Originally published at: https://boingboing.net/2019/08/19/blame-the-nsa.html
…
In Texas all problems are solved with guns.
And they think the electronic voting machines are sturdier? We can’t find out, because proprietary software!
I guess you can mess with Texas.
On the upside, these “Actors” have wonderful support, and will bend over backwards to help their paying customers to straighten everything out.
The high cost of support means it is no longer economical to target random users, so they are concentrating on municipalities. (Because they have money, lack great IT support, and have a wide variety of users.)
Do they know where Ted Cruz was at the time?
Sure, blame the NSA for exposing vulnerabilities baked into Microsoft products instead of blaming Microsoft for creating the problems to begin with, and the municipalities for not upgrading their systems.
OK.
“Bad NSA! No cookie!”
Sure; it’d be better if MS hadn’t created the vulns. But at this stage in the evolution of software engineering that’s probably not a realistic expectation.
The blame is on the NSA for exposing the vulns and then doing nothing about it. The NSA has - supposedly - both an offensive and a defensive role, however it appears that over the last couple of decades the defensive role has been encouraged to whither and die, and ta-da here we are.
In all seriousness, @JonS is right on the money, here.
I am by no means an expert on this (far from it) but there was a great piece NPR did on the topic. To (over-) simplify it, the problem with what the NSA did was that they found the vulns, but didn’t report them to MS, instead developing tools to attack them at scale, then fail to adequately safeguard the tools.
When checking moral outrage, here’s some handy questions:
-
Did someone intentionally do this?
-
Did someone try to cover up that it happened?
-
Was someone even aware that it was happening?
-
Did someone not attempt to fix the problem one it was discovered?
If the answer is yes to any of the above, then cue moral outrage. If the answer is no to all four, then you look like you’re misdirecting your anger.
This is true. Why, just this morning I unclogged my toilet by waving my gun at it.
Hardware store in Texas:
Basically, if it can’t be fixed with one of these tools, it ain’t worth fixin’.
Seriously… How does a sysadminlet this happen. With all the backups, restore points andcloud data. I dont understand. You stand up a server. You image it. Bam. Server can be restored to a point in time. You make a change you image it. If its a virtual machine that should come up even faster. Data. Should have backups and if its critical should be able to be restored from offsite to a certain point in time. I dont get how this happens. But the servers …those should be wiped and back up in minutes. Lock the remains problem machines out until they are wiped.
Some people flat out will not pay for proper infrastructure/backups/updates/AV. Until it’s too late.
You can tell them till you’re blue in the face but they don’t listen.
Yep. Let’s say you’re the city clerk of Bergsberg, Texas, population two thousand. Your IT budget is just enough to pay for the licenses for Office that the mayor wants, and for a DSL line for the town hall. The town’s website is hosted somewhere off site, with luck using a server that the state has granted some space on (no idea if this is true, and knowing how stingy Texas can be I doubt it). Keeping the server for the payroll, the zoning commission and so on is a constant battle, since the mayor has heard something about “the cloud” and thinks moving to the cloud will help him get reelected. Oh, and since he’s running on maintaining a balanced budget, that means money for having the IT support guy has been cut, since he only comes in once a week and doesn’t do anything that the mayor can see…
Or the shorter version: “Hell, Dwayne, we’re just a small town. Who the heck would want to hack us? I don’t see why we should pay for a firewall that keeps me from viewing porn in my office away from my wife!”
so so many secrets abound
If I had to guess some of these towns and cities are likely not to have very good employees. There are a lot of jobs in that field for people in Texas and a lot of them pay very well. Talent likely goes quickly to a larger city and/or a higher paying job leaving behind people who are willing to work in that environment and for that pay, especially if the town is somewhat rural (or even just if the role is not very well respected compared to the same role in a corporate setting). Rural Texas and urban Texas are like two different worlds in some ways. If you like one you probably will not like the other, but not that many people are deeply passionate about living rural, especially the kind of people who go to a University to get a degree that enables them to work in any city in the country.