|
Ok, so you agree with 1 and 2, and as for 3, where users feel free to break things 4 teh lulz (cf HN exploit), there's a non-zero chance than a normal user will become an attacker. 4. Dissecting a slug, making slides, and examining them under a microscope is cool. Sprinkling a family of slugs with salt and watching them die is not cool. The end result is the same, that the slugs die, but it's fundamentally a social problem, when people feel empowered to break breakable things. 5. In growing up, why did you not talk to strangers as a kid? Why did you look both ways before crossing the street? Our parents and friends teach us convenient behaviors so that we don't have to make the same mistakes. If all of your data is now going to live in the cloud, you'll learn pretty fast, and educate your kids/kid siblings about what not to do on the internet. No one who's ever been phished is going to make that mistake again (my friend in undergrad did), no one who's ever downloaded random video codecs from Eastern European nations is going to make that mistake again (my bf did); we'll learn what not to do so that messing up really merits a techno-darwin award. 6. Yes, the "senior IT executive" calculated the risks and rewards, and for an enormous corporate network with large institutional inertia, it was cheaper to hire a guy who learned on someone else's dime. It's like "cutting-edge accounting", or changing your house's plumbing. If your business isn't accounting, just follow industry best practices. |