Run around and point a video cam at a cop.

Or ... better don't.

"These specs are now exactly what the client wants, no need to think of eventualities"
"Nobody will ever need that feature"
"I don't need to comment that, it's obvious what it does"
"Once the prototype runs, it's going to be easy"
"I'll do it right, then I'll never ever have to touch it again"
"One last meeting to go to"
"There's no possible way this could become a security risk"
$change + "can't break anything"
"It COULD create a race condition in theory, but it can't happen in reality"

And finally, the ever popular
"I'll just slap something together now so we can ship it, I'll eventually get around to do it right"

I read the GPs statement as "one of the lies I tend to tell myself"

Create a bogus FB account and check it out. I have a few, each for various things I'm checking out.

Join any of the closed but visible anti-vax groups on Facebook. These parties go on to this day.

... meanwhile on anti-vax FB pages that I have gotten into, they are having measles-parties, mumps-parties, and the like. Intentionally exposing their kids to disease.

Yeah encfs is great for live filesystems, no argument there. I meant for archiving and backups of things offsite, should have clarified.

I'll stick with SpiderOak and TarSnap Fully encrypted, zero knowledge from their end. A bit more money but good peace of mind.

Even if it was for a "good cause". Let's for a moment even assume that the NSA is an all-holy entity that could never do anything wrong and that we trusted them implicitly, not because our software forces us to but because we genuinely wanted to.

Note the subjunctive.

Even then the security software would be a security hazard. Simply and plainly because there is (at least) one way to access data that is absolutely beyond your control. You cannot even audit the security level of the entity holding the additional key to your data.

If you need to give your non-tech boss a way to understand the severity, that's like having a general key to your office and the safe with all the highly classified and mission critical papers deposited at your local police force. While by itself not a problem (provided you trust your police), they are not required to give you any information concerning the key's storage or whereabouts. You will not be notified how they themselves will keep that key safe, nor do you get any kind of information should that key get stolen. You will not be notified if some potential attacker or burglar, or even a competitor, gets access to that key, legally or illegally.

ha ha very good!

That's a bit like telling a career criminal that he should better not do a petty crime. Like telling a murderer that it's not ok to steal a car to drive to his victim.

'cause all the money they had went into the product and nothing was left for the PR department?

15. How often do we get to hear about it? I read about it on $otherpage $time ago.

Think about it, next time you wonder how on earth someone could come up with a law that is so far away from reality that it hurts. These people are the same the make laws concerning computers, the internet and everything connected to it. Most of the time taken verbatim from sources that have a rather intense interest in certain laws (aka "lobbying groups"), without even having the slightest idea what their laws will entail.

And this is why the whole crap is in the sorry state it is in today, with laws that are not executable, laws that make no sense, laws you cannot heed and laws that benefit a minority at the expense of everyone else.

And it's only half as dangerous as long as it's just domestic. It gets downright scary, though, when international laws get negotiated. Because one thing is certain: Whatever country can field the ones that can spell TCP/IP without too many accidents will be the one-eyed king amongst the blind.

Even though I'd fear that he'll just be the one eyed dummy that's being remote controlled by some corporate lawyer who DOES have an idea what he's doing.

If I told some bull like that to my boss, I'd be fired. And rightfully so.

Why should someone being paid by your money get away with it?