Posts by doublelayer

Re: 6.9bn

There was an "at least" in there. The real number is probably higher. Some cybercrime won't have been accounted by the FBI, which mostly starts caring when a U.S. entity is involved as scammer or scammee. Some won't have been reported to any law enforcement. Some won't have been counted as cybercrime and counts as a different kind of fraud.

But even if it's the right number, that's a big number. Individuals can face losses in the thousands and companies in the millions. That's enough to cause lots of problems. If we decided that Amazon could pay for all the losses due to crime, we'd be fine, but since we can't, individuals have to deal with the cost. Consider how a $10k (or local equivalent) loss would affect you. If you have savings for that now, consider how it would have affected you when you didn't. It's a problem for those people.

Is that the only context that rings a bell? I first think of graduation or graduate. Then of gradians. Then grades. Then of gradation. Then of Russian city names (other countries also use it, but the Russian ones are the ones that I think of). Only then do I not really know what comes next meaning we can be charitable and call the rocket the sixth thing that comes to mind. Somehow I don't think Google was picking an unusually insensitive acronym.

Re: 16 years ago

"When was the last time that you saw either a floppy or an optical drive on a new laptop?"

Floppy: it's been a long time. Optical: last year. A few large laptops still include them. I avoided those models as it's a lot of weight for a feature I'll use once a year. I understand that there are people who use them more often, but for the rate I use them, a USB one is fine. I'd prefer another drive bay, larger battery, or just a smaller laptop.

Re: If I owned a piece of equipment?

No, I'm afraid it is you who is not listening. I have specifically acknowledged that JD have not implemented the feature in the way I recommended and I have also specifically said I don't like it that way. The post to which I responded spoke of remote bricking features in general being antithetical to the right to repair or the right to real ownership. I disagreed and provided methods. I've stated in my original comment that it was a possibility, not already granted. I stated in my previous reply to you that it was general. I stated in this one a method by which it could be accomplished, using words like "could" to indicate that it wasn't present.

Re: Defence

Here are instructions for using the tool developed by Amnesty International's forensic people. I cannot promise that it produces perfect results or that you can't do something wrong and create a problem, but it looks straightforward enough for the technical user.

https://docs.mvt.re/en/latest/index.html

Re: So you wrote it, and it works

Yes, recompile the code, reconstruct the package, presumably change at least a couple pieces of metadata so it's not byte-for-byte identical to the last package, and republish. This has done nothing for your users. It may have taken you some time to do. Now it has to go through Apple's verification system and all your users will have to download this app that's no different than the last one. If you fail to do it, new users won't be able to use your thing anymore. Why is this needed, again?

Re: There is an argument

The UK military has hired people for computer-related jobs, including offensive operations. They're predictably not keen on telling us how many people are working on offense rather than defense and exactly what they're doing, but they exist. Other parts of the UK government have had offensive uses for computers for quite a while. If a country used cyberattacks to cause significant damage, they also have conventional weapons available to them. The UK and many other countries already have what you're asking for and have announced plans to expand.

Re: How friggin' tough could it be to just print the words?

I don't think this is a country thing. If it is, my country's system is to do it at random. Admittedly more often with up being on, but I can find examples of both in a lot of houses, and of course any circuit that has two or more switches will do both. I've seen a few left/right switches, but they're less common and usually control something other than lights. For example, I've worked in a lab where the safety circuits had left/right switches, probably so they'd look different from the lights and hopefully have fewer accidental flips.

Re: Doing my bit for the little guy(gal)

This is exactly what I was saying. The benefits to society of the new tech are usually greater than the costs to the person who was automated, so even if society has to fully pay for one of them, it's better to help the workers than artificially keep automatable jobs around. In addition, the automated worker can decide to do something they like to do more, which means even more reason to go with that option.

Re: We live in a free market economy

"Instead, companies rely on the government, via mechanisms such as patent and copyright, to prohibit people from doing what they want with their private property."

In this case, that's not what's happening. If we eliminated every copyright and patent that Apple owns today, the problem of repair is exactly the same tomorrow. Apple's serial locking code and whatever keys they use to make it work aren't out there, so it doesn't much matter that it would be illegal to copy them. Eliminating protections on IP doesn't help you when they can get what they want by not releasing information. The only ways you could prevent them from doing it are forbidding it outright, increasing the cost to them so they choose not to do it anymore, or forcibly breaking into their systems, finding the internal code, leaking it, and continuing to do that every time they update it.

Re: Pizza

"All of what you wrote indicates a distinct lack of planning."

No, it really doesn't. Take a situation where I am working late at an office on some important project for my employer. The office may not have an available oven, and I'm unlikely to carry a toaster oven with me on the odd chance I choose to use it. The office kitchen won't happen to include all the ingredients for pizza. If I tried to bring all those ingredients with me, some of them would be damaged or spoil. And, if I'm working late at an office, I likely don't have the time to fully make a pizza. Even if I knew all this would happen, there's not a lot I could have done. Most often, when something like this happens, I didn't know I'd have to do that until I was already there, preventing me from planning anything before coming into the office. I could of course run down to a grocer, buy the ingredients, and make a sort of pizza with the office microwave, but it will take longer and produce an inferior result than going to a restaurant and bringing one back.

Your argument works great if you're in your own house or the house of someone who doesn't mind you using their stuff. I'm guessing that, like me, you're in that situation a lot these days. Now that I'm working from home most of the time, I get the chance to cook many of my meals using my own equipment and ingredients, and I enjoy doing so. There are times where you're not at home, and things are different then. On occasion, some of those situations also apply at home. This office example is not the only one where that applies, but as you appear to have an investment in not accepting this, I'm not sure listing others would help.

Re: Very interesting...

"On the other hand i never understood why undisputed evidence can't be used when it was not obtained strictly following all rules."

It is an attempt to deter people from doing more illegal things. Your suggestion to lock up those who illegally obtained evidence is great, but law enforcement never does that to other members of law enforcement. They especially don't do that to someone who just successfully locked up what law enforcement sees as a "real criminal". Disallowing the evidence is a more successful way to prevent illegal collection under those conditions. Instead of having to wait for the police to arrest themselves, a lawyer can make the case and the judge enact a penalty that, while weaker than what would be optimal, actually has a chance of happening.

There is another reason it's done that way. If the precedent is that violations of the law means your evidence gets thrown out, then many similar things also get covered. Coercive confessions, slightly modified evidence, entrapment, and the like can lead to similar cases, whereas if the judges aren't strict about what you can do, someone will do more and more egregious stuff. This isn't to say that the rulings on unlawfully-obtained evidence have eliminated coerced confessions, but they do, along with rulings where those have happened, provide a stronger framework against them.

Re: Banning access

I'm not in the UK, but since it was in your comment, I tunneled to an IP address in the UK through a UK ISP and loaded again. It loaded immediately with no problems. I checked the routings. They worked as expected.

Re: Bits

It works like this. I'm going to grant you the right to own a URL on my server. You give me a public key and I'll sign a document in a prearranged form indicating that you own it. If you want to sell it later, you can sign a similar document. Nobody without your private key can sign that, so you're the only person who can sell it unless, as in this case, someone steals a copy of your private key and uses it to sign away your receipts. Meanwhile, anyone can load the URL, anyone can download the file at the other end, and I can shut down the server without you. I might also have signed some chunk of data that I can't take down as easily, but even then, everyone who wants a copy of the data you "own" can get that copy for free. That's how an NFT works.

How much for this bitstream? You will be the official owner of such a nice big number. You can sell it again at any time, assuming you can find someone else stupid enough to think it means something.

Re: As somebody who is likely also on the so-called spectrum (cerulean! I wanna be cerulean!)

I don't think it's intelligence, as you don't have to know anything to tell someone what you think with no diplomacy. In fact, intelligence probably makes it easier to determine when diplomacy is most needed and how to encode what you need to say in a diplomatic manner. Honesty is closer, but I think there's another element, namely risk tolerance. I feel more comfortable telling a friend that their idea sounds unworkable because I trust they'll listen and not be offended, whereas if it's a stranger, especially a stranger I need something from, it's harder to be honest when there's a reasonable chance they will react badly to hearing it. This probably also relates to experience--I've said things people didn't like to hear when I was younger, felt the consequences, and became more cautious when thinking such things. I still have such thoughts regularly, but now I don't say them very often.

Re: Does anyone recall the downfall of Digg?

"The only thing that seems likely to change is that fewer people will be prevented from participating in online discourse because of so-called wrongthink,"

Others can and have argued the accuracy of that statement. There's only one thing I want to say about it. Nobody says "wrongthink". Really nobody. It can't be so-called if nobody calls it so.

The 1984-ishness of it means that, even if someone thinks it exists and wants to talk about it, they'd never use that term. The people who think others are accusing them of it don't use the word; they've made up other words. It's not even the word used for that in 1984 itself. That is thoughtcrime, later updated to crimethink.

Re: Insteon wasn't always cloudy

"Why would common Wifi/Zigbee/RF devices require gobs of wiring everywhere?"

They won't, but they might also not work. Depending on the area the devices are in, RF communication isn't always a feasible option. This can be the case for many types of environment.

Perhaps the device and the central controller are spaced widely apart if you have a large house. In order for a signal to make it across, you may need to create a mesh network out of the stuff in between. Since that's not going to happen unless you already have the skill to DIY a lot of this, it becomes a problem. Maybe you've got a house that doesn't allow signals to penetrate the walls. Some kinds of buildings really attenuate signals such that even using WiFi through a wall doesn't work consistently.

If you live in a more densely-inhabited area, you may also have interference problems. Every area where people live closely together has a ton of 2.4 GHz networks that are clashing to the extent that 5 GHz or the new band on WiFi 6 that not many people have yet are the only feasible options. IoT gear using WiFi tends to only support 2.4 GHz frequencies using low-powered WiFi chips that already don't have great range. Put them in a place where your neighbor's network is stronger than yours and they're likely to have spotty connection.

There's a reason that a wired connection can often be more reliable. Adding more frequency area can help, but not in all situations.

Re: Put that laptop away

Some planes have had WiFi for some time. This just switches which satellites eventually connect the service. This has been approved for quite a while. There's also no problem using phones on planes (to the plane, actually getting the phone to do something you want is harder). The only part of their recommendation that makes any sense is asking people to put laptops away on takeoff, as it's more likely you'll drop it or get into a situation where the table causes a problem. When you're in stable flight, it's fine.

Although it's a comedy series, I must repeat this joke from Cabin Pressure that explains the situation:

Carolyn: Finally, please keep your mobile phone switched off for the duration of the flight. Obviously they have no effect whatsoever on our navigational equipment, or we wouldn't let you have them, but they drive me up the wall. Thank you and enjoy your flight.

Re: Interesting

An app that sneakily records your calls is one problem, but if any app asks you to enable an accessibility service, a four-step process with security warnings, and you don't know why, you should already be worried about it. An app that has that as its purpose is a tool that people understand and may want to use.

Re: No Real Solution

I don't follow. France is democratic, yes. How does that argue against democracy being accepted elsewhere as well? How does that argue against Europe having a history of dictatorships, including in France, in the long-term? I don't see how this contradicts my argument.

And as one of those security folks, this is the problem with non-security folks. They assume they're safe because this box they're looking at isn't very important. They don't think about all the methods an attacker would use, including getting a beachhead in something unimportant and infrequently managed so they can attack the network from within. Since you're posting here, I think it's more likely that you really know what you mean when you say the box is on a network that never will be available to the internet, but many people also say that and find that someone did connect a cable, long ago, forgot about it, and someone has found it and used it to install malware or extract data.

I've worked with those people before. One colleague I've had was of the opinion that no security mattered because, as long as it could defeat the average five-year-old (basically as long as there was a password on any administrative or root accounts), we would be fine. His frequent explanation of this was that, as hard as we worked, we would never get a system the Russian government (for some reason, it was always them in the example) couldn't break into. This despite having several networks compromised with malware, including ransomware, during his tenure. When malware is involved, it doesn't matter that your system is more secure than someone's. It doesn't matter that it doesn't contain particularly interesting data compared to others. While being interesting can make you a bigger target, there are enough attackers attacking indiscriminately that you will always be targetable. If you set up a server with SSH access, even if the disks are otherwise blank and the machine has never sent out a packet, bots will find it and attempt to gain access within hours. Lots of other protocols are also attacked in that manner.

At will just means the people can be fired more easily, but it doesn't particularly restrict union activities. Firing people because they've conducted a union-related activity is still not allowed, and they can still be sued for it. The union members still have the power to use the value of their experience and rarity to their advantage, so unless there's a large supply of people willing and able to do the work needed in an Apple store in this area, they have the ability to cause Apple pain. If there are a lot of people who want to work there and don't want to join a union, then they could have more trouble with it as their members are replaced, but that's when a union can attempt to convince non-members that they can benefit by joining. If they can't do that, then they're probably not doing enough for the workers and need to change the plan.