Nobody shows up at one of these contests and cracks their knuckles and starts looking for holes. They always show up with a premade bag of polished and practiced zero-days.
Funny though how they get so much media attention every time this happens OMG safari got owned in six minutes! Chrome got hacked in 5 minutes! They must beg gods! no, not really.
There's really no reason they couldn't be doing this once a month really. I'd wager that the winners this round had 4-6 different exploits in their bag of tricks, and are strategically submitting them.
It would be in google's better interest to hold such contests monthly with smaller prizes. It'd just be paying for bugs, but the way they're doing it here is just moving a lot slower than it really should.
I don't understand why they are avoiding this option like the plague. C'mon... practically every compiler compiles its language into assembly and runs that through an assembler for final object code creation. (tho some will then run THAT through an optimizer etc) There's absolutely no reason for them to insist it can't be written in native assembler. I wrote many things for the 6502 that way - if you want it fast and small, that's the way to go.
And sorry, if they have to reverse it back into C++ or some other higher level language to figure out what it does, they're idiots, no better than script kiddies. I don't care of they have ten CS masters degrees. Assembly just takes a little more time to work out, it's not like it's encrypted and they don't have the key.
None of this should come as a surprise to anyone. The authors are black-hats. They make their living on buffer overflows and bug exploitation, they damn well know how to code in assembly, and specifically how to tear it apart and analyze it in fine detail. Why can't these "experts" do that?
A leading Republican, who was in Congress for more than 10 years, answered my question: "Who can beat Obama?" with a casual, "a mammal". Then he added sadly: "But they are all reptiles."
You could spend a lot of your evening looking at all the crazy Republicans. Normally I don't like to lump by party, but this year there's clearly something in the Republicans' water glasses at the debates.
That is the sad truth of it all, the best example to illustrate the point.
But that defies even the latter principle stated:
Their advantage over dictatorships or other forms of government is merely that they "effectively prevent lower-than-average candidates from becoming leaders."
And we may be headed down that road again. Mit is more than likely going to be on the ballot. The problem with Mit is he's not incompetent, he's just plain crazy. Incompetent we can suffer through (Bush), but crazy will cause us serious problems. (did he just declare war on Mexico??)
"Never under-estimate the power of stupid people in large groups" applies best to Voters. There will be a lot of idiots that will vote for Mit on the sole basis that he's the Republican candidate. I've seen polls where they're asking people if they think he's a bit crazy and they say yes, and then they're asked who they vote for and they say him, makes me want to slap them around a bit. "Do you think your job as a voter is to vote for your party, or for the better candidate?" I think that partisanship is a bigger obstacle for democracy than stupid voters. And this is going to be a scary election...
While I agree this would be easiest as a U.S federal law, I think this is out side the bounds of the constitution and needs to handled at each of the 50 states.
I'd completely disagree with that. I want to see the NSA, FBI, and every other federal LEA be encompassed by this sort of legislation. This isn't a matter of "we do things different in Texas" etc. Transparency of law enforcement SHOULD be a constitutional right, there's no reason for ANY state in the union to have a plausible reason not to get on board with this. It'd be IN the constitution already if they would have had to deal with this problem in the 1700s. Funny how advances in technology only seem to lead to more restrictive laws to cope with changes, very rarely do we see additional rights, just more and more restrictions. I really hate that.
The short of this is that we need a federal law (or supreme court decision) that specifically makes recording of law enforcement officers performing their duties in public places legal. Full stop. No restrictions or loopholes.
The problem we're fighting is there's too much abuse of power and lack of outside accountability within most law enforcement groups. (sorry, an "internal investigation" leaves much doubt as to the impartialness of the findings) Recordings have been used over and over again to change the course of internal investigations that were attempting to (or had already) neatly sweep things under the rug and "failed to find any evidence of misconduct". The need for these recordings has been demonstrated so many times, and I don't recall a single incident of the recordings being challenged for any reason other than an attempt to cover up or retaliate. They have NO reasonable or lawful basis to deny this law. Law has no expectation of privacy while performing their duty in public, that should be obvious to all.
Good example. I guess what it boils down to is if you pay someone for a service, and they screw it up, the most they need to do is not charge you for not providing the service.
But in your example, the only way to have recovered the picasso for example, is if you'd paid me $18 million+ to babysit the cat. But in no case is that reasonable. The whole point of hiring someone to protect something is to spend less on protecting it than the replacement cost should it get stolen. Then factoring in the odds of loss and the level of protection to arrive at a reasonable charge. Otherwise why bother paying someone in the first place?
Paying $15 to babysit a cat and be responsible for the security of millions does not compare well with spending hundreds a month to protect thousands, which is the matter at hand. If I pay a home security company $200/month to secure my house with a piccaso in it, I expect a chunk of that money to go toward them being bonded and insured against incompetency, and if my house IS robbed and they are shown to have been negligent, I will be expecting full compensation for my loss as a result.
On the other hand, if I hire my neighbor for $15 to watch over my house with a piccaso in it, I get what I deserve if the place gets robbed, even if due to the neglegence of my neighbor. I had no reasonable expectation of the level of security and coverage I needed.
This host should be the same way, they should be bonded and insured so their own stupidity does not (A) put them out of business and (B) insure I am compensated for my losses should there be any. As a hosting business, if they are NOT bonded/insured, they deserve the lawsuit. There are several service industries that require bond/insurance to get a license to perform the service, for exactly this reason - people tried to serve on the cheap in a high risk market and too many were screwing up and just shuttering up and sticking their customers with most of the bill when they'd screw up big. Too much of that in a given industry leads to regulation and proper coverage for the customers.
In the same way, if I pay the high school geek down the block $10/mo to host my online storefront in his parents' basement, I have no reasonable expectation of high security or loss compensation.
These guys are running a professional large-scale business. They're a real business in the real world, and they need to behave like one and shall be held accountable as such.
Because nobody has figured out exactly how one would warp space, only that it's theoretically possible.
More specifically, they've figured out all the neat things they can do with warped space, but just not how to accomplish it in the first place. Gravity, energy, magnetism, and mass all can warp space, but not in useful ways yet. I'd bet magnetism is going to be the way we do it, if ever.
Yes, that's what it means, and it is perfectly valid and enforceable. If you rent a space where you can put anything you want, then you yourself must insure whatever you put there. The provider is not your insurance company.
But this wasn't a case of random act of vandalism. The host's negligence led to the loss. If you lease an apartment from me and someone robs you, ok that's not my fault if I didn't contribute to it. But if I have a copy of your key and leave it laying in front of your door, and you are robbed as a result, that's negligence on my part, and it's not a risk "you should just have to accept". You should be able to sue me and at least get back some of your loss because I am at least partly responsible for the loss.
Subscriber further acknowledges that Linode.com's liability for its own negligence may not in any event exceed an amount equivalent to charges payable by subscriber for services during the period damages occurred.
So if this is binding and enforceable, (which should always be questioned, you can put just about anything in your TOS) that means if they are incompetent retards and let your hosted server get hacked through their back door to your hosted machine they won't be liable for anything beyond the monthly fees you paid them while being hacked?
That's very likely to go to court. They may win or they may lose, but that fails the "common sense" assumption that part of what you are paying for is at least reasonable security for your IP at the facility you are leasing time on. And losing control of your hypervisor-ish password should be easy to prove to be negligent.
I think if they came right out and had to decode that and say "we reserve the right to let random vandals come in and snoop all your data and you won't have any legal recourse" they'd lose a lot of customers. But that's basically what this is going to tell all their customers now. They'd have been a lot smarter to just have quietly reimbursed them. It'll cost them more due to bad publicity.
You must be new here? they're cops, everyone knows cops don't like to arrest other cops. And DA's don't like to charge cops unless there's a public outcry. And their sergeants usually give even the dirtiest of cops "their full support", even when there is public outcry. Most of the time they just get some paid vacation for their bad behavior. It's no wonder it just doesn't stop. When's the last time you saw a cop get suspended instead of "placed on administrative leave"?
I would say that losing the source code to some of the embedded control systems in the ISS is just about the LEAST valuable theft of source code, ever.
Reuse of the code is probably not what they're worried about. Give any sufficiently large amount of code to a group of skilled hackers and they are very likely to find a few exploitable bugs. It's just a matter of playing against the odds in the long run. They may discover a few buffer overflows in obscure places, and after a lot of research, find a way to turn one of them into a privilege escalation via a very complex sequence of steps. And further find a way to abuse that, all the way up to something genuinely dangerous remotely. Systems of this complexity and review typically are only compromised by using a combination of different bugs to "chain" in from the front door to the kernel, and starts with a deep knowledge of the system, and that's exactly what they have now.
Anyone that thinks any large, complex chunk of code is 100% bug-free is delusional. There was a story here on/. recently about a kernel escalation bug that had been committed for years without anyone noticing it, despite all the kernel hackers and that "many eyes make for shallow bugs" theory. Look at all the review that code had over the years.
Well if they hadn't been such greedy shit heads the DVD version could have looked a whole lot better
Well that's just good business there in the movie and video industry. If you sell them good quality to start with, they won't need to buy it again. Sell crap, then sell good quality, then sell director/special/ultimate edition releases. 1.1x the expense for 3x the return.
From the article, open them in different tabs and switch between. Wow. I always wondered why the DVD image quality and colors sucked so badly, that explains it nicely.
The app devs are using a finite resource on the device to do their thing, and some of them are making money off this bandwidth. Someone has to pay for this bandwidth. Either the user, the telco, or the dev. The telco has no reason to pay for it. So it's either the user (by eating into the data allotment) or directly billing the devs. This seems to make sense.
So for any given app you can either bill the dev a little bit, per installation or per use, or you can eat into the user's data plan. Either way the end users will be paying for it, either as a bigger data plan (or overages) or in a higher cost for the app up-front, or an increase in cost to the monthly/yearly/whatever the app dev may be charging for their service on top of the upfront cost of the program.
I don't see why people get so bent out of shape when someone tries to change which of their pockets the money is coming out of. They would probably prefer if the pocket is going to change, that it change to someone else's pocket. That's generally not how it works.
I think this is a good idea. For me at least, it makes it easier to understand where my "data money" is being spent - how much this new app really is costing me. Rather than a big number on my phone bill and me thinking "ok, which of the 10 apps I use a lot is responsible for this?" (or trying to figure out the complete breakdown, think a pie chart) this allows the users to see in clear terms what the real "total cost" of an app is, the cost of the app plus the cost of the data to use it. In the business world we call this Total Cost of Ownership.
Apple has a long-standing tactic of creating shells to do their brand and part buying, to make it difficult for the rumor mills and competitors to figure out what Apple is up to. And it sounds like they're complaining that they sold the iPad name to a company they didn't realize was buying for Apple.. (otherwise they'd have no doubt have tried to charge them more for it)
Too bad. I have no pity for people that like to scheme with "you have more money, so I'm going to charge you more!" getting beat at their own game. These people are only upset at themselves for not recognizing the value of what they were selling, and want someone to cover their loss as a result.
This is no different than a buyer trying to go after a seller for overcharging them for something after they realize they paid too much for it. Just the shoe's on the other foot.
That agency thinks they can compel us to. We told them to go to court. They haven't done that yet.'"
I'd be interested to know which one... CIA, FBI, DHS, [redacted]?
ALSO, really, does what they said have to be true? I thought nowadays they could just slap you with some secrecy order, and walk out with your HDDs or do whatever they felt like, and you would be required to deny it publicly? Wonderful police state we live in here...
It's more a case of they have to have evidence to show that there is evidence on your hard drive of the crime. Sort of like how you have to have probable cause to have a search warrant. "I suspect you're breaking the law and I suspect there's evidence of some sort on your hard drive" isn't good enough. "We have evidence that proves you downloaded child porn, and there's a good chance your hard drive still has evidence of the download on it", THAT is good enough.
Basically what it amounts to is they have to already have SOME evidence of illegal activity, to search a very specific (and relevant) protected place for supporting evidence
that's not unique. There were enough cases of that exact thing happening that they made a federal law requiring that any non-functioning fridge with a latching door must have the door REMOVED. Deep freezes included.
Not only are they mostly airtight, they're also fairly soundproof. Makes them an effective deathtrap.
My grandma went to the fbi after being scammed by nigerians. They told her to contact homeland security. She did and nothing came of it.
wrong homeland
She needed to contact the office in Nigeria.
If she's having problems getting ahold of them, I have a contact over there, let me know and for a small fee I'll arrange to get them in touch with her.
The outcome of that comparison is completely dependent on the circumstances. Financial condition of the company, boss's attitude, corporate politics.
Remove a variable and look again. Compare two more-or-less identical people at different companies and see how the different companies treat the two entirely different.
We DO seem to see a lot of "I'm in an impossible job situation, what do I do?" Ask Slashdots lately. The most common answer is usually the same... if you're in a bad spot, things are falling apart, and all the usual routes of resolution are being thwarted by people you have no control over, YES, it is time to leave. It's frustrating, defeating, and unfair but sometimes that's just how life is and you have to react.
Slashdot Mirror
Nobody shows up at one of these contests and cracks their knuckles and starts looking for holes. They always show up with a premade bag of polished and practiced zero-days.
Funny though how they get so much media attention every time this happens OMG safari got owned in six minutes! Chrome got hacked in 5 minutes! They must beg gods! no, not really.
There's really no reason they couldn't be doing this once a month really. I'd wager that the winners this round had 4-6 different exploits in their bag of tricks, and are strategically submitting them.
It would be in google's better interest to hold such contests monthly with smaller prizes. It'd just be paying for bugs, but the way they're doing it here is just moving a lot slower than it really should.
I don't understand why they are avoiding this option like the plague. C'mon... practically every compiler compiles its language into assembly and runs that through an assembler for final object code creation. (tho some will then run THAT through an optimizer etc) There's absolutely no reason for them to insist it can't be written in native assembler. I wrote many things for the 6502 that way - if you want it fast and small, that's the way to go.
And sorry, if they have to reverse it back into C++ or some other higher level language to figure out what it does, they're idiots, no better than script kiddies. I don't care of they have ten CS masters degrees. Assembly just takes a little more time to work out, it's not like it's encrypted and they don't have the key.
None of this should come as a surprise to anyone. The authors are black-hats. They make their living on buffer overflows and bug exploitation, they damn well know how to code in assembly, and specifically how to tear it apart and analyze it in fine detail. Why can't these "experts" do that?
Is it just a popularity/contrast thing, or does wordpress seem to be popping up a lot recently for security holes in their web servers?
Sorry I was a bit busy at the time to look for relevant links.
Mitt Romney: Another Crazy Republican Gear
The 'Crazy', 'Extremist' Republican Party Is About To Nominate a Massachusetts Moderate
Are the Republican candidates all crazy?
My favorite quote from that article:
You could spend a lot of your evening looking at all the crazy Republicans. Normally I don't like to lump by party, but this year there's clearly something in the Republicans' water glasses at the debates.
That is the sad truth of it all, the best example to illustrate the point.
But that defies even the latter principle stated:
And we may be headed down that road again. Mit is more than likely going to be on the ballot. The problem with Mit is he's not incompetent, he's just plain crazy. Incompetent we can suffer through (Bush), but crazy will cause us serious problems. (did he just declare war on Mexico??)
"Never under-estimate the power of stupid people in large groups" applies best to Voters. There will be a lot of idiots that will vote for Mit on the sole basis that he's the Republican candidate. I've seen polls where they're asking people if they think he's a bit crazy and they say yes, and then they're asked who they vote for and they say him, makes me want to slap them around a bit. "Do you think your job as a voter is to vote for your party, or for the better candidate?" I think that partisanship is a bigger obstacle for democracy than stupid voters. And this is going to be a scary election...
I'd completely disagree with that. I want to see the NSA, FBI, and every other federal LEA be encompassed by this sort of legislation. This isn't a matter of "we do things different in Texas" etc. Transparency of law enforcement SHOULD be a constitutional right, there's no reason for ANY state in the union to have a plausible reason not to get on board with this. It'd be IN the constitution already if they would have had to deal with this problem in the 1700s. Funny how advances in technology only seem to lead to more restrictive laws to cope with changes, very rarely do we see additional rights, just more and more restrictions. I really hate that.
The short of this is that we need a federal law (or supreme court decision) that specifically makes recording of law enforcement officers performing their duties in public places legal. Full stop. No restrictions or loopholes.
The problem we're fighting is there's too much abuse of power and lack of outside accountability within most law enforcement groups. (sorry, an "internal investigation" leaves much doubt as to the impartialness of the findings) Recordings have been used over and over again to change the course of internal investigations that were attempting to (or had already) neatly sweep things under the rug and "failed to find any evidence of misconduct". The need for these recordings has been demonstrated so many times, and I don't recall a single incident of the recordings being challenged for any reason other than an attempt to cover up or retaliate. They have NO reasonable or lawful basis to deny this law. Law has no expectation of privacy while performing their duty in public, that should be obvious to all.
Good example. I guess what it boils down to is if you pay someone for a service, and they screw it up, the most they need to do is not charge you for not providing the service.
But in your example, the only way to have recovered the picasso for example, is if you'd paid me $18 million+ to babysit the cat. But in no case is that reasonable. The whole point of hiring someone to protect something is to spend less on protecting it than the replacement cost should it get stolen. Then factoring in the odds of loss and the level of protection to arrive at a reasonable charge. Otherwise why bother paying someone in the first place?
Paying $15 to babysit a cat and be responsible for the security of millions does not compare well with spending hundreds a month to protect thousands, which is the matter at hand. If I pay a home security company $200/month to secure my house with a piccaso in it, I expect a chunk of that money to go toward them being bonded and insured against incompetency, and if my house IS robbed and they are shown to have been negligent, I will be expecting full compensation for my loss as a result.
On the other hand, if I hire my neighbor for $15 to watch over my house with a piccaso in it, I get what I deserve if the place gets robbed, even if due to the neglegence of my neighbor. I had no reasonable expectation of the level of security and coverage I needed.
This host should be the same way, they should be bonded and insured so their own stupidity does not (A) put them out of business and (B) insure I am compensated for my losses should there be any. As a hosting business, if they are NOT bonded/insured, they deserve the lawsuit. There are several service industries that require bond/insurance to get a license to perform the service, for exactly this reason - people tried to serve on the cheap in a high risk market and too many were screwing up and just shuttering up and sticking their customers with most of the bill when they'd screw up big. Too much of that in a given industry leads to regulation and proper coverage for the customers.
In the same way, if I pay the high school geek down the block $10/mo to host my online storefront in his parents' basement, I have no reasonable expectation of high security or loss compensation.
These guys are running a professional large-scale business. They're a real business in the real world, and they need to behave like one and shall be held accountable as such.
yep, I'd agree, gravity certainly is an attractive Earth feature
More specifically, they've figured out all the neat things they can do with warped space, but just not how to accomplish it in the first place. Gravity, energy, magnetism, and mass all can warp space, but not in useful ways yet. I'd bet magnetism is going to be the way we do it, if ever.
But this wasn't a case of random act of vandalism. The host's negligence led to the loss. If you lease an apartment from me and someone robs you, ok that's not my fault if I didn't contribute to it. But if I have a copy of your key and leave it laying in front of your door, and you are robbed as a result, that's negligence on my part, and it's not a risk "you should just have to accept". You should be able to sue me and at least get back some of your loss because I am at least partly responsible for the loss.
So if this is binding and enforceable, (which should always be questioned, you can put just about anything in your TOS) that means if they are incompetent retards and let your hosted server get hacked through their back door to your hosted machine they won't be liable for anything beyond the monthly fees you paid them while being hacked?
That's very likely to go to court. They may win or they may lose, but that fails the "common sense" assumption that part of what you are paying for is at least reasonable security for your IP at the facility you are leasing time on. And losing control of your hypervisor-ish password should be easy to prove to be negligent.
I think if they came right out and had to decode that and say "we reserve the right to let random vandals come in and snoop all your data and you won't have any legal recourse" they'd lose a lot of customers. But that's basically what this is going to tell all their customers now. They'd have been a lot smarter to just have quietly reimbursed them. It'll cost them more due to bad publicity.
You must be new here? they're cops , everyone knows cops don't like to arrest other cops. And DA's don't like to charge cops unless there's a public outcry. And their sergeants usually give even the dirtiest of cops "their full support", even when there is public outcry. Most of the time they just get some paid vacation for their bad behavior. It's no wonder it just doesn't stop. When's the last time you saw a cop get suspended instead of "placed on administrative leave"?
Reuse of the code is probably not what they're worried about. Give any sufficiently large amount of code to a group of skilled hackers and they are very likely to find a few exploitable bugs. It's just a matter of playing against the odds in the long run. They may discover a few buffer overflows in obscure places, and after a lot of research, find a way to turn one of them into a privilege escalation via a very complex sequence of steps. And further find a way to abuse that, all the way up to something genuinely dangerous remotely. Systems of this complexity and review typically are only compromised by using a combination of different bugs to "chain" in from the front door to the kernel, and starts with a deep knowledge of the system, and that's exactly what they have now.
Anyone that thinks any large, complex chunk of code is 100% bug-free is delusional. There was a story here on /. recently about a kernel escalation bug that had been committed for years without anyone noticing it, despite all the kernel hackers and that "many eyes make for shallow bugs" theory. Look at all the review that code had over the years.
Well that's just good business there in the movie and video industry. If you sell them good quality to start with, they won't need to buy it again. Sell crap, then sell good quality, then sell director/special/ultimate edition releases. 1.1x the expense for 3x the return.
From the article, open them in different tabs and switch between. Wow. I always wondered why the DVD image quality and colors sucked so badly, that explains it nicely.
DVD
BluRay
The bluray shot makes the DVD image look like a photo after it's been ran through the wash.
The app devs are using a finite resource on the device to do their thing, and some of them are making money off this bandwidth. Someone has to pay for this bandwidth. Either the user, the telco, or the dev. The telco has no reason to pay for it. So it's either the user (by eating into the data allotment) or directly billing the devs. This seems to make sense.
So for any given app you can either bill the dev a little bit, per installation or per use, or you can eat into the user's data plan. Either way the end users will be paying for it, either as a bigger data plan (or overages) or in a higher cost for the app up-front, or an increase in cost to the monthly/yearly/whatever the app dev may be charging for their service on top of the upfront cost of the program.
I don't see why people get so bent out of shape when someone tries to change which of their pockets the money is coming out of. They would probably prefer if the pocket is going to change, that it change to someone else's pocket. That's generally not how it works.
I think this is a good idea. For me at least, it makes it easier to understand where my "data money" is being spent - how much this new app really is costing me. Rather than a big number on my phone bill and me thinking "ok, which of the 10 apps I use a lot is responsible for this?" (or trying to figure out the complete breakdown, think a pie chart) this allows the users to see in clear terms what the real "total cost" of an app is, the cost of the app plus the cost of the data to use it. In the business world we call this Total Cost of Ownership.
Funny I was looking at this article on another aggregator (why is /. always so behind?) and so went digging and found these:
Here's one (skip ahead to 1:40) and this is the other one.
Apple has a long-standing tactic of creating shells to do their brand and part buying, to make it difficult for the rumor mills and competitors to figure out what Apple is up to. And it sounds like they're complaining that they sold the iPad name to a company they didn't realize was buying for Apple.. (otherwise they'd have no doubt have tried to charge them more for it)
Too bad. I have no pity for people that like to scheme with "you have more money, so I'm going to charge you more!" getting beat at their own game. These people are only upset at themselves for not recognizing the value of what they were selling, and want someone to cover their loss as a result.
This is no different than a buyer trying to go after a seller for overcharging them for something after they realize they paid too much for it. Just the shoe's on the other foot.
I'd be interested to know which one... CIA, FBI, DHS, [redacted]?
ALSO, really, does what they said have to be true? I thought nowadays they could just slap you with some secrecy order, and walk out with your HDDs or do whatever they felt like, and you would be required to deny it publicly? Wonderful police state we live in here...
It's more a case of they have to have evidence to show that there is evidence on your hard drive of the crime. Sort of like how you have to have probable cause to have a search warrant. "I suspect you're breaking the law and I suspect there's evidence of some sort on your hard drive" isn't good enough. "We have evidence that proves you downloaded child porn, and there's a good chance your hard drive still has evidence of the download on it", THAT is good enough.
Basically what it amounts to is they have to already have SOME evidence of illegal activity, to search a very specific (and relevant) protected place for supporting evidence
that's not unique. There were enough cases of that exact thing happening that they made a federal law requiring that any non-functioning fridge with a latching door must have the door REMOVED. Deep freezes included.
Not only are they mostly airtight, they're also fairly soundproof. Makes them an effective deathtrap.
wrong homeland
She needed to contact the office in Nigeria.
If she's having problems getting ahold of them, I have a contact over there, let me know and for a small fee I'll arrange to get them in touch with her.
The outcome of that comparison is completely dependent on the circumstances. Financial condition of the company, boss's attitude, corporate politics.
Remove a variable and look again. Compare two more-or-less identical people at different companies and see how the different companies treat the two entirely different.
We DO seem to see a lot of "I'm in an impossible job situation, what do I do?" Ask Slashdots lately. The most common answer is usually the same... if you're in a bad spot, things are falling apart, and all the usual routes of resolution are being thwarted by people you have no control over, YES, it is time to leave. It's frustrating, defeating, and unfair but sometimes that's just how life is and you have to react.