I worked for a bank for a few years (in a country far away, where they have numbered accounts and you're actually looking at jail time for revealing customer data) and something like this was just unheard of.
The absolute main security issue was customer data. Not that they would have fancied embezzlement or theft but this was looked upon far less serious then compromising customer data, period.
In the data centers (which you had to physically access in order to query real customer data, safe for the front office and also there it was very restricted what you could look at) you had to go through multiple layers of security and where not permitted to even remove a printout.
Computers where dismanteled and disks shredded, they where never for resale. This was applicable for every last computer from every last branch and office
Now, I agree shit happens. Probably in their case it started with outsourcing such a critical tasks to "ACMEs chep disk blanking operation" in order to save a few bucks. This is not really excusable, but it happens.
But what really gets my blood boiling are statements like the one from that PR bimbo, which are just utter bullshit.
Maybe she should apply for a job at Microsoft to sell "trustworthy computing".
"Our number one priority as an organization is the protection of customer information," said Dina Palozzi, chief privacy officer for the bank, which swiftly seized the computers' hard drives on Saturday afternoon within 24 hours of learning their whereabouts. "This kind of issue we take very, very seriously."
Don't you just love it? If protection of customer information indeed is your number one priority then why the fsck don't you have procedures is place, which make such a blunder outright impossible? And if you do have such procedures in place why don't you enforce them?
Are those PR liars (and what else could such a "chief privacy officer" making such an outragous statement actually be?) all cranked out by the Forked Tongue Institute for Marketing & PR, or what?
The way to fight spam is to build clever tools, come up with a technical fix.
So in essence you're telling me that I should have a legal right to enter your living room and shit on the carpet?
Of course you might prevent that with clever tools (i.e. locks), but if I manage to get around your lock I still have the right to plaster my crap all around your place.
No laws needed, we just rely on technology, right?
I think that this is one case where the Germans freaked out just a bit too much. The forbidding of the software had nothing to do with the technical merits of the code.
Actually this is not quite true. Microsoft Germany had to provide instructions about how to remove the offending code. This is quite different from "forbidding the software".
Imagine if it was found out that one of the coders contributing to the linux kernal was a scientologist
No it wouldn't and is actually rebutted by your own words:
Of course, this is all MS closed source stuff. so you can't verify it as safe...
The right to anonymous travel, which USians supposedly have.
When precisely was the last time when you where able to board a plane without providing identification?
So you take the train. Great! You seem to have a shitload of time and money. Hopefully you paid cash.
Oh, you take the car? I'm sure you pay cash at gas stations and you sure as hell don't have a fast pass.
And you always stay in real crummy hotels; right? You know, the ones that don't mind cash payements and it's probably the type of "hotel", which rents rooms by the hours?
Because every other damn hotel in the US with a shred of respectability will insist on a credit card. Other hotels demand to photocopy a piece of identification.
Yeah man, I'm real curious how you're bringing this off in times of national paranoia and being tough on terrorism.
automatic or manual retaliation comes back to making justice yourself which is inherently illegal (at least in the us).
Well, since the spammer invites you to click on an URL, what's the exact problem when every damn last receiver of the message actually connects to the server? I don't think that the law distinguishes between a manual click and a couple of automated lookups. In essence those jerks would be ddosing themselves.
Actually I think it's a really cool idea, provided that some of the issues can be sorted out.
I find it interesting that the customers that call in who have purchased our products are generally friendly and respectful. The customers that call in about the free service are almost always rude and demanding
I used to work for the professional services department of a major database vendor and liased a lot with major customers as well as with customer support.
Major customers usually take out an alliance support contract (up from 500k). Even though they usually run complex environments with dozens of database servers and hundreds of databases those are not the ones that cause support a headache. Their staff is usually knowledgeable and they are realists; even when things go dreadfully wrong. What they wont accept are trained monkeys going through a script.
Then there are those who took out a odbc license for 79.90$ and those are exactly the ones that went apeshit on our support guys. Besides that they are idiots, they're doing themselves a disservice. A knowledgeable techie can hang you out to dry and you'll never even know it.
it makes sense that an organization like IACREOT, that supports paperless computerized voting systems, which are secret by their very design, would not want computer experts who disagree with that position at their meetings." (emphasis mine)
And that's exactly what's dead wrong about voting machines in general and Diebolds AccuVote in specific.
It's about as plausible like those industry strength, propriatery, uncrackable encryption devices with a secret, secret algorithm (which is certified by the association of creative spooks).
If we (as the voters) allow for such unaccountable, unauditable and error-rigged devices we can give the key to the town right away to he who maintains the devices (or even a few creative script kiddies for that matter)
Ah yes, and where precisely in the specifications do you read that all external disks and network interfaces have to be removed to achieve C2 certification?
You're either talking out of your arse or even worse are one of Microsofts astroturfs who have known to frequent this place.
Ahh yes.. I'm sure every college student read the VMS Security Manual before logging in.
I know you're kidding, but in fact I think it would do college students (at least CompSci college students) a helluva lot of good to read the VMS documentation, at least partially.
When I look at this shit that they call documentation nowadays accompagnying "pc software" those where indead the good ol' days.
Of course I haven't RTFA (being on/. and all that), but that's either a very smart decision on turning their focus entirely to the enterprise - follow the money - or they're in the process of pissing every last techie with a knack for Linux (and thus subverting it into the corporate world) off big time.
I think it would be appropriate at this point to write a free client
that talks with Bitkeeper, and for Linux developers to start switching
to that from Bitkeeper. At that point, McVoy will face a hard choice:
if he carries out these threats, he risks alienating the community
that he hopes will market Bitkeeper for him
Actually Mr. Stallmans opinion is quite a sound one. There's a very fine line when you're commercializing in the free software space (mind you, not that it's necessarily morally wrong or violates licenses). Red Hat for example must also be very, very careful not to piss off the community, but
If you are trying to copy BK, give it up. We'll simply follow in the
footsteps of every other company faced with this sort of thing and change
the protocol every 6 months.
This statement just about pisses on every value, which RMS represents and despite his personality - his achievements are beyond dispute.
You're precisely reflecting my toughts. GNU/Linux (and the entire free software microcosm) is the biggest threat to Microsofts business model. I just can see licensing 8.0.
Well, mate we know that the economy is in a bind, but if you don't sign up for our new and improved licensing extortion plan it will be mighty difficult to open your DRM protected word documents by January 1, 2007.
So if it solves your problem, use it. If it doesn't, don't use it.
The problem is, that the existing environment is end of life, dead, zilch, nix, nada! by 2004. Actually it's worse with our "trustworthy computer" friends from Redmond, who actually decline to deliver a service pack for a security vulnerability on a supported platform.
Even though if an old, unsupported platform does the job, Munich (or any business or community of a certain size for that matter) is not in a position to use it: period.
Just imagine how the press is shredding you into bits, if you just lost the entire tax records of your citizens. It's completely irrelevant if the reason is NT or not, the fact that the platform was unsupported is enough to get a lot of people tarred, featherd and flogged out of town.
Sheesh, some people here really seem to believe that a mission critical environment can be supported with a copy of Win 95, a welding iron and a MCSE. Either that or you are just a troll who should go away.
It is possible for somebody, in translating a book, to add or change material substantially.
This is precisely the point of what would be wrong in addition to being not very consistent after everey 5th page with a community based translation.
I read both, English and German. The new HP obviosuly in English and I can say that 1-4 (which I read in German) are very, very accurately translated.
An accurate translation is certainly not a literal translation of a text, but rather a rewrite of the material in a different language by retaining the rhythm (the jazz beat, if you will) of the book and it's very hard to do, even if you're fairly fluent in both languages. While some translations of books are just awe aspiring others suck shit in a big way.
Kiddies, take a hint and wait or even better: If you have a grasp of English get a dictionary and work through the original version of the book. You get a free and very efficient English lesson kicked in in addition of the ability to spoil it for all your German only speaking friends.
I admit I didn't read it; or more precisely I read the first statement, which translates to The German Lobby Group for Commerical Software comisioned a study... to know that this really can't be relevant.
It's like a study, which proves that smoking is good for you, comissioned by er! Philip Morris and RJ Reynolds.
Slashdot Mirror
The absolute main security issue was customer data. Not that they would have fancied embezzlement or theft but this was looked upon far less serious then compromising customer data, period.
In the data centers (which you had to physically access in order to query real customer data, safe for the front office and also there it was very restricted what you could look at) you had to go through multiple layers of security and where not permitted to even remove a printout.
Computers where dismanteled and disks shredded, they where never for resale. This was applicable for every last computer from every last branch and office
Now, I agree shit happens. Probably in their case it started with outsourcing such a critical tasks to "ACMEs chep disk blanking operation" in order to save a few bucks. This is not really excusable, but it happens.
But what really gets my blood boiling are statements like the one from that PR bimbo, which are just utter bullshit.
Maybe she should apply for a job at Microsoft to sell "trustworthy computing".
Don't you just love it? If protection of customer information indeed is your number one priority then why the fsck don't you have procedures is place, which make such a blunder outright impossible? And if you do have such procedures in place why don't you enforce them?
Are those PR liars (and what else could such a "chief privacy officer" making such an outragous statement actually be?) all cranked out by the Forked Tongue Institute for Marketing & PR, or what?
So in essence you're telling me that I should have a legal right to enter your living room and shit on the carpet?
Of course you might prevent that with clever tools (i.e. locks), but if I manage to get around your lock I still have the right to plaster my crap all around your place.
No laws needed, we just rely on technology, right?
Actually this is not quite true. Microsoft Germany had to provide instructions about how to remove the offending code. This is quite different from "forbidding the software".
Imagine if it was found out that one of the coders contributing to the linux kernal was a scientologist
No it wouldn't and is actually rebutted by your own words:
Of course, this is all MS closed source stuff. so you can't verify it as safe...
When precisely was the last time when you where able to board a plane without providing identification?
So you take the train. Great! You seem to have a shitload of time and money. Hopefully you paid cash.
Oh, you take the car? I'm sure you pay cash at gas stations and you sure as hell don't have a fast pass.
And you always stay in real crummy hotels; right? You know, the ones that don't mind cash payements and it's probably the type of "hotel", which rents rooms by the hours?
Because every other damn hotel in the US with a shred of respectability will insist on a credit card. Other hotels demand to photocopy a piece of identification.
Yeah man, I'm real curious how you're bringing this off in times of national paranoia and being tough on terrorism.
California; it's in the surroundings of Carmel to be more precise.
Well, since the spammer invites you to click on an URL, what's the exact problem when every damn last receiver of the message actually connects to the server? I don't think that the law distinguishes between a manual click and a couple of automated lookups. In essence those jerks would be ddosing themselves.
Actually I think it's a really cool idea, provided that some of the issues can be sorted out.
I used to work for the professional services department of a major database vendor and liased a lot with major customers as well as with customer support.
Major customers usually take out an alliance support contract (up from 500k). Even though they usually run complex environments with dozens of database servers and hundreds of databases those are not the ones that cause support a headache. Their staff is usually knowledgeable and they are realists; even when things go dreadfully wrong. What they wont accept are trained monkeys going through a script.
Then there are those who took out a odbc license for 79.90$ and those are exactly the ones that went apeshit on our support guys. Besides that they are idiots, they're doing themselves a disservice. A knowledgeable techie can hang you out to dry and you'll never even know it.
And that's exactly what's dead wrong about voting machines in general and Diebolds AccuVote in specific.
It's about as plausible like those industry strength, propriatery, uncrackable encryption devices with a secret, secret algorithm (which is certified by the association of creative spooks).
If we (as the voters) allow for such unaccountable, unauditable and error-rigged devices we can give the key to the town right away to he who maintains the devices (or even a few creative script kiddies for that matter)
You're either talking out of your arse or even worse are one of Microsofts astroturfs who have known to frequent this place.
There is no need to thank me.
Very true that it got C2 certification, but if I recall correctly only when external drives where removed and the PC was not hooked up to a network.
Actually there is a rather open standard at your disposal.
I know you're kidding, but in fact I think it would do college students (at least CompSci college students) a helluva lot of good to read the VMS documentation, at least partially.
When I look at this shit that they call documentation nowadays accompagnying "pc software" those where indead the good ol' days.
Ah, memories...
You where supposed to always press [5F] (break) before opening a session on a VT terminal.
The two options are not mutually exclusive.
Actually Mr. Stallmans opinion is quite a sound one. There's a very fine line when you're commercializing in the free software space (mind you, not that it's necessarily morally wrong or violates licenses). Red Hat for example must also be very, very careful not to piss off the community, but
If you are trying to copy BK, give it up. We'll simply follow in the footsteps of every other company faced with this sort of thing and change the protocol every 6 months.
This statement just about pisses on every value, which RMS represents and despite his personality - his achievements are beyond dispute.
Well, mate we know that the economy is in a bind, but if you don't sign up for our new and improved licensing extortion plan it will be mighty difficult to open your DRM protected word documents by January 1, 2007.
So if it solves your problem, use it. If it doesn't, don't use it.
The problem is, that the existing environment is end of life, dead, zilch, nix, nada! by 2004. Actually it's worse with our "trustworthy computer" friends from Redmond, who actually decline to deliver a service pack for a security vulnerability on a supported platform.
Even though if an old, unsupported platform does the job, Munich (or any business or community of a certain size for that matter) is not in a position to use it: period.
Just imagine how the press is shredding you into bits, if you just lost the entire tax records of your citizens. It's completely irrelevant if the reason is NT or not, the fact that the platform was unsupported is enough to get a lot of people tarred, featherd and flogged out of town.
Sheesh, some people here really seem to believe that a mission critical environment can be supported with a copy of Win 95, a welding iron and a MCSE. Either that or you are just a troll who should go away.
There is no need to thank me.
Mind not! The supreme court will immediately put a stop to; er! never mind...
Depending on the laws of the country where you reside you must react to the extortion one way or another.
Manufacturers are definitely not happy about that, but they're treading on very thin ice here.
In fact Volkswagen got slapped with a record fine for uncompetitive behaviour.
They where also the ones that thretened their north Italian dealers with revoking dealership privileges if they sell to Swiss customers.
The EU frowns most definitely on such uncompetitive behavior, so I really can't imagine legislation to support price gouging.
Canada: Drink strong, pissy-tasting beer
UK: Drink warm, beery-tasting piss
Switching to single malt whisky?
This is precisely the point of what would be wrong in addition to being not very consistent after everey 5th page with a community based translation.
I read both, English and German. The new HP obviosuly in English and I can say that 1-4 (which I read in German) are very, very accurately translated.
An accurate translation is certainly not a literal translation of a text, but rather a rewrite of the material in a different language by retaining the rhythm (the jazz beat, if you will) of the book and it's very hard to do, even if you're fairly fluent in both languages. While some translations of books are just awe aspiring others suck shit in a big way.
Kiddies, take a hint and wait or even better: If you have a grasp of English get a dictionary and work through the original version of the book. You get a free and very efficient English lesson kicked in in addition of the ability to spoil it for all your German only speaking friends.
Every day I receive at least a dozen of offers for cut rate ink cartridges in my email...
It's like a study, which proves that smoking is good for you, comissioned by er! Philip Morris and RJ Reynolds.
Nothing to see here, next!