... the cost of breaking corporate software with an update (they just took out our scheduling program for 4 days) is very measurable and affects everyone in the company, ...

Where are your test systems and test cases?

If you want to win these fights, you have to present defensible numbers in units that the PHB's understand: Dollars or Euro.

And the core problem with estimating losses is that you are now trying to play in the realm of the PHB. You will always lose. That is because while you are spending time on productive work they are spending time on personal relationships and politics.

Any time they do not follow your advice and a disaster does NOT strike ... well it is obvious that they were right and you were wrong. So they SAVED/EARNED the company money by being more "productive". Those IT people are all "the sky is falling". Ha ha.

Right up until the systems are cracked and then they're going to blame you any way because it was your job.

NOT training users not to download suspicious executables or engage in fantastic feats of memory regarding passwords.

Don't depend upon a user's memory. Tell them that it is GOOD to write down their passwords AS LONG AS THEY STORE THEM WITH THEIR CREDIT CARDS.

The solution, which security people hate to hear, is to get better at installing and maintaining multiple levels of firewall, application sandboxing and/or streaming applications for all office applications, improving intrusion detection and dynamic virus removal in real time.

The REAL problem with security is that the VENDORS do not place a priority on it.

It isn't that we hate to hear that.

We're already DOING that. But it doesn't help much when a CxO installs some infected software on his laptop (which he can because he is so important that he NEEDS admin-level access) and then brings it into the most firewalled section of the network.

Right now I'm focusing on knowing when a site is compromised rather than trying to get EVERYONE to follow the best practices EVERY TIME on EVERY SYSTEM.

Actually, there is a problem. Which is why the schools with less money do worse on standardized tests than schools with more money.

And the problem is that the tests are written to a specific curriculum that is clearly identified in the text books associated with those tests.

So even if a student knows MORE about a subject than is taught in a specific text book, that student can still FAIL the standardized test because s/he does not provide the answer identified in the text book.

Such as ... what are the 3 main reasons for X.

In math it is more about how the word problems are written. If the student is familiar with the way the problems are phrased it is easier for him/her to get a higher score.

Maybe. Maybe not.

In my experience the tests "test" you on your knowledge of how the VENDOR would like you to "solve" a "problem".

I haven't seen any test were there is something objectively "wrong" about any of the questions or answers.

But I have seen a lot of questions and answers that are phrased somewhat inaccurately for someone with more experience than just the vendor's training materials.

So if you know the subject, a quick read of the vendor's materials should tell you where the "tricky" areas are. But if you want to skip that step, you should be able to pass most certifications without a problem.

Other than some common generic services you still have to engineer solutions to fit your business needs.

And even those generic services will still need someone to provide them. Whether that person is directly employed by your company or is an employee of the "cloud" company you're contracting with.

People who "know how it works", or IT people will still be needed regardless.

Most definitely. Particularly when there is a problem with your company's Internet link and everything "in the cloud" is unavailable.

Or a problem with the "cloud" company's Internet link.

In either case, you will be dealing with someone who will view you as just-another-client. It doesn't matter if you're not happy. Or if your business suffers. Because your payments will not make-or-break THEIR company.

With a machine AI we shouldn't be competing for the same, scarce, resources.

Skynet would do better trying to colonize the moon and the asteroid belt.

So many times I'm driving correctly and then some idiot pulls into the "safe" space that I had AND THEN HITS HIS BRAKES BECAUSE HE ALMOST HITS THE GUY IN FRONT!!!

With an autonomous car the situation will still be the same BUT there will be a lot more data showing the circumstances that lead to the accident.

I see it as three different cases:

1. The health nut who is already healthy but attributes their health to this one weird secret that only a few, special, people know about. Because everyone else isn't as smart as they are.

2. Someone with a bad disease who wants some hope that they'll get better so they'll try anything.

3. Munchausen syndrome

Remember, it isn't "magic" if you say it's "quantum mechanics".

Quantum physics is a branch of physics that understands the interrelationship between matter
and energy. This science offers clear explanations as to why homeopathic remedies with seemingly no chemical trace of the original substance are able to resolve chronic diseases, why
acupuncture can offer patients enough pain relief to undergo surgery without anesthesia, why meditation alone
can, in some instances, reduce the size of cancerous tumors.

No it does not.

And as part of the "course goals":

Understand the difference between Newtonian physics and Quantum physics and their corresponding impacts
on biology.

Bullshit.

Intelligently address the concerns of those afraid of alternative medicine or skeptical about its efficacy.

It's called the placebo effect.

A lot of other politicians would call it horse-trading.

Could be. But what it is NOT is hypocrisy since both the initial claim to support/oppose X and the vote to oppose/support X are in the public eye.

Hypocrisy is when a PUBLIC virtue is claimed while practising the associated vice in PRIVATE.

This could be horse trading (regular politics). This could be corruption. This could be a two-faced lying politician.

But it would not be hypocrisy.

Why hasn't this been mod'ed up?

This is my preferred solution. A machine that sits outside the main firewall that just runs browsers for remote connections.

The internal machines stay clean and the external machine(s) get wiped/reloaded on a regular schedule.

Also, everyone logged in gets a daily/weekly report of what sites they've been visiting and when. And a list of people who can request a copy of that list (their boss, their boss' boss, HR, etc). Judge for yourself whether you'd be able to explain your habits to HR should the question ever arise.

You have a rare boss who understands that the most important thing is that workers be able to work without interference from know-it-alls.

Well the question would then be why-is-the-firewall-there-in-the-first-place.

Is it because it was seen as the cost effective solution to workstations being infected by malicious sites/ads/whatever?

Was there a different reason?

Web blockers usually require a subscription fee. Why pay the fee and then let users bypass it?

Wouldn't you want to be notified if a work-related site suddenly got blocked?

Nicely phrased.

How about a different scenario?

Meet Billy. Billy wants to be a programmer. Billy has a high school diploma. Billy has no college degree. Billy has no certifications. Billy has no professional experience.

What advice would you give Billy to get him his first programming job?

However to filter out on the fact they don't have a certificate (or degree) means to lose out on some of the better programmers.

Any time you use a filter you run the risk of missing a better candidate.

Certificates are an easy filter because any qualified candidate can get them with minimal time/expense.

Are you going to refuse to send in a resume for your dream job just because they require a certain certification to be considered? Or are you going to go to the testing facility and get that certification?

Not just resume. I talk to them. Ask them questions. Usually, I know if I'll hire them within ten minutes.

That doesn't sound like it scales very well.

The last time I had to deal with resumes I had hundreds. And that was from people in Seattle/Tacoma.

Calling each of them would have taken weeks. Or months if there were any complications at work.