While I am skeptical, I also see the potential for improvement. There is already a lot of M&A activity in the health care space due to shrinking margins and the inability of hospitals and physicians groups to provide services at prices the market can afford. With a single payer like the government getting involved, costs are going to continue going down. Big data and analytics are going to stabilize some of the price fluctuations for procedures. Currently the payout for any given procedure can fluctuate wildly depending on which hospital / clinic it is done in, which doctor performs it, and who is being billed (PPO/HMO or the government).
Healthcare is one of the few areas of the economy where people cannot get accurate estimates of what a given visit / procedure will cost, or what their out of pocket expense will be. That will change.
I think the author is looking at "Healthcare IT" through the wrong lens. The major advances over the next decade are going to come via "big data" (mind the buzzword) and analytics. For example, I was at an EMC presentation the other day and they were making the case for Greenplum (EMC'ized Hadoop / Map Reduce). One of the breakthroughs they were touting was cancer research. There was a woman who went through half a dozen cancer treatments that did not improve her condition. They were able to run models and simulations and ended up finding an off label drug that put the cancer into remission.
Prior to being able to simulate those complex drug interactions, they never would have been able to test an off label drug like that. Now the potential exists to research all sorts of combinations and treatments that would have been computationally impossible five years ago.
Somewhat less cool is the ability to use analytics to track treatment and billing data. The health care system is so inefficient that there is a lot of low hanging fruit there. It only starts showing up at larger scales, once the data sets get bigger. For example, hospitals cannot really correlate the effectiveness of specific treatments for specific conditions versus their peers at other hospitals. Yet with a big enough data set, statements along the lines of, "Last year, 50,000 people were treated for condition X by 50 different hospitals. Of those 50 hospitals, there were 16 different methodologies used. Of those 16, THIS 1 treatment was the most effective, based on these subsequent observations..."
Take a simple use case... the over prescription of antibiotics. With a decent data warehouse and some analytical tools, it will be possible to quickly zero in on cases where antibiotics were inappropriate prescribed. The same thing goes for everything else. "We noticed you are prescribing the brand name medication, when this generic drug is available, and 85% of your peer organizations are using the generic without any loss of efficiency in treatment."
As much as people dislike the government and feel that the Affordable Care Act is a mixed bag, I have a suspicion that when the government gets into really pinching pennies, they are going to drive down the cost of healthcare.
If you are in the top x% of the population who can afford nutritious food and have developed the skills to prepare them for yourself, then adjusting a diet is "simple". For the rest of the world, supplements are a viable route.
I eat well, and take multi-vitamins, and aminos, and a few other things. The either/or black and white choice that you have laid out is pretty myopic. Given the season variations in produce, the mineral stripped / highly fertilized environments that our food is grown in, etc., it is not exactly easy to get enough of all of the key vitamins and minerals that the body and brain need to function at peak levels.
Exactly! Well deserved +5 on this. I started getting blood tests when I hit thirty and made a few adjustments to my supplements and diet. I was having serious muscle spasms / cramps that I thought was related to sciatica. It turned out being a magnesium deficiency. I suffered for almost two years with something that was solved after literally 48 hours of supplementation.
I was also iodine deficient due to our culture of "salt is bad". I had to supplement iodine and started salting some of my meals. A year later my levels were back to the range.
Like I said, Hezbollah and Syria are probably regular topics of conversation in the Middle East. It is probably the equivalent of Americans talking about pop stars and Facebook memes.
None the less, never under estimate the arrogance of people to speak freely in a language when they think nobody else around them understands it. I am white and I live in Southern California. I speak Spanish, but you would never know it by looking at me. I stopped being shocked or offended about the amount of trash Hispanics will talk on white people (or even more so, black people), more or less right to their face, thinking that they are "safe" doing it because the people they are talking about do not understand.
I was playing GTAV:Online a couple of weeks ago and there were a couple of guys on there speaking Arabic and talking about Hezbollah and Syria. Now granted, both of those key words are probably common topics in that part of the world, and I do not speak Arabic so I do not have any context to go with the keywords. But, it does serve as an anecdotal data point to give validity to the claim that people are using in game comms to communicate about something other than the game that they are playing.
If I were a jihadist looking to communicate with agents in the States, a game like WoW is a good candidate to use due to its world wide appeal. Though I would think that some of those Korean MMOs might be even better, given the sheer volume of them, and the fact that their servers are not in the States.
This is the best advice. I will add a couple of things.
DO NOT GO AROUND YOUR BOSS. That will get you fired. Raise the issues in email, document them and move on. It is ultimately your boss' responsibility, and the responsibility of people above your boss. Unless your title is CSO or something similar, this is not your problem.
If you want to help your boss, do a risk assessment. Detail what you perceive to be the risks. Detail the potential problems of not doing anything. More importantly, detail what you think the potential solutions are, and what is involved in implementing them. This is important because you want to be constructive, and want to prove that you have put some thought into making things better, and that you are not just a whiner.
Your success or failure will depend on how you present it. The tack I would take with your boss would be something along the lines of, "Security is obviously not a high priority around here. However, I have recognized these risks that expose the company to potential liabilities under COPPA. Here are my suggestions. Now that I have documented these, I can stop thinking about them and focus on the other priorities that our team has to address."
Keep in mind, you are not going to make any friends doing this. Once it is in email, they have to act on it. To not act on it makes them liable. Keep in mind, it is not your job to do your boss' job. Unless your job description specifically says, "Mitigate security vulnerabilities in code before deploying to production.", this is not your job. Your job is to do what your boss tells you to do, just as her job is to do what her boss tells her to do, all the way up the chain to the C-level executives and board of directors.
I am having to deal with this more and more these days. The solution is pretty simple, but it will take some time for you to see results.
The reality is that things are running and the business is functioning. Unless it looks like the business is going to stop functioning, you are not going to get any additional staff.
You have to build the business case for additional staff. Make a PowerPoint. I know it's lame, but it is all management understands.
Start the business case by first quantifying what is being done (basically the summary that you gave us). You detail how much time is being spent keeping things running. This is the Current State.
Then you have to quantify the additional projects in the pipeline. Just lay them out there. Do not judge them, just put it out there in black and white so that management understands exactly what is on your plate. This is the Future State.
THIS IS THE IMPORTANT PART -
You have to detail the risks of not hiring additional staff. Be honest, but not alarmist (unless you are 100% certain that what you are warning about will come true.) You have to lay it out to management that unless they do what you want (hire more staff), there will be consequences (the risks). It is then on them to decide whether or not they want to accept the potential consequences. These are the Risks.
There are two types of risks. There are risks to the future state, and there are risks to the current state. Depending on how dire you present the risks and the reality of them happening will shape the discussion.
The way they respond to an honest accounting of their risks will tell you all you need to know about your employers. If they take you seriously, they will either scale back the workload, or hire additional people. If they blow you off, you know nothing is going to change. It sucks, but at least you will have both eyes wide open.
You might not be the best person to present the business case. If not, partner with someone more senior who is in a position to have a frank discussion with senior management. Make sure that they are aligned with what you are trying to accomplish, otherwise they will undercut you.
So basically China finally had radar that is accurate enough to deliver SAMs into that air space. Now they want people who are using it to register themselves.
I am sure that there is some Internet analogy that fits here. Something about Authoritative SAM Controllers and properly registered airline assets?
"Aircraft are expected to provide their flight plan, clearly mark their nationality, and maintain two-way radio communication allowing them to 'respond in a timely and accurate manner to the identification inquiries' from Chinese authorities. "
Maybe the Chinese are upset about not having a more powerful voice over ICANN, and this is how they are expressing that frustration?
What free alternatives are they keeping out of the schools? I would be interested to see what OSS focus curriculum is out there.
What makes you think that they come up with their own material? I am having a hard time believing that they wrote their own history books, math books, etc.
Of course the predictable chorus of anti-Microsoft content has popped up.
My suggestion to you folks is that if you have such issues with Microsoft offering course content to schools, go ahead and come up with an alternative and make it happen. It should be easy to come up with a course, develop all of the materials, train the instructors and keep it up to date.
Until then, deal with the reality that the large majority of the world runs Microsoft software. There is a Windows application to support practically every business process in existence. It might not be the best solution every time, but it is a solution.
When I was school, Novell was the dominant vendor. I got my CNA through an ROP program. That class exposed me to a lot of relevant information. Everything from the OSI model, to file system permissions, to client / server architectures, etc. I never thought, "Oh my God. I am being impoverished by learning about technology that companies are using in the real world!" At 16 years old I was excited to be working with servers and clients and learning more about computers than I was able to learn at home. My Novell specific knowledge is worthless now, but the fundamental information that I got from the class, and the real world experience that I got is something that I use daily.
Who cares if Microsoft is providing the curriculum? Kids are being given the opportunity to expand their knowledge of computers and networks. Kids are naturally curious. If the Microsoft way of doing things sucks, they will come up with other ways to do things.
You can believe that corporal punishment and long term prison sentences are the best option. Or you can do some cursory research. It's up to you.
In case it was not clear, and apparently I was not clear enough, I am of the belief that gradually increasing punishment is the best method. Corporal punishment and long term prison sentences need to be a tool in the toolbox, but they should not be the first resort.
You seem to be missing that point, or not wanting to address it. I agree with you that 10 years is a harsh sentence. I do not think that 10 years is a harsh sentence for someone who has repeatedly broken the law (and been caught, faced lesser punishments, and continued to do so anyway).
In my case, it took a night in jail for it to "become real" for me. The threat of prison, and the monetary cost of dealing with a felony were more than enough to dissuade me from continuing to do what led to me being arrested in the first place. In the case of the guy who this thread is about, he obviously needed a more severe lesson. In reality, he will probably never change. He will continue to believe that he is a martyr and that the system is out to get him, and boo hoo hoo.
I was not subjected to post PATRIOT Act law enforcement, but the writing was on the wall long before the PATRIOT Act. Anyone with half a brain figured out that the authorities had zero interest in securing systems. All of the emphasis was placed on punishing people for pointing out that the systems were insecure, and specifically for exploiting those insecurities.
The system worked because the punishment outweighed the reward. I was lucky to come up in the 1990s because the enforcement was more lax. The reality is that computers are at the foundation of our society. There need to be penalties for maliciously compromising them.
Everyone who looks at this example is going to think twice about repeatedly breaking the law. The system works in that regard. If there was a single offense and a person ended up in Federal prison for 10 years, that might be the sign of a broken system. When someone repeatedly breaks the law and ends up in prison, that does not seem like a broken system to me.
I know plenty of people who have been arrested. I have been arrested, detained, charged, the whole nine yards. I also know plenty of people who work in law enforcement. If anything, enforcement is too lax. It takes many, many, many encounters with law enforcement before someone ends up in prison. Even the drug crimes that everyone complains about (and do not get me wrong, I am not a fan of the war on drugs) usually end up with a series of slaps on the wrist, probation, community service, etc. Prison is often times a last resort, not in the least because of the costs involved in incarcerating someone.
My experience, and the experience of others I know has been that law enforcement is a gradual process of increasing consequences. At every step of the process, it has been quite clear what the risks of continued action are. Short of murder or violent crime, people are going to be given a few opportunities to take a look at what they are doing and adjust their behavior.
If you want to talk about a broken judicial system, find an example of someone who was not a complete jack ass. Maybe someone who did not repeated break the law and eventually got punished for it.
The "victim" in question was a many time repeat offender who refused to learn his lesson. He did get a slap on the wrist and then ignored it. (Read some of the other posts in this thread. There is a good one from someone who new him personally. It details all of the various crimes that he had committed prior to hacking Stratfor.)
Our legal system makes a distinction between juveniles and adults. I realized that I was not going to be the former and was quickly becoming (in the eyes of the law) the latter. This guy on the other hand knew full well that he was doing illegal things and was not at all repentant about it.
I got everything that the system was willing to dish out. They gave me a warning. I was not committing millions of dollars worth of fraud or wrecking peoples lives. The response from the authorities was in line with the severity of the crime. The system worked perfectly. They let me know that I was not really going to "get away with it." and they gave me (via my parents) a choice. I made the right choice by choosing the stop and find more constructive, and less risky uses for my free time.
They have to manage the power. The grid has a finite capacity and they have to adjust the amount of power that they buy and/or generate to balance out the new influx of power coming from the residential customers.
I used to consult (IT) for a company that ran a couple of power plants. There are many factors to consider. It is not as simple as "Plug in, turn on, start getting paid."
Simple example. House in Arizona with solar panels. Family leaves for the day, power goes back to the grid. Family is home on the weekend, they need the power. Family goes on vacation, they don't need to the power. Family is at home, again, they need the power. The demand fluctuates. As the market increases, as more and more people start selling power to the utility, the management challenge increases.
I am not sure how home solar works, but with power plants, if you are generating, the utility has to find some place to put that power. Either use it locally, or transfer it elsewhere. If you are not generating, the utility has to make up for the shortfall.
So because the system is broken, it's okay for people to go ahead and commit crimes?
In a twisted logic sort of way, it actually speaks to the effectiveness of the system to deter crime because it is so dysfunctional. An "intelligent" person might look at a "not broken" system and determine that they could "get away with it". Given the system in its current state, an intelligent person is going to do whatever they can to avoid having to deal with the system and suffer those consequences.
There are limits on FDIC insurance. It only applies to certain types of accounts, and up to a specified amount. (It used to be $150,000. I am not sure what it currently is. I have never had that much money in my life.) It sounds like your uncle had a special account that was being used to defer interest and facilitate investment related activities. Not to say that he did not get robbed, because he did. But someone with that much money should understand how to protect it.
And if you are going to do the crime, for fuck's sake, make it a worthwhile crime. Especially if you are an "activist" and trying to draw attention to a cause.
What did this guy prove with his actions? That a company whose primary business is not computer security had weak security controls on their computer systems? Ooooo, there's a massive, game changing revelation that is worth 10 years of my life.
That a company who is in the business of providing detailed analysis of geopolitical events has a bunch of military and corporate subscribers? Funny, I figured that sort of thing appealed more to soccer moms and janitors.
1) repair the damage they are accused of 2) improve society at large 3) cost effectively return them to society
I was a teenager in the 1990s and active in the computer underground, to the point where I was hacking systems, committing phone fraud, pirating warez, the whole nine yards. As I approached my 18th birthday, I was faced with a decision. Either I could continue breaking the law and face the consequences, or I could grow up. In my case, even a couple of decades ago, it was obvious that there were very real consequences to what I was doing. I was a known entity to the authorities, to the point where AT&T security had conversations with my parents and told them to get me under control, or they would. So I quit. I leveraged the knowledge I gained to get a job in IT. Now I make good money and manage a team of people.
By putting this guy in prison, my decision has been re-enforced as being the "right" decision. It probably will serve to dissuade a few others from engaging in serious crimes as well. It sucks to get 10 years, but there is no way that the guy did not know he was taking risks by doing what he was doing. "You roll the dice, you take your chances." fits in this situation.
In this day and age, "security researcher" is a valid career path. There are plenty of EASY and legal ways to do security research (virtualization, etc) that do not require doing pen tests on systems that you do not own, and do not have authorization to exploit. The whole mythos around the "harmless, curious hacker" is breaking down. Back in the day when the only systems out there were university systems or corporate systems, there was some validity to "having to" hack systems in order to learn. These days, with easy access to *nix systems, Windows boxes, browsers of all flavors, IDEs, compilers, etc, etc, etc... there is no "intellectual or educational" reason to go out and compromise other systems.
To turn the question around, what good comes from giving someone a free pass to hack Stratfor?
I never said anything about requiring a degree. I did not graduate from college, but I have been working with computers since I was 8 (at the time, PC games were better than Atari games). I absolutely value experience over degrees. I have come across too many paper professionals in my time who are incapable of doing anything in the real world.
+1 to the points above. I work in IT operations for a moderate sized corporation (~3500 employees) and we struggle to find qualified talent. We pay well (~$85-90k for a mid-level sysadmin position), have good benefits, regular bonuses and yearly raises. The practice I work for is a technology / IT centric practice where IT is a core component of the business model. That means that we do not have to fight for resources and get to invest in good technologies like auto-tiering storage, massive virtual infrastructures, Hadoop, APM tools, etc.
While we get plenty of eager candidates, very few of them are highly qualified. We often settle for average candidates and hope that we can train them up to the level that we need them at. There are a lot of "IT professionals" out there, but, based on my experience, only about 10-15% of them are truly competent to the point where I can trust them to be more or less autonomous.
I am making the assumption that nobody was stupid enough to create a PowerPoint deck labeled "How to price fix optical drives." Given that the article summary says that the accused went so far as to conceal their interactions under the guise of regular industry events like CES, I doubt they are going to find any sort of smoking gun during discovery.
Without information or evidence, there is nothing to compel the testimony or prove perjury.
HP Lawyer, "Did you collude with others to fix the prices on optical drives at CES?"
Sony Executive, "No I did not."
HP Laywer, "Well, in absence of evidence or testimony showing otherwise, I suppose we have to believe you."
Slashdot Mirror
While I am skeptical, I also see the potential for improvement. There is already a lot of M&A activity in the health care space due to shrinking margins and the inability of hospitals and physicians groups to provide services at prices the market can afford. With a single payer like the government getting involved, costs are going to continue going down. Big data and analytics are going to stabilize some of the price fluctuations for procedures. Currently the payout for any given procedure can fluctuate wildly depending on which hospital / clinic it is done in, which doctor performs it, and who is being billed (PPO/HMO or the government).
Healthcare is one of the few areas of the economy where people cannot get accurate estimates of what a given visit / procedure will cost, or what their out of pocket expense will be. That will change.
Awww come on now Portland Dad! I have come to expect better from you.
Your post was full of vitriol but short of fact and any support for your own "ignorant ... deluded [and] ... idiotic statement.."
Want to try again?
Here is a good reference to the 2004 study that I was talking referring to with my previous comment.
http://www.scientificamerican.com/article.cfm?id=soil-depletion-and-nutrition-loss
I think the author is looking at "Healthcare IT" through the wrong lens. The major advances over the next decade are going to come via "big data" (mind the buzzword) and analytics. For example, I was at an EMC presentation the other day and they were making the case for Greenplum (EMC'ized Hadoop / Map Reduce). One of the breakthroughs they were touting was cancer research. There was a woman who went through half a dozen cancer treatments that did not improve her condition. They were able to run models and simulations and ended up finding an off label drug that put the cancer into remission.
Prior to being able to simulate those complex drug interactions, they never would have been able to test an off label drug like that. Now the potential exists to research all sorts of combinations and treatments that would have been computationally impossible five years ago.
Somewhat less cool is the ability to use analytics to track treatment and billing data. The health care system is so inefficient that there is a lot of low hanging fruit there. It only starts showing up at larger scales, once the data sets get bigger. For example, hospitals cannot really correlate the effectiveness of specific treatments for specific conditions versus their peers at other hospitals. Yet with a big enough data set, statements along the lines of, "Last year, 50,000 people were treated for condition X by 50 different hospitals. Of those 50 hospitals, there were 16 different methodologies used. Of those 16, THIS 1 treatment was the most effective, based on these subsequent observations..."
Take a simple use case... the over prescription of antibiotics. With a decent data warehouse and some analytical tools, it will be possible to quickly zero in on cases where antibiotics were inappropriate prescribed. The same thing goes for everything else. "We noticed you are prescribing the brand name medication, when this generic drug is available, and 85% of your peer organizations are using the generic without any loss of efficiency in treatment."
As much as people dislike the government and feel that the Affordable Care Act is a mixed bag, I have a suspicion that when the government gets into really pinching pennies, they are going to drive down the cost of healthcare.
What do you think about the lack of USP and GMP certification on the LEF products?
To me, it is a red flag that they are not GMP certified.
http://www.cni-web.com/about.php
If you are in the top x% of the population who can afford nutritious food and have developed the skills to prepare them for yourself, then adjusting a diet is "simple". For the rest of the world, supplements are a viable route.
I eat well, and take multi-vitamins, and aminos, and a few other things. The either/or black and white choice that you have laid out is pretty myopic. Given the season variations in produce, the mineral stripped / highly fertilized environments that our food is grown in, etc., it is not exactly easy to get enough of all of the key vitamins and minerals that the body and brain need to function at peak levels.
Exactly! Well deserved +5 on this. I started getting blood tests when I hit thirty and made a few adjustments to my supplements and diet. I was having serious muscle spasms / cramps that I thought was related to sciatica. It turned out being a magnesium deficiency. I suffered for almost two years with something that was solved after literally 48 hours of supplementation.
I was also iodine deficient due to our culture of "salt is bad". I had to supplement iodine and started salting some of my meals. A year later my levels were back to the range.
Like I said, Hezbollah and Syria are probably regular topics of conversation in the Middle East. It is probably the equivalent of Americans talking about pop stars and Facebook memes.
None the less, never under estimate the arrogance of people to speak freely in a language when they think nobody else around them understands it. I am white and I live in Southern California. I speak Spanish, but you would never know it by looking at me. I stopped being shocked or offended about the amount of trash Hispanics will talk on white people (or even more so, black people), more or less right to their face, thinking that they are "safe" doing it because the people they are talking about do not understand.
I was playing GTAV:Online a couple of weeks ago and there were a couple of guys on there speaking Arabic and talking about Hezbollah and Syria. Now granted, both of those key words are probably common topics in that part of the world, and I do not speak Arabic so I do not have any context to go with the keywords. But, it does serve as an anecdotal data point to give validity to the claim that people are using in game comms to communicate about something other than the game that they are playing.
If I were a jihadist looking to communicate with agents in the States, a game like WoW is a good candidate to use due to its world wide appeal. Though I would think that some of those Korean MMOs might be even better, given the sheer volume of them, and the fact that their servers are not in the States.
This is the best advice. I will add a couple of things.
DO NOT GO AROUND YOUR BOSS. That will get you fired. Raise the issues in email, document them and move on. It is ultimately your boss' responsibility, and the responsibility of people above your boss. Unless your title is CSO or something similar, this is not your problem.
If you want to help your boss, do a risk assessment. Detail what you perceive to be the risks. Detail the potential problems of not doing anything. More importantly, detail what you think the potential solutions are, and what is involved in implementing them. This is important because you want to be constructive, and want to prove that you have put some thought into making things better, and that you are not just a whiner.
Your success or failure will depend on how you present it. The tack I would take with your boss would be something along the lines of, "Security is obviously not a high priority around here. However, I have recognized these risks that expose the company to potential liabilities under COPPA. Here are my suggestions. Now that I have documented these, I can stop thinking about them and focus on the other priorities that our team has to address."
Keep in mind, you are not going to make any friends doing this. Once it is in email, they have to act on it. To not act on it makes them liable. Keep in mind, it is not your job to do your boss' job. Unless your job description specifically says, "Mitigate security vulnerabilities in code before deploying to production.", this is not your job. Your job is to do what your boss tells you to do, just as her job is to do what her boss tells her to do, all the way up the chain to the C-level executives and board of directors.
I am having to deal with this more and more these days. The solution is pretty simple, but it will take some time for you to see results.
The reality is that things are running and the business is functioning. Unless it looks like the business is going to stop functioning, you are not going to get any additional staff.
You have to build the business case for additional staff. Make a PowerPoint. I know it's lame, but it is all management understands.
Start the business case by first quantifying what is being done (basically the summary that you gave us). You detail how much time is being spent keeping things running. This is the Current State.
Then you have to quantify the additional projects in the pipeline. Just lay them out there. Do not judge them, just put it out there in black and white so that management understands exactly what is on your plate. This is the Future State.
THIS IS THE IMPORTANT PART -
You have to detail the risks of not hiring additional staff. Be honest, but not alarmist (unless you are 100% certain that what you are warning about will come true.) You have to lay it out to management that unless they do what you want (hire more staff), there will be consequences (the risks). It is then on them to decide whether or not they want to accept the potential consequences. These are the Risks.
There are two types of risks. There are risks to the future state, and there are risks to the current state. Depending on how dire you present the risks and the reality of them happening will shape the discussion.
The way they respond to an honest accounting of their risks will tell you all you need to know about your employers. If they take you seriously, they will either scale back the workload, or hire additional people. If they blow you off, you know nothing is going to change. It sucks, but at least you will have both eyes wide open.
You might not be the best person to present the business case. If not, partner with someone more senior who is in a position to have a frank discussion with senior management. Make sure that they are aligned with what you are trying to accomplish, otherwise they will undercut you.
Pro "Normalcy" post moderated -1 right off the bat?
Hmmmmmm.
So basically China finally had radar that is accurate enough to deliver SAMs into that air space. Now they want people who are using it to register themselves.
I am sure that there is some Internet analogy that fits here. Something about Authoritative SAM Controllers and properly registered airline assets?
"Aircraft are expected to provide their flight plan, clearly mark their nationality, and maintain two-way radio communication allowing them to 'respond in a timely and accurate manner to the identification inquiries' from Chinese authorities. "
Maybe the Chinese are upset about not having a more powerful voice over ICANN, and this is how they are expressing that frustration?
What free alternatives are they keeping out of the schools? I would be interested to see what OSS focus curriculum is out there.
What makes you think that they come up with their own material? I am having a hard time believing that they wrote their own history books, math books, etc.
Of course the predictable chorus of anti-Microsoft content has popped up.
My suggestion to you folks is that if you have such issues with Microsoft offering course content to schools, go ahead and come up with an alternative and make it happen. It should be easy to come up with a course, develop all of the materials, train the instructors and keep it up to date.
Until then, deal with the reality that the large majority of the world runs Microsoft software. There is a Windows application to support practically every business process in existence. It might not be the best solution every time, but it is a solution.
When I was school, Novell was the dominant vendor. I got my CNA through an ROP program. That class exposed me to a lot of relevant information. Everything from the OSI model, to file system permissions, to client / server architectures, etc. I never thought, "Oh my God. I am being impoverished by learning about technology that companies are using in the real world!" At 16 years old I was excited to be working with servers and clients and learning more about computers than I was able to learn at home. My Novell specific knowledge is worthless now, but the fundamental information that I got from the class, and the real world experience that I got is something that I use daily.
Who cares if Microsoft is providing the curriculum? Kids are being given the opportunity to expand their knowledge of computers and networks. Kids are naturally curious. If the Microsoft way of doing things sucks, they will come up with other ways to do things.
You can believe that corporal punishment and long term prison sentences are the best option. Or you can do some cursory research. It's up to you.
In case it was not clear, and apparently I was not clear enough, I am of the belief that gradually increasing punishment is the best method. Corporal punishment and long term prison sentences need to be a tool in the toolbox, but they should not be the first resort.
You seem to be missing that point, or not wanting to address it. I agree with you that 10 years is a harsh sentence. I do not think that 10 years is a harsh sentence for someone who has repeatedly broken the law (and been caught, faced lesser punishments, and continued to do so anyway).
In my case, it took a night in jail for it to "become real" for me. The threat of prison, and the monetary cost of dealing with a felony were more than enough to dissuade me from continuing to do what led to me being arrested in the first place. In the case of the guy who this thread is about, he obviously needed a more severe lesson. In reality, he will probably never change. He will continue to believe that he is a martyr and that the system is out to get him, and boo hoo hoo.
I was not subjected to post PATRIOT Act law enforcement, but the writing was on the wall long before the PATRIOT Act. Anyone with half a brain figured out that the authorities had zero interest in securing systems. All of the emphasis was placed on punishing people for pointing out that the systems were insecure, and specifically for exploiting those insecurities.
The system worked because the punishment outweighed the reward. I was lucky to come up in the 1990s because the enforcement was more lax. The reality is that computers are at the foundation of our society. There need to be penalties for maliciously compromising them.
Everyone who looks at this example is going to think twice about repeatedly breaking the law. The system works in that regard. If there was a single offense and a person ended up in Federal prison for 10 years, that might be the sign of a broken system. When someone repeatedly breaks the law and ends up in prison, that does not seem like a broken system to me.
I know plenty of people who have been arrested. I have been arrested, detained, charged, the whole nine yards. I also know plenty of people who work in law enforcement. If anything, enforcement is too lax. It takes many, many, many encounters with law enforcement before someone ends up in prison. Even the drug crimes that everyone complains about (and do not get me wrong, I am not a fan of the war on drugs) usually end up with a series of slaps on the wrist, probation, community service, etc. Prison is often times a last resort, not in the least because of the costs involved in incarcerating someone.
My experience, and the experience of others I know has been that law enforcement is a gradual process of increasing consequences. At every step of the process, it has been quite clear what the risks of continued action are. Short of murder or violent crime, people are going to be given a few opportunities to take a look at what they are doing and adjust their behavior.
If you want to talk about a broken judicial system, find an example of someone who was not a complete jack ass. Maybe someone who did not repeated break the law and eventually got punished for it.
The "victim" in question was a many time repeat offender who refused to learn his lesson. He did get a slap on the wrist and then ignored it. (Read some of the other posts in this thread. There is a good one from someone who new him personally. It details all of the various crimes that he had committed prior to hacking Stratfor.)
Our legal system makes a distinction between juveniles and adults. I realized that I was not going to be the former and was quickly becoming (in the eyes of the law) the latter. This guy on the other hand knew full well that he was doing illegal things and was not at all repentant about it.
I got everything that the system was willing to dish out. They gave me a warning. I was not committing millions of dollars worth of fraud or wrecking peoples lives. The response from the authorities was in line with the severity of the crime. The system worked perfectly. They let me know that I was not really going to "get away with it." and they gave me (via my parents) a choice. I made the right choice by choosing the stop and find more constructive, and less risky uses for my free time.
They have to manage the power. The grid has a finite capacity and they have to adjust the amount of power that they buy and/or generate to balance out the new influx of power coming from the residential customers.
I used to consult (IT) for a company that ran a couple of power plants. There are many factors to consider. It is not as simple as "Plug in, turn on, start getting paid."
Simple example. House in Arizona with solar panels. Family leaves for the day, power goes back to the grid. Family is home on the weekend, they need the power. Family goes on vacation, they don't need to the power. Family is at home, again, they need the power. The demand fluctuates. As the market increases, as more and more people start selling power to the utility, the management challenge increases.
I am not sure how home solar works, but with power plants, if you are generating, the utility has to find some place to put that power. Either use it locally, or transfer it elsewhere. If you are not generating, the utility has to make up for the shortfall.
So because the system is broken, it's okay for people to go ahead and commit crimes?
In a twisted logic sort of way, it actually speaks to the effectiveness of the system to deter crime because it is so dysfunctional. An "intelligent" person might look at a "not broken" system and determine that they could "get away with it". Given the system in its current state, an intelligent person is going to do whatever they can to avoid having to deal with the system and suffer those consequences.
There are limits on FDIC insurance. It only applies to certain types of accounts, and up to a specified amount. (It used to be $150,000. I am not sure what it currently is. I have never had that much money in my life.) It sounds like your uncle had a special account that was being used to defer interest and facilitate investment related activities. Not to say that he did not get robbed, because he did. But someone with that much money should understand how to protect it.
And if you are going to do the crime, for fuck's sake, make it a worthwhile crime. Especially if you are an "activist" and trying to draw attention to a cause.
What did this guy prove with his actions? That a company whose primary business is not computer security had weak security controls on their computer systems? Ooooo, there's a massive, game changing revelation that is worth 10 years of my life.
That a company who is in the business of providing detailed analysis of geopolitical events has a bunch of military and corporate subscribers? Funny, I figured that sort of thing appealed more to soccer moms and janitors.
How is putting this individual in prison going to
1) repair the damage they are accused of
2) improve society at large
3) cost effectively return them to society
I was a teenager in the 1990s and active in the computer underground, to the point where I was hacking systems, committing phone fraud, pirating warez, the whole nine yards. As I approached my 18th birthday, I was faced with a decision. Either I could continue breaking the law and face the consequences, or I could grow up. In my case, even a couple of decades ago, it was obvious that there were very real consequences to what I was doing. I was a known entity to the authorities, to the point where AT&T security had conversations with my parents and told them to get me under control, or they would. So I quit. I leveraged the knowledge I gained to get a job in IT. Now I make good money and manage a team of people.
By putting this guy in prison, my decision has been re-enforced as being the "right" decision. It probably will serve to dissuade a few others from engaging in serious crimes as well. It sucks to get 10 years, but there is no way that the guy did not know he was taking risks by doing what he was doing. "You roll the dice, you take your chances." fits in this situation.
In this day and age, "security researcher" is a valid career path. There are plenty of EASY and legal ways to do security research (virtualization, etc) that do not require doing pen tests on systems that you do not own, and do not have authorization to exploit. The whole mythos around the "harmless, curious hacker" is breaking down. Back in the day when the only systems out there were university systems or corporate systems, there was some validity to "having to" hack systems in order to learn. These days, with easy access to *nix systems, Windows boxes, browsers of all flavors, IDEs, compilers, etc, etc, etc... there is no "intellectual or educational" reason to go out and compromise other systems.
To turn the question around, what good comes from giving someone a free pass to hack Stratfor?
I never said anything about requiring a degree. I did not graduate from college, but I have been working with computers since I was 8 (at the time, PC games were better than Atari games). I absolutely value experience over degrees. I have come across too many paper professionals in my time who are incapable of doing anything in the real world.
+1 to the points above. I work in IT operations for a moderate sized corporation (~3500 employees) and we struggle to find qualified talent. We pay well (~$85-90k for a mid-level sysadmin position), have good benefits, regular bonuses and yearly raises. The practice I work for is a technology / IT centric practice where IT is a core component of the business model. That means that we do not have to fight for resources and get to invest in good technologies like auto-tiering storage, massive virtual infrastructures, Hadoop, APM tools, etc.
While we get plenty of eager candidates, very few of them are highly qualified. We often settle for average candidates and hope that we can train them up to the level that we need them at. There are a lot of "IT professionals" out there, but, based on my experience, only about 10-15% of them are truly competent to the point where I can trust them to be more or less autonomous.
I am making the assumption that nobody was stupid enough to create a PowerPoint deck labeled "How to price fix optical drives." Given that the article summary says that the accused went so far as to conceal their interactions under the guise of regular industry events like CES, I doubt they are going to find any sort of smoking gun during discovery.
Without information or evidence, there is nothing to compel the testimony or prove perjury.
HP Lawyer, "Did you collude with others to fix the prices on optical drives at CES?"
Sony Executive, "No I did not."
HP Laywer, "Well, in absence of evidence or testimony showing otherwise, I suppose we have to believe you."