If nobody would use it, what purpose does it serve? Unless I'm kinda mistaken here it's a service nobody wants. The population doesn't want it and the service providers sure as hell could do without it.
The whole point of opt-out systems is that they're used when few people would choose to opt-in.
This one fails dismally because they've made it so incredibly annoying that almost everyone goes to the trouble of figuring out how to disable them.
You've just explained why it wasn't set up as an opt-in system -- few people would chose to opt-in. Since nearly everyone that's complaining about the message didn't realize that there was even an option to disable the alerts, non of those people would have opted in, so having them opt-out now is no worse. But most of the rest of the people that don't really care about the alerts (or don't know they can turn them off), will keep them enabled.
It wasn't the middle of the night, I got my message at 10:51 - a time when many people were still awake.
And they resent it at 2:30am just in case it didn't piss off EVERYONE at 10:51.
That's apparently your carrier's problem since my Verizon and T-Mobile phones only received one message.
I'm not arguing the whole concept is bad, just the implementation. What the hell is wrong with a text message?
Because the carrier networks are not designed to send a geographically targeted SMS message, not to send millions of simultaneous SMS messages.
Ok, if it's delayed by a few minutes big deal, the 99.9% of the people who are not on the road until the next morning will get it anyway (and technically it's actually *illegal* in CA - and possibly dangerous - for the 0.1% who are on the road - to check it while driving!) And in fact, they will possibly be MORE likely to get it since the first thing I did on my phone going bats hit crazy was unlock it, which cancelled the message window... I never even got to see what it actually said until I read a news article the next day. If it was just a text message I would have seen it on my phone when I woke up, read it and probably digested the contents a lot better (and not immediately opted out of it like many also did).
My phone stores emergency alert messages, I assume that all (most?) do. So if you really cared about the contents of the message you could have read it the next day.
They used the national emergency service to inform the population about some child being kidnapped. Erh... Ok, now please tell me why I should care. Yes, yes, it's probably heart breaking for the parents, and yes, yes, if it was my child I'd certainly love to use it for that but the problem is: 99.something % of the population do not give half a fuck, let alone keep an eye out for that car. "Why the fuck should I care about some random brat I don't know about?" will probably be the reaction of nearly ALL the people who got that message.
I see a "cry wolf" scenario waiting to happen. Some day in the future, something actually important, something that actually is meaningful to most of the population, will happen and people will simply click it away after reading "AMBER AL...", thinking "fuck, that kidnapping fad's getting worse than spam texts".
If you don't care about Amber alerts, you can disable them in your phone while still receiving the other emergency alerts.
If you get a message that starts "AMBER AL...", then you can safely ignore it if you don't care about child abductions since Amber alerts are specifically for child abductions.
Rewind and first of all explain to me why some random child being kidnapped justifies an alert on a national emergency system.
It wasn't a national alert, it was a regional alert in California. An alert that the system was specifically designed for, that's why your phone will let your block Amber alerts separately from the other alerts if you want to.
If you don't want child abduction alerts, then turn off amber alerts in your phone.
I can say for sure that it's not just AT&T. A couple of weeks ago, I was receiving alerts every 15 minutes for floods that were happening 400 miles away on the east coast. Add to the this the fact that I couldn't stop the annoying screeching my phone was making without unlocking my phone and confirming the message and you had one hell of a case of distracted driving and nearly two accidents. I'd much rather text while driving 100% of the time. It isn't 1/10th as distracting, and less than 1/100th as infuriating. Perhaps those who thought these messages were a good idea need to rethink their sanity.
If you find a noisy phone to be too distracting to drive and you don't want the messages anyway, why not just disable them?
Do you nearly get into accidents when a blaring fire truck goes by or is it only a loud cell phone that distracts you to the point where you nearly crash?
Now go look up "Boulevard, CA" on a map and explain why 20+ million people in CA who have never heard of it or live within 300 miles of it should be woken up in the middle of the night about it.
Because one possible destination was Canada, so the suspect would have been driving through all of California? At least he would have until he saw the alert on his phone.
It wasn't the middle of the night, I got my message at 10:51 - a time when many people were still awake.
Alerts don't sell phones or services, so it's probably funded, staffed, and supported like anything else that doesn't contribute to profits: poorly.
Expect it to either be pwned after a few times, or "This important message is brought to you by General Motors"
I do wonder how long it will be until someone figures out how to hack the system and uses it to send out repeated "Presidential Alerts" in the middle of the night -- those alerts can't be blocked by any phone settings. Worse if the alert says "Incoming nuclear missiles. Evacuate your town immediately. Don't trust radio or TV."
WEA will look like a text message. The WEA message will show the type and time of the alert, any action you should take, and the agency issuing the alert. The message will be no more than 90 characters.
I can't believe the government asked for such an arbitrary and small limit on message size, so I'm assuming that the carriers said that's all they could provide, probably because a 90 character message fit into some control message they were already sending to phones.
I suspect it will be a slow oscillation based charger, because a moving vehicle trying to get a stable wave for its charging circuit will have "short" moments of interaction with the individual coils in the roadbed as it drives over the top, causing significant headache. This in addition to being less likely to wipe magstrips on credit cards, and the like.
A slow oscillator will be more difficult to draw "large" quantities of electricity from, as the collector would need to be quite large and conspicuous.
Why speculate (wrongly) when you can click through to the article?
The SMFIR technology, also developed by KAIST, works by running power through the underground cables at a frequency of 20 kHz, creating a 20 kHz electromagnetic field. The underbelly of the bus also includes a wire or coil that is tuned to recognize the frequency and then use an inverter to create electricity through magnetic resonance.
Okay so is it just me or is anyone else thinking that it wouldn't take a high school education to understand how to sap power from the road for free for powering your cell phone, laptop, or for the real inventive some parts of your house. Maybe that's just the cynic in me talking.
It doesn't take a rocket scientist to bypass the electric meter on your house either. Some people do it, some maange to escape getting caught for quite some time. Some get caught when the house burns down (typically because they whole reason they bypassed the meter was so they could run thousands of watts of grow lights in their basement and the kind of amateur electricians that bypass electric meters don't usually follow electrical codes when they wire in their power hungry equipment).
After having been to some rifle ranges, one question that never seems to be answered is: after several decades of hard shooting, who gets the unenviable (and expensive!) job of decontaminating what is essentially a toxic waste dump?
NRA doing what right-wingers do best? -- liability-dumping and socializing losses?
There's some controversy about that at a popular San Francisco shooting range:
The city is trying to shut down the gun club (which would leave the city on the hook for the cleanup). The gun club (which has already switched away from lead shot) wants to stay around and pay for the cleanup themselves, though maybe not on the terms the city wants.
Other lakes in SF that did not have shooting ranges are also contaminated with lead (mainly from street runoff when lead gas was legal), so it's not clear how much contamination at the gun club's lake is due to the gun club itself and how much from other sources, but the city is apparently blaming the gun club for all of the contamination in their lake.
Seems a little dangerous for that algorithm to be the default, doesn't it? Plus, burying the warning deep in the documentation.
And an insufficient warning, at that.
Something more like:
Normal/Small Mode may not be suitable for documents where faithful reproduction of the original text, numbers or illustrations is critical. Examples would include legal documents (contracts, wills, articles of incorporation, etc.), medical documents (patient charts, orders, medication lists, etc.), financial documents (bills, invoices, statements, reconciliations, etc.), business documents (HR records, meeting minutes, memoranda, etc.), engineering documents (drawings, plans, change orders, instructions, bills of material, etc.) or any other document where incorrect data could result in financial loss, injury, death, property damage or destruction, legal liability, loss of reputation or other harm. These examples should not be considered an exhaustive list of documents not suited for scanning, copying or faxing using Normal/Small mode.
would be more appropriate.
Or maybe it should say "We don't recommend that you use "Normal" mode for "Normal" scanning, we only call it "Normal" and make it the default so we can tout the image compression gains you get by using it, but you should only use it if you don't care if your scanned document is different than the original in subtle and hard to find ways. If you're ok with the "Normal" mode caveats, you might like our "Super-tiny" mode, where it turns every scanned document into a blank white document. This mode may not retain any of the original document's information, but hey, at least it's guaranteed to not have transcription errors and it has the best compression ratio in the industry!".
The problem is that most people only read the manual when they discover something is wrong and there is no immediately obvious problem with the results of these scans. The problem only gets noticed much later when someone tries to work with the scanned information and discovers that it is readable but doesn't make sense.
I think the problem is that almost no one reads the manual for the office copier at all - I've used dozens of large office copiers over the years and haven't read (or have even seen) the manual of a single one of them (at most, I've looked at the "quick-start" guide taped on the wall so I know how to use a few of the more arcane features, but even that seems to have gone away with "smart" touch-screen copiers that are supposed to be intuitive).
They have images of this happening. It's just outright substituting blocks of text from one part of a scanned image into an entirely separate part. Not just mangling pixels or uniformly displacing each by a few mm, but outright moving them into a different part of the image that was similar, yet slightly different. Maybe it's some sort of optimization or compression gone wrong? I.e. They detected a block that appeared to be the same as a previous one, so assumed they were the same and only kept one copy of that data?
It's bizarre.
You came up with the exact same conclusion as the author of the article you just read:
Edit: It seems that the above thought was not that wrong at all. Several mails I got suggest that the xerox machines use JBIG2 for compression. This algorithm creates a dictionary of image patches it finds “similar”. Those patches then get reused instead of the original image data, as long as the error generated by them is not “too high”. Makes sense.
You ALWAYS go to fucking TRIAL! Always! These trumped up prosecutions would stop if everyone exercised their right to a TRIAL!
... My wife was accused of criminal negligence with regards to an accident involving a retarded minor. She was facing 6 years in PMITV prison!
... Well, three days before jury selection was scheduled to start -- they offered a new plea deal, this time with a misdemeanor charge and 1 year of probation. Called their fucking bluffs!
... PS: If I had the money for a trial, we would have said no and got the charges dropped completely
Didn't you just demonstrate exactly why many people *don't* go to trial (including yourself?) The government holds all the cards - not only can they can hold a max sentence prosecution over your head making the stakes too high to gamble, but they *also* can play dirty with the evidence and stack the deck in their favor making it more likely that they will win. And since they are prosecuting with your tax dollars, they get unlimited funds to spend on the prosecution.
It's easy to say "Everyone should go to trial!" but when it's your (or your wife's) butt on the line, it's not so easy to face years of prison time -- as you so clearly demonstrated with your story. You didn't call their bluff - they called yours - they sweetened the pot on the plea deal because they wanted you to admit to the crime so they get yet another successful prosecution - and you did exactly what they wanted.
According to the TFA Aleinikov had admin rights on the GS systems, which is not surprising considering is responsibilities. If he wanted to cover something malicious he had both the access and the skills to do it.
Even if he has admin rights on the normal production servers, only their internal audit department should have admin rights on the logging servers.
He pulled up his browser and typed into it the words: Free Subversion Repository. Up popped a list of places that stored code, for free, and in a convenient fashion. He clicked the first link on the list. The entire process took about eight seconds. And then he did what he had always done since he first started programming computers: he deleted his bash history. To access the computer he was required to type his password. If he didn't delete his bash history, his password would be there to see, for anyone who had access to the system.
What? It is possible to put your password on the command line with subversion, but why would you do that if you are going to delete your history? Why not just let subversion prompt for a password (or use a keyring to store it)?
I've deleted my bash history after inadvertently or purposely typing a password into a command line -- sometimes putting the password on the command line is the most expedient way to get work done, despite it being a bad idea from a security standpoint -- and sometimes I'll mistype a hostname on an ssh command, but have already typed my password or ssh key passphrase and it ends up being entered as a command (good thing I never user "rm -rf/" as a password). Well, rather than delete the whole history, I usually run "history -r" to replace my history with the last saved history.
Though if the company really wants to see what a user has done, looking at the bash history is a very weak way to do it since anyone can edit their own bash history - they should be running something like auditd that sends command execution logs to a separate server that the developer doesn't have access to.
No, the moral of the story is: become well connected (too big to fail/jail) and don't get caught.
That's a bit like saying "Become rich", easier said than done. But the parent poster is correct when he says "Don't talk to the law". It can do nothing to help you, and as the police will tell you when they arrest you, anything you say can and will be used against you".
Good excuse when you're in the boss's office explaining why the application you coded isn't using all 8 of the customer's cores to operate faster.
I could be honest and say "Sorry boss, I haven't been paying any attention to CPU trends for the past few years and didn't realize that the CPU makers are using more (but slower) cores and just assumed that they'd keep coming out with faster and faster CPU clockspeeds. Guess I should have spent a little more time on parallelizing my app."
Give you a choice if you want to allow your device to be controlled with strings from a google website remotely.
If you don't want to use it, why would you download the app?
If you don't want to use the Google Ecosystem at all, you don't even have to link your phone to a Google account. You could install a CyanogenMod ROM for even greater independence from Google.
If someone has your Google account password and can sign into your Google account, they can probably already log on to your online banking and credit card accounts,
I hope most people have more sense than this.
More sense than what? What do you do when your bank uses your email address for password recovery that's "protected" by a few simple questions that a public records search (or digging through your email) can answer?
Even people that should know better don't have any more sense than that. I've received PDF docs emailed from my mortgage bank (huge multinational bank) that include my SSN (and other personal data) that are "encrypted" with the last 4 digits of my SSN. That's hardly better than no encryption at all. I asked him to stop sending me electronic docs and I started to pick them up in person. Tried to get him to use PGP, but of course, he had no idea what I was talking about.
If someone has your Google account password and can sign into your Google account, they can probably already log on to your online banking and credit card accounts
Really? How so? I can't think of any way that my banking accounts are linked to my Google account.
Many people link their online accounts to their email accounts, and many banks still use simple security questions for emailed password resets that anyone with access to your email account can probably answer. "What year did you graduate high school" - search for classmates.com emails. "What's your mother's maiden name", search for emails from your grandparents on your mom's side. "What's your youngest/oldest sibling", search for emails from mom about Christmas, emails mentioning siblings, etc.
it's not like asking for a Credit Card number or even a SSN is any form of additional protection
I was thinking more of a personal security question with a 10 attempt limit. Asking for a SSN seems a little extreme.
Most people aren't going to come up with a personal security question that's not answerable by looking through their email.
Either set up a backup number for sending codes to that is your significant other's or a someone else you trust, or print out backup codes and keep them somewhere safe.
So when I'm traveling and my phone is stolen, and I don't have my trusted friend with me or the backup codes that are in my stolen wallet, then I have no way to locate my phone?
I hope they require some hard proof of identity to use this service (more than just "signed into your Google Account"). It allows you to:
- ring the phone even if it's silent
- track its position using GPS
- wipe the data
Not a tool I'd want falling into the wrong hands.
What more could they require that's safer? If someone has your Google account password and can sign into your Google account, they can probably already log on to your online banking and credit card accounts, so it's not like asking for a Credit Card number or even a SSN is any form of additional protection.
Slashdot Mirror
If nobody would use it, what purpose does it serve? Unless I'm kinda mistaken here it's a service nobody wants. The population doesn't want it and the service providers sure as hell could do without it.
So who wants it?
Parents of abducted children?
Oh. Very convenient. Though it shoudl be opt-in.
The whole point of opt-out systems is that they're used when few people would choose to opt-in.
This one fails dismally because they've made it so incredibly annoying that almost everyone goes to the trouble of figuring out how to disable them.
You've just explained why it wasn't set up as an opt-in system -- few people would chose to opt-in. Since nearly everyone that's complaining about the message didn't realize that there was even an option to disable the alerts, non of those people would have opted in, so having them opt-out now is no worse. But most of the rest of the people that don't really care about the alerts (or don't know they can turn them off), will keep them enabled.
It wasn't the middle of the night, I got my message at 10:51 - a time when many people were still awake.
And they resent it at 2:30am just in case it didn't piss off EVERYONE at 10:51.
That's apparently your carrier's problem since my Verizon and T-Mobile phones only received one message.
I'm not arguing the whole concept is bad, just the implementation. What the hell is wrong with a text message?
Because the carrier networks are not designed to send a geographically targeted SMS message, not to send millions of simultaneous SMS messages.
Ok, if it's delayed by a few minutes big deal, the 99.9% of the people who are not on the road until the next morning will get it anyway (and technically it's actually *illegal* in CA - and possibly dangerous - for the 0.1% who are on the road - to check it while driving!) And in fact, they will possibly be MORE likely to get it since the first thing I did on my phone going bats hit crazy was unlock it, which cancelled the message window... I never even got to see what it actually said until I read a news article the next day. If it was just a text message I would have seen it on my phone when I woke up, read it and probably digested the contents a lot better (and not immediately opted out of it like many also did).
My phone stores emergency alert messages, I assume that all (most?) do. So if you really cared about the contents of the message you could have read it the next day.
They used the national emergency service to inform the population about some child being kidnapped. Erh... Ok, now please tell me why I should care. Yes, yes, it's probably heart breaking for the parents, and yes, yes, if it was my child I'd certainly love to use it for that but the problem is: 99.something % of the population do not give half a fuck, let alone keep an eye out for that car. "Why the fuck should I care about some random brat I don't know about?" will probably be the reaction of nearly ALL the people who got that message.
I see a "cry wolf" scenario waiting to happen. Some day in the future, something actually important, something that actually is meaningful to most of the population, will happen and people will simply click it away after reading "AMBER AL...", thinking "fuck, that kidnapping fad's getting worse than spam texts".
If you don't care about Amber alerts, you can disable them in your phone while still receiving the other emergency alerts.
If you get a message that starts "AMBER AL...", then you can safely ignore it if you don't care about child abductions since Amber alerts are specifically for child abductions.
Rewind and first of all explain to me why some random child being kidnapped justifies an alert on a national emergency system.
It wasn't a national alert, it was a regional alert in California. An alert that the system was specifically designed for, that's why your phone will let your block Amber alerts separately from the other alerts if you want to.
If you don't want child abduction alerts, then turn off amber alerts in your phone.
I can say for sure that it's not just AT&T. A couple of weeks ago, I was receiving alerts every 15 minutes for floods that were happening 400 miles away on the east coast. Add to the this the fact that I couldn't stop the annoying screeching my phone was making without unlocking my phone and confirming the message and you had one hell of a case of distracted driving and nearly two accidents. I'd much rather text while driving 100% of the time. It isn't 1/10th as distracting, and less than 1/100th as infuriating. Perhaps those who thought these messages were a good idea need to rethink their sanity.
If you find a noisy phone to be too distracting to drive and you don't want the messages anyway, why not just disable them?
Do you nearly get into accidents when a blaring fire truck goes by or is it only a loud cell phone that distracts you to the point where you nearly crash?
Now go look up "Boulevard, CA" on a map and explain why 20+ million people in CA who have never heard of it or live within 300 miles of it should be woken up in the middle of the night about it.
Because one possible destination was Canada, so the suspect would have been driving through all of California? At least he would have until he saw the alert on his phone.
It wasn't the middle of the night, I got my message at 10:51 - a time when many people were still awake.
Alerts don't sell phones or services, so it's probably funded, staffed, and supported like anything else that doesn't contribute to profits: poorly.
Expect it to either be pwned after a few times, or "This important message is brought to you by General Motors"
I do wonder how long it will be until someone figures out how to hack the system and uses it to send out repeated "Presidential Alerts" in the middle of the night -- those alerts can't be blocked by any phone settings. Worse if the alert says "Incoming nuclear missiles. Evacuate your town immediately. Don't trust radio or TV."
Don't blame (only) AT&T for the terse message. The WEA system limits messages to 90 characters:
http://www.fema.gov/wireless-emergency-alerts
WEA will look like a text message. The WEA message will show the type and time of the alert, any action you should take, and the agency issuing the alert. The message will be no more than 90 characters.
I can't believe the government asked for such an arbitrary and small limit on message size, so I'm assuming that the carriers said that's all they could provide, probably because a 90 character message fit into some control message they were already sending to phones.
I suspect it will be a slow oscillation based charger, because a moving vehicle trying to get a stable wave for its charging circuit will have "short" moments of interaction with the individual coils in the roadbed as it drives over the top, causing significant headache. This in addition to being less likely to wipe magstrips on credit cards, and the like.
A slow oscillator will be more difficult to draw "large" quantities of electricity from, as the collector would need to be quite large and conspicuous.
Why speculate (wrongly) when you can click through to the article?
The SMFIR technology, also developed by KAIST, works by running power through the underground cables at a frequency of 20 kHz, creating a 20 kHz electromagnetic field. The underbelly of the bus also includes a wire or coil that is tuned to recognize the frequency and then use an inverter to create electricity through magnetic resonance.
Okay so is it just me or is anyone else thinking that it wouldn't take a high school education to understand how to sap power from the road for free for powering your cell phone, laptop, or for the real inventive some parts of your house. Maybe that's just the cynic in me talking.
It doesn't take a rocket scientist to bypass the electric meter on your house either. Some people do it, some maange to escape getting caught for quite some time. Some get caught when the house burns down (typically because they whole reason they bypassed the meter was so they could run thousands of watts of grow lights in their basement and the kind of amateur electricians that bypass electric meters don't usually follow electrical codes when they wire in their power hungry equipment).
After having been to some rifle ranges, one question that never seems to be answered is: after several decades of hard shooting, who gets the unenviable (and expensive!) job of decontaminating what is essentially a toxic waste dump?
NRA doing what right-wingers do best? -- liability-dumping and socializing losses?
There's some controversy about that at a popular San Francisco shooting range:
http://sanfrancisco.cbslocal.com/2012/05/24/sf-faces-10-million-toxic-waste-problem-at-lake-merced-gun-club/
The city is trying to shut down the gun club (which would leave the city on the hook for the cleanup). The gun club (which has already switched away from lead shot) wants to stay around and pay for the cleanup themselves, though maybe not on the terms the city wants.
Other lakes in SF that did not have shooting ranges are also contaminated with lead (mainly from street runoff when lead gas was legal), so it's not clear how much contamination at the gun club's lake is due to the gun club itself and how much from other sources, but the city is apparently blaming the gun club for all of the contamination in their lake.
Seems a little dangerous for that algorithm to be the default, doesn't it? Plus, burying the warning deep in the documentation.
And an insufficient warning, at that.
Something more like:
Normal/Small Mode may not be suitable for documents where faithful reproduction of the original text, numbers or illustrations is critical. Examples would include legal documents (contracts, wills, articles of incorporation, etc.), medical documents (patient charts, orders, medication lists, etc.), financial documents (bills, invoices, statements, reconciliations, etc.), business documents (HR records, meeting minutes, memoranda, etc.), engineering documents (drawings, plans, change orders, instructions, bills of material, etc.) or any other document where incorrect data could result in financial loss, injury, death, property damage or destruction, legal liability, loss of reputation or other harm. These examples should not be considered an exhaustive list of documents not suited for scanning, copying or faxing using Normal/Small mode.
would be more appropriate.
Or maybe it should say "We don't recommend that you use "Normal" mode for "Normal" scanning, we only call it "Normal" and make it the default so we can tout the image compression gains you get by using it, but you should only use it if you don't care if your scanned document is different than the original in subtle and hard to find ways. If you're ok with the "Normal" mode caveats, you might like our "Super-tiny" mode, where it turns every scanned document into a blank white document. This mode may not retain any of the original document's information, but hey, at least it's guaranteed to not have transcription errors and it has the best compression ratio in the industry!".
The problem is that most people only read the manual when they discover something is wrong and there is no immediately obvious problem with the results of these scans. The problem only gets noticed much later when someone tries to work with the scanned information and discovers that it is readable but doesn't make sense.
I think the problem is that almost no one reads the manual for the office copier at all - I've used dozens of large office copiers over the years and haven't read (or have even seen) the manual of a single one of them (at most, I've looked at the "quick-start" guide taped on the wall so I know how to use a few of the more arcane features, but even that seems to have gone away with "smart" touch-screen copiers that are supposed to be intuitive).
They have images of this happening. It's just outright substituting blocks of text from one part of a scanned image into an entirely separate part. Not just mangling pixels or uniformly displacing each by a few mm, but outright moving them into a different part of the image that was similar, yet slightly different. Maybe it's some sort of optimization or compression gone wrong? I.e. They detected a block that appeared to be the same as a previous one, so assumed they were the same and only kept one copy of that data?
It's bizarre.
You came up with the exact same conclusion as the author of the article you just read:
Edit: It seems that the above thought was not that wrong at all. Several mails I got suggest that the xerox machines use JBIG2 for compression. This algorithm creates a dictionary of image patches it finds “similar”. Those patches then get reused instead of the original image data, as long as the error generated by them is not “too high”. Makes sense.
You ALWAYS go to fucking TRIAL! Always! These trumped up prosecutions would stop if everyone exercised their right to a TRIAL!
My wife was accused of criminal negligence with regards to an accident involving a retarded minor. She was facing 6 years in PMITV prison!
Well, three days before jury selection was scheduled to start -- they offered a new plea deal, this time with a misdemeanor charge and 1 year of probation. Called their fucking bluffs!
PS: If I had the money for a trial, we would have said no and got the charges dropped completely
Didn't you just demonstrate exactly why many people *don't* go to trial (including yourself?) The government holds all the cards - not only can they can hold a max sentence prosecution over your head making the stakes too high to gamble, but they *also* can play dirty with the evidence and stack the deck in their favor making it more likely that they will win. And since they are prosecuting with your tax dollars, they get unlimited funds to spend on the prosecution.
It's easy to say "Everyone should go to trial!" but when it's your (or your wife's) butt on the line, it's not so easy to face years of prison time -- as you so clearly demonstrated with your story. You didn't call their bluff - they called yours - they sweetened the pot on the plea deal because they wanted you to admit to the crime so they get yet another successful prosecution - and you did exactly what they wanted.
According to the TFA Aleinikov had admin rights on the GS systems, which is not surprising considering is responsibilities. If he wanted to cover something malicious he had both the access and the skills to do it.
Even if he has admin rights on the normal production servers, only their internal audit department should have admin rights on the logging servers.
What? It is possible to put your password on the command line with subversion, but why would you do that if you are going to delete your history? Why not just let subversion prompt for a password (or use a keyring to store it)?
I've deleted my bash history after inadvertently or purposely typing a password into a command line -- sometimes putting the password on the command line is the most expedient way to get work done, despite it being a bad idea from a security standpoint -- and sometimes I'll mistype a hostname on an ssh command, but have already typed my password or ssh key passphrase and it ends up being entered as a command (good thing I never user "rm -rf /" as a password). Well, rather than delete the whole history, I usually run "history -r" to replace my history with the last saved history.
Though if the company really wants to see what a user has done, looking at the bash history is a very weak way to do it since anyone can edit their own bash history - they should be running something like auditd that sends command execution logs to a separate server that the developer doesn't have access to.
Always get a lawyer before talking to the law.
No, the moral of the story is: become well connected (too big to fail/jail) and don't get caught.
That's a bit like saying "Become rich", easier said than done. But the parent poster is correct when he says "Don't talk to the law". It can do nothing to help you, and as the police will tell you when they arrest you, anything you say can and will be used against you".
http://www.youtube.com/watch?v=6wXkI4t7nuc
but it wasn't my idea.
Good excuse when you're in the boss's office explaining why the application you coded isn't using all 8 of the customer's cores to operate faster.
I could be honest and say "Sorry boss, I haven't been paying any attention to CPU trends for the past few years and didn't realize that the CPU makers are using more (but slower) cores and just assumed that they'd keep coming out with faster and faster CPU clockspeeds. Guess I should have spent a little more time on parallelizing my app."
What more could they require that's safer?
Give you a choice if you want to allow your device to be controlled with strings from a google website remotely.
If you don't want to use it, why would you download the app?
If you don't want to use the Google Ecosystem at all, you don't even have to link your phone to a Google account. You could install a CyanogenMod ROM for even greater independence from Google.
If someone has your Google account password and can sign into your Google account, they can probably already log on to your online banking and credit card accounts,
I hope most people have more sense than this.
More sense than what? What do you do when your bank uses your email address for password recovery that's "protected" by a few simple questions that a public records search (or digging through your email) can answer?
Even people that should know better don't have any more sense than that. I've received PDF docs emailed from my mortgage bank (huge multinational bank) that include my SSN (and other personal data) that are "encrypted" with the last 4 digits of my SSN. That's hardly better than no encryption at all. I asked him to stop sending me electronic docs and I started to pick them up in person. Tried to get him to use PGP, but of course, he had no idea what I was talking about.
Many people
Most people
I was under the assumption that Slashdot readers were more intelligent and cautious than "many/most people".
You're new here aren't you?
If someone has your Google account password and can sign into your Google account, they can probably already log on to your online banking and credit card accounts
Really? How so? I can't think of any way that my banking accounts are linked to my Google account.
Many people link their online accounts to their email accounts, and many banks still use simple security questions for emailed password resets that anyone with access to your email account can probably answer. "What year did you graduate high school" - search for classmates.com emails. "What's your mother's maiden name", search for emails from your grandparents on your mom's side. "What's your youngest/oldest sibling", search for emails from mom about Christmas, emails mentioning siblings, etc.
it's not like asking for a Credit Card number or even a SSN is any form of additional protection
I was thinking more of a personal security question with a 10 attempt limit. Asking for a SSN seems a little extreme.
Most people aren't going to come up with a personal security question that's not answerable by looking through their email.
Either set up a backup number for sending codes to that is your significant other's or a someone else you trust, or print out backup codes and keep them somewhere safe.
So when I'm traveling and my phone is stolen, and I don't have my trusted friend with me or the backup codes that are in my stolen wallet, then I have no way to locate my phone?
I hope they require some hard proof of identity to use this service (more than just "signed into your Google Account"). It allows you to:
Not a tool I'd want falling into the wrong hands.
What more could they require that's safer? If someone has your Google account password and can sign into your Google account, they can probably already log on to your online banking and credit card accounts, so it's not like asking for a Credit Card number or even a SSN is any form of additional protection.