Posts by Doctor Syntax

Re: Very Sloppy Headline Writing

"Sadly some may break the rules, that is what supervision, management, the police and other agencies are supposed to be there to control"

True. And those who break the rules, at least those rules which are part of legislation, can be prosecuted. But are those who break this set of rules prosecuted? If not why not? People have been asking "Quis custodiet ipsos custodes?" for a very long time and with very good reason.

"When the advertising industry gets its own house in order"

When? Don't you mean "if ever"?

Re: Maps, etc.

"Google is trying to control the Android stack, that much is undeniable, so the question is whether that control is ultimately harmful to such an extent that it is illegal"

And determining whether it's illegal is the outcome of legal processes such as that which the EU is launching. If they're doing that they must have a basis for believing it to be so and the present article presents informed opinion that supports such belief.

As you say, it's a question. Don't you agree that it should be answered by the appropriate mechanism?

Re: Maps, etc.

"zero substantive rebuttals."

The case was stated in the article based on someone who's actually read some of the licensees' contracts. I look forward to reading your substantive rebuttal of that.

Re: Others?

"Paradoxically, the best course of action is for them to just close up the platform and turn the whole thing into a binary blob."

That would require them to replace all the GPL-licenced stuff with something else, probably BSD.

Re: Ubuntu Phone

"Can I go into a phone shop on the high st and buy one?"

Do you have to go into phone shops to buy phones nowadays? Last time I looked you could buy them online.

"The problem is that they can't .. at least not without falling foul of US law when the feds come a-knocking."

There are ways. Microsoft think they've got one with the data trustee set-up they're putting together in Germany. An alternative would be to have EU nationals set up an EU corporation to run the operation in the EU in data centres owned by the EU corporation under EU law as a franchise with the terms of the franchise specifically preventing the US parent from accessing the data.

I can't think why they haven't done this already - I'm sure there's no shortage of legal expertise in setting up franchises when it comes to tax arrangements - unless they don't want to share the money with their franchisees.

"or US companies operating in the EU the solution is simply making a sincere effort to abide by the law there."

No. The solution is simply to abide by the law. Sincere efforts are not enough. It will take a serious reorganisation of how they do business. If the Microsoft data trustee scheme proves effective then that sort of solution would suffice. If not then they'll have to resort to a franchise operation where the entire operation is hands off for the US parent.

Re: Once again, a clear demonstration that a belief

"without the IT they had NO business at all."

I've often thought that the best way to deal with PHBs who want IT to justify itself is to offer to switch it all off for a day to see what happens.

Re: So, what are YOU doing to protect yourself?

"you should assume that when the Feds arrive with the proper papers they'll be given what they ask for."

Barry, sit down before you read the next bit, it might shock you.

Sitting comfortably? OK.

There are other governments in this world besides the US.

Some of them might not have human rights policies that you agree with. Who makes the call when one of those rocks up to $vendor with proper papers? Does $vendor let them all in? Or none? Or should they call you with your great powers of judgement of who's right and who's wrong?

Stay sitting down because the next bit might shock as well.

In addition to governments there are also criminals who might want to break encryption.

If you've given out the keys to legitimate requests (whatever those might be) how do you control them so that the criminals don't get them? Or if you tackle the issue by installing back doors you do you prevent the criminals from discovering them?

Re: I won't even begin...

"There are two sets of random numbers generated, one with high entropy and one with low."

I get that. But why should the latter tell you anything about the former? Or, given that they're talking about TRNGs based on noise sources, how do you get two sets of numbers out of them other than by diverting every other number (or some other percentage) from one set to the other in which case how do you have different entropies for the sets?

In short, this seems like a remarkably low content article.

Re: Offline device

"what happens when you add or change an entry, forget about it then change another entry on another device"

I think I can see where your problem lies.

Enduring power of attorney

"More reliable than knowing a password which might change, and has the advantage of being legal!"

But reportedly beyond the comprehension of many bank staff.

Re: Best option

"There is always the option of writing security details down in lemon juice invisible ink and then revealing the writing later by holding it near a candle. "

Anthracene solution and a UV lamp?

Re: Takes courage

"That's why you write the resulting commands into a file, which you inspect before running it. I also mentioned checking the results from the database for sane values"

And take the path variable that you've constructed and feed it to ls, just to see if what you expect happens.

Re: In related (hoax) news

"That was a hoax"

Are you absolutely sure?

Re: Alternatively...

"While I agree that catch-alls can be a problem, in small service companies they can be a life (company) saver."

There's a difference between external mail and internal mail in this respect. And the larger the company the greater the probability that there will be legitimate internal mail that's above the monitor's level of responsibility.

If you think you need a catch-all make sure everyone knows about it and whose will be reading it. At least anybody who's sending anything sensitive (personal or business) can either take extra care with addresses or choose not to use email. Shock-horror - other methods of communication exist!

"Suppose the emails contained evidence of some crime that was later committed?"

I'll see your straw man and raise you. Suppose they contained confidential company information that would affect share prices? Difficult to avoid suspicion, even if innocent, if there were then suspicious share trades.

The fact is that intra company email can contain all manner of confidential information. It could be customer or employee personal data. It could be product plans. It could be results of clinical trials. All sorts of things above a support desk pay grade and operation of the email system shouldn't depend on such an employee opening it to route it correctly. It should bounce and give the sender a chance to re-route it correctly, sight unseen by anyone else.

Re: Legacy Code

The trick is to recognize when one is reaching this point and to stop fiddling with it.

FTFY

Re: Translation

"I wish there was an antibiotic for cynicism. I need a large dose."

No you don't. Cynicism is the antibiotic against marketing, management stupidity and a great many other modern ills.