Arthur Moore’s Techdirt Profile

emperorarthur

About Arthur Moore




Arthur Moore’s Comments comment rss

  • Jun 14th, 2017 @ 9:30pm

    Re:

    EU laws may require

    This is going to bite them so hard. The moment it's an EU citizens data in question Google is going to face massive EU fines. Except, if they don't comply they're in contempt in the US.

    This is exactly the reason why Microsoft has refused to turn over the data. They know that the moment they do so the EU will burn them alive.

  • Jun 13th, 2017 @ 6:49pm

    Re:

    A prosecutor would have a case against Tumblr. A random citizen, not so much.

  • Jun 2nd, 2017 @ 11:52am

    Japan

    When it comes to being racist and blocking immigration, look no further than Japan.

    They have major problems with birth rate, and an aging population. However, "no gaijin" is a common thing that westerners hear if they go into even the wrong restaurant in the multicultural areas.

    Japan is hoping for a robotic revolution, because they aren't allowing people in.

  • May 24th, 2017 @ 2:17pm

    An issue that will probably be fixed

    The ability for websites to determine if a browser is running in private browsing mode is a concern in general.

    My bet is Mozilla and (maybe) the Chromium team will work on preventing this sort of detection in the future.

  • May 3rd, 2017 @ 7:35am

    Re: You gotta love that "contract"

    Oh, that contract was extremely valuable. It let the company stall for quite a while.

    The original deadline was Dec 31, and it's already May. Early leaks become less valuable the closer the media is to public release, especially if there's more work to be done by the production company.

    Also, all this communication they had with the hackers would probably be extremely useful to law enforcement.

  • Apr 3rd, 2017 @ 1:15pm

    Does Vice still have it

    Barring an appeal to the Supreme Court, the RCMP will get their man['s communications]

    Serious question. Does Vice media still have those communications? If they turn anything over, they can consider themselves done in comparison to other organizations. Plus, the whole journalistic ethics thing.

    Given all that, I wouldn't be surprised if they've already destroyed everything.

  • Mar 21st, 2017 @ 11:22am

    Pilots not exempt!

    Fun fact. These days pilots use iPads instead of a 50lb bag of paper charts. Nothing in the current instructions exempts those pilots. While it obviously means airlines and package services (UPS, FedEx) can't fly their pilots out to these places it's actually even worse.

    If the affected airline's own pilots are exempted they will have to start carrying that extra 50lb bag, and go back to old paper charts. So, best case is pilots considering US trips to be crap duty. Worst case is the latest paper charts haven't been sent to the pilots, so they just can't fly the route. There are in between options, but that's a best/worst case scenario if pilots tools are actually banned.

  • Mar 1st, 2017 @ 4:58am

    Re: How to win with such a team...

    Another option is to limit certain voting choices. So, the coach says here's 3 or 5 choices we think will work. Pick one.

    People get points when they pick correctly. That plays in with the possible weighting system, and lets people have a personal score.

    The tricky part is defining what gives points. A goal is obvious, but maybe number of yards traveled?

  • Feb 28th, 2017 @ 11:00am

    Question

    Quick question. Many countries have additional privacy requirements for minors. What's the likelihood that this company is now in breach?

  • Feb 6th, 2017 @ 1:32pm

    USPS

    The USPS can open your mail! Under certain circumstances at least. I haven't been able to find too many articles discussing the issue, but here's one: http://www.rstreet.org/2014/11/19/yes-the-government-can-open-your-mail-without-a-warrant/

  • Feb 6th, 2017 @ 10:24am

    Re: Re: Filing Cabinets

    See my post about distributed filing systems for more information. My analogy was just that, and isn't perfect.

    The problem with this ruling is it's forcing Google to make huge technical changes to their infrastructure. I'm talking Billions of dollars worth here. At best, Google can spend a couple million to put in hacks and treat the person under investigation as a special snowflake. Except, if those hacks do involve moving data out of say the EU, then Google just broke EU law. Especially since, everyone but this judge believes ordering Google to move things so the Feds can get it is a seizure.

    Even ignoring the dubious international legality, the US really doesn't want to be known for having courts that can force company's to completely restructure their internal organization on a whim. The cost to implement the court order means this will be fought as long as possible. If Google loses, then this is additional (not codified) regulation international companies will be wary of when dealing with US markets.

  • Feb 6th, 2017 @ 10:10am

    Distributed File Systems

    I wouldn't be so sure of that.

    Google is a major contributor to distributed file system development. These are things that look like one "disk" to anyone accessing it, but are based on man hard drives running on many different computers.

    These systems are "intelligent". So if I were in Japan, it would see that and slowly move my data over to an Asian data center. Because, that way I'm not waiting for signals to travel halfway across the world and back again every time I want to read an E-mail.

    Here's a more likely example: Someone in Japan sends me (in the US) an E-mail. Google recieves that E-mail at their Asian data center, but knows I'm in the US. So, whenever I read that E-mail, or if the US data center has extra space and Google have spare bandwidth, Google will transfer it over to the US.

    Managing such a system has to be a huge effort. To find where a specific file is, they have to: find all the data blocks, map those blocks to actual disks/machines, and find out where those machines are. The best part is there are multiple copies of each block, so if a machine dies it doesn't take data with it. Then, 5 minutes later the system could shift and move all that data overseas.

    The tools just aren't designed to say that this file must be on this machine. The way Google dealt with China was just setting up an entirely separate network. That is why orders like this, or the possibility of the EU requiring all data to be stored within it's borders scares Google so much. They'd go from one distributed fault tolerant network, to a bunch of small vulnerable networks.

  • Feb 6th, 2017 @ 9:52am

    Filing Cabinets

    The best way to think about this is if Microsoft and Google were letter carriers that store copies in filing cabinets.

    Microsoft keeps their letters all in one place per client. Meanwhile, Google says shipping is cheap and puts the letters wherever they have free space. The court order is telling google to ship the letters to the US so the FBI can then seize it.

    If the filing cabinets are in the US, then the US can easily get to them. If they're in a foreign country, then you need a foreign country's permission to get to their filing cabinets. Countries don't take it lightly when foreigners raid their businesses. It's that whole sovereign nation thing.

    The only time this analogy breaks down is in the US you don't actually need a warrant to get old E-Mails. As far as US law is concerned, if those E-Mails have been sitting in the filing cabinets for long enough they're considered "abandoned." Microsoft and Google aren't exactly going to say that the US can do this though. In addition to the business loss, widely publicizing this government over reach jeopardizes multiple treaties these companies rely on.

  • Jan 25th, 2017 @ 3:09pm

    Re: "Filing cabinet"

    Nope, they'd need an Irish search warrant. It's private customer communications, that are protected by EU law.

    The interesting part about this case is that the EU and US have procedures especially designed for just that scenario. Except, in the US E-Mails are considered "abandoned" after a time so they don't need a warrant to force MS to turn them over. The EU and most of the world see this as crazy, and want to see actual probable cause first.

    Yes, I realize the US law that declares E-Mail to be "abandoned" seems to violates the 4th amendment. Funnily enough, US law enforcement doesn't really care about that...

  • Jan 25th, 2017 @ 12:59pm

    Re:

    > They report to DC government

    Umm, you know that Congress is the DC government right? Every single thing a normal city council or state legislature does is handled by congress.

    The best part is, DC doesn't even get a vote. If you live in DC you don't even get to vote in the US presidential elections. There's a reason why Washington DC has license plates saying "Taxation without representation." It's not a joke, it's a sad reality.

  • Jan 25th, 2017 @ 12:53pm

    Much worse than that

    > If Microsoft were to lose this fight they'd lose much of their overseas cloud hosting business.

    It's much worse than that. Currently most country's (including the EU*) laws lets US companies do business as long as they keep data in country. If Microsoft lost this fight it would be a perfect excuse to kick all US companies out.

    Keep in mind, that cording to Irish/EU data privacy laws Microsoft can not legally share that data with law enforcement without an Irish warrant. Meaning, the US is trying to force Microsoft to violate Irish/EU law.

    *EU has a data sharing agreement that says US companies can keep EU data in the US, but if this court decision went the other way it would probably have been canceled.

  • Jan 23rd, 2017 @ 11:45pm

    Re: If that device breaks and needs replacing at some point, are those emails forever unrecoverable?

    No, because the SSL key is separate from E-Mail encryption.

    SSL keys are used to secure communication between machines. In the case of encrypted E-Mail that's the "To" "From" and "Subject" fields that aren't encrypted. So, the metadata.

    The thing about SSL keys is that they prove that a site is who it says it is. They're the reason we trust the green lock icon in our browser. If a website lost one, they could just get another. It would be a bit of a hassle, but isn't too big of a deal.

    We only worry when an adversary has those keys. Then they can sniff traffic, or even pretend to be the website to get the e-mail encryption key.

  • Jan 12th, 2017 @ 8:14am

    Re: When do pc techs become mandated reporters?

    Whenever they find Child Porn. Just like doctors must inform law enforcement about people who they believe are going to commit self harm, or harm others.

    They're regulations that make sense, but have some nasty side effects. Someone's feeling suicidal and goes to get help. Hope they like being naked in prison, while not being allowed to sleep.

  • Jan 12th, 2017 @ 8:08am

    Re: What has Best Buy had to say about all this?

    That they cooperate with law enforcement as legally required, but don't hire informants.

    At the least I expect them to fire the employee. I also expect them to try whatever legal wrangling they can to ferret out all the other informants and fire them as well.

    It's a huge black eye to the company. They've always been known to be scummy as far as pricing and diagnosing issues goes. If they're also associated with the FBI to this extent they may lose even more business.

    On a minor side note, if the informant's name's been revealed I doubt he'll be able to get work in a technical field outside of law enforcement or government contractor.

  • Dec 21st, 2016 @ 2:05pm

    Re: Re: Surveillance is the biggest threat to security

    The problem is that costs money.

    Plus, the embedded and process control people are still new to this whole "security" thing. Stuxnet and the IOT security disaster should be proof enough of that.

    No really, I'll bet you good money that if you go to any large plant or refinery and hook into a data bus you'll see large amounts of un-encrypted traffic. That's the data keeping machines and tanks from exploding.

More comments from Arthur Moore >>