I agree structurelessness is problematic, but there are structures that work which are less hierarchical than traditional boss-and-subordinates tree-styled management structures. A common feature of Scandinavian workplaces, for example, is a set of committees with precisely specified areas of competence. It is relatively non-hierarchical but very structured and transparent: rather than informal cliques taking on different roles, formal committees with procedures take them on. Overall it works pretty well.

Bingo.

I'm about to launch my own kickstarter campaign, and one thing I gathered from the tons of advise that is out there by now is that you absolutely have to be clear on your goals and stretch goals.

If at all possible (it's a lot easier with software than hardware), do what the parent said: Release what you promised and then invest the additional money into a free expansion pack.

With hardware, I don't get why people invest feature creep at all. Your backers funded the item that you promised, and that is what they should be getting. Giving them more is as much lying as giving them less. To a certain extent you can invest additional money in simply improving the quality, using better materials, better tools, etc. but beyond that, pocket the money and invest it in version 2.

As someone else already said: You can not give someone access to data while not giving them access to data.

What you can make a hell of a lot more difficult is the ability to get the data out in any other way than inside someone's head.

At the extreme range, allow people to enter and exit the building only naked, changing into work-clothes on the inside that never leave the building. Don't forget cavity searches.

Oh, wait - you were planning to run an office, not a prison? That's gonna make things a little more tricky as human beings tend to be picky about archaic things like dignity.

The non-bullshit answer is basically this: The freaking NSA fucked this one up. If you really think a random collection of hints on /. is going to give you a better shot, you need to be fired.

Update your security policy regularily and monitor compliance. Do a good job. Stop worrying about the Snowdens of this world, because there's like one every decade. But users looking for shortcuts, managers wanting a dial-in connection from home, admins leaving the firewall wide open after a change, developers using test-configurations in live, all these things are happening every day. Worry about them.

Might as well reopen the Star Chamber while they're at it.

Try to find a machine without Windows 8 on it, if you can do so. That way you don't pay Microsoft any money for their misbegotten operating system. This is becoming ridiculously difficult to do and can only get harder as time goes by.

Pretty much being an asshole to helpdesk people is the only way to get results. Most of those guys are just trying to get you to go away in 10 minutes or less so they can make their call stats for the week. Back in the day you might occasionally get someone who knew what they were doing, but that was back before the outsourcing craze pretty much guaranteed you were talking to a guy in a call center that also serves as helpdesk support for Hoover vacuum cleaners. He probably doesn't know that much about vacuum cleaners, either.

So this defines your relationship with that poor bastard. You have some broke-ass shit that needs fixing, and he is there to make you try to give up and fix your shit yourself. Now you could attempt to do that, and most of the time you're some wanker who just needs his hand held while he RTFMs. But sometimes you legitimately have some shit that needs fixing. If you KNOW you're a person who needs actual help and you KNOW about your relationship with aforementioned poor bastard, your only choice, really, is to beat that guy like he owes you money. I suppose alternately you could attempt to explain all this to him, but that would take a good bit longer and he really does have call stats he needs to make.

It would be nice if the process could work in such a way that you didn't HAVE to be an asshole to someone, but I guess that's just the way the world works.

Yelling numbers in a public square is not exactly forging an ID.

NSA shill? Hah. Seriously? I'm sure the NSA has better things to do than troll slashdot. I'm not any happier about what the government has been doing behind people's backs than anyone else here. I just don't think that's the point of the post at all (since if it was, it's a fairly pointless post and the submitter's are usually pretty good). Reading TFP confirms that.

And bigoted... I do not think that word means what you think it means...

Anyway, you must be new to slashdot. The sensationalistic title rarely matches the content of the submission. Pretty much like most articles in the media these days...

Well, hopefully it's too soon to name any victims yet... though I have to say I'm glad to see the scope was extended to a larger, more in depth adventure game, almost all of his others have been well worth it. Then again, I'm fine with waiting until it's actually finished to buy it...

And, I suppose in the end that's why TFA asked it... like the vast majority of the media (even many of the ones actually leaking Snowden's information) they really aren't all that interested in the answers, just making money off of of the publications...

The usual over-sensationalistic headline says that, but if you actual READ the details (it's not hard, most of it is right up there at the top of the page!) it says:

"when it comes to protecting a business's data, organizations more often focus on threats from the outside. But when a trusted employee or contractor uses privileged access to take company data, the aftermath can be as catastrophic to the business or organization as an outside attack ... What do you think the best way is to lock down a system against malicious insiders?"

"should" being the keyword there.

Your average windows admin in your average corporation can access all the company data if he wants, including the CEOs e-mails with his mistress. Yes, that is badly set up security and compartmentalization, but it is also reality.

With all respect for the NSA, they are unlikely to be perfect. It is not unlikely that Snowden had more access than he strictly should have been. In fact, it is the more unlikely claim to believe he didn't.

The question is phrased wrong if you ask how he could have had access to something he wasn't working on directly. Assume that the permissions and restrictions were not perfect, because they rarely are. The correction question is not if, but how wrong they were. How much access to stuff he did not work on can we assume he had? Some, much or a whole lot? Both "none" and "all of it" are unlikely answers.

They are officially asking the US to explain itself, which is even more unlikely if they had not, in fact, found bugs.