Posted inInformation Technology / Investing / Thank You Sir May I Have Another

So – You Think Commodity Hardware and a Free OS are Business Worthy

seasoned_geek by seasoned_geek

We may soon, for the first time, see executives go to prison for this ludicrous decision and the actions they took after.

If you haven’t heard of the Equifax Inc. (EFX) data breach you haven’t turned on either a radio or a television or went to an actual news site with your browser. Business after Business has been trying to skate on their fiduciary responsibilities by relying on “free stuff” which cannot be made secure in stead of relying on robust proprietary operating systems and the proprietary hardware they run on.

Equifax is just another in a long line of companies which don’t give a rats behind about their customers. There had to be a Keller MBA involved in creating the spreadsheet which “justified” the move to “free stuff.” It’s easy, you just leave off all of the expenses which would negate it.

Most companies these days have bee purchasing some form of insurance policy for breaches rather than performing their fiduciary responsibility of using high quality systems to safeguard their customer data. Most have been replacing skilled American IT workers with H1-B and vacation visa workers of much lower skill.

A real IT architect knows that you air gap this shit. You set up a sacrificial Web server outside of everything and route data only messages back through something like Websphere or your own message mapper. That mapper converts the XML or other free format message into a fixed field width proprietary message and only that gets back to a real back end. The back end responds with a fixed field width proprietary message which the message mapper turns into whatever “open standard” you are supporting via your Web interface.

You never directly connect a Web anything to a database or a real computer.

Insurance policies tend to be backed by various re-insurance schemes and financial instruments much like those mortgage backed bonds Wall Street fraudulently sold creating a global recession. There cannot be enough in the slush fund to cover up to 1/3 of Americans becoming victims of identity theft. Congress cannot allow this company to skate by with only a few months of credit monitoring for each impacted customer. There has to be actual damages and prison time.

We are now standing at the precipice of another financial collapse at least in the re-insurance market covering companies with idiot executives using low cost systems and labor allowing massive breaches to happen. Insurance pools tend to be based on a small percentage of pool members having claims. There can be no pool large enough to cover 1/3 of Americans all at once.

Welcome to the new market crash.

Roland Hughes started his IT career in the early 1980s. He quickly became a consultant and president of Logikal Solutions, a software consulting firm specializing in OpenVMS application and C++/Qt touchscreen/embedded Linux development. Early in his career he became involved in what is now called cross platform development. Given the dearth of useful books on the subject he ventured into the world of professional author in 1995 writing the first of the "Zinc It!" book series for John Gordon Burke Publisher, Inc.

A decade later he released a massive (nearly 800 pages) tome "The Minimum You Need to Know to Be an OpenVMS Application Developer" which tried to encapsulate the essential skills gained over what was nearly a 20 year career at that point. From there "The Minimum You Need to Know" book series was born.

Three years later he wrote his first novel "Infinite Exposure" which got much notice from people involved in the banking and financial security worlds. Some of the attacks predicted in that book have since come to pass. While it was not originally intended to be a trilogy, it became the first book of "The Earth That Was" trilogy:
Infinite Exposure
Lesedi - The Greatest Lie Ever Told
John Smith - Last Known Survivor of the Microsoft Wars

When he is not consulting Roland Hughes posts about technology and sometimes politics on his blog. He also has regularly scheduled Sunday posts appearing on the Interesting Authors blog.