... it's like this guy suddenly thinks that SIPR and NIPR are insufficient...
Seems to me, the way SIPRNet is managed it is insufficient. Bradley Manning (allegedly) proved that. I've seen far more oversight of users' actions at private ops than Manning's superiors displayed. If they'd been doing their jobs, Manning wouldn't have been able to get into this mess.
"scrap and start over" should be a last resort, but I know from experience there are times it benefits.
I agree with pretty much everything you said here, and I'll increment that with you don't need to scrap it to start over.
Every time I've found myself in this position, it's been a monolithic monstrosity banged together years ago by someone who barely knew how to design and build a system, held together with duct tape over the years. It's been relatively simple to break the monstrosity up into discrete functions to minimize the complexity leaving you with a far more managable system to work with. Shampoo, rinse, repeat. This's simple maintenance, something any competent developer should be capable of. On top of all that, for the developer it's fun to do! You know you're doing something valuable for which the poor sod who follows you will be thankful (and sing your praises).
Once you've been through a few iterations of this, you'll have something any child could maintain, and you'll have a lot less cost and difficulty adding new features or tracking down and fixing bugs when desired/necessary.
Additionally, this's a great way to find and fix bugs. I found four monster bugs in my last one; features that'd never worked for a decade that the users just worked around and avoided (costing gahd knows how much of their time and hair), inconsistent datestamp handling (that almost made their transaction history useless), etc.
Unfortunately, there's far too few management types who understand this sort of thinking. Anything that costs their budget anything is anathema, so the thing has to get really broken before they'll man up and do anything about it and even then, they only want the immediate problem fixed. They generally don't want to pay for any maintenance, much less a thorough reworking of the system in any way.
... SAP is very reliable. Before contracting them you'd expect your project to be budgeted a lot of time and money, and for it to actualy costs several times the initial budget. And, after you contract them, they never fail that prediction. They are that reliable.
I was thinking the same thing based on my experience. They must have damned near the most effective marketing machine the world has ever known (well, next to the Vatican). If they farmed out that expertise, they'd make a killing.
... The TSA agents are screened when their shift starts...
Wow. What a great job. You get to grope innocent civvies all shift long, steal valuable electronics and sell it while on the job, and if you can make contact with terrists, you can get kickbacks from them to stuff explosives into random passengers' baggage. Where do I sign up? Xe Corp.? Googling...
Something like this is bound to happen occasionally whether the TSA does the screening or someone else.
He's in an airport, one of the most heavily CCTV'd places on 21st Century Earth, was only caught because a sharp eyed employee noticed, and he got away with it for six months, after stealing $50,000, while advertising his stolen wares on the web.
And by "wondered what would be the reaction", I am pretty sure it would be outrage.
My reply would be, "Bite me. It's not your computer. Find another job if you don't like it." I've worked with admins who didn't own their own computers, and considered their work computer THEIR computer. They're wrong.
... "gun's shouldn't have safeties, people will put them to their head and pull the trigger"...
Yeah, do revolvers even have safeties? What you sounded like was:
You to your son: "Don't trust anyone kid."
Later, your son: "Daddy, can I put this gun to my head and pull the trigger?"
You: "Sure, go ahead." Bang! "See, I told you not to trust anyone. Thus endeth the lesson."
To clarify, I mean it is not the Operating System's fault people do dumb things, and the goal for operating systems shouldn't be an unrealistic 100% safe.
Between the two of us, I think it's six of one, and a half a dozen of the other. Yes, everyone should think responsibly (check both ways before crossing the street, even if you're in a crosswalk), but mistakes do happen (drivers blow past stop signs while texting, etc). So, while logged into my box as a regular user, I can't hurt the box other than my/home. I can't blow away/etc if I'm not root.
I've long disagreed with the *buntus (et al) that automount anything shoved into a slot. That's not allowed to happen on my boxes. Users make mistakes all the time. Allowing a simple user mistake to harm the box (especially on a multi-user system) is an OS failure.
To go with your analogy that's like saying "Don't worry, go to any bad part of town you choose to go to, you can always yell for help when somebody attacks you."
More like, "Sure, jump off that bridge. We have police, fire dept.'s and EMS all set up to protect you." They can't protect us from everything, and expecting them to is an unreasonable expectation. We make backups to protect ourselves from user mistakes & etc., but one user's mistake shouldn't be allowed to affect other users or the box itself.
Building an OS that supposedly is safe to plug anything in to is just like teaching people they can hold a gun up to their head and pull the trigger just because the safety is on, and gets us in to the situation we have now where people do stupid, unsafe things because they have the expectation of safety.
What?!? So, parents, don't dare tell your kids that they should cry out for help from the cops/anyone when they're facing attackers. They might draw in even more (and worse) attackers with their screams. You can never tell if the people who show up will be good guys or baddies.
What?!?
One of an Operating System's responsibilities is to manage what goes on on the box! My Mom knows almost nothing (beyond what I've taught her) about system security, and expecting otherwise is near stupidity. Expecting her to not do something sloppy/silly/dangerous is very unfair.
Can you on a Win* box as an unprivileged user blow away your C:\ drive? Even MS understands that, and has for quite some time.
Don't give them that expectation, and you will see people be more responsible.
We've done it, we've shown the world they're not secure". Uhh, no, we already all knew that.
Uhh, no, not everyone did. Go back and read the comments related to the CitiBank hack. Damned near every one expressed astonishment that such a high profile banking site like that could be so complacent about securing its customers' accounts. Client-side session mgmt? Really?!?
I'm astonished to see such massive corps cheaping out on hiring expertise, and I've seen it on more than a few really big outfits which could easily afford better (the cost to their operation would be a speck of dust in comparison to their revenues and profits), but couldn't be bothered to care. IT is a cost center, really?!? The cost center really is any and all within the org who don't see the value to the overall operation in doing it right.
I wonder how many customers that's cost CitiBank so far. I wonder how much the class-action lawsuits for negligence this's going to cost them in the very near future.
Like nuclear submarines, have the TSA agents where dosimeter badges every day for a year. Lets see if there is a problem.
There are a lot of problems with this, but they're surmountable with care.
What problems? If the agents store their badges near where they work, and only pull them out of storage when they're at work, and return them when done (minimize contamination from other sources), what else?
It's true that we definitely need to gather lots of raw data about the impact of these devices.
Sometimes output levels drift from what they're set at, and if they weren't properly calibrated, they could be delivering as much as a chest X-ray worth (or more) of radiation every time someone passes through it...
I see an opportunity for activists. What's a box of dosimeters cost? Any rich sugar daddies out there who'd fund their purchase? Hand 'em out at the airport entrance, requesting the recipient mails them back for collation. Publish the results once enough come in.
It's science! Recipients can even hide them inside their clothes so they don't appear to look like hippie "terrists."
The problem with "ethics" is that most ethics classes are about PERSONAL moral choices... when you start tying your ethical base to just the letter of the law then it's really not "ethics" it's just another form of mindless religion.
That limits the utility of those ethics classes, but I agree. Which suggests to me the law is broken. If ethical != legal (and unethical != immoral), HTF will anyone be able to determine what's legal or illegal, unless they're a trained lawyer? Ordinary mortals don't expect to be born with a law degree.
If I can't walk into a potential client's office and reasonably expect them to treat me honestly and they can legally get away with that, the system's busted. Flimflam is the name of the day and the Bernie Madoffs of the world are the only ones who can prosper.
Trust, but verify, sure but if they're just mumbling legalese jargon, how do you do that without dragging your lawyer along into every interview, especially when there's five other applicants in the outer office trying for the position who're more desperate to land the position?
The Golden Rule is irrelevant in 21st century USA? Time to kill all the lawyers, to start.
See Article one. Freedom of speech or of the press don't apply? I think they do, and if your courts don't agree, they're wrong. You should fix that.
Article one contains nothing about freedom of speech or the press. Perhaps you mean the First Amendment?
Yes, drat. Thanks for pointing out the error.
That's not an inalienable right. Inalienable rights are spelled out in the Declaration of Independence, which is not the Constitution.
Yeah, see what they did to you there? Supercede your inalienable rights with a document that creates the US Empire but ignores that inalienable rights garbage? Queue the SCOTUS!:-P
After all, you've displayed expert knowledge of the US constitution.
Oh, be nice. At least some of us out here try to understand you guys. When's the last time you read the BNA Act or our repatriated constitution, or whatever Mexico uses for itself?
I didn't propose combining the USA with Canada, I proposed separating Northern California, Oregon, and Washington, and combining those with British Columbia.... What exactly do you think the political climate in the Pacific Northwest states (and especially San Francisco) is? It's one of the more socialist parts of the USA!! On top of that, from what I know about Canada, British Columbia and Vancouver are some of the more conservative parts of that country.
I know what the average US citizen thinks of SF, Oregon, and Seattle, but you trivialize the differences. Vancouver and Victoria may be full of potheads, but they're also full of socialist monarchists! Steven Harper (I believe) doesn't get much representation from BC. Their provincial gov't is NDP (socialist, not conservative) and has been for ages.
Add to that, comparing US socialists to Canadian socialists doesn't really enlighten anyone. They're way different animals.
Like I said, yeah, it would make a lot of sense to break up the US Empire into better organised smaller units which better identify with each other, but neither average US citizens nor average Canucks would much welcome each other into the new order.
I question whether many of you using that word have any idea what it means. At least in this case, it's irrelevant. The gov't was only tangentially involved in this, in writing the laws that the legal system goes by. Kneejerk slander, ad hominems, preaching to the choir, yada yada yada. You're proud of this behaviour? Why?
Have you spent any time on reason.org? Read any Rothbard or Hayek or von Mises? Can you prove you understand any of them? I doubt it. I suspect you've heard a little about Ayn Rand and are attributing her more controversial stuff to anything you think smells of libertarians. News: she vehemently disagreed with libertarian philosophy and their goals.
Or does [Ll]ibertarian == "Tea Party" in your world view? If so, go back to reading comprehension class for a refresher. Please.
Thank goodness an idea is not responsible for those who hold it.
What is wrong with you people these days?!? An inalienable right means your gov't can't take it away from you. It doesn't mean you don't also have to go out and get it from a willing provider.
Some of you Yanquis have completely lost the point of why you're still allowed to live there in (relative?) freedom. You fought for it and earned the right to be left alone there. Who "provided" the inhabitants of the USA with freedom from British rule? Those who stuck their necks out and demanded and fought with their lives for it! Did you think Gen. Washington petitioned the International Court in the Hague for it?!?
Slashdot Mirror
Seems to me, the way SIPRNet is managed it is insufficient. Bradley Manning (allegedly) proved that. I've seen far more oversight of users' actions at private ops than Manning's superiors displayed. If they'd been doing their jobs, Manning wouldn't have been able to get into this mess.
I agree with pretty much everything you said here, and I'll increment that with you don't need to scrap it to start over.
Every time I've found myself in this position, it's been a monolithic monstrosity banged together years ago by someone who barely knew how to design and build a system, held together with duct tape over the years. It's been relatively simple to break the monstrosity up into discrete functions to minimize the complexity leaving you with a far more managable system to work with. Shampoo, rinse, repeat. This's simple maintenance, something any competent developer should be capable of. On top of all that, for the developer it's fun to do! You know you're doing something valuable for which the poor sod who follows you will be thankful (and sing your praises).
Once you've been through a few iterations of this, you'll have something any child could maintain, and you'll have a lot less cost and difficulty adding new features or tracking down and fixing bugs when desired/necessary.
Additionally, this's a great way to find and fix bugs. I found four monster bugs in my last one; features that'd never worked for a decade that the users just worked around and avoided (costing gahd knows how much of their time and hair), inconsistent datestamp handling (that almost made their transaction history useless), etc.
Unfortunately, there's far too few management types who understand this sort of thinking. Anything that costs their budget anything is anathema, so the thing has to get really broken before they'll man up and do anything about it and even then, they only want the immediate problem fixed. They generally don't want to pay for any maintenance, much less a thorough reworking of the system in any way.
I was thinking the same thing based on my experience. They must have damned near the most effective marketing machine the world has ever known (well, next to the Vatican). If they farmed out that expertise, they'd make a killing.
Do you have no idea how silly that makes you look? Think anatomically, assuming you're at least capable of some thought. Twit.
Trolls: The Town Drunks of the Internet
Moderators, would you please stop doing this!?! +2 for a one liner BS statement which makes no sense? Reading comprehension, anybody?!?
Let me restate it so you'll understand it:
He's talking like he's a US citizen many of whom, US citizens, have died fighting for their rights? Get a fskin' brain!
... and robbed is a small price ...
And to have your electronics taken away must be a bonus.
So, you don't ... Nah, too easy.
... The TSA agents are screened when their shift starts ...
Wow. What a great job. You get to grope innocent civvies all shift long, steal valuable electronics and sell it while on the job, and if you can make contact with terrists, you can get kickbacks from them to stuff explosives into random passengers' baggage. Where do I sign up? Xe Corp.? Googling ...
Holy clusterfsck.
... while advertising his stolen wares on the web.
... and selling them while "at work." FFS!
Something like this is bound to happen occasionally whether the TSA does the screening or someone else.
He's in an airport, one of the most heavily CCTV'd places on 21st Century Earth, was only caught because a sharp eyed employee noticed, and he got away with it for six months, after stealing $50,000, while advertising his stolen wares on the web.
You're an idiot!
Yet it bothers you not at all to spell tires with a "y".
(21) infidel /home/keeling_ dict ostracise
1 definition found
From The Collaborative International Dictionary of English v.0.48 [gcide]:
ostracise \os"tra*cise\, v. t.
Same as {ostracize}. [Chiefly Brit.]
Don't get me started on al-u-min-i-um.
My reply would be, "Bite me. It's not your computer. Find another job if you don't like it." I've worked with admins who didn't own their own computers, and considered their work computer THEIR computer. They're wrong.
Yeah, do revolvers even have safeties? What you sounded like was:
You to your son: "Don't trust anyone kid."
Later, your son: "Daddy, can I put this gun to my head and pull the trigger?"
You: "Sure, go ahead." Bang! "See, I told you not to trust anyone. Thus endeth the lesson."
Between the two of us, I think it's six of one, and a half a dozen of the other. Yes, everyone should think responsibly (check both ways before crossing the street, even if you're in a crosswalk), but mistakes do happen (drivers blow past stop signs while texting, etc). So, while logged into my box as a regular user, I can't hurt the box other than my /home. I can't blow away /etc if I'm not root.
I've long disagreed with the *buntus (et al) that automount anything shoved into a slot. That's not allowed to happen on my boxes. Users make mistakes all the time. Allowing a simple user mistake to harm the box (especially on a multi-user system) is an OS failure.
More like, "Sure, jump off that bridge. We have police, fire dept.'s and EMS all set up to protect you." They can't protect us from everything, and expecting them to is an unreasonable expectation. We make backups to protect ourselves from user mistakes & etc., but one user's mistake shouldn't be allowed to affect other users or the box itself.
Sorry about that nitwit crack. :-)
What?!? So, parents, don't dare tell your kids that they should cry out for help from the cops/anyone when they're facing attackers. They might draw in even more (and worse) attackers with their screams. You can never tell if the people who show up will be good guys or baddies.
What?!?
One of an Operating System's responsibilities is to manage what goes on on the box! My Mom knows almost nothing (beyond what I've taught her) about system security, and expecting otherwise is near stupidity. Expecting her to not do something sloppy/silly/dangerous is very unfair.
Can you on a Win* box as an unprivileged user blow away your C:\ drive? Even MS understands that, and has for quite some time.
Chyaa, right. Who modded this nitwit up?
Uhh, no, not everyone did. Go back and read the comments related to the CitiBank hack. Damned near every one expressed astonishment that such a high profile banking site like that could be so complacent about securing its customers' accounts. Client-side session mgmt? Really?!?
I'm astonished to see such massive corps cheaping out on hiring expertise, and I've seen it on more than a few really big outfits which could easily afford better (the cost to their operation would be a speck of dust in comparison to their revenues and profits), but couldn't be bothered to care. IT is a cost center, really?!? The cost center really is any and all within the org who don't see the value to the overall operation in doing it right.
I wonder how many customers that's cost CitiBank so far. I wonder how much the class-action lawsuits for negligence this's going to cost them in the very near future.
What problems? If the agents store their badges near where they work, and only pull them out of storage when they're at work, and return them when done (minimize contamination from other sources), what else?
ACK!
No, I think he was pretty even handed there, even if it does make him sound like a racist jerk. Perhaps that's just his local dialect?
I see an opportunity for activists. What's a box of dosimeters cost? Any rich sugar daddies out there who'd fund their purchase? Hand 'em out at the airport entrance, requesting the recipient mails them back for collation. Publish the results once enough come in.
It's science! Recipients can even hide them inside their clothes so they don't appear to look like hippie "terrists."
How little chance is there that's not already there? Yeah, landline POTS is going the way of the Dodo, but still ...
That limits the utility of those ethics classes, but I agree. Which suggests to me the law is broken. If ethical != legal (and unethical != immoral), HTF will anyone be able to determine what's legal or illegal, unless they're a trained lawyer? Ordinary mortals don't expect to be born with a law degree.
If I can't walk into a potential client's office and reasonably expect them to treat me honestly and they can legally get away with that, the system's busted. Flimflam is the name of the day and the Bernie Madoffs of the world are the only ones who can prosper.
Trust, but verify, sure but if they're just mumbling legalese jargon, how do you do that without dragging your lawyer along into every interview, especially when there's five other applicants in the outer office trying for the position who're more desperate to land the position?
The Golden Rule is irrelevant in 21st century USA? Time to kill all the lawyers, to start.
Yes, drat. Thanks for pointing out the error.
Yeah, see what they did to you there? Supercede your inalienable rights with a document that creates the US Empire but ignores that inalienable rights garbage? Queue the SCOTUS! :-P
Oh, be nice. At least some of us out here try to understand you guys. When's the last time you read the BNA Act or our repatriated constitution, or whatever Mexico uses for itself?
I know what the average US citizen thinks of SF, Oregon, and Seattle, but you trivialize the differences. Vancouver and Victoria may be full of potheads, but they're also full of socialist monarchists! Steven Harper (I believe) doesn't get much representation from BC. Their provincial gov't is NDP (socialist, not conservative) and has been for ages.
Add to that, comparing US socialists to Canadian socialists doesn't really enlighten anyone. They're way different animals.
Like I said, yeah, it would make a lot of sense to break up the US Empire into better organised smaller units which better identify with each other, but neither average US citizens nor average Canucks would much welcome each other into the new order.
See Article one. Freedom of speech or of the press don't apply? I think they do, and if your courts don't agree, they're wrong. You should fix that.
I question whether many of you using that word have any idea what it means. At least in this case, it's irrelevant. The gov't was only tangentially involved in this, in writing the laws that the legal system goes by. Kneejerk slander, ad hominems, preaching to the choir, yada yada yada. You're proud of this behaviour? Why?
Have you spent any time on reason.org? Read any Rothbard or Hayek or von Mises? Can you prove you understand any of them? I doubt it. I suspect you've heard a little about Ayn Rand and are attributing her more controversial stuff to anything you think smells of libertarians. News: she vehemently disagreed with libertarian philosophy and their goals.
Or does [Ll]ibertarian == "Tea Party" in your world view? If so, go back to reading comprehension class for a refresher. Please.
Thank goodness an idea is not responsible for those who hold it.
Damn, your whole Mom's basement?!? :-P
What is wrong with you people these days?!? An inalienable right means your gov't can't take it away from you. It doesn't mean you don't also have to go out and get it from a willing provider.
Some of you Yanquis have completely lost the point of why you're still allowed to live there in (relative?) freedom. You fought for it and earned the right to be left alone there. Who "provided" the inhabitants of the USA with freedom from British rule? Those who stuck their necks out and demanded and fought with their lives for it! Did you think Gen. Washington petitioned the International Court in the Hague for it?!?
Sad.
North America includes Canada and the Arctic, the USA, and Mexico(?). Then there's Central America, and South America.
Yet you reserve the term "American" for residents of the USA, calling yourselves (exclusively) "American?" Which one, asshole?
fsckin' ACs! Grumble, mumble, yadayada.