Posts by doublelayer

Re: Free as in freedom

They aren't using this policy to enforce terms of the original license. What they've prohibited is allowed under the license and entirely doable elsewhere, and they just don't accept it in their store. Their goal appears to be to prevent users from receiving code that misleads about its origins and open source developers from having their code used for profit by others, neither of which is a crime but both of which are unpopular.

I see those goals as reasonable. Perhaps others would prefer having no restrictions other than those that are required by law, but the range of opinions is so large that they're going to get negative feedback no matter where they strike a balance.

Re: There's no problem here

I agree with this distinction with one additional aspect: the product of an AI might itself be patentable, for example a design for a component that the program has created to suit the goals programmed into it by the inventor. That design can be patented, just as one created using manual design software could, but by specifying the unique and invented components of the design, not by attempting to reproduce the training process. The idea of assigning the tool as the inventor or of considering any file such a tool produces as an invention is just going to lead to lawsuits with no beneficial purpose.

Re: I don't believe it!

It depends what the system was intended to do, but I mostly disagree. My work machine permits me to send out emails and upload files to external services. Yet, if I use those mechanisms to steal data, it's still my fault and I still go to jail for it. Locking things down to the extent that I'd be unable to steal corporate files would likely cause many problems with my actual work, and they trust me with the data and the machine, so it's not unreasonable for them to trust me to follow the policy as well.

Re: Another Angle

No, it's really not like stock. Someone controls a company which moves around the value of stock. There is a person or group of people to be regulated, and you can find them, take their company off them, fine them, etc as needed to enforce regulations. Many successful cryptocurrencies don't work like that. They are a lot like commodities: something you can have that might be of value to someone, but maybe not. Whether they're valuable as gold or cheap as sand, they have similar levels of ability to regulate. You can easily regulate those places that buy, sell, or hold gold, but you can't pass a law instructing that gold file papers like you can with a company issuing stock.

Re: Burn

While I don't have a Twitter account and don't follow any of those bots, there are bots that provide a useful service. I've created several of my own to automatically retrieve information and present it in a useful way. I know some using Twitter can do the same.

"I can't help but think that the pair of them fell perhaps knowingly into a honey trap baited by the financiers,"

You have it wrong. They were the honey trap for the financiers. There's a reason they didn't get any investors who knew anything about the field. They couldn't get anyone who knew about their product to accept it, from the first professors who told Holmes her idea was infeasible to the FDA investigators who kept saying the product would need to demonstrate efficacy before they'd give licenses. They targeted people who had a lot of money and no knowledge of the field, often those who didn't have much investing background, because they thought it would be easier to lie to them. When people who knew enough about investing started looking at reports, they created false reports and put other companies' names on them to get them out of the way. The financiers have not gotten anything out of this; yes the fraudsters are being punished and there's some chance of taking some money back, but they're still taking a loss from this.

Re: State Surveillance. The weakness here is in swapping out for a compromised device.

"Given this is attempting to prevent State surveillance. Worth stating that deliveries can be intercepted and addresses flagged for purchases of electronic equipment due to be delivered and examined/opened before delivery."

NSO malware is frequently used by states surveilling people in other states. Saudi Arabia couldn't have intercepted a phone being delivered in the US to compromise it, at least not as cheaply as doing it locally. They may also lack a convenient exploit kit to install on a phone that remains resident, given that the initial setup process only happens normally when there is no user data.

"If you're going to this much trouble, you also need to go to the trouble of obtaining a device through someone else, who isn't being targeted"

Or get lucky. The last laptop I bought for someone was by walking into a shop, paying for it, and carrying it out. You can buy phones like that too. Try intercepting that delivery. Unless they've got a spy in every computer store or opportunistic malware on all of them (and I'm sure they'd like to), you can't guarantee it. They can do a number of things, but they aren't certain and they're expensive and difficult.

"Apple is likely to have a list of devices with this feature enabled,"

Why? They don't need that in a database. As you correctly point out, doing that could cause problems. There's no reason for them to want that list or to put in code to collect it, which could not help them but would certainly anger users.

"Surely better to sit below the radar with an unassuming run-of-the-mill device within the masses, switch off every privacy compromising feature you can, so that it looks like every other regular Apple device. The idea is not to stand out from the crowd."

Again, this is on-device config. It's not a spotlight attracting attention to you. Likely, if you're turning this on, they already know who you are and can find your device without needing this, and the feature just protects you from their attempts to penetrate your defenses.

"This doesn't fit the zero-trust model."

Actually, it entirely does. The zero trust model isn't about trying to hide. It's about having protections on everything. A zero trust configuration is very different from a default config that has several trust-based attack surfaces. I should point out, however, that zero trust configurations don't announce themselves routinely. You only find out whether it is one when you intercept its traffic or attempt an attack.

Re: Stop us if you've heard this before

In most cases where a monopolist has been broken up by legal action, the resultant pieces have remained private. They continue to operate without government control, just without being able to work in concert. The person you replied to did not suggest nationalization, so suggesting that they desire it is putting words into their mouth.

Re: Juries determine facts

The problem is with fact 3, if the participants choose to bring it up:

3. Did the defendant's thing come under the plaintiff's patent?

If they're arguing about timing like the one mentioned in the article, that's not a problem (yet), but many cases will see the defendant claim that their product is different from the patent, so it's not covered. As for this case, it's still important. If everyone agrees that Norton used the idea in 2009 and the patent wasn't until later, that makes Norton's use of it prior art and invalidates the patent. This means that someone is going to suggest that what Norton did in 2009 wasn't covered under the patent and they added that at a later point after the patent was filed, leading to the same question as before. There's not a great answer to who should decide this, but the average jury isn't going to know.

"one times in three, the correct answer comes out - do you get that this would be impossible if the model didn't have understanding?"

It wouldn't be impossible. It has the answer, written by someone else who has understanding. It correctly found the right snippet. It's like a person who doesn't know how to write code but finds a Stack Overflow post that actually wrote what they want. They don't understand the code, or they could have written it themselves, but when they paste it in, it works. When the model gets the wrong snippet, it has no clue that it's messed up.

You're ascribing something that is the entire point of the model to understanding, but no understanding is needed to produce that result.

Re: The standard

How they got into those accounts might be a problem. As the article said, either they had a password leaked or the attacker has access to one of their contact methods to perform a reset. Either of those could be concerning for additional actions, although given what this attacker chose to do, probably not that bad.

Re: A chain is only as strong as its weakest link

So Librem are responsible for fixing the internet now? Yes, there's leakage when you use systems. You don't want the leakage, can't use the systems. ESNI will eventually deal with the URL leakage problem. Nothing short of improving the mobile operators will fix their leakage problems. In neither case will the device at the endpoint be able to make massive networks stop using protocols with privacy risks on its own.

Re: Somebody is going to have to create some case law on this

"does the DoT own the copyright on the shape of the STOP sign?"

No. For one thing, such things are frequently standardized, so it wouldn't necessarily be them. Many governments, including the American government, can't copyright things, so things they have designed and published are automatically in the public domain.

"Do the people whose faces were used for your iPhone camera's face detection have a copyright on the algorithm?"

I'm guessing the photos used were collected by the algorithm writers to avoid this. Unlike, for example, facial recognition where it needs the details of many peoples' faces, face detection just requires a lot of pictures of faces on different backgrounds. They can be from a small subset of people, so it's easier to get consent.

"Can criminals register a trademark on their face and stop police using it in mugshots?"

No. Getting a trademark or copyright doesn't prevent people from using the work, but from conducting business with it or distributing it respectively. A criminal could copyright a photo, but the police will be taking a new one not copyrighted by them. They could trademark their face, but the use of the image would be allowed because the police weren't using it to sell products or imply endorsement.

In this circumstance, however, the code is copyrighted and not licensed such that Microsoft's use is acceptable. Microsoft could probably argue successfully that they were permitted to read it and use it in derivative works, and thus the creation of their tool is fine. However, the tool is going to output things which potentially fall under licenses with other terms, and Microsoft doesn't appear to have a plan for how they'll deal with those. In short, they would have no legal problem if they created this thing, including reading all the code they did, but never used it. As soon as they want to distribute the result, they have an issue.

Re: Eh?

"there may have already been a lot of behavior that annoys the first person who simply does not like to be coerced, just because others feel entitled to restrict him from acting anywhere outside of their scope of imagination."

I'll say it again. Not implementing the feature you want is not coercion. It's not restricting the user from getting what they want. It doesn't force the user to use something specific. A user who doesn't like a decision may well be annoyed that the developer won't do it for them, and they're allowed to express that annoyance if they want, but they shouldn't be defended as if the developer's decision is in any way coercing them into never seeing the idea come to fruition. They have lots of options left, even when the developers they're asking aren't going to do it for them.

Re: Terrorist state

"I am sorry, but I can't see many Russians against the war, in fact it is quite the opposite."

Have you been running surveys? I'll say up front that I hate what the Russian government is doing, and I don't want any country to let up on them until all the people who aided this invasion are testing their defense tactics in war crime trials. However, I know many Russian people who agree with me on that. Most of the ones I know aren't located in Russia anymore, because I'm not from there and don't know many people living there, but I also know some who are still located in Russia because it's not easy to leave for another country if you don't have a lot of money.

Just because there are Russians who don't agree doesn't mean we refrain from actions that harm Russia as a country, but it's still useful to understand that they exist. These are possible allies, so it's helpful to ensure they keep receiving correct information and that, when we can, we target those doing the actions and not those opposing them.

Re: 2.4 band only :-(

I agree. What's worse, there are still larger devices that ship with 2.4-only WiFi. It's not true in every product type, but a lot of things at the cheaper end leave out that comparatively simple feature. There are a lot of places where the performance on 2.4 is not good at all.

Re: anonimity ? Internet ?

My ISP knows who I am, but if you come to my place and use my connection, it won't automatically know that. There are also methods to hide information about the destination, by using VPN providers that don't log, for example. Even if the VPN provider knows who I am through my payment method, they could still refrain from tracking my activities (and if they don't, that's not a VPN I want to use). If you want, there are more extreme ways to hide network activity. Just because some information is available to ISPs doesn't mean it always is or that it's reasonable to have other places collect even more.

Re: How to stop it in it's tracks.

I'm guessing they're not trying something that extreme. It just prevents them from having to find someone that looks very much like them to steal their identity. Certain other characteristics are harder to fake, so I'd guess the age, gender, and some other physical characteristics will get matched reasonably closely before a victim is selected.

I'm having trouble figuring out why that work needs to be destroyed? There are three alternatives I can see for getting around the plagiarism situation:

1. Go on the offensive and accuse the person with evidence.

2. Release it publicly before anyone could plagiarize so the person who did the work gets the credit. This could be a commercial publishing if you can convince a publisher, but it could be as simple as uploading it to a website. If you don't want to maintain a website, there are library/archive sites willing to do the hosting and presentation.

3. Wait to release it until it doesn't matter anymore.

None of those options requires hiding or destroying historical information, and I'm sure there are people who would like to know it and would greatly appreciate the effort he has put in.

Er, yeah, it is. A CLI option is great for many cases, and whatever you use will provide one, so you're not losing that option. A GUI can be useful, not only for users that don't like the CLI, but also for users who are entirely comfortable but understand that GUIs can offer useful features. For example, if you have an archive that contains, let's say, twenty thousand files, and you want to understand its structure and contents, which option do you want:

1. A CLI command that prints all of the filenames to a console, you pipe it through a sorter, then you have to read it page by page to find what's in the archive.

2. A CLI command that prints one directory, and in order to explore the contents of that directory or to move up, you run the command over and over, each time specifying a full path.

3. A GUI that can print part of a directory structure in a visually-understandable method, permit you to move around in the structure without reissuing commands, and also has all the functions you might want to perform exposed as controls.

I doubt you're using Lynx to read this article, so I'm guessing you also understand that not everything is best done on the command line.

Re: Check you can complete before you start

The test instructions come in various forms. Some do specify to read all text on the exam before starting, but quite frequently, I've seen the test with that removed. The instruction says to follow all instructions, and the person being examined has to go find it. Every real exam puts some instructions at the beginning and then a bunch of questions. It's not unreasonable for people to assume the normal format, as they would with single instruction lists on the front of a machine.