It's too easy for a fall guy to get volunteered. The media should be *questioning* the placing of blame, because that often uncovers a more interesting story.
@rysiek @erosdiscordia I guess I over-specified. I really just meant to say "The management mismanaged the security" instead of either fingering a specific individual or instead of the responsibility-avoidant language of "The security was mismanaged..." But this is all semantics which is overshadowed by both of your very good points. 👍
But that's also kind of my point. Blaming "management" for every breach that happens is somewhat silly, we can agree on that. It's *still less silly* than constantly blaming some mythical "hackers". And that keeps happening all the time.
I do prefer nuance, but if I can't have that, I'll go with "management".
@rysiek @darrenpmeyer I think a back-to-front laying of blame on management is pretty unfair. It needs to be more nuanced within the company, of course. But in terms of press coverage, would an assumption that management is to blame be harmful? Generally I think it would be the most socially positive tack. Just my two cents. I'd probably feel differently if I were a manager. ;)
And yet, between criminal attackers and negligent management, it's still the magical unnamed "hackers" that constantly get the blame.
And I am just not okay with that. It paints security researchers as cybercriminals, lumps government-sponsored advanced persistent threats with wonderfully creative techies doing art in random basements, and justifies persecution of people like Aaron Swartz.
This is simply unacceptable.
@darrenpmeyer @erosdiscordia you can insist all you want that those who make negligent decisions leading to security breaches (and then walk away with fat bonuses anyway), and the customers, users, and patients whose data gets stolen and milked for years, are both "victims". I ain't buying that.
So, just to be clear: nobody is suggesting blaming the victims, because management in such major breaches (such breaches that would grab media attention) is almost never actually a victim.
A bunch of technomancers in the fediverse. Keep it fairly clean please. This arcology is for all who wash up upon it's digital shore.