>>> Anyone that refuses to provide a valid SSN is rejected from our services.
Your business is clearly contributing to the problem and should be held full liable for any damage resulting from the data breach that you will inevitably experience at some point.
As to database designers that don't self generate uidis and instead use SSN...
Still, there are ways around such obnoxious requests. my SSN is 123-4-5678.
I will code micro-transaction based game, where rage is tied to paying. This way suckers^H^H^H^H customers will be raging and paying and raging and paying. I will be rich!
Our technological progress is held back by patents, outside of rare situations of coming up with a breakthrough idea, the creative process is incremental. You take other people's work, in a field established by other people, apply theoretical principles and models discovered by others, and then you incrementally improve the idea.
Why should there be protection for such incremental improvements when it demonstrably holds entire process of incremental progress back? Well, for one there should be some incentive to innovate. So we as society accept slower rate of innovation for larger volume of innovation, ending up with more.
Imagine society where "reverse engineering" is impractical/infeasible. You will have even more people attempting to innovate, because end result would be more valuable, but a lot of this work will be duplicate. Reverse engineering is allowed because it reduces the duplication, and that offsets marginal decrease to innovation. This is part of optimal solution that encourages innovation yet keeps down the duplication.
This is not at all surprising (or illegal). Almost any industry manufacturing any kind of wiget, be it a router, a car, or an orbital booster will purchase and examine their competition.
This would be a story only if they acquired these illegally, for example by breaking and entering the competitor's research lab.
Aliens trying to fit into our ecological system is unlikely. Think of this as getting into someone's undocumented spaghetti code. Sometimes it is just easier to move on and start clean.
In my mind alien approaches to colonizing earth would inevitably be sterilize and colonize. If effort to sterilize is more than effort to simply move on tot he next unoccupied rock, we will be left alone.
Think of it as going from 99% uptime to 99.99% uptime. Due to interstellar distances (time + radiation) involved sending even a probe to a nearby star would be highly problematic.
Can you think of existing technology that could survive that kind of time, that kind of radiation, and then have enough power on the other end to call home and report?
I'd think "the rock we are on" would be viewed as infested by cockroaches by alien civilizations that would be capable of reaching us.
We are ignored because a) we don't yet spread around and get under foot b) there are plenty non-infested rocks out there c) it is harder to clean out infested rock than to shrug in disgust and keep moving to the next rock.
In any direct economic confrontation with Russia US will get impacted a lot less than Russia. This was true during cold war days, this is more so true today. Russia's refusal to provide orbital delivery will only serve one purpose - channel money away from Russian space program toward NASA or Space-X.
Now, if Russia wanted to negatively impact US, then they'd mass produce tech and sell to anyone/everyone willing to pay. This would remove technological edge from US and enrich Russia.
I think key mistake with Mercedes was not including hydraulic system flush and filter change into regular maintenance. I blame marketing wanting "hassle-free" soundbite.
I had a Mercedes with a precursor to this system, called Active Body Control (ABC) and it was anything but reliable. While it worked the car was fantastic - it would self-level, absorbs road imperfections, you can adjust height, and it lowers itself at a highway speeds to improve aerodynamics. When it doesn't work you can't drive the car at all since the car drops down as if it has no suspension and has to be towed tot he shop. To make things worse - towing ABC-equipped car also becomes highly problematic since you can only put it on flatbed, has to be careful strapping it down, and have to use special rolling jacks to load and unload it.
Any hydraulic suspension is a very complex system - it has a hydraulic pump to maintain pressure, it has gas 'sphere' accumulators to serve as dampers, and special hydraulic struts, plus distributors/valves and lines. On top of this system are miles of wiring, tons of sensors and electronics.
ABC struts leak, spheres burst, pump gets worn out and quits, sensors malfunction, valves get stuck. To make things worse - hydraulic fluid change is not part of regular maintenance for these cars, as such this system is known to fail due to contamination.
Owning any Mercedes with hydraulic suspension that is out of warranty is insane, it does not fail gracefully, parts are available only from Mercedes, and diagnostic tools are only accessible by Mercedes-authorized shops. Talking with other owners of similar cars - average lifespan of such system is about 8 years.
I don't think you quite understand how trolling works. "Angry and pissed" is what trolls try to do to their audience.
I am not sure annoying FCC will get us closer to preserving NN; if anything trolling will provide them with a "look, they are all nuts!" cover to ignore all feedback.
Why do I want this? Would it make my car drive better?
For everything else I prefer BYOD and to not be locked.
My Sunny Sunday convertible was made in the 80s, if it had integrated computer I'd still have to deal with DOS-prompt and keeping 64K clear. Today's cars and electronics will be 30 year old some day. Are you sure you want to integrate them?
I disagree with this. Power steering gives you plenty of warning before it fails. It usually leaks oil for YEARS, then produces audible NOISE ether from hydraulics or belt slipping.
Sure, you can overlook all these signs, but for anyone paying attention these failures are not sudden. If anything, typical hydraulic power steering fails too gracefully, so people keep using it in a failed state.
Jumping out of IT is difficult, but not impossible. One way to do it while still staying on 'technical' track is to jump into Information Assurance field. Most direct jump is to do network security audits, penetration testing, or security certification.
What happens if lock picking the front door in your hypothetical example also has a chance to unlock everybody's front door or would make it harder to lock all neighbor's door? Should the homeowner in such scenario be allowed to make decisions for the rest of the neighborhood?
Flaw in your examples and analysis is that you view each individual networked system in isolation. This is not how Internet works. Every compromised system makes it less safe for the rest of us.
All of this is valid, but also myopic In most vulnerability situations, especially involving data at rest, you have costs to the business and costs to general public that usually exceeds first figure. Just because your organization is not held financially liable for compromise, does not mean that such compromise did not cause significant damage to third-party.
For example, a SCADA system that your organization maintains got compromised. Fixing such system vulnerability will be inevitably expensive, and simply sending out a technician to reset it would generate billable hours. Your business interest are to ignore this problem, but imagine if this system is part of water treatment system for large residential neighborhood.
Business needs worship is a flavor of 'market will fix it' fallacy. It only works if all players are forced into making moral decisions.
First, if anyone can get to your "shit-ton of data" you are not doing it right, and in your organization's CIO is a honorary title.
Second, the act of publishing is problematic, maybe even the act of downloading, no the act of accessing your system in proof-of-concept.
Third, if someone trying to report a problem to your organization and does not have an easy way to do so, then it is yet another failure that you should address.
If I have no right to access your public-facing system via public channels, then you have no right to be absolved of responsibility of how your system is used by malicious hackers.
When your infrastructure spams me, or get zombied into DDoSing me, you will be held responsible for spamming and DDoSing me.
Not "caught hacking", this implies you know about the problem or had a way to detect this post-fact. Most of the times it is "hey you have a problem" followed by OMGLAWYERS idiotic response. Last time I checked lawyers were rather ineffective at patching vulnerabilities, doing root cause analysis, or improving your organization's security posture and/or practices.
As a car guy, I prefer hydraulic power steering. Electric implementations so far leave you too isolated from the road (both input and output, or feedback are important when handling car). It is also unclear how these new systems will age or if they will fail gracefully.
Slashdot Mirror
>>> Anyone that refuses to provide a valid SSN is rejected from our services. Your business is clearly contributing to the problem and should be held full liable for any damage resulting from the data breach that you will inevitably experience at some point.
As to database designers that don't self generate uidis and instead use SSN...
Still, there are ways around such obnoxious requests. my SSN is 123-4-5678.
I will code micro-transaction based game, where rage is tied to paying. This way suckers^H^H^H^H customers will be raging and paying and raging and paying. I will be rich!
Why would anyone give SSN to AT&T? Do they also process your taxes? If not, they have no place asking or retaining this information.
Our technological progress is held back by patents, outside of rare situations of coming up with a breakthrough idea, the creative process is incremental. You take other people's work, in a field established by other people, apply theoretical principles and models discovered by others, and then you incrementally improve the idea.
Why should there be protection for such incremental improvements when it demonstrably holds entire process of incremental progress back? Well, for one there should be some incentive to innovate. So we as society accept slower rate of innovation for larger volume of innovation, ending up with more.
Imagine society where "reverse engineering" is impractical/infeasible. You will have even more people attempting to innovate, because end result would be more valuable, but a lot of this work will be duplicate. Reverse engineering is allowed because it reduces the duplication, and that offsets marginal decrease to innovation. This is part of optimal solution that encourages innovation yet keeps down the duplication.
This is not at all surprising (or illegal). Almost any industry manufacturing any kind of wiget, be it a router, a car, or an orbital booster will purchase and examine their competition.
This would be a story only if they acquired these illegally, for example by breaking and entering the competitor's research lab.
Aliens trying to fit into our ecological system is unlikely. Think of this as getting into someone's undocumented spaghetti code. Sometimes it is just easier to move on and start clean.
In my mind alien approaches to colonizing earth would inevitably be sterilize and colonize. If effort to sterilize is more than effort to simply move on tot he next unoccupied rock, we will be left alone.
Think of it as going from 99% uptime to 99.99% uptime. Due to interstellar distances (time + radiation) involved sending even a probe to a nearby star would be highly problematic.
Can you think of existing technology that could survive that kind of time, that kind of radiation, and then have enough power on the other end to call home and report?
I'd think "the rock we are on" would be viewed as infested by cockroaches by alien civilizations that would be capable of reaching us.
We are ignored because a) we don't yet spread around and get under foot b) there are plenty non-infested rocks out there c) it is harder to clean out infested rock than to shrug in disgust and keep moving to the next rock.
Cab drivers are almost thing of the past. Moment automated cars show up there won't be such thing anymore.
In any direct economic confrontation with Russia US will get impacted a lot less than Russia. This was true during cold war days, this is more so true today. Russia's refusal to provide orbital delivery will only serve one purpose - channel money away from Russian space program toward NASA or Space-X.
Now, if Russia wanted to negatively impact US, then they'd mass produce tech and sell to anyone/everyone willing to pay. This would remove technological edge from US and enrich Russia.
>>> to do identity freud as well.
Lets not anally fixate on this point.
I think key mistake with Mercedes was not including hydraulic system flush and filter change into regular maintenance. I blame marketing wanting "hassle-free" soundbite.
I had a Mercedes with a precursor to this system, called Active Body Control (ABC) and it was anything but reliable. While it worked the car was fantastic - it would self-level, absorbs road imperfections, you can adjust height, and it lowers itself at a highway speeds to improve aerodynamics. When it doesn't work you can't drive the car at all since the car drops down as if it has no suspension and has to be towed tot he shop. To make things worse - towing ABC-equipped car also becomes highly problematic since you can only put it on flatbed, has to be careful strapping it down, and have to use special rolling jacks to load and unload it.
Any hydraulic suspension is a very complex system - it has a hydraulic pump to maintain pressure, it has gas 'sphere' accumulators to serve as dampers, and special hydraulic struts, plus distributors/valves and lines. On top of this system are miles of wiring, tons of sensors and electronics.
ABC struts leak, spheres burst, pump gets worn out and quits, sensors malfunction, valves get stuck. To make things worse - hydraulic fluid change is not part of regular maintenance for these cars, as such this system is known to fail due to contamination.
Owning any Mercedes with hydraulic suspension that is out of warranty is insane, it does not fail gracefully, parts are available only from Mercedes, and diagnostic tools are only accessible by Mercedes-authorized shops. Talking with other owners of similar cars - average lifespan of such system is about 8 years.
I don't think you quite understand how trolling works. "Angry and pissed" is what trolls try to do to their audience.
I am not sure annoying FCC will get us closer to preserving NN; if anything trolling will provide them with a "look, they are all nuts!" cover to ignore all feedback.
Why do I want this? Would it make my car drive better?
For everything else I prefer BYOD and to not be locked.
My Sunny Sunday convertible was made in the 80s, if it had integrated computer I'd still have to deal with DOS-prompt and keeping 64K clear. Today's cars and electronics will be 30 year old some day. Are you sure you want to integrate them?
I disagree with this. Power steering gives you plenty of warning before it fails. It usually leaks oil for YEARS, then produces audible NOISE ether from hydraulics or belt slipping.
Sure, you can overlook all these signs, but for anyone paying attention these failures are not sudden. If anything, typical hydraulic power steering fails too gracefully, so people keep using it in a failed state.
Jumping out of IT is difficult, but not impossible. One way to do it while still staying on 'technical' track is to jump into Information Assurance field. Most direct jump is to do network security audits, penetration testing, or security certification.
What happens if lock picking the front door in your hypothetical example also has a chance to unlock everybody's front door or would make it harder to lock all neighbor's door? Should the homeowner in such scenario be allowed to make decisions for the rest of the neighborhood?
Flaw in your examples and analysis is that you view each individual networked system in isolation. This is not how Internet works. Every compromised system makes it less safe for the rest of us.
Fix it or take it offline.
Yes and no. This analogy only holds if unlocking random lock also has a chance to unlock your front door.
All of this is valid, but also myopic In most vulnerability situations, especially involving data at rest, you have costs to the business and costs to general public that usually exceeds first figure. Just because your organization is not held financially liable for compromise, does not mean that such compromise did not cause significant damage to third-party.
For example, a SCADA system that your organization maintains got compromised. Fixing such system vulnerability will be inevitably expensive, and simply sending out a technician to reset it would generate billable hours. Your business interest are to ignore this problem, but imagine if this system is part of water treatment system for large residential neighborhood.
Business needs worship is a flavor of 'market will fix it' fallacy. It only works if all players are forced into making moral decisions.
Yes. I invoke Poe's lawn in my defense.
First, if anyone can get to your "shit-ton of data" you are not doing it right, and in your organization's CIO is a honorary title.
Second, the act of publishing is problematic, maybe even the act of downloading, no the act of accessing your system in proof-of-concept.
Third, if someone trying to report a problem to your organization and does not have an easy way to do so, then it is yet another failure that you should address.
If I have no right to access your public-facing system via public channels, then you have no right to be absolved of responsibility of how your system is used by malicious hackers.
When your infrastructure spams me, or get zombied into DDoSing me, you will be held responsible for spamming and DDoSing me.
Now, would you like to reconsider your position?
Not "caught hacking", this implies you know about the problem or had a way to detect this post-fact. Most of the times it is "hey you have a problem" followed by OMGLAWYERS idiotic response. Last time I checked lawyers were rather ineffective at patching vulnerabilities, doing root cause analysis, or improving your organization's security posture and/or practices.
As a car guy, I prefer hydraulic power steering. Electric implementations so far leave you too isolated from the road (both input and output, or feedback are important when handling car). It is also unclear how these new systems will age or if they will fail gracefully.