* Posts by Billy Goat Gruff

53 publicly visible posts • joined 2 Nov 2007

Page:

Aussie convicted over Simpsons sex pics

Billy Goat Gruff

Why was he arrested?

Was he arrested for another reason, they searched his computer and that's the best they could find, so they prosecuted him rather than admit a mistake?

Or did they get a tipoff that he had Simpsons pictures, and arrested him and searched his computer?

Stormtrooper helmet sales still legal in Britain

Billy Goat Gruff

This is absurd

Doesn't the judge realise the man broke US law whilst in the 51st state? Furthermore it's fraud, and they include goods which are likely to be useful to terrists.

Brown should extraordinary rendition the fraudster *and* the judge and set an example to the so-called judiciary that they are not above the law!

San Francisco's 'rogue' sysadmin still being paid while in jail

Billy Goat Gruff

What's illegal?

You are the only one with admin passwords

A senior manager sacks you and you're escorted off the premises

He realises the ex employee is the only one with a password and demands it, threatening all sorts.

The ex employee feels no obligation to help and says he will invoice for his time at $X per hour to help them.

The council get him arrested, because, face it, if SF is on it's knees, they can do that.

He is given high bail because he has done nothing wrong, and is perfectly entitled to leave for a holiday.

All the rest - locking out of systems etc just sounds like the senior manager's story to me...

I bet Mr Childs is rather hoping for an inquiry... and he may be wrong or right but good on him for facing down the bullies.

Asda declares baby's arse 'pornographic'

Billy Goat Gruff

@Mike Brown

Well, the beeb quotes ASDA as saying a star could be put over the 'offending' area. And I have an issue with the description of her baby's bum as being offending. Offensive? To whom?

Why not ban all photographs with nudity? So you go to Asda photo-developing and get 'CENSORED' over any offending skin? Aren't the photos just as 'offensive'?

My initial thought, like yours, is that we must be protected from ourselves. We are not capable of making our own judgements and decisions and need to be guided to do the inoffensive thing.

Then, however, I realised I'd be offended if I had a photo banned for offensive reasons and I realise I can't think for myself anymore.

Now if only the govt would enforce the pornography laws on all nudity then there wouldn't be any grey areas to confuse us,

It might be difficult to change clothes without being nude and I don't think they'd go so far as to check your bedroom, unless they suspected you were a paedoterrist - and clearly illegal nudity of that sort would confirm you were - however I don't see why we need one rule for cakes and another for photos and another for people.

Teen battles City of London cops over anti-Scientology placard

Billy Goat Gruff

Banning scientology is as bad as banning placards

I'm amazed at how many people think protesting against a cult is free speech, and right.

But saying there's a God and he's an alien is not free speech and it's wrong.

So, it's a cult. So what. The principle of free speech is that it will live or die on it's merits. If it does something illegal like give backhanders to the police, judiciary then let it live and die on that.

Received opinion. Like wisdom, only for sheeple.

Life a mess? The Moderatrix can help

Billy Goat Gruff
Thumb Up

@2b||!2b

Never mind, I licked them. Let me know if you're interested and I'll tell you what they tasted of.

Billy Goat Gruff

2b||!2b

I'm not sure where my fingers have been, should I lick them?

Retailers risk libel nightmare over 'no-work' database

Billy Goat Gruff

@Missing the point, Ser Goat

I think you maybe right - I have missed what everyone else is saying.

I haven't put character references in a CV since I left school. Well I haven't written a CV for 20 odd years... but when I did my job-hopping I never put 'referees' in, which kind of implies none of my previous employers were ever contacted. Clearly I should have put much more impressive job titles at completely different companies. Oh well, you live and learn.

My impression of a reference, for permanent employment, is when they contact your previous employers for confirmation and just to check they haven't got anything bad to say about you. The only companies that do this checking, btw, are the ones I learned to avoid because they take bureaucracy far too seriously for me...

If references are just selected referees, like a builder or a nanny uses, then my point is bollocks. If references include any and all previous employers then my point stands.

Billy Goat Gruff

@Anonymous Coward

"So how widely knowledgeable would you have to be to keep on top of this?.."

All good questions, for which I don't have the answers. I imagine libel laws would encourage the keeper of the data to minimise their risk. It won't be any more poisoned than any other reference - just that she gets to see it. That knowledge alone will help discourage many fat sweaty bosses from writing stuff that may be thrown back at them.

The girl would have a gap in her CV. She could lie and say she travelled the world, but why should she have to throw away all that experience which would be valuable in a job interview?

I understand knee-jerk reactions to the database - panacea to every known ill - but take 'database' out of this and realise that what it really is that every time someone writes a reference about you, you will now have the opportunity to see it.

It may not be nice, it may not be accurate but it is no worse than what is already being written about you. If your bad reference is costing you jobs you have a hell of a lot better opportunity to correct it with a system like this. No matter what legal rights you have with your ex-boss, you have no right to stop him hand-writing his opinion of you without you ever knowing.

Most objections are objections to references in general. This system just makes the perfume girl more likely to see the lies which have been written about her.

Billy Goat Gruff

@b

"No. It's not right, It's wildly untrue in fact. You have every right to see your references."

I never said you don't have the right to see your references, just that the perfume seller won't see them. Just as most of us have never seen our own ones. Just as future employers don't show you a copy after they've seen them.

There are of course situations where you have no right to see the contents of a one-off letter between your ex-boss and your future employer. If he were to hand-write and post a reference, what right do you have to see it? If he sent you a different reference, how would you know?

So, wildy untrue? Not really...

I maintain that a database that she can see - and thus correct, append and threaten - is good. The exact same statements in the database could be said today without her knowledge and without any legal right to see.

And a database that fills in the missing gaps when a thief doesn't mention he was sacked from company X is good. Get the thieves out of the system so the rest of us aren't governed further by theft-prevention systems.

And giving every shop owner the ability to see your criminal records is bad - if it's a work-related problem then it should be available to an employer, if it's unrelated to work then they have no right to know.

Billy Goat Gruff

@Math Campbell

It's right :) and here's why.

You're saying that any boss can give you a bit of 'payback'. Well, surprise, he can now. Using the personnel database he can write these allegations of theft and they'd appear on the reference letter sent to any company that asked. Long after he's forgotten, the same letter would be sent out again and again.

And the poor girl would never, ever see it.

See, it's still a database (in personnel) but it's private and you have no right to see or challenge it.

You think that's right?

I say the comments made about her should be transparent, so she and future employers can discuss them without any notion of confidentiality, and the girl can go away and get the database changed (as you can now with credit records).

As to leaving it to the police and judiciary, well that is the ideal. And every employer should have access to your criminal record, right? With that information the boss could spread some real gossipy rumours.

That's your ideal, is it? No public database but uncontrolled access for any employer/one-man-band to criminal records? 'Nothing to hide, nothing to fear' you say? I'll give up on you if you think that's valid.

Let's take an example of an oik who is caught stealing. You know he was the one with the key to the parts room, you know his story about not coming in over the w/e is bollocks because when you show him the mail logs he changes his story that he did come in for 5 minutes. That is enough to know he's a lying little toerag who should be sacked. Just for lying, really.

You call the police - what they going to do? Fingerprint? Lie detector? Search his house? Well, maybe, if the parts are worth many 000s. But very unlikely. If they did do all this, then your fat sweaty boss could do the same with the sweet little girl - get her dragged down to the station and her house searched, and her computer taken away...

So, what do you do? Ah, you change the judiciary system so that they investigate every crime thoroughly, and see it through to prosecution. Well, I'm right with you on that. A tad unrealistic in the short term though.

Perhaps you should install CCTV all over the building, and put finger-print locks on every door and track the movements of everyone so that, should something go missing, you have uncontroversial proof? Yes, it might help prevent theft but IMO it treats us all as thieves and makes life poorer and more difficult.

And you think that's right?

I say - if you catch someone, sack them. If you're sacked unfairly, go to unfair dismissal and rake in the cash.

either way - with this public system - you can see what the boss wrote about you and change it. Light years ahead of the current system.

Billy Goat Gruff

Superb idea

Really, it is.

I hate petty crime and the fact we all have to suffer stupid laws because of it. Bring back common sense - if someone is caught thieving then it's not likely they will be prosecuted. You think it is? You're wrong. And the petty little oik will probably cause physical damage if they can, and they're very likely to get a free go at unfair dismissal...

The average company has little choice but to mutually agree to part ways. In an ideal world they'll send out references which say why, but why should they put the effort in when they can get sued? Perhaps it's to their advantage to shut up and let the competitor employ the little bleeder.

Now with a database any company can put their tuppenny worth in and have it managed by an external agency, intelligent people will be able to query that database and make changes. By law.

So the only objection I can see is abuse. But the possibility of abuse has always been there, which is why there are free unfair dismissal tribunals. And if the company does a traditional reference you have no right to see it, so it could say anything. With this system you have the right to see, make changes and, yes, sue malicious allegations.

There is more transparency and less possibility of abuse.

But the real benefit is to society. Make the f*ckers unemployable except scraping gum off the streets, and maybe the rest of us won't continually be treated as criminals.

When flash mobs go bad

Billy Goat Gruff

@ideala

There's a massive difference between destroying public property for 'fun' and causing a mess whilst having fun.

The council is right to be concerned about the property they maintain *for us* but I'm not sure that extends to using criminal law when there are far worse and expensive things these people could have been doing (think drunk, hooded yobs on night out flash mob).

Perhaps a water fountain park should be designed with fun in mind?

YouTube rolls out Scientology double standard

Billy Goat Gruff

I really dont get the animosity

Live and let live. Let gullible people give their money to this organisation rather than Gucci. Let people read their books if they want to and make up their own mind. It's not as if they indoctrinate kids, unlike our local religions... it's not as if they feel killing people is God's will which has afflicted the major semitic religions...

Someone please enlighten me why nonsense from one lot of heretics is any worse that the nonsense from another lot - as long as they all live and let live I can't see any difference..

Linux guru Hans Reiser convicted of first-degree murder

Billy Goat Gruff

Surreal

This is a surreal case and he seems to have been convicted in the belief that his post-murder actions were incompetent, and his explanations are too twisted to be true, and the simplest answer is that he's lying.

And a conviction does seem rather safe.

But why is the circumstantial evidence so overwhelming because of this incompetence, and yet he had the clarity of thought to dispose of the body so thoroughly?

He can't get rid of the books, or car, but he can dispose of a body and, presumably, a weapon?

I have more faith in the jury's decision than my own half-baked thoughts, but... I'd like to think that it could be proved beyond all reasonable doubt one day...

Hidden card fraud taxes UK.biz

Billy Goat Gruff

@Rich

This has probably died now, but I still find it interesting...

When the thief has managed to change the registered address then I would say it's the banks fault, and the banking code should reflect that.

The trouble with 'verified by visa' is that buying online from tescos is becoming too complicated with too many written down passwords, or passwords in my browser 'secure store', and now I have to use a little card-reader to generate hash numbers to do some transactions. It's all getting too complicated and it could be greatly simplified by the business and bank treating the registered address as sacrosanct.

As for shipping goods as a present, which I often do over christmas, I don't have a good suggestion other than a credit agency confirming the name/address of the shipping address is accurate...

Billy Goat Gruff
Thumb Up

@AC

>I want to buy a present for a friend.

And the small business can double check

>I want to buy petrol.

Surely this is extremely unlikely when cardholder not present.

>I want to buy a subscription to a web site.

And the magazine is delivered to the cc address

>Etc, etc, etc

Any valid ones?

Billy Goat Gruff

@Rich

>This can be somewhat mitigated by only posting to the the card's registered address,

that's my point; with card-holder not present - it's almost entirely pointless for someone in Morocco to use your card to send something to the registered address.

>but unfortunately people move about so much these days that doing this can cut off a lot of your customers.

Really? Fraud is limited to people who have moved address but haven't told the bank? Then (a) fraud should be really small and (b) the business should reject it simply because it will reduce their fraud to 0.

Of course there are more complicated ways of telling if it's fraud, such as checking the name and address with a credit agency, but really, if the address is different that should be sufficient to either doublecheck with the purchaser or reject it.

I'm not trying to defend CC here - I refuse to use them because I'm still fuming over Chip&Pin redefining fraud as the cardholder's loss - and I'm not suggesting a magic bullet for customers denying they've received goods... but I can't see how checking and using the registered address would result in any gains for a thief, and thus the popularity of cc fraud would plummet...

Billy Goat Gruff

I don't understand fraud...

... when products or services are delivered to the house of the cc holder, and if a different address in, say, Morocco, is used then the business should double-check?

Of course, changing the cc address should require a bit more work than logging on - but once we establish the address is correct, then surely 99% of goods/services that can be bought online or over the phone will be relatively fraud free?

What am I missing here?

Chinese hackers call off CNN attack

Billy Goat Gruff

@US did what - yup, it seems to work

"China bad - no argument.

US VERY bad - ask any Iraqi or any native of Afghanistan.

Perhaps you could ask each of US's neighbours - they seem to be in dispute with all of them.

US's version of history makes as much sense as creationism - it's amazing that the natives believe such rubbish.

US has invaded Cuba (1961), Laos (1971), Vietnam (1962), Somalia (1992), and then of course there's Korea, Haiti, Panama, Granada, Cambodia, Dominican Republic, Iraq, Afghanistan...

Also let not forget US's persecution of, well, everyone including their own public.

Can I have a two carrier bags icon please?"

I find it hard to defend China. I find it difficult to take any US opinion seriously when everything they preach is, almost without exception, hypocritical.

High Court quashes decision to release secret ID card reports

Billy Goat Gruff

Surely an MP should be allowed to read the reports?

And the MP can decide what parts to raise whilst in Parliament? And in raising any items they then become information us plebs are allowed to know, and then the Govt can either release the reports or refuse to - whilst the application goes through the legal process...

Why are we always fighting our representatives to explain their bizarre decisions?

Official: OOXML approved as international standard

Billy Goat Gruff

It only needs 3 objections

I don't know the finer details but it seems that if they need 2/3 approval, and they have 24/32 then by removing 3 approvals you get 21/32 - ie less than 2/3.

Germany and Norway might be 2, and if the irregularities alone don't cast huge doubt on the others like Philippines then it might come down to one other NB to object and the ISO is lost.

Now, if the BSI would be so kind as to show off how well they operate and have any confidence in their decision to approve, maybe that'll tip the balance.

It also appears that many votes are void simply because they weren't allowed to vote on MSXML, but only on whether their previous objections had been solved. Thus if the technical committee declared them unsolved or could not verify they were solved (none of them could?), they *should* have kept the previous disapproval. Instead they seem to have had a vote on whether to accept MSXML (with all the irregularities that went with it).

It does seem as though the ISO cannot accept the 'vote', but whilst they dither they are likely to spend an awful lot of time defending a process they know has gone horribly wrong.

(I know people refer to it as OOXML but really it's time to clarify this - its MSXML and cannot be anything else).

Get your German interior minister's fingerprint here

Billy Goat Gruff

@ImaGnuber II

Partly you have to acknowledge that security is a process, not an end result. For every technological advance in favour of the process there is an equal and opposite one against. Just as DNA can find a (guilty) suspect, DNA can be planted to find an (innocent) suspect.

Partly you have to recognise that fundamentally flawed checks such as fingerprint readers are hailed as panaceas. They are treated as the solution. But of course, they are not, and never can be.

If they are not the solution then they are a step along the process, except they are probably a step backward because it is expensive to implement nationwide and trivially cheap to circumvent. This is a fundamental flaw in all nationwide systems.

But you must also recognise the ID issue is one that we had 10 years ago but you didn't fear it as much. ID theft is a term that fear-mongers throw around for their own reasons. Your own identity cannot be stolen any more than your mind can be, but people can pretend to be you - it's just much easier if your identity is reduced to a number (whether encrypted on an RFID chip or not).

So what is the real problem that we've had for ages and now urgently needs a solution? That someone else can use your credit card online? They can access your bank account over the Internet? That they can burgle a house and leave your fingerprints or DNA? No proposed solution would help these problems.

You want a panacea, but what is the problem? Take away the buzzword, and what are you trying to stop? Are you absolutely sure that what you are trying to stop;

1) Is worth the time and energy required to keep the process of security up to date, and non-circumventable at it's weakest points.

2) Cannot be tackled by a free-market solution rather than a govt one (e.g. the onus is on a bank to secure your money, and not on us the taxpayers to pay for their ID system that requires us the customers to secure our fingerprints or - automatically - lose our money).

Bladerunner and biometrics: Heathrow T5 unveiled

Billy Goat Gruff

During your tour did you find out if

BAA (reluctantly) offer an alternative to fingerprints?

Religious MPs get free vote on hybrid embryos

Billy Goat Gruff

As an athiest

This is a good thing.

The religious people have asked that MPs vote with their conscience, based on their beliefs, and this is how every vote should be.

If the religions could decide then it'd be a bad thing. But they're not. They're asking that your MP can make up his own mind, hopefully representing the views of his constituency and not those of, say, Scotland.

Personally this science is probably a good idea, but I do like the idea that science is tempered by conscience irrespective of whether other countries then storm ahead and profit.

Ex-MS staffer to demo Vista smart card hack

Billy Goat Gruff

@prevent buffer overflows by changing the design of the hardware

in the 70s IBMs 'future development' department created a system that couldn't be compromised by memory overflows and had designs that are still futuristic such as hardware abstraction (it doesnt care if it's running on a Unix box or a PS2), 128bit addressing back in the days when 8bit was futuristic, single-level storage (it was designed for the day when flash drives are as quick as RAM) and hardware object protection so you can't have a buffer overflow.

Unfortunately it was so cheap to run that IBM feared it'd destroy the lucrative mainframe market so they never marketed it until the 80s.

It's still going strong, and is still invulnerable to the buffer overflows and all the other attacks Win/Nix admins have to plan for. Which is why most household name companies use it as their main system.

Doctors back more tax on booze

Billy Goat Gruff

The problem is ill-defined

Just like so many tax-generating ideas, they do not specify the problem, only possible solutions of, of course, raising tax.

Whatever else they do, they know we'll pay the extra tax and the ill-defined problems will still be here.

drink-related deaths? Want to bet that's completely bogus? Is it drunk people falling into canals? Or drinkers from the 70s now with liver cancer? Which of these will be stopped by raising taxes?

Hooded chav drinkers? They're going to stop drinking because it's more expensive? The day it's too expensive for them is the day it's too expensive for all of us.

Health - so nice of the government to think my health when it raises taxes for them, or when they get to fritter them away... but you know we won't drink less and the ill-defined problems will remain.

The non-smokers really should have seen this coming... less tax from smokers means more tax from you. And to get tax from you they have to make *you* a pariah of society - you pesky social drinker with your sensible attitude!

Government wants every English child on 'secure' database

Billy Goat Gruff

real agenda

"I am amazed that there are still people out there who don't realise what the Government's REAL agenda is with regard to a national database / ID scheme."

I haven't figured it out - what is it? They can get back pocket payments and directorships without the ID card, they can control all the tax I pay, I can't vote them in or out, they can raise their salary and remove themselves from freedom of information <rant cut short here>

You think they want an ID card that they know won't work, so they can.... what?

ISPs demand record biz pays up if cut-off P2P users sue

Billy Goat Gruff

Is downloading copyright stuff illegal in the UK?

Really, I want to know. I can't understand why people say authoritatively that it's copyright infringement to make a copy (and thus illegal?) and others say that the UK allows downloading since you're accessing a copy (and thus, like receiving a physical copy, is thus legal?).

I know there's no answer because the laws and case law are a bit fuzzy but I'd really like some guidance from 'the representative of the people' as the government declares itself as opposed to the representative of the lucrative board jobs that the government appears to be.

If the goverment or courts can't tell me what law is being broken without it having to go to court then I can't see how I can tell.

I don't actually download anything illegal, I don't seem to have this addiction to CDs or mp3s that the rest of you have. I just don't like the constant pointing to US laws as if they apply to here (yes I suspect a UK downloader that breaks US law can be extradited and held at guantanamo and EU law supersedes UK law)... but can't the UK make up it's own mind about whether *downloading* a *copy* and *making* your own copy of the copy is *currently* illegal?

Brazilian cleaner spots security hole in Heathrow e-borders

Billy Goat Gruff

biometric

the card stores the digital signature of the fingerprint, and is compared to the one generated by the finger print reader. both are created by a laptop/card printer at a secure location (using the password 'TEST', accessible through a Windows exploit on the IIS server and backed up on CDs which are randomly sent through the post to dodgy job applicants).

cheap and cheerful.This is not an ID register, just a place where biometric cards are more useful than photographs as long as you realise their purpose is to validate the card rather than the person.

Easily bypassed by terrorists and journalists but hey, that just means the ministers for big brother would get a few more jeers from their own side when they announce a foolproof ID biometric system...

As someone said, if a person can get into HP then they should be rewarded with, perhaps, a years free membership to the commons restaurant. And, perhaps in that time the person might strike up a few conversations with MPs about how the ID card system is futile.

Billy Goat Gruff

biometrics have a point

You know, biometric ID cards do have a point.... as long as they are not made universal and don't replace existing systems such as passports, driving licenses etc.

I think 'goal shifted to having a valid card' is spot on and a security system that relies on humans looking at photographs is prone to failure through boredom.

A fingerprint system would emphasise the point that it's just a valid card but with a little, cheap biometric fingerprint reader just to catch out blatant card-swapping.

It wouldn't be fool proof, and the security staff would rely on the bleeps and alarms it to say if the card, and not the person, is valid, but it would be better security.

It would also be nice if the MPs could proof-test the system for us since if the biometric companies are going to please anybody it's going to the the people making the decision, and similarly it's good for the technophobes amongst them to know what a hassle life will be should they foist it upon 60 million people.

Veggies a 'perversion of nature': Official

Billy Goat Gruff

Vitamin B12

Cornflakes and marmite on toast?

I always wonder at the term vegetarian. Try and imagine what your pizza, all day breakfast, Fish and Chip etc would be like without all the vege goodness...

A pizza would be salami. Very nice. Not quite as stodgy and delicious as melted mozarella cheese on an oregano (or is it basil) tomato sauce with some filling base. And garlic bread and a really good salad. In fact given a choice I'd rather be a veggie than a meatie.

An all day breakfast... bacon and sausages. Excellent, my favourites! But sausages have quite a lot of flavours added which a strict meatie wouldn't touch. So bacon and pork. Almost as good. But I'd miss toast, and eggs, and mushrooms and beans and tomatoes and, especially, the hash browns. And the brown sauce sandwiches and cup of tea. I suppose meaties could drink Bovril.

Fish and Chips wouldn't be the same without batter and chips. Or vegetable oil to fry it in. A strict meaty would only have lardy fish.

What;s your favourite curry? The sauce is nice, right? Now none of that is made from meat thus your curry becomes lardy mutton cubes. Or microwaved chicken strips for the ladies watching their weight.

See, vegetarians don't just eat vegetables just as normal people don't just eat meat. If you had to become a vege or a meatie, most meaties would be sad and unhappy eaters. And die early.

People eat meat because they like to, and that's good enough for me. Other people don't it because they realise it's not as healthy, or they don't like factory farming, or they only eat what they kill rather than buy cellophaned meat. The fact they made a decision is good enough for me. It's the ones who eat meat because their peers do, well, that's just sheeple behaviour...

IPS leak suggests ID card fingerprint chop

Billy Goat Gruff

@Simple ID system

"So most people in Britain today need ID. All I'm suggesting is that simple system can provide most of the requirements:"

All your suggestions are already adequately provided for - Passport, NI, driving license. I know you want a solution that does them all but it will be useless until it becomes useful, in which case it will become useless again.

"Cutting and pasting photo's on to ID cards only works if you not sending a picture of the card holder to a central source to be verified."

OK, so when the card itself isn't sufficient they take a picture of you and someone compares it to the central database. And this is easy? This is biometrics my friend, where key pointers of the face, or fingerprint, or iris, are compared to the stored key pointers.

"Each card has a unique ID, so it maybe possible to copy cards but this does not help as many people will be sending in a photo of the card holder."

So, to buy a drink, someone would need to take photos and swipe cards (to get the unique number) or perhaps you'd prefer RFID? Wouldn't it be cheaper for a pub to use a passport for the odd customer that looks underage?

"ITV manage to get the SMS network to respond fast enough for voting on "Dancing on ICE", that show's it could work the application does not require sub second response the first four requirements would be happy with day's as a response time and clubs and pub and shops already verify visa cards sub second so verifying an ID cards could also be done sub second."

Hmmm I think this is a little wishful thinking. Put your thinking cap on and look at how many ways *you* could bypass such a system. A GSM network blocker holds up the queue to a nightclub before they decide to stop checking with SMS? Flood the bouncers SMS gear with SMS messages?

As soon as it enabled you to obtain credit then think of the number of ways you could buy a way to bypass it and you get free money under a false ID.

"NB: The issue with chip & pin is that by closing one hole in the U.K. they opened up another, the rest of the world. Until chip and pin is used by all outlets around the world and a better way of authorising Internet based transactions is used (say some form of secure ID may be the answer) these holes will not be closed."

Chip&Pin was never meant to stop fraud, in fact it's well known that us citizens are less protected. The difference is that it comes under ATM law and not Cheque law - which means the bank no longer has to automatically refund your money, you have to prove you didn't give someone your card and PIN. A bit hard to prove a negative. Fraud losses have gone down simply because the banks have to pay out less when fraud happens. Which is why they now call it ID theft, because whilst they are responsible for your money, you are responsible for your personal ID number and if anyone steals from your account it is assumed, under ATM law, that you must have given away your pIDn.

"So in summary we already need ID's for many functions, lets have some that works and is cheap. Nothing I've seen from the government to date works not even chips in passports they keep looking at the wrong problems."

Unfortunately, so do you... find a problem that doesn't have a solution. Decide whether the cards will be compulsory. Decide who will pay for all the card readers, cameras, etc. Decide if financial transactions will be more secure because of it, and then realise someone will exploit it and mass-produce it. Just as they do with Visa cards, and Visa reacted by making Chip/Pin compulsory where *we* suffer.

Sorry. I *like* the idea of a cheap ID card but I can't see where it'd be useful.

Billy Goat Gruff

@Simple ID system

An excellent idea, but it achieves nothing and should you ever make it useful, it will become redundant...

'Old enough to drink' - well someone is only old enough if they have proof (a passport or one of those pub-approved schemes) or the seller makes a judgement call. No need for a card. Most of us would never be asked to show the card!

'Can drive' - drive what? A motorbike? Geared or auto? What CC/HP (you get different license for both of these). A car and a van and a tractor? Or just an auto car? By the time you put all this onto a card you have a drivers license.

'Cardholder can work in UK' - Useful for employers and govt security agencies, but seems a bit overkill for everyone I know to hold a card. I guess an NI number might do the same thing or how can the employer pay your NI?

'Verify the card is OK' - well, without issuing card readers everywhere or relying on bouncers to type your card number into a phone and wait for an SMS, it's pretty impossible.

I can't see the point of this card if you can legally work without it, legally drink without it and legally drive without it.

To make it cost £1 you'd need to outsource it to, say, Tesco who would love to know the ID of their chosen markets. But as soon as it became useful to, say, underage drinkers they'd be fake ID cards. Same photo, reprogrammed info. Or you get a card from some polish friend who's leaving the UK and skilfully swap the photo so you are now eligible to drink vodka, drive buses and work anywhere in the EU.

What would be the penalty for not showing the card when requested to do so? Would annoyed barstewards refuse to serve a 40 year old because they didn't show their ID card to prove they were old enough to drink?

I *like* the idea of a cheap, simple ID card, I just don't think it'd serve any useful purpose :(

Germany flicks off-switch on DAB

Billy Goat Gruff

Timechecks

I've got a DAB by the kitchen sink and it's OK. But if you wanted to get the accurate timecheck that Radio 4 do, could you do it on DAB?

If you watched a rugby match on ITV and wanted to listen to 5Live commentary, could you do this with DVB/DAB?

If progress were not in reverse we'd be hailing 'True Live (TM)' where all your timechecks and commentaries were 'Truely Live - without the digital lag'

ID cards delayed until 2012

Billy Goat Gruff
Thumb Up

contractors idea

"As for contractors, the company directors, if forced to carry one, probably wouldn't notice, much less care"

They would if they had to carry the card created by the organisation competing for the quote! Who had access to all of their details!

Similarly, the competitor would be carrying one of their cards.

Each bidder will try to crack the other's card in an attempt to win the bid, whilst at the same time make their card useless even if it is cracked and the database made public.

If neither card/database is up to it the bidder fails until someone can go through such a rigorous process that they proceed to the next stage of public scrutiny... which, of course, it will never come to because the concept of absolute security through government obscurity (CD in the post) is an impossible concept.

Billy Goat Gruff

@Put you money where your mouth is

>Here's the order that ID card enrolement should foillow. Each group should be fully enroled before the next group starts:

>1) Members of Parliament.

A good idea, but then it occurred to me that there's a higher level - the companies that bid for the contracts and make unrealistic promises whilst paying the likes of Blunkett:

Each company that puts in a bid to design, run, manage, lose, corrupt the data whilst possibly employing govt-approved illegal immigrants and offshoring the data entry to Nigeria should have ID cards created by one of the other bidders. They should be given to high-level employees and 'executive' directors.

a) they can fight amongst themselves by showing how much info can be obtained from the cards/system of the competition

b) if they don't do this, or if there is a clear winner, the cards should be obtainable for a small charge to see what other hackers can do.

c) A CD of all the card holders information should be downloadable for the same reasons.

Of course all of the bank, council, tax, internet, library transactions that would require an ID card will have to use one, so a final test is each week one of the competitors gets to have their cards inexplicably disabled or lost to see how life becomes when every organisation cannot verify your identity and you can't obtain a new card without *proof* of ID.

You know, I'm sure there's a nugget of a good idea there somewhere!

DVLA's 5m driver details giveaway

Billy Goat Gruff

hit & run is not yet a valid business reason

"You know, if you are hit by a hit and run driver, if people have been trespassing and you got the car number"

Sadly, I don't think the general tax-payers of this country count, and your request would be rejected. Only commercial entities would have a valid reason even if that included fraud and demanding money with menaces which both seem to be perfectly acceptable business practises these days.

If, however, whilst you were still in contact with the car you had the presence of mind to find and write down the VIN as well as the license number you may stand a chance at identifying the culprit.

Anti-spammer fined $60K for DNS lookup 'hack'

Billy Goat Gruff

Findings of fact #31

#31. Ritz falsely stated in his interrogatory answers that his only name on the Internet was David Ritz, when be actually went by names including "s lewini" and "BOFH" ("Bastard Operator From Hell").

Brighton professor bans Google

Billy Goat Gruff

Improve wikipedia as an exercise

I, too, would be depressed if they were copying mediocre work from the web. But as a media studies professor I would expect a more media-friendly idea than banning, such as an exercise like 'take the current wikipedia entry' and the textbook and come up with a much better entry. Or find the top 5 google sites and point out where they are wrong, or what they are missing. Perhaps even create a defacto webpage on a subject that wikipedia can link to, or ends up at the top of google.

Surely using google, and understanding it's limitations, is pretty important both for research and media studies?

And if it ends up that google/wikipedia are improved by her class then would that be a bad thing?

MP accuses BBC chief of illegally championing Microsoft

Billy Goat Gruff

The Sony PAL argument

"I feel your example of a Sony TV is a poor one (actually childish is closer to my opinion). How about the BBC are hindering accessability as they insist on using PAL rather than NTSC. "

If the BBC insisted we used a standard like PAL then I wouldn't really have a problem. Any TV manufacturer can adopt the standard, make TV sets, and I can buy one. It doesn't have to be a Sony one.

If the BBC hired some Sony guys and then adopted a HD Freeview format that required we used a Sony protocol that was only licensed to Sony machines then I'd have to buy a Sony TV set.

If the BBC said that the most popular TV set was Sony and it would work without them having to buy a new set, it would be nice for them, but it would force everyone else to buy a Sony as well.

When I decide to get a new set, guess what, I shall get a Sony. It may well be that other makes are no longer in the shops - after all, who'd want them when the BBC go HD digital?

Thus, Sony corner the entire UK market.

But a few OpenSourceSet users say 'hey, our sets are better than Sony's overpriced ones' and the BBC say that they are too unpopular. And the Sony TV owners say 'stop whinging, get a Sony'.

And the Sony users would have missed the point *again*. If they used the OpenSourceSet then Sony users would still have HD freeview. Along with Toshiba, and Sanyo and Bush and Goodmans... everyone would have HD Freeview. No new TVs needed. No need to pay Sony anything.

So, why didn't the BBC use OpenSourceSet? Because they desperately wanted a Sony solution. The executives had come from Sony, after all.

By allowing Linux, or Mac, to work in the beginning they are not making it more difficult for Windows users, they are making it easier.

For instance, ACER might do their fast-bootup PC that goes direct into iPlayer, or you might watch iplayer on your ipaq/HTC, or in your google android device. Windows users don't lose out, they get the benefits along with everyone else.

Of course, the BBC don't need to write iplayer for the iPaq and your TVFridge, they just need to adopt the standard and anyone can write their own iplayer. The BBC *save* money as the iplayer is improved - speeded up, less resources, different qualities, downloads at off-peak times etc. And just like Firefox, Windows users benefit from free programs that work on everything.

And DRM? Can DRM exist outside of Windows? Of course it can, only it'd be safer. Why hasn't it been done? It probably has, only we're not aware of it because of the chicken/egg situation.

Personally, I wish the MS apologists would wake up and realise the potential of a world where things work on non-MS approved hardware.. and help do their bit by not apologising for everything that is *designed* to lock us into the shoddy MS world.

AT&T to crush copyrighted network packets

Billy Goat Gruff
Thumb Up

@They will just detect and band entire technologies.

Isn't the point that they *wont* do this, leaving P2P free for non-RIAA stuff?

To scan P2P it's as simple as scanning emails for viruses, or spam.

You know the initial packet to start a P2P, you know the initial packet to initiate a file transfer, you know how to identify the first block of data - all you need is the **AA copyrighted data fingerprint.

Sure, it's easy to bypass *but* it won't be easy to find anything that has a tagged fingerprint and the nature of P2P is that unless the checksum matches you will never be able to find genuine copyrighted files that have been tagged. Or at least from AT&T.

This means that the P2P will be free to use for anything that isn't tagged by the *AA such as personal music. Whether anyone will want to download your music from P2P when they can do equally well from your webpage or myspace is something you will find out later.

Otherwise I agree with many sentiments that society is being dictated to by commercial organisations but there are much better fights than genuine attempts to stop the freeloading Jammies of the world. As long as we're not all treated as criminals (ie banning P2P or making DVD copying illegal, or paying a levy for each DVD) then I think this is reasonable.

I would appreciate it if they didnt fingerprint mp3s that you can no longer buy, though.

Billy Goat Gruff

Pick your fight

You know, Jammie wasn't a good postergirl for P2P. But she is probably typical of the sort of AT&T customer who hasn't got a clue but thinks she's anonymous. She will use encrypted packets if the software defaults to that, otherwise, she won't put any thought into it.

I don't want my traffic filtered by RIAA cronies, but really, like Jammie, pick your fight and don't let them pick it for you.

Fingerprinting packets is not really that difficult, even if they're zipped... if they're encrypted and the password isn't public knowledge then there's no need to fingerprint them. So this isn't any great hassle.

Should AT&T filter traffic for RIAA? Yes, if they get paid enough. Will it affect anyone who sends their own music through P2P - no. Does it affect my copyrights - no. It only tracks the fingerprints of those files that the RIAA tags.

Filesharing is obviously wrong - the **AA et al are also obviously wrong. But when you fight the pigolopists make sure *you* pick the fight. Stop levies on media (I only use writeable DVDs for data, never *AA stuff). Stop ISPs having to divulge personal details under some terrorist legislation.

But allow them to charge whatever they want for their copyright and you decide whether it's worth it, or download it for free on the understanding they have to stop you and Jammie from taking the piss.

PC scuppers NYE fireworks in Seattle

Billy Goat Gruff

dry running

One thing I noticed when I adopted GNU ways was that everything should interlink and yet work independently... ie pipe information in and out of a chain of events.

With Windows the idea is to present an all-in-one GUI which does everything with a single click. All the internals are deliberately hidden and if they rely on a DLL that is corrupt you will never know until the the final click.

With GNU/unix you retain control over the entire sequence of events so can do as many dummy runs as you want and be fairly confident that there are no hidden easter eggs to surprise you on the night.

Yes, linux cannot prevent a corruption (ext3 might but the user will always find a way)... but the point is if you had to create a very esoteric program like fireworks control you would be much better prepared if you adopted the GNU way and not the all-in-one GUI way.

Since windows programmers are constrained to work in the commercial windows way, then, yes, windows is partly to blame.

US TKOs Antigua in bizarre WTO arbitration decision

Billy Goat Gruff

$21M

Well, I hope they adopt the 'up-yours' methodology of costing 'intellectual property' where US 'intellectual property' has a token value of 0.0001p and thus $21M will go a lot further. Of course it still means they only get to recoup $21M but it also means USA will have to suffer losses in the billions.

But I'd just love to see the bully hit where it hurts.

And no, Antigua, don't negotiate. You got the judgement, use it.

Indignant reader defends Idiot 2.0™

Billy Goat Gruff

FPWM

FOTW? Fair Point Well Made...

It's always good when someone sticks it to the opinionated - which I guess happened on cnet and then, frankly, in this email.

what the hell were you reading a 'blog' for anyway? you know it only gets you annoyed.

90mph police chief cops 42-day ban

Billy Goat Gruff

hypocrisy

A good % of problems and disillusionment with today's UK is hypocrisy.

If someone spews forth about a law, then they should honestly believe it to be correct, not convenient for revenue.

It's not sufficient that a Chief Constable with strong opinions on how we behave is judged on the law, he should be judged according to his own opinions. His opinions dictate the direction of law enforcement. He shouldn't be sacked but he should have a life ban.

If Labour make laws about accepting dodgy donations then it's not simply 'an error of judgement' if they knowingly break the law, it's far worse.

Everytime these people are caught out, they should be convicted according to their soundbite convictions.

Maybe then we'd have less 'style' and more considered substance.

It's be especially good for ID cards and the associated soundbite promises.

Microsoft offers $300m for web-washing ad campaign

Billy Goat Gruff

iLive uPay

weSuffer

Balls blames parents, computers for English literacy slide

Billy Goat Gruff

exams

And there was me thinking the successively higher exam grades actually meant something. I feel as if my government has been misrepresenting the facts to me...

Biometrics won't fix data loss problems

Billy Goat Gruff

multiple-factor authentication

"Sensitive data should at least use two-factor authentication. Truly critical data should use all three factors.

Something I know (password)

Something I have (security card)

Something I am (biometric)

Only the correct combination of all three factors should unlock sensitive data."

Perfect politician misunderstanding of technology?

All those 3 things have to be boiled down to a unique number, or else how would a computer know your answers are correct. That number is all you need to unlock the sensitive data.

For instance, a shop has a biometric reader which converts your anatomy to a hashed number that is matched to the card. A fake ID can either simulate the anatomy or alter the hash on the card. Thus, all you really need is a card reader and writer and you have everything you need to fake points 2 and 3.

Which leaves a password as the only secure bit - just (not) like a PIN.

Of course, with obscurity, you could ensure that the hashed number is secret and known only to a central server, in which case every transaction would be routed through the ether. But the hashed number would be stored in government files against the biometric data and this file, once compromised, would make the entire ID card as secure as a Chip/PIN combination.

Even if it were not compromised, the number of possible exploits are unlimited - as they are currently. The difference though would be that the ID card would be sold as 'preventing' these current types of fraud, when in practise they will be as secure as a number, or as secure as HMRC data, or as secure as any other human generated password...

Page: