* Posts by Graham Cobb

438 posts • joined 13 May 2009


London's Met police confess: We made just one successful collar in latest facial recog trial

Graham Cobb

No, Lee, you are wrong.

Not about the law -- I am happy to take your word on that.

However, you are wrong that avoiding surveillance is suspicious. And you are wrong that police guidance should not make it completely clear, to every constable, that it is unacceptable to society to have police stop anyone because they are refusing to be photographed. Just like it is unacceptable to society to have people stopped and spoken to because they are taking photographs. Neither activity is suspicious. Neither activity should interrupt someone's enjoyment of the public street.

Your example of the person walking near a burglary is irrelevant. Then a crime has been committed and the police need information from witnesses as well as a heightened level of suspicion of anyone who might have committed the crime. All reasonable.

There is no requirement that we assist the police. If they want to take photos in public that is up to them. But they have no more rights than anyone else doing that. If I don't want to be photographed that is equally my right. Applying coercion, by having a constable lurking ready to stop me if I avoid being photographed, is not acceptable and needs to be clearly banned if this technology is to be used for real.

Bottom line: hiding from surveillance is not grounds for suspicion and will not be accepted as such. That needs to be made very clear to every officer involved.

Graham Cobb

Since when is hiding your face to avoid cameras "acting suspiciously"? We are all entitled to be as visible or as invisible as we like in public places, just like we are all allowed to take photos in public places. If I am a private person and don't want to be photographed in public, I cannot stop the photographer taking the photo. But I am certainly entitled to hide my face. It is no different if it is the police taking the photo -- maybe even more so as it is very likely to be much longer lived.

If that was what he was doing, the police had no reason to stop the man. That is the big result from this trial, which must become an important issue in any subsequent analysis of the results: a man was stopped by the police for no reason and questioned. That must not be allowed. There should be no concept of "longer than strictly necessary" -- hiding from the cameras must not be a reason to stop anyone.

British cops told to scrap 'discriminatory' algorithms in policing

Graham Cobb

Re: @ Graham Cobb

I have argued in another reply why the stats are, unfortunately, completely broken because of the impact of selection bias on the process.

However, even if they were right, profiling is never the right option.

* Individuals != profiles. In our society, each person should be treated equally, and are equally innocent until proven guilty. Even if 99% of people fitting a profile were criminals, that would not make it right to discriminate based on that profile.

* Change can only happen if people can break away from stereotypes and profiles. Even if profiling catches more criminals but it does nothing to encourage people to adopt another course.

* There are plenty of criminals who do not fit the profile. Why should they get away scot-free?

Instead of profiling, the answer is more police on the beat, visible, engaged and, most importantly, accessible to and supported by the community. If the community sees the police as effective, and fair, police will be able to actually have an impact on crime.

Policing is hard. Very hard. Deliberately so: society needs a police force who are fair and effective but respectful and with limited powers. Giving the police crap tools (and resources and training) just makes their work even harder and society sees negative benefit.

Graham Cobb

Re: Bias is self-perpetuating in lazy statistics

No. If you read @random's post again you can see that as the incorrect results persist, and the bias gets greater, the numbers get even worse. Even if the situation changes and Group A are carrying fewer knives than Group B their numbers will still be worse because of the self-perpetuating selection bias.

What is required to get meaningful data is that the samples (i.e. those stopped and searched) must be truly random (and also that bias is eliminated in later stages, like deciding whether to caution or prosecute, and at prosecution and trial stages). Otherwise, the data on which the profiling, analysis and AI are based is just complete garbage.

Graham Cobb

Even if the stat was true, it would not justify stopping the 90% (equally made-up stat) of black men who are perfectly innocent of any crime.

Graham Cobb

Re: Is it still discrimination...


Not cool, man: Dixons spanked over discount on luxury 'smart' fridge with wildly fluctuating price

Graham Cobb

Surely that should have been a complaint to the local Trading Standards office? I always thought the sale price rules came under the Trade Descriptions Act. That is what has teeth.

The ASA have no teeth -- if there is a crime being committed complain to Trading Standards instead.

Jammy dodgers: Boffin warns of auto autos congesting cities to avoid parking fees

Graham Cobb

Re: I said that!

Yeah, it's a pretty obvious problem that has been discussed on here before. The trouble is, before solving it, we need to work out what the best policy goals should be.

Is it better to encourage the cars to go home and sit outside their owner's houses all day? Or to provide massive, cheap, all-day parking at some out-of-town location with good links back into town? Or to encourage people to not own one of these but just use them as automated taxis, so once they arrive at work the car goes off carrying people around the city?

Ad-tech industry: GDPR complaint is like holding road builders to account for traffic violations

Graham Cobb

Betamax case

It is already better known as the "Betamax" defence: https://en.wikipedia.org/wiki/Sony_Corp._of_America_v._Universal_City_Studios,_Inc.

No one has ever suggested that video recorders were developed for any purpose other than recording TV, but they are legal because they are "capable of substantial noninfringing uses".

Did you know? Monday was Data Privacy Day. Now it's Tuesday. Back to business as usual!

Graham Cobb

Licences to process

One thing that many firms (particularly US ones) fail to understand is that the data subject is actually the data owner. You may have gone to a lot of time, effort and money to gather data but if it is about me then I own it. Thanks for gathering it for me. If you want to even process the data you have gathered you need a licence from me. Let alone if you wanted to transfer or sell it, or some conclusions drawn from it, to someone else.

This guiding principle, which is as simple, and as complex, as copyright, needs to be clearly enshrined in law. Once we have that in place, we have the basis of a functioning personal data economy. I may be happy to grant licences in exchange for valuable services. Or I may not.

And this applies to data that is created or inferred about me from other processing. Even if I didn't provide it (maybe you are a phone company and someone dialed my number, or you are LInkedIn and a contact gave you my email address), if you have some data about me you need a licence from me (with a traceable record to prove you have the necessary licence) to even process it.

Of course, there may be some exceptions -- a sort of personal data "fair use" for example. Lots of details, just as with copyright. But a perfectly logical and reasonable way to build an information economy.

Graham Cobb

Re: Good comparison.

And the lead paint comparison is good as well.

For example, all health-related data (including fitness tracker data) should be considered completely toxic. It cannot be transferred between companies without explicit authorisation (for that particular transfer, for that particular purpose) by the data subject. And it cannot be processed or combined with other data.

Of course, that would scupper all the e-health startups. But, sorry, you are the equivalent of lead paint manufacturers. Close down and do something else.

UK.gov told: If you want public to trust surveillance cam strategy, throw money and manpower at it

Graham Cobb

Re: In 2019 you can still be a Thought Criminal.

About bloody time too!

Surveillance of people at peaceful protests should not be allowed. And legal political or trade union activity is none of the police's business.

Wanted – have you seen this MAC address: f8:e0:79:af:57:eb? German cops appeal for logs in bomb probe

Graham Cobb

However, while IMEI is used to authenticate, it may not actually be stored anywhere

I think you will find that under data retention laws, mobile operators have to store the IMEI. For at least a year in many countries.

Attention all British .eu owners: Buy dotcom domains and prepare to sue, says UK govt

Graham Cobb

Re: Wow, it's almost...

Lets say remain win. All the guarantees is another vote later. It would be impossible not to go to at least a best of three situation.

Complete rubbish! The first vote was on an aspiration. We have now negotiated the best deal we can get and now we know the terms which apply if we go ahead with leaving.

Our negotiations included playing the "ooh, if you don't give us a good deal we will leave without a deal and that will cost the German car industry a lot of business" card -- that is the reason the deal is as good as it is. The negotiation has happened, the only alternative now to accepting the negotiated deal is not to leave after all.

The second referendum will be on whether we want to leave on those terms or withdraw our resignation. There will be no question of a third referendum -- there is nothing to ask.

If Remain win the second referendum, Brexiters can try again in another generation if they want. But not before.

And the next 7nm laptop processor will be designed by In, er, AM, um, Qualcomm: The 64-bit Arm Snapdragon 8CX

Graham Cobb

Linux workstation?

I like the idea of my replacement Linux workstation actually being low power and fanless. At the moment I am looking at a traditional big, high-end Ryzen system but maybe I should move all the hard stuff into my big, noisy, power-hungry server and go for a small, quiet and low-power workstation on the desktop instead?

Any chance it will run off-the-shelf Debian Testing?

Oz opposition folds, agrees to give Australians coal in their stockings this Christmas

Graham Cobb


The most scary thing about this is not the legal ability to force companies to assist (I can easily get around that by creating my own crypto -- and non-corporate tools with no one to serve the TCN to will soon be widely available); it is the lack of visibility.

It should be essential that we, the voters, can track how much these powers are being used. Instead of being secret, every company should be required to announce when they receive a TCN, and the full details (including the list of who's communications were intercepted) should be published within one year (extended only on authorisation by a court, and only for individual affected accounts).

We know that powers such as these get misused (often with the best of intentions). Just look back at the history of cases of police infiltration of trade unions, campaign groups, human rights groups, anti-war or anti-bomb activists, etc. All with abuse of powers intended only to save lives.

I can understand the Australian opposition being weak and naive enough to be convinced that these (ultimately ineffective) powers are important. I can't understand them not requiring the removal of the secrecy as their price for approval.

Berners-Lee takes flak for 'hippie manifesto' that only Google and Facebook could love

Graham Cobb

Quoting a mouthpiece for the RIAA???

I strongly agree that Internet giants with significant market power need serious regulation to prevent their anti-social actions, particularly around privacy.

However, first there needs to be strong regulation of media companies who not only have market power but create cartels like RIAA and MPAA. Their anti-social abuse of copyright, a measure designed to augment the public domain by reserving some rights for a very limited time to allow reasonable profits to be made, needs to be strongly curbed first.

Modern technology has so dramatically reduced the costs of distributing content that the limited profit intended to be delivered to the content producer could now be achieved in much less than 20 years -- copyright terms should have gone down over the last 100 years, not up!

Yes, regulate large internet players. But clean up the copyright cartels and kill off the greed of the content players first.

UK.gov to roll out voter ID trials in 2019 local elections

Graham Cobb

Re: two forms of non-photo ID...?

The problem is even worse for some specific groups. For example, wives in some communities are even less likely to have photo-ID than their husbands, and are unlikely to be named on any utility bills -- their whole presence is in their husband's name. Why would we deny them the vote?

Other groups such as homeless or frequently moving people or people in shared accommodation are likely to have no ID -- and likely to be poorer. Why would the Conservative government be trying to deny them a vote I wonder?

It is just gerrymandering with a fig leaf created from a non-problem.

Boom! Just like that the eSIM market emerges – and jolly useful it is too

Graham Cobb

Re: I'm confused.

It is not really any different

The difference is the way it can be used, and the business models associated with it. It becomes possible for you to "buy" a SIM instantly, anywhere in the world, and from any vendor located anywhere in the world.

Acquiring a SIM can be as simple as downloading an app or just registering on a website. We are likely to see special-purpose eSIMs. For example, Disney could offer a SIM, worldwide, with a subscription to their movies, or Steam could offer one with a subscription to their games. Why would they? Well, there are a few obvious reasons like bundling and advertising (and bypassing Google) but the real answers will come when disrupters and innovators come up with ideas none of us have thought of.

Pirate radio = drug dealing and municipal broadband is anti-competitive censorship

Graham Cobb

Re: Slippery slope; And not the fun kind

Liberty vs. Authoritarianism is a completely orthogonal axis to political (really economic) left-right. Plenty of authoritarians all over the political axis (it's pretty much a requirement to want to be in parliament, isn't it?).

I am quite far-liberty, but pretty centrist on the UK left-right spectrum (mid-left when viewed from the US, of course).

FYI: Faking court orders to take down Google reviews is super illegal

Graham Cobb

How long before the courts move into the modern world?

It has been very easy, for over 20 years, to electronically sign documents. How long do we have to wait for courts to implement this?

Every judge should have a signing key and so should every court. Every document produced by the judge should be signed with both keys. All other documents involved in a case should be signed by the court (and probably also the submitting lawyer). It should be trivially easy for someone to check the electronic signature is valid (a website to do it for individuals and small companies; large companies could build it into their own systems).

I know it involves changes to court systems, but why wasn't the work started over 10 years ago and completed 5 years ago?

FYI: Drone maker DJI's 'Get it on Google Play' website button definitely does not get the app from Google Play...

Graham Cobb

Re: Walled Garden

While I completely agree about user education and care, it is not correct to say that there is no value in getting an app from the Play store. Google's security checking, while very limited, is not nothing. And, more importantly, getting the same version as a lot of other people makes it more likely that I will hear about any subsequent serious issue.

I also have never had a virus in over 40 years of using computers. And I use two phones with no Google accounts and no Play store access. I prefer to get apks from F-Droid if possible, or from the Play Store (using my work phone to access them, which has access using the Google account I require for work). Getting them from the vendor is my third choice (and is not often possible). I almost never get them from 3rd parties such as Yalp .

Graham Cobb

Re: F-Droid

F-Droid is undeniably good. But what has that got to do with DJI misleading their customers?

Brace yourself, Britain: Health minister shares 'vision' for NHS 'tech revolution'

Graham Cobb

Re: But will it safeguard patient privacy ?

too short on time to wait for a PC to log off one person and log on another

The printer at work is capable of recording the ID from my card whenever I go to pick up a printout. I would certainly hope that (a modern application on) an NHS PC doesn't require a separate Windows login for each user but that the app requires an ID card to be presented to a reader each time a transaction occurs and records it in the access log. It would take no more time than using your card to open a door.

The mysterious life of Luc Esape, bug fixer extraordinaire. His big secret? He's not human

Graham Cobb

Re: ""Who owns the intellectual property and responsibility of a bot contribution: "

Because the "ownership" we are talking about here is copyright. The truth is that nobody owns code as it is infinitely copyable. But, in most cases, somebody owns a copyright on the code. But as copyright is an intellectual property right, it can only arise from human creativity, not from a machine.

Do not forget, you do not violate copyright if you independently come up with exactly the same code as someone else but did not copy theirs. It is not the code which is the property, it is the right to prevent others copying your intellectual creation which is the property.

Graham Cobb

Re: ""Who owns the intellectual property and responsibility of a bot contribution: "

It isn't a good question. It is an important question, that needs to be discussed and very clearly answered. But, fortunately, the answer is simple: no one owns it.

Just as no one owns the wild deer who come into my garden and eat my flowers, and no one owns a fish in the middle of the ocean, and no one owns the sound of the bird singing outside my window. And no one owns Shakespeare's Romeo and Juliet either.

It is a fallacy, pushed very very hard by the big copyright owners, that everything has to be "owned" by someone. Things which are in the public domain are not owned by anyone, and things created by machines go straight into the public domain -- essentially the copyright term on them is zero.

Responsibility is harder. In general, the operator of a machine has responsibility for its actions: if I let go of a self-propelled lawnmower and it kills someone it is my responsibility. It is complicated because sometimes responsibility may rest with (or be shared with) the manufacturer or the owner instead of the operator -- sometimes a court will have to decide which.

But, if you operate a bot which has been given check-in rights to a piece of software and it checks in bad code, you will end up with responsibility (maybe shared with whoever created it, depending on things like whether the operator was well-enough informed of the risks, whether the creator misrepresented anything, whether the creator was negligent, etc). However, in this case, the bot is just sending a suggestion to the person who has check-in rights: they have responsibility for the check-in if they approve it, just as they have responsibility if they accept a pull request from anyone else.

The most important thing is: don't fall into the trap of thinking that there is an "owner" for content created by a machine. There isn't -- it is in the public domain.

Sure, Europe. Here's our Android suite without Search, Chrome apps. Now pay the Google tax

Graham Cobb

Apple do not have Significant Market Power on mobile phones. And will have even less with these new changes allowing vendors like Samsung to use Android forks to create real Apple competitors with their own ecosystem of apps (and their own data collection to fund it).

Graham Cobb

I don't think it is intended as passive aggressive language. Currently vendors wishing to distribute Google apps are specifically prevented (by their licence agreement) to also offer non-compatible, or forked, smartphones and tablets.

One of the Competition Commission requirements is to remove that restriction. That is a good thing, so vendors can freely decide whether they want to have two lines of phones, one with Google apps and one with a forked OS that works without Google apps (to compete with Apple -- presumably at a similarly premium price).

Decoding the Chinese Super Micro super spy-chip super-scandal: What do we know – and who is telling the truth?

Graham Cobb

Are SuperMicro systems going cheap?

I have been thinking about buying a server and sticking it in a CoLo, for offsite backups. Maybe now is the time?

I don't care about the SuperMicro share price -- are their servers going cheap now? I don't care if the Chinese can copy my data -- the rest of the world has it already thanks to my government.

New Zealand border cops warn travelers that without handing over electronic passwords 'You shall not pass!'

Graham Cobb

Re: I'm getting to the point now

I already use full-disk encryption on my home computer disks -- primarily so when they die I can throw them in the rubbish without worrying about having to securely delete the contents. Of course, I can, and will, decrypt them for authorities but when I stop using them I don't keep the passwords (the current password is stored on a small USB stick that the computer reads at boot time but no previous passwords are stored).

I am considering moving to always encrypting my USB sticks with a disposable password each time I use them. When I have finished with it I don't bother deleting the files on it: I just destroy the password, knowing that no one can recover the files. This is already how my work laptop handles USB sticks.

My work phone already encrypts its SD card. I have no idea what the password is.

Once this has become the norm for most people, there will be nothing suspicious about having several MicroSD cards in your luggage, each encrypted, with no idea what the passwords are and no way to recover the contents. They are just spares for when you want to move data or need more space for photos and videos.

A web where the user has complete control of their data? Sounds Solid, Tim Berners-Lee

Graham Cobb

Re: Might be a nice idea, but it'll stay theoretical

Unless there's a way to force Facebook to use this construct, I don't see any change any time soon.

It is a first step.

Obviously the only answer to the problems with Facebook, Twitter, etc are for regulators to enforce competition with open interoperation. Then people can have their "conservative facebook" or their "activist twitter" and still follow their favourite pop stars and Auntie Betty as well. But regulators won't force that until the tools are in place to make it work.

This sounds like one of those building blocks. If it is successful then we can start asking regulators to use competition laws to force the massive players to use it.

Nope, the NSA isn't sitting in front of a supercomputer hooked up to a terrorist’s hard drive

Graham Cobb

Questioning the premise

We need El Reg to be more active in questioning the premise behind these sorts of requests. Before talking about either the impact or the implementation details (as in this article) we need to be much more critical of the claims being used to justify this.

The claim is that law enforcement is "going dark" and losing access to evidence it needs.

On the contrary. it is a golden age for law enforcement. Instead of planning with trusted comrades, in a private room, criminals now use text and even talk on mobile phones in public places. Some even use email and web chatrooms (particularly those planning digital crimes). Much more planning information is available to law enforcement.

And, as for evidence of the crimes themselves, instead of just stealing something or assaulting someone criminals now often record their actions with photos or even videos. For their own amusement or to prove to someone else that they did as they were commanded. That evidence is often available and would never even have existed in the past.

Law enforcement have never had it so good. There is so much evidence available to them.

As we all know, policing is a difficult job. Unfortunately for them, we need it to remain so in order to protect our civil liberties (such as trade unions, effective protest and campaigns for major societal changes). The simplifications that the digital world have introduced to their job need to be rolled-back.

Encryption is part of that: not only is there no justification for demands for law enforcement access, we actually need improved, easy-to-use, routine encryption to protect all of us and our civil liberties.

Security bods: Android system broadcasts enable user tracking

Graham Cobb

Re: don't seem like that much of a threat to me

I get that, but my question was in what way is that a threat to me

The answer is that it might be or might not be. You don't have to be James Bond for this to be a problem.

Even in the UK, a journalist for a local paper might find this a problem if they have been trying to track down and write about corruption in the local council awarding planning approvals. An investigative journalist at a national newspaper will certainly be targeted, often by powerful or dangerous people (even if only reporting on extramarital affairs).

Abused women and children also need to have privacy (why do you think people aren't allowed to take photos of their children's school play? It isn't about paedophiles, it is about children who have been removed from abuse possibly being located by the abusers).

And, in some countries almost anyone might accidentally fall foul of government or criminal gangs and need to keep their location hidden.

Sure, maybe you have the luxury of living in a safe country, with no serious enemies and a boring job (just like I do). Or are qualified to make a full analysis of your security risks. But there are many people not in that position and manufacturers need to be forced to fix problems which put these people into danger.

Distro inferno: Debian's still rocking at 25

Graham Cobb

Re: Sadly

Only the old hands or those peed off with Canonical use Debian these days.

I don't think that is true. I heard the other day that there is a waiting list to become a Debian Developer because there are more people wanting to become a DD than the people managing the process can handle.

And looking at https://contributors.debian.org/contributors/year/2018 there are still a lot of people contributing to Debian.

As for systemd, like many people I don't like it but it is clearly here to stay (unlike the previous attempts at init system replacement) and more and more software will assume it is there, like it or not. Devuan is the UKIP of Linux distros: defined only by hating one thing and supported by moaning pensioners.

Think tank calls for post-Brexit national ID cards: The kids have phones so what's the difference?

Graham Cobb

Re: "And extremely sad you're happy to carry a ID card 24x7 "

I've my ID card in the wallet with the driving license and the credit cards, for decades, and never anything bad happened because of it. It's just a simple and comfortable way to prove you are what you say whenever such a proof is needed.

And I have lived my life for many decades carrying no ID at all and have never had anything bad happen. I have never had any need to prove my identity except at borders and, as you say, being in Britain borders rarely crop up unexpectedly.

Unlike you, I was able to handle all my parents affairs without any need to prove my identity to the lawyers involved -- the process does not require proving identity unless someone challenges it. The point is that ID cards are only useful in a society which has changed to require them. If there are no ID cards no one can demand them, no one needs them and society still functions perfectly well.

And ID cards have massive disadvantages. Perhaps most seriously, they enable much more commercial spying, with very many companies ending up with both a unique ID for correlating data they acquire (legally or not) from many sources and personal information like name, address and age which I have no wish to share with companies I do business with unless I see some actual benefit to me.

I could almost understand a government ID card but it would have to be absolutely illegal for any commercial company to record any information from a card.

Graham Cobb

Re: ...citing the Windrush scandal as justification.

The fix for the Windrush scandal is clear: the government need to end this "hostile environment" and "war" around immigration.

The law needs to be very clear: if you are in the country it must be up to the government to prove that you have no right to be here, not up to you to prove that you do have the right to be here.

I am quite happy with current and recent levels of immigration and have no problem with accepting the small amount of illegal immigration that occurs. It isn't a problem in my view. Somehow those of us who share this view need to make our position known to fight the xenophobic little-Britain insularists.

On Android, US antitrust can go where nervous EU fears to tread

Graham Cobb

Re: I'm so totally in Google's camp on this

If Google's services are better that is a fine and perfectly valid way to compete. What is not fine is to use market power to prevent others from competing. That is the reason the competitors are not as good -- if they spend the money to make them as good, they can't sell them to get their investment back because of Google's abuse.

If, once the environment is competitive, "people simply prefer Google's solutions" that is fine. And it might even be that Google remain the largest player but it would mean that market segments like "the tinfoil crowd" actually have a real choice.

Graham Cobb


So why aren't Apple being castigated in the same way, either by the EU or the USA?

Apple doesn't have significant market power in the mobile phone OS business. They only have about 15-20% share (by units).

Shock Land Rover Discovery: Sellers could meddle with connected cars if not unbound

Graham Cobb

Re: Why so hard?

Just having a button inside held for 10 seconds to dis-associate the old owner from the system would be great for a car thief that had stolen your key to nick your car.

No. It would make no difference at all.

If my car is stolen I don't go and find it and retrieve it myself. I call the police and the insurance company. They would still be able to use the mechanisms they use today to contact the manufacturer and get access to location and other information -- they aren't asking the owner for that today.

Graham Cobb

New owner must be able to disconnect seller immediately from the vehicle

Car manufacturers must put a "disconnect car from current account" function within the vehicle itself so that the new owner can do the disconnect before driving a single metre after buying the car.

If there is a concern about theft then the back end for the function can be made more complex: still collect the data but prevent the previous owner from accessing the data or controlling anything. The police can still have access to the data (for example with a warrant) but the previous owner does not unless they go through a process to reclaim the car (disputing that ownership has been transferred). Meanwhile, the person with control of the car immediately has full access and control (although only to data from the moment of claiming the account).

It is not reasonable to require any co-operation from the previous owner, nor to allow any access from one of the users to data about the other's usage, nor any complex process of proving ownership to a third party such as JLR or a dealer (control of the car should be sufficient). The tiny number of cases of theft or disputed ownership would be the cases which have the complex process, probably involving a court.

Some Things just aren't meant to be (on Internet of Things networks). But we can work around that

Graham Cobb

Re: No...

I quite liked the image of my router dodging electrons being fired in random directions from some IoT crap while trying to simultaneously provide a Wifi service.

UK.gov is ready to talk data safeguards with the EU – but still wants it all

Graham Cobb

Re: ?

BoJo didn't want to become PM instead of the PM. Everyone knew that the "leaving" job was a poisoned chalice and whoever did it would be immediately removed (and happy to go) once it was over, whatever happened. Theresa May realised that was her only chance of becoming PM so went for it. BoJo is just continuing his positioning to stand after Brexit is over.

He knew he would have to resign, over a "point of principle", at some point to set himself up as a future saviour. He would probably have preferred to leave it a little later so it was fresher in people's minds when he comes back, but his hand was pretty forced if he didn't want to start being considered responsible for the mess.

UK.gov agrees to narrow 'serious crime' definition for slurping comms data

Graham Cobb

Re: Is there any crime

As I (and others) predicted, they only proposed 6 months so that they could "address" the outcry and make it still a ridiculous time! We need to make sure there is still an outcry.

Make it maximum sentence of more than (not equal to) 3 years.

Brit privacy watchdog reports on political data harvests: We've read the lot so you don't have to

Graham Cobb

Re: If you ever wondered

Good thought. I already never "click through" to the supplier I am interested in -- I go to their website and start again (mainly because I am bolshie and if they won't offer an equally good price to someone not using a comparison site then I won't do business with them). But I will now make sure I give fake details (name, address, DOB, etc) to the comparison site -- close enough that I should get roughly the same quote but not enough to identify or contact me.

Every step you take: We track you for your own safety, you know?

Graham Cobb

Re: Corporate Security

I downvoted you because you have identified a completely disproportionate and unrealistic justification for a blatant privacy violation.

Yes, I understand that the incident caused you and your company a lot of genuine concern and I commend your hard work in checking on your visitors' safety. I had an employee on business in the New York area on 9/11 and it was obviously very worrying for him, his family and for us in the company. I know that his wife appreciated the effort we went to to confirm his safety and let her know before he had been able to call her directly.

However, such incidents are of such low likelihood that it is not worth taking any action at all in advance, let alone sacrificing an important human right. I haven't checked the numbers, but I am sure the likelihood of being killed in a terrorist attack is much less than that of being killed by lightning.

What we need is a society which values reasonable assessments of risk and accepts that "something must be done -- this is something" is no way to make decisions.

UK.gov's long-awaited, lightweight biometrics strategy fails to impress

Graham Cobb

I despair

Why aren't there riots over this? Why aren't there resistance cells being created, with freedom fighters destroying surveillance cameras?

My parents fought in WW2, and I lived through the threat of nuclear annihilation in the Cold War, to protect us against police states, where the authorities tried to monitor what everyone was doing. Out of that we maintained Britain as a free society, with (now) the lowest crime rates ever and even terrorism is not a serious threat (reduced to running people over with vehicles).

Why on earth are people willing to just give up all liberty and put an electronic tail on every man, woman and child at all times? The police have a tough job, and that is deliberate! If the police are too effective, if their job is too easy or cheap, they become a tool for the government to suppress free thought, protest, whistleblowers, activists, trades unionists and, eventually, even political disagreement. Policing needs to be hard and expensive so they are forced to focus on important crime.

Whatever your political interests, whether you are a right-wing abortion protester or a left-wing animal rights activist, you have to be really concerned about tracking and surveillance. How have we got to this state?

IEEE joins the ranks of non-backdoored strong cryptography defenders

Graham Cobb

Encryption will become ubiquitous

I am currently looking into encrypting all my disks with separate (long) passwords. My plan is that the system will be set up with the passwords for the current set of disks but I will not record them anywhere else. I certainly won't be able to remember them!

This is because I currently have a pile of old disks (some working, some not) which I can't send to the dump because they have private and personal data on them. My plan is that in future when I stop using a disk I can throw it away (or sell it on eBay) without worrying because no one (including me) can access the data any more.

Once I have that all set up I plan to look into extending it to removable media (memory cards). My drawer of USB sticks will then be full of encrypted drives which I don't know the password to. When I need one I will reformat it with a new password, use it for however long I need it and then throw away the password and put the stick back in the drawer.

If I can do this, how long will it be before it becomes ubiquitous on every device? In particular for memory cards. At which point no one will know whether the memory card they have confiscated from the terrorist suspect at the border is "empty" (no one knows the password) or contains the plans for their latest atrocity. It is unlikely anyone can prove beyond a reasonable doubt that the terrorist knows the password. Particularly if they are carrying several.

Labour MP pushing to slip 6-hour limit to kill illegal online content into counter-terror bill

Graham Cobb

Re: When it comes to being an authoritarian, data fetishist nut job..

Too many people forget that "authoritarian/freedom" is a completely orthogonal axis to political left/right. Unfortunately, becoming an MP mostly attracts more authoritarians so they are over-represented in the House of Commons. We need more civil society types appointed to the House of Lords to counter this.

Graham Cobb

Re: Who decides what is illegal?

Sorry, Headley, your analogy is completely wrong. Policing forums is not at all related to publishing. The publisher is the person putting up the post. All Google/FB/etc are doing (in these cases) is providing transmission capability (just like BT and the Royal Mail).

A better analogy for FB/Google/etc is a hotel. Of course a hotel doesn't want people using its rooms to conduct illegal activities (e.g. run a criminal operation). But it doesn't employ people to spy on all the rooms all the time, monitor what people are doing, etc. It waits for the police to call about some activity and then it may terminate the room hire.

I am no fan of Google/FB/etc (in fact, I do not use them), but in this case they are right. This is critical because Google/FB/etc are the town square nowadays, whether I like it or not. If I have a complaint (against the government or against a company) I need to be able to air it on FB/etc. FB/etc should not be allowed to interfere with that unless my activity is illegal.

JURI's out, Euro copyright votes in: Whoa, did the EU just 'break the internet'?

Graham Cobb

So if you create some content and it gets ripped off, who protects you?

No one does. Sorry -- that is the way the world has changed. Wake up, smell the coffee and get a new business model. There are other ways to make money from your talent and the material you have created than getting paid for copies.

Copyright (the law) and business models around talent and content have always been reinvented every 20 years due to changes in technology. Just think about the impact (on both laws and business models) of piano rolls, phonographs, radio, TV, VCRs, etc. All those took away someone's existing exclusive rights and forced them to change their business model. Some of them went out of business and some others were more successful. That is business.

Cory Doctorow has a great example: think about music hall artists. They used to have control over the only way to be entertained by them: you had to buy a ticket to get into the theatre. It means that success rewarded not only being able to sign and dance but also charisma, stage presence and good looks. Then radio came along and everyone could get the entertainment for free. All of a sudden success rewarded a good voice (and a talent for ending up in the newspapers). Dancing, charisma, looks became much less relevant. Some performers lost out very heavily, and others saw much increased success. No one succeeded in getting the new reality banned.


Biting the hand that feeds IT © 1998–2019