My conclusions are unchanged. Some replies to confirm my position on the matter:
1. People are the weak point. Yes. Anticipating their actions and protecting against them is the task at hand. This is not security theatre - it's simply sensible considering human nature. People will not get at our production database if they try (we get regular attempts but our properly designed tiered security architecture and mandatory access control system prevent it every time and will as we adapt and re-evaluate regularly).
2. Losing laptops. Not a problem. We've lost a couple. We plan for that. They are fully encrypted TPM equipped laptops and there is no data on them anyway as our methods from (1) are applied. If someone got one, cracked the encryption or decapped the TPM chip and got in, they'd get nothing of value. We actually paid a rather well known ex-black hat a lot of money to steal one from one of our staff and try and get in and they couldn't.
3. I'm a professional programmer (red brick MEng, EE for 6 years embedded and VLSI, 15 years programming and architecure). So are my colleagues. We don't employ run of the mill guys. We start at the high end and have qualification requirements that would scare the shit out of a Google candidate. We don't employ the sort of people who can't tell arse from elbow. We know they exist but the agents don't dare send us their CVs. We're not interested in rock stars or ninjas or any of that crap - just people who know what they are doing.
4. I've worked for asshats too. In the corporate world, these aren't actually that common these days. I deal with a lot of large corporate financial customers for our product (FTSE100 types) and they know what they are doing.
5. I worked for the NHS for 3 years. No-one in the NHS needs to know what or who the hell Github or Hanselman or Gu are. It has precisely no bearing on the NHS. Does celebrity tech culture really matter there? No. That just undermines your entire argument.
6. As for quackery: it's easy to separate wheat from chaff, unless you are chaff.
There are very few people on HN who live in the "real world" i.e. outside startup culture. There is a consensus of opinion, but it's not all right. In fact a lot of it is plain wrong and driven purely by irrational worship rather than realistic well-thought-out and tested arguments (37signals, Elon Musk, JGC, Atwood, Spolsky to name a few)
As for the froodyness of FF or Chrome, froodyness is IE and Group Policy for the foreseeable future (not Chrome's piss poor implementation and unpredictable support lifecycle).
The fact you mention n00b implies that you still suffer from a childish mentality as well, therefore backing up my points again.
As for the time here - I've lurked in HN through many fads, phases etc for about 4 years. I decided recently to exercise my opinion a bit as there are some seriously bad ideas being promoted and I do not want the next generation of people to be terribly influenced by them.
1. People are the weak point. Yes. Anticipating their actions and protecting against them is the task at hand. This is not security theatre - it's simply sensible considering human nature. People will not get at our production database if they try (we get regular attempts but our properly designed tiered security architecture and mandatory access control system prevent it every time and will as we adapt and re-evaluate regularly).
2. Losing laptops. Not a problem. We've lost a couple. We plan for that. They are fully encrypted TPM equipped laptops and there is no data on them anyway as our methods from (1) are applied. If someone got one, cracked the encryption or decapped the TPM chip and got in, they'd get nothing of value. We actually paid a rather well known ex-black hat a lot of money to steal one from one of our staff and try and get in and they couldn't.
3. I'm a professional programmer (red brick MEng, EE for 6 years embedded and VLSI, 15 years programming and architecure). So are my colleagues. We don't employ run of the mill guys. We start at the high end and have qualification requirements that would scare the shit out of a Google candidate. We don't employ the sort of people who can't tell arse from elbow. We know they exist but the agents don't dare send us their CVs. We're not interested in rock stars or ninjas or any of that crap - just people who know what they are doing.
4. I've worked for asshats too. In the corporate world, these aren't actually that common these days. I deal with a lot of large corporate financial customers for our product (FTSE100 types) and they know what they are doing.
5. I worked for the NHS for 3 years. No-one in the NHS needs to know what or who the hell Github or Hanselman or Gu are. It has precisely no bearing on the NHS. Does celebrity tech culture really matter there? No. That just undermines your entire argument.
6. As for quackery: it's easy to separate wheat from chaff, unless you are chaff.
There are very few people on HN who live in the "real world" i.e. outside startup culture. There is a consensus of opinion, but it's not all right. In fact a lot of it is plain wrong and driven purely by irrational worship rather than realistic well-thought-out and tested arguments (37signals, Elon Musk, JGC, Atwood, Spolsky to name a few)
As for the froodyness of FF or Chrome, froodyness is IE and Group Policy for the foreseeable future (not Chrome's piss poor implementation and unpredictable support lifecycle).
The fact you mention n00b implies that you still suffer from a childish mentality as well, therefore backing up my points again.
As for the time here - I've lurked in HN through many fads, phases etc for about 4 years. I decided recently to exercise my opinion a bit as there are some seriously bad ideas being promoted and I do not want the next generation of people to be terribly influenced by them.