The episodes we've experienced over the last few years would be fixed by now if the actually culprits had their asses handed to them on a platter in a court of law.
Manning? Walked in with a Lady Gaga CD (that's 1) inserted into a CD player (that's 2) accessed data he had no need to see (that's 3)...
Snowden? Vetted by a contract company (that's 1) hired by a contractor to the gubmint (that's 2) see 3 above...
Target, Home Depot, etc? Where the hell was sysadmin?
For other sites where are their "best practices" restrictions?
No sysadmin should allow a computer to harm someone.
I didn't suggest SMS as part of two step authorization... you did.
In reality, some sites offer choices. A person can opt out of SMS and choose to have several security questions (with a note to lie like hell), or, conceivably, use email.
Of course, the advertisers are not the true perpetrators... that would be the businesses.
Businesses know that product exposure to many eyeballs has a probability of generating income.
Super Bowl ads prove that it doesn't always work.
Targeted ads, in theory, work because you are probably going to be more interested in buying some more of the stuff you bought recently, or you are probably going to be interested in purchasing something related.
In all probability, your purchasing record would not make you a valid candidate for a random ad for pink socks.
A killer idea is to embed targeted ads or to produce interesting content that IS targeted advertisement.
Seriously, though, I totally agree with you. The advertising models for TV and the Internet are broken in their current form.
Two strategies are working:
1.) Viral YouTube video ads are awesome but it's very unusual for one to float to the top.
2.) Embedded ads are beginning to be the norm, where the content consumer is unaware that they are being targeted or, they know, but there isn't anything they can do about it.
Here's a solid prediction, to boot:
Sites already know when we are using plug-ins like Adblocker and some either ask us to exempt their site or refuse to let us in at all. That will continue and render ad blockers useless.
We've already seen that with cookies.
Turn cookies off in your browser and have fun with that bad idea and stuff.
... you are not in the retail phone store business with a ton of inventory in the back room stocking every conceivable device that's not supposed to need replacement.
Tough crowd.
... 35% overseas credit card purchase tax.
... should STFU.
Professionals walk a fine line between dealing with distraught users and causing World War III.
Doing your job in a way where you get invited to lunch with your other coworkers is the right way to do things.
People who call users "idiots" are "jerks".
So it is written, so let it be done.
Perhaps " ... [you] don't see what the Feds could do about it." but the courts do.
I never MetaFilter I didn't like.
The "all or nothing" approach is unnecessary.
You know as well as I do that the system side of things is busted.
Let's fix what we can, OK?
You can't have it both ways.
Either you can use the Internet or you can't.
The episodes we've experienced over the last few years would be fixed by now if the actually culprits had their asses handed to them on a platter in a court of law.
Manning? Walked in with a Lady Gaga CD (that's 1) inserted into a CD player (that's 2) accessed data he had no need to see (that's 3) ...
Snowden? Vetted by a contract company (that's 1) hired by a contractor to the gubmint (that's 2) see 3 above ...
Target, Home Depot, etc? Where the hell was sysadmin?
For other sites where are their "best practices" restrictions?
Let's place blame where it really belongs, OK?
I am a "user advocate" and I disagree with you. The analogy is flawed because, as a sysadmin, I can't get to people's cars.
I can sure get to my front doors. I can establish rules.
Look: We all know what the best practices are. Let's enforce rules.
When people sign up, don't let them move past "password," until they put in one that meets our definition of best practice.
In the next step, force people to choose their poison regarding two step authentication.
For security questions, be sure to advise them to LIE.
Every month, or two months, ot three months or six months (we get to set the timer), tell the customer, "Whoops! It's "Password Tuesday!"
"Let's go through this again or you don't get to play."
Sue the bastards.
Seriously, litigation is the only way.
I recognize the language, but I don't grok the mesage.
In any case, how about using a URL?
Try this password at your bank:
http://slashdot.org/bitemybutt
or:
"I like to log into slashdot at least once a day." (quotes optional)
To make your analogy less broken, try it again and include the part where you failed to lock the gate.
We are converging on agreement, still ...
No sysadmin should allow a computer to harm someone.
I didn't suggest SMS as part of two step authorization ... you did.
In reality, some sites offer choices. A person can opt out of SMS and choose to have several security questions (with a note to lie like hell), or, conceivably, use email.
The details are just speed bumps.
Thankfully, you are not a sysadmin.
We who are competent can handle basic security by twiggling the knobs.
Because you are not on our lawn, your analogy is useless.
It does matter. That's precisely why I posted it.
You are tasked with providing a compelling argument as to why it doesn't matter.
See? There's the wrong-think.
Recall that systems people are the ones who are driving the freaking truck.
How hard is it to inspect a password and tell a person that it's just too weak and here are the rules, so please comply or die?
How hard is it to enforce two level authorization at sign-up?
The paradigm where we blame the victims instead of unimaginative and lazy IT jockeys has got to stop.
Is this it?
You jumped my stuff.
Of course, the advertisers are not the true perpetrators ... that would be the businesses.
Businesses know that product exposure to many eyeballs has a probability of generating income.
Super Bowl ads prove that it doesn't always work.
Targeted ads, in theory, work because you are probably going to be more interested in buying some more of the stuff you bought recently, or you are probably going to be interested in purchasing something related.
In all probability, your purchasing record would not make you a valid candidate for a random ad for pink socks.
A killer idea is to embed targeted ads or to produce interesting content that IS targeted advertisement.
Or ...
Sue the hell out of companies that don't have the sense god gave a piss ant to provide a secure method of log in.
Yeah but you're an admitted crackpot, so ...
Just kidding.
Seriously, though, I totally agree with you. The advertising models for TV and the Internet are broken in their current form.
Two strategies are working:
1.) Viral YouTube video ads are awesome but it's very unusual for one to float to the top.
2.) Embedded ads are beginning to be the norm, where the content consumer is unaware that they are being targeted or, they know, but there isn't anything they can do about it.
Here's a solid prediction, to boot:
Sites already know when we are using plug-ins like Adblocker and some either ask us to exempt their site or refuse to let us in at all. That will continue and render ad blockers useless.
We've already seen that with cookies.
Turn cookies off in your browser and have fun with that bad idea and stuff.
Wrong-think.
If the fucking system worked like it's supposed to, people could put anything anywhere. Blaming the victim for a broken system is not logical.
The advice from people like you and me is to lie like hell.
... you are not in the retail phone store business with a ton of inventory in the back room stocking every conceivable device that's not supposed to need replacement.
There is no difference.
I don't know what you spend your disposable income on, but I'm certain it's for stupid stuff.
You should, instead, be spending your money on cameras, guitars, and computers.
I like cameras, guitars, and computers.
It's not at all about you, is it?
At issue is the valid concern that Yelp has compromised itself.
I think it has and I recommend that people forget about Yelp and go elsewhere for reviews.
Your post is irrelevant crap.