I would say that the user has no cause to assume any specific privilege to or privacy on an employer network. Absent any specific allowance, they technically shouldnt even be doing anything personal on it
That doesn't necessarily follow, because for example there could be issues of implied consent or custom and practice.
However, that becomes irrelevant anyway the moment the supervisor welcoming an employee on their first day says something to the effect that occasional personal use is fine, because now the employee has explicit permission.
I would also note that there are still laws governing what can be done with that data.
There usually are. There are also often laws covering workplace surveillance that would collect the data in the first place, and there may be general laws on processing various specific kinds of sensitive personal data that impose stronger conditions and would apply as soon as any of those kinds of data might be relevant.
You will find that MOST places do that kind of surveillance, with just a notice in the AUP, and that in most countries surveillance is legal when a notice is given.
I have to be careful what I say here because I have information that isn't public, but I think you're wrong that "MOST places do that kind of surveillance". Use of tools for intrusion protection and data leakage prevention, which are by far the most likely to need to MITM encrypted connections, varies widely depending on organisation size and industry. Lots of people say they monitor incoming and/or outgoing traffic, but not all of them do it very well or comprehensively, and even fewer have spent the time to configure certificates/keys properly on the newer generations of device that support intercepting SSL connections (which is still a relatively recent set of features, by the timescales that enterprise-wide management hardware tends to be updated on).
That doesn't really matter, though, because clearly some places do do this, and that's what we're interested in here. Yes, they probably have some sort of document that an employee has theoretically seen saying communications might be monitored. And yes, in many cases that monitoring will be legal as long as the employee has been informed, without requiring their explicit consent. However, while in many jurisdictions an employer is allowed to monitor use of company resources and does not need an employee's explicit consent, they usually must be up-front about that monitoring.
The moment you (a) suggest that an employee visit a normally private site, such as their bank, and (b) intercept resulting communications in a way that the employee wouldn't normally expect, such as a web site with the padlock we've all been trained to think of as meaning a private connection, you are in danger of running into covert surveillance rules, which tend to be much stronger.
Also, the moment you intercept any information of a particularly sensitive nature, you potentially run into much stronger rules. For example, the Data Protection Act here in the UK distinguishes certain types of "sensitive personal information", and there are significantly stronger rules on collecting and processing that data.
Then I would hazard that there are a number of scenarios which justify surveillance that you have not gone through.
Just to be clear, because I think we might be talking at cross-purposes here, I am not disputing that there are good business reasons to employee these kinds of tools. The silly problem I referred to was getting into trouble by doing so without properly informing employees and without taking reasonable steps to keep everyone happy such as providing alternative means for them to communicate without the surveillance where this can sensibly be done.
You mention court cases where courts did not support these policies: can you clarify?
Most workplaces (at least those ive been to) have a computer use policy.
Yes, often the kind of warning you're talking about is included. And I have no problem with that, provided that it is made clear that the employer is also effectively hacking connections everyone is trained to think of as being secure, such as the on-line banking example a few of us have mentioned.
However, I don't think a typical "we might monitor this stuff" footnote is adequate disclosure in that context, because the point isn't the legal weasel words, it's whether the employee understands what the situation is and can choose to act accordingly. For example, an employee who understands the situation might decline to check their bank balance from a work computer when management responds to their question about a missing salary payment and says it should have arrived now.
And really, I dont see why you think you get to set the rules on someone else's equipment.
Don't make this about me personally. It's about employee rights as part of a healthy employer-employee relationship and, in this particular case, about the mutual trust that is fundamental to that relationship. I don't even work as an employee any more, BTW, so I have no personal axe to grind here.
The point is that employees are not slaves and do not forfeit all rights just because they're working for someone else for money. The entire legal field of employment rights and the entire union movement exist to balance the greater negotiating power of the employer, so the employer can't exploit their advantage to impose one-sided conditions. As a society, we've decided that we won't always let employers do what they want.
If you want to affect policy, you should probably get a degree or work experience in IT so that you can make informed recommendations. Otherwise I recommend you leave that to those who have done so.
Wow. It's a shame I'm posting pseudonymously here, because I'd enjoy seeing you discover the stunning irony of that suggestion.
Let me leave you instead with an alternative possibility to consider. Maybe I've actually worked with this kind of technology for a long time. Maybe I do understand the IT implications of what we're talking about, and I do know why IT departments might have a legitimate business need to use these tools.
But maybe I also see the legal/HR perspective. And maybe my position on this issue is motivated not by the arrogance of the naive young employee you seem to think I am but by observing the real consequences after deals were jeopardised because someone screwed this up. Maybe I've seen people find out the hard way that employees/unions/courts didn't support them as much as they assumed they would. It's actually not that unusual if you see, for example, a US business in an M&A deal with a European one, where the cultural attitudes and general legal stances on employees' rights are very different.
Maybe I've concluded that this is a silly problem that is almost entirely created by institutional arrogance and personal egos in management/IT, and that the problem could be almost entirely eliminated by more enlightened management/IT being up-front with their staff about what is going on and why it's being done, and sometimes by providing alternative mechanisms that avoid the problem without compromising security or compliance.
If you're still behaving petulantly by your late teens, you have no one to blame but yourself
You're reading things into my comments that weren't there. I'm not talking about behaving like a 5 year old throwing a tantrum. I'm talking about things like teenage parents having little if any experience of living independently, managing budgets, planning their time, dealing with dramatic life events like losing a job or having someone close to them pass away, and so on. I'm talking about exhibiting poor judgement due to lack of experience, the same way that young drivers tend to have far more accidents and young adults are more prone to wind up with avoidable financial problems.
My sister is 25 with children of 3 and 1.
Then your sister is not at all who I was talking about when I referred to "very young parents".
So you think the better balance is to have older parents cause a greater chance of life-long afflictions in their children rather than younger adults to just stop being oversized children and give their kids the best possible biological chance at good health?
I didn't express any opinion on where the balance should be, other than implicitly suggesting that it's not at either extreme.
But one has to be careful interpreting results like this those in TFA here. It sounds scary to say that a 40-year-old is 50% more likely than a 20-year-old to have a child with an undesirable condition. It sounds less scary when realise that also means the child has a 98.5% of being healthy in that respect rather than a 99% chance. When life expectancies can vary by a decade or more depending on your general quality of life and socioeconomic status, among other relevant factors, it isn't absurd at all to suggest that the advantages of having children a few years later could outweigh the advantages of having them a few years earlier.
I'm not sure how effectively a complete separation would ever work, given the strength of parent-child bonding in humans. I do think you're on to something there, though.
I've sometimes wondered whether we've lost some useful structure relatively recently, as a side effect of the easy travel and communication over long distances we enjoy today. Having a local community or extended family where children are not only raised by their parents but also supported by others of their parents' generation, who collectively have both broader experience to share and more reliable survival rates, seems like it has a lot of evolutionary value. That value isn't necessarily carried over to having just parents, professional teachers at school, and maybe professional childcare help to bridge the gaps, with other people the parents know and trust not necessarily living nearby or being regular in-person visitors who can develop relationships with children.
As another little piece of food for thought, if we're considering the idea that having children later has an advantage in terms of parents' greater maturity and means, we should also consider whether having them earlier has an advantage in terms of support from the grandparent generation, whose means and maturity will typically be greater still.
I've heard it suggested that one of the major evolutionary advantages humanity has over other species is middle age. Most of us will have a significant period in our lives when we are no longer producing children but still able to work productively and to help younger people to develop.
Such a MITM attack does require the users to trust it with their certificates
But "the users" in this case may well be a system administrator who installs an extra in-house CA as part of the standard image for a new employee's PC. The employee themselves probably never even sees it.
You might have that. Whether most people do is a different question, because standards of mobile technology and mobile network coverage vary widely from place to place. And even if most people do, there is still the need to look after those who do not.
I have a somewhat more optimistic view of the future than you seem to -- I do think we're heading for a low point in some areas right now, but I also think these things often go in cycles and that since most people are basically decent human beings we will learn to deal with the problems and fix them with time. There will be more later, but that's life.
Personally, I wonder how much the kinds of health effects we're discussing here make a difference compared to the potential benefits of having parents who are a bit older. For example, if older parents tend to be more financially secure, they can probably afford a better home in a safer neighbourhood and a safer model of car. Maybe they can afford better educational toys or more books or to take their children to more places and given them more positive experiences as they grow up. More mature and experienced parents can also share the benefits of that experience with their children, perhaps giving the kids a head start in academic life or more emotional support when they have to deal with difficult situations.
There's got to be some sort of balance here. Very young parents don't tend to do well by their kids, because they can't. Maybe they lack sufficient resources to care for them properly, and maybe they are still barely more than children themselves emotionally. On the other hand, relatively old parents tend to have kids with more health problems as we've been discussing, and obviously at some point in your life you can no longer mother a new child at all. The interesting thing to me is how to figure out what gives kids the best outcomes under different circumstances, so would-be parents can make informed decisions based on seeing the whole picture.
There are certainly legitimate use cases for intercepting encrypted traffic. For example, many corporate networks use security devices that sit on the incoming and/or outgoing links to do things like scanning for malware or leaks of confidential data. Obviously they can't scan properly encrypted traffic.
In principle, the use of such tools can be in everyone's interests, including employees and customers whose sensitive personal information might be held within the network. In some contexts, use of this kind of technology is important both for actual security and to be demonstrate compliance with privacy regulations. However...
and in fact see it as criminal action unless the employer is actively informing people that they should not do their online banking or anything involving private medical details (or similar confidential information) in the workplace.
This is where I strongly agree with you. If the interception is done covertly -- and by that I mean if every employee isn't fully aware of the possibility, not just that someone once made an offhand comment in a company meeting that 50% of staff attended that of course IT do this so of course it's been disclosed -- then this practice is very shady.
It is not impossible to reconcile reasonable security/compliance measures with employee privacy. You just might have to make a modest effort to do it, like setting up a dedicated system in the break room that is suitably isolated from the main company network and employees can use if they really do need to send a private message about a hospital appointment while on a break or to access their bank account to check a salary query. I have no sympathy for an employer who claims this is difficult, given the relative cost of doing it vs. the much higher cost of setting up the kind of security infrastructure we're talking about.
Its not your machine, or your network, or your electricity. Its not your time, either. Their job, their rules: Get over it.
Unfortunately, as long as employers are employing human beings rather than machines, the only people who think your position is tenable are HR, and Legal will do as much as they can to support it. Everyone else knows that occasionally you need to make a personal phone call during the working day, and everyone else thinks that listening in is creepy (not to mention illegal in many jurisdictions, at least if done as a blanket policy without reasonable grounds). Why should Internet access be held to a different standard?
Of course it's unreasonable for people to abuse work resources to spend all day looking for a new position. I don't see anyone disputing that employees are provided with those resources so they can do their jobs rather than for personal use. I don't see anyone disputing that work time is meant for work either, though of course things aren't so black and white when you get into breaks or what constitutes work time for salaried employees who don't get paid for fixed hours.
But things like deliberately and covertly MITMing secure connections to an employee's bank account, which maybe they're accessing because there's a legitimate question about whether their salary or expenses have arrived yet, is not acceptable. And no, some weasel words at the bottom of page 74 of your employee handbook saying generically that Internet communications may be monitored are not reasonable disclosure that this kind of practice is happening, IMHO. Either make it very clear that work resources may not be used for any personal matters -- and accept any negative consequences in terms of employee morale and/or retention and/or getting taken to a tribunal or sued -- or stop pretending that sysadmins playing Big Brother at work suddenly became acceptable because the word Internet was involved. It isn't, and in many places the law even says that.
To be fair, there is a grey area here. It's quite possible that at some point a past employee was genuinely interested in hearing more about progress at a potential supplier of interest, and chose to sign up for more information. Maybe the supplier never followed through with the specific product the ex-employee was interested in, maybe the in-house project that would have used it has since changed or been cancelled, or maybe there's just no-one else still at your business who cares even if the ex-employee did.
In all of these cases, updates that were originally actively requested and sent in good faith are now effectively unsolicited commercial mail from the point of view of everyone left at your business. The sender has no way to know that if you don't tell them, and probably has little interest in upsetting someone who was at least near their potential market by continuing to send them after being asked to stop.
Unfortunately, Apple seem to have abandoned iOS 5 support already.
iOS 6 isn't even 18 months old yet and was their Windows Vista, so a lot of people didn't upgrade. iOS 7 isn't even 6 months old, had security problems of its own at launch, and runs like a limping dog on some very popular devices still in widespread use, so a lot of people didn't upgrade to that either.
The vulnerability here was caused by a rookie error that could easily have been found and fixed by following any one of several best practices in their software development process, and for something security-related they should have been following all of them.
This is a very poor show from Apple on all counts.:-(
These are not the people that do your phone updates. These are people that deal with real-time embedded systems that are safety-criticial.
That is true, but unfortunately even those people have been known to make mistakes. Remember, these are the same people who let the car go to market with issues serious enough to merit a recall in the first place.
If you make a product that *will* kill a few hundred people over its lifetime unless you fix it, and only half of the owners will bring it in for an upgrade, wouldn't you rather be able to push the upgrade out?
And where does that stop? Google took a similar attitude with Chrome, except that the updates they push don't distinguish between closing security vulnerabilities, adding functionality, changing the UI around, and breaking stuff because yet again they didn't test properly and pushed out an update that regressed something important. Chrome is now the most buggy software on my computer.
Cars are not toys. Shipping this kind of product with a bug that "*will* kill a few hundred people over its lifetime" is basically unheard of. Even if such a defect were discovered, there are well-established mechanisms for tracking all cars of a certain model and contacting all of the owners, in many cases backed by force of law. You're never going to find a bug that really is that dangerous goes unfixed in half the cars out there because the owners couldn't be bothered to take them in for the repair. It just isn't going to happen.
An auto-upgrade is a major safety feature. Is there a security issue? Yes. But not an unsolvable one.
Given the auto industry's laughable track record on security and privacy so far, particularly in terms of software and communications technologies, I think that is optimistic. Even if they could theoretically implement a secure mechanism, there is little reason to believe they have the skill and ability to do it in practice, and even less reason to believe they actually would.
Every manufacturer will switch to auto-upgrades when the first one loses a massive tort case over failure to auto-upgrade.
Sure, except for the part where there is nothing in law to require them to actually do that.
In any case, they would all switch back again the first time a disgruntled ex-employee causes dozens of KSI accidents in one morning rush hour with the "secure" authentication codes they stole on the way out the door and a $50 MacGyvered transmitter.
I love the dream that we'll eventually have efficient, interconnected private transport systems that overcome many of the problems we face today, and I love that technology might actually be able to do it one day, too. But that day is a long, long way into the future.
Short of something unprecedented with Kickstarter it's won't be crowdfunded.
Not so many years ago, Kickstarter itself would have been unprecedented. I'm not sure whether it's The One, but the funding model is one of the first genuinely interesting alternatives to up-front production and relying on copyright to bring in sufficient revenues, because it might actually work at a larger scale if awareness rises and increases the size of the potential funding pool. They've had a few projects raise high six or low seven figures already, and obviously this method of finding/funding shows is nowhere near as well established today as "I saw it on TV" or "It's on Netflix".
Also, your examples are a little contrived.
Terra Nova was a decent show, but they were centred on a huge mostly-outdoor location that was always going to be expensive to depict, and they had dinosaurs. The show's premise would probably have worked just as well with a slightly less ambitious version of the settlement and the surrounding hostile environment, and it would have cut the budget significantly. This is the kind of thing that actually works pretty well on Kickstarter, because you have a "we'll make the show" target, and then if you raise significantly more funding you can have stretch goals of the type "with a more detailed and varied setting".
Game of Thrones has a huge cast for a TV show, both the principals and the extras. Obviously this comes mainly from the scale of the books that the series is based on, but if you look at most sci-fi and fantasy shows, you rarely have as many as a dozen regulars in an ensemble cast or more than a couple of recurring roles featuring in any given episode. If you look down a cast list for Game of Thrones ordered by number of appearances, you're still finding major roles 50 people in. Again, if you were making a similar show but without trying to be faithful to an established series of books, you could tell the same style of story with far fewer players and save a fortune (and arguably that would make a better show anyway).
For what, exactly? If you're coming in as an outside consultant, you typically don't have much political leverage to resolve problems, because you're probably not going to be around for long enough. Often the most effective tool you do have is to attach a dollar amount to how much mess a given problem is creating. If this is done honestly and the amounts are agreed up-front and openly, there is nothing unethical about it whatsoever. After all, on a fixed price contract, working with fools will substantially increase the amount of effort required to get good results, and it will make the work less pleasant, and both of those things do carry a premium.
Of course, what you're really hoping is for is not for the client to just accept the higher fee. Ideally, you want the client to instead ask you why something is getting more expensive, so you can explain not just that there's something you don't like but also why it's bad for your client. You want them to decide that the consequences of continuing with it aren't worthwhile so they change course.
If countries outside those borders don't like it, then they can ignore it.
Be careful what you wish for. There seems to be an increasing sentiment almost everywhere that the US is getting far too big for its boots and it is in the best interests of other nations to distance themselves and reduce their dependence on US-controlled interests.
To that end, it is certainly technically possible for an alternative internet to be developed that is independent of the US, and for all of the essential infrastructure to be distributed globally. In fact, for many reasons starting over and fixing some of the problems that were never anticipated decades ago would be a very good thing for almost everyone. But right now, the cost and administrative effort required to do so are prohibitive, and so the status quo remains.
If you push too hard and provide enough incentive for that decentralisation and replacement to actually start happening, there will be exactly one loser, and the economic cost alone would be devastating.
it's really not that hard to tell which bugs are programmer screw-ups and which ones have a deeper cause
I don't entirely agree, because for example as soon as there is any doubt about the spec or the intended architecture coming down from above, the situation is ambiguous.
But even if we accept your premise, for the idea we're discussing to work, you have to be able to identify exactly which programmer is responsible. Was it the guy who called the wrong function, or the guy whose API wasn't clear enough to use properly? If the API was part of the problem, was it really the API developer's fault anyway, when he wrote it three years ago to cater to other use cases before the offending requirement was even conceived, and five other people have hacked parts of it around since then?
Bugs are rarely just he result of a programmer screwing up.
That's rather kind. Bugs happen all the time just because programmers screwed up.
The difficulty with the software industry is that we have not yet developed good objective criteria for saying which bugs are really down to a specific programmer's error as the root cause and which could instead be attributed significantly or entirely to other causes. What's more, we have even less ability to set criteria that are still useful if you're a lawyer or manager or client rather than a technical expert who understands how things actually work.
Once upon a time, I worked for a large organisation that sold software. There were some concerns about the security of our computer systems, and so mandatory annual briefings were introduced. These would remind everyone about best practices and provide hard data to demonstrate how serious the problems could be in terms of down time and $ cost. The briefings would be delivered to each employee at their desk, with the employee being required to click through the presentation slowly enough that they might as well read each part.
Management and the sales guys were happy that our security would obviously improve as a result of this exercise, which in turn would presumably alleviate any concerns about our public image.
The sysadmins, programmers, web guys, and other technically knowledgeable geeks, on the other hand, saw irrefutable stats from management's own fingers showing that we could reduce the cost of security problems by over 90% in a single day by confiscating all the laptops from every sales guy and manager and replacing them with locked down devices that could only access company systems for company business.
Yeah, but they have voice recognition, so you only actually lose control of a starship capable of causing damage on a planetary scale if a homesick android turns hostile, which would never happen.
Well, that or if someone brings in a tape recorder, I guess.
Unfortunately, among the worst offenders for lax security practices you will often find company executives. The kind of person who makes it into such positions tends to have a certain arrogance, sociopathic tendencies, and a presumption that anything they screw up can be fixed by someone else later if necessary. If someone like that runs into an access control barrier on their computer, they call IT and say remove it. And if it doesn't get removed, they call the IT guy's supervisor and say remove it, and then they fire the first IT guy.
Obviously not all management is that naive, but I suspect you'll find a strong correlation between management that repeatedly causes serious security problems and management that is willing to run over their sysadmins without losing any sleep over it.
Unfortunately, though it's relatively rare, vulnerabilities allowing software to "escape the virtual machine" are not unheard of. For the kind of security model we're talking about here, you ought to be running isolated segments on completely separate physical systems that can communicate only via controlled channels with suitable safeguards like firewalls and DMZs in place, if they even need to communicate at all. Basically, each segment in your network should regard traffic from any other segment as potentially hostile, in the same way you don't just trust traffic from the Internet and you limit access from non-audited systems if you allow BYOD.
None of this is a new idea, of course. Security and compliance people in fields like finance and healthcare have been advocating these kinds of measures since forever. It's just that every time a major breach happens because someone didn't do it, the subject gets brought up again, and hopefully a few more people (including the executives who need to sign the cheques) get the message.
All fair points, but traditionally the bargain has been that you buy your serious gear from the likes of HP or Dell or Cisco, who are going to charge a lot more than you'd pay for commodity equivalents, but in return the big name gear is generally going to work and you can expect a professional level of ongoing support if and when it doesn't.
If these big name companies don't want to offer that level of ongoing support any more, that's their decision, but then there is little reason to pay a substantial premium to buy the big name equipment in the first place. Building commodity servers and workstations, or getting a reputable and reasonably local supplier to do it for you, can already work out much cheaper than buying your boxes from the premium brands. I don't think the networking/infrastructure side is there yet, but over the next few years I expect SDN and virtualization to put increasing pressure on those areas as well.
It seems short-sighted for brands like HP to risk their reputations with transparent cash grabs like this. It might look good at the end of this quarter, and maybe even this financial year, but it will inevitably push customers towards alternative models, probably enough that some will jump ship. With the likely industry trends over the next few years, it will be a lot more expensive to win those customers back, assuming it's even possible at all by then.
I would say that the user has no cause to assume any specific privilege to or privacy on an employer network. Absent any specific allowance, they technically shouldnt even be doing anything personal on it
That doesn't necessarily follow, because for example there could be issues of implied consent or custom and practice.
However, that becomes irrelevant anyway the moment the supervisor welcoming an employee on their first day says something to the effect that occasional personal use is fine, because now the employee has explicit permission.
I would also note that there are still laws governing what can be done with that data.
There usually are. There are also often laws covering workplace surveillance that would collect the data in the first place, and there may be general laws on processing various specific kinds of sensitive personal data that impose stronger conditions and would apply as soon as any of those kinds of data might be relevant.
You will find that MOST places do that kind of surveillance, with just a notice in the AUP, and that in most countries surveillance is legal when a notice is given.
I have to be careful what I say here because I have information that isn't public, but I think you're wrong that "MOST places do that kind of surveillance". Use of tools for intrusion protection and data leakage prevention, which are by far the most likely to need to MITM encrypted connections, varies widely depending on organisation size and industry. Lots of people say they monitor incoming and/or outgoing traffic, but not all of them do it very well or comprehensively, and even fewer have spent the time to configure certificates/keys properly on the newer generations of device that support intercepting SSL connections (which is still a relatively recent set of features, by the timescales that enterprise-wide management hardware tends to be updated on).
That doesn't really matter, though, because clearly some places do do this, and that's what we're interested in here. Yes, they probably have some sort of document that an employee has theoretically seen saying communications might be monitored. And yes, in many cases that monitoring will be legal as long as the employee has been informed, without requiring their explicit consent. However, while in many jurisdictions an employer is allowed to monitor use of company resources and does not need an employee's explicit consent, they usually must be up-front about that monitoring.
The moment you (a) suggest that an employee visit a normally private site, such as their bank, and (b) intercept resulting communications in a way that the employee wouldn't normally expect, such as a web site with the padlock we've all been trained to think of as meaning a private connection, you are in danger of running into covert surveillance rules, which tend to be much stronger.
Also, the moment you intercept any information of a particularly sensitive nature, you potentially run into much stronger rules. For example, the Data Protection Act here in the UK distinguishes certain types of "sensitive personal information", and there are significantly stronger rules on collecting and processing that data.
Then I would hazard that there are a number of scenarios which justify surveillance that you have not gone through.
Just to be clear, because I think we might be talking at cross-purposes here, I am not disputing that there are good business reasons to employee these kinds of tools. The silly problem I referred to was getting into trouble by doing so without properly informing employees and without taking reasonable steps to keep everyone happy such as providing alternative means for them to communicate without the surveillance where this can sensibly be done.
You mention court cases where courts did not support these policies: can you clarify?
Probably not in a public f
Most workplaces (at least those ive been to) have a computer use policy.
Yes, often the kind of warning you're talking about is included. And I have no problem with that, provided that it is made clear that the employer is also effectively hacking connections everyone is trained to think of as being secure, such as the on-line banking example a few of us have mentioned.
However, I don't think a typical "we might monitor this stuff" footnote is adequate disclosure in that context, because the point isn't the legal weasel words, it's whether the employee understands what the situation is and can choose to act accordingly. For example, an employee who understands the situation might decline to check their bank balance from a work computer when management responds to their question about a missing salary payment and says it should have arrived now.
And really, I dont see why you think you get to set the rules on someone else's equipment.
Don't make this about me personally. It's about employee rights as part of a healthy employer-employee relationship and, in this particular case, about the mutual trust that is fundamental to that relationship. I don't even work as an employee any more, BTW, so I have no personal axe to grind here.
The point is that employees are not slaves and do not forfeit all rights just because they're working for someone else for money. The entire legal field of employment rights and the entire union movement exist to balance the greater negotiating power of the employer, so the employer can't exploit their advantage to impose one-sided conditions. As a society, we've decided that we won't always let employers do what they want.
If you want to affect policy, you should probably get a degree or work experience in IT so that you can make informed recommendations. Otherwise I recommend you leave that to those who have done so.
Wow. It's a shame I'm posting pseudonymously here, because I'd enjoy seeing you discover the stunning irony of that suggestion.
Let me leave you instead with an alternative possibility to consider. Maybe I've actually worked with this kind of technology for a long time. Maybe I do understand the IT implications of what we're talking about, and I do know why IT departments might have a legitimate business need to use these tools.
But maybe I also see the legal/HR perspective. And maybe my position on this issue is motivated not by the arrogance of the naive young employee you seem to think I am but by observing the real consequences after deals were jeopardised because someone screwed this up. Maybe I've seen people find out the hard way that employees/unions/courts didn't support them as much as they assumed they would. It's actually not that unusual if you see, for example, a US business in an M&A deal with a European one, where the cultural attitudes and general legal stances on employees' rights are very different.
Maybe I've concluded that this is a silly problem that is almost entirely created by institutional arrogance and personal egos in management/IT, and that the problem could be almost entirely eliminated by more enlightened management/IT being up-front with their staff about what is going on and why it's being done, and sometimes by providing alternative mechanisms that avoid the problem without compromising security or compliance.
If you're still behaving petulantly by your late teens, you have no one to blame but yourself
You're reading things into my comments that weren't there. I'm not talking about behaving like a 5 year old throwing a tantrum. I'm talking about things like teenage parents having little if any experience of living independently, managing budgets, planning their time, dealing with dramatic life events like losing a job or having someone close to them pass away, and so on. I'm talking about exhibiting poor judgement due to lack of experience, the same way that young drivers tend to have far more accidents and young adults are more prone to wind up with avoidable financial problems.
My sister is 25 with children of 3 and 1.
Then your sister is not at all who I was talking about when I referred to "very young parents".
So you think the better balance is to have older parents cause a greater chance of life-long afflictions in their children rather than younger adults to just stop being oversized children and give their kids the best possible biological chance at good health?
I didn't express any opinion on where the balance should be, other than implicitly suggesting that it's not at either extreme.
But one has to be careful interpreting results like this those in TFA here. It sounds scary to say that a 40-year-old is 50% more likely than a 20-year-old to have a child with an undesirable condition. It sounds less scary when realise that also means the child has a 98.5% of being healthy in that respect rather than a 99% chance. When life expectancies can vary by a decade or more depending on your general quality of life and socioeconomic status, among other relevant factors, it isn't absurd at all to suggest that the advantages of having children a few years later could outweigh the advantages of having them a few years earlier.
I'm not sure how effectively a complete separation would ever work, given the strength of parent-child bonding in humans. I do think you're on to something there, though.
I've sometimes wondered whether we've lost some useful structure relatively recently, as a side effect of the easy travel and communication over long distances we enjoy today. Having a local community or extended family where children are not only raised by their parents but also supported by others of their parents' generation, who collectively have both broader experience to share and more reliable survival rates, seems like it has a lot of evolutionary value. That value isn't necessarily carried over to having just parents, professional teachers at school, and maybe professional childcare help to bridge the gaps, with other people the parents know and trust not necessarily living nearby or being regular in-person visitors who can develop relationships with children.
As another little piece of food for thought, if we're considering the idea that having children later has an advantage in terms of parents' greater maturity and means, we should also consider whether having them earlier has an advantage in terms of support from the grandparent generation, whose means and maturity will typically be greater still.
I've heard it suggested that one of the major evolutionary advantages humanity has over other species is middle age. Most of us will have a significant period in our lives when we are no longer producing children but still able to work productively and to help younger people to develop.
Such a MITM attack does require the users to trust it with their certificates
But "the users" in this case may well be a system administrator who installs an extra in-house CA as part of the standard image for a new employee's PC. The employee themselves probably never even sees it.
You might have that. Whether most people do is a different question, because standards of mobile technology and mobile network coverage vary widely from place to place. And even if most people do, there is still the need to look after those who do not.
I have a somewhat more optimistic view of the future than you seem to -- I do think we're heading for a low point in some areas right now, but I also think these things often go in cycles and that since most people are basically decent human beings we will learn to deal with the problems and fix them with time. There will be more later, but that's life.
Personally, I wonder how much the kinds of health effects we're discussing here make a difference compared to the potential benefits of having parents who are a bit older. For example, if older parents tend to be more financially secure, they can probably afford a better home in a safer neighbourhood and a safer model of car. Maybe they can afford better educational toys or more books or to take their children to more places and given them more positive experiences as they grow up. More mature and experienced parents can also share the benefits of that experience with their children, perhaps giving the kids a head start in academic life or more emotional support when they have to deal with difficult situations.
There's got to be some sort of balance here. Very young parents don't tend to do well by their kids, because they can't. Maybe they lack sufficient resources to care for them properly, and maybe they are still barely more than children themselves emotionally. On the other hand, relatively old parents tend to have kids with more health problems as we've been discussing, and obviously at some point in your life you can no longer mother a new child at all. The interesting thing to me is how to figure out what gives kids the best outcomes under different circumstances, so would-be parents can make informed decisions based on seeing the whole picture.
I can't actually see a legitimate case for that,
There are certainly legitimate use cases for intercepting encrypted traffic. For example, many corporate networks use security devices that sit on the incoming and/or outgoing links to do things like scanning for malware or leaks of confidential data. Obviously they can't scan properly encrypted traffic.
In principle, the use of such tools can be in everyone's interests, including employees and customers whose sensitive personal information might be held within the network. In some contexts, use of this kind of technology is important both for actual security and to be demonstrate compliance with privacy regulations. However...
and in fact see it as criminal action unless the employer is actively informing people that they should not do their online banking or anything involving private medical details (or similar confidential information) in the workplace.
This is where I strongly agree with you. If the interception is done covertly -- and by that I mean if every employee isn't fully aware of the possibility, not just that someone once made an offhand comment in a company meeting that 50% of staff attended that of course IT do this so of course it's been disclosed -- then this practice is very shady.
It is not impossible to reconcile reasonable security/compliance measures with employee privacy. You just might have to make a modest effort to do it, like setting up a dedicated system in the break room that is suitably isolated from the main company network and employees can use if they really do need to send a private message about a hospital appointment while on a break or to access their bank account to check a salary query. I have no sympathy for an employer who claims this is difficult, given the relative cost of doing it vs. the much higher cost of setting up the kind of security infrastructure we're talking about.
Its not your machine, or your network, or your electricity. Its not your time, either. Their job, their rules: Get over it.
Unfortunately, as long as employers are employing human beings rather than machines, the only people who think your position is tenable are HR, and Legal will do as much as they can to support it. Everyone else knows that occasionally you need to make a personal phone call during the working day, and everyone else thinks that listening in is creepy (not to mention illegal in many jurisdictions, at least if done as a blanket policy without reasonable grounds). Why should Internet access be held to a different standard?
Of course it's unreasonable for people to abuse work resources to spend all day looking for a new position. I don't see anyone disputing that employees are provided with those resources so they can do their jobs rather than for personal use. I don't see anyone disputing that work time is meant for work either, though of course things aren't so black and white when you get into breaks or what constitutes work time for salaried employees who don't get paid for fixed hours.
But things like deliberately and covertly MITMing secure connections to an employee's bank account, which maybe they're accessing because there's a legitimate question about whether their salary or expenses have arrived yet, is not acceptable. And no, some weasel words at the bottom of page 74 of your employee handbook saying generically that Internet communications may be monitored are not reasonable disclosure that this kind of practice is happening, IMHO. Either make it very clear that work resources may not be used for any personal matters -- and accept any negative consequences in terms of employee morale and/or retention and/or getting taken to a tribunal or sued -- or stop pretending that sysadmins playing Big Brother at work suddenly became acceptable because the word Internet was involved. It isn't, and in many places the law even says that.
To be fair, there is a grey area here. It's quite possible that at some point a past employee was genuinely interested in hearing more about progress at a potential supplier of interest, and chose to sign up for more information. Maybe the supplier never followed through with the specific product the ex-employee was interested in, maybe the in-house project that would have used it has since changed or been cancelled, or maybe there's just no-one else still at your business who cares even if the ex-employee did.
In all of these cases, updates that were originally actively requested and sent in good faith are now effectively unsolicited commercial mail from the point of view of everyone left at your business. The sender has no way to know that if you don't tell them, and probably has little interest in upsetting someone who was at least near their potential market by continuing to send them after being asked to stop.
Unfortunately, Apple seem to have abandoned iOS 5 support already.
iOS 6 isn't even 18 months old yet and was their Windows Vista, so a lot of people didn't upgrade. iOS 7 isn't even 6 months old, had security problems of its own at launch, and runs like a limping dog on some very popular devices still in widespread use, so a lot of people didn't upgrade to that either.
The vulnerability here was caused by a rookie error that could easily have been found and fixed by following any one of several best practices in their software development process, and for something security-related they should have been following all of them.
This is a very poor show from Apple on all counts. :-(
These are not the people that do your phone updates. These are people that deal with real-time embedded systems that are safety-criticial.
That is true, but unfortunately even those people have been known to make mistakes. Remember, these are the same people who let the car go to market with issues serious enough to merit a recall in the first place.
Oh don't be silly, that kind of thing would never happen for real.
If you make a product that *will* kill a few hundred people over its lifetime unless you fix it, and only half of the owners will bring it in for an upgrade, wouldn't you rather be able to push the upgrade out?
And where does that stop? Google took a similar attitude with Chrome, except that the updates they push don't distinguish between closing security vulnerabilities, adding functionality, changing the UI around, and breaking stuff because yet again they didn't test properly and pushed out an update that regressed something important. Chrome is now the most buggy software on my computer.
Cars are not toys. Shipping this kind of product with a bug that "*will* kill a few hundred people over its lifetime" is basically unheard of. Even if such a defect were discovered, there are well-established mechanisms for tracking all cars of a certain model and contacting all of the owners, in many cases backed by force of law. You're never going to find a bug that really is that dangerous goes unfixed in half the cars out there because the owners couldn't be bothered to take them in for the repair. It just isn't going to happen.
An auto-upgrade is a major safety feature. Is there a security issue? Yes. But not an unsolvable one.
Given the auto industry's laughable track record on security and privacy so far, particularly in terms of software and communications technologies, I think that is optimistic. Even if they could theoretically implement a secure mechanism, there is little reason to believe they have the skill and ability to do it in practice, and even less reason to believe they actually would.
Every manufacturer will switch to auto-upgrades when the first one loses a massive tort case over failure to auto-upgrade.
Sure, except for the part where there is nothing in law to require them to actually do that.
In any case, they would all switch back again the first time a disgruntled ex-employee causes dozens of KSI accidents in one morning rush hour with the "secure" authentication codes they stole on the way out the door and a $50 MacGyvered transmitter.
I love the dream that we'll eventually have efficient, interconnected private transport systems that overcome many of the problems we face today, and I love that technology might actually be able to do it one day, too. But that day is a long, long way into the future.
Short of something unprecedented with Kickstarter it's won't be crowdfunded.
Not so many years ago, Kickstarter itself would have been unprecedented. I'm not sure whether it's The One, but the funding model is one of the first genuinely interesting alternatives to up-front production and relying on copyright to bring in sufficient revenues, because it might actually work at a larger scale if awareness rises and increases the size of the potential funding pool. They've had a few projects raise high six or low seven figures already, and obviously this method of finding/funding shows is nowhere near as well established today as "I saw it on TV" or "It's on Netflix".
Also, your examples are a little contrived.
Terra Nova was a decent show, but they were centred on a huge mostly-outdoor location that was always going to be expensive to depict, and they had dinosaurs. The show's premise would probably have worked just as well with a slightly less ambitious version of the settlement and the surrounding hostile environment, and it would have cut the budget significantly. This is the kind of thing that actually works pretty well on Kickstarter, because you have a "we'll make the show" target, and then if you raise significantly more funding you can have stretch goals of the type "with a more detailed and varied setting".
Game of Thrones has a huge cast for a TV show, both the principals and the extras. Obviously this comes mainly from the scale of the books that the series is based on, but if you look at most sci-fi and fantasy shows, you rarely have as many as a dozen regulars in an ensemble cast or more than a couple of recurring roles featuring in any given episode. If you look down a cast list for Game of Thrones ordered by number of appearances, you're still finding major roles 50 people in. Again, if you were making a similar show but without trying to be faithful to an established series of books, you could tell the same style of story with far fewer players and save a fortune (and arguably that would make a better show anyway).
Someone caught doing that should be sued.
For what, exactly? If you're coming in as an outside consultant, you typically don't have much political leverage to resolve problems, because you're probably not going to be around for long enough. Often the most effective tool you do have is to attach a dollar amount to how much mess a given problem is creating. If this is done honestly and the amounts are agreed up-front and openly, there is nothing unethical about it whatsoever. After all, on a fixed price contract, working with fools will substantially increase the amount of effort required to get good results, and it will make the work less pleasant, and both of those things do carry a premium.
Of course, what you're really hoping is for is not for the client to just accept the higher fee. Ideally, you want the client to instead ask you why something is getting more expensive, so you can explain not just that there's something you don't like but also why it's bad for your client. You want them to decide that the consequences of continuing with it aren't worthwhile so they change course.
If countries outside those borders don't like it, then they can ignore it.
Be careful what you wish for. There seems to be an increasing sentiment almost everywhere that the US is getting far too big for its boots and it is in the best interests of other nations to distance themselves and reduce their dependence on US-controlled interests.
To that end, it is certainly technically possible for an alternative internet to be developed that is independent of the US, and for all of the essential infrastructure to be distributed globally. In fact, for many reasons starting over and fixing some of the problems that were never anticipated decades ago would be a very good thing for almost everyone. But right now, the cost and administrative effort required to do so are prohibitive, and so the status quo remains.
If you push too hard and provide enough incentive for that decentralisation and replacement to actually start happening, there will be exactly one loser, and the economic cost alone would be devastating.
it's really not that hard to tell which bugs are programmer screw-ups and which ones have a deeper cause
I don't entirely agree, because for example as soon as there is any doubt about the spec or the intended architecture coming down from above, the situation is ambiguous.
But even if we accept your premise, for the idea we're discussing to work, you have to be able to identify exactly which programmer is responsible. Was it the guy who called the wrong function, or the guy whose API wasn't clear enough to use properly? If the API was part of the problem, was it really the API developer's fault anyway, when he wrote it three years ago to cater to other use cases before the offending requirement was even conceived, and five other people have hacked parts of it around since then?
Bugs are rarely just he result of a programmer screwing up.
That's rather kind. Bugs happen all the time just because programmers screwed up.
The difficulty with the software industry is that we have not yet developed good objective criteria for saying which bugs are really down to a specific programmer's error as the root cause and which could instead be attributed significantly or entirely to other causes. What's more, we have even less ability to set criteria that are still useful if you're a lawyer or manager or client rather than a technical expert who understands how things actually work.
A similar story that might amuse:
Once upon a time, I worked for a large organisation that sold software. There were some concerns about the security of our computer systems, and so mandatory annual briefings were introduced. These would remind everyone about best practices and provide hard data to demonstrate how serious the problems could be in terms of down time and $ cost. The briefings would be delivered to each employee at their desk, with the employee being required to click through the presentation slowly enough that they might as well read each part.
Management and the sales guys were happy that our security would obviously improve as a result of this exercise, which in turn would presumably alleviate any concerns about our public image.
The sysadmins, programmers, web guys, and other technically knowledgeable geeks, on the other hand, saw irrefutable stats from management's own fingers showing that we could reduce the cost of security problems by over 90% in a single day by confiscating all the laptops from every sales guy and manager and replacing them with locked down devices that could only access company systems for company business.
Yeah, but they have voice recognition, so you only actually lose control of a starship capable of causing damage on a planetary scale if a homesick android turns hostile, which would never happen.
Well, that or if someone brings in a tape recorder, I guess.
Unfortunately, among the worst offenders for lax security practices you will often find company executives. The kind of person who makes it into such positions tends to have a certain arrogance, sociopathic tendencies, and a presumption that anything they screw up can be fixed by someone else later if necessary. If someone like that runs into an access control barrier on their computer, they call IT and say remove it. And if it doesn't get removed, they call the IT guy's supervisor and say remove it, and then they fire the first IT guy.
Obviously not all management is that naive, but I suspect you'll find a strong correlation between management that repeatedly causes serious security problems and management that is willing to run over their sysadmins without losing any sleep over it.
Unfortunately, though it's relatively rare, vulnerabilities allowing software to "escape the virtual machine" are not unheard of. For the kind of security model we're talking about here, you ought to be running isolated segments on completely separate physical systems that can communicate only via controlled channels with suitable safeguards like firewalls and DMZs in place, if they even need to communicate at all. Basically, each segment in your network should regard traffic from any other segment as potentially hostile, in the same way you don't just trust traffic from the Internet and you limit access from non-audited systems if you allow BYOD.
None of this is a new idea, of course. Security and compliance people in fields like finance and healthcare have been advocating these kinds of measures since forever. It's just that every time a major breach happens because someone didn't do it, the subject gets brought up again, and hopefully a few more people (including the executives who need to sign the cheques) get the message.
All fair points, but traditionally the bargain has been that you buy your serious gear from the likes of HP or Dell or Cisco, who are going to charge a lot more than you'd pay for commodity equivalents, but in return the big name gear is generally going to work and you can expect a professional level of ongoing support if and when it doesn't.
If these big name companies don't want to offer that level of ongoing support any more, that's their decision, but then there is little reason to pay a substantial premium to buy the big name equipment in the first place. Building commodity servers and workstations, or getting a reputable and reasonably local supplier to do it for you, can already work out much cheaper than buying your boxes from the premium brands. I don't think the networking/infrastructure side is there yet, but over the next few years I expect SDN and virtualization to put increasing pressure on those areas as well.
It seems short-sighted for brands like HP to risk their reputations with transparent cash grabs like this. It might look good at the end of this quarter, and maybe even this financial year, but it will inevitably push customers towards alternative models, probably enough that some will jump ship. With the likely industry trends over the next few years, it will be a lot more expensive to win those customers back, assuming it's even possible at all by then.