Posts by doublelayer 7683 publicly visible posts • joined 22 Feb 2018
Correct, but there are other ways to do that. To sell right now means a payoff, but to build a successful company might mean a better return later. It's the board's decision which is best and the shareholders can replace them if they disagree. If the board had continued to repel Musk's offer on the basis that they thought the value could be higher, that would also have complied with their duty.
The board originally wanted Musk not to buy them for many of those reasons, and they tried to prevent it. Musk wasn't happy with this, and neither were shareholders who don't care about the employees but do would like to receive a large payout from Musk's billions. They've successfully forced the board to drop the poison pills and try for the cash, so the board has switched to the side of the shareholders to get the most money they can and let the future of the company be the new owners' problem. If they didn't do that, shareholders interested in more money would probably sue them for failing to pursue shareholder interests. My best guess is that the thought process for most board members can best be summarized as "We give up; we'll do whatever you shareholders want now".
They can do various things if they were motivated enough, although I note this was mostly about stablecoins which is not what you were talking about. If they did something as basic as saying that cryptocurrency couldn't be bought or sold by companies under their regulations, that would stop most retail investing. They have many more steps they can take if they want a more drastic change. They don't have to destroy something absolutely, just cause enough problems that it declines.
I had to look them up too. Unfortunately, they don't get a good acronym because "FSB" is already inexorably linked in my mind with Russia's criminal investigation service. The group was set up as a G20 facility, also including the European Commission, and although it doesn't have authority to make any binding decisions, it works with the other international economic institutions like the IMF and WTO which do.
How much this means to you I can't say, but at least you know who they are now.
As I remember, they did that for a few years in the 1990s and discarded it as a really bad idea, but this was still a massive problem for two reasons. Everyone's heard the story about them and thinks it might still be true even though it's been decades. Also, other companies actually still do it, and I wouldn't be surprised to hear that a famous name like Microsoft was used to convince them to start. From the article on Facebook published today, it looks like it is the standard procedure for them and will now be used for firings.
I want to call all writers, both of articles and of comments, to rebel against the name Meta. Mostly because I had a moment of confusion when I read "a 2019 meta-analysis on employee performance and job security" in the article and wondered if they meant that Meta the company was doing the analysis. Also because that name is just bad. I suggest we pretend they never changed the name and continue calling them Facebook until the company gets its very deserved bankruptcy. After all, we only talk about Alphabet in a few cases relevant to financials, and all their stuff still gets the Google label.
Yes, and I'm sure they're already doing that; you don't wait until you have financial issues before firing someone who is causing problems or failing to get tasks done. This is just finding a different excuse for firing people who otherwise would have been considered good enough to keep for a while. They'll probably do it in three rounds (two chosen by them):
Round 1: Managers select anyone they don't like for the first cull.
Round 2: People unhappy at the increased workload go somewhere else.
Round 3: The people who look unhappy with the responsibilities of several workers because some from their team have been fired or quit and nobody is being hired to replace them are selected for the second cull. After all, they don't want unhappy workers.
It doesn't do either of those things yet, but not only can they use various methods to encourage compliance, but if they don't get what they're looking for, they can add that. Even if they never request forced access to cameras, they can do a number of things to get more access, such as paying users of cameras for access. I would object to that for two reasons: it leads to more surveillance that I've already described as useless and harmful, and it wastes police budgets that the citizens pay for and could be used for things of use to them.
Nothing stops me, although if I did it there are ways you could have it taken down. The distinction is that basically nobody does it. People don't make their cameras public out of choice, but a policy such as this would end up doing it. If everyone chose to put up cameras with public access, I'd have problems and I'd want to do something about it though my choices are few. This policy would be much closer to that possibility.
If I lived across the street from you and deployed a camera that, because it was watching the front of my house, also showed a live feed of your house, how would you feel? Now imagine that, instead of having that there just in case, I'm allowing people to tune in whenever they want. And I do mean anyone, because most methods that would give police access would be prone to security problems allowing others to have access if, for instance, they were interested in breaking into your house.
I admit there's not a clear way to legislate when putting cameras on your property is acceptable or not, but there is a difference between it being there but unused and it being published and recorded by numerous parties.
"But of course, if the police are monitoring a live stream and see a crime in progress, they can pop down to the crime in progress toot-sweet and catch them in the act."
If they can get there before the crime finishes, which for many types of crimes is no. But this also relies on someone sitting there watching video for crimes, and they don't do that with their own cameras. You can't watch thousands of video feeds at once. This means that it will either do absolutely nothing for crime reduction or they'll realize this and start advocating for automatic software which makes things even worse. Even if they chose the no benefit option, the room for abuse is still very large.
I haven't read the files, but the article does not mention that. It only mentions that violence was expected and that some people thought it would end up helping the company. That's bad enough, but it's still a far cry from setting it up, and if the message said to deliberately cause it, I'd imagine the article would have said that. I'll see if I can find more text elsewhere to verify this, but so far, I still see only the PR angle to violence from others.
Most of your post is accurate, but I think you misunderstood one part:
"Nor do executive boards generally encourage violence as a route to success, if they want to stay out of prison."
They weren't encouraging violence. They were predicting violence to be committed by someone else as something they could use to gain sympathy. You decide whether that violence, committed by people who didn't like Uber, was something Uber could have prevented. Short of shutting down their business so the violent people wouldn't have any targets, I'm not sure they had an option. Their PR department's description of what they would do is certainly heartless, but it was a reaction to something done by others, not any encouragement by them directly.
The article has extra text indicating the real timeline, which you have missed. Here is the timeline in its original form.
Day 1: Hard drive 1 fails, server stays up.
Somewhere in the middle, probably day 2 morning: Team inserts a new drive into array to recover.
Day 2 noon: Server team leaves for party, desktop team comes in to manage things, repair still in progress.
Day 2 afternoon: Hard drive 2 fails, server goes down.
For the desktop team, it was the first thing they saw with the server, as they didn't put in the new drive. Since Sam was on that team, that was his first knowledge. It was the second drive that did it. The article has the events out of order, and the clue was "Eventually it transpired that [...] the day previously." We're getting the events from Sam's point of view, and he wasn't there from the beginning.
My guess: a user goes to a page which either has an ad or a redirect informing them that their browser is out of date and giving them a download link to a binary. Those users who have seen this before retreat immediately. Some users who don't understand that this is not how updates work but will follow instructions get infected. They may have other mechanisms; even more skilled users can be successfully diverted from the path they should take by a confusing injected ad. This is one of the reasons I have multiple layers of ad blocking.
There are lots of ways to identify a VM, and basically all of them can be turned off if desired. Most VM users don't really care that their VM use is identifiable. I'm guessing these ways to check, being relatively simple to check and to change, are well-known by researchers doing this analysis.
I wouldn't characterize them that way. While they are making weapons, I think "cybercrime organization" or to use a more technical term "advanced persistent threat" are better terms for what they are. A weapons manufacturer usually has some degree of trying to adhere to laws, for example making sure the people selling their weapons to evil people is some middleman they don't know. NSO doesn't bother with that distinction.
Of course not! NSO group is proud to only sell to governments, including yours if you trust them, not including yours if you object to that. There's no way that you could be at risk from anyone else, which means you are completely safe because governments only target terrorists, you know. Would you like to come inside for a meeting about completely non-business things? You can leave that case full of paper you brought over here while we chat. Also, we have a few demonstrations of how cool our product is when governments use it, so try not to look at the posters and videos in the room.
"Now that AMD is firing on all cylinders and NVIDIA is pushing new GPU generations, even the intransigence of the old guard won't choke the technical progress of the next couple years."
Yes, they are making advances, and people will certainly be buying things to take advantage of them, but the hardware advances won't get the quantity that investors have come to want. The average office or home computer doesn't need the latest and fastest CPU. Even though AMD's new ones are significantly advanced and I'm also seeing promising things with Intel's adoption of mixed cores*, a lot of tasks will continue to run fine on old hardware. Microsoft's obsolescence plan with Windows 11 might start changing that in 2025 when Windows 10 starts putting up scary warnings, but given the number of people still using XP in 2015 or 7 today, probably not as much as expected.
* I know it's fashionable to hate Intel and say that its chips are clearly bad, but many of their chips, especially those for laptops or low-end desktops, have seen massive increases in benchmark results simply because they've started adding more efficiency cores. That doesn't work for everyone, as if you need a lot of sustained compute you're still better off with a lot of very fast cores, but for average users whose tasks are less reliant on grinding operations, it shows promise.
You pretty much nailed the description, but there are two problems. It's not just young people doing this, and it's not new. Yeah, the term now is cryptocurrency, but people have been hoping to get rich quick and throwing away their money and time on schemes they thought would get them there for centuries. This will eventually die, those who invested will learn a painful lesson and go back to work, another generation will form, and a new thing will come along that's clearly going to change the world and make you rich in the process. Some of those things will change the world, but they won't make many people as rich as they thought it would.
"Real investment funds take money in and invest in real businessss that solve real problems for real people and pay back a share of the real benefits that actually happened in the real world."
Which depends on what you consider real benefits. If, for example, you don't like this concept (separate from the Ponzi scheme part which nobody likes), you might not like investment funds that invest in financial companies that themselves are trading. Yet those exist. Similarly, there are investment funds that invest in commodities of various types, and you make money if copper becomes more valuable. They're not investing in companies mining or processing the copper, just the copper. Do you object to those? Investors aren't limited to stocks and bonds and companies aren't limited to "solving real problems".
This fund sounds very dodgy, and possibly it always has been. Even if it started out without that plan, it doesn't seem to have taken long to go very badly. The concept is still that of an investment fund.
As I said, it's not my ideal solution. I'd like laws to be enacted that make privacy protections mandatory. We have a few of them, but they're not getting enforced. I can continue to hope for and, given my limited ability to change anything, act to support more regulations, but the problem currently is that what we have would be good enough for many situations if it was used. Since I can't have this for the moment, I'd like for some consequences to demonstrate why it's important.
Sadly, history does give us many such shortcuts. Sadly because those have often been deadly and far too late, but look at the causes of most actions increasing safety or citizen rights and you'll often find something tragic recently beforehand. That may be a well-publicized disaster that killed people, a protest unjustly subjugated, or even simply a political scandal, but they exist. I would hope that whatever draws more attention to the privacy issue doesn't hurt people badly, but this example added millions more to people who have been harmed by the problem, so I wouldn't count on that.
I'll add this to my list of examples for why collecting data you don't need leads to problems for everyone, especially the data subjects. It's so useful in conversations about surveillance, analytics, or other reasons for collecting information, or at least it should be but no matter how many times it happens, they never listen to it. I wouldn't expect China to hold back on surveillance just because it inevitably leads to problems for their people, but it should be instructive to many people who have more reasons not to want the people they interact with to hate them. I still hope that we'll eventually see some drastic result where one place engaging in surveillance gets seriously destroyed. I would prefer reasonable regulation and enforcement, but if we aren't going to see it, a cautionary tale might be useful.
They aren't using this policy to enforce terms of the original license. What they've prohibited is allowed under the license and entirely doable elsewhere, and they just don't accept it in their store. Their goal appears to be to prevent users from receiving code that misleads about its origins and open source developers from having their code used for profit by others, neither of which is a crime but both of which are unpopular.
I see those goals as reasonable. Perhaps others would prefer having no restrictions other than those that are required by law, but the range of opinions is so large that they're going to get negative feedback no matter where they strike a balance.
There's a difference between "I'm using your code because it's open source", "I forked your code to modify it", and "I'm selling your code without doing anything to add value". All are legal under the license, but one is a lot more likely to anger the original devs. Have you seen all the complaints from developers of things that cloud services are reselling, despite the fact that the cloud providers are actually adding the value of the hardware and contribute code on occasion? It's like that, but even more blatant.
Yes, a big place with a hard problem to solve. How do you put "only charge for your own open source project" into legal language? How do you define who has the right to do that with a project with many authors. How can you even specify that when the code is licensed under a license that says you can copy it, fork it, and sell it if you wish. They have a lot of lawyers, but those lawyers are doing a lot of things. I don't begrudge them trying to do something about this and doing it wrong the first time seems likely. Be honest, if they were charging a commission over someone's unchanged copy, wouldn't you feel similarly unhappy with them.
I don't much like app stores either for the same reason you specify. When they're optional (Windows and Android), I either don't use them at all or take circuitous measures to get the files I want. If you're going to have one though, I don't expect it to link everyone's source, as they're also expecting to be providing a lot of non-FOSS programs through it. Those that choose to put open source apps in such a store can link to their repository in the description, and many will use alternative distribution methods like FDroid or the various attempts at a Windows package manager which make obtaining source easier.
I agree with this, especially because I could see similarly strident complaints if the Microsoft store became well-known for people taking someone else's code, compiling it without modification, and charging money for it. People would be all over it saying "Microsoft's charging a commission and profiting from open source software the authors didn't choose to put in the store". Given that, I can see exactly why they acted to prevent it.
I agree with this distinction with one additional aspect: the product of an AI might itself be patentable, for example a design for a component that the program has created to suit the goals programmed into it by the inventor. That design can be patented, just as one created using manual design software could, but by specifying the unique and invented components of the design, not by attempting to reproduce the training process. The idea of assigning the tool as the inventor or of considering any file such a tool produces as an invention is just going to lead to lawsuits with no beneficial purpose.
It depends what the system was intended to do, but I mostly disagree. My work machine permits me to send out emails and upload files to external services. Yet, if I use those mechanisms to steal data, it's still my fault and I still go to jail for it. Locking things down to the extent that I'd be unable to steal corporate files would likely cause many problems with my actual work, and they trust me with the data and the machine, so it's not unreasonable for them to trust me to follow the policy as well.
If a system is airgapped or subject to similarly secure procedures, then it's done for a reason. The issue wasn't what they were copying onto it (probably), but rather that they did so at all. Failing to protect a sensitive system is a problem, and when that's your job, giving you a new job has to be considered. Had they been doing something similarly risky with a more obviously dangerous machine, I'm guessing you would agree that it was important.
No, it's really not like stock. Someone controls a company which moves around the value of stock. There is a person or group of people to be regulated, and you can find them, take their company off them, fine them, etc as needed to enforce regulations. Many successful cryptocurrencies don't work like that. They are a lot like commodities: something you can have that might be of value to someone, but maybe not. Whether they're valuable as gold or cheap as sand, they have similar levels of ability to regulate. You can easily regulate those places that buy, sell, or hold gold, but you can't pass a law instructing that gold file papers like you can with a company issuing stock.
The early ones did have the decentralized and uncontrollable aspects as goals, but newer ones, including anything a government comes up with, have dropped it. It's likely that governments wishing to maintain control over their monetary system will attempt to regulate or prohibit those cryptocurrencies that don't continue to have them at the helm. I don't know how successful that will end up being, but I'm in the position of disliking every side of it. I don't much like the cryptocurrencies, but I also oppose governments thinking that they should have a monopoly on exchanging value.
It's unclear writing, but here's what it means:
1. People who write regulations for financial things are usually prohibited from investing in the things they're regulating to avoid conflicts of interest.
2. Some securities that people invest in are so common that many will invest in them routinely. These are specifically excluded from the previous requirement, meaning that people working on regulations for them can still invest in them.
3. Cryptocurrencies are not in that list, so point 1 applies to people regulating them.
4. They're allowed to invest up to $50k in them, but only indirectly through a fund they don't control. Owning them directly would disqualify them. Owning more of a fund would also disqualify them.
5. People who don't regulate cryptocurrencies don't have to care about these restrictions unless they're trying to transfer into that role.
"I can't help but think that the pair of them fell perhaps knowingly into a honey trap baited by the financiers,"
You have it wrong. They were the honey trap for the financiers. There's a reason they didn't get any investors who knew anything about the field. They couldn't get anyone who knew about their product to accept it, from the first professors who told Holmes her idea was infeasible to the FDA investigators who kept saying the product would need to demonstrate efficacy before they'd give licenses. They targeted people who had a lot of money and no knowledge of the field, often those who didn't have much investing background, because they thought it would be easier to lie to them. When people who knew enough about investing started looking at reports, they created false reports and put other companies' names on them to get them out of the way. The financiers have not gotten anything out of this; yes the fraudsters are being punished and there's some chance of taking some money back, but they're still taking a loss from this.
"Given this is attempting to prevent State surveillance. Worth stating that deliveries can be intercepted and addresses flagged for purchases of electronic equipment due to be delivered and examined/opened before delivery."
NSO malware is frequently used by states surveilling people in other states. Saudi Arabia couldn't have intercepted a phone being delivered in the US to compromise it, at least not as cheaply as doing it locally. They may also lack a convenient exploit kit to install on a phone that remains resident, given that the initial setup process only happens normally when there is no user data.
"If you're going to this much trouble, you also need to go to the trouble of obtaining a device through someone else, who isn't being targeted"
Or get lucky. The last laptop I bought for someone was by walking into a shop, paying for it, and carrying it out. You can buy phones like that too. Try intercepting that delivery. Unless they've got a spy in every computer store or opportunistic malware on all of them (and I'm sure they'd like to), you can't guarantee it. They can do a number of things, but they aren't certain and they're expensive and difficult.
"Apple is likely to have a list of devices with this feature enabled,"
Why? They don't need that in a database. As you correctly point out, doing that could cause problems. There's no reason for them to want that list or to put in code to collect it, which could not help them but would certainly anger users.
"Surely better to sit below the radar with an unassuming run-of-the-mill device within the masses, switch off every privacy compromising feature you can, so that it looks like every other regular Apple device. The idea is not to stand out from the crowd."
Again, this is on-device config. It's not a spotlight attracting attention to you. Likely, if you're turning this on, they already know who you are and can find your device without needing this, and the feature just protects you from their attempts to penetrate your defenses.
"This doesn't fit the zero-trust model."
Actually, it entirely does. The zero trust model isn't about trying to hide. It's about having protections on everything. A zero trust configuration is very different from a default config that has several trust-based attack surfaces. I should point out, however, that zero trust configurations don't announce themselves routinely. You only find out whether it is one when you intercept its traffic or attempt an attack.
I can answer that one for you: they wouldn't install it. Since this is a user-decidable switch, Apple could even add that to the features: turn on the lockdown mode and non-WebKit engines get blocked. This wouldn't be a problem because a user who wanted a different engine could disable it. The issue about engines is with choice. If you don't want any engine other than WebKit, then don't install one and you'll be just fine. You'll probably be in the same group as many others, including me, as I don't have a need for a different one given the tiny amount of browsing I do on the device. Others choosing to do so won't force us to.
In most cases where a monopolist has been broken up by legal action, the resultant pieces have remained private. They continue to operate without government control, just without being able to work in concert. The person you replied to did not suggest nationalization, so suggesting that they desire it is putting words into their mouth.
The point is that, to get the XCode needed to build for the latest IOS, you need the latest Mac OS which means quite recent Mac hardware. To get the tools needed for the latest Android, you click a link which runs on basically everything, even equipment a decade old. The big GUI stuff might grow in system requirements, but you don't have to run it, so your app can still be built on lots of computers.
"And if 15% is fair, we need the same everywhere. Microsoft store, Epic store, Playstation Store etc."
No, we don't. What we need is choice, and limits only if there isn't choice. If the Microsoft store charged 99.5% (and they don't, it's 12%), that would be fine. Why? Because you don't need to get apps from that store and most commercial ones aren't there at all. If they wanted to charge that much, all commercial apps would leave and they'd have to decrease it to compete. Apple's is different because they've denied other choices. I agree that, if their commission is too high, anyone else with such a monopoly on distribution should have the same action brought and their commissions reduced as well. It would probably be better for everyone, including Apple's profits, if they allowed different installation mechanisms instead.
"how are you going to test/maintain the app if you dont keep up to date to a reasonable level?"
By testing on the latest version of IOS, the platform they appear to be compiling for. Running a very new version of Mac OS will do nothing for you if you're testing on old versions of IOS, and staying on an old Mac OS will not harm you if you're testing properly. For developing Mac OS applications, your statement applies better, but they're developing mobile apps.
They have some writers in the U.S., with their U.S. office in San Francisco. One of them can call Apple any time they want. I'm guessing it's been tried and didn't work any better. They probably got a response this time because it's a boiler plate and some PR employee was told to send that to anyone who asks about this case.
The problem is with fact 3, if the participants choose to bring it up:
3. Did the defendant's thing come under the plaintiff's patent?
If they're arguing about timing like the one mentioned in the article, that's not a problem (yet), but many cases will see the defendant claim that their product is different from the patent, so it's not covered. As for this case, it's still important. If everyone agrees that Norton used the idea in 2009 and the patent wasn't until later, that makes Norton's use of it prior art and invalidates the patent. This means that someone is going to suggest that what Norton did in 2009 wasn't covered under the patent and they added that at a later point after the patent was filed, leading to the same question as before. There's not a great answer to who should decide this, but the average jury isn't going to know.
"one times in three, the correct answer comes out - do you get that this would be impossible if the model didn't have understanding?"
It wouldn't be impossible. It has the answer, written by someone else who has understanding. It correctly found the right snippet. It's like a person who doesn't know how to write code but finds a Stack Overflow post that actually wrote what they want. They don't understand the code, or they could have written it themselves, but when they paste it in, it works. When the model gets the wrong snippet, it has no clue that it's messed up.
You're ascribing something that is the entire point of the model to understanding, but no understanding is needed to produce that result.
These bots are not understanding the world any more than I would demonstrate understanding of something by rephrasing a Wikipedia article. I could take that text, written by someone who understands it, and use my knowledge of language to move the words around in a way that seems natural. Hopefully, I'd do it without making the facts incorrect, though AIs fail to meet that requirement all the time and somehow you don't appear to think that counts. In any case, any correctness seen in the result was generated by someone else. The chatbots we've seen the workings of don't read text to understand its meaning, but instead read it to copy chunks that are hopefully relevant.
How they got into those accounts might be a problem. As the article said, either they had a password leaked or the attacker has access to one of their contact methods to perform a reset. Either of those could be concerning for additional actions, although given what this attacker chose to do, probably not that bad.
So Librem are responsible for fixing the internet now? Yes, there's leakage when you use systems. You don't want the leakage, can't use the systems. ESNI will eventually deal with the URL leakage problem. Nothing short of improving the mobile operators will fix their leakage problems. In neither case will the device at the endpoint be able to make massive networks stop using protocols with privacy risks on its own.
I think the encrypted phones you're talking about were either things like An0m which were created by law enforcement, or Encrochat which was compromised by them. In both cases, those were mostly comms services, not hardware manufacturers. There is always a chance that someone set up Librem as a front, but if they did, they'd have made better hardware that didn't take five years to get to this buggy state. You can also review the code and designs that go into the device. Nothing can give you perfect guarantees, but those make it unlikely to be compromised.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
