Thailand's Rangers Task Force 45, in response to Army policy, has put its troops to the task of promoting and protecting the monarchy in cyber space, ...

Retweeting Private Ryan.

And yet that made sense to someone in their military.

If you read what I wrote carefully, you'll see that I was talking about the inability of science to do something, not religion's ability to do things.

That part is okay. It's accurate.

Which is why the belief that the universe started with a big bang, for example, is faith-based.

Bullshit. That's wrong.

Science is falsifiable.
Faith is NOT falsifiable.

The CURRENT model says that the "Big Bang" was the origin of this universe. But that model is based upon specific, identified observations and experiments and PREDICTIONS.

Now that model may be incorrect. But whatever new model replaces it will still have to account for all the specific, identified observations and experiments and PREDICTIONS that formed the basis for the "Big Bang" model.

First off, demand that every software vendor provide a list of files that their product installs, where those files are installed by default and different checksums/hashes/etc for them.

It should be possible to boot a machine with a live CD (or PXE) and inventory every single file on that machine and identify the origin of each of them.

At least you'd know whether a machine was cracked or not.

Right now, with existing anti-virus, all you can say is that a machine does not have anything that matches the signatures that you have right now.

No movement to outsource the management of the machines to outside cloud services?

Of course there will be.

And there will be the opposite where things that were moved "to the cloud" are being brought "in house".

It's the beautiful cycle of IT.
Outsource to save money.
Insource to provide reliability/accountability.
Repeat.

That may or may not happen where you are, but there's a lot of it going on, and it invalidates much of your list.

It depends upon which part of the cycle the company is on.

Remember that CIO's do not get credit for "maintaining the status quo". They have to identify and "fix" a "problem".

Accounting servers are expensive and techs to maintain them cost too much. Move it all to the vendor's "cloud".

Can't write paychecks because someone is DDOS'ing that vendor or the ISP flooded or a backhoe cut the fiber? Better bring it in house.

Because telling Bin Laden the date and time we were coming for him probably isn't a good idea?

Seriously? You think that the NSA had metadata on bin Laden's calls? But not the content of those calls?

From that article:

This renewal is carried out by the FISA Court under the business records section of the Patriot Act. Therefore, it is lawful.

Lawful is not the same as Constitutional. I'm pretty sure that our Founding Fathers would NOT have supported this.

As you know, this is just metadata.

If it is "just" anything then why are you so concerned about collecting it?

The information goes into a database, ...

That's even worse. They're COMPILING information about citizens without even having a "reasonable suspicion" about those citizens.

... the metadata, but cannot be accessed without whatâ(TM)s called, and I quote, "reasonable, articulable suspicion" that the records are relevant and related to terrorist activity.

Who cares? If there is "reasonable, articulable suspicion" THEN you go after the records. With a WARRANT. And the warrant IDENTIFIES those SPECIFIC people you have a "reasonable, articulable suspicion" of.

As you know, and Iâ(TM)ve pointed out many times, there have been approximately 100 plots and also arrests made since 2009 by the FBI.

Go on ...

I do not know to what extent metadata was used or if it was used, but I do know this: ...

If YOU do not know then who DOES know?

And if YOU do not know then YOU should not be trying to IMPLY that there is any link between collecting this information and cracking any plots.

I do not know to what extent metadata was used or if it was used, but I do know this: That terrorists will come after us if they can and the only thing we have to deter this is good intelligence.

More of our people die when their own family kills them than die from "terrorists" in the US.

If "the only thing" that will protect us from these "terrorists" is collecting information on our own citizens then I am willing to take that risk.

My first question would be WHY do these have to be SECRET? If there's a legitimate need for the government to access them then why not be open about it?

Fascism begins when the efficiency of the Government becomes more important than the Rights of the People.

That is correct for home users.

But for corporate users, a system level exploit allows things like installing sniffers and key loggers so that more passwords can be collected. Including the admin/root passwords.

Which can be used against the computers in the Accounting department to transfer money from the corporate accounts to "money mules".

With 8 people, you get the results of 4 people !

So a basketball team with 4 people will tie a team with 8 people 50% of the time? (all individual skill levels being equal)

Or a tug-of-war competition between two teams (one with 4 people and one with 8) of people with similar physical builds will be a tie.

I always took Ringelmann's findings as support for "work expands to fill the available time" rather than an upper limit on a group's capabilities.

But WHY does it take longer when you add more people? The answer is "communication channels".

And they follow the formula of (n*(n-1))/2
So 1 person has 0 communication channels to maintain.
3 people have 3 channels.
5 people have 10 channels.
And if the EXACT same message is not present upon every one of those channels then problems start.

So the key is NOT to focus on 10 communication channels between 5 people but to focus on reducing the scope as quickly as possible so that fewer people are needed. And the means that your best programmers can spend more of their time programming and less on maintaining communication channels.

But when processes are so amateurish, as in the anecdotes provided in the fine article, ...

Emphasis on that. Crappy data leads to crappy conclusions. And her "data" is extremely crappy.

From TFA:

In another team of seven or eight people, developers were encouraged to do whatever they felt like ... which turned out to include, "Have every developer write code in a different language."

I count at least two WTF's in there. You wouldn't build cars engineered around blind people would you?

Also from TFA:

The best of those indicators? The one that most commonly predicts quality results? Good team communication.

So a baseball team or a football team with good communication should be able to crank out "quality" code. Wrong. And that gets back to the crappy examples she uses. Just because communication CAN be the biggest problem in a given situation does not mean that communication IS the biggest problem for all situations.

Seriously, what programmer would not ask which language was being used? Or not have MORE questions when the answer was "everyone uses whatever they want to".

The weird part is that he keeps posting things like that and they keep getting mod'ed up. Here's his page here:
http://slashdot.org/~SplashMyBandit

Not mod'ed "flamebait" or "off topic".

Is this something on /. to generate more page hits by mod'ing up anti-UN / anti-Islam / conspiracy rants?

However, for those that think the drones should be removed, just what do you propose to replace them with? or are you ok submitting to the Islamic political order under Sharia (which is the stated and published goal of the OIC, if you care to listen:

So you believe that the ONLY alternative to drone attacks is to convert to Sharia law?

Who, exactly, is going to impose Sharia law on the US? And I don't mean who would LIKE to. Who, exactly, has that capability?

The OIC realised it can't get its agenda through sovereign national parliaments - so what it is doing is manipulating the UN and then the resulting treaties will then be applied.

How about you look up who has veto power at the UN. Here's a hint, the US is one of them. If we don't like it, we can veto it.

There is a shadow war for freedom that is going on right now. If you don't stand up and argue for your liberties then the OIC (through the UN) *will* progressively take them away - it may take decades, but they are determined to reach their goal (Sharia) because it is a matter of faith for them.

Exactly HOW is ANYONE going to replace any part of the US legal system or Constitution with Sharia law?

And if it's about "detective investigates X and finds vampire" then there's even more stuff out there.

But it wasn't a real vampire. Just someone faking it for an alibi or an insane guy who believed he was. But it wasn't a real vampire.

Dum dum DUMMMMMM!

Or WAS it?!?

Anyway, how about a list of clichés that you do NOT want to see in a vampire movie? Mine are:
1. Vampires dress normally. NOT like they just left the fetish party.
2. Vampirism that does NOT seem like most of the people in the world would prefer that to their current existence.
3. The vampire "lives" in a place that seems reasonable. NOT a castle or a mansion that looks like a castle. People tend to inquire as to who owns huge estates.

Besides that, one data leak and it's the CEO's who's job will no longer exist.

Maybe. Maybe not. It depends upon how well he (or she) can spin it.

And the easiest way to spin it is to blame you.

So if you're having trouble getting the CEO to support the "NO BYOD HERE" policy then start hunting for a job with a more informed CEO. Leave that job and that CEO to one of the BYOD advocates. Let them deal with whatever loss happens.

... I'll have another job by next week anyway.

Maybe. It depends upon how high profile the loss is. It's easier to get a different job BEFORE the story about how the company lost $500,000 because someone in Accounting brought in an infected laptop and the CxO's and BoD are all claiming that it was your fault. Be proactive.