I've audited enough crappy systems to say with some faith that there are VERY few systems out there that would stand their ground against an at least halfway organized assault.

And I'm not really disclosing anything that is under tight NDA or similar bull. Anyone who has an inkling of a clue about IT security will come to that conclusion by the hacks that get public alone. Take the Anonymous/LulzSec (or whatever that was called) hacks of some time ago. Now, I don't want to belittle their effort, but when you look at how high profile the targets were and what simple tricks were involved, you can't help but wonder.

I can't think of a single published attack vector they used that was not part of the OWASP Top 10, which is pretty much the baseline for IT security. That's essentially the very least of what you have to have "down" when you're at least remotely concerned about the security of your IT assets. We're talking about the equivalent of having your door locked at night or closing your windows. Very basic stuff that makes you wonder just why it was possible for them to overcome.

You stop wondering when you spend a bit of time in the corporate IT security business. The problem boils down to a single factor: money. And that's where security really has a problem: It costs a ton of money, but makes none. Every cent spent on security is gone with no chance to ever see it again. And you spend a lot of cents on it because not only the people who can do it sensibly are quite expensive, but because security is also usually anathema to productivity. Of all the companies I know, only in a single one security trumps productivity and availability in cases where they are mutually exclusive (and they are usually numerous). One. Out of hundreds.

IT security is much like an insurance. And just like with many "unnecessary" insurances, companies have it mostly due to either legal or contractual requirements. And just as with insurances, they will "waste" only the bare minimum of resources on it, just enough to abide to contract or law.

I think it goes without explanation just why such a Potemkin village of security straw huts won't stand a breeze, let alone some dedicated storm.

When did that happen? Why didn't I get the memo?

I prefer to "neutralize" them. It sounds way more legal.

Just 'cause your imaginary friend is ok with it doesn't mean that it's sensible.

Now suddenly the free market, with its rule of supply and demand, is bad?

Get real, my friend. Stuxnet was designed to prevent psychotic religious fanatics from developing nuclear bombs. There is no real question as to whether the Iranians would use any nuclear bomb under their control to murder 100,000s of Jews in Israel. They have said that they will do it in so many words over and over again in their internal religious sermons. To the foreigners they're a little more diplomatic.

    The American-Ashkanzim alliance is the most productive alliance between peoples in all of history. We, as Americans, will never just sit back and watch fascist demented assholes like the Iranian mullahs murder thousands of Jewish people as we did in the early 1940s.

    There is no comparison between using hacking to destroy nuclear proliferation and using hacking to suppress an embarrassing Hollywood comedy movie. Anyone who thinks that the two are equal is a fool.

    You're a smart person if you're on Slashdot. Don't be a fool.

I'm an old Castro and Che fan from the 1960s. . After having met and talked with many Cuban exiles of my own age who have arrived in my city over the years, I now realize that the entire Cuban revolution was bullshit Things suck there. They are always getting worse. I call bullshit on Cuban government's proposal to 'allow' internet access to its citizens. That country is run by fascist assholes. They will never all access to the internet to ordinary citizens. Only Cuban 'stasi' goon-squad assholes and their trusted weasels will be allowed to view Huff Post or Slashdot.

It has been well known that all Corporate IT security is a complete joke. CIO refuses to spend the money on it, COO refuses to make users actually follow real security procedures, and the CFO loves the "it wont happen to us" line that means they will not have to actually spend money on real IT security.

This is not new, I'm just glad that it's happening in a very public way so that maybe the worthless executives out there will actually listen to their IT experts about the fact that we NEED to spend the money to try and keep the bad guys out.

The line of customers to the $50 battery-swap option will definitely become less steady, yes. Unless you think that there aren't any people who, given the option, would choose to keep the $50 rather than spend it? Granted, these are Tesla drivers we're talking about here, but still ;^)

Okay... next question is: how much would it cost to hire the necessary people to do what was done to Sony? I'm guessing that would be in the range of hundreds of thousands of dollars, possibly up to a million?

Given the amount of money North Korea spends on nuclear weapons development, I don't see any reason why they wouldn't or couldn't spend a relatively small amount on this.

The old guy there was trying to get internet to the island and they threw him in jail. Let's start with forcing the Cuban Government to take bi-polar meds first?

But let's suppose you're right for a moment. This is your shell game. These are companies responding to the incentives you put in place. This is your supposed problem that you created. You have two choices as I see it: eliminate the welfare that leads to these alleged subsidies or suck it up.

I am right. But it's not my shell game, although it certainly is a problem that affects me. You naively assume that I, or more generally, the voting public, have control. I/we do not. First, we cannot craft legislation. This is not a democracy. It is, nominally in form at least, a republic. So we can only vote for representatives. However, the great majority of representatives are immediately and completely suborned and corrupted by corporate influence in the form of campaign support, straight-up bribes, assurances of employment, special deals, speaking engagements, and so on. The companies and other rich, well-connected entities actually set the rules. It is their shell game. It's a shell game called oligarchy masquerading as a republic-in-place. Only the politically naive still believe that it works by shuffling the representatives around. If it affects corporate earnings in any significant way, the tiller is taken from the representative's hands, and the course is set by the corporations themselves. That's how it actually works. I appreciate the warmness and fuzziness that might be grasped by imagining that the government is operating as a republic, but it just isn't so.

I think this is the most obnoxious part of the welfare state. The tool that created the unintended consequence gets used again and again, creating more and more unintended consequences as it goes. There never is any learning from failure by the masters of the tool of welfare. It's always the fault of all those counterrevolutionaries/greedy corporations/Tea Baggers/whatever who don't behave the way they're supposed to behave.

You think this because you subscribe to an illusory model of how things work. Until you become aware of the actual levers and forces of power that are in operation in and upon our government, the actual causes and effects, you will remain bewildered by the surface picture.

If the minimum wage were raised. (1) Business profits will drop -- as they should. (2) Government assistance will drop -- as it should. (3) The real costs of goods would be exposed -- as they should be. (4) The ability to lower taxes arises -- as it should.

Here's the problem: (1) will never be allowed to happen due to (2) (and the actual execution of (4) isn't very likely either.) The reason 1 will never be allowed to happen is that everything from lobbyists to "fact-finding" trips to post-political career sweeteners and far-flung friends and relatives and purveyors of opportunity will be sudden winners in the game of luck, all working to enrich the legislator. They will almost all fold, just as they always do, and the corporate choices become the legislator's choices. And in the process, a great hue and cry will arise from the bewildered, such as yourself, crying "throw the bums out", completely oblivious to the fact that the next set will act exactly the same, because the incentives being offered amount, in the end, to the ability grasp great wealth and power through the auspices of the corporations. There are very few poor legislators by the time their time in congress is over. This is why. Aside from internal corruption like voting themselves the ability to engage in insider trading, of course.

We can't change the game and we can't quit. The finger pointing between left and right is no more than a source of amusement to the corporations. Unless it's a purely social issue, they own enough of the playing field to positively control it. Should it happen that they don't, they will acquire more. They are rich and can concentrate their efforts. We cannot. We have nothing to offer that is legal other than election (generally from pre-selected party members, worse yet), and should we try to play it their way, enriching them and empowering them, even assuming we could, we'd be meeting the FBI immediately.

I can't quite see why this is being made out to be such a scandal. So she asked a colleague if a black guy might be interested in films starring black characters. Okay, it's a bit naive, but scandalous? Really?

It's not like she said anything insensitive to Obama; she merely asked a colleague for advice about how to act appropriately. I'd think that recognizing your ignorance in advance and correcting it would be preferable to ignoring it and then blurting out something stupid/embarrassing to the POTUS.

I'm probably missing some critical detail, but to me it seems like the only thing she's guilty of is not having enough experience interacting with black people in a social context. That's a weakness, to be sure, but if it's a sin then it's a sin that a lot of other people are also guilty of. I think this is a pretty good example of why people are so reluctant to enter any discussion about race -- anything you say can and will be used against you in the court of public opinion.

Which is why you shouldn't say a word until you consult with an attorney.

Where is the "only public enemy number one" rule written down?

Mockery is what we do to political leaders, our own included. Some of us even mock political leaders we support. And that's the test of whether you truly believe in someone or in a system. Everybody mocks people they disagree with, it takes real confidence to mock people you agree with. At least that's the way Americans view things. A leader who can't take a ribbing is weak, and the more elaborate the display of machismo or military trappings the weaker we think he is.