Not at all. On my personal cell, the spam calls come from the same area code AND prefix. Sometimes they are only a few of the last four off from my phone number. When three people in the same department are getting spoofed calls from the same area code, statistically that is not random. I could do the same thing with freePBX if I wanted to, especially when placing calls to cell phones. It's trivial to make the outgoing number very similar to the number your calling, or having a correlation script match up specific companies to specific outgoing numbers. I even made my freePBX show "000-000-0000"
It probably is uniquely American. In the past few months, everyone on my team at work has seen a MASSIVE uptick in fake calls, with faked Caller ID numbers. We are getting at least, between us, 2-3 a day. My assumption is that due to the roll-back of Net Neutrality, many of the scammers now realize there is very little the FCC will do about all of this, so have opened the floodgates.
Most disturbing is that many of these calls are coming from areas in / near Washington DC, West Virginia, etc. We do have a decent-sized government contract, so it would seem whomever is selling this info KNOWS this and is trying to use these prefixes to get us to answer.
There are already 200+ providers that are 800-37 compliant, or are in the process of getting products authorized. The DoD has 47 vendors on there. AWS has 184 authorizations, MS has 86; they are the top 2.
I suspect once Trump groks this, he will FREAK out. He seems to have a huge amount of hatred for Amazon, so I would expect him just ordering the DoD to not do this if AWS is going to be the provider...not sure if he will have any other solutions.
Personally, I think anything that falls under 800-53 should NOT be outsourced in any way; you can't properly lock down the underlying AWS; you don't have access to their actual infrastructure. How would you audit that all the switches that your data travels across have the proper DoD login banners, or restricting SNMP by IP address? Maybe they already do all this; but a "small breach" could become "keys to the kingdom" to a huge amount of information.
TPM and UEFI also have other, normal security uses too; such as preventing bootloaders, data-at-rest encryption, hashed credential encryption, etc. Per DoD secure technical implementation guides, one is not allowed to operate any domain-joined Win10 or Server 2016 systems without both TPM and UEFI enabled.
I have AT&T DSL, but no phone service. It took some work, but it's called "standalone" or "naked DSL". However, I also have a "business class" line, and five static IPs, that I pay $95 a month for. It's a rip-off; but at my apartment "someone" long ago went into the coax junction boxes and cut the cables off at the top of the pipe. It's rumored this happened at the same time AT&T was given an exclusive contract to this complex many years ago. They no longer have that here, but the apartment complex won't pay to replace all the lines.
It's not because "they suck", it's because it's too big of a job to do for the amount of personnel. For a real-world example, just take a look at the security technical implementation guides from DISA. Out of that list, I've identified around 70 of them apply to my company; that's over 5,000 rules. Just in the networking SRG scope alone, I've got about a dozen STIGs with around 500 rules. Combine that with, say, 100 networking devices, that's 5,000 "checks" I have to do. Most of these are potentially scriptable, but you first have to figure out what commands to check different settings, different switch OSs, etc. That's JUST the audit; remdiation is a bigger process since you must do risk assessment (will this change break anything?), put together a plan to work with vendors for all the changes, etc. One might have to coordinate with a dozen different ISPs, a dozen various technical vendors, programmers, server admins, and so on across the planet. And this is for a "not huge" company.
For example: Rule ID: SV-5626r4_rule; The switch must be configured to use 802.1x authentication on host facing access switch ports means I must physically go to EVERY RJ45 jack (for all access switch ports connecting to LAN outlets (i.e., RJ-45 wall plates)) in the company outside of a data closet or server room and test this. That's after implementing 802.1X across 10 different locations, some of which don't even currently have the backend systems to really support a full implementation of 802.1x; so must replace equipment first. It just goes on and on like that.
Security is very time-consuming, too many people believe that you can just throw money at it and be done. It takes a huge amount of actual, real-world time to do any of this effectively, and one mistake then everything can be compromised.
The NSA and other gov agencies just don't pay enough for your laundry list. Working for "God and country" doesn't fit with the US capitalism idea very well. They are on the low end of almost all salary ranges; and that is BEFORE you eliminate about 95% of the potential people with your list.
What does "politics" or "faith group" even mean in your post? Many would point to a good chunk of our currently elected lawmakers in the Federal government who are associated with Dominion theology, "end timers", and other now-deeply ingrained ideals. Are you wanting non-political persons only? According to the Eastern Orthodox church, every Christian religious group that is associated with the Baptists is considered a "heretical cult". One third of the current US population doesn't believe anything the US intelligence agencies say about foreign politics and blindly believes anything Trump says, another third think his actions are nearly treasonous, so the idea of a "political litmus test" is a very tricky barrier; and is probably illegal anyway (there are Supreme Court cases around this). We currently have POTUS staff who are potentially (I say this because there has yet to be hearings, trials, or such) in violation the Hatch Act, so even the very top of this food chain is contaminated.
If you define a "criminal past" as the FBI does, that only eliminates around 29% of the US population. If you take it further, and cull out anyone with any negative relations with law enforcement, including non-felonies, then it's more like half of black males and almost 40 percent of white males. Combined with the low pay, and one ends up in the position we are currently in: not enough people to do the job.
While I understand what your getting at, your idea would require a huge, non-partisan overhaul of the underlying "security form" system. We can't even manage to approve money to have a plan to secure our elections in any meaningful way, and your idea goes directly against the ideals of the current administration and many elected officials. They want people who believe in the scourge of the "Deep State", not people who are willing to go work for the Deep State...by which I define "deep state" as the unelected bureaucratic apparatus that keeps the government functional in it's day-to-day workings. Many of the appointed Cabinet heads have publicly said they want to dismantle the bulk of the Federal government, so good luck finding anyone that fits your list who is willing to take home 80% of the average wage for their position.
This article says "The list identifying these companies will be made available to Pentagon's acquisitions staff, she further pointed out, without providing any further details." So, I'm assuming the list isn't finalized yet. TFA says "Now the Pentagon is working with the three major defense industry trade associations — the Aerospace industries Association, National Defense Industrial Association and Professional Services Council — to alert contractors small and large." My guess is that once it's formalized it will be released to the companies that are members of those associations first.
We, the public affected by this breach, still have very little information on just what happened or by whom. We have a bit of "how" info, in articles like this, and this shows another penetration in Argentina. "online portal designed to let Equifax employees in Argentina manage credit report disputes from consumers in that country was wide open, protected by perhaps the most easy-to-guess password combination ever: “admin/admin.”"
With megacorps spanning the world, no one countries data laws are doing shit to stop any of this. Megacorps will just move portals to the easiest country to operate in, and then obfuscate, confuse, and stall any inquiries while they furiously delete off-shore evidence because it's not strictly "illegal" for some separate, non-US company to do so. "the credit bureau took the whole thing offline shortly after being contacted by KrebsOnSecurity this afternoon". My bet is it's more than offline; or offline as in deleted and all servers and backups burned with thermite and dumped into the ocean.
The US government doesn't even consider any of this "Critical infrastructure". This isn't in the same league as these reports, so it's all left up to the "free hand of the market". This attack is affiliated with China and not Russia: "One tool used by the hackers, China Chopper, has a Chinese-language interface but is also in use outside China"
There has been lingering suspicions of internal bad actors in this. "The company hired Susan Mauldin, a former security chief at First Data, to run the global security team. Mauldin introduced herself to colleagues as a card-carrying member of the National Rifle Association, according to a person familiar with the changes." With the current probes pointing towards massive Russian money laundering into the GOP via the NRA, this is very bad. Also, "Overseeing technology for Equifax was David Webb, a Kellogg MBA and Russian-language major hired in 2010 from Silicon Valley Bank, where he had been chief operations officer. "
Most frighteningly, this stolen info has STILL never shown up on the dark web. Looking at the Moloch data, there were two separate teams who spent quite some time on this. Obviously it is an APT, like Shell Crew, or such. This means government sponsored, someone had to pay for all of this and the info wasn't sold off for a profit. This is what happens when "unregulated industry" meets 21st century cyber economic warfare.
He also specifically said the proper road was impeachment, removal from office, and then criminal investigations. There is no "must be a criminal" requirement for impeachment.
I really dislike that whole argument of "find that in the Constitution", as if a document written over 200 years ago has every future technology, invention, social change, etc written in it. I've heard the same argument about the EPA, Department of Education, the IRS, etc. By that logic, we should disband the Air Force and the Marines, since the Constitution only mentions the Army and Navy. It doesn't mention electricity at all, or have any comprehension of ideas like nuclear weapons, so therefor the government shouldn't regulate those either, right? We should just return to an 18th century agrarian society, abandon any law having anything to do with anything not specifically listed in the Constitution. If one State doesn't like another State dumping toxic waste into a river right on their border, I suppose they should just call up their State militia and fight it out. States should be able to enact tariffs and embargoes between each other, succeed from the Union without federal interference, determine their own voting laws for any political positions inside their own State, etc. If it's not specifically in the Constitution, it's good to go!
I was just thinking this too. The people the author was talking to were not inventors, real "industry titans", or such. We're not talking about Henry Ford, Benjamin Franklin, James Watt , Elon Musk, Edison, or Tesla, but a small clutch of hedge-fund managers. They don't know how to do much of anything except manipulate other people's money, game tax laws, etc. They might be intelligent people, but they aren't the ones designing actual physical items from various things. They are NOT gomi no sensei, and in a "money is all gone" crisis they are SOL.
I have a good friend who is a genius, has a long list of real survival skills, chemistry, basic engineering, invention, physics, etc. He knows how to hunt and clean a deer, tan a hide (braining is so gross, but worse well I'm told), smelting various ores into metals, designing simple circuits, working on cars, making various power generation systems, etc. If there is an apocalypse, he's the guy I'm going with. I'm pretty smart too, but I don't think that my system admin skills, powershell, and such would be much use!
In TFA, they do bring this up. They are also very worried about figuring out a way to keep their hired army in line, and that is when the author got very disturbed. Suggestions of "locking away the food" was one idea. These wealthy hedge-fund managers (about five of them, that was his audience) knew very acutely that once "the event" (how they refereed to it) happened, the money they used to pay their bodyguard mercs was no longer any good.
Food, or maybe even valuable drugs, might "keep them in line". The author suggested making them your close friends, confidants, and have a rapport that would go beyond just money. Of course, the hedge-fund managers were confused by this idea; being a bunch of rich sociopaths the idea of "making a real friend" of anyone outside their rich guy club is as about impossible as lead spontaneously turning into gold.
I'm 44, and I'm far more technically and socially skilled than I was 10-20 years ago. I'm also a salaried employee, and I try to match my "amount of work" to the norm of what my peers do. I also work very hard at keeping my skill set up, probably far more than any "young engineer". I've got a rack full of enterprise-level equipment that I practice on constantly.
The biggest plus for someone my age is that I have seen across a very wide technical landscape, from Windows 3.1, NT, 2000, the birth of Linux, analog phone systems, all the way to Server 2016, cloud deployments, virtual networking, etc. I grok, for example, how a GPO setting could potentially interfere with various legacy settings in ways that someone younger just couldn't. I know WHY specific "best practices" are the way they are, knowing were they came from and how they evolved first hand.
While I agree with your statement, one doesn't need to do any replacement. This statement is actually, from a legal standpoint, violating several laws on it's own: Age Discrimination in Employment Act of 1967 Older Americans Amendments of 1975 Executive Order 11478 Executive Order 8802
These are just a few federal laws and orders. There are also numerous state-level laws, and IBM may even fall under other country's laws (depending on the division inside of IBM) due to contractual obligations they have signed on various support contracts. Many contracts have clauses that have signatories agree to "Follow all laws and regulations" of the jurisdiction they are operating in.
We all know were that will lead: A corp will just start, on paper, splitting out various "companies" that always to JUST under whatever amount is set. Companies like Apple already do this, and sell various products to other Apple companies on paper only, but ship to different places and never transit to those places. Eventually some creative off-shore startups will make this very cookie-cutter for "small businesses" to use.
At the moment, I agree, it is impossible. All those items they track are forced to comply with a very strict, standardized API to interact with the Amazon Marketplace. The "tax code" across the US is nothing like this. Each town can have a sales tax. Each county can have a sales tax. Each state has a sales tax. Many publish their tax rates in PDF format, and they all vary widely in how they present data inside those PDFs. Those PDFs are on various websites, and a corporation can't just go to any non-official site and grab an excel file or PDF...it HAS to come from some official government force to comply with their fiduciary responsibility.
Amazon accomplished this, but not for everything on their site. How does one enforce a seller who is black-label drop shipment seller out of China? Normally, it is the responsibility of whomever holds the sales tax license for the company; but those are usually only issued for companies with a physical presence. Are Amazon, Ebay, Etsy, etc required to keep track of these 10,000 different tax areas, add whatever is needed to each auction, and then remit those taxes in another companies name? Is that even legal, to submit collected sales tax in another companies name? Is it legal in every city, county, and state nation-wide? The Federal government cannot impose any rules, requirements, or regulations involving local taxes on local jurisdictions; a claim could be made via the Interstate Commerce Act but this is REALLY stretching it and might result in 10,000 lawsuits on Constitutional grounds.
This is going to be a huge mess, and I suspect the end result will be that online retailers will just "blacklist" various addresses because their local tax information isn't being reported via some industry-accepted API. Even that might be challenged by small towns..."You can go to our localtown.state website and download our latest home brewed PDF where we hand-wrote our tax percentages!" If states want this tax, it's up to the states to provide a common API for companies to be able to access. No published API, no non-nexus taxes.
I fully expect this to end up in the WTO courts, since it involves various other countries and is a huge burden and a radical shift in tax code without proper, formal notice per various international treaties. Libertarians and isolationist are going to freak out, or should be.
"These people, they make the best malware. I thought Putin did it, but this is just fabulous. Everyone is talking about it, everyone is telling me this is the most best they've seen this year, if not ever."
And yet that that's not really not how the NFL works. The players have very detailed contracts that outline exactly what they are paid to do; here is an article discussing how the NFL is probably in violation of their contractual agreements with the player's unions. The whole "kneeling" requirement was never negotiated with the players. When the Federal government (via Trump) gets involved in demanding a specific group of people do specific things against their will far outside of anything relating to the welfare of "the people" the First Amendment comes into play. Add in the blatant lies and disinformation spread by Fox News about the Eagles insinuating they knelt during the Anthem (when they were one of the only teams that did nothing like this the whole season), to the point of the Federal government is ranting about it...
"to be GDPR compliant at our company" We are proactively firing anyone who is an EU citizen, cutting off any direct business with the EU, and literally "burning the bridges" by setting all paperwork and contracts that mention anything EU on fire in a huge bonfire while we all chant "USA! USA! USA!"
TMobile actually has the display of "Scam Likely" now that shows up. My guess is that they aren't just straight-up blocking them is because their afraid of getting sued by someone.
Well, in that example it SHOULD be the exec at Call Co., who failed at their SLA between them and Acme. It would then be up to Call Co. to rectify monetary fines from the missed SLA with Service Co, then Service Co. vs. Foreign Co, etc.
Slashdot Mirror
Not at all. On my personal cell, the spam calls come from the same area code AND prefix. Sometimes they are only a few of the last four off from my phone number. When three people in the same department are getting spoofed calls from the same area code, statistically that is not random. I could do the same thing with freePBX if I wanted to, especially when placing calls to cell phones. It's trivial to make the outgoing number very similar to the number your calling, or having a correlation script match up specific companies to specific outgoing numbers. I even made my freePBX show "000-000-0000"
It probably is uniquely American. In the past few months, everyone on my team at work has seen a MASSIVE uptick in fake calls, with faked Caller ID numbers. We are getting at least, between us, 2-3 a day. My assumption is that due to the roll-back of Net Neutrality, many of the scammers now realize there is very little the FCC will do about all of this, so have opened the floodgates.
Most disturbing is that many of these calls are coming from areas in / near Washington DC, West Virginia, etc. We do have a decent-sized government contract, so it would seem whomever is selling this info KNOWS this and is trying to use these prefixes to get us to answer.
There are already 200+ providers that are 800-37 compliant, or are in the process of getting products authorized. The DoD has 47 vendors on there. AWS has 184 authorizations, MS has 86; they are the top 2.
I suspect once Trump groks this, he will FREAK out. He seems to have a huge amount of hatred for Amazon, so I would expect him just ordering the DoD to not do this if AWS is going to be the provider...not sure if he will have any other solutions.
Personally, I think anything that falls under 800-53 should NOT be outsourced in any way; you can't properly lock down the underlying AWS; you don't have access to their actual infrastructure. How would you audit that all the switches that your data travels across have the proper DoD login banners, or restricting SNMP by IP address? Maybe they already do all this; but a "small breach" could become "keys to the kingdom" to a huge amount of information.
TPM and UEFI also have other, normal security uses too; such as preventing bootloaders, data-at-rest encryption, hashed credential encryption, etc. Per DoD secure technical implementation guides, one is not allowed to operate any domain-joined Win10 or Server 2016 systems without both TPM and UEFI enabled.
I have AT&T DSL, but no phone service. It took some work, but it's called "standalone" or "naked DSL". However, I also have a "business class" line, and five static IPs, that I pay $95 a month for. It's a rip-off; but at my apartment "someone" long ago went into the coax junction boxes and cut the cables off at the top of the pipe. It's rumored this happened at the same time AT&T was given an exclusive contract to this complex many years ago. They no longer have that here, but the apartment complex won't pay to replace all the lines.
It's not because "they suck", it's because it's too big of a job to do for the amount of personnel. For a real-world example, just take a look at the security technical implementation guides from DISA. Out of that list, I've identified around 70 of them apply to my company; that's over 5,000 rules. Just in the networking SRG scope alone, I've got about a dozen STIGs with around 500 rules. Combine that with, say, 100 networking devices, that's 5,000 "checks" I have to do. Most of these are potentially scriptable, but you first have to figure out what commands to check different settings, different switch OSs, etc. That's JUST the audit; remdiation is a bigger process since you must do risk assessment (will this change break anything?), put together a plan to work with vendors for all the changes, etc. One might have to coordinate with a dozen different ISPs, a dozen various technical vendors, programmers, server admins, and so on across the planet. And this is for a "not huge" company.
For example: Rule ID: SV-5626r4_rule; The switch must be configured to use 802.1x authentication on host facing access switch ports means I must physically go to EVERY RJ45 jack (for all access switch ports connecting to LAN outlets (i.e., RJ-45 wall plates)) in the company outside of a data closet or server room and test this. That's after implementing 802.1X across 10 different locations, some of which don't even currently have the backend systems to really support a full implementation of 802.1x; so must replace equipment first. It just goes on and on like that.
Security is very time-consuming, too many people believe that you can just throw money at it and be done. It takes a huge amount of actual, real-world time to do any of this effectively, and one mistake then everything can be compromised.
The NSA and other gov agencies just don't pay enough for your laundry list. Working for "God and country" doesn't fit with the US capitalism idea very well. They are on the low end of almost all salary ranges; and that is BEFORE you eliminate about 95% of the potential people with your list.
What does "politics" or "faith group" even mean in your post? Many would point to a good chunk of our currently elected lawmakers in the Federal government who are associated with Dominion theology, "end timers", and other now-deeply ingrained ideals. Are you wanting non-political persons only? According to the Eastern Orthodox church, every Christian religious group that is associated with the Baptists is considered a "heretical cult". One third of the current US population doesn't believe anything the US intelligence agencies say about foreign politics and blindly believes anything Trump says, another third think his actions are nearly treasonous, so the idea of a "political litmus test" is a very tricky barrier; and is probably illegal anyway (there are Supreme Court cases around this). We currently have POTUS staff who are potentially (I say this because there has yet to be hearings, trials, or such) in violation the Hatch Act, so even the very top of this food chain is contaminated.
If you define a "criminal past" as the FBI does, that only eliminates around 29% of the US population. If you take it further, and cull out anyone with any negative relations with law enforcement, including non-felonies, then it's more like half of black males and almost 40 percent of white males. Combined with the low pay, and one ends up in the position we are currently in: not enough people to do the job.
While I understand what your getting at, your idea would require a huge, non-partisan overhaul of the underlying "security form" system. We can't even manage to approve money to have a plan to secure our elections in any meaningful way, and your idea goes directly against the ideals of the current administration and many elected officials. They want people who believe in the scourge of the "Deep State", not people who are willing to go work for the Deep State...by which I define "deep state" as the unelected bureaucratic apparatus that keeps the government functional in it's day-to-day workings. Many of the appointed Cabinet heads have publicly said they want to dismantle the bulk of the Federal government, so good luck finding anyone that fits your list who is willing to take home 80% of the average wage for their position.
This article says "The list identifying these companies will be made available to Pentagon's acquisitions staff, she further pointed out, without providing any further details." So, I'm assuming the list isn't finalized yet. TFA says "Now the Pentagon is working with the three major defense industry trade associations — the Aerospace industries Association, National Defense Industrial Association and Professional Services Council — to alert contractors small and large." My guess is that once it's formalized it will be released to the companies that are members of those associations first.
We, the public affected by this breach, still have very little information on just what happened or by whom. We have a bit of "how" info, in articles like this, and this shows another penetration in Argentina. "online portal designed to let Equifax employees in Argentina manage credit report disputes from consumers in that country was wide open, protected by perhaps the most easy-to-guess password combination ever: “admin/admin.”"
With megacorps spanning the world, no one countries data laws are doing shit to stop any of this. Megacorps will just move portals to the easiest country to operate in, and then obfuscate, confuse, and stall any inquiries while they furiously delete off-shore evidence because it's not strictly "illegal" for some separate, non-US company to do so. "the credit bureau took the whole thing offline shortly after being contacted by KrebsOnSecurity this afternoon". My bet is it's more than offline; or offline as in deleted and all servers and backups burned with thermite and dumped into the ocean.
The US government doesn't even consider any of this "Critical infrastructure". This isn't in the same league as these reports, so it's all left up to the "free hand of the market". This attack is affiliated with China and not Russia: "One tool used by the hackers, China Chopper, has a Chinese-language interface but is also in use outside China"
There has been lingering suspicions of internal bad actors in this. "The company hired Susan Mauldin, a former security chief at First Data, to run the global security team. Mauldin introduced herself to colleagues as a card-carrying member of the National Rifle Association, according to a person familiar with the changes." With the current probes pointing towards massive Russian money laundering into the GOP via the NRA, this is very bad. Also, "Overseeing technology for Equifax was David Webb, a Kellogg MBA and Russian-language major hired in 2010 from Silicon Valley Bank, where he had been chief operations officer. "
Most frighteningly, this stolen info has STILL never shown up on the dark web. Looking at the Moloch data, there were two separate teams who spent quite some time on this. Obviously it is an APT, like Shell Crew, or such. This means government sponsored, someone had to pay for all of this and the info wasn't sold off for a profit. This is what happens when "unregulated industry" meets 21st century cyber economic warfare.
Indeed, that's why when the British did finally recover enough to "come back" they burned the White House down in 1812.
He also specifically said the proper road was impeachment, removal from office, and then criminal investigations. There is no "must be a criminal" requirement for impeachment.
I really dislike that whole argument of "find that in the Constitution", as if a document written over 200 years ago has every future technology, invention, social change, etc written in it. I've heard the same argument about the EPA, Department of Education, the IRS, etc. By that logic, we should disband the Air Force and the Marines, since the Constitution only mentions the Army and Navy. It doesn't mention electricity at all, or have any comprehension of ideas like nuclear weapons, so therefor the government shouldn't regulate those either, right? We should just return to an 18th century agrarian society, abandon any law having anything to do with anything not specifically listed in the Constitution. If one State doesn't like another State dumping toxic waste into a river right on their border, I suppose they should just call up their State militia and fight it out. States should be able to enact tariffs and embargoes between each other, succeed from the Union without federal interference, determine their own voting laws for any political positions inside their own State, etc. If it's not specifically in the Constitution, it's good to go!
I was just thinking this too. The people the author was talking to were not inventors, real "industry titans", or such. We're not talking about Henry Ford, Benjamin Franklin, James Watt , Elon Musk, Edison, or Tesla, but a small clutch of hedge-fund managers. They don't know how to do much of anything except manipulate other people's money, game tax laws, etc. They might be intelligent people, but they aren't the ones designing actual physical items from various things. They are NOT gomi no sensei, and in a "money is all gone" crisis they are SOL.
I have a good friend who is a genius, has a long list of real survival skills, chemistry, basic engineering, invention, physics, etc. He knows how to hunt and clean a deer, tan a hide (braining is so gross, but worse well I'm told), smelting various ores into metals, designing simple circuits, working on cars, making various power generation systems, etc. If there is an apocalypse, he's the guy I'm going with. I'm pretty smart too, but I don't think that my system admin skills, powershell, and such would be much use!
In TFA, they do bring this up. They are also very worried about figuring out a way to keep their hired army in line, and that is when the author got very disturbed. Suggestions of "locking away the food" was one idea. These wealthy hedge-fund managers (about five of them, that was his audience) knew very acutely that once "the event" (how they refereed to it) happened, the money they used to pay their bodyguard mercs was no longer any good.
Food, or maybe even valuable drugs, might "keep them in line". The author suggested making them your close friends, confidants, and have a rapport that would go beyond just money. Of course, the hedge-fund managers were confused by this idea; being a bunch of rich sociopaths the idea of "making a real friend" of anyone outside their rich guy club is as about impossible as lead spontaneously turning into gold.
I'm 44, and I'm far more technically and socially skilled than I was 10-20 years ago. I'm also a salaried employee, and I try to match my "amount of work" to the norm of what my peers do. I also work very hard at keeping my skill set up, probably far more than any "young engineer". I've got a rack full of enterprise-level equipment that I practice on constantly.
The biggest plus for someone my age is that I have seen across a very wide technical landscape, from Windows 3.1, NT, 2000, the birth of Linux, analog phone systems, all the way to Server 2016, cloud deployments, virtual networking, etc. I grok, for example, how a GPO setting could potentially interfere with various legacy settings in ways that someone younger just couldn't. I know WHY specific "best practices" are the way they are, knowing were they came from and how they evolved first hand.
While I agree with your statement, one doesn't need to do any replacement. This statement is actually, from a legal standpoint, violating several laws on it's own:
Age Discrimination in Employment Act of 1967
Older Americans Amendments of 1975
Executive Order 11478
Executive Order 8802
These are just a few federal laws and orders. There are also numerous state-level laws, and IBM may even fall under other country's laws (depending on the division inside of IBM) due to contractual obligations they have signed on various support contracts. Many contracts have clauses that have signatories agree to "Follow all laws and regulations" of the jurisdiction they are operating in.
Do they also registered you for your state sales tax permit? Can you provide some actual names / url of these sites?
We all know were that will lead: A corp will just start, on paper, splitting out various "companies" that always to JUST under whatever amount is set. Companies like Apple already do this, and sell various products to other Apple companies on paper only, but ship to different places and never transit to those places. Eventually some creative off-shore startups will make this very cookie-cutter for "small businesses" to use.
At the moment, I agree, it is impossible. All those items they track are forced to comply with a very strict, standardized API to interact with the Amazon Marketplace. The "tax code" across the US is nothing like this. Each town can have a sales tax. Each county can have a sales tax. Each state has a sales tax. Many publish their tax rates in PDF format, and they all vary widely in how they present data inside those PDFs. Those PDFs are on various websites, and a corporation can't just go to any non-official site and grab an excel file or PDF...it HAS to come from some official government force to comply with their fiduciary responsibility.
Amazon accomplished this, but not for everything on their site. How does one enforce a seller who is black-label drop shipment seller out of China? Normally, it is the responsibility of whomever holds the sales tax license for the company; but those are usually only issued for companies with a physical presence. Are Amazon, Ebay, Etsy, etc required to keep track of these 10,000 different tax areas, add whatever is needed to each auction, and then remit those taxes in another companies name? Is that even legal, to submit collected sales tax in another companies name? Is it legal in every city, county, and state nation-wide? The Federal government cannot impose any rules, requirements, or regulations involving local taxes on local jurisdictions; a claim could be made via the Interstate Commerce Act but this is REALLY stretching it and might result in 10,000 lawsuits on Constitutional grounds.
This is going to be a huge mess, and I suspect the end result will be that online retailers will just "blacklist" various addresses because their local tax information isn't being reported via some industry-accepted API. Even that might be challenged by small towns..."You can go to our localtown.state website and download our latest home brewed PDF where we hand-wrote our tax percentages!" If states want this tax, it's up to the states to provide a common API for companies to be able to access. No published API, no non-nexus taxes.
I fully expect this to end up in the WTO courts, since it involves various other countries and is a huge burden and a radical shift in tax code without proper, formal notice per various international treaties. Libertarians and isolationist are going to freak out, or should be.
"These people, they make the best malware. I thought Putin did it, but this is just fabulous. Everyone is talking about it, everyone is telling me this is the most best they've seen this year, if not ever."
Great source! The also say that ET stopped the US from setting a nuke off on the Moon", some excellent advise filed under "Health" about David Icke and Reptians, and even this article which is basically several paragraphs off Wikipedia.
And yet that that's not really not how the NFL works. The players have very detailed contracts that outline exactly what they are paid to do; here is an article discussing how the NFL is probably in violation of their contractual agreements with the player's unions. The whole "kneeling" requirement was never negotiated with the players. When the Federal government (via Trump) gets involved in demanding a specific group of people do specific things against their will far outside of anything relating to the welfare of "the people" the First Amendment comes into play. Add in the blatant lies and disinformation spread by Fox News about the Eagles insinuating they knelt during the Anthem (when they were one of the only teams that did nothing like this the whole season), to the point of the Federal government is ranting about it...
"to be GDPR compliant at our company" We are proactively firing anyone who is an EU citizen, cutting off any direct business with the EU, and literally "burning the bridges" by setting all paperwork and contracts that mention anything EU on fire in a huge bonfire while we all chant "USA! USA! USA!"
TMobile actually has the display of "Scam Likely" now that shows up. My guess is that they aren't just straight-up blocking them is because their afraid of getting sued by someone.
Well, in that example it SHOULD be the exec at Call Co., who failed at their SLA between them and Acme. It would then be up to Call Co. to rectify monetary fines from the missed SLA with Service Co, then Service Co. vs. Foreign Co, etc.