This is the thing the story completely misses. About half of the audience insists that there is no problem, since women "just don't want to be in tech so we shouldn't make them" and therein lies the actual reason nothing has changed in the past 30 years.

The reason that level-headed people want to diversify their organizations, is that if you draw your talent from one pool and ignore another pool you are at a competitive disadvantage. There is nothing concrete to suggest that women just "don't want to be in tech" and there is nothing to suggest that they are any less apt at excelling in tech. To the contrary, there is plenty of evidence that suggests women do want to belong in tech, and can be every bit as good in tech as men. Therefore, if there are two talent pools, and you are drawing at best 20% from one pool and 80% from the other, you are going to overlook a lot of talented women (they don't just naturally float to the top) and on the flipside you are going to hire a lot of undertalented men that you don't need to if you were able to find the talented women that are out there. This leads to a suboptimal team. If your competitor cracks the nut of hiring equality, they are going to have an easier time assembling a better team than you. This is why you should care. If you ignore it and continue to think the status quo is OK, you are going to get burned by the orgs that know they can do better.

How does the USPS see all the Fedex and UPS shipping data? They are the ones doing all the work, the USPS carries a slim share (a sixth) of packages in the US.

It's facebook, for work... Your org will have to opt in. When they do, the "boss button" will be in the spreadsheet app, and it will bring up facebook. Welcome to the future. Let's get some shit done!

Logitech is actually out in front when it comes to encryption. Their 2.4ghz wireless keyboards going back almost 10 years have used 128 bit AES. Unless someone has leaked the pre-generated key algorithm, your chat history is safe and sound.

You are going to want to watch your head when you try that in microgravity.

I would tell you but you would fall from superposition, and I don't want to be liable for that.

You make a good point, but indeed most medium-sized and up orgs do keep some sort of hot-spare facility at a distance, whether it's a privately owned building, colocation space, or cloud service. Traditional localized disasters (5 alarm blaze, earthquake, tornado, etc) are planned and drilled for, sometimes specifically down to which disaster has struck. If the entire eastern seaboard gets wiped out by a "real disaster", chances are your customers aren't going to be keen on getting online anyway, and everyone important to your org will be running scared for their lives, so presence of some sort of IT backup will be irrelevant.

Treat it just like a DR exercise. The first phase would be confirming the breadth and depth of the incident. Your IDS goes off, or a department reports some missing/vandalized files, or notices some logs with audit warnings that are out of place, and raises the red flag. Next, you need to gather forensic information from every last piece of equipment in your entire organization, quickly, and move it to a sterile location. Whether that is possible or not will determine your ability to move forward strategically or to deploy the airbags and EPO the datacenter before it gets worse. It's really not as mystic as most commentators here make it out to be. Come up with a plan, then hire a pen test firm to do a number on you. Don't tell your front line techs about it (in fact keep it as secret as possible) and wait for the results to come in. If your incident response plan is executed, even in part, you are on the right track. If not, regroup and try again in 6 months, and hire/contract someone to beef up the plan.

The Sony hack was a wake up call to every company that doesn't have actual money on the line in IT, to realize that sometimes you will get fucked just for the sake of getting fucked. There isn't a single profitable venture left in the western world that succeeds without IT.

The same reason that small and medium businesses don't have full time lawyers, but aren't totally fucked if they do get into a scrape with the law: You find a good one, start a working relationship, and keep them on retainer for a fraction of the cost of hiring them to work full time when you only need them three days a year. Security/risk firms, that will do everything from forensics to auditing to physical penetration testing and "fire drills", are out there. Find one you like, give them a contract to get your security and DR shit in order, and keep them on speed dial for when the Big One hits.

How a check-box from a barely trained, barely paid poll worker constitutes audit-ready data would escape even the most experienced Arthur Andersen associate. Here's a hint: after you get home and you see the results on the news that Candidate ABC got 2 votes and Candidate XYZ got 0 votes (its a tiny town), how would you go about demonstrating that the ballot you cast in support of Candidate XYZ actually pushed the tally higher? OOPS! Audit fail.

If only it were as easy. DDoS attacks come from botnets. Botnets don't come from somewhere, they come from *everywhere*. If they played the "cut off the offenders" game they would need one hell of a huge IP-level blacklist, or they would cut off literally every link they had since compromised hosts are everywhere. If you are going to say "just force the end ISP to disconnect them" then again it's amazingly complicated since an ISP in Georgia (the country) isn't going to listen to some twat in the UK or US complain about a certain group of hosts that are participating in a DDoS, just like ISPs in those countries wouldn't listen to some ahole in Georgia complain about a DDoS host since he might just want to take it offline for political reasons and there isn't nearly enough international cooperation to keep up good relationships between all the concerned parties. Moving up a tier, there is too much good traffic coming from any given ISP to simply write it off as blocking the whole thing.

LOLwut. Geiger counters are for alpha, beta, or gamma ionizing radiation (they count how often stray ionizing particles hit the collector). You won't find any ionizing particles when radar-band transmission is used.

You probably meant to say "use an off the shelf car radar detector".

More importantly, the article mentions using "overseas locations" to retaliate. Really all this is (or would be) doing is dirtying the water to make it harder to find out who the real malicious actors are. Better to spend your resources tracing down the exact source, or better yet on public awareness campaigns about malware (since all DDoS "attacks", and a lot of other attacks, come from compromised bystanders). Otherwise, you are just going to push your attackers on to a different group of hosts and will get hit again before too long.

If you really do spend all your time at your desk, get a small, cheap UPS and plug the laptop in to that, and remove the internal battery completely (after running it to about 80% SoC). It will be mostly charged if you should need to pick up and go in a crisis, and you can have it fully charged in about an hours notice.

The only way to truly preserve the life of a modern Lithium battery is to get it into a comfortable SoC at around 80%, and then unplug it and keep it in a cool dry place. Draining it just for the sake of giving it some time off the charger is going to at best result in no improvement (if the charger was over-charging it), and at worst result in killing it faster (if the charger had it balanced and you put it through a discharge/charge just for shits and giggles). The charger knows to disengage when the battery is full (at least, for properly functioning laptops) so trying to preserve it any way other than just removing it completely is foolish.