To some extent, but I also think people severely overestimate what it takes to be notable. We live in such an extreme consumer culture that even a small amount of effort added to what you are already doing will set you a part from a lot of people. That doesn't necessarily mean you get a visa or that it is possible in every snarky field. But if you can write, speak, organize things, help people out and have a good attitude about it, showing up counts for a lot.
This seems to be mostly about random startup topics e.g. "how do I sell my product?", a little bit about hardware startups and not a lot about "hard tech". Which they also seem to define as essentially "traditional engineering".
There are reasons to believe that the free market isn't healthy at all when it comes to labor. Low salaries for low-skilled labor enable companies to delay modernization, automation and other increases in efficiency. High salaries for high-skilled labor creates inflationary spirals for things like housing.
There is absolutely reasons to believe that equalizing pay, across companies rather than occupations, could be part of the solution. Less efficient companies underpaying their employees would fold. More efficient companies would get more money to hire even more people. Prices would stabilize, careers would likely be more predictable.
This was part of economic policy in Sweden in the ~1960s and as far as I can tell generally considered successful. Though it will, and did, also created large wealth inequality without other measures.
> Low salaries for low-skilled labor enable companies to delay modernization, automation and other increases in efficiency.
I don't see that modernization or automation have been kept back in the US due to unequal wages.
They are "kept back" until the exact moment they become cheaper than human labor, then they effectively take over.
> High salaries for high-skilled labor creates inflationary spirals for things like housing.
High salaries for anyone create inflationary pressures. In fact, high salaries for a relatively small group would do this far less than paying everyone more, as the article suggests.
I'm wary of government intervention in the market because every case I've examined deeply enough turned out to be a failure.
would you call federal and state-mandated minimum wages, which generally allow service and low-skilled workers access to a decent home somewhat near their place of employment, a failure?
high salaries create inflation at different rates for different groups of people depending on their marginal propensity to consume. if you give $5k to someone living on $20k vs $200k annual income, the $20k person is much more likely to spend most or all of that $5k on food, housing, etc. - variables that directly affect inflation. the $200k person may invest it or save it in a bank account, removing it from M0 and M1 so it doesn't show up in the inflation statistics, or in the price you pay for staple goods. this is a large part of the reason we're not seeing any inflation today even though unemployment is historically low - there are no wage gains going to the lower earners who have a high propensity to consume and spend.
there always has to be a balance between those who own the capital and those who work the capital for society to function. otherwise the free market functioning without any ethical or moral underpinnings would return us to slavery - ownership of other human beings as just another form of capital
> if you give $5k to someone living on $20k vs $200k annual income, the $20k person is much more likely to spend most or all of that $5k on food, housing, etc.
That would normally be the case, but I would argue that salary and housing has a strong connection in places like SV. People need to get a certain salary to be able to stay (and start a family) in the Bay Area. Which means that people have a high incentive to increase their salary and that some of those who don't have to leave. As overall the people who stay have more and more money the cost of housing increase, in turn giving people even more need to increase their salary.
That would all normally stop at some point, but since so many wealth companies centralize in the Bay Area the spiral continues.
sure, housing costs are extremely inflated in SV, definitely a reality
i'm talking about inflation and marginal propensity to consume at the national level. not sure what inflation looks like in SV - how much does your average fast food meal run you in mountain view?
i think it's also worth noting the effect of the internet on who owns property and where they are able to own and effectively maintain it. as well as the rate of return on real estate vs. market interest rates of "safe" investments and why the two have diverged so drastically
Could you summarize, or mention a few? Because I struggle to see much of any merit to the article. It starts out with scare quote even in the first paragraph which is, if not just outright bad, criticized enough to be a faux pas in itself. It continues with rhetorically embellished opinions about the book, which most of us haven't read. Then presents a bunch of numbers that we again don't know if they are particularly relevant. Finally it spends most of the rest of the article discussing other theories that the author prefers.
I would expect an analysis like this at least partly present the theories discussed in the book in a relatively natural light to then discuss those theories.
> It starts out with scare quote even in the first paragraph which is, if not just outright bad, criticized enough to be a faux pas in itself.
I suggest reading the introduction to the book in Amazon. Plenty of "scare quotes" there too, just pushing an opposing narrative. Maybe the tone of the article is reflective of the book rather than a bias people seem all too quick to ascribe to the article's author (although the author is almost certainly biased too -- we all are). I'm not sure the article has embellished much given the introduction.
The article actually points out the book's main bias, "Chang does not consider any alternative theses that might cause gender disparities in occupational sectors." People attempting to analyze an issue with a narrative already firmly in mind is all too common, and the signal to noise ratio on this subject been getting worse. This book appears to be more of the same. I've done a lot of reading on this issue, and the book's intro and this article reflect a common narrative that can explain only some of the data rather than following where the data leads.
The article cites a few books by professional psychologists that discuss gender differences at length. That's where you'll find better data and better theories to explain the data.
As for other good points in the article:
1. I think the article is correct to point out that tech is getting an unusual amount of attention given the gender disparities in other fields. I think people with a feminist agenda see tech as a big lever for social change because of how pervasive tech is in our lives. Adopting that agenda will have upsides and downsides, but we should always be wary of agendas, because they are by necessity blind to effects outside their narrow scope. This agenda is often couched in phrases like "diverse teams always outperform non-diverse teams". If that were true to any meaningful degree, then there would be no need for any explicit action on our part because compensation for diversity would reflect that.
2. The article is also correct to point out that redistributing work means taking women out of other sectors and displacing men to other sectors (although obviously hyperbolic in suggesting we just swap with nurses), and this change won't necessarily lead to better outcomes overall.
Finally, consider the obvious question: why is it necessary to "break up" the boy's club in tech when we clearly didn't need any such call to break up the boy's clubs in medicine or law. Arguably, they were far more insular and sexist, but women broke into them anyway and achieved gender parity. But note that while those fields overall are roughly gender equal, the genders have still segregated themselves into various specializations, eg. surgery is still male dominant, pediatrics is female dominant. The sexism narrative can't explain this, but the works by the psychologists the article cites actually can.
This is one among a few data points that tells me who is more closely pursuing the data, and who is pursuing a narrative. Anyway, I could trot out plenty of citations on this, and I have here on HN in the past, but there's little point. It almost always devolves into pointless squabbling.
> I suggest reading the introduction to the book in Amazon. Plenty of "scare quotes" there too, just pushing an opposing narrative.
I don't see the relevance of the tone of the book. Especially not if the author of the article suggest that his own arguments have more merit. Nor does the introduction of the book [0] actually seem to have many scare quotes. A scare quote is when you question something by quoting it, most often without elaborating. That isn't the usage of quotes in the introduction of the book as far as I can tell, it is the usage of quotes in the article though.
> I'm not sure the article has embellished much given the introduction.
Again I don't see why it is relevant what the book does nor that this is actually the case in the book. Things like "colourful mud-slinging on the basis of anecdotes" and "can be dismissed as lurid gossip" is certainly just that and present in the article. If it was true that Brotopia only contains anecdotes that can easily be dismissed then why do we even need the rest of the article?
> The article actually points out the book's main bias, "Chang does not consider any alternative theses that might cause gender disparities in occupational sectors."
Since we don't really get to know what the theory of the book is in the article I don't think that is that relevant either. When I read an "analysis and review" I want to know what the theory of the book is and its merits. That the author of the book didn't consider a specific theory might be an argument in the overall discourse, but isn't necessarily relevant for the merit of the book's argument. Unless it can be specifically tied to what the book is actually saying.
> That's where you'll find better data and better theories to explain the data.
If he wants to discuss the overall issue, and not just the book, there are plenty of other research studies one could and should refer to.
> I think the article is correct to point out that tech is getting an unusual amount of attention given the gender disparities in other fields.
Again I don't see the relevance since we are talking about a book on this exact issue. How do you correctly measure the amount of attention something should have? I would say it is pretty safe to skip that discussion all together and just argue the issues instead.
The majority of these points have now been about other things than the contents of the book in question.
> The article is also correct to point out that redistributing work means taking women out of other sectors and displacing men to other sectors (although obviously hyperbolic in suggesting we just swap with nurses), and this change won't necessarily lead to better outcomes overall.
Even from the scare quote summary earlier in the article I can guess that the book argues that this should happens because the state of the boys club isn't the natural state, but an injustice. You could certainly argue that that doesn't matter, but then you would also have to argue against being a meritocracy.
> why is it necessary to "break up" the boy's club in tech when we clearly didn't need any such call to break up the boy's clubs in medicine or law.
Didn't we? In these discussions people tend to argue that medicine and law is much more formalized and that it therefor is easier to effect change from the top. Since the book presumably is about the informal structures in technology that seem like a relevant argument.
> But note that while those fields overall are roughly gender equal, the genders have still segregated themselves into various specializations, eg. surgery is still male dominant, pediatrics is female dominant.
Which largely isn't the case in technology i.e. its an overall problem not in specializations.
> The sexism narrative can't explain this, but the works by the psychologists the article cites actually can.
If you, like the article, dismisses the book in favor of a particular study that might be the case, but that just isn't a very strong argument. To make that a strong argument you would have specifically address the points, and the overall thesis, of the book and then make a counter argument based on that. That is exactly what I would expected and didn't get from the article.
> Anyway, I could trot out plenty of citations on this, and I have here on HN in the past, but there's little point. It almost always devolves into pointless squabbling.
I am not asking to write as long as you did. I much prefer one or two points and we could argue. I just don't think there is much support for that in this article which is exactly what I argued in my previous comment.
I'm not going to address all your points since as I said, these discussions tend to go nowhere, so I'll only reply to some specifics about motivation and appropriateness of the author's review:
> If it was true that Brotopia only contains anecdotes that can easily be dismissed then why do we even need the rest of the article?
Clearly because the viewpoint presented is not going away and is taken quite seriously.
> Since we don't really get to know what the theory of the book is in the article I don't think that is that relevant either.
I'm not sure why you say this. The article is pretty clear what the book's theory is: sexist, explicitly exclusionary practices are why women are avoiding tech.
> How do you correctly measure the amount of attention something should have?
By consistently applying the principles espoused by the book, in this case, gender parity. Inconsistency entails special pleading or an agenda that isn't necessarily honest, which reveals implicit or explicit bias.
> The majority of these points have now been about other things than the contents of the book in question.
That's a fair point, but I'm not sure I'd expect anything else considering the subject is a contested social issue and the book is a call for forceful and radical change.
> Which largely isn't the case in technology i.e. its an overall problem not in specializations. [re: gender dempographics]
That's not actually true. There are plenty more women in project management positions than there are female programmers. Which is tangential to the point that a sexism narrative can't explain such voluntary gender segregation, while alternative theories fair better on this measure.
> To make that a strong argument you would have specifically address the points, and the overall thesis, of the book and then make a counter argument based on that.
If the article is accurate that the book did not present any other possible explanations other than overt and implicit sexism, then the article did just that.
I abandoned my "mhjas" account, but I'll write a final comment.
My main critic of the article is that it doesn't address the arguments the book is making, but instead dismisses them.
If one person says "chocolate ice cream is the best because it has so much flavor" a merited response isn't "chocolate sucks, vanilla is pure flavor". That is just an opinion. A response containing argument would be "the chocolate flavor overpowers the taste of the cream, vanilla is better since it has a more subtle flavor making it more balanced". Now we as readers can decide among those argument, or make our own.
That is what we should get from the article. He should address the specific points made in the book. If sexism is the main point of the book, he should address that. He can't just dismiss those things by saying "toxic work environment" and "sexism" in quotes.
The entire part of the article addressing the book can be summarized as with this sentence:
"The point is simply that the complaints data does not suggest that Silicon Valley is “rife” with sexual discrimination and harassment or worse than California more generally. On the contrary, Silicon Valley seems better than average."
Not only isn't that very interesting, but as others have pointed out actually misguided. He doesn't perform any sort actual analysis of even the numbers presented, nor does he compare them against other sources. He doesn't explore the demographics, the consequences or the meaning of the data. These number could be explained in many other ways including but not limited to that more men in the workforce leads to less complaints, more white-collar jobs leads to less complaints, more unbalanced gender leads to less complaints, tech companies handle more complaints internally or that there isn't actually less complaints when properly analysed.
> If one person says "chocolate ice cream is the best because it has so much flavor" a merited response isn't "chocolate sucks, vanilla is pure flavor". That is just an opinion.
A flawed analogy. A more faithful analogy would be someone claiming "chocolate ice cream is the most preferred flavour the world over", and the article's response is akin to "they didn't even ask people if they liked vanilla". That is a proper response to the original claim. Even if he were to add a flawed analysis like, "over half of the 50 people in my neighbourhood preferred vanilla", that doesn't change the fact that the core of his rebuttal is still correct.
You are correct that the article's math isn't definitive, but it doesn't need to be (and he should have left it out IMO). The article claims that the book is simply a narrative backed by anecdotes, and if that's the case, then all the reviewer needs to do to undermine it is present an alternative narrative that's equally or more plausible, which he did. This narrative is justified by actual data and so is already more than the book (allegedly) provides.
> These number could be explained in many other ways including but not limited to that more men in the workforce leads to less complaints, more white-collar jobs leads to less complaints, more unbalanced gender leads to less complaints, tech companies handle more complaints internally or that there isn't actually less complaints when properly analysed.
So it sounds like you have mostly the same qualms with this review as the reviewer has with the book. Except a) the standard for books should be higher than book reviews, and b) if you disliked this analysis, then you won't like the book which the reviewer claims is even sloppier, so he succeeded in conveying that you wouldn't like this book.
> Here is a study finding that sexual harassment is a problem in workplaces and professions similar to those in SV
No one's denying that women experience sexual harassment. They no doubt experience such harassment in every field. The questions surrounding STEM specifically is whether harassment or other such sexist factors meaningfully affects female retention. That is not so clear, and as I mentioned earlier, women have staked their claim in even more competitive and aggressive fields.
We should endeavour to reduce harassment and sexism everywhere as a matter of principle, but the loud saber rattling implying that harassment entails lower engagement, particularly at the levels seen in STEM, is simply unjustified.
I mostly disagree. Saying "this should be like that" isn't a problem. When you are saying "this should be like that because it is proven by x" you have to actually prove your theory for it to be valid. Anecdotes and emotions can be valid in opinion, opinion can be valid in reasoning and reasoning can be valid when presenting facts. What you can't do is to mix together emotion or opinions with facts, at least not without bridging the gap. And that problem is in my opinion much larger in right wing discourse.
Edit: On second though it is very unlikely we will have a productive discussion here. People never seem to have been able to handle this type of discussion on HN and judging by the response this isn't the exception.
So since the quality of both the article and the comments are low I would instead recommend people to flag the story.
I don't really see why everyone is calling this implausible. Modchips have been around for at least 15 years. The idea of the clipper chip is 25 years old. At every hacker conference there are people "hacking" devices by various buses or interfaces.
If there is anything working against the Bloomberg story it is that it is too plausible. Often reality clashes with imagination, but the Bloomberg story contains almost everything you could imagine happening.
It isn't implausible because of it being difficult and expensive, its implausible because there already exist much easier, cheaper, and (arguably) harder to detect ways of subverting SuperMicro motherboards.
As a bonus, subverting the BMC firmware is much harder to trace to the source since it could be injected by in so many ways by so many different people.
Why use a thermonuclear device when a hand grenade accomplishes the goal?
I just don't think the relationship between those two things you are describing exists. If the Chinese government approaches a Chinese manufacturer with the goal of compromising US software companies adding some sort of chip that reconfigured the hardware would be the most straight forward thing for them to do.
If anything I think the idea that a Chinese manufacturer with complete access to the hardware having to execute some exploit towards the web interface to get access is far fetched. So is that you could pretend to update the firmware (surely no one is going to notice that the new version doesn't have the features you wanted?) and that dumping the firmware would be inconvenient (it would be the first thing you did if you suspected something).
The "chip that reconfigured the hardware" is already built in; it's the BMC.
All the Chinese government has to do is go to the factory and tell them "flash the BMC firmware with this image" where the image is subverted (but operationally indistinguishable) BMC firmware. It doesn't get much more straight forward than that.
There are attacks where flashing a malicious firmware on to the device prevents real firmware flashing (just updates version numbers, re-infects the flashing payload on write, etc). However, those attacks can be mitigated by physically connecting to the flash module and writing to the device directly through SPI. If you've got a chip between the BMC and the flash memory as the report suggests, it can re-infect the memory even when you're done. You could even read the contents of the flash memory directly and find no evidence of the attacker, as the attack code might never actually write to the memory and may only load when the BMC boots and attempts to read from the flash memory.
It is straight forward to compromise the BMC, it isn't straight forward to hide a backdoor in the BMC in front of some of the best security researchers in the world. Especially with such attack being well known and seemingly trivial to check for.
the very arguments the article gives to shun off this attack is what i think makes it very possible and the best option. Scale.
NSA demand backdoor on CPUs. other States figure out how the backdoor works and how access to it is allowed on the silicon. Instead of attacking ever changing firmware and whatnot, just develop something that will work on that authentication component of the always-present backdoor. The backdoor interface won't change so often as it is dictated by the NSA and likely designed by a committee.
Done. Now the economies of scale allow you to just place that one component, which will work all over the place, for a very low price/complexity (all you really have to do is to place it in the input signal for the CPU and all it have to do is to filter a very specific pattern. the rest is just visual and camouflage).
This also gives you the benefit of not having to work a payload for your attack depending on capabilities. You will always have the same capabilities. It makes perfect sense. And makes it extremely cheap!
Often reality follows [somebody's] imagination - i mean you have those think tanks where people sit and imagine things, and the sponsoring agencies like CIA/Pentagon/NSA or their foreign equivalents take many of that and implement. Many people everywhere had the thought of full remote control of the computers - Intel implemented it as Intel ME feature of CPU because Intel controls CPU. China controls motherboards, so they did on the motherboards.
How much has the US spent on the F-35? How much has China spent on making artificial islands? Yet engineering a chip and bribing/threatening a few factory workers is beyond the pale?
Bloomberg's claim is that a miniature device used for RF analog electronics was coopted and inserted into a board that would never have such a part designed in. This requires modifying the board artwork, the pick and place config, any automated inspection and test equipment, and adding a foreign part reel to the supply chain.
It is much easier to compromise firmware directly or modify ICs that are already part of the design. The risk of being caught is much lower and it would be stupid to attempt anything more elaborate.
Or, they could run their own fabrication facilty, where they can exert total control over the production line, in total secrecy, and you'd never know the difference, or notice a sacrifice in the fidelity of replication.
Think that's impossible? Not at the nation-state level. Not in communist countries where everything is property of the government by default. Not in capitalist countries like the United States, where entire nuclear facilities are replicated in secret. [0]
Not in capitalist countries like the United States where you can just contract a manufacturer to produce the board you want. Even parts acquisition becomes a job to be done. As long as the producer dosn't know (or even does know but can be silenced at the right level) then really, once the actual design is in hand and assuming the parts aren't too hard to get there's little to stop someone from producing a board just like a board produced elsewhere.
I just don't get the narrative. I can appreciate walking away from, and not being part of, something you don't like. But at that point the damage was already done. Seemingly they main thing that was achieved here was making the cost of the acquisition $850M cheaper for Facebook.
I read the $850m being well after acquisition. It was an attempt at hush money, and he didn’t sign on. He’s a multi-billionaire, and values being able to speak opening over a bit more money.
In support of that point, from the article: "He also reveals that when he left the company, he declined an offere [sic] of $850,000,000 in unvested stock in exchange for signing a nondisclosure agreement that would have kept him from discussing any of this."
> The parent was arguing that security is hard [...]
It isn't though, at least not compared to the state of things. Pretty much any government would be competent enough to mandate some sort of two-factor authentication that would greatly improve security and make a lot of phishing and hijacking a thing of the past. Of course different governments would have different success rates, if not in terms of security at least in terms of elegance. But that is like everything else. People die everyday by the lack of road safety and healthcare.
I used to work in the security industry, I've seen what government compliance looks like. Regulations usually sound logical and great from a shallow analysis but once you've seen some implemented you'll realise they're often atrocious at achieving their intent.
I'm not trying to say that regulations can't and never work, just that most of the time they don't because they're extremely hard to get right. They suffer from the same problems as law - it's extremely difficult to codify intent. Couple that with the fact that lawmakers usually have very little awareness of technical details. Say for example they do in fact mandate 2FA for all banks. But then all banks rush out various implementations to meet the requirements. Some provide SMS-based solutions which have known security risks, some provide codes that don't lock out, some do everything right but now people who can't get a 2FA app (those who don't have smartphones for example) can't access online banking any more. There are accessibility concerns. In the meantime, the security industry has finally cracked federated identity, but banks can't offer it because all access has to be through their 2FA solution.
Obviously that's a fairly bad-case (though not worst-case) example of how things could play out, but I think it serves to prove my point that "just force them to do X" is not always a sound approach. Well-designed regulation using sufficient consultation with experts (actual experts rather than snake-oil consultancies) and with a view to the future and how the state of the art might change can be effective (though still not flexible enough to accommodate exceptional circumstances) but that's the exception rather than the rule.
> Say for example they do in fact mandate 2FA for all banks. But then all banks rush out various implementations to meet the requirements. Some provide SMS-based solutions which have known security risks, some provide codes that don't lock out, some do everything right but now people who can't get a 2FA app (those who don't have smartphones for example) can't access online banking any more. There are accessibility concerns.
I'm not qualified to speak on this subject, but these are excellent points. Could you expand on any other implementations that sound like a great idea on the surface, but would have limitations? It sounds like accessibility is just one of many concerns. I'm itching to hear more.
those are just off the top of my head, and I'm not an expert on 2FA either. If we're talking about alternative solutions to someone logging in as someone else, you still have to provide a "2FA" solution because "2-factor" is a description of the problem to be solved (the multi-factor authentication problem) - to prove who you are in high-security situations it's insufficient to just provide something you know i.e. a password, because someone else can learn that thing. Thus you must provide "something you have" ie. proving you possess your phone via 2FA apps, or "something you are" via biometrics a la faceID. There are alternative solutions to this like USB 2FA tokens or those little pin-pads that banks provide you that are already required by most banks in order for you to access your account. Other options are proving email ownership via access links like slack does, automated phone calls, probably some other venues. But the fundamental requirement to boost password security is to provide a non-knowledge-based proof of identity.
How to regulate this is up to each and every country, just like it is up to each country how to regulate things like pollution, traffic and infrastructure.
That a bank who can't handle security compromises their customers user experience rather than their customers security is a good thing.
The reason the regulate these things aren't because it is fun. It is because there are fundamental security problems that needs to and will eventually be fixed. Companies like Apple have largely already, or at least potentially, fixed these problem just only for themselves. If you want to fix it for everyone you very likely need some sort of mandate.
> That a bank who can't handle security compromises their customers user experience rather than their customers security is a good thing.
Why do you say that? It's only true if the cost of breach of security is actually taken by the customer. The alternative is that banks are required to rebate customers for fraud caused by poor bank security, which makes sense to me because it provides financial pressure for banks to beef up security while at the same time leaving in the flexibility to define how that security is improved. It's "here's the problem you need to solve" via financial pressure, not "here's the solution you need to implement" via mandate.
Oh yeah ... I see it now. Instead of the "do you accept cookies" in your face idiocies we now need to identify ourselves using 2 factor authentication on every website.
That sounds SO great.
Obviously there are no realistic security measures that are 100% effective. All this will amount to is further cementing the power of large internet companies. You know this, so why ask for it ?
"Do you accept cookies" is only relevant because there isn't a separate login mechanism in HTTP. Actually knowing whether you are sharing data with the website, and what website that is, would be a major improvement. Security measures don't have to be 100% effective. Just like road safety you should focus removing the impact of flaws, not to prevent flaws as such. A separate authentication mechanism would remove a large amount of security issues, including potentially phishing and password leaks entirely. These common security issues of compromising the system of the user or the company would simply not have the same impact anymore.
A not insignificant part of the large Internet companies power comes from that they are the only ones who can handle, or people trust to handle, security. It isn't that hard today to create your own e-mail system or smart phone. But managing those systems, especially for a reasonable cost at scale, is just beyond what most new entrants in the market can handle.
Government mandated authentication mechanism. This question is almost a joke: what could go wrong ?
Everything can go wrong.
> A not insignificant part of the large Internet companies power
So it's about breaking the power of large internet companies ? Figures. Can we please do that WITHOUT destroying the web ? The last regulation that tried to break the power of large internet companies was the GPDR, and that has significantly entrenched the position of the large internet companies instead, while creating a ridiculous amount of inconvenience for everybody. This ... will do the same.
People WANT to share that data. Or perhaps I should say, they want the things that happen when they do. Quick searches that get them the products they want, on Google, on Amazon, on clothing shops and on tons of small webshops. Even the obnoxious image ads. People want them.
That means that a login mechanism will just be an extra hurdle with zero of the effects you want.
Taking an argument to its extreme is bound to make it seem ridiculous. Certain websites require certain levels of security. Not every govt building has troops with war grade guns waiting them.
I can't disagree from a technical perspective, nor should everyone else. But that just isn't that relevant. Sure, you could hack the entire world 20 years ago, but there just weren't that much impact.
If you read almost any constitution they protect "life and liberty". Today those things are being impacted by a lack of security. Peoples messages, private pictures, assets, infrastructure, opinions and even geopolitics are all affected.
Yesteryear the most you could do was largely to expose someones password, read their university e-mail and steal some source code. Relative to the impact security is a lot worse today.
