TKnarr’s Techdirt Profile

tknarr

About TKnarr




TKnarr’s Comments comment rss

  • Aug 18th, 2016 @ 3:48pm

    Re: Re:

    Oh gods, if only. No, but it does include things like "The text can be in any character set, in fact different sections of text can be in different character sets. There is no place in the data to indicate which character set.".

  • Aug 18th, 2016 @ 12:09pm

    (untitled comment)

    Unfortunately Paypal may not have any alternatives. They're required by law to check against the government's OFAC lists, and if the query returns a match they're required to red-flag the transaction. OFAC controls the algorithm used to match names against the list, and you aren't allowed to ignore a "match" result regardless of why you think it matched. OFAC's lists are of course murky at best, typically out-of-date because of lag updating data, and prone to false matches, but the payment agency's not permitted to take that into account and OFAC doesn't care because they aren't held responsible or liable for the errors. (Yes, I've had to write code to handle OFAC queries per regulations. No, it's not as bad as you think. It's worse.)

    The only way that'll change is if consumers start lighting fires under the politicians over the issue of rules that do more harm than good but are defended by ignoring the harm done.

  • Jul 21st, 2016 @ 5:17pm

    (untitled comment)

    Seems like it should be possible to argue on appeal that the 3rd-party doctrine doesn't apply because the appellant didn't release the information to a third party. It was only released to the third party by the officer, and the police should have a harder time arguing that they had the right to release the appellant's private information to a third party without appellant's consent than that they merely had probable cause to search the phone.

  • Jul 15th, 2016 @ 7:14pm

    Re: Pirated APKs can contain malware

    This is very likely. Mobile malware's a big hot-button issue at the moment, and the single biggest way mobile users acquire it's by installing software from sources other than the official stores (ie. third-party stores or side-loading).

  • Jun 20th, 2016 @ 12:10pm

    We've heard this before

    "Papers, please."

  • Jun 9th, 2016 @ 2:26pm

    Re: Re: Re: Re:

    The newspaper can't go out and collect all the papers already distributed, but it certainly can cancel the ad (regardless of whether there's additional time left on the purchase) and not publish it in any more copies of the paper it prints. Just as the forum can't remove any saved copies but certainly can remove the post so it won't appear in the future. No liability attaches to that removal, the site can't be sued for taking down the post in response to the court order.

  • Jun 9th, 2016 @ 1:37pm

    Re:

    No, he couldn't. At least not in the general case. To order something like that, he'd have to have found the parking lot in gross violation of local codes resulting in the lot being a significant cause of the argument, but the likely ruling in that case would be that the plaintiff would have to add the store as a defendant first and then the court could address the claim.

    The only way your scenario could realistically come about is if the judge found that the local codes required or encouraged a parking lot design that directly contributed to arguments in a way that wasn't lawfully allowed and ordered the locality to change it's codes to remove the unlawful aspect. The store'd then have to rebuild the parking lot to comply with the new local codes as a result, but that wouldn't as far as the law is concerned be directly connected to that case.

  • Jun 9th, 2016 @ 1:30pm

    Re: Re:

    Except it doesn't lead to any liability for any action of the user. It's exactly the same situation as if someone had taken out a defamatory ad in a newspaper and the judge, after finding for the plaintiff, ordered the ad taken down. The newspaper may suffer penalties if it refuses to comply with the order, but that's liability for it's own action (refusing to comply with the order), not for anything the defendant did (having the defamatory ad run).

    There's certainly a long string of cases saying you can't sue the site to get the material taken down, but that's a different question from having the site take the material down after the poster's been sued and the plaintiff won a ruling in their favor.

  • Jun 9th, 2016 @ 12:24pm

    (untitled comment)

    Section 230 wasn't designed to allow an online forum to avoid obeying a court order, it was designed to force a plaintiff to go after the actual author of the material rather than the online forum. The plaintiff did so in this case. And it won according to the rules set by the court. It may be a win on a technicality by our standards, but the defendant had notice of the suit and declined to contest it so the win is valid (unlike the cases where the plaintiff tries to get a judgment without ever identifying or serving the actual defendant). Section 230's over and done with. Now the question is whether the court has the authority to order defamatory material removed, which there's no argument it does. The only question Yelp can raise is whether the court should properly first order the defendant to remove the material and only order Yelp to remove it for him if he doesn't comply. If you look back at case law, there's a long string of decisions saying that yes the courts can order a non-party to remove (to the best of their ability) material that's been found to be defamatory by the court. Section 230 doesn't (and doesn't appear from the legislative history to be intended to) exempt online forums from that, only from being the target of the defamation suit in the first place.

  • Jun 7th, 2016 @ 10:01pm

    Re: Amazement

    Someone wrote a proof-of-concept prototype to demonstrate it could be done, and some marketing type started selling it as if it were a production-ready product.

  • Jun 7th, 2016 @ 7:11pm

    The devices are pretty much feature-complete

    That's the basic problem: the devices Nest is making were already feature-complete before they started. Thermostats, light bulbs, surveillance cameras, they all have decades of refinement behind them already. Their functions are basic enough that there really isn't a lot of room for enhancement there. IoT can add control and reporting features (think lights and appliances or even outlets that can report power use in real-time, allowing you to see exactly how much power your home's using and where it's going) but things like a learning thermostat are easier to do with a controllable dumb thermostat and a process on a central controller that adjusts the settings. Combine that with an erroneous emphasis on "the cloud" and vendor lock-in and you've got a recipe for collapse.

  • Apr 27th, 2016 @ 1:48pm

    Another way to read that last part

    "Confidential Information" means data that is protected from disclosure on a computer, computer program, computer system or computer network and that the computer, computer program, computer system or computer network does not transmit or disclose unless initiated by the owner of such computer, computer program, computer system or computer network.


    Another way of reading that is that if the computer transmits the data when someone other than the owner merely requests it, the data fails the bolded part of the paragraph and because of that is not considered "confidential information".

  • Apr 25th, 2016 @ 11:53am

    Re:

    It's more physically intrusive, but it avoids revealing the data on the phone which is what the courts consider private.

  • Apr 15th, 2016 @ 8:30pm

    Re: Re:

    People like you are disgusting. What fucking fairy-tale land do you live in that makes you think that any government agency or a single member of that agency would not fuck you over sideways just because they might get caught? Just what makes you think that just because it is government that they have no reason to use their power to even screw with you as a joke?

    Did you think before ranting? You're maybe right about an individual IRS agent, but we aren't talking about individual IRS agents dealing with individual returns here. We're talking about an automated system handling a huge number of the simplest returns there are (the people who can file 1040EZ, basically). To do what you suggest involves not just one person but a joint effort between likely hundreds of developers, QA people and managers in the IT division who have no contact with taxpayers and no direct involvement in the actual processing of returns. If they targeted more than a small handful of taxpayers, it's virtually certain the systematic errors would be uncovered and an investigation begun by yet another group independent of the first. At that point even a single member of the first group (who doesn't even have to be involved in the deal themselves, just know about it) deciding to not endanger their career by lying and the whole scheme unravels. Maybe they wouldn't end up in jail, or even paying fines, but their careers would be over.

    And these are returns with no wiggle room in them. A complicated return from someone pulling in 6- and 7-digit sums from multiple companies of various sorts, with investments and all sorts of other exotic forms in their return, you can make plausible arguments before the judge for thousands of dollars in variation in the tax liability. That kind of return it's easy for an IRS agent to gouge a taxpayer. But a 1040EZ? The taxpayer or his tax preparer can nail down the tax liability to within a couple of dollars tops documented with paperwork whose numbers can't be argued with since they didn't originate with the taxpayer. They try to gouge the taxpayer, they lose the moment it gets appealed (and the appeal is trivial to do, you have to be brain-dead to screw up the form). They'll have pissed off their supervisor big-time, gross stupidity in public never looks good on your evaluation form plus the supervisor now has to actually do something about them because of said gross stupidity. And if your tax preparer's like the one I had, they'll end up personally paying every penny of your expenses plus hefty punitive damages plus a hefty fine. If they're lucky. If not, they'll wish they were just inventorying every single page of tax records the IRS has, all the way back to when it was formed, with no tools other than a Crayola crayon and a 3x5 index card. The one thing bureaucrats hate most is a subordinate who's stupid enough to get caught breaking the rules in so public a manner that it can't be swept under the rug.

    And all this for what? The chance to gain less than what they could gain in a month by jumping ship to the private sector? No, anybody stupid enough to try this wouldn't be able to get the code through the compiler let alone past the QA department.

  • Apr 15th, 2016 @ 2:44pm

    (untitled comment)

    The idea that the IRS would overcharge people is... well, in itself it's plausible. Whether through simple incompetence or malicious intent, we've seen enough out of government agencies to know it's not beyond the realm of possibility. But the IRS is providing all their figures to the taxpayer, who themselves have their own copies of the records and can do the math (or have it done for them) to double-check the IRS's calculations. The IRS might over-charge, but in no way would they get away with doing it on any scale at all without getting caught at it. Even the IRS knows this, it's exactly how they catch tax cheats. So why would they try in the first place, and how would they avoid being caught if they did try?

  • Apr 13th, 2016 @ 11:45am

    Re: Re: Re:

    Or who don't get the exotic math well enough to catch the effects of a change, eg. the NSA's "tweaks" to the prime256v1, secp384r1 and secp521r1 curves for the elliptic-curve algorithms in OpenSSL.

  • Apr 13th, 2016 @ 10:16am

    Re:

    How? To take OpenSSL as an example, by putting a competent developer in a position to contribute useful patches. After a couple of years his work'll pretty much be accepted as-is unless a bug points to his code. Then he can slip in non-obvious weaknesses at strategic points that make the channel vulnerable (at least to anyone with the NSA's resources).

    Why? Well, if you've compromised OpenSSL you pretty much have open access to all encrypted communications on the Web and in email. Almost everything that does SSL/TLS uses the OpenSSL library for it, and you know exactly what weakness was introduced and how to attack it.

    See also Reflections on Trusting Trust, Ken Thompson, 1984.

  • Apr 9th, 2016 @ 2:42am

    Re: Re: Re:

    So, Northland Family Planning Clinics v. Center for Bio-Ethical Reform, 2012 didn't happen? Nor did 4 Navy SEALS v. Associated Press, 2005? Nor did Savage v. CAIR, 2009? All of those cases were cited in the article, and in all of them it was the side favoring copyright making the argument that you didn't need to explicitly copy to infringe and that even what we'd normally consider fair use required permission from the copyright holder.

    Yes, my position's anti-copyright, or at least anti-"copyright as interpreted by the copyright holders". But if it's bullcrap, you'd best look at where it's coming from because it's not mine, I'm simply citing actual statements and actions by the pro-copyright side as to how they want copyright to be interpreted. If it's bullcrap, it's pro-copyright bullcrap because that's who spewed it. I just pointed out the reeking pile they dumped.

  • Apr 8th, 2016 @ 9:47pm

    Re:

    But if you discuss the policy statements of a politician you disagree with, aren't you in at least some way sharing his statements with the world without his express permission? That's where the copyright-extremist viewpoint leads us, to a world where it's illegal to discuss anything anyone else said or did without getting their permission first. It leads us to a world where you can't view a Web page without the creator's permission (because your browser doesn't display the Web page, it displays a copy of the Web page that it had made and downloaded).

    It leads us to a world where you're free to have an opinion, you just can't say anything about what led you to form that opinion or to back it up with facts that you believe support it (because all of that involves someone else's speech).

  • Apr 8th, 2016 @ 11:36am

    Re: Re: Re: Fun

    It's not that hard to get a license to run a brothel. Worlds easier than a gaming license. But by your statements, one would expect lots of illegal prostitution. I lived there, I worked jobs where if there was illegal prostitution I'd've seen a parade of it going by, I even knew several of the brothel owners and a lot of the working girls (through the local Appaloosa and quarter-horse clubs, archery shoots and such), and it simply isn't that common outside the Vegas, and to a lesser degree Reno, area. Even the ranch hands and miners I knew wouldn't trust any girl who wasn't working at one of the houses, just too much risk for not enough savings. Yes you're going to pay a couple hundred bucks minimum at the brothel, but in Vegas the going rate starts at twice that and goes up fast and Reno isn't any cheaper so even out in the sticks you aren't going to be able to find non-professional girls any cheaper than at the houses (if you can find any at all, if none of the degenerate reprobates I knew could find them I don't think anyone can).

More comments from TKnarr >>