Security is HARD when it's architected into a system from the beginning. Security is impossible when it's an afterthought. Translation: The situation will not improve until the the current crop of operating systems, applications, utilities, etc., are completely replaced by attrition with new code that has security at its core and foundation - that was *architected* to be secure. Of course, security architecture needs to start at the top. 99% of what's out there now, if it has any security at all, had security "bolted on" as an afterthough. This problem is not going away anytime soon. I'm not holding my breath. But, in the meantime, I just consider it "job security" and constant triage.
Less info is "collected" from the printed forms.
Besides... I don't want to make the IRS' job easier unless they give me a rebate for making their job easier. They "cost me" many hours a year to prepare my return... It's only fair that someone there has to spend some time to feed my paper form through a scanner.
Offer me a $100/return credit/refund and I'll think about giving them my return in machine-readable form.
An owned PC is worth more to an attacker than a destroyed machine. (I'm talking about "large numbers" here, not pointed efforts to take a site/machine down.)
I'm surprised there are *any* large-scale malicious viruses anymore... Only because "ownership" means cash to the person who can deliver the botnets. And, for identity thieves, a crashed machine doesn't serve up personal information.
If there is ANY communications path, it can be used for anything... If you have cooperating applications, anything that passes at least "a bit" can be subverted for another purpose. You could do Morse code using ICMP Echo Requests, with the packet size determining whether it's a dot or a dash... Whatever... Again, why is this particular technique news?
I used to have an employee who had previously worked on the IRS' e-file program. He said the IRS collects and saves A LOT more information in the e-file process than they do in the paper process. And of course it saves the IRS a lot of scanning/processing expense. My feeling is that if the IRS wants me to do something to save them money and help them collect/save more information on me, I'll only do it for a discount on my taxes. That won't happen, so I'll forever send in paper. (I can wait a few extra weeks for a refund.)
Slashdot Mirror
Security is HARD when it's architected into a system from the beginning. Security is impossible when it's an afterthought. Translation: The situation will not improve until the the current crop of operating systems, applications, utilities, etc., are completely replaced by attrition with new code that has security at its core and foundation - that was *architected* to be secure. Of course, security architecture needs to start at the top. 99% of what's out there now, if it has any security at all, had security "bolted on" as an afterthough. This problem is not going away anytime soon. I'm not holding my breath. But, in the meantime, I just consider it "job security" and constant triage.
Less info is "collected" from the printed forms. Besides... I don't want to make the IRS' job easier unless they give me a rebate for making their job easier. They "cost me" many hours a year to prepare my return... It's only fair that someone there has to spend some time to feed my paper form through a scanner. Offer me a $100/return credit/refund and I'll think about giving them my return in machine-readable form.
Why is that surprising?
An owned PC is worth more to an attacker than a destroyed machine. (I'm talking about "large numbers" here, not pointed efforts to take a site/machine down.)
I'm surprised there are *any* large-scale malicious viruses anymore... Only because "ownership" means cash to the person who can deliver the botnets. And, for identity thieves, a crashed machine doesn't serve up personal information.
Follow the money.
Reminds me of what happenned to the Kursk... in 2000. Hydrogen Peroxide was supposedly involved in the torpedo explosion that sank that puppy. See http://www.absoluteastronomy.com/encyclopedia/R/Ru /Russian_submarine_Kursk.htm (before it's /.'d)
If there is ANY communications path, it can be used for anything... If you have cooperating applications, anything that passes at least "a bit" can be subverted for another purpose. You could do Morse code using ICMP Echo Requests, with the packet size determining whether it's a dot or a dash... Whatever... Again, why is this particular technique news?
would pay for a lot of students to do the work by hand.. And they'd learn something.
OK.. there are better ways, but at least the money is not going to the Evil Empire.
with cats.
I used to have an employee who had previously worked on the IRS' e-file program. He said the IRS collects and saves A LOT more information in the e-file process than they do in the paper process. And of course it saves the IRS a lot of scanning/processing expense. My feeling is that if the IRS wants me to do something to save them money and help them collect/save more information on me, I'll only do it for a discount on my taxes. That won't happen, so I'll forever send in paper. (I can wait a few extra weeks for a refund.)