I have no problem with hackers only with twits like yourself who for some reason think you know what you are talking about. A "hacker" can include a person who takes an existing idea or device and studies it and sometimes attempts to improve on or identify pieces that can be used for other purposes or projects. Basically just trying to understand and use that understanding for some purpose good or bad. Your definition of "hacker" is too general which leads to imprecision when used to classify people or actions. The morons launching SQL injection and DDOS attacks against websites are not innovators they are just wanna be losers. At best these guys can be classified as debuggers because they are just taking advantage of existing exploits and lazy system administrators. And chances are good that they were not even the ones who discovered the exploits in the first place they just took advantage of someone elses work and you want to glorify these jack offs as somehow responsible for leaps in understanding? If Sony had been current with their service packs the attack against them would have failed. The SQL injection types are also known exploits and could not have been used if the admins had been on the ball. The CitiCard hack was a stupid programming error by a development team that should be fired immediately for their incompetance. The point being none of these attacks required any great skill or ground breaking knowledge to pull off so I don't include them in the glorified group of hackers responsible for improving technology.
I see no way of preventing anyone who just happens to know you from referencing you in any material they post on the web. You have defined an impossible standard of privacy. How do you stop someone from taking a picture of you in public and posting it on the web? How do you prevent someone from posting unflattering remarks about you in some web forum? Outside of charging them with slander I don't see there is anything you can do about it.
Privacy rights are not guarantees of anonymity in modern society. It is easier and faster to look for people today than it was 20 years ago but even then if someone really wanted to find you they could. If you want to keep your information private don't use services like Facebook. Is that to difficult to understand?
Trying to explain personal responsibility in todays world is almost a lost cause. Just ask anyone having problems and they will tell you it's not their fault their life sucks it's because of "them".
What's the big deal? You don't think Google has been a public service since the beginning do you? You control how much information about yourself is out there to be collected. Want privacy? Stop freely publishing your information. Sure certain services over the internet might not be available to you without registering but none of these services are mandatory are they? Privacy is not a right that can be guaranteed. If you do not take sensible precautions when publishing your information recklessly across the net it is nobodies fault but your own.
I am not condoning it but the government is just taking advantage of the resources available to improve their intelligence gathering. Why bother infiltrating a company to tap their com lines when you can just ask the company up front for access. Of course if the company happens to be the target of the investigation I imagine some sort of covert infiltration and tapping would come into play. Plus the companies are not supplying data streams to the government they are agreeing to provide access to the government when requested. It's nort an open ended process. The requests are processed and can be challenged through the judicial system. The government requested information on some Twitter accounts and the company was legally required to provide the information but the targets of the investigation have been able to exercise their rights and challenge the validity of the request through the court system and so far the information has not been handed over. The US government is not a monolithic entity. There are constitutional seperation of powers and the 3 branches of the goverment are always challenging one another over one thing or another to ensure they retain as much power as possible. If you don't exercise your power you eventually lose it. Even the different federal security organizations compete and challenge one another which was one of the reasons no one put together the pieces in the 9/11 attack. They had to pass new laws just to force cooperation amongst the different agencies.
Every country on the planet performs some form of intelligence gathering. It is not a US only issue although a disturbing amount of people think nobody does it besides the US. Even countries friendly with one another spy on each other. It is SOP in international relations. When someone gets caught they usually just swap compromised spies and go on their merry way.
Cloud or no cloud the NSA has the means to capture, filter, and process almost all of the Internet traffic. The architect of the system balked when the NSA started capturing US traffic. Evidently his system was originally configured to encrypt any US specific data inadvertently captured. He ended up resigning because the NSA disabled the encryption which then allowed the collection of non-encrypted US traffic.
Towing the open source party line makes it hard to develop anything new without your competitors taking advantage of it. If you do create something new and unique you have to stumble through a minefield when deciding on which type of license wiill keep the geeks happy and at the same time support a reasonable revenue stream to cover your R&D costs. Not a lot to worry about today because no one seems to be doing any original work anymore. Everyone's to busy arguing about minor browser updates and other related minutia like crappy phones apps.
Morris's attempt to exploit a buffer overflow resulted in something he did not intend. He was not trying to create a self sustaining worm. I seem to remember he made a rather simple error in the conditional which resulted in a non-terminating loop.
So everyone and anyone who has contributed anything at all in the development of the internet falls into the sole category of "hacker"? Your desdain for those obviously inferior minds that have the nerve to use the internet but not understand the technology behind it is astounding. Last time I checked being described as a hacker was just one attribute of a persons life. I am sure there are plenty of technically adept people that also consider themselves conservatives, liberals, religious, business leaders, volunteers, or government officials. Also the people being described as hackers today usually gain their reputation by destroying or compromising something somebody else created. It's easier to break shit then it is to build something new. Running around bragging about your superior technical skills seems a little childish.
" It took a full 6 months to set up the environment"
Maybe you should have had someone who knew what they were doing to set it up. I don't particularly like Sharepoint for a number of reasons but I have had to work with it on occasion in a couple of large corporations. Installing and configuring Sharepoint on multiple servers never took over 2 - 3 days at most. Building Sharepoint Apps is also pretty straight forward and we rolled out the first apps in about 3 - 4 weeks which wasn't bad considering a lot of the developers had no Sharepoint experience.
A lot of FTA's include specific provisions with respect to patents.Countries flagrantly abusing patents as defined in the agreement can end up with additional tariffs being levied against their exports.
Outside of launching satellites I don't see a whole lot to commercialize yet. To do anything else in space we need to come up with an efficient, safe, and cost effective way of reaching orbit. About the only space related project I see the government spending money on is anti-satellite weapon platforms and possibly orbit to ground weapon platforms. If you want the government to fund expensive projects with little or no immediate return on investment you need to include at least one aspect that might have a military application.
The problem with helping Mexico is that the US is constantly being accused of imperialism whenever they engage with other countries. These complaints have helped push the US political climate and general public towards a more isolationist and hands off foreign policy except for threats that directly effect the US. The current immigration issues are just the first sign of this new foreign policy. I can't see any politician who would support helping Mexico just to solve the immigration problem. I really can't see any citizens who would agree with spending any money to help Mexico. Mexico is going to have to suck it up and help themselves. One thing that really irritates me is when the Mexican president tries to interfere in US immigration policies instead of dealing with his own problems and ask himself why so many people are desperately fleeing his country.
I agree with the idea of hypocrisy being too prevelant in todays society. People want security and those in charge of providing that security are afraid of what might happen to them personally if despite all their precautions and procedures the security is breached. This has led to the government pushing and sometimes exceeding the limits on their powers. This then creates a group of people who protest the governments actions and then the real threat becomes the government actions instead of the terrorist actions that started the whole process in the first place. The government and it's citizens need to realize nothing is 100% risk free and demanding someone create a risk free environment and then complaining about the manner in which the risk was lowered just generates animosity and conflict which increases the risk of someone commiting a terroist act in response to the governments attempt to provide security. It's a vicious and expensive circle.
"The fact of the matter is, the better the browser meets the HTML standards, the better it is for business. Period."
It depends on the type of buisness. Internal versus external portals and application types have differing sets of priorities. Every situation has it's own optimal solution and if you start ruling out certain technologies from the start you introduce the possibility of implementing a non-optimal solution.
"expecting breakage and avoiding patches is well established for Windows, because it was hugely necessary for Windows" To make this sweeping statement you need to offer up some evidence. Some of the recent hacks took advantage of an unpatched version of Apache running on a Linux box. Poor system administration is not platform specific.
"we are in the pre-collapse age of secret-source"
Open source is full of promises and benefits but it has not proven to be significantly different from the user perspective as people claim. Some of the supposed benefits are iffy to begin with. Nothing has shown that access to the source code translates into more secure applications. The notion that you can just study the source, magically discover, and then fix security bugs is a little over optimistic. There are some really ingenious and talented people working on security issues in both the open source and closed source environments and they are still uncovering security issues. The premise of some regular web developer auditing source code to find security issues is a little weak. the fact that Open Source is great for grabbing existing code and using it in your projects but the majority of users do not submit their changes back into the community unless absolutley required to by the license or think there is a real chance of getting busted.
Security is a moving target that continues to present new threats on a daily basis. At minimum any company that collects and stores personal customer data should be held responsible if that data is compromised. At a bare minimum any company who does not keep their systems updated with all of the available security patches covering the OS, applications, and firmware should be held liable for damages. For large systems this is a huge undertaking but it is not unreasonable if you expect to store personal data. The risk of damaging existing applications should be declared secondary to the security concerns. The biggest excuse today, especially for big companies, is that it takes time to test the updates before deployment and this opens a window of vulnerability. This one rule would reduce the number of breaches substantially. A company would not be held to the same level of responsibility for 0-day exploits, physical intrusion attacks, or theft of information needed to exploit security holes.
I never said I was a manager, in fact I filled the senior architect and development role and have held the same title and responsibilities for the past 15+ years in a career going back 23+ years in total. Your comments on IE8 or 9, and probably any other browser for that matter are not worth the time I took just to read them. So please excuse me if I don't consider your technical opinion interesting or relevant. A developer who doesn't take into consideration the time, costs, performance, and security of the software under development is just a code monkey destined to follow others instead of leading the way anywhere other than the last cubicle on the left by the bathrooms.
I also did not take a swipe at psychotherapy from a armchair or any where else. Your response to imagined slights on this subject tends to present the picture of someone who needs to work a little harder in their therapy sessions.
What you call greed most people call survival or living life. You seem to think that re-ordering the entire world will be fast and easy with no negative consequences. Just the re-allocation of labor would create massive problems. If fixing the energy problem was easy don't you think we would have made more headway then we have? Saying it is greedy corporations that won't allow new energy resources ignores the simple fact that those profiting from the oil and coal supplies can continue to make the same if not more in an alternative energy market. Environmentally safe does not mean cheap or free and there are plenty of profit incentives in a market as large at the energy market. The existing oil companies already have the money and influence to get in on the ground floor of any new emerging energy platform and continue making profits. The good news is that people like those in this story are spending the time and money actively looking for alternatives. This effort has been steadily growing over the past couple of years and eventually someone will attain a breakthrough in the technology barriers.
The only awareness they are generating is in the law enforcement and security services. Judging by the notably simple skill set needed to pull off their attacks these guys somehow assume they are invulnerable themselves and this belief comes from them thinking they are the smartest people to ever turn on a computer. Chances are they will regret this attitude in the near future. Internet security does not truly exist 100% in the real world. If you plug in to the Internet you are taking on a substantial risk. No matter how diligent and pro-active you are in securing your systems if someone wants in there is always a way. Declaring the organizations that have been breached a negligent is probably very true in some instances however if you accuse everyone that has had a breach in their system as negligent or incompetent is neither accurate or fair.
I have nothing against anyone recording anything they want. I fail to see why anyone would have a problem with recording anything in that takes place in public. However, I do have a problem when people use unsupported accusations and anecdotal evidence to brand a large group of people as corrupt or dishonest. We tend to use the extremes on both sides of any argument to make a point while disregarding the large number of balanced opinions that actually represent the true will of the majority.
I doubt you would accept any argument or proof showing all police officers are rights violating abusers of innocents. You, like a lot of people on this thread assume all police officers are corrupt liars and then base your comments from that starting point.
A lot of law enforcement agencies already have cameras in their police cars that record their actions when pulling someone over. This is police policy and they are required to produce the recordings whenever requested. The recordings also protect the police officer from having unfounded charges leveled against them by the people they are stopping.
"If MS screwed up so bad before, why should anyone want to go back to them, despite their claims that "we've learned our lesson!"?"
Sort of like Netscape imploding and then magically reborn as open sourced Firefox.
Slashdot Mirror
I have no problem with hackers only with twits like yourself who for some reason think you know what you are talking about. A "hacker" can include a person who takes an existing idea or device and studies it and sometimes attempts to improve on or identify pieces that can be used for other purposes or projects. Basically just trying to understand and use that understanding for some purpose good or bad. Your definition of "hacker" is too general which leads to imprecision when used to classify people or actions. The morons launching SQL injection and DDOS attacks against websites are not innovators they are just wanna be losers. At best these guys can be classified as debuggers because they are just taking advantage of existing exploits and lazy system administrators. And chances are good that they were not even the ones who discovered the exploits in the first place they just took advantage of someone elses work and you want to glorify these jack offs as somehow responsible for leaps in understanding? If Sony had been current with their service packs the attack against them would have failed. The SQL injection types are also known exploits and could not have been used if the admins had been on the ball. The CitiCard hack was a stupid programming error by a development team that should be fired immediately for their incompetance. The point being none of these attacks required any great skill or ground breaking knowledge to pull off so I don't include them in the glorified group of hackers responsible for improving technology.
I see no way of preventing anyone who just happens to know you from referencing you in any material they post on the web. You have defined an impossible standard of privacy. How do you stop someone from taking a picture of you in public and posting it on the web? How do you prevent someone from posting unflattering remarks about you in some web forum? Outside of charging them with slander I don't see there is anything you can do about it.
Privacy rights are not guarantees of anonymity in modern society. It is easier and faster to look for people today than it was 20 years ago but even then if someone really wanted to find you they could. If you want to keep your information private don't use services like Facebook. Is that to difficult to understand?
Trying to explain personal responsibility in todays world is almost a lost cause. Just ask anyone having problems and they will tell you it's not their fault their life sucks it's because of "them".
What's the big deal? You don't think Google has been a public service since the beginning do you? You control how much information about yourself is out there to be collected. Want privacy? Stop freely publishing your information. Sure certain services over the internet might not be available to you without registering but none of these services are mandatory are they? Privacy is not a right that can be guaranteed. If you do not take sensible precautions when publishing your information recklessly across the net it is nobodies fault but your own.
I am not condoning it but the government is just taking advantage of the resources available to improve their intelligence gathering. Why bother infiltrating a company to tap their com lines when you can just ask the company up front for access. Of course if the company happens to be the target of the investigation I imagine some sort of covert infiltration and tapping would come into play. Plus the companies are not supplying data streams to the government they are agreeing to provide access to the government when requested. It's nort an open ended process. The requests are processed and can be challenged through the judicial system. The government requested information on some Twitter accounts and the company was legally required to provide the information but the targets of the investigation have been able to exercise their rights and challenge the validity of the request through the court system and so far the information has not been handed over. The US government is not a monolithic entity. There are constitutional seperation of powers and the 3 branches of the goverment are always challenging one another over one thing or another to ensure they retain as much power as possible. If you don't exercise your power you eventually lose it. Even the different federal security organizations compete and challenge one another which was one of the reasons no one put together the pieces in the 9/11 attack. They had to pass new laws just to force cooperation amongst the different agencies.
Every country on the planet performs some form of intelligence gathering. It is not a US only issue although a disturbing amount of people think nobody does it besides the US. Even countries friendly with one another spy on each other. It is SOP in international relations. When someone gets caught they usually just swap compromised spies and go on their merry way. Cloud or no cloud the NSA has the means to capture, filter, and process almost all of the Internet traffic. The architect of the system balked when the NSA started capturing US traffic. Evidently his system was originally configured to encrypt any US specific data inadvertently captured. He ended up resigning because the NSA disabled the encryption which then allowed the collection of non-encrypted US traffic.
Towing the open source party line makes it hard to develop anything new without your competitors taking advantage of it. If you do create something new and unique you have to stumble through a minefield when deciding on which type of license wiill keep the geeks happy and at the same time support a reasonable revenue stream to cover your R&D costs. Not a lot to worry about today because no one seems to be doing any original work anymore. Everyone's to busy arguing about minor browser updates and other related minutia like crappy phones apps.
Morris's attempt to exploit a buffer overflow resulted in something he did not intend. He was not trying to create a self sustaining worm. I seem to remember he made a rather simple error in the conditional which resulted in a non-terminating loop.
So everyone and anyone who has contributed anything at all in the development of the internet falls into the sole category of "hacker"? Your desdain for those obviously inferior minds that have the nerve to use the internet but not understand the technology behind it is astounding. Last time I checked being described as a hacker was just one attribute of a persons life. I am sure there are plenty of technically adept people that also consider themselves conservatives, liberals, religious, business leaders, volunteers, or government officials. Also the people being described as hackers today usually gain their reputation by destroying or compromising something somebody else created. It's easier to break shit then it is to build something new. Running around bragging about your superior technical skills seems a little childish.
" It took a full 6 months to set up the environment" Maybe you should have had someone who knew what they were doing to set it up. I don't particularly like Sharepoint for a number of reasons but I have had to work with it on occasion in a couple of large corporations. Installing and configuring Sharepoint on multiple servers never took over 2 - 3 days at most. Building Sharepoint Apps is also pretty straight forward and we rolled out the first apps in about 3 - 4 weeks which wasn't bad considering a lot of the developers had no Sharepoint experience.
A lot of FTA's include specific provisions with respect to patents.Countries flagrantly abusing patents as defined in the agreement can end up with additional tariffs being levied against their exports.
Outside of launching satellites I don't see a whole lot to commercialize yet. To do anything else in space we need to come up with an efficient, safe, and cost effective way of reaching orbit. About the only space related project I see the government spending money on is anti-satellite weapon platforms and possibly orbit to ground weapon platforms. If you want the government to fund expensive projects with little or no immediate return on investment you need to include at least one aspect that might have a military application.
The problem with helping Mexico is that the US is constantly being accused of imperialism whenever they engage with other countries. These complaints have helped push the US political climate and general public towards a more isolationist and hands off foreign policy except for threats that directly effect the US. The current immigration issues are just the first sign of this new foreign policy. I can't see any politician who would support helping Mexico just to solve the immigration problem. I really can't see any citizens who would agree with spending any money to help Mexico. Mexico is going to have to suck it up and help themselves. One thing that really irritates me is when the Mexican president tries to interfere in US immigration policies instead of dealing with his own problems and ask himself why so many people are desperately fleeing his country.
I agree with the idea of hypocrisy being too prevelant in todays society. People want security and those in charge of providing that security are afraid of what might happen to them personally if despite all their precautions and procedures the security is breached. This has led to the government pushing and sometimes exceeding the limits on their powers. This then creates a group of people who protest the governments actions and then the real threat becomes the government actions instead of the terrorist actions that started the whole process in the first place. The government and it's citizens need to realize nothing is 100% risk free and demanding someone create a risk free environment and then complaining about the manner in which the risk was lowered just generates animosity and conflict which increases the risk of someone commiting a terroist act in response to the governments attempt to provide security. It's a vicious and expensive circle.
"The fact of the matter is, the better the browser meets the HTML standards, the better it is for business. Period." It depends on the type of buisness. Internal versus external portals and application types have differing sets of priorities. Every situation has it's own optimal solution and if you start ruling out certain technologies from the start you introduce the possibility of implementing a non-optimal solution. "expecting breakage and avoiding patches is well established for Windows, because it was hugely necessary for Windows" To make this sweeping statement you need to offer up some evidence. Some of the recent hacks took advantage of an unpatched version of Apache running on a Linux box. Poor system administration is not platform specific. "we are in the pre-collapse age of secret-source" Open source is full of promises and benefits but it has not proven to be significantly different from the user perspective as people claim. Some of the supposed benefits are iffy to begin with. Nothing has shown that access to the source code translates into more secure applications. The notion that you can just study the source, magically discover, and then fix security bugs is a little over optimistic. There are some really ingenious and talented people working on security issues in both the open source and closed source environments and they are still uncovering security issues. The premise of some regular web developer auditing source code to find security issues is a little weak. the fact that Open Source is great for grabbing existing code and using it in your projects but the majority of users do not submit their changes back into the community unless absolutley required to by the license or think there is a real chance of getting busted.
Security is a moving target that continues to present new threats on a daily basis. At minimum any company that collects and stores personal customer data should be held responsible if that data is compromised. At a bare minimum any company who does not keep their systems updated with all of the available security patches covering the OS, applications, and firmware should be held liable for damages. For large systems this is a huge undertaking but it is not unreasonable if you expect to store personal data. The risk of damaging existing applications should be declared secondary to the security concerns. The biggest excuse today, especially for big companies, is that it takes time to test the updates before deployment and this opens a window of vulnerability. This one rule would reduce the number of breaches substantially. A company would not be held to the same level of responsibility for 0-day exploits, physical intrusion attacks, or theft of information needed to exploit security holes.
Consulting Money? These ass hats did not do anything worth hiring them for. Re-packaged SQL injection and DDOS attacks are strictly amateur hour.
I never said I was a manager, in fact I filled the senior architect and development role and have held the same title and responsibilities for the past 15+ years in a career going back 23+ years in total. Your comments on IE8 or 9, and probably any other browser for that matter are not worth the time I took just to read them. So please excuse me if I don't consider your technical opinion interesting or relevant. A developer who doesn't take into consideration the time, costs, performance, and security of the software under development is just a code monkey destined to follow others instead of leading the way anywhere other than the last cubicle on the left by the bathrooms. I also did not take a swipe at psychotherapy from a armchair or any where else. Your response to imagined slights on this subject tends to present the picture of someone who needs to work a little harder in their therapy sessions.
What you call greed most people call survival or living life. You seem to think that re-ordering the entire world will be fast and easy with no negative consequences. Just the re-allocation of labor would create massive problems. If fixing the energy problem was easy don't you think we would have made more headway then we have? Saying it is greedy corporations that won't allow new energy resources ignores the simple fact that those profiting from the oil and coal supplies can continue to make the same if not more in an alternative energy market. Environmentally safe does not mean cheap or free and there are plenty of profit incentives in a market as large at the energy market. The existing oil companies already have the money and influence to get in on the ground floor of any new emerging energy platform and continue making profits. The good news is that people like those in this story are spending the time and money actively looking for alternatives. This effort has been steadily growing over the past couple of years and eventually someone will attain a breakthrough in the technology barriers.
The only awareness they are generating is in the law enforcement and security services. Judging by the notably simple skill set needed to pull off their attacks these guys somehow assume they are invulnerable themselves and this belief comes from them thinking they are the smartest people to ever turn on a computer. Chances are they will regret this attitude in the near future. Internet security does not truly exist 100% in the real world. If you plug in to the Internet you are taking on a substantial risk. No matter how diligent and pro-active you are in securing your systems if someone wants in there is always a way. Declaring the organizations that have been breached a negligent is probably very true in some instances however if you accuse everyone that has had a breach in their system as negligent or incompetent is neither accurate or fair.
I have nothing against anyone recording anything they want. I fail to see why anyone would have a problem with recording anything in that takes place in public. However, I do have a problem when people use unsupported accusations and anecdotal evidence to brand a large group of people as corrupt or dishonest. We tend to use the extremes on both sides of any argument to make a point while disregarding the large number of balanced opinions that actually represent the true will of the majority.
I doubt you would accept any argument or proof showing all police officers are rights violating abusers of innocents. You, like a lot of people on this thread assume all police officers are corrupt liars and then base your comments from that starting point.
A lot of law enforcement agencies already have cameras in their police cars that record their actions when pulling someone over. This is police policy and they are required to produce the recordings whenever requested. The recordings also protect the police officer from having unfounded charges leveled against them by the people they are stopping.
"If MS screwed up so bad before, why should anyone want to go back to them, despite their claims that "we've learned our lesson!"?" Sort of like Netscape imploding and then magically reborn as open sourced Firefox.