"All the insurance in the world will not help you if you can't get back up fast enough"
That's either false or a tautology. It is false in that, well yes, enough insurance money will cover you for as much time as needed; it's a tautology in that, well yes, if you run out of insurance money, no matter how much it is, and you still didn't get to speed, you are trashed.
"just because the backup system worked correctly doesn't necessarily mean your data is good."
No, you are wrong. If the backup system worked correctly your data would have been good. Your problem was that what you called your "backup system" was not truly one. You forgot the part: "if you haven't tried restoring from it, it isn't a backup".
"The main fault here was that they had fail-over and called it backups."
Right.
"There is no one dogmatic way to look at backups. If you think there is, good luck finding a job in 10 years when conditions have changed."
Wrong. Conditions have not changed in the last 35 years and I don't see them changing on the foreseable future. Technical conditions and abilities will change, true, but the essence of the work that has to be achieved won't change the same a mathematical theorem doesn't change.
What a backup strategy is (short version): * A means to recover from a failure. It's obvious Tom Allensworth's strategy is a failure and it was obvious it was a failure from the very beginnig (it has been a hacker, but what if it were a virus or a worm, or a human failure deleting some critical files and then the deletion being replicated? Same result).
What makes a minimal backup strategy (any less than this and your "solution" is not entitled to be called "backup strategy"): * There has to be no less than two complete data sets non connected with the systems being protected. * There has to be no less than one complete data set off-sited from were the systems being protected "live in". * There has to be no less than one current copy of the documentation needed to redeploy from barebones the protected systems off-sited from the facilities were the systems being protected "live in". * At the very least two people -the backup responsible and her direct superior, have to know where the above mentioned documentation lives and they must have the ability to recover it.
Some side notes: * The last two points are not needed on a lone star-driven system, only on company-style ones. If there's only one person which will benefit from the data (i.e.: your personal data or a single-person bussiness') is good enough if only you know how to recover the data -it can even be only anotated "on you head" and not in paper, although you still would be better if in paper: memory fails with time. * The above point-set is not absolutly "failure-proof" and some common sense should be applied (if your system is likely to be attacked, you'd better have more datasets splitted over longer time ranges; if the backup admin and her superior tend to go together there's the risk you lose them both at a time, and so your ability to recover out of -now unknown to exist, documentation, etc.) but they are the bare minimum. * Last but not least, backups have exactly ZERO value. Recovering from backups when need arises is the valuable part, so test your recovery procedures, once and again and again. And let it do the test your less knowledgeable/capable/valuable people: maybe when the need arises that will be all you have.
Just now it can be read on this site's home page: "3,800 Vulnerabilities Detected In FAA's Web Apps". The interesting point is: "Jeremiah Grossman, CTO of WhiteHat Security, says the rate is actually in line with the average number of bugs his security firm finds in most Web applications."
See? It's not the money: your average web shop and air traffic control apps, closed sourced, will have in common that they both are the same utter crap.
"if application A is commerical and has 2 bugs, one of which is a bastard to track down and fix, but is resulting in lost sales, and one is purely cosmetic and fun to fix, the bastard bug gets fixed first."
But since most of the time it is the cosmetic bug the one that really bugs the user, it this the one fixed. The bastard one, if at all, will be fixed on next version, will be marketeed as a hugh enhancement and will cost you a new license.
"What you want is to detect the attempt and then block all further connections from A, regardless of what they are. ie: You are actively updating the firewall to exclude known attackers. For this, you need Active IDS. "
Yes, that was exactly my point: that in order to shoot your foot off you need and active IDS. The example you used is typical on this regard: the next you will know is that somehow you lost contact to control tower five (of course my signature injection with source spoofing might have something to do with this DoS).
"This isn't a buzzword"
A "buzzword" is a word that makes "buzz". Active IDS has its place and I already told what it is. But "Active IDS" sounds good, specifically sounds better than plain "IDS" so it is used to gain moment on buy decisors (hey! my IDS is better, it's active!) and that's "buzzword" by the book.
"Active network (and host) intrusion detection has existed a very long time"
That doesn't make it less of a buzzword like "sinergy", "win-win", or "consolidation"; it's context, not the word itself. And we are lucky "active ids" is growing old; had it born today it would be probably named "IDS 2.0" or some nonsense like that.
"Passive IDS only reports problems, it makes no attempt to do anything (like add firewall rules)."
Exactly the way I told it, good boy.
"It is good for generating lots of noise, but it's quite useless for dealing with any real-time threat."
And here you show you barely know what are you talking about. If it generates lots of noise it's because it detects lots of false or real threats. That detection engine will be *exactly the same* your "Active IDS" will use; now it's your time to decide: were they false, so your A-IDS will be working for your ruin, or where they real, in which case they'll be able to be managed by protocol in advance -or you don't know in which case you better have a human to analyse it?
I'm yet to see a real case scenario where the active IDS was to enhance security on an otherwise secured environment instead of an economical way to have some security on an insecure environment. Not to say that the latter is not a valid situation (*lots* of networks can and do work under that premise) but that it is not portable to the first case.
"I would imagine that the rule was written with the idea that politicians could go out and eat dinner or get a cup of coffee and not pick up the tab, and that's fine-"
"On the other hand, a "defensive bribe" has a radically different moral status. In such a case, for example, Robinson, seeing that gambling casinos are outlawed in a certain area, bribes policemen to allow his casino to operate - a perfectly legitimate response to an unfortunate situation." Defensive bribery, in fact, performs an important social function throughout the world."
Yes, I can see how a drug dealer bribering local police so he can operate despite the fact that drug dealing is outlawed is a perfectly legitimate response to an unfortunate situation and how it performs an important social function throught the world.
"You don't want to pay to play? Fine - Raytheon/BAE Systems/Lockheed/Kollsman/Northrop/etc etc etc are all perfectly willing to take your place. "
They all American companies or have heavy interests on the American market so they are controllable.
"For every company that gets caught, a dozen more just did business"
There you have the problem then, not on the other side of the fence.
"and the US doesn't necessarily even want to catch you. Oh, on paper they do, but in reality you're talking billions of dollars of taxable income, and if it doesn't go to a US contractor, China/Russia/India/Japan/etc etc etc are more than willing to fill the void."
Regarding American companies they'll take the taxes no matter what; regarding non-american ones, they know they will play by the rules if they really see strong commitment on the American side since they cannot afford losing the American market in exchange for even Saudi Arabia. All you say are nothing but lame excuses (not from you but from "the system") to sustain current 'statu quo' by those most benefited from them (it seems curious that for big powers "the change can't happen" when it happens to be on their own interest -Raytheon dixit, but "we can lead the change for the better" when, again, happens to be on their best interest -Blackwater dixit).
"The total hit to Siemens included a fine of $450 MILLION plus disgorgement of $350 MILLION in "tainted profits." If that isn't a "big deal" I don't know what is. It takes a lot of revenue to replace $800,000,000 in cash."
And then one goes "mode tinfoil on" and asks himself if the fact that Siemens is not a USA company could have something to do with the magnitude of fines.
Well, it seems that we are now more on petty details than deep qualitative differences (and that's expected or else the conversation wouldn't last that long).
"When I was a supervisor, I basically told my troops to talk to me and let me know their thoughts on things. When the time came, though, they had to jump when I said jump."
My point was just the second part (there's a time to jump when the boss says "jump") but the fact of the matter is I behave exactly the same (or at least, that I tried): I used to tell it on a somehow cynical -but I meant it seriously, way: please, let me know everything you think may be relevant and tell me your opinion and I'll take it all into consideration. Then, of course, you'll do exactly as I say, with no recourse, even if from time to time my unrecourseable order will be "do it your way" (and that's valid only on non-action days: if we are in a hurry and it'll be me the one that decide if we are in a hurry, you'll do as I say and we will have the conversation later). All in all, it usually worked.
"2) I'd agree with you about corruption being out of place in a democracy, but that's an ideal."
Of course you know the famouse cite -was it from Franklin? the price of liberty is perennial awareness, or something as such. We are living -most of us, first world citizens I mean, on quite calm times so we tend to forget that grieve is the most withstanding force, for the good (that's the moving force of capitalism) and for the bad too (that's the basis of all corruption) the fact that we don't have to strive for our very life -at least not too often, doesn't mean we can forget we still need to fight -against the bad face of greed, against corruption, against powerful staments, not only government but everyone of them, and its natural tendence to abuse, etc.
"3) The US Military, and it's equipment, being in bad shape is different than being better than the opponents."
Probably you are right, but I think it's still basically irrelevant: good enough is good enough. Of course Roman Empire's generals would be grateful if some Thunderbolts fully equiped were time-transported to their days, but the qualitative effects would be nihil: Roman Empire was the superpower of its days with or without A-10s, and A-10s are quite expensive, even without considering time-machine related costs.
"Older planes take more time, money and people to maintain."
Than what? If your point is that they are more expensive than the demonstrable alternatives, then you have a case; if the point is that a current 30-year-old Thunderbolt has higher maintenance costs than ten years ago but still is cheaper than buying new planes, then you don't have a case.
Mixed feelings. Of course the part on your fist link about "I don't want to write a letter, or have my successor write a letter, 'Dear Mr. and Mrs. Smith, your son or daughter are dead because the wing fell off on takeoff. We knew it was going to fall off, we just didn't know when.'" is undebatable but everything else it is.
So maintaing 20-year-old planes is more expensive than maintaining 10-year-old planes? What a surprise! That equipment that see hard real action suffer more than the one used on practices? Are you joking me?
But what's the point? This is not the point: the point is knowing if mantaining current 20-year-old planes is more or less expensive than buying new ones *now* (at an stated cost of 400 billion). And then, your first link miserably fails at stating anything about this (even more: it covers its ass by showing opinions on both directions).
Regarding your second link, quite more of the same: first you have a high rank official telling he wants more and better toys (what a surprise!) against an unstated future menace
"Let's say, for example, that all authorized connections must use strong authentication and must use IPSEC (or S/WAN, or some other authenticated encrypted communication system of your choosing). The IDS can then look for any other type of connection and slam the door on it."
And here we have a glaring example of the "buzzword du-jour". "active IDS" in this case. Let's say, for example, that all authorized connections must look like X. Then you don't need "active IDS" you just don't open these kinds of connections and that's all. For each and every case you can spout a precise a priori diagnostic factor, you don't need "active IDS". The "active" part is to deal with the unpredicted. Now: two things: 1) What the hell is doing some unpredicted traffic pattern on a highly secured network? No need for "active nothing" then. 2) On a highly secured network will you really allow for an unmanned software to take decisions out of a software developed by somebody that wasn't able to foresee such situation (or else no need for the "active" part)?
"Active nonsense" are only of use on so uncritical paths that even thinking on the risks would be more expensive than some "after the fact" action so you allow for the machine to make the decision since it's faster and cheaper than a human's one. That, or a dumb CIO did believe the infomercial on bright brouchers after the golf round from the vendor, of course.
"Germany suffered 5 million casualties out of 60 million around the world. That means the kill ratio is 12 to 1 making Germany a very very effective killing machine."
But then German/Austrian population by 1940 was about 80M while world's population was about 2300M, so the death ratio is 3.2 to 1 making Germany a very effective suicidal machine.
"Blitzkrieg was a tactic to concentrate a large fast assault on the weakest part of the enemy"
No, it wasn't. I think you are making a fuss between Napoleonic and Guderian's tactics. As the very name implies, the key factor on blitzkrieg was fastness and surprise (thus the implied need of mechanized cavalry) while Napoleon's point was beating with your strongest forces on the weakest point of your enemy. Not that those both are not related, but still not quite the same.
"It had success early on for the Germans, it was not something that could easily be maintained and after a year or so"
Of course not! after a year or so of fast raiding your army would fall by the End of the World!
"so the allies were able to adapt to counter those types of attacks."
Or there was no place to fast raid to. Of course blitzkrieg is not a strategy for a long running war but to end a war really fast. Hitler was not able to end his European war in a fast manner so blitzkrieg had to be abandoned (it's obvious after Dunkerk and Hitler's inability to take Great Britain), not that allies countered nothing.
"Lets not forget who won the war."
But then, where Hitler failed, USA didn't: last campaign over Irak was a blitzkrieg by the book (fast, based on mechanized cavalvry, piercing the borders and then forget about flanks and going directly to the heart of the enemy -the capital city, in this case...) and it ended up succesfully as such (Irak's government surrended). Indeed the "historical problem" with blitzkrieg-like wars is that they don't end up on big bold letters on history books since -when succesful, they are so fast: as the most egregious example, who knows almost anything about Caesar's campaign over Persia *except* the very epygram "veni, vedi, vici"?
"IBM is trying to take advantage of the uncertainty some people have with the merger to grab some of Sun's hardware business."
The point is that when you lose "something" you can recover, but if your enemy manages to make you lose "all" there's no chance to recover: you get extinguished.
"I mean, how are you going to mitigate the blitzkrieg campaign IBM has launched against SPARC while you're busy with the merger details?"
By having Oracle's CEO telling SPARC's clients there's nothing to worry about, that the new owner will not only support but even increase development of the platform, perhaps?
"Of course, I'm not familiar with EU law or member state law in this area. I admit I was speaking from an American POV. However our own media has a tendency to conflate infringement with theft."
Even more, it has the tendency, even on official claims to think that USA law is "world's law", for instance on statistics about "piracy" which doesn't go into the consideration that what is called "piracy" in the USA happens not to be so elsewhere.
"Think of it this way: if you haven't broken any laws, how can somebody successfully sue you? Of course anybody can sue you at any given time for anything no matter what , anyway, but what sets apart those situations where he'd be successful and win the lawsuit from those where he'd be shown the door because his suit is without merit?"
And then, with your argument you make a very decent point against the proposed law.
Exactly: anyone anytime can sue you. That's why it takes a trial, and a judge and a jury for the suer to demonstrate he has a valid point and only then get the blood out of you. What this law proposed was that the suer had the automatic right to put you out of bussiness *before* his claims being confronted in a trial and *without* the ability from the sued part to get compensation if it happended to be a no-case (but this second part is secondary: it is the first the one that goes so against the Justice system build up since the Roman times that is ashtounding -and dismaying that it took the European Parliament no less to bail out such a nonsense. And it haven't finished yet: we'll see after summer what happens on the redeeming office -not his proper name but I don't know how it translates into English).
"You can violate civil OR criminal law, of which both violations would be considered "illegal.""
While I'm aware (and you too, by now) that you didn't choose the best way to describe it (you cannot be "illegal" on civil matters) I get your point.
But even then you seem to forget that obviously it can be the case that you DON'T violate neither civil nor criminal laws. The proposed law was twofold awful:
1) It didn't consider that file-sharing of copyright-protected cultural assets is not illegal in most EU space since it is protected by the private copy right which citizens even pay to sustain. P2P shares of cultural copyrighted material (basically songs and movies but books too) is NOT illegal and very hard to be shown as a civil offense too (that's why most if not all European RIAA-like organizations are trying to change laws to turn such activies into the illegallity they are not yet).
2) It didn't considered that even if it was a proveable offense IT IS NOT UP TO THE PART to decide it and take grounds on it before a trial: that's the job of a judge and if and only if there were a decent suspect of being personal or national security in risk which doesn't seem to be the case about sharing films and songs.
"However why did the evil banks and investors allow this to happen? [...] Were the banks and investors that desperate to end up overpaying in a legally complicated way for some rat hole?"
Because no matter how much the liberal du-jour tries to convince you of it corporations don't have a soul nor a volonty: people do. The banks didn't allow this because they can't allow a shit. People can. And it happens that people at the head of it knew they were not risking *their* money but that of the corporation and in exchange they were making indecent ammounts of money that finished in their pockets. And these greedy bastards -that I already told, were the ones with the abilities and the experience, did perfectly know that no matter what, they would end up either being nastily rich or being fired with compensations that would make them almost nastily rich -oh! and all this backed by public money because of their great performance as it indeed has happened.
"Everyone and every nation thought they could get rich by just selling property to each other."
When a father tells his little child that the Moon is made of cheese, would you think the child is guilty if he wants to use it for a hamburger Moon-sized? What now if it were the father the one asking for it? In an equation with an illiterate guy on one side and a Ivvy League member in the other I *do* know which one is the worst scum when shit hits the fan.
"It's as much of a strawman as your comment about voting before storming a hill, or you missed my point. Maybe we're both bored and like arguing with strangers."
My case is not one of a strawman. Even Greeks (first inventors of the term "democracy" itself) -surely Romans too, had the figure of the Tyrant for the bad days. On my first quote I was trying to paraphrase Crimson Tide Gene Hackman's phrase: "We're here to defend democracy, not practice it.".
So again: there's a time and a place to use democracy (and/or freedoms) and there's a and a place time to defend it -and usually they are quite different times and places. Military is more of a place in the second category than in the first one -hence my counter "let's vote next time some good guys are to be killed in action". It's not the place nor the time, but it is the thing to be done. What it is a strawman argument is trying to pass this sad but crude reality as that I'm defending that the service is a place where someone (i.e.: a bastardly inclined politican) can abuse someone by saying "well, that's the time and the moment" when it isn't. It is certain that when you volonteer to the army you expose yourself for these kinds of things to happen, but a) that doesn't make it ethical or acceptable and b) when that happens but in the most rare circumnstances what is under scrutiny is my first (albeit implicit) assert: that you are indeed in a country of liberties (or else you were not defending the unexistant).
"As for politicians... well. I think most are just expected to be corrupt in favor of their voting populace just enough to get re-elected."
Here we go into deep waters. It seems a bit ill your choice of adjetives: the "to be corrupt" part is not only out of place but the very basis of representative democracy. Politicians are there to be moved by their voters since they are their representatives. It's true that it would be better that politicians weren't moveable but instead supporters of strong and well-based opinions and then, those whose opinions were more acceptable by the majority being chosen than the other way around, looking what the people seems to desire and then go for it, but -again, democracy, much as capitalism, has its grounds on realities -that people is greedy, than ideals, and that makes it work. If idealism did work, communism or tiranny would be better systems than democracy by far as Plato already stated some 2.500 years ago.
"I don't know about your country, but the US Military's been wanting new equipment, such as planes, for a long time now."
C'mon! If you really think USA military is in such a bad shape please don't try to research how the rest of the world is doing. Planes, you say? I can accept your moan about GI's since they are really in first line of fire and they are the ones eating the worse shit at the expense of their integrity (they *always* are in need of better body armour, ground intelligence, armoured transports... even without bad politicians mooding the waters) but planes!!!??? When was last time USA lost a plane in air-to-air combat or because of bad maintenance? Vietnam?
"The next time you or a somebody you know gets injured because they had crap gear, please think of the lawmakers"
Sure that adds quite a lot to your argument. Nah... it adds nothing since it's a strawman.
"Why should you be recognized or appreciated for just doing your job?"
Because it's still a job per choice and it's a nasty job that needs to be done. People tend to appreciate that. Just the same that kind of politicians and lawmakers are "recognized" by their jobs too.
"When a $40,000 a year rent-a-cop finances a $500,000 home in San Francisco with what's now called "a liar's loan", yes that's a crime."
Yes, if that's the case. But it seems more of the times it was more about "Hey, listen to me: I'm the expert one here, so let me tell here you earn 200.000 a year instead of 40.000; it's standard practice" which indeed seemed to be the case since all the people known by the poor bastard were told exactly the same.
"All the insurance in the world will not help you if you can't get back up fast enough"
That's either false or a tautology. It is false in that, well yes, enough insurance money will cover you for as much time as needed; it's a tautology in that, well yes, if you run out of insurance money, no matter how much it is, and you still didn't get to speed, you are trashed.
"just because the backup system worked correctly doesn't necessarily mean your data is good."
No, you are wrong. If the backup system worked correctly your data would have been good. Your problem was that what you called your "backup system" was not truly one. You forgot the part: "if you haven't tried restoring from it, it isn't a backup".
"The main fault here was that they had fail-over and called it backups."
Right.
"There is no one dogmatic way to look at backups. If you think there is, good luck finding a job in 10 years when conditions have changed."
Wrong. Conditions have not changed in the last 35 years and I don't see them changing on the foreseable future. Technical conditions and abilities will change, true, but the essence of the work that has to be achieved won't change the same a mathematical theorem doesn't change.
What a backup strategy is (short version):
* A means to recover from a failure.
It's obvious Tom Allensworth's strategy is a failure and it was obvious it was a failure from the very beginnig (it has been a hacker, but what if it were a virus or a worm, or a human failure deleting some critical files and then the deletion being replicated? Same result).
What makes a minimal backup strategy (any less than this and your "solution" is not entitled to be called "backup strategy"):
* There has to be no less than two complete data sets non connected with the systems being protected.
* There has to be no less than one complete data set off-sited from were the systems being protected "live in".
* There has to be no less than one current copy of the documentation needed to redeploy from barebones the protected systems off-sited from the facilities were the systems being protected "live in".
* At the very least two people -the backup responsible and her direct superior, have to know where the above mentioned documentation lives and they must have the ability to recover it.
Some side notes:
* The last two points are not needed on a lone star-driven system, only on company-style ones. If there's only one person which will benefit from the data (i.e.: your personal data or a single-person bussiness') is good enough if only you know how to recover the data -it can even be only anotated "on you head" and not in paper, although you still would be better if in paper: memory fails with time.
* The above point-set is not absolutly "failure-proof" and some common sense should be applied (if your system is likely to be attacked, you'd better have more datasets splitted over longer time ranges; if the backup admin and her superior tend to go together there's the risk you lose them both at a time, and so your ability to recover out of -now unknown to exist, documentation, etc.) but they are the bare minimum.
* Last but not least, backups have exactly ZERO value. Recovering from backups when need arises is the valuable part, so test your recovery procedures, once and again and again. And let it do the test your less knowledgeable/capable/valuable people: maybe when the need arises that will be all you have.
"Yeah, why don't you support your statement."
I'll do for him.
Just now it can be read on this site's home page: "3,800 Vulnerabilities Detected In FAA's Web Apps". The interesting point is: "Jeremiah Grossman, CTO of WhiteHat Security, says the rate is actually in line with the average number of bugs his security firm finds in most Web applications."
See? It's not the money: your average web shop and air traffic control apps, closed sourced, will have in common that they both are the same utter crap.
"if application A is commerical and has 2 bugs, one of which is a bastard to track down and fix, but is resulting in lost sales, and one is purely cosmetic and fun to fix, the bastard bug gets fixed first."
But since most of the time it is the cosmetic bug the one that really bugs the user, it this the one fixed. The bastard one, if at all, will be fixed on next version, will be marketeed as a hugh enhancement and will cost you a new license.
"What you want is to detect the attempt and then block all further connections from A, regardless of what they are. ie: You are actively updating the firewall to exclude known attackers. For this, you need Active IDS. "
Yes, that was exactly my point: that in order to shoot your foot off you need and active IDS. The example you used is typical on this regard: the next you will know is that somehow you lost contact to control tower five (of course my signature injection with source spoofing might have something to do with this DoS).
"This isn't a buzzword"
A "buzzword" is a word that makes "buzz". Active IDS has its place and I already told what it is. But "Active IDS" sounds good, specifically sounds better than plain "IDS" so it is used to gain moment on buy decisors (hey! my IDS is better, it's active!) and that's "buzzword" by the book.
"Active network (and host) intrusion detection has existed a very long time"
That doesn't make it less of a buzzword like "sinergy", "win-win", or "consolidation"; it's context, not the word itself. And we are lucky "active ids" is growing old; had it born today it would be probably named "IDS 2.0" or some nonsense like that.
"Passive IDS only reports problems, it makes no attempt to do anything (like add firewall rules)."
Exactly the way I told it, good boy.
"It is good for generating lots of noise, but it's quite useless for dealing with any real-time threat."
And here you show you barely know what are you talking about. If it generates lots of noise it's because it detects lots of false or real threats. That detection engine will be *exactly the same* your "Active IDS" will use; now it's your time to decide: were they false, so your A-IDS will be working for your ruin, or where they real, in which case they'll be able to be managed by protocol in advance -or you don't know in which case you better have a human to analyse it?
I'm yet to see a real case scenario where the active IDS was to enhance security on an otherwise secured environment instead of an economical way to have some security on an insecure environment. Not to say that the latter is not a valid situation (*lots* of networks can and do work under that premise) but that it is not portable to the first case.
"I would imagine that the rule was written with the idea that politicians could go out and eat dinner or get a cup of coffee and not pick up the tab, and that's fine-"
Is it?
"Oh, and I'm just an engineer, not a manager, so don't think it is my job to tow the company line..."
Probably not. But it is not your job to gain contracts around the world, either. Maybe this explains your different point of view.
"On the other hand, a "defensive bribe" has a radically different moral status. In such a case, for example, Robinson, seeing that gambling casinos are outlawed in a certain area, bribes policemen to allow his casino to operate - a perfectly legitimate response to an unfortunate situation."
Defensive bribery, in fact, performs an important social function throughout the world."
Yes, I can see how a drug dealer bribering local police so he can operate despite the fact that drug dealing is outlawed is a perfectly legitimate response to an unfortunate situation and how it performs an important social function throught the world.
"You don't want to pay to play? Fine - Raytheon/BAE Systems/Lockheed/Kollsman/Northrop/etc etc etc are all perfectly willing to take your place. "
They all American companies or have heavy interests on the American market so they are controllable.
"For every company that gets caught, a dozen more just did business"
There you have the problem then, not on the other side of the fence.
"and the US doesn't necessarily even want to catch you. Oh, on paper they do, but in reality you're talking billions of dollars of taxable income, and if it doesn't go to a US contractor, China/Russia/India/Japan/etc etc etc are more than willing to fill the void."
Regarding American companies they'll take the taxes no matter what; regarding non-american ones, they know they will play by the rules if they really see strong commitment on the American side since they cannot afford losing the American market in exchange for even Saudi Arabia. All you say are nothing but lame excuses (not from you but from "the system") to sustain current 'statu quo' by those most benefited from them (it seems curious that for big powers "the change can't happen" when it happens to be on their own interest -Raytheon dixit, but "we can lead the change for the better" when, again, happens to be on their best interest -Blackwater dixit).
"The total hit to Siemens included a fine of $450 MILLION plus disgorgement of $350 MILLION in "tainted profits." If that isn't a "big deal" I don't know what is. It takes a lot of revenue to replace $800,000,000 in cash."
And then one goes "mode tinfoil on" and asks himself if the fact that Siemens is not a USA company could have something to do with the magnitude of fines.
"FYI: I really do like your stances."
Well, it seems that we are now more on petty details than deep qualitative differences (and that's expected or else the conversation wouldn't last that long).
"When I was a supervisor, I basically told my troops to talk to me and let me know their thoughts on things. When the time came, though, they had to jump when I said jump."
My point was just the second part (there's a time to jump when the boss says "jump") but the fact of the matter is I behave exactly the same (or at least, that I tried): I used to tell it on a somehow cynical -but I meant it seriously, way: please, let me know everything you think may be relevant and tell me your opinion and I'll take it all into consideration. Then, of course, you'll do exactly as I say, with no recourse, even if from time to time my unrecourseable order will be "do it your way" (and that's valid only on non-action days: if we are in a hurry and it'll be me the one that decide if we are in a hurry, you'll do as I say and we will have the conversation later). All in all, it usually worked.
"2) I'd agree with you about corruption being out of place in a democracy, but that's an ideal."
Of course you know the famouse cite -was it from Franklin? the price of liberty is perennial awareness, or something as such. We are living -most of us, first world citizens I mean, on quite calm times so we tend to forget that grieve is the most withstanding force, for the good (that's the moving force of capitalism) and for the bad too (that's the basis of all corruption) the fact that we don't have to strive for our very life -at least not too often, doesn't mean we can forget we still need to fight -against the bad face of greed, against corruption, against powerful staments, not only government but everyone of them, and its natural tendence to abuse, etc.
"3) The US Military, and it's equipment, being in bad shape is different than being better than the opponents."
Probably you are right, but I think it's still basically irrelevant: good enough is good enough. Of course Roman Empire's generals would be grateful if some Thunderbolts fully equiped were time-transported to their days, but the qualitative effects would be nihil: Roman Empire was the superpower of its days with or without A-10s, and A-10s are quite expensive, even without considering time-machine related costs.
"Older planes take more time, money and people to maintain."
Than what? If your point is that they are more expensive than the demonstrable alternatives, then you have a case; if the point is that a current 30-year-old Thunderbolt has higher maintenance costs than ten years ago but still is cheaper than buying new planes, then you don't have a case.
"http://www.military.com/NewsContent/0,13319,135018,00.html
http://www.af.mil/news/story.asp?id=123089011
Some links, as requested."
Mixed feelings. Of course the part on your fist link about "I don't want to write a letter, or have my successor write a letter, 'Dear Mr. and Mrs. Smith, your son or daughter are dead because the wing fell off on takeoff. We knew it was going to fall off, we just didn't know when.'" is undebatable but everything else it is.
So maintaing 20-year-old planes is more expensive than maintaining 10-year-old planes? What a surprise! That equipment that see hard real action suffer more than the one used on practices? Are you joking me?
But what's the point? This is not the point: the point is knowing if mantaining current 20-year-old planes is more or less expensive than buying new ones *now* (at an stated cost of 400 billion). And then, your first link miserably fails at stating anything about this (even more: it covers its ass by showing opinions on both directions).
Regarding your second link, quite more of the same: first you have a high rank official telling he wants more and better toys (what a surprise!) against an unstated future menace
"Let's say, for example, that all authorized connections must use strong authentication and must use IPSEC (or S/WAN, or some other authenticated encrypted communication system of your choosing). The IDS can then look for any other type of connection and slam the door on it."
And here we have a glaring example of the "buzzword du-jour". "active IDS" in this case. Let's say, for example, that all authorized connections must look like X. Then you don't need "active IDS" you just don't open these kinds of connections and that's all. For each and every case you can spout a precise a priori diagnostic factor, you don't need "active IDS". The "active" part is to deal with the unpredicted. Now: two things:
1) What the hell is doing some unpredicted traffic pattern on a highly secured network? No need for "active nothing" then.
2) On a highly secured network will you really allow for an unmanned software to take decisions out of a software developed by somebody that wasn't able to foresee such situation (or else no need for the "active" part)?
"Active nonsense" are only of use on so uncritical paths that even thinking on the risks would be more expensive than some "after the fact" action so you allow for the machine to make the decision since it's faster and cheaper than a human's one. That, or a dumb CIO did believe the infomercial on bright brouchers after the golf round from the vendor, of course.
"Germany suffered 5 million casualties out of 60 million around the world. That means the kill ratio is 12 to 1 making Germany a very very effective killing machine."
But then German/Austrian population by 1940 was about 80M while world's population was about 2300M, so the death ratio is 3.2 to 1 making Germany a very effective suicidal machine.
"Blitzkrieg was a tactic to concentrate a large fast assault on the weakest part of the enemy"
No, it wasn't. I think you are making a fuss between Napoleonic and Guderian's tactics. As the very name implies, the key factor on blitzkrieg was fastness and surprise (thus the implied need of mechanized cavalry) while Napoleon's point was beating with your strongest forces on the weakest point of your enemy. Not that those both are not related, but still not quite the same.
"It had success early on for the Germans, it was not something that could easily be maintained and after a year or so"
Of course not! after a year or so of fast raiding your army would fall by the End of the World!
"so the allies were able to adapt to counter those types of attacks."
Or there was no place to fast raid to. Of course blitzkrieg is not a strategy for a long running war but to end a war really fast. Hitler was not able to end his European war in a fast manner so blitzkrieg had to be abandoned (it's obvious after Dunkerk and Hitler's inability to take Great Britain), not that allies countered nothing.
"Lets not forget who won the war."
But then, where Hitler failed, USA didn't: last campaign over Irak was a blitzkrieg by the book (fast, based on mechanized cavalvry, piercing the borders and then forget about flanks and going directly to the heart of the enemy -the capital city, in this case...) and it ended up succesfully as such (Irak's government surrended). Indeed the "historical problem" with blitzkrieg-like wars is that they don't end up on big bold letters on history books since -when succesful, they are so fast: as the most egregious example, who knows almost anything about Caesar's campaign over Persia *except* the very epygram "veni, vedi, vici"?
"IBM is trying to take advantage of the uncertainty some people have with the merger to grab some of Sun's hardware business."
The point is that when you lose "something" you can recover, but if your enemy manages to make you lose "all" there's no chance to recover: you get extinguished.
"Yes, much like people buy hotdogs from the guy with the wiener cart, except when he is giving them away."
First dose for free, man, but only first dose.
"I mean, how are you going to mitigate the blitzkrieg campaign IBM has launched against SPARC while you're busy with the merger details?"
By having Oracle's CEO telling SPARC's clients there's nothing to worry about, that the new owner will not only support but even increase development of the platform, perhaps?
""I can tell the difference between 256k MP3 and uncompressed CD-audio.
I bet you don't and challenge you to a double blind contest... so I am: I'll give you the advantage of listening while blind -doubly!
"Of course, I'm not familiar with EU law or member state law in this area. I admit I was speaking from an American POV. However our own media has a tendency to conflate infringement with theft."
Even more, it has the tendency, even on official claims to think that USA law is "world's law", for instance on statistics about "piracy" which doesn't go into the consideration that what is called "piracy" in the USA happens not to be so elsewhere.
"Think of it this way: if you haven't broken any laws, how can somebody successfully sue you? Of course anybody can sue you at any given time for anything no matter what , anyway, but what sets apart those situations where he'd be successful and win the lawsuit from those where he'd be shown the door because his suit is without merit?"
And then, with your argument you make a very decent point against the proposed law.
Exactly: anyone anytime can sue you. That's why it takes a trial, and a judge and a jury for the suer to demonstrate he has a valid point and only then get the blood out of you. What this law proposed was that the suer had the automatic right to put you out of bussiness *before* his claims being confronted in a trial and *without* the ability from the sued part to get compensation if it happended to be a no-case (but this second part is secondary: it is the first the one that goes so against the Justice system build up since the Roman times that is ashtounding -and dismaying that it took the European Parliament no less to bail out such a nonsense. And it haven't finished yet: we'll see after summer what happens on the redeeming office -not his proper name but I don't know how it translates into English).
"You can violate civil OR criminal law, of which both violations would be considered "illegal.""
While I'm aware (and you too, by now) that you didn't choose the best way to describe it (you cannot be "illegal" on civil matters) I get your point.
But even then you seem to forget that obviously it can be the case that you DON'T violate neither civil nor criminal laws. The proposed law was twofold awful:
1) It didn't consider that file-sharing of copyright-protected cultural assets is not illegal in most EU space since it is protected by the private copy right which citizens even pay to sustain. P2P shares of cultural copyrighted material (basically songs and movies but books too) is NOT illegal and very hard to be shown as a civil offense too (that's why most if not all European RIAA-like organizations are trying to change laws to turn such activies into the illegallity they are not yet).
2) It didn't considered that even if it was a proveable offense IT IS NOT UP TO THE PART to decide it and take grounds on it before a trial: that's the job of a judge and if and only if there were a decent suspect of being personal or national security in risk which doesn't seem to be the case about sharing films and songs.
"However why did the evil banks and investors allow this to happen? [...] Were the banks and investors that desperate to end up overpaying in a legally complicated way for some rat hole?"
Because no matter how much the liberal du-jour tries to convince you of it corporations don't have a soul nor a volonty: people do. The banks didn't allow this because they can't allow a shit. People can. And it happens that people at the head of it knew they were not risking *their* money but that of the corporation and in exchange they were making indecent ammounts of money that finished in their pockets. And these greedy bastards -that I already told, were the ones with the abilities and the experience, did perfectly know that no matter what, they would end up either being nastily rich or being fired with compensations that would make them almost nastily rich -oh! and all this backed by public money because of their great performance as it indeed has happened.
"Everyone and every nation thought they could get rich by just selling property to each other."
When a father tells his little child that the Moon is made of cheese, would you think the child is guilty if he wants to use it for a hamburger Moon-sized? What now if it were the father the one asking for it? In an equation with an illiterate guy on one side and a Ivvy League member in the other I *do* know which one is the worst scum when shit hits the fan.
"It's as much of a strawman as your comment about voting before storming a hill, or you missed my point. Maybe we're both bored and like arguing with strangers."
My case is not one of a strawman. Even Greeks (first inventors of the term "democracy" itself) -surely Romans too, had the figure of the Tyrant for the bad days. On my first quote I was trying to paraphrase Crimson Tide Gene Hackman's phrase: "We're here to defend democracy, not practice it.".
So again: there's a time and a place to use democracy (and/or freedoms) and there's a and a place time to defend it -and usually they are quite different times and places. Military is more of a place in the second category than in the first one -hence my counter "let's vote next time some good guys are to be killed in action". It's not the place nor the time, but it is the thing to be done. What it is a strawman argument is trying to pass this sad but crude reality as that I'm defending that the service is a place where someone (i.e.: a bastardly inclined politican) can abuse someone by saying "well, that's the time and the moment" when it isn't. It is certain that when you volonteer to the army you expose yourself for these kinds of things to happen, but a) that doesn't make it ethical or acceptable and b) when that happens but in the most rare circumnstances what is under scrutiny is my first (albeit implicit) assert: that you are indeed in a country of liberties (or else you were not defending the unexistant).
"As for politicians... well. I think most are just expected to be corrupt in favor of their voting populace just enough to get re-elected."
Here we go into deep waters. It seems a bit ill your choice of adjetives: the "to be corrupt" part is not only out of place but the very basis of representative democracy. Politicians are there to be moved by their voters since they are their representatives. It's true that it would be better that politicians weren't moveable but instead supporters of strong and well-based opinions and then, those whose opinions were more acceptable by the majority being chosen than the other way around, looking what the people seems to desire and then go for it, but -again, democracy, much as capitalism, has its grounds on realities -that people is greedy, than ideals, and that makes it work. If idealism did work, communism or tiranny would be better systems than democracy by far as Plato already stated some 2.500 years ago.
"I don't know about your country, but the US Military's been wanting new equipment, such as planes, for a long time now."
C'mon! If you really think USA military is in such a bad shape please don't try to research how the rest of the world is doing. Planes, you say? I can accept your moan about GI's since they are really in first line of fire and they are the ones eating the worse shit at the expense of their integrity (they *always* are in need of better body armour, ground intelligence, armoured transports... even without bad politicians mooding the waters) but planes!!!??? When was last time USA lost a plane in air-to-air combat or because of bad maintenance? Vietnam?
"The next time you or a somebody you know gets injured because they had crap gear, please think of the lawmakers"
Sure that adds quite a lot to your argument. Nah... it adds nothing since it's a strawman.
"Why should you be recognized or appreciated for just doing your job?"
Because it's still a job per choice and it's a nasty job that needs to be done. People tend to appreciate that. Just the same that kind of politicians and lawmakers are "recognized" by their jobs too.
"When a $40,000 a year rent-a-cop finances a $500,000 home in San Francisco with what's now called "a liar's loan", yes that's a crime."
Yes, if that's the case. But it seems more of the times it was more about "Hey, listen to me: I'm the expert one here, so let me tell here you earn 200.000 a year instead of 40.000; it's standard practice" which indeed seemed to be the case since all the people known by the poor bastard were told exactly the same.