Posts by Keith T

It sounds like a criminal offense was committed here

While the Saudis may be immune to prosecution because they did what they did while not present in the UK and they are foreigners, if Britain is to be a nation of laws and traditions, Tony Blair should be charged for any and all criminal offenses he committed while in office.

It sounds like Tony was pretty quick to go along with the Saudi requests, not putting up any resistance, before agreeing to participate in carrying out the Saudi's request to suspend the SFO investigation. Blair then wrote and sent out his instructions to the SFO.

Subverting the cause of justice, interfering with a police investigation, abuse of office, "accessory after the fact" to fraud, and maybe accomplice to extortion might be charges to explore.

If a henchman repeats or utters threats on the instructions of his boss, can that henchman be charged with uttering threats? If so, there is another charge to explore.

And since Blair sent his orders to the SFO while in the UK, and also since he is a UK citizen, UK law should apply to him.

Do British PMs have to obey British criminal law? Or do they just put the law there for other people to obey?

Consumers and non-ISPs need not worry

Western companies and organizations should primarily be concerned that equipment plan to use after 2012 is or can be made IPv6 compatible.

For consumers, Windows Vista comes with IPv6 capability. If your computer runs XP, you should already have applied the XP SP2 updates for security purposes. IPv6 capability comes with XP SP2.

For routers, NAT boxes, switches and cable boxes, likely there will be technical advances between now and 2012 that will render them obsolete, regardless of which version of the internet protocol they run.

Beyond that, it doesn't matter if your own equipment is IPv6 capable if your ISP is IPv4. Unless you are in the Far East your ISP is not going to be on IPv6 until after 2012. Yes you can use IPv6 on a private network, but who many addresses does your private network really need? The benefits of IPv6 only occur when your ISP and the other ISPs in your region are all on IPv6.

Going after foreigners for thought crimes when the main threat to Americans is internal

America is a country whose citizens are far far more likely to be murdered by their own countrymen than foreigners.

But rather than address their internal issues of violence and murder and the racism that causes much of it, rather than save American lives from American murders, they waste their resources going after foreigners for thought crimes.

The court made the right decision

The test should NOT be whether the algorithm is implemented in cogs and wheels or bits and bytes.

The test should be whether the algorithm is trivial or not. So it appears the court made the right decision from a technical and engineering viewpoint.

Morely, if copyright protection worked on algorithms, inventors would go for it, since copyright protection lasts much longer and in some circumstances can be renewed.

Those looking for a free use of other people's inventions, like Paris, would be much much worse off if we could copyright our ideas.

You can't fix the insecurity of the internet with application software

What is really needed is an internet programmed for security. The whole of the current internet architecture depends on the honesty and goodwill of all of its users.

This was somewhat valid back in the first days of ARPANET, when it connected a few dozen universities and defense contractors, but now it is an insurmountably FALSE assumption.

A secure internet for commerce and academia needs to enable the swift tracking of criminal traffic. This could be done. But replacing the current internet and its protocols won't be cheap or simple.

This said, if it was possible to make anything vandal proof, the makers of vehicles and buildings would have found it in the past 1,000,000 years.

There is just no way, using software and hardware, to prevent people installing well written trojans.

Plus, on large software or firmware projects, there is just no way to ensure that nobody on your staff ever has a bad day where they miss a mistake.

As with bank vaults and military tanks, thick walls are not enough. You need active force to prevent penetration of defenses. And for inhibiting malware creation and use, this means laws and law enforcement that work swiftly and accurately to put the real criminals behind bars for adequate periods of time to create a deterrent effect.

As it is, many criminals refuse to admit that breaking into other people's computers without permission is an immoral act that ought to have criminal responsibilities. People with low morals either see any legal act as a moral act, or they see any unpunished act as a moral act.

The alternative, white listing of software and firmware, would involve the OS maker (or someone else) issuing licenses for approved safe software. Issuing the licenses won't be free.

In the end, maybe in 10 years, we'll collectively see there is no alternative to overhauling the architecure of the internet to create security, and to using white-listing.

Until we collectively reach that decision, we are stuck with virus scanners, and improving law enforcement.

No need to bash Americans

True. We could bash Brits just as easily. The majority of the populations of the USA and the UK both democratically re-elected what I would label as their respective cowardly war mongering leaders.

We may re-elect horrible leaders in Canada, but no warmongers so far.

We could also bash the Russians and the Chinese, but it wouldn't be fair: Their leaders are not elected by true functioning democracies (yet).

We should accept valid criticisms of us for our role as electors in choosing our leaders.

Ed, you've hit the nail on the head.

The problem is the US has far too many sworn enemies.

Having sworn enemies is a sign of immaturity.

What did Iran do to the US? What did Iraq do to the US?

Now look at Britain, France, Germany and Italy, and what they have done to each other.

It took long enough, but they finally learned that nothing good comes from having a culture dominated by vengeance, imperialism, "our troops", "defending the homeland", and looking for silly excuses to go to war with oneanother.

They finally learned to work together, to treat each other with respect, and it has paid off great for them.

Would you want him as your brain surgeon ??

Intelligence isn't the only quality needed to help society. Sanity, sympathy, and a sense of responsibility are also required.

The last thing any one needs is for this guy to get a job where he get access to privileged information. At least not until he has demonstrated he can and has grown up. (Some people never grow up properly, psychopaths for example, and we have to minimize the control they have over other people.)

You need a the qualities of a responsible person in addition to intelligence, before you can handle a job that involves responsibility.

Professionals versus tradesmen

There are 2 sorts of computer staff.

1. Professionals who understand the theory of what they are doing and are capable of independently learning new skills, and who are capable of making a wide variety of decisions on IT and related fields.

2. Technicians/trades people who understand a language or two and a few specific tools. They are generally better at using those specific tools than the professionals, but their limited range of knowledge limits the range of tasks they can safely do.

Our industry has not recognized these 2 categories yet. But this is similar to accounting, engineering, and medicine.

Yes a professional might use Java. But also a professional will know the theory of what is going on behind the scenes, which you don't learn or think about when you learn Java. Of course you could learn just the C part of Java, and then you could learn behind the scenes, but then you would be learning C not Java.

Can't keep DNA secret anyways, we shed it constantly

Our DNA sequences are impossible to keep secret from government (or anyone else) anyways. Our DNA is on the clothes we wear, the cups we use, and the paper products we discard.

The problem arises because forensic DNA matching does not match the entirety of the DNA, it is really a spot check of the size of various segments. There can be false positive matches.

The testing companies say the odds of a false positive are 1 in 1,000,000,000 to something like 1 in 1,000,000,000,000,000. For example, identical twins would totally match. But also, we have isolated villages in northern Canada where populations of a few hundred people are descended for 3 or 4 people who created the community 200 years ago. I can imagine there being false positives there. (Red Sucker Lake, Manitoba is an example.)

The problem is, do DNA analysis matching techniques sometimes cause false positives, where the wrong person is identified. With databases where only a portion of the population is recorded, this could happen and nobody would know.

It would be much safer for all to have a universal database of all residents and visitors to be in the database.

That way, if there are (say) 7 people in the UK with DNA that matches, all 7 will show up, rather than just the one for the person with the previous conviction. The police will realize they need to do more investigation, rather than jumping to conclusions.

That way any frailities of the technique, false positives, etc., will quickly become obvious.

This is what we get for advocating anarchy -- someone else stepping in to do our job for us.

If IT people don't make the work part of the IT profession, another profession will gobble it up.

We've had engineers take over coding real-time programming and control systems.

We've had accountants take over the design and management of business applications.

And we've had salesmen take over our body shops.

After private eyes taking over computer forensics, what will be next.

This is what we get for advocating anarchy -- someone else stepping in to do our job for us.

Our customers (courts, banks, car makers) want our qualifications and training regulated. They want the distribution of dangerous tools regulated. They are the customers, they get to choose who provides the commercial services they purchase.

If we don't regulate us and our work, they will regulate it for us.

In some cases, senile dementia

Why do people fall for fraudulent emails?

Sometimes because their circumstances make the email really convincing. Investment spam is targeted at investors, not at IT types.

If you were an investor and your in-basket was full of investment related emails, a well written investment-related spam email would not stand out.

Sometimes the victims suffer from senile dementias, like Alzheimers disease. Many elderly people have a lot of money to invest, and many manage their investments themselves.

We ourselves maybe someday be suckered, if we live long enough.

It should be as it is for locksmiths in the physical world

For ordinary users, the question is, do they want to have to keep buying more powerful computers while having that power gobbled-up by the ever increasing overhead of parameter checking by applications, increased overhead of signature and heuristic antivirus programs, and software firewalls?

Or do ordinary users want to put hackers and script kiddies in jail, leaving more power available to applications.

Registered professionals should be able to have and use security tools for their work.

It should be the same in the physical and the cyber worlds. If you want to be a locksmith, take the course, sign a code of ethics, get a license, and you can have the tools.

The current situation, where there is no security on the internet suits many security companies just fine. The more security problems, the busier they are, the more they can bill.

Increased internet security will mean a decreased need for the services of security companies. But it is all for the greater good. I'm tired of spending so much time, money, disk space and CPU power on security.

Put the script kiddies and those who provide them tools in jail for a few months.

Different walls, not different houses

Except that by making networks comprised of computers running multiple OSs, the US military is doing the equivalent of building a house with some walls of straw, some walls of wood, and some walls of brick.

Hackers will enter via the weakest wall.

And that wall might turn out to be the OS/X or Unix wall, who knows.

Will Americans ever choose to restore their country's lost honour?

Name-calling, burning evidence, and bald-faced lying won't do the job.

America would need to either prosecute its own war criminals to regain its honor, or have the International War Crimes Tribuneral do it for them.

That will mean US politicians impeaching US politicians, US civil servants and judges indicting and convicting their peers, and US military officers court marshaling and convicting their peers.

Will a sufficient majority of US voters decide to force their governments to do this?

My bet is that the majority of American voters are so disconnected from world opinion and generally accepted concepts of right and wrong that they will choose to live with their national dishonor in perpetuity. These people voted GWB in for his second term after he claimed they shared his moral values. These are the people who have continued to fail to bring their My Lai Massacre war criminals to trial.

And I seriously doubt that the minority of US voters who do know right from wrong will be able to educate enough of their fellow countrymen sufficiently to shift their country back to the path of courage and honor.

I hope I'm wrong. I truly hope they take the necessary steps to restore their country's honor.

El Reg cannot have it both ways

1. Compare this article, which criticizes Facebook for letting people know about attempts to breach its security with the El Reg article criticizing Apple for keeping security vulnerabilities secret.

What does El Reg advocate? Secrecy or openess?

2. Would El Reg advocate that banks not prosecute those who attempt to break into bank vaults?

It is generally desirable that those we trust with our data attempt to penalize and prosecute those who would steal our data.

The most damaging child abusers are

A short term act by some rare criminal freak, no matter how repugnant it sounds to the general public, generally has a minor impact on the child compared with the tremendous damage abusive parents routinely cause. This sounds like an elected judge going for easy policitical points.

The most damaging child abusers are parents who abuse their own children. This is regardless of whether the abuse is sexual, psychological, or serious physical abuse. And parental child abuse is by far the most common type of child abuse by adults against children.

The worst cases are where the abuser is the person charged with caring and protecting the child, abuse persists over many years, and the child sees no where safe to turn for help.

Earlier abuse, beginning before the age of 3, or before the age of 5, causes even more damage.

A healthy parent-child relationship is necessary for a healthy childhood.

When judges start sentencing abusive parents accordingly, then I'll be impressed. I'm not going to hold my breath though. There are too many abusive parents and they can vote.

It is about time

It is about time. We almost had legislation similar this in Canada, but with our current minority government, the Liberals and the NDP prevented the Conservatives passing it. The Liberals and NDP didn't think computer crimes caused enough damage to justify creating new laws.

Keep in mind that there were already US laws against invading US government computers. So my understanding is that this bill's primary effect is to protect the protection of criminal law to privately owned computers.

A "felony" is a serious crime. With most crimes there is a line arbitrarily drawn between a misdemeanor and a felony. For theft, in some jurisdictions theft over $1,000 is a felony, in others the line is $10,000. The 10 computers is that arbitrary line that the authors of the legislation picked.

If someone is installing spyware and also stalking, then they are committing two crimes. Nothing in this new law would prevent prosecution for that other crime.

As for who gets investigated, it will be probably be those who commit the most serious criminal acts, as well as those who commit criminal acts against those with loud voices and good connections. FBI computers, as US government computers, were already protected under US law.

Americans being prudish has little to do with GWB

Americans have always been very reluctant to have anything remotely sexual on TV. Their sexual prudishness predates GWB by a century or more. Violence is okay, but any kind of sex, side views of a nipple, bare bums, sexual comments, has been pretty much banned from broadcast TV channels.

Fox News is a cable TV channel, and I think cable TV channels have more relaxed restrictions.

Tawakalna, an excellent summarization.

If the penalty for being a jerk in Canada was death, our country would be completely de-populated.

Tawakalna, an excellent summarization. These other people are probably not aware of statements made by other witnesses, and are solely going by the video, and their own prejudices.

One other fact that people may not be aware of is that there is a 20 minute break between the start of the film, where he is throwing things, and the segment where police show up. The camera was running out of storage capacity, so the cameraman stopped filming. My perception is that the that the throwing of the computer took place in that first segment.

This guy had been left unaided in a secure area for 10 hours. The self-serve telephone help line to interpreters was not working. No officials thought to aid him early on, before he entered his medical crisis.

When police showed up, the victim appeared to be obeying police instructions, had his hands down, and presented no immenent threat to the lives or physical well-being of the officers or other humans.

So there was no "just cause" to attack the victim physically.

It looks to me no different than any other 4 people confronted with a difficult situation, over reacting, and committing what we in Canada call "manslaughter", which is one of the things police would charge an ordinary citizen with if they did that, except that these were trained professionals, were trained in these kinds of difficult situation, had many years of experience, and they'd probably given some thought and premeditation to what they did. That would make if first of second degree murder under Canadian law.

Our mounties (the RCMP) go through very thorough training, which supposedly includes the use of the Taser. If the problem is training related, it is improper training, not lack of it.

I think the root cause of the problem is that our police, like any good criminal gang, tend to follow "omerta" the mafia law of silence. The "blue wall of silence" principle is usually very effective when violently criminal police want to recruit other police to become "accessories after the fact" to their violent crimes.

Couple that with the moral principle that "if you don't get a criminal conviction you didn't do anything unethical" and you have a small segment of the Canadian population that commits a significant percentage of the crime here, but thinks itself non-criminal.

These four officers, and the "accessories after the fact" colleagues who have sheltered them from investigation, are a disgrace to the profession of policing.

Complex software should be patentable or declining C.S. enrollments will worsen

"A set of instructions" is by definition a large part of what a patent is. If your idea cannot be reduced to a set of instructions, it cannot be patented.

So if you implement your "set of instructions" on a programmable electronic device, it can't be patented.

But if you implement it with cogs and levers, or pipes and valves, it can be patented.

That makes no sense, except to software freeloaders -- people who expect programmers to work for free.

Working for free gets real stale real quick shortly after you graduate, and that is as true in China and India as it is in the USA or UK.

Declining and uncertain renumeration is largely why fewer and fewer intelligent and/or enterprising people are choosing programming and computer science as careers.

Complex software should be patentable!

The distinction should be whether the idea is trivial.

Any trivial idea, hardware or software, should NOT be patentable. And, of course, any previously discovered idea should NOT be patentable.

nobody owes patent trolls a living

"This bill contains provisions that will create uncertainty and weaken the enforceability of validly issued patents,"

If the validly issued patent is for something so obvious that it has no intellectual value, or for something where "prior art" exists, well, that is the desired result. Such patents should no longer be enforceable because they stand in the way of true innovation and they de-value real intellectual property.

And if you are a patent troll, and you've invested money in buying up patents on obvious concepts, then you deserve to loose your money.

As with stocks and bonds, investing in patents is not a sure thing.

Nobody owes multi-millionaire patent trolls a living.

brave "pro-testing on live subject adovcates

If the only qualification required is to be a dumb animal with a near human physiology, why don't these brave "pro-testing on live subject adovcates" volunteer themselves as subjects?

Is obstruction of justice any less illegal when done by police?

In Canada we have a crime called, "obstruction of justice". Is obstruction of justice any less illegal when done by police?

Too bad ... this was the one hope to save my job

Oh well.