How come they have every procedural trick in the book, shown to them in the last four years, thrn drop it all the moment they have thr opportunity to use it?

Make them get 60 votes before they can order a pizza for an all-nighter. Turn renaming a courthouse into a month long revival of the Ringling Brothers Circus.

As someone who has to deal with PCI compliance issues, there’s plenty of noob mistakes, out-of-date thinking and outright “let’s log this data for debugging purposes even though if any regulator found out they’d nuke us from orbit.”

There are valid questions, many of which revolve around how and why it’s used.

Some systems have brain damaged approaches to diagnostics/logging, license enforcement, or remote service/update systems that create security holes but are not intentionally malicious.

Security is hard and we should remember Hanlon’s Razor.