No a false flag operation is pretty much any operation where one of its principle objectives is the miss-attribution of the action to another party.

Suppose Bob hates Alice, and Bob also hates Ted who does not care about Alice one way or the other but similarly despises Bob. Ted might attack Bob under the flag of Alice, in hopes Bob will go to war with Alice. Bob will consume his resources fighting with Alice; perhaps to Ted's economic advantage or maybe so Ted can attack a further weakened Bob later.

You I think there is a certain type of individual that is attracted to technical/mechanical work. I don't care if its software architects or actual architects planning out a sky scraper. The sort of person who wants and likes to think about details, consider behaviors across large input domains be they the length of a string or a snow load and work through problems in highly structured procedural ways tend to exhibit certain personality characteristics.

This goes for males and females. Just about everyone I have ever met who is successful fields of this type tends toward this sort of off color humor. Probably because they see ( correctly IMHO ) that in most case our interactions with one another are rather scripted and predictable. Humor pretty much means violating expectations but in a way the logical connection between the subjects is immediately apparent in retrospect. Sex jokes are simply easy to construct and lets face it whether certain groups of people care to admit tend to be reliably funny. Just look at the sheer number of "Sex/LateNight Comedies" Hollywood turns out. It may not be the avant guard of humor but it works.

Technical people and engineers don't generally seek to make things harder than they need to be. If the reaction they want is a chuckle from their peers, an a sex joke is the easiest way to get it. A sex joke they will use.

I would like to propose a new software defined network application.

CUNTS common underlying network tunneling service.

Not sold. Sticking with something like BIOS does not mean sticking with BIOS. Its time to drop the legacy support, sure. Sticking with a small amount of boot code to fire up the storage controller and jump to boot loader, set some memory timings etc is going to more secure than a massive interactive application that UEFI is.

Fewer inputs mean fewer inputs to sanitize and less opportunity to screw it up.

It would be easy to prevent such attacks by KISS as well. Sticking with something a lot more like BIOS instead of a multi-Megabyte EFI mess.

So I am confused are we happy an official finally offered a reasonable and likely accurate description of the risks we face, and correct identification of the problem, attribution, or not?

There are a number of diseases like this, sickle cell comes to mind as well. Watch out though sickle cell does confer +1 malaria resistance and given the warming trends...

Was the last version of SQL Server you used 7.0 or something. I love to dump on Microsoft as much as the next guy, but honestly SQL Sever 2000 on is pretty damn good. As far as falling over when hit with significant load, I was running a 60TB database on the first Itanium versions of SQL 2000 back in '04 and it never 'fell over'.

The project was big enough and cost enough Microsoft was willing to send people out to help us tweak and tune. That is all we did though nothing exotic like a custom build or anything. Just end user tuneables and guidance on schema around partition views and like.

So really there are plenty of legitimate criticisms of the Microsoft platform family but SQL Server falling over ain't one of them.

I think he is saying we don't want to just make "another game" that happens to have the same characters and genre with a new subtitle. It has to really be good so we don't spoil the franchise. In order to make sure it is good we need to know why the first one was really such a big hit.

What was truly unique, what was the special sauce that made all the other ingredients truly integrate? If they can't confidently answer that they won't do it.

Why do expect us to help you if you start out by saying and let me paraphrase "I insist on doing it wrong"

The parts of the spectrum that have bandwidth enough for most of today's applications AND good signal propagation characteristics certainly are.

Spoken like a true ACA apologist. Before that law went into effect, the 'data' the IRS or State Dept had on me was all largely discoverable through a few simple public records searches, and a beginners OSINT effort. Not all my salary would be hard to determine specifically, and my SSN might be moderately difficult to discover. Otherwise the IRS had name, address, phone, bank account numbers (anyone who has ever handled a check you have written has access to that), DOB (you probably share that on FaceSpace), number of kids (already public record), marital status (again already public record).

Letting the government in on medical history is an entirely new and invasive situation for anyone who hasn't filed for Medicare / SS Disability. Quit trying to pretend different.

First off they are not fake certs, they are they are just issued by the companies internal certificate authority.

Your corporate laptop does not belong to you. It was given to you to do the work the company pays you for not for your personal banking or anything else. It isn't the least bit unreasonable for them to configure it how they choose with whatever certificate trusts they want. Again its not your computer you can decide if you trust it/them with your personal stuff or not.

Additionally I can tell you outbound SSL interception is NECESSARY on corporate networks. In todays world of botnets and hacks you cannot claim to be doing due diligence to protect the company's trade secrets, financial data, IP assets, and all the PII of employees corporations handle if you just let everything go out the door in an opaque way like well a firewall rule that says "hey 443 outbound anything goes". Seriously if you still think this is an okay policy and a medium or large business and you have Security responsibilities, you should be fired.

Contrary to what you may think your IT Security department has better things to do than spy on your facebook likes and drug prescriptions. They don't care and in most cases actively don't want to know. What they do want is to make sure your traffic gets a pass over their IDS signatures, custom rules to grab anything with internal document numbers, botnet detection algorithms, etc. They also want to track statistically unusual large outbound transfers and log that they occurred so there is some evidence and some kind of history of events can get put together after the fact if something does happen. They probably log request headers etc for the same reason, but I doubt very much anyone looks at them, except when a need for forensic investigation arises.

I can tell, we never spied on our co-workers when I was managing system similar to bluecoat. We only tested capabilities within our group (with full knowledge) to make sure things worked. We were open about the fact they we inspected outbound traffic with the organization. Any employee who opened the handbook or read the first paragraph of our acceptable use policy they had to sign as part of their hiring documents knew we had these capabilities.

Not entirely true, I can't do much about you knowing I connected to www.dol.gov, but TLS would prevent you from know if I was researching whistle-blower laws or just after some employment statistics to make a decision about what sectors to invest my 401K in.

Even for just viewing mostly static content TLS does afford some privacy which may be important in some situations. I will concede though that compared to most other threats to online communications this is probably of least concern.

Hey my browser is actually named.

"Firefox57 Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1) Like Opera and Google Chrome" you insensitive clod. Its hell to escape starting from the CLI.