Posts by jdb3

You can always tell when a company is breaking the law - they specifically say "we follow all local laws" when asked about an issue. That translates into "we break every law we can get away with, until we get caught. Then we follow it long enough to escape prosecution".

This may just be a bit of an exaggeration... But that is sure the way I read quotes like "responsible corporate citizen known for its 'employee first' policies." From what I usually have seen, that's a good way of putting "employees are the first ones we let go when we want to get another solid gold car"

For a company that had 10B revenue, that's a crappy way to reward employees. However, I suppose they are no longer employees when they leave, so technically they can say the above with a straight face.

Anyone that has worked in IT for years knows that we are the janitors as far as Management is concerned... We get praised when we clean up after someone's stupid mistake, but as long as the data is flowing the idea is 'Why do we pay them so much for something that "just works"? After all, I installed (X game/malware) at home, and it was simple!"'

There are brief time periods where things are different, and the last few years are a good example. However, the only difference they see between employees and contractors overseas are that the accents make it harder to understand; otherwise they love saving money. We've been being praised (some of us at least) for the past 2 years, but that will end soon.

What bothers me the most about this sort of case is the clear indications that no one has the inclination to finally solve this issue. Yes, there will always be scammers and victims. However, it seems that (for the most part) these people get away with a slap on the wrist, and (as has already been commented) just chuckle and immediately do it again.

There should be (at the least) a multi-phase approach -

1) If you're convicted at that level, you can't work in an IT related company. Period. If you try, you get fined, and then jail.

2) Phone companies need to provide ACTUAL numbers when calling. If it is coming from overseas, don't just pass along a domestic phone number - block it.

3) Get banks to resist these scams too - my credit union already blocks transactions over 100$ online (unless it's Amazon, unfortunately) until I can verify that it is real. Expand this to say "you're sending 50$ to an overseas company that is a suspected scammer - do you really want to do that?"

I've not seen any of these happen. I know it's not easy, but something has to happen. I'm getting really tired of all the calls I get, especially the broken ones that start as one scam, then after it doesn't get a response, switches to another one to go to my voicemail. Separately, I'm sure the amount of money these scammers get is ridiculous. If that can be cut in any way, it's worth doing.

Ok, proceed to tell me why I'm completely wrong.

Wow, that was an... interesting piece. I notice that it is very lacking in details on how we could actually accomplish this. Are governments supposed to have teams continuously watching corporations, inside their networks, to make sure they aren't using those evil 'algorithms'? And, of course, which government? China would be the best example here, in that it makes a point to monitor every social media network, automatically delete everything that it doesn't like, and uses it for it's own purposes instead.

Furthermore, as has been repeatedly said countless times, once you develop a technology it is extremely hard to stop everyone from using it. Do I think that Facebook is a horrible time suck at best, and malicious to boot? Yes. Do I think that Amazon and Google between them know much more than they should about everyone? Undoubtedly. However, say you get them to delete all history, and somehow manage to keep them from creating more. (Short of shutting them down and destroying all of their data centers and backups, I'm not sure how this could be done, but lets continue.) Tomorrow, Fazgool will be created, which will start doing the exact same thing.

This is an extremely 'bumper sticker' sort of idea - break them up and stop them from doing it again. In the reality we are in, I expect you could break them up in some fashion, but it will be impossible to stop it from being recreated without the sort of draconian measures that would make the Internet non-usable.

Is it just me, or is that a horrible acronym for this system? At the very least, they could have stuck with 'RAS-NF' or even 'RASNF'. 'Rapex'? That's just wrong.

Well, of course

This isn't going to be a popular answer, but of course there isn't that big an uptake on 2FA.

There are a lot of businesses where you don't have every computer user sitting in an office. In the place I work at, roughly 80% of the users don't have work issued cell phones, either. So, you're going to have to sell management on having their production users (most of which send emails in all caps, when they can even figure out how to use email...) being issued a key fob or something similar, which they have to keep track of, and then read (and key in a code) in potentially low or high light environments.

My guess is that we'd have to buy ~50 of them every month at best for replacements, and we'd have a steady stream of angry people coming by to pick them up.

We already get enough push-back on password strength rules; there's no chance in the slightest that we would get this passed.

In an ideal world, sure, everyone would be an expert and know about the value of this, and how to use it. In my world, not happening.