Posts by hayzoos

Poison the well - so to speak

It seems to me the situation has reached the point where nothing you do can effectively prevent the slurpage. I was thinking that instead of trying to resist, try to obscure. Rather than giving up, give freely and give often. Try to become the 26, 30, 52, 40, 80, and 77 year old male and female white, black, blue, purple, and green unemployed self-sufficient retired woodworker, buggy whip maker, designer, theologian, CEO, capitalist, volunteer that follows .... you get the idea, I hope. You become everything and nothing. Your advertising profile becomes both distinctly identifiable yet anonymous. In effect, poison the well from which advertisers drink.

More to the Story?

My gut instinct tells me there has to be something more to the story. The gist of the comments seem to agree that blowing up over housekeeping submits is not right. The clue is the KPI reference and mention of a 996 work culture. One possibility I can think of is that submits from the huawei domain upon analysis have become mostly small numerous comment corrections or the like unnecessarily broken up into smaller submits but spread out over time so as to be less noticeable but produce high counts for KPI. Inefficiency at it's finest driven by phbs. Each submit may require a minimum time for administrativa be it one typo fix or all.

People don't see the need

Ransomware is the cybercrime du jour. FIDO does not solve that problem. The problem FIDO does solve is not scary enough for people to want take the effort to use it. This applies across the scale at the individual and enterprise levels. For the implementors, SMS is king. In the US banking industry, SMS is good enough for regulators so banks generally offer only SMS as 2-factor whilst it is required by many banks. Other industries use the banking industry as their comparison with most seeing themselves as not needing more security than a bank. The threat landscape would have to change for those viewpoints to change.

Smoke and mirrors

[24/7, it's claimed, maliciously disrupted LivePerson technology on the websites of customers, misrepresented data related to LivePerson's technology, services, and system performance to promote its own competing service, and "[injected] spyware into LivePerson’s databases, through unauthorized use of LivePerson’s copyrighted code, in order to gather information regarding the operation of LivePerson technology—presumably to reverse engineer LivePerson’s technology."

"Once 24/7’s live-interaction software has been installed on a website that also contains LivePerson’s technology, it appears that 24/7 improperly injects 'spyware' into LivePerson’s systems," the complaint states. "24/7’s spyware appears expressly designed to capture confidential and proprietary information and data regarding LivePerson’s technology and client relationships."]

I have my doubts that LivePerson's databases were breached as claimed. The unauthorized use of LivePerson's copyrighted code is also questionable but plausible. "Presumably to" weasel words alert! And "reverse engineer" is a valid legal means of deriving trade secrets, but should have been covered in the agreement specifically. It can also be hard to prove reverse engineering as a defense if one has access to said secrets. "Appears" twice mentioned in claims is also a weasel word.

I think most of the implementation was using javascript. Javascript which runs in the web browser in the context of the website but hosted by other servers. Something called cross-site scripting which used to be considered a security issue. Web browsers have little to no sandboxing of javascript coming from the site's domain or other domains referenced from the site's domain. It is trivial to mess with javascript in a browser session when your javascript is executing in the same session. If LivePerson's trade secrets are represented by this javascript then there is essentially no protection of the trade secret. While the javascript itself may be protected by copyright the methods it embodies are not. Patent protection is better suited for that situation. Trade secrets rely upon confidentiality agreements prior to revealing them. But if the trade secret is being revealed to any web browser visiting the clients' sites, then confidentiality is questionable.

I know precedents in other cases went the other way for trade secrets in similar circumstances. I wonder if the court understood the technology well enough to make the decision. Or, did LivePerson's lawyers put on a good show while 24/7's dropped the ball.

Good, but more

In a statement, Congressman Morelle said: "For too long, large corporations have hindered the progress of small business owners and everyday Americans by preventing them from the right to repair their own equipment.

"This common-sense legislation will help make technology repairs more accessible and affordable for items from cell phones to laptops to farm equipment, finally giving individuals the autonomy they deserve."

I support the effort, being a Mr. Fixit myself. A couple of points need to be made on the statements. They are not preventing us they are taking away from us. Thus, they will not be giving autonomy, but returning it.

In some categories, the access to parts just may not happen. Tools are available and reverse engineering provides the knowledge. But if a manufacturer never repairs themselves and only provides a replacement under warranty, then there may be no spare parts available, they may not have affordable tools to offer. The economics of simply not repairing but replacing under warranty may be more than offset by the profits of continual replacement of "disposable" out of warranty kit.

I think the effort needs to be more about discouraging making/designing more and more products to be disposable. This includes things that generally get recycled like cars, trucks, heavy equipment, farm equipment. It's not just about keeping things out of landfills, but also keeping more money in the wallets of the working class.

Claiming trademark infringement

The fine point is Oracle claiming trademark infringement. First thought of solution would be to strip all the badges before resale. Except, what about the software bits? Software also enjoys copyright protections which could be leveraged to protect removal of trademark badges. If you think about it both hardware and more recently, and to a lesser extent, software can be protected by patents and do not forget about design patent. Patents could be leveraged also to protect removal of trademark badges. So the argument could be that the trademark badges are an integral part of the kit thanks to the software copyrights, design patents, software patents, and hardware patents. Therefore all that has to be won is the claim that the trademarks cannot be sold/resold in markets not allowed by the trademark IP holder.

Brilliant! I should patent that legal manoeuver.

Neat

Now all they have to do is command the rover in a particular path. Then command the aircraft to view the tracks. The pattern should read "Hello World".

Vogons may have something to say about that

"Moreover, the reduction of gravitational force — and the absence of building regulations — in space would also facilitate the use of the new origami technology," Adriaenssens opined."

I expect they would be visited by a Vogon code enforcement officer. Oh the paperwork required. Origami without a permit, Building without a permit, Inflating without a permit ... So much poetry, so little time.

This is all just privacy theatre

A serious statement and policy on privacy would be "No Tracking, Period." Anything less is just there for show. Make the market believe we cherish privacy. Strike a compromise between diminishing the revenue stream of customers and the revenue stream of advertisers. Just because the revenue streams are tapped differently, doesn't mean they are not doing it.

And such is my opinion.

I guess sometime during the era of Win7, laptop manufacturers decided Function keys (i.e. F1 through F12) which had also previously taken on randomized secondary functions such as WiFi toggle, brightness, "media" control, cupholder deployment, and more; that long traditional F# functions should be secondary instead. I found this out a few years ago after having been off the MS cartel merry-go-round for a half decade. I was required to utilized spreadsheet Mark X (or was it March 10th 1900?) on nearly out of support Win7 laptops. I was attempting to use F2 to edit the contents of a cell since this had worked back in the days preceeding the existence of F11 and F12. The primary function of that key is now to dim the brightness on nearly all of those laptops. I am gradually rectifying the situation by rebooting, entering BIOS Setup, and changing the default back to the traditional behaviour. Nobody else has even noticed the changes.

Copyright is not

Copyright is not about making money on on Intellectual Property, in spite of what so many greedy highly profitable organizations peddling copyrighted work would have you believe.

Copyright grants the IP creator exclusive right to each and every copy of their IP work with a few specifically excluded fair use exceptions. The intent was to allow creative types to earn a living. Benefit to the public was creative works which may not be if the creator had to do something else to earn a living.

There is no requirement that a copy of copyrighted work be compensated monetarily. Lack of monetary compensation does not turn a copyrighted work into public domain.

Creative Commons licenses are for copyrighted works. In fact, CC licenses are not worth a damn without copyright. If Elsevier has in fact sold a copy of a CC non-comercial licenses work, they have committed a copyright violation. The seriousness of that violation is just as much as any violation they may claim somebody else has made by copying a copyrighted work licensed for monetary compensation.

Sci-Hub is acting like a Robin Hood, questionable means for a noble goal. Legally, wrong. Esevier is also using questionable means for a um..., goal. Potentially, legally wrong or just wrong. Two wrongs do not make a right, three lefts do.

Waters are muddier now

Believe it or not, my career experience here in the US is that independently produced IP is yours. An employer can object on competitive grounds. Granted my sampling may not represent the whole.

A few of my jobs were paid hourly, so "on company time" was clear cut. If I was not being paid for the time it was mine and so was any work or creation during that time unless I used employer's resources.

I worked salaried jobs as well. Most of it was not work from home. "On company time" was scheduled work hours even if an irregular schedule.

I did have some work from home or hotel or client site or on vacation (holiday). I only did work on vacation because I overlooked completing a report prior to leaving (I was in a hurry), had to VPN in to crunch a few numbers and generate the report. "On company time" becomes a bit less clear cut when you can work from anywhere at almost anytime and are salaried.

My current job is hourly and only a very small part of it can be work from home and only if I bring company equipment home to do it since I "don't do Windows". I have only done that once for 1/2 hour for my own convenience.

With the major shift towards WFH, another of the factors helping to determine what belongs to whom is going away.

I have tools I have created on my own time, using my own resources, some while salaried. I even used some for the job. Some are software tools, some are tangible tools. I see no difference, they are mine. I have never had something so substantial as to have an employer want to market it to their customers.

Even under the US career environment I have experienced, I think the forensic software would belong to the employer after hearing the overall circumstances.

Good joke

"private linkedin account" hilarious, ROTFLMAO! Oh, wait he was being serious wasn't he?

Time to further excise the Google tumor

I have used Google services for a very long time. I have some backup plans, but I need to do better. I have been weening myself from full Google domination, but some things are hard to replace. I have to look into a Google Voice replacement (a call forwarding, voicemail, and SMS service). I have a grandfathered Google G-suite free level with a domain for my family including email hosting. I have paid android apps I use for work. It was so easy to get entangled, but when I started gmail was invite and I have over a decade (sheesh, maybe two) of email use and hundreds of sites and entities where I have to change email addresses. I have already taken some steps but have to coodorinate some and get the prerequisites correct. I keep chipping away though.

I can code (program)

I do not consider myself a developer, nor a coder, but a programmer. I will use a library if I know what it does inside, outside, topside...every side in every conceivable case I can muster. I will test it thoroughly as I test my own code. I am costly in both time and money, but strive to produce as correct code as I can; aka quality.

Many, many years ago, I was contacted to produce a payroll system for a company which had expanded from a single tax jurisdiction to multiple. They wanted the thing done in a month, they could not wait. I replied I would require no less than three months with one or two contingency until I could analyse the requirements. I did not get the job. Fast forward five years and I found out the "coder" the hire instead of me had delivered in two months instead of the agreed one. And, they were still working out bugs and had dozens of work arounds to process payroll including pre- and post- processing with a spreadsheet. They are now out of business.

The problem is unwillingness to pay for suitable quality. This goes far beyond software in IT. IT security is afflicted. It also does not help that the current trend of software is change for change sake and the abominations we are seeing is horrendous. There are losses due to abandonment of well reasoned user interface elements. How much time(money) is wasted when a form rejects input on submit when the input is formatted had been formatted in common form and only instructing the user of the expected form after the fact? Not really a rhetorical question, I just do not have the resources to make that determination. I can write a routine to transform input in common forms to the desired form for processing, I do not consider it to be time consuming or challenging. There are so many examples of poor programming, I could write an encyclopedia on the topic.

I agree training more developers is not the fix. The problem is deeper and requires a more complicated mitigation and is not likely to be accepted by those who make the decisions.

Overreach

The DMCA in the most basic concept of circumventing copyright protection could be tolerable, maybe. But, the concept has been so twisted and the scope has crept, nay, launched so far beyond protecting copyright that it must be terminated with prejudice.

It's replacement has to place requirements on protection mechanisms to allow fair use, or it cannot be implemented. If a protection mechanism is found to be prohibiting fair use, then circumvention would be allowed. Any mechanism replacing one to have been found prohibiting fair use would have to be reviewed before being allowed to be implemented and would still be subject to possible circumvention allowance.

Protection mechanisms have to actually be protecting copyright. Carrier lock on cellphones does not qualify, and would not be afforded protection from circumvention under the law. Creatively designing a product to place copyrighted material in the realm of non-copyright material does not qualify. So making an ink or toner cartridge "smart" so it's protection mechanism extends to the the consumable does not qualify. Any design found to be artificially creating a revenue stream due to placement of copyright does not qualify. This is only a start, I'm sure others can contribute excellent ideas of reasonable constraints for a copyright protection mechanism law.

Copyright is important, but is has to be reasonable. Open source (which I prefer) depends on copyright to be able to enforce the source remaining open. Copyright allows creatives to earn a living, but extreme capitalism has twisted copyright to their benefit at the cost of creatives. It is this twisting that has brought us the DMCA in it's current form.

I understand the concept of a manufacturer simplifying to reduce cost and using the same platform for both the base model and top end and everything in between. I do not agree with using "locked" settings to achieve this. You leave out hardware or substitute lesser hardware to differentiate. My truck is very basic with few extra features, but is has the same wiring harness of the top model. All I have to do is purchase the trailer brake controller and plug it in to add that functionality, as it should be. I do not have to hack the settings to enable an already present trailer brake controller, and worry about a DMCA violation.

I have hacked (in the old MIT sense) the family coffee maker, some call it a Keurig, to use whatever coffee no matter how packaged, with or without a Keurig k-cup license, in any manner the machine can produce the beverage. I have sworn off any vehicle which required manufacturer permission to replace components non-essential to core functionality so the vehicle can remain functional. My main computer is over 10 years old, has had a few upgrades/replacements and still does most everything I need and/or want.

For those who missed the sarcasm of the first post, a browser doing it's own DNS circumvents a system level configuration. Remember, the Internet is not the WWW. So now you have a system where DNS queries are going to different locations depending on how client software is configured, very messy, overly complicated, and ripe for failure.

I had a problem with Charter blocking DNS going outside their network. That is not OK for an ISP where endpoint equipment is owned by their customers who pay for internet connectivity. It's fine for a company that owns the endpoint equipment and the network. I managed to have that problem resolved in a single phone call, albeit a long phone call with many transfers.

I used a corded PS/2 trackball from Radio Shack for many years until it wore out beyond repair. By then it was no longer available for replacement. It differed greatly from the most popular trackballs. It was about the same size as a mouse. It had the ball about where the scroll wheel is on most mice these days. It was flatter than today's mice or even most mice of those days. The right and left buttons surrounded the ball most of the way around either side. Behind the ball was a small click lock button for click and drag simplicity. Ergonomically the motion was shared between fingers, hand, and arm so not very tiring or overtaxing of any particular appendage. It was symmetrical so suitable for left or right handed organic interface. I frequently used it on a reclining chair arm as easily as on a desk. If this was available again in modern connectivity, I would get as many as I could justify.

$49.95/mo. Xfinity (Comcast) "Internet: Performance Starter" "Internet: Download as fast as 25 Mbps" direct from the latest bill.

Login at xfinity.com for more information. Such as upload speed or usage, but upload speed or speed of other levels are a bit scarce. You are directed to the sales portion of their website and have to spend a lot of time to try to track down the info. A speed test through a VPN does achieve download of 24.9 Mbps and upload of 2.9 Mbps.

I am averaging 90GB/mo. with a maximum of 119GB over last 6 months and no overage. Although I do not recall getting a notice of a cap applying to my service even though there is an overage column in the report.

Comcast is the lowest cost and best performing option I have. I can get DSL from Verizon, satellite, and there is a fixed wireless service, no fibre. All those cost more per bps some with lower speeds and caps. i.e. no real competition.

We must go on the offensive

In arguments we should point out every possible offence of the very words they are using to justify this effort. Every word can be offensive, some are just a little tougher to spin. We should endeavour to begin using their proposed replacement words in an offensive fashion, poison all words. I think we can poison faster than they can complete even a satisfying change.

I wonder how many of these people of tenuous membrane organ hold MBAs.