I find it difficult to understand why anyone with even a cursory understanding of the contemporary threat environment wouldn't instantly dismiss this idea from any further consideration the moment that it was articulated. All such payment systems divide into two categories: (1) those that have been exploited and (2) those that are going to be exploited.

My expectation is that while I'm writing this, and while you're reading it, scammers are already gearing up to find ways to trick people into enabling this; that they're figuring out how to code web sites that take advantage of it; and that they're registering domains, setting up hosting, etc., in order to exploit it the moment it goes live -- so that they can do as much damage as possible before it's picked up by tech/non-tech journalists and before word spreads that it's something to watch out for.

A lot of people are going to be hurt by this, and when that happens the developers responsible for this debacle will (a) refuse to accept responsibility and (b) refuse to financially compensate them. Whether or not the victims will close ranks and file class-action litigation is an open question, but I certainly hope they do: those responsible for this should lose EVERYTHING as a result of their utterly irresponsible conduct.

Perhaps it would have also seemed silly to try to save many the scrolls from the destruction of the Library of Alexandria. No doubt many of those covered mundane details of ordinary life -- land transactions, farming methods, political deals. Certainly it would not be apparent to those who lived at that time that such trivia would hold any interest even a few years later, let alone centuries hence. But it does. And there is no way for us to know, in 2015, whether or not the manual for a Tektronix 545 oscilloscope (circa 1955) will be of interest to anyone in 2055. But we should know that if we let all the copies disappear, that the question will be moot: we'll have removed the possibility...and thus the possibility of whatever insight could be gained.

I stood in that room and held that manual in my hands yesterday. Then I put it in one of the many (many!) boxes headed for storage, against the day when it can be pulled out and scanned. Perhaps I'll be the last person to ever glance through it; or perhaps, sometime in the future, someone else will come across it and say a silent thank-you to those responsible for preserving it from oblivion.

This is part of our history -- encapsulated in voltage meters and PROM programmers, broadcast amplifiers and 68000 development boards. It is not disposable. It is not expendable. And so if you'll excuse me, I'm going to head over there and get back to work.

If you support LinkedIn or have an account there, then YOU are part of the problem. You're not only implicitly endorsing spam, you're generating it, supporting it, and funding it.

If you don't support LinkedIn and have blacklisted or firewalled them: good. That's the correct professional response to any abuser/attacker.

If you haven't blacklisted/firewalled them, then you'll want this:

8.22.120.0/24
69.28.147.0/24
199.101.161.0/24
199.101.162.0/24
199.101.163.0/24
216.52.242.0/24

Remember to block all IP traffic bidirectionally so that LinkedIn can't reach your network and so that anyone on your network can't reach them. This is especially important if you run mailing lists, since LinkedIn will spam those too. I also recommend checking to see any of the spammers who work for LinkedIn have managed to get on your mailing lists: if so, unsubscribe and ban them.

There's zero reason to believe the NSA's version of this and every reason to believe Snowden's

Why?

Because, so far, every single thing that Snowden has said has turned out to be true when cross-checked. And, so far, every NSA official spokesperson has been caught repeatedly lying.

The inferior people at Dice -- you know, the same ones trying to shove their shitty Beta site down our throats -- are actually not clueful enough to realize that this is a very old idea. Whitelisting OS resources, applications, networks, IP addresses, etc. has long been an effective security measure, and I've deployed everywhere I've been for the past 15 years or so.

It appears that the Dicedroids think everyone is as stupid and clueless as they are.

This. One hundred times this.

The teachable moment for Dice is RIGHT NOW. They can either admit what everyone knows (that Beta is a horrible downgrade and should be killed immediately) or they can let their massive out-of-control egos continue to drive their decision making...and drive Slashdot right off a cliff.

The question that remains is whether they're smart enough to realize that, or whether they will persist on the path they've chosen -- which leads inexorably to a future where people talk about Slashdot in the past tense and catalog its downfall alongside that of other sites whose operators failed to listen to their masters: US.

My money is on the latter. Every response I've seen so far from them is full of PR happytalk and bullshit. I think they truly believe that they can pull this off if they lie about it long enough and consistently enough. After all, that's how business is done these days, for the most part.

The solution is simple: can Beta as a failure. Be grown-up enough to admit that it did not work [...[

They are either too stupid to realize that (despite the overwhelming evidence) or too afraid to admit it.

So take your pick: idiots or cowards. Maybe both.

No one comes to /. to read the stories.

That's absolutely true. The editors here are young, inexperienced, naive, and largely clueless. Which is to be expected, we were all that once upon a time. However, the commenters include a good number of older people with significant experience and knowledge, and THEY are clearly a thousand times more important than any of the interchangeable, expendable editors.

The most important thing that this fucked-up Beta teaches us is that Dice does not understand that previous paragraph. It proves to us that they're arrogant, self-important, egotistical assholes who think we're sheep to be herded as they see fit. It's probably going to be necessary to teach them a lesson, and I suspect that the form the lesson will take is the rotting carcass of Slashdot nailed to the wall, because they are clearly LYING when they claim to be listening.

Which is not surprising: MBAs are stupid people, that's why they don't have real degrees. But It is disappointing to see how spineless Timothy and the others are. If they actually had any backbone at all, the editors would side with the users and resign en masse in protest.

That's an excellent point. This is clearly management happytalk bullshit being fed to Timothy, who is obediently regurgitating it to us and hoping that we're naive and stupid enough to believe that they're "listening".

They're not listening. If they were listening, Beta would already be completely abandoned and we would be reading a full public apology from the people responsible.

The ONLY acceptable response is the instant and permanent removal of the Beta. Period. All other responses are lies.

I hope it was enough to make being an obedient little corporate toady worth it.

The ONLY acceptable response from Slashdot is the immediate and permanent abandonment of the Beta project. Everything and anything else is just happytalk bullshit from cowards and liars.