* Posts by tom dial

1627 posts • joined 16 Jan 2011

'Toyota dealer stole my wife's saucy snaps from phone, emailed them to a swingers website'

tom dial
Silver badge

Re: Alternatively

According to the report in the source, Dallas News, the pictures were sent by email from the phone, then deleted. The claim, further, is that by the grace of the God of Apps, one of the pastor's apps backed up the sent messages before their deletion, thus preserving the evidence. The only thing that points to three-saint-names, though is that the police are reported to have found that a person of similar name has an account on the swinger site.

At last report, Thomas has not been convicted, which would help the lawsuit, although it is not a requirement as the standard of proof in the civil suit is much less than required for a criminal conviction. For now, there is reason to withhold judgment in the matter.

1
0
tom dial
Silver badge

Re: Unless you're the FBI...

The FBI does not have that right either. They, and other law enforcement officers may apply for warrants, as may their counterparts in many other countries. If the application is granted they have the right to conduct a search as the warrant specifies.

As for the article, it is not clear why the plaintiffs think they have a basis to seek not only compensation, but enrichment, from the dealer who employed the alleged perpetrator or, even more remote, from Toyota itself. The employee's act is said to be a criminal offense, and the agency's sales director has been charged. Dealership liability may depend on details like whether the accused had previous history of similar behavior and whether they knew of it, and if they did not, whether they had done reasonable (probably a jury question) pre-hire due diligence. Toyota's liability may be limited by their relationship to the dealer and details in the documents that govern the relationship. Toyota certainly will not want to set a precedent for future similar claims, but given their likely rarity might end up negotiating a settlement with sealed terms for some fraction of the amount demanded.

1
0

Exclusive: Team Trump's net neutrality guru talks to El Reg

tom dial
Silver badge

Re: Trump appointments

I do not think Trump ever claimed to be a conservative, at least without backpedaling shortly after. Some of his positions and promises were aimed at those who claim to be conservative, but many or most have been creeping off stage since the election. He is no more a conservative than Hillary Clinton is a liberal (current usage assumed).

Obama's minions in the Congress further poisoned an already dirty well in various ways, and Obama lacked either the skill or the will to collaborate with the Republicans in Congress and sometimes even the Democrats. That left him the option of trying to expand executive branch reach by issuing orders and hoping the inevitable challenge would not be turned away by the courts. Donald Trump, come January 20 next, will be in position to cancel every one of them that he doesn't like. That may result in a worse outcome in some cases than if Obama had done nothing at all. The most obvious examples are DACA and DAPA, which by now will have produced a very convenient database of deportation candidates. Nonetheless, Trump will have Obama's example going forward in the event of a truculent Congress. And there is no plausible reason to think the next Congress, any more than the last forty or so, will do anything effective to limit him.

0
1
tom dial
Silver badge

Re: ...

"A large number of individuals - " nearly all of them essentially clueless about communication technology - supported net neutrality as well."

"Packet prioritization, bandwidth throttling and tirered pricing will not inherently create a more democratic Internet." Maybe, maybe not. It is not entirely clear that "democratic," normally associated with group decision making and choosing government officials, is meaningful in the context of network governance. While these many millions were, by and large, vehemently in favor of net neutrality, it is far from obvious that any of them has benefited from it, or will. But it is fairly clear that large operators, including Google, considered it beneficial to them, as defined by the marginal profit they expected to clear as a result. The Open Internet Order might best be understood as a result of successful rent seeking supported by a moral panic.

"Reality is much more subtle and nuanced than this. It's not black and white. Just many different shades of grey." Indeed it is.

It is meaningful, however, to discuss techniques for efficient allocation of limited resources and is quite plausible, if not certain, that requiring all services to receive identical treatment in a packet switched network lead to inefficiency. This may show up, for example, as overbuilding or congestion (or its temporary mitigation, throttling), or possibly both at different times and places.

0
0
tom dial
Silver badge

Re: This Google obsession is getting old

Yet Google provides direct utility to users, in the form of Internet indexing and search, that far exceeds that of any the alternatives or, indeed, all of them combined. As a result it earns piles of money for its shareholders. Any positive utility that the NSA and other government intelligence agencies provides is at best indirect and very difficult to define and measure.

1
0

Investigatory Powers Act signed into UK law by Queen

tom dial
Silver badge

I find it interesting that fairly straightforward and likely enough correct statements are so often downvoted and disputed.

The point was that if the police are interested in you, no matter the reason, using a VPN or TOR is unlikely to deter them or interfere significantly with their ability to pursue that interest. And it is not at all obvious that it will make it harder. Communication data surveillance is only one of their tools, and for in-country residents probably is one of the least important.

0
1
tom dial
Silver badge

Re: Commercial suicide

You want to send sensitive company data to any employees, securely, you can't.

=> PGP will protect the data. If sending the data is authorized, would the metadata matter?

You want to leave said data on an intranet with web access securely, oh look, you can't.

=> On an intranet with web access: Does the act really cover internal transmission? Surely you did not mean web access from the public Internet and securely in the same sentence.

You want to research a company with a view to a takeover, in private, hah some chance

=> For those of us lacking the knowledge and imagination, it would help to have a plausible scenario in which searching public sources would be a problem.

Even if I'm being overly paranoid, if companies haven't legged it because of brexit, they'll be leaving in droves if they can't rely on secure internet as a general principle.

=> As I understand it, the act has little to do with Internet security, but something, maybe a lot, to do with privacy of some kinds of information in some circumstances.

2
0
tom dial
Silver badge

Re: Could someone recommend a VPN?

If you live in a Five Eyes country, you probably would be more at risk using externally-based facilities (possibly including TOR). In the US, at least, legal protections are much stricter on (legal) residents than they are on those in other countries who are not US citizens. I have not seen anything detailed about it, but suspect that there are side agreements among Five Eyes governments to not target (or to be gentle about targeting) each other's citizens.

None of that would apply to external communication endpoints. The applicable legal protections might not be honored, but they might, and for the US, at least, there is some evidence that they are. Where they are, they might be effective, and that is better than the case where they do not exist at all.

0
0
tom dial
Silver badge

If you are of interest to a law enforcement agency, and if you use anonymizers or VPNs or encrypted messaging, that is likely to increase their interest and bring closer scrutiny. If they have a decently plausible justification, they may be able to obtain a warrant (or UK equivalent, if different) for access that is much more intrusive than metadata collection, and much more likely to succeed in obtaining information about your activities in connection with whatever caught their attention in the first place.

The short version: if the police are interested in you, they generally will find ways to investigate you.

0
1
tom dial
Silver badge

Re: Here's the full list...

It would be useful to have a brief description of the hoops through which one of these many agencies must jump before gaining access to the stored data. That, along with who can grant access, might be a deal more important than who can request and receive the data.

0
0

Internet Archive preps Canadian safe haven to swerve Donald Trump

tom dial
Silver badge

Re: The True North, Strong and Free

Many of the countries "not so friendly to the interests of the USA" also would not be so friendly to freedom of access to information. The US might present some issues surrounding privacy, but is hard to match for prickliness* about anything resembling press freedom, and that certainly would include the Internet Archive. The government, and litigation attorneys and clients, being what they are, moves to restrict access could be tied up in rule making and the courts longer than Trump will be President, even if he is reelected in 2020.

As an aside, it would be easier, legally, for the US intelligence community to collect IP address information from a service in Canada than from one in the US, although its use might be limited by treaties or side agreements to pretty much the same population in either case.

* Except, in the short term, by those upset by "fake news" on social media.

2
4

CompSci Prof raises ballot hacking fears over strange pro-Trump voting patterns

tom dial
Silver badge

Yet the same "credible source" that considers the board of elections and email hackers to have been nation-state actors has said publicly that there is no evidence of election hacking as such.

Maybe Russia wished for Donald Trump to be elected, and maybe they made these efforts to that end, and maybe those efforts had an effect on voting behavior. That's a lot of maybes, and the direction of the effect on voters is, to understate, pretty murky.

0
0
tom dial
Silver badge

Re: Interesting definition of a landslide victory you have there...

Trump won in 30 states, with a total voting eligible population of around 126 million; Clinton won in 20 states and the District of Columbia, with a total voting eligible population of around 94 million. It is not entirely clear that the archaic counting system produced a seriously incorrect result. For reasons Hamilton discussed in The Federalist (No. 68), presidents are not elected by popular vote. People have disagreed with that, but they should at least give careful consideration to the argument before concluding that it is rubbish.

Time passage has brought changes. One has been to corrupt the original presidential selection process and establish quasi-legal institutional status for political parties that, at bottom, are self interested private organizations. Another change is to increase enormously the powers and importance of the President, a change that most political parties, including the two largest, have long supported enthusiastically. It may be that the problem is not the electoral college as such, but that has been altered to operate in a way that is quite at odds with its original intent.

1
0
tom dial
Silver badge

Re: From the article:

It is all but certain that said professor knows a great deal more about information security than he does about voting behavior.

As for connection of voting machines to the public Internet, it is all but certain that there were effective controls to prevent that, even for voting machines with the capability. However, hacking of individual voting machines is not the only way, and not the most likely or effective, to alter the ultimate vote count - as the professor and others have pointed out elsewhere.

0
1
tom dial
Silver badge

There is no more reason to believe an exit poll than there is to believe one taken in advance of the election. Aside from sampling error and refusal to answer, some people will lie, especially if, as in the immediate past election, one of the candidates is widely viewed as unworthy of respect.

0
0
tom dial
Silver badge

Re: Vote Fraud? Are you CRAAAZY?

Voter suppression laws, so called, did not disenfranchise anyone. They also made no racial or ethnic distinctions, although they plainly had more impact on those who were poor, unmotivated, or not very bright, or who would have had trouble documenting their eligibility to vote. Few of them, if any, failed to make the required ID available at no delivery point charge, although for some people assembling the documentation required and going to the place of issue, usually the same place that issues driving licenses. The required documentation is generally in line with that required to obtain a Social Security card, and probably in line with that required to register for other federal and state benefit programs.

The big disenfranchisement in the US is not these laws, but the sometimes permanent legal disenfranchisement of convicted felons, along with the large number of former felons resulting from the ill-conceived War on Drugs. This number almost certainly is at least an order of magnitude larger than the number of those actually disenfranchised due to "voter suppression." In some states, this can be undone only on approval of the governor of an individual request. A few states allow convicts to vote, and some that do not lift the ban at completion of the sentence.

The "evidence" for fraud seems to be hypothesized hacking of some equipment combined with deviation of some results from pre-election polling reports. As the BrExit and last UK general election shows us, These cannot be considered reliable. As a matter of historical fact, recounts rarely change election outcomes, especially above the local level. Even Michigan, with a reported Trump plurality of almost 11,000 votes, has a very low probability of changing after a recount. Pennsylvania, with a margin approaching 70,000 will not flip, and Wisconsin, with a margin of around 22,000 also is very unlikely to be changed. Clinton would need all three.

0
0
tom dial
Silver badge

Re: Vote Fraud? Are you CRAAAZY?

The vote fraud of which Democrats were so dismissive was an older type in which people voted who were not permitted for reasons such as death or lack of citizenship. Arguably, that was quite rare and unlikely to affect the outcome except in rare cases of extremely close elections, although as far as I am aware, the presumed rarity stems as much or more from general failure to look for it as any actual analysis.

Fraudulent configuration or programming of systems used for vote recording and counting is a legitimate matter for concern. It has been in principle for many of us since they were introduced, and for quite a few more after demonstration of various vulnerabilities in the recording machines and the general vulnerability of the systems and networks on which the software is prepared, stored, and transferred. It should be noted that similar vulnerabilities existed on rather old electromechanical vote recording systems, although complaints about that were rare to nonexistent.

The primary goal in using these machines seems to be quicker tabulation and announcement of results, hopefully by the nighttime news readings. This is an illegitimate reason. However, it can be met decently by using optically scanned human-readable paper ballots, which offer a reasonable possibility of manual recount, as is legally required in some jurisdictions when the lead is narrow enough.

Until that is done, auditing the results makes a good deal of sense, especially in cases where there is potential for wholesale manipulation that would be difficult or impossible to identify and correct. "Recounting" and machine auditing probably would not allow anything better than discarding results from dodgy machines, but it could hasten adoption of properly verifiable and transparent voting systems.

0
0

SQL Server on Linux: Runs well in spite of internal quirks. Why?

tom dial
Silver badge

Re: Repositories? apt and yum integration? Really?!?!

I do not understand, or think justified, the downvotes to this sensible post. I have made a very small number of exceptions on systems I have for personal use, and doubtless would make more if I were being paid to support customers.

However, I have a relative for whom I field occasional technical support questions related to his installing X on Ubuntu. Invariably X is a binary download, often from what I consider a somewhat dodgy source, and often chosen as an alternative for something available from Ubuntu repositories that appears fit for purpose. He choose non-distribution alternatives that promise features the repository one does not, but they do not always deliver on the promise. Quite often, though, they do deliver large amounts of wasted time and aggravation before they are fully operational; and a few of them never got to that point.

Some providers are open to suggestion and will make changes to improve the installation and operation of their product. Foxit Software, which offers a PDF reader, is one example. That Microsoft apparently provides a repository and appropriate dependency resolution suggests they are serious about this and want it to work well. And that is a good thing.

2
0

How to confuse a Euro-cop: Survey reveals the crypto they love to hate

tom dial
Silver badge

Re: Crypto Comms

These suggestions might be useful for spies (both "ours" and "theirs") and those engaged in various forms of activity defined as criminal behavior under applicable laws. They are likely to seem like quite a lot of bother to the overwhelming majority of the population who are not in either category, for whom the best use case may be privacy for affairs or sexting (Anthony Weiner, take note). That may seem uncomfortably close to "those who have nothing to hide have nothing to fear," but it probably is true that the majority of people who are not already subjects of specific law enforcement interest are very unlikely to wind up in trouble due to their tradecraft failures.

0
2
tom dial
Silver badge

Re: @ejit

Judicial process and warfare are not commonly thought to be closely associated.

Drone attacks certainly kill people near the target, and they also may go astray, fail to hit the target and still kill or maim substantial numbers of people. Yet they probably are more effective than car bomb attacks on markets or mosques, barrel bombs, or bombs dropped from high flying planes in terms of killing specific people without killing too many who may not be personally involved in a conflict. Upwards of 25,000 people, few of them directly involved in Nazi military operations, were killed between 13 and 15 February, 1945, and the Tokyo bombings of 9 - 10 March, 1945 killed roughly 4 times as many, most of them quite as innocent as most of the bystanders killed in drone attacks.

Wars are really bad things, and they always kill or injure innocent people. Focusing on particular weapons, especially those which limit unintended killing and injury, is a distraction from the main point.

1
0
tom dial
Silver badge

Torture might work, but then again it might not, and it often won't be easy, or perhaps even possible, to tell. A torture victim may well lie to make the torture stop or pause, saying whatever seems necessary and effective at that. Unless the information can be verified quickly against other information known to be true it is likely to be worth little, as it is if it merely confirms information the interrogators believe to be true.

0
0
tom dial
Silver badge

Re: Encryption will only work as intended until everybody is using it all the time

An easy to use frontend for using PGP with emails

I've had very little technical trouble with Thunderbird and Enigmail. Neither has my wife, for whom I set it up. The combination transferred flawlessly from Windows 7 to Windows 10 (unlike some other applications) and through three or four Debian Linux distribution upgrades. The last time I looked there remained some work to be done on web mail interfaces, although ProtonMail's is not too bad. Google End-to-End and Mailvelope were usable, although I do not know whether they have had a proper security validation or, indeed, still are being developed and maintained.

The problem has very little to do with availability or technical matters, and a great deal to do with the observed fact that only a tiny fraction of the public, as against those who lurk on technical web sites, actually cares about it.

1
0

HPE tape library permits unauthorised remote access

tom dial
Silver badge

Owners who care about their data should not manage these or similar devices in-band, and their out-of-band network should not be accessible from the public internet, for the same reasons that apply, for example, to water and power plants.

A bit of critical thinking sometimes is useful

1
0

Experts to Congress: You must act on IoT security. Congress: Encourage industry to develop best practices, you say?

tom dial
Silver badge

Re: You see, these IT security experts approached this testimony in the wrong way...

Have an upvote for the probable accuracy of the claim, but the implied reason is a bad motivation for legislation.

0
0

Zuckerberg says just one per cent of news on Facebook is fake

tom dial
Silver badge

For practical purposes I do not use Facebook, and in particular, I neither post nor seek out political news there.

That said, I think Facebook is getting something of a bad rap in this. The user provided political "news," probably better be called rumor in many cases, almost certainly is protected speech (in the USA) under the first amendment. As long as they are only a transmitter of the material they probably are pretty much in the clear, even if the material is false or misleading

They are entitled to suppress it if they wish, because they are not a government entity, but doing so will make some of their users unhappy. We already have seen an instance of this in their temporary removal of the famous picture of the nude Vietnamese girl running from a napalm attack. Censoring their users' political opinions, even because they are false or inaccurate, certainly will encourage discontent, as many people get pretty worked up about such things. It also is likely to lay them open to complaints, and possibly lawsuits if they begin to censor and fail, as is inevitable, to identify everything they need to. They will be better off letting the political stuff go except for clear and direct threats and the relatively small number of other first amendment exceptions.

0
0

Silicon Valley's oligarchs got a punch in the head – and that's actually good thing

tom dial
Silver badge

Re: Confused Brit

Fact Check: The claim that Diebold voting machines were used to steal Ohio from Gore appears likely to be untrue, as Diebold Election Systems Inc. was founded in 2002, two years after the Bush//Gore election.

I worked a number of elections in Cuyahoga County, Ohio in later years when Diebold machines actually were in use there, and it is my recollection that the machines were reasonably secure physically, and were delivered to voting locations with tamper evident seals over the access doors for the modem and internal electronics that were not to be removed for any reason, and if damaged were to be reported. I never encountered that, but assume that damage would have prevented putting the machine in service for the election. Other controls were generally adequate to prevent abuse in polling locations without collusion by both Democratic and Republican election judges.

There are no guarantees that the software could not be altered before the machines were sent to polling locations, or the stored votes changed after the election was completed, but it would pretty much have to be done at the board of elections between opening of the sealed bags with memory cards and inserting them into the systems that accumulated the vote totals.

1
0
tom dial
Silver badge

Re: It wasn't illegal.

I did check. The reference is 44 USC Chapter 35, along with implementing standards issued by NIST around 2005 or 2006. The law imposes requirements on senior agency officials to ensure information security. As the head of a cabinet department Clinton was responsible to ensure information security within the Department of State, not undermine and subvert it.

Colin Powell used a personal email account during his tenure as Secretary of State, during a time that bridged passage of the above act, and before NIST completed the standards, during which the State Department systems were considerably less adequate than they were when Clinton took office in 2009. Condolezza Rice has stated that she avoided use of email.

The State Department non-classified network was, indeed, penetrated - in 2013, after Clinton left the position of Secretary of State. It is possible, although uncertain, that it would not have been if she had carried out her obligation to ensure that her CIO and his staff maintained DoS system and network security properly.

Given the known vulnerabilities of the clintonemail.com servers, the only operationally useful assumption about it is that everything that ever touched it was known to every significant national intelligence service in the world.

And FWIW, my vote also did not go to either Clinton or Trump.

1
0
tom dial
Silver badge

Re: @tom dial ... Entirely predictable?

@Ian: While I raised the question thinking of pre-election polls, this may be more or less true. I do not know of proper academic research that bears on this, but there is suspiciot, and has been for decades, that some error may come from systematic bias in the subset of respondents who answer untruthfully or refuse to answer. One of the fundamental requirements for a good survey was understood 50 years ago or more is that you pick a sample and do what it takes to interview everyone in the sample, making return visits as necessary. The more deviation there is from that the greater the likely error in addition to the customarily reported sampling error.

Whatever the cause, my impression is that it is worsening over time. The last three big failures that come to mind are the most recent UK general election, the BREXIT referendum, and the US election last Tuesday. On the other hand, Alan Lichtman of American University has predicted the last ten presidential elections based on a series of 13 T/F questions about the political/electoral environment - no need for costly interviews.

1
0
tom dial
Silver badge

Re: Question?

The fact the US has two major parties results from a number of factors.

1. The habit of electing from single member districts by plurality or majority for such offices as the legislature (whether state or federal) makes it difficult for third parties to establish themselves, especially as the existing parties steal their ideas, and with them their supporters.

2. The need to organize legislatures to function adequately tends to force coalitions at state or federal government levels that incorporate locally or regionally successful third parties.

3. Third parties often are forced out by legal manipulations by better established parties. Examples include onerous signature requirements for small party ballot inclusion as opposed to automatic inclusion for "major" parties, something that typically means the top two by voting numbers in the previous election.

4. Party affiliation tends to be passed down within families. Although that gets muddled due to "mixed marriages" and internal family dynamics, there remains a tendency for individuals to associate themselves with one of the national parties, maintaining their stability over time.

5. Population mobility lead spread of the main political parties during the rapid expansion that occurred in the 19th century. People took the names and general leanings with them to new places and adapted them to their new environment. One consequence of that was to give the national parties a broad population base.

6. The population expansion and diversification that came with immigration in the last half of the 19th and first quarter of the 20th century, along with a combination of party organization recruitment of and takeover by new Americans operated to inhibit growth of minor parties. Ethnic diversity also discouraged narrow ideologically based programs. This and the previous factor go quite a way to explaining the nearly total lack of meaningful content in US party platforms.

The interactive map at

https://www.washingtonpost.com/2016-election-results/us-presidential-race/

Suggests remarkable stability over a period of 12 years, and it probably extends further back.

As an aside, I know of no evidence that third party vote totals, in most places under 5%, had a meaningful impact on this election, although they likely did in 2000. Jill Stein probably drew around half of her roughly 1% share from Clinton, and Gary Johnson a similar fraction of his 3% - 5% from Trump. In Utah and Idaho, Evan McMullin collected most or all of his votes from Mormon coreligionists opposed to Trump, who still beat Clinton by 19%; the total of Trump and McMullin votes in Utah is similar to Republican votes in other statewide contests.

4
0
tom dial
Silver badge

Re: it wasn't much of a choice

Additional note: the "State Department IT employee" who maintained her private (illegal and insecure) server was a Schedule C political appointee hired at her behest, who had been her go-to guy for her unsuccessful 2008 presidential primary run. It is far from certain that he knew anything about the FOIA and fairly certain he knew little or nothing about federal information assurance requirements, as shown by exposure of RDP and VNC for systems in the clintonemail.com domain on the public internet.

4
3
tom dial
Silver badge

Entirely predictable?

I ask then, with due respect, why did hardly anyone, including Trump's political and polling staff, actually predict it?

Predicting something after it happens does not count.

5
0

Computer forensics defuses FBI's Clinton email 'bombshell'

tom dial
Silver badge

There certainly is blame to be shared with the permanent civil and diplomatic service people at the State Department who were, to put it gently, a bit slack. However Secretary Clinton brought in her own personal staff, including Brian Pagliano. Pagliano was hired in as a Schedule C political appointee for IT special projects, did part time work for the Clintons as administrator for clintonemail.com, and probably found RDP access from the public internet quite useful for that. The State Department IG report issued earlier this year described one such use in connection with attempts by unknown individuals, unsuccessful at the time, to gain access to the system, leading to temporary shutdowns.

It is not clear that even a reasonably alert IT staff would necessarily have detected that, but there probably were quite a few people at State who knew that Secretary Clinton had a non-government email address, and those who didn't sleep through their annual Information Assurance training would have known this was out of order and should have reported it to the CIO chain. Maybe some of them did, as some of the IT staff raised the question and were told to back off and not speak of it again (Also in the IG report). Arguably, they were remiss in not reporting the matter then to the government's whistleblower phone number that most federal offices posted on physical bulletin boards and printed on earning statements several times a year.

The notion that this came up out of ignorance or naiveté is rubbish. Any employee cleared for access to classified material has training, and signs documents that attest to that and to agreement to the rules governing classified material handling.

Secretary Clinton, in addition to being the President's principal foreign policy advisor and representative (and fourth in line for the presidency), was responsible for legal and orderly operation of the State Department. She could, and presumably did, delegate the details, and the permanent diplomatic service staff would perform many of the duties, she remained responsible to the President for it, and failed in that responsibility. She also failed in the implicit responsibility to not put the department employees in the bind she did, where to carry out their duties they had to violate established department instructions and the law.

3
0
tom dial
Silver badge

Re: @bombasticbob, Big John etc.

The article cited,

http://www.vox.com/policy-and-politics/2016/11/4/13500018/clinton-email-scandal-bullshit,

is a combination of bullshit and whitwash.

0
0
tom dial
Silver badge

Re: @bombasticbob, Big John etc.

The two cases are considerably different. Colin Powell used a personal email account maintained by a commercial service provider. He did so at a time (2001 - 2005) when email was much less widely used than during Clinton's tenure (2009 - 2013). During at least part of that time, too, it was not possible to send or receive email between the State Department non-classified network and other government agencies or the public. General Powell expended significant effort to improving that situation, unlike Hillary Clinton, who chose to not use the upgraded State Department system, which by then was connected to the public internet and usable for all purposes. She chose instead to use, not a commercial service, but an insecure personally owned* system located in her New York residence.

* Or possibly owned by or with her husband.

1
0
tom dial
Silver badge

Re: So Comey must be arrested.

Please cite a source to confirm that Comey (or any FBI agent) revealed the name of the victim in Weiner's alleged crime. Please note that on September 21 the Daily Mail published a lengthy article, with numerous redacted text messages between Weiner and the girl, based on an interview with the girl and her father. The article, however, did not reveal the Mail's sources.

1
0
tom dial
Silver badge

Re: Here's the math that does not add up

Having a private server is perfectly legal. Using one to conduct federal business generally is not. The exception would be systems that are certified and accredited by the appropriate federal official who, in the case of the State Department, was the CIO. Lest anyone raise the question, that has been the law since 2002 or before. According to the DoS Inspector General's report earlier this year, the CIO stated he was unaware of Clinton's use of the private server (which seems depressingly like he was on what we used to call "indoor annual leave") and that he had not and would not have approved it if he knew. Relevant citation: FISMA (2002_ - 44 U.S.C. § 3551, et seq. along with Chapter 35 generally.

Influence peddling may or may not be illegal. Done by an official in exchange for cash or objects of more than nominal value, it generally is illegal. For the federal civil service, the usual limit was set at $10 - anything of greater value might be considered a bribe. Jimmy Dimora, former Cuyahoga County (OH) commissioner, is working on a 28 year sentence at the Beckley federal prison in Beaver, WV. In many cases, Clinton's probably included, the normal favor granting activities, such as arranging for access, are legal, but those who exceed limits, or who come to be seen as deplorable human beings, as Dimora did, can be prosecuted. As in most such things, prosecutors have a lot of discretion.

2
0
tom dial
Silver badge

Re: Here's the math that does not add up

Lying to the US population in a political context isn't criminal, and because of the first amendment it would be impossible to make it so. Lying to the FBI, which Ms. Clinton apparently avoided, would be criminal.

1
0
tom dial
Silver badge

Re: Comey was trapped either way.

Is there a reliable source for the 650,000 number? In a moderate amount of web searching, I have not found it. And in view of that, is not the 5% simply a made up number derived from the quotient of ~30,000 by 650,000?

If there are, indeed, 650,000 State Departmente emails on Weiner's laptop, the relevant number can be found by eliminating duplicates and matches to already known email messages from Clinton's illegal server. The first, as the article states, can be done partly by use of hash comparisons, but that still may leave semantic duplicates that give different hash values as a result of forwarding or inclusion in forwarded messages. The notion that hash comparison with emails that Clinton turned over is rubbish, since those were printed and if available in hashable form almost will give a different hash value than their original form. The "expert" opinions reported seem to have been based on assumptions that are known to be incorrect, and can be discounted heavily.

2
0
tom dial
Silver badge

Re: Just let Obama continue while they sort this out

President Obama can pardon Clinton (or anyone else) for a federal crime for which they have been convicted or charged. He cannot pardon anyone convicted or charged by a state government, and more significantly in this case probably cannot give a pardon for any crime not (yet) charged. I stand ready to be corrected by anyone offering proper citations to statutory or case law.

0
0
tom dial
Silver badge

Re: I sense political meddling.

The servers she used were not certified and accredited as data systems for processing the type of material for which they were used. That was not legal, as I believe the State Department inspector general stated in his report about the emails.

This is not about Trump, who certainly is ill qualified for the presidency and probably is unfit. It is about Clinton, who probably is qualified for the job, but certainly has given us plenty of reason to consider her unfit. In either case, we can be pretty sure of one thing: the people's business will be secondary to the incumbent's.

5
4

Coding will win you the election, narcissistic techies boasted to Hillary

tom dial
Silver badge

Re: Coding doesn't win elections

As a minor election functionary some years ago (something I undertook precisely because of the risk of monkey business) I concluded that the best solution is what we used before there were voting machines: hand marked printed ballots, hand counted and tallied by a group of people not all of whom belonged to the same political party.

A machine that operates in ways that cannot be observed directly during operation introduces doubt; and that doubt, manipulated by those interested in the outcome, undermines the perceived legitimacy of the result, and of the official ultimately elected.

As a polling place official I could ensure that nobody accessed the various ports in a way that might be seen as possible cheating; anything like that had to be witnessed by at least two officials of different (claimed) party affiliation. There was, and is, no effective way to guarantee that the vote by the citizen, displayed on the screen and printed on the visible tape, was correctly written to the memory card used to accumulated results. As far as anyone associated with election operations or voting was concerned, the process involved a lot that was the functional equivalent of magic. The public announcement of support for Republicans by the manufacturer's CEO, and the fact that the Secretary of State who oversaw elections was a Republican led some Democrats to question the results openly well before the election. With any kind of voting machine, or even electromechanical computer driven ballot counting, he chain of required trust in faceless people, some of whom may have (or be perceived to have) an interest in biasing the outcome, simply is too long.

0
0
tom dial
Silver badge

Re: It's all PR

This is an excellent post, deserving of far more upvotes than it has (3 as of mid-afternoon UTC). I do think it leans to overstating the money thing, but still puts most of the emphasis where it belongs - the parents and home environment (para 4), good school managers, not merely teachers (para 6), and focus on the basics (para 7). [I did not count the isolated sentence at the top.]

Over some 40 years in IT I met quite a few excellent programmers and system designers. Almost none were CS graduates, and few were from "STEM" fields, especially if you take "S" in the older sense of physical sciences. As a Math undergraduate major I was a distinct outlier. Among the best that I recall were a number of musicians, a German major, a History major and one with a PhD in Classics. I suspect things have changed some, but programming is not so hard to learn that intelligent and inquisitive people cannot, and have not, done so when the need or opportunity arises.

2
0

Lad cuffed after iOS call exploit knocks out Arizona 911 center

tom dial
Silver badge

A search warrant, solidly based on probable cause, probably describing computer equipment containing the computer code, and possibly documentation of that code. In a case like this, at least, there is no reasonable basis to question a search warrant as such. If there is evidence that the warrant was unreasonable in its extent, the defense attorney can raise the issue in court and conceivably get the warrant quashed, along with any evidence it yielded.

3
0
tom dial
Silver badge

Re: Dumb mistake

There were numerous ways Desai could have disclosed the vulnerability that would not have executed a DDOS on a critical government service. He knew it was wrong, and according to his statement he knew that it was illegal, and and yet he created it and, again according to his statement, released it accidentally to the world. Also by his statement (reported in Forbes) he “developed these malicious bugs and viruses to be recognized in the hacker and programming community as someone who was very skilled.” He should not get a pass on this.

A five hundred hours or so of community service seems in the ballpark for a reasonable sentence, and one he might reasonably be grateful for. He should be grateful, too, for being charged under Arizona law. Technically, he probably violated the CFAA, which in the hands of an ambitious US Attorney, which Arizona seems to have, could have brought charges of hundreds of counts, each carrying a potential sentence of up to 10 years.

7
0

EU announces common corporate tax plan

tom dial
Silver badge

Re: I guess this explains why we are leaving.

"Trump has somehow convinced ..."

Maybe. But it is useful, and probably necessary, to remember that they already were angry (as were quite a few others than this year's chosen targets of ridicule and disparagement. Trump did not make the sad situation into which he stepped, but was chosen because he articulated what they already were thinking. His off-the-wall and often ill-considered statements resonated with enough Republican primary voters to gain him the nomination over a number of candidates who were better qualified and more fit for the office, by far. And I fear that in the likely event that Clinton is elected, she probably cannot do anything, and almost certainly will do nothing, to resolve the underlying problems, so they will continue to fester for another four years or more.

For the record, I do not consider either one of them fit to hold any office of public trust and will not be voting for either of them. I have given up casting votes for lesser evils.

4
0
tom dial
Silver badge

Re: finally a brexit benefit (for EU)

The proper word(s) might be "representative democracy," in which representatives are elected by largely democratic procedures and then rule by majority (or sometimes supermajority) consent of the representatives, who can do pretty much what they want, subject only to the remote possibility of recall (in some arrangements) or removal at the next election.

That is quite different from democracy in the old sense, where the demos is consulted directly. Perhaps the difference is less important in the EU than in the US, where a rather large fraction of the population expresses belief that their legislative representatives actually are on the payroll of various corporations or rich benefactors.

1
0

Como–D'oh! Infosec duo exploits OCR flaw to nab a website's HTTPS cert

tom dial
Silver badge

The obvious replacement of the OCR by humans seems likely to bring a positive error rate as well, quite possibly in the same range as the OCR system. It is not even unlikely that the human error rate would be larger as they get fatigued, unlike the OCR software.

3
0

Meanwhile, in America: Half of adults' faces are in police databases

tom dial
Silver badge

Re: And when it seriously goes wrong?

Those who bothered to follow the link (and the further link to The Intercept) and actually read either article will have found that Talley's ex-wife, three acquaintances, and the teller he was accused of robbing in the second case identified him, presumably based on bank surveillance photographs. They also would have noticed that the FBI facial recognition specialist, based on personal examination of photographs found a likely match between the surveillance photos and others probably taken under better conditions. Those certainly would have been enough to justify an arrest, and quite possibly and indictment and trial. The fact that the only witness changed and augmented her statements during trial testimony does not alter that.

Talley may well have a good case against the arresting police for grossly excessive force, and possibly also for later procedural errors. He might also have cause for action against his public defender in the first case for slackness in checking with his employer as to his stated alibi, which brought him a two month jail stay.

What the articles do not do is implicate machine facial recognition, which was not used. Indeed, the Intercept article suggests, with reservations, that it is likely to improve the results that can be obtained by human analysts alone.

1
0
tom dial
Silver badge

Re: Only half?

I wonder, if the US and UK are not "even remotely democratic" which nation states are. That is a fairly strong statement that runs contrary to conventional understanding and warrants a bit of substantiating evidence.

I stipulate that the US federal government is not a democracy, and was not intended to be; the authors of the Constitution took considerable care to prevent that, for reasons discussed at some length in the Federalist Papers. They did not, however, constrain state government in any way to prevent them from establishing democratic regimes of their own.

0
1

Ecuador admits it cut Assange's internet to stop WikiLeaks' US election 'interference'

tom dial
Silver badge

Re: Trump supporter

Corrupt != criminal:

cor·rupt

kəˈrəpt/

adjective

adjective: corrupt

1.

having or showing a willingness to act dishonestly in return for money or personal gain.

"unscrupulous logging companies assisted by corrupt officials"

synonyms: dishonest, unscrupulous, dishonorable, unprincipled, unethical, amoral, untrustworthy, venal, underhanded, double-dealing, fraudulent, bribable, criminal, illegal, unlawful, nefarious; informalcrooked, shady, dirty, sleazy

"a corrupt official"

0
1

Forums