Rise up against Oracle class stupidity and join the infosec strike
Why aren't you, personally, stopping the moronocalypse?
Sysadmin blog Information security and privacy are important. Stop being Oracle-class short-termist assholes. Stop waffling, dodging and procrastinating. Get your heads out of your asses and start doing something to improve things for everyone.
You. Yes, you there reading this article. I don't care who you are, you have the power to be part of the solution.
Our leaders, be they executives of multinational corporations or politicians, are apathetic dunces regarding information security because we allow them to be.
Oh, collectively we're all about "security" when it means murdering brown people to steal their oil. That's all fine and good. But public support is thin on the ground when rich white men don't stand to get richer.
Hundreds of millions of people in first world nations have had their personally identifiable information stolen this year alone! Tens – perhaps hundreds – of millions have had their credit cards stolen this year.
The depth of information pillaged from government and corporate servers through events like the OPM and Sony hacks can and inevitably will be used to ruin lives. Yet we sit around, gazing at our navels and collectively doing fuck all about it.
A politician wants to shut down a coal plant so old it has cave paintings on the side of it and is spewing cancer-causing toxins into the air? The streets fill with gun-toting nutjobs threatening revolution! Protests and e-mail campaigns are organized. Massive campaigns to call politicians are rolled out. People take a stand.
Where are the people working the system to get laws in place to hold executives accountable for Oracle-class infosec stupidity? Where are the boycotts of companies that refuse to invest in proper information security?
Hell, when was the last time you, the information technology experts reading this article, bothered to check if you could update your home routers? These devices are a massive security flaw waiting to happen that many of us can actually do something about.
And what about developers? Seems there's an awful lot of hemming and hawing that proper coding isn't really the developer's responsibility. Blame is passed around and nobody is willing to take a stand against the software-defined moronocalypse.
Information security isn't just an abstraction
Let me ask you this: if the company you worked for made dog food and they were knowingly allowing toxins into their dog food that would inevitably kill millions of people's pets, would you speak up? If the company refused to listen to you, would you quit in protest? Would you leak the information to the press?
Now, I ask you, why won't you take a stand on information security issues? Why do our collective ethics and morality end so sharply? Real people's lives are affected by information security stupidity. In some cases to some very extreme and disturbing degrees.
What is it about technology as the abstraction layer for ruining someone's life that we not only feel morally justified in our overwhelming apathy, but we will actually get on forums and social media and loudly decry any responsibility or need to act at all?
The lies we tell ourselves aren't true. Insurance doesn't cover everyone. Plenty of banks and other institutions make people live with tens, even hundreds, of thousands of dollars of fraud committed in their names. People are put on “no fly” lists, their professional lives ruined for things they didn't do.
The consequences of information security stupidity are very, very real.
Sponsored: Becoming a Pragmatic Security Leader