* Posts by Graham Cobb

280 posts • joined 13 May 2009

Page:

Hackers waste Xbox One, PS4, MacBook, Pixel, with USB zapper

Graham Cobb

Re: Ridiculous

It's ridiculous to suggest these should all be optically isolated.

USB ports are different from those other examples:

1) Those other interfaces are not used for massively common and cheap devices, that people routinely plug into their systems when they find them lying around.

2) Those interfaces are not normally shared, where plugging a bad device into one port can damage other devices other people have plugged into other ports (as is common in charging stations).

2
0

Still too much discretion when it comes to that 'terrorism' stuff, repeats David Anderson QC

Graham Cobb

Don't blame Snowden, blame GCHQ

...the spread of encryption, a long-standing trend accelerated since 2013 in reaction to Edward Snowden unconscionable mass surveillance...

FTFY

16
0

UK's new Snoopers' Charter just passed an encryption backdoor law by the backdoor

Graham Cobb

Re: Blackmail! (remember Monty Python?)

That happened in the miners' strike over 30 years ago. The police stopped some colleagues on their way to a client site on the suspicion they were flying pickets.

Which is why I really don't understand why Labour did not oppose this. I realise that they are just as authoritarian as the Tories, but can't they see that trade unionists (let alone Momentum sympathisers) will be some of the first victims of this? The first time there is serious disruption caused by industrial action, both the spooks and the police will be looking up in the database who has been visiting extreme left wing sites!

Labour have so much more to lose than the Tories do (no one is going to be targetting people who visit the Country Life website).

1
0
Graham Cobb

Re: Blackmail! (remember Monty Python?)

And not just the powerful... How do you think they will get everyone to watch and inform on everyone else (not fanciful -- that is exactly what the Stasi did)?

Need someone to report on (or maybe make up, so they are seen to be valuable) goings on at the local mosque? Quick database search (sorry, not a "database", just "filters" -- oh, how we IT people laughed when we heard that!) to find a Muslim teen worried about whether he might be gay: "you wouldn't want anyone finding out you are gay, would you? We can make sure those records are all deleted if you just help us out".

The big concern is not just that this is not targetted on suspects, not even the potential for blackmail of specific people, but the collection of data on everyone allowing potential fishing expeditions and correlation with other data to search for vulnerable people to target.

Do you want to reduce the number of people turning out for a animal-rights/pro-life/pro-abortion/anti-globalisation/anti-immigration/whatever demonstration? Just correlate web browsing records with ANPR data and stop the cars of the people most likely to be relevant activists from even getting to the event. The police wouldn't do that? 20 years ago I lived near a cat farm which was subject to massive animal rights demonstrations. The police took to literally stopping anyone driving towards the area in a beat-up old car and turning them round if they were heading to the demonstration (they never stopped me, but I drove a nice car). How much easier now they can know the number plate of anyone who has ever accessed a relevant campaign web site!

4
0
Graham Cobb

Re: Is anyone working to overcome this?

Thanks for the suggestions. I also use A&A and have paid my dues to ORG and other campaign groups for many years.

But I think the time has come to move on from campaigning to actually doing some things aimed not at geeks (like A&A) or even politicos (like ORG) but at ordinary people. I am thinking about creating apps, setting up offshore companies to provide services, creating and publicising howtos, helping commercial players understand how they need to change their policies around anonymity and Tor in the light of these UK actions, etc. I am looking for a group of people brainstorming ideas for how to actually deal with this. I would be happy to join something led by RevK if he wants to do that but, if not, is there anyone else?

3
0
Graham Cobb

Is anyone working to overcome this?

Does anyone know of a group that is seriously working to overcome this illiberal measure? I would be interested in contributing my time, experience, skills and maybe even money to (legal) activities designed to defeat these measures and eventually result in their replacement by sensible liberal and proportionate measures.

I am looking for a chance to contribute to real activities, on the political, publicity, education, legal, technical and commercial fronts.

I realise not everyone would support this -- feel free to ask about groups doing the opposite if you wish. But the time has come to go beyond the Don't Spy on Us campaign coalition and some of us with technical and commercial experience might be interested in contributing to helping people legally bypass the unacceptable parts of the IP and DE bills.

2
1
Graham Cobb

Re: Don't worry: it won't affect the bad guys

As usual, a bad and poorly drafted law will merely inconvenience the innocent, allow abuse by government and trouble the real criminals not at all.

More seriously, it just makes the problems of actually tracking real suspects much harder.

Most people do not have a problem with court-ordered targeted surveillance or even forced decryption as long as it is very much limited to specific targets and with real independent oversight and protections. In that world (just yesterday), you don't see much takeup of uncrackable end-to-end encryption: people are perfectly happy that big company products will protect them from criminals. There is little noise about real end-to-end encryption and almost everyone, even those on the edges of or at low levels in terrorist organisations, do not bother with them.

But, with these over-the-top and anti-democratic powers, everyone will rapidly adopt tools just to protect their own privacy. Every teenager wanting to find information about their sexuality, or concerned about a medical issue or getting involved in political activity, will use them. So, they will quickly become completely normal and the security services really will go dark. It won't be the fault of those of us concerned about privacy, it will be the fault of the government for being so stupid!

I can only hope that people realise this soon and punish the government at the next election for seriously endangering us with these actions.

15
0

UK Parliament waves through 'porn-blocking' Digital Economy Bill

Graham Cobb

Re: Stazi

The Stazi is exactly the issue. If you get the chance, I strongly recommend visiting a Stazi museum. I went to the one in Liepzig, which played a pivotal role in the fall of communism. It is so scary to see how close the Stazi came to preventing the popular, peaceful protests which led to the fall of the Berlin Wall. And that was with 1980's surveillance techniques.

If the Stazi had had modern internet surveillance tools, they would have had no problem at all in keeping full control and Europe would look very different today.

I would love to see a Stazi museum in the Geek's Guide! “Those who fail to learn from history are doomed to repeat it”

11
0

100k+ petition: MPs must consider debating Snoopers' Charter again

Graham Cobb

Re: People. The person you need to write to is your MP.

Done. Here is an extract from my letter...

A bill which effectively provides a police "tail" on all members of the public at all times while they surf the internet, just in case it may be useful in the future, is not acceptable in a democracy, only in a police state.

15
0

No super-kinky web smut please, we're British

Graham Cobb

Re: TOR & VPNs

I did it after checking if I wasn't cutting out valid visitors.

But that has just changed. As a matter of principle, as soon as the IPBill was passed, I changed my normal web browsing from my main personal PC to go via various foreign VPN proxies. I have been using it for several days now, including things like reading this site and many purchases.

Any company that wants my business from now on will have to accept connections from anonymising sources. I don't suppose I am the only one.

0
0

IETF plants privacy test inside DNS

Graham Cobb

Re: I'm confused

I think you missed three things:

1) IP address to name reverse lookups are not unique. I can look up many different names to get the same IP address. This is particularly relevant when reading blogs (thousands may be hosted on a single server, including many bland ones and some radical ones) and can also be relevant for CDNs.

2) You may be using a VPN, a proxy server or even Tor to protect your network connection but many browsers still look up the name first (for example, that is the default configuration in the version of Firefox I use).

3) A matter of principle: name lookup and network connection are separate issues and both need to be protected (otherwise your question could just be raised the other way around).

3
0

GSMA: 5G at risk if governments don't get their acts together

Graham Cobb

5G isn't really about consumers or mobile phones. It certainly isn't about phone calls (nothing since 2G has really been about making those better, although 3G and 4G have made voice cheaper/more efficient for operators to carry, arguably contributing to the massive drop in price for calls).

It is much more about other uses of mobile data. That includes machine communications (everything from very low power remote sensing to high speed, low latency remote control) and business uses (e.g. remote access to business applications by travelling sales people). The only real consumer driver of 5G may be VR gaming (while on a train, for example).

Although we can expect that once higher speeds and (very importantly) lower latencies are available then apps will be developed to use it. But it will take more imagination than I have!

0
0

ARM: Hold my beer, we'll install patches for your crappy IoT gear for you

Graham Cobb

Re: OK, so the dystopian-but-realistic solution is...

I am interested in your ideas on how the ISPs identify a connection with problem equipment.

How can an ISP tell by watching my DSL pipe that IoT device on my home network is performing a DDOS rather than its normal job? No one device needs to be sending unusual numbers of requests as there are some many devices involved. And the requests might even look like valid DNS lookups (for example).

Also, I suspect small businesses are probably much more of a problem than consumer lines. Small businesses are much more likely to have things like cameras and crappy, cheap, video recorders connected to them and visible from the internet so the owner can monitor if they are worried or the burglar alarm goes off. They also have business T's & C's which may make it expensive to cut them off.

0
0

No, Russia is not tapping into Syria's undersea internet cables

Graham Cobb

Re: Why bother?

Maybe the Yantar is there to stop other countries tapping the cable?

Russia have taps installed on the Syrian end courtesy of their client state (Syria); the US have taps installed at the Cyprus end courtesy of their client states (Cyprus, but probably operated by the UK); neither side has any desire for other players (Israel, Saudi Arabia, China) to be able to install any more taps.

9
0

British jobs for British people: UK tech rejects PM May’s nativist hiring agenda

Graham Cobb

The real problem is that if it turns out that staying in the EU really is the best option* then what government would be brave enough to go back to the electorate with that proposition?

It is a problem. I had hoped that the government would be planning to do that. After all, with the vote being 12-13 all they needed to do is to make the smallest change necessary to get the least convinced Brexiter in those 25 people to change their vote and it would get majority approval. So, no need of talk of a "hard Brexit" or any substantive changes at all (just changing the name over the door would probably be enough -- just call us associate members or something).

But the process seems to have been overtaken by (i) personal ambition (Boris) and (ii) internal Conservative party politics (May) and the likelihood of doing whatever is best for the country has gone out of the window.

10
0

New GCHQ unit: Psst, breached biz bods. We won't rat you out to the ICO

Graham Cobb

Re: “If you haven't phoned me and told me about it, I will phone you"

While I strongly support the ICO (and, indeed, the public) being informed of all data breaches it does seem reasonable that this organisation would say "you have a duty to report that to the ICO, but we are not going to get involved in that". There is a role for an expert group who can advise companies without insisting they make the report.

Of course, these sorts of chinese walls, for the public good, are exactly what the government seem determined to break down in our personal lives. I see no reason why companies should be able to get the benefit of good advice while possibly breaking the law and yet individuals do not have the option to keep data required by one government department separate from data supplied to another.

For example, it is in the public interest that people get prompt treatment for possibly communicable illnesses so we need to make sure that doesn't mean they will be grassed up to other government depts.

1
0

BT will HATE us for this one weird 5G trick

Graham Cobb

Re: Which London?

I like the idea of renaming "bus lanes" as "cycle lanes" (but still allowing buses and taxis to use them as guests). I wonder if the nudge unit have looked at that?

9
1

Inside the Box thinking: People want software for the public cloud

Graham Cobb

Re: WHAT????

To be fair to the Reg, I think your response comes from the large enterprise point of view. There are many, MANY SMEs who would find the Box service very attractive. Most of them are stuck in the 90's and have no idea what they could be doing (with a file server, let alone Sharepoint) and these cloud-based services are a good way to bring them forward to today's technology.

They really don't have the same issues around regulations, sensitivity, or even availability. Their existing business-critical data is probably not being backed up at all and is easily readable if someone breaks a window and nicks the finance clerk's PC.

If you run a local estate agent firm, with 10 shops and 100 employees, having cloud backup, document management, data sharing and mobile access would be a great benefit.

And don't forget that SMEs make up about 50% of private sector employment in the UK. Half of private sector workers seems like a reasonable target for Box to be going after!

0
0

Facebook pays, er, nope, gets £11m credit from UK taxman HMRC...

Graham Cobb

Re: Public infrastructure?

What public infrastructure would that be?

Is that a genuine question??? Functioning economy, civil legal system, regulated financial services, criminal law & police, available employees, education, healthcare, transport, defence, international trade agreements, rubbish collection, ...

5
0
Graham Cobb

Re: The system is broken

And ultimately who pays the tax on "profits" ?

Hint - its the same mugs that pay pay VAT

No, that isn't always the case. It is only the case if the company can raise prices as it likes. In a competitive environment, the tax (or at least part of it) will be being paid by the shareholders because a competitor making less profit will pay less tax and will be able to offer a lower price.

1
0
Graham Cobb

Re: Blame Game

I think "it's Facebook's fault" or "it's HMRC's fault" is way too simplistic - the problem is inherent in the system that we have, and the only way of changing it is through systematic change in how tax is collected.

No, it is definitely Facebook's fault. No one else. There is no law requiring them to arrange their business to minimise their tax: they choose to do that. In response, I choose not to do business with any company which does not pay a "reasonable" amount of tax. If they want my business they will need to show they are paying considerably more tax in the UK.

Just because their actions are legal does not mean that their actions are necessarily in the best interests of their business.

4
9

FCC keeps secret Google TV landgrab under wraps forever

Graham Cobb

Genuine question

What on earth does virtual headend have to do with YouTube? I am not sure I am in favour of virtual headend (I would like much more choice and openness in on-premise devices) but I don't understand why you think it is good for Google?

2
0

EU's YouTube filter plan was revised '37 times'

Graham Cobb

Don't be silly, Andrew. There are many good arguments for copyright but the "old book sells and everyone gets paid except the author" one is absolutely not. When I sell my house for a massive profit everyone gets paid except the builder.

There is no moral right to copyright. There is a purely pragmatic right, to encourage the creation of expensive to create but easily copied goods such as art or software. The argument is about what the terms need to be so that society is paying the price it needs to to encourage the creation of the goods it wants.

1
2
Graham Cobb

Creating a new right just makes money for lawyers

There is no evidence that a new "Related Right" is needed. Any publisher who wants to insist that Google pay before indexing their news can just block the Google spider using robots.txt. I have not seen a single claim that Google is ignoring a "keep out" notice in robots.txt.

Until there is evidence that Google is ignoring robots.txt, the last thing we need is more special-case copyright law. This will just lead to unintended consequences as some troll sees a strange way to interpret the law and apply it to cases other than the news publishing which is being used to justify it. And no one can predict how the CJEU will end up interpreting it!

The only people to make money from this will be lawyers, making weird arguments for judges to then make unintended rulings.

3
0
Graham Cobb

Be careful what you wish for

The "that's a nice link you've got there" protection racket (known more commonly as the link tax) will result in absolutely zero revenue for the publishers and will just result in the death of independent and investigative news. Which I think we can all agree would be a bad thing, whether you are an SJW or not.

What news publishers should be fighting for is a significant increase in the hosting protection in the E-Commerce directive. The recent Facebook news censorship (the Napalm girl photo) shows that platforms today are insufficiently protected and hence are forced to act conservatively and censor news publications. That completely undermines the freedom of the press.

Why are news organisations called "the press"? Because they owned their own printing presses and could literally print ANYTHING they liked, without needing permission from anyone else! Of course, if they violated laws or community standards they were held responsible. But only AFTER publication -- after everyone had a chance to read it. There are many instances of brave news organisations printing illegal or distressing material, or violating court injunctions, and some have even been killed for it. We cannot and must not allow press pre-censorship in the future.

Unfortunately the future of news is on the platforms (Facebook, Google, Twitter, etc). Those platforms need to have the right, in fact the duty, to make visible everything a news organisation publishes. Even if it is illegal. And they must not be held responsible: the news publisher must be responsible.

I am not saying that everyone should have the right to publish without interference. And I realise that determining whether someone is a "news organisation" or not is fraught with difficulty. But it is not impossible (we already have some laws which treat journalists differently from others) and the time of the experts in Brussels would be better spent on that problem.

The "Napalm Girl" photo was a major factor in turning US public opinion against the Vietnam war. What is going to happen if the 21st century Syrian version of the Napalm Girl photo is deemed to be child abuse and blocked from Facebook and Google?

2
1

Australia wants law to ban de-anonymisation of anonymous data

Graham Cobb

Re: ABS crypto hash

This is the real issue.

Making de-anonymisation illegal is an important point in protecting against many commercially-oriented threats. For example, insurance companies abusing medical data that they may have been given access to for research purposes in order to set premiums (for individuals, geographic areas, etc). A law will probably prevent commercial players from doing it (and provides a context for compensation if they do so).

But, it does not protect, in any way, against abuse by government (for example a future government deciding to send all muslims to internment camps, or something). That is the threat which has to be shown to be completely impossible if people are to be persuaded to provide intrusive personal information. To protect people against this sort of abuse it is essential that really intrusive data like census data is aggregated immediately, and the raw data not retained at all.

Yes, it would be nice to be able to go back to earlier data to look at it in a new way in years to come; but if allowing that possibility just means people won't tell the truth the data becomes useless not just in the future but even now!

1
0

EU law: Brussels burps up aspirational copyright tweaks

Graham Cobb

Unusual support for Google

Its unusual to see El Reg (particularly Andrew) giving such strong support for Google!

The requirement for platforms to "prevent the availability on their services of content identified by rightholders" immediately kills off any startup trying to compete with YouTube, as they are not going to be able to implement a feature like ContentID. Personally I would much prefer Google to be open to competition, particularly from European alternatives that take into account European cultural priorities, like data protection.

In addition, it also kills off any use of internet platforms for legitimate non-infringing uses of content, such as the new exceptions they are so keen to talk about!

Note to editors: copyright is not, and never has been, an absolute right. Whether use of a particular piece of content requires a licence depends on the type and purpose of use, and other aspects of the context. And the decision on whether new content infringes rights in an earlier content is up to a jury to decide (there are many cases where this decision has been extremely difficult to predict).

1
0
Graham Cobb

Digital single market

The EU expanded so hastily there are huge disparities between income and spending across the region. Issuing grand decrees from Brussels that wish the digital single market into existence doesn’t change that.

You can argue about whether the differences in income and spending mean a single market is a good idea or not. On balance I think it probably is, although I am no economist.

But I don't see how anyone can argue that a single market is good for physical goods (including fashion, cars, iphones) but not for digital goods (like media).

4
0

Google-funded group mad that US Copyright Office hasn't abolished copyright yet

Graham Cobb

Re: Your paranoia is showing, Andrew

But when it comes to products from a person's mind (a song, a book), suddenly it's something else and the creator is not allowed to own it in the same way.

On the contrary, like all property they can own it until they choose to sell it or give it away. It is you who are trying to claim that IP is somehow different from real property! If I build a house I can sell it to someone. They can do whatever they like with it, including sell it to someone else or build an extension. They can even copy it and sell the copy if they want.

Without society's gracious willingness to give IP some additional protections to the normal rules of ownership that is all that creators would have. The first time they sold someone their book, or played their song, the item would be available to be sold on, or copied. That is how property works. However, society is aware that in that case artistic creation would not be worthwhile (copying a book has always been a lot cheaper than copying a house) so we have granted creators additional rights, beyond the right of ownership, to limit copying for a limited time.

Of course that is worthwhile (as I said, I believe copyright has value). But don't try to pretend that there is some sort of "natural right" involved. There is not. Your only "natural right" is to be able to sell each thing you create once at whatever price you can get, or decide not to sell it at all. That is what we all choose.

So, there is a bargain to be obtained between creators and consumers. That bargain trades money for limited additional rights (copyright). Like any bargain, the prices involved are finite (copyright can't be unlimited) and will be different for different people. But we have not (yet) found a way for the bargain involved to be different for each person which is why I said the copyright office should be trying to balance: they should be administering the creation of this bargain.

0
0
Graham Cobb

Your paranoia is showing, Andrew

I don't like Google either, but I don't think you should ascribe everything that you think is wrong with copyright to Google.

Like you, and many others, I am a rightsholder. Although I don't post photos, I do write and release open source code under the GPL. I value copyright. However, that doesn't stop me:

1) Wanting to change copyright. It is, indeed, much too long, and it needs to be much more restricted. I am willing to give creators a very limited monopoly for a very limited period of time. If that isn't good enough for them then stop creating -- that is fine by me (but I am confident they won't).

2) Believing that the job of the USCO, and all other the administrative and legal arms of the government, is to balance the interests of rightsholders and users, not to "further the interests of rightsholders".

12
3

Delete Google Maps? Go ahead, says Google, we'll still track you

Graham Cobb

@ Chris 125, choice is very welcome. If those services are useful to you, and you have chosen to use them and pay the price, that is fine. Is it not obvious to you that there are other people who do not need/use those services and hence are not willing to pay (with private information) for services we don't use?

I still can't see a single downside.

It is about protecting choice, so those of us who wish to decline some offers and accept others can do so.

Would the price still be fine for you if Google said the only way they would offer the services is if you agree that they can record all your conversations (not just calls) and publish them on the internet for everyone to listen to? I am sure you would decide that was not a price worth paying. What if they said "OK, we will only allow companies who have a business relationship with you to have copies of all the conversations". Probably still not acceptable. What about "OK, we will only give them access to conversations where their company name is mentioned". Maybe you would think about that. Or "we won't give them the actual audio -- we will analyse the conversation and give them the gist of it". A few more people might agree to that. Or "we will not summarise the conversation at all, just tell them that you were talking about them". Several more would sign up.

My point is that we all have different assessments of the value of our privacy. No one is comfortable with no privacy. Your assessment of the value of your private conversations will be different from mine. That is fine -- but we should all be able to make those trades at the price we are willing to pay.

6
0
Graham Cobb

Re: What's the problem really?

If you don't care, that is fine for you. Feel free to enable all the snooping options. But some of us do care about our privacy.

Partly it is just because it is my data, and none of anyone else's business. If they want to buy it from me with an offer of some benefit in exchange then fine: I will consider the offer and take or leave it as I choose. But they have to be clear and open about it, and I have to have a free choice.

Also it is a matter of principle. It is unlikely anyone really cares about my data. But there are plenty of people for whom this control is vital. Even just for location the list is long, such as journalists, political activists, abuse victims, whistle-blowers, celebrities, etc. If you include control over contacts, audio (microphone access), communications (access to SMS and email) and camera you can extend the list to all doctors, lawyers, politicians, CEOs and anyone with knowledge of a secret that might be worth money to someone.

By making sure that everyone has, and routinely uses, full control we allow those people to have the control they need (and without drawing attention to themselves by using it).

5
0

Petulant Facebook claims it can't tell the difference between child abuse and war photography

Graham Cobb

Re: Facebook can do what they like.

News media such as the BBC and newspapers can, indeed, decide what their policy is (and their readers decide whether they want to read them). And Facebook can do that if it wants to become a media site.

But it claims not to want that, and is trying to attract the media to see it as a channel. In that case it cannot have a policy -- it has to let the media sites publish and be damned.

2
0
Graham Cobb

Re: The issue is News

Actually I don't have a Facebook account -- I have never visited the site.

My post was about what Facebook should do if it wants to attract news media to use it. If they do not believe that Facebook will stay out of editing their content they won't want to use Facebook as a channel. And for those countries where there is some form of press regulation, it needs to do that if it wants to avoid being regulated.

0
0
Graham Cobb

The issue is News

Surely the issue here isn't just that this is a famous, iconic and important photo, but that Facebook is acting as a super-editor for News.

If Facebook want to be a source of news for people, then it needs to get out of the way of mediating between people and their chosen news suppliers. News media need to, and do, take full responsibility for their postings -- Facebook must have a way to clearly label to people that the posting is "news" and will not be censored in any way (even if it may be illegal or deplorable) and is fully the responsibility of the source.

Otherwise, even with the best will in the world, Facebook has become the media organisation and is adding its own views, biases and editorial policies. I don't see how any news supplier, or consumer, could tolerate that. Whether I choose the Daily Mail, the Guardian or Modern Nazi Homes & Gardens as my main source for news, I should not tolerate another party interfering with it.

0
0

You should install smart meters even if they're dumb, says flack

Graham Cobb

Re: Downvoted

Of course it is a bad idea to make it compulsory. Location plays a big factor in whether solar is feasible/useful for any particular house, as well as the design and orientation of the roof. Personally I think it is likely to be of marginal benefit in most UK locations (especially taking into account ongoing costs such as maintenance, cleaning, etc).

If you had said "make it compulsory to do an assessment for PV", that would be fine. It wouldn't be sensible to make it compulsory to actually install even if we were living in California!

19
1

EU will force telcos to offer 90 days of 'roam like home' contracts

Graham Cobb

That's not abuse, that's using the services offered, within the law. If incumbents in, say, Belgium don't like that others offer lower rates, then they are free to cut their prices to match.

I haven't read the regulation but aren't you misunderstanding it (or am I)? I don't see anything in the article saying that a telco cannot offer free roaming for more than 90 days, just that they cannot be forced to do so. If an operator in country X wishes to offer inclusive EU roaming all year, for a total price less than a Belgian deal, they can still do so.

The change is to avoid all mobile prices in low income countries rising because people from high income countries would use their deals and then "roam" all year. Of course, it can be argued that that price levelling is exactly what the single market was supposed to achieve (it was supposed to lead to income levelling as well).

1
0

BA check-in system checks out: Staff flung back to cruel '90s world of paper

Graham Cobb

Re: BA FLY Software

Sounds like the usual VPN problem with networked printers on a different subnet. Google for "split tunneling" for the best solution. Installing CUPS (the standard Linux printing software), presumably on a spare server somewhere, seems overkill.

8
0

Radicalisation? UK.gov gets itself in cluster-muddle over 'terrorism'

Graham Cobb

how do we say we're against a particular group in this modern pc sjw world, without offending any precious little diddums?

"We are against terrorists". There, that was easy, wasn't it?

29
0

Facebook, Twitter and Google are to blame for terrorism, say MPs

Graham Cobb

Re: muppetry

This is an important point: people who are progressing in society, and see it delivering positive results for them and their peers, are unlikely to try to destroy it.

Of course, they may decide to help destroy a different regime (e.g. Syria, or Spanish nationalists in the '30s), which is likely to lead to further radicalisation. But the answer to that is not forcing the ISIS propaganda into the underground, with special apps etc (thus increasing its attractiveness to teenagers) but is sensible and effective counter-propaganda. This is a case where the US axiom that bad speech should be dealt with not by bans but by more (counter) speech is definitely true.

As for "Prevent" -- it is toxic and needs to be very publicly killed. If the Muslim community can come up with some alternative that gets support then fund that. Otherwise, just spend the money on the community anyway. What is important is that teens and returning fighters can see their community working to improve lives. Take that anti-everything energy and try to redirect it into (more constructive, although still anti-establishment) political and community activity to improve the lives of those around them.

A bit like Keith Vaz used to be known for, before he got old.

2
0

UK's mass-surveillance draft law grants spies incredible powers for no real reason – review

Graham Cobb

Re: Looking at this the wrong way round

You are partially right (that is why I said "in the past") but it could still be a lot worse. And these powers are a further step along that road.

I believe we do have a choice. That is why this report has been created. The securocrats need the general public (and the press!) to be looking at the benefits and not paying attention to the downside.

I still have a really strong memory from my childhood: in the 1960's as a child under 10 I lived in East Anglia, surrounded by USAF bases, with "Protect and Survive" classes and under a very real threat of being amongst the first to be annihilated in a nuclear war. I used to lose sleep worrying about it. My parents did not try to tell me "don't worry, it won't happen". They told me why we needed to stand firm against the enemy: we needed to stand up for British values of freedom. The main example they used was that in Communist states you had to carry your papers and they could be inspected at any time, but that in Britain you had the right to not identify yourself at all and no one could do anything about it.

16
0
Graham Cobb

Looking at this the wrong way round

This review seems to have got completely the wrong end of the stick.

Of course there are good reasons for invasive powers. And, of course, the people proposing them generally intend them to be used for good. The question that needs to be analysed is not "are they useful?" but "what is the downside?". Of course a police state will reduce crime: the reasons we haven't allowed one to be created in the past is not because we like crime but because of the other effects it has!

My question to Anderson is "what stops bad people abusing these capabilities?". I believe the answer is "very little". And hence the risks of allowing these capabiltiies to even be created far outweigh the potential benefits.

Examples of real, documented and uncontested abuses which have happened even with the more technologically limited capabilities of the past include:

1) Monitoring and disruption of democratic political parties and trade unions [since the 1970's, at least]

2) Victimisation of innocent and human-rights-protected activism [cf. John Catt]

3) Abuse of access to records and data for personal revenge by "bad apples" in the police and security services [cf. several scandals involving looking up or investigating sexual partners]

4) Witch-hunts for whistle-blowers in both private and public organisations (including telecoms companies, local government, and many others).

5) Interference with freedom of the press, privileged communications with lawyers and political contact with our MPs.

Where does this report investigate the dangers of the massive acceleration, cost reduction and easier concealment of these abuses with the new proposed powers and new technological capabilities? We must reduce surveillance because of these concerns, not increase it!

40
1

Ad-blocking ‘plateaus’, claims hopeful ad industry

Graham Cobb

Re: Ad-blocking 'plateaus'

I enjoy verbing nouns and other words and do so whenever I opportunitise.

8
0

How many zero-day vulns is Uncle Sam sitting on? Not as many as you think, apparently

Graham Cobb

Re: Snapping up cheap spy tools, nations 'monitoring everyone'

A false dichotomy. Third options are actually much less difficult than in the past. The keys are education and opportunity for as many people as possible: enlightened self-interest is the best defence we have against both anarchy and the police state.

0
0

Microsoft and pals re-write arms control pact to save infosec industry

Graham Cobb

Re: I won't sell you a weapon...

I see your point but I don't think it is as hard to draw the line as you think.

Wassenaar is not about stopping a gangster buying a gun. It is about stopping nation states buying extremely high-level weapons to use against other nations or their own people.

So, it really doesn't need to be about preventing access to knowledge of vulnerabilities (after all, any information available in the US will be easy to get hold of elsewhere). Nor is it about stopping crooks building new attacks. It isn't even about stopping "bad" nations from creating their own "Hacking Team" -- as long as they are having to do their own development they will be some distance behind us. It is really about stopping commercial entities (such as the real Hacking Team) from developing and selling weapons to anyone who can pay.

I think the issue will be over defensive uses: does Wassenaar really want to stop Microsoft, etc selling defenses against our weapons.

1
0

Thermostat biz Nest warms to home security, touts cam with cloud storage subscription

Graham Cobb

Does it register with the Information Commissioner’s Office?

Two questions:

1) Is it secure or can hackers watch it like with most internet-connected cameras?

2) Does it come with automatic registration with the Information Commissioner’s Office as a CCTV operator? And does Nest handle Subject Access Requests to allow people to see the CCTV images you record of them?

8
0

UK gov says new Home Sec will have powers to ban end-to-end encryption

Graham Cobb

Re: A suggestion

The "safe spaces" aren't going away, whatever the government might do. That cat is well out of the bag. And it is a good thing too: it is a small step towards restoring law enforcement's powers back to historical norms. The last decade has been a complete aberration in police/spook intrusion.

But, even if they don't agree, there is nothing they can do except make life hard for ordinary people. All this will do is massively reduce the UK's international competitiveness -- great idea at the time of Brexit!

34
0

Salesforce bins all Android phones bar Nexii and Galaxies

Graham Cobb

Re: I believe they've made the correct choice

business users ... up to date with a relatively rigorous older version retirement scheme

Ha, ha! I think more and more companies are extending their mobile lifetimes to reduce cost (my employer is large and has just recently extended it again).

But the SFDC decision will please sales people everywhere! They now have an unbeatable business justification to ignore the company policy of "no replacements until 36 months, and even then only if it is broken". New handsets every 6 months -- and only the highest-end models!

0
0

Comms intercept commish: There were some top secret orders

Graham Cobb

Department for Business, Innovation and Skills?

The only reason I can think of would be industrial espionage, presumably directed at foreign companies.

And presumably the reason the PM blocked the commissioner from investigating it, and is busy rapidly cancelling it, is because he discovered some of it was directed against the US.

2
0

Theft of twenty-somethings' IDs surges

Graham Cobb

Don't lie -- just refuse to do business

I wish that more people would just refuse to do business with companies that want intrusive information.

If a company asks for date of birth, or a phone number when they don't need it, I refuse to do business with them. I don't make something up. More often than not, I tell them that I would have done business with them but am not because of their nosy data gathering.

I started this when I got my first bank account in the 1970's. In those days, some shops wanted me to put my address on the back of a cheque, even if it was guaranteed (young'uns can ask their parents about something called "cheque guarantee cards"). I refused and, if necessary, walked away from the transaction.

If fewer companies were asking for personal data it would improve general "data hygiene" and people would be less willing to share.

2
0

Page:

Forums