"Just want to get rich and give you fucktards in the West the middle finger. [...] human society deeply disgusts me."
Yes. No thanks to egoists who just want to get rich and give everybody the finger...
A bug-hunter who previously disclosed Windows security flaws has publicly revealed another zero-day vulnerability in Microsoft's latest operating systems. The discovered hole can be exploited by malware and rogue logged-in users to gain system-level privileges on Windows 10 and recent Server releases, allowing them to gain …
Sorry, but "everybody is a greedy a**hole" does not fly as a good excuse. But, yes, there are too many of those, good description of what is wrong. But essentially, by stopping using that excuse and trying to be a decent human being things might improve - maybe only on a local level, but hey, that's a start!
(still, I totally support going BOFH on those who deserve it - isn't it ironic, don't you think?)
"the main problem in the West are greedy people who just want to get rich, and don't care about anyone else"
WRONG. You are merely pandering to the "bourgeois vs proletariat" (i.e. communist manifesto) perception of "us vs them" and if you believe that, you're circulating your misconceptions amongst those who agree with you, and it proves NOTHING.
If you want to get down to it, the problem is the same one that's been there as long as there have been humans: A small group of elitists MANIPULATE PEOPLE and seek to CONTROL THEM, usually for nefarious purposes. Usually you find them in GOVERNMENT. People in BUSINESS, on the other hand, generally see everyone else as CUSTOMERS and, if they're smart, treat them accordingly.
A good customer is like gold pressed latinum. yeah even the Ferengi would agree.
People act according to THEIR OWN SELF INTEREST. period. I guarantee you there is NOBODY out there so altruistic (except maybe Jesus) to put EVERYONE ELSE ahead of himself and be self-sacrificing, etc. etc. etc.. Even those who jump on grenades have a self-interest in mind, such as "do it for the Corps/Country/friends". It may even be a matter of PRIDE. And this is _NOT_ a BAD thing... it is a GOOD thing!
So if you assume people act according to their own best interests, those in business WILL make money [because losing money loses the business, duh] and they will pay their investors, who ONLY invest to earn money, and their employees, who ONLY work to earn money, and so on. Then when the free market determines the proper return for investments and what wages the work is worth [and not gummints, special interests, unions, etc.] then we're ALL better off, because it works _WITH_ human nature and not AGAINST it.
SO if you you're looking for a SOURCE of "the problem", start with GUMMINTS, then ORGANIZED CRIME (almost the same as 'gummints' in many cases), then SOCIALIST ORGANIZATIONS and those who donate to them [i.e. Soros], as well as WHINY ACTIVIST JUDGES (and their l[aw]yer buddies) who ENABLE much of this.
Yes, Bob, but the problem with the US at the moment is you have an awful lot of large IT companies for whom the customers are advertisers and politicians, and the likes of you and I are the sheep they want to shear.
You ought actually to read Marx instead of thinking you know what he said, because he explains how capitalism works. And he isn't wrong, in fact he forecast later developments pretty accurately. Which is why the cons and neocons made a bogey of Marx; because they didn't want the sheep reading the book and understanding the function of the shearer.
Marx foresaw that capital would end up in fewer and fewer hands and that therefore they would control ever more of society, battening on people by controlling the supply of housing and food. If you have a monopoly or a combine monopoly of essentials for life, your customer retention is not a problem.
I have a vote in elections for the government, I have no vote in Facebook and no realistic prospect of buying enough shares to control it.
> forecast later developments pretty accurately
Which ones? Stalin? Pol Pot? Mao? Gulags? Katyn massacre? Great Leap Forward? The systematic rejection of individual choice in how to be governed, i.e. democracy, as implemented by his subsequent followers? The total failure of planned economies, past occasional initial success phases, time and again? Inquiring minds would like to know.
Unfettered power, by corporations, individual or governments has an extremely high risk of abuse. Dogmatism and the claim to know better than everyone else is one way to get there.
On the other hand, whatever you think of modern capitalism, it has had to tone down, or at least cover up, its greed a bit since the 1850s and Marx was very much a driving force behind things like unions or paid holidays getting adopted. Sure wasn’t the robber barons’ first choice.
I have a vote in elections for the government, I have no vote in Facebook and no realistic prospect of buying enough shares to control it.
A vote in elections is not quite enough to control the government either. But otherwise your point is valid: one is accountable to the public (more or less), the other is accountable to no-one by biggest bidders. In theory.
You are right and right and right. Its the first in years outside academia that I see someone actually talking about Marx with any knowledge of what he postulated.
I must add to your point that where history proved Marx wrong is not regarding his prediction on the trend in capitalism... Its was his prediction that the poor and powerless would somehow be organised and develop a common identity and rise up against the capitalist. In modern societies, they instead kick the dog, beat their wives, shoot their neighbors and drown their sorrows in drugs, the bottle or TV...
Mr 'Bombastic',
You were doing quite well untill the last paragraph !!!
Even the comments regarding 'GUMMINTS' and 'ORGANISED CRIME' could be considered fair.
BUT
the rest states more about your own biases (Political or otherwise).
From my experience there is nothing intrinsically special about 'Socialist' organisations that make them any more or less likely to be a problem .... ditto for Judges.
The general problem applies to all Political organisations of all flavours, where the 'Echo Chamber effects' encourage 'groups' to believe that they are special and normal adherence to the laws of the land are deemed not necessary as they 'know better' !!!
people act according to their perceived best interest
Even a passing glance at history or the relevant psychological research shows that is not true in general. People act according to a complex of psychic motivations which usually operate pre-consciously, and thus well prior to any reflective consideration of self-interest (accurate or not).
Conscious consideration of self-interest or other goals may condition those responses, and sometimes people correct their initial reaction following reflective consideration.1 But on average perceived self-interest is far from being a primary conditioner of behavior.
1It's also debatable whether various sorts of psychological rewards which are orthogonal or opposed to material advantage are in the subject's "self-interest", because self-interest can be defined in various ways. Ultimately this is a matter of definition, though, and there are certainly those who would lump, say, the satisfaction of an addiction or the reinforcement of a pleasing self-image, even at material cost, into "self-interest".
I was reading, back in the dear dead days beyond recall, the Clintonite 1990s, rather successful western companies were paying Chinese factory workers 13 cents [ USD ] an hour when a living wage there was 6 times that; and the Chinese government took the line that any job no matter how ill-paid was generous simply because it was a job; and over in the Economic Zones of the Philippines workers were paid $56 a week for 12 hour days with compulsory overtime if you wanted a job in the morning, and only 2 bathroom breaks a day: plus a shanty-town to live in when not working. Which wasn't that often.
Interestingly enough, the Filipino GUMMINT endorsed all this, banned the wicked UNIONS, and kept the workers safe from talking to SOCIALIST ORGANIZATIONS, and refrained from collecting TAXES, as the corporations were lured with tax holidays that either rolled over or began anew with a phoenixly reborn business at a rate which would have bought a blush to Companies House in the days when any rascal could buy an off-the-shelf company with useful tax losses as easily, and for roughly the same cost, as we pay for a domain now.
.
FUCK THE FREE MARKET.
.
Plus women risked infertility from the chemicals supplied by the companies.
"How about simply being a decent human being? How about realising that we are all beholden to each other to make this world a better place? How about simply acting like a damn grown up?"
Well, without meaning to do a modern paraphrased Godwin, maybe if Trump had not decided to attack the 'East', forcing major Chinese companies to be isolated and forced down a route of nationalism on a whim then there would be less people trying to disrupt Western tech companies.
I agree with the sentiments that sharing exploits to stop the 'bad' people exploiting them is admirable, but the more there is a war between Western and Eastern tech the more the underground cyber attacks will surely continue.
>How about simply being a decent human being?
This one cuts both ways. As has been pointed out, a big (US) company is making money out of this software - are the people with the chequebooks being "decent human beings" by not rewarding bug finders at rates that reflect the work involve?
I thus suggest "decent human beings" don't expect everyone to cover their own costs and work for free. In some respects I suggest finding a security hole and them crafting an exploit to use that hole is more akin to creating a work-of-art, so perhaps bug finders should be sending the results of their work to auction.
> In some respects I suggest finding a security hole
>and them crafting an exploit to use that hole
>is more akin to creating a work-of-art,
>so perhaps bug finders should be sending
>the results of their work to auction.
Funnily enough that is more or less what is happening - a PC with half a dozen bits of famous malware is up for auction
Just being a decent human being doesn't pay the rent, nor buy food. I don't know, but I'm guessing that finding these vulnerabilities takes weeks and months of research. Couple that with the fact that much of this research will be speculative and yield no fruit. Maybe it's Microsoft and friends who should start "acting like grown ups" and start paying these researchers properly for their results.
Just being a decent human being doesn't pay the rent, nor buy food.
Actuially if we were all to act like decent humans, there would neither be a need to pay rent nor </buy> food.
I'm growing enough of certain things that I can give away more than I can eat. One of my neighbours grows other things and also gives away more than they can eat - so between the two of us we're more than sufficient in certain fruits and veges. We have the two smallest (by 1/2!) plots on the block (and it's not a small block), lots of other houses with lots of room out back for decent gardens, and people with enough time on their hands to tend more than one of these plots. Our neighbourhood could be self-sufficient for fruit and veges if we worked together.
Among us we also have the means to repair any vehicle or structure, any computer or electrical repairs, even a plumber just up the road. But as a whole we'd rather pay a lot to someone 20 miles away than a little to the neighbour two doors away.
And yes, we have people who can prepare timber for building.
If we were to "be excellent to each other" then, well, much of the world's issues would be long gone. All it really takes is a little sharing with your neighbour, helping them to help someone else who can help you out.
How about realising that we are all beholden to each other to make this world a better place? .... Timmy B
Now when that is not exactly true, it can become problematical, Timmy B. Just ask Tony Blair. It does though make for a much more helpful approach to implementing solutions when true.
Whenever UKGBNI Parliamentary Governance Collapses do GCHQ's Special IntelAIgent Services Break Cover in InterNetional Defence of the Realms with Other Worldly Wise Solutions?
Novel Channels of Creative Discourse for Practical Realisation ..... Earthly Virtualisations for SMARTR Populations being one such AIMasterPlan in Advanced IntelAIgent Developments.
I totally disagree. We are, and rightly should be, looking after each other. Just because some people don't it doesn't mean that the principle doesn't stand. .... Timmy B
How very odd, Timmy B, that you should disagree with a comment that agrees with you.
That's a failure of intelligent information parsing, methinks, and that can very easily be problematical.
@Timmy B: "How about simply being a decent human being?"
Well, she's gone public, and the exploit will get patched, so there's that. Someone who was utterly nefarious would have either tried to sell the exploit on the QT, or used it themselves to hold people's data hostage, and she's not done that. What it makes me wonder is if she's the first person to discover these vulnerabilities, because better funded state institutions have entire divisions of people looking for them. State actors don't share, they don't get stuff patched, they hoard exploits (or try to, sometimes their hoards get discovered) and they use those exploits against their own citizens. So she's achieved one goal, the middle finger has definitely been given to the West's intelligence community.
I agree that one should be a decent human being and do the right thing and I or any/most of you would do that. On the other hand, many Corporations make most of their money in the developed economies and outsource their work to the developing economies whenever possible or simple reduce staff leaving existing staff with an increased workload. I find it very hard to have have any sympathy for any of them.
There seems to be widespread opinion in the hacker community (insofar as such a thing exists) that SandboxEscaper has emotional and behavioral issues. I don't mention that as an excuse for her behavior or to reconcile her statements and actions, but merely to point out that critiquing her as hypocritical or unethical somewhat misses the point. From what I've heard, I'm not sure she can be rational, in a sustained way, about these behaviors.
It's unfortunate because she's clearly a talented software-security researcher.
All of SBE’s vulns have been of the same class.
That’s not a dig at SBE. That’s a dig at MS. When you find a vuln, the best thing to do is assume they’ve screwed up in the same way more than once and go looking for the same mistake elsewhere in the code. It’s a very efficient method of finding vulns.
The first bug that was dropped was a fair while ago, and sounded like it could well be endemic. MS, with source code home advantage should have gone to town finding where else the same type of mistake had crept in and fixed it. Instead, we have this...
MS, with source code home advantage should have gone to town finding where else the same type of mistake had crept in and fixed it. Instead, we have this...
I agree but no self respecting middle level PHB is going to sanction the minions to go on a crusade searching for similar issues. It's that person's mission to hide all issues from their upper management.
When you find a vuln, the best thing to do is assume they’ve screwed up in the same way more than once and go looking for the same mistake elsewhere in the code. It’s a very efficient method of finding vulns.
That should be part of standard bug fixing process. That and trying to come up with some kind of change (code, or even process) that would make such a bug hard to repeat in future or at least raise a red flag if it did.