Re: Protection software spews sensitive data to third parties
>>I'd rather help the sites I visit earn money directly
So altruistic! How about you actually pay for the content you want from the people who actually make it?
4539 posts • joined 26 Jul 2008
>>I'd rather help the sites I visit earn money directly
So altruistic! How about you actually pay for the content you want from the people who actually make it?
>>Surprisingly, however, many netizens seem pretty content with The Pirate Bay leeching their computers' processing energy to make money – especially if it means getting rid of ads.
Well sure. I mean if it's your parents' electricity bill...
Every year older I get, that film becomes a little bit darker and a little bit funnier. Anyone reading this that hasn't seen it, really should. Can we change the Microsoft User icon from a tramp to Dr. Strangelove? Seems more fitting somehow.
>>Gaddafi was going for nukes and traded his nuclear programme away for oil and trade, and look how that turned out for him! No one would believe the west in any "Give up your nukes and we'll give you this and leave you alone." negotiation any more.
That's a great example. Which I think most in the UK and the USA aren't aware of. Gaddafi wanted to come in from the cold for years and made a lot of concessions. And then when we got what we wanted we bombed the country back a hundred years. Another example much on the minds of the rest of the world is Iran. They have been complying with the agreed nuclear accords whilst the USA is determined to renege on its side of the deal. I also watched an interview with the President of the Phillipines, Robert Duterte who said he preferred negotiating with Russia and China because he couldn't rely on the USA's word. Now Duterte is not exactly a nice man, but that's irrelevant here. He said the president of the USA (Obama at the time of the interview) would make all sorts of promises but that Congress would then over-rule him and also he'd be replaced every few years with a different president who would do something different.
Now I'm obviously not advocating that the USA move away from democracy. I'm just pointing out that it has a terrible reputation for reliability and honesty world wide. Other countries manage to be democratic and still not renege on international agreements. Though I don't really attribute that to our politicians being inherently more honest so much as I do our countries being less powerful. We fear consequences. I think the USA is simply so powerful that it has gotten used to behaving how it wants. It's also possessed, generally, of a horrifying degree of confidence that it is the Good Guy. Domestically, I think it does a pretty good job of being Good Guys. It has a lot more freedom than almost anywhere else in the world. But internationally, nobody sees it that way except itself.
>>Complete utter bullshit. Where do you get that stuff?
From my good friend Logic. As a deterrent against conventional warfare it requires an actor who will be so pissed off at losing a conventional war that they will escalate it to nuclear war and change the outcome from loss and potential subjugation to death of their own people on a scale that would make the Holocaust look small. That's not a rational action. As a deterrent against nuclear attack it requires someone to say "well, our hemisphere is dead in around fifteen minutes. Shall I for no gain to ourselves, destroy the other half of my species". That is not a rational action.
If only one side has nuclear weapons then it can act as a deterrent. But I refer to the doctrine of Mutually Assured Destruction and this requires you to be perceived as irrational. Nuclear Weapons against another nuclear power that is choosing to only use conventional so far, makes things worse. Launching a wide scale nuclear response against a foe that has already launched the same at you wont protect you or cause you to "win". All it does is wipe out a couple of billion extra people with you.
And MAD is inevitably the penultimate phase with nuclear weapons. If one party has them, that is inescapably just a temporary state. Other parties can and will acquire them.
>>Fast forward to today and the same is happening to North Korea, they are hell bent on creating a nuclear arsenal and we are now in a situation where neither side can back down.
Yes. It's worrying that some of the same factors are starting to repeat. The EU is fragmenting. (The results of Germany's upcoming elections will be interesting. I have a sneaky suspicion that their ant-Immigrant party AfD will do a lot better than the media predicts). We have a poor financial state in the West. Nothing like the Great Depression, thank goddess, but nonetheless our economies have suffered some serious blows. There are rising tensions as the USA tries to grab influence from Russia and Iran in Syria and there's economic warfare which doesn't get enough coverage amidst stories about Trump tweets and Emmys. And there's quite a degree of discontent in the general population. N. Korea sees its own route to survival being to have nuclear weapons - which isn't surprising given the near daily pronouncements of how the US wants to topple it. And the USA sees no way not to continue because the idea of N. Korea with nuclear weapons terrifies them (and everyone else). The USA would love to use sanctions but if they go any further with this, then they're basically just forcing China and Russia into closer partnership and there's no way China will actually cut links with N. Korea. Why would they? N. Korea isn't a threat to them (that would be like biting your mother's teat) and they equally don't want to see the US hegemony further established on their shores.
Everyone is acting rationally for their little corner of the chessboard. It only becomes irrational if you consider our species as a whole. And nobody does that.
I missed my edit window so I'll tack this on here.
Inevitably, someone will come along and say how nuclear weapons have provided the longest period of peace in yada yada. Well, that might be true. Of course we have to discount the many wars and proxy wars we've had during all this time, but it might be true. However, coinciding with this period of large nuclear stockpiles we have also had:
• A Europe united by free trade and mutual self-interest (unless you're Greek, but they're not likely to invade Poland)
• Rising wealth and standards of living.
• No Great Depressions as preceded WWII.
• No living memory of the horrors of WWII.
• No recent return swing from an overly-punished defeated nation. (I can make a strong case that there were not two distinct world wars, but only World War Part One and World War Part Two).
• More informed electorate through ever more available exposure to foreign viewpoints.
• A somewhat unified class of international wealthy elites who may profit from the threat of war, but would lose money in an actual world wide conflict.
All of these are strong factors in preserving peace. The threat of nuclear annihilation might be a contributing factor, but one must control for ones variables and there's a substantial list of very significant other factors. And if deterrence is supposed to be the factor, does any rational person not find the conventional horrors of WWI and WWII or Iraq or Libya or Syria not sufficient deterrence to avoid war?
Well the whole point of MAD is making your opponent believe you're willing to do it. So everything possible is done to make the opposing side paranoid deliberately. Otherwise they'll just cut you to pieces with Salami Tactics.
Nuclear weapons are only viable as a deterrent if the person in charge of them is perceived to be non-rational. Which explains so much.
It's a critical system in which the outcome of it going wrong is death on a colossal scale.
I'll show you mathematicians who believe no error is possible - goes with the territory. I'll show you scientists (usually physicists) who believe no error is possible if you give me a little time. And I'll show you as many politicians as you like who believe no error is possible at the drop of a hat. But you will never, ever find an engineer who believes in the System That Can't Go Wrong. And I'm an engineer.
No vodka icon, so beer will have to do. Thank you Lt. Col. Petrov. Rest in peace and be remembered!
>>It's an advert. Only an advert. Or do you think TV companies, like UK Gold, shouldn't tell you about their sister companies? Or Classic FM (Global) not be allowed to mention what is happening on their local pop channels, if they should want to?
Selective reading there: UK Gold is not in a monopolistic position with TV. At least I hope not!
*gasp!* No! None of us knew that when we made our comments.
They can't "do what they damn well like". Not legally. It's called anti-trust or abuse of market dominance. It's what MS were penalized for by the EU when they tried to push IE over Netscape by leveraging their dominance with Windows. There are laws against it.
It's El Reg. so I suppose a car analogy is required. Suppose one chain of petrol stations had 80% of the stations in the country. And then they decided to produce a line of cars (or more realistically buy an existing manufacturer). They then started selling petrol cheaper for customers with their cars and more expensive for their rivals. Suddenly the choice of car no longer becomes about which is best or most cost-effective. It is distorted by the company's dominance in a different market. And that's a bad thing.
And nobody with a clue can argue that YouTube doesn't have market dominance.
>>They haven't in the EU.
They have. I'm in the UK and every time I visit YouTube with Edge I get a little blue bar at the top of the screen telling me to install Chrome. Not just once, but on every screen load. Doesn't do it with Firefox (not that this would make it okay).
Honestly, there's no browser currently that I'm happy with. They all seem to have gone to shit.
>>Actually, I only suggested wget for comedic effect. In reality, I can simply look at a URL and my brain renders it pixel-perfect in my imagination.
You are Richard Stallman, and I claim my complimentary Slackware ISO.
The biggest irritant with Edge is that if you use a Microsoft account, it's next to impossible to get it to not sign you in by default. You have to switch to private browsing mode after starting to avoid sharing everything you do with your browser with Microsoft. Contrast with Firefox where it's perfectly possible to not sign into Microsoft whilst having a Microsoft account on your computer.
This single fact has prevented Edge from being my default browser for some time.
I do like the developer tools built into it. If you've not used, you'd be surprised how good they are once familiar with them.
Whatever is fine. Just so long as they don't make a stereo model, please.
There are so many possible icons for Sir Pterry, but I think ultimately it has to be a tiny little discworld. No?
Perhaps for Douglas Adams, we could have a little heart of gold. It would be kind of touching. A Black Fedora would be great for Sir Pterry, though.
I use Paris Hilton sometimes as it's the only discernibly female icon.
Oh, what a representative for our gender! :/
>>Actually cats' insides don't inhabit the same dimension as the rest of them. This answers many things about cats. Why they turn up in odd places, etc. They are actually sentient alien drones, designed to examine every part of a world to decide if it is worth invading
So basically they're just an intrusion into our universe of pan-dimensional hyper-intelligent beings?
I think you'll find that's mice.
>>turns out, banksters and CEOs are the LEAST useful people on the planet, BUT the highest paid; hospital janitors are the MOST useful people on the planet, but paid the least...
Pay is determined by supply and demand. Hospital Janitors are easily obtainable. Good CEOs, you might be surprised to learn, are not. It's often thought that CEOs are not worth the millions in salary or bonus because "they don't do any work", also.
Consider this basic thought experiment. You are the board of a company with a billion dollars a year turn over. There are quite a lot of such companies, as it happens. Suppose you have two candidates and the difference in outcome is a mere 2% to your yearly revenues. That is one will be this tiny little bit better than the other. That 2% equates to $10,000,000 difference in revenues. Ergo it is well worth paying a few million for the one that is better.
Furthermore, let us examine the related scenario where the difference in outcome of a CEO busting their arse all year and cruising along working 9 to 5 is, again, 2% difference to yearly outcome. Suddenly it becomes well worth it to the company to offer that million dollar bonus for doing well.
Now of course, 2% is just a figure I picked to illustrate. But having seen first hand at companies I've worked at the decisions of the CEO having a much greater effect than that, I think it's pretty reasonable as a way to illustrate their market value.
Janitors meanwhile, might as a whole be vitale to society, any given one of them however has low market value (no offense to any janitors reading this but I'm pretty sure they're aware they don't get paid much).
Your logic is honestly pretty bad. You sound like you've been reading that execrable pretence of statistics, Freakonomics by Steven Levitt.
Voland's Right Hand - I really strongly recommend the following article which discusses the Google Memo. It's the invariably excellent Slate Star Codex blog and though long, is really, really worth setting aside quarter of an hour to read through.
I don't agree with everything Devroe wrote. Especially the peculiarly American Left / Right muddled preconceptions at the start. However, to call it "drivel" as you do is not fair.
And again, I'm going to venture that the large number of downvotes is not because you claim there is sexism in the USA. There is and I've unfortunately encountered it first hand. No disagreement. (Though it was in the area of Upper Management rather than amongst the ranks where everyone was very friendly and I saw no sign of it). I think the downvotes are because you took the extreme position of calling the memo "utter drivel" when Devroe both supports his points and is also at pains to emphasize that women are as capable as men in Tech. Indeed, I've known a couple that are some of the best engineers I've ever worked with.
I think it's important to state in case it gets lost in all this, that front end work is still very skilled work. I was a back-end person (C++, then databases) who has transitioned into management, but I have plenty of respect for UI designers and implementers. If I were to draw a comparison it would be that between being a doctor and being a consultant. The latter may require deeper knowledge of the systems and take longer to become one, but the former is in no way not vital or not something where experience and skill make a huge difference. I've had the good fortune to manage some top-tier front end developers and they have a grasp of the constant churn of frameworks, libraries and standards that seem to change daily. One week AngularJS is the latest, greatest. The other it's Ember.js. And they keep up with whether to use CherryPy, Django or whatever.
There's no clear line where Front End development starts and a good front end engineer is hugely valuable and hard to find. I'm a hoary former C++ programmer and DB specialist who has a really solid grasp of how everything works. I'd say my understanding IS deeper than the average front end developer and my work IS more complex. But they're more like the canoeist who has to constantly keep their head above ever changing choppy rapids. Total respect for those people who live on my roof, as it were.
Google has a LOT of programmes and policy to support women in the company. Including female-only programmes. The plaintiff's claim is that the reason for their different position / pay is because they are women. I honestly find that unlikely given what I know of Google.
Because proving their different position / pay is down to their gender will be very, very difficult, their main recourse is to try and prove systemic sexism. What they can't prove on the individual level they can still win by default if they prove the environment is sexist.
I honestly think that, at least at Google, they'll fail at that.
>>As for the idiot who they rightly fired: the premise that women are not suitable for a technical career clearly demonstrates he's a moron.
That was not his premise. In fact, that runs counter to a number of things he wrote in the piece that he was fired for. You plainly haven't read it. I will link it here:
What he argues is (a) that sexism still exists, (b) women are equally capable as a group as men in technical fields and (c) that women have a tendency to prefer other fields. As a consequence of (c), Google is wrong to ascribe all gender imbalance in jobs to discrimination and programs that preferentially advance women in an effort to achieve parity are therefore misguided and actually harmful.
I have of course stripped it to its utter bare bones removing all of the supporting and cited studies. I suggest anyone who's understanding of the memo is so utterly wrong as yours, read it properly. One can agree with it or disagree with it, but do so based on what he actually wrote.
The many downvotes you are receiving are not because people disagree that equal performance should mean equal pay, it's because you have built a strawman so large that we could sacrifice Edward Woodward in it.
>>"Well, DUH! What else are you going to burn them with?!"
Acid? Re-entry friction? Scathing comebacks? :)
No bootable pen drive distro? You should keep one handy for emergencies.
>>Shirley, you meant "uploading something"? I know I did.
Poster I responded to was talking about it updating itself with something nefarious - either software updates or dodgy malware definitions. So yes, in this context it is downloading.
It's not "bollocks". I had to remove McAfee from someone's shop-bought laptop years ago. Around six years ago? Firstly, Add / Remove programs didn't allow the removal of McAfee. They'd blocked that somehow. And your suggestion of searching the registry, manually killing processes, deleting install and operating directories and "a few reboots" is 'all that is required' isn't really making much of a case for removing McAfee being "not rocket science".
Seriously - why so angry?
Sure. But re-imaging isn't always convenient and would you really be happy if you suddenly found you had to re-image all 8,000 PCs in your organization? :) Plus, there are the other issues I mentioned. Yep, I stand by my calling this a PITA for Enterprise.
>>"So some of you seem to be saying that a Government has no right or obligation to protect itself?"
I think rather that we are saying a government protecting itself is not necessarily the same as a government protecting us. As many have observed, not only are we more likely to be spied upon by our own state than a foreign one, but our own state is far more likely to act in a negative way to us as well. If I anonymously leak something the government wants not to be known, or associate with someone the government doesn't want me to associate with, it's not going to be the Russian police who show up at my house. And if secret information is used to prosecute me for something, it's going to be that acquired by my own government, not by Russia or China.
>>K[aspersky], as do most others, "phone home" quite often. Oh, not to worry, they are all "checking for updates", that's all. But who has a packet sniffer going constantly to examine such communication and, further, has the ability to decipher exactly what may be in the transfer?
Well actually, not only do independent security researchers do it privately but I'm also certain that if Kaspersky were downloading something it shouldn't that we would have heard about it. Companies like Norton or McAfee or TrendMicro would love to be able to report "Our rival spies on you! Buy from us!" And they have the expertise to find such malicious behaviour because they are industry experts themselves (Well, TrendMicro are, anyway. ;) ). Equally, the NSA would drool at the chance to expose evidence of Kaspersky wrong-doing if they actually had any. I guarantee we wouldn't just be hearing "banned because maybe they might" if the NSA could pin something on them. So definitely there are parties monitoring for the things you say and quite expert parties at that. And their motives would unarguably be to expose anything they found.
US government seems determined to make life hard for Microsoft! First they try to scupper any hopes for MS's AWS services in Europe by acting like they own MS's data servers in Ireland. They carry out mass-surveillance on European allies ("This is not what friends do" - Angela Merkel's beautiful summary). And they introduce laws that allow them to force US tech companies to assist them in surveillance and criminalise telling that they do so. And now they're practically asking Russia to use GNU/Linux more!
And I thought El Reg commentards hated Microsoft!
Honestly, I think Eugene Kaspersky would be mad to provide the Source Code to the USA. Remember that Kaspersky Labs exposed both the Equation Group (NSA) and Stuxnet (Israeli and USA targeted malware), so it's not like we can assume neutrality by the US government. Indeed, the Equation Group has attempted to penetrate Kaspersky Labs before. So Game Theory perspective we have the following possibilities:
1) Kaspersky software has sneaky backdoors in it.
2) Kaspersky software does not.
If it's #1 then obviously it's not in Kaspersky's interests to share source code. (Though you're right - proving executables match the source is a non-trivial task, I fully agree).
If it's #2 then Kaspersky knows that they are innocent and that this is likely for ulterior motives. In which case providing the source will only be giving away something of value for little likelihood of fair treatment.
So basically, there's no good reason for them to share source code. I suppose they might - because I suspect it's clean - but they'd have to be very optimistic to do so. And given the last hundred years of Russian history, I salute any Russian who is somehow an optimist. ;)
>>Is it really that difficult?
Nah, it's a fairly simple operation. Unlike McAffee where I had to download and run a (well-hidden) executable from their website to get rid of their bloody "1 month free" install from a shop-bought laptop. :/
But seriously, it can be a pretty big headache in Enterprise. You've got to arrange its removal from x hundred PCs in your organization, you've got to find the budget and organize purchase orders of a replacement, deal with any process changes for distributing updates centrally to whatever new virus vendor you choose. And the necessary meetings, of course. ;)
Basically, US government has just handed down one more PITA to the busy sysadmins of America. For (I strongly suspect) political point scoring. Or perhaps just a quick buck for American AV vendors. Who knows? :/
>>He's trying to move his case from one of lying/stealing/raping to some un-prosecutable case of "just being a jerk".
Couldn't be bothered to look up what he was charged with, then. Raping? :/ He was sentenced for two counts of security fraud and one count of conspiracy to commit security fraud. He was found not guilty on five other counts of security fraud in the same case. His investors - who the state was acting on behalf of - actually made quite a lot of money from the investments so the case would probably never have come to trial if the State hadn't wanted to find him guilty of something. And this is accurate whether you like the guy or not. If the criminal actually gives you a three-fold return on your investment, you're unlikely to sue him and it never came up until he came to public attention and became a hated public figure. (The charges related to his career as a hedge-fund manager a couple of years before the drug price furore).
The fundamental rule of the rich is to pretend to care about the poor. It's the thing that stops outright revolution! And Skkreli broke that rule.
There are plenty who have done worse and got away with it. And for far less reward. Shkreli's great sin, is to be publically unapologetic and say if people didn't like what he did then they should make it illegal. He doesn't understand the vital role that hypocrisy plays in wrong-doing.
From the moment he smiled on camera and said he didn't care, it was inevitable he'd be put away for something and no jury in the land would acquit him. You can care about money more than people all you like... but you shouldn't say it!
Did they check to see if either of the crashed drones left a note?
>>Kaspersky just came out with a product for running critical power infrastructure that can be wiped out with a single update from central command (or the FSB).
Well Kaspersky Labs were the people primarily responsible for finding and examining Stuxnet - a piece of malware designed for infiltrating and subverting hardware such as used in power infrastructure. So they have strong qualifications in this area. Alternately, I could go with a supplier actually based in one of the countries that created Stuxnet. ;)
>>I'm not talking about the U.S., I'm talking about Russia, and Kaspersky, which is the point of this article. Please save the "whataboutism" for someone who will fall for that.
Well firstly, this is a fairly casual place. If you go all anti-Russian zealot in your posts scattering the thread with one-line comments like "hope you got well-paid for that, Natasha", then you have to expect that somebody is going to point out the obvious fact that the USA meddles in foreign countries more than everyone else put together. ;)
And secondly, it's not entirely "whataboutism". Given the state of security of Windows, it's at least a little bold to fly without any AV at all. So you have to pick one. And if you're going to criticise Kaspersky for spying on its users (no evidence whatsoever of this, btw), then it's not whataboutism to observe likely risks in its competitors. I mean we know that the USA engages in surveillance on a staggering scale and that US companies are legally obliged to assist with this and subject to criminal prosecution if they reveal such assistance. So how is it "whataboutism" to compare with the USA if the attack on Kaspersky is because it is Russian?
>>Or should I read the whole article before posting?
Why break the habit of a lifetime?
>>Neat story, but if you've already been condemned to death, the thing about the other guy being the aggressor has already been satisfied
Uhhh, it's not a story, it's a joke. And a joke that goes: "This chief said he was going to execute everyone so a Russian guy shot him" wouldn't be a very good one.
In Capitalist Amerika, Bank robs you!
What you say is quite true! It's a different set of cultural values. There's a joke about Russians that only really works if you know Russians / follow Russian politics, but I'll tell it anyway:
A German, an American and a Russian are all exploring the jungles of South America when they're captured by a long forgotten tribe who decide to execute them. But the chief says: "I am not a cruel man. I will grant each of you a last request." So the German thinks about it and says: "I would like to have sex with several women before I die." So the chief claps his hands and several beautiful, scantily dressed tribeswomen step forward and lead the German away to their hut. In the morning, the exhausted but happy German is led before the chief and executed. Meanwhile the American has asked for a last meal. So the chief claps his hands and all sorts of foods are brought before the American - roast jungle piglets and fruits and nuts and everything the tribe has. The American eats a stunning amount of food before finally getting up and waddling before the chief able to die happily having stuffed himself silly. At last, it is the Russian's turn and the chief asks what he would like, to which the Russian replies: "I would like you to punch me in the face." The chief is bemused but punches the Russian in the face. Immediately the Russian reaches into his bag and pulls out an AK-47 and begins shooting everybody. As the tribespeople flee and the chief lies bleeding on the ground, he looks up at the Russian and asks: "But if you had that all along, why didn't you pull it out earlier and save the German and the American?" To which the man replies: "Because Russians are not aggressors."
Not only are Western governments more likely to spy on Western citizens, but they are more likely to act on it. If you anonymously reveal some information the UK government wants its citizens not to know about, if you buy some or sell something forbidden, if you read something you're not supposed to read... It's not the Russian police you have to worry about showing up at your house.
>>Then next year, after a quiet word from the Whitehouse, they extend this policy to blocking Wikileaks, then the ACLU, then Greenpeace, then the democratic party.
I can give you a "this year" example. Criticism of Israel is legally part of the definition of anti-Semitism in the USA and the same definition was adopted in the UK.
So if you have legitimate criticism of Israel, that's legally Hate Speech. Which is blackly hilarious if you happen to be one of the many Jewish critics of Israel.
>> It is dangerous to civilized societies to allow its presence or growth.
And which solution to that do we as a society prefer? Mockery and public refutation of its claims? Or saying: "Hey, government and companies - here's a big stick, please use it on the Bad Guys only". Also, the stick is a big can of paint that only covers over the problem.
It's a weird metaphor, but I think you see where I'm going.
There's a concern here which is that these registrars are largely refusing service because of PR fallout and boycotts. The scenario where sufficient public pressure denies people the ability to purchase a service is a pretty concerning one. I'm sure everyone can think of something they wouldn't want bullied off the Internet by an angry twitter mob that is a likely target.
Biting the hand that feeds IT © 1998–2018