2806 posts • joined 16 Nov 2013
The actions of Mozilla and Slurp speak volumes about the organizations. One acknowledges reports and deals with as fast as possible. The other seems to be either too disorganized or suffering from bureaucratic infighting to react. Firefox will get patched in a reasonable time period without prompting; Edge might get patched when some slob bestirs himself to actually do something possibly after several months of harassing.
It is obvious which browser should be trusted: Firefox.
My reaction to the original post was that would be the end of Orifice as they are JackassScript. But apparently the PHB misspoke and they are not rewriting it in JackassScript. This might give a clue as to how screwed up Slurp when their PHBs can not get the story straight from the start.
Re: Remember the good old days?
@AC - Try punch cards and paper tape.
Re: Lock them all up?
@DagD - The US security clearance rules require one to take very seriously the security of any information that might be useful to an adversary. The actual security classification is not relevant. This is from someone who had US security clearance training. The issue with Hildabeast was she did not follow the requirements that someone like me would be looking a few years in Club Fed for doing lesser stupidities.
A wise person
Once observed it is not they 99% AI gets right but the 1% it gets wrong. What is the false positive and false negative rate? How big a tumor will it miss not how small a tumor it can see. Also, the legal liability of a wrong diagnosis; is it the MD or the software vendor who is responsible. Right now it is the MD who is on the hook.
Real Slurp Issue
While the class definition may have been too broad, Slurp still has a problem of defending idiotic staff rating practices aka 'Stack Ranking'. Slurp's implementation was a lawsuit waiting to happen as it required the bottom performers in a group to be canned without regard to the quality of their work. An idiotic policy by definition. This leads to a tense, brutal workplace with a lot of politics being played to avoid being in the bottom group. The politics will inevitably lead to unfair practices that are at least borderline illegal if not illegal cropping up over and over.
@hungryman - Excellent synopsis of the problems of EVs since 1884. I would quibble that range is a solvable problem with bigger battery packs using high charge density batteries. But the recharging time is the Achilles heel for EVs. This effectively limits a day trip to one charge; not always practical. The problem of connectors really only requires the industry to pick a set of standards for different voltage connections that every will use; something done in other industries.
Re: Oracle got there first
In Tesla's case, they need to slow down the cash burn and start turning a real profit. Otherwise they will join many others in junkyard of defunct car manufacturers.
Re: Interesting... color me skeptical.
"our family is settled... relocating every 2 years, assuming that IBM is going to cover all of the costs... is still going to be a deal breaker for the older employees. (Try buying and selling homes every 2 years....) " - Back to the old days of I've Been Moved when this was done on about a 2 or 3 year cycle.
Re: "Pressure by pocketbook" is wishful thinking
They are getting "pressure by pocketbook" as 3 of the more prominent US retailers are not carrying them anymore. That will hurt sales as they are harder to find. The pressure does not have to come from consumers directly but by retailers not carrying it. If the product is too difficult to find from a reputable retailer their sales will die. Also, for many semi-casual purchases, many may not bother to search for it if is not available at well retailers.
At least did not do what a guy many years ago did in San Diego with a tank.
Or did he want to reenact 'Stripes'?
Re: This entirely political move
Agree this is due to decent legal and technical analysis. Many of these apps are not necessary in a business setting as they do not provide any value over more traditional communication methods but only risk of data leakage.
Several have alluded to the 7.5 billion paid for GitHub, a company that was essentially broke and badly overvalued by any reasonable measure. One has to wonder how Slurp is going to make back the purchase of what is an easily replicated service. There should be a plan to make money off the deal but marketing babble about opportunities does make a plan. If they are counting lock-in or loyalty, there is no real lock-in and developers are loyal to their projects/employers not Slurp. Customer loyalty to any vendor is always limited and if there is reasonable competitor customers may jump if provoked. As for lock-in, using Git locally or internally does not require any special skills or hardware and using another service such GitLab will not require an extensive learning curve. It is not the same as being locked-in to an OS and what is available on that OS, which is true to some extent for all OSes.
The head scratcher is why so much for a company whose only claim is they one of the larger online source control vendors. It is not as if someone could not start another with the available tools and a little bit of seed money. And it is not as if the a project or company really cares who the vendor is but rather that they can reliably reach the site. We are not talking a social network or online game where there is a definite critical mass to make money.
There is a long litany of anti-user actions by Slurp with just Bloat 10; too long to enumerate here. So why would anyone trust a know liar and scum when they mouth platitudes? Developers should be wary of someone borrowing their code, particular scum like Slurp, without any attribution and probably in violation of the license.
For my projects, I am actively looking at alternatives such as GitLab but I am open to others.
I think Slurp may have miscalculated badly. Developers are a wary bunch and hate being burned more than once. Also, a git version control system can be implemented internally, if so desired. The advantage of GitHub or GitLab is cost and not having to deal with the plumbing of such a system. So, it is relatively easy to move to another and the people deciding to make the move have the technical skills to pull it off. Also, there is nothing inherently special about GitHub, GitLab, etc. that makes it the only option for a project. All a contributor needs to know is where to pull the code for a project. The presence of other projects is really not very critical.
LinkedIn is more like Failbook in that most users are there as a type of social network and really do not pay much attention to the antics of the owner and how they abuse one's data. Thus, most users are not likely to abandon LinkedIn.
Slurp the Clueless
Wolfing done Github would cause a migration away from it as developers really distrust Slurp more so than the general public. Slurp's antics with non-support of standards, dropping developer tools, APIs, etc. makes their stewardship of Github rather problematic.
When they bought Linked, my activity has dwindled to nothing with some consideration to dropping it altogether.
Stingray phone stalker tech used near White House, SS7 abused to steal US citizens' data – just Friday things
Re: Boss said leave it alone.
@AC - It is vague enough to avoid problems as does not hint who the boss is. Also, snooping on phone conversations in DC would be a smart move for any foreign spookhaus. So identifying who is spying is bit problematic as domestic spying can not be ruled out either.
Re: What a lovely place to work, hey ?
Firing someone because of a health issue is unforgivable. At some point many of us will be in our lives where we need to take off time for family/personal medical issues. Hope he makes Leisure Suit Larry's minions bleed cash.
One of the keys to spotting fraud is to have an understanding of human behavior. The Artificial Idiocy crowd thinks this is not that difficult to do. But in reality it is much harder to spot. Are those big ticket items due to fraud or not? Hard to always say without may be looking at the context of the purchase. And even then it is not always apparent.
Usually when the ferals back down it is because someone pointed out how easily they would lose the inevitable suit. I wonder if more than a few of the comments cited their own procedures back to them.
Re: Major Overreach
Walk? Artificial Idiocy has begun to crawl yet.
Re: "leading to Microsoft missing the web search train"
The legal problems are excuse for their own blundering stupidity. Slurp won the OS wars in the 90s and decided to rest on their laurels as many stupid monopolists. They thought they were indispensable and would be forever. But what Slurp forgot is the presence of a monopoly in a market makes others try to work around by a combination of new products and legal threats. The new products are the bigger threat as they are the best hope to break the monopoly long term. For Chocolate Factory and Fruit to break the monopoly they had to find products that users would flock to. It was more do or die for them from day one while Slurp would be slow to see the threat as failure of iOS or Android would not hurt them.
Stupid does as stupid is
One of the reasons I suspect many youngish PHBs do not like older workers is they have been there and do that before. They seen the periodic hype about AI, fusion, etc. and the resultant crash and burn enough times to have some pretty thick scars and callouses. Thus, they are naturally more wary of the latest fad and marketing 'trend' and will tend to ask hard, sometimes embarrassing questions. The PFYs, however, do not have that experience. Thus can be more easily snowed by marketing patter.
How many screwed up IT projects suffered from similar issues before being put of their misery?
The primary effect will be to force companies to be more focused on user privacy and how much user information they collect directly or indirectly. Too many marketing weasels failed to grasp the cardinal of information security: "what you do not know/have you can not blab". So willy-nilly private data collection will stop once a few big boys get nailed by some eye-popping fines. If a company never really considered user data security seriously before they will have a rough time of it for awhile. But in reality they earned what they are getting. There was an old ad tag line may years ago in the US for a car oil filter: "Pay me now or pay me later". Either you pay up front to do things right or you pay much more later to fix the resulting problems.
I have little sympathy for the complainers because they mostly ignored it until too late and they were offenders the law is targeting.
Re: I'm in no way defending the guilty here, but....
The manager might need to know what the condition is properly plan for staffing and absences. The problem is telling those who do not need to know. Also, even routine procedures like cataract surgery have a recovery period where person might need more breaks.
My non-shyster understanding of the key points of GPDR is you should have a written document, readily accessible describing what you collect, why you collect, what you do with it, and who has access to the information. Also, users have explicit opt in, opt out, know what you have on them, data deletion rights, and data breach notification rights. Depending on what your site does and how it is done you may have very little to do in reality. This particularly true for a site that collects minimal information from users. From what it sounds like your site may have a login requiring a username, contact email, and password to post on the BB as well as storing user posts.
The primary target of the legislation is not small hobby sites but semi-criminal outfits like Failbook and Twatter who abuse the information they collect. Also, the notification rules requirement, which sounds scary, means that what Equisuck did when sitting on the breach for several weeks/months is now illegal. There is a lot of hype over the law without understanding why it was done and who the real targets are: Silly Valley idiots who abuse their users to squeeze out a few more pennies.
From someone in an already privacy regulated industry, this is mostly an extension of what is already done in many industries even in the US. Other than the fines, I have not seen any thing in it that is much different than what I already must obey. In some respects it is less demanding than what my industry already must do.
Re: So what is the deal with behaviour tracking
@Giovani Tapini - I am no expert either but I understand the main emphasis is explaining what, where, why, and who for one's data collection in the appropriate local language not shyster with several stipulations. One is the user opts in, two the user has access to all the information you have about them on demand, three the user can opt out at any time, four the user can demand all the information you have about them is deleted, five data breaches must be reported within 72 hours. The implications of GDPR is make companies more careful about what they collect and how they handle it. One cardinal rule information security is: 'you can not blab what you do not know'. But this one too many ignore by hoovering up much more than they need.
Hype vs Reality
Many companies already operate under stringent personal information requirements such HIPPA (US law protecting patient data and privacy) and the like. Basically, they have written procedures in place as to who, what, where, and why for accessing this information. And these procedures have been in place for many, many years. All GPDR really does is extend this to basically all companies operating in the EU to have similar procedures in place or potentially face some very significant fines.
I suspect much of the hype is coming marketing PHBs who are now finding themselves actually having to worry about protecting privileged information for the first time and not abusing it. Since many of these weasels (insulting weasels) have no ethics at all this is a real shock to them that someone actually cares. As someone who works in an industry with these requirements in place, welcome to the real world. An aside, when I was being interviewed I was basically asked if I had enough sense to keep my mouth shut when I needed to see live personal information.
And these clowns think autonomous vehicles will be ready in a few years. It looks like wetware 1.0 is still better than the crapware they are using.
The upper mismanagement does have AI - Always Idiotic. The historical problem for Itsy Bitsy Morons is they never really adjusted to the PC revolution in the 80s and 90s (almost going belly up in the late 80s) losing their mojo to others - primarily Slurp. The issue was trying to protect big iron when many potential applications were going to desktops/workstations/servers and were not really dependent on big iron. In some ways they have been limping along for many years trying to find something that will make them relevant again.
To use any frequency for radio transmission in any country one needs to get the appropriate license. Depending on the use and license, the transmitter may be assigned specific frequencies. The frequency assignment can be technically complex but is really very simple - transmitters in a band should be interfering with other transmitters in their area. Broadcasters are assigned fixed frequencies. Note for radio communications like cell phones, the carrier has the license not the user and carrier is responsible for maintaining the cell towers.
Pirate broadcasters are nothing new, it just pops periodically and is normally handled by the appropriate bureau as a routine administrative/judicial matter.
Re: unexpected honesty
@werdsmith - Actually only some journalists and news outlets have lost the trust of the public. Many have tired to report stories as accurately and fairly as possible. Most people are smart enough to differentiate between the those that are actually doing journalism and those who are shilling for whomever.
Re: A Living Legend
Give'm hell, Schrems
If I have the fine correct, the EU could fine Slurp 4% of their world-wide gross which would be a tidy sum. It should catch the eye of various feral regulators as this would hit the P/L statements very hard. As I remember, if you have any European customers/activity you are subject to GPDR. Get hit once for Bloat and Orifice and that could total 8% of their gross.
What does this patch break?
Somehow this reminds of N-waves of the early 20th century. They were an artifact of the laboratory setup.
Re: Still I don't understand why Russian doesn't allow full tests.
The best non-pathology evidence was the eyewitnesses in the bunker who survived and knew Hitler very well as they worked closely with him. They were always consistent in their stories of what happened and there were several including secretaries, orderlies, etc. So the question then becomes are they all liars or they telling the truth. Having see interviews with some of them, I do not believe they are all liars so they are telling the truth.
Avast is a well AV vendor so one would think that updating Bloat 10 would be tested by Slurp in house before unleashing the spyware on to the masses.
Blood spilled from another US high school shooting has yet to dry – and video games are already being blamed
What I have seen with too news events in general is the 'news' outlets (on cable in particular) have to fill time. So they grab some babbling moron who knows absolutely nothing about the particular situation to pontificate about it live. Often the ponitifications are shown to be wrong once the details finally emerge a few days later as they usually do. These details usually also show a more complicated situation than the babbling blowhards ever imagined. Also, the media is prone to latch on to 'official' sources who may know very little who also spout off random nonsense and spread rumors. None of this specific to this situation but a general observation of media behavior, particularly of the TV channels.
About this situation, other than it happened and several were killed and more injured, I doubt much is really known by the investigators at the time of this post. And I doubt any of the pontificators on your favorite new outlet really knows anything about the situation other than the barest facts. Certainly they do not why this tragedy occurred and at this point the investigators may not really know either. I understand they have the shooter in custody so the investigators can interview him to find out why. But getting clear answers takes time and effort by the investigators.
Making intelligent policy to prevent these from happening requires avoiding knee jerk reactions by all. How did he get the guns? Several possible answers and depending on the actual answer is there a way to prevent someone like him from getting them in future. In a couple of recent mass killings, the shooter was not entered into the database due various administrative stupidities as required by law and was thus able to buy them legally. Where the guns stolen? Do not know but that raises another set questions. Where the guns legally owned by a relative? Again, this raises a different set of questions. At this point, there are more questions than answers. Why did he do it? The answer here is also not obvious but important in possibly stopping future events. Was he a known problem that was ignored? Was there a recent traumatic event that triggered this? Answers these types of questions point to different issues and possible solutions. Again more questions than answers. And I do not have the answers to these questions and I may not have raised the pertinent question for this case.
The basic commercial problem is very few works ever have any real commercial success. Of the few that do, most of their commercial success is for a relatively short period; somewhat variable but based on the type of work. After this period minimal sales occur and many of the copies that are sold are highly discounted (remaindering in the book trade). This period might be only a few months to a few years at most. The number that have any continued commercial success is incredibly small. And very few of those works out last the active career of the creator commercially.
So a truly reasonable copyright system would have a moderate period of about 10 years to cover the commercial life of the work. It would have limited renewal by the creator, about 2 times to cover virtually any other work. It would also require a positive registration initially. Thus, most works are automatically public domain and commercial works would enter public domain fairly quickly.
The very rare works that have continued commercial success would also go into public domain unlike the current system.
Also, I wonder if the current copyright period is even Constitutional but that never stopped Congress critters from being both criminal and idiotic before.
Re: Low Cost? at $499!
@Deltics - The point of BYO kit is you control what is used not that you can save money. Usually you do not save money but more. But you have built a machine you want not what is offered by a vendor. Your example is what I would expect, components bought in retail quantities will have a higher cost than the same bought in commercial quantities.
Re: Low Cost? at $499!
If have a reputable used dealer around you probably can buy a couple year old, refurbished laptop with much better specs for the prices you are quoting.
Biometrics: Better than your mother's maiden name. Good luck changing your body if your info is stolen
Biometrics vs Maiden Name
Biometrics are basically permanent and can not be changed so they are only good as username or equivalent. Questions like mother's maiden name can be guessed if you assume (mostly correct) the person actually answered correctly. But if a person use a set fictitious answers to these questions that would not be obvious where they come from, they are much harder to guess. For example using 'von Francois' for mother's maiden when it is 'Smith' and 'von Francios' is not a close relative's name like an in-law.
Re: "every closed source software vendor has their own license usually with onerous restrictions"
The difference between closed source and open source is who has the authority to make modifications. With closed source only the vendor can make changes to the code. So you are completely at their mercy if something will get patched or added. With open source, you have the explicit authority to make any change you want for any reason. Whether you do, is your choice.
From a practical user perspective, there often is very little difference when using either if the code is being used internally. If the code is being used externally then the license restrictions do matter and often the open source licenses are less restrictive by default as you being able to include the code in your code base. With closed licenses, one needs to read the T&Cs to be sure though many cases you can include a compiled binary in your code.
@Doctor Syntax - Spot on. But many PHBs and MBAs (being redundant) only look at personnel as a cost not a resource. Having the resource internal to you makes it easier to shift them were needed. Also, internal personnel if they can talk to each other can share resources with each other more freely; they are both working for the same company.
Re: Signed a Miranda waiver form after being read his rights
@DougS - Third party videos can be used as evidence such as dash cam videos without reading the Miranda rights. Miranda explicitly refers to interviewing the accused and nothing else. Most local Stasis over here record all interviews as a matter of policy to provide an accurate record of what was said. However, the ferals generally do not.
Re: Hero ?
Training can only partially replicate what happened in reality. Plus, the pilot is faced with possibly several different problems at once that may not be run in a simulator simultaneously or at all in some cases. See he has to make quick, accurate decisions based on his training, experience, and what is actually happening at the time to bring the plane as safely as possible with them minimum of casualties. So any when faced with a crisis, who rises to the occasion does qualify as a hero in the public's eyes.
Note may of the pilot heroes actually do not consider themselves heroes but only someone doing their job very well in a crisis. Another point in favor of calling them heroes, their actions were only done to solve a serious problem not for seeking any glory.
Most heroes do have the appropriate training for the jobs but only show any heroism when there is a serious crisis demanding someone rise up to the occasion.
The solution for Failbook is to learning the meaning of ethics and start acting ethically not like some bratty toddler when called for their ethical short comings. Fundamentally, this is what the case is about; unethical and now illegal behavior in some jurisdictions being attacked by the abused.
Re: Ohh, folks at RPI won't be happy
To the point they would like to split the state in 2 and let the downstate scum sink in financial oblivion.
Re: Could it be?
I suspect most robocall operations are offshore thus harder to nail plus you have an extradition treaty to deal with. His problem appears to be operated in the US robocalling the US; dumber and dumb.