We must not complain:

• Internet hardware sourced from China is "cheaper." Therefore, we must never attempt to build such hardware in the USA, nor need we maintain any sort of capability to do so (except for Hardware Designed To Explode). Because, "hardware sourced from China is 'cheaper.'"
• Software engineers employed from third-world countries are also "cheaper." Therefore, we must never be concerned about the actual content of the source-code upon which American businesses depend. Because, "software sourced from third-world countries is 'cheaper.'"
• We do not need to pay any attention to the Little Man Behind The Curtain.™ The American Dollar will always reign supreme, and the Whole Damned World will be Grateful that we Saved Their A*s From World War Two."

Ahem.

Perhaps it would behoove every country to remember that "the sword of cooperation cuts both ways." Yes, it's always a fine idea to engage the services of a Tailor to cut your clothes for you , but always cover Your Own A*S!!

If Chinese hackers, say, really did implant some kind of vulnerability, say, in the billions of routers that it shipped to the US to be sold by American companies, then the USA would be helpless(!) to prevent it, for two simple reasons:

1. There are no manufacturing facilities "here" that are capable of manufacturing such devices, except for purposes "designed to blow-up."
2. It would be impossible to build such facilities, because, "hey, if the Chinese price isn't cheaper, then the {XXX} price surely must be," therefore it is totally unnecessary to consider investing the money. If the Starving Chinese won't cover our U.S. butt, then the Starving {XXX}s surely will. In any case, the US is Above Such Things, because We Won World War Two!™

Therefore, the US Dollar Reigns Supreme™ and We Have No Problem.

Unfortunately, such Groupthink very easily weaves its way into national policy.

---
"What Fools These Mortals Be!" – Shakespeare

If you ponder how many ways " getting it cheap " can lead to subversion you could get a headache!!

You call this realistic observation? Well it is not true then. Sure we have foolish humans today a lot but But BUT there is explanation for it - poor education, improper upbringing(used google translate for this) and society that is not working for everyone but for specific groups of people. This is unfair to blame result when it doesn't give working alternatives. Like seriously we all would be 'dinosaurs' if we would be living different lives than we are. Watched movie "Jungle Book"? Well we all would be main character in that situation despite thinking we are superior when we had better environment for growing up.

In regard to a relistic observation; it's been mine and I'm sure I speak for many on this, that there are 2 basic things we all do. Act or react.

We can't control the wind around us *(what Google, Yahoo, Banks and Corporations are doing with our personal information and throwing privacy out the window)* but we can practice self control regardless of what type of education, upbringing or etc...we are exposed to.

Some of the people have slipped away from critical thinking and just except the spoonfuls of propaganda all in the name of security. I tell ya, it's really a shame that it is this way--

My thoughts, exactly. The crooks always cry the loudest when they are robbed. It's always "someone else" doing something to "poor little old us"- and meanwhile, we're the biggest predator in the world, and spy on even our own people. One day soon, someone is going to put us in our place. That is, if we don't implode first, from our own disfunction.

The biggest thing that I think that all of us in this industry must keep in mind is that ... nothing like this has ever existed before. It has never been possible for anyone to gather this kind of information before. Therefore, we are doing it. Because we can do it. And we are not stopping to think. People never do.

And so, when the ka-ka does hit the air-movement device, "gee, I'm sorry" ain't gonna cut it.

People do have an expectation of privacy, and a lot of their personal safety is derived from the privacy that, until very recently, they more-or-less could enjoy.

In particular, when their privacy was (secretly) invaded, the information gathered generally was also secret. Now, our privacy has been invaded ... it has been invaded by corporations ... and the information is extremely public. I expect that, when (not if ...) this thing finally "blows," the theory of criminal negligence and even malfeasance will be sustained by many juries all around the world. Secret agencies will be able to hide behind their laws (although, those laws will begin to be repealed), but the private sector will not. Millions of jobs ... ours ... will be lost.

The time to realize that something must be stopped ... is before the subpoenas are served.

Yes. Regardless of the reasons, the observation is still true- and you are admitting as much by offering theoretical reasons as to why those observed conditions exist. And I say "theoretical", because that's what they are. You submit poor education as a reason; yet the very traits being discussed seem to be more in evidence in the most highly-educated locales.

Randicus's observation is more of a general trait of human nature. Education does little if anything to combat human nature, because it does not impart absolute values/morals. Nor should it. In general, virtually all of the men [and Hillary] doing the most harm to this world and it's people, are very highly educated. These people also admit the validity of Randicus's observation- only they take advantage of it's existence, and use it as a way to manipulate mankind for their onw purposes.

In an ideal world privacy could exist for children to a certain age at witch point they would know better... because really transparency ⇆\⇵ is best (oh no their gonna try and sell me something! )

I was amazed at how much information was openly available on the internet just by googling my own name!!

How id it get there though? I know when I google my own name I don't find anything as it is a common enough name and I make a conscious effort not to put my real name on the internet for precisely this reason. Unless you have a particularly rare name, or malicious friends or employers, then googling your name ought not to show any meaningful results unless you chose it to.

If you report a bug your email address is listed leading to the result of possible unwanted spam.

Google brought up Advance Background Checks where a trove of information about me existed. I could have found out much more about myself there if I paid for it. People's name and addresses get openly listed on drivers licenses, utility bills, tax bills, phone bils, etc. There's just too many things that you have to do that get known; and let's face it selling your information is profitable.

And the people and companies who are right-now doing that are making the biggest mistake that anyone could possibly make.

On the one hand, we talk about 'terrorism.' But on the other hand, we really have no idea what "an organized mass criminal attack upon a society" actually means ... even as we "frantically and frenetically build" the virtually-unguarded means by which some dark, evil, but also clever and opportunistic individual or group most-certainly will one day manage to do just that. "And once again, we will 'act surprised.'" We will wring our hands and pass more laws, but apparently we'll only do it after the horse has been stolen (and killed).

And as for me, I have a real hard time with that. "This isn't rocket-science, folks." If you're running around town with your pants completely down off, someone's gonna kick your . We don't have to know in advance who will do it, and we probably don't. All we need to know is that you're wearing no pants. Human nature takes care of the rest. This ain't our first rodeo.

Since the actual scenarios we're talking about are so awful ... I mean, "if this isn't Homeland Security, then exactly what is?" ... we should not be lackadaisical about this. Information security should be the law, world-wide, and we, as the experts in our field of information processing, should be the ones screaming for it. Our thinking should not be armies or para-military organizations. It should be organized crime and those who will seek to exploit the vulnerabilities that we made.

Okay, maybe no one foresaw the scenario of demolitioning the tallest buildings in the country while people were inside them ... but we can most certainly foresee this. It doesn't even take much imagination to do it. (And please let's not veer off into a "what really happened that day" discussion ... OT ... the topic here is the total lack of security of highly-sensitive information within the public sector. Our sector.)

There's this principle called "Need to Know." We try to do this inside the secret-halls of places like NSA, but in today's times it applies far more to the public sector. In fact, in today's environment it won't do you a damn bit of good to "secret" information inside those hallowed-halls, when the vulnerabilities that will one day be exploited are outside of it.

This is not merely "no more privacy." This is a vector for a future awful-criminal act, "details TBD" but entering through a gaping hole that we can plainly see – and seal. I'd rather plug those leaks now and never live through the criminal act whatever it turns would have turned out to be. This ain't rocket science. Given that we're all paying ##CLASSIFIED## of dollars every ##CLASSIFIED## for "Homeland Security," I'd like to be sure that we get it.

Agreed- but don't forget, those companies are getting virtually all of that info from gov't sources of "public record". That info was always "public", but years ago, you'd have to go to all the various different offices/agencies, or snail-mail them; or hire someone to physically go and look-up the info; and even then, you'd only check agencies and in places where you knew the subject likely had pertinent info.

Today, those companies just do a quick database search, and info comes up from every gov't office you've ever dealt with; and there is no record of written requests or anything- the info is just "out there". And the various offices and agencies have done nothing to safe-gaurd our info.

I'm thankful that I live in one of the few rare places wherevthe county hasn't gone digital yet...so not even property ownership is online, and therefore is invisible to these online data searchers. I know though, that if anyone did one of those background checks on me, they'd at least see my former addresses, and DOB, etc. but precious else- as pretty much the only gov't agencies that have my info are the DMV and the County Clerk (and as mentioned, the County Clerk isn't digital....yet)-Between that, and never putting my real (and unusual) name online or as my email address or on my computer, and the fact that I don't spread my info around like horse manure*, has ensured that I'm about as private as a person can be today. [*= I walked out of a dentist's office once, because he insisted on having all sorts of info- such as employment/bank account info; driver's lic# etc. even though i told him I'd be paying with cash money. Found another dentist who took my name and address...and that was it. So many people have become willing to just give out any info, just because someone asks for it. You're even viewed as "suspicious" if you want to safeguard your privacy. It never ceases to amaze me, when in a store like Lowe's, how everyone will give them their phone number just because they ask for it. I commented to a cashier once that "I'd bet they'd give you their Socialist Security number or driver's lic. number or square footage of their home, if you asked for that". She agreed!)

So we beat on, boats against the current, borne back ceaselessly into the past.

But, "those who forget the mistakes of the past are doomed to repeat them."

The Nazis, for example, vacuumed-up the Jews in Europe by using their (public ...) telephone records.

And we are today collecting far more information about people than just what is readily available in the public databases. We have made this information "promiscuously available," without pausing to soberly study both faces of this coin. (One of the two sides isn't shiny.)

Yes, we must "go with the current," but we also need to be the ones to pro-actively question just exactly what does that mean, what new risks does it expose us to, and does our existing body of law (and social practice) properly consider it? Today, we have gone vastly too-far, and I do not see sober examination of what that may imply. No one is being a "Luddite" here. As I said, this isn't our first rodeo. But maybe it is the first rodeo of this type. And since it is basically our industry that first uncovered this funny-looking bottle and then took the cork out of it . . .