Protesting Comcast and Time Warner Customers will be rerouted through back alleys and abandoned lots until they reach Walmart, where they will be directed to the Straight Talk counter.
I would propose that while there are certainly a number of bona fide bugs out there that are simply legitimate oversights that just don't get caught, greed and laziness make up for the vast majority.
Greed and laziness are what drives the business side to make schedule demands that cause corners to be cut. And since security isn't a visible feature until it breaks, guess what gets cut first?
And then there is maintenance of security - the patches, security bug fixes, and so forth. That is a zero sum gain task for any admin or developer. It adds no visible value. And eventually the powers that be start asking questions like, "Why do we pay all these guys who neither write shiny new code nor install my printer nor do anything else that I can see?" But when these guys fail, guess who gets the axe?
That, or at least, makes it possible to say, "This code came from organization X because we found bits code that we know at some point came from said X."
This should probably be a no-brainer, but it is not usually part of the general discourse.
... who actually misses broadcast TV, usenet, bbs's, and horrible, personal HTML 1.1 web pages instead of this centralized mess that we seem hell bent on creating?
It'll be great fun, watching football on Thanksgiving with a bunch of friends, when suddenly, my holiday shopping for my wife causes my personalized ads to show up at halftime. Good times, good times...
I would be willing to bet a significant amount of money that if were you to sign up with Facebook right now that you would have at least a few dozen friend recommendations that were accurate and reflective not only of your current life, but also, of your associations of several years ago.
"I notice that you have a printout of your child's Google Doodle (tm) on your refrigerator.
Please be aware that you are in violation of the Universal EULA. As such, until such time as you remove the offending item, all Google Services, including but not limited to gmail, your autonomous vehicle permissions, electricity, and access to Amazon will be revoked.
Please also be aware that until such time as you complete the mandatory three day course "Google Loves Me: Why I should Love Google", you will be ineligible to receive your daily Google Credits.
Remember, we at Google want what is best for you and for the children you entrust to us."
A lot of people sign up as an editor to correct their personal pet peeve issue or mistake. Others sign up because they think it might be a fun hobby, but the interest doesn't last.
The fact of the matter is that not everyone is qualified or given to the dedication to be a regular editor. For those who feel pulled towards regular contribution, great! Have at it! But why folks here expect that everyone who signs up will have the same dedication and quality of work once they are signed up is somewhat mysterious to me.
Silly iPhone with their limited facial recognition. Facebook will soon offer you the confidence of the far more secure full-body recognition experience.
I thought it was cool when I got my Star Trek communicator (flip phone) and trichorder (smart phone).
Not so much when I find that Hari Seldon's psychohistory and MAC III's predictive modeling (Sea of Glass, Barry B. Longyear) is in the hands of Facebook et. al.
Cost amputation, then, if you want. But the fact that they cut so deep as to be criminally negligent does not undermine the basic argument that in the eyes of those who have the final say in what is resourced and paid for and what is not, there is no significant penalty for security breaches, but there is a penalty for paying the high cost of good security.
However, the sad fact of the industry is that a great many (though not all) organizations are told over and over by those who know internally of the risks.
But security is hard. There is no room for cutting corners. You either have partitioned networks, or not, locked down firewalls, or not, encryption, or not, and so forth. But too often, cuts are made for expediency. When good, fast, or cheap is chosen in such domains, you don't usually even get to chose two: you get to chose one. And too often, the definition of acceptable risk changes as things go up the chain from those who know and build the systems to those who make the final decisions, who are often non-technical.
Thus, until there are ramifications for that sort making horrible decisions when it comes to security, things will continue as they are now. The techies know. But they don't usually have the power. Those with the power are told, but are only concerned with the short term ROI and bottom line.
Slashdot Mirror
The world's gonna be an... interesting... place once someone merges this sort of code with virus code.
If I had mod points, and if I could multi-mod comments, I would give -1 for redundant and +1 for underrated... ;-)
Thing is, though, Facebook is like Pepperidge Farm on steroids.
They remember. Even if you don't.
Because having to count digits when reading a number like 461073354 (quick: what order of magnitude is that?) adds so much to the flow of a document.
Protesting Comcast and Time Warner Customers will be rerouted through back alleys and abandoned lots until they reach Walmart, where they will be directed to the Straight Talk counter.
Couldn't have happened to a nicer degree.
I would propose that while there are certainly a number of bona fide bugs out there that are simply legitimate oversights that just don't get caught, greed and laziness make up for the vast majority.
Greed and laziness are what drives the business side to make schedule demands that cause corners to be cut. And since security isn't a visible feature until it breaks, guess what gets cut first?
And then there is maintenance of security - the patches, security bug fixes, and so forth. That is a zero sum gain task for any admin or developer. It adds no visible value. And eventually the powers that be start asking questions like, "Why do we pay all these guys who neither write shiny new code nor install my printer nor do anything else that I can see?" But when these guys fail, guess who gets the axe?
Pen Pineapple Apple Penetration.
If you read TFA, you will see that it is precise location information with timestamps. JSON provided. So, no, not a leap.
That, or at least, makes it possible to say, "This code came from organization X because we found bits code that we know at some point came from said X."
This should probably be a no-brainer, but it is not usually part of the general discourse.
The last time I said this with a straight face about any tech company was when Blizzard delayed WC3.
I can't get another device listening to everything I say and do and recording it in the cloud until next year?
I am disappoint.
... who actually misses broadcast TV, usenet, bbs's, and horrible, personal HTML 1.1 web pages instead of this centralized mess that we seem hell bent on creating?
It'll be great fun, watching football on Thanksgiving with a bunch of friends, when suddenly, my holiday shopping for my wife causes my personalized ads to show up at halftime. Good times, good times...
Not only are they ROT-13-ing the data, they're doing it twice for double strength security!
I would be willing to bet a significant amount of money that if were you to sign up with Facebook right now that you would have at least a few dozen friend recommendations that were accurate and reflective not only of your current life, but also, of your associations of several years ago.
"I notice that you have a printout of your child's Google Doodle (tm) on your refrigerator.
Please be aware that you are in violation of the Universal EULA. As such, until such time as you remove the offending item, all Google Services, including but not limited to gmail, your autonomous vehicle permissions, electricity, and access to Amazon will be revoked.
Please also be aware that until such time as you complete the mandatory three day course "Google Loves Me: Why I should Love Google", you will be ineligible to receive your daily Google Credits.
Remember, we at Google want what is best for you and for the children you entrust to us."
A lot of people sign up as an editor to correct their personal pet peeve issue or mistake. Others sign up because they think it might be a fun hobby, but the interest doesn't last.
The fact of the matter is that not everyone is qualified or given to the dedication to be a regular editor. For those who feel pulled towards regular contribution, great! Have at it! But why folks here expect that everyone who signs up will have the same dedication and quality of work once they are signed up is somewhat mysterious to me.
Silly iPhone with their limited facial recognition. Facebook will soon offer you the confidence of the far more secure full-body recognition experience.
I thought it was cool when I got my Star Trek communicator (flip phone) and trichorder (smart phone).
Not so much when I find that Hari Seldon's psychohistory and MAC III's predictive modeling (Sea of Glass, Barry B. Longyear) is in the hands of Facebook et. al.
And we still don't have flying cars!
Especially the paying out of all those golden parachutes to CTO's...
Cost amputation, then, if you want. But the fact that they cut so deep as to be criminally negligent does not undermine the basic argument that in the eyes of those who have the final say in what is resourced and paid for and what is not, there is no significant penalty for security breaches, but there is a penalty for paying the high cost of good security.
However, the sad fact of the industry is that a great many (though not all) organizations are told over and over by those who know internally of the risks.
But security is hard. There is no room for cutting corners. You either have partitioned networks, or not, locked down firewalls, or not, encryption, or not, and so forth. But too often, cuts are made for expediency. When good, fast, or cheap is chosen in such domains, you don't usually even get to chose two: you get to chose one. And too often, the definition of acceptable risk changes as things go up the chain from those who know and build the systems to those who make the final decisions, who are often non-technical.
Thus, until there are ramifications for that sort making horrible decisions when it comes to security, things will continue as they are now. The techies know. But they don't usually have the power. Those with the power are told, but are only concerned with the short term ROI and bottom line.
... would you just go grow and a big brain too?
Honestly, Jonny, I just don't know what to do with you.
- Whale Mom, ages past
Water is Wet!
The Sun Rises in the East!
The more birthdays you have had, the older you are!
vi is the One True Editor!
And yes, more often than most other days, Mondays suck.