* Posts by Raumkraut

424 publicly visible posts • joined 12 Aug 2009

Page:

State Department finds 22 classified emails in Hillary’s server, denies wrongdoing

Raumkraut

Re: It could be much much worse...

I'm personally not so sure that Trump winning would be as bad as the doomsayers are proclaiming. It's not like the US President is an absolute monarch - AFAIK most every decision they make can be either blocked or overturned by Congress. I can't see Trump being able to get anything too wacky done, before he's impeached on some technicality.

Hillary Clinton says for crypto 'maybe the back door is the wrong door'

Raumkraut

Re: Clueless is an understatement

Services that offer end-to-end encryption with the server unable to decrypt the data would become illegal.

You know how some films used to use "Banned in <country x>!" as a badge of merit? I can see a similar thing happening with consumer security products.

Coming soon - The messaging platform the US government doesn't want you to know about!

Cyber security buck stops with me, says Dido Harding

Raumkraut

what is the "format" above encryption?

Not having the data in the first place. Which I believe was her point about the "tokenisation" of the credit card numbers - apparently they explicitly did not save six of the digits which make them usable.

Child abuse image hash list shared with major web firms

Raumkraut

Re: Drop in the ocean

According to TFA, the 19,000 number is just for the "worst of the worst". The PhotoDNA wikipedia article mentions that "Project Vic" has a database in the millions of hashes.

Raumkraut

cryptographically broken and unsuitable for further use

"Cryptographically" being the operative word. In this case, it's not being used cryptographically.

for important things - like anything approaching censorship or criminal justice, perhaps - I don't think we should be using MD5

In their defence, it's entirely possible that they started using MD5 for this purpose before MD5 was so widely considered useless. And since it's a criminal offence to have possession of the images in question (exceptions notwithstanding), they may no longer have the source images from which to generate new hashes. However, they certainly shouldn't be using it for new images, and given the inclusion of PhotoDNA hashes in the programme, it's entirely possible they no longer do so.

That said, I would certainly hope they do a more detailed check than just comparing MD5 hashes, before breaking your door down in the middle of the night.

I'm a dreamer, I know.

Net neutrality debate: If startups want to rival Google, they must show some green to telcos

Raumkraut

It's only a scratch

By our reckoning, they would pay a couple of percent for this in the form of revenue-sharing.

A couple of percent to Deutsche Telekom, a couple of percent to BT, a couple of percent to Verizon, a couple of percent to Virgin. How many ISPs are there in the world again?

Or perhaps he means they should pay 2% of the revenue from each customer to that customer's ISP? Which still means there needs to be infrastructure and employees to manage the incredible complexity of the resulting accounting needs. Not to mention what happens when one customer accesses the service from both their home wifi and their cellphone connection, and perhaps also from their work wifi, or at the library?

Either way, I can see the costs of such schemes easily exceeding 100% of a small company's per-customer revenue.

...

Besides which, isn't the entire point of companies like Akamai that they aggregate the "servers at every ISP" model, for smaller companies which don't have the resources or clout to do it themselves?

LASER RAZOR blunted by KickStarter ban

Raumkraut

So what is it?

[The] video from the project's KickStarter page suggests there is a prototype in existence, but not a very effective one: the device does knock off a few hairs, but is a long way short of the experience of pulling a conventional razor down one's skin and having the majority of hairs beneath the blade cleft.

Isn't that the very definition of a prototype? Something which proves the concept, but needs more work to become a finished product?

Facebook's UK wing paid just £4k in corporation tax last year

Raumkraut

Re: Companies don't pay tax

Companies don't pay tax, people do.

Given that actors in modern economies are all so intricately intertwined, it seems to me that making such a distinction is pretty much meaningless, except to push a political agenda.

Sure, a tax directed at companies will affect the amounts they give and take from people. But conversely, a tax which is directed at people will also affect the amounts they're willing to give and take from companies.

Any tax is really just a tax on the economy as a whole, so who has to pay any tax should really be decided solely based on where is most efficient to extract it.

Silicon Valley now 'illegal' in Europe: Why Schrems vs Facebook is such a biggie

Raumkraut

Re: A future Enron

The argument here is complete bollocks. If data were held in, say, Ireland the USA would need to request an Irish court to release the data. If the Irish court was satisfied that there is good reason then it would probably order a release of the necessary documents, much as it would agree an extradition of a person.

In the Microsoft case, the US government could indeed have asked the Irish courts for the data. The fact that they haven't, and are pushing this issue through the US courts, suggests to me that this is not about getting this particular data from Microsoft, but about setting a precedent.

If the US government can get a legal precedent set, that US corporations must hand over data wherever it lies, then they wouldn't have to get cooperation from, or even inform, other nations that information was being requested.

Raumkraut

Re: Let me count the ways...

First up, of course emails are not private - that's laid down in the spec.

I'd argue that private correspondence can still take place using postcards. Just because someone might overhear or see what you're saying, doesn't necessarily make a one-on-one conversation public.

What 'personal data' is there?

Even if the email is encrypted, there is still personally-identifiable metadata - sender email address, mail client headers, IPs, etc.

What's more, it would be absurd to argue that the recipient is the one sending data to Google - that is, obviously, what the sender has done. Again, that's by definition.

Sort of, but only indirectly. If I send a postcard to a PO Box in Bristol, and the person managing that PO box has instructions to forward everything to an address in Kentucky, did I send that postcard to the US? Or did the post office do that, at the behest of the PO Box owner?

Email is somewhat similar: When most people send an email to bob@smallshop.co.uk, they firstly hand it off to their ISP or email provider, whose email server checks the DNS of smallshop.co.uk for where to send the email (ie. smallshop.co.uk are instructing the email server where to forward the message). If that destination server is in the US, well then.

Fast, wireless access to Tor? Just maybe

Raumkraut

Re: A Quibble

Yes, AFAIK the Javascript and WebRTC (and Flash) vulnerabilities are/were purely about side-stepping the Tor connection (ie. not using the configured proxy) and thus leaking your real IP address over your normal Internet connection.

If your machine's *only* internet connection is through Tor, then there's no IP address *to* leak, except maybe your local wifi one (192.168.x.x or such).

FBI: We unmasked and collared child porn creep on Tor with spy tool

Raumkraut

Re: Polygraph?

These aren't worth the paper they're written on. This aspect of vodoo crime fighting has always troubled me.

Voodoo can be very powerful when the subject believes in it, and people have long been fed a diet of Hollywood polygraphs which work.

Child abuse, drug sales, terrorism fears: Why cops halted a library's Tor relay ... for a month

Raumkraut

Running a TOR exit is not the same as using a knife. It's the same as giving free knives to anyone who wants them.

An even more apt analogy might be that of Libraries themselves; lending books to anyone, without logging who reads what.

Do libraries stock the classic novel "Lolita", despite it possibly attracting paedophiles?

Do libraries stock books on the history of the middle-east, despite them possibly encouraging religious extremism?

Do libraries stock chemistry textbooks, despite them possibly being useful to manufacture illegal drugs and explosives?

Obama edges toward full support for encryption – but does he understand what that means?

Raumkraut

Voluntary cooperation

By voluntary cooperation, what is the White House saying?

Given the context of the document (where support for backdoors isn't even an option), and even the paragraph in which the sentence in question appears - the context of aligning others to a policy encouraging encryption and discouraging backdoors - I'd suggest that the memo is speaking of tech companies voluntarily cooperating with implementing strong encryption and discouraging backdoors. Lawd knows there are still enough tech companies which still need to pull their fingers out and encrypt all the things.

So if that's the sole sentence that could be found - in an 11-page memo - which could be construed as objectionable, then I think that's a pretty damned good memo.

US gov to Apple: COUGH UP iMessages or FEEL our FEDERAL FROWN

Raumkraut

Faith no more

There are some circumstances under which messages could feasibly be accessible to Apple. ... however that's a hypothetical scenario and there's no reason to think Apple hasn't kept the faith.

I'd think that being served a court order to intercept that traffic is quite a reason.

If they have even a hypothetical ability to intercept traffic, to not attempt to put that ability into practise could well be seen as breaching that court order.

Sacré bleu! Apple, Nokia, Samsung et al end their three-year sulk over 'home taping' tax

Raumkraut

Re: Blank Media

You don't use any hard-drives, SD cards, or memory sticks? I don't know about France, but in some jurisdictions those certainly count as "blank media".

Makes me wonder if they've also lobbied for the tax to apply to RAM as well. After all, I can create a logical disk entirely in RAM, and store copies of files in there.

Europe yawns at EU robo-commish Ansip's digital plans

Raumkraut

I think you'll find almost all goods are priced differently in the UK, France, Germany and Bulgaria. Haven't you noticed this before. Do you never leave the UK?

Nobody was arguing that, Andrew. The argument was about being able to go to another country and buy the good, without (I think) import duty, taxes, or restriction - thanks to the European single market.

...

A more useful counter to 42's comment would be to say that: Yes, you have the right to go to a more distant ASDA and buy your groceries. However, that ASDA have no obligation to *deliver* groceries to your particular address.

Comparatively, you have the right to go to Estonia to watch Estonian football, but the Estonian broadcasters can decide (via contractual relationships with suppliers) not to *deliver* the content to you in the UK, Belgium, etc.

So the question is more like: should cheese makers (blessed be they) be allowed to contractually prevent Morrisons from providing home-delivery of their cheeses outside of the UK? Or "L'Asda" outside of France? Or Teskyyäää outside of Finland?

Raumkraut

Hollywood licensing

Opponents to the plan say the winner would be Hollywood, which can license its generic lowest-common-denominator material at low cost across Europe

They don't already?

Seems to me that the only ones who can't already license their material at low cost across Europe are the smaller national producers, who may not have the resources to negotiate dozens of different agreements.

Security tool bod's hell: People think I wrote code for Hacking Team!

Raumkraut

Re: not possible

Could he put in a clause that says that any use of the code for profit making ventures needs to obtain permission from the author, subject to being sued?

No. The GPL does not allow for any additional restrictions to be placed on the use of the software.

This is the reason why GPL software is incompatible with the iOS app store - IIRC Apple limits the number of devices you can install on, etc. (yes, there is some otherwise GPL'd software on iOS, but they are generally using proprietary relicensing - ie. the version for iOS is not GPL'd).

Project Morpheus VR headset hands-on at the Sony Summer Showcase

Raumkraut

Re: Sir

I miss Hazeron.

EDIT: Holy crap, Hazeron came back!

Rise of the swimming machines: US sub launches and recovers a drone

Raumkraut

We're gonna need a bigger drone

So they finally invented WSKRS?

DOUGHNUT (donut?) and whale FOUND ON PLUTO

Raumkraut

Now go away or I shall overload your CPU a second time

Now I don't mean to cause surprise and alarm, but judging by the gigantic equatorial croissant on the right of the image, I suspect the French got there first.

Inside the Open Container Project: Docker sings kumbaya

Raumkraut

Re: Well...

seems to have worked out all right in the end

This is not the end. This is not even the beginning of the end. But it is, perhaps, the end of the beginning.

Ex-Microsoftie in worthless Euro netizens data security promise

Raumkraut

Location, location, location - irrelevant, irrelevant, irrelevant

With Zettabox your content is safe from cybercriminals and foreign government intervention.

The only way for that to be really true is if it uses full end-to-end encryption; where only the user/customer has the keys to decrypt the data. And if you use full end-to-end encryption, then it doesn't really matter where the data is stored, because getting access to the encrypted blob doesn't get you anywhere without the keys.

From what I've read about Zettabox, I very much doubt they use full end-to-end encryption.

NY, Connecticut investigate Apple for Music service violations

Raumkraut

The Taylor Swift withdrawal method

Most notably, pop star Taylor Swift withdrew her music from Spotify in protest against the freemium model.

I heard that Swift removed her music from Spotify so that people would be more likely to buy it outright, which would be more profitable. Though I'm sure she did, in fact, do it entirely out of principle, and the imminent release of her new album at the time was purely coincidence.

Secure web? That'll cost you, thanks to Mozilla's HTTPS plan

Raumkraut

It isn't just about businesses with developers, it's about typical users with their own .me domain name hosting their blog about their kitten

So in your mind, the "typical user" runs and maintains their own VPS, on which they manually install and configure wordpress and apache? And, despite their apparent server-side expertise, they're incapable of adding a few lines to their apache config to enable SSL?

Are you sure the "typical user" won't actually be using a hosted service for their blog, where all the complicated back-end stuff is actually done by a business with developers?

Yay for Tor! It's given us ransomware-as-a-service

Raumkraut

No creativity among thieves

Of course, this is not to be confused with the legitimate FLOSS Tox Instant Messenger.

In fact, it wouldn't surprise me if the author explicitly took the name from that project to sow confusion, since they apparently also misappropriated the CyanogenMod logo.

Airplane HACK PANIC! Hold on, it's surely a STORM in a TEACUP

Raumkraut

Re: Hrumph

Sorry, looks like I picked the wrong week to give up Airplane gags.

Mozilla to whack HTTP sites with feature-ban stick

Raumkraut

Re: why, why, why... what is the point?

Have you ever used an open WiFi access point? On an insecure, shared, WiFi network, it is trivial to modify plain HTTP traffic to serve up porn, ads, or exploits which install malware on computers.

Do you absolutely trust your ISP? Do you absolutely trust every employee at your ISP? Your ISP can see *everything* you do in plain HTTP. And, like the above WiFi situation, your ISP (and any technical employee thereof) is in the perfect man-in-the-middle position to modify all of your insecure traffic - with or without official blessing of the company.

Or perhaps you are aware of the recent "Chinese Cannon" attack against GitHub? Did you know that the attack was only possible because people weren't requesting websites securely? Something at the same location as the Great Firewall was modifying plain HTTP traffic passing into/out of China, and adding some javascript to pages; causing unknowing users' browsers to automatically assault GitHub.

So then tell me: Why should we *not* secure websites?

Tesla reveals Powerwall battery packs for homes, Powerpacks for cities

Raumkraut

Re: Think I'll wait...

Think I'll wait...For those cheap aluminium batteries we were talking about a couple of weeks ago.

I'm still waiting for those cheap batteries we were talking about last year. And the year before, and the one before that, and the one before that, and... pretty much every year this century.

So I wouldn't hold your breath.

Euroboffins want EU to achieve techno-independence

Raumkraut

What about the multinationals that have info in several jurisdictions, and find they can't move data between them? They'll head for the places with the lightest regulation, as always, and the jobs will follow them.

Unless you're also suggesting that all the customers will also abandon the EU; reducing Europe to a depopulated wilderness of hunter-gatherer communities; then there will still be demand for these services in the EU, which means money to be made.

If the large multinationals don't want to obey the law to get some of that money, then I'm sure there will be some local companies to fill the void, and "create jobs" - probably more (and more varied) jobs than the large multinationals would have needed.

Which appears to be the point.

Microsoft adds Azure VM controls to Virtual Machine Manager

Raumkraut

You say VMM, I say VMM

I thought this was going to be a story about Microsoft contributing to the free-software community. But that VMM screenshot sure doesn't look like the VMM that I'm used to.

I guess Red Hat really are the Microsoft of Linux. At least when it comes to naming software.

So how should we tax these BASTARD COMPANIES, then?

Raumkraut

Re: Individual taxes

The argument here is that only real human beings can actually pay taxes. Alternatively, any and all taxes mean that the wallet of some live human being gets lighter. There ain't anyone else here but us, after all. So, we can charge taxes to legal persons (corporations) but it's always some real person (ie, human) who really pays it.

Is that not entirely tautological? The only reason that only real human beings are the only ones who pay tax, is because you've already declared that only real human beings pay tax.

One could take it from the opposite perspective: Most real human beings get their money from corporations, and give their money to corporations. So whenever we levy any tax on real human beings, "lightening their wallets", it's really the corporations that are having to pay that tax; through higher wages, lower margins, etc.

I'm not sure it's at all productive, or even sensible, to declare that one group or another is "really" the one who pays all the bills; not in the massively interconnected and interdependent economies we have.

Google versus the EU: Sigh. You can't exploit a contestable monopoly

Raumkraut

The moment Google starts screwing over us consumers then we'll bugger off elsewhere.

That's only true if the consumer is informed that they're being screwed over. Who's going to do that? Google?

Google wants Marvin the Paranoid Android's personality in the cloud

Raumkraut

Re: Obvious response:

The obviousness and novelty of patents are judged, not by the patent's abstract (its introduction/summary), nor on media reports of that abstract, nor on commentards' interpretation of media reports of that abstract; but on the actual independent claims identified in the patent application.

Few people, even those who should (ie. media reporting on the patents), bother to actually read the most important parts of patents before criticising their obviousness.

Encryption is the REAL threat – Head Europlod

Raumkraut

Using the Internet

“We are disappointed by the position taken by these tech firms and it only adds to our problems in getting to the communications of the most dangerous people that are abusing the internet,” he said.

Surely the NSA/GCHQ/etc. should have all their own communications on internal servers, so why would they have problems getting to them?

Installing taps on Internet backbones = abusing the internet.

Sending encrypted communications = using the internet.

Google-gate: 'Toothless' watchdog FTC nibbles furiously on journalists

Raumkraut

Anti-trust gnomes

1. Watchdog raises issues with corporation

2. Corporation makes changes to satisfy watchdog

3. ???

4. SCANDAL!

Google Glass NOT DEAD. We're just making it 'ready' says chief

Raumkraut

Re: Glass is dead

It was a vaguely interesting idea but, at this point, with Microsoft's announcement of Hololens and Google's own significant investment in Magic Leap, it's very unlikely that Glass will ever see light again

Why do people insist on comparing Glass to VR and AR headsets? Can people really not see any further than "it sits on your face therefore must be the same"?

Glass' closest equivalents - in terms of actual functionality for the general consumer - are actually smart watches.

For Industrial and medical uses (eg. use during surgery), however, Glass has no equivalent AFAIK.

Authy 2FA app popped by simple, secret, code

Raumkraut
FAIL

User-supplied paths

Faulty input validation is one thing, and the most obvious that people pick up on, but I can't help feeling that this occurred entirely because of a fundamental wtf in the API design:

It introduces path traversal making attacker’s job much easier - you only need to type '../sms' to turn /verify API call into /sms (/verify/../sms/authy_id) which will always return 200 status and will bypass 2FA,

So they appear to be using an HTTP-based API. In the HTTP protocol there are explicit places for communicating user-supplied variables - in the query string or POST body. So why, for the love of Tim, are they putting the (user-supplied) verification code in the request path?

That's just.... no.

Netflix: Look folks, it's net neutrality... HA, fooled you

Raumkraut

It's about trying to keep a competitive market for services on the Internet.

If ISPs zero-rate particular services, then the ISPs are slanting competition toward their preferred winners, rather than the end users choosing the better service.

Also, if the ISPs let anyone zero-rate, but require payment for it, then established players get (yet another) advantage over any innovative new start-ups - who may not have the cashflow to be able to afford zero-rating their service on every major ISP on the planet.

Trolls prevail because good men do nothing: boffins

Raumkraut

Stop feeding the politicians

Don't call them "trolls" like it's some new phenomenon that appeared with the interwebs (and therefore we need new laws to deal with it, goes the reasoning). Such people have been engaging in this kind of behaviour since time began, so call it what it is:

Bullying

Stalking

Harassment

Google Talk is dead, long live, er, Google Talk: Chat will survive app zap, flaps G+ chap

Raumkraut
Thumb Down

Modern stuff like proprietary walled gardens

The US biz said in 2012 it would be working to get users over to Hangouts – which supports modern stuff like video conferencing.

You could do video conferencing using XMPP (Jingle) since well before Hangouts were ever a thing. IIRC Google even added support for it to Google Talk.

Inside GOV.UK: 'Chaos' and 'nightmare' as trendy Cabinet Office wrecked govt websites

Raumkraut

Re: phnaar..

Why on $DIETY's Earth would they want a random link button?

On a large complicated project, sometimes writing a silly little feature that is mildly entertaining, but serves no real purpose, is the only thing which can keep a developer sane. For a while, at least.

Ross Ulbricht, in the library, with the laptop: Silk Road boss found GUILTY of all charges

Raumkraut

Re: Other than

I always thought his defence was going to be along the lines of: "Ulbricht sometimes had access the account identified as DPR, but so did several other people over the course of time, and it was not Ulbricht who performed any illegal acts using that identity."

Though I wasn't there, so I don't actually know how much evidence the prosecution was able to provide identifying Ulbricht as DPR (and the only DPR) at the time that the offences took place.

I wonder if "my lawyer was crap" is a valid basis for appeal?

Hollywood vs hackers: Vulture cracks Tinseltown keyboard cornballs

Raumkraut

Re: Boris?

I think you'll find that Arnold J Rimmer (technician, second class) got there first; during the test to join the crew of the Enlightenment.

BAN email footers – they WASTE my INK, wails Ctrl+P MP

Raumkraut

Re: HEAR HEAR!!!

<font face="Comic Sans MS" size="16" color="hotpink" >Me too!</font>

"~-,._.,-~"~-,._.,-~"~- Raumkraut -~"~-,._.,-~"~-,._.,-~"~-

Posted by Stuart Longland on 8 Jan 2015:

> Especially when said legalese tells the world + sundry that the email may contain "confidential" information and was sent to a publicly-archived mailing list! It seems to be the corporate fashion these days, as is HTML in email.

> I noticed recently my email signature started to show a long legalese blurb, and it was the first thing to go. I participate on far too many publicly archived mailing lists as part of my day-to-day job to have this hindrance to communication.

> I'm also the office Luddite with plain-text emails.

> A few reasons why legal disclaimers should not be placed in email signatures:

> - They are too long to fit in an email signature, which should be approximately 4 lines long, 6 at an ABSOLUTE maximum

> - The content often presumes facts about the email and its intended audience which mostly wind up not being the case or places restrictions which are not appropriate for the intended audience

> - They appear AFTER the email content, so it's only when you get to the footer do you realise "Oops, I shouldn't have been reading that!"

> Due to the last two points, I would suspect they have next to no legal value. Pretty sure for a legal document to stand, the person has to see it and agree to it first before it becomes binding.

> Moreover, email is inherently plain-text unless you've taken steps to ensure privacy (e.g. using industry-standard tools like S/MIME or OpenPGP). Unless you do this, I think it unreasonable to assume any kind of confidentiality over email.

Kim Dotcom vows to KILL SKYPE with encrypted MegaChat

Raumkraut

Re: In this case, it's just a matter of configuring what's already there

Yep, this sounds like yet another WebRTC implementation. I hear about a new "secure video chat" service about every other week these days. Even Mozilla baked one into the Firefox browser itself. I thought that I might get a break over chrimbo, but apparently Herr Dotcom needed his dose of publicity this week.

The problem with the current crop of WebRTC clients is that, while the conversations are direct between clients in a p2p manner, they need a centralised server (website) to provide the routing of calls (aka call metadata), by virtue of the web browser security model.

The most interesting project to me in this space is Tox which, while still being in a rapidly-developing alpha stage, appears to be well functional for text/voice/video chat.

Chrome devs hatch plan to mark all HTTP traffic insecure

Raumkraut

Re: HTTPS is also about privacy

Well, https doesn't encrypt URLs, for one thing. So a snooper can see (the URL of) all pages you visit using https, even if they can't see the content.

Incorrect. HTTPS doesn't shield the destination server (domain/ip address) you connect to, but everything more specific than that is indeed encrypted - including any URLs you request on that server.

Raumkraut

There are not only 2 states.

Chrome has: 1) A green bar for EV-certs, 2) A green lock for a valid cert, 3) A red strike through the "https" when the security is flawed, 4) No indicator for completely insecure sites

Firefox has: 1) A green bar for EV-certs, 2) A green lock and owner info for a valid cert, 3) A big stonking warning page when the security is flawed, 4) No indicator for completely insecure sites

Without any indicator in the case of 4, the effect is to imply that a complete absence of security is better than partial security (eg. no authentication, but protection from passive interference).

AFAICT, this proposal for Chrome is to treat 4 in a similar manner to 3. This appears sensible to me.

Raumkraut

Re: I'd consider "broken HTTPS" far more insecure than HTTP

A broken HTTPS, i.e. something like a MITM or other attack, should set off alarm bells even in the brains of a clueless surfer, but it won't if it shares the same indication as half the sites he browses!

The problem is that it is impossible for the user to know whether there is a MITM if they're not using HTTPS. This proposal is to stop naively acting like HTTP is somehow magically a better environment than, for example, a site which uses a self-signed cert.

Google's engineers are idiots living in their ivory tower, not understanding that not everyone is an ubergeek who implicitly understands this stuff.

So because some people can't be helped, we should throw everyone else under the bus? There is a wide swath of people between "ubergeek" (who don't need this warning to understand) and "dufus"; and some of those people are capable of understanding, if they're given the right cues.

They think they're being clever and will encourage site owners to switch to HTTPS, but there's no point for a lot of sites to ever do so.

If a site doesn't want to prevent MITM attackers injecting malware into requests to their website (among other things) then sure, there's no point.

Page: