"Let's not forget that the most outrageous case of electoral fraud in the 2018 midterms was perpetrated by the GOP, not the Democrats..."
The most outrageous case of known electoral fraud was definitely perpetrated by the D's. Millions were spent on "voter report cards" to shame voters in D districts while sending absentee ballot forms to R districts. Fall for it and mail in the form and you are disqualified from voting on election day and only counted in a recount.
The FB network IS a medium unto itself. It's like a highway system, they provide the roads but do not provide the cars (the content). Facebook is NOT a content provider.
"So, if a corp has been found to be negligent in its handling of data, they aren't just fined, but the executives responsible can be sent to prison."
A sufficient amount of scrutiny will always find them negligent. It is impossible to operate without "negligence" when it comes to security. The fact is that most of the best practices exist for a reason, in practice do little to reduce risk, and dramatically hamper operations. The more strict you are in enforcing best practices the more negligent people will seem because they have to violate the rules in more and more brazen ways to get their jobs done.
Can you post on Slashdot from work? Use slack or any cloud services with third party personal? Are people allowed to have cell phones in your organization? Have on premise wifi? Do your developers spin up cloud instances and test things on them? All of those things severely violate security best practices and those are the least of them.
In this case someone will always have some firedoors chained shut somewhere. If they didn't they wouldn't be able to do their jobs. There is no way to both follow all the best practices and operate in even close to a reasonable efficient way. There are things an exec could do to help if they legitimately understood that but it wouldn't eat into profits it would eliminate it and only reduce not eliminate the problem.
Yeah but you aren't following the tree. The COO knows nothing about it. The problem with holding someone accountable for doing everything they could is you are looking through a 20/20 lens of hindsight which never matches reality.
This is a set of books that no amount of accountability and budget can resolve. To people who aren't involved it sounds we in security are saying "oh we can't make it perfect so why bother" or the ever popular "its about raising the effort required to get in". But it isn't that. If we do everything per best practices with no exceptions people can't actually do their jobs and it breaks in ways that are difficult to explain to people who don't do their highly technical jobs. At some point, you can't dumb it down and still capture the detail and at it also becomes hard to remember all the details when you aren't in the moment. The jobs are ridiculously complex and you don't have the body count to catch things slipping through the cracks. Any company that genuinely had best practices applied across the board would spend more on security than it grosses. They are ALL going to look negligent in hindsight.
It is worse than that though. That is just best practices. But a bright attacker looks through a new lens and our strong sphere of security built on "best practices" instantly looks like a circle he is looking down on and can just poke right into the middle of. And there aren't three or four dimensions to be found, there are millions. Once you've seen that angle, you can't unsee it so again, any effort that has been made is going to seem negligent.
In this area she is "incompetent" here expertise is in law and finance, she knows nothing about technology. She is right about executives and making them culpable and there are all kinds of areas to do that but without evidence of negligence this isn't one of them.
It is impossible to completely prevent a data breach and coming as close to it as you can would make it impossible for a company to actually operate. Including, perhaps especially, the rest of the technology pieces. Many companies are dangerously close to the breaking point as it is.
There is only one solution to the problem, back off your technology massively and rebuild your structure from the ground up with an eye on optimizing the places it makes the most sense with technology. Stay away from technologies that make tech resources cheaper, your tech resources will be the ones who want them because they make their jobs easier. Just hire more tech people instead, they won't all need to be top dollar top end resources. Just hire a couple of those guys and lots of high school grads to train on the job. Minimize code, intelligent, dynamic, programmable, anywhere and everywhere you can and absolutely minimize in house code. Where you do need it make it open source.
Every piece of tech in your organization adds linearly to the overall attack surface of your organization. Every layer of house developed code (or configuration flexible enough it might as well be a script or code) easily adds an order of magnitude. There are some things you can do to protect that attack surface but remember they add at minimum linear attack surface of their own and the more dynamic and flexible they are the more they add. Intelligent systems are even worse because they don't follow the predictable and secure patterns your work force follow. For the most part solutions to "protect" you are snake oil.
And whatever you do, for the love of all that is holy stay the fuck off the cloud, devops, and if you can't avoid hiring any devs at all don't even let them use any library less than 7yrs old or anything the actual admins say is a bad plan and don't deploy their code until it has been tested in dev and staging for at least 6 months and then phase in per admin and security requirements.
Hopefully so, that would be a moderate position. Ideally there would be no left or right extremes represented but only moderates. TFS seems to advocate for all one extreme, Google seems to have gone for a blend of left and left center.
"Wow, commenting on a non-Tesla story. Have the shill payments from Musk run dry?"
Seriously go with a new target, there are so many worthy to troll around here. I've clashed several times with Rei but she is not and has never been a shill. She makes strong and well presented arguments and interjects informative comments regularly. Especially on science and engineering related topics. Or at least she did pretty regularly for the past several years. Hopefully the trolls haven't made her retreat, we'd be worse off for it.
No, he is treating the meaning of a term as semantics. You keep using the term "loss leader" and I know it doesn't mean what you think it means.
It's pretty straightforward, a loss leader is when you sell something AT A LOSS in order to lead people to your profitable items. Microsoft sold the XBOX at a loss for years to lead people toward the licensed content they made money on. That is a loss leader. Walmart operated their own grocery at cost (which is a net loss) and sometimes even a gross loss to undercut competition's prices until they drove most competing grocers out of the market. That is a loss leader.
Some store selling something for a slightly lower net profit than could get is not a loss. That is just a sale. Sale items are not loss leaders unless they are actually taking a loss on them. How are you supposed to discuss the economic principle if you don't use the correct term? The same economics don't come into play if you don't, you know, have to offset the LOSS.
"Corralory: if an average item in Whole Foods has a markup of 400 percent, an item which only has a markup of 10 percent could be viewed as a loss leader,"
No, it wouldn't. A loss leader is something you sell at or BELOW cost. You take a loss on it. A 10% profit is a profit, not a loss.
Nah, those reduced prices are still double the rate they need to be on par with other grocers. Another 20% will bring them in line with a specialty butcher maybe.
Drive better pricing for everyone? I applaud cuts but the example prices are still about double market rates. They need to cut prices in half again just to be on par.
The currently fashionable beauty standard for women isn't attractive anyway. It's sad really, you start with a beautiful girl and emaciate her to the point she looks like a boy.
Women should be fit but should never have less than 23% body fat which means no matter how strong, they should look soft and not muscular. Having low body fat without muscle results in girls with no shape, no breasts, no butt, nothing and that is what is popular combined with being overly tall. Why? Because gay designers aren't jealous of their non-breasts and their shape doesn't interfere with any style of clothing.
Both your comment and the comment you are replying to are confusing. Why would you be using a hookup app for anything but hookups? People only call it a dating app so women can pretend they aren't using it for hookups. Nobody actually buys it do they?
No, Facebook exists because it provides value as a social networking system transiting content. Infringing on those communications to target ads is just how they are currently monetizing that. Facebook could change the later and still exist but if it stops doing the former it will cease to exist.
"Virtually anyone on the planet with an internet connection and a commitment to self-empowerment through learning can come to Udacity, master a suite of job-ready skills, and pursue rewarding employment."
Sure but they can't actually receive that employment. Companies are still obsessed with degrees and even where they will hire people without the overpriced, slow, and poor education they treat them like second class citizens if they don't have a decade or better experience.
Places hiring with multiple years of experience per year education you have it backward. 4 years of education is almost up to par with a year of experience but in truth there are some aspects which simply can't be replaced by any amount of education.
Keeping it that way is also a form of policing. A platform like facebook that simply acts as a carrier that transits user generated content should be treated like a common carrier such as an internet link itself or the postal system. They shouldn't be looking at or censoring the content at all and they also shouldn't be liable.
"Your comparison doesn't make sense. If someone, who is applying for a tech job, includes anything else but tech related experiences in his/her resume, then the person is very likely not to be selected. This is a known way of presenting your resume -- show only relevant experiences to the job applied."
And what precisely is it that you expect to be present on the resume of a person applying for their first tech job? There are no previous experiences to list and it is insane to claim there are labor shortages if you are refusing to hire people into entry level that don't have any. Everyone has to start somewhere.
You can't submit a blank piece of paper so you put whatever separates you from everyone else applying for their first tech job. Whatever minor job you held to show early maturity and work ethic, geeky hobbies/extracurriculars, etc. The claim you've self-studied is nice and sets you apart if true but the company won't know how true it is until some point after hiring so you won't get interviewed on the basis of that claim.
Informal education like this essentially counts as self-study to most employers anyway but at least at the end of this camp you'd have actual experience to list on you resume.
I'm really failing to grasp the big risk. North Korea doesn't represent any particular threat other than blowing wind about Nukes they don't have. All the western nations have peace with a number of dictators, including Putin. There is no particular reason not to make peace with them. They are half way across the world, don't represent any particular threat to us and derive a good chunk of their trade revenue from us despite embargos due to S. Korea proxy deals. Why starve their people instead of making them trading partners. As far as I can tell the only reason they are so heavily militarized at this point is that they've been at war with the US for so long, in the meantime most people in the US have forgotten we even went to war with Korea. It was minor, short, and of little consequence.
Last I checked Churchhill making peace with Stalin worked out for the UK. The US doing so kept the cold war cold and is the only reason WWIII hasn't happened yet and both have peace with Putin now.
Maybe he'll stab us in the back somehow but spinning making peace as a bad thing is twisted.
*scratches head* This entire sub-thread is a debate in which you ultimately are defending FB censorship and arguing they have a right to censor. How is that ME defending censorship? A common carrier isn't allowed to manipulate content or they expose themselves to liability for it that is the opposite of control and/or censorship! Corporate actions are not free speech and blocking their interests is not censorship.
"You cannot apply common carrier regulations to a content provider!"
Please define THEIR content. FB relays content, they don't provide content. Netflix is a content provider, FB provides no content they provide a network (which is not just a website, their website hooks into it but their other applications and even third party applications integrate as well.
"It has no monopoly over anything but its own website and its affiliates."
In what was is that different than the original AT&T which had no monopoly except over its own telecommunications network? What did the railroad have a monopoly over other than its own rails?
So... he made or is making peace with a dictator so you are dumping us for giant anti-democracy ruled by a small council of authoritarians who annex countries like tibet, burn the pacifists alive, and bring in tanks and machine guns when their students protest. Oh and don't forget murder prisoners, preserve the bodies, and send them on a freakish display of how little they value human life around the world.
Yes that makes perfect sense. Why wouldn't you trust those guys? I mean we've got a Churchhill like abrasive loudmouth over here.
Slashdot Mirror
"Let's not forget that the most outrageous case of electoral fraud in the 2018 midterms was perpetrated by the GOP, not the Democrats..."
The most outrageous case of known electoral fraud was definitely perpetrated by the D's. Millions were spent on "voter report cards" to shame voters in D districts while sending absentee ballot forms to R districts. Fall for it and mail in the form and you are disqualified from voting on election day and only counted in a recount.
The FB network IS a medium unto itself. It's like a highway system, they provide the roads but do not provide the cars (the content). Facebook is NOT a content provider.
"So, if a corp has been found to be negligent in its handling of data, they aren't just fined, but the executives responsible can be sent to prison."
A sufficient amount of scrutiny will always find them negligent. It is impossible to operate without "negligence" when it comes to security. The fact is that most of the best practices exist for a reason, in practice do little to reduce risk, and dramatically hamper operations. The more strict you are in enforcing best practices the more negligent people will seem because they have to violate the rules in more and more brazen ways to get their jobs done.
Can you post on Slashdot from work? Use slack or any cloud services with third party personal? Are people allowed to have cell phones in your organization? Have on premise wifi? Do your developers spin up cloud instances and test things on them? All of those things severely violate security best practices and those are the least of them.
In this case someone will always have some firedoors chained shut somewhere. If they didn't they wouldn't be able to do their jobs. There is no way to both follow all the best practices and operate in even close to a reasonable efficient way. There are things an exec could do to help if they legitimately understood that but it wouldn't eat into profits it would eliminate it and only reduce not eliminate the problem.
Yeah but you aren't following the tree. The COO knows nothing about it. The problem with holding someone accountable for doing everything they could is you are looking through a 20/20 lens of hindsight which never matches reality.
This is a set of books that no amount of accountability and budget can resolve. To people who aren't involved it sounds we in security are saying "oh we can't make it perfect so why bother" or the ever popular "its about raising the effort required to get in". But it isn't that. If we do everything per best practices with no exceptions people can't actually do their jobs and it breaks in ways that are difficult to explain to people who don't do their highly technical jobs. At some point, you can't dumb it down and still capture the detail and at it also becomes hard to remember all the details when you aren't in the moment. The jobs are ridiculously complex and you don't have the body count to catch things slipping through the cracks. Any company that genuinely had best practices applied across the board would spend more on security than it grosses. They are ALL going to look negligent in hindsight.
It is worse than that though. That is just best practices. But a bright attacker looks through a new lens and our strong sphere of security built on "best practices" instantly looks like a circle he is looking down on and can just poke right into the middle of. And there aren't three or four dimensions to be found, there are millions. Once you've seen that angle, you can't unsee it so again, any effort that has been made is going to seem negligent.
In this area she is "incompetent" here expertise is in law and finance, she knows nothing about technology. She is right about executives and making them culpable and there are all kinds of areas to do that but without evidence of negligence this isn't one of them.
It is impossible to completely prevent a data breach and coming as close to it as you can would make it impossible for a company to actually operate. Including, perhaps especially, the rest of the technology pieces. Many companies are dangerously close to the breaking point as it is.
There is only one solution to the problem, back off your technology massively and rebuild your structure from the ground up with an eye on optimizing the places it makes the most sense with technology. Stay away from technologies that make tech resources cheaper, your tech resources will be the ones who want them because they make their jobs easier. Just hire more tech people instead, they won't all need to be top dollar top end resources. Just hire a couple of those guys and lots of high school grads to train on the job. Minimize code, intelligent, dynamic, programmable, anywhere and everywhere you can and absolutely minimize in house code. Where you do need it make it open source.
Every piece of tech in your organization adds linearly to the overall attack surface of your organization. Every layer of house developed code (or configuration flexible enough it might as well be a script or code) easily adds an order of magnitude. There are some things you can do to protect that attack surface but remember they add at minimum linear attack surface of their own and the more dynamic and flexible they are the more they add. Intelligent systems are even worse because they don't follow the predictable and secure patterns your work force follow. For the most part solutions to "protect" you are snake oil.
And whatever you do, for the love of all that is holy stay the fuck off the cloud, devops, and if you can't avoid hiring any devs at all don't even let them use any library less than 7yrs old or anything the actual admins say is a bad plan and don't deploy their code until it has been tested in dev and staging for at least 6 months and then phase in per admin and security requirements.
Hopefully so, that would be a moderate position. Ideally there would be no left or right extremes represented but only moderates. TFS seems to advocate for all one extreme, Google seems to have gone for a blend of left and left center.
"Wow, commenting on a non-Tesla story. Have the shill payments from Musk run dry?"
Seriously go with a new target, there are so many worthy to troll around here. I've clashed several times with Rei but she is not and has never been a shill. She makes strong and well presented arguments and interjects informative comments regularly. Especially on science and engineering related topics. Or at least she did pretty regularly for the past several years. Hopefully the trolls haven't made her retreat, we'd be worse off for it.
No, he is treating the meaning of a term as semantics. You keep using the term "loss leader" and I know it doesn't mean what you think it means.
It's pretty straightforward, a loss leader is when you sell something AT A LOSS in order to lead people to your profitable items. Microsoft sold the XBOX at a loss for years to lead people toward the licensed content they made money on. That is a loss leader. Walmart operated their own grocery at cost (which is a net loss) and sometimes even a gross loss to undercut competition's prices until they drove most competing grocers out of the market. That is a loss leader.
Some store selling something for a slightly lower net profit than could get is not a loss. That is just a sale. Sale items are not loss leaders unless they are actually taking a loss on them. How are you supposed to discuss the economic principle if you don't use the correct term? The same economics don't come into play if you don't, you know, have to offset the LOSS.
"Corralory: if an average item in Whole Foods has a markup of 400 percent, an item which only has a markup of 10 percent could be viewed as a loss leader,"
No, it wouldn't. A loss leader is something you sell at or BELOW cost. You take a loss on it. A 10% profit is a profit, not a loss.
These aren't loss leaders, they are easily double what other grocers charge.
If you are shopping for premium produce at low prices I recommend the Hispanic store.
Nah, those reduced prices are still double the rate they need to be on par with other grocers. Another 20% will bring them in line with a specialty butcher maybe.
$10/pound is easily double the normal market rate and yes, into and beyond butcher territory.
Drive better pricing for everyone? I applaud cuts but the example prices are still about double market rates. They need to cut prices in half again just to be on par.
The currently fashionable beauty standard for women isn't attractive anyway. It's sad really, you start with a beautiful girl and emaciate her to the point she looks like a boy.
Women should be fit but should never have less than 23% body fat which means no matter how strong, they should look soft and not muscular. Having low body fat without muscle results in girls with no shape, no breasts, no butt, nothing and that is what is popular combined with being overly tall. Why? Because gay designers aren't jealous of their non-breasts and their shape doesn't interfere with any style of clothing.
A well defined shape on ass that doesn't really jiggle is the ideal, not a flat ass and not a cellulite float.
Both your comment and the comment you are replying to are confusing. Why would you be using a hookup app for anything but hookups? People only call it a dating app so women can pretend they aren't using it for hookups. Nobody actually buys it do they?
No, Facebook exists because it provides value as a social networking system transiting content. Infringing on those communications to target ads is just how they are currently monetizing that. Facebook could change the later and still exist but if it stops doing the former it will cease to exist.
"Virtually anyone on the planet with an internet connection and a commitment to self-empowerment through learning can come to Udacity, master a suite of job-ready skills, and pursue rewarding employment."
Sure but they can't actually receive that employment. Companies are still obsessed with degrees and even where they will hire people without the overpriced, slow, and poor education they treat them like second class citizens if they don't have a decade or better experience.
Places hiring with multiple years of experience per year education you have it backward. 4 years of education is almost up to par with a year of experience but in truth there are some aspects which simply can't be replaced by any amount of education.
Keeping it that way is also a form of policing. A platform like facebook that simply acts as a carrier that transits user generated content should be treated like a common carrier such as an internet link itself or the postal system. They shouldn't be looking at or censoring the content at all and they also shouldn't be liable.
It is meaningless but it sounds meaningful and cool.
"Your comparison doesn't make sense. If someone, who is applying for a tech job, includes anything else but tech related experiences in his/her resume, then the person is very likely not to be selected. This is a known way of presenting your resume -- show only relevant experiences to the job applied."
And what precisely is it that you expect to be present on the resume of a person applying for their first tech job? There are no previous experiences to list and it is insane to claim there are labor shortages if you are refusing to hire people into entry level that don't have any. Everyone has to start somewhere.
You can't submit a blank piece of paper so you put whatever separates you from everyone else applying for their first tech job. Whatever minor job you held to show early maturity and work ethic, geeky hobbies/extracurriculars, etc. The claim you've self-studied is nice and sets you apart if true but the company won't know how true it is until some point after hiring so you won't get interviewed on the basis of that claim.
Informal education like this essentially counts as self-study to most employers anyway but at least at the end of this camp you'd have actual experience to list on you resume.
I'm really failing to grasp the big risk. North Korea doesn't represent any particular threat other than blowing wind about Nukes they don't have. All the western nations have peace with a number of dictators, including Putin. There is no particular reason not to make peace with them. They are half way across the world, don't represent any particular threat to us and derive a good chunk of their trade revenue from us despite embargos due to S. Korea proxy deals. Why starve their people instead of making them trading partners. As far as I can tell the only reason they are so heavily militarized at this point is that they've been at war with the US for so long, in the meantime most people in the US have forgotten we even went to war with Korea. It was minor, short, and of little consequence.
Last I checked Churchhill making peace with Stalin worked out for the UK. The US doing so kept the cold war cold and is the only reason WWIII hasn't happened yet and both have peace with Putin now.
Maybe he'll stab us in the back somehow but spinning making peace as a bad thing is twisted.
"You're trying to defend censorship"
*scratches head* This entire sub-thread is a debate in which you ultimately are defending FB censorship and arguing they have a right to censor. How is that ME defending censorship? A common carrier isn't allowed to manipulate content or they expose themselves to liability for it that is the opposite of control and/or censorship! Corporate actions are not free speech and blocking their interests is not censorship.
"You cannot apply common carrier regulations to a content provider!"
Please define THEIR content. FB relays content, they don't provide content. Netflix is a content provider, FB provides no content they provide a network (which is not just a website, their website hooks into it but their other applications and even third party applications integrate as well.
"It has no monopoly over anything but its own website and its affiliates."
In what was is that different than the original AT&T which had no monopoly except over its own telecommunications network? What did the railroad have a monopoly over other than its own rails?
So... he made or is making peace with a dictator so you are dumping us for giant anti-democracy ruled by a small council of authoritarians who annex countries like tibet, burn the pacifists alive, and bring in tanks and machine guns when their students protest. Oh and don't forget murder prisoners, preserve the bodies, and send them on a freakish display of how little they value human life around the world.
Yes that makes perfect sense. Why wouldn't you trust those guys? I mean we've got a Churchhill like abrasive loudmouth over here.