That's because they don't appreciate just how predictable and inevitable those consequences really are.

I'm curious how you read what I wrote and think that is what I am suggesting. I double-checked and I just can't find anyplace where I said we should throw the baby out with the bathwater.

The problem, as I identified it, is that this government does not seem interested in re-establishing mutual trust between itself and the citizenry. If it were interested in that, it could start by increasing transparency and accountability. If it *really* wanted to do that, it could reduce its own size and power (yeah I know, keep dreaming ...) and return to having most governance come from the states.

It's a big issue now because mainstream, average people either didn't know about it, or were in denial about it and preferred to ignore those who tried to bring this to their attention. Or they branded them with labels like "tin-foil hatter" or "conspiracy nut" and the like. It's the standard procedure for how small-minded people treat those who have clearer vision than themselves (they can't just disagree, or be skeptical, they have to denigrate).

Now they can't do that anymore so it's finally getting the attention it deserves.

Yes, that.

Interestingly, I just acquired a Dell laptop from the same lineage as the "clean the fans" song.

There is a cover on the bottom, removable with one screw. Beneath is the heatsink. Just beyond is the fan.

The heatsink itself is copper, and can be easily removed, cleaned/rinsed/whatever, and reinstalled.

Yay.

If you thought your one-liner taught me a valuable life lesson, your smug expectations deserve to be disappointed. What you think you're point out is trivial, obvious, and only a moment's thought reveals why it's wrong.

Characterizing a government is not a "sweeping generalization" like, say, characterizing a race or ethnic group. A government includes those at the top who make the important decisions and those who have chosen to carry out those decisions. This is not a "community", it's a voluntary organization. No one is making any of them behave the way they do. "Just following orders" didn't work at Nuremberg and it doesn't work here, either.

What you seldom or never see is "the wrongdoings of some members" being investigated and prosecuted by the other members. What you often see is that life suddenly gets very difficult and unpleasant for whistleblowers. People choose to work in these positions and to carry out these activities because they believe in and support them.

I'm sorry but portraying corrupt officials and the silent consent of their lackeys, massive unconstitutional abuses such as the NSA spying, and a long list of other scandals that usually result in a resignation at the very worst, as "mean ol Causality picking on poor helpless extremely powerful people" is so goddamned naive.

If by "never" you mean "widely used", then I'm going to go with... nope. Here's the thing -- corporations are what buy most software. Corporations are willing to spend large piles of money on software. And corporations don't want security that cannot be defeated because a malicious person (or a perfectly ordinary employee with an asshole manager they want to get revenge on!) could disable it in a way it cannot be recovered from.

They pay massive amounts of money for support contracts that demand minimal downtime. There's nothing in that contract, or even a single fuck given, to security -- which is why you get convenient fast-recovery options like this... that have the "small" side effect of having giant unpatchable security holes in it. The worst of it is, the patch will probably take some custom (weak) hashing function that generates a unique password based on the serial number of the device... like so many other first responses many other vendors over the years have implimented... and then someone will figure out the hashing function and you'll have to run a 'keygen' then and probe the SNMP interface before doing the exact. same. goddamned. thing.

The balance between security and convenience has always slanted heavily towards convenience. Saying "proprietary software" is to blame for this is disengenuous at best. Open source software tends to be used by people who give at least half a fuck about security -- but look at the projects that have gone mainstream. Firefox, for example, and it's attaching NTFS AD streams to downloaded files (just like internet explorer!) and integration with internet options (just like internet explorer!) control panel... all to please their corporate overlords. Oh, and bonus -- you can't override it. So if your corporate overlords screw up, Firefox is just another target waiting to be exploited. And the list goes on. The reason why open source appears more secure is because the people who use it are somewhat more experienced. It has nothing to do with open source itself -- it is purely the people who are using it that have created a (albeit imperfect) culture of security around the products.

Sweet! Thanks.

I'll keep that in mind as I continue to not buy or specify HP products for a myriad of other reasons.

(That they killed Alpha and whatever was decent about Compaq was already sufficient. Nevermind the fact that their laptops are the least-service-friendly machines I've ever laid a screwdriver on. Or the crazy bullshit computers that I've wasted countless man-days troubleshooting unique problems on in the late 90s. Or the home-oriented desktops they once built which were impossible to open the case on without subjecting them to severe punishment. I don't care if they're "better now," especially now that it seems plain that they're getting worse: I never bought 'em, never will.)

(Hay! Without HPAQ/DEC/MSFT's misgivings, we could have been doing the 64-bit OS dance fifteen years ago and had it all settled out long before now! Instead, Windows 8 still comes in a 32-bit incarnation.....)

Well, I know what this poster was thinking: "Quick! First post it, before someone else who can type faster than 9 words a minute writes an insightful and informative post giving away the secret sauce!"

Non-bullshit, redacted by lawyers version:

Anyone with access to the NAS over the network and an SSH client can enter a username and password, gain elevated privileges to the cluster, and while not allowing access to the data directly from that interface, access can disable the cluster or delete all the data within it, as well as wiping out partition information, etc.

Dear sir, I do believe that you are an idiot. Good luck with your island, lest they with the bigger guns take it from you.

The password you're looking for is badg3r5. So there. Go forth, my minions! In other news, Slashdot's corporate overlords apparently no longer believe in full disclosure, as it had in the past, and now omit critical information probably because their lawyers have more say in the editorial process than the submitter, editors, or anyone with a clue to spare. :(

The most recent statement from HP, following another warning from Technion, admitted that 'all HP StoreVirtual Storage systems are equipped with a mechanism that allows HP support to access the underlying operating system if permission and access is provided by the customer.' While HP describes the backdoors as being usable only with permission of the customer, that restriction is part of HP's own customer-service rulesâ"not a limitation built in to limit use of backdoors.

Without reading TFA, which I expect to be even more sensationalist crap:

I grok this to mean that a backdoor exists for customer service, which can be activated by a customer (by two factors: permission and network access), and that without action on the part of the customer, said backdoor is closed.

Did I miss something?

If so, please synopsize in non-sensationalist terms.

Indeed, whatever the case: Please post a not-purposefully-scary summary of the actual problem below, because right now it sounds a whole lot like the not-backdoor that Remote Assistance is under Windows.

The people are demanding that. The politicians are claiming that the people are demanding that.

(I assume this is a typo or an error of omission, and that you meant for there to be an aren't in there somewhere.)

You haven't heard the friendly, give-you-the-shirt-off-their-back folks I know who rail against "them Muslims." They live in the midwest and don't really do anything but work every day, live simple lives, and go to church on Sunday. They seldom leave the county for anything, let alone the state or country.

The anti-terrorist tactics don't affect them at all because they're completely unexposed to them. But terrorism (at least as a concept) is a threat to their simple and repetitive lifestyle (not that there is a single thing wrong with being simple and repetitive) so they're vehemently against that, at any expense, especially if it does not affect them.

These people (they are my friends and my neighbors) also vote. It's not that they don't care about freedom -- they're usually a very patriotic bunch -- but that they can't or won't see how their fellow countryman's freedom is also their responsibility.

*shrug*

(You wanna borrow a pickup truck or a trailer or a power tool or a ladder or need a place to stay for awhile? You want help swapping out a transmission or moving heavy things from A to B? These are your people, no questions asked. And they just don't see that the terrorists have won -- the win does not affect them.)

The distinction isnt subtle.

To be honest, I think it is a bit subtle. Fortunately for the distinction itself, English allows for it to be both subtle and profound.

Yes.

If the day ever comes, the people in charge of these telecoms need to be the first ones put up against the wall.

Well, maybe the second ones...