* Posts by LittleOldMe

9 publicly visible posts • joined 13 Oct 2015

UK snubs Apple-Google coronavirus app API, insists on British control of data, promises to protect privacy

LittleOldMe

Re: Three steps to avoid this

"A CFR (case fatality rate) of 0.5-1% is actually really rather high..."

I think you might be mistaking CFR for IFR. Case Fatality Rate is a measure of how many who are tested die. As we only test those who are suspected of having it, CFR tends to be much higher than Infection Fatality Rates which are probably more like 0.2%. I say probably, becuase until you test are large portion of society with a RELIABLE test (note current UK swab testing is not that reliable) you not going to know the exact IFR.

Of course advertising such a high CFR and relying on peoples ignorance on the difference is a great way to make it look worse than it is and promote panic.

I do know the difference. I do know that Apple and Google are more competent at software and privacy. I won't be installing the UK Gov app either. I would install the Google one if that choice is offered.

Microsoft officially hangs up on old Skype phones, users fuming

LittleOldMe

Re: The usual story

We don't call them Microsucks for nothing.

Microsucks have a very poor reputation for customer service. They were born a software company and are really struggling to become a Service Provider.

I started using Skype before it was a Microsucks product and it was good. I did not discard it when Microsucks bought it, but I did expect the service to get worse. Sure enough it did. I moved to a different VOIP vendor.

You take a big risk when you get Microsucks to provide you a business critical service.

Just my opinion of course :)

Dublin shopkeeper catches forecourt fouler with his pants down

LittleOldMe

PoITry

For this case, 1 will not do.

Poems they must Number 2

1)

There was an old man from Dublin

Who took a shit by the dustbin

When caught in the frame

His bowls he did blame

A punishment fit? Rub his nose in

And what will they say of him when he is laid to rest? An epootaph.

2)

Here lies the Phantom Pooper

Of old Dublin town

Who's shitty midnight antics

Made shopkeepers frown

But now those days are over

As his time has come to pass

And now we need not worry

About his Phantom arse

The_poIT. Will write for upvotes :)

Google broke its own cloud again

LittleOldMe

Re: The Cloud...

You mean other people's computers that cost much less to run and are far more reliable than the ones you do have control over? That cloud? Where do I sign.

Google to kill passwords on Android, replace 'em with 'trust scores'

LittleOldMe

Re: Just curious ... how many commentards here

And how would Biometrics fix that problem? How is that better?

If you have been locked out from your account by the bad guys, then it is time for a talk to your IT administrator.

LittleOldMe

Re: Just curious ... how many commentards here

Biometrics have 2 serious drawbacks

1) They are easily defeated. Pictures can defeat face recognition, recordings can defeat voice recognition, images can defeat fingerprint recognition. It is not so hard to take a picture of someone else and be them.

2) If you suspect your security has been compromised, you cannot change your face / voice / fingerprint.

Passwords however cannot be forcibly extracted from your brain by any means short of torture. They are easily changed if you suspect a breach.

Based on this I would say that the password paradigm is not broken. This does not mean passwords are perfect. Users pick stupid passwords, fall victim to phishing attacks etc. 2FA can help mitigate that risk to some extent, particularly for high value systems such as online banking. But 'something you know' is likely to remain the strongest element of any 2FA system. I for one am not ready to give up my password.

The reason there is much interest in the industry is not because of improved security. But because it is something new and flashy that encourage users to replace kit and hence improve the market share of the company selling it. It may well be that the marketing departments try to sell it as 'better security '. But that would only be true for those users who use pas55w0rd everywhere and write that down on a post it note in case they forget. For those of us even remotely security aware, GOOD passwords are still the cornerstone for keeping the bad guys out.

Want to self-certify for Safe Harbor? Never mind EU, yes we can

LittleOldMe

Many thanks to Mephistro for the comments. I think you illustrate my point perfectly.

I agree with you entirely that the US policy on this and many other things, suck. I think other behaviours around guantanamo, gun control and indeed the indiscriminate breaking of other countries laws (hacking Angela Merkel's phone spring to mind) are way worse than lack of privacy laws. We should object. And we do. But two wrongs don't make a right.

The idea that we can make this right by banning Google, Microsoft, Amazon etc from trading in the EU won't work. It won't hurt the US government or the NSA. It will hurt the EU.

Many EU companies use systems like MS 365, Google For Work, and AWS to run business critical services. There are entire industries built up around cloud computing and social media. Banning US companies from operating in the EU will mean those industries will disappear in Europe. So will the jobs attached to them.

In addition no EU companies will have access to IT tools available to non EU companies, putting the EU at a competitive disadvantage against the US and the rest of the world. Which in turn means less jobs and less tax to support the social endeavours we all want, like schools and hospitals. The idea that this only affects the Fat Cats is nonsense. Real, everyday working people stand to lose their incomes.

Never mind the ideals, the loss of Safe Harbor will be very bad news for the people of Europe.

Ideal it is not. Real it is.

LittleOldMe
FAIL

Realism vs Idealism

I think it is fair to say that most Europeans take a fairly dim view of many US policies. Gun control, waterboarding, the inability to get behind a good health care system and, yes, data protection laws. But EU and the US do share a belive in freedom. And the US should be free to make its own laws without coercion from the EU or anyone else. If they think guns are a good idea ( I think it's crazy ) then that is up to them. The EU has no right to tell the US what its laws should be, and even the most casual observer would see that even if they did have a right, they have no mechanism to enforce it.

In an ideal world, everyone would agree. In the real world, they don't. And above all things we should respect people's freedom to choose their own government and their own laws and then agree to disagree.

Given that the EU has no power (or right) to enforce EU law on the US, the EU are left with a choice. Do trade with the US or don't. Many have commented that EU companies should not use US providers. Easy to say, but harder to implement, because there are no good EU alternatives to Google, Microsoft, Facebook, Amazon etc. In the real world, dropping Safe Harbor is the same as outlawing cloud computing. EU companies will suffer badly as key IT systems get switched off, with only less functional and hugely more expensive solutions to replace them. Many will not survive that and many jobs will be lost. The NSA however will not care at all.

Dropping Safe Harbor might seem like a good idealism. But the reality is that it will hurt EU business badly and it will achieve nothing. The US electorate do not care what the Eurocrats think and if the EU want to turn off business critical IT systems.... well I am sure they will think that is as dumb as we think US gun laws are.

The EU needs to adopt a more realistic and less idealistic position, enable Safe Harbor mk 2 and lets get on with business. People's jobs depend on it.

Perhaps Max could just 'unfriend' NSA :)

LittleOldMe

Re: EU businesses: PLEASE STOP SHARING WITH THE US, STAT!

When life hands you lemons......

"I live here, and I mean it. Because nothing meaningful will change unless it starts to seriously hurt a lot of companies' bottom lines"

The policy of the company is irrelevant. The US government make the laws US companies comply with. You can boycott them all you like, the NSA won't care. The only people who are going to lose out are those doing the boycotting.

That might seems unfair. Welcome to reality. The only sensible course of action is to accept that it is what it is.

Lemonade anyone?