So how is it that they don't get gazillion spammers posting? Are they on to something?
Slashdot is a very large site, so there are likely to be plenty of human spammers. CAPTCHAs don't stop those.
I think they might make it less attractive for spammers by marking links in comments Nofollow.
If the Spammer doesn't get a search engine boost from the backlink, then what's the point?
The spammers are around... they are called Anonymous Cowards. Not all of them are bots
I believe they occassionally ban IP addresses. Slashdot also limits the rate at which anonymous users can post.
You can post a comment --- then you can't post anymore for half an hour or so.
Because then on average, 1/3 of all spambots would succeed.
No.. if a bot visits a site with a 33% chance of success; on average, you could expect the bot will succeed.
The question of what fraction of spambots will succeed will be the question of how many bots are updated to attempt the unique kind of CAPTCHA.
If it's a very small site, and just one using this Captcha, then may be 0% of spambots will succeed, because nobody felt it was worth coding up an exploit for a CAPTCHA used by some small site with so little traffic (so little to gain by spamming).
OTOH... once Spambots are updated to answer the CAPTCHA
They will try multiple times from different IPs. If the bot makes enough attempts, the law of big numbers says the bot's success rate can be brought within an epsilon of 33%; it would be foolish for the spammer to not have their bot retry a sufficient number of times to guarantee success.
Thus 80% or more of Spambots that are updated will probably succeed.
So a human would have to design each and every one of them, which is a job that nobody wants to pay somebody to do. There will thus also be a limited sampleset which will easily be learned by a crafty spammer (and like anything else digital, it only takes one person to figure it out).
Not if as part of the Captcha solving, you ask the person to type three words describing each image.
Supposing you present 3 images... make them pick a word from a 4 or 5 item picklist, and type a few words of their own.
You will eventually get data about how people describe the image, based on the people who successfully solved the Captcha.
You can infer that if their solution to the Captcha was correct, and there is a consensus of enough other successful solvers offering a certain keyword,
then that keyword has relevance to the image.
Thus you can discover additional keywords besides the image name automatically. By using the disparity in information available between Your site and some random bot with no dataset.
Because you just plug that image into Google 3 times with each key word and pick the answer with the highest score. Or, much easier, you just randomly pick one of the options. One in three is a good hit rate, and even if you block by IP, getting past the system hundreds or thousands of times is trivial.
So give them 5 options, not 3, and make them answer 3 questions each with 5 options.
1/(5^3) is about a 0.8% chance of getting the set of right answers by chance alone.
Make sure to provide no hint about correctness or incorrectness until an answer is provided to all 3 questions.
You fail the entire sequence of questions, or get them all right as a group.
If you get all 3 wrong, then you have to wait 15 minutes before trying again.
let's say you change it do you have to answer a simple addition math problem. what you get is someone crying, "i have to answer 5+8?! but i dunno maths you insensitive clod!"
I got it... The problem is we're looking for the "one CAPTCHA"; when we should be looking for the right set of CAPTCHAs.... different kinds of questions for different kinds of people.
There's no reason the site can't let the user choose their CAPTCHA category. It can be Maths, Logic, Geometry, Physics, Biology, or History, Celebrity gossip, Food, Sex, Psychology, Art, Literature, Prose, Christianity, Islam, Buddhism, Shintoism, Architecture...
Pick your category, and a question is asked that can be answered by an expert in 10 seconds, but would take a novice or computers perhaps years.
I have an alternative suggestion to logic puzzles: Payment
To signup, you can choose to complete the Captcha, or you can send me $1 PayPal, or 1 Bitcoin.
If you pay me, then you get to register without answering the Captcha.
Then blind people can still gain access, by exercising the alternative option; there is just a nominal fee -- just like they had to pay a nominal fee for the screen reader and their other assistive devices.
The forum admin could also provide a street address, for blind people to mail a human-signed form with a self-addressed stamped return envelope to receive a transaction code for 'free' access; that would be a reasonable accomadation.
For every task that a computer is unable to handle, there exists a reasonably well-functioning human who cannot do it either.
How about this task... hold up a copy of your state ID to the webcam, and let the site use image recognition to check its authenticity.
(2) Enter your phone number, and click this button to receive a telephone call; when the phone answers, please dial this 6 digit code, press pound, then say your name.
Of course what we really need is SSL and a client-side certificate for every unique human:)
Simple things like image processing (someone in the comments below brought the example up of using company logos and you type the name, pizza toppings matched to the correct pizza),
Wait... typing the name of the content you see in an image? That doesn't exactly resolve the objections of blind people. Although poorly sighted people should find it easier to identify toppings on a pizza, than horribly distorted text.
Even if there were, let them take you to court on it, it's not like they're going to be able to make a reasoned complaint, right?...
You might have missed the fact, that when it comes to technology: many judges and jurrors fall into the same category as people not capable of fully understanding logic --- or the related category of people who can be persuaded despite logic (sometimes via money, relationships with the attorneys involved, or arguments that are emotional or otherwise sound persuasive even though irrational and bad reasoning).
Not to mention, logic puzzles are unfair to people who have trouble understanding logic; which, in my experience, is damn near the entire human race.
At least there is some Meritocratic element of being able to solve a simple logic puzzle; versus not having been blessed with good vision.
If you cannot understand basic logic -- do you really have anything intelligent to say, or is it likely to be flawwed?
Personally, I believe it's wasted on internet forums though --- a test for understanding of logic should be applied at the voting booth, not in online forums.
Its going to be far harder to make an AI that can create a decent logic puzzle
You don't necessarily need a full-blown AI to generate questions; you could use a series of templates with portions selectable from a predefined list. Build a library of questions with some bit of code for each question template. Yes, an adversary could eventually build a bot for one template.
Given that there are [number from 2 to 8] [painted,in a condition of being] [lit,unlit,orange,green,yellow,red,blue,....] and [number from 2 to 8] [square,round,triangular,....] [lights,blocks,LEDs,displays....] out of a total of [number from 11 to 30]; the [lights,blocks,LEDs,displays....] that are not [painted,in a condition of being] [lit,unlit,orange,green,yellow,red,blue,...] are all [painted,in a condition of being] [lit,unlit,orange,green,yellow,red,blue...], except [number], and all the [lights,blocks,LEDs,...] that are not [square,round,triangular,circular,lit,,....] are [square,round,triangular,circular,lit,,....].
The [square,round,triangular,circular,lit,,....] [lights,blocks,LEDs,displays....] are also [smooth,rough,sharp,metallic,cold,vibrating,rotating,...].
The blocks that are [painted,in a condition of being] [lit,unlit,orange,green,yellow,red,blue,....]
The first [number from 1 to N] [lights,blocks,LEDs,...] are [painted,in a condition of being] [lit,unlit,orange,green,yellow,red,blue,....]
The first [number from 1 to N] [lights,blocks,LEDs,...] are [square,round,triangular,circular,lit,,....]
The ones in positions [number from a to b] {except [list of numbers]} are [smooth,rough,sharp,metallic,cold,vibrating,rotating,...]
The ones in positions [number from a to b] {except [list of numbers]}are [smooth,rough,sharp,metallic,cold,vibrating,rotating,...]
CAPTCHA Question: Please enter the [comma separated list or number] of items that [are,cannot be,might be] { [smooth,rough,sharp,metallic,cold,vibrating,rotating,...] or [painted,in a condition of being] [lit,unlit,orange,green,yellow,red,blue,...] or [square,round,triangular,circular,lit,,....] }
In addition; if every item that is { [smooth,rough,sharp,metallic,cold,vibrating,rotating,...] or [painted,in a condition of being] [lit,unlit,orange,green,yellow,red,blue,...] or [square,round,triangular,circular,lit,,....] } has a A% chance of being
[desired,wanted,hated] and the others have a B% chance [plus number from 0 to 10%] if the item is { [smooth,rough,sharp,metallic,cold,vibrating,rotating,...] or [painted,in a condition of being] [lit,unlit,orange,green,yellow,red,blue,...] or [square,round,triangular,circular,lit,,....] }.
What are the highest and lowest possible chances for block [number from 1 o 30] to be [not] [desired,wanted,hated] ?
Please enter three status words to describe item # 5 :
It does go in waves. And from the language used, I've got to think it's Eastern European/Asian mainly. But boy is it prolific, and apparently captcha is worthless for stopping it.
It's probably called: human help in solving the captchas. Captchas eliminate lots of spam --- the automated stuff, not the stuff that has human help behind it.
I wouldn't judge it 'worthless' until you've experimented with shutting the CAPTCHAs on and off many times at different randomly selected sampling intervals -- gathered the data, and found; no effect on the rate of spammers signing up.
But they are. It's out of context, and it's much harder to make programs that are flexible like that. They're bringing a regular expression to an arithmetic party.
It's not necessarily trivial, but it is definitely a lot easier than an image recognition or image CAPTCHA solving problem.
Regular expressions are great for parsing and normalizing.
There are bots that can automatically register on a site, then check the email account for the activation link, in order to start spamming, so that's not a solution.
You e-mail them an encrypted PDF or encrypted Word.DOCX file. With an instruction to visit the link; when they visit the link, they are prompted to double check their phone number -- a call is placed using VoIP technology, and an agent speaks out the secret code required to open the PDF or MS Word file.
The DOC file when opened contains "Unique directions"; for example a link to click on
Then a phrase such as "Four score and seven years ago"
Instructions: Please type the digits of all spelled out numbers in the above and then subtract the square root of 16 from them. Type in twice the value calculated.
Remove every 2nd word from the above phrase, then make the next to last letter of each word capital and remove trailing vowels.
Add a trailing punctuation mark and lowercase the first word.
Show me the captcha before I enter any data please. That alone would confuse half the bots out there. (For a while).
Show me a simple Calculus problem or Trigonometric identity to solve in regular text, instead of a single word all muced up.
It would be easier to solve
Yes, but that would need Adobe to implement such a feature, and why would they?
Because support became mandatory under the plugin developer agreements for the latest version of the browser, and on the new version of
Xyz Browser; the flash plugin will be deprecated/unsupported, until updated support compatible with the latest plugin API is available,
and eventually blacklisted plugin after support for the old revision is phased out.
Seems to me that the browser should offer visual alert as to which tab is makin' noise, and should give you tweakin' options
Not only that... but unless it's a trusted site or 'safe site' set by me; I want all sites muted by default.
The problem is that plenty of the time, some random site i'm visiting will bring up some 'ad video' and start playing things on my speakers without my consent.
Also some webmasters with questionable design aesthetics will create annoying background music.
Background music on some random site starting at some random time unexpectedly on some background tab is no good, when I have 20 tabs open.
How do these companies arrive at hundreds of million/billion dollars worth of "damages" anyway? Is this using the MPAA/RIAA method of accounting?
100 million customers X $0.30 postage per breach notification + $0.01 paper stock per breach notification = $3.1 million
Estimated customer turnover (loss of subscribers due to breach): 5%
Estimated average customer age = 17
Estimated customer lifespan (age at which they would naturally stop using our product) = 100
5% * 100 million * ( $10 / month * 12 months / year * ( 100 - 17 ) ) = $4.9 billion
Estimated IT worker cost = (Hours time spent Recovering from breach) * (Number of IT Workers fixing problem) * (IT Worker cost of employment $ + each IT Worker's real worth to our business above what we pay$ [lost opportunity cost]) / 8760
= ~ 720 * 50 * ( $140,000 + $800,000 )/8760 = ~ $3.9 million
many cyber insurance policies cover only the cost of re-creating whatever data may have been lost during the breach — not notification costs, legal costs or other related expenses."
Data loss in a security breach usually and normally refers to the data that was exfiltrated or successfully leaked by an attacker.
For example: Data Loss Protection software is designed to detect attempts to send personally identifiable information such as social security numbers over e-mail or upload it out of the company LAN.
As for recreating sabotaged or destroyed data; that is not always possible, but It's supposed to be part of the backups.
A good insurer should compensate for the financial loss resulting from the destroyed data, not attempting to pay for what it will take to recreate it.
Assuming its data that could be recreated, by the time its recreated; it may be worthless, because the time requirement allowed a competitor to get ahead and get the patent filings done first.
There's a niche for a company that sells refurbished equipment at a higher price than eBay but offers a more polished experience. Either geeks.com didn't execute or they didn't get the word out.
You mean that there used to be a niche... back when eBay was young.
The people who want a polished experience go to the retail stores. The people who want to save as much money as possible, and are willing to take risks and extra work to save money dig through local newspaper classifieds around the country and craigslist; the people willing to take risks look around at night for strangers selling iPads out of their trunk for $20 each.
eBay IS the middle ground that provides the more polished experience; albeit not as polished as a pawn shop or an authorized retailer or used car store.
Arguably, the size of the niche in terms of things in between eBay, and the retail channel has been shrinking very much over the past 10 years, as eBay sees its user base and number of transactions continue to expand, and a dismal economy favors eBay even more.
So that supposed niche; might be too small for anyone to have a reasonable chance of success in that business, at the current time. Times change. 10 years from now, after Amazon's finally met their reckoning and had to raise prices.... the ecommerce scene might be very different
They recently started offering a lot of first-generation iPads for a couple hundred dollars each as well.
A couple hundred?
I got a second generation iPad on eBay for a couple hundred, not too long ago.
I'm sure there's a market for folks buying iPad1s, but they've got to get a deep enough discount acquiring the refurbished equipment to sell them for a "fair" price.
They make it out to be the big online retailers selling at a loss -- when it's not.
Something was broken with Geeks' business model, or the execution -- it worked once, but the environment changes over time.
Or perhaps the Alcohol stimualted their perceptual intelligence, so that when drunk, they realized the bots were not their predators, but some scientist's silly toys.
I had to cheat and look it up but there is actually a part where you can hire a native as a guide to cross the Snake River in exchange for clothing. The only thing in that game I think you could even kill was animals for food.
Yes.. Hint: Always pay the native; unless you want to risk losing all your stuff or getting a broken wagon.
So how is it that they don't get gazillion spammers posting? Are they on to something?
Slashdot is a very large site, so there are likely to be plenty of human spammers. CAPTCHAs don't stop those. I think they might make it less attractive for spammers by marking links in comments Nofollow. If the Spammer doesn't get a search engine boost from the backlink, then what's the point?
The spammers are around... they are called Anonymous Cowards. Not all of them are bots
I believe they occassionally ban IP addresses. Slashdot also limits the rate at which anonymous users can post. You can post a comment --- then you can't post anymore for half an hour or so.
Because then on average, 1/3 of all spambots would succeed.
No.. if a bot visits a site with a 33% chance of success; on average, you could expect the bot will succeed. The question of what fraction of spambots will succeed will be the question of how many bots are updated to attempt the unique kind of CAPTCHA.
If it's a very small site, and just one using this Captcha, then may be 0% of spambots will succeed, because nobody felt it was worth coding up an exploit for a CAPTCHA used by some small site with so little traffic (so little to gain by spamming).
OTOH... once Spambots are updated to answer the CAPTCHA
They will try multiple times from different IPs. If the bot makes enough attempts, the law of big numbers says the bot's success rate can be brought within an epsilon of 33%; it would be foolish for the spammer to not have their bot retry a sufficient number of times to guarantee success.
Thus 80% or more of Spambots that are updated will probably succeed.
So a human would have to design each and every one of them, which is a job that nobody wants to pay somebody to do. There will thus also be a limited sampleset which will easily be learned by a crafty spammer (and like anything else digital, it only takes one person to figure it out).
Not if as part of the Captcha solving, you ask the person to type three words describing each image.
Supposing you present 3 images... make them pick a word from a 4 or 5 item picklist, and type a few words of their own.
You will eventually get data about how people describe the image, based on the people who successfully solved the Captcha.
You can infer that if their solution to the Captcha was correct, and there is a consensus of enough other successful solvers offering a certain keyword, then that keyword has relevance to the image.
Thus you can discover additional keywords besides the image name automatically. By using the disparity in information available between Your site and some random bot with no dataset.
Because you just plug that image into Google 3 times with each key word and pick the answer with the highest score. Or, much easier, you just randomly pick one of the options. One in three is a good hit rate, and even if you block by IP, getting past the system hundreds or thousands of times is trivial.
So give them 5 options, not 3, and make them answer 3 questions each with 5 options. 1/(5^3) is about a 0.8% chance of getting the set of right answers by chance alone.
Make sure to provide no hint about correctness or incorrectness until an answer is provided to all 3 questions. You fail the entire sequence of questions, or get them all right as a group.
If you get all 3 wrong, then you have to wait 15 minutes before trying again.
let's say you change it do you have to answer a simple addition math problem. what you get is someone crying, "i have to answer 5+8?! but i dunno maths you insensitive clod!"
I got it... The problem is we're looking for the "one CAPTCHA"; when we should be looking for the right set of CAPTCHAs.... different kinds of questions for different kinds of people.
There's no reason the site can't let the user choose their CAPTCHA category. It can be Maths, Logic, Geometry, Physics, Biology, or History, Celebrity gossip, Food, Sex, Psychology, Art, Literature, Prose, Christianity, Islam, Buddhism, Shintoism, Architecture ...
Pick your category, and a question is asked that can be answered by an expert in 10 seconds, but would take a novice or computers perhaps years.
Are you serious? That's like leaving the key in the lock. Great security there. The bots can read the alt tags.
You may still get away with it if you are the one site that does it.
The key has been placed on top of the doormat, but the bots currently in the wild are not designed to look on top of the doormat, only under it.
I have an alternative suggestion to logic puzzles: Payment
To signup, you can choose to complete the Captcha, or you can send me $1 PayPal, or 1 Bitcoin. If you pay me, then you get to register without answering the Captcha.
Then blind people can still gain access, by exercising the alternative option; there is just a nominal fee -- just like they had to pay a nominal fee for the screen reader and their other assistive devices.
The forum admin could also provide a street address, for blind people to mail a human-signed form with a self-addressed stamped return envelope to receive a transaction code for 'free' access; that would be a reasonable accomadation.
For every task that a computer is unable to handle, there exists a reasonably well-functioning human who cannot do it either.
How about this task... hold up a copy of your state ID to the webcam, and let the site use image recognition to check its authenticity. (2) Enter your phone number, and click this button to receive a telephone call; when the phone answers, please dial this 6 digit code, press pound, then say your name.
Of course what we really need is SSL and a client-side certificate for every unique human :)
Simple things like image processing (someone in the comments below brought the example up of using company logos and you type the name, pizza toppings matched to the correct pizza) ,
Wait... typing the name of the content you see in an image? That doesn't exactly resolve the objections of blind people. Although poorly sighted people should find it easier to identify toppings on a pizza, than horribly distorted text.
Even if there were, let them take you to court on it, it's not like they're going to be able to make a reasoned complaint, right? ...
You might have missed the fact, that when it comes to technology: many judges and jurrors fall into the same category as people not capable of fully understanding logic --- or the related category of people who can be persuaded despite logic (sometimes via money, relationships with the attorneys involved, or arguments that are emotional or otherwise sound persuasive even though irrational and bad reasoning).
Not to mention, logic puzzles are unfair to people who have trouble understanding logic; which, in my experience, is damn near the entire human race.
At least there is some Meritocratic element of being able to solve a simple logic puzzle; versus not having been blessed with good vision.
If you cannot understand basic logic -- do you really have anything intelligent to say, or is it likely to be flawwed?
Personally, I believe it's wasted on internet forums though --- a test for understanding of logic should be applied at the voting booth, not in online forums.
Its going to be far harder to make an AI that can create a decent logic puzzle
You don't necessarily need a full-blown AI to generate questions; you could use a series of templates with portions selectable from a predefined list. Build a library of questions with some bit of code for each question template. Yes, an adversary could eventually build a bot for one template.
Given that there are [number from 2 to 8] [painted,in a condition of being] [lit,unlit,orange,green,yellow,red,blue,....] and [number from 2 to 8] [square,round,triangular,....] [lights,blocks,LEDs,displays....] out of a total of [number from 11 to 30]; the [lights,blocks,LEDs,displays....] that are not [painted,in a condition of being] [lit,unlit,orange,green,yellow,red,blue,...] are all [painted,in a condition of being] [lit,unlit,orange,green,yellow,red,blue...], except [number], and all the [lights,blocks,LEDs,...] that are not [square,round,triangular,circular,lit,,....] are [square,round,triangular,circular,lit,,....].
The [square,round,triangular,circular,lit,,....] [lights,blocks,LEDs,displays....] are also [smooth,rough,sharp,metallic,cold,vibrating,rotating,...]. The blocks that are [painted,in a condition of being] [lit,unlit,orange,green,yellow,red,blue,....]
The first [number from 1 to N] [lights,blocks,LEDs,...] are [painted,in a condition of being] [lit,unlit,orange,green,yellow,red,blue,....]
The first [number from 1 to N] [lights,blocks,LEDs,...] are [square,round,triangular,circular,lit,,....]
The ones in positions [number from a to b] {except [list of numbers]} are [smooth,rough,sharp,metallic,cold,vibrating,rotating,...]
The ones in positions [number from a to b] {except [list of numbers]}are [smooth,rough,sharp,metallic,cold,vibrating,rotating,...]
CAPTCHA Question: Please enter the [comma separated list or number] of items that [are,cannot be,might be] { [smooth,rough,sharp,metallic,cold,vibrating,rotating,...] or [painted,in a condition of being] [lit,unlit,orange,green,yellow,red,blue,...] or [square,round,triangular,circular,lit,,....] }
In addition; if every item that is { [smooth,rough,sharp,metallic,cold,vibrating,rotating,...] or [painted,in a condition of being] [lit,unlit,orange,green,yellow,red,blue,...] or [square,round,triangular,circular,lit,,....] } has a A% chance of being [desired,wanted,hated] and the others have a B% chance [plus number from 0 to 10%] if the item is { [smooth,rough,sharp,metallic,cold,vibrating,rotating,...] or [painted,in a condition of being] [lit,unlit,orange,green,yellow,red,blue,...] or [square,round,triangular,circular,lit,,....] }.
What are the highest and lowest possible chances for block [number from 1 o 30] to be [not] [desired,wanted,hated] ?
Please enter three status words to describe item # 5 :
It does go in waves. And from the language used, I've got to think it's Eastern European/Asian mainly. But boy is it prolific, and apparently captcha is worthless for stopping it.
It's probably called: human help in solving the captchas. Captchas eliminate lots of spam --- the automated stuff, not the stuff that has human help behind it.
I wouldn't judge it 'worthless' until you've experimented with shutting the CAPTCHAs on and off many times at different randomly selected sampling intervals -- gathered the data, and found; no effect on the rate of spammers signing up.
But they are. It's out of context, and it's much harder to make programs that are flexible like that. They're bringing a regular expression to an arithmetic party.
It's not necessarily trivial, but it is definitely a lot easier than an image recognition or image CAPTCHA solving problem.
Regular expressions are great for parsing and normalizing.
s/seven/7/ s/minus/ - / ....
There are bots that can automatically register on a site, then check the email account for the activation link, in order to start spamming, so that's not a solution.
You e-mail them an encrypted PDF or encrypted Word .DOCX file. With an instruction to visit the link; when they visit the link, they are prompted to double check their phone number -- a call is placed using VoIP technology, and an agent speaks out the secret code required to open the PDF or MS Word file.
The DOC file when opened contains "Unique directions"; for example a link to click on
Then a phrase such as "Four score and seven years ago"
Instructions: Please type the digits of all spelled out numbers in the above and then subtract the square root of 16 from them. Type in twice the value calculated.
Remove every 2nd word from the above phrase, then make the next to last letter of each word capital and remove trailing vowels. Add a trailing punctuation mark and lowercase the first word.
Show me the captcha before I enter any data please. That alone would confuse half the bots out there. (For a while).
Show me a simple Calculus problem or Trigonometric identity to solve in regular text, instead of a single word all muced up. It would be easier to solve
Yes, but that would need Adobe to implement such a feature, and why would they?
Because support became mandatory under the plugin developer agreements for the latest version of the browser, and on the new version of Xyz Browser; the flash plugin will be deprecated/unsupported, until updated support compatible with the latest plugin API is available, and eventually blacklisted plugin after support for the old revision is phased out.
Seems to me that the browser should offer visual alert as to which tab is makin' noise, and should give you tweakin' options
Not only that... but unless it's a trusted site or 'safe site' set by me; I want all sites muted by default.
The problem is that plenty of the time, some random site i'm visiting will bring up some 'ad video' and start playing things on my speakers without my consent. Also some webmasters with questionable design aesthetics will create annoying background music.
Background music on some random site starting at some random time unexpectedly on some background tab is no good, when I have 20 tabs open.
How do these companies arrive at hundreds of million/billion dollars worth of "damages" anyway? Is this using the MPAA/RIAA method of accounting?
100 million customers X $0.30 postage per breach notification + $0.01 paper stock per breach notification = $3.1 million
Estimated customer turnover (loss of subscribers due to breach): 5%
Estimated average customer age = 17
Estimated customer lifespan (age at which they would naturally stop using our product) = 100
5% * 100 million * ( $10 / month * 12 months / year * ( 100 - 17 ) ) = $4.9 billion
Estimated IT worker cost = (Hours time spent Recovering from breach) * (Number of IT Workers fixing problem) * (IT Worker cost of employment $ + each IT Worker's real worth to our business above what we pay$ [lost opportunity cost]) / 8760 = ~ 720 * 50 * ( $140,000 + $800,000 ) /8760 = ~ $3.9 million
many cyber insurance policies cover only the cost of re-creating whatever data may have been lost during the breach — not notification costs, legal costs or other related expenses."
Data loss in a security breach usually and normally refers to the data that was exfiltrated or successfully leaked by an attacker. For example: Data Loss Protection software is designed to detect attempts to send personally identifiable information such as social security numbers over e-mail or upload it out of the company LAN.
As for recreating sabotaged or destroyed data; that is not always possible, but It's supposed to be part of the backups. A good insurer should compensate for the financial loss resulting from the destroyed data, not attempting to pay for what it will take to recreate it.
Assuming its data that could be recreated, by the time its recreated; it may be worthless, because the time requirement allowed a competitor to get ahead and get the patent filings done first.
I suspect one of the real points to this article is to let interested buyers know that the domain name may be for sale soon (to pump up the price).
That's a good point... Geeks.com is a really neat domain name; i'd be willing to pay as much as a $1000 for it.
There's a niche for a company that sells refurbished equipment at a higher price than eBay but offers a more polished experience. Either geeks.com didn't execute or they didn't get the word out.
You mean that there used to be a niche... back when eBay was young.
The people who want a polished experience go to the retail stores. The people who want to save as much money as possible, and are willing to take risks and extra work to save money dig through local newspaper classifieds around the country and craigslist; the people willing to take risks look around at night for strangers selling iPads out of their trunk for $20 each.
eBay IS the middle ground that provides the more polished experience; albeit not as polished as a pawn shop or an authorized retailer or used car store.
Arguably, the size of the niche in terms of things in between eBay, and the retail channel has been shrinking very much over the past 10 years, as eBay sees its user base and number of transactions continue to expand, and a dismal economy favors eBay even more.
So that supposed niche; might be too small for anyone to have a reasonable chance of success in that business, at the current time. Times change. 10 years from now, after Amazon's finally met their reckoning and had to raise prices.... the ecommerce scene might be very different
They recently started offering a lot of first-generation iPads for a couple hundred dollars each as well.
A couple hundred? I got a second generation iPad on eBay for a couple hundred, not too long ago.
I'm sure there's a market for folks buying iPad1s, but they've got to get a deep enough discount acquiring the refurbished equipment to sell them for a "fair" price.
They make it out to be the big online retailers selling at a loss -- when it's not. Something was broken with Geeks' business model, or the execution -- it worked once, but the environment changes over time.
Or perhaps the Alcohol stimualted their perceptual intelligence, so that when drunk, they realized the bots were not their predators, but some scientist's silly toys.
I had to cheat and look it up but there is actually a part where you can hire a native as a guide to cross the Snake River in exchange for clothing. The only thing in that game I think you could even kill was animals for food.
Yes.. Hint: Always pay the native; unless you want to risk losing all your stuff or getting a broken wagon.