Feeds

* Posts by hollymcr

27 posts • joined 10 Sep 2012

Scam emails tell people they have cancer to trick them into installing a money-stealing Trojan

hollymcr

That's the whole point of phishing. You send it to enough people and you're going to hit people who have just had a blood test. It's no different from targeting <insert name of bank here>

15
0

Control panel backdoor found in D-Link home routers

hollymcr

Re: For those who can.

Why would anyone downvote a recommendation to install dd-wrt when the manufacturer supplied firmware has a major security flaw for which there's no current fix (other than replacing the firmware with something better)?

8
5

Google: Thanks for the billions in revenue, UK. Here are your taxes, that's ... £11m

hollymcr

Re: Blatant law abidance by international corporation shocker

@Robert: "All totally illegal, and clearly so"

You speak with the certainty of someone who knows the law inside out, but without reference to the acts in question, which makes me suspicious.

If they are breaking the law, and if (as you say) HMRC have decided not to go after them, then there are plenty of other organisations (press amongst them) that will do the investigation and make the results public.

I believe that a lot of people want this to be true, almost certainly enough people to vote for a government to make it so. Governments (of all flavours) are either incompetent or complicit - I suspect the latter.

The bottom line is that generally speaking these large corporations *are* paying tax on their profits. They're just being selective about where they pay them, and taking corporate profits makes this possible.

IMHO, taxing activities taking place in the country (employment, sales, etc) is the simplest way to ensure that tax lands where it "should".

0
0
hollymcr
Facepalm

Blatant law abidance by international corporation shocker

Yet again, we have a big international corporation steadfastly following the letter of the law. To be fair I'm guilty of doing exactly the same myself most of the time. But Google (and Apple, eBay, Amazon, Starbucks, etc etc) shouldn't be allowed to get away with it!

If this continues unchecked, at some point a government might have to earn its keep by either changing the law, or by changing the tax rates to make us competitive. But should we really have to expect our governments to do their job, when it's much easier to expect our corporations not to do theirs?

15
2

Google FAILS in attempt to nix Gmail data-mining lawsuit

hollymcr
WTF?

Can't see what the fuss is about

If someone emails me they do so with a reasonable expectation that I will use an email client of my choice to process and read that email. It might be that I choose to view the email in plain text (SMTP headers, MIME headers and raw HTML, etc). Or I might choose a client that only shows me the formatted HTML part, hides the headers, handles attachments etc. I might have everything - spam and viruses included - dumped into one big "Inbox", or I might have my email system filter them in some way. And I might have my email system, should I choose to do so, provide advertising alongside it based on the content of the emails.

By sending me an email, the sender has chosen to accept this in using my email address in the first place. All of the above are in my control, not the sender's. It is not within the rights of the sender to determine whether my client is Outlook, Thunderbird, Gmail, Hotmail or just plain telnet to a POP3 server (any more than it's within mine to dictate their choice of sending client).

That I might choose to use an ad-funded service, and that I might prefer to have a handful of vaguely relevant ads rather than a pageful of random "hopefully one of these will be of interest" ads, is my choice. Those ads aren't shown to the sender, the sender isn't getting spammed or having their details sold to advertisers.

When I send an email to an Outlook user I am indirectly supporting the business model and practices of Microsoft. I might not like this, but it is not within my rights to sue Microsoft because I object to this happening even though I never agreed to a Microsoft EULA.

And, of-course, anyone who is *really* bothered about this would just encrypt their email so my choice of email system can't pre-/post-process it in any way. Or they could freely check my email account's MX records and determine where the email is going. If they're too lazy to do either, that's their problem not mine.

Sorry, but Google is no angel but anyone who believes that this is anything more than an exercise for lawyers and for people who think they might be able to make a few quid is deluding themselves, and that kind of people should not be encouraged.

3
3

Just add creepiness: Google Search gets even more personal

hollymcr
FAIL

When you stick stuff into Facebook it (largely but within some constraints) becomes public. Your friends and future employers may well have access to it.

What I don't get is all this talk about Google's data being used the same way (unless you're talking about stuff posted to G+, which is like Facebook except there's less chance anyone will bother looking).

If Google knows a lot about me, then I can expect the US and probably UK authorities to know a lot about me too. That is wrong, not least because of the lack of transparency, although unless I put an air gap between my stuff and the Internet and don't use a phone or drive a car then they know plenty already. But where is this leap to future employers knowing this stuff?

Nobody is suggesting that anyone can go to www.google.co.uk and search for "embarrassing things that Katie Saucey got up to in the past 20 years" and expect to get back any of the stuff you haven't shared on Facebook or similar.

It's like saying you shouldn't tell your doctor about an embarrassing problem because you don't want your employer or other citizens finding out.

Google's business model may well include putting adverts from erectile dysfunction companies in front of me if I mention in an email my performance was under par last night. It means I'm shown information (adverts) from those who might be able to "help" (sell me something). It does not mean that the advertiser knows who I am, unless I click on the advert and give them my details. It's about Google putting adverts in front of me that I'm more likely to click on so they get paid, and the data they've mined for that purpose is incredibly valuable to them and they're not going to share it with anyone (without a warrant, anyway).

Oh, and I don't care that their robot misunderstood my comment in the email and jumped to an incorrect conclusion. I simply don't click on the ad.

1
0

Google: Cloud users have 'no legitimate expectation of privacy'

hollymcr

Re: Dumb

It would be great if El Reg had an option to pay to remove ads, with the only other benefit being maybe an extra "no-ads" icon to use when commenting.

That way all the people who like to whinge about advertising funded services can choose the high ground, and those who refuse to pay when given the option can be called out for the hypocrites they are.

(Can't imagine I'm going to make many friends for saying so though!)

0
0
hollymcr

Re: Dumb

On the contrary, user greed created them. We want everything but we don't want to pay for it. Which is the only reason why advertising funded applications like these are developed.

How often do most people pay for a mobile app when the only benefit is removing the ads? I know some do, but I'd bet it's a tiny minority.

It turns out we get what we pay for. If we want email services (and search engines and mapping tools and all the rest of it) to be the product we have to start paying for them. Otherwise we have to accept that we're the product, being sold to advertisers.

2
0
hollymcr

Re: IANAL, but...

The "dialed numbers" constitutes metadata, not that actual content of the call

This is certainly true.

However, it could also be argued that the telco's "systems" do look at the call content. Certainly these days where the analogue data is converted to digital and presumably compressed, the systems must access the data stream. Just, as others have said, that any company offering spam filters must by definition have systems that "look at" the email content.

So the question is really just down to what is legitimate. We are not talking about Google employees reading their users' email content, we're just talking about what their systems do. Google fund their services through advertising, and as a user I would prefer to see a handful of maybe relevant ads than a screen covered with random ads in the hope that one might be relevant (the way it used to be). I therefore accept that Google's systems "read" my email for various purposes, including targetted ads, spam checking, and various other filtering functions.

I would *not* on the other hand be happy to find that Google employees were reading them, and I don't like the idea that the American (or for that matter UK) security services can read them (or use systems to scan them), although I know it has always been thus in one form or another and the day it bothers me enough to do something about it is the day I will start routinely sending encrypted emails.

Bottom line, Google provide a service and are open about how they fund it. They are much more open about this than, for example, supermarkets are about how they give free wifi so they can track customers. And for that matter, you can read Google's terms and conditions, but where will I find the US or UK government ones that tell me what they will do with data? I choose to use Google but can choose not to. I choose to use Facebook in certain limited ways but can choose not to. I choose not to use Twitter (only because I can't be arsed with it, not for any privacy reason). Where do I opt out of government abuse of data?

3
0

Google Glassholes to be BANNED from UK roads

hollymcr

Re: incompatible

So an app that could tell if a drivers attention is drifting away from where it should be, or that spots a driver falling asleep, or that gauges how close the vehicle in front is and how quickly the gap is closing, would automatically and by definition be bad things?

Seems a little shortsighted to me.

8
5

Oi, butterfingers! Drop your mobe in a pint? Hope it's not an iPhone

hollymcr
Trollface

Water load of nonsense

The first thing you do after the phone gets wet is pull the battery out and leave it to dry.

How did the two phones fare after that test?

5
0

Apple rubbishes rumours of iPhone for the masses

hollymcr

Re: I'm no expert, but...

Actually I think AC might be right. Most Android phones at the same price point as an iPhone have considerably better specs. So this mythical Android phone with only the same spec as an iPhone but at the same price would probably not sell well, leaving the iPhone to outsell it (but with both being outsold by the better Android phones at that price point).

1
0

Anti-virus products are rubbish, says Imperva

hollymcr

Re: ...spend “is not proportional to its effectiveness”

@jason 7: It appears to me that some folks seem to think you can successfully support essential systems by the will of the "Linux Goodwill Support Foundation" alone.

And there are those that make pretty daft comparisons. I mean, sure if you do genuinely get all of that support completely free for Windows then you might have a point, but do you?

For a school install, TCO *should* also include the cost of providing all students with a home installation of all software being used in the school. A colleague was recently shopping around for the cheapest way to buy MS Publisher because that was being used in school (because, like, if you want to get into publishing you're going to need MS Publisher on your CV, right?). The current "work out for yourself where PirateBay is" solution isn't helping anyone on the Anti Virus front.

When I was at school, I had access to a BBC B micro (and an RM 380Z). The only reason I'm in IT now is because those two pieces of hardware - and their respective operating systems - are obviously the most common ones found in today's workplace.... No, sorry, back in the real world we were taught to use tools not brands. Did it matter that my Casio calculator had buttons in different places from my schoolmate's Texas calculator? Yeah it made things slightly harder for the teacher, but it taught us how to use the damn things not just copy someone by rote. Because all those kids who learned on XP and Office 2003 (but only in school, because they couldn't afford a home licence) are really going to find Win8 and Office 2013 so much easier in the workplace than anyone who was taught general wordprocessing and spreadsheet skills on OpenOffice (and was able to work on them at home using the free install CD they were sent home from school with).

</soapbox>

6
2

Apple granted patent for ebook page-turning

hollymcr

It had to be short

If the patent application had run onto a second page, even the USPTO would have spotted the prior art when they reached the bottom of page one and tried to figure out where the rest of the application had gone....

2
0

Google, Amazon, Starbucks are 'immoral' and 'ridiculous' over UK tax

hollymcr

Re: Bleurgh

@chr0m4t1c

You have a few errors in your maths. Corporation tax is paid on profits, so in your first example the "profit" is only 50p therefore tax is 5p. But the rest is ok, leaving the company with 45p. However, the problem is that if you are Starbucks, the cost of delivering a £1 coffee is, allegedly, £1, so the corporation tax is zero. The question is how to force Starbucks to pay that 5p.

A sales tax of just 5% is enough to collect that 5p. As to where it comes from: Now that as part of the same tax changes corporation tax got reduced to zero, Starbucks magically discover that they can sell a £1 coffee for costs of 50p after all, so they have plenty of margin to pay the 5p. If they decide to increase prices instead they can, but they won't be competitive against Costa, who are also paying 5p sales tax but didn't increase their prices because they also saved the 5p corporation tax they were paying. Because let's face it, if Starbucks can put 5p on the price of a coffee and still sell them then they're going to do that, regardless of a change in tax.

The interesting thing is that now it makes sense to bring all EU sales though the UK because our sales tax only affects UK sales and our corporation tax is now zero. Whether that's a good or bad thing is another matter.

The problem with all of this is more subtle. A company that makes £1m on sales of £10m currently pays the same corporation tax as a company that makes £1m on £100m, but with a flat sales tax one will pay 10x what the other pays. The latter company is only making 1% so could not swallow a 5% sales tax without increasing prices. This would mean we'd need different rates of sales tax on different items to maintain the status-quo.

5
0

Firm-Who-Must-Not-Be-Named's tax dodge profit shift? Totally legit

hollymcr

Re: race to the bottom

@AC 20:01

So the argument is that competition results in a race to the bottom, except that because of self interest it doesn't? Isn't that just a long way of saying that competition doesn't result in a race to the bottom after all?

Companies like Starbucks will move money around for cheaper tax rates, but realistically it isn't going to be worth it when you're trading in a country that has low tax rates, even if not the cheapest rates. On the other hand, it is worth avoiding the highest tax rates. There are plenty of things to compete on and price is only one of them. It's not clear cut but surely the idea that a cut in tax necessarily means less tax collected (or an increase in tax rates necessarily means an increase in tax collected) can be consigned to the dustbin now?

1
1
hollymcr

Re: So cancel corporation tax

@Ivan 4

Who do you think actually pays corporation tax? Here's a clue: what do you think would happen to retail prices if corporation tax went up?

At the moment, your cup of Starbucks includes corporation tax (but not UK corporation tax), and VAT. The argument goes that if you dropped corporation tax to zero and increased VAT to compensate, then the total tax take would be the same, the retail price would be the same, but now all the tax would be paid to the UK (i.e. the country the profit was generated in).

Personally I'm pretty confident the idea has as many flaws as the current system, although I'm too lazy to work out what they are. But it's a nice idea in principle.

1
0
hollymcr

race to the bottom

The race to the bottom argument is exactly why no item in Tesco, Asda, Sainsburys etc costs more than a penny. Oh, hang on...

Competition promotes efficiency. Remember that we are talking about companies who effectively pay zero UK corporation tax because they can shop around, exactly as you can do when you buy a tin of beans. The companies do generate UK tax in the form of employee income tax and VAT because they have no choice. If we're dead set against competing on corporation tax then finding ways to increase the revenue from less "optional" taxes would make sense. But if we're not careful consumers will lose out.

1
2
hollymcr

Re: So cancel corporation tax@hollymcr

@ledswinger Nothing in your proposal would target the tax "dodgers" specifically so it solves nothing. And I quoted "dodgers" not because I approve of what they do, but because they are doing nothing illegal.

The current system of competition between nation states means that countries like ours lose out through bring uncompetitive. That's an argument for better rules or for being more competitive. It's also an opportunity for companies to gain a competitive advantage by promoting themselves on how much tax they pay; a sign outside Costa "We pay 20% of UK profits in tax" or similar, although of course I have no evidence that Costa are actually any better than Starbucks. A "fair tax payer" charter that companies could sign up for would help.

Trying to make a law to specifically target Starbucks gets you nowhere.

Increasing VAT and reducing corporation tax is the only sensible suggestion I've heard so far but I'm sure there's reasons that won't work too. (How to tax the profits of UK companies that they make though non UK sales for example.)

1
0
hollymcr

Re: So cancel corporation tax

Allowing companies to claim back VAT is an important part of how VAT works, it's where "Value Added" comes from.

Imagine a company buys bits costing £120 (inc VAT), does some work to them and sells for £50 profit. Currently they claim back £20 VAT, making a sell price of £150+VAT = £180, of which the taxman gets £30.

Your proposal is that they shouldn't claim the £20 back (i.e. the taxman still gets it), so would sell for £170+VAT = £204. The taxman gets £34 on top of the £20 it already got, £54 total. And that's just from one step. If that company was selling to a shop, they'd add their margin plus tax; each step effectively taxing the tax that's already been paid. The companies are no better or worse off, it's only the end consumer who suffers. It means that just to buy something and sell it on at no profit you have to add another 20% tax to the price.

The whole point of claiming back the VAT then adding VAT to the new sell price is that the increase in the Total VAT is just the VAT on the Added Value, not the VAT on the VAT on the VAT on the.....

2
0

Apple CEO: Microsoft Surface 'compromised, confusing'

hollymcr
Facepalm

flies and floaters

"I suppose you could design a phone that makes calls and has maps," he said, "but I don't think it would do all of those things very well."

There, fixed that for you.

7
0

Win8 tablets may cost MORE than iPads – AND LAPTOPS

hollymcr
Coat

It's better because it costs more.

Obviously, if you can't afford a Windows tablet you can always go down market and just get an iPad instead.

Everyone knows you get what you pay for.

<-- I'm off to Poundland to buy an HDMI cable because I can't afford a £20 one from Curry's that would be so much better...

0
0

Apache man disables Internet Explorer 10 privacy setting

hollymcr

Re: Does nobody know how to administer a site anymore?

"Just to re-iterate, there's no technical difference between the header being sent from IE10 and from any other browser"

I don't see why you see this as an argument in your favour (also not trying to score points...). If MS choose to implement non-standard behaviour then they should use a non-standard header. Like others, my brief experience with installing W8/IE10 never lead me to a point where I was given a choice about this setting, so my view is coloured by this. We clearly disagree about whether IE10 uses DNT in the same way that other browsers do.

"I don't get your premise that it is used in a "different way to all other browsers". The only difference is that ..."

It's that "only difference" that I consider makes it "different".

Ultimately one of two things will happen as a result of this. The setting will be ignored by the majority of websites (whether just for IE10 users or in general), or sites will use the setting to direct people at a paywall or subscription service. The first seems more likely, at least in the short term, and means that anyone hoping to make use of DNT will be disappointed. The second is probably inevitable in the longer term, which will likely result in fewer independent websites and more large web brands, which is a shame.

I do get why people don't like being tracked but nobody seems to have come up with an alternative method of paying for content on the web. The sort of tracking we're talking about is little different from using a credit/debit/loyalty card in a supermarket and maybe as paywalls spring up for people with DNT enabled more people will turn the setting off.

In effect, IE10 pushes things too hard in a direction that's too fast for "the web" to cope, thus making DNT a lame duck. It's unlikely that this wasn't MS's intention (after all the next step after "embrace" is "extinguish", right?)

0
0
hollymcr

Re: Does nobody know how to administer a site anymore?

I'm not sure I follow your argument: they use the same header but in a different way from all the other browsers, therefore it's not misleading?

I'm not really wanting to defend Fielding so much as criticise Microsoft as that's where the problem lies. The Apache code is open so Fielding's change was open and transparent and easily reversed. What *should* happen is exactly the same as usually happens when MS "embrace"a standard: detect the browser in the application code and (once again) code around it.

0
0
hollymcr

Re: Does nobody know how to administer a site anymore?

You will be able to tell if the user selected that option, unless they use IE10, in which case regardless of Apache you can't tell if they choose to enable DNT.

IE10 presents a misleading header, the server ignores it.

The best fix is to IE10 but I'm guessing that Apache don't have access to that source code.

1
4
hollymcr

Re: I don't get why people find this confusing

Er, I think it's you who missed the point. You might have a point about targeted ads but that's not what this article was about. It was about DNT and Microsoft/IE10's attitude to it.

Observing DNT is optional, but if 5% of people use it you can make a business case for implementing it on a website. If 95% of people choose it then there's an even stronger case for implementing it, although the loss of income would have major effects way beyond DNT. But arguing that it's ok for 95% of visits from any one browser to have DNT set when only 5% would actively have chosen to use it just devalues DNT and destroys any business case for supporting it.

If you dislike DNT then fair enough, but if too wasn't DNT to work then that's at odds with supporting the way IE10 implements it.

1
2
hollymcr
WTF?

I don't get why people find this confusing

Judging by people's reactions to this DNT stuff, I'd say there's maybe 1% of the population that would go with "please track me, I know what that means", maybe 5% that would be "don't track me" and the rest "huh? DNT what now?"

The value of a targetted ad is higher than a non-targetted one, for obvious reasons. So to achieve a given revenue you need to show (say) ten times as many non-targetted ones as you would targetted ones.

So, with DNT off by default but there to be enabled, advertisers can afford to lose that 5% who care without really affecting things, so that 5% get what they want (not to be tracked) and everything carries on otherwise as before.

With DNT on by default, advertisers lose that 5% but also the 94% "huh?" which means the only way to bridge the gap is to show one hell of a lot more adverts in the hope that one of them interests you without being targetted. Or stop providing the service, or charge for it a different way, or ignore the DNT setting. Of-course that's not an issue because DNT was designed to be off by default so the 5% who care get what they want, and since it's an optional feature for advertisers to pay attention to that's great because the 5% stand some chance of it actually being implemented.

By ignoring this and turning on DNT by default, MS have ruined this for anyone who wants to use it. In IE10, DNT=Off means "I'm in the 1% who want to be tracked", DNT=On means "I'm almost certainly in the "Huh?" bracket but there's a small chance I do care and don't want to be tracked", which can be summarised as "ignore DNT=On".

Of-course only IE10 does this, so websites could put exra effort in to implement DNT but ignore IE10, but they won't; they just won't implement it. At least if they use Apache they can just implement DNT and auto-ignore the ones that can't be trusted. Apache are, it would seem, the best hope of rescuing DNT. For anyone in that 5% this is *very good* news.

3
4