Posts by Old Coot

Re: If Russian government ws able to pull this

Haha, good one. The russkys are like script kiddies compared to the NSA.

Next up: China waiting to bat

Re: Hotel-chain turned data faucet Marriott

This isn't/wasn't an admin problem, this is/was a security officer problem. And the responsibility should be with a C-level security officer.

They're not likely to worry about a fine if they're not worried about a breach (likely to be far most costly). Either way, they'll look to blame it on the person with the least clout (think Breaker Morant, or Lt. Calley).

It relates to the difference between formal and efficient causes, or something like that.

This is why I abandoned the DBA game after 10 years. If something goes wrong you're always the guy next to the machine, who with hindsight could have done something differently. What will not be taken into consideration is that your recommended, best-practice measures were not taken in order to save a few currency units. In my case, it was things like re-using backup tapes more times than recommended, or running versions of the database that were no longer supported ("we can't leave this one because our app vendor went out of business before migrating the app to the current version").

The C-level security person is usually a permanent employee (can't be fired without a court case, at least not in Belgium) with little technical knowledge. He or she relays the cost-cutting dictates to you and (hopefully) your warnings back to the C-suite. The C-suite claims credit for the lower costs, but not for any consequences this entails. To be fair, you can't tell the C-suite what the probability of an incident is, or the likely impact; it's not a game of dice, with a known set of possible outcomes.

What I've been seeing is that, for freelancers at least, there's a push to make us accept unlimited liability for anything that happens. I recently turned down a good offer because the agency's contract contained many clauses like this: "The contractor will be liable for any data breach". No qualifiers saying that it had to be my fault or even to have happened while I was there. They want to make you liable, but how much do they think they'll get from someone who's poor enough to be working for a living? The strategy seems to be to push off liability to someone else.

The deeper problem is in the technology itself: a small mistake or oversight can have consequences that are wildly out of proportion to the negligence involved. Even perfect best practice is no guarantee against total disaster (breach, data destruction). It's not only IT: think nuclear energy, genetic manipulation, bio-weapon development, ...)

The problem for most of the people who read this site is how to avoid situations where this looks like a real possibility. In my experience, you can usually smell such projects after a week or two. Sometimes you can even smell it at the interview.

Re: Imagine what he'd say if Hillary had done this?

They're trolling Trump, just as he does to all and sundry.

Turnabout is fair play, they say.

Re: Oops.

At least the Russkys can build something that mostly works.

So the West, with all its tech marvels, has to rely on the Russians? How is this not a disgrace for the US, EU, Japan, etc.?

Re: Hacker installed Oracle and then dobbed you in for the reward money

Would that go under cybervandalism or ransom attack?

Re: Don't employ a rock star data scientist

That reminds me of a story that Richard Feynman tells (in one of his books) about working on the A-bomb project. He was 22, fresh out of physics grad school, working with a lot of famous older scientists, among them Niels Bohr. Bohr didn't like Feynman, but wanted Feynman to be present at all his meetings, simply because Feynman was such a smart-alec that he would say so when he thought something was bad idea, or wouldn't work. (The other scientists were too intimidated by Bohr's reputation, and afraid of looking stupid.)

In other words, Bohr was the 'rock star' physicist on the program, and most people believed what he said because of his formidable reputation and achievements, But Bohr knew that he could still be wrong, even overlook something.

So it is for the rock-star anything, even a legtimately gifted one. (Go back and listen to all the Beatles' albums; even they wrote some forgettable songs.)

Re: So, is this a surprise?

Upvote for mentioning APL (them wuz the days!).

Only problem with APL, is that, unlike Fortran, you need the interpreter to be present on the victim's system. Python is now included on pretty much every 'nix system, even necessary for certain functions (e.g., Ubuntu software center). Only a few other languages (shell, Perl, Ruby(?)) will have such an extensive installed base.

Re: Perhaps someone needs to read the 2018 SEC guidance a bit closer...

Maybe it's like the smith's fingerprint as a sign of handmade silverware. If they had a bot write that article, there would have been fewer errors, or maybe a different type of error.

Re: Is lies! Lies! All lies!

I see, so it's always Russia. Tsars, Soviets, Russian Republic, doesn't matter; it's all the same thing.

(Like France: Bourbons, Jacobins, Napolean, Bourbons (again), plus one more monarchy, an Empire, and 4 more republics, it's always just France, unchanging.)

Don't worry, such things could never happen here.

Re: This is how countries get poor

Russia? You mean the move into Crimea? At that rate, they should be in the UK in 2525 or so.

Agree about the collapse of the U.S., but is this outsource-everything trend a cause or a symptom?

Re: Bunch of Pikers

There's a William Faulkner novel (can't remember which) where a horse trader named Pat Stamper buys a guy's horse, dyes it, then sells it back to him for more money. Old trick, I guess.

No, I don't understand it; enlighten me.

Does it do something that the Unix shell doesn't, or do it better?

If yes, please enumerate

If no, then why make up a new shell system? Is it just for the sake of doing it, or is there a 3rd possibility that I've missed?

Open-source chipsets

Aren't those Chinese Yeelong laptops using a MIPS open-source CPU? I recall Richard Stallman using on of those for just that reason. They come with Debian, or at least used to.

Re: Certainty?

You have to leverage the uncertainty. Since nobody can prove otherwise, put it on whomever you (don't) like.

Re: Minorities

--> 1)they refuse to learn local language

What percentage of Brits living in Spain or France have learned the language? Besides, Estonian? Pretty difficult, I'd say. Not a very good time investment, especially for an adult learner. I live in Belgium, similar issue. They should switch to English, but nah, that would be too easy.

--> 2)they support putins regime that is hostile to the countries, EU, NATO and democracy itself, while enjoying all freedoms granted by EU etc.

I'm glad to hear that the EU is highly democratic, as evidenced by their love of and respect for the people's will, referenda, etc.

3)they worship soviet regime and deny crimes against humanity committed by that regime, imagine germans living in Israel worshiping Hitler and demanding locals to speak to them in german - thats how stupid the situation is.

So a state of mind, a sentiment is an excuse for making people 2nd-class citizens. How about worshiping God or Allah, how is that different? Besides, why should they care about a country that's the only place they've known, but discriminates against them?

4)Hate the countries they live in but somehow dont want to go back to putins "paradise"

So Russia is just the Soviet Union? If so, how did the Baltic States get out? Did they fight, or were they let go by this USSR-lite?

Enjoy having your country be a missile launchpad; after all, what could go wrong?

down the rabbit hole stuff

Have a look at the story "Memoirs found in a bathtub" by Stanislas Lem for a satirical look at just how far such a thing might go. Spy vs. spy from Mad Magazine, if you're old enough to remember that.

Re: "Official Government Twitter Accounts"

Or try getting a job if you're not on social media. They think you must have something to hide. I'm not religious, but how can one not think of the "mark of the beast" in Revelations?

Re: Déjà vu

In Soviet USSA, regime changes you.

Re: Applying pressure on Twitter

You better check to see what the exit wealth tax is for corporate expatriation. I expatriated in January and know that, for individuals, it's quite high, in the 30-40% range (after a low threshold).

Re: @big?_john

" average Trump voter couldn't even put a key in a door"

Yes, maybe the average, but averages don't tell the whole story, do they? You also need the deviations and maybe there's even fat tails. As an American, I can tell you that the average American could not find the UK on a blank map (Canada and Mexico, after that it's fuzzy), nor tell you the name of any prime minister except maybe Churchill. Nor would they even be curious; it's really that bad.

I voted for Trump in hopes of avoiding war with Russia. Why does Western Europe (Lithuanians, Swedes, French, Germans) feel the need to invade Russia every century or so? When did it ever work out well? But here we are again, missiles on the border. Imagine sitting across a table from someone who's pointing a gun at you; how would you feel?

Everyone talks about how horrible Trump is; why not talk about how wonderful his opponent is? She was the Monsanto candidate, after all (look up the paid-speeches list); do you like the taste of glyphosate?

Ever been in combat? Imagine carrying a 50-pound pack through the snows of Russia, with snipers and land mines to keep you alert. Or maybe you could stay at home and find out what radiation sickness feels like when the missiles reach your town. Wonder how the IT infrastructure will work with all that extra EM activity

Even the endless virtue-signaling on technical stories is nausea inducing here. If there's no God and no punishment, there's no good or evil. Don't take my word for it, ask Ivan Karamazov. So your virtue-signals only impress the people who already think like you, that is, your operation is idempotent.

Everyone else sees only hatred and disdain for those with less cognitive endowment than you and fewer opportunities for develop what they have a beneath you and shouldn't even have the vote, at least not if they're white (or Asian). And thus are we not persuaded, but rather that much more hardened in our convictions. And however disappointed we are with the Golden Golem (and we are, e.g., Syria), at least he's not nuking Russia yet.

Re: Alternative peer-to-peer backup?

Thanks for the tip. I looked at the other alternatives suggested here, but settled on yours.

I'm amazed at the breadth of features offered by the product as well as its low cost, so much so that I looked into buying their shares. Too bad, they're privately held.

Probably smart, that way they're less vulnerable to being gobbled up.