Given the relatively low pay (compared to business/corporate work, usually < 75% of the pay) and the high friction (incredibly lengthy interview/background processes) to get into a government job. It doesn't come close to optimizing for skilled, competent, go-getter types at all.
The above is why I generally (some military and police exceptions) don't trust people who worked in government for more than a couple years in terms of hiring/interviews. They're horrible systems to work in at times and it's often better to work for adjacent consulting companies in the space than the agencies. Not that it's always the case, some states/counties/cities are better than others.
In the end, it doesn't surprise me at all. Generally I don't consider something backed up unless it's on 3 different mediums/devices in at least two distinct geographic locations. Beyond this, it's better to drop to a relatively secure location, and have your backup infrastructure pull from that drop location into the backup system. This is a better separation than push, which a compromise like this could effect backups as well.
Disclaimer, I do work in a company that provides services/hardware/software for govt work. My opinions are my own and do not reflect the company I work for.
Well, people get robbed, and can't expect to never be robbed... does that make it okay for the police to break into someone's home without a warrant and go poking around?
I'm not sure why one of these big sites haven't been hit with a class action lawsuit... the website is responsible for the content it delivers... period. Especially when they force users to disable their ad blockers.
It seems to me, that someone who got an $xxx ransomware, or paid the nerd herd to remove malware from their computers could be the base of a class action lawsuit... That's what it will take to get this crap to change is to actually hold one of these larger media sites responsible.
You have the right to be protected from "unreasonable" search and seizure... The argument is being held that these searches are indeed reasonable. No other argument really needs to be made here, and all the legal fumbling by the TSA etc is stupid.
That said, I personally don't feel that it's reasonable but that is open to interpretation. If there was a sign, when entering that spelled out the TSA's assertions, there would probably be less objection to it.
I really wish that people would get over the paper thing... The vast majority of trees cut down for paper use, are using farming methods.... for trees cut down, more are planted. We can simply grow more.
I mean, we don't try to stop people eating vegetables because the poor carrot fields are being destroyed by harvesting.
I think it depends on the communications channels... up until fairly recently, the telecom companies providing the data connections between sites were relatively well trusted. Today, that is not the case.
Sometimes pragmatism outweighs absolute security... ex: if you use say scrypt for a popular website's user passwords, it could lead to an increased vector for DDOS attack. Vs. something slightly lesser (or lesser settings for scrypt) which would be "good enough" for today/tomorrow, but maybe not in 5 years.
I avoid watching the Olympics, as well as not buying from "sponsor" companies while the Olympics is going on... if there is an IOC logo on it... no sale. I'm a little less militant about it when the Olympics aren't in session.
It's worth pointing out that VAC isn't really DRM so much as a cheat detector. Steam does have DRM, and it has cheat detection. What this is for is to detect people using hacks and cheats on multi-player servers to keep people on a level field so to speak.
I remember the original Team Fortress mod for Quake 1, and when people would use cheat systems to be able to respawn by the enemy flag, or take extra damage. It made the game not fun at all. I'm glad there are systems like this in place, even though I don't play games so much any more.
If I had a time machine, I'd make an effort to convince the founding fathers that any and all votes by congress and signing into law by the president any federal law, said voter/signer would need to be present for an oral reading of a given bill before being permitted to vote on it.
I have to completely agree here... I was with AT&T back in the early 00's, and had such a horrible experience with them, you couldn't pay me to use them again. At one point, they actually called me and offered to upgrade in the middle of a billing cycle on a family plan that was going to go over the allotted minutes. ($10 more a month is a lot less than overage charges)
I'm currently using Simple Mobile (an MVNO that uses T-Mobile)... the only thing I miss is the conditional call forwarding, but T-Mobile pre-pay doesn't offer it either, only their subsidized accounts.
I've also been buying my cell phones outright for a few years now... T-Mobile is much more transparent than most of the other carriers on pricing, and really doesn't gouge like the others.
I'm currently using a Nexus 4, and after 2 years of use, the end of this year, and using an mvno, I'll have saved $720 on the cost of service, more than paying for the phone, and that's just comparing to T-Mobile's subsidized pricing, not to mention AT&T or Verizon. I will say when I travel a couple times a year, I wouldn't mind having Verizon's coverage, but prefer a GSM carrier.
I used to work at a company that wanted to be able to track ads in 30 second intervals, where a "sponsor" company would be the only advert a user saw for the whole visit. The max charge/billing was 5 (or 15) minutes iirc... It was actually a creative way to do the ads, and all the ads being for the same company was consistent. None of the existing ad networks supported this model, so we rolled our own. It wasn't very difficult and our billing was pretty transparent. The plus side is coming from the same set of servers they were less likely to be blocked, and not injection of scripts.
The ad frames themselves reported back, in addition to the parent. This gave us muck better insight than we got from ad networks. Too bad more sites don't revert to this, especially big guys... Ad curating your own site is important, and as much as they can generate the likes of ad networks isn't well curated.
The service industry would become more expensive, and trades like plumbing etc would still continue. Even if you tax everyone at 50% and everyone gets the base wage + 50% of what they earn, anyone who wants more will work. I make a pretty good salary at my day job, and still do side work. People like toys, and new shiny things. I like my 65" TV, and computer, and nice car etc.
People will still work, it's just the people doing the jobs are likely to be those that *want* the extra income.. not those that *need* any income. Meaning the quality of service you receive will likely be better.
Why start at $250k? Why not just tax everyone at 50% and everyone gets the minimum income check... far less bureaucracy, and absolutely no tax deductions/incentives period.
I, personally feel that no matter how much a person makes, they shouldn't lose over half their income to the government.
If it's so easy to tell, electronically that these images are the same, even if their graphic signatures are different, and they are from different urls.. perhaps you could write a program that can crawl the internet for them, and alert you when new ones arrive, and have a one click request to remove... I'm sure there will be no chance of other images being detected in error at all.
Like the blackout... just put a notice up saying, "The government is using our data to spy on you." With a details page stating that they can't tell you how much, because they aren't allowed, then link to articles regarding the Snowden links.
I think that working around CAs and allow self-signing via DNSSec is probably the first step... the biggest points keeping out broader SSH are shared hosting (multiple IPs, one IP), and the CAs, which if compromised, may as well be public.
Generally poorly staffed govt IT.
Given the relatively low pay (compared to business/corporate work, usually < 75% of the pay) and the high friction (incredibly lengthy interview/background processes) to get into a government job. It doesn't come close to optimizing for skilled, competent, go-getter types at all.
The above is why I generally (some military and police exceptions) don't trust people who worked in government for more than a couple years in terms of hiring/interviews. They're horrible systems to work in at times and it's often better to work for adjacent consulting companies in the space than the agencies. Not that it's always the case, some states/counties/cities are better than others.
In the end, it doesn't surprise me at all. Generally I don't consider something backed up unless it's on 3 different mediums/devices in at least two distinct geographic locations. Beyond this, it's better to drop to a relatively secure location, and have your backup infrastructure pull from that drop location into the backup system. This is a better separation than push, which a compromise like this could effect backups as well.
Disclaimer, I do work in a company that provides services/hardware/software for govt work. My opinions are my own and do not reflect the company I work for.
So, if a criminal...
Class Action Lawsuit
It seems to me, that someone who got an $xxx ransomware, or paid the nerd herd to remove malware from their computers could be the base of a class action lawsuit... That's what it will take to get this crap to change is to actually hold one of these larger media sites responsible.
It's "unreasonable"
That said, I personally don't feel that it's reasonable but that is open to interpretation. If there was a sign, when entering that spelled out the TSA's assertions, there would probably be less objection to it.
Also, paper is a renewable resource.
I mean, we don't try to stop people eating vegetables because the poor carrot fields are being destroyed by harvesting.
It depends
Sometimes pragmatism outweighs absolute security... ex: if you use say scrypt for a popular website's user passwords, it could lead to an increased vector for DDOS attack. Vs. something slightly lesser (or lesser settings for scrypt) which would be "good enough" for today/tomorrow, but maybe not in 5 years.
Just posted warnings on Amazon.
The government needs to take at least partial responsibility for drunk driving...
The government, in my view, do need to take some responsibility for this because they provide the facility which enables this to happen.
Says you...
VAC !== DRM
I remember the original Team Fortress mod for Quake 1, and when people would use cheat systems to be able to respawn by the enemy flag, or take extra damage. It made the game not fun at all. I'm glad there are systems like this in place, even though I don't play games so much any more.
One change to the constitution...
No twelve thousand page laws would be voted in...
Demolition Man
Re: T-Mobile >>> ATT
I'm currently using Simple Mobile (an MVNO that uses T-Mobile)... the only thing I miss is the conditional call forwarding, but T-Mobile pre-pay doesn't offer it either, only their subsidized accounts.
I've also been buying my cell phones outright for a few years now... T-Mobile is much more transparent than most of the other carriers on pricing, and really doesn't gouge like the others.
I'm currently using a Nexus 4, and after 2 years of use, the end of this year, and using an mvno, I'll have saved $720 on the cost of service, more than paying for the phone, and that's just comparing to T-Mobile's subsidized pricing, not to mention AT&T or Verizon. I will say when I travel a couple times a year, I wouldn't mind having Verizon's coverage, but prefer a GSM carrier.
I wish they'd DIY it
The ad frames themselves reported back, in addition to the parent. This gave us muck better insight than we got from ad networks. Too bad more sites don't revert to this, especially big guys... Ad curating your own site is important, and as much as they can generate the likes of ad networks isn't well curated.
Re:
People will still work, it's just the people doing the jobs are likely to be those that *want* the extra income.. not those that *need* any income. Meaning the quality of service you receive will likely be better.
Re: Canada did it too
I, personally feel that no matter how much a person makes, they shouldn't lose over half their income to the government.
Re: French Court and Google
Just put up a notice on the home pages...
DNS Sec + Signing
Isn't Time Magazine...
More comments from tracker1 >>
Techdirt has not posted any stories submitted by tracker1.
Submit a story now.
Tools & Services
TwitterFacebook
RSS
Podcast
Research & Reports
Company
About UsAdvertising Policies
Privacy
Contact
Help & FeedbackMedia Kit
Sponsor/Advertise
Submit a Story
More
Copia InstituteInsider Shop
Support Techdirt