Arthur Moore 's Techdirt Comments

Latest Comments (189) comment rss

  • On the post: Court Documents Appear To Confirm The FBI Is Using Best Buy Techs To Perform Warrantless Searches For It

    Arthur Moore ( profile ), 12 Jan, 2017 @ 08:14am

    Re: When do pc techs become mandated reporters?

    Whenever they find Child Porn. Just like doctors must inform law enforcement about people who they believe are going to commit self harm, or harm others.

    They're regulations that make sense, but have some nasty side effects. Someone's feeling suicidal and goes to get help. Hope they like being naked in prison, while not being allowed to sleep.

  • On the post: Court Documents Appear To Confirm The FBI Is Using Best Buy Techs To Perform Warrantless Searches For It

    Arthur Moore ( profile ), 12 Jan, 2017 @ 08:08am

    Re: What has Best Buy had to say about all this?

    That they cooperate with law enforcement as legally required, but don't hire informants.

    At the least I expect them to fire the employee. I also expect them to try whatever legal wrangling they can to ferret out all the other informants and fire them as well.

    It's a huge black eye to the company. They've always been known to be scummy as far as pricing and diagnosing issues goes. If they're also associated with the FBI to this extent they may lose even more business.

    On a minor side note, if the informant's name's been revealed I doubt he'll be able to get work in a technical field outside of law enforcement or government contractor.

  • On the post: European Information Security Advisory Says Mandating Encryption Backdoors Will Just Make Everything Worse

    Arthur Moore ( profile ), 21 Dec, 2016 @ 02:05pm

    Re: Re: Surveillance is the biggest threat to security

    The problem is that costs money.

    Plus, the embedded and process control people are still new to this whole "security" thing. Stuxnet and the IOT security disaster should be proof enough of that.

    No really, I'll bet you good money that if you go to any large plant or refinery and hook into a data bus you'll see large amounts of un-encrypted traffic. That's the data keeping machines and tanks from exploding.

  • On the post: Court Says Abandoned Phone Locked With A Passcode Still Has Expectation Of Privacy

    Arthur Moore ( profile ), 21 Dec, 2016 @ 01:54pm

    Re:

    Where's the sad but true vote option.

  • On the post: European Court Of Justice Rules Against UK's Mass Surveillance Program

    Arthur Moore ( profile ), 21 Dec, 2016 @ 01:10pm

    It still matters

    Even with brexit it still matters. The EU has been pretty strong in claiming that want to protect their citizens privacy.[1] Especially from foreign actors.

    If brexit does happen I fully expect banking regulations reinforcing the EUs privacy requirement. All the banks would then be required to move their servers to a country with more privacy protections.

    It would be a huge FU to the UK, for obvious reasons. Heck it might happen anyways if the UK appeal loses and they don't repeal the law.


    [1]If I remember what Germany's doing correctly, also pretty hypocritical too. Everyone here at TD knows what can be done with "just metadata".

  • On the post: Why Does It Still Take Press Attention For Comcast To Fix Obvious Screw Ups?

    Arthur Moore ( profile ), 20 Dec, 2016 @ 01:07pm

    Re: Re: Re: Government idiocy

    Example, the Telephone poles and the underground pipes that handle the cabling are public property.

    Umm, the entire fight about the one touch make ready legislation is the telephone poles are not public property. They are owned by the telcos. Who make it as difficult as possible for a potential competitor to use them.

    If you're suggesting that the government should use eminent domain to forcibly purchase vital public resources to allow competition, then I agree. Combine that with one touch make ready rules and competition becomes possible.

  • On the post: Coinbase User (Also, Class Action Lawyer) Files To Intervene In Case Where IRS Wants Info On All Coinbase Users

    Arthur Moore ( profile ), 15 Dec, 2016 @ 02:37pm

    Re: Re:

    But, do you want to have the government get access to the birth certificate you have stored in your bank safe deposit box because someone who rents one on the other side of the vault MIGHT be storing marijuana in it?

    Perfect analogy of what they're asking for.

  • On the post: Researchers Find Vulnerability That Enables Accounting Fraud, PwC Decides The Best Response Is A Legal Threat

    Arthur Moore ( profile ), 13 Dec, 2016 @ 11:25am

    PwC Screaming "Hack Me"

    If I were a company using one of these products I'd be rather unhappy.

    Businesses, especially ones large enough to have this software, tend like stability and abhor risk. Especially in core infrastructure.

    It's why they're willing to pay so much money to Oracle for something that free products do just as well. Corporate inertia means they're not willing to face the possibility of breakage when moving to a new back end.

    PwC is relying on their products being so complicated and integral to companies that no one will switch. Unfortunately, they're probably correct. However, this may prevent new businesses from using their software. Plus, companies will implement stopgap measures, like stopping using the fancy features of the software that requires extra connectivity. Not a good way to keep customers in the long run.

    The trick is to explain to the CFO that hacks to such a system don't just mean theft. If they understand that an SAP system hack means potential securities fraud they start paying attention.

  • On the post: Akamai: 12-Year-Old SSH Vulnerability Fueling Internet-Of-Broken-Things DDoS Attacks, And Worse

    Arthur Moore ( profile ), 19 Oct, 2016 @ 01:11am

    Re: I'm confused

    See my previous comment. These devices are meant to be used by smartphones away from home, but the manufacturers don't want to pay for infrastructure. Home routers have a feature, called UPNP, to allow devices to punch through the Network Address Translation (NAT) layer and become accessible to the public internet. These devices use that feature. Turning off UPNP will not protect you if someone is close to your house in person, but will prevent the attacks talked about in the article.

  • On the post: Akamai: 12-Year-Old SSH Vulnerability Fueling Internet-Of-Broken-Things DDoS Attacks, And Worse

    Arthur Moore ( profile ), 18 Oct, 2016 @ 10:31pm

    Re: Why are all these devices directly on Internet?

    Because it's cheaper. Here's what the camera makers are doing at least:

    1. Auto register with a dynamic DNS provider. Giving the home network a stable address.
    2. Use UPNP to expose themselves to the internet.
    3. Practically shout that dynamic DNS address to any listening device on the local network.
    Now you can easily check your cheap WiFi camera from the smartphone app anywhere. All you need to do is run the app once while connected to the local network. The alternative is persistent connections and the vendor having to gasp actually maintain some infrastructure.

  • On the post: Akamai: 12-Year-Old SSH Vulnerability Fueling Internet-Of-Broken-Things DDoS Attacks, And Worse

    Arthur Moore ( profile ), 18 Oct, 2016 @ 09:17pm

    Random Default Passwords

    The worst part is most of the problem isn't even unpatched security vulnerabilities, it's default passwords.

    Many router manufacturers have at least gotten the message and burn a random default password into the rom. It goes on a sticker right next to the serial number.

    Sure, there are plenty of other vulnerabilities in these devices that will never be patched, but using a random password should cut out most of the malicious activity we see today.

  • On the post: Government Seeks Do-Over On Win For Microsoft And Its Overseas Data

    Arthur Moore ( profile ), 17 Oct, 2016 @ 03:46pm

    Re: Mutual Legal Asistance Treaties?

    It's actually worse than that. The EU has, historically, relaxed it's privacy protections when dealing with US companies. The NSA leaks have caused them to now lean towards a "all EU data must be on EU soil" policy.

    The big problem with this lawsuit is the data is on EU soil, but the US wants access to it without going through the EU. If the US wins the EU may go one step further and everything to be under the control of an EU company. A company that the US can not compel to divulge data.

    This actually wouldn't be too big of a deal for Microsoft and other big companies. Sure it wouldn't be easy, but they'd basically set up subsidiaries in the EU to deal with it. The problem is any US company that stores user data would be required to have an EU subsidiary with at least one employee. Not exactly easy for things like a one man startup.

  • On the post: Remember When Cracking Groups Said Denuvo Would End Game Piracy? Yeah, Didn't Happen

    Arthur Moore ( profile ), 27 Aug, 2016 @ 03:57am

    Re: value

    https://store.na.square-enix.com/product/289213/deus-ex-mankind-divided-collector-s-edition-pc

    Yeah, the normal game costs $60. The collectors edition costs $140. I'll grant you that I really want that sucker, but it's a hard buy at that price point.

    Minkind Divided also has microtransactions. Heck, one of the key issues people have is the in game digital goodies are gone after being collected. Start a new game and you have to buy them over again, with real money.

  • On the post: Germany Interior Minister Pushing For Deployment Of Facial Recognition Software In Public Areas

    Arthur Moore ( profile ), 26 Aug, 2016 @ 01:42am

    Re: "For the Fatherla- I mean National Security!"

    Umm, many US court houses have at least some of that. Honestly, first you see these things in airports, then you see them in government buildings.

    Keep in mind that legislators only complain when the other person is in charge. When they're on top they aren't concerned.

  • On the post: Australia's Census Fail Goes Into Overdrive — A Complete And Utter Debacle

    Arthur Moore ( profile ), 11 Aug, 2016 @ 11:14am

    Forbes Warning

    Hello,

    Would it be possible to mark all links to Forbes and other Ad-Blocker unfriendly websites with some sort of warning?

    I appreciate that you can't always steer clear of those websites, but feel that we as a community should take pro-active measures to discourage annoying behavior.

    Sincerely,
    Arthur

  • On the post: Kickass Torrents Asks Justice Department To Drop Case

    Arthur Moore ( profile ), 09 Aug, 2016 @ 11:03am

    Re: Re: They can lose to win

    until the court imposes a trial bond


    Yeah, those don't exist in the US.

  • On the post: Chile's New Copyright Legislation Would Make Creative Commons Licensing Impossible For Audiovisual Works

    Arthur Moore ( profile ), 20 May, 2016 @ 04:27pm

    Re: a blanket and rope tied to four corners does wonders.

    I saw this in Rome. A patrol would come through and the vendors would all grab everything. When the police were gone everything was back in place. It's so strange to us country folks. I've lived in a city of 300k people, and street vendors were the exception not the rule.

  • On the post: Subtle: Iraq Flips The Internet Switch For 3 Hours To Combat Cheating Students And Corrupted Teachers

    Arthur Moore ( profile ), 18 May, 2016 @ 04:55pm

    Re: A Common Sense Solid Solution.

    Fun fact, blocking wifi can and will result in large fines and/or a jail sentence in the US. Actually, any radio jammer will. Even federal prison's aren't immune to this.

    Schools, movie theaters, prisons, etc... can always turn the rooms or buildings into a large Faraday cage, but in a shocking surprise teachers, guards, etc... like/need having cell phones or radios.

  • On the post: German Court Insults Free Speech, Bans Comedian From Mocking Turkish President

    Arthur Moore ( profile ), 18 May, 2016 @ 12:50pm

    Re: But it is the LAW!

    Germany doesn't have the 1st Amendment, but they are part of the EU, which has some free speech protections.

    It is the primary duty of every US judge to determine if a law is in compliance with the constitution. This was deliberately set up as a check and balance to prevent a simple majority from becoming tyrannical.

    From things like this it certainly looks like German judges don't have that ability.

  • On the post: Bad News: Two-Factor Authentication Pioneer YubiKey Drops Open Source PGP For Proprietary Version

    Arthur Moore ( profile ), 16 May, 2016 @ 09:41pm

    Alternatives?

    I was going to buy one of these, but not with that attitude.

    Can anyone recommend a good competitor? I'm in need of something like the nano as a PGP keystore for my laptop. It needs the standard features, wipe on too many bad attempts, and anti-tamper protection.

    Youbikey would have worked, but they didn't make it easy. Well, now to do research...

Next >>