On Thu, 25 Oct 2012, Chris Fitzpatrick wrote:
http://en.m.wikipedia.org/wiki/Sayre's_law
I'm guessing the other people participating in this thread have never had men with guns show up to take your server because of a 'security incident'.
Or block your server's IP address, and then make you jump through hoops for two weeks because they were unhappy with someone uploading an image to your trouble ticket system that accepted anonymous submissions ... with the explaination that if they managed to get a file on there, the whole system was compromised, and had to be blanked and the OS reinstalled. ... it didn't help that the image was text saying something to the effect of 'I've hacked your computer'. And they didn't realize at the time it actually had a JPEG exploit in it, so it was the people who downloaded it could've been compromised, but it wasn't even a valid exploit against the OS we were running.
Or have all of the sysadmins in your group stop work for a day while we have a comprehensive scan of all of our machines by the security group because someone on the security auditing group noticed that a machine on our network sent out a request to some random webserver in the middle of the night, and then there was a connection attempted back to that machine and another one on our network. ... but they failed to mention was that the connection back was from a completely different IP range, and they had selectively filtered what they were looking for, so the incoming connections were attempted against *all* machines on our network and not a sign that someone was being selective in their attempts and cause for concern ... and the 'middle of the night' just meant 'before we got in this morning', but we have folks who have to work earlier shifts depending on when we get assigned antenna time to talk to the spacecraft.
... it makes the people who e-mail convinced that NASA's hiding evidence of the existance of alien life seem reasonable by comparison.*
So I actually *do* have a stake in validating what we use as inputs. Other people might not, but I do my best to avoid a DOS from our security group.**
-Joe * They don't like that we get highly compressed data for 'space weather' purposes, and we replace them with a higher-quality image once it's been downloaded through a higher bandwidth link. They also seem convinced that a compression artifact must be at the same distance from us as the sun for their size and speed calculations, rather than highly energetic particles right at the telescope. ** I've got other stories, too ... but I thought I'd keep it to only the ones that actually affected me.
