God I love Stephenson. Just finishing Quicksilver now. And I have to say, as an inhabitant of London, his accuracy on detail and facts is astonishing. I only spotted one potential error, where he seems to infer that the Thames is not tidal, but even that was a stretch and is plausibly deniable by way of the wording used. I may just be a pedant. On Slashdot, natch!

The guy blows me away, definitely should have had a major, major bestseller by now, and am convinced that, if he can keep something down to a reasonable size, he has a mainstream success due to him some time soon.

Very much in agreement.
I spent some time in IT audit for one of the Big 4, and it's always puzzled me that they can issue a draft audit point which if challenged is just taken away. If accepted, lots of monkeys have to run around at great expense clearing it. It seems a bit rich to me that there is no penalty on the auditor for this. effectively they can just rain paper with little consequence, and at potentially huge cost to the client.

Having said that, these firms are partnerships, there is always a partner very close to the work being undertaken, and it's their ass and their money and as a consequence the QA at these firms on their deliverables was exceptional in my experience.

But this is an issue, and I think that legal redress is deperately needed.

To illustrate this, I recall one audit I had to do. It was a follow on from the previous years IT audit a colleague had done for one of the two biggest banks in the country in question. One of the previous years recommendations, signed off on by the business, was the need for Network Intrusion Detection to be put in place. This was actioned, and when I got there they had had an expert working day in day out for months, with a huge budget for some very expensive network taps and headcount for monitoring. I reviewed the point, determined that they hadnt yet implemented the control as of that date, recommending that they proceed and introduce it within the coming year.

At the close out meeting one of the commercial directors ate us alive. The original point should never have been accepted. The banking industry, at that time, hadnt settled on NIDS as a requirement and host based should have been fine. Effectively our sloppy report made them piss millions up the wall for little reason.

Audit reports are clear documents, beautifully built, well evidenced. They always have work papers and test papers behind them. They are perfect candidates for for further inspection in a court of law and I have seen, first hand, instances where they have been harmful and inaccurate and should be subject to this scrutiny. If a process or test was missed off, it will show. Every time.

Yes, it's true that senior management at the bank signed off on the previous years report, but this was in good faith that my firm knew what they were talking about. They didnt, and should have been liable. Why not? Currently they get out of jail if they're right, and they get out of jail if they're wrong. And dont even get my started on the conflicts of interests I saw!

"There was some panic under Mexicans..."

Hey, I know that feeling. Took a Greyhound to Vegas, had to spend six hours wedged under some fat dudes armpit.

er, you're like Walter in Lebowski Dude.

Not everything has a literal connection with Australia, that was very much last weeks story, I hate to break it to you but, as you suspected, the world cares as much for Aus as Aus does for the world. What the hell have bushfires got to do with slave labour, you bibble?

Get a job sir.

I think PoP is anodyne, and the handholding took away any feeling of risk. FC2 I love. Played on hard, just getting to the required map point is brutal but always interesting due to the savagely smart, hard to see soldiers at checkpoints, road patrols, etc. It forces you to think, proceed with caution, and engage the enemy in a real seeming way. If you get gunned down, you are going to retry, and that half hour of terrain doesnt seem boring, none of it does, because the scenery, enemies, and weaponry, are just fun to hang with.

Yep,
'Experts' barely exist. I am one. And I'm not that good at all to be honest, I can barely code a 'hello world' but I've still been wheeled out countless times to point out password lengths arent up to snuff etc.
But I've got seven years experience and I know quite a lot of other things worth knowing, and I've seen some pretty sloppy practice and kicked it into touch.
Still, this book sounds cock. I mean utter cock. The review makes it sound like it is equally as worthless as me, on a bad day, trying to risk assess a three tiered app running on Websphere. They appear not to have a point, and to focus on the now dead legend of management buying the silver bullet / marketing / one stop shop is well out of date. There isn't a manager out there who is dumb enough to believe that you pay money and this crap goes away. They know it's a combination of process, people, and systems in concert that gets you out of the shit, because it's true, and because it is their language, that of business. The book sounds like a squint-eyed techie moan, from people who don't get let out of the back room to talk to the execs very much. This book sounds so far out from reality it may as well be set on the moon, and populated by Sea Monkeys. If they want to sell a new school, they could at least take the trouble to learn the 'old ' one first, instead of passing off vacuous soundbites about China and Hedgehogs or something.