Re: Reason for firing
"IMHO anyone who publicly publishes anything deserves the consequences."
So what consequences do you deserve for publishing that comment?
16426 posts • joined 16 Jun 2014
"what is no less a fingerprint that has a sufficient set of data to identify individual users."
Really? Let's look at the list:
"Ubuntu Flavour & Version" That's a fairly limited choice. Almost all the installations at any one time will be split between very few options there.
"Network connectivity or not" A binary choice containing even less information.
"CPU family, RAM, Disk(s) size, Screen(s) resolution, GPU vendor and model & OEM Manufacturer" With enough cash you can buy kit with the same spec by the pallet. No serial numbers of any of them. How do you distinguish them one from another by this information or from the next pallet load of the same spec?
"Location (based on the location selection made by the user at install). No IP information would be gathered" That's time zone and maybe language. We've made a start on identifying the individual - it's somebody in the UK!!!!
"Installation duration (time taken)" That, indeed, can very. But if I go off and take a break whilst it's busy copying the files how, from the time I allowed, do you tell it's me?
"Auto login enabled or not" Another binary choice.
"Disk layout selected" This can be a bit of an individual thing. But in some cases, particularly if I were just trying "let's have a quick look" I'd let it default so that layout carries exactly the same info as the disk size because it's what the distro would always pick for the disk size. If I were building for a particular purpose I might customise that. And having built for a specific purpose when I come to built the next I might vary that according to what I learned from the last. What's more, if I were building for a particular purpose I'd set up LVM with plenty uncommitted disk and more to each logical disk as needed so what would be uploaded at install time might well not be what would be seen a few months later.
"Third party software selected or not" Another binary choice.
"Download updates during install or not" Yet another.
"LivePatch enabled or not" and one more.
So that's 5 bits of binary choices, some mass production data and some fairly general variable choices above that. You mention fingerprints. In forensic science we used to think in terms of discriminating power and frankly I don't see much discriminating power in that lot.
Getting GDPR understood is going to be difficult enough. Let's not make matters worse with disinformation.
"You can spot the Americans because they refer to personal data as PII"
From that well-known American site ico.gov.uk and its definition of personal data within the meaning of the forthcoming DPA:
"Personal data means data which relate to a living individual who can be identified"
PID would be a handy abbreviation. Unfortunately, that TLA has long established usage elsewhere so let's substitute Information for Data. PII it is, whichever side of the pond you're on.
I think I found the one you mean. Try running whois on them. It doesn't look anything like what I'd expect from an official EU site.
Googling GDPR FAQ brings up pages of ads, all from service vendors. Oddly enough it doesn't seem to bring up anything from the EU itself. Attempting to search the actual EU official site, http://ec.europa.eu for GDPR FAQ doesn't actually lead to anything like an FAQ although, bizarrely, even though I'm querying an https page entering the query brings up a warning that the information I've entered is to be sent over an insecure link.
"How are they planning to send the information to their servers without sending your IP at the same time?"
IP address sent from other than a home location isn't likely to be PII. IP address sent from a home location isn't likely to be PII either as ISPs don't normally issue static addresses without charging extra. Not that that excuses a pre-ticked opt-in.
"Me at work: Bloody European Union legislation making me change all my perfectly secure processes."
If you had to change processes to cope with GDPR then you must have been collecting PII. If so then those whose PII you were collecting might have different views about your assessment of perfection and security.
However, if you think GDPR impinges on this you need to look again at what it collects (not that I'm excusing pre-ticked opt-in) and at what you understand by PII.
"Its really worrying when someone like that doesnt grasp GDPR, and theres no soft opt-in"
That was my initial thought. However, having read what's collected there's no PII in that so they seem to be OK on that score. However, as Canonical is a UK company you'd expect them to reflect European attitudes to pre-ticked boxes.
"Windows users like your mum and dad dont know anything else and/or generally wont/dont care."
My parents are long gone. I'm the senior around here, a Linux user and Unix user since well before Windows was even a thing. SWMBO (who, in fact is really the senior round here) is right now sitting working on her Debian laptop. Two of my older cousins have also been converted to Zorin. It's my children and grandchildren who're on Windows.
TL;DR Stop making ageist assumptions. And put the apostrophes in "don't" and "won't".
"It also one of the few major public transport providers that is now expected to operate without a subsidy (major infrastructure projects excepted)."
That's a pretty big exception. Every time infrastructure subsidy in the north is mentioned it seems to be because another cut is being reported in what's promised (but not delivered).
"I suggest we expand GDPR. Expand the scope to the whole world"
If the operation covers any EU residents it will be within scope. For those of you who are non-EU residents dealing with non-EU businesses, you need a regulatory system that will look after you better. At least even the Brexit-minded HMG has to put it into UK law so it will apply even when we're outside the EU.
"In a lawyer's office, especially, I would not want to manage the logistics of issuing a laptop that goes home with them with all kinds of stuff on it."
In a lawyer's office the logistics of providing a full size PC at the various courts they might have to attend would be even harder to manage.
"Yah know, to listen to you guys, you'd think the only stuff worth knowing was computer stuff, and anyone who doesn't understand computer stuff must automatically be, like, yah know, an idiot, and computer guys are gods who know everything that's worth knowing."
I drive a car. I don't do it for a living and it's a long time since I was able to do stuff like take the head off and reseat the valves (MGBs were nice to work on). Nevertheless I need to know where all the controls are and what they do. I also need to know which side of the road to drive on, what the various road signs etc. mean.
Back in the day I used to be a laboratory scientist. I needed to know things like how to set up a microscope, how to balance the tubes in a centrifuge etc.
In short, I, like everyone else need to know enough (NB enough, not everything) about the tools I use to be able to use them. Why should it be different when the tool in question is a computer, especially when it's being used as part of one's job?
"Yet doesn't have the cash in the bank to cover a months rent?"
What seems to have happened is that unauthorised deductions took away the money that was there for the rent. If this was your bank account would you blaming yourself for the purchase that was charged several time without your say-so?
"The real problem was speculating in an unregulated market with almost all your money."
The problem here doesn't seem to have been punters speculating with almost all their money. It was the payments processor taking more money than had been speculated.
I hope the refunds will also compensate for any consequent damage to those who were driven into the red.
"That $17.13/share gets them $39.2m, some $17.3m less than the $56.5m they would have netted at the $24.67/share deal price."
I hope that price only applies to the plaintiffs, not the rest of the shareholders. If it does apply to the rest then maybe they'll sue the plaintiffs for the difference.
"Isn't there something more useful that we can spend the money on?"
Back in the C17th people took to puzzling about these things. I suppose if you'd have been alive back then you'd have said much the same thing. It was one of the things which lead to our understanding of Newtonian mechanics which has served us well ever since.
People didn't stop thinking about such things and noticed a few discrepancies that didn't quite fit with the Newtonian view. Maybe if you'd been alive you'd have said the same thing then. Out of that came the theories of relativity and out of those came a whole lot of other stuff from nuclear energy to the clock corrections necessary for GPS to work.
But in your view it's still a waste of time and money. Me? I wonder what's the next lot of useful stuff that's going to come out of it.
"So, you can observe the speeds of stars that actually have escaped the galaxy, and those that haven't."
I'm not sure whether they'd spot the stars that have escaped but the maximum measured velocities of stars in the galaxy is likely to be just under escape velocity.
"Shouldn't they be looking at her actual contract, not just a hypothetical one?"
Of course. But that's why IR35 was brought in. It enables HMRC to invent a contract which puts the worker in the worst of positions: the engager doesn't provide employee benefits aso they have to be paid by the freelancer but HMRC can up the tax take by pretending that this isn't so.
"Additionally, at this wage level if she had been with the BBC in 2016-17, her name would have appeared in the Pay Disclosure Annex of the BBC's annual report - potentially increasing the number of highly paid women and thus directly impacting the BBC's gender pay gap."
This would be another advantage for the Beeb. If they'd both been directly employed and she was paid significantly less than, say, Harry Gration, the Beeb could have been on the hook under equal pay legislation. With freelancers each arrangement is independent. Now it's gone political, of course, that isn't such a big concern.
"She was a highly paid presenter, reportedly on over 100K a year. If she's not been paying NI on that wage then she's certainly not 'poor'."
As a freelancer she will have been paying both employer's and employee's NI from such portion of that sum as she takes as salary. Given that there's no guarantee of long-term re-engagement or, indeed, payments should she fall ill, she should have banked a good deal of that payment for future income should the engagement cease. She would also have to make her own provision for pension. These are issues that HMRC neglect to take into consideration. They only really understand PAYE as that's how they're paid. Their employment includes a degree of permanence not available to freelancers. It ought to be valued as a perk of the job and taxed accordingly.
"Presumably the BBC should have paid NI and pension stuff too"
I believe HMRC are responsible for enforcing compliance with workplace pension scheme legislation. Are they providing such a scheme for their IR35-caught freelancers? If not, why are they not prosecuting themselves.
Biting the hand that feeds IT © 1998–2019