YES!

This should get moderated as Funny!

In my original comment, I obliquely asked whether technology companies' security consultants and government-sanctioned auditors (technical review committees which authorize such devices) were sufficient to address the concern.

Let's remember that this isn't some "nobody knows who built the firmware" scenario. This is in reference to commercial goods and services which have obtained countless industry and government certifications before being made available to the general public. Whether the public comprehends the magnitude of regulations at play is an entirely different story.

If consumers cannot trust the governments and their constellation of countless certification professionals, then what makes anyone think that consumers can trust a handful of ad-hoc peer-reviewers who operate under the freedoms established by the same said governments?! Let's not forget the bottom line: commercial products are different than journal articles specializing in theoretical concepts for academic credentialing.

Yes, that's contradictory and/or hypocrisy. It's ostensibly encouraging a double standard of privacy. Instead, the same level of peer-review should be applied to all entities -- be it a person, a corporation, or an artifact/technology.

(Yes, it's also a double-edge sword to want cake and have to eat it all, too.)

The same firmware concept applies to everything electronic.

Good luck with that!

From the original article, the author (Thom, whom I recognize for his efforts) introduces the topic of peer-reviewing every minutia of the devices we use; he laments about the absence of peer-review in proprietary and closed-source. As an open-source advocate, such a viewpoint is naturally expected and his flashing a light on the subject is always appreciated. [But how does he know? Wouldn't technology companies use security consultants to conduct security audits?]

However, applying the same lines of argument to every closed-source scenario is really preaching anti-capitalism. That means they're arguing against trust of the technology creator, against their desire for trust-based compensation, against the notion of making a dollar in order to spend a dollar (due to constant disclosure of all things 'private'), and against the underlying notion of privacy. Actually, scratch that... they're simply hypocrites.

Why? Because they advocate disclosure (anti-privacy) by others, thus not trusting others. However, they want personal privacy in the hopes of establishing a reputation for being trustworthy -- or are they advocating an ultra-liberal utopia where commerce is not based on property but instead based on a crafted perception of trust? Either way, that's hypocritical behavior! If everything becomes subject to peer-review, then the notion of trust vaporizes... and in the process, privacy is gradually lost... and both factors lead to an erosion of aspects of capitalism.

TL;DR -- Peer-review everything means trusting nothing, disclosure of everything, and loss of privacy... yet it's hypocritical since the advocates seek to maintain anonymity when applying the same frustrations against capitalism as they do against trust-based commerce.

I wholly concur with the above comment, but with an additional stipulation.

Just because somebody can "read" and "write" the communication language does NOT make them a good communicator. Individuals must possess the ability to listen, analyze/synthesize input, and succinctly discuss all topics relevant to their job. That means using analogies, understanding metaphors, adopting synonyms, and providing functional (and professional) definitions for the audience.

In other words, communication skills should be just as mature as the communicator claims to be.

Nope. SAP doesn't even fully dogfood their own stuff! The last multi-year multinational SAP "upgrade" deployment I personally know about... decided that Google Apps for Business was better (IOW, they abandoned the SAP stack). About 9 months after the limited Google redeployment, they transferred over to Microsoft's 365 offerings plus other SaaS-based commercial players (e.g. Salesforce) to handle everything from HR to ERP to CRM to KM... to fully replace SAP in every which way.

It bankrupts companies, destroys employee morale, solidifies job security (if you're on the deployment team), and guarantees over-procurement of IT systems to support any given deployment.

But more seriously, nothing. Most purchasers are non-technical folks who cannot understand the difference between MySQL DB and MariaDB... much less the technical intricacies of proprietary German-engineered software stacks crazy-glued together over IT generations with absolute abandon. Heck, even their most useful documentation is not properly translated into English!!! (If they cannot translate the how-to manual, then how would anyone expect them to configure the entire platform properly for today's... or tomorrow's needs?)

Thank you, sinij. I was going to respond with something similar (scope creep).

An elaborate multi-factored social engineering hack (commonly referred as a "heist") is quite different than a penetrate test. Anybody can commit fraud, be it a computer illiterate juvenile or a network security contractor (*cough*Snowden*cough*) by virtue of misleading or reconfiguring enough influential factors (people, systems) to pass whatever security measures are in place.

The same outcome could have occurred by stealing an employee's security badge -- especially if there's an uncanny visual resemblance.

In other words... no news here.

Apache Flex (available at http://flex.apache.org/) became the natural progression after the proprietary strategy by Adobe failed.

There is never a way to predict the future... merely expect change and anticipate failure. When new frameworks are available, there are typically code-conversion utilities that demonstrate (or incite an appearance of) maturity. As any new technology is presented, the strength of attendance AND technical prowess of the developer community surrounding the technology is a reliable indicator to its longer-term viability.

A simple measurement is this: IF the tech should last for 4 years, then how much history and roadmap (and financial backing) is equally present? If there are sufficient history and roadmaps present, then how sound is the technical basis for the framework? Should the basis and direction apply to your problem, then it becomes a viable solution; otherwise, look elsewhere because it doesn't matter whether it sticks for 10 years or 10 months, it still won't solve your problem and thus be a viable option for you or your projects (or career).

I don't want sysadmins claiming to be programmers; I don't want tech support claiming to be more competent at bug fixing than professional software developers.

If by "Most IT Workers" they mean non-developers do not have STEM degrees, then that's a-OK! They better know how to read, write, draw, and interpret literature (like MANUALS and follow INSTRUCTIONS) and not get involved in the real challenges of problem solving software.

As I like to say, the more schooling someone has then the less they know. STEM is broad and people coming out with those degrees are not patron saints, either.