Jim's discussions
Explore our other sites
  • jalopnik
  • kotaku
  • quartz
  • theroot
  • theinventory
    Jim's discussions
    jim-ryan
    Jim
    jim-ryan
    PostsDiscussionsSaved ArticlesFollowers (7)Following (0)

    I bet you support big government, don’t you? Because you (for some unknown reason) expect politicians to be intelligent. They aren’t. They’re mostly incompetent.

    LOL someone is getting pissy!

    But not every victim. If you read through this thread, I tore apart someone else making this same claim. In short: Blame the environment if it’s vulnerable - not the user. You can’t control the Internet. You can’t guarantee that every page you visit isn’t going to be controlled by an attacker. All you can do is

    I’m exaggerating a bit there - he should obviously have some working knowledge of cybersecurity - enough to properly select and rely on the expertise of experts. I was trying to make a point, which was: What do you expect your elected officials to be knowledgeable in? It suits the conversation here to proclaim that

    What goal posts did I move? I won’t wait up for your answer.

    I can give you an example of the funny-but-sad variety. Read this article’s attempt at journalism.. or “security testing”... or whatever it was trying to do.

    Oooo good one!

    Sigh. Let me go a bit slower for you.

    This gif was a top contender for my original post. In hindsight, I think yours is better. Well done!

    Why would I answer them? That’s not my job, it’s the fine folks at Gizmodo.

    We aren’t discussing policy matters. We’re discussing opening e-mails. I’m suggesting that we shouldn’t expect our politicians to be any more technically capable than the average citizen. And I think we agree. So then the fact that some people in this “test” clicked the link should come as no surprise.

    Some of the people on this list are hardly cybersecurity experts. They are in the business of governing, not cybersecurity. They govern everything in the entire country, so by your logic, they should be experts in every single field. Expert farmers. Expert bowlers. Expert doctors. I think you’re giving

    “Primary” and “main” are synonyms. Allow me to rewrite your first sentence:

    I don’t recall asking any questions. Are you part of the special reading comprehension task force, too?

    I would not call this a “blatantly, obviously” bogus e-mail. Depending on the mail client, the e-mail address may not have been visible. From what I can see, that’s the only real indicator that this is fake.

    If your primary security plan is for users to never arrive on a webpage controlled by an attacker, you’re gonna have a bad time.

    Oh no, I read it. But then what is the point? That they clicked the link? See my other replies in this thread. This entire “security test” and its resulting article are the product of a trash study and trash journalism. It stinks of political bias while implying a failure of their “test” without any contextual

    But not with a 100% success rate. In fact, to successfully deploy such an attack would depend entirely on the target’s environment. I think that’s beyond the scope of this “security test.” Sure, it’d be ideal if users never clicked risky links, but their security team needs to assume that someone will at some point

    Were they the ones who clicked the links? There’s no way for you to know that.

    I too am a software engineer and web developer. Setting aside the general risks of clicking unknown links (executing something on the machine, either via a downloaded executable or plugin), can you run me through how clicking the link and going no further than that could allow the attacker to “obtain important