| Pages: 1 [2] :: one page |
|
|
| Author |
Thread Statistics | Show CCP posts - 0 post(s) |
Mme Pinkerton
United Engineering Services
   |
Posted - 2010.09.18 19:58:00 -
[31]
Edited by: Mme Pinkerton on 18/09/2010 20:05:05
 Originally by: Commander Godsmack
but now if I'll humbly point out how my OP was more of challenging the legitimacy of the trustworthiness of auditors which is while similar to the course this thread has started to go down of the point of audits at all maybe if can get some bridge between the two ideas so the OP doesn't get swept under the rug as I'm fairly sure its a much lesser challenged/mention - w/e idea
not much discussion about that topic because there's not much to be said about it.
You are of course right; people are expected to be aware of this potential issue; sometimes pair audits are suggested as a possible solution but nobody ever gets around to actually requiring/organizing these.
As audited offerings have so far not tended to result in large scams, it seems unlikely that one of the existing auditors misuses his position in the way outlined by you (and since we didn't have new auditors for quite some time it seems unlikely that he is still in the rep-building phase of his scam alts) but there is no guarantee that auditors don't abuse their private information and privileged position in this or other ways.
edit: i have tried to advocate a few times that the private information an auditor has access to via the API should be stored away in some automated and secure way, so other auditors can reevaluate it in the aftermath of a scam (to exonerate the auditor or alert the public to any obvious omissions/mistakes in his work); this proposal has been mostly met with indifference or rejection (not by the auditors themselves but by the MD community as a whole).
|
Vaerah Vahrokha
Minmatar
Vahrokh Consulting
|
Posted - 2010.09.18 19:58:00 -
[32]
Edited by: Vaerah Vahrokha on 18/09/2010 20:00:39
Quote:
but now if I'll humbly point out how my OP was more of challenging the legitimacy of the trustworthiness of auditors
No one challenged the legitimacy of Curzon Dax, Riethe, Bad Bobby or Ricdic, they were the gods. And this is a puny excerpt of the long list.
What makes me worse than the above names?
-
Auditing & consulting
When looking for investors, please read
http://tinyurl.com/n5ys4h + http://tinyurl.com/lrg4oz
|
Commander Godsmack
|
Posted - 2010.09.18 20:01:00 -
[33]
Originally by: Mme Pinkerton
Edited by: Mme Pinkerton on 18/09/2010 19:46:13
edit: I am leaving this thread - again no single new argument has come to light, just old arguments (and old fallacies) repeated over and over again...
Am I the only one who can be bothered to recall/reread the numerous discussions during the last 1.5 years on that topic?
If anyone wants to pull off a 720-style scam he has my full support.
edit2: seriously, in terms of available/known arguments nothing has changed during the last few months - what exactly justifies repeating that whole discussion again? there seems to be no new empirical data to consider and no new insights on the advantages or shortcomings of audits either... What has changed that should make us revise the previous conclusions?
I see my thread is being hijacked and being run off with a mainstream bandwagon while sweeping what I was trying to get out in the first place.
Maybe indirectly i'm saying i dont agree with audits but what i was saying is
How is it auditors can be completely trusted?with the information they get?
-----------------
I wasn't hashing the point of that audits don't prevent scams or not - remembering what the op was about and being less whimsical with the bandwagon would be nice
|
Kazuo Ishiguro
House of Marbles
|
Posted - 2010.09.18 20:02:00 -
[34]
Originally by: SencneS
Audits do not prevent theft or stupidity by the CEO.
No sensible person has ever claimed that they do. They serve to thwart only the laziest scammers, with no trading history, or those with some other suspect background (i.e. transfers to alts of known scammers).
The more useful aspect to them, in my view, is in being able to gauge someone's competence rather than their intent, but that still isn't saying very much.
---
34.4:1 mineral compression |
Commander Godsmack
|
Posted - 2010.09.18 20:09:00 -
[35]
Originally by: Mme Pinkerton
As audited offerings have so far not tended to result in large scams, it seems unlikely that one of the existing auditors misuses his position in the way outlined by you (and since we didn't have new auditors for quite some time it seems unlikely that he is still in the rep-building phase of his scam alts) but there is no guarantee that auditors don't abuse their private information and privileged position in this or other ways.
How is it unlikely? Once you have an auditor alt or a few built up you are set - so long as you don't do something incredibly stupid your alts cant get burned just the ones the you use as the face for your heists.
An likewise an "auditor" can make just the same use of alts with the information they get while the clean alts(auditors) remain clean.
As for the time factor idk what to say on that - I don't follow these forums enough to know whos who but I'll retort with the analogy of aging whiskey in a barrel?
|
Mme Pinkerton
United Engineering Services
|
Posted - 2010.09.18 20:15:00 -
[36]
Edited by: Mme Pinkerton on 18/09/2010 20:15:49
Originally by: Commander Godsmack
How is it unlikely? Once you have an auditor alt or a few built up you are set - so long as you don't do something incredibly stupid your alts cant get burned just the ones the you use as the face for your heists.
depends on what you are talking about
copying of business plans etc. - practically nothing you can do to detect or prevent it
scamming with alts - this would result in audited offerings (by these alts) resulting in scams; as we generally don't see audited offerings turning scam I don't think this is happening (unless the auditor is still building up the alt for the final scam which burns it)
|
Commander Godsmack
|
Posted - 2010.09.18 20:18:00 -
[37]
Quote:
copying of business plans etc. - practically nothing you can do to detect or prevent it
What are you talking about? would you be calling a copy and paste scamming?
|
Breaker77
Gallente
Reclamation Industries
|
Posted - 2010.09.18 20:20:00 -
[38]
Originally by: Mme Pinkerton
as we generally don't see audited offerings turning scam (see the data linked above, if you don't believe it look up cosmoray's data which paints essentially the same picture) I don't think this is happening (unless the auditor is still building up the alt for the final scam which burns it)
What about offers that were audited then went on to non audited offers? If those scammed would you still consider that a scam based on being audited or not?
|
Mme Pinkerton
United Engineering Services
|
Posted - 2010.09.18 20:23:00 -
[39]
Originally by: Commander Godsmack
Quote:
copying of business plans etc. - practically nothing you can do to detect or prevent it
What are you talking about? would you be calling a copy and paste scamming?
argh... you are replying faster than I am adding additional points to my posts (but it doesn't make sense to make a new post for each clarification)
The auditor has access to all business details of the auditee (is that even a proper word?) - one of the main concerns cited by business managers who don't want to get an audit done is that the auditor will "steal" their business secrets.
There's nothing you can do to prevent that (and if the auditor is not totally dumb almost nothing you can do to detect it).
|
Commander Godsmack
|
Posted - 2010.09.18 20:24:00 -
[40]
Originally by: Mme Pinkerton
Edited by: Mme Pinkerton on 18/09/2010 20:18:21
Originally by: Commander Godsmack
How is it unlikely? Once you have an auditor alt or a few built up you are set - so long as you don't do something incredibly stupid your alts cant get burned just the ones the you use as the face for your heists.
depends on what you are talking about
copying of business plans etc. - practically nothing you can do to detect or prevent it (that's why - at least before VV - auditing was basically charity work by people who supposedly had no need for additional income)
scamming with alts - this would result in audited offerings (by these alts) resulting in scams; as we generally don't see audited offerings turning scam (see the data linked above, if you don't believe it look up cosmoray's data which paints essentially the same picture) I don't think this is happening (unless the auditor is still building up the alt for the final scam which burns it)
bolded the second part i didnt use in other post
1. I think the data you posted is biased
2. Post como's data
3. Idk if this piont will help my arguement dont really ***** the forums but what keeps being is said is the quantity of offerings; what about the legit vs scam on an isk ratio?
4. Back on topic - whats to stop auditors from using the info they get?
|
|
|
Commander Godsmack
|
Posted - 2010.09.18 20:27:00 -
[41]
lol im doing a fast reply response time on this (my) thread for abit as so to keep this boat from being tipped over and going waaaaay off topic  as was starting to happen about halfway through the first page.
|
Mme Pinkerton
United Engineering Services
|
Posted - 2010.09.18 20:27:00 -
[42]
Edited by: Mme Pinkerton on 18/09/2010 20:34:37
Originally by: Breaker77
Originally by: Mme Pinkerton
as we generally don't see audited offerings turning scam (see the data linked above, if you don't believe it look up cosmoray's data which paints essentially the same picture) I don't think this is happening (unless the auditor is still building up the alt for the final scam which burns it)
What about offers that were audited then went on to non audited offers? If those scammed would you still consider that a scam based on being audited or not?
That's the obvious hole in my line of argumentation but the rogue auditor would still have to be extremely careful not to create a noticeable trend; I did neither say "this can't happen" or "there's no way this is currently happening" but stated "this is a potential problem but imo it's unlikely that this is currently happening".
Can you point towards a scam by a character which had built its reputation based on a line of audited offerings? I don't recall one but it would be interesting to see if any questions regarding the previous audits were asked.
edit:
Quote:
2. Post como's data
It took me about half an hour (searching through approx. 60 sites of eve-search results) to get the link to that first compilation of data (as I didn't know that RAW23 had already referenced it in Machete's thread); time to do some research for yourself. I am trying to help you getting answers to your questions, I am not that interested in convincing you of my opinion that I am going to hand you every single tidbit of information on a silver tablet (I might be prepared to exert some effort in order to point out flaws in SencneS arguments but that's a different thing).
|
Commander Godsmack
|
Posted - 2010.09.18 20:30:00 -
[43]
Originally by: Breaker77
Originally by: Mme Pinkerton
as we generally don't see audited offerings turning scam (see the data linked above, if you don't believe it look up cosmoray's data which paints essentially the same picture) I don't think this is happening (unless the auditor is still building up the alt for the final scam which burns it)
What about offers that were audited then went on to non audited offers? If those scammed would you still consider that a scam based on being audited or not?
Quoting for the purpose to give Breaker the spotlight for their question as well for my own research for me to get while im in town (on forums)
|
Breaker77
Gallente
Reclamation Industries
|
Posted - 2010.09.18 20:33:00 -
[44]
Originally by: Mme Pinkerton
Can you point towards a scam by a character which had built its reputation based on a line of audited offerings? I don't recall one but it would be interesting to see if any questions regarding the previous audits were asked.
Thats just it. I reallt can't think of anything like that. Now if I spent some time digging through the history of MD before my time I might be able to find something.
The closest thing would be EBank, but it was never a public audit, just internal audits, so it's not applicable to this discussion.
|
Vaerah Vahrokha
Minmatar
Vahrokh Consulting
|
Posted - 2010.09.18 20:39:00 -
[45]
Quote:
How is it auditors can be completely trusted?with the information they get?
I have seen this question asked many times, usually in the wrong context.
People try and put investees and auditors on the same boat but they are not.
- Investees may have sensible information stored in their API keys. But auditors include *multiples* of said information in their API key. This requires a different and HUGELY more trustworthy "super-mega-auditor" than normal.
There are not many names I could make that would be eligible for such a task. There is possibly one name of them that still plays and he's not auditing any more.
- Investees are many and come and go. Auditors are few and may "stay" for years. They get known over time in a gradual process and tend to end up being known with their good and bad sides. This makes extremely difficult to consistently lie so well and build up some evil machination.
- Scammers tend to be for the flashy and fast things and to say "SCORE!" once they are done. Auditors are slow going and in something that is hardly a flashy or engrossing profession. This makes somewhat harder for a scammer to impersonate one.
Quote:
The closest thing would be EBank, but it was never a public audit, just internal audits, so it's not applicable to this discussion
I also vaguely remind that the auditor(s) they got decided to quit, as it was too messy to unknot the whole thing.
-
Auditing & consulting
When looking for investors, please read
http://tinyurl.com/n5ys4h + http://tinyurl.com/lrg4oz
|
Commander Godsmack
|
Posted - 2010.09.18 21:00:00 -
[46]
Originally by: Vaerah Vahrokha
Quote:
How is it auditors can be completely trusted?with the information they get?
I have seen this question asked many times, usually in the wrong context.
People try and put investees and auditors on the same boat but they are not.
- Investees may have sensible information stored in their API keys. But auditors include *multiples* of said information in their API key. This requires a different and HUGELY more trustworthy "super-mega-auditor" than normal.
There are not many names I could make that would be eligible for such a task. There is possibly one name of them that still plays and he's not auditing any more.
- Investees are many and come and go. Auditors are few and may "stay" for years. They get known over time in a gradual process and tend to end up being known with their good and bad sides. This makes extremely difficult to consistently lie so well and build up some evil machination.
- Scammers tend to be for the flashy and fast things and to say "SCORE!" once they are done. Auditors are slow going and in something that is hardly a flashy or engrossing profession. This makes somewhat harder for a scammer to impersonate one.
On your first piont VV are you suggesting a chain of command / being of auditors with one uber guy at the top that nobody touches?
Your second point on generalizing and trying to physiologically deduce "scammers" into a segregated group of people makes me cringe but that's a different discussion.
For having to consistently lie? The scammer only really needs to do that for the face of their heists and duration of them
ex. They are using toon X to scam and take 3 months to biuld the street cred = they just need to lie with that toon.
For their auditor alts they just have to conduct regular business - these toons don't have to do that much work aside from start up to get them there.
|
Commander Godsmack
|
Posted - 2010.09.18 21:15:00 -
[47]
Anyways movie tyme for me so i will be letting this thread autopilot itself for a while seeing its gotten more on track where i intended hopefully now its not to get hijacked and rammed into something way off in the clouds.
For those of you just joining - for clarity of this thread I'll again basically what my thoughts are =
Auditors make the best scam alts
and...
How can auditors be trusted with the information they get?
As well as in my OP i asked if auditors get audited even when established
while related to the "whats the piont of audits in the first place" hashings thats not really what was meant here.
Think that should keep this ship on course while i afk 
hasta leugo
|
SencneS
Rebellion Against Big Irreversible Dinks
|
Posted - 2010.09.18 22:18:00 -
[48]
While I don't mind you VV, smart, maybe a little too smart for EVE, and sure sometimes the point is missed on you but I can say the same thing about myself.
1) No I haven't sold my toon.
2) Ricdic had several of his API's constantly logged by EBANK's software, some of his accounts and he had many where not. Assuming EBANK was a fresh start, it would require the auditor to constantly keep an eye on the IPO. Remember EBANK was over a year old when Ricdic scammed. So was T4U for that matter. While both Ricdic and BB scammed, it took a year+ for them to do so. So an audit at the start wouldn't have prevented them from scamming a year later. Your point is kind of invalid unless you VV continue to monitor every IPO/Bond you audit? Which I don't think you do.
3) EBANK's transparency to the public may have been lacking but it did go though some checks. The biggest issue was they where not maintained 100% of the time. Due to the size and complexity a real audit took lots of time. And I've told MD plenty of times in the past that Ricdic and other directors didn't want to be consistently being audited because it consumed a lot of time. Corners where cut, what's funny is, even if it was fully audited 100% of the time, the WAY Ricdic sold ISK for RMT wouldn't have triggered suspiciousness. It wasn't until he tried to unlock the Titan BPOs that it started to look suspicious. Remember, Ricdic was getting tens of BILLIONS of ISK a day deposited and he issued tens of billions of ISK to people daily, here and there often as part of his normal market stuff. Out of everyone his activity would have seemed normal. While I'm sure you'll disagree, if you actually saw his API back when he did full swing honest EBANK stuff, his transaction and journal would fill up daily, which means you would have to had audit 1000+ records a day. EBANK wasn't small and by no mean easy to audit.
While I'm sure if we had Ray's Audit system in place back then we may have noticed poor performance in the usage of the ISK from EBANK, I doubt it would have caught him RMTing.
4) The last part is "Get to know before you blow" theory. I'm a very strong believer in at least understanding what it is before you jump in. You said "They do it in real life and they have no clue about what they are doing.." That is because there are governmental controls in place to protect the general investor. That is completely lacking in EVE. The CEO in real life could steal the company wallet, but he'd be arrested and the money returned. You can be more reckless in real life because there are controlling measures designed to protect you from shady business. The fact every single one of those controls is lacking in EVE means no one should just blindly invest.
You NEED to understand what it is the person is doing, why they are doing it, and any possible effects it may have. I mean WOW, without even the GLIMMER of understanding or basic knowledge of a venture you could literally be DAMAGING your very own Profit centers. Yep people blindly invest enabling the CEO to damage their very own business. I remember when EBANK invested in T4U the first thing that cross my mind was... Wait a second WE'RE doing Titan BPCs.. why should we enable BB to also enter Titan Copy business? These are some of the questions that people SHOULD be asking BEFORE they even consider investing, and you don't need an Auditor to tell you that.
I've made billions off Investing and one day I had a thought that I shouldn't just blindly invest in anything without knowing the consistences. I'm glad I did, while I invested in T4U because I knew EXACTLY what was going to happen, I quickly sold because my gut told me... This will end baddly, and while it took a year, I'm glad I did. But I wouldn't invest in anything that I didn't know what they where planning on doing with the ISK personally. Because even if an auditor says "Yeah it's viable" I have no idea if it effects -> ME <-. That's the most important thing of all.
Amarr for Life |
Vaerah Vahrokha
Minmatar
Vahrokh Consulting
|
Posted - 2010.09.18 23:11:00 -
[49]
Quote:
On your first piont VV are you suggesting a chain of command / being of auditors with one uber guy at the top that nobody touches?
I don't "suggest" anything. As others mentioned, this is a peregrine case of "chicken and egg". I have an idea about who could play "egg" at the moment, but that's it.
I am busy enough *doing*, I leave to others to talk and talk forever, it's not like I can do anything to change the situation.
When I "joined" it was already like this, with the difference that in the past we'd have to "study" and seek for elder auditors teaching and advice.
Since then, this has sort of changed and this is also one of the reasons why I am so selective about new auditors: they don't even seek for advice, they just pretend to open shop and have anyone trust them like that.
Guess what, this usually bites back on them.
Quote:
For having to consistently lie? The scammer only really needs to do that for the face of their heists and duration of them
ex. They are using toon X to scam and take 3 months to biuld the street cred = they just need to lie with that toon.
After 2 years I consistently talk with people not believing in 2 years active auditors and you tell me that "3 months" to build street cred is enough?
It seems a bit unlikely to me.
Quote:
Remember EBANK was over a year old when Ricdic scammed. So was T4U for that matter.
BB is a guy who socially engineered blind trust and never had any check.
Ricdic managed to perform unsecured loans of huge size that should have been "felt" even with no auditor, just an accountant would have detected the risks.
How could none see BIG problems coming, even if Ricdic would have never scammed in the end?
If he had his APIs logged this questions is even more disturbing.
Quote:
Your point is kind of invalid unless you VV continue to monitor every IPO/Bond you audit? Which I don't think you do
I do what it's agreed. Few times I was involved in months long continued performance assessment and I did it. The other times I steer clear from ever querying investees' API keys again after the audit is out, this would be a serious breach of their privacy.
Some change their keys after the audit is over, but most don't, they trust me and I won't disappoint them.
Notice how I can only talk about myself though, these are things I never heard other auditors talk about.
Quote:
While I'm sure you'll disagree, if you actually saw his API back when he did full swing honest EBANK stuff, his transaction and journal would fill up daily, which means you would have to had audit 1000+ records a day. EBANK wasn't small and by no mean easy to audit.
As Bank, you are expected due diligence. If for a number of perfectly valid reasons you could not cope with your size / volume, you should have downsized till you could again.
Quote:
While I'm sure if we had Ray's Audit system in place back then we may have noticed poor performance in the usage of the ISK from EBANK, I doubt it would have caught him RMTing.
Raising bells is really what auditing is about, it's not meant to be the Holy Grail.
In fact, if you are going to recover is because you *changed* and now have these other things in place.
-
Auditing & consulting
When looking for investors, please read
http://tinyurl.com/n5ys4h + http://tinyurl.com/lrg4oz
|
Vaerah Vahrokha
Minmatar
Vahrokh Consulting
|
Posted - 2010.09.18 23:13:00 -
[50]
Quote:
That is because there are governmental controls in place to protect the general investor
Not really.
Controls cover the "best known" routes, securities, situations, but there's a foggy and vast territory with "here be lions" written all over it.
If someone invests in a bond here and it defaults, it'll take years before there's even the first sentence. If there's fraud it'll take even longer.
The end result is in some middle brass being jailed say for 5 years and fined say 1M euros, while the "head" stays free like a bird and enjoys 20M euros minus the 5M he'll give to the above head once he's out of jail.
Many would love to waste some years of their life but then have a tychoon life awaiting them.
In case of riskier securities than bonds, it's even worse.
Quote:
The fact every single one of those controls is lacking in EVE means no one should just blindly invest.
How would you label "RL shadow banking" in this context? When prominent worldwide famous banks form their own, parallel turnover of flawed securities that end up competing with the legit version at peer force?
What happened to the whole world once this crashed? Why did their directors mostly keep camping their chairs and even got raises that made newspapers cry scandal?
Quote:
These are some of the questions that people SHOULD be asking BEFORE they even consider investing, and you don't need an Auditor to tell you that.
And what about Mr. Trader who has 5 spare billions to invest and he sees a shiny prospectus about T2 production with self made materials? Could he use an hand before wasting money in an investment which ended up competing in negative profit T2 large ships PLUS they were also made with the wrong decryptors?
What will very prepared Mr. Missioneer who has 3 spare billions do to make sure the shiny BPO service he's investing in is based on a properly located and fitted POS? Would the investor talk the details about what and how many POS gunners he got and where the POS is?
Quote:
Because even if an auditor says "Yeah it's viable" I have no idea if it effects -> ME <-. That's the most important thing of all
Yet none was there to say T4U was. Odd how those huge scams never have anyone appointed to even *TRY* to check them.
-
Auditing & consulting
When looking for investors, please read
http://tinyurl.com/n5ys4h + http://tinyurl.com/lrg4oz
|
|
|
Breaker77
Gallente
Reclamation Industries
|
Posted - 2010.09.18 23:16:00 -
[51]
Originally by: Vaerah Vahrokha
Quote:
Your point is kind of invalid unless you VV continue to monitor every IPO/Bond you audit? Which I don't think you do
I do what it's agreed. Few times I was involved in months long continued performance assessment and I did it. The other times I steer clear from ever querying investees' API keys again after the audit is out, this would be a serious breach of their privacy.
Some change their keys after the audit is over, but most don't, they trust me and I won't disappoint them.
Notice how I can only talk about myself though, these are things I never heard other auditors talk about.
I can say that as an auditor, I've never went back to "check up" on anyone. Hell most of the time, once the audit is done, the API is deleted out of the programs as with the mail they sent to me.
I already make a good amount of ISK per month doing what I do. Besides that, I know how to crunch the numbers myself and find where the profit is at 
|
Commander Godsmack
|
Posted - 2010.09.19 01:11:00 -
[52]
Edited by: Commander Godsmack on 19/09/2010 01:12:17
Ok few hours away and i see this has gone off topic again - My questions dont want to be swept under the rug by trying to change it to something else do they lol
and VV you sorta dodged my question about a hierarchy of auditors
also
"one of the reasons why I am so selective about new auditors: they don't even seek for advice, they just pretend to open shop and have anyone trust them like that."
If i get this right are you like some person around here that's basically gives out auditing licenses with your word saying such and such is competent to be an auditor?
------------------------------------------
edit - ZOMG text walls 
|
Wako Stargrazer
|
Posted - 2010.09.19 01:23:00 -
[53]
Edited by: Wako Stargrazer on 19/09/2010 01:25:29
RANDOM COMMENT IS RANDOM 
|
AtheistOfFail
Caldari
|
Posted - 2010.09.19 01:26:00 -
[54]
|
Mme Pinkerton
United Engineering Services
|
Posted - 2010.09.19 06:34:00 -
[55]
Edited by: Mme Pinkerton on 19/09/2010 06:39:27
Originally by: Commander Godsmack
If i get this right are you like some person around here that's basically gives out auditing licenses with your word saying such and such is competent to be an auditor?
VV usually has very strong opinions and is not afraid to share them - however, in the end only the potential investors themselves get to decide which auditor they trust (or if they don't see the need for an audit at all).
While some investors might listen to VV's opinions and let her influence their decision-making I am certain that many don't.
She cannot hand out licenses, she only gives recommendations. People always have to make their own decisions.
edit: the "hierarchy of auditors" is a theoretical concept, nothing which exists in practice (there exists a certain hierarchy in the sense that a very new auditor would probably have a hard time to get jobs for very large offerings but that's not related to that auditor/superauditor idea). However, I am not sure how VV's argument for the necessity of a superauditor would apply for basic security checks of auditors who do not provide 3rd party services.
|
Vaerah Vahrokha
Minmatar
Vahrokh Consulting
|
Posted - 2010.09.19 07:47:00 -
[56]
Edited by: Vaerah Vahrokha on 19/09/2010 07:50:39
Quote:
and VV you sorta dodged my question about a hierarchy of auditors
I did not dodge it at all. I presented the issue of chicken and egg and how it's implications.
I presented why imho it's more critical and delicate than the audits performed on investees.
I said that there might one who could "be" a good candidate to be Mr. Egg.
As the only current survivor I can't do much more than that. I cannot implement your hierarchies nor BoDs nor <place here boureaucracy box> because ATM it's a one man thing.
It'd be extremely arrogant of mine to even try and pretend to represent a category and decide *how stuff should be* (instead of just talking about *how I think it is*). I am but a soldier, you want to talk to generals that don't exist.
Quote:
If i get this right are you like some person around here that's basically gives out auditing licenses with your word saying such and such is competent to be an auditor?
I exercise the same right any MD poster has: to screen the new ones sparing no doubt nor question.
After all, I am going to be directly hit by their incompetence if they are bad or dishonest.
And after all, it looks like everyone and their dog are totally free to put me on a burning stake every day but I have no rights?
Quote:
However, I am not sure how VV's argument for the necessity of a superauditor would apply for basic security checks of auditors who do not provide 3rd party services.
I don't claim any necessity for anyone, in fact such superauditor does not exist. Other people want - no, they demand - some brass that magically supervisions auditors.
I just reply how this is a chicken-egg problem and how the eligible names ATM are maybe one.
Also I got those two random thoughts:
1) People who get burned by scams want security. Auditing cannot insure security. Auditing is not even "regulated". So they resort to summoning some Godot who is meant to watch auditors so that they "behave". Godot would provide to their fill of mentally projected need for security.
2) The larger the unaudited scam, the heaviest the witch hunting is done on auditors.
-
Auditing & consulting
When looking for investors, please read
http://tinyurl.com/n5ys4h + http://tinyurl.com/lrg4oz
|
Mme Pinkerton
United Engineering Services
|
Posted - 2010.09.19 07:58:00 -
[57]
Originally by: Vaerah Vahrokha
Quote:
However, I am not sure how VV's argument for the necessity of a superauditor would apply for basic security checks of auditors who do not provide 3rd party services.
I don't claim any necessity for anyone, in fact such superauditor does not exist. Other people want - no, they demand - some brass that magically supervisions auditors.
I just reply how this is a chicken-egg problem and how the eligible names ATM are maybe one.
ah.. you misunderstand - I meant "necessity of a superauditor" in the sense "if an auditor would get audited, this would have to be done by an even more trustworthy party due to the sensitive data in the auditors API logs".
My question aimed at "what sensitive data could be found with the auditor's full API keys?" and the proposed answer was "information on 3rd party transactions/holdings".
Is there any client-related data besides this which would show up in your API logs?
|
Vaerah Vahrokha
Minmatar
Vahrokh Consulting
|
Posted - 2010.09.19 12:00:00 -
[58]
Edited by: Vaerah Vahrokha on 19/09/2010 12:00:39
I can misunderstand, in fact despite it looks like I know English well enough, the less than obvious sentences may indeed cause me to miss concepts.
Anyway, from an auditor API key it's possible (not always, but it is a possibility given the right circumstances) to learn one of more of the following:
- Investees' undislosed characters, usually 0.0 ones.
- Investees' collateral precise location
- Investees' exact collateral items (*)
- Investees' exact BPO collection location (*)
- Investees' exact POS location, in case certain factors happen.
and possibly more stuff.
(*) = the game gives tools to prevent giving out that, with proper management.
-
Auditing & consulting
When looking for investors, please read
http://tinyurl.com/n5ys4h + http://tinyurl.com/lrg4oz
|
|
|
| |
|
| Pages: 1 [2] :: one page |
| First page | Previous page | Next page | Last page |