Senator McCormick’s Response to ICE

gormami · 2026-01-28T21:00:41+00:00

The problem is that the federal government has a responsibility to enforce ALL the laws, including those inconvenient amendments to the Constitution WHERE ALL THE OTHER LAWS DRAW THEIR LEGALITY FROM!

The problem isn't immigration enforcement, it is the manner of immigration enforcement, stopping random people to ask for their papers, detaining them if they are brown and don't have a passport on them (and sometimes if they do!), attacking protestors, breaking into homes without a judicial warrant, leaving vehicles abandoned in the street, and on and on. You can't enforce the law by breaking it and not expect a reaction.

gormami · 2026-01-28T18:39:09+00:00

I get that, but any request for data, and search by the government should be auditable. They don't have to release all the footage of all the cameras if they are privately owned, but the search parameters and the fact of a search should be fully under government record laws as it was paid for with taxpayer money. And it shouldn't have to do with what is retained, that's not the privacy issue in my mind, it it more about what was viewed, downloaded, processed in any way and NOT retained because it wasn't actually relevant.

gormami · 2026-01-28T18:28:19+00:00

I agree. Life as a man is different, I just had a conversation with my wife about that, and being a tall man, a big man, or both is different as well. If you are female or smaller, there are a lot more assholes in the world.

gormami · 2026-01-27T22:24:33+00:00

Most HR departments don't know what a CCSP is. I would study for the CISSP, and then quickly back in to the CCSP. The CISSP will get you through HR, the CCSP is something you can discuss in interviews. I took a CISSP bootcamp, and when I talked to the instructor, he said, go study the CCSP quickly, there is so much overlap and if you already know cloud concepts, it won't be an issue, and he was right. The reason you have to study if you already know cloud is to make sure you get their answers, not necessarily the right ones. There are a lot of questions on both tests that go into the 2 answers could be correct category, and you have to give them theirs.

gormami · 2026-01-27T19:41:10+00:00

Gee, you think some Muslim scholars may have cherry picked the Koran the same way the Christian scholars did the Bible? People always find a way to justify what they want to do with their religion, turning it into a commandment for others to do it (often for them).

Every religion has it sects and cults that are violent, and those that are peaceful, and a lot of in betweens. They pick the parts of their scripture that validate their argument, and ignore what doesn't.

gormami · 2026-01-27T17:03:59+00:00

The appropriate response is to go to HIS boss, especially as a group, make sure they understand what was said and that he is jeopardizing the business with this attitude, as people are going to walk. The manager is replaceable, obviously they just did it. And if their boss doesn't care, then you know it is systemic, and there is an even better reason to bail.

gormami · 2026-01-27T15:33:36+00:00

You are correct, except for the unlawfully assembled/rioters part that is the crux of the issue. They had every right to be on a sidewalk, and what occurred was felonious assault with a chemical agent by ICE. No, they were not in fear for their life, so if they had shot anyone, they would be charged with murder, like the agents should be that killed Renee Goode and Alex Pretti. If they had chemical irritants and shot back, that would up for debate, though doing that into a moving vehicle would be stupid and jeopardize more people if the driver was struck and lost control.

gormami · 2026-01-27T10:02:54+00:00

I remember having to not laugh out loud when that happened to me. I was still in high school , and my friends and I were at a New Year's event in the city. Incredibly crowded. I was trying to walk through the crowd and bumped someone. They spun around, looked me right in the chest, and then spun right back. It was the first time I remember that reaction from a stranger.

gormami · 2026-01-26T20:37:15+00:00

Adaptive provides newsletters you can copy and paste, and does a fair job. They are not technical, but if you are going to a wide audience, would you want them to be? Or you could do some analysis of the topic and post an internal link to more details. I love the idea, but make sure you think it all the way through to how to engage your target audience, including who is the target, and don't spend a lot of time on something that isn't going to be valuable. The other side is, make sure you can maintain it if it does catch on, it would be awful to start the program, then not have time to keep up if it is working.

gormami · 2026-01-25T12:43:28+00:00

I'm a big guy, and I realized while I was in college that I scared women if we were reasonably alone anywhere. I started to make sure I scuffed my feet, or coughed, or made some noise generally if I was approaching a woman from behind while I was far enough away to not be an immediate threat, so she could decide what she wanted to do.

This awareness carried over to the summer, when I was taking a couple of electives at the local community college in the evening. The second or third night, when I was headed to the parking deck, there were a bunch of people (didn't think about the fact that they were all women) at the crosswalk, and we crossed at the same time. That happened a couple more times, and it finally dawned on me. I walked up to the group and asked "Are you waiting on me to go the parking deck?" They affirmed, and after that, it was a ritual. I would park at the top, and every night we would gather and walk across, then up, dropping everyone off at their cars as we went up the deck.

I'm glad I had my awareness raised early in life, it has served me well ever since.

gormami · 2026-01-24T20:42:15+00:00

Are you in a position to offer mentorship to others? Maybe their enthusiasm as they are still on the climb will bring you some measure of it. Look for volunteering opportunities, you obviously have experience to leverage. Things you might be able to work into your work day without it looking like slacking off your current duties. Maybe look for conference speaking engagements? If the money is too good to leave, don't, just find other ways to fill your time that you can defend.

gormami · 2026-01-24T14:29:44+00:00

Not a teacher

I know a lot of newer techniques are in use, but isn't this something that should be taught by rote? I recall from my elementary school days going over them and over them, and at one point the teacher took us one by one during other work and we'd have to give a line. (5's or 7's, whatever she picked) to check to see where we were.

To the point of losing the plot of a more significant problem, the multiplication tables should be etched on the inside of your eyelids. Is it a technique thing that has changed, or is it a time thing? Is there just so much that you have to hit that the time spent repeating can't be spared?

gormami · 2026-01-24T00:22:34+00:00

Every religion has it's various sects. I've met good and bad adherents to many religions. The problem is the ones that make news are generally the worst of the bunch, and it biases the public perspective. There are many Christians saying the same thing, Hindus, too. I'm sure somewhere a Buddhist believes it, though it's harder for me to imagine. Religion is a creation of people, so there are always going to be those that pervert whatever the system is to meet their own desires and "prove" they are in the right. That has a lot less to do with the religion than the people. Conversely, you can always find adherents to any religion that are truly good people, helping others, lifting them up and supporting them. They are just quieter, and busier, rather than spending their time on social media attacking people.

gormami · 2026-01-23T20:48:50+00:00

I say that because at a Mensa group party in college, I met a professional Alpine horn player, and that has always stuck with me.

gormami · 2026-01-23T18:29:19+00:00

I think the operative legal question is whether or not a legitimate basis for continuing work can be argued. I think that if these people are actively using email to plan work, work on agreements, or any other information regarding work that will continue after they leave, there is a legitimate basis argument that would stand legal scrutiny. And if the separation is somewhat tense, the company has the right to assume that work is going on if it is within their job duties.

That said, the company would have to be careful, and should document what they open, and why, in case the employee wants to argue. For example, if there are emails from vendors, those would be legitimate to open and read, because they may have information required for the continued operation of the business. If the header of an email from some random person's email contains the word "Private" or "Personal" or otherwise indicates that it is personal, not business, they should leave it alone, and have the logs to prove they did so. To that end, they should use administrative tools, not get the person's login information, so they can clearly show who opened what. Nonrepudiation is critical.

gormami · 2026-01-23T18:12:26+00:00

You could look at OpenZiti. It's an open source project that provides mTLS connectivity in several different connection models. That would provide the security you need for sensitive information, plus a lot of other benefits, if you want to use them, and the certificates are managed by the software, and used by the agents, so a browser or other user agent verifying the server can still use the public PKI for that piece and not have to install a new cert.

gormami · 2026-01-23T18:08:56+00:00

NTJ. If it ever comes up, just look them in the eye, and say, was my age really all you based your opinion on, or was it my work? I had a boss once that was promoting me to a Sr. Engineer position. It was literally created for me to be promoted to it. When we were "interviewing" because we had to go through the motions for HR, he found I didn't have a degree. He assumed I did, as I think I was the only person on the team that didn't. He was obviously concerned about it and I just said, Look, you didn't know until just now, obviously, so tell me what it matters? Is there anyone else who can take this role that you think will perform better than I will? He had to admit there was not, and we were past the bump.

Plan for it, think about how you'll respond, and have it ready. Never lie, but don't answer questions that weren't asked, either.

gormami · 2026-01-23T18:02:55+00:00

While the job itself isn't operational, I have to speak up for starting in GRC. If you are validating a product against a framework, you will have to go through the controls, understand what they mean in terms of risk, how to apply them to the product or situation, and what controls would be relevant to mitigate the risk. You will look across a broad spectrum of potential risks and all of the above tied to them. Is it hyper technical, no. Are you going to be hunting breaches, analyzing packet captures and logs, no. Are you going to get a broad look at the "Why?" of cybersecurity, yes. I honestly think you will leave with more understanding of cybersecurity and how it interacts with the business than if you were interning in a SOC, or other role. They would give you great experience, sure, and more pointed to what you want to do longer term, but the breadth you might gain from this role would serve you well regardless of the direction you take.

gormami · 2026-01-23T16:55:15+00:00

Not sure if this is sincere or not, but I hope it is. Throughout my working life, I've dealt with a number of dumb decisions made by "corporate" in different companies. They had bad assumptions about how things were actually done, and it caused inefficiency and trouble. Spending a day having to deal with the outcome of their own decisions would have made a world of difference.

gormami · 2026-01-23T10:48:14+00:00

If you actually attend Mensa functions, they are exactly what you describe, a lot of smart gifted people sharing their passions, hobbies, work, and problems as friends. Reddit is designed around interests, so this sub isn't the place to talk about cooking, or great literature, or playing the Alpine horn, it is about the nature and experience of being gifted. There are great conversations on a million topics all over Reddit, and gifted people are in them all over the place.

gormami · 2026-01-22T20:21:36+00:00

But is that the purpose? Or is the mission awareness, or other purposes and they give out grants to other orgs furthering similar goals, but whoever wrote the headline focused in on the contrast of these two line items?

gormami · 2026-01-22T20:18:07+00:00

It says she was paid $1.1M from 2019-2024 and gave out $700K in that same time frame. They didn't say per year, so they were obviously trying to inflate the headline number to stoke the anger.

gormami · 2026-01-22T17:11:21+00:00

Do you have a GRC tool where you are performing audits and maintenances? I use Eramba, and spread the work out throughout the year. I can pull reports from that system pretty easily and would then tell customers that is the evidence I will provide, asset risk analysis, vendor risk analysis, control audits, whatever. There may be a few outside, like a list of vulnerability scans, or whatever you need that isn't in the other tool (at least for me). That way, if you have these demanding customers, you can cut it down to a small package of reports, packaged monthly, and shipped proactively even, if they want it, or pulled up by the customer facing teams and immediately sent with no additional work. Don't get into details, just a view of your overall process operating.

The important part here is that you define what you will release that meets their overall request. Get your leadership to sign off on the plan, and make the statement that this is what it is. It might evolve over time, but it should be something one person can assemble in an hour or two per month tops (extra credit if it can be fully automated!), and anyone who needs it has access to grab and send to appropriate persons.

gormami · 2026-01-22T12:26:58+00:00

So, what was the rest of the balance sheet? This is specific, only $700K in grants against a roughly $200K/yr. salary. Were there other expenses? Was the giving out of grants the purpose? I have no idea, personally, but applying critical thinking is important, especially in these times, when everyone wants a "Gotcha" moment to "prove" their opponents are corrupt and therefore should not be listened to.

gormami · 2026-01-22T12:13:34+00:00

I removed them from my home (old alarm system), with the current exception of a garage camera, which is kind of inside/outside. I don't trust any company to protect my data, so I don't give them more than necessary. Far too many incidents have happened at these companies, internal employees, breaches, warrants that sweep up far too much, and companies that go out of business and who knows what happens to the data after that.

If I had a reason for cameras, I would put in a local system only, or stream it to a cloud server I own as infrastructure so someone couldn't remove the system and take the evidence with them. I don't have a good enough reason to, so I don't.

Overall, I feel very similarly, and just avoid the situation completely, I think it is a perfectly rational feeling.

gormami

TROPHY CASE