... it's way too often because the responsible people hadn't high enough expectations for quality.
To illustrate, I'll use a years-old case from a German website:
A professional journal had written an article about some websites telling nonsense on their pages, including a quote from aforementioned website. The wrong info was from an article of the website and really not representative, but it was a vulnerability that the journal exploited to diminish competing online sources for info.
What went wrong?
It had been reported that the article included falsehoods, and it was on a list for an update. That, of course, didn't materialize before the journalist visited the page and reported the falsehood publicly.
The people in responsible positions should have taken the defective article down, but their sense expectations for quality were not high enough; they didn't care much, felt instead that just adding the problem to a to-do list would suffice. It was careless; people got misinformed (and the case was not entirely isolated).
In other words; it's not really a good sign if you learn that the problem was known before the shit did hit the fan. It's an indicator for leadership and management failure and lack of understanding of the importance of quality.
Readers are invited to guess which case inspired me to write about this really old issue today...
S Ortmann
.
Not really related, but have you read this?
ReplyDeletehttp://www.wired.com/threatlevel/2012/03/ff_nsadatacenter/all/1
Toutches on a lot of issues you've talked about in the past.
http://www.wired.com/dangerroom/2012/03/petraeus-tv-remote/ no comment
ReplyDeleteThe decryption business is probably going to end soon. The one-time encryption method (random sets of 1s and 0s added to the data for completely random encryption that requires the original list of 1s and 0s for decryption has been possible for really important communication for a while.
One-time encryption was impractical during WW2; you'd have kept busy all printing presses of the nation to print only a fraction of the required code tables.
This has changed. My computer has enough HDD memory for a one-time encryption of all text messages ever sent through Enigma encryption.
One-time encryption requires a rather simplified communications net, but that's fine for the most important communication and information of very short-lived value (such as tactical comm) can easily be encrypted with normal 256bit or higher codes. The only real challenge that remains is self-discipline, austerity in regard to use of videos and orderly networks.
Espionage bureaucracies pursue their bureaucratic self-interest; don't expect them to not ask for a huge budget and huge datacenters, no matter how questionable the value in conflict against competents.