In this case, it's not that simple.

It's an industry issue. Building automation has been changing from a mechanical, trades-based industry, to a data-driven, high-tech one much more rapidly than the workforce.

The majority of controls technicians have little networking knowledge, even less programming knowledge, approaching 0 design knowledge, and absolutely no data and computer systems foundations yet are pretty well versed in the mechanical systems, engineering, electrical subtrades group. To be a good controls tech these days you need a LOT of all those other things and giving a damn about security requires one to understand why it's important. Most techs assume that if there's a password, it's "secure enough" and "not my problem" yet the systems are extremely complex (for good reason). This Niagara issue is primarily a bad-practices issue as the other poster mentioned. The Niagara Framerwork is not DD-WRT or other such network tool, it's much, much more complex than that and properly securing a system requires some study, some planning (this is almost always missing) and some deliberate attempt to understand the many different levels of access permissions that need to be granted to a system depending on the function of the person logging in. Furthermore, even IF the controls tech from the vendor has done the appropriate work to properly secure a system, once it's turned over to the facility and their maintenance, you're relying on the operators who are by no means experts in the field, to continue to administer the system, issue users and access privileges and maintain some kind of access policy. Can Tridium do more? A little, but not a whole lot. You can already use SSL, HTTPS and certificate based security for all your connections if you wished. You can already granulate the access to every single resource in a system. They could make it more obvious to change the platform (OS level) access, but it would only go so far because the likelihood of vendors making that password universal across all sites is very, very high. There are good eggs out there, don't get me wrong, but as usual, the problem isn't the system, it's lack of knowledge.

For all computer, network and design folks out there, if you really want to challenge yourselves and discover a world you've never even considered existed, try the controls and building automation industry. You need to know a lot of different things, know them really really well, but if you do, you'll print your own money.

I'm going to try and address the "Where do you see yourself in 5 years question?".

I work in an industry where the training required to take someone off the street and be able to fully use them in production is almost a minimum of 2 years. 5 years is about the time someone will become comfortable with the skill set and problem solving paths needed to take in order to work independently. Of course, time varies with the dedication and uptake of the candidate, but the bottom line is that the company has to commit to a substantial time and training investment in you, as a new hire, before it can reap the benefits of hiring you. Not to mention project management and planning for production on such a long training path is a real challenge for the employer. These are not skills you can learn at a school, university or college. Therefore, it is very, very important to assess if the employee is interested in a stable, long term career path rather than just coming in to collect a paycheque. It is very rare that hiring someone means that they'll come in the next day and suddenly they'll make you money. The balance is substantially tilted the other way for a considerable amount of time and a long term plan (the 5 year question) has to ensure a return-on-investment with that candidate, otherwise everyone's time and money is wasted.

Next time you're asked that question, try and figure out if they're just reading it out of a book, or if they have a really good reason to ask. You might be surprised.

If it's BC, I agree with the original poster. HST isn't the plight it's made out to be. I also agree with you that the sneaky way it was brought in, and then the detestable way it was defended, have made it look really bad. HOWEVER, I do not really begrudge or blame them for it. Who will get votes by saying they will introduce a new tax? Even if they'd describe how the new tax is better (which it is), people would only hear "new tax". You know how I know? Proportional representation voting referendum or STV as they tried to call it. Twice they tried, and twice, we as a province, failed to vote "sufficiently" in favour, because people only hear that which they fear if a politician speaks it. As soon as you run for any kind of office, you are no longer a regular person, and the words you say no longer hold the weight of any wisdom, foresight or common decency to the electorate. To them, all you say is tainted by self-interest, greed and dishonesty.

So to all those that signed the anti-HST petition, and to all those that didn't bother look at their daily bills to see how their taxes have actually changed, and to all those who forgive the businesses that have the gall to sit there and say prices are higher because the HST without even a blink to say they'll pass on the savings that the HST provides on the back-end of the business, I say a resounding "grow up and get informed". I don't blame people for not knowing. I blame their lack of desire for insight, and doing any of the work it takes to know these things. As a voter you can't sit on your butt all day and hope the talking heads on TV will always give you the info you want. Sometimes you have to do something for yourself. And when you are informed, and you find out that even though a seemingly slimey, slippery, son-of-a rammed something through in a rather unpleasant way, maybe just let it go if it happens to be a good thing for you, your neighbour and everyone's future in the long run.

I apologize for going on this off-topic rant, and the tongue-in-cheek innuendo at the end. Carry on.

Yup, it took us just over 7 years to "finish" Marathon:Resurrection. I say finish in quotes because these sorts of things are never really finished, but after 7 years we actually managed to finish up all the levels, monsters and story, so it was done. We still want to polish it some more, but life happens...