Posts by doublelayer

Re: It wouldnt be a Trend Micro product otherwise

I've seen it used as well. The version that we had had a scan scheduled every week during the middle of the afternoon on Wednesday, when you were working. The software would courteously ask you to confirm the scan, with the option to delay it. Nice and respectful, no? No, not really, because the delay function didn't work all that well, and would sometimes delay all the way until you logged in on Thursday morning, when it wouldn't ask you but would just cheerfully scan everything with the accompanying lag in performance. And because whatever group was responsible for scheduling the original scan for when people were working, most users would go with the only guaranteed way of continuing to be productive: clicking the "skip this scan" button every single Wednesday.

Re: Unsecure

One of the major security problems I have with email is how it is required by most things. Consider my recent attempt to switch from using a mail account provided by a company to having my own mailserver that would be more secure and more under my control. I've seen it recommended by a lot of people, so it should be doable, right?

I already own a domain name, but if I wanted to get one, the registrar requires an email address for the account. It can't be my new one because I haven't bought a domain name yet.

The place from which I'm buying my server space needs an email account. While I have a domain now, and thus could probably set up an address through it from the registrar's tools, they don't give me free mail facilities, and I don't want that anyway because I want to set up my own. So, since I don't have a running mail server yet, I can't use my new address.

Fine, so I can't use server space that I buy from a remote provider. Maybe I can get a static IP and run a mailserver on physical hardware in my house. The ISP requires an email address.

It seems that there isn't a good way to have an address that doesn't rely on an external address itself. I did end up setting up that mailserver, which now handles most of my mail. However, I still have to have that third party address, to deal with the messages and identification for my domain registrar and my server provider. I considered switching those accounts over to my new domain--I would have needed that third-party address at one point, but it could now be dispensed with--but then I realized that, should either the registrar or server provider become concerned and suspended the account or asked for additional verification, I'd be immediately locked out because I'd rely on the server they'd just cut off or shut down to authenticate myself. And people wonder why nontechnical users just set up free accounts with gmail. It's a losing game, it seems.

Re: You'd be amazed at how many hackers ....

Not only can North Korea make him a new identity with great ease, but most North Koreans, including, I assume, this guy, only get to leave the country if it is specifically approved by the government, which almost always means only to China. I wouldn't be surprised to hear that he'll be staying there for the rest of his life, from where he can keep working on all the same stuff. If you don't have the choice to go on holiday, you can't be caught on your way.

Re: UI revamp

Who wants to bet that all the keyboard shortcuts will change again? You already got rid of the feedback while using them, at least let me keep typing the same thing to add an attachment or something basic like that.

Re: So-called "AI"

I mostly agree with you, but some applications of what is termed AI are things the brain couldn't do either efficiently or at all. Usually, they call this machine learning, because they realize that the program is less deliberate intelligence and more iterative or evolutionary familiarization with data. For example, a laptop can recognize text from images much faster than your brain. Your brain can do it better, but the computer can do it well enough if image quality is good, and can process at hundreds of pages a minute. Identifying irregularities in a million seemingly random numbers used to be a multi-year project for a team of cryptographers, or a multi-month project for a concerted effort of tens of teams. Programs exist to do that in a matter of hours using consumer hardware, or seconds on the computers you mention.

There are other examples that a computer can do where a brain can't; anything that involves a lot of data transformation, while technically possible to be done manually, would require a brain to act almost identically to the computer, doing the job much more slowly and with the virtual guarantee of many mistakes. Thus, not all machine learning/clever algorithmics/artificial limited-intelligence is useless. Primarily just the kind the companies want we consumers to have available to us. The good code they keep to themselves.

Re: For all your searching

I use DDG whenever possible. It is my default, and most of my searches go through it. However, there are types of queries that google can handle much better. One of these is when you want to download some piece of software, but you don't remember what the download link is for it. If it's a thing that has its own site, then it's straightforward (go to site, click download). Consider a program like thunderbird. Is it mozilla.org/thunderbird? I don't know; it might be. If you want the download quickly, google will direct you to the right one from the search "mozilla thunderbird download", whereas duckduckgo will give you several close but wrong pages. They are also prone to being attacked by the SEO-intensive software distribution sites that put malware in with the download if you can even find it. Google can also answer certain questions directly. When the standard user wants to ask a question and get the answer fast, google's lead in this keeps them from taking my suggestion and switching to something that is more respectful of the user.

Re: castrated

It's surprising to me that the two phones compared in the article described the other as good if you don't want photos. I understand that the camera on this one is better, but the one on the other is a 16 megapixel sensor, which, assuming it's not connected to some terrible imaging unit, should be fine for a lot of people who don't intend to go into phone photography. I figure that it will be just fine for people who like to take photos to send to others, given they used to do so with 5 megapixel cameras and didn't seem to have a problem with it then.

Re: Obviously...

LibreOffice can save just fine as word or PDF, so it can be hard to determine if someone's using that. Of course, complex stuff that docx files support might not be perfect if LibreOffice saves them, but experience tells me that the same type of chaos can be created just by saving a file in one version of word and opening it in another. Simple things like CVs will be fine.

The major problem I've seen with getting some people to use LibreOffice is that people used to excel won't take to calc. A lot of excel stuff doesn't work at all. Normally, that's probably fine, but if the people you're trying to convince worked in finance of any type, they will be grumpy and unhelpful. If you try to convince them to leave excel behind, this gets worse.

Re: How much?

Theoretically, anything relatively legacy from win32 should run, as long as it can without doing any deep-system work. The APIs are compatible and the instructions are simulated. If what I saw months ago is still correct, 64-bit applications won't work, but with only 4GB of ram, that's not a really big deal.

I wonder how far the battery drops when you're running one of those. I presume quite a bit. I also wonder if the 25 hours of battery when watching local video is perhaps taking advantage of a GPU that is efficient. Usually, that kind of number sparks my exaggeration sensor. I would like to see real world numbers for activity that will actually happen: browsing internet, doing office work, spreadsheets with inefficient formulas courtesy of finance, and doing one of those with several tabs, mail client, and skype running in the background. Then I'll know what I predict.

Re: Very Good Answer...

I'm currently dealing with a similar problem. I don't work in IT support, but when my family members have issues, they come to me. This time, it's one of my family members who runs a small business with no IT help at all. Unfortunately, the help is going like this:

Family: We have a firewall, and it's old. We want to get rid of it.

Me: Would you like me to recycle it? I get rid of a lot of hardware.

Family: No. We don't know the password to it, or actually we think we know the password to it, but we don't know for sure.

Me: Do you need the password if you're just going to get rid of it?

Them: Well, we don't know, but how can we configure it if we don't have the password?

Me: Do you want it or not.

Them: Do we need it?

Me: I don't know. What are you doing with it?

Them: It's between the modem and the router.

Me: Do you mean the WiFi access point?

Them: No, that's connected directly to the router.

Me: Which is downstream from the firewall, right?

Them: [confidently, so I know they haven't a clue] Yes.

Me: [realizing that using the word downstream was my fault and I shouldn't have] Do you know what I mean by downstream?

Them: Yes, of course.

Me: Ok. Then what is upstream from the firewall?

Them: We have some network phones and a computer on that part. All the other computers are on the other part.

Me: Which part? Can we start from the line in from the ISP? What's plugged into that?

Them: The modem from the ISP.

Me: And what's plugged into that?

Them: The firewall and the router.

Me: What's plugged into the firewall?

Them: The router and the modem.

Me: Is this router the same one that's connected to the modem directly?

Them: Yes.

Me: And what's connected to the router?

Them: The server, the switch, a phone box, and the WiFi.

Me: [Pretty sure they've got a loop but at least I understand now] So the router is between all the devices on the network and the modem? There's nothing else there?

Them: No. The firewall is only between the router and the server. The computers are connected to the switch.

And it continues. This is why I didn't go into IT or specifically networking. I can sysadmin a lot of stuff, but I don't know whether I can do a business network, let alone one where someone's already treated it as a cabling playground. But more importantly, it's why I would never work in support. Even if all the programming jobs that I'd rather do are replaced by AI, I'll not do support. My sanity is important to me.

Re: I do wonder...

I will bet on "a very large amount". Just try to pick up any html page and see if you can read it from source. I certainly can't. About the fourth time another javascript blob appears, I lose my focus and give up.

I have a web application online that I hand-coded. All the files involved except the images can fit in 24 KB. This includes the backend code as well, so each frontend page that could be presented is tiny. And still it has a number of features. A standard page online is much larger than my entire application.

Re: Russian Hackers

I wouldn't count on that. Sure, generic phishing attacks are fragile; they can be detected and usually they are ineptly built. However, a standard phishing attack is usually done to get a few people. If an attacker gets four credential pairs out of a thousand people, they're probably quite pleased. There are ways that phishing can be done better, be that "spear phishing" (tailoring everything to one specific victim, which increases the likelihood that someone clicks on it), using various methods to make detection harder (for example, many phishers don't try to pretend to be from a trustworthy domain, but it can be done), or having lots of small phishing sites such that the death of one doesn't really affect much. The proper flagging of this attempt doesn't mean that something else can get through.

Re: Exposure?

Not really. Of course, google play won't help with exposure, but it will help keep people who already know about the app from drifting away. When you say in your advertising to go to the google appstore and search a phrase, people know what that means. If you tell them to go to a website, no matter how clear you are on that site as to how to download the APK file and install it, fewer of them will. That's why the google store can effectively constrain developers to using it, even though sideloading is possible. The same would be true, for example, if you told them that the app could be found in FDroid or another relatively unknown store. The non-technical, for most apps, the main customer base, won't get you, and you'll lose their business.

Re: When will it be safe to by a new system?

I'm glad that works for you. However, there are many tasks that people ask of their computers that a raspberry pi would not do to their satisfaction. Among these are modern games, high-speed browsing (think downloading a multi-gigabyte zip file and extracting it, which on the pi with its USB2 bus and SD card is going to be a lot slower), editing high-bandwidth data (images, audio, or video), even browsing pages with a lot of data to pull down and render and/or having a bunch of tabs open (I wouldn't want to deal with my family's complaints if they tried to do their standard browsing with only a pi core doing that for them). There are a lot of good use cases for one, even when running a full desktop, but there is a reason that a great many raspberry pi users are using them headlessly or as media devices rather than transitioning to having one as their main machine. However, my point was more about viable options for processors in consumer computers. In the sense of performance that is expected of a computer sold these days, intel and AMD are the only providers who 1. have such a processor available and 2. have that processor in a consumer-available machine. ARM has many such processors, but you can't get a computer with one in; the raspberry pi uses a much slower processor. Therefore, the only available alternative should you be concerned about the vulnerabilities or unwilling to hand over more money to intel but still want a standard desktop or laptop is AMd, at least for now.

This is completely correct. You could put the original blame on verizon selling an annoying package or the fire department for not paying attention. To the extent there was blame, it would be verizon not terminating the throttling during an emergency. This is definitely not a net neutrality thing, and I think our writer may have mixed these things together. I've reported this to the tips and corrections, in the hopes that it was a mistake or the reporter was just tired at the time.

Re: 5 Ears?

Really? I'm not saying that equipment made in countries with large surveillance systems is free from backdoors, but we're talking China here. They have spyware on pretty much everything, but they just won't have it on something big and important? That doesn't make sense to me. If you do want to go full conspiracy theory, it wouldn't matter if the Chinese equipment did in fact have no back doors, because the Australian companies would be going to configure and program it. If a surveillance system needs to be built, that could be done no matter what it runs on.

Re: Jolly Good Journalism, El Reg.

Thank you for those posts; they were informative. I will be going through my code and clarifying the licenses. In most of the libraries I have written, they are probably more of a BSD-type thing, as they are less likely to be externally modified, and I'd rather not limit what people can create with it. Still, quite a bit of research to do before I decide on something.

Re: Local Optician

"running XP is not really that bad especially if the machines are not connected to the Internet"

For point of sale equipment, it is almost certainly connected, if not to the internet at large, at least a corporate network. You could create a communication system that lets information about payments be sent out without networking, but that is difficult and probably wouldn't be attempted. These vulnerable devices have been used before to gain access to payment information, usually after a breach somewhere else in the network.

Re: I have doubts

I will try one more time. I do not think, nor have I ever thought, that the type of devices we are discussing are the types to send video streams or other large data streams.

Now to cover IoT vs IT: IoT is IT. It is a system that runs code, interacts with other devices, and in order to actually come under IoT, must connect to the internet at some point. It may not be exactly similar to other IT devices, and there may be other people to work on it, but it is technology that delivers information, and is more similar to IT infrastructure than infrastructure by most other departments. In addition, most of the things that are talked about as members of the IoT group as a whole are much more complex than something that runs some sensors and can communicate all the relevant information in some 255-byte chunks sent every once in a while. Even if we're limiting ourselves to equipment used in industrial things, there are things that require direct connection because they report information or receive commands in real time, and those things are always called IoT. In fact, if we wanted to split the broad category IoT, the devices better suited to the name would be those connected directly to the internet rather than sensors that use a gateway (of course, if that gateway also allows internet connections, then those sensors also belong to the IoT group).

My doubts are still alive, but not because I fail to see use cases for the technology. I merely see a great deal of complexity in the technology that would make it difficult for some players to use it. Combined with the fact that WiFi exists and can be used by a lot of sensors, albeit with less effectiveness and many downsides (I admit these are there), many might not bother to implement it. This could cause the technology to stagnate.

On the topic of hospitals, many of these already have WiFi. Part of the reasoning for this are patients who must remain there for some time, but the system is also used for wireless devices used by the staff. Those hospitals that lack it often still have wired internet, as they are some of the most computerized locations. I'll admit that I have less experience with factories, but I'd imagine that those for whom the term internet of things is a selling point are probably not strangers to internet-connected equipment on the factory floor.

Re: It has?

Nor do I. I think it might be best if, instead of thinking up new types of connectors that 1. don't have any faster data rates, 2. didn't get any smaller, 3. took far too long to realize that being flipped would be helpful, and focused on making what is already available better, we'd have better cables. The same applies to all types of fast-charging stuff. If, instead of trying to crank up the voltage or current, phone manufacturers tried to make their phones run at lower power levels and have batteries supporting it such that the typical high-power USB (5V 2.5A) would be fast, then it would be much easier for everybody.

Re: Pai is still damaging society

That is not how any of that works. Net neutrality means that the people running the communication systems can't send some traffic faster than they would ordinarily, and the reason for that is that the only way to do so involves taking something else and slowing it down. It is not that you can't buy faster speeds; you can. Get more powerful servers and high-speed data links and believe me, you'll see your speeds skyrocket. What the net neutrality people advocate is that you can't buy someone else having a worse time. For example, there is not an "expensive car lane" that allows those who have paid more for their cars to bypass traffic, even if they pay for it.

This is usually the reason that companies want to have the ability to change speeds; coms company C wants more money. Video streaming company V wants their competitors out of the way. If V pays C to make all of V's content faster, thus making it a better experience than competitors W, X, Y, and Z, then eventually people stop buying service from W, X, Y, and Z. The two possible options are for W, X, Y, and Z to fail, causing consumers pain because their options have been lost, or for W, X, Y, and Z also to pay C for faster connections. This makes the services of V-Z more expensive, as some of the money the people pay has to go to C for the we-won't-choose-to-kill-your-business tax, and it harms any other business that wants to stream video. In fact, it hurts any other business, period.

Re: Tricky indeed...

I disagree. Android is insecure in all sorts of ways, and google, as well as various others if they can get a chance, will collect a very large amount of your data. Apple doesn't collect as much, has more restrictions on third party collection, and has fewer security problems. Apple therefore makes a more secure product.

However, there are a lot of good reasons to dislike IOS. The fact that it's secure doesn't make the lack of choice, the lock-in to apple, the ridiculous expense of the hardware (although certain droid manufacturers are giving apple a run for your money there), or any other annoying elements better. There are trade-offs, but I see them as security versus all the useful features android has that apple doesn't. Security vs side-loading. Security vs removable storage/battery (some conditions apply). On and on.

Also, just because apple's phone is more secure than most android phones doesn't mean that apple is good. Apple could do more to protect their customers' security, and they could easily collect less. I would like to see both. For security changes, I have a very long list for android to do.

Re: Advertising from mobile 'phones

It is possible to remove this, but the setting is hidden so that most people don't try to find it. Also, it has an irritating habit of switching itself back about once a year. If you send relatively few messages from your phone compared to your computer, you're liable to send out a few before you notice that the thing is back.

Re: re: That's bollocks, it really is.

I don't know what the best use case is for you. Consider these:

Why do people use smartphones over older cell phones?

Me: I like having my email there. I listen to podcasts on the go, and the phone can just download them rather than my syncing something to get them. I like that GPS is just on the phone. A feature phone doesn't do that. For me, the reduced battery life is worth it.

Someone else: I need to have facebook and twitter open at all times. A feature phone can't do that, so smartphone it is.

Another person: I like basic photography, and the best cameras are on smartphones. Also, the photo software on phones is most convenient for me, rather than syncing my photos to desktop.

A fourth person: I want to watch video while I commute. I need one of those massive screens to do it, and a strong data connection. For all those reasons, a feature phone doesn't work.

None of these people agree, and they probably have different kinds of smartphones, but they all have one.

As for smartwatches, I technically own one. However, it is a $20 watch (the Xiaomi Mi Band) which I use as an alarm clock. It vibrates instead of making a sound, which I like. It can't annoy people, even if I've forgotten to turn it off and I'm not there when it goes off. It can do notifications and has fitness tracking features. I don't use them. In fact, I'm so used to using my phone for time that I didn't ever use the watch for that. After a few weeks assuming I might, I no longer even wear the thing except for an alarm.

Others might want the fitness tracking. Others want the GPS on your wrist. Others want the voice assistant. Others want the watch to play music. Many others don't want any of these use cases, either mine or the others. That's a thing that you decide.

Re: hostile to the future

We aren't anti cloud. Some people might be, but most of us are realists about what it can do well and what it can't.

Cloud has good use cases. Using a cloud for some systems makes a lot of sense. For example, cloud can allow you to deal with things that could take out your systems. A few cloud images, properly balanced, across different geographic regions and perhaps different providers, can give you a lot of certainty that your system will stay up virtually forever from an infrastructure standpoint. It allows things to continue working if something has gone wrong with your in house equipment, and it gives you an online backup that is fast to recover.

There are also some people that I, at least, would prefer to be on cloud. For businesses that don't have IT employees and have a few systems or even just one, there are great advantages to it being in the cloud. The responsibility of managing a system that they don't understand and keeping it secure and functioning can be helped by having a more experienced cloud provider manage some of that, assuming they're not going to hire an IT person.

However, there are major problems with the cloud:

Cloud is slow. Any data that you need to send back and forth is going to be slower when dealing with a cloud provider. That can really mess up some things by making people irritated. If you need a file of any size, it can be really annoying to have it sent to you each time, and the delay while it's saved can be equally disruptive.

Cloud is expensive. When you are dealing with cloud, you pay by the month (usually), for each gigabyte of disk and bandwidth and in some cases for cputime. That can be fine if you want to use something small, but if, for example, you want to have all your company's network disk in the cloud, rest assured that you'll pay for all those files as well as each time a user opens or saves one. A physical disk may cost a bit at the beginning, but really not that much and you can do plenty of things with it.

Cloud is dependent. If some guy with construction equipment wasn't careful, or if the telco didn't properly advise them, your internet line could be damaged. For a business with modern computing and in house tech, many things could be disrupted. Any internet communication systems wouldn't work, which probably includes the phones as well, and people who need to access the internet for their jobs couldn't be particularly productive. However, people who don't need to access the internet as much would be able to continue working. The files they need and many of the systems they use are still in the building, so they work. With cloud, that cut cable has paralyzed the company until it comes back. The files are gone for now. Communication is down, but no systems in house means there is no intracompany system that's still up. Many people will have been disrupted.

Some things could benefit with the cloud. However, taking that fact and using that as a reason for everything to be moved is pointless. Servers sitting in a server room will work just as well as servers sitting in amazon's room, but you have more freedom with the local servers, and more of their activity helps you. Decide what cloud things you want, without buying into a one size fits all myth.

Re: How does Encrypted SNI protect against censorship from DNS Providers?

It works like this:

This is the current system, assuming I live in China:

Me: [to DNS server that is not censored] I'd like the address to www.chinadoesntlikeme.com please.

DNS: Here you go.

Me: [to internet system run by China] I'd like to contact the server found at x.x.x.x (insert xxxx:xxxx:xxxx:... if you want) and request the page located at www.chinadoesntlikeme.com/ please.

China: No.

Me: [to internet system run by China] I'd like to contact the server found at x.x.x.x and request the page located at /

Server at x.x.x.x: Welcome to amazon AWS. You can get to this server; just not the sites China doesn't like.

This is the replacement system:

Me: [to DNS server that is not censored] I'd like the address to www.chinadoesntlikeme.com please.

DNS: Here you go.

Me: [to internet system run by China] I'd like to contact the server found at x.x.x.x (insert xxxx:xxxx:xxxx:... if you want) and request the page located at "Q2Vuc29yc2hpcCBpcyB0ZXJyaWJsZS4="/ please.

China: Oh no. We need to let people get to the server, because there are plenty of useful things there. But maybe they're going to get something we don't want them to have. What can we do?

China: We'll let you through for now.

That's how it's supposed to work. However, I'm doubtful. I haven't read the system, so I am not familiar with the way the encryption is being used. However, I have to ask the following questions, and if I actually get the time to read about the system then hopefully I'll find the answers.

1. Why can't China do the encryption themselves and find out what the request for a site they don't like would look like? That implies that it changes in such a way that the originating computer knows how to send such a request, but the system China's using doesn't.

2. Will China change over to just retrieving the site requested, then comparing it to a request that they send. They could just compare them and if they are the same or similar (random junk produced to look different) they could decide to not send the page to the machine.

3. Could China block all these encrypted requests such that only standard requests get through? Is there a way to force them to accept it?

4. Does China have enough power to prevent the big cloud providers from using this? They have enough power for apple to crash their own phones when the Taiwanese flag is seen, AWS to give root accounts on all Chinese servers to a third party, and similar for pretty much every company that does business there. I assume they'd find a way for such a system not to be installed.

Re: I purchased a New PC this year...

I'm glad that's the case for you. My personal win10 machine and VM are also stable and working fine, even while updating. However, a lot of people's aren't. I might suggest that our boxes are running better due to thorough management and knowledge of how windows works. However, the OS needs to be more stable than that for the person who doesn't know how windows functions or fails to do so, as they'll still be using a machine one way or another. Compared to other operating systems the person may have used, windows 10 has a lot of mechanisms for failing that a windows 7, XP*, older MacOS, or Linux user might not expect.

*XP functionality is only expected from about 2003 through 2011. People still using it should expect a lot to go wrong.

I see your point, but any good system will send you a link that you have to click on, and then you reset your password from there. Short of jumping in ahead of you, which would be a bit obvious, they can't know your password. Of course, they can take some good guesses if they have an evil turn of mind.

Re: High-tech options

Usually. It definitely includes disabling, by force if necessary, wifi, bluetooth, and ethernet. However, depending on the use case, some airgapped systems may need USB or similar for reading or writing data. For example, a machine might include access to systems that analyze data securely. This can't be infected, but it does need to read data from somewhere. If there is too much data to enter manually, it might be brought in on a USB disk or optical disk, either of which could be infected. Security of airgapped machines is thus also very important.

Re: As an EU citizen..

You should have the right to have your details private. That's the right that is due to you. If I am a company that you deal with, I shouldn't have the right to take your information and sell it without your consent. Even if I need to have that information to do what you paid me for, that doesn't mean I can do anything with it I please. The cookie warning is useful--even if they don't let you say no, you can know not to go there again and to clear your cookies, although I'll admit that I care less about cookies than many other things that are done. The GDPR statements about who has your data, why they have it, and what they are going to do with it provide information that lets you determine whether you trust them with your data and what precautions if any you will take when dealing with them.

Now, onto having the right to know who owns a domain name, no, you don't have that right. More clearly, you don't have the right to know who owns a domain name if that person doesn't want to tell you. Consider a parallel: if you have a phone number and you don't know who it belongs to, you have no right to that information. If it is not listed by the owner somewhere, nobody you ask knows or is willing to tell you, and you can't get the person who answers to tell you, then you're out of luck. I have no obligation to list my phone number somewhere. I have no obligation to answer correctly if someone calls me up and asks who I am. Similarly, you don't have a right to know where I live, where I work, etc. You can find out yourself. You can ask and usually you will be told. I may release that information if I choose, where you can find it and use it freely. But you don't have a universal right to know.

Re: 10 TB of total storage?

The only thing I can think of is editing a bunch of raw video, which I assume can quickly fill up storage. Other than that, probably not.

Re: Corporate Security

The fact that you can think of a reasonable use case for the software, for which I commend you, doesn't make the software all right. The problem is that you are thinking about how to actually use the software for its stated purpose, which is to make people safe. If I had to use it, I'd definitely prefer to have you running the system and dealing with the results. However, the people who are actually buying this are almost certainly using it to track their employees in a way that is very creepy.

For an analogy, consider keyloggers. You could use one of these for a variety of legitimate purposes. You could use it to help correct frequent errors. You can use one (I've done this) to identify users by their typing style. You can use one to have an audit trail of things entered into systems that don't make it simple to collect one otherwise. All of these uses are possible, but usually keyloggers are used to steal passwords and related information, and saying that it will be used for other purposes followed by, essentially, "trust me" shouldn't just be taken at face value.

This has been done before. Companies that wish to break the law but make it look legitimate make excuses for what they're doing. The people who make software that allows people to test their malware against antivirus never say they thought malware writers would pay them for it, but instead market it as a service for software writers. The people who make malware that enables stalkers to track all phone activity market it as security software. People who make malware that allows people to spy through webcams market it as a convenient way to turn that old laptop into a home security camera. These are deceptions. It would be great if everyone deploying a system was like you, having the safety of the employees in mind, but they aren't, and that reality is important to deal with.

Re: Super fast...right

OK, thanks. That was very helpful. Of course, the fact that A) MB is often printed in lowercase by many systems, B) bits and bytes are atomic such that a millibit and a millibyte are nonexistent concepts, and C) the point I was making is not related to abbreviations, but merely a translation from the units used by hardware manufacturers because it is more related to the engineering and it makes the system sound better to the units used by people actually using the systems involved (I.E. all of us) make your point significantly less useful. Still, I appreciate the pedantry and will consider myself justly chastised for my inaccuracy.