Re: I've seen things man!
You just expanded my knowledge of humanity by another quantum... I knew about Goatse, but had never run into "2 girls one cup". The things people do.
45 publicly visible posts • joined 24 Aug 2018
We get answers, but we don’t know how good the answers are:
When I do my own research/thinking, I gain insight into the structure of the problem and its context along with the answer space; if an AI tells me an answer I have much less insight into how good that answer is compared to other possible answers.
We have answers, but we don’t know anything:
There are lots of ways to evaluate choices and make tradeoffs. Some analytic disciplines such as systems engineering spend a lot of time developing systematic qualitative and quantitative approaches to analyzing choices and evaluating tradeoffs. As the analysis/evaluation tools are applied to a specific problem, the outcomes may not be determined completely by the systematic tools, but by the insight gained by the application of the tools. When someone/something tells us the answers, even if they can explain the rationale behind the answers, it is that entity's rationale, and not our own that we have developed by our own analysis of the problem.
We have answers, but we don’t even know what the questions are/were:
An agentic AI that is tapped into all of our context and interactions may make recommendations to us, telling us to do this or that, but we may not even know what motivated the recommendations.
We get our answers from a middleware that is tapped into every aspect of our life and thinking but ultimately reports to someone else:
At one point it was considered alarming that a movie rental business might come to know something about its customers by virtue of their access to a list of all of the movies the customer had rented… how quaint this seems in light of the near constant data collection that is taking place as we concentrate knowledge of everything we do in the hands of credit card issuers and Internet behavioral surveillance systems like those operated by Google and Facebook. Now we risk having an even greater awareness of all that we do in the hands of the operators of the AI agents. Jarvis was theoretically intensely loyal to Tony Stark. Agents as a service will not be loyal to the users.
I had a similar experience a number of years ago when I (rather foolishly in hindsight) quit my current employer after 23 years due to a misunderstanding with a customer over a software licensing issue. (The misunderstanding was that the customer for whom I was running their data center wanted me to acquiesce to their bold cost savings measure to license a single server for backup software while they actually ran it on close to 500 servers. Their message to me was that 'if we have to spend all that money getting right with the licensing, we won't have the money to spend with your company on the services we've contracted.' The coup-de-grâce for me was that my manager at my employer didn't see the problem with that logic.)
Anyway, this left naive me out into a job-hunting wilderness that I had absolutely no experience in. Instead of six months of unemployment while I sorted through various offers to find the best one, I spent close to a year fruitlessly applying to job after job, hearing back next to nothing except from certain recruiters who literally thought that they could hire someone such as myself with twenty+ years of experience for about what a new hire out of college would expect to be paid. Once I finally managed to breech the perimeter and talk to actual hiring managers at a firm, I was almost instantly re-employed.
In a test scenario, my wife had a quite capable friend of ours who was looking for work apply (through her company's standard HR process) for a position she was trying to fill and for which she thought he was a great fit. Imagine our surprise when his application failed to pass through the rocky shoals of HR processing and land on her desk.
IF an AI agent could be more capable than the currently standard HR vetting process, and work for less remuneration than a human HR staffer, THEN it would be a wonderful boon to both employers and job seekers. The bar seems low, to boot. But recent experience seems littered with AI assistance to HR that failed miserably, so I cannot be even cautiously optimistic about this new advancement.
If a fee-fixing cartel is exactly like a price-fixing cartel, And from the article "That's what they're paying for, the collective firepower and being able to strong arm the providers because the providers have nowhere they can turn. They can't say to patients, 'You should really lobby your employer to switch to Aetna because Cigna is screwing over."
So what is the difference between this fee-fixing cartel (that is exactly like a price-fixing cartel) that is able to strong-arm providers because they have no where to turn, and a so-called "single payer healthcare system" such as "Medicare for all" that has been discussed as the fix for US healthcare? Isn't one of the functions of the government as the single-payer to set the fees providers can collect? That is what Medicare does for seniors in the US (along with Medicaid for the indigent), with some providers opting out of caring for Medicare patients because they can't make a living on the fees that have been established (according to the providers, anyway).
Is the idea that the government is going to be an efficiently operated "wise uncle" for both the health care providers and the health care consumers, brokering fair fees despite lobbying and politics? Perhaps this approach works in a different socio-political context where there is precedent for government-run healthcare, but it seems like a very difficult pinnacle to ascend to in the context of the US, US politics, and US consumer and healthcare provider expectations. With the sums of money involved, it seems unlikely that skulduggery won't become the "invisible hand" embedded in the system.
Why is it normal for a mortgage to require life insurance? The mortgage is secured by the property for which the loan was made to enable the purchase, and the recovery of the unpaid loan value in the event of non-payment is by foreclosing on the property and selling it. My wife and I have a rather substantial mortgage, and neither of us have any life insurance. (My wife and I only got term life insurance when we started having children so that we could get through the death of one of us, and we dropped the term life coverage when the oldest reached 18 years of age.) Have I somehow managed to doge a common requirement?
I'm privacy-minded, but I have trouble labeling the behavior (as described) as collecting anything. If I'm at the beach, looking for a particular kind of rock, I'm going to pick up a lot of rocks, examine them, and toss them away unless the rock is the one that I want. Did I "collect" all of the rocks I discarded because I held them briefly? I don't think so. I only "collected" the ones that I decided to keep.
The store has a valid use case - keeping persons banned from the store from entering the store, or at least detecting when they have entered so as to be able to intercept them and escort them back out. Is the argument that the banned people need to be warned before their information is "collected" for the purpose of enforcing the ban? Do the banned people's right not to have their data collected supersede the store's right to enforce the ban?
The main risk to the general public here that I see is false positives - people who haven't been banned from the store being incorrectly identified as being banned. Their data will be "collected", and they will face either an immediate action from store personnel intercepting them and escorting them out, or a delayed action from a claim that they violated their ban in some legal proceeding. I would focus on how strong the protections are in the system for people who are incorrectly identified as having been banned. Is their "collected" information quickly and thoroughly deleted completely from the system once it is recognized that it was a false positive or (better yet) if it can not be proven within a short period of time that it was a correct identification?
My 24 year old daughter accompanied me to the "close" of buying a new car. I wanted her to see/experience the sales tactics/pressure as an observer. Apparently a big part of the "upsell" these days is getting buyers to sign up for recurring charges in the form of "connected services"*, the "foot in the door" of which is getting the buyer to install the automative manufacturer's "app" on their smart phone (no obligation, free trial of connected services for months, and certain car features that require the app even without connected services). My daughter said it was very funny to see the look on the salespersons face when I matter of factly rejected the app installation with "I don't install apps on my phone". He was blindsided apparently, and it took the wind out of his sales and ended all discussion for the "connected services".
He didn't even ask "why not?" But if he did, my answer would have been the same - "I just don't." No explanation is needed, anymore than any business spends any amount of time justifying their policies to their customers.
*Only one of the connected services really needs to be mediated through a cellular radio connection and a global data network, but the car manufacturer would really like the owner to be paying the bill for the cellular service over which they will continually monitor the owner's use of the owner's vehicle. They have even built in the ability for the car to automatically adjust the power driver's seat to a specific person but tied it to the presence of a registered smart phone rather than a key fob or (goodness, how low tech) a simple button press.
With respect to firearms and possessing/using them while committing a (felony) crime, it would not matter if they had serial numbers or not, or were registered or not. I believe that in most (all?) US jurisdictions, the mere possession of firearms in connection with felony-level criminal behavior is its own criminal act. In some cases possession of edged weapons in similar circumstances are also counted as a separate criminal act. These may be "strangely specific" but there you go.
For example from one state, Oklahoma laws related to firearms are listed here: <https://www.oklahoma-criminal-defense.com/crimes/gun-laws>, and one of those listed is TITLE 21 § 1287 Use of a Firearm While Committing a Felony which reads in part:
"Possession of a firearm or offensive weapon while committing a felony is a separate felony from the underlying offense, and the penalties associated are additional to any sentence for conviction of the initial felony. A person may be charged with possession of a firearm in the commission of a felony even if the gun is unloaded or if it is an imitation weapon designed to look like a real firearm.
A person can be charged for simply having possession of the weapon during the crime, even if it was not used or displayed to perpetrate the offense. Conviction of possession of a firearm while committing a felony carries a sentence of 2 to 10 years in prison in addition to the sentence levied for the primary offense."
Criminals engaged in certain criminal occupations where they can ply their trade without firearms will often do so in order to avoid the additional charges.
I was once asked, as I was leaving a position as the chief engineer for a corporate data network, to "write down the procedure for configuring a router for a new site". This was back when many of our remote offices had been operating as their own islands from a networking standpoint but were now being brought into the corporate fold, multi-protocol networks were common, and we were running DECnet (Phase IV), AppleTalk, Novell IPX, and TCP/IP routed to many locations, and some other protocols that were not routable (e.g., DEC LAT) bridged to many locations. There were some aspects of the router configuration process that were not in the manuals but could be written down as a procedure - setting the name, management IP addresses, and other elements common to all routers, fitting the office into our IP addressing structure, etc. I had already pushed to make the router deployment process as "cookie cutter" as possible, but much of the process of bringing a new site onto the network involved doing a site survey, figuring out what they had and how it worked, and then configuring the router (and/or making the site admin make changes to conflicting addressing, etc.) to match and make everything work as well as possible.
I listed the formal education I had related to networking, reminded the requestor of the locations of all of the network documentation that we maintained, and pointed to the Cisco documentation set (which at the time extensively documented each and every protocol their router products supported in addition to the router products themselves), and said "its all covered in these sources." It would have been nice if everything was standardized to the point where a simple procedure could be written, but that state had not yet been achieved in our evolution.
The great COVID pandemic of 2020 generated a forced conversion of work location defaults to "home" for many (but not all) office workers. Many many many other workers either kept working at their work locations, or stopped working.
The interesting reverberations of the "business cycle" (economic fluctuations) stemming from the economic effects of the great COVID pandemic of 2020 have created conditions ripe for employers to switch the work location defaults back to "office".
Acting in their own enlightened self-interest, many employers are taking advantage of the conditions and are switching the default back to "office". I'm fairly certain that they aren't doing this lightly, and that they are reasonably certain that they will benefit from this action. I'm amused by those who aren't running firms insisting that it is all a mistake.
My own take on this great experiment is that: There are jobs that can be done from home, there are jobs than can't. There are people who can/will work well from home, there are people who can't or won't. The intersection of "jobs that can be done from home" and "people who can and will work well from home" is not as large as some seem to think, perhaps due to the egotistical nature of people (what is true for me must be true for most people).
There is perhaps some additional psychology at work here as well... studies show that "loss aversion" is a thing <https://onlinelibrary.wiley.com/doi/full/10.1111/jpr.12385>. Perhaps the risk of a small number of people acting badly in work-from-home situations leads to employers trying to avoid that loss, especially if it makes them look like fools. On a related note, no one wants to think that the presence of surveillance cameras in businesses, homes and public areas is motivated by themselves, but we see hundreds of businesses and regular people who have decided that being able to keep an eye on things is worth the cost.
Prior to the great COVID pandemic of 2020 there was a slow migration of some jobs to home/remote work locations, if only on a part-time basis. My wife and I both relocated about 3,000 miles from where we lived/worked (onsite jobs) in 2015, for example. She kept her job as a remote worker; her job could (mostly) be performed remotely and she was good at working remotely. I kept my job for a short while. Although I was personally reliable at working remotely, many of the aspects of my job (and my value to my employer) were based on a continual presence within a shared workspace enabling frequent incidental observations and conversations - i.e., some of my most valuable functions for my employer were no longer possible when working at a distance. I had warned my employer about this possibility before relocating, and was unable to disprove it once I relocated, and hence took myself out of the picture (hey - Mr. honest and reliable here, right?).
I think the shared experience of WFH during COVID 2020 was a grand experiment in remote work that otherwise never could have been performed. It will inform future WFH/remote work plans by many employers, and probably led to an overall increase in WFH/remote work options. It is not a one-size-fits-all panacea, however, and employers are opting for the default to be "office." It's their money, and they can and should spend it as they like.
(HOWEVER - I also support (limited) government involvement in keeping employers from abusing employees with respect to "work ends when the employee is off the clock" (i.e., no requiring employees to monitor/respond to e-mail/telelphone calls after hours unless compensated).
I live a bit north of Seattle. My kids are out of college now with CompSci degrees, but can't find work. They actually prefer working on-site, so if some amount of the 73% who want to quit Amazon rather than come into the office quit, then they will have a better chance of getting employed.
The biggest problem with the proposals isn't the idea of a kill switch; we use those all the time in various ways. As we start building "AI" machines that aren't just "brains in a jar" and have actual interfaces into the physical world through which they can "take control" of anything significant, it isn't such a bad idea to make sure there is a way to turn it off.
But... the idea that the "kill switches" will be in the hands of "regulators" who will decide what should be killed and what should live is fairly dystopian. Some examples:
We'll have regulators that monitor this new "book" technology. They'll be able to stop any truly dangerous ideas from being mass-communicated.
Hmmm. Automobiles are dangerous. We'll have regulators that can shutoff any motor vehicle remotely if it is being used in a manner we don't like.
Firearms - those are dangerous, too. We'll require built-in kill switches so that we can deactivate them if they are used by the wrong people.
Cryptography for privacy? The wrong people might try to communicate privately. Let's build in a kill-switch so that we can expose conversations that we think shouldn't be kept private.
And now... All of this high-power computational machinery is great. But... people might start using it for purposes that are counter to good sense/what is good for them/what is good for society/people in power simply don't like. So let's have a kill switch that the regulators can use to shut it off.
I'm baffled that with all of the historical examples of how it can go wrong, we still have theoretically intelligent people suggesting that centralized "regulators" should be given vast power to simply cut off things that they don't like/are afraid of/threaten their power. In this case, we would be trading the possible threat of an "AI" deciding it wants to cement its hold on power for the proven (one million times or more) threat of humans that want to cement their hold on power.
Gemini will record and store every conversation for three years? Seems like "Miranda warnings" should be required at the start of all AI chat sessions... "Anything you say can and will be used against you."
I know the "Miranda rights" are a US thing, but I suspect enough US TV has leaked across to the UK that the reference will be understood. Apologies if not.
I avoid the chat "help" functions on websites like I avoid the plague. Why people think it is better to communicate using a typed-out back and forth exchange than to communicate by an interactive voice conversation is beyond me. I get that texting is a cool asynchronous partial-attention communications tool, and I use it that way myself. But when I need to get a problem solved, and I'm reaching out to get help, I don't want asynchronous and I don't want partial-attention. I want full-on interactive attention with voice inflection and all the other queues provided by a live audio stream, along with the feeling of a personal connection. Even if the chat session endpoint claims to be human, one can never be too sure.
This is my concern as well. A judge, issuing a sentence, elucidates his/her reasoning in a publicly available document. I don't know if this is actually legally required (I am not a lawyer). The use of software to aid in "legal reasoning" should require the same sort of transparency, at least in the US. I am not sure how this would interact with the UK "code is correct" unless proven otherwise assumption in legal cases as brought out in the Post Office debacle. Would an individual, brought in as an expert to aid in sentencing, be allowed to hide his/her calculations, and just issue a plain "the defendant should be sentenced to x years" statement that the court then enacts directly? Is this "trade secret" nonsense supported by the (frustrating to me) belief by some members of the public that if a computer says it, it must be so?
It does seem that a regulation such as the EU has reportedly "recently passed" will run into a few problems, including one jurisdiction attempting to control speech in another jurisdiction. If there is a business link (ad sales in the controlling jurisdiction) then there is probably leverage. But it could get very chilling, and as others have pointed out, the public benefits of regulations that describe "illegal content" are probably vulnerable to the definition de jour of that "illegal content".
The "AppleID" is now Apple's "one ring to rule them all" for a user; it is how an Apple user's stuff is associated with that user no matter what platform they are on (iPhone, laptop, desktop, etc.) in space and time (i.e., switch from your laptop to a desktop, or go out and buy a new iPhone, then log in with your AppleID and all your stuff is there magically). But one of its original (if not *the* original) primary purposes of the AppleID was to identify the user for iTunes music sales/playback (DRM content), which was expanded to other sales purposes like the App store. As such, a "payment method" is part of the account record. If I recall correctly, there was a point in time where a valid payment method was a required element (it is now optional). I used an iTunes gift card rather than entering my credit card back then. I doubt the credit card number was hashed, because it was used every time a track, album, or app was purchased. Explicit consent seems to be met by the user entering it as part of creating the account.
The fundamental problem is that businesses want to have their internal business systems co-located on a network accessible to their staff's desktop/laptop computers AND they want their staff's desktop/laptop computers to be located on a network connected to the public Internet and to regularly exchange all kinds of data with that public Internet. Through the transitive property, this exposes the internal business systems to the great unwashed masses and outright evil-doers present on the public Internet.
To the extent to which companies diligently install and operate strong access controls and adequately train and monitor their staff's compliance with administrative policies and operational practices that minimize risk, the configuration might remain secure, but with an always present risk of compromise. Unfortunately, the concrete budgetary cost of this protection gets constantly chipped away, in some ways a victim of its own success (why do we spend so much on preventing security breaches when we never have any security breaches?).
A better configuration would isolate the internal business systems from the Internet-surfing systems altogether (air gap). Higher cost configuration, and might require two devices on a lot of desks, but a higher probability of avoiding a breach. Certain conveniences must be given up, and processes for moving data between the low-trust and the high-trust environment must be put in place.
The Squeezebox was a digital music player from Slim Devices that came out as an evolution of their original SliMP3 (Ethernet-attached digital to analog audio player with display) to market in 2001, one of (if not THE) original pioneers in this space. Slim Devices also invented and distributed the Slim Server software that controlled the SliMP3 and fed it music files from a computer hard drive. Logitech bought up Slim Devices in 2006 and expanded the product line, including producing the Squeezebox Radio, and eventually re-named the server software to be the "Logitech Media Server". Although the Squeezebox line of products is no longer commercially sold by Logitech, the Logitech Media Server is still available in a community-supported version that runs on a wide variety of computing platforms along with a whole host of players, including a) original commercial hardware such as the SliMP3 and the Squeezebox Radios, b) free and open-source products like the Raspberry Pi-based PiCorePlayer, and c) a variety of commercial and DIY ESP32-based players. Logitech continues to support their products as far as the accompanying services go, albeit in a low-key way, still operating the on-line MySqueezeBox.com service that allows Squeezebox Radios to stream music through the Internet without a local Logitech Media Server-based music library and providing the free Pandora service originally offered with the Squeezebox Radio.
I own a still-functional SliMP3 that I bought in 2001 in order to free my digital music to play on regular audio (HiFi) equipment instead of computer sound cards and small amplified speakers. Co-locating a computer with the stereo system and or using low-powered FM transmitters from the computer to a stereo receiver was a less than attractive configuration, both visually and aurally, generally speaking. The SliMP3 provided a way to get all of that music that everyone was ripping from CDs in order to store and playback digitally back into a high-powered, large speaker playback system. I haven't combed through the Sonos patents in detail, but I find it interesting that the battle between Google and Sonos never seems to mention Slim Devices and what may very well be enough prior art to sink most of Sonos claims, with the rest being lame claims of "innovation" that really amounts to nothing more than creating various combinations of equipment all based off of the tech behind the original innovation of the SliMP3 player combined with the SlimServer.
My home's digital music distribution system includes seven perfectly functional Squeezebox Radios (now over 12 years old and going strong), one RPi4/PiCorePlayer with touch screen controls and its own built-in Logitech Media Server that I'm building as a birthday present for my daughter, and a household music server based on a RPi4 in an Argon One case with a 1 TB SSD that holds by 300 GB or so of lossless-format digital music ripped from my CD collection. This system plays all of my local music library as well as music from various streaming services, with certain Internet radio stations (Blues Cove) and the Pandora streaming service as favorites of mine. I'm in the process of adding two dedicated ESP32-based players with built-in 20 watt amplifiers for background music playback.
Slim Devices and Logitech may no longer be commercially profiting from the players, but the ecosystem including the server that they invented and essentially gifted to the community, their original commercial products, and a variety of new player products (DIY and commercial) is still going strong. They represent the best of how manufacturers can support their products and user community, perhaps as a radical counterpoint to Sonos.
Take pictures, preferably with a cellphone so that they photos are internally-documented with date/time and location (GPS here in the US). Always file a report with your insurance company, using these photos. Save a record of filing the report.
I had the misfortune of being in a low-speed traffic backup "merge" collision wherein my vehicle and the vehicle to the left of me came into contact (by only the other vehicle's passenger side mirror's plastic housing barely touching (and marking) the paint on the driver's side door of mine).
I took pictures, including a first one of a middle-aged woman emerging from the passenger side of the other vehicle while the driver still her her foot on the brake. I thoroughly documented the lack of damage to either vehicle pictorially despite this woman's screaming at me and her fevered attempt to stop me from taking photos (at first). She eventually calmed down and we exchanged information, despite the young woman actually driving never emerging from the car. After leaving then scene, I thoroughly documented the accident (pictures, location diagram completed using GPS info on pictures) but was unable to file immediately due to a problem on my insurance company's website.
Several days later I was contacted by my insurance company (which was also her insurance company) with a request for information about the accident, initiated in response to her filing her claim. She stated that I had admitted fault (no, no, never did I). During the conversation the insurance company referred to her as the driver, which I said was not true. They asked if I could prove it. After explaining why I hadn't filed yet (their website had malfunctioned and I didn't have Internet service at my house) I told them I would send them my already completed report, which I did. I pointed out my first picture showing her emerging from the passenger side while the driver obviously had a foot still on the brake (brake lights lit, including third high-mount light). After a couple of days they called and told me it was the best documented report they had ever received, but they wanted to know whether I was making a claim? I said no, the only contact was the mirror housing and my door, which left a colored streak on my paint that I simply rubbed off, so no need. They thanked me profusely and ended the call.
I don't know what the other person was up to, claiming to be the driver, or what damage she reported to her vehicle, but it was all short-circuited by my photos with date, time, and location.
If a corporation is deemed to be responsible to the amounts given in the article for an employee who goes off the reservation, how much more money should a US state government be paying out for the death of a citizen due to an attorney general's "no cash bail" catch and release program for criminals who then murder someone after they are turned back out on the street?
I have every sympathy for the family for this horrible crime, but I'm not following how it is the corporation is liable for the damage amounts in question, even considering their heinous inability to stop the billing for the service visit that resulted in the woman's death.
If failing to foresee a murderous rampage is going to be a cause for awarding damages, the attorneys general of the various states are going to have a lot to answer for.
What if Charter laid this individual off because he was muttering to himself and had various conspiracy theory red flags, and he then went on to murder someone in a robbery because he no longer had a job? Would people be forgiving of Charter or would they blame them in that case as well?
In virtually all US states, shooting someone who has only entered your home and is not presenting a threat of imminent gross bodily harm to people in the home will probably net the shooter a criminal trial and jail time.
Some states have a "castle doctrine" law that makes it clear that one is allowed to use deadly force inside one's home without a duty to retreat from the home, but reasonable fear (not bare fear) of gross bodily harm is still required to justify the use of deadly force.
I.e., if your neighbor walks in through your garage and is looking around for you, it is not OK to shoot them. On the other hand, a stranger throwing a brick through your patio door and continuing to advance towards you after you warn them you are armed and that they need leave your home might be fair game, but law enforcement and possibly an attorney general will need to be convinced that your fear of them was reasonable.
Twisted pair hubs were a big step up from 8-port 10BASE2 (thin wire) DEMPRs (Digital Ethernet Multiport Repeaters) used for either individual office homerun cabling or (for the more cost-conscious) or whole hallways of daisy-chained PCs. THOSE took up a lot of rack space.
That Wikipedia article captures the essence of vampire taps quite well. I still remember the Teflon drill bit in the installation kit, and taking the risk of drilling into the 10BASE5 cable during the day with a live network to get an install done. If one was not careful, then shorting the shield to the center conductor would disrupt communications.
Of course, there weren't really the many stations on the network in the early days of the Ethernet LAN in our 250-person office. A pair of VAXes (11/785 and an 8550 in a CI-based VAXcluster), a handful of DEC LAT terminal servers, and a few PCs for the folks who needed faster data transfers to/from the VAXes than asynchronous KERMIT file transfers could accomplish. DEC Pathworks/PCSA (Personal Computer Systems Architecture) reduced the mighty VAXes to mere file/print servers for the PCs, and added full DECnet node capabilities to the PCs as well.
If Musk, by virtue of his due diligence in his purchase, draws back the curtain a bit on Twitter, and the revelation of what is really going on behind the curtain causes "people to get hurt" - should the messenger be blamed, or the people who were less than transparent about what was going on?
According to a notice now posted on the website, the firm was struggling, COVID supply chain problems did them in, and a last-minute sale (started November 2021) that was to have concluded in March failed. The assets are now being "optimized" by a financial services firm.
I have INSTEON switches in my house, but they are interfaced directly with each other and with my Universal Devices automation system, so no cloud failure has impacted me.
I hope that they devices can continue to be marketed and sold, because their combination of power line and RF communications works in environments where one or the other isn't quite enough.
Editing out LinkedIn mentions of their relationship does seem a bit strange, but perhaps they didn't know how to kindly say "we managed the firm into the ground?"
The INSTEON website has been updated with the following message:
"Dear Insteon Community,
In 2017, after many successful years, Smartlabs, Inc found itself in financial difficulties and the path forward was unclear. That year, Smartlabs took in additional capital and brought in new management to turn the situation around. These efforts resulted in new investment into the fortification of the technology and development of new products. The future was looking bright.
In 2019, the onset of the global pandemic brought unforeseen disruption to the market, but the company continued to move forward. However, the subsequent (and enduring) disruption to the supply chain caused by the pandemic proved incredibly difficult and the company engaged in a sales process in November, 2021. The goal was to find a parent for the company and continue to invest in new products and the technology. The process resulted in several interested parties and a sale was expected to be realized in the March timeframe. Unfortunately, that sale did not materialize. Consequently, the company was assigned to a financial services firm in March to optimize the assets of the company.
The pioneering work in smart lighting and world-class products have created an extraordinary following and community. Clearly, all Smartlabs’ employees who have worked so hard to produce such world-class products and technology hope that a buyer can be found for the company.
Although incredibly difficult, we hope that the Insteon community understands the tireless efforts by all the employees to serve our customers, and deeply apologize to the community."
People who work with classified information know things. Classified things. Classified things that are as easy to remember as people's names, IP addresses, or someone's birthday. They don't need eidetic memory to know them, they just remember them. TS/SCI is not only broadly classified by level and need to know, it is specifically restricted (compartmentalized), so the relationship of fairly trivial to remember information to something that else makes it classified. It sounds to me that Person A sent an e-mail to person B with said e-mail contents containing some amount of information (possibly very small) that Person B wasn't authorized to know. It could have been people's names, it could have been IP addresses, it could be some dates/times.
Perhaps the individual in question can use the HRC defense.
Several conflated factors lead to the US tax reporting mess from what I have seen:
1. The tax code, as dictated to the IRS by the US Congress, is anything but simple. All kinds of political grandstanding from incentivizing people to jump on various "green" initiatives to encouraging college, medical, and retirement savings and spending to operating sideline federal welfare spending programs gets wrapped up in the guise of the "income tax" collection process.
2. The US tax system is a "voluntary tax program" (in the sense that it requires voluntary thinking and movement, not that you can volunteer [or not] to actually pay taxes). Although more and more types of data on citizens financial activity is reported directly to the IRS each year by various institutions, there is no single repository of all information, not even within the IRS. Citizens are required to understand, interpret, and apply tax laws to their own circumstances and self-report their interpretation of their financial obligation to the government. For some, with only a single employer, no investments, limited banking, and other simplicities, the government does have all of the data on-hand and has, at least in the past, offered some EZ file options. Many people have complications, though. I haven't been able to file my taxes easily without software or paying a preparer for fifteen or twenty years. Regardless, the IRS takes what the citizen self-reports and then determines whether it all hangs together, both what they already knew as well as what the citizen adds in their report. This process is more reactive than proactive, and how well it works depends on how much the Congress decides to fund the audit activity. This waxes and wanes due to political whimsy.
3. Some years ago I was involved in a large-scale effort on the part of the IRS to "modernize". This was right around when doing business on the web was becoming standard, but not yet the default way everyone was operating. The project requirements specified that it would provide a web-based way for citizens to interact with the IRS for many things, including filing taxes. You can imagine my surprise, then, when after months of effort defining requirements, doing analyses, and starting design work, I ended up in a room with some IRS folks who apparently didn't get the same memo as the ones pushing the project. They insisted that the IRS IT systems holding "corporate data" were forever and always barred from being connected in any way, even indirectly, to the Internet. Because security, of course. So direct service to taxpayers was out. But the IRS could let those systems connect with trusted "third party tax service providers". Thus the paradigm of submitting taxes completed using third-party tax software, submitted to that tax software vendor's corporate systems, and then and only then that information being sent along a trusted pathway to the IRS systems holding "corporate data".
It is definitely in the IRS' best interests to have tax preparation simple, relatively easy, and all electronic. There are lots of good folks there who want that to be the case. However, the US Congress needs to be convinced to manage the US tax code in a manner that permits that to happen, both in terms of its complexity and in terms of how often (and late in the yearly cycle) they make changes to it. And the "security" folks at the IRS need to (if they haven't already) put on their grown-up pants and face the reality that they can't hide behind outdated security rules forever.
The US IRS "Free file" program leverages the existing tax prep software companies to produce a citizen-facing friendly software product that the average person can use to complete their tax return and (ideally from the IRS point of view) file it electronically rather than on paper. This is a very desirable outcome on the part of the IRS.
Producing the tax prep software is not a trivial task, as the US tax code (and the IRS rules to implement/enforce it) are complicated and subject to change right up until the end of the tax year. Getting a government agency to produce a reasonable friendly software product that meets all of the government internal requirements (ADA compliance, anyone?) in that time frame is virtually impossible.
The tax software companies stand to make more money if they can get the citizen to pay for the tax prep software, however. They are incentivized to convince the citizen that they need the "for pay" version, and in some cases well-known companies have gone to extreme lengths to obfuscate the truly free tax prep software that they agreed to make available to citizens as part of their business arrangements with the US government.
Just this morning I could reach theregister.com on my mobile phone, but not on my laptop. The laptop showed a resolution for the name, and I could ping the name/IP address, but trying to make an http(s) connection to theregister.com resulted in a "server not found" error in both Safari and Firefox. I rebooted my laptop and could then get to The Register's web pages.
I have suffered myself trying to figure out how to show how a service that I was responsible for was up or down when the answer was almost always "it's mostly up but decidedly down for some folks". The problem with obtaining an "are they up or not" view of any major Internet service is compounded by the fact that we don't all see the same view of the Internet due to things like different routing paths, proxies, and (for media) content delivery networks.
I worked for SAI (Science Applications, Incorporated) and then SAIC (Science Applications International Corporation) for a number of years before a) the original employee-owned company was taken public, and b) the eventual split into LEIDOS and SAIC. I left after it went public but just before the split. The SAIC name was the name of the overall entity before the split, by the way, with the LEIDOS name being invented as part of the breakup. The original firm, founded by Dr. J. Robert Beyster, prided itself on doing good work and being entirely employee-owned. It was a fantastic place to work, and a tribute to Dr. Beyster's original vision. One of the informal guidelines in the original company was to *not* protest contract awards. That makes it somewhat sad that there was a protest by one shard against the other. The writing was on the wall by the time the original company was taken public, something Dr. Beyster was against. He got old and eventually had to let go of the reins, at which point senior managers that I think had less conviction and more greed (they saw even bigger $$ for themselves by going public) took over. I saw the original internal ethics process morph from a "we want to do the right thing always" approach to a "compliance" approach, which certainly didn't help maintain the spirit of the original corporation. Ah, well. The king is dead, and the kingdom was raped, pillaged, then split asunder. (These views are my statements of my opinion in case any legal beagles are reading this.)
I don't know why some consider it a badge of honor to NOT read instruction manuals. When I got started with VAX computers, I read the doc set. When I took a DEC Rainbow 100 out of its box, I read the manuals before I tried to turn it on. When I got started with Cisco routers, I read the doc set. When I got started with the Internet, I read the RFCs. I startled a friend who had a sendmail problem when he found out that I kept my sendmail book in my gun safe (so I always knew where to find it).
It is a strategy that has worked well, and led (eventually) to me being comfortably retired earlier than otherwise expected. The major downside to it is the strangled "thanks" I get from my spouse every time something "just works" for me that hasn't for her (she appreciates the fact that it works for me but somehow wants to hold me responsible for it not doing so for her).
It is hard to get engineers to document things, so when someone goes to the effort to write it up, the least I can do is take the time to read it. And due to a cumulative advantage effect, the more documentation I read, the easier it is to read and extract valuable knowledge from documentation.
I think it is possibly a "mapping gap" between what Oracle sales staff led the council to believe they were buying for price X versus the much reduced functionality that was actually available at that price. During the "pre-design" phase there were probably a lot of "that's extra cost" revelations. I wouldn't be surprised to find out that there is a much higher price tag on the project as well as on-going operational costs once the project is complete.
There is almost always a big gap between the capabilities demonstrated to senior management types and the capabilities actually made available for the price that is mentioned. The ugly truth is only revealed once the required signatures are in place, the project has begun, and the technical staff (who know what the real requirements are) start digging into the actual implementation.
According to a book I have about ENIAC, John von Neumann, although a brilliant fellow, was not principally involved in developing the architecture that somehow became named after him. The Wikipedia article on von Newman says this:
While consulting for the Moore School of Electrical Engineering at the University of Pennsylvania on the EDVAC project, von Neumann wrote an incomplete First Draft of a Report on the EDVAC. The paper, whose premature distribution nullified the patent claims of EDVAC designers J. Presper Eckert and John Mauchly, described a computer architecture in which the data and the program are both stored in the computer's memory in the same address space. This architecture is the basis of most modern computer designs, unlike the earliest computers that were "programmed" using a separate memory device such as a paper tape or plugboard. Although the single-memory, stored program architecture is commonly called von Neumann architecture as a result of von Neumann's paper, the architecture was based on the work of Eckert and Mauchly, inventors of the ENIAC computer at the University of Pennsylvania.
I think Eckert and Mauchly deserve credit for their work.
Three aphorisms:
o The punishment should fit the crime.
o Context is important.
o Let he/she who is without sin cast the first stone.
An observation:
Stereotyping, part of the cognitive process of inference/generalization, is part of the cognitive toolset used by humans to make sense of and communicate about the world.
Exercise for the reader:
Construct an argument for/against taking Action1 against PersonA based on PersonA’s vocalized ConceptAlpha. Use all three aphorisms and the observation in your argument.
Bonus Points:
Construct the reverse argument. Compare and contrast.
An important Windows 95 attribute that was left out of the article is the TCP/IP network stack. Prior desktop versions of Windows didn't come with a TCP/IP stack, leaving the third-party market open to "innovate." This led to multiple commercial TCP/IP implementations for those prior versions of Windows, and 3rd-party application vendors typically only worked with one of those alternatives. If a user wanted to use two different applications that themselves used different TCP/IP stacks, reboots were necessary to switch between applications. This was a pathetically non-user-friendly approach, and one that helped maintain about a 50-50 mix of Apple Macintosh (with Apple's MacTCP networking stack) and Windows desktops in the large corporation at which I worked at the time.
The Windows Sockets API (not from Microsoft!) was a step in the right direction, but the Windows 95 TCP/IP stack, included with the operating system (and actually released separately and earlier to run on Windows 3.1), was a major boon. If Microsoft had continued to keep its head in the sand with respect to TCP/IP and the Internet, Windows 95 might not have been quite so successful. You can write encomiums to the Start button, but the native Windows 95 TCP/IP stack was just (if not more) important to the success of Windows 95.
I do not hope he wins. A telephone company's protections against unauthorized phone number hijacking should be sufficient for ordinary risks, not the pressure of a $24M payoff. If the phone company's protections must be proof against $24M, or $100M, or (what limit?) attack motivations, then the increased costs (both monetary and otherwise) will be borne by everyone all the time.
If the number had just been hijacked for ordinary reasons (someone wanted that number, someone wanted to hassle the owner) then when the hijack was discovered AT&T would have been able to restore the number to its rightful owner. The only loss would have been some inconvenience to the owner, perhaps some social relationship repair.
According to the story, AT&T didn't just fold and give away the number at the drop of a hat, but failed under sustained pressure by the baddies against the system. It wasn't just AT&T's failure that led to the loss of the $24M, it was a series of protections that failed. Ultimately much of this series of protections was the responsibility of the individual who lost the $24M to ensure that these protections were sufficient to the threat. I don't think it was reasonable for him to expect the AT&T protection against number hijacking to be designed to handle the pressure of a $24M threat.
"I can't reconcile laws limiting free speech, such as 'official secrets' with 1A myself. It's one, or the other, but not both. 1A would appear to make later laws invalid, but I'm in the UK, and this stuff doesn't apply here."
Anyone who receives a security clearance in the United States has voluntarily agreed to and signed a contract that restricts their ability to speak freely on certain matters. It is known to those signing the contract that violating the contract can result in a draconian effort to punish the violator. Snowden did his thing with the full knowledge of what would happen, apparently because he thought his sacrifice was for a greater good. The individual in question in this recent case did not appear to have had as lofty a purpose, nor the same understanding of the likely consequences of her action. I don't believe there are necessarily political motivations behind her punishment, it seems enough that she flouted what are very clear rules. It is not so much that she twisted the tail of a political figure by revealing "oooo - we know the Ruskies hacked us" but that she sinned against the system itself when she violated the terms of the agreement she made when given her clearance. If infractions like hers are not punished, then these agreements would cease to have meaning.
US customs has always had the authority to search through goods being brought into the United States, whether by a citizen or a visitor. I'm fairly certain every country reserves that right, and some probably exercise it even more frequently than the United States.
What is an evolving point of law is whether the right to search goods being brought into the United States includes the right to search through information contained on an electronic device, as opposed to merely searching the material nature of the electronic device, especially if the person to whom the electronic device belongs is a US citizen. There have been several somewhat recent court decisions that seem to be pushing back on the US customs claim that they have the authority to search the information as well as the physical device; it is unclear to me where the ball will fall with the final spin of the roulette wheel. It is difficult for the customs folks to claim that their search is necessary to prevent the introduction of illegal information into the US, or to claim that it is necessary in order to enforce US tax law or tariffs on the information, as far more information flows in (and out) of the US on data networks. In the case of a citizen, searching through that citizen's information (without a warrant) seems like an unwarranted invasion of privacy (pun intended), that murky right described (somewhat) in the 4th amendment to the US Constitution.
I don't think the legal landscape is as wonky as suggested: "And coming to think of it, I'll store the PIN for the device on a classified network. Tell the TSA agent that the PIN is classified, which it then would be and if he or she insists, have them arrested for espionage."
The simple act of putting the PIN on a classified network would not make the PIN itself classified (it would make access to the PIN through the classified network require a security clearance, but not access to it through other means). The PIN exists outside of the classified network, and no reason exists for the data that is the PIN to become classified. If merely storing data on a classified network made that data classified, then a lot of public domain news would be classified as it is ingested into classified networks for analysis and situational awareness. If the PIN was classified, it would be illegal for a cleared individual to use it on the phone itself, as the phone is not authorized for the storage of classified data.
I lived through the Bell/AT&T break-up and the introduction of the Internet (first) and then widespread cellular service (second) in the US. If AT&T/Bell had been run as a semi-government corporation like the US Postal Service, the introduction of the Internet and cellular service would have been considerably slower. The breakup of AT&T lead to a dramatic reduction in telephone costs, especially long distance telephone costs, in the US, but in no way slowed down the introduction of Internet services.
AT&T had no clue about the Internet, and their moribund internal processes would have crept along ever so slowly. They had already spurned the idea of packet-based networks when the DoD first came calling with the ARPAnet. The Internet initially flourished because the only thing "the telephone company" needed to provide for subscriber connections was a voice-service telephone line, which practically every household already had (thanks to Universal Service mandates from the government) and which ISPs were able to request installation of en masse. Thousands of independent ISPs using dial-up modems met the need for last mile Internet connectivity; they rapidly broke out on every street corner it seemed once the "no commercial traffic" prohibition for the Internet backbone was laid to rest.
The RBOCs (Regional Bell Operating Companies, aka Baby Bells [what the local services part of AT&T were broken up into]) that provided local telephone service after the break-up only got into the Internet act when they saw there was an almost insatiable demand for connectivity and speed. They began buying up the little independent ISPs, and they developed digital subscriber line services that could be laid on top of the existing copper for voice services (DSL provided the "always on" Internet *and* allowed for simultaneous voice service as well). Cable companies started getting involved then as well, first with rather painful attempts to make their "barely functioning for one-way video cable plants" work with two way digital data, then upgrading their plants to provide better and better digital services. Eventually the battlefield in many areas had only two major combatants; the telephone company and the cable company. Oh, yeah... satellite providers tried to get their foot in the door, but the round-trip latency was (and is) a deal-killer for many folks.