over
Thank you for your answer. There is almost no end to the FUD stream, and as I said, it's hard to pick out the signal from the noise.
Many Interneted Thingies work fine on your own cloud. You can find alternatives that don't feed the big Googly database, but you have to shop carefully. Fitbit and Nest don't give you the option; but some of the home automation systems like Vera need no clouds at all.
Password: hedgehog, no doubt.
Would you like your food data shared with your insurance company? How about your weight? Your BMI went above 22 this month. Not good, lower it or else. Your running? You didn't meet your jogging goals for the week. That's it, we're raising your health care premiums. That's a lot of beer you're drinking, and you put a lot of miles on your car, so it looks like we'll have to cancel your auto policy because statistically you're likely a drunk driver.
If you say "OK, share my data", it can go a lot of places you may not intend.
A lot of the animosity towards Monsanto comes from their overall behavior. Creating the terminator gene is first to mind. Next are the numerous allegations about misconduct: complaints that they do inadequate studies, they hire certain researchers expecting certain study outcomes, that they tamper with study results, and that they have bribed government officials. However, most of those reports come from the wacko anti-GMO crowd (who are really a bunch of anti-anything idiots), so it's hard to know if there's a shred of truth to any of the complaints.
The biggest gripe I have is their drive to produce pest- and herbicide-resistant crops. Every one of these is putting other farmers' crops at risk, because they're creating pesticide-resistant super-bugs and herbicide-resistant super-weeds. Those bugs and weeds don't limit themselves to Monsanto-seeded fields, they're natural organisms that spread, and those bugs are now attacking non-Monsanto crops, and the weeds are infesting non-Monsanto fields. Monsanto knew this was going to happen from the start of the program, they estimated it would take about 20 years for it to happen (it actually took less than 10 for the corn rootworm to evolve Bt resistance), yet they went ahead and did it anyway.
Had they focused their modifications only on creating high yield and high nutrition crops, instead of trying to fight the resistance battle, their overall agricultural activities would have been a lot more responsible.
LED lamps do not put out nearly as much heat as High Pressure Sodium (HPS) lamps. I have a (disconnected) 400W HPS that I could easily have cooked on the top of the reflector, and probably broiled meat directly beneath it. I replaced it with a 144W LED floodlamp, and now I can hold the operating heat sink in my hand; the glass lens pane on the bottom is at room temperature. I am no longer concerned about fire safety in my house.
One major difference, though, is I'm growing orchids, which require far less light than cannabis. I need only two 144W LED floodlamps to illuminate a 72 square foot area. The pot growers will cram as many 400 W lamps in a grow operation as they can, sometimes a dozen or more in a single small room, whatever they can draw from the circuit breaker panel. They'll keep a large external vent fan running year round, including the dead of winter, to keep the room from igniting.
If I were to grow pot, I'm sure I'd need a lot more light fixtures, but even a dozen LED lamps in the same room probably wouldn't risk burning my house down.
Oracle consultants were in the midst of the mess, they saw the failings, they repeatedly reported to the state that the project was going off the rails, and yet they still managed to cash their paychecks.
Had the consultants actually threatened them with "either you hire a professional to do the systems integration or we're off the job," and had they then removed themselves from the failing project, they'd be 100% blameless. But they didn't walk away, they just wrote some CYA memos and collected their money.
Oracle gets to take as much blame as anyone for their mess.
Hes not saying "dont do that", hes saying "dont be an obnoxious obstacle when this stuff comes up." Tell them theyre doing it wrong, if they insist, fulfill the request to the best of your ability, and make sure you have records of where you told them they were doing it wrong.
That would be fine if it were true, and if it were the end of it. But it's not. The enablers take over. If the bad ideas aren't stopped early by facts, their owners proceed down whatever path they've concocted, and the further they get without objection the more convinced they are that it's the correct path. An enabler will not tell them they're on the wrong path; or they'll say it once, but never correct them again for fear of losing their job (only a blocker says "you're still on the wrong path".) Without honest feedback about the mistakes being made, you can go a long way before realizing that you've led yourself astray.
One big problem is the belief that all problems can be stopped by governance processes. Therefore, all these processes are designed to be a form of change prevention. The idea is that by preventing incorrect changes, you avoid risk. But a process cannot distinguish between an incorrect change and a valuable change until after it has executed, so it must slow them all down equally. A process also handles the unknown poorly - it is designed to handle only certain changes, and everything else is awkward or not streamlined.
Change approval processes also encourage lies. When someone has to get a change through a process, they will tick whichever checkboxes will get them through the process with the least amount of effort, struggle, or paperwork; they will not voluntarily tick the box that ensures a microscopic review of their change, even when it may be appropriate.
Worse than all of the above, governance processes are hugely inefficient in that they're after the fact: create a large pile of changes, try to deploy it, then wait around days, or weeks to learn only then that the changes aren't approved. The feedback from governance is so late that the developer has long moved on to other tasks. Stakeholders get their changes in months instead of minutes.
Another sign the process is off the rails is if the disapproval is issued due to failure to follow the process, not with problems in the task being attempted. Too many failing processes leads further around the vicious cycle of process 'improvement', that then creates a process to follow the process, inserting delays into the delays. (Yo, dawg, I heard you like process, so I put process in your process...)
If you ever want to read a story about how bad process can get in the real world, read Red Plenty by Francis Spufford. He tells an interesting tale of just how far the Soviet Union's bureaucracy went, including goofiness such as one process that valued a machine by weight. The more modern machine that doubled production weighed less than the older machine it replaced, therefore the older machine was more valuable, and the budget rules that ensured progress did not permit replacing a more expensive machine with a cheaper machine.
Instead of after-the fact governance process, strive for continual, automated testing, starting with Test Driven Development. Have a repeatable method for delivering products that have quality built in from their very design. Once you've established the trust, you can minimize the processes. Something else valuable is a fail-forward philosophy: if you acknowledge that bugs will happen no matter what ("Failure is always an option"), you can often survive by putting in place the ability to recover from defects within minutes by being able to push out new patches. So instead of trying to avoid all risk by using a big process, you can get away with minimal process by accepting a little risk. This is a great approach because everything moves fast, especially the delivery of benefits.
"Yes men", or "enablers" as you call them, are the root cause of the out-of-control bureaucracy problem.
Management wants desperately to have processes that can be followed by minimum wage desperate people. They want to believe that they're incredibly smart and insightful, and that their knowledge of their business is so absolute and perfect that a process is easily applied to every situation. The enablers then create the real problems by saying "yes, we'll make this work," when they are actually lying. The problems then get worse, because the enablers also feel that every status report must be green, otherwise their process is not as perfect as they said it was.
The transparent lies breed more processes to control the mistakes that never seem to get fixed, despite the change review board processes. Nobody ever questions the process, because they'd be seen as a blocker. Change becomes impossible, because the middle-management process owners who have been lying "yes" will lose their jobs if their process is removed.
The process explosion reaches critical mass as each failed process begets two more to control it. The business goes into a death spiral of bloat and inefficiency.
Everything is painful. The smart middle managers flee early, leaving only the enablers behind, and they refuse to see or acknowledge any problems. The loyal people have their jobs turned into paperwork and outsourcing. With luck, the board will recognize the out of control costs, and bring in a lean outsider. An organization this bad off may need to fire 50%-90% of the people. Or the board may go the wrong direction, and outsource the whole damn mess, further eroding their ability to change.
This philosophy has caused more damage to business and productivity than any other idea, ever.
Avoiding this is simple, in theory. Tell the truth, and don't be afraid to change your mind if shown evidence that you're wrong.
He had a space shuttle model that he put together one time, and as far as know it still remains in the shape of the space shuttle. It didn't grow dinosaur engines, it didn't have wooden castle doors, it never had gears and shafts and pistons protruding from the wings, it just stayed a space shuttle model. The castle, on the other hand, was sometimes a tube, sometimes a fort, and sometimes a box, depending on what he was playing.
He's now 25 years old, and I don't suppose he's all that interested anymore. However, he's probably not too far from having a kid of his own to take it apart and remake it in the shape of a zombie tractor ninja robot.
What happened to playing with matches?
The problem is that it's all the frickin' strike-on-box junk nowadays. Good old fashioned strike-anywhere matches are getting harder to find. You have to dig deep through grandma's junk drawer to find a box, and then you still have to sneak them out to the garage to see which of grandpa's mysterious cans of fluids are the most flammable.
I saw a video on Youtube titled "A magazine is an iPad that does not work." It featured a 1-year-old child tapping images on a magazine, expecting something to happen, and being somewhat frustrated that nothing does. There's a kid who may never throw a ball in his or her life.
Now I'm trying to figure out if that actually matters or not -- I certainly don't see ball-throwing as a necessary skill for life anymore, it's now strictly a form of recreation. We're no longer hunter-gatherers, we don't have to climb trees to get fruit or throw spears at boars to eat meat. We may be missing out on a lot of the experiences in the world by avoiding such activities, but we don't truly need them to survive in this age of McFood, Amazon, and Farmville.