Well that appears to be one workplace that sucks.

You don't provide revenue either but instead contribute to the product that eventually gets sold. Others also contribute. You are a "support" person to the salesfolk if I apply the same reasoning you are applying to IT.
BTW, I am also a professional engineer but I mostly run computer systems for others these days and assist with the development projects for others. "IT" is not as cut and dried as you like to pretend. Many people would call your job of hardware and software development "IT" and be confused that you seem to be lumping yourself in with janitors.

Well at least you've managed to get a sense of superiority out of replying to these comments even though you do not seem to have grasped the context of the discussion.
Calling an IT person a janitor as an insult shows a lack of respect for both and is as stupid as calling a marketing person a hooker or a finance person a thief.

or that method is now taught in college

Seems frequent enough. I've had to populate desktops with icons for people who seem scared of the "start" menu.

That's an analogy that works far better.

You've got me. While a honeypot doesn't seem that useful versus an active cracker my arguments fall down against dumb malware and script kiddies.

It is well known and established security fact that the vast majority of threats to a network come from within

And this is a very stupid way to attempt to deal with the situation. Fabricating ready made crimes to catch the weak willed, deals with low hanging fruit, gives you a false sense of security and can lead to punishment of people who you normally wouldn't have to worry about.

Perhaps your interpretations have been polluted by a set of sibling posts I never saw.

But you seem to have a problem with my specific usage of magnitude, despite explanations, so I think perhaps you are being willfully obtuse, I am doing a poor job of explaining it to you, or possibly you aren't as well-versed in english technological vernacular as you think - you do imply you speak German, perhaps you are in that uncomfortable situation where the similarities with your mother tongue are just enough to occasionally throw you for a real loop when they diverge.

And I do sometimes feel compelled to correct misunderstandings in people who seem to have some interest of the fields I'm skilled in (as you imply you do by flashing your knowledge of the meaning of orders of magnitude) - a small intervention against a flawed understanding can sometimes cast aside future obstacles to learning that might discourage a hungry mind. Especially if it's a correction for someone who is actively spreading their misunderstanding.

I just traced this conversation back to it's beginning, and you were the first to say anything about orders of magnitude. There were two prior uses of the word, both seemingly using the general mathematical meaning of "size" or "amount" of a potentially multi-dimensional quantity. Understand: this is common technical usage, at least in America - in the context of math and science "size" and "amount" can be potentially confusing as they have definite (if context sensitive) mathematical meanings, whereas "magnitude" has minimal common-language implications and has been assigned the very common-used meaning of "size of a potentially non-trivial value that may or may not have a geometric meaning". Try rereading the flow substituting "amount" for "magnitude", there are only three posts in this chain:

On rereading I'll admit that the usage in AC's comment could have also been intended to convey the more specific sense of "amount within a power of ten", but then so could mine, and it works equally well with either interpretation with minimal change in meaning. So long as you recognize that both meanings exist any mutual misunderstanding rarely lasts more than a couple exchanges. Confusion on that front is rarely significant since if you're talking about specific orders of magnitude you always include the "orders of". Values may be off "by three orders of magnitude", but not by "three magnitudes" (except in astronomy, where "magnitude" is a precisely defined unit like "meter"). Nor is it common to speak of "a magnitude of difference" or "a difference in magnitude" in order to imply one order of magnitude.

active directory

I see now - fully trusted hosts, potential malware ridden with no way to keep it off other than hoping the antivirus updates arrive before the malware, and a closed system where you have to guess at the legitimate traffic to boot. I can see now why you grasp at straws such as honeypots and hope the malware is so badly written that they randomly get attacked before your real systems instead of the malware taking a look at what the machine it is on has connected to in the past.
After they do get attacked what do you do to stop an attacker using the honeypot as a potential vector to do other stuff? Even if they can't get out they can work out you are watching them and feed you disinformation.

Any traffic to the honeypot is worth investigation.

True but decent monitoring should turn up attempted traffic to addresses that do not exist in the same situation. Decent monitoring is hard to bolt on after the fact but a rock solid playpen for crackers, with decent monitoring of that, is probably not going to be easy to do either. It's one thing having a research honeypot outside of your external firewall, but with one inside your LAN with the welcome mat out what do you do when a cracker gets more control than you expect?

Do you have any idea how much traffic a corporate mail server can get?

If your network is too large to comprehend then apply an engineering solution instead of a basket weaving solution and handle things in managable chunks. Since IT folk like to pretend they are engineers (which was to my benefit when I changed careers from engineering a couple of decades back) why not act like them? Suspicious stuff coming in or out of segments is one way of tracking, does that really compare with hoping something randomly hits your honeypot? Oh that's right - if you are not tracking what is coming in and out of managable segments then hope is all you've got. Carry on then. Let's hope they don't use your fragile honeypot as a springboard to something else before you find out they are there.

The REAL storage server is used by thousands of people, so it gets many, many requests per minute. Sorting out legitimate use of the storage vs something suspicious would be nearly impossible.

Take a look at how people handle security on very large compute clusters. It is not "nearly impossible". If you are not on the list you don't get in. If you try to get in you get logged. If it's too large to monitor you cut it into chunks that are not too large to monitor.

Actually I would be opposed to online voting as well. Sure, it *could* be done securely. Theoretically at least. But it would be considerably more difficult to do so than to create a secure electronic voting booth, and the evidence suggests that the security on those is a joke. By extension I would assume any deployed online voting system would be laughably insecure.

Australians are generally lazy but get a reputation for being hard workers overseas due to the way we deal with it. The idea is to get into the work as quickly as possibly so we can get it done and bugger off home early :)

One of the bigger cultural differences I've found working in both the U.S. and Scandinavia is that American meetings are long, unpredictably scheduled, and really disorganized

One quite pathetic situation/problem in large organisations is that people can be seen to be more effective the more "face time" you have with them. Thus some long meetings exist for the sole purpose of spending time with the people with the power to promote. Apparently it then snowballs into the "company culture".
Since I'm now in a small enough place that everyone has no choice other than spending time with everyone else I can avoid that stupidity but I still see it on occasion when the company I work for takes jobs from some large multi-nationals - I get to see a little window into full-on Dilbert territory. Things like meetings where eight people from the other company turn up but only two speak, who get left floundering with no backup when out of their depth despite all the others there.

Once again - network monitoring. If something starts sniffing around your machines that only get specific traffic from specific hosts on specific ports that rings alarm bells better than letting some fragile thing get owned and be used for who knows what before you can respond.

It was a rubbish analogy that deserved to be mocked with an added insulting accusation of being a criminal.
They ARE leaving something out in "public" when the public are the employees of the company - leaving the money out in the hallway and punching whoever picks it up.

It's no different from entering a house through an unlocked window

Clearly not because the people you are trying to catch are already "in the house" but you just happen to have put something shiny in their sight in the house with a sign "don't touch" on it. Ready made crime. Just add criminal. Whether the potential criminal would exploit other, more difficult, opportunities and become an actual criminal is unknown, so it's largely pointless and better to go after something real instead of wasting time unless your goal is to impress others by setting people up for crimes and getting an impressive "arrest record".