Oh yes! Everyone download this executable from known IP Spoofers and run it. It won't root your system, we promise...
Umm, they do provide the source. That gives you the option of downloading the code, auditing it yourself (harving that done by someone you trust) and then using it. That's far better than what you get with many of these "security" suites that won't give you the source code. So, what's the problem?
(note: I am not an iTMS customer. I don't even own an iPod)
Everything I have seen/heard/etc about the iTunes store is that it is simple.
People like simple. That's it. Why do companies not get this? How many people's VCR clocks blink 12:00 becuase (to them) it is too hard to actually set it?
Now, Apple is on to something with their pricing model. It is simple. Sure, some older songs are probably not worth as much and some newer songs might be worth more, but overall it is a good balance. It's simple. They would likely lose more revenue by going a variable (and more complex) pricing model than they do by not squeezing those last few cents out of the most popular songs.
that once the digital representation is compromised, it is not possible to generate a new biometric. AIUI, every biometric device translates the chosen bioetric into some digital representation (after all, everything is just 1's and 0's to a computer). If this is compromissed, you are sunk. I suppose that precautions, like salting and other things to prevent a replay attack, could help. But in the end, if my passowrd is compromised, I can set a new one. If my eyeball's digital representation is compromised, then I can't generate a new eyeball.
From 2010 people will not be able to receive government health and welfare payments without a card.
That's what they say now. But how long until people who decide they don't want gov't health and welfare benefits are singled out?
"You don't have a national ID card? Why not?"
"I don't want or need gov't health or welfare benefits."
"Why? Do you have something to hide? Guards!"
I know it's a kind of slippery slope argument. But seriously, has there ever been a government in this world that didn't screw up practically everything?
Using the information dispersal algorithm originally conceived of by Michael Rabin (of RSA fame), the software splits every file you backup into small slices, any majority of which can be used to perfectly recreate all the original data.
It seems like this can be tuned to provide varying levels of fault tolerance. According to the abstract (I don't have an ACM web account, and I couldn't find the full text), it seems like I can take a file and make it so that any four chunks can be used to rebuild the file. I can then take those chunks and distribute them eight times to different machines. Thus, five of the eight machines would have to be rendered inoperable before I were unable to retrieve my data.
If I understand it correctly, then this is really slick.
But isn't it a bit oxymoronic, and perhaps counter-productive, to do open source work behind closed doors?
Not so. This is not too different from the way Debian has a debian-private mailing list, which is open only to those who have been admitted to the project as full Debian Developers. Debian does that for protecting personal info (like vacation notices) and financial information. I am not sure that they are protecting the same type of information. However, sometimes things just have to be done behind closed doors. Hopefully, they will keep it as open as possible.
Others can be subconscious. The game could slow down, for instance, if the sensors pick up an increase in anxiety, Lee said.
If they can pull this off, I wonder how it will play with real brain function. I have read about how people perceive time to slow when they are in a situation that causes an adrenaline rush. If the game was realistic enough, it is possible it could cause the player's adrenaline to start up. It would be interesting to see how it works/what happens in that case.
If this was a problem, why in the world didn't they simply block outbound port 80 from the local NAT address (192.168.0.dumbass-that-won't-get-to-work) -> 255.255.255.255/0?
Another possibility if your employee workstations run any flavor of Linux or BSD is to simply remove all the web browsers. Seriously. Unless your company uses apps that can only be access via the web (which I know is many nowadays), there is no need for most employees to have web browsers.
Another possibility is to block all web traffic except through a proxy. Make the proxy authenticate. Use the proxy to allow intranet-only traffic for those people that don't need access to the public Internet.
Any moderately-sized business should be able to accomplish this. Given that the guy in question was a city employee, I would say that the city government should invest in some decent IT people.
Krishna blames the lack of software developers from these developing nations on lack of time, as most people have to work other jobs to support themselves and their families.
Riiiight. Becuase every single open source developer in the US and Europse is paid by his or her employer to work exclusively on a pet open source project. Please. While I know that there are examples of people getting paid as their primary job to work on open source software (Torvalds, Tridge, Cox, de Icaza, the other Ximian people, some Debian folks at HP and Nokia, Red Hat, etc), I believe that the vast majority still work other jobs. That majority of people still must support their own families as well, which means that they are stuck doing something as a primary source of income and working on open source projects in their spare time. Nothing new here.
United Nations University (UNU) researchers say. While they say developing regions such as China, East Asia, India, and South America are among the biggest markets for open source software, UNU officials worry that there may be too few open source developers in those regions.
Also from the article:
Still, Krishna stresses that limiting prospects to only open source solutions and development may deprive these nations of access to other resources, which might include proprietary solutions, companies, and their money. "A lot of people argue there are more opportunities from proprietary solutions, and they might not get it if they are so open source oriented," he says. "The proper course of action is not to be tied to one or get into any religious wars.
The way I see it, open source is an opportunity for everyone. This is just as true of small towns and rural places in the USA and Europe as it is for third world countries. Rather than sending off money to Redmond and Silicon Valley, these countries and cities and towns can hire locals to develop the software. If it is an open source product, they will already have a starting point. I think the biggest advantage of open source, which is constantly over looked, is that it basically combines the best of two worlds: commercial-off-the-shelf and custom development.
Have a problem that can almost be solved by an available commercial app? Tough, it will be close to impossible (unless you are IBM or the U.S. or Eurpean government) to get the developers to change it for you. Have a problem that can almost be solved by an existing oss package? Great bring in some experienced local contractors to modify it to your organization's needs.
Everybody wins: your organization gets something it may not have gotten before; money stays in the local economy; the community around that product benefits (if changes are contributed back); and so on. The only people who lose are the established software companies, because they now have stiffer competition that is more agile than they are.
But now, researchers of the University of Rochester have developed a wireless chip that needs ten times less power than current designs. The new chip relies on a technology named injection locked frequency divider (ILFD) and permits to dramatically reduce the time needed to check for transmission frequencies which are performed several billion times per second by your current phone.
Out of curiousity, why have we not yet figured out how to wirelessly power devices? I mean, we can send lots of RF energy through the air. Why can we not use that same energy to power the device as well as send it information? I can see where it would be a problem for something that requires lots of power, but for small devices this should be possible, no?
I am one of those young people. I'm finishing up a stint in the Army, and going back to finish my final year of my BS in Computer Information Systems. ( I was mobilized during my senior year of college.)
You have a couple of serious advantages that your peers (other recent college grads) simply don't have:
Employers know that you are disciplined (that is a given based on military experience)
They know you are already well trained (it doesn't matter at what) and apt to learn since you had to go through a good amount of training for your MOS (unless you happen to be a cook or truck driver)
You probably have a security clearance (even if it is just a Secret-level clearance)
You are probably more mature (in terms of age, where the people graduating with you are likely 22-23 years old, you are probably 25-26 years old), which makes a difference in how potential employers view you
In summary, you have nothing to worry about. Same with others in similar situation to yours. The moral of the story, if you want to be better off in the job market, consider a 3-4 year hitch in the military. Even if you are not in IT, the added experience will be a huge benefit and establish a track record that you can show to future employers.
The Electronic Frontier Foundation, which is representing the Does, or the unnamed sources of the alleged information leak, contends that a ruling in this case could set a precedent that determines whether online sites can qualify as journalists who can work under First Amendment protections
IANAL, so someone please educate me on this topic. If a reporter at the NYTimes comes into posession of information that is some company's trade secret and publishes it, is that protected under the first amendment? What about the Paducah Post? Does it have to do with simply bineg published? the amount circulation the periodical receives?
Microsoft aims 'to eliminate the openness of the Internet, to proprietize the Internet, the lawyer said, adding the groundwork will be laid in Microsoft's forthcoming new operating system, Vista.'
That has been their goal since the inception of Microsoft Network. They saw how lucrative Prodigy and Compuserver and AOL were and wanted to get in on the action. The problem was that they were too late and those services were already on the decline in favor of more open Internet access. "You mean I can send a message to by friend who has Compuserve even though I am on AOL?"
Basically, they have been trying to bring the world back to the "bad old days".
A harebrained cookie scheme to try and force everybody through your homepage not only causes all kinds of technical problems, when it fails, the visitor can't even get into your website. That's not to say that people don't try to make it work, just that it's impossible to do correctly, and impossible to even attempt without going completely against everything that makes the WWW work so well.
Touché. I have tried to throw out the baby with the bath water.
I am not trying to say that it is the responsibility of each site's webmaster to protect my students (that is my responsibility, after all), but it did not occur to me that such a scheme would cause severe breakage. Of course, there is then the arguemtn of "who decides what is objectionable?" We use tools like Dan's Guardian, but I was hoping there was something that would cover the instances where those types of tools missed.
Note: I am a conservative, but I still don't like most of what Gonzales does.
A third new crime appears to require that commercial Web sites not post sexually explicit material on their home page if it can be seen 'absent any further actions by the viewer.
This one actually makes sense. I have young students that occasionally search for school-related things using Google. Some of the sites that come up are questionable at best. I apprecite those webmasters that have the decency to place a warning and no explicit material on their portal page. Even better are those that make you agree to view the content and set a cookie. That way no matter what page you enter to (since Google doesn't give preference on most searches to a home page as opposed to one deep in the site), the cookie is checked and you get the "agree/disagree" page no matter what.
However, it seems a bit unenforcable. I mean, what about websites overseas? What about websites overseas operated by American's? What about websites in the US operated by foreigners? I think that there are still too many unresolved questions about jurisdiction on the Internet. I would think that as a lawyer, Gonzales would understand that. This is something that depends on the goodwill of the webmasters, much like most other things on the 'net.
I like the idea of reviving the original characters in some way. That was what was really lacking from the later iterations of Star Trek, was the strength of characters. Kirk, Spock, and McCoy were the perfect balance of differing personalities, one of the best sets of characters ever in TV or film.
I also like this idea.
However, given Paramount's history with Trek movies (I only say the last few in the theater out of loyalty to the franchise), I hope the get some of the people that worked on Star Trek: New Voyages. This is not the greatest cinemantography in the world, but given their budget and constraints (e.g., they can't make a profit, the actors are volunteers, etc.), they do a pretty fantastic job.
I've already pointed out why this won't work
on
Is It Time For .tel?
·
· Score: 1
As always, the advice is to weigh the risks before opting for an unofficial hotfix.
Is this not something that smart admins/companies so even with official patches and fixes? To me, the fact that the source was released shows that these people are quite serious about being taken seriously. I suppose that is better than MS assurances that they extensively tested the fix before release.
Any commercial Internet site or online service that "has as its principal or primary business the making available of material that is harmful to minors" would be required to move its site to that domain.
Well then, they better get cracking and register rnc.xxx and dnc.xxx. Lord knows that my years as a youth of listening to political drivel from both sides has completely messed me up.
Also, what about the tobacco companies? Alcohol distillers? Have I missed any?
First, thanks to the article submitter for supplying the "printable" version of the article and aleviating us from having to click through 20 "pages" of reviews.
Second, I own a black ND-3540A that I got from Newegg three months ago for $38.00. It is very nice and replaced a generic CD-RW drive that was just terribly loud. Newegg doesn't stock the ND-3540A anymore. However, they do have the ND-3550A for about $40.00, which is a very good price (you better hurry because they are limited, 500 to a customer:).
Anyhow, I use this thing on Debian Sarge with a slightly customized kernel and dvd+rw-tools. It works very nicely and, IME, burns at the advertised speed, which let me burn a downloaded episode of that new Star Trek fan-based production (I forget the name, exactly) that is only available online. Of course, in addition to burning at the advertised speed, it is much quieter than many other drives I have used. I definitely recommend it, especially if you are a *nix user, as I have encountered no problems at all with it in that respect.
I took a security-related class not too long ago. The prof pointed out that the CC is basically worthless. The important thing is the profile. For example, he said most CC certifications are given out for a profile of a system on a friendly network that is not physically accessible to untrusted users. How useful is that?
He also said something to the effect of: You can claim that your security policy has never been breached, as long as your policy is to not check security.
The problem is that government perpetuates this by requiring people/companies to spend tons of money on this stuff to get "approved" for government use.
I wish business were that easy. It's not just about avoiding the mistakes of your predecessors, though that's probably a necessity.
Right. It's also about doing the same things right. I saw a presentation by Bill Matthews of Hurricane Labs (no affiliation). He was presenting on building a company on open source. He said that number one thing is to not take venture capital. He said that the investors will likely force your company in a direction in which you do not want go, if it means they think they will get a higher return.
Basically, he said to start small and self-fund as much as possible. That is what he did and he claims that he and his partners were able to make Hurrican Labs profitable in two years. When I start out on my own, I plan to at least give self-funding a shot before seeking venture capital.
This action obviously will not stem identity theft but the hope is that this will push banks into security improvements that will make identity theft much harder.
I agree. I was listening to Clark Howard a couple of weeks ago on the radio and he was talking about how 99.9% of US banks have atrocious security when it comes to online banking. I know that identity theft also happens offline, but I also think that you have to criminalize grossly negligent behavior, or else you end up with a situation like what we have today: banks see it as more fiscally reasonable to absorb the cost of the problem than to even attempt to fix it. The problem is that this has tragic consequences for the individuals that are victimized. Hopefully the US congress will jump on board and start dealing with serious problems, instead of concerning themselves with things like college sports and drug testing among athletes, which ultimately shouldn't be of importance to the federal government.
Slashdot Mirror
Oh yes! Everyone download this executable from known IP Spoofers and run it. It won't root your system, we promise...
Umm, they do provide the source. That gives you the option of downloading the code, auditing it yourself (harving that done by someone you trust) and then using it. That's far better than what you get with many of these "security" suites that won't give you the source code. So, what's the problem?
(note: I am not an iTMS customer. I don't even own an iPod)
Everything I have seen/heard/etc about the iTunes store is that it is simple.
People like simple. That's it. Why do companies not get this? How many people's VCR clocks blink 12:00 becuase (to them) it is too hard to actually set it?
Now, Apple is on to something with their pricing model. It is simple. Sure, some older songs are probably not worth as much and some newer songs might be worth more, but overall it is a good balance. It's simple. They would likely lose more revenue by going a variable (and more complex) pricing model than they do by not squeezing those last few cents out of the most popular songs.
that once the digital representation is compromised, it is not possible to generate a new biometric. AIUI, every biometric device translates the chosen bioetric into some digital representation (after all, everything is just 1's and 0's to a computer). If this is compromissed, you are sunk. I suppose that precautions, like salting and other things to prevent a replay attack, could help. But in the end, if my passowrd is compromised, I can set a new one. If my eyeball's digital representation is compromised, then I can't generate a new eyeball.
From 2010 people will not be able to receive government health and welfare payments without a card.
That's what they say now. But how long until people who decide they don't want gov't health and welfare benefits are singled out?
"You don't have a national ID card? Why not?"
"I don't want or need gov't health or welfare benefits."
"Why? Do you have something to hide? Guards!"
I know it's a kind of slippery slope argument. But seriously, has there ever been a government in this world that didn't screw up practically everything?
Using the information dispersal algorithm originally conceived of by Michael Rabin (of RSA fame), the software splits every file you backup into small slices, any majority of which can be used to perfectly recreate all the original data.
It seems like this can be tuned to provide varying levels of fault tolerance. According to the abstract (I don't have an ACM web account, and I couldn't find the full text), it seems like I can take a file and make it so that any four chunks can be used to rebuild the file. I can then take those chunks and distribute them eight times to different machines. Thus, five of the eight machines would have to be rendered inoperable before I were unable to retrieve my data.
If I understand it correctly, then this is really slick.
But isn't it a bit oxymoronic, and perhaps counter-productive, to do open source work behind closed doors?
Not so. This is not too different from the way Debian has a debian-private mailing list, which is open only to those who have been admitted to the project as full Debian Developers. Debian does that for protecting personal info (like vacation notices) and financial information. I am not sure that they are protecting the same type of information. However, sometimes things just have to be done behind closed doors. Hopefully, they will keep it as open as possible.
Others can be subconscious. The game could slow down, for instance, if the sensors pick up an increase in anxiety, Lee said.
If they can pull this off, I wonder how it will play with real brain function. I have read about how people perceive time to slow when they are in a situation that causes an adrenaline rush. If the game was realistic enough, it is possible it could cause the player's adrenaline to start up. It would be interesting to see how it works/what happens in that case.
If this was a problem, why in the world didn't they simply block outbound port 80 from the local NAT address (192.168.0.dumbass-that-won't-get-to-work) -> 255.255.255.255/0?
Another possibility if your employee workstations run any flavor of Linux or BSD is to simply remove all the web browsers. Seriously. Unless your company uses apps that can only be access via the web (which I know is many nowadays), there is no need for most employees to have web browsers.
Another possibility is to block all web traffic except through a proxy. Make the proxy authenticate. Use the proxy to allow intranet-only traffic for those people that don't need access to the public Internet.
Any moderately-sized business should be able to accomplish this. Given that the guy in question was a city employee, I would say that the city government should invest in some decent IT people.
From the article:
Krishna blames the lack of software developers from these developing nations on lack of time, as most people have to work other jobs to support themselves and their families.
Riiiight. Becuase every single open source developer in the US and Europse is paid by his or her employer to work exclusively on a pet open source project. Please. While I know that there are examples of people getting paid as their primary job to work on open source software (Torvalds, Tridge, Cox, de Icaza, the other Ximian people, some Debian folks at HP and Nokia, Red Hat, etc), I believe that the vast majority still work other jobs. That majority of people still must support their own families as well, which means that they are stuck doing something as a primary source of income and working on open source projects in their spare time. Nothing new here.
United Nations University (UNU) researchers say. While they say developing regions such as China, East Asia, India, and South America are among the biggest markets for open source software, UNU officials worry that there may be too few open source developers in those regions.
Also from the article:
Still, Krishna stresses that limiting prospects to only open source solutions and development may deprive these nations of access to other resources, which might include proprietary solutions, companies, and their money. "A lot of people argue there are more opportunities from proprietary solutions, and they might not get it if they are so open source oriented," he says. "The proper course of action is not to be tied to one or get into any religious wars.
The way I see it, open source is an opportunity for everyone. This is just as true of small towns and rural places in the USA and Europe as it is for third world countries. Rather than sending off money to Redmond and Silicon Valley, these countries and cities and towns can hire locals to develop the software. If it is an open source product, they will already have a starting point. I think the biggest advantage of open source, which is constantly over looked, is that it basically combines the best of two worlds: commercial-off-the-shelf and custom development.
Have a problem that can almost be solved by an available commercial app? Tough, it will be close to impossible (unless you are IBM or the U.S. or Eurpean government) to get the developers to change it for you. Have a problem that can almost be solved by an existing oss package? Great bring in some experienced local contractors to modify it to your organization's needs.
Everybody wins: your organization gets something it may not have gotten before; money stays in the local economy; the community around that product benefits (if changes are contributed back); and so on. The only people who lose are the established software companies, because they now have stiffer competition that is more agile than they are.
Dude, you just re-invented RFID tags! You'll make me smile next time I unlock the doors at work.
OK:
But now, researchers of the University of Rochester have developed a wireless chip that needs ten times less power than current designs. The new chip relies on a technology named injection locked frequency divider (ILFD) and permits to dramatically reduce the time needed to check for transmission frequencies which are performed several billion times per second by your current phone.
Out of curiousity, why have we not yet figured out how to wirelessly power devices? I mean, we can send lots of RF energy through the air. Why can we not use that same energy to power the device as well as send it information? I can see where it would be a problem for something that requires lots of power, but for small devices this should be possible, no?
I am one of those young people. I'm finishing up a stint in the Army, and going back to finish my final year of my BS in Computer Information Systems. ( I was mobilized during my senior year of college.)
You have a couple of serious advantages that your peers (other recent college grads) simply don't have:
In summary, you have nothing to worry about. Same with others in similar situation to yours. The moral of the story, if you want to be better off in the job market, consider a 3-4 year hitch in the military. Even if you are not in IT, the added experience will be a huge benefit and establish a track record that you can show to future employers.
The Electronic Frontier Foundation, which is representing the Does, or the unnamed sources of the alleged information leak, contends that a ruling in this case could set a precedent that determines whether online sites can qualify as journalists who can work under First Amendment protections
IANAL, so someone please educate me on this topic. If a reporter at the NYTimes comes into posession of information that is some company's trade secret and publishes it, is that protected under the first amendment? What about the Paducah Post? Does it have to do with simply bineg published? the amount circulation the periodical receives?
Microsoft aims 'to eliminate the openness of the Internet, to proprietize the Internet, the lawyer said, adding the groundwork will be laid in Microsoft's forthcoming new operating system, Vista.'
That has been their goal since the inception of Microsoft Network. They saw how lucrative Prodigy and Compuserver and AOL were and wanted to get in on the action. The problem was that they were too late and those services were already on the decline in favor of more open Internet access. "You mean I can send a message to by friend who has Compuserve even though I am on AOL?"
Basically, they have been trying to bring the world back to the "bad old days".
A harebrained cookie scheme to try and force everybody through your homepage not only causes all kinds of technical problems, when it fails, the visitor can't even get into your website. That's not to say that people don't try to make it work, just that it's impossible to do correctly, and impossible to even attempt without going completely against everything that makes the WWW work so well.
Touché. I have tried to throw out the baby with the bath water.
I am not trying to say that it is the responsibility of each site's webmaster to protect my students (that is my responsibility, after all), but it did not occur to me that such a scheme would cause severe breakage. Of course, there is then the arguemtn of "who decides what is objectionable?" We use tools like Dan's Guardian, but I was hoping there was something that would cover the instances where those types of tools missed.
Note: I am a conservative, but I still don't like most of what Gonzales does.
A third new crime appears to require that commercial Web sites not post sexually explicit material on their home page if it can be seen 'absent any further actions by the viewer.
This one actually makes sense. I have young students that occasionally search for school-related things using Google. Some of the sites that come up are questionable at best. I apprecite those webmasters that have the decency to place a warning and no explicit material on their portal page. Even better are those that make you agree to view the content and set a cookie. That way no matter what page you enter to (since Google doesn't give preference on most searches to a home page as opposed to one deep in the site), the cookie is checked and you get the "agree/disagree" page no matter what.
However, it seems a bit unenforcable. I mean, what about websites overseas? What about websites overseas operated by American's? What about websites in the US operated by foreigners? I think that there are still too many unresolved questions about jurisdiction on the Internet. I would think that as a lawyer, Gonzales would understand that. This is something that depends on the goodwill of the webmasters, much like most other things on the 'net.
I like the idea of reviving the original characters in some way. That was what was really lacking from the later iterations of Star Trek, was the strength of characters. Kirk, Spock, and McCoy were the perfect balance of differing personalities, one of the best sets of characters ever in TV or film.
I also like this idea.
However, given Paramount's history with Trek movies (I only say the last few in the theater out of loyalty to the franchise), I hope the get some of the people that worked on Star Trek: New Voyages. This is not the greatest cinemantography in the world, but given their budget and constraints (e.g., they can't make a profit, the actors are volunteers, etc.), they do a pretty fantastic job.
In the discussion on the proposed .mail TLD I already pointed out why this won't work.
As always, the advice is to weigh the risks before opting for an unofficial hotfix.
Is this not something that smart admins/companies so even with official patches and fixes? To me, the fact that the source was released shows that these people are quite serious about being taken seriously. I suppose that is better than MS assurances that they extensively tested the fix before release.
Any commercial Internet site or online service that "has as its principal or primary business the making available of material that is harmful to minors" would be required to move its site to that domain.
Well then, they better get cracking and register rnc.xxx and dnc.xxx. Lord knows that my years as a youth of listening to political drivel from both sides has completely messed me up.
Also, what about the tobacco companies? Alcohol distillers? Have I missed any?
First, thanks to the article submitter for supplying the "printable" version of the article and aleviating us from having to click through 20 "pages" of reviews.
Second, I own a black ND-3540A that I got from Newegg three months ago for $38.00. It is very nice and replaced a generic CD-RW drive that was just terribly loud. Newegg doesn't stock the ND-3540A anymore. However, they do have the ND-3550A for about $40.00, which is a very good price (you better hurry because they are limited, 500 to a customer :).
Anyhow, I use this thing on Debian Sarge with a slightly customized kernel and dvd+rw-tools. It works very nicely and, IME, burns at the advertised speed, which let me burn a downloaded episode of that new Star Trek fan-based production (I forget the name, exactly) that is only available online. Of course, in addition to burning at the advertised speed, it is much quieter than many other drives I have used. I definitely recommend it, especially if you are a *nix user, as I have encountered no problems at all with it in that respect.
I took a security-related class not too long ago. The prof pointed out that the CC is basically worthless. The important thing is the profile. For example, he said most CC certifications are given out for a profile of a system on a friendly network that is not physically accessible to untrusted users. How useful is that?
He also said something to the effect of: You can claim that your security policy has never been breached, as long as your policy is to not check security.
The problem is that government perpetuates this by requiring people/companies to spend tons of money on this stuff to get "approved" for government use.
I wish business were that easy. It's not just about avoiding the mistakes of your predecessors, though that's probably a necessity.
Right. It's also about doing the same things right. I saw a presentation by Bill Matthews of Hurricane Labs (no affiliation). He was presenting on building a company on open source. He said that number one thing is to not take venture capital. He said that the investors will likely force your company in a direction in which you do not want go, if it means they think they will get a higher return.
Basically, he said to start small and self-fund as much as possible. That is what he did and he claims that he and his partners were able to make Hurrican Labs profitable in two years. When I start out on my own, I plan to at least give self-funding a shot before seeking venture capital.
This action obviously will not stem identity theft but the hope is that this will push banks into security improvements that will make identity theft much harder.
I agree. I was listening to Clark Howard a couple of weeks ago on the radio and he was talking about how 99.9% of US banks have atrocious security when it comes to online banking. I know that identity theft also happens offline, but I also think that you have to criminalize grossly negligent behavior, or else you end up with a situation like what we have today: banks see it as more fiscally reasonable to absorb the cost of the problem than to even attempt to fix it. The problem is that this has tragic consequences for the individuals that are victimized. Hopefully the US congress will jump on board and start dealing with serious problems, instead of concerning themselves with things like college sports and drug testing among athletes, which ultimately shouldn't be of importance to the federal government.