Posts by doublelayer

It really depends how our notional algorithm was trained. The model stores information it thinks is useful, and the developer cannot tell it to retain information or block it from storing information that is provided to it. So if address was an included field, and the algorithm was trained in such a way that it came to the conclusion, correct or not, that address was a useful feature, it would probably store relationships of that nature. Somewhat crazily, in that case, it would think it could guess at every address, including ones it's never seen before (though a good system would lower the reported confidence rate). It's not guaranteed to contain that information, but it easily could.

The major reason this could happen, outside my example of the evil programmer above, is where there are actually a bunch of patterns. Suppose that the 1200-1300 block on 2nd St. is primarily occupied by vegetarians (we're sticking with the grocers' model in this example). If the model was given this information, it could easily notice that people there are more likely to be ordering lots of vegetables and much less likely to order meat. This might convince it to keep more address information, because it was useful in that scenario. Now imagine that there is a large group of people, say a large extended family, who share the same surname and have specific recipes in common. Now the model sees a pattern where customer name is usefully connected to buying habits, and more of that data is retained. And now we have a model that stores two types of data that are next to useless, because they don't scale to the public at large, but would allow access to potentially private data. Removing that data would require retraining the model to exclude it. That's why we have to not put that data in in the first place.

Re: I quickly read the Libra White Paper

It's not new for the credit card people to be tracking purchases, but they haven't had the kind of history Facebook has with massive privacy violations. I wouldn't mind having extra choices for credit card provider either, for privacy reasons as well, but there's no comparison between Facebook and the established companies for privacy.

It's always nice to have an independent third party, but in order to establish its independence, I'll need to verify some things. It was started by Facebook, and they're the ones I'm afraid will hold too much influence. So I'll have to ask some questions. Are Facebook employees in this organization? Do Facebook have any control mechanisms over this organization? Is Facebook running the technical parts of the system? Let's check ... the answers are yes, yes, and yes. Let's ask a few more questions. Is there a method of throwing out Facebook? Is there some type of channel whereby the other people in this organization can override Facebook's decisions, including technical ones? Is there a method for end users to control the actions of this group? I'll check on those too ... no, no, and no.

Re: We live in a society

It was always this way. At nearly every point in history, the vast majority of humans would not be able to sustain the loss of the technology they used. In the 1950s, only a small subset of people could get electricity running again if power plants stopped existing. They'd have to build generators, obtain fuel from somewhere, and find some method of cleaning up the power so their electrical devices would be able to run on it. Even as we move back in history and technology becomes simpler, this continues to be the case. Do you think a medieval farmer, though undoubtedly skilled in agriculture in a way we modern humans are not, could get a plow together at that point? Of course they could, if they already had the necessary technology. Could they if they first had to manufacture an axe to get the lumber and the metalworking tools the blacksmith had using only things found in the natural world? I wouldn't count on it.

Fewer people study silicon design, but that doesn't matter much. If we ended up in a disaster scenario, even if we had all the silicon designers available, we'd also have to have the people who build the machines that manufacture chips, and the people who power those machines, and the people who get the raw materials out of the ground, and the people who purify the materials after they got out of the ground, and the people who build the machines for that, and the people to ensure all the aforementioned people don't die due to starvation, disease, or environmental factors (temperature, something toxic, etc).

Similarly, I was taught C and C++. I consider myself somewhat skilled at writing in them. I've written things at the operating system level. I've been employed writing in those languages. Could I, alone, develop an OS? Not a chance. I'd need to read a lot about how the real OS developers have done things so I could copy their ideas. And could I do that if I had to start from scratch? Even less of a chance. I haven't written a C compiler, and I haven't ever really connected to one.

Most disasters don't destroy everything. Even if a small area was preserved while the rest of the world was obliterated, there would be technology from before the disaster in that area if there were humans there. They would have to rebuild a lot of stuff, but they would do it on the back of the tech that existed before. And there's a reason turns of phrase like "blasted back to the stone age" exist, because they'd have to reinvent several wheels. But this was always the case. There was never some miraculous time when the majority knew what they were doing technologically that we've thrown away.

Re: How will this compare to WiFi

That's true. However, the difference between countries is the maximum power allowed and some channels from the full set may be forbidden, not a completely different frequency and method to use that frequency. Almost all WiFi devices can be configured for other countries by editing a configuration file (the ones you have don't seem to be constructed well), but changing a 5G transmitter or receiver requires different chips and antennas.

Re: Isn't the real flaw...

I've long thought devices should stop sending packets asking for the networks they know--they could instead listen for broadcast SSIDs which get announced anyway. This would at least solve the problem of devices that always respond yes no matter what SSID was requested and the other problem where devices can be fingerprinted based on the SSIDs they ask about. I'm not quite sure why WiFi decided to go the other way.

Re: Not Surprised

The single point of failure has validity, but so does the complex threat landscape. When there's just the one system, without interaction to others, the single point of failure argument is the more important, as everyone who wants to attack it knows what they're going to target. However, if the DoD used two cloud services and linked them together (I.E. one system running on AWS is used to control another system they've decided to run on Azure), an attacker could target either AWS or Azure in order to tamper with that system. If everything runs on only one of the cloud services, there are fewer available vulnerabilities. In addition, the costs for ensuring proper administration are reduced because the techs only have to be drilled in proper administration and security of one cloud service, rather than potentially following a policy appropriate to one and not the other or having different teams familiar primarily with different providers. So there's an argument for multiple providers or just one.

Re: I can see where you went wrong, step 1

You don't usually have to offer to help. Often, someone who knows you know about computers will ask you for help, and then you have to decide whether to agree, simply say no, or try to make up an excuse why you can't. This is made harder when it's your family or friends doing the asking. I can't count the number of times I've been frustrated with my family members doing something where I've suggested to them that maybe I shouldn't be doing their computer repair, but yet I still end up helping when something else has gone wrong, as I still like them as people and they haven't identified another option for getting out of whatever nightmare they're now in.

For example, I suggested to my parents that maybe they should ask someone else about their computer after they decided, against my advice, to do an in-place upgrade from Windows 7 to Windows 10 without taking a backup, then another in-place downgrade back to Windows 7, again without taking a backup. I recovered their lost files, but I told them the situation was untenable. Before that, I said a similar thing when they were running out of disk space and were trying, fortunately unsuccessfully, to destroy the recovery partition on their hard drive to gain that space (I think it was about four gigabytes) back. My suggestion to run CCleaner which could (and did when I ran it) clear up about thirty gigabytes of windows update files and crash dumps was seen as a stupid idea and why was I suggesting something like that.

Re: "it just has to swear it won't break that 2012 agreement"

I suppose there's some hope that this means they will face something massive if they ever break it again, but knowing politicians and their level of knowledge about technological issues, I doubt it. Without a law that makes it clear what is or isn't allowed, there will continue to be pointless little actions like this one. While I'm clearly disappointed that they haven't managed to change Facebook's approach any, I never really expected Facebook to take any real action, and at least they're receiving some penalty that actually impacts their books.

Re: They are still very much a work in progress

Way to miss all the points. Let's take your comment apart and look at each piece in detail:

"I'm surprised that this website, a website targeted at skilled users of computing technology, has so many commenters who are totally negative about voice assistants. We develop software for a living so we know the problem of developing and testing algorithms. Its 'non trivial', it takes a lot of time and effort to get things to function properly."

And because properly coding software is hard, we should accept massive privacy risks? Why? We don't have a problem with the devices getting the speech recognition wrong sometimes, we have a problem with data being sent out and kept without our permission. In summary, it's not the algorithmic details we have a problem with, but the operations details.

"I daresay they can eavesdrop on me but I can easily turn them off if it was important that they were unable to do so. (I'll overlook the numerous ways you can still be listened in on -- starting with the phone, computer and so on and going on to active listening systems -- you wouldn't believe how easy it is to eavesdrop --"

But your computer isn't listening unless you've been infected with malware. If you were infected with malware and it was listening to you, you'd be unnerved and upset, no? That's what these devices do by design, and we find it somewhat creepy.

"I realize that these systems represent something far bigger than just an amusing gimmick, they're groundbreaking devices in the development of what used to be called man/machine interactions."

No, they're not. They're pretty basic question/answer devices. They can do a rather limited number of things. It can be a useful interface, but the capabilities these have were available years ago.

"beyond mere commands; Alexa can tell when someone's breaking into your house, it can be asked to listen out for smoke alarms and there's even been some quite successful experiments to determine whether it can recognize the sounds of someone having a heart attack. This is cutting edge stuff,"

Yes, those things have been tested. However, given that it can't always recognize whether its own wakeword has been said or not, it can't be that cutting edge. Also, many of those use cases are kind of pointless--assuming the detection of an alarm is meant to alert someone not present, either the homeowner or an emergency service, the potential unreliability of the audio detection could be circumvented by having the alarm itself do the contacting. And once again, our issue is not with the uses of the technology but the abuses by its manufacturers.

"and, yes, it has to all go back to AWS or the Google cloud because we don't know yet how to localize the processing, nobody's quite sure what's needed, what should run where and how to package it so it doesn't require a small power station to run it (important if you're dealing with something that's running 24/7 or from a battery)."

That's incorrect. I built a thing that was kind of like a voice assistant. It had fewer questions it could answer, but as I wanted to code some of my own and my major questions were "what is the weather today" and "what time is it in [insert location]", it did just fine. I did this in part because I had an old computer I didn't know what to do with. Did I mention that this occurred in 2008 and the computer in question was built in 2003? Did I mention that all speech recognition happened locally? The devices need a connection to obtain information to say and stream media, but the manufacturer decision to make the devices pitifully powered and outsource all recognition to their systems was not done out of technical inability.

"So, let's have less of the negativity. If you don't want to play then don't bother with it. (...."

We don't. However, we still have the right to complain about it being creepy, and if we have the chance to prevent privacy violations that are, you know just technically, illegal, we'll do it. I'm tired of the "don't be negative, just don't use the thing" rubbish. On that basis, I could say "don't read our comments as you've made it clear you don't agree with them", but that would be a stupid thing for me to say.

"These technologies will evolve, there's no way to wish them away, so we either learn how to use and control them or become a slave to those who can use them."

There you go. "use *and control*" them. Our issue is that we can't control them. Some people above also don't want to use them, but I have no problem using them or having others do so as long as control can be achieved and used to obtain privacy.

"BTW -- No, I don't work for Amazon or Google. I'm a retiree -- one of those old people that are regarded with amusement because we don't understand computers....or maybe we do, since we've been riding them up from the beginning...."

Given your comments, you either don't understand the types of privacy violations these devices do or you don't care. I'm going to give you the benefit of the doubt and say you do understand and don't care, but plenty of people who have these devices don't understand what is happening to their data, and get freaked out when they discover it.

Given that the Chinese surveillance system was developed using bunches of datasets collected by universities in the west and shared with China by academics who didn't think it through, I think they have plenty of access to all types of faces. Since they were going for high accuracy rather than cheap or fast development, they probably have a much less biased system. Why is it always the evil people who have the best system?

Re: Mozilla

It sounds like you've panicked a bit too much about DoH's security risks. The kinds of problems you could see with DoH connections could also be seen by a user connecting directly to an IP address or using whatever open ports you have to run a VPN or connect through Tor. Either of those would bypass internal DNS controls and would probably flag as risks in your network analysis logs anyway. Since the use of any of those things would be violations of a security policy, you might as well tell people they must use a certain set of configurations that disallow DoH, and using DoH will be a violation of security policy. Wouldn't that pretty much solve that problem?

Re: DNS problem only?

Good point. I stated that point badly. I should have phrased it more like this:

I like the basic security provided by the use of NAT that is standard in IPV4 networks due to the small number of available addresses. While this can be done in IPV6, it is not done as standard or recommended by many IPV6 advocates. I am worried that this security will be lost during the switch to IPV6 for the vast majority of people who stick with the default configuration and may therefore be left without either the security of a properly administered firewall or the somewhat unintended but nonetheless available security of private addressing.

Have an upvote for helping me clarify that.

Re: Pavement Plodder

The stores can be helpful sometimes. If there are problems that can't be solved right there, the Apple employees in the nearby store can deal with it. When, for example, I was having trouble talking my brother through a Mac software failure (major software failure resulting in the OS not booting, so no remote control) from hours away, I could send him to the Apple store with a page of instructions I wrote up as to what the machine should be like when they finished with it. They are also reasonably helpful for some minor hardware problems. FYI, if a key tile falls off your Mac keyboard, the Apple store will replace it for you without you trying to hunt down a suitably-sized replacement and install it. At least they used to. I hope they still do. It doesn't change the problems with Apple, and almost all of the things that happen in the stores aren't of use to the technical among us, but they're occasionally mildly helpful.

So, here's what I'm hearing you saying. Let me know if I'm misunderstanding your post.

1. Your machine is fine.

2. Well, actually, your machine is fine after you did some work on it. It isn't stated what it was like before that, but something made you want to reapply thermal paste and pads.

3. So at some point, your computer probably wasn't fine.

4. You are fine with the charger not, if you want to get technical, working as expected in as much as charging the battery under some conditions.

5. Because you are fine with this, and your computer is, to restate things, working fine now, nobody else's could be defective.

6. Therefore, based on your sample size of one person who might not have all the problems and doesn't care about one of them, there is no problem.

Did I get that right?

Re: Solution looking for a problem?

I think the original point of the thread is a good one. What kind of information is it actually getting? If it's just querying a page online, how much information can that really provide? Is it going to do a simple search and start reading one of the health topics like this one with little or no reason for choosing it? The content is more nicely phrased on the NHS site, but we could get the same benefit from implementing feature number six on this XKCD.

Re: GDPR

This concerns data transfers in 2013. Sadly, GDPR does not apply. They could make some progress, however, on getting enforcement to happen more often.*

*Operative word being "could".

Re: A Cryptic Response

They said they completed the recovery effort in ten hours, which implies they had backups of some sort. Whether that is cloud backups that were not destroyed or were recovered in time or physical backups, it seems likely they had something.

Re: Let me get this straight

Of course it makes sense to do that, but here are a few other things it makes sense to do:

1. Have one, and only one, type of cable that can connect to the connector so you can't have, say, a thunderbolt cable which will connect to the port but won't actually work unless both devices are thunderbolt, or a cable that is designed only for visual data so can't carry power or connect two general purpose devices.

2. Have one, and only one, power style so you can't accidentally connect a standard USB 5V system to the newer high-power system and fry it.

3. Make the spec as rudimentary as possible so people who don't read it all the way through (random startups, the raspberry pi people this time unfortunately), are likely to have it work.

And yes, I would have to ask if USB C is really that big an advantage over normal USB. There were a lot of downsides about it, but the flipping cables over to try the other way was a minor annoyance and the connectors proved their longevity.

Re: Collateral damage in the Cyberwar

There's a clear difference between you getting burgled and a company having customer data stolen from them. I'll lay it out for you:

You get burgled: your stuff is gone. At the very least, you have to go through the insurance claims process and purchase new possessions. Usually, you're out quite a bit of value.

Company has information stolen: Customers have to worry about account compromises and identity theft. Without laws like these, the worst the company itself has to deal with is the risk that people might try to avoid their hotels. Given that this is not a market with an infinite number of participants, that isn't a major risk.

There's the difference. When the negative event only harms you, we don't penalize you for the consequences. When it does, we can look into whether you were at fault. That doesn't mean that you or the company in this case is at fault for the whole thing, and their sentence isn't of the kind you'd get for actually performing that breach, but it is a perfect case for laws against negligence leading to harm, and data protection law better formalizes that in the specific case of data loss. I hope the ICO takes this into account, as a breach can happen to anyone no matter how much security they've done, but I don't see any evidence that they have not.

I don't know what calculations you tried, but I think you're missing a variable necessary for the calculation of the false negative rate, namely the number of people in the sample who were supposed to be detected. Given that the sample was "the public" and the number of faces in the database is known but the number of people in the database who were actually there is entirely unknown, I would say that, even with an estimation of total sample size that we can assume is completely accurate, we cannot determine or even estimate the false negative rate.

I have no objections to judging the system as crap right now for its abysmal success rate and the unjust plans for its use.

Re: I like the idea

Personal self-driving cars don't have to be part of a taxi net. It'd be an optional choice you could do to make money. For those who don't need the money and value immediate access to the vehicle, it wouldn't be a very good use case. It'd be sort of the same as allowing people to rent out your normal car if there was a convenient way to let them in, which doesn't sound like a popular program idea to me.

If this were attempted, there would likely be a requirement for dedicated vehicles for that service. In that case, I assume there would be charging stations located throughout the service area. When a car was low on power it would remove itself from the network, drive to charge, and only put itself back online when it had charged. Whenever there were gaps in traffic where more cars were available than in demand, the cars with the lowest charge would drive themselves to the charging stations as well.

Re: Lake City IT boss fired for ransomware payment

I concur in your argument, but most people whose job is hiring IT directors have different ideas. Keeping the systems up right now is their primary goal, plus getting new systems up as fast as possible. Thinking about the longterm is on the list but lower. At times, usually for financial reasons, backup plans are specifically left unfunded (no ability on the part of the IT director to reallocate funds to backup from something else). Of course, in that case, I'd at least have an improvised backup system, but I wouldn't support firing the IT director for a backup problem if this was proven to be the case. And then, there are those cases where someone does some misguided maths and decides that it might be cheaper to pay the criminals than to manually recover and a tech site says it's sometimes a good idea, which could also be a decision made by someone external to IT (though if that happened where I'm working, I'd protest the decision and make plans to leave. I admit, however, that these possibilities are unlikely to be the case in this situation.