Tempes Fugit 's Techdirt Comments

Latest Comments (686) comment rss

  • On the post: Nokia CEO: We Have To Get Rid Of Net Neutrality, Otherwise Self-Driving Cars Will Keep On Crashing Into Each Other

    Tempes Fugit ( profile ), 03 Mar, 2015 @ 08:11am

    Dateline: April 12, 2127

    Rajeev -- now inhabiting his third Kurzweil -- was ushered in and bowed before the Emperor, as was the custom. Scarcely had he finished when the pointed question rang down from the throne: "Why are there delays in my downloads?"

    He stammered and began to answer, "Majesty, because the cars...the cars depend on the neutra--"

    But his response was summarily cut off by the attending member of the Guild -- always present, always listening, always powerful -- who shouted "THE PORN MUST FLOW!"

  • On the post: Gemalto: Ok, Yes, We Were Hacked, And Yes Some SIM Cards May Be Compromised, But Not Because Of Us

    Tempes Fugit ( profile ), 25 Feb, 2015 @ 02:53pm

    So, let's review

    They were hacked by some of the most talented, well-trained, well-equipped, well-practiced people on the planet.

    Okay, pretty much anybody's vulnerable to that.

    They didn't figure it out. They found out after most of five years had gone by.

    Okay, that would probably be the outcome for nearly everyone else too -- if they were lucky.

    And now, in under a week, they've been able to conduct a review of their global business so exhaustive that they're able to draw conclusions about what did and didn't happen, what was copied and what wasn't, which systems were compromised and which weren't.

    That's a rather amazing leap in security expertise and a positively stunning outcome in a ridiculously short time.

    In other words: bullshit.

  • On the post: Thought Komodia/Superfish Bug Was Really, Really Bad? It's Much, Much Worse!

    Tempes Fugit ( profile ), 23 Feb, 2015 @ 01:40pm

    Re:

    Normal people don't think this way.

    Precisely so. We only see this behavior in sociopaths, as in this case or with mass murderers/serial killers, serial rapists, spammers, and other similarly evil people. They don't stop because they can't stop -- and it's rarely, if ever, possible to cure them.

    Mark my words: they'll do this again. It'll be subtler and hidden behind layers of misdirection, but they'll do it again.

  • On the post: Thought Komodia/Superfish Bug Was Really, Really Bad? It's Much, Much Worse!

    Tempes Fugit ( profile ), 23 Feb, 2015 @ 11:39am

    Oh, come now, this isn't so bad

    It's not like they did something really bad, something so destructive and damaging to the privacy and security of millions of people that it required immediate attention from federal law enforcement agencies combined with the threat of aggressive prosecution that could result in decades in prison...something like, oh, I don't know, downloading scientific research papers?

  • On the post: Lenovo In Denial: Insists There's No Security Problem With Superfish — Which Is Very, Very Wrong.

    Tempes Fugit ( profile ), 19 Feb, 2015 @ 12:03pm

    Re: Some Credit

    "There is, at this point, no evidence of active abuse for this vulnerability."

    Which means nothing.

    Think about it for a minute: what, exactly, would that evidence look like? And how would one make a definitive connection from it to Superfish?

    That circumstance isn't an accident. It's called "plausible deniability" and it will enable Lenovo, during the inevitable class-action lawsuit, to claim that observed symptoms X and Y and Z were not caused or enabled by Superfish, but by some other security issue on the affected systems.

  • On the post: Lenovo In Denial: Insists There's No Security Problem With Superfish — Which Is Very, Very Wrong.

    Tempes Fugit ( profile ), 19 Feb, 2015 @ 11:18am

    Isn't it time to cue the prosecutors?

    I mean, if they're not too busy harassing journalists and activists and bullying hackers and researchers, maybe, just this once, they could find the time to go after a corporation that deliberately broke the security of tens of thousands of people (and quite possibly many more: that figure is based on the EFF's report about what their SSL observatory has seen).

    This is a systematic, malicious, intentional large-scale attack, with serious adverse consequences for those affected...unlike, let's say, mass downloading of academic journal articles. So where are those who like to wield the CFAA like a club? When can we expect to see Lenovo executives being dragged out of their offices? How about the indictments, where are those? And can we expect aggressive prosecution with the threat of long prison sentences?

  • On the post: AT&T Says It Will Match Google Fiber's Speed & Pricing, But Only If You Allow AT&T To Spy On You

    Tempes Fugit ( profile ), 17 Feb, 2015 @ 10:29am

    A solution suggests itself

    1. Sign up for AT&T's surveillance package.
    2. Set up VPN for all "real" traffic.
    3. On a spare system that's connected 24x7 and not connected through the VPN, run a Perl script that issues intermittent search queries comprised of terms found on 4chan forums, Twilight fanfic sites, YouPorn, and whatever site is the main one for Bronies. Oh, and Frank Zappa lyrics.
    4. Smile while contemplating how confused the marketroids staring at the data analytics are going to be.

  • On the post: Politician Facing Investigation Tries To Destroy His Emails; Assistant 'Helps Out' By Emailing Order To Other Staffers

    Tempes Fugit ( profile ), 13 Feb, 2015 @ 03:24pm

    Email? Privacy issues? Statutory compliance?

    The obvious move is to call in a well-known expert on these issues: Jeb Bush.

  • On the post: Samsung Ad Injections Perfectly Illustrate Why I Want My 'Smart' TV To Be As Dumb As Possible

    Tempes Fugit ( profile ), 11 Feb, 2015 @ 11:59am

    Re: Samsung has responded

    "Also, there are "currently no plans" to do this "in the near future", which means there are absolutely plans to do this at some point later than the near future."

    Absolutely. Nobody spends the engineering time and money required to implement this functionality unless they intend to use it.

    So now the question must be asked: what else have they installed in those systems? They've already laid proof on the table that they're willing to turn them into audio surveillance endpoints, what's next?

  • On the post: Samsung Ad Injections Perfectly Illustrate Why I Want My 'Smart' TV To Be As Dumb As Possible

    Tempes Fugit ( profile ), 11 Feb, 2015 @ 11:53am

    Re: cars will go through the same backlash

    "god forbid it comes out the NSA is getting their hands on the data from Toyota, Ford, etc."

    Of course they are -- with or without Toyota's/Ford's/etc.'s knowledge and/or consent. Haven't you noticed? The NSA has a rapacious appetite for every data source it can acquire. There is absolutely no reason whatsoever for them to pass this one up.

    If a vehicle can be tracked, it will be tracked.

  • On the post: Samsung's Smart TVs Are Collecting And Storing Your Private Conversations

    Tempes Fugit ( profile ), 09 Feb, 2015 @ 08:12am

    Re:

    Precisely so. The question is not whether these smart TVs and the databases they feed have been hacked: of course they have. The questions are by whom? and how? and when??

    (Note that in the US, it's not even necessary to hack them. A NSL with attached gag order will suffice to cause Samsung to provide a complete feed of everything.)

  • On the post: Internet Comes Through For Developer Of Key Email Encryption Tool

    Tempes Fugit ( profile ), 06 Feb, 2015 @ 09:33am

    Re: Re: Re: Re: It's always been this way

    You're absolutely right. There are many ways to achieve much the same goals without any of these problems. I still wouldn't be thrilled about advertising, but at least then I could grudgingly tolerate it. And you're also right that some of those ways have been discussed here -- and elsewhere. There's no shortage of good ideas in this space; there's a severe shortage of advertisers paying attention to them.

  • On the post: Internet Comes Through For Developer Of Key Email Encryption Tool

    Tempes Fugit ( profile ), 06 Feb, 2015 @ 09:09am

    Re: Re: It's always been this way

    Internet advertisers are filthy parasites: they add zero value and instead "contribute" mass surveillance, malware distribution networks, privacy-destroying tracking, and spam. It's not an exaggeration to say that much of what's wrong with the contemporary Internet can be laid at their feet.

  • On the post: Internet Comes Through For Developer Of Key Email Encryption Tool

    Tempes Fugit ( profile ), 06 Feb, 2015 @ 07:59am

    It's always been this way

    "It really is quite incredible when you realize how much of the internet that you rely on is built by people out of a true labor of love."

    Nearly everything of value on the Internet was built exactly that way. While a few fortunate people have been funded here and there, the majority of formats, standards, protocols and software packages have been put together by people who simply wanted to create something useful and to contribute to the ecosystem. They didn't do it to get rich, or famous, or popular, or anything other than because they perceived a need and tried to satisfy it.

    The people who should be funding this work -- to the tune of billions, not thousands -- are those who have enjoyed incredible financial success as a result of the foundation laid years or decades ago by others. $50K is nice, but it's not even chump change compared to their quarterly profits -- and when assessed in view of the fact that they would not exist as companies were it not for the work of thousands who came before them -- some of whom are still contributing today.

    What this story (and the story of OpenSSL) highlight, is that those laboring in obscurity on critical pieces of Internet infrastructure have had to get by with scraps from the table, while those who've built empires on their work dine magnificently -- and then pretend to be surprised that others are nearly starving. That's wrong.

  • On the post: Intelligence Community's Top Lawyer Endorses Desire For Unicorns, Leprechauns & Golden Keys That Don't Undermine Encryption

    Tempes Fugit ( profile ), 05 Feb, 2015 @ 10:22am

    The proper ending to the sentence

    "I'm not a cryptographer...

    ...so now I'm going to defer to the expertise of people who are."

  • On the post: NYPD Commissioner: Because Terrorism And Protests Are Roughly The Same Thing, A New Special Unit Will Handle Both

    Tempes Fugit ( profile ), 03 Feb, 2015 @ 08:34am

    What could possibly go wrong?

    On August 24, 2012, NYPD officers responded to a live shooter situation at the Empire State Building. The shooter was Jeffrey Johnson; he shot Steven Ercolino and then stood over his body, repeatedly firing into him.

    NYPD officers opened fire on the shooter, and discharged their weapons 16 times. They killed him.

    They also wounded 9 innocent bystanders...one of whom sued the NYPD over it: http://www.reuters.com/article/2013/01/23/us-usa-newyork-nypd-lawsuit-idUSBRE90M17820130123

    So yes, let's issue fully-automatic weapons designed for warfare to the NYPD, let's have them carry them around in one of the most densely-populated and traversed cities in the United States, and let's all rest assured that when (not if) they elect to discharge those weapons that it'll all...just work out. Somehow.

  • On the post: Taiwan Nannies Rule: Parents Can't Decide How Much Time Their Kids Spend With Electronics

    Tempes Fugit ( profile ), 03 Feb, 2015 @ 06:54am

    Kurt Vonnegut nailed this 45 years ago

    when he wrote "Harrison Bergeron": https://en.wikipedia.org/wiki/Harrison_Bergeron

    Handicapper General Diana Moon Glompers was a fictional character. Was.

  • On the post: FCC Redefines Broadband As 25 Mbps, Angering Broadband Industry Perfectly Happy With Previous, Pathetic Standard

    Tempes Fugit ( profile ), 29 Jan, 2015 @ 03:14pm

    I'd LOVE to have 4M/1M

    But here in the Verizon DSL gulag -- an hour from the capital of the country which invented the 'net -- I'm getting 780K/380K. Yay fierce competition!

    25M/3M? Yeah, we'll have that approximately never.

  • On the post: Nobody Saw This Coming: Now China Too Wants Company Encryption Keys And Backdoors In Hardware And Software

    Tempes Fugit ( profile ), 29 Jan, 2015 @ 11:35am

    Unclear on the concept

    "We understand the value of encryption and the importance of security," she said.

    No. You don't. Not even a little bit.

  • On the post: You Don't Own What You Bought: Drone Maker Updates Firmware On All Drones To Stop Any Flights In DC

    Tempes Fugit ( profile ), 29 Jan, 2015 @ 07:33am

    Drone positioning relies on GPS

    So what happens when someone overrides the GPS signal?

Next >>