"That would be 6, not 3... or approaching 1/3 of them."
My apologies. I went back and identified 3 more that were, indeed, not Apple software.
"They're accused of actually using the bugs to exploit users before announcing the bugs. That goes way beyond "less responsible" and enters the realm of 'probably criminal...' Umm, but Mac users to date haven't had to take any security measures to have a negligible possibility of malware infection."
Haven't you just argued both sides of the same point? There's nothing Mac users need to do to protect their machines, yet the MOAB people are accused of exploiting these bugs in the wild? Either one or the other of these statements is, therefore, incorrect. (Let me pause here to make clear the fact that I condemn the acts that the MOAB team is accused of doing)
I will agree with you that the OS-X platform has not suffered from the same number of reported and/or patched issues that the Windows platform has over the same time period. Hands down, there have been fewer reported issues. But that does not mean that the platform is safe. "Black Hats" aren't hacking as much anymore just for kicks, they're hacking for money. Don't believe that? Then explain what all those bot-nets are being used for. Where is the money in hacking a Mac? How many financial institutions rely on Macintoshes for storing sensitive data? How many Macs does the DoD use? How many Macs are high-value targets for making money off of hacking?
The absence of evidence of active hacking against the Mac platform is not proof that it is secure. That's the logical fallacy that Apple is happy to perpetuate, and that the "Mac Nation" will happily swallow. That's the Kool-Ade that I'd like to see fewer people drink.
"At the same time they have behaved very irresponsibly with regard to those bugs they have found, not notifying the vendor and providing time to fix before publication, nor following the route of immediate disclosure, the MOAB people seem to think it is all right to sit on bugs they find until the most convenient time for them to gain publicity."
Spoken like a true Mac apologist. How dare anybody manipulate any information, timing, or accuracy to make my computer company look bad! Welcome to the world that Microsoft lives in, here's your initiation T-shirt.
Where is this outrage when an unpatched Windows bug is announced? Why is this only a problem when somebody points out flaws in Macintosh software? Admittedly, flaws in 3rd party software don't really seem to have any business in the MOAB list, but of the 23 issues they've reported so far I believe only 3 have been for 3rd party apps. So ignore them.
The fact is that yes, there is a "more responsible" way that vulnerabilities should be handled by the MOAB team. However, Apple could do a better job as well. They could actually take a lesson from Microsoft's disclosure process.
The whitewashing job Apple has done demanded (to some people) a highly publicized "retaliation" to prove that, indeed, Apple's feces doesn't smell like roses after all. This is the message that just doesn't seem to get across to Macintosh users, and until they not only get the idea that their OS isn't 100% secure, and that they need to take precautions just like Windows (and Linux) users then people like this MOAB team will continue seeking publicity more than seeking to "responsibly" get vulnerabilities reported and resolved.
They're probably trying to see if those contractors were trying to buy prescription drugs on the cheap up north...Did you know that $.50 Canadian can get you 50 Viagra? I have email that tells me this is true!
It's interesting to me to notice that at least some of the things the NSA has suggested for XP and 2003 are settings and options that need to be configured and are not pre-configured for "out-of-the-box" operation. For instance, password length and complexity. Perhaps that's a bad example, but it shows that Microsoft is willingly supplying their OS software configured in a way that they know provides sub-standard security. While I don't specifically blame them for that--can you imagine the home users that would jump to Mac if they had to "put up with" highly secure systems--I'd love to see an install option for "high security" or the like. Even 2003 server doesn't install with an NSA recommended configuration.
"They could kill the whole problem by centralizing their data stores, and developing some secure web interfaces across enhanced encryption."
Belts and Suspenders. Doing both would be even better. Besides, how do you prevent that government worker from saving a local copy? How do they do their work on a plane trip across country? How else do you ensure that the web cache, paging file, or any other place where even temporary data stored on the local hard drive is going to be protected?
This is a great development, and having a body such as the US government doing a trial like this and sharing the results will be a wonderful resource for InfoSec people looking at the same situation. I'd love to see what the rollout plans look like.
So just because you can't see the whole article without paying it's not news-worthy? I think the synopsis provided by CR has some nice info in it, even without the rest of the article. And I trust the review I read from them just from what is provided free more than I trust reviews from sites that show up here all the time (Cnet, etc.) because guess what? They get their money from advertisers, and I can't help but be cynical enough to think that MAY influence their reviews.
Besides, from the number of responses already, don't you think that this article is fostering discussion?
Besides, think of how well prepared DNS will be to start supporting lookups in extra-terestrial languages when the time comes if we do this now! We'll be completely compatible with Martian, Klingon, Mimbari, and Vulcan networking systems the day we meet them! We should be able to view each other's pron almost immediately!
Absolutely. The skills described have as much to do with technology as they do to music appreciation. These results are all about critical thinking deficiencies. Or, put another way, proving once again how many people are sheep/lemmings/cattle looking to be led around by the nose.
So, now that Google, Yahoo, etc. have documented proof that there is no Internet censorship in China, doesn't that mean they can turn their "voluntary" filters off?
My point is really more about this being an overkill solution, and poorly thought-out as well.
1. I've seen all sorts of problems with encrypting certain system files on a hard drive. Perhaps that's because the encryption has been software based, but key system files seem to have problems when encrypted.
2. How will you enforce strong passwords? How will you enforce password change policies? Can you even change the password once it has been set? If the user and IT agree on a passowrd, can we be sure that the user won't change it without telling IT? I'm concerned that you're trading one security issue for another one.
3. In a laptop, HDD speed makes a huge difference in the overall performance. The jump in performance on a 5 year old laptop between a 5400 and 7200 RPM drive is not only noticible, but amazing. So anything that further bottlenecks one of the worst bottlenecks for a laptop in the first place seems like a bad idea to me.
4. IT/InfoSec simply has to have a back door onto your hard drive. For forensics reasons, compliance reasons, and for when you leave the company. We have to see what software you have installed, etc., and even without your cooperation. So a software solution, after the OS loads, with "multiple" encryption keys is absolutely necessary.
5. I know it's only a 4 paragraph article, but what encryption algorythm are we talking about here? DES? AES-256? And in 12-24 months if it's not strong enough, can you "upgrade" the encryption to something harder to defeat, or are you swapping out drives?
So no, not in my IT department. I'll take a solution that lets me encrypt key files/folders, and lets both InfoSec and the user have access to it, and that I can "upgrade" with a minimum of fuss if somebody breaks whatever encryption system is in use.
Because I don't want the added lag of hardware en/decryption with every write/read.
Because I don't want one more password per computer that I, as an IT admin, need to keep track of.
Because I don't want even the operating system, swap, graphics, and music files encrypted.
Because new technology like this *never* causes any issues with the system's operation.
No, not in my IT department.
Re:certified wireless USB--power anyone?
on
USB To Go Wireless
·
· Score: 5, Interesting
For that matter, one of the benefits of USB is that power is delivered along with the data--how often do you change the batteries on your thumb-drive, or plug in your 2.5" external hard drive? So, directly compared to USB I still need the same number of cables, unless they're delivering power wirelessly too? Hmm...
The bandwidth available in a single TV channel is infinite. Now let me back that up. A single TV channel, either over the air or cable, is 6MHz wide. That's not bandwidth, that's frequency range. In order to utilize that 6MHz window you need to use the properties of that window to encode your data.
Commonly, QPSK, QAM-64, QAM-256, etc. are used to encode the data for digital transmission over that bandwidth: both cable and HDTV do this. QAM-256 gets you about 38Mbps in a 6MHz channel.
That's my question too. I hope you've got some sort of scientific data collection planned, because anything you get here on Slashdot is going to be anecdotal at best.
Other than that, I can't help you: my wife and I don't have any kids yet, and no signs of divorce just yet.
Perhaps you might want to look at this another way: People who get into may have certain personality traits that make them really good at IT, and very bad at mariage. Or not.
The eicar test-virus file is a great way to see how your computer/av-suite will react to a virus. However, it's not an effective test to see how the heuristics systems and such react. It's non-destructive, and every AV vendor makes sure that they can "catch" it. That's nice for making sure that your AV is running, or that your AV on some workstation reports back to the management computer that it caught a virus, but not for testing the ability of AV software to find new viruses that don't necessarily have definitions written for them yet.
FTA: "'Those viruses exist right now only on a CD in a sealed container in a locked cabinet in our computer lab,' Beckford said."
Seriously, it's not like these will ever exist outside of a lab, right? And if they do, the AV companies won't have any problem finding the source code, will they?
Isn't that kind of like telling the insurence institue that they can't change their car crash tests because car makers designed their cars only for specific crash tests? Gee, better not create anything that a car might run into, it's bad ethics!
"So, if the supreme court rules against them, the Bush administration will abide by the decision, or at least some creatively interpreted version of it. Perhaps more likely is that they'll do as they did in the Jose Padilla case and have a sudden change of heart at the last minute if they believe the decision will not go their way, hope to avoid having the decision actually made against them. I don't know if that would work here."
I can only hope you're correct. Unfortunately I think Bush and his team put their "ability to protect the country" above the law. While I can't point to concrete examples at the moment, that's the overwhelming impression I get. Mainly that's because this administration has no credibility with me, going all the way back to "read my lips--no new taxes." Wait, sorry, I mean going all the way back to "we will find the WMD's" and "there are direct links between Iraq and Al Qaeda (sp?)" and "they will greet us as liberators."
Not to seem too pessimistic here, but exactly what kind of enforcement is going to happen here? Is the judge going to order Bush arrested if they don't stop? Will the judge impound NSA's computers? Sure, it's a step in the right direction, but it seems much more symbolic to me that actually useful.
This is pretty interesting, especially coming from the company who was one of the original partners in DIVX...you remember, the "pay-per-view" DVD's http://en.wikipedia.org/wiki/DIVX. Even if they are only driven by profit, it's nice to see them take a more "consumer friendly" position.
I'm suprised it took this long. Do I like it, no. But take a step back: Are they really doing anything that bad? Are you prevented from making archival copies? Are you prevented from using the software in accordance with the license you agreed to? Are they threatening to sue home users? Is it illegal? Is it immoral? No, but they are protecting their property, or at least trying to.
We're back to the same-old argument: Do I "own a copy" of windows or do I "own a LICENSE" of windows?
I own a license of Windows, that's what the EULA tells me, and that's what I traded somebody some of my money for. By purchasing it I agreed to use it in accordance with the license. Did I have much of a choice? No, not really. Based on the hardware I chose, the software I want to run, and the time I have to spend (outside of work) tinkering with computers, I chose a Windows license. Based on my needs, neither MAC or Linux works for me.
Remember, too, that the license gives you some rights to updates and upgrades. You don't have those same options on the "copy" of your car you own, or the "copy" of any book in your library.
I'm not usually one to defend "big business," but here's a thought to consider. In broad terms, you're usually handing over your personal information in lieu of cash. Plain and simple. You sign up for a credit card, you're giving away personal information so that they will extend you credit. You finance a house, you're giving away personal information so that you can pay a "small" amount monthly instead of dropping several hundred thousand dollars all at once on a place to live. You use your "rewards card" at the "big electronics store" and you've handed over personal information to get 10% off the latest iPod (=cash). You use that credit card to pay off the rest of the iPod, you're giving some personal info away to the store as well, instead of paying with cash.
You almost always have the option of just handing over cash. You can get a pre-paid phone, and pay by cash. You can choose to rent instead of own--yes, you're probably giving away some personal info here too. You can pay the extra 10% and not get the rewards card. You can take the bus or ride your bike, or buy a '95 Civic for cash.
So draw your own line in the "personal information" sand and figure out just how much cash your personal information is worth to you. It is worth more or less than 10% of an iPod? More or less than the $300,000 you need for that house? More or less than $25,000 for that car?
Is it that cut and dried? No, of course not. But it's a start.
But isn't Google calendar hosted by Google? Which means that, from a business security perspective, aren't you posting "sensitive" or "confidential" info (which often acompanies meeting requests) on a non-secured 3rd party system? I could see where an app like this would have some significant advantages over Google calendar.
"If you wouldn't accept this as an adequate solution for an unreliable car, why would you accept this as an adequate solution for something many of us arguably spend more time in front of?"
Because, given your analogy, the only options left to us are the build-it-yourself kit-cars (Linux) that sure, you can customize your way, but who has time to build their own car? Or the expensive "luxury" cars (Apple) that only sell sexy little 2-seaters, no sport-utes or pickup trucks, which many of us need. So that low-quality car brand is still the only one that sells you the family sedan, truck, and sports car model.
Of course, then again, even car owners are expected to change the oil, inspect the brakes, top off the fluids, and not back the car over a tire puncture strip. Does this mean that computer users need to be licensed?
"But isn't changing a program to make it 'prettier' and (supposedly) more attractive to girls just giving them the 'dumbed down' version of things?"
Is this the result of ages of sexist thinking when it comes to technology, or just a lack of understanding economics?
If you want more people to buy your cars, you make sure they're interested in buying them. You want more people to come to your class, you make it more interesting for them. You want to rope more students into paying $25,000 or more per year at your university, you have to find a way to lure them in. Who do you target? The largest group of people that you can "easily" modify your product for. In this case, hands down, it's women. Face it guys: they make up nearly half the population, and if they're not interested in IT and other computer related technology that's our loss.
You don't have to "dumb down" a class to make it more appealing to others. You just have to think about how you present the concepts, work, and training. Why assume that teaching IT has to be "boring?"
I'd agree with the parent comments but for one issue. The company's clients were directly threatened. The spammers didn't just threaten Blue Security, they threatened Blue Security's customers. As the article stated, Blue Security's customers didn't sign up for a war. They signed up to not get spam. Getting bombarded by viral attacks wasn't part of the deal.
That said, I too am disappointed, but until effective means of finding and holding accountable the people behind the attacks this kind of extortion will continue.
Welcome to the wild-west. Where's Sherrif Bart and the Waco Kid when you need them?
Slashdot Mirror
"That would be 6, not 3... or approaching 1/3 of them."
My apologies. I went back and identified 3 more that were, indeed, not Apple software.
"They're accused of actually using the bugs to exploit users before announcing the bugs. That goes way beyond "less responsible" and enters the realm of 'probably criminal...' Umm, but Mac users to date haven't had to take any security measures to have a negligible possibility of malware infection."
Haven't you just argued both sides of the same point? There's nothing Mac users need to do to protect their machines, yet the MOAB people are accused of exploiting these bugs in the wild? Either one or the other of these statements is, therefore, incorrect. (Let me pause here to make clear the fact that I condemn the acts that the MOAB team is accused of doing)
I will agree with you that the OS-X platform has not suffered from the same number of reported and/or patched issues that the Windows platform has over the same time period. Hands down, there have been fewer reported issues. But that does not mean that the platform is safe. "Black Hats" aren't hacking as much anymore just for kicks, they're hacking for money. Don't believe that? Then explain what all those bot-nets are being used for. Where is the money in hacking a Mac? How many financial institutions rely on Macintoshes for storing sensitive data? How many Macs does the DoD use? How many Macs are high-value targets for making money off of hacking?
The absence of evidence of active hacking against the Mac platform is not proof that it is secure. That's the logical fallacy that Apple is happy to perpetuate, and that the "Mac Nation" will happily swallow. That's the Kool-Ade that I'd like to see fewer people drink.
"At the same time they have behaved very irresponsibly with regard to those bugs they have found, not notifying the vendor and providing time to fix before publication, nor following the route of immediate disclosure, the MOAB people seem to think it is all right to sit on bugs they find until the most convenient time for them to gain publicity."
Spoken like a true Mac apologist. How dare anybody manipulate any information, timing, or accuracy to make my computer company look bad! Welcome to the world that Microsoft lives in, here's your initiation T-shirt.
Where is this outrage when an unpatched Windows bug is announced? Why is this only a problem when somebody points out flaws in Macintosh software? Admittedly, flaws in 3rd party software don't really seem to have any business in the MOAB list, but of the 23 issues they've reported so far I believe only 3 have been for 3rd party apps. So ignore them.
The fact is that yes, there is a "more responsible" way that vulnerabilities should be handled by the MOAB team. However, Apple could do a better job as well. They could actually take a lesson from Microsoft's disclosure process.
The whitewashing job Apple has done demanded (to some people) a highly publicized "retaliation" to prove that, indeed, Apple's feces doesn't smell like roses after all. This is the message that just doesn't seem to get across to Macintosh users, and until they not only get the idea that their OS isn't 100% secure, and that they need to take precautions just like Windows (and Linux) users then people like this MOAB team will continue seeking publicity more than seeking to "responsibly" get vulnerabilities reported and resolved.
(I'll get back off my soapbox now.)
They're probably trying to see if those contractors were trying to buy prescription drugs on the cheap up north...Did you know that $.50 Canadian can get you 50 Viagra? I have email that tells me this is true!
It's interesting to me to notice that at least some of the things the NSA has suggested for XP and 2003 are settings and options that need to be configured and are not pre-configured for "out-of-the-box" operation. For instance, password length and complexity. Perhaps that's a bad example, but it shows that Microsoft is willingly supplying their OS software configured in a way that they know provides sub-standard security. While I don't specifically blame them for that--can you imagine the home users that would jump to Mac if they had to "put up with" highly secure systems--I'd love to see an install option for "high security" or the like. Even 2003 server doesn't install with an NSA recommended configuration.
"They could kill the whole problem by centralizing their data stores, and developing some secure web interfaces across enhanced encryption."
Belts and Suspenders. Doing both would be even better. Besides, how do you prevent that government worker from saving a local copy? How do they do their work on a plane trip across country? How else do you ensure that the web cache, paging file, or any other place where even temporary data stored on the local hard drive is going to be protected?
This is a great development, and having a body such as the US government doing a trial like this and sharing the results will be a wonderful resource for InfoSec people looking at the same situation. I'd love to see what the rollout plans look like.
So just because you can't see the whole article without paying it's not news-worthy? I think the synopsis provided by CR has some nice info in it, even without the rest of the article. And I trust the review I read from them just from what is provided free more than I trust reviews from sites that show up here all the time (Cnet, etc.) because guess what? They get their money from advertisers, and I can't help but be cynical enough to think that MAY influence their reviews.
Besides, from the number of responses already, don't you think that this article is fostering discussion?
Besides, think of how well prepared DNS will be to start supporting lookups in extra-terestrial languages when the time comes if we do this now! We'll be completely compatible with Martian, Klingon, Mimbari, and Vulcan networking systems the day we meet them! We should be able to view each other's pron almost immediately!
Absolutely. The skills described have as much to do with technology as they do to music appreciation. These results are all about critical thinking deficiencies. Or, put another way, proving once again how many people are sheep/lemmings/cattle looking to be led around by the nose.
So, now that Google, Yahoo, etc. have documented proof that there is no Internet censorship in China, doesn't that mean they can turn their "voluntary" filters off?
My point is really more about this being an overkill solution, and poorly thought-out as well.
1. I've seen all sorts of problems with encrypting certain system files on a hard drive. Perhaps that's because the encryption has been software based, but key system files seem to have problems when encrypted.
2. How will you enforce strong passwords? How will you enforce password change policies? Can you even change the password once it has been set? If the user and IT agree on a passowrd, can we be sure that the user won't change it without telling IT? I'm concerned that you're trading one security issue for another one.
3. In a laptop, HDD speed makes a huge difference in the overall performance. The jump in performance on a 5 year old laptop between a 5400 and 7200 RPM drive is not only noticible, but amazing. So anything that further bottlenecks one of the worst bottlenecks for a laptop in the first place seems like a bad idea to me.
4. IT/InfoSec simply has to have a back door onto your hard drive. For forensics reasons, compliance reasons, and for when you leave the company. We have to see what software you have installed, etc., and even without your cooperation. So a software solution, after the OS loads, with "multiple" encryption keys is absolutely necessary.
5. I know it's only a 4 paragraph article, but what encryption algorythm are we talking about here? DES? AES-256? And in 12-24 months if it's not strong enough, can you "upgrade" the encryption to something harder to defeat, or are you swapping out drives?
So no, not in my IT department. I'll take a solution that lets me encrypt key files/folders, and lets both InfoSec and the user have access to it, and that I can "upgrade" with a minimum of fuss if somebody breaks whatever encryption system is in use.
Because I don't want the added lag of hardware en/decryption with every write/read.
Because I don't want one more password per computer that I, as an IT admin, need to keep track of.
Because I don't want even the operating system, swap, graphics, and music files encrypted.
Because new technology like this *never* causes any issues with the system's operation.
No, not in my IT department.
For that matter, one of the benefits of USB is that power is delivered along with the data--how often do you change the batteries on your thumb-drive, or plug in your 2.5" external hard drive? So, directly compared to USB I still need the same number of cables, unless they're delivering power wirelessly too? Hmm...
The bandwidth available in a single TV channel is infinite. Now let me back that up. A single TV channel, either over the air or cable, is 6MHz wide. That's not bandwidth, that's frequency range. In order to utilize that 6MHz window you need to use the properties of that window to encode your data.
Commonly, QPSK, QAM-64, QAM-256, etc. are used to encode the data for digital transmission over that bandwidth: both cable and HDTV do this. QAM-256 gets you about 38Mbps in a 6MHz channel.
That's my question too. I hope you've got some sort of scientific data collection planned, because anything you get here on Slashdot is going to be anecdotal at best.
Other than that, I can't help you: my wife and I don't have any kids yet, and no signs of divorce just yet.
Perhaps you might want to look at this another way: People who get into may have certain personality traits that make them really good at IT, and very bad at mariage. Or not.
The eicar test-virus file is a great way to see how your computer/av-suite will react to a virus. However, it's not an effective test to see how the heuristics systems and such react. It's non-destructive, and every AV vendor makes sure that they can "catch" it. That's nice for making sure that your AV is running, or that your AV on some workstation reports back to the management computer that it caught a virus, but not for testing the ability of AV software to find new viruses that don't necessarily have definitions written for them yet.
FTA: "'Those viruses exist right now only on a CD in a sealed container in a locked cabinet in our computer lab,' Beckford said."
Seriously, it's not like these will ever exist outside of a lab, right? And if they do, the AV companies won't have any problem finding the source code, will they?
Isn't that kind of like telling the insurence institue that they can't change their car crash tests because car makers designed their cars only for specific crash tests? Gee, better not create anything that a car might run into, it's bad ethics!
"So, if the supreme court rules against them, the Bush administration will abide by the decision, or at least some creatively interpreted version of it. Perhaps more likely is that they'll do as they did in the Jose Padilla case and have a sudden change of heart at the last minute if they believe the decision will not go their way, hope to avoid having the decision actually made against them. I don't know if that would work here."
I can only hope you're correct. Unfortunately I think Bush and his team put their "ability to protect the country" above the law. While I can't point to concrete examples at the moment, that's the overwhelming impression I get. Mainly that's because this administration has no credibility with me, going all the way back to "read my lips--no new taxes." Wait, sorry, I mean going all the way back to "we will find the WMD's" and "there are direct links between Iraq and Al Qaeda (sp?)" and "they will greet us as liberators."
Not to seem too pessimistic here, but exactly what kind of enforcement is going to happen here? Is the judge going to order Bush arrested if they don't stop? Will the judge impound NSA's computers? Sure, it's a step in the right direction, but it seems much more symbolic to me that actually useful.
This is pretty interesting, especially coming from the company who was one of the original partners in DIVX...you remember, the "pay-per-view" DVD's http://en.wikipedia.org/wiki/DIVX. Even if they are only driven by profit, it's nice to see them take a more "consumer friendly" position.
I'm suprised it took this long. Do I like it, no. But take a step back: Are they really doing anything that bad? Are you prevented from making archival copies? Are you prevented from using the software in accordance with the license you agreed to? Are they threatening to sue home users? Is it illegal? Is it immoral? No, but they are protecting their property, or at least trying to.
We're back to the same-old argument: Do I "own a copy" of windows or do I "own a LICENSE" of windows?
I own a license of Windows, that's what the EULA tells me, and that's what I traded somebody some of my money for. By purchasing it I agreed to use it in accordance with the license. Did I have much of a choice? No, not really. Based on the hardware I chose, the software I want to run, and the time I have to spend (outside of work) tinkering with computers, I chose a Windows license. Based on my needs, neither MAC or Linux works for me.
Remember, too, that the license gives you some rights to updates and upgrades. You don't have those same options on the "copy" of your car you own, or the "copy" of any book in your library.
I'm not usually one to defend "big business," but here's a thought to consider. In broad terms, you're usually handing over your personal information in lieu of cash. Plain and simple. You sign up for a credit card, you're giving away personal information so that they will extend you credit. You finance a house, you're giving away personal information so that you can pay a "small" amount monthly instead of dropping several hundred thousand dollars all at once on a place to live. You use your "rewards card" at the "big electronics store" and you've handed over personal information to get 10% off the latest iPod (=cash). You use that credit card to pay off the rest of the iPod, you're giving some personal info away to the store as well, instead of paying with cash. You almost always have the option of just handing over cash. You can get a pre-paid phone, and pay by cash. You can choose to rent instead of own--yes, you're probably giving away some personal info here too. You can pay the extra 10% and not get the rewards card. You can take the bus or ride your bike, or buy a '95 Civic for cash. So draw your own line in the "personal information" sand and figure out just how much cash your personal information is worth to you. It is worth more or less than 10% of an iPod? More or less than the $300,000 you need for that house? More or less than $25,000 for that car? Is it that cut and dried? No, of course not. But it's a start.
But isn't Google calendar hosted by Google? Which means that, from a business security perspective, aren't you posting "sensitive" or "confidential" info (which often acompanies meeting requests) on a non-secured 3rd party system? I could see where an app like this would have some significant advantages over Google calendar.
"If you wouldn't accept this as an adequate solution for an unreliable car, why would you accept this as an adequate solution for something many of us arguably spend more time in front of?"
Because, given your analogy, the only options left to us are the build-it-yourself kit-cars (Linux) that sure, you can customize your way, but who has time to build their own car? Or the expensive "luxury" cars (Apple) that only sell sexy little 2-seaters, no sport-utes or pickup trucks, which many of us need. So that low-quality car brand is still the only one that sells you the family sedan, truck, and sports car model.
Of course, then again, even car owners are expected to change the oil, inspect the brakes, top off the fluids, and not back the car over a tire puncture strip. Does this mean that computer users need to be licensed?
"But isn't changing a program to make it 'prettier' and (supposedly) more attractive to girls just giving them the 'dumbed down' version of things?"
Is this the result of ages of sexist thinking when it comes to technology, or just a lack of understanding economics?
If you want more people to buy your cars, you make sure they're interested in buying them. You want more people to come to your class, you make it more interesting for them. You want to rope more students into paying $25,000 or more per year at your university, you have to find a way to lure them in. Who do you target? The largest group of people that you can "easily" modify your product for. In this case, hands down, it's women. Face it guys: they make up nearly half the population, and if they're not interested in IT and other computer related technology that's our loss.
You don't have to "dumb down" a class to make it more appealing to others. You just have to think about how you present the concepts, work, and training. Why assume that teaching IT has to be "boring?"
I'd agree with the parent comments but for one issue. The company's clients were directly threatened. The spammers didn't just threaten Blue Security, they threatened Blue Security's customers. As the article stated, Blue Security's customers didn't sign up for a war. They signed up to not get spam. Getting bombarded by viral attacks wasn't part of the deal.
That said, I too am disappointed, but until effective means of finding and holding accountable the people behind the attacks this kind of extortion will continue.
Welcome to the wild-west. Where's Sherrif Bart and the Waco Kid when you need them?