Just wondering why they don't stick to their charter, i.e. health. Credibility is a precious thing to waste, and if people start doubting WHO, they might engage in risky behavior (not using protection, etc.)
Are you really that limited intellectually that 2 simple sentences exceed your reading comprehension capabilities, or are you just trolling? Yeah, try to buy a rape insurance policy, if that's your cup of tea...
Burglaries don't get resolved 100% of the time either, but if my house got broken in, I'd make damn sure to report it as sure as I could. Even better: my insurance policy actually makes it an obligation for me to report it, or else they won't cover it.
...if someone isn't willing to go to police but thinks a rape may have occurred...
A rape is a serious crime, and a traumatic event for the victim. Maybe third parties would be unsure that a rape had happened, but for the victim there would be no doubt. And the victim would want to get to police as quickly as possible, in order to be protected from it happening again. And, as far as I understood, this is a tool for victims, not bystanders.
However, if you defined touching, or staring as rape, then I can understand how somebody might be unsure whether they had indeed been the "victim" of such actions.
Yeah, it's like those kiddy porn stats: "last year we rescued 12985 kids..." meant to be understood as "... from a violent raptor", whereas in reality it means "... from a loving home where the father stumbled into a MAFIAA trap on amule".
"Hey, I don't like that guy. Let's all report him through the rape app. We're girls so we'll be believed over him, particularly by the media. The media will even believe us after it's been shown that we were lying because it fits with their narrative."
How is that different from what happens now?
If a real rape happens, you go to the police, and you do it as soon as you can, you don't wait a couple of month (until you fall out with the guy, or until you need a suitable subject for an art project)
I'm not sure what you mean by "very old". Do you mean "established long ago" or specifically "not updated in years"? In which sense are Newgrounds, Albino Blacksheep, Dagobah, and Weebl's Stuff "very old"?
What are Newgrounds, Albino Blacksheep, Dagobah, and Weebl's Stuff? Do we have to know them?
a spoofed email address that looked like HR at our domain
A seasoned security pro would spot that... unless they actually hacked HR, and used their real e-mail (which would be one plausible attack vector, as HR are usually not "seasoned security pros", and are expected to receive loads of dodgy word documents which could carry all kinds of nasty...)
Right before the email was sent, the intruders changed the embedded link so that it took users to a perfect copy of the company's password-change website hosted under the intruder's control. Users followed the help desk directions, but in doing so allowed intruders to capture every password change.
Seems to me the problem isn't phishing... it's the compromise to begin with, and the problems that led to that.
Or, in this case, subcontracting the most trivial tasks out of the company. If it is expected that even company-internal business is run outside of the company's network (surveymonkey...), then nobody blinks an eye if the password changing site isn't hosted by the company either.
What seasoned security pro would click on a link that takes them somewhere that requires account credentials...and then enter those credentials?
It's not just about phishing... the article's title is poorly chosen. Even the introductory paragraph, Nigerian 419 scams, are not phishing strictly speaking.
What they are doing is hack weakly protected business partners of the actual target, and send virus-laden mail from there to the intended target. Virtually impossible to spot (everything about the mail looks correct, including the actual content, which is indeed speaking about an ongoing project with this (hacked) partner). The only fault of the target is to run windows. Now, a "seasoned security pro" might not run windows on his own accord, but in many companies people don't have the choice about that...
If the engineers knew what they were doing was a crime (and they almost certainly did) then they could easily have refused to do it.
Knowing something is immoral is not the same as knowing something is a crime. And knowing something is a crime is not the same as knowing it is a provable crime, and that after reporting it courts would side with you rather than your megacorporation employer.
The worst the company could do to them is fire them
The worst? If that wasn't already a bad enough outcome in this economy...
and then they find a job elsewhere.
It's not if there are hundreds of other car manufacturers around to hire you. And with the few that are around, chances are the managers are golfing partners with each other, and that your former managers will do an excellent job badmouthing you.
Much better than being hauled into court.
Could still happen even (or because...) you blew the whistle. You know, managers play golf with judges too...
In this kind of situation, the best you can do is to leave quietly, and avoid making a splash until you've got a secure position elsewhere.
Telling them "That's not me, you have the wrong number," didn't work.
Just treat them like any other spammer:
hang up on them
if they call again, just excuse yourself saying somebody is at the door, put the handset next to the phone, and go on with your business (ties them up needlessly until they figure out what you're doing)
refeeree's whistle. If they sue you, you now got their identity, and know who to address that "cease collecting" letter to
and if it's someone you know and they're not in the phonebook on your phone (so the number shows up as their name) then you're not being very smart, either.
What if they are calling from a phone not their own? As in "stranded somewhere, with an empty cell-phone battery, but a helpful stranger let them use his"? Or "arrested, cellphone has been confiscated, but they're allowed to use the police station's phone for just one call"
All these protocols would expose fraud or deception quite easily. It'd be simpler to put a gun to people on the way in to the count and tell them who to vote for and check they do this, than to actually create a convincing scenario where the count itself is corrupted.
Actually, that would be another weakness. There should be no way for a voter to prove how he voted. Ban smartphones at the polling station to prevent "stemfies". Make sure there are strict rules in place to make ballots which are too "artistic" invalid (... to prevent people marking their ballots by making each cross a different color, or other such nonsense...)
Slashdot Mirror
Just wondering why they don't stick to their charter, i.e. health. Credibility is a precious thing to waste, and if people start doubting WHO, they might engage in risky behavior (not using protection, etc.)
These figures are readily available at the WHO website.
Could you provide a link please?
But that wouldn't rhyme with "war on men".
Oh I see, so first you misquote TFA
Just wondering, do you actually know what TFA means, or did you just copy-paste that from somewhere?
then spew nonsequiteurs,
... or maybe you just attempted to type what you saw elsewhere?
Are you really that limited intellectually that 2 simple sentences exceed your reading comprehension capabilities, or are you just trolling? Yeah, try to buy a rape insurance policy, if that's your cup of tea...
Burglaries don't get resolved 100% of the time either, but if my house got broken in, I'd make damn sure to report it as sure as I could. Even better: my insurance policy actually makes it an obligation for me to report it, or else they won't cover it.
...if someone isn't willing to go to police but thinks a rape may have occurred...
A rape is a serious crime, and a traumatic event for the victim. Maybe third parties would be unsure that a rape had happened, but for the victim there would be no doubt. And the victim would want to get to police as quickly as possible, in order to be protected from it happening again. And, as far as I understood, this is a tool for victims, not bystanders.
However, if you defined touching, or staring as rape, then I can understand how somebody might be unsure whether they had indeed been the "victim" of such actions.
In short, this is a witch-hunt support tool and it will be sued as such.
No, it's not a witch hunt. You know, witch hunts were against women, whereas this is against men. Revenge of witch-hunt, maybe?
Yeah, it's like those kiddy porn stats: "last year we rescued 12985 kids..." meant to be understood as "... from a violent raptor", whereas in reality it means "... from a loving home where the father stumbled into a MAFIAA trap on amule".
"Hey, I don't like that guy. Let's all report him through the rape app. We're girls so we'll be believed over him, particularly by the media. The media will even believe us after it's been shown that we were lying because it fits with their narrative."
How is that different from what happens now?
If a real rape happens, you go to the police, and you do it as soon as you can, you don't wait a couple of month (until you fall out with the guy, or until you need a suitable subject for an art project)
A, here it is.
Well said. All I see is a grey page. Does anybody have a direct link to the actual image obtained?
That way, we'd see less spam...
I'm not sure what you mean by "very old". Do you mean "established long ago" or specifically "not updated in years"? In which sense are Newgrounds, Albino Blacksheep, Dagobah, and Weebl's Stuff "very old"?
What are Newgrounds, Albino Blacksheep, Dagobah, and Weebl's Stuff? Do we have to know them?
... then why not also for science?
a spoofed email address that looked like HR at our domain
A seasoned security pro would spot that... unless they actually hacked HR, and used their real e-mail (which would be one plausible attack vector, as HR are usually not "seasoned security pros", and are expected to receive loads of dodgy word documents which could carry all kinds of nasty...)
Right before the email was sent, the intruders changed the embedded link so that it took users to a perfect copy of the company's password-change website hosted under the intruder's control. Users followed the help desk directions, but in doing so allowed intruders to capture every password change.
Seems to me the problem isn't phishing... it's the compromise to begin with, and the problems that led to that.
Or, in this case, subcontracting the most trivial tasks out of the company. If it is expected that even company-internal business is run outside of the company's network (surveymonkey...), then nobody blinks an eye if the password changing site isn't hosted by the company either.
What seasoned security pro would click on a link that takes them somewhere that requires account credentials...and then enter those credentials?
It's not just about phishing... the article's title is poorly chosen. Even the introductory paragraph, Nigerian 419 scams, are not phishing strictly speaking.
What they are doing is hack weakly protected business partners of the actual target, and send virus-laden mail from there to the intended target. Virtually impossible to spot (everything about the mail looks correct, including the actual content, which is indeed speaking about an ongoing project with this (hacked) partner). The only fault of the target is to run windows. Now, a "seasoned security pro" might not run windows on his own accord, but in many companies people don't have the choice about that...
If the engineers knew what they were doing was a crime (and they almost certainly did) then they could easily have refused to do it.
Knowing something is immoral is not the same as knowing something is a crime. And knowing something is a crime is not the same as knowing it is a provable crime, and that after reporting it courts would side with you rather than your megacorporation employer.
The worst the company could do to them is fire them
The worst? If that wasn't already a bad enough outcome in this economy...
and then they find a job elsewhere.
It's not if there are hundreds of other car manufacturers around to hire you. And with the few that are around, chances are the managers are golfing partners with each other, and that your former managers will do an excellent job badmouthing you.
Much better than being hauled into court.
Could still happen even (or because...) you blew the whistle. You know, managers play golf with judges too...
In this kind of situation, the best you can do is to leave quietly, and avoid making a splash until you've got a secure position elsewhere.
Telling them "That's not me, you have the wrong number," didn't work.
Just treat them like any other spammer:
because god knows you can't find public phones anymore.
... which would not be in the whitelist either, btw :-)
and if it's someone you know and they're not in the phonebook on your phone (so the number shows up as their name) then you're not being very smart, either.
What if they are calling from a phone not their own? As in "stranded somewhere, with an empty cell-phone battery, but a helpful stranger let them use his"? Or "arrested, cellphone has been confiscated, but they're allowed to use the police station's phone for just one call"
All fine if you know who the debt collectors are. But what do you do if they don't tell their name and block caller id?
All these protocols would expose fraud or deception quite easily. It'd be simpler to put a gun to people on the way in to the count and tell them who to vote for and check they do this, than to actually create a convincing scenario where the count itself is corrupted.
Actually, that would be another weakness. There should be no way for a voter to prove how he voted. Ban smartphones at the polling station to prevent "stemfies". Make sure there are strict rules in place to make ballots which are too "artistic" invalid (... to prevent people marking their ballots by making each cross a different color, or other such nonsense...)