First, they came for the CD-R's
I can't help but think this is going to end poorly for them, but I guess this was always on the cards after being involved in so many data misplacement headlines.
117 posts • joined 2 Oct 2008
"But isn't facial recognition face books raison d'etre?
Perhaps, but what happens if said young victim later attempts to post a perfectly innocent self portrait picture, which then gets flagged, deleted and their account automatically banned due to a facial recognition match?
I've also seen other suggestions that Facebook should be held to the same standard as magazine publishers etc. Consider though that the effort to collate data, edit, print, distribute and sell a magazine or newspaper requires considerable financial outlay, significant amounts of specialist equipment, and a number of bottlenecks that aren't completely automated. This puts publishing images in physical print beyond the reach of most people.
Anyone can post anything on the internet from a mobile phone that (at least here in Australia) can be obtained for very little immediate financial outlay.
This isn't even comparing apples to oranges.
I suspect that if Facebook was required to vet every image posted (or even only a percentage based off some kind of heuristic scan) with human eyes, they would need to hire a truly insane number of people, and things would still potentially slip through the cracks.
"Specialises in electronic warfare, stealthy "hit'n'run" and making enemies disappear mysteriously while making a profit."
The issue is that it would never actually make it to the war, due to the liberal application of its patented excuse generator. Props for making a warship that runs on pints and onion bhajis though.
You would probably also need to start lining up quite a lot of replacement admirals, due to the unavoidable attrition rate.
I'm not sure I could stomach (please forgive the pun) a hot Christmas feed on the day when it's something better than 32 degrees C outside..
We go for a decent selection of cold cuts, including smoked turkey and ham, a bunch of pickled vegetable varieties and an obscene amount of cheese. This is all accompanied by various carbohydrate forms, fluffy and pillowy chunks, flat crunchy discs etc.
This usually gets set up in the middle of the house mid-morning, and then grazed on all day. You can be liberal with alcoholic condiments to taste.
The brandy soaked Christmas pud is non-negotiable though, with lots of custard on the side.
Icon because that's what the weather is like here in Oz on Christmas day.
I know IBM is the industry whipping boy for stupid mistakes at the moment, but in all honesty, this was setting them up to fail.
Why the hell does a government keep sensitive military and police data in the same bit bucket with normal registration information!? In *ANY* IT system, someone somewhere has the ability to wander in and out of the system at will. By putting all this in one place, you have to accept that at least one person in the chain has the ability to grant access to any or all of the data to an unlimited number of people. The worst part is, you can have a data spill like this not from malicious intent, but (as the article says) from common, garden variety ineptitude.
Pretty much all big business contractors will only work to the contract. If you want something extra that you failed to negotiate for in the original contract, it'll cost you extra. If the Swedish government kept everything in one place like this, and then outsourced the lot without putting some obscene contract terms in to specifically limit where the data gets manipulated, and who has the ability to grant access to it, then this fail is all on them. IBM's involvement was little more than the equivalent of trying to use a bucket of kerosene to put out a bonfire.
"The important question is how did they understand there was a similarity in the first place?"
Keep in mind that computers (and by extension, AI) are designed to work in a way that is modelled on human thought. This however, is not a direct analogue of human thought processes. The human brain is a highly evolved pattern recognition engine, with significant wetware components that will instinctively respond to certain stimulus, and can make huge leaps in both logic and intuition to link an image to an experience. A small child will often understand the concept and purpose of food long before they are able to articulate what any given type of food actually is. Realistically speaking, an AI will never understand food in this way, because it doesn't have the same requirements for it. About the best you can hope for is that the AI will work out how to flag items correctly as "food" (simply a category to the AI), regardless of whether or not the item is actually a hot dog.
"AI guru Andrew Ng once said worrying about killer artificial intelligence now is like worrying right now about overpopulation on Mars: sure, the latter may be a valid concern at some point, but we haven't set foot on the Red Planet yet."
With all due respect to AI gurus everywhere, I don't believe this is a valid argument.
Okay, to be fair, "worrying" is probably not productive, but considering it as a potential problem isn't such a bad idea.
It's a little bit late to start considering the problem once you've already implemented something and it goes horribly wrong. The very concept of change management is built on this idea. and it applies just as readily to overpopulating Mars as it does to AI going rogue.
In the Mars example, why not consider now what resources are required per-person to survive there (including requirements like land area requirements, redundant systems for safety etc. etc.) and then calculate a sustainable colony size that allows for appropriate scaling due to the inevitable population growth (I lived in a town where the only things to do on a Friday night involved two TV channels or stupid amounts of alcohol. Unless your colony is gender segregated, you're going to have space babies at some point, even if only out of boredom).
The same is true for AI's. It didn't take long for those negotiating smart frames to develop their own language, so a small amount of consideration now may well avoid considerable effort to correct an issue later.
To use a (moderately) famous quote: "The avalanche has already started, it's too late for the stones to vote."
We haven't triggered an avalanche yet.
It might be a good time to vote.
"a Microsoft license key..."
It got me wondering where I'd left my elder sign medallion.
Hmm... now that I think about it, perhaps there was something more behind the "dance monkey boy" video from that old Microsoft developer conference...
Ph'nglui mglw'nafh Cthulhu R'lyeh wgah'nagl fhtagn
Mine is the mysterious looking set of robes, and please don't forget the wizard's hat!
"It's PETA's attempt to begin to establish a legal basis for the extension of human rights & freedoms to animals"
I'm honestly not so sure. AFAIK (Oblig: IANAL) copyright appears to be about controlling a work so that the creator can profit from it. Part of the reason that content distributors and associations typically litigate on behalf of content creators is because they receive a chunk of the profits on said works for themselves.
One wonders if the Painfully Exasperating & Troublemaking Asses are running out of income in a world where armchair activism merely requires "likes" rather than actual cash. That would make this a common, garden variety cash grab. Occam's razor and all that.
Mine's the leather one, waste not want not.
The only way this is going to go away is if someone(s) in the tech industry authors a very public, and very descriptive impact statement of the implications behind what they're asking for.
Write it in terms that Joe Q. Public can understand. Highlight the risk to loss of personally identifiable and/or financial information. Highlight the risk to small and innovative businesses that only exist due to the safe, robust and easy way to currently trade online without the need for expensive brick-and-mortar shop frontage.
Most importantly, write it in a way that shows everyone that regardless of intentions, there is nothing to stop the (nominal) targets of this legislation from authoring and using their own encryption tools that don't suffer from the limitation of being breakable. Highlight the fact that they are essentially insisting on putting an axe through the fabric of the internet for precisely nothing.
I'm not going to get into the "which one is best" pissing contest, for a huge number of reasons, but in terms of Sci-Fi that I've enjoyed, I'd add in two up and coming newbies:
Killjoys (Canadian made series I believe) for snappy one liners and some interesting long term plot arcs
The Expanse. It started fairly badly, I'll grant you, but the plot started to develop nicely by the end of the first season. Hopefully season two will be out some time this century.......
This is right up there with the time we sent out a "do not reply to emails like this one" notification with an example phishing email in it.
We received five replies in an hour from users who were sending us their login credentials, including the frequent flyer who triggered us to send the notification by having to have his password reset *AFTER RECEIVING THE VERY SAME PHISHING EMAIL USED AS THE EXAMPLE*
I'm particularly fond of the part where they equate using a warrant to demand access to a safe or filing cabinet to accessing data via "not-a-backdoor"^TM for encrypted comms.
This is about as nonsensical as the MPAA/RIAA/etc. equating digital piracy to physical theft.
One would suspect that having a warrant would force the owner of said safe to either open it, or be pinged for obstruction of justice. Unless the safe owner was foolish enough not to reset the combination, the manufacturer might have some trouble opening the safe without resorting to some sort of brute force method.
They seem to think that a warrant would magically cure this problem in the digital world, which suggests that they believe in magic, or more likely, that they still have no idea how computers actually work.
"a) Was this event the result of the action of one single individual with emotional/mental issues."
With all due respect for the victims' families and the ongoing investigation, but I personally have strong doubts about this specific point.
Lets assume for a moment that this is what happened. Surely if someone suffering serious enough psychological issues chose to end their life, and also chose to use a commercial aircraft full of passengers, there must be some reason for their thinking.
This is the point where the hypothesis breaks down for me.
If someone did this, and had a personal reason for doing it in this way, then consciously choosing to make the aircraft nigh-impossible to find would surely invalidate whatever reason was behind their motivations.
I'm exceedingly aware that suicidal levels of depression can impact on the ability for people to think rationally, but even so, if this was a deliberate act by someone, then the message was clearly lost with the aircraft itself.
"there would be at least one of them who would"
This may well be some inescapable proof that at some level, all humans are fundamentally the same. The geek equivalent of "hold my beer" if you will.
I doubt you'll ever find a career information sheet on science that would talk about "scientists standing on the backs of smoking corpses who did something ill advised and it went wrong". It might not send quite the right message to impressionable young minds.
I'd personally be chasing the balance point between speed and reliability. Being able to push the signal further between repeaters will mean a reduction in at least one possible point of failure on long haul infrastructure. Lowering your mean time between failure (assuming no catastrophic natural disasters or idiots with a JCB and a loose and free attitude to trench digging) is a hell of a cost saving, and may offset the price of more expensive kit, at least to some extent.
Still... 1Tb+ long haul links and multi-gigabit speeds to the home does sound awfully good..
It's certainly defining a trend, and reminds me of a charming phrase in use amongst old LAN party buddies back in the day.
To wit "It keeps going down faster than a two dollar hooker!"
I may need to use that new acronym though, I can see a whole lot of places that it can be used as a valid error code.
Just a breach...
of the security systems...
on some IT equipment...
While I understand that there's a distinction between the two, its an incredibly fine one. Especially considering that trusted insiders are recognised as a valid threat to ICT security. Not to mention the fact that we are talking about personal information belonging to taxpayers.
"I suspect thoughts are entangled"
Would this make the human brain the original quantum computer?
To put it another way: Schrödinger's thought process -> a human is both smart and incredibly stupid simultaneously, and listening to their thoughts changes the outcome?
I know, I know, mine's the one with poison in one pocket and a kitten in the other.
"Even as such, you have NO IDEA what my core motives are."
Oh I dunno, I make the count at least two for three, since it seems I did hit a nerve.
Whenever I've been wrongfully accused of something, I've not bothered with getting aggressive or reactive, since I personally believe that doing so isn't even slightly productive. I simply gather up all the evidence that shows why the accusation is wrong, and present it in a calm and deliberate fashion.
Having said that, I think you missed a couple of key aspects of my original post, specifically the qualifying word "Often", as well as the part where I stated my own personal preference for the subtle approach.
Still, your response was certainly informative, even though (or possibly also because) it was posted Anon.
.. when you call someone out, and their first reaction is aggressive, it's obvious that you've hit a nerve.
In this way, it's often easy to identify someone's core motives. The catch 22 though is that by taking an aggressive stance, you similarly give away your own motives. I usually prefer a more subtle approach, but then I'm not the one playing in a game with stakes as large as this one.
Were I in the position to be required to report changes like this, and chose to give in to my inner BOFH, I'd set up an automated script to forward any network changes (no matter how tiny) to George's email account. If I wanted to go true scorched earth, I'd make sure to attach as many files as possible to "properly" document the change, and perhaps use file types that were either ridiculously obscure, or had very bad file compression algorithms.
"As for the idea the Panopticon will be Too Much Information, ever considered they could winnow the stuff through machines first?"
The trouble here is that while machines are excellent at pattern recognition, they'll only ever find the precise thing you tell them to look for. Heuristic scanning is notoriously hit and miss, and even then, you still need to give the system a series of baseline behaviours to check against.
I think Vic has the heart of it though, there are two ways to hide a message. Either squirrel it away and hope nobody trips over it, or generate so much noise that nobody is sure if what they're hearing is random crap or something of value. Too much signal tends to make your average Joe tune out.
"About encryption, the HTTPS-hosted communique says it can “severely undermine public safety efforts by impeding lawful access to the content of communications during investigations into serious crimes, including terrorism.”"
I say chaps, it's blasted inconvenient of you to be speaking in a way that we can't understand!
I'm having genuine trouble believing that the leaders of multiple countries are thick enough to think that stamping their collective feet like petulant children is going to miraculously solve this problem for them.
Does anyone want to place bets on how long it is until someone writes an app that not only encrypts a message, but then uses old-school style cyphers to hide the messages inside innocuous looking plain-text internet posts?
Pertinent question: Do the radiation monitors run Windows, or are they some sort of hardware device that natively talks via RS232 (due to the age of the hardware), which would require computers that can still run the legacy drivers required to manage the interface?
I've seen many a legacy system in my time, and I can't imagine you'd get many volunteers to deploy a new monitoring system in an environment as "hot" as that.
"Each OS, CPU and networking technology you introduce into the mix raises the difficulty for an attacker more or less exponentially."
Your statement is logically sound, but the concern I'd have is that the effort required to support and maintain such a system would also increase at the same rate. Furthermore, unless each of your Sys Ads fully understood the architecture end to end, there might be a chance that they would unknowingly provide an exploit or attack vector by misconfiguring a segment of the system.
That is assuming they don't just get lazy and build their own back doors and loopholes to make their lives more convenient.
As a way of illustrating the point, consider the arbitrary password requirement rules that many large enterprises still force on their staff, regardless of the advice from SME's. If you make your password policy so onerous that your end users resort to writing their passwords on post-it notes, you may as well have not bothered. The same could be said for other aspects of IT security.
"What I mean by that is the ransomware outages have been resolved after a few days, and the loss of a day or two's worth of work is not enough scare the bean counters into investing in security."
This depends largely on two factors, the size of your workforce, and their ability to maintain limited functionality during the outage. If you have ~100 staff at a site that is completely off the grid for 48 hours, and those staff are paid an average of $50k a year, that's close to $30k that you've poured down the drain. If you can implement more effective security controls for less than that, you've just shot yourself in the foot.
The trick now is for clever IT people to use the hype around this outbreak to claw back some of their operating budgets from the bean counters.
"Somehow I don't think warships are connected to the Internet, so sneaker net is the only way viruses can be spread. But since everybody is trained not to plug anything in from home, even that risk is very low. Generally speaking (no pun intended), on defense equipment the CD-ROM drives and USB ports are disconnected to prevent potential infection."
In this day and age, complex IT based systems are not just useful, but necessary for the operation of modern equipment. When you get to the point of human interface, it's often cost effective to use systems that they are familiar with, which is something that both MS and Apple have attempted to exploit since the dawn of desktop computing (to varying degrees of success). It's also often good to have (hopefully encrypted) satcomms so that staff who require information access can use live, interconnected systems for document management, configuration control, etc. etc.
The HMS QE isn't the first military transport that I've heard of that uses a Microsoft desktop product in this way (nor even the first that may or may not still be using XP). I'd be careful about assuming that the risk is low of casual insertion of USB devices though. Quite a few operational systems require more than casual data transfers of system health monitoring data, and there's always the frequent dog watch shifts at 3am where everything is quiet, the boss is asleep, and a maintenance crew member happens to have the latest <insert TV episode or blockbuster movie of choice> in a thumbdrive in their pocket.
I did attempt to use language that would indicate it as a personal opinion, rather than a sweeping judgement, but there you go.
Warning: Anecdotal evidence incoming.
Speaking as another 40+ year old, I recall when I was still in school there was a specific point where the actions == consequences dynamic shifted. For the most part, children my age had a fair grasp of where the lines were. Almost all of us also knew which ones could be pushed, and which ones to avoid like the plague. For example, none of us would have dreamed of physically assaulting a teacher.
While I was in high school, the "things you can't do to kids" message started coming out. While I agree with the spirit of the message, it's pretty clear that the delivery of the message was fumbled badly. To the point where a kid threw a compass (think circle drawing) at a teacher. The teacher ended up with half an inch of steel spike stuck in his leg, and the student got a two week holiday from school for his crimes. This is one example of many that occurred at that particular school. While I'm aware that demographics have an impact on this type of thing, the demographics for this particular school hadn't changed in the six year gap between these events, and this was a comparatively small school. Furthermore, before this point in time, even the schools in the area with the worst possible reputation did not have reported incidents of this type, however after this time, such reports have become common.
I remember many stupid pranks being performed by people my age and older. I've also heard about many other old-time pranks that may have been over the top, and involved petty larceny or minor property damage. What I don't recall hearing about regularly until much more recently are stupid pranks that led to criminal records, permanent disability, or even death.
I should point out that you latched on to my comment about actions having consequences (and specifically highlighted that young people in general, regardless of generation, don't seem to grasp it), but ignored the fact that I felt that in the specifically discussed case, that I personally think they were heavy handed.
"Guess he's lucky they didn't charge him with a felony for every yearbook given to a minor.
It sounds to me like someone wanted to make an example of him to curb similar pranks in the future. Personally, I think it's a little heavy handed, but then I also feel that younger generations appear to have less grasp of "actions have consequences" than they possibly should.
"Why the hell did England have to send us the Puritans? Couldn't you have sent them to Australia and given us the convicts?
I'm not totally sure that anyone that up-tight would have survived the great land of Oz. Similarly, I don't think the typical Australian larrikinism would have worked very well for the leaders of the free world.
I don't know how things stand outside Australia, but I know that here if your money vanishes from your bank account, it's up to the bank to recover the missing money. On that basis, the big four at least will generally return your money to you and then go hunting for the perpetrators.
In order to both minimize loss as well as risk, the banks rely heavily on encrypted transmissions to secure your money.
Unless the politicians add a specific bypass clause for banks (and probably Government themselves), then the pro-privacy cause may well get some backing from some very wealthy organisations with a serious interest in secure encrypted comms.
"6) If the system doesn't see the speed limit change because a tree limb blocked the camera(s), who pays the ticket?"
Why rely on optical imaging which is, lets be honest, buggy in all its forms. Either require the local planning agency to post the speed limits for road sections so that the onboard systems can update accordingly, or use RFID in speed sign gates as a direct instruction to the system.
Hell, to avoid someone playing stupid games like swapping speed signs around, do both. That way you inject a form of error correction into the whole thing.
"Why not a 40 year old with over 20 years of driving experience? Presumably because the latter is a much better driver
I've met plenty of 40+ year olds with decades of driving experience who are truly frightening to ride with. The issue is not so much to do with whether or not humans can or can't learn from their mistakes, but rather how much damage and/or loss of life can be mitigated by automated systems.
Even the very best drivers can make mistakes due to fatigue, distraction or a host of other events. Automated systems have the advantage of never getting tired, and never losing focus on the task at hand. This has already been well and truly proven in areas like manufacturing, to the point where automation is recognized as a key method of removing risk of injury in many workplaces worldwide.
Lastly, keep in mind that while most road rules seem restrictive, they exist to protect the masses from the lowest common denominators. No matter how skilled you may be, there's always a chance that someone else's inattention might lead to your death.
"who are the rest of them?"
I've recently heard anecdotal evidence of door swipe access control systems administered by a third party vendor using RDP via unfiltered internet.
Yes, this is something that someone paid money for. It also supposedly requires admin privileges to administer said software.....
"aren't all "real" people at the end of a Valley-grade 100Mbps pipe?"
This has always been my gripe with the "must have internet connection to play" type stand-alone games. If I'm playing a single player game, heaven forbid I'm doing it somewhere that isn't connected to broadband, or in a country where such a thing is either incredibly uncommon, hideously expensive or both.
This invariably steps in the way of such things like recurring software licensing or releasing an incomplete software product in a way that allows the surreptitious upload of the missing components before the end-user realizes. Oddly enough, both are symptoms that can be linked to the quest for the almighty dollar...
" there may be a different view about the privacy of an alleged trrrrst."
I think this deserves a little more discussion. AFAIK western common law is built on several pillars, one of which is "the presumption of innocence until proven guilty". I'm enough of a grown up to know that achieving this requires evidence, but I'm profoundly disturbed by the implications behind the words of our illustrious PM..
Does he similarly think that the privacy of his law abiding citizens isn't as important as public safety? Or is he somehow suggesting that only terrorists will have their privacy impacted by the use of these tools? (Note: I very deliberately didn't indicate who would be operating the tools).
It seems to me that terrorism is about spreading an agenda through fear and violence, and if this sort of push from our governments is the result, then it's pretty clear that they're having an effect.
I'm not sure Mr. Shorten could have sounded any more old if he'd broken out the rocking chair and walking stick and followed by shouting at the interns to get off his damn lawn...
I'll be honest, I've never really given Bitcoin enough of my attention to fully understand it, but I'm at least bright enough to know that there are people out there who do. If you're looking to know more about such a thing, you trust these subject matter experts, and listen to what they have to say.
It's also not like money laundering hasn't been a thing for decades...
Biting the hand that feeds IT © 1998–2019