Posts by NoKangaroosInAustria 44 publicly visible posts • joined 15 Jan 2020
But it's not really like RAID-1 now is it? these are not independent disks attached to the same device but disks in different devices in two geographically separate locations. No one would have faulted them if they stopped there but thankfully, they had an additional provider to backup their main backup provider, so kudos to them.
You wrote: "Essentially, what is being described here is the location data for the phone, not the subscriber, and GDPR does clearly say that it applies to data subjects which are "natural persons". There isn't necessarily a 1:1 correlation, so the court does have a valid point."
I disagree. The court does not have a valid point because the issue is not if it a 1-1 correlation should be established between a phone and a person. The location data is being generated by *my* phone, which *I* own and hence, it is my PII. GDPR aims to protect Personally Identifiable Information (PII).
Even if someone else used it temporarily, this is not any of the Telco's business. I registered the sim card with them, I am paying them the monthly bills, it's *my* PII data which enables anyone with live access to the generated location data to uniquely identify me.
By the same logic, just for the sake of argument, why would the Telco ask this particular customer to pay a monthly bill for accessing the phone network? After all, it *could* have been someone else using the phone, right? I wonder if that would fly with the Telcos.
I had the same problem a while back - so I looked around and installed both Pinta and Krita for comparison sake and ended up using Pinta for the task at hand simply because it looked simpler at first cursory glance.
But then again, I haven't touched either of them since - since I normally don't do graphics stuff :)
Have you tried either of them?
Hmm... Ok I'll bite too:
Apples to Oranges! It is a bit disingenious to compare a raspberry pi to a windows laptop and here is why:
The pi is a special case where you have specialized hardware running a specialized distro and this is a very pi specific and well known problem. There are literally millions of pages on the Internet addressing pi display problems on TV devices via HDMI and picking the correct overscan settings.
Any standard laptop / desktop pc running Linux with a regular HDMI port will work with any standard tv that has an HDMI input. At least, that has been my (admittedly non-representative) personal experience with using various Linux Laptops to watch media on my larger TV screen(s, I have changed TVs multiple times) over the past 15 years.
You have taken a known problem specific to the Raspberry Pi and the Raspbian platform and made a generalization which is not in any way applicable or relevant to any other Linuxes / devices. If you really want to make a valid comparison, I suggest you make a startup linux mint usb stick, stick it into one of those windows laptops and see if you can get a picture on your TV and if you don't, then feel free come back and tell us all about it, because THAT would be a more valid argument to back up your statements.
weeell, one would think that because in theory yes, that's what it says on the docker tin. But in practice, it works a bit differently. Docker isolation is a double edged sword, especially if your app depends on another upstream app which doesn't upgrade or alternatively, upgrades itself in a way that breaks YOUR application, because then it's again your problem. The Isolation concept of docker primarily benefits you with regards to the multiple parts of your application being isolated from one other.
Let's assume - for example - that you have two scenarios: in scenario 1, your app depends on an upstream app which has not been upgraded against a known and publicized security vulnerability and in scenario 2, the upstream app has been upgraded but in a way which - if applied - breaks your app.
Docker Isolation enables you to have the particularly undesirable choice of either continuing running your app in a configuration which you know to be unsafe or in a configuration you know to be safe but unstable or non productive/offline
Docker Isolation would be fulfilling it's job perfectly in this scenario - you are insulated as long as you do not change anything in your current setup - security vulnerabilities and all, which is of course a less than ideal situation.
Because knowing the password hash alone isn't useful to the hacker - they still need your actual password to login - hence the other posters comments regarding rainbow tables - which are precomputed tables of corresponding hashes for all possible passwords up to a certain length. I hope I am not woefully misunderstanding your question.
Disclaimer: I am not a lawyer and I am certainly not an expert, but a small part of my job entails familiarity with the GDPR.
You wrote: "This is equivalent to have the 3 parties in the same meeting room, having the customer recite their personally identifying data out loud. Then claiming there is a GDPR breech by the defending company, because Google wrote the information down."
Erm... no, that is not an accurate analogy of the situation and certainly not the way GDPR sees it.
A better analogy would be: "This is equivalent to having a meeting to sign a contract between 2 parties, and one party brings their pumped up bodybuilder friend along and says to the other party, "I need you to sign here, here and by the way, if you have any questions, address them to him *gestures at bodybuilder*, he has access to your data".
The user did not sign up with Google, but with the defending companies providing the service.
GDPR clearly differentiates between the roles of Data Controller and Data Processor and specifies that the Data Controller cannot delegate their PII* safeguarding responsibility to the Data Processor.
In this scenario, Google is the data processor but the defending company is the data controller and hence directly responsible according to GDPR.
*Personally Identifiable Information
>With your logic, if someone refused to buy a Trabant, you would scream at him that he's anti-car.
Yes. Absolutely. Thanks for proving the opposing party's point.
According to Wikipedia, the Trabant came out in 1930s in Eastern Germany. Or to put it differently, it was the first and only car available there at that particular point in time and place (Place = Communist East Germany behind the Berlin Wall)
So if you were refusing to buy a Trabant at that time and in that place because you were holding out for
something better even though there wasn't anything comparably good available - then yes, that would make you anti-car and entirely anti-reason.
Came here to post the very same comment - happened to me a few years ago in Switzerland that Booking.com had reserved a fixed number of rooms at price CHF x whereas the hotel's going rate was CHF x + quite a bit more. I ended up booking through Booking.com. Back then they used to have warnings like "only 2 rooms left!" displayed in red warning letters on the website.
RE: "GDPR is a joke".
You have a right to your opinion of course. And while you are free to think of GDPR as "a joke", a couple of companies would strongly disagree. Please refer to this website that tracks GDPR fines: www.enforcementtracker.com
Sorry to contradict you, but, that's not entirely as easy as it sounds. IANAL, but GDPR Article 33 ends as follows: "Where the notification to the supervisory authority is not made within 72 hours, it shall be accompanied by reasons for the delay."
My understanding of this clause is that it doesn't absolve the data controller of their reporting responsibilities but merely extends the 72hr window to whatever the data controller can argue was a "reasonable" time period to prevent/mitigate risks to rights and freedoms of persons and so on.
If (or rather when) the breach eventually becomes known and the controller can't sufficiently justify the risks that they purportedly were mitigating whilst violating the 72 hours rule, well - let's just say some bigwigs@data-controller might have a harder time collecting their undoubtedly well deserved bonuses.
So, we have this thing in the EU called GDPR which does just that. Now who's got egg on their face?
/snark mode off
Yes, I know gloating is unbecoming but considering the amount of anti-EU=Anti-GDPR postings the past year alone, this feels good.
And TBH, I think California, New York and IIRC 2 or 3 other states individually have somewhat similar and strict regulations to varying degrees.
My phone has that and I think it's awesome!
And since I choose it specifically for being an Android One phone, it has the added benefit that I'm still getting security updates even though the phone came out July 2018.
I'm currently on Security update status of 1. December 2020. Contrast with my previous Huawei that basically stopped receiving updates half a year after i bought it.
Btw, it's a Xiaomi Mi A2 Lite. Downside - it doesn't have the best Camera. Basically any of the Samsung Galaxy Phones I have owned had a better camera.
Me neither. Working from home (lockdown) and Skype-ing with colleagues means I screen share if i need to show or discuss something with a colleague - which means no printing.
I honestly haven't printed anything for work for about a year now.
You wrote: "EUGDPR prevented Facebook from implementing Anti Suicide measures."
I provided you with a link showing that they had less than stellar motives for developing the tool which would have violated the "informed consent" provisions of the GDPR.
I'm still not sure whether you're trolling or not, but I willing to give this another go, using both links that you and I have posted, so here goes:
Facebook/Instagram did not set out to develop a tool to recognize suicidal tendencies for altruistic purposes or to benefit their users. They set out to collect personal data on their users of the sort: "XY has suicidal tendencies" which they then wanted to sell to advertisers to market their products at.
I hope we can universally agree that that is an immoral and objectively wrong thing to do.
Additionally, the whole argument seems pretty rich considering that they would be pushing a solution for a problem that they helped create and are perpetuating.
To quote the suicidees parent in the BBC article you linked to:
Molly's father, Ian, has previously said the "pushy algorithms" of social media "helped kill my daughter".
The link i posted clearly states: "...The second way Facebook could avoid data law concerns is by asking for consent, perhaps by making the system opt-in. However, in the US and elsewhere, users won't even be able to opt-out.".
My standpoint is: GDPR didn't "prevent" something good from happening. All that Facebook/Instagram had to do was obtain consent before gathering and using personal data for whatever specific purposes which was agreed to by the users.
So you see, it is about consent. This shouldn't be a controversial topic, yet here we are.
You wrote: "Good. Wasnt GDPR the reason dangerous videos of self harm couldnt be automatically screened out from viewers? GDPR limiting the technology able to be used at figuring this stuff out."
Nope, sorry but that's been soundly debunked. It took me all of 30 seconds of Googling to find this: https://www.wired.co.uk/article/facebook-suicide-alerts-gdpr and even less time to find one right here on ElReg showing that it's all about Facebook being unwilling to hire people to do the job properly: https://www.theregister.com/2017/05/03/3k_reviewers_live_murders_on_facebook/?page=2
Dear Codejunky, at this point, i'm beginning to suspect that you're deliberately trolling. Even though you seem perfectly capable of finding the sometimes questionable links you post here, you seem to be consistently unable or unwilling to see or consider a significant amount of more reputable links disproving your theories.
I enjoy good intellectual exchanges of ideas with "the other side" but facts still matter.
"In Austria, around the introduction of the GDPR, there was a discussion on whether door bell labels on apartment blocks violate the GDPR - I kid you not."
Austrian here - I can definitely confirm that this is a thing. Since spring/summer this year (2020), my Apartment complex has removed all name tags from the door buzzers of all the buildings.
Downvoted because - facts matter.
Google "eu gdpr vs us" and pick ANY of the top results. A total Investment of 3 mins skimming would have revealed the common consensus that the eu gdpr is objectively better for consumers than the current POSL the us has. There is absolutely no debate about this, no ambiguity.
The constant demonising of the EU at every turn by B***it supporters is getting rather tiresome.
...Instead and they can partly blame the Russians for their losses...
Because, let's be honest, the Russians did meddle in their 2016 elections, so at least part of the blame should be assigned to them. And let's also not forget that the "shite candidate" was able to get more actual votes from real people - which in most (other) modern democracies is interpreted as the will of the people.
But i'm puzzled, how on earth did we get from Padlocks to Politics?
I also host my own mail server.
And speaking of standards compliance (warning - rant alert), after a fair bit of deliberation, i recently implemented DKIM and SPF to try and reduce the amount of spam emails i get. I can only handle so many offers for cheap boner pills and love in all the wrong places per day.
I was quite surprised at some of the major corporations with improperly configured or non-existent SPF records i discovered.
In one instance, a Company had some of their mail servers located in a cloud environment. Presumably, this wasn't their original setup, because while they actually did have an SPF record, their SPF record reflected only their actual domain but not the domains / IP adresses of the cloud provider on which their mail servers were hosted, prompting my mail server to reject all emails coming from them as most likely being spam.
Since I do need to continue receiving emails from them, I took the easy way out and whitelisted their cloud provider from SPF checking at my end.
*sigh*
Speaking from one of those holdout countries, the general feeling on the ground is that people see it as good and necessary to show solidarity with your neighbours i.e. EU members in dire straits due to the pandemic.
Just to be clear, the four countries that refer to themselves as the frugal four are referred to by everyone everyone else as "the stingy four" and most people feel thatthe most affected countries like Italy were not getting the help they needed at the speed they required.
*sigh* how many times do IT folks have to tell lawmakers and law enforcement that a selective backdoor which swings open only for lawful authorities does not and can not exist and that Backdoors do more harm than good?
Does anyone else feel like we're stuck in a stupid time loop where stupid ideas get recycled ever couple of years or is the inability to learn from previous mistakes just basic human nature?
You could always explore the Android One route.
The incredibly bad security update policies of my previous Huawei and Samsung mobes finally convinced me to look around for more secure alternatives. I stumbled upon Googles Android One program and went with a Xiaomi Mi A2 Lite. Bought the phone last summer which according to its build number was produced in 2018. I have been receiving regular/quasi monthly security updates ever since - with the occasional slight delay.
My current Security Patch Status is dated 01.01.2020 - thats a far cry from what i was used to with Huawei and still miles away from my Samsung.
Argh! i liked your comment and now you have 43 upvotes. A millisecond before my finger completed its vertically descending journey against the mouse button, i thought "Haha, 42 upvotes? what are the odds of that?" and now i found out, likes can't be undone.
My profound apologies.
This makes me feel depressed. So depressed, that i'll be leaving now.
Mine is the one with the keys to the Infinite Improbability Drive in the pocket.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2025
