It would be rather interesting to know if they had internally found this particular feature to be problematic. There may have been a product tester that evaluated the design on paper and in prototyping, but their findings were disregarded. Software companies, for example, are often internally aware of serious security and design flaws, but will likely do very little about them until they become public knowledge through a third party. There are a great many cases like that from practically every industry out there, especially the auto industry.
IT serves the business, business doesn't serve IT. That's right. But there are often certain policies that are in place as required either by *law* or by company's own policy. Higher management often tries to force their way through these policies without proper procedure, and it usually causes problems. One example would of course be the management demanding certain type of data to be migrated to a foreign cloud-based platform, which in many cases is either illegal or against company contracts with customers.
The European Union is not a state, but it has its shortcomings, though. For example, most EU citizens don't really know who prepares the laws, how these people are chosen or elected (often not even elected), how do EU laws affect national drafting of laws and so forth. Even the good things' origin, such as the benefits of a single market, are not known, and people don't realize that it's the EU that allows them to order pretty much anything from another EU country over the Internet without any more hassle than what they would have if they ordered it locally.
I reckon Scotland will be leaving the UK soon and might join the EU as a sovereign state later on. The fate of Northern Ireland is a big question mark, but they're obviously not happy with the UK leaving and this might start a similar political movement there too.
The invasion of privacy and constant violations of basic and human rights in the US, and around the rest of the Western world for that matter, are starting to have a lot in common with what George Orwell wrote in Animal Farm. The irony is of course that what he described in his book was Stalin-era Soviet Union.
They're most likely just trying to prevent Let's Encrypt from entering the commercial arena of issuing TLS certificates by creating legal barriers. Let's Encrypt's popularity is soaring and they're quickly capturing the low-end markets with minimal trust and identification requirements. They might see a possibility that Let's Encrypt might some day become a big player and thus a major competitor to COMODO.
It's too bad this usually happens only after there's been a breach. If security is done well from day 1, there are usually no significant breaches. The downside of "costly" information security is that if it works well, it seems useless to the execs. Seen too many times how they gradually cut the budget to oblivion because they don't get nice little reports detailing how many attacks were blocked and what would've been the associated costs. There's really no solid way of proving the need for strong security measures except trusting the word of people who know what they're doing in that particular area.
I think renewables are a great addition to the energy mix, but I just don't see any realistic scenario where we could jump from our current situation straight to renewables. Safe nuclear is an enormous pollution saver even if you count in the whole supply chain. With population growth and electric vehicles behind the corner, there's going to be an enormous growth in energy demand and without either nuclear or fossil fuels, we likely can't meet that demand.
IT security budget is the first in line when execs start doing budget cuts. Pre-emptive security measures just don't seem to be on their agenda these days (and it never really was). It's hard to justify to investors why the company is spending money on 'non-productive' work. I've found countless serious security issues in IT systems over the years and the only place where they really cared about them was when I worked in government IT, believe it or not.
Everyone operating in China is aware of this (hopefully). I've heard some funny stories how some companies are going as far as to leave intentionally broken blueprints laying around in their internal systems honeypot style.
This is basic stuff that's become only more and more common especially on websites. What I've noticed is that a *lot* of sanity checks etc. on web forms are done solely on the client side. The correct way is of course to check all input on both the client *and* server. The former is to alert users that their input is invalid and the latter is to prevent actual abuse.
It's amazing what crap even (or especially) large software vendors put out these days. I come across stupid stuff like this at work all the time. Many of these are so serious that they pose a risk to the entire company network. Criticism of such practices is often met with silence or ignorance because thorough coding costs money (though system penetrations or failures often cost a lot more).
Regarding Telegram, I think it's good there's competition in messaging apps. but they've seriously fallen behind as of late. Their strange encryption implementation has been criticized for quite a while now and there is still no ubiquitous end-to-end encryption.
Who needs test management, right? I mean, if your code is always *awesome*, why throw money down the well!:-)
Test management is and always has been an uphill battle. You have to be constantly proving yourself and telling the management how this-and-that bug saved the company a $100K+ down the road. Quality has this funny trait of being rather invisible when it's present and people only really notice it when it's not there.
When we know for a fact that IoT will only subject us to even more intrusive data collection, spying and constant privacy violations, why would anyone willingly put something like that in their homes? We can also assume that bad actors know of these capabilities and they're practically useless in preventing them from carrying out whatever they would do. To me it seems this is all about mass crowd control. Creating an extensive backlog of every citizens life, one that can be revisited when necessary.
It's been like that for ages. It was only after the Snowden leaks we started caring because it wasn't just certain "inconvenient" figures that were targeted, it was everybody. The fact is that nowadays, after conception you no longer enjoy an expectation of privacy.
Well, this is a virtual machine they're eavesdropping on. Anyone running something on a virtual machine should always assume that the one controlling the underlying hardware can always see everything that's happening on the VMs too. My view has always been that if I don't have the physical hardware before my eyes, I have no real guarantee someone isn't tampering with it either legally or illegally. Heck, even if it's before my eyes, someone may still have tampered with it at some point in time, or even remotely.
I don't think it's about costs, it's about demand. Having a tablet with such specs would be like cramming a 5 liter V8 into a moped. It can be done, but there likely aren't many people who'd want an unstable and unbalanced vehicle.
IMHO this invades people's privacy and causes self-censorship in the long run. This kind of tool would also open the door for all kinds of discrimination; people who won't rent to homosexuals, people of different ethnic backgrounds, people with differing political views and so forth. All of the aforementioned types of discrimination are a reality already today, but we should by no means make it easier for anyone.
I can't begin to understand why someone would seriously suggest something so ridiculous. After we have a fully working space tether, sure. Before that, absolutely not.
And this workflow has likely been automated to happen at every-few-minutes intervals. And let's not forget storing historical data. Technology is truly empowering the powertripping-kind.
It's pointless to teach about (rather important) stuff like VPNs if the recipient isn't willing to listen. It's best to teach values rather than technologies since technologies usually follow values. If you value privacy, you do whatever you can or is practical to enhance and protect your privacy.
Slashdot Mirror
It would be rather interesting to know if they had internally found this particular feature to be problematic. There may have been a product tester that evaluated the design on paper and in prototyping, but their findings were disregarded. Software companies, for example, are often internally aware of serious security and design flaws, but will likely do very little about them until they become public knowledge through a third party. There are a great many cases like that from practically every industry out there, especially the auto industry.
IT serves the business, business doesn't serve IT. That's right. But there are often certain policies that are in place as required either by *law* or by company's own policy. Higher management often tries to force their way through these policies without proper procedure, and it usually causes problems. One example would of course be the management demanding certain type of data to be migrated to a foreign cloud-based platform, which in many cases is either illegal or against company contracts with customers.
The European Union is not a state, but it has its shortcomings, though. For example, most EU citizens don't really know who prepares the laws, how these people are chosen or elected (often not even elected), how do EU laws affect national drafting of laws and so forth. Even the good things' origin, such as the benefits of a single market, are not known, and people don't realize that it's the EU that allows them to order pretty much anything from another EU country over the Internet without any more hassle than what they would have if they ordered it locally.
I reckon Scotland will be leaving the UK soon and might join the EU as a sovereign state later on. The fate of Northern Ireland is a big question mark, but they're obviously not happy with the UK leaving and this might start a similar political movement there too.
The invasion of privacy and constant violations of basic and human rights in the US, and around the rest of the Western world for that matter, are starting to have a lot in common with what George Orwell wrote in Animal Farm. The irony is of course that what he described in his book was Stalin-era Soviet Union.
They're most likely just trying to prevent Let's Encrypt from entering the commercial arena of issuing TLS certificates by creating legal barriers. Let's Encrypt's popularity is soaring and they're quickly capturing the low-end markets with minimal trust and identification requirements. They might see a possibility that Let's Encrypt might some day become a big player and thus a major competitor to COMODO.
This is like the Linux trade mark wars all over again. There's always some sleazy company trying to benefit from people's good will.
I suspect high-IQ countries are just so good at piracy that they make it look like somebody else did it.
It's too bad this usually happens only after there's been a breach. If security is done well from day 1, there are usually no significant breaches. The downside of "costly" information security is that if it works well, it seems useless to the execs. Seen too many times how they gradually cut the budget to oblivion because they don't get nice little reports detailing how many attacks were blocked and what would've been the associated costs. There's really no solid way of proving the need for strong security measures except trusting the word of people who know what they're doing in that particular area.
I think renewables are a great addition to the energy mix, but I just don't see any realistic scenario where we could jump from our current situation straight to renewables. Safe nuclear is an enormous pollution saver even if you count in the whole supply chain. With population growth and electric vehicles behind the corner, there's going to be an enormous growth in energy demand and without either nuclear or fossil fuels, we likely can't meet that demand.
IT security budget is the first in line when execs start doing budget cuts. Pre-emptive security measures just don't seem to be on their agenda these days (and it never really was). It's hard to justify to investors why the company is spending money on 'non-productive' work. I've found countless serious security issues in IT systems over the years and the only place where they really cared about them was when I worked in government IT, believe it or not.
My circa 2003 motherboard would have to agree with that. :-)
Everyone operating in China is aware of this (hopefully). I've heard some funny stories how some companies are going as far as to leave intentionally broken blueprints laying around in their internal systems honeypot style.
This is basic stuff that's become only more and more common especially on websites. What I've noticed is that a *lot* of sanity checks etc. on web forms are done solely on the client side. The correct way is of course to check all input on both the client *and* server. The former is to alert users that their input is invalid and the latter is to prevent actual abuse.
It's amazing what crap even (or especially) large software vendors put out these days. I come across stupid stuff like this at work all the time. Many of these are so serious that they pose a risk to the entire company network. Criticism of such practices is often met with silence or ignorance because thorough coding costs money (though system penetrations or failures often cost a lot more).
Regarding Telegram, I think it's good there's competition in messaging apps. but they've seriously fallen behind as of late. Their strange encryption implementation has been criticized for quite a while now and there is still no ubiquitous end-to-end encryption.
Who needs test management, right? I mean, if your code is always *awesome*, why throw money down the well! :-)
Test management is and always has been an uphill battle. You have to be constantly proving yourself and telling the management how this-and-that bug saved the company a $100K+ down the road. Quality has this funny trait of being rather invisible when it's present and people only really notice it when it's not there.
When we know for a fact that IoT will only subject us to even more intrusive data collection, spying and constant privacy violations, why would anyone willingly put something like that in their homes? We can also assume that bad actors know of these capabilities and they're practically useless in preventing them from carrying out whatever they would do. To me it seems this is all about mass crowd control. Creating an extensive backlog of every citizens life, one that can be revisited when necessary.
I may have underestimated the power of the Dark Side. :-(
It's been like that for ages. It was only after the Snowden leaks we started caring because it wasn't just certain "inconvenient" figures that were targeted, it was everybody. The fact is that nowadays, after conception you no longer enjoy an expectation of privacy.
Well, this is a virtual machine they're eavesdropping on. Anyone running something on a virtual machine should always assume that the one controlling the underlying hardware can always see everything that's happening on the VMs too. My view has always been that if I don't have the physical hardware before my eyes, I have no real guarantee someone isn't tampering with it either legally or illegally. Heck, even if it's before my eyes, someone may still have tampered with it at some point in time, or even remotely.
I don't think it's about costs, it's about demand. Having a tablet with such specs would be like cramming a 5 liter V8 into a moped. It can be done, but there likely aren't many people who'd want an unstable and unbalanced vehicle.
IMHO this invades people's privacy and causes self-censorship in the long run. This kind of tool would also open the door for all kinds of discrimination; people who won't rent to homosexuals, people of different ethnic backgrounds, people with differing political views and so forth. All of the aforementioned types of discrimination are a reality already today, but we should by no means make it easier for anyone.
I'm, uh... Stephen, Stephen Lindholm! :-)
I can't begin to understand why someone would seriously suggest something so ridiculous. After we have a fully working space tether, sure. Before that, absolutely not.
And this workflow has likely been automated to happen at every-few-minutes intervals. And let's not forget storing historical data. Technology is truly empowering the powertripping-kind.
It's pointless to teach about (rather important) stuff like VPNs if the recipient isn't willing to listen. It's best to teach values rather than technologies since technologies usually follow values. If you value privacy, you do whatever you can or is practical to enhance and protect your privacy.
Don't know what's up with Wired, but I was able to read the article just fine (using uBlock Origin and Ghostery).