Re: Not worth a penny until MS Dublin is sorted out...
It depends on the legal small print. Can they have a legally air-gapped company set up to own and run it?
16426 posts • joined 16 Jun 2014
"they could easily have bought the tiny backstreet company."
But that would have involved headcount, HR and whatnot. HR would then probably end up making the only people who understand the code redundant because they don't fit into NHS pay scales - or pissing them off so much the just leave.
"To keep a name and address and in particular payment details once the transaction is completed?"
No. Earlier today I wanted to buy a book advertised on Abe books. To do that it wants me to set up an account. That would mean either giving them the current odds & ends email address that gets zapped after a few weeks in which case I wouldn't be able to reuse the account anyway or log into my email provider and set up another special address for them. As the shop isn't too far away I just rang them up, asked them to put the book to one side & I'll collect it later. The only downside is that SWMBO will probably come with me and letting her loose in a bookshop will cost several hours of time if no actual money. In the mean time Abe books lose their commission.
"You can use pgp with enigmail. It takes all of five minutes to set up. However, people at heart don't really care."
That is why it needs to be the default. Encrypted and signed.
Signed email? Even Microsoft's email spam filters might be able to spot "click here or we'll suspend your account" spam.
That way there would be no point in NSA or the like hitting anybody. To some extent it would take away part of ProtonMail's advantage but there would still be value being based in one of the few places that takes confidentiality so seriously.
Tackle it at OS level.
Store data in a drive or partition only accessible to specific servers. Applications request read/write through these services, similar to a database engine. ID is extended to include application as well as user so the service can be set up to limit write access to the correct application & maybe grant read access to other specified applications e.g. you can only update your contacts via the contact app but your email client can ask for an email address.
The server would need a mechanism for verifying the ID of the request and the application installation mechanism would have to be fairly closely guarded to ensure substitutions weren't made.
One tricky aspect would be having storage that out of bounds to the kernel - or maybe some sort of micro-kernel arrangement. I'm not sure Windows could manage this but maybe OpenBSD could.
"Team Economist advises that anyone who received what appeared to be a Flash update from the website should change all of their passwords on their computer, and notify their banks and other financial institutions to check for suspicious activity."
I hope they told their readers to get rid of the nasty before they changed their passwords, otherwise it's a bit pointless. Of course I could go to the Economist site & see for myaself exactly what they said but I think I'll give that a miss.
If any of their readers sustains damage from this who's going to be liable, the Economist or PlayFair?
"You could say maybe he's a dickhead for suing but not visiting those web sites etc"
Fair enough comment for that. But did he download and read the spec sheet from AMD before he bought. If the manufacturer's spec matches what he's bought then how can he complain? I bought the 1.6 turbo - why wasn't I given the 2.6 V6 4-wheel drive? Should I sue?
"It says nothing about open source whatsoever. If you *want* to circulate open source code, then nothing in this text prevents you."
I thought that at first. After a few seconds consideration I'm not so sure. The principle of the GPL is that if you distribute an executable you must provide the source. There have been a few instances of companies building products around GPLed code, modifying it & then distributing binaries without source. Although it doesn't stop you circulating code if you want to it seems to give a hiding place for companies who don't want to but should under the terms of the licence.
A while ago I had an email like that from someone I'd corresponded with a year or two earlier. Apparently some people from her address book had been spammed with one of those "help I'm stranded in foreign parts" scams. She wasn't sure who'd been spammed so she sent the email out to everyone on her list, about 200 addresses IIRC. I wrote back to her to advise her how to do it properly next time.
Oh dear, I've just remembered, I forgot to include her in my change of address emails earlier this year. What a shame.
As far as I can make out the situation was that Schrems was accusing Facebook of playing fast and loose with data beyond what it was provided for, i.e. beyond Schroepfe's "clear legal grounds to make sure that your feed isn’t limited to only the people who are also in the EU". His Austrian legal system had punted him to the Irish authorities who tried a "nothing to do with us, squire" on the basis that it was an EU Commission matter because of Safe Harbour, which was their baby. The ECJ kicked it back to them taking out Safe Harbour as collateral damage.
It's up to the Irish to investigate Shrems' complaint to see if it has merit. That could limit FB's use of the data beyond its nominal intended purpose but assuming that intended purpose was to enable FB's customers to blurt out whatever they choose to whoever they choose wherever they may be it's difficult to see that Safe Harbour could ever have been involved with that.
OTOH if a company based in the EU is shovelling customers' or, worse still, employees'* personal data to the US they have a real problem.
*They might stand a chance of defending a model clause as part of a customer contract but I can't see anybody getting away with making it condition of employment; "constructive dismissal" is the phrase that comes to mind.
"Enforcement against non-compliance with the Safe Harbour court ruling kicks in early next year."
So expect another trip to the ECJ next year if this is the best they can do.
Somebody in another thread mentioned groupthink in connection with TalkTalk. Clearly something similar is happening here if they think there's a way of rebuilding it short of a blinding revelation in the US govt.
"But in the UK class actions don't exist, and the burden of proof will be quite difficult for individuals to claim compensation"
However a host of customers wanting to leave & claiming in the small claims court against any attempt to extract fees could be a different matter.
Would they try to defend? If they tried and failed would they keep trying? If they overlooked one or two and ignored the judgements they might have a procession of bailiffs rolling up to the front door to seize bits & pieces such as the recepionists' PC. If a couple of well presented cases defeated them they could look forward to haemorrhaging customers.
"With 4m customers what is the probability that in any one given week someone will be subject to credit card fraud?"
You are correct in this, there's no evidence that TT were responsible. However:
"What is with the witch hunt by The Register?"
The response he got from TT deserves condemnation on its own (de)merits. They have failed abominably in their duty of care to their customers and yet are still trying to hold them to contracts. It's probably not going to do them much good in the long run. At the very least it keeps bad publicity in the media for longer. At the most they'll die the death of a thousand cuts in the small claims court and multiple Trading Standards investigators climbing all over them. The contrast between the way they've handled this and the way VW are handling their problems couldn't be greater.
You may well be right about groupthink. This is why the CEO of any company in this position should be expected to walk without compensation (VW got the first bit right). It provides them with a big incentive to keep a close watch on what;s going on in the company and to have that little worry that the person who's "being negative" might actually be the one between you and the one way exit.
If Microsoft are so good at this AI stuff why is it that they can't trap "click here or your Hotmail/Live/Outlook/Whatever account will be closed" spam when sent to their Hotmail/Live/Outlook/Whatever customers? The number of these that get through would be good evidence that they're not defending their trademarks if they ever tried to get a passing off case into court.
Perhaps one of the reasons big companies aren't innovating is that there's only a limited scope for profitable innovation at any particular time.
The legitimate options for making money from innovations seem to be providing a new service that can be charged for at a profitable level or advertising. If a business like Uber can't turn a profit the first of those seems to offer very little. So is this what the internet has come down to - conning advertisers that its worth paying good money to piss off potential customers? Or as a medium for criminal activity?
"but what good is it when it's all shit?"
It depends what's all shit. As it happens I spent the greater part of the afternoon trying to work out a problem with a Windows 7 laptop owned by a friend of my wife's. It had been OK until a few days ago, when it was working all morning & not since. Neither IE nor Firefox worked - the former came up blank with "not responding"on the title bar, the latter displayed nothing, just a busy cursor for a few seconds. Internet connection was there - ping to Google worked and my Mint laptop had no problems. Ran virus scan. Ran Windows diagnostics which couldn't identify a problem. Disabled firewall. Re-enabled firewall. Nothing. Eventually I removed the adaptor for a wireless mouse, rebooted and got a major hang - nothing responding but the fan working overtime. Cut the power, replaced the dongle, rebooted & got the screen offering safe mode, went for a normal reboot & the thing started working properly for no obvious reason.
Yup. All shit.
"She and all the other MP's who vote in favour of it and anyone who can access it have all their data recorded and posted openly on the internet for us all to see."
That would, of course, include any communication you might have with your MP about this or any other topic.
Biting the hand that feeds IT © 1998–2019