* Posts by Chris Fox

129 publicly visible posts • joined 23 Jun 2007


Tech professionals pour cold water on UK crypto hub plans

Chris Fox

Re: Make the island nation a "global crypo-asset hub"

A background detail from the Eye: Sunak has a pecuniary interest in a crypto biz. Allegedly there are many other potential conflicts of interests which he does not declare, and has effectively hidden using a loophole in the declaration requirements, while adopting policies that protect and enhance his financial interests, and shower Tory-supporting mates with lucrative contracts.

Akamai buys Linode for $900m

Chris Fox

Re: Oh Dear!

Looks like a good time to review and refresh those contingency plans!

ProtonMail deletes 'we don't log your IP' boast from website after French climate activist reportedly arrested

Chris Fox

Where would PM draw the line?

Not only did the police infiltrate non-criminal activist groups, in some cases they then sought to encourage said activists to commit criminal acts, and who were then prosecuted without the police revealing their role in instigating and facilitating those criminal acts (and actions that lead to the longest ever English civil trial in the McLibel case). The infiltration was so extensive that some "activists" meetings consisted almost entirely of under-cover cops. Of course the UK government's answer to this scandalous state of affairs is to grant undercover ops immunity from prosecution for such criminal activity, while also labelling activists "terrorists" for engaging in *lawful* civil disobedience.

Presumably PM would be happy to collaborate with the oppressive actions of a wannabe police-state, provided all the paperwork was in order?

UK urged to choo-choo-choose hydrogen-powered trains in pursuit of carbon-neutral economic growth

Chris Fox

Other reasons some lines have not been electrified

"Oh, we can electrify lines alright. The issue as the article says is the economic feasibility of doing so."

Another factor in play here is that the Coalition and Tory governments cancelled and curtailed economically viable*, approved and "shovel ready" electrification projects, because ... austerity..., while supporting costly and economically dubious white-elephant vanity projects, like HS2. And where they cancelled or truncated previously agreed electrification projects they instead invested in inefficient and costly dual mode-traction units on long-term over-priced PFI leases with terms that require payment based on availability, not use, and whose acquisition was at odds with policy commitments related to carbon emissions.

* Even on the UK Gov's rather narrow definition of what counts as economical viability in the railway sector.

Basecamp CEO issues apology after 'no political discussions at work' edict blows up in his face

Chris Fox

Legal rights of employees are political?

Re. banning discussions on equal pay, "Would you have a problem with that?"

Yes. Any employer that bans discussions (written or spoken) that relate to the legal rights of employees ought to face sanctions; in some jurisdiction such a ban would almost certainly be considered unlawful.

University duo thought it would be cool to sneak bad code into Linux as an experiment. Of course, it absolutely backfired

Chris Fox

Human subjects and consent

"... you are confusing machines with people. Bugs in code are not equal to bugs in people."

But isn't one of the bones of contention here that the ethics' board and/or the researchers appeared to have made the mistake of confusing people with machines? If the aim was to see whether the Linux development process could be subverted, then the subjects under test here would actually be the community of developers, rather than the Linux kernel as such (i.e. people, not machines).

Like all experiments involving human subjects, any serious ethical approval process should have subjected this proposal to a much more rigorous assessment, especially given the absence of consent (as well as the significant risk of high-profile reputational damage). There are more ethical ways of conducting this kind of research (cf. penetration testing). If I had been on the ethics approval panel in question, I would have insisted on major changes to the approach, with safeguards for the experimental subjects, before even considering the possibility of approval.

[The connection with medical research is that that was where ethical considerations were first taken seriously, so it is natural to use medical analogies when discussing research ethics.]

Spy agency GCHQ told me Gmail's more secure than Microsoft 365, insists British MP as facepalming security bods tell him to zip it

Chris Fox

Re: An ex GCHQ bod once told me never to use GMail

“I use Gmail, Gdrive sheets & docs for convenience but ... if you have data you would rather not share then keep it elsewhere.”

Presumably the corollary is thus: “if you have data you would rather not share with third parties, then don't collaborate with me, or anyone else known to use GMail, GDrive and googledocs”?

As battle for future of .UK's Nominet draws closer, non-exec director hits a nerve with for-profit proposal

Chris Fox

Re: If you're a member..

... and echos of BCS, circa 2010, as previously covered on El Reg.

And now for something completely different: A lightweight, fast browser that won't slurp your data

Chris Fox

Folded content in raw HTML

"However, there are some things that aren't very complicated to implement but can't be done without scripting. A basic example is dynamically showing or hiding content. Having a button which allows a user to collapse or expand a region means that the page can have lots of things on it without requiring the user to scroll past irrelevant things, but HTML itself doesn't do that."

You might want to check out the HTML "details" and "summary" tags, which implement dynamic content hiding (though it could be nice to have more CSS rendering options to customise the appearance).

What does my neighbour's Tesla have in common with a stairlift?

Chris Fox

British Standard Method

Someone tried that round our way. Along one quarter-mile stretch there was an almost continuous line of very large ... er ... potholes. The council did indeed send someone out quite pronto... unfortunately they were armed only with a tin of black paint. That was a shame, as the BSM decorations stood out at night, and made it easier to avoid busted suspension, punctures, and cracked wheels (or a nasty fall, for those on two wheels).

Twitter, Mozilla, Vimeo slam Europe’s one-size-fits-all internet content policing plan

Chris Fox

Lead pencils

"Amazon can sell lead pencils for kids and claim it's just facilitating an external seller."

I don't follow the significance of this example. So-called "pencil lead" (and for that matter, "black lead") is actually just graphite. All considered, traditional graphite pencils are probably among the least harmful of drawing and writing implements. But otherwise I would agree that there are some complex issues here.

Salesforce's Dreamforce shindig hits new levels of nauseating online as... Oh god. Is that James Corden?

Chris Fox

Re: Please help

How about: "we can now provide comprehensive online customer-relationship services for both large and small organisations"?

Microsoft: After we said we'll try to promote more Black people, the US govt accused us of discrimination

Chris Fox

Re: Just do what I do.

"Hire on merit alone. Simples."

Perhaps it is not so simple. Unfortunately some people, and institutions, have a habit of assessing "merit" in a way that turns out to embody an element of indirect discrimination, and which amplifies existing structural inequalities.

The classic example from the media world (and politics etc.) would be judgements related to "polish" and "eloquence" (at least in the UK). In the legal profession it might be judgements about whether the candidate attended a "good" law school. Similarly in the sciences, and academia itself, there is self-perputating bias in favour of graduates from the self-selected "Russell Group" of universities, or Ivy League etc., which themselves embody elements of discrimination and bias. Then there are those "objective" algorithmic assessments of merit, used in the tech industry and elsewhere, that have been shown to embody unlawful discrimination.

While some general measures, such as "unconscious bias" training, can help, they can also have unintended consequences that actually entrench discrimination in some individuals. But targeted measures (such as hiding details of an applicant's education and age) have been shown to broaden the pool from which candidates are selected. Perhaps a case of "less is better".

Face masks hamper the spread of coronavirus. Know what else they hamper? Facial-recognition systems (except China's)

Chris Fox

Plague outfit

The plague doctor mask (and cape) has already been tried by a teenager in Norwich. For some reason the police threatened him with prosecution if he wears it in public again, although it is not clear what law, if any, is broken by wearing such an outfit.

Russia tested satellite-to-satellite shooter, say UK and USA

Chris Fox


Do we know whether such consultations took place for Starlink (and Kuiper, OneWeb, Hongyang etc.)? These massive constellations of satellites, with their potentially costly adverse impact, certainly appear to lie within the scope of this treaty.

(Then again, some would argue that the national legal framework that provides legal cover for the FCC's seemingly gung ho approach to satellite approval, namely the US Commercial Space Launch Competitiveness Act of 2015, is itself in breach of the Outer Space Treaty...)

Motorola Moto G 5G Plus: It won't blow your mind, but at £300 we're struggling to find much to grumble about

Chris Fox

"They also give me an excuse for wearing the large pocketed unfashionable pants I find comfortable."

I don't think you're meant to put your phone down there...

While waiting for the Linux train, Bork pays a visit to Geordieland with Windows 10

Chris Fox

The year of Linux ...

Given the migration plans, does this mean it's year of Linux platform platform on the platform?

Boeing 787s must be turned off and on every 51 days to prevent 'misleading data' being shown to pilots

Chris Fox

Debris well

Looks like some of the debris must have found its way into your keyboard.

Image-rec startup for cops, Feds can probably identify you from 3 billion pics it's scraped from Facebook, YouTube etc

Chris Fox

Publication does not entail a grant of all rights

"I too can browse the videos and extract a lot of info.. Should I also be held in contempt of GDPR laws, of course not..."

Actually, depending on exactly what you are doing with videos, and images etc., and how you are processing them, you could indeed be in breach of GDPR, and possibly in breach of the owners' copyright as well. By itself, the act of publication does *not* mean that third parties have been granted all rights to the data, and does not remove any obligation to seek permission on matters governed by the GDPR, or by copyright.

ACLU sues America's border cops: Tell us everything about these secret search teams targeting travelers

Chris Fox


I'm guessing this is a reference to "Cincinnati/Northern Kentucky International Airport". I've not been there, but from the name it sounds like it's in Kentucky.

Antarctic researchers send an SOS to the world: Who wrote this message in a bottle?

Chris Fox

Bouvet DXpeditions

I believe a number of Polish radio hams have visited Bouvet in recent years. Perhaps the folks at bouvetoya.org could shed some light on this?

This major internet routing blunder took A WEEK to fix. Why so long? It was IPv6 – and no one really noticed

Chris Fox

Re: "they weren't in use so nobody was affected"

"Yeah, as we said, doesn't speak well for IPv6 adoption."

Perhaps that was meant as a joke, but if not... IPv6 is intended to be sparse: the fact that a large number of unused addresses are not in use merely means those addresses are not in use. It says nothing about IPv6 uptake, or the number of addresses that are in use, or even the number of announced prefixes (either in general or within this block). This error will not have any impact on any conventionally announced addresses. If anything, it is a demonstration of how robust IPv6 can be in the face of such mistakes.

These boffins' deepfake AI vids are next-gen. But don't take our word for it. Why not ask Zuck or Kim Kardashian...

Chris Fox

Bill Posters and the law

The article doesn't say whether there is a risk that Bill Posters will be prosecuted. I think we should be told.

What did turbonerds do before the internet? 41 years ago, a load of BBS

Chris Fox


"Do they have fibre and Gmail in the heavenly kingdom now?"

According to some they do have a lot of cloud-based services.

Submarine cables at risk from sea water, boffins warn. Wait, what?

Chris Fox

Re: Not really a big issue

"Sea level rises slowly"

Yes, but the report states that much of the expected damage will occur within the next 15 years.

"there aren't a whole lot of these cables"

The report is about all kinds of network infrastructure including "1,100 Internet traffic hubs – data centres, Internet exchanges and the like", which "will be surrounded by water within 15 years." as well as regular underground cabling and fibre. It's not just about subsea-infrastructure; that is only a small part of a bigger problem.

Most likely the first time the problem will become apparent will be during a storm surge or hurricane, which may knock out comms and data processing for a hinterland that is many times larger than the area hit by any flooding. There is also the issue of salt water ingres into coastal groundwater, which can occur without any obvious signs of flooding as such.

It might seem a small problem compared to other issues related to global warming, but widespread loss of comms during a localised extreme weather event could be disastrous.

Not API: Third parties scrape your Gmail for marketing insights

Chris Fox

When did those who don't use Gmail grant permission?

If I don't use Gmail, and don't have an account with Google, at what point did I "opt-in" to (or more likely, fail to "opt-out" of) allowing Google and others to access the content of email that I have sent to individuals who happen to use Gmail? How do I find out what permissions others have granted to Google et al. to access and use *my* data? And how do I even know for certain whether a given recipient is actually a Gmail user, given that some corporate email addresses may be Gmail in disguise, and some individuals may use Gmail to aggregate email from non-Gmail accounts?

This looks like a clear breach of the GDPR. The only real question is, who is committing an offence: Google, for allowing access to my data; third-parties for using the data for purposes for which they haven't obtained specific consent; or Gmail users, for granting Google and others access to my data without my consent? I suspect Google has the greatest liability here, for running a data processing system that fails to have GDPR-compliant mechanisms in place for safe-guarding third-party data.

Google seem to be presupposing, incorrectly, that all data associated with a particular account is the account holder's data. This is the same error in reasoning that Facebook make in their justification for shadow profiles, i.e. unlawfully holding and processing personal data relating to individuals who are not users, and refusing to protect against abuse of such data, by claiming, obtusely, that the data and the right to consent both "belong" to the account-holder who provided the data to Facebook, rather than the person whose data it is under the law.

Pi-lovers? There are two fresh OSes for your tiny computers to gobble

Chris Fox

"OpenRC replacing systemd"

It shows how bad things have got when any choice of init system other than systemd is described as "replacing systemd". And this is for a distribution that has never supported systemd, does not have it in its repositories, and almost certainly cannot even compile it successfully, given that systemd assumes glibc, whereas Alpine is based on musl.

Although not mentioned in the article, Alpine's use of musl is a significant detail; it helps avoid bloat and in some cases improves performance (although it could cause difficulties for those wanting to run software that assumes glibc quirks and features). For those concerned about maintaining choice and diversity, and avoiding growing dependence on The Red Hat Monolithic Monopoly, supporting an alternative to glibc could be another 'good thing' to do (along with avoiding pulseaudio, systemd, and gnome).

Another systemd-free distribution that generally works well on Rpi is voidlinux, a rolling distribution which comes in both glibc and musl flavours, and which uses runit (the init system where start up scripts are usually only a couple of lines long). As usual, the choice of distribution in a given context may be constrained by the available packages.

Max Schrems is back: Facebook, Google hit with GDPR complaint

Chris Fox

Google Captchas = slavery

Those pervasive and invasive Google Captchas are even more annoying when you realise that you are providing Google with unpaid labour and intellectual property. Websites and CDNs that use them are essentially compelling users to supply Google with training data for their image classifiers, while also implicitly "consenting" to them using your personal data, both for corporate profit. There should be a law against such indentured servitude... for some reason Article 4 of the Universal Declaration of Human Rights springs to mind. There is more to all this than just the GDPR. How about some enforcement?

Chris Fox

Re: Oath Hell too please ... and worse

"I'm not sure how they would store your preference if they can't store cookies or include any sort of personal identifier."

If you don't have a cookie, e.g. because you block or delete cookies to prevent tracking, and for that reason they cannot link you to any record of consent, then the default assumption should be that you have not consented. To do what Oath, Facebook, Google et al do, and assume you have consented by default, and then require you to jump through hoops, and enable tracking in order to "withdraw" this "consent" that was never given is hardly in the spirit of what is meant by "freely given consent". And in some cases you are not even given an opportunity to withdraw consent for some non-essential-but-profitable uses of your data. Of course changing the defaults to make them comply with the law may have implications for some business models, but that is hardly news

Other US-centric companies operating in the EU seem to have been very poorly advised, even when compliance should be trivial. Some have "opt-ins" for non-essential sharing with third-parties being written into new, supposedly "GDPR-compliant" contracts, which have to be "agreed" to in order to continue using a service, and terms concerning jurisdiction that seem intended to prevent prosecution under GDPR legislation, despite having a physical presence in the EU. This would have been dodgy even under the pre-GDPR regime.

I'm having to deal with one hosting company that has required me to accept a new contract with terms that allow sharing of personal data with third-party marketing organisations, and "Modal Contract Clauses", in order to continue using an existing UK-based service. The only nod in the general direction of "freely given consent" in this case consists of the opportunity to write to their head office requesting that they do not share personal data with third-party marketing companies. And this for a company for whom GDPR compliance is actually in their interests if they want EU companies to continue using their EU-based hosting services without themselves falling foul of the regulations.

US government weighs in on GDPR-Whois debacle, orders ICANN to go probe GoDaddy

Chris Fox

Does NTIA (or CoCCA) really understand GDPR?

"... it is likely to represent a legal workaround that would allow IP lawyers direct access to Whois data by bypassing the legal obligations contained in the contract ICANN has with registrars."

So in other words, the NTIA is just pushing an approach that still seems at odds with the GDPR: it would give third parties access to personal information without consent, and without due legal process. Would this really satisfy the expectation of the Article 29 Working Party that there should be clear, legal reasons to grant someone access to the data? It seems doubtful that the say-so of an IP lawyer would count as a clear legal reason, unless backed up with a court order. But given that "the actions taken by GoDaddy last month... are of grave concern for NTIA given the US government's interest in maintaining a Whois service that is quickly accessible for legitimate purposes.", it seems that the NTIA is actually unhappy with the idea that a court order be required, and takes refuge in sophistry over what counts as a "legitimate" reason.

Simiilarly, CoCCA's approach of allowing access on payment of a fee, as well as to the Secure Domain Foundatin, a third party organisation, doesn't seem to be consistent with the expectations of the GDPR.

Google to 'forget me' man: Have you forgotten what you said earlier?

Chris Fox

Re: RE : Let's burn all the newspaper archives...

"Nobody (as far as I can tell) either prosecuting or defending this case is suggesting that the underlying archive or editorial material be deleted."

Not in this case. But there is another case where this is exactly what is being asked for, under the Data Protection Act. Max Mosley is seeking to have published articles erased or amended, including it would seem ones that merely report factual matters about the financing of Impress, as well as those relating to a certain party he attended. According to Private Eye he is also seeking damages for distress about publication of the fact that he funds Impress. And then there are other cases where complainants are claiming that they need to give consent for articles to be published about them in the first place, including, according to the Eye, a certain Prince Charles.

Chris Fox

New news

"How would the URL/news article be specified? If it's just existing material listed in the court case it wouldn't protect against someone rehashing the material and publishing a new article."

If you read the article carefully you may notice that a question relating to this particular point was raised in the hearing, and highlighted for its significance.

Oi, force Microsoft to cough up emails on Irish servers to the Feds, US states urge Supremes

Chris Fox

Re: UK not much better (in the quality of its arguments)

"But, in this case, we are talking about Irish servers, owned by an Irish company on Irish soil, which just happens to be owned by an American company."

Right, though I'm not sure why you say "but"; my observation was that the UK governement's view on extra-terratorial jurisdiction prima facie supports the US DoJ's position in this case. In fact it seems even broader/more extreme: according to UK government's reasoning the US DoJ should still legally be able to require data to be handed over even if Microsoft itself were registered in Ireland, Iceland or Switzerland etc., (regardless, it seems, of the views or laws of the countries in which the data were held, or the companies were registered).

Of course I am not saying that the UK government or US DoJ are right here (and my earlier comment alluldes to some sleight-of-hand in the UK government's amicus brief), just that the US DoJ is not unique in its attitude to extra-terratorial jurisdiction: other "civilised" countries make similar, or stronger, claims.

Chris Fox

UK not much better (in the quality of its arguments)

The UK takes a view similar to that advocated by the US DoJ in this case, under the UK's RIPA, DRIPA and IPA laws, which are taken to apply to companies operating in the UK, even if they are based elsewhere, and hold data elsewhere. Their arguments ignore some of the complexities of independent, extra-territorial subsidiaries (in a way that seems at odds with the tax-avoidance-friendly interpretation of the nature of "independent" corporate entities) and the interplay of the IPA with EU data protection rules (which mean that any entity storing data of EU citizens already has to comply with various obligations, which also include specific exemptions for law enforcement). Perhaps they wish to gloss over these subtleties and nuances in order to curry favourable treatment from the US DoJ when attempting to access data held in the US, just as the parliamentary "debates" about other aspects of the IPA effectively glossed over and ignored key aspects of critical ECJ rulings.

Java? Nah, I do JavaScript, man. Wise up, hipster, to the money

Chris Fox

Re: @wolfetone

"do you mean Java ME? At one point it was THE language for set top boxes ... just curious not being snarky."

I think this was a reference to the original purpose of what is now called Java, going back to 1991 when it was part of Sun's set-top box project, and went by the name "Oak". The name was changed to "Java" in 1994/5. Jave ME came later, originally as J2ME in around 1998/9

China's Great Firewall to crack down on unofficial VPNs – state-approved net connections only

Chris Fox


"Genuinely curious as to what is stopping someone renting a VPS with an SSL VPN on it that's hosted outside Middle Kingdom? How would it be any different than a visitor from abroad using their corporate Juniper SSL VPN or DirectAccess tunnel?"

One difference might be that someone living in China could find they start facing problems when attempting to pay for or use a "banned" service provided from outside China. In practice the authorities only need to hint that using external "unauthorised" VPNs could get you into serious trouble for it to deter those who might otherwise be politically active. And this is probably one of the main goals.

UK Home Secretary signs off on Lauri Love's extradition to US

Chris Fox

Re: Extradition

"US citizens have been extradited to the UK."

But have any US citizens been extradited for crimes committed *while in the US*? The article quoted suggests not... I would also not rush to treat the Baker report, or the opinions and assertions of the Home Affairs Select Committee as "fact", e.g. regarding the controversial claim that "little or no distinction in practice between the 'probable cause' and 'reasonable suspicion' tests", which many consider to be one of the fundamental sources of asymmetry. It seems to be standard operating practice for such reports and committee hearings to endorse the status quo, covering over issues of legitimate concern with a thick layer of white-wash enriched with a dash of sophistry.

In this particular case there are further asymmetries; the available penalties are radically different, and the US Love would appear to face not one but three separate trials in three different jurisdictions, in a prosecution and "defence" culture that bullies individuals to plea bargain. There is a precedent for vulnerable individuals committing suicide in such circumstances, even when they are not also facing the additional problem of being stuck in the prisons, and legal systems of a foreign country.

This just looks like an extension of the rendition programme, given that the case could have been taken up by the CPS, rather than the police handing everything over to US law enforcement, seemingly to enable harsh treatment that would be considered unacceptable in the UK. This is not justice.

'Trust it': Results of Signal's first formal crypto analysis are in

Chris Fox

What about Conversations?

I won't use Signal due to its reliance on Google Play Services, which is disabled on my phone. The Convesations app seems a better choice for many reasons: it also has double-ratchet encryption with a published spec (OMEMO), as well as OTR and stream management, and complies with open standards, works on self-hosted infrastructure, and does not need Google Play service, while still having very low power requirements. The main thing that prevents Conversations being close to an ideal chat application is that many of the larger providers of XMPP-based services (e.g. Facebook) refuse to support XMPP peering, but then lack of meaningful peering is a problem faced by all chat applications except email and SMS.

Red Hat eye from the Ubuntu guy: Fedora – how you doin'?

Chris Fox

Better fit-and-finish vs vendor hijacking

"It's getting better as a distro, too, benefitting from the improving fit-and-finish of Linux and its manifold supporting components: desktops, applications and their less-obvious underpinnings."

Hm, improved "fit-and-finish"? That's one way of describing the beast that is SystemD, and the dysfunctional way in which Redhat has in effect "captured" key components, such as glib, gtk etc., so that what are supposed to be general purpose, standardised libraries are permitted to have odd, inconsistent, out-of-spec behaviour if it helps or is required by Gnome and SystemD, while happily breaking things for others, and failing to fix reported bugs if they arise outside Redhat's stack. It all seems so depressingly familiar...

The exploding Note 7 is no surprise – leaked Samsung doc highlights toxic internal culture

Chris Fox

Re: #nothingtodowithnote7

"clearly corners were skipped to beat the iphone7 to launch."

We already know corners were rounded to beat the iphone, at least according to one judgement.

What a sad world this is were a company can be fined hundreds of millions of dollars for the perceived abuse of daring to infringe spurious patent and design claims, yet can get away with murder when it comes to its treatment of human beings...

Ofcom finds 'reasonable grounds' that KCOM failed to maintain 999 services

Chris Fox

Re: 999 - not in Hull in the 1950s

Not just not in Hull, and not just the 1950s. This was true of a number of places more recently than that. Despite the number officially being "999", on some exchanges your call would be put through to emergency services on the second "9" if there was no ambiguity. This could catch you out. Many UK regions still supported non-area code trunk prefixes into the late 80s: you could hop exchanges using prefixes, many of which started with a "9". You could concatenate exchange prefixes to jump between town and rural exchanges, e.g. 993, where the first 9 set up a link to the local urban centre, then 93 took you to some other smaller town. (This was how it was supposed to work, although ... allegedly... you could abuse it by routing a long-distance call manually over long chains of local exchange links, and avoid paying the then much higher long-distance rates.) But if you used a payphone connected directly to the main urban exchange and forgot to drop the initial 9, then you could find yourself surprised as emergency services picked up the call the instant you finished dialling the second 9. No doubt this all came to an end with the rise of fixed-area codes, and the fall of the Strowger switch, that culminated in Phone Day in 1995.

Complaints against cops down 93% thanks to bodycams – study

Chris Fox

Re: Studying police officers improves their behaviour

"It shows that IF PEOPLE THINK you have a camera, they will behave better."

The "study" does not tell us what people were thinking -- I won't call it an experiment, as it was clearly not even double-blind -- but we do know it involved geographically distinct forces. We also know that apparent placebo effects (and increasingly, nocebo effects) are usually interpreted as bringing into question the experimental hypothesis.

In an experiment where the control shows the same result, that generally suggests any observed change in behaviour cannot be attributed to the controlled variable. Indeed this is the reason for having controls. But in this case it is being reported (with the active encouragement of those involved in the research) as showing that the effect is so powerful that it spreads. If this were an experiment on homeopathic treatment, then this type of sloppy post hoc analysis offered by the researchers would be equivalent to arguing that homeopathic treatment is so powerful it actually cures people in the control group --- perhaps it does, but that would be a very controversial analysis!

There are other aspects of the publicity behind this publication that are concerning, including the conflation of "the number of reports of attacks" with "the number of attacks" (which are *very* different things), and the glossing over of the apparent increase in force used by the police in the camera wearing group, with no analysis of whether this was justified. If this increase in force did not occur in the control group, then that would be the key finding, not the reduction in complaints across experimental and control groups.

As with many things, the impact of body cameras is not at all straightforward.

For another perspective: http://www.slate.com/articles/technology/future_tense/2014/09/ferguson_body_cams_myths_about_police_body_worn_recorders.html

Non-doms pay 10 times more in income tax than average taxpayer group

Chris Fox

There was no referendum on PR

"Sadly the UK voted against the transferable vote"

"Of all the possible PR voting systems, we got that single version offered to us in the full knowledge that it would not be chosen because everyone knew it was not the one that was wanted."

Indeed, the 2011 referendum was on the Alternative Vote (AV), which is not a proportional voting system. It seems bizarre that the referendum was about switching to a voting system that the Jenkins Commission had explicitly rejected, on the grounds that it could be even less proportional than FPTP.

The Commission actually recommended the rather different AV+ additional member system, which is more proportional than FPTP while preserving constituencies. Of course we never got to vote on that far more sensible compromise. The "choice" we ended up being offered was then to keep the flawed status quo, or replace it with something potentially worse (... sounds strangely familiar...).

Chris Fox

What price credibility?

Let me guess, Pinsent Masons is worried it will lose some of its regular non-dom clients, and shamelessly pushes its own agenda by producing a press-release disguised as a (syndicated) news article under the Out-Law brand, with one-sided quotations from its own staff, and not even a half-hearted attempt at balanced analysis. (E.g. how about comparing pennies-in-the-pound, and the break even point for tax income, comparing number of non-dom oligarchs vs oligarchs paying regular tax rates?) It would be difficult to find a better way of undermining the credibility of Out-Law articles. I wonder whether/why The Register was obliged to take this piece.

I guess this is "normal" behaviour for Pinsent Masons: even its WIkipedia entry looks like a self-penned puff piece.

Delete Google Maps? Go ahead, says Google, we'll still track you

Chris Fox

Google Play Services (GPS), the Trojan app

Isn't this the every growing closed "app" into which Google is embedding ever larger chunks of Android functionality, rather like a (closed) SystemD for Android? No doubt at some point it will grow to the point where it *is* effectively Android, at which point Google could dispense with the Linux kernel. (Last time I checked, manufacturers are required to include the app to as a condition of using the Android name.)

Ostensibly this use of the app was to allow patching of devices that were not receiving core Android updates. In practice numerous applications that refuse to run if GPS (the app) is not running, including many official apps such as Google's Gmail and Calendar apps, even though it is not clear why they should break (GMail actually displays emails etc. before popping up a dialogue insisting that the GPS app be re-enabled), or why they cannot fall back onto "open" Android APIs.

It's interesting that Google Maps runs fine without GPS (the app), even though it ostensibly provides supplementary high resolution location services. Looking at the services provided, it seems that GPS (the app) can provide location information even if GPS (the service) is disabled, using WiFi location data. Perhaps the name of the app is no coincidence if both it and Google Maps are phoning home with tracking information.

There are many alternative apps that don't rely on GPS (the app) such as K9, Etar, etc. (and you can use Osmand instead of Maps, and an app to update AGPS data, such as SatStat) but it is rather annoying, and troubling, that many do, including Signal (ironically in the interests of "security", and for push messaging, even though ChatSecure seems to function just fine without it, including deferred delivery for intermittent connections).

[You can run a phone without Google Play Services (for now), but fun may follow if you try to disable to the Google Search App: that breaks the default home screen, leaving you with what appears to be an unbootable brick, until you phone yourself, and re-enable the search app while answering the call (not the most obvious or easy-to-find solution), and then find a launcher that allows Google Search to be disabled.]

Brit spies and chums slurped 750k+ bits of info on you last year

Chris Fox

Re: 750,000 messages?

... and most people communicate with more than one other person. If a person of interest makes contact with a couple of dozen people using a targeted mechanism (i.e. "one item of data"), then "750k bits of information" could easily see the majority of the UK population under some form of "targeted" surveillance. And if US practice is anything to go by, the scope of some of these "pieces" of information no doubt include the communications of associates with others, perhaps several hops away.

It seems clear that the terminology and mode of counting is a smoke screen: the headline figure makes it seem that all the data collected is just 750k bits (96k bytes). Perhaps, for example, the proceeds of crime legislation could adopt a similar method of accounting, so the powers-that-be need only request one thing: everything that you, your family and all their relatives and friends own.

Man dies after UK police Taser shooting

Chris Fox

Training shots

According to an investigative reports from around the time they were first approved for use by firearms officers in the UK, the Taser shots used on police and others in training are usually at a considerably lower voltage/power than in regular service use against civilians. (This might be because TASER International wants to reduce the risk of catastrophically bad publicity in the event that someone is killed by a Taser during training; the company pushes its products using the "non-lethal" claims, but has had a reputation for being ... less than straightforward when it comes to the question of safety and the risk of fatalities). Unpleasant as they no doubt are, low-power training shots may give a misleading impression as to how bad it really feels in active use.

Bloke flogs $40 B&W printer on Craigslist, gets $12,000 legal bill

Chris Fox

Admitted admissions

"It isn't that he "admitted" anything - that is just bad reporting, something that has been repeated elsewhere in many articles about this case. It is more factually described as a default "Nolo Contendere" / "No Contest" plea."

It might be a little misleading to refer to this as bad reporting, given that the terms "admitted" and "admission" are used by the Indiana court itself in such cases. For example, in the court of appeals' judgement that threw out the case in question, "admitted" appears five times and "admission" fourteen times with regard to the interpretation of Costello's failure to respond, as in:

"When Costello learned that his failure to respond rendered the matters admitted under Rule 36(A), he hired an attorney and moved to withdraw the admissions under subsection (B) of the rule."

For once it is not simply sloppy reporting: the language of the court really is as bizarre as it seems.

Home Office declares: Detained immigrants shall have internet

Chris Fox

Magical thinking

"It is the responsibility of the centre suppliers to ensure that detainees electronic communications are monitored, and that any privileged material (such as legal correspondence) is excluded from all monitoring."

How's that supposed to work? Suppliers are required to monitor communications, but if it turns out to be legally privileged they have to go back in time and unmonitor it? And as for the downloading and uploading of *any* files being prohibited; by what other magical means is Internet access supposed to work?

Perhaps this comes from the same Home Office brains that gave us such great ideas as secure encryption with backdoors, or that argue bulk collection, storage, indexing and querying of all communications meta data somehow does not count as "mass surveillance".

The EU wants you to log into YouTube using your state-issued ID card

Chris Fox

No ID cards in the UK? Tried to get a job recently, or rent property?

It's a bit disengenious to maintain that we have no ID-cards in the UK. While No2ID and the like might have won the battle against UK ID cards as such, they lost the war. Essentially passports now play the role of "voluntary ID-cards" in all but name. Indeed it is becoming hard to argue that they are even voluntary.

If you want to work in the UK, or rent property, or open a bank account, as a UK citizen you will almost invariably be required to produce a valid UK passport. Other documents are not given the same status. Unless you happen to have your full, original, birth certificate, you will de facto find yourself having to fork out for a passport, and have your details and biometric photo lodged with the Passport Office, even if you have no intention of travelling.

Perhaps this was the real plan, and the scrapped scheme was just a decoy to distract attention away from the Passport Office, as it was effectively given a role that lies outside the remit of its Royal Perogative. It would also help to explain why the *ID-card* scheme was funded by an increase in the *passport* fee, and why the increased fees remained in place after the ID-card scheme was supposedly abandoned.