Reading used to be super common, including among working class. They used to read what was called "junk literature", basically written equivalents of fun tv.
> can US "talk" with / use threats against iran and "make it a good guy"?
Problem is Iran leadership especially would need to retarded to trust any good guy promisses from USA.
I mean, USA breaks promisses to literally anyone, but it specifically bombed Iran already twice during negotiations. And its history involves usa turning hostile each time relationships seems to get better.
How can you play good guy with history like that? And with present of attacking literal own allies?
But we do NOT want random government employs accepting data in random format by email they just decided that are safe and non-executable. It is not like the admin lady in the office got an extensive training about what can be done with pdf, xls, usb stick, txt and what not.
They just have no idea. From this woman point of view, pdf in email is as safe as usb stick in a an envelope.
Most health information transferred online between patients and other entities goes through a portal rather than email to ensure PHI isn't transmitted over unencrypted SMTP or simply forwarded on to some insecure mail server. I.e. data loss prevention.
Wherever it goes, there are a various services that can be used to ensure the file is not malicious. Probably API integration with Palo Alto WildFire or ICAP protocol with Opswat would be the best choices. Neither would be affordable for small government offices.
You dont have protectiond of US law on the border, inside the border and barely if you are a citizen far away from border. Realistically.
And also actually per law. And yes, being forced to give out passwords and make profiles public as a rputine thing is much worst then being forced to give out password when there is actual warrant.
No amount of beating low level employees will change whether they can accept pdf sent by email or not.
And also, they are not supposed to use their intuitive ideas about what is and what is not dangerous use of software. When they do use their intuitive ideas, hacks happen. Karen here doing what she was told and accepting only formats that her organization security team told her to do is Karen doing the correct thing.
We are on HN. People who are responsible for overreaching unreasonable security rules ... are basically us. And we are all paid way more then Karen, but are the first to call Karen an idiot when the hack happens. Karen does not know why pdf is different from doc or whatever. Nor is she required to know.
I highly doubt it. Not accepting PDF files from random email addresses that send to your very publicly listed email address is a smart policy. One angry jerk trying to DoS the fax machine is not going to change the policy. At best, it'd cause them to ditch the paper and toner and upgrade so that all incoming faxes are automatically scanned and sent to an email box.
> We are on HN. People who are responsible for overreaching unreasonable security rules ... are basically us.
I don’t think that is true. Rules that you have to use a fax machine are enshrined in outdated laws. No IT professional is going to say to use a fax machine for security.
The same thing is true for a lot of security practices. Our company had silly password rotation policies because of certification requirements, not because our IT team thought it was necessary.
And how does the author (or you) know she doesn't keep raising this?
Edit: can't even confirm that it really is only fax and physical mail that's available; on a cursory search, tackling this fully online is already well possible: https://news.ycombinator.com/item?id=47544562
>No amount of beating low level employees will change whether they can accept pdf sent by email or not.
I disagree. I'm sorry Karen here needs to bear the brunt, but if this kept up, at some point Karen's boss will take notice, And then it moves up the chain to someone who can affect that policy.
Companies purposefully set us up to communicate bottom-up, so we can either play the game or break the law.
>People who are responsible for overreaching unreasonable security rules ... are basically us
No, it'd be a policy maker or CEO who thinks we're in the 90's and that secure email documentation isn't a thing. "We" could suggest so many ways to handle it that would save costs while being more secure. We're not much higher on the totem pole than Karen.
Yet suddenly, we get these incidents and our bosses are suddenly rushing to IT to find a solution. As if 6 months of deliberation wasn't enough.
> I'm sorry Karen here needs to bear the brunt, but if this kept up, at some point Karen's boss will take notice, And then it moves up the chain to someone who can affect that policy.
I sorta feel there's as much fantasy on the other side. The situation as is—the concrete one we're discussing here—exists. You're voting for a version where this person doesn't complain through the methods designed for it and instead writes to the CEO or something and has things fixed that way. Or possibly just doesn't complain about being screwed at all.
The system is largely bad. That's mostly agreed by each side. I feel like what you're asking for—to treat others as humans—is right and yet only going in one direction. There's a disagreement between the company and the customer and instead of showing up the company disingenuously gives you an unrelated powerless person to speak to. The expectation is that you shouldn't count them as the company, you count them as a human—and you're supposed to do that _because_ the company underpays them and gives them no power.
If the author didn't abuse the fax, why would anyone notice the process was broken. It's only by abusing the existing process that change will be triggered.
You see this all the time in cybersecurity. Nobody cares until there's a breach. Nobody would care if he faxed 25 pages and mildly inconvenienced Karen, but by faxing 500 pages and inconveniencing the whole office, it's going to start something. Even if it takes them another 5 years to fix the process, it's a start.
Realistically, the change will probably be "no more than 25 pages of evidence required". But that's also a win for the person being asked for it.
I'm open to options. Not doomerism "the system can't be fixed" mentality. I don't like to think of myself as combative. Ideally we get listened to in council and they properly pull what strings are needed to help.
But this has been my reality. Employees can evangelize for months for better security, but then a (very avoidable) hack happens and suddenly the budget for it appears out of thin air. Being a nuisance (or letting nature take its course, in the perspective of an employee) is much more powerful to these kinds of organizations than words.
> But this has been my reality. Employees can evangelize for months for better security, but then a (very avoidable) hack happens and suddenly the budget for it appears out of thin air.
So your lived experience indicates that harassing front-line low-level employees about it does not work because they won't be listened to. Why, then, are you advocating for harassing front-line low-level employees?
Go for the people who can actually set policy: ministers, representatives, council, agency boards, managers. When you call, rather than take it out on the employee request to be transferred up.
And even if you don't have the energy to keep fighting after your own case has been fixed (a very common remedy when it's usually much easier to grease the squeaky wheel than to actually fix the axle), try to leave information on your process and contact points in accessible locations so that those afterwards can start a step or two ahead.
>your lived experience indicates that harassing front-line low-level employees about it does not work because they won't be listened to.
I'm saying inconvenience from an outside force (not the low level employee) gets actions done, not words from the employee. It can be the custome, it can be a malicious actor. It can be the federal or state government. But it has to come from outside or up top.
I don't know how you construed that as "so customers can't do anything"
>Go for the people who can actually set policy: ministers, representatives, council, agency boards, managers. When you call, rather than take it out on the employee request to be transferred up.
If you've seen local policy these days... Yeah, not really. LA just had a new Metro line approved despite the mayor's attempts to delay the vote. Policy isn't working with us.
I won't say escalation doesnt work, but I haven't seen it pulled off. Wait queues for help is already so long, so asking more time of the customer might not be feasible. It's already inefficient enough that we need go use Synchronous calls to to do all these duties.
> I'm saying inconvenience from an outside force (not the low level employee) gets actions done, not words from the employee.
When you harass an employee it’s still word from an employee. And it’s very optimistic to think said words will go beyond you being an asshole doing asshole things.
> I don't know how you construed that as "so customers can't do anything"
You seem confused. I never said that, you just invented it from
me saying that harassing front line employees is useless.
> I once read an article that in Berlin the sewage system is flushed with fresh water because too many people have installed water saving toilet flushers. So plenty of people bought these water savers and now the price of water has gone up because the water that is directly flushed needs to be paid too.
What is this supposed to mean? You flush less water, therefore water price is more expensive, because flushed water needs to be paid too?
Presumably that the water bill (for tap water) was priced to cover both tap water provisioning and sewage works. But people using (free) rainwater to flush toilets ruined the pricing model, making the tap water price go up.
I honestly don't see the problem, it's probably still worth it (because society still needs to provide less tap water and saves there).
GP is partly right. Most of the cost of sewers is fixed cost: employee salaries, building and maintaining X kilometers of sewers, etc. Some is variable: chemicals, but a small part.
If you, a single person, cut your water usage in half, you pay half as much. But if everybody uses half as much, the system still needs about the same amount of funding. So now you double the per-unit price, and everybody pays the same they were before spending money on water saving features. In this case, even if each person used half as much water, the total water needed isn't cut in half because the sewers need more water to function.
(Also, water isn't "used"; most of it's transported, cleaned, transported, dirtied, cleaned again, transported)
Perhaps that sewers need a certain volume of water flowing in order to function correctly. If that water does not come from toilet flushes, etc then they pump water into them to compensate.
> He's never had a decent job it's majority her income so divorcing isn't even that favorable for her now afaik
It is totally favorable, because he is going to make more debt. And if she does not divorce, she will be responsible for that debt. Moreover, money she earns after divorce are her except for the part of debt she is already responsible for. Right now, they are theirs, he has equal access to them and she is half responsible for his current and future debts.
That changed into watching youtube now.
reply