Eldakka’s Techdirt Profile

eldakka

About Eldakka




Eldakka’s Comments comment rss

  • Oct 15th, 2017 @ 6:18pm

    (untitled comment)

    When news outlets originally reached out to Accenture,

    I hope they failed to connect, otherwise there could be some assault charges being laid!

    What's wrong with "originally tried to contact Accenture"

  • Oct 4th, 2017 @ 12:22am

    Re: Re: Hmmm.

    ...I'm not going to give somebody a cookie just because he didn't commit a felony, John.

    Unlike the US (and probably other) militaries?

    Good Conduct Medal:

    The Good Conduct Medal, each one specific to one of the five branches of the U.S. Armed Forces, is currently awarded to any active duty enlisted member of the United States military who completes three consecutive years of "honorable and faithful service". Such service implies that a standard enlistment was completed without any non-judicial punishment, disciplinary infractions, or court martial offenses.

  • Oct 3rd, 2017 @ 5:12pm

    Re: Re: Exercise your rights? Oh that's going to cost you

    I doubt it.

    Most governments of the world will say "hey, that's a cool revenue idea, let's implement it ourselves!"

  • Sep 30th, 2017 @ 10:49pm

    Re: Re: Re: Re:

    ditto.

    Been using javascript blocking for years. In the early days I'd have JS disabled entirely in the browser, then used addons that added a button to disable/enable it, then later ones that allowed per-site, then still later the more advanced ones like noscript, policeman, umatrix, and so on that allow blocking not just on the site, but subdomains, cross-site, and so on.

  • Sep 26th, 2017 @ 9:41pm

    (untitled comment)

    And, frankly, it's kind of difficult to justify why we still have an electoral college when it's quite clear that it serves no really useful function.

    Two sentences later that justification is provided:

    because it's part of the Constitution,

    Wasn't that hard really, was it?

    Since it's a part of the constitution, you'd need to provide a strong enough justification to not have it to get a constitutional amendment passed.

  • Sep 21st, 2017 @ 10:54pm

    (untitled comment)

    this nonsense would be done away with more quickly than a federal informant working on the inside of the cartel.

    badum tish

  • Sep 21st, 2017 @ 10:50pm

    (untitled comment)

    Traditionally we've comforted ourselves by insisting we're safe if we just avoid untrusted app stores, dubious attachments, or questionable links -- but this attack further up the software supply chain erodes public trust, which could deter users from using or updating essential protection.

    I've never believed this, but then again I work in IT so perhaps am more skeptical of the claims made by the industry.

    I've always believed the greatest risk to security are the auto-update mechanisms in applications - browsers, the operating system itself (e.g. Windows) and so on. An attacker just needs to compromise one system, as in this case, and millions can be infected using a program they've used for years, if not decades.

  • Sep 21st, 2017 @ 10:23pm

    (untitled comment)

    Sky News understands that 80% of investigations into terrorism and serious crime are now impacted by encryption.

    Considering that the GSM cell phone standard includes encryption from the handset to the base-station, but no further, it would not be a surprise to learn that 80% are impacted by encryption - because if it involves a mobile phone it should be encrypted as per the standard.

    However, the GSM standard only requires handset to base station encryption, therefore if the intelligence services have access to telco feeds (either from a co-operating telco or surreptitiously), they can collect the data once it's de-crypted at the base station (i.e. the cell tower) and enters into the telco's backhaul network.

    Even then, most of the mobile network encryption ciphers have been cracked and are subject to real-time cryptanalyst if the eaves-dropper can't get the unencrypted data from the telco's network directly.

  • Sep 12th, 2017 @ 10:30pm

    (untitled comment)

    But the crux of the silliness here is that this is a letter from a "police union" asking a person's employer to investigate an employee for speech it claims is "false and defamatory." It should be obvious that there are legal relief avenues for "the police" if they feel they have been defamed.

    The police union and the police are separate bodies.

    One is a private, civilian organisation who's paying members employment is with the police department. The police is the government body that performs policing functions.

    Therefore it is not the police who have taken issue with Bennett's statements, it is the police officer who has personally taken affront and his union, the police union, appears to be assisting (or working on their own without their member having asked them to assist).

    Since it's the police union that has an issue with a civilian causing problems for one of its members who's employment is as a police officer, why would the police, a different body altogether, get involved?

  • Sep 5th, 2017 @ 5:45pm

    Re: Re: Re: Public road, no "right to privacy"

    replying to my own post, edit would be nice ;)

    I wonder if this precedent, that there are privacy concerns with the data, could be used to again challenge the collection in the first place?

  • Sep 5th, 2017 @ 5:43pm

    Re: Re: Public road, no "right to privacy"

    The police can collect records because there is no expectation of privacy, but the public can't see those records, because people have an expectation of privacy.

    That's where I'm getting confused with this whole situation. If they are allowed to collect them because of no expectation of privacy in a public place, surely those raw records also have no privacy implications? Sure, an analysed/annotated database of the records such that the police may have created perhaps have privacy concerns, but not the raw data.

  • Sep 5th, 2017 @ 5:39pm

    Re: Re: Crowd sourced police locations

    I think the issue here would be where you put the cameras.

    If they are on public property (sidewalks etc.) then the local government would be within their rights to remove it.

    If they were attached to, say, utility poles, then again the owner could remove it and/or sue for trespass.

    You'd need to place them in locations where the owner/tenant had given permission to place them.

  • Aug 24th, 2017 @ 7:53pm

    (untitled comment)

    I hope the Supreme Court upholds the review process.

    More than 80 percent of trolls' victims are small and medium-sized businesses,

    IMO that is a pretty meaningless statistic. As far as I'm aware, the vast majority of businesses that exist fall into the SME category. The number of large or enterprise class businesses is relatively small. Therefore, statistically, I would expect most cases to be filed against SMEs, as statistically they make up the largest number of businesses.

    Better stats like equating number of suits per business type (e.g. 0.2 per SME, vs 0.01 per large/enterprise), would be more informative.

  • Aug 24th, 2017 @ 7:41pm

    Re:

    it's the near-complete lack of evidence that the IP address was involved in infringement at all.

    I don't know, I think they have evidence that the IP address was involved somehow, what they lack is the evidence associating what the IP Address did with the defendant.

    Therefore, my solution is for them to sue the IP Address. List the IP Address itself as the defendant and try to seek redress from the IP Address.

    I mean, that's how civil asset forfeiture works isn't it? You sue the property itself, not the owner. Therefore they should be suing the IP Address.

  • Aug 24th, 2017 @ 5:27pm

    Re: Re:

    I disagree.

    Lawyers do not bring law suits, plaintiffs do.

    If a lawyer tenders their expert advice that the case is a loser, and that their client might have to pay the legal fees of the defense, but their client wishes to proceed anyway, why would they decline?

    The plaintiff has the right to be heard, has a right to bring even frivolous cases before the court, and has the right to be smacked down by the court for bringing a frivolous case.

    As long as their lawyers advice is sound and realistic, then the lawyer is not at fault if a plaintiff decides to ignore the legal advice and proceed to court.

    But, if the lawyer doesn't advance the likelihood of losing, of having to pay the defendants fees, then the lawyer should be sanctioned.

  • Aug 13th, 2017 @ 7:10pm

    Re:

    At one time, many of the various publishers and journals were independent organisations. So it wasn't as much an issue during the 19th and early half of the 20th century, when most of these journals got established and became the 'key' or go-to publisher.

    But in the latter quarter of last century, and so far this century, there has been much consolidation in ownership, with Elsevier gradually buying up the journals and becoming a monopoly or near-monopoly publisher of often well-established, prestigious journals.

    It has been hard for many of these tradition-bound universities and research institutions to wean themselves away from, in some cases, century-old prestigious journals.

  • Aug 9th, 2017 @ 8:36pm

    This will be interesting to watch

    I don't and haven't used Hotspot Shield VPN, never even been to their website. However, on another article on this issue (on ars), there is a user comment:

    It says right in the TOS that they might inject ads or redirect certain sites to interstitials in order to make revenue.

    Now if this is true, it will be interesting to see how this plays out with respect to TOS and other various agreements, which ones take priority and so on.

    Another thing worth considering, is that Hotspot has both a free and paid for service. Which conditions apply to which services? Do the various quotes in this article about the companies statements about not logging, not passing on information etc. apply to only the paid service and not the free service, or does it apply to both?

    I can see it being that free version has the above TOS, where they will inject stuff, and that the privacy protections only apply to the paid version and the above TOS doesn't.

    So it could be a case of confusion, people applying paid-for-terms/statements to the free service, or it could be they are completely dodgy...

  • Aug 9th, 2017 @ 5:49pm

    Re: Re:

    Most people would probably love if they could go to one place and pick and choose the "channels" they want.

    There is, if you are willing to come to the Dark Side, muhahahaha.

    If you do have several subscription services, the tools developed for the pirating community, that can go out to various different services (different torrent sites, different netnews sites, etc.), and pull it all back for you, aggregating it to your own local single end-point, offer a much superior service to accessing the various subscription services. Sad, isn't it?

  • Aug 9th, 2017 @ 5:32pm

    Re: Can't fix stupid

    This security flaw is so simple, so obvious, that no competent developer would have ever done it that way in the first place.

    This is what happens when the people who come up with the idea, who don't have any real development experience, decide to implement it themselves, or get someone from fiver, rather than hire actual experienced developers.

    How hard can it be? they think. There are heaps of templates out there on the hosting services that do this stuff, let's use one of those, follow the bouncing ball to create a website. And since I'm already being cheap, I'll choose the cheapest, simplest template to use - hey, that one'll do, it was last updated 15 years ago, it's even free, must be good since it hasn't needed any updates! It doesn't matter that I've got no idea what it's actually doing behind the scenes, how it works.

  • Aug 9th, 2017 @ 5:19pm

    Re: Re: Re:

    The problem is Becki who runs the social media has no business trying to understand the problem & deciding if it should go up the tree.

    The whole point of having senior co-workers, supervisors, managers, bosses is to have someone to pass a problem on to that you don't understand. You don't need to decide to pass it on. If Becki doesn't understand or have doubts, she should do it without thinking.

    It doesn't take much training to say "if you get a complaint/incident that has any of the words security, hack, accessing other users information, privacy concerns, holes, I can do something I don't think I should be able to or other similar terms, you escalate it." You don't need to understand it if you are low-level customer service, just pass it on to someone more senior for them to assess it. Customer service deals with and handles routine queries and issues - forgotten password, how do i do ..., what benefits does this option give me, how much discount do i get, and so on. Anything outside that should be passed up the tree, because that's what a tree (or pyramid) structure is for.

More comments from Eldakka >>