Tempes Fugit 's Techdirt Comments

Latest Comments (686) comment rss

  • On the post: Take Picture Of Your 4-Year-Old Daughter Eating Ice Cream… Get Investigated Under Terrorism Act [Updated]

    Tempes Fugit ( profile ), 14 Oct, 2011 @ 01:53pm

    And this is how the terrorists win.

    I'm sure that none of the "authorities" involved in this debacle are intelligent enough to grasp this -- or they wouldn't be involved -- but this is a double victory for terrorists.

    First, it's a win because they've managed to manipulate the authorities into doing their work for them. It's always best to get an enemy to inflict damage on itself, as has happened in this case. It's even better -- from the terrorists' point of view -- when you can publicly announce your intention to do so and STILL get your enemy to fall for the ploy.

    Second, it's a win because every minute of time spent viciously harassing harmless people is a minute not spent actually doing something useful. Of course, it's easy to threaten a father with a child; tracking down terrorists is hard work. So it's much easier to do the former and pretend to do the latter.

    So not only is this incident infuriating (every law enforcement official involved should be fired and banned for life from serving) but it's depressing: it's yet another way that victory is being handed to terrorists on a silver platter. They need not concoct elaborate plots or build complex devices or anything like that; they can just sit back and watch the self-inflicted wounds accumulate until there are enough to be fatal.

  • On the post: Why Can't PROTECT IP Supporters Just Admit That It's About Censorship?

    Tempes Fugit ( profile ), 14 Oct, 2011 @ 01:37pm

    Re: Because it's not-- it's about stopping piracy

    Somehow the scum running the USENET sites [...]
    [...] are providing some of the Internet's most useful services, often at their own expense and on their own time.

    There, I fixed it for you -- and for the rest of the ignorant newbies who do not comprehend what Usenet actually is, how it works, or anything else about it. No, don't bother: I'm sure it's far beyond your pitifully feeble comprehension, and it gives me a headache just trying to talk down to your level.

  • On the post: What Happens When The Company Backing Up Your Passwords In The Event of Your Death Itself Dies?

    Tempes Fugit ( profile ), 12 Oct, 2011 @ 04:40am

    This service is fundamentally broken...

    ...because they claim to be able send the passwords by email.

    Everyone knows that email is based on an underlying best-effort protocol. Delivery is never guaranteed. And given the pervasive incompetence of postmasters nearly everywhere, it is extremely foolish to even consider email as a reliable delivery medium.

  • On the post: Find A Massive Security Hole At American Express? If You're Not A Cardholder, It Doesn't Care

    Tempes Fugit ( profile ), 12 Oct, 2011 @ 04:36am

    Sadly, this is extremely common

    RFC 2142 specifies role account email addresses (e.g., "postmaster") which all domains must/should support in order to facilitate communication. Any operation which does not support at least the mandatory addresses is clearly incompetently managed -- and quite foolish, as it has deliberately cut itself off from free expert assistance.

    Yet this has become the norm. Many clueless, lazy, cheap and ignorant admins will claim that this is necessary because of the levels of spam/abuse that arrives in these mailboxes. Of course, everyone with sufficient experience knows that's merely a flimsy excuse for their inability to handle a rudimentary task. Other equally-clueless admins will provide an idiotic web form that demands irrelevant information and forces correspondents into using a very limited communication method (i.e., one which does not support lengthy messages and/or attachments).

    The ignorant newbies who do all this are of course the first ones to whine and cry foul when a researchers publicly disclose a problem.

  • On the post: The Only Way To Stop File Sharing Is To Stop Private Communications

    Tempes Fugit ( profile ), 11 Oct, 2011 @ 07:36am

    Re: Re: "remove the right to private communication"

    All good suggestions, especially "don't use Facebook". Or any of the others.

    Add to these: use Firefox (never IE), do not use Outlook, use TrueCrypt, use Firefox extensions like NoScript and AdBlock, wipe your cache/cookies/etc., use encryption for email, nmap yourself and turn off everything you can. All these combined are just a beginning, of course, but they're a pretty good beginning.

  • On the post: Blaktron's Favorite Techdirt Posts Of The Week

    Tempes Fugit ( profile ), 09 Oct, 2011 @ 02:52am

    Re: First?

    How about Dennis Ritchie and Ken Thompson? How about Charles Shannon? Bob Kahn? John Mauchly? Grace Hopper? Herbert Simon? Vint Cerf? Maurice Wilkes? Tim Berners-Lee?

    And how about Steve Wozniak?

    Jobs did much more for Apple as a business than as a tech company. The iPhone, the iPad, and the iPod are unimportant from a technical standpoint -- they're not innovative, and they're closed platforms, which makes them inherently, markedly inferior to open ones. So while it's sad that he's gone, and it's appropriate to recognize his contributions in the areas he made them, he simply doesn't belong on the same list with the others noted above.

  • On the post: Microsoft's $844 Million Software Giveaway To Nonprofits: Pure Charity Or Cheap Marketing?

    Tempes Fugit ( profile ), 07 Oct, 2011 @ 02:26pm

    Re: Re: Re: Re: Re: Lock in

    Let me fix that for you:

    In my limited and brief experience, Software Developers dont manage complex systems.

    Many novices such as yourself often say things like this because they lack both the depth and breadth of experience to realize that not every development environment has the same goals, the same methodologies, the same personnel, the same tools, the same ANYTHING. There are some software developers who don't manage complex systems -- in fact, they don't manage any systems at all. But at the other end of the spectrum there are software developers who manage fiendishly complex systems...and some of them do it very well.

    Along the continuum in the middle lie all the possible variations. And one of the ways to recognize good developers (although not the only one) is to note those who are capable of systems management -- because it portends well for their chances of crafting software that is actually manageable by others. Moreover, good developers will craft their own development environments -- top to bottom -- and manage those as well.

    And the best developers can do it all: they're as agile with network design as kernel tuning as shell scripting as database interfacing as algorithm implementation. They're not common (of course!) but they're also far better at systems management tasks than nearly all of the people who actually have that in their title.

  • On the post: Microsoft's $844 Million Software Giveaway To Nonprofits: Pure Charity Or Cheap Marketing?

    Tempes Fugit ( profile ), 07 Oct, 2011 @ 02:06pm

    Re: Re: Re: Re: Re: Re: Lock in

    I've actually done considerable research on it -- not because I wanted to, believe me.

    And you've hit upon the key in one sentence: borrowing from your comment, it's ALL marketing. There's nothing there. It's a grandiose pile of software which purports to do everything...and nothing. It's as if -- and this may not be too far off from the truth -- it was explicitly designed so that its feature set aligned with as many RFPs as possible.

    And in a business sense: that's quite clever. There are PLENTY of CIOs who are utterly clueless morons, and will believe this kind of marketing BS. So by speaking directly to them in a language they understand, Microsoft has found a readymade customer base. And well, nobody ever got fired for buying IBMxxxMicrosoft -- they just got more money in the next year's budget to keep desperately attempting to make it work.

    But certainly anyone who advocates it is signalling, very loudly and very clearly, that they are technically incompetent -- not to mention appallingly naive.

  • On the post: Microsoft's $844 Million Software Giveaway To Nonprofits: Pure Charity Or Cheap Marketing?

    Tempes Fugit ( profile ), 07 Oct, 2011 @ 11:26am

    Re: Re: Re: Re: Lock in

    Sharepoint not only sucks, it doesn't really DO ANYTHING.

    Of course, the inferior people who advocate Microsoft products don't and won't grasp this. They will prattle on and on and on about how great it is, never realizing that they've been conned -- or, if they do, refusing to admit it.

  • On the post: Microsoft's $844 Million Software Giveaway To Nonprofits: Pure Charity Or Cheap Marketing?

    Tempes Fugit ( profile ), 07 Oct, 2011 @ 10:35am

    The first sample is always free...

    ...it's the second and subsequent ones that'll cost you.

    But I will say, it's highly amusing to watch the weak, the stupid, the ignorant and the gullible fall for the scam over and over and over again.

  • On the post: Lawyer For Accused: DDoS Is A Legal Form Of Protest

    Tempes Fugit ( profile ), 30 Sep, 2011 @ 11:43am

    Interesting compare/contrast point

    "When Obama orders supporters to inundate the switchboards of Congress, that's good politics, when a bunch of kids decide to send a political message with roots going back to the civil rights movement and the revolution, it's something else," Cohen told TPM, stipulating that he was not indicating that his client was even involved. "Barack Obama urged people to shutdown the switchboard, he's not indicted."

    That's a good point. Deliberately inundating the switchboards of Congress (or the White House, or Jim's Bank and Donuts) is a DoS attack if launched from a single point, a DDoS attack if launched from many. So why hasn't the DoJ indicted everyone who carried that out (after all: they can easily acquire their phone numbers) and why haven't they gone after those instigating it?

    Of course, calling for mass phone calls (or letters, or anything else) is hardly new and unique; it's an old tactic, and many politicians have used it over the years. So have corporations, lobbyists, public interest groups, and many others. All that's changed are the media: e.g., now email is sometimes used, perhaps tomorrow something else will be.

    This shouldn't be read as approval, by the way. But I do think there's an inconsistency here that needs to be addresssed.

  • On the post: Pretty Much Everything Related To You And Facebook Is Recorded In Your Facebook Permanent Record

    Tempes Fugit ( profile ), 29 Sep, 2011 @ 05:13pm

    As everyone should always remember...

    http://verydemotivational.memebase.com/2011/09/28/demotivational-posters-facebook-you/


    Of course Facebook will retain (and sell) every scrap of data it can. Of course Facebook employees with access to the data will make their own side deals. Of course Facebook's incompetent security guarantees that attackers will avail themselves of whatever they want, whenever they want -- and already have -- and will sell it, trade it, whatever on the open market. Of course Facebook will lie, lie, lie about all of this whenever it can.

  • On the post: University Police & Administration Freak Out Over Nathan Fillion Firefly Poster; Censor, Threaten Professor

    Tempes Fugit ( profile ), 29 Sep, 2011 @ 02:13pm

    Why haven't these officers been fired?

    They are clearly far, FAR, FAR too stupid to make realistic assessements of threats to the university environment. This doesn't necessarily make them bad people, but it most certainly means that they have miserably failed to demonstrate the intelligence necessary to serve (in the sense of servant, which is what they are) the community.

    Next, no doubt, we will read that they have maced a student for throwing a frisbee ("a projectile weapon") and tasered a staff member for failing to dismount their bicycle.

    Such inferior people with obviously-inferior minds should not be permitted the privilege of serving, and they certainly should not be allowed to carry lethal weapons. They are far more a danger to the university community than those they would ostensibly defend against.

  • On the post: Swedish Film Institute Learning That An IP Address Is Not A Person

    Tempes Fugit ( profile ), 27 Sep, 2011 @ 07:49am

    Re:

    An IP address and ISP logs can tell you which user was logged in at a given time, and from there you can move ahead legally as you see fit.



    Many inexperienced novices such as yourself contend so, but of course everyone with sufficient expertise knows this is utter nonsense. I suggest that you undertake the remedial education that you so obviously require in order to raise your clue level to one that is at least minimally acceptable for participation in this conversation.

  • On the post: Entertainment Industry Now Shaking Down People At $10 Per Infringement

    Tempes Fugit ( profile ), 23 Sep, 2011 @ 03:36pm

    So...they're spamming.

    1. They're sending email. (They admit same.)
    2. They're sending bulk email. (They admit same.)
    3. They're sending unsolicited bulk email (There are no facts available which suggest that recipients have requested these messages.)

    Unsolicited bulk email (UBE) is of course the canonical definion of spam (in the context of SMTP)...and this is exactly what they're doing.

    Time to start blacklisting their domain/network/sending servers, just like any other spammer.

  • On the post: Craigslist Trying To Destroy The Life Of Someone Who Made Posting To Craigslist Easier

    Tempes Fugit ( profile ), 23 Sep, 2011 @ 03:10am

    Re: Re: Re:

    Apparently you have a reading comprehension problem in addition to a security ignorance problem. I did not say that I approved of such activities, and of course, given that I have a multi-decade history of opposing them vigorously, it would be surprising if I did say so. What I pointed out -- correctly -- is that captchas are obsolete rubbish, used only by the stupid, incompetent and lazy. They fall squarely into the category of security theater.

    Note carefully -- if you're capable of such nuance -- this wasn't always true. There was a time at which they had some marginal security value against some kinds of attacks. But that time has come and gone.

  • On the post: Craigslist Trying To Destroy The Life Of Someone Who Made Posting To Craigslist Easier

    Tempes Fugit ( profile ), 22 Sep, 2011 @ 02:30pm

    Re:

    Technical point-of-order:

    Things like Captcha and such are set up to make sure that actual humans use the service, and that it isn't abused by bots and other automated tools.

    Anyone who still thinks that captchas serve this purpose is utterly clueless and may safely be dismissed from any further participation in conversations regarding security. Everyone who has been paying ANY attention to the contemporary security/abuse environment knows that the only reason any particular captcha hasn't yet been successfully attacked is that no attacker has yet found it worth their time to bother. The rest are as irrelevant as a sheet of tissue paper in front of a tank.

  • On the post: Even If You Cancel Your OnStar Service, The Company Will Still Track (And Sell) Your Location

    Tempes Fugit ( profile ), 22 Sep, 2011 @ 01:42pm

    Re: Re:

    If you had been paying attention over the past few years, you would be painfully well aware that "aggregated" and "anonymized" do not often mean what people wish them to mean, or what people hope they mean. (See, for example, AOL's infamous debacle.) Sufficiently clever people (of which there are many) with access to sufficiently diverse and rich data sources (of which there are many) can often quite effectively de-aggregate and de-anonymize data.

    In other words, the problem is much, MUCH harder to solve that it appears to be. And this is generously presuming that those claiming to be solving it are actually serious about doing so, not merely attempting to present the appearance.

  • On the post: Even If You Cancel Your OnStar Service, The Company Will Still Track (And Sell) Your Location

    Tempes Fugit ( profile ), 22 Sep, 2011 @ 01:05pm

    Here is how it will happen

    OnStar has just publicly announced that it is building a target...a very attractive target.

    Therefore they will be hacked. Please...do not waste my valuable time foolishly suggesting otherwise. It is inevitable. It is only a question of when, and who, and how.

    After they are hacked, some or all of their data will be copied. It will then be put on the open market for sale to anyone with sufficient cash-in-hand. This will include spammers, phishers, pedophiles, rapists, stalkers, extortionists, and others. It will also include purchasers who have already acquired other substantial databases of interest and intend to cross-correlate them -- and then either use or sell the resulting enriched data.

    All of this will steadily be denied by OnStar's corporate spokeliars. Eventually, it will become too painfully obvious to deny, and those same spokesliars will use the time-honored phrase of corporations everywhere who have done something really stupid in order to satiate the sociopathic greed of their executives:

    "No one could have forseen..."

  • On the post: PETA Jumps The Dolphin-Free Shark; Opens Own Porn Site

    Tempes Fugit ( profile ), 22 Sep, 2011 @ 09:38am

    The .xxx TLD is widely blacklisted

    Heck, I blacklisted it long before it went live -- and not because it's intended for porn. (See previous commentary here at TD.) So aside from the merits of the entire concept, PETA's being clueless about their choice of domain.

Next >>