Feeds

* Posts by David Hicks

1243 posts • joined 22 Apr 2008

Apple dodged all UK corporation tax in 2012

David Hicks
Silver badge

Re: "revamp tax rules to close the loopholes"

It's hard to define some of the loopholes, I think that's the issue. To steal (and butcher) someone else's analogy -

I own a banana shop, BananaCo Ltd. I make a profit buying bananas from country A and selling in high-ish tax country B, paying 20% of my profit in corp tax.

So I open BananaCo Holdings International (BHI) in low-tax country C and (on paper) have BananaCo Ltd buy all the bananas from there at a markup, keeping the profit in country C and paying less tax. There's still a profit in country B so each year BHI makes a charge to BananaCo Ltd for "brand services" and that swallows up the last of the profit and all tax liability.

Now, so far this has all been a game to avoid taxes and it's pretty obvious that's the case. But what if you have BananaCo GMBH in Germany and BananaCo SARL in France and BHI actually does do the sourcing for bananas from country A? And what if BHI does actually run (or at least finance) trans-national advertising campaigns and therefore does actually legitimately provide "Brand Services" to the various country-level companies?

Suddenly it gets very hard to draw the line as to exactly where the tax avoidance kicks in, what's a legitimate expense, what's just profit transfer and what exactly the taxman ought to be assessing.

It's clear that when the likes of Apple pay zero tax in the UK there is something wrong, but I don't get the impression this is very easy to fix. One way that's mooted is to try and have country C push up its tax rate to the same sorts of levels as country B. But why would they do that? They can have a tiny share of a huge amount, or they can have nothing (the companies wouldn't be there).

21
2
David Hicks
Silver badge
Stop

Re: Justification

Errr..... No.

The money just seems to get hoarded. Pretty sure the shareholders have already been asking why the hell they aren't getting a slice of the action when the company is sitting on MASSES of cash.

23
2

US cops make 'first ever' Bitcoin seizure following house raid

David Hicks
Silver badge

Re: 20 years in the slammer

>> It's not the legality of the drugs that's the point here, it's the 'license to sell' them.

This comes down to *exactly* the same thing, and is a pointless distinction to draw.

Most people would say heroin was an illegal drug, but it can be prescribed and dispensed in some circumstances by licensed individuals. This is not what anyone means by legalisation.

0
0
David Hicks
Silver badge

>> Are bitcoins currency or aren't they?

Why would the police have any part in defining that?

Who cares what they think?

All they care about are that he was receiving them in return for drugs. It could have been dollars or cans of beans, it's still the proceeds of crime.

2
0
David Hicks
Silver badge
Facepalm

Re: 20 years in the slammer

>> The drugs this guy was arrested for dealing are already legal.

Err, no, they are prescription drugs and obtaining them without a prescription is illegal. So "facepalm" right back at you.

4
1

Idaho patriots tool up to battle Jihad with pork bullets

David Hicks
Silver badge
Stop

Re: ::pops some corn & grabs a beer::

>> I've been an Agnostic for nearly 40 years, but still not ignorant enough to think that I have all the information about deities, real or otherwise.

Neither is any atheist.

Try this on for size - http://xkcd.com/774/

0
0
David Hicks
Silver badge

Re: ::pops some corn & grabs a beer::

>> What is the difference in belief in God and belief in No_God? Answer: two letters and an underscore.

Awesome. Could you point out the people who actively believe there's no god?

I know a lot of folks who don't have any religion (we call these atheists) due to lack of evidence, but I'm not sure I know anyone that positively asserts there is not and can be no god. Because that would be pretty dumb. Not even the likes of Dawkins, that people seem to love to hate, claim that sort of thing.

Actually I did once encounter a 'strong' atheist like that on fark. They were nuts.

>> The problem is belief, without evidence. In a universe containing very good evidence for its own creation, is it really wise to deny all possibility of a creator just like that?

Who's doing that?

I just don't see any evidence for one. If it turns up, I'll change my position.

>> I'm a militant agnostic, otherwise known as a scientist.

Sounds like you're also an atheist to me.

You probably dislike the label and its associations for a variety of reasons, but unless you actually believe in a god or have a religion, that's what you are because that's what the word means. I'm also both agnostic (I have no knowledge) and atheist (so I have no religion).

3
0
David Hicks
Silver badge
FAIL

Re: because religious nuts making sweeping statements on the net

>> By my read of the timeline on this thread, the first nutter posting sweeping and unprovable generalizations on this thread was the atheist jake, with you following soon thereafter.

Jake said "Idiots of any religious stripe should be pointed at & giggled at at every opportunity.". Do you identify as an idiot? Note how he doesn't say we should point and laugh at all religious people, just idiots of any religious stripe.

Killraven then comes along and says atheism is a religion, which is what got my goat.

>> And make no mistake about it, atheism is every bit as much of a belief system without proof as theism is

Nope.

>> In order to know there is not a god

Who's claiming this?

Nobody. Not me. Not anyone else in this thread and not even Richard Dawkins.

FAIL.

7
2
David Hicks
Silver badge
Stop

Re: ::pops some corn & grabs a beer::

>> Your arguments would carry more weight if you didn't have to resort to abuse.

I don't have to, it's just more fun that way.

>> Then again you are making exactly my point, and probably your own point, blind faith beit in a God or in no God is a bad thing it clouds the mind, it prevents people from having coherent arguments and they just shout their beliefs and resort to abuse if they don't get their own way.

This is true.

However it's impossible to have a coherent argument when one side is perpetually assigning motives, thought patterns and behaviours to the others.

Hell, I'm not going to argue that you're wrong to believe in god, that's not my place and is entirely up to you, its your belief. The only reason we're arguing at all is because of folks like yourself trying to tell me what I think and believe.

>> I also don't abuse people on the Internet who aren't the same as me.

That's not what's happening here, I'm sorry you think that.

5
5
David Hicks
Silver badge
Facepalm

Re: ::pops some corn & grabs a beer::

>> If that were all there was to it, you wouldn't feel the necessity to bang on about it, including detailed replies to people challenging you about it on a public forum on the Internet.

Right, because religious nuts making sweeping statements on the net should never be challenged, and because I'm in an argumentative mood today I *must* be religious and non belief must actually be a religion.

>> But, you know, keep protesting that you don't have belief and that you're in no way like anyone else who has the same not-belief as you.

"Everyone that doesn't collect model trains is just making a hobby out of not collecting model trains and is no different from train collectors."

"Err, no, I don't buy tracks or scenery or obsess over replica steam engines"

"you do all these things that are just the same!"

"No, I really don't"

"If not collecting trains wasn't a hobby you wouldn't be protesting about it!"

Moron.

7
2
David Hicks
Silver badge
FAIL

Re: ::pops some corn & grabs a beer::

>> No Priests: Dawkins

I don't turn to him for moral guidance and he doesn't get to tell me how to live and I don't give him any money.. He is entertaining on the telly sometimes. That doesn't make him a priest. FAIL.

>> No Meetings: Sceptics in the pub

All atheists have to go to this do they? Specifically the Reading branch? FAIL.

>> No Faith: The levels of certainty are higher than most religious people I know.

You won't find many atheists who are certain of anything except that you have no evidence on your side, and with no evidence there's no reason to believe. That's not faith. Faith is believing in something without evidence. FAIL.

>> No dogma: Sure, there's none, no books that bang on at the already converted, nothing. No Dawkins said it, so it's got to be right.

Reading Dawkins (or other) books is not required to be atheist, only to not have religion. FAIL.

>> No Commonality: Again, have you actually met any of the trndy, hipster athiests? Many of them may as well be clones of each other.

No, I haven't, because there's no congregation, meetings or commonality you absolute muppet. FAIL.

>> I don't care if you do or don't believe in a God, but don't delude yourself that it's some free thinking personal ideology that has nothing akin to any religion.

Except it doesn't. It's not even an ideology, I'm not part of a group. I just don't believe in gods and I don't go to church. That's all there is to it. I'm not sure why it is you think this makes people like me religious.

18
4
David Hicks
Silver badge

Re: ::pops some corn & grabs a beer::

>> Just because your religion preaches "there is no god" doesn't stop it being a religion.

Seriously? "Atheism is a religion too! HERP DERP DERP!"

No priests, no meetings, no faith, no dogma, no commonality at all except not believing in god(s)... sure sounds like every religion I ever heard of!

Muppet.

23
3

Windows 8.1: So it's, er, half-speed ahead for Microsoft's Plan A

David Hicks
Silver badge
Thumb Down

Re: Let me get this right...

Was going to say much the same - Win-S, type Excel, click - that's not a simple or quick way to start something, nor is it simple and intuitive for the people that MS has spent the last 20 years convincing just to click menus and shortcuts.

Now my mother has to know about hotkey combos and search? Hell no! That's not going to work.

16
0

A simple SSL tweak could protect you from GCHQ/NSA snooping

David Hicks
Silver badge

Re: How many of the acres of computers the NSA have...

>> In your opinion it's not brute forcing AES, because you are sure AES cannot be brute forced.

It can't. See calculation.

>> You can't actually tell us all definitively that the NSA don't have a way of doing it

Then it wouldn't be brute force.

>> Personally I'll go with assuming they have a way of breaking it

Good for you.

>> Which was entirely the point I was making...

You said a bunch of things about brute forcing key exchange (which would be DHE, and is another very hard crypto challenge to try and break), you said something about a private encryption algo that was flat out wrong, and now you're speculating that the NSA have a way of breaking all known crypto.

Basically all you've got is "I think the NSA is really clever".

1
0
David Hicks
Silver badge

Re: Key exchange for dummies.

>> Yes, except in effect a public/private key pair is created at each connection.

Kind of. It's key material rather than actual keys.

>>Which we feel is computationally expensive, and if it's not lends itself to being brute forced.

This is not true of DH, no, it's computationally very cheap and is not really prone to brute force. RSA keys are computationally expensive to create because (IIRC) of the fact they are very long co-primes in a modular number space. If you want to understand what that means, I recommend a crypto mathematics course. I'm a bit shaky on it myself.

>> All you need is one of the "secret colours" and you're in

>> So it only works if the secret is regularly changed doesn't it?

Yup, and in the case of DHE (I'm unsure with plain DH) the 'secret' (or its parameters) are changed and then discarded with every connection. As discussed, with RSA this isn't really practical due to the computational cost.

0
0
David Hicks
Silver badge

Re: Key exchange for dummies.

OK so with a non-ephemeral client key pair, you would make life a lot more tricky for a potential eavesdropper because they'd have to obtain the client private key Ka0 for each client they were interested in. However if Ka0 can be obtained then potentially all the Ks used by that client to encrypt comms to multiple servers could be exposed. By changing the client key pair every so often (daily?) you could mitigate this risk somewhat.

It does rely on client security rather than server security, and where you put your trust there probably depends on your politics.

That said, I think the DH kex scheme is superior because there is no key information retained between connections, and Ks is never broadcast at all.

0
0
David Hicks
Silver badge

Re: Key exchange for dummies.

"That's true for authenticated keys, but that should be done after an encrypted channel has been formed and over the encrypted channel. Otherwise you're revealing who is conversing in plain-text (the signatures themselves)."

This is not how SSL works, nor is it a problem it tries to solve. It's perfectly obvious who is conversing because (over the public internet) you can see the endpoints anyway. And signed certificates will be passed to anyone that connects to the server, so it's pretty irrelevant to this domain (though probably not all domains) who gets to see it and we don't care if it's secret or not.

But in my example the session key isn't encrypted with B's key, it's encrypted with A's public key, and as A's key isn't verified it can be temporary. If A uses a permanent key then yes, A could be strong-armed, but A is the client.

I think I became confused over who A and B were. OK, lets flesh out your example a bit -

The client is A and the server is B. It's not mentioned but we'll assume that RSA authentication is used to rule out MITM attacks (right?) at the start of the connection in the usual way. The Key pair used here will be Kb0 (private) and Kb1 (public) and Kb1 is signed. So now we know who is talking to who and we're left with the problem of establishing a session key in a way that cannot be decoded from a traffic dump afterwards.

The 'pure' RSA method is for A to use Kb1 to encrypt a session key, Ks, and send it to B which decrypts using Kb0. If Kb0 is ever discovered then Ks can be recovered and the whole session can be decrypted.

Your proposal is that the client generates a new Public/Private key pair (Ka0 and Ka1) and sends the public part (Ka1) to the server. The server uses this to encrypt a random session key Ks, sends it back to the client which decrypts using the private key (Ka0), so now encrypted comms can commence. Ka0 and Ka1 are immediately erased so Ks can't be decrypted in future. Correct?

The method used in the article and in practice is to use DH, send some parameters over the wire, and come up with Ks in a way that never exchanges Ks or enough information to derive Ks over the wire.

I can see no reason your solution wouldn't work (this doesn't mean it's perfect, there may be good reasons it isn't, I'm an amateur crypto-geek not a pro). It does send Ks over the wire so if RSA factorisation ever gets 'solved' you may have the same issue. This seems unlikely, though you'd want to use a long key to be sure.

The reason you might not deploy it in practice is that generating RSA key pair Ka0 and Ka1 is a non-trivial computational expense for the client and can take a number of seconds even on a relatively modern machine, greatly extending the TLS handshake period. Encrypting with them is also somewhat expensive for the server. DH is comparatively trivial and fast for both sides.

So AFAICT there's no cringeing needed, your scheme would work but is slow. AFAICT.

0
0
David Hicks
Silver badge
Stop

Re: How many of the acres of computers the NSA have...

>> 1). The NSA are retaining encrypted data for breaking.

>> (If they can't break it (and know they can't break it, as per your analysis) why waste resources retaining it?)

It's possible that quantum computing may render much of our current crypto irrelevant in the future.

It's possible they may be able to get keys by physical or legal coercion or just by hacking.

It's not possible to brute force AES 256 in a reasonable amount of time, even with their resources.

>> 2). They ARE using all that compute power they have for something.

Well, it's not brute-forcing AES-256 keys because that's a waste of time and energy. A lot of crypto that's actually in use is far less secure than AES, or is used in constructions which leak information and may be vulnerable to various attacks, perhaps their attentions are on that.

>> (And here we are back at my original point)

Which doesn't really hold up to scrutiny. Private encryption schemes are almost always flawed, and if you do it right you can encrypt data in a way that holds up to all known attackers. Of course it's possible the eggheads at the NSA are ahead of the game here and have got attacks on AES the rest of the world don't know about, but that's speculative.

1
0
David Hicks
Silver badge
Stop

Re: Key exchange for dummies.

>> Exactly what I was thinking, why are these keys kept beyond the life of the session?

OK, so the RSA keys need to be kept because they are used for authenticating who you're talking to. Without them you're vulnerable to MITM attacks.

>> Also, the article refers to getting the key off the server, B in my example, however I never give B the private key, unless it means the session key, which should be deleted after the session ends.

I think the point is that the server may be forced by non-technological means to give up their private key. Or they may be hacked. Without (EC)DH(E) you could use this to decrypt any previous traffic dumps you happen to have of comms between that server and any clients.

0
0
David Hicks
Silver badge
Happy

Re: Key exchange for dummies.

>> In the above, why doesn't "A" create a new private/public key for each session (well, not A-the-person, but A-the-software) -- never storing the private key on permanent store? Then there is no private key for "C"'s thugs to beat out of "A"

OK, so the public/private key pair are used for authentication. We don't generate new ones each time, as a rule, because A's public key needs to be accepted as secure and trusted by B. This can be achieved by sharing it in some secure way ahead of time or by having a mutually trusted authority sign it. If you don't do this B can't be sure they are talking to A, B might be talking to M who is running a man-in-the-middle attack.

You could certainly reduce the lifetime of private keys and securely delete them after a while, that might be good practice, but it's not really practical to make a new one each connection.

And this is basically what Diffie Hellman is for, to make session keys that can't ever be regenerated when the connection is dead, so C has no recourse to pipe and gorillas :)

0
0
David Hicks
Silver badge
FAIL

Re: How many of the acres of computers the NSA have...

>> protip: WIth enough compute power EVERY encryption method can be brute forced.

Do the math. AES-256, if you check 1 billion keys per second, would take in the region of 1.5 times 10 to the power 60 years to brute force.

For comparison, the earth will likely be devoid of life (due to the sun getting hotter) in around 10 to the power 8 years.

Hell, let's say we can check a key every clock cycle in a modern 4 GHz machine, you're still looking at 9 time 10 to the 59. If everyone on earth had a quad core version of that, dedicated only to the problem of decoding an AES-256 message, it would STILL take almost 10 to the power 40 (that's 10 with 40 zeroes after) times the expected lifetime of the planet to decode.

7
1
David Hicks
Silver badge

Re: If they have the private key they can MITM diffie hellman too

Yes, the attack requires active participation in the data stream, whereas without Diffie Hellman you can decode it at your leisure later.

0
0
David Hicks
Silver badge
Happy

Re: Key exchange for dummies.

>> B sends A a randomly generated session key encrypted using A's public key.

>> How do you get the secret session key after the connection has terminated?

'C' takes a length of pipe and a couple of hard men, retrieves A's private key and decrypts the session key message, therefore unlocking all the rest of the data with the session key.

Diffie-Hellman gets around this by using clever maths to allow two sides of a conversation to derive the same key *without exchanging enough information over the wire to rebuild the key later*. It's a work of genius and I highly recommend reading about it on Wikipedia.

0
0
David Hicks
Silver badge
FAIL

Re: Was this news?

>> Bullfood. The only weaknesses in PKI are a) losing control of your private key, don't do that, or b) asking for someone's public key which you don't have yet.

Bullshit.

The weakness with the PUBLIC authority structure is you have to trust the public authorities, and sometimes you can't. You can request a key for www.example.com because you own it, but if any of the authorities trusted by your browser issue another certificate to someone else for www.example.com, then they are enabled to perform MITM attacks. Or if they allow a signing certificate then whoever gets that can sign a cert for any server they like, and MITM anything.

>> IN ANY EVENT, PKI is not used for session key negotiation in SSL, it's used for authentication.

Well, that rather depends on the cipher suite you use, which is rather the point of this article.

3
0
David Hicks
Silver badge
FAIL

@ JeevesMkII

"That's not how certificate issuance works. You generate they key and send them a certificate signing request with your public key parameters. The cert. auth. never knows your private key, for obvious reasons."

Hi again.

I know exactly how certificate issuance works because I've done it. And I know very well that if the likes of Verisign issued a certificate to the NSA with the signing bit switched on then they could sign any certificate for any server they felt like and perform man-in-the-middle attacks against any system that had (for instance) verisign's root certificate installed. The certification authority never knows your private key because it's irrelevant to a MITM attack. You only need to get the client to accept that your cert is signed by a trusted root.

I know this because I've written software to do this (successfully) and familiarised myself with the SSL and TLS RFCs. Perhaps you should do the same and investigate the role of the authorities in the chain of trust before you hold forth on issuance procedures.

3
0
David Hicks
Silver badge
Stop

Was this news?

I've written stuff to extract data from SSL/TLS streams after the fact, assuming access to the server's private key. Doesn't work with DH. DH/DHE/ECDHE are specifically disallowed in FIPS 140-2 and other federal/government standards for a reason - you can't audit them.

So if you care about securing your SSL/TLS comms against future snooping then enable the cipher-suites that use these keygen mechanisms.

Of course if it's anything important and you really don't want the government agencies to look, then you'll be needing to run your own certificate authority too (no, not just a self-signed server cert), in order to thwart MITM attacks. What, you thought the cert authorities wouldn't just issue any cert the government agencies feel like? LOL.

8
3

'Do the right thing and tell on a pirate' - software bods

David Hicks
Silver badge
Linux

Yes, do the right thing

Switch to FOSS software for free, easy* license compliance!

(*note: I am talking about for using the software in an office, not bundling it with your commercial offerings, that's where it tends to get complex)

12
0

Ex-inmate at Chinese prison: We made airline headsets

David Hicks
Silver badge

Not to come over all ultra-capitalist or anything but... prison labour warps the market.

It's happening in the US and that it happens in China isn't surprising. But what you have is a pool of labour that is ultra-cheap. In the US the prison is paid a certain amount for a block of prisoner time and the prisoner gets a token amount out of it, the total being well below minimum wage. This undermines labour markets outside the prison system and delivers a product that non-prison labour can't compete wirth in terms of price.

A quick-fix would be to make sure that in cases of loaning prisoner-time to outside companies the prison (not the prisoner) is paid minimum wage for the labour where minimum wage exists, or a competitive wage if not. Where the prison is producing and selling product itself it ought to be made to account for labour costs similarly.

This would probably kill all incentive for folks to use prison labour, but in the end that's probably not a bad thing. Perhaps prison labour would be best used on public works, where spending less taxpayer money is a *good* thing, rather than private endeavour where market distortion can occur.

12
1

Sci-fi and horror scribe Richard Matheson: He is Legend

David Hicks
Silver badge
Unhappy

Re: It should go without saying...

I've never seen the Will Smith "I am Legend" film for that very reason - I went to see "I, Robot" and was upset by it.

RIP to another great Sci- Fi author man.

7
0

Bitcoin now accepted in London pub. In Hack-ney, of course

David Hicks
Silver badge
FAIL

>> Mining isn't legally defined and neither is peer-to-peer crypto currencies.

So they define it. I'm not really sure what your problem is here.

0
0
David Hicks
Silver badge
FAIL

>> Rename to Bytecoins

"Unregulated peer-to-peer crypto currency".

>> I have a wallet service on my desktop. It holds information that I want to keep private and has nothing to do with any form of virtual currency.

So what? Kill/heavily regulate the online wallet services and make mining illegal. Not really all that hard. Hard to identify who's doing it, perhaps, but not hard to legislate.

>> In order to apply financial rules they have to recognise it as a currency which would, in effect, legitimise it.

Not if they also made it illegal. Look at what happened with Liberty dollars - recognised as a competing currency and shut down as a result (competing physical currencies are not allowed). Again, BTC would be *technically* harder to shutdown, but not legislatively harder.

>> Yes. That is why there are so many lawyers and why every law passed ends up being amended and/or superseded. Lawmakers find it difficult to successfully define physical objects and processes, never mind virtual ones.

Yet here we are with all these laws and enforcement agencies that will shut you down if (for instance) you make a business of selling illegal items like heroin. Seems that some things can be legislated.

>> All the miners do, by the way, is generate a SHA-256 hash to sign a block of data with. How easy do you think the lawmakers would find it to stop people signing a bitcoin data block without having any side effects on everything else that uses SHA-256?

Very easy indeed. "For the purposes of mining and/or processing transactions in unregulated peer-to-peer crypto currencies".

0
0
David Hicks
Silver badge
Stop

>> How?

Make a law that says trade in bitcoins is illegal. Like trade in drugs perhaps. They could define running any sort of wallet service or a mining rig on the network to be money-transmission and apply a load of financial rules around that (which it is *very* doubtful BTC meets). Miners could be arrested for enabling money-laundering. All sorts of stuff could happen.

Do you really think it's beyond lawmakers to figure out a way to make trade in BTC effectively illegal?

I'm n ot saying its good, or right, but you have to admit its possible.

0
0
David Hicks
Silver badge
Alert

Killing bitcoins isn't a tech problem though, it's a social/business problem. Outlaw American business from dealing in BTC, put pressure on international partners to do the same by making a lot of noise about drugs and terrorism. Result - massive market suppression as any hope of "normal" involvement in the bitcoin market dies, exchange becomes very hard and it's relegated to niche, underground uses.

0
1

Galaxy S4 way faster than iPhone 5: Which?

David Hicks
Silver badge
Stop

>> I have a 6310i. up to 1 month between charges, or several hours on a call and rock solid call quality.

Good for you. I make about 3 calls a month but have endless uses for a pocket-sized tablet.

>> I guess on a phone the most important thing i want is to make and receive calls. Guess I'm out of touch as well.

Pretty much, yup.

>> Faster = able to do more charging

Or run a variety of foreground and background apps without choking utterly. Either way, The criticism that "OMG how terrible is your phone you need all that power" is nonsense.

It's not a case of "need", it's a case of want, can have and "ooh shiny!".

7
0
David Hicks
Silver badge
FAIL

>> It's a sad day when you need stupid amounts of processing power on a phone.

I take it you still use a nokia 3310 and a 286 then?

It sure us a sad day when you need such power as a modern Core processor just to run a desktop OS and an office suite.

Alternatively you could look at it as progress, you know, like we have been doing in tech since the whole thing started. Faster = able to do more.

8
2

Snowden: 'Hey, Assange, any more room on Ecuador's sofa?'

David Hicks
Silver badge
FAIL

Re: Growing up...

>> "No, you nitwit, I don't. Argumentum ad absurdum.

Then maybe "Buh, buh, buh... but Russia and China do it!" isn't such an awesome argument?

>> But do YOU really appreciate the scale of the problem? Do you think 'fixing' the US spying on us is going to make us safer? If you do, you're mistaken and you risk neglecting the wider problem..."

No, I think that the extra levels of safety afforded by all our spying is small and not worth either the tax money or the cost of our own freedom and privacy.

3
0
David Hicks
Silver badge

Re: Growing up...

>> Do you *really* think that China or Russia are trying to do any less?

Do you *really* think that we should do everythig they do?

3
0
David Hicks
Silver badge
FAIL

"I don't really care about the ethics of espionage and I'm not here to take a side and defend it"

Then why are you trying to tell the rest of us someone is a traitor for exposing to us what our governments are doing in our names?

"You're the one who's whining about not wanting to live in a country that doesn't spy on other people. Like I said, if that is your wish go live on a rock in the Pacific Ocean, or Antarctica, whatever. The fact of the matter is there is a big difference between exposing domestic spying and the geopolitical kind and by any countries definition of the term he has crossed the line into 'traitor' territory."

Yes, the fact of the matter is that he has exposed international spying. The fact of the matter is also that the people of these democratic countries had little idea how far their own governments were going in our names (though you could get some idea if you were paying attention). In a democratic country, where the government acts with the mandate of the people, if the people don't know what's going on then they cannot have sufficient oversight. Telling the people what their government is doing, when it is doing far more than anyone expects or wants of it, is not traitorous. It's informative to the democratic process.

I repeat - unless you think governments should just be left alone to do whatever the hell they want in the international arena, and the rest of us shouldn't worry our pretty little heads about it?

5
2
David Hicks
Silver badge
FAIL

"Yes, I agree. It's entirely realistic that the US will completely stop spying on other countries due to these revelations."

Right, because it's really definitely all or nothing, and democratic people should just let the government handle it and do as much or as little spying as they feel like, and the rest of us shouldn't worry our pretty little heads about how much they f*ck around in other countries.

Who gives a fuck if its realistic they stop entirely? Maybe its realistic they get shamed into curtailing their activites due to democratic pressure. Maybe its realistic that this is just one more strik against government secrecy and adds to a building distaste people have for their own government. Maybe its realistic that the populace slide back into total fucking apathy.

But don't tell me "We spy because we spy and that will never change so everyone should just keep quiet about it".

24
6
David Hicks
Silver badge
FAIL

"If you don't want to live in a country where the government thinks it's alright to spy on other countries citizens, you won't have many options, my friend. Perhaps there's a volcanic rock in the Pacific Ocean somewhere you can live on?"

Then perhaps throwing the light of day on the extent of these activities every so often will change this, was my point. If there's all this publicity and people turn out not to like it, maybe we can force change in the way this works. He's not a traitor if he's telling people what they're government is doing in secret and they hate it.

"When your riposte to my argument is some flouncy, idealistic horseshit that bears no semblance to the reality of the world we live in, you know you've lost."

Right, because we can never change anything, ever, and ought to just put up with 'reality'. Fuck you too.

45
10
David Hicks
Silver badge
Stop

Are people not allowed to be outraged at the extent of spying that their country does on the citizens and corporations of other countries too?

Maybe I don't want to live in a country (or have a government) that thinks it's just fine to steal SMS data from citizens and officials all over the world?

Maybe some of us are tired of the institutionalised duplicity of diplomacy and spying and would rather leave the whole game alone. It's like systemic corruption and until we start fighting it, it will never go away. "The other guy does it" is no excuse".

36
9
David Hicks
Silver badge
FAIL

And how about all the stuff about how the US spies on many millions of its own people? That legitimate too?

And what if the people of the nation hear about all the spying and decide they don't want their taxes going to pay for all the spying?

Isn't it right that in a democracy we have some idea of what our governmeent is doing?

30
12

Telly psychics fail to foresee £12k fine for peddling nonsense

David Hicks
Silver badge
Meh

Re: Would it have been better for the mail...

"Only as I understand it, Randi has been caught out as a fraudster himself so he's hardly a 'long standing seeker of truth'."

Got a reference for that? Would be interested to read it.

6
0
David Hicks
Silver badge
Facepalm

Re: Would it have been better for the mail...

Yes I saw one of his 'spiritualist' things on the telly a few years back. He read up on cold reading and applied to it to awesome effect, to do exactly what the psychics were doing and he did it very well.

Unfortunately I've seen people take away from that that he is a liar and he was only able to do the amazing cold reading because he has huge psychic powers that he's not telling us about.

4
0
David Hicks
Silver badge

Would it have been better for the mail...

... to question her grasp on reality?

Because that seems the alternative to fraud here.

1
0

That enough, folks? Starbucks tosses £5m into UK taxman's coffers

David Hicks
Silver badge
FAIL

Why? 5 mil is pretty cheap if it expands your market or un-tarnishes your reputation in the UK.

0
0
David Hicks
Silver badge
Meh

Re: So: basically it's a protection racket

"Well, err ... actually - yes. Isn't that what corporation tax is supposed to be? <FX: scratches head, looks mystified>"

Therein lies the problem, what is profitable? What does that mean?

Would there have been profit if not for poorly defined "brand services" charged to the UK corp from a tax haven?

Conversely, are brand services (international marketing? trans-national supply negotiation?) actually quite a legitimate expense?

There's no doubt in my mind that a lot of dodges are used to make it look like there's no profit where there might be tax, and that's the bit I'd like to see pinned down.

9
1

Rise of the Machines: How computers took over the stock market

David Hicks
Silver badge
Flame

Re: @SysLoll - Radical solutions needed @AC 18:27

>> have a look at Heinlein's "The Moon is a Harsh Mistress"

Ah, "The Moon is a Harsh Mistress". Not so much a novel as a political rant with a few one-dimensional characters chucked in.

Did nothing to convince me of anything other than that Heinlein is overrated.

0
0

Pussy galore: Bubble-bath webcam spy outrage

David Hicks
Silver badge

Re: Laptops in the bath?

Pretty sure by the time they started being built in to laptops the LED became a standard feature.

1
0
David Hicks
Silver badge
Stop

Re: all webcams I know have a light on them to indicate if they are active..

>> surely if the webcam can be turned on without your knowing, the light could also be disabled ?

Thankfully this is usually not software controllable, and the LED is hooked into the circuit that activates the sensor.

4
1