comment

I read through the whole thread, and all of your responses, and I see one thing that has not been mentioned: Agency.

You had no agency in "cheeks" asking if the man with you was your dad.

You have no agency in the actions your brother is taking on your behalf.

Rest assured, Cheeks will lose his job. I have friends who are in both Management and Training at Goodwill, and one strike is enough to put you on the black list. They aren't hiring the cream of the crop at Goodwill. They are giving people an opportunity to pull themselves out of whatever hole they are in, by providing free job training, counseling, and other services people need to get back on their feet. So they have a very quick fuse. If you cause any sort of problem, you are out. There is always another person waiting behind you for the opportunity, and Goodwill needs to get people through the system and trained so they become productive employees, as opposed to unproductive trainees.

This man will now lose access to that opportunity permanently, because there was a claim made against him.

Goodwill will do the right thing and talk to your brother about the experience, and will do most of this verbally instead of in a written format, because it is a discovery process.

However all of these actions and activities are being taken on your behalf, because your brother has robbed you of your agency in this situation.

You chose to simply ignore Cheek's request. That was you taking the action you felt was appropriate to the situation.

I have no horse in this race, or have a position to defend in this situation. I'm just stating the facts in a way that might encourage you to take an active role - to regain your agency - in this situation.

I equate your brother taking action on your behalf as equally as demeaning to you as Cheeks' initial comment hitting on you. These are two men who have acted in their own interest, with you as the fulcrum.

Personally, I would not be happy in that place. I would feel used. That's my $0.02.

by: goobster

badged by
_refugee_
recent badges
goobster  ·  link  ·  parent  ·  post: Pubski: January 4, 2017

I read through the whole thread, and all of your responses, and I see one thing that has not been mentioned: Agency.

You had no agency in "cheeks" asking if the man with you was your dad.

You have no agency in the actions your brother is taking on your behalf.

Rest assured, Cheeks will lose his job. I have friends who are in both Management and Training at Goodwill, and one strike is enough to put you on the black list. They aren't hiring the cream of the crop at Goodwill. They are giving people an opportunity to pull themselves out of whatever hole they are in, by providing free job training, counseling, and other services people need to get back on their feet. So they have a very quick fuse. If you cause any sort of problem, you are out. There is always another person waiting behind you for the opportunity, and Goodwill needs to get people through the system and trained so they become productive employees, as opposed to unproductive trainees.

This man will now lose access to that opportunity permanently, because there was a claim made against him.

Goodwill will do the right thing and talk to your brother about the experience, and will do most of this verbally instead of in a written format, because it is a discovery process.

However all of these actions and activities are being taken on your behalf, because your brother has robbed you of your agency in this situation.

You chose to simply ignore Cheek's request. That was you taking the action you felt was appropriate to the situation.

I have no horse in this race, or have a position to defend in this situation. I'm just stating the facts in a way that might encourage you to take an active role - to regain your agency - in this situation.

I equate your brother taking action on your behalf as equally as demeaning to you as Cheeks' initial comment hitting on you. These are two men who have acted in their own interest, with you as the fulcrum.

Personally, I would not be happy in that place. I would feel used. That's my $0.02.

goobster  ·  link  ·  parent  ·  post: 9.3M Patient Records Hacked

I used to work at F5, so I got to be in some really scary meetings where people talked about a variety of attack types.

Ransomware and other attacks like it are still just basically the digital form of smash-n-grabs. It's like the late-night attack on the jewelry store, where someone bashes in the window, takes a fistful of shiny, and disappears into the night to sell that shiny to someone else.

What's scary are the tactical attacks.

CyberFighters were the first that I am aware of. They knew that banks had insurance against attacks. So they would DDoS the bank's site and charge a rate slightly less than the insurance would pay out. Sustained attacks over hours and days would eventually get the banks to cough up cash.

Blunt, but effective.

Then another group started launching DDoS attacks against banks, but it turns out these were just a front for the real crime, which was happening behind the scenes. A bank's web site gets DDoS'ed, and everyone is scrambling to redirect traffic to Akamai, profile the attack packets and teaching their ADC's to dump packets matching those attributes, etc.

And the phone rings constantly.

On one of these calls, "Eugene" with a weird accent, is on the phone from the branch office in New York is getting whacked and can't get access to his DNS. So he asks for the IP Address for the back end system they are re-routing traffic to, as a quick-fix to get around the DNS.

Shit. Eugene tries to log in, but his login isn't working because the Active Directory server needs to talk to the DNS, but the DNS is saturated by the ongoing DDoS. "Do you have a login that works without Active Directory, so I can get in?"

The hassled sysadmin has nine different Terminal sessions open on six different machines, and Akamai is on the other line, and the phone keeps slipping off his shoulder... so he gives Eugene the credentials to log in, bypassing the DNS and tunneling around the ADC directly into the control server or firewall in the DMZ.

... and five months later, a junior sysadmin is running some cleanup on some hard disks which were mis-configured in this old server over here, and they notice a couple gigs of text files in a weird numbered directory. Looks like log files, but, she goes ahead and TOPs the first hundred lines of the first file and sees... names... social security numbers... addresses... doctor's names... prescriptions...

She greps the directory for text strings in the format xxx-xx-xxxx, and gets hundreds of thousands of hits.

The junior sysadmin locks down the permissions on the disk. She copies the log files over to her personal directory. Checks the accesses... huge numbers of IP Addresses that start with 5.8.x.x ...

Eventually someone figures out what happened, and the DDoS attack was a distraction for the social-engineering hack from "Eugene", who then got behind the back doors, and made himself comfortable inside their data center, siphoning off data constantly for months.

These attacks aren't new. They are ongoing today.

It's just nobody talks about them because of what it would do to their stock prices. So everyone keeps these breaches under wraps.

And this is going on all the time.

goobster  ·  link  ·  parent  ·  post: So I'm going to Kosovo??

Congratulations! I lived (in Prishtine) and worked in Kosovo (at Film City) for a while when I was a civilian contractor with KFOR.

Kosovo was rough then - 12/13 years ago - and really the ass end of the world. Power for a couple of hours a day, every third or fourth day, often no running water, and the Albanian mafia running basically everything. (The whole thing in Kosovo was a proxy war between the Albanian mafia and the EU, and largely unrelated to the problems in the northern parts of the Balkans. The Albanians were trying to annex the land by trafficking shitloads of Albanians in, and claiming they had "always lived there", and the EU/US were just trying to get everyone to stop shooting long enough that they could have a reasonable conversation with Serbia about the region, and wondering what the fuck the Albanians were going on about.)

The one power plant was coal-fired, and it made the snow was bright yellow from all the soot and pollution in the air.

My friend ran the - what was it called then? International Security Center, or whatever? - where they housed and tried all the criminals. Nice guy from Texas, ex-cop, ex-military, and a grandfather. Talk about a shitty job, man. Working in a craptastic place like Kosovo, doing a thankless job, for an organization that wished he didn't need to exist, a public that was against him, and genuine war criminals were the people he got to hang out with on a daily basis. Man... that was hard work.

Good luck with it. The bureaucracy is inconceivably Byzantine (appropriate, considering the history of the region) but I expect the best introduction to the current situation there is understanding how it went from Yugoslavia to the mess it is now, and the best way to do that is to read my friend Adam LeBor's book, "Milosevic"

It really will be a good primer to understanding the tribal underpinnings of everything you are getting into there.

Good luck. And thank you for doing the good and important work that needs to happen there. I did my part with UXO awareness, but that was all I could manage before I got out.