The cost of living is so low that I've spent the past year not working and instead using the previous four years' of savings to fund a relaxed lifestyle involving a lot of holidays and other entertainment.
IT salaries and the cost of living are fucking miles apart.
I seem to recall it was Labour that introduced PPPs but I'm quite content being pro-NHS and anti-union. Of course, the NHS would be a fuck of a lot better if it wasn't rife with union idiocy.
I don't need a union to negotiate an employment contract. I've done that for myself in every job I've had.
Every company (with more than 7 people in it) that I've worked for has had a grievance process, people can't be sacked without cause, the disciplinary process is documented and followed.
Liability cover is provided by the company and private health insurance is thrown in without me even having to ask for it - and that's in the UK, where it's entirely unnecessary.
Clearly everyone in this thread has been living in their own echo chambers for some time.
Ironic.
But do tell me, how the fuck would a union have made a difference on someone dying in a carpark?
By helping managers provide staff with working conditions and a level of support that makes unionisation unnecessary Amazon are in fact helping their employees stay in the job: Amazon are big enough to just close a warehouse if it gets unionised.
You want it to be illegal to look after your employers in the absence of a union?
You need at least a pre-login warning message that the system is not public access and that continuing is exposing you to charges if you continue in France.
Most systems in the UK will provide a similar warning, but the law doesn't mandate or require it.
Is doorknob rattling (seeing if the door is locked or not without entering) also illegal in the UK?
Technically even entering isn't illegal. It's a civil offence of trespass, not a criminal one. So no, I suspect not - but the police are likely to treat it as probably cause for searching you and potentially inviting you for a long conversation with them at the station. They may even offer you a cup of coffee.
Consoles don't run many of the games I enjoy playing.
How many of the Zachtronics catalogue are available on consoles? Is Zero-K available on consoles? When were the Car Mechanic Simulator series ported to consoles? Has one of the largest selling games franchises in history, Football Manager, ever been on console? (Actually, yes - but not the full version)
a computer which is used to accomplish things
I use my computer to accomplish my objectives of making it through another day without killing everybody around me. Its ability to distract and entertain me helps tremendously with this; I can watch films, listen to music, read books, access the internet and play games. It's very versatile.
Of course, I can also write books, write games and edit photographs on it, and post them to the internet.
Given such flexibility, why would I spend more money on a console that I don't need?
Maybe for most people the car is adequate and they lack the time or energy to build the fucking tank and keep it running.
But please, what exactly is the alternative to Lightroom that gives me catalogue management, the ability to process 2000 photos in a couple of hours, integration to my hosting site?
Which other OS will run all 808 games I have on Steam, let alone the ones I own that aren't on that platform?
Can you ask my camera manufacturer to supply their software for Linux, because they don't perceive this to be a viable market for them?
You're bitching that I accept an OS I'm not terribly happy with but ignoring one of the things that matters the most: I can get whatever fucking software I want or need to run on it.
There are 2-3 applications that run on whatever the fuck Apple call their OS these days that it would be nice to have access to, but buying from Apple is like buying from Microsoft while stabbing yourself in the testicles. No.
There are no applications that run on Linux that I can't also run on Windows that I actually want to run. Sure, there's plenty of server-side shit but - get this - I run that on a Linux server and not on my desktop PC.
We continue to preach the gospel of GNU and Linux.
The rest of us skip the religion and get on with our lives.
Why the fuck would I pay millions for bespoke development on Linux of a corporate accounting system, when I can just go out and buy one from Oracle? Or a corporate expense system? A workflow engine? An inventory management system? A POS system? A software asset management system? A process automation engine? A payroll system? A sales tax system? A corporate intranet with attached content management system? An integrated comms system, that includes messaging, desktop sharing, email and voice comms? A corporate tax system? A project portfolio management system? A market trading system? A payroll tax system? A contact management system? A marketing platform? A sales lead management system? A customer service system? An IT ticketing system? A facilities management system?
I could go on, but hopefully you get the point already.
I'm also very aware that non-Windows options exist for all of those. But why the fuck would I cripple my business by constraining my options like that?
s not like he could have reasonably been able to tell the difference between a 16 almost 17 year old and an 18 year old
Which is why if she looks under 25 you make absolutely fucking certain you know her age before sticking your dick in her.
Yeah, it means you sometimes wont get to fuck the hottest 19 year old on the planet. It also means you wont get arrested in Taiwan and face 10 years in prison.
Wtf? Being attracted to a female with a body capable of bearing a child is not paedophilia.
Society determines an arbitrary cut-off at which women are considered old enough to consent to sex. That cut-off varies by jurisdiction but doesn't change the fact that men are attracted to the fully physically developed female form.
Shit, even in the same industry as Equifax there's the rather larger Experian.
Read doesn't mean one query. That comeback tells me - and anyone who knows anything, you're the one who doesn't get it.
Databases are transactional. Data that isn't read is irrelevant, and transactional reads are trivial.
These guys have data on everyone in the financial system, worldwide -
No, they don't. They have good coverage in the US and the UK, poor to reasonable coverage elsewhere and no coverage at all in many countries.
your'e off by ~ factor billion. A billion seconds is...work it out.
No, I just understand how these systems work.
There are constantly errors people bitch about.
With that much data, from so many sources, of such variable quality, of course there are errors. This isn't exactly a surprise or (at a macro level) an issue.
Have you ever tried to get one fixed? Do you think they fix the ones no one even bitches about?
Yes, and absolutely fucking yes. The data has no value if it's wrong, and they'll lose customers if they don't correct it. The regulators will impose restraints if they don't correct it. The people that work there generally want to correct it.
Ever rebuilt a raid array with 10 tb drives? Thousands of such, while staying online?
Ever managed a database large enough that you don't store it on a single RAID array? Who the fuck uses 10TB drives anyway, far too expensive. Go smaller, cheaper, easier to replace, and use modern storage solutions that largely handle this shit for you.
Consistency check thousands of such that have errors you have no reports of? While things are changing thousands of transactions/second?
Thousands? Oh no, you mean I need three hardware techs to swap them out instead of two?
Data centres self-manage to an amazing degree these days.
Think that competing orgs are going to snapshot and share at their own cost because they are nice?
If three credit agencies decide to compare and contrast records for validation, they all benefit. I doubt that's likely to happen though, they validate against the source data - e.g. the financial data coming from banks.
That it would even help, because there are already so many inconsistencies no one can sort it out quickly - and the additional evidence required takes time to get.
From where did these inconsistencies come?
I'll be kind, and help you: They come from either - the source of the original data, in which case it would be wrong for Equifax to even attempt to change it. The data subject should engage with the data provider to get it corrected at source - or, the algorithms Equifax uses to match records from disparate sources into a single coherent subject record
If the algorithms are matching wrong, you just fix them and re-run them. No manual changes needed.
As it happens Equifax will have a team that both engages with data providers to assure data is fixed at source, and that can correct data created and/or held by Equifax themselves. That team probably has about a dozen people in the US, because that's how low the volume of required changes will be.
How about assuming that someone who has root access, which is usually assumed, can't munge the datestamps and logs,
Whatever the fuck makes you think that privileged system access is so easily subverted? Even before the breach Equifax will have had multiple layers of protection. Could a bad actor intentionally breach all of those layers and cause mischief? Obviously; they did. It's fucking hard though, and financial institutions know that internal threat
The maximum penalty the UK could probably make happen is they are no longer allowed to operate in the UK in any capacity.
That would be highly damaging to the UK economy - substantial impact across the financial sector, knock-on impacts across retail, and also remove a key competitor within Equifax's own market.
Long before Equifax reached a position where dissolution (or banning) was considered they'd have had their operations brought forcibly under third party control.
a breach like this means they have demonstrated they cannot be trusted with private data
No, it demonstrated that they couldn't be trusted. The FCA can (and will) demand evidence that they can now be trusted, and have a range of sanctions available should that evidence be unavailable or insufficient.
How did they get this private data?
Electoral records, court records, social media activity and (mostly) data provided by financial institutions.
I sure as hell didn't give them permission to have it.
Some of it doesn't need your permission (under current law). Some of it you almost certainly have consented to.
(I know, likely hidden away in the TOS of credit cards I have).
Not necessarily even your credit cards. See Section 10 (page 35) of the T&Cs of one of the UK's largest banks: https://www.barclays.co.uk/con...
While many people wont read that far, it is to be fair written in easy to understand language and doesn't shy away from the ugly details: They're going to give all your data to Equifax.
This data you're changing.. it all belongs to people. They'll notice that it's wrong, especially if it negatively impacts them, and they'll demand correction.
Then there are the regular data refreshes.
As for making someone rich.. no. At best you could enable them to incur financial risk they're entirely unequipped to manage, resulting in them ending in an even worse financial position.
Plus.. wtf are
databases that take weeks to just read
I've worked with databases very much larger than Equifax and they take under a second to read. Shit, even Equifax can provide you with a credit score almost instantly.
Sure, some activities can take a while. If you change the scoring algorithm and want to update the entire system, that could even take hours. But that's read, process, correlate with other data, apply complex algorithm, write.
there is going to be almost no policies out there where the cost of implementation will be this much of a normally operating company's annual profit
Almost, but.. there is one.
Implementing proper data security would easily wipe at one year's annual profit, and create an environment with run costs that could easily eat up that 25% every subsequent year.
Securing that volume of data used in so many ways isn't cheap.
Slashdot Mirror
I find his argument specious.
It's perfectly possible to disagree with something without representing other views of other people that also disagree with it.
Anybody claiming otherwise is a fuckwit, and yes Linus, that sadly appears to include you.
The cost of living is so low that I've spent the past year not working and instead using the previous four years' of savings to fund a relaxed lifestyle involving a lot of holidays and other entertainment.
IT salaries and the cost of living are fucking miles apart.
I seem to recall it was Labour that introduced PPPs but I'm quite content being pro-NHS and anti-union. Of course, the NHS would be a fuck of a lot better if it wasn't rife with union idiocy.
I don't need a union to negotiate an employment contract. I've done that for myself in every job I've had.
Every company (with more than 7 people in it) that I've worked for has had a grievance process, people can't be sacked without cause, the disciplinary process is documented and followed.
Liability cover is provided by the company and private health insurance is thrown in without me even having to ask for it - and that's in the UK, where it's entirely unnecessary.
Clearly everyone in this thread has been living in their own echo chambers for some time.
Ironic.
But do tell me, how the fuck would a union have made a difference on someone dying in a carpark?
The agreement requires the same for non union.
How is that not tortious interference?
Also: Why the fuck did your company agree to such a ludicrous term?
By helping managers provide staff with working conditions and a level of support that makes unionisation unnecessary Amazon are in fact helping their employees stay in the job: Amazon are big enough to just close a warehouse if it gets unionised.
You want it to be illegal to look after your employers in the absence of a union?
Compare IT wages to the national average. Shit, compare the to the local average.
IT pays well.
So merely attempting to see if the default telnet password is still active on a publicly accessible device is defined as illegal access in the UK?
It's section 1 subsection 1 of the Act. Can't get much simpler than that: https://www.legislation.gov.uk...
You need at least a pre-login warning message that the system is not public access and that continuing is exposing you to charges if you continue in France.
Most systems in the UK will provide a similar warning, but the law doesn't mandate or require it.
Is doorknob rattling (seeing if the door is locked or not without entering) also illegal in the UK?
Technically even entering isn't illegal. It's a civil offence of trespass, not a criminal one. So no, I suspect not - but the police are likely to treat it as probably cause for searching you and potentially inviting you for a long conversation with them at the station. They may even offer you a cup of coffee.
Port scanning?
That's complicated, and appears to hinge on 'intent'. See https://www.theregister.co.uk/... for some comedy.
The moment he's asked to provide credentials and uses a credential not assigned to him he's broken the law.
There's no grey area here, it's a clear and obvious violation of a security control and a blatantly unauthorised access.
That the security was shitty is entirely fucking irrelevant, he should never have even known it was shitty.
I'll be there in a couple of months, so I've been researching in advance.
Must not import chewing gum!
Or maybe he should have sought permission before attempting to gain access to the device.
What he did is a crime in the UK too.
people will put up with a degree of MS spamware
Buy PC with Windows 10 on it. Three hours later it's configured how I want it.
MS spamware subsequently encountered: Umm. Oh, I think I remember having to uninstall something added by an update a few months ago. One thing.
If people are getting spammed by MS then it means they don't know how to use a computer well enough to use Linux anyway.
That's why you play games on a console
Consoles don't run many of the games I enjoy playing.
How many of the Zachtronics catalogue are available on consoles?
Is Zero-K available on consoles?
When were the Car Mechanic Simulator series ported to consoles?
Has one of the largest selling games franchises in history, Football Manager, ever been on console? (Actually, yes - but not the full version)
a computer which is used to accomplish things
I use my computer to accomplish my objectives of making it through another day without killing everybody around me. Its ability to distract and entertain me helps tremendously with this; I can watch films, listen to music, read books, access the internet and play games. It's very versatile.
Of course, I can also write books, write games and edit photographs on it, and post them to the internet.
Given such flexibility, why would I spend more money on a console that I don't need?
This is bullshit. He explicitly mentioned games and you think there are alternatives?
Following your logic we may as well close all libraries and book stores. There's a linux manual, that should be enough book for everybody.
Following your logic we may as well close all cinemas and shut down hollywood. Fritz Lang made Metropolis, nobody else needs any other film.
Following your logic would be fucking stupid. I hope you don't work on anything related to IT.
Maybe for most people the car is adequate and they lack the time or energy to build the fucking tank and keep it running.
But please, what exactly is the alternative to Lightroom that gives me catalogue management, the ability to process 2000 photos in a couple of hours, integration to my hosting site?
Which other OS will run all 808 games I have on Steam, let alone the ones I own that aren't on that platform?
Can you ask my camera manufacturer to supply their software for Linux, because they don't perceive this to be a viable market for them?
You're bitching that I accept an OS I'm not terribly happy with but ignoring one of the things that matters the most: I can get whatever fucking software I want or need to run on it.
There are 2-3 applications that run on whatever the fuck Apple call their OS these days that it would be nice to have access to, but buying from Apple is like buying from Microsoft while stabbing yourself in the testicles. No.
There are no applications that run on Linux that I can't also run on Windows that I actually want to run. Sure, there's plenty of server-side shit but - get this - I run that on a Linux server and not on my desktop PC.
We continue to preach the gospel of GNU and Linux.
The rest of us skip the religion and get on with our lives.
Why the fuck would I pay millions for bespoke development on Linux of a corporate accounting system, when I can just go out and buy one from Oracle?
Or a corporate expense system?
A workflow engine?
An inventory management system?
A POS system?
A software asset management system?
A process automation engine?
A payroll system?
A sales tax system?
A corporate intranet with attached content management system?
An integrated comms system, that includes messaging, desktop sharing, email and voice comms?
A corporate tax system?
A project portfolio management system?
A market trading system?
A payroll tax system?
A contact management system?
A marketing platform?
A sales lead management system?
A customer service system?
An IT ticketing system?
A facilities management system?
I could go on, but hopefully you get the point already.
I'm also very aware that non-Windows options exist for all of those. But why the fuck would I cripple my business by constraining my options like that?
A 16 year old voluntarily prostituting herself is not a child.
s not like he could have reasonably been able to tell the difference between a 16 almost 17 year old and an 18 year old
Which is why if she looks under 25 you make absolutely fucking certain you know her age before sticking your dick in her.
Yeah, it means you sometimes wont get to fuck the hottest 19 year old on the planet. It also means you wont get arrested in Taiwan and face 10 years in prison.
Wtf? Being attracted to a female with a body capable of bearing a child is not paedophilia.
Society determines an arbitrary cut-off at which women are considered old enough to consent to sex. That cut-off varies by jurisdiction but doesn't change the fact that men are attracted to the fully physically developed female form.
Could you perhaps help me understand how the kernel differences materially effect your use of the device?
Just that Android could switch from one to the other and I don't think I'd notice or care.
Name one larger than Equifax or OPM, dare ya,
What, like Google or Facebook?
Shit, even in the same industry as Equifax there's the rather larger Experian.
Read doesn't mean one query. That comeback tells me - and anyone who knows anything, you're the one who doesn't get it.
Databases are transactional. Data that isn't read is irrelevant, and transactional reads are trivial.
These guys have data on everyone in the financial system, worldwide -
No, they don't. They have good coverage in the US and the UK, poor to reasonable coverage elsewhere and no coverage at all in many countries.
your'e off by ~ factor billion. A billion seconds is...work it out.
No, I just understand how these systems work.
There are constantly errors people bitch about.
With that much data, from so many sources, of such variable quality, of course there are errors. This isn't exactly a surprise or (at a macro level) an issue.
Have you ever tried to get one fixed? Do you think they fix the ones no one even bitches about?
Yes, and absolutely fucking yes. The data has no value if it's wrong, and they'll lose customers if they don't correct it. The regulators will impose restraints if they don't correct it. The people that work there generally want to correct it.
Ever rebuilt a raid array with 10 tb drives? Thousands of such, while staying online?
Ever managed a database large enough that you don't store it on a single RAID array? Who the fuck uses 10TB drives anyway, far too expensive. Go smaller, cheaper, easier to replace, and use modern storage solutions that largely handle this shit for you.
Consistency check thousands of such that have errors you have no reports of? While things are changing thousands of transactions/second?
Thousands? Oh no, you mean I need three hardware techs to swap them out instead of two?
Data centres self-manage to an amazing degree these days.
Think that competing orgs are going to snapshot and share at their own cost because they are nice?
If three credit agencies decide to compare and contrast records for validation, they all benefit. I doubt that's likely to happen though, they validate against the source data - e.g. the financial data coming from banks.
That it would even help, because there are already so many inconsistencies no one can sort it out quickly - and the additional evidence required takes time to get.
From where did these inconsistencies come?
I'll be kind, and help you: They come from either
- the source of the original data, in which case it would be wrong for Equifax to even attempt to change it. The data subject should engage with the data provider to get it corrected at source
- or, the algorithms Equifax uses to match records from disparate sources into a single coherent subject record
If the algorithms are matching wrong, you just fix them and re-run them. No manual changes needed.
As it happens Equifax will have a team that both engages with data providers to assure data is fixed at source, and that can correct data created and/or held by Equifax themselves. That team probably has about a dozen people in the US, because that's how low the volume of required changes will be.
How about assuming that someone who has root access, which is usually assumed, can't munge the datestamps and logs,
Whatever the fuck makes you think that privileged system access is so easily subverted? Even before the breach Equifax will have had multiple layers of protection. Could a bad actor intentionally breach all of those layers and cause mischief? Obviously; they did. It's fucking hard though, and financial institutions know that internal threat
The maximum penalty the UK could probably make happen is they are no longer allowed to operate in the UK in any capacity.
That would be highly damaging to the UK economy - substantial impact across the financial sector, knock-on impacts across retail, and also remove a key competitor within Equifax's own market.
Long before Equifax reached a position where dissolution (or banning) was considered they'd have had their operations brought forcibly under third party control.
a breach like this means they have demonstrated they cannot be trusted with private data
No, it demonstrated that they couldn't be trusted. The FCA can (and will) demand evidence that they can now be trusted, and have a range of sanctions available should that evidence be unavailable or insufficient.
How did they get this private data?
Electoral records, court records, social media activity and (mostly) data provided by financial institutions.
I sure as hell didn't give them permission to have it.
Some of it doesn't need your permission (under current law). Some of it you almost certainly have consented to.
(I know, likely hidden away in the TOS of credit cards I have).
Not necessarily even your credit cards. See Section 10 (page 35) of the T&Cs of one of the UK's largest banks:
https://www.barclays.co.uk/con...
While many people wont read that far, it is to be fair written in easy to understand language and doesn't shy away from the ugly details: They're going to give all your data to Equifax.
Wait?! You have a working £ symbol in your post.
Did Slashdot fix it or are you using something other than 'Plain Old Text' as your comment format?
I'm not sure you understand anything here.
This data you're changing.. it all belongs to people. They'll notice that it's wrong, especially if it negatively impacts them, and they'll demand correction.
Then there are the regular data refreshes.
As for making someone rich.. no. At best you could enable them to incur financial risk they're entirely unequipped to manage, resulting in them ending in an even worse financial position.
Plus.. wtf are
databases that take weeks to just read
I've worked with databases very much larger than Equifax and they take under a second to read. Shit, even Equifax can provide you with a credit score almost instantly.
Sure, some activities can take a while. If you change the scoring algorithm and want to update the entire system, that could even take hours. But that's read, process, correlate with other data, apply complex algorithm, write.
Still well short of 'weeks to read'.
there is going to be almost no policies out there where the cost of implementation will be this much of a normally operating company's annual profit
Almost, but.. there is one.
Implementing proper data security would easily wipe at one year's annual profit, and create an environment with run costs that could easily eat up that 25% every subsequent year.
Securing that volume of data used in so many ways isn't cheap.