* Posts by Lysenko

986 publicly visible posts • joined 23 Jan 2015

Until last week, you could pwn KDE Linux desktop with a USB stick

Lysenko

You compiled your own software that you run and could have compromised it while doing so? I'm shocked!

Exactly so, which is why FOSS "freedom" matters to people like me and is an irrelevance to everyone else (the vast majority).

Lysenko

So no, stuff like this is not thoroughly tested just because MSFT.

True, it is more thoroughly tested because Windows runs on 88% of desktop/laptop PCs and is therefore the primary target for most security researchers and hackers. As I said, it's about the numbers, not the vendor or ideological purity.

Personally, I find Linux far easier to compromise cf. Windows precisely because it is FOSS. I recently modified and rebuilt SSH to log the passwords attackers use against my servers. I could have made it do anything of course, including building in a hard-coded back door. Much harder to do that with a closed source OS. Now you, being intimately familiar with GNU/Linux source code, might notice that I had done that - but would your average user? I doubt it.

autoplay isn't autorun btw. This attack couldn't work via Windows autoplay functions. If you know different, I'm sure the NSA will be in touch with a suitable cheque ;)

Lysenko

Linux runs on 2-3% of desktops and KDE on only a fraction of those. Windows is therefore more thoroughly tested and stuff like this gets found faster. Hating MSFT and evangelising FOSS can't change the maths.

Facial recognition software easily IDs white men, but error rates soar for black women

Lysenko

Re: I'm not sure if serious.

Many times it has been stated, there is more diversity and difference inside groups than there is between groups.

That may be true for genotypes (it's actually an oversimplification), but it doesn't hold for phenotypes, particularly not when you're only considering a tiny subset of phenotypical data which the human brain has specifically evolved to evaluate (faces).

Lysenko

The word "Intersectional" is the giveaway. A study declaring itself Marxist/Leninist would have identified that the discrepancy was class based and constituted oppression of the proletariat using exactly the same data and for exactly the same reasons (confirmation bias).

That doesn't mean they are wrong about the differential accuracy of course. It just means they have pointlessly poisoned the well regarding the integrity of the study.

Huawei claims national security is used as plausible excuse for 'protectionism'

Lysenko

Australia is 100% OK with NSA's SIGINT activities, as they are part of the Five Eyes agreement. The US is 100% OK with NSA's and GCHQ's SIGINT activities as a matter of law + Five Eyes agreement.

I agree. It is entirely possible that they want to push business towards American equipment to ensure that agreed backdoors and cryptographic flaws are present and that the privacy of Australian citizens is not inadvertently enhanced ;)

Lysenko

So I don't really understand where's the real complaint here.

I suspect the issue is that locking out Chinese companies usually hands the business over to competitors who, via FISA courts and other measures, are under the direct control of a country with a proven track record of spying on allies at the highest level.

That being the case, measures genuinely based on National Security would ban all Cisco (etc.) equipment and the fact that they don't implies that the real motivation is finding a way to disingenuously bypass international trade agreements and divert cash into the pockets of companies and shareholders in a position to feather political nests.

US states accused of skimming cash from 911 emergency call dosh

Lysenko

Re: Not Surprised

People aren't so much "obsessed with tax rates" as they are aware that the government pulls this shit.

That's a bit contradictory. Anyone really seeing it that way would be campaigning for higher income tax as a corollary to "no more taxes". I see plenty of the latter but deafening silence regarding the former (which automatically means the latter won't happen).

Lysenko

Re: Not Surprised

I live in Northern California & am used to all those fees, charges, surcharges, taxes, & however else you want to phrase the armed robbery that is government subsidies being collected with everything we do.

Ultimately, it is down to the electorate being arithmetically illiterate and obsessed with income tax so a Byzantine code and proliferation of stealth taxes becomes inevitable. Any politician proposing genuine tax cuts by abolishing back door surcharges and adding a few points to income tax to compensate would be crucified, regardless of the mathematics.

The problem with income tax is that it is clear and honest. The electorate doesn't like that. They prefer sleight of hand. They would rather someone surreptitiously skims off 110 pennies here and there rather than handing over a dollar up front. Great for politicians too. If you don't really know how much you paid, you won't be paying much attention to where it went.

You can resurrect any deleted GitHub account name. And this is why we have trust issues

Lysenko

Why do you equate efficiency with shortcuts?

I don't. I was replying to a previous comment which implied that faster/cheaper were the only metrics by which efficiency is calculated. Personally, I believe in the iron triad - "Fast, cheap, right - pick any two".

Also, I don't necessarily think project leaders are unaware of what they are doing. Some are, but not all. Anyone focussing on "mean time to remediate" metrics (for example) clearly knows they are shipping something buggy, feature deficient or both. That may well be perfectly rational if your strategy relies on "beta test in production" and you are dealing with something based on machine learning where substantial inaccuracies are axiomatic.

You *are* quite welcome to stick to your Borland libraries or whatever it is that the so-called corporate crowd use these days, but please do not assume that everyone else are bumbling idiots.

It's been a long time since I fired up a Delphi IDE. Most of what I work on is Python, C, Go, TypeScript (Angular) and ES6. That's why I'm very well aware of the hilarity that ensues when Github (as they did last month) goes offline for a few minutes to update some SSL certificates.

I don't assume that chancers are necessarily idiots. Gambling can be a very effective strategy and is a key characteristic of highly successful people. What is idiotic is making npm/github integral to your build system and then getting agitated when it goes down and blows up your deadlines. Competent gamblers know the odds and bet based on calculations, not on magical thinking and cognitive dissonance.

Lysenko

The model that you accurately describe, while far from perfect, has the advantage of significantly reducing cost and complexity, speeds up prototyping, and ties in well with continuous delivery approaches ...

Shortcuts are almost always quicker and insurance policies/backups are almost always more expensive. Therefore, it follows that any naive, short-term, "efficiency" calculation will favour risk-taking and dispense with "overhead" like backups, documentation, specifications, quality assurance, redundancy and reliable idempotence. There's nothing new about any of that, all that's changed is that (some) developers think "dynamic risk-taker" ("chancer", in old money) is a compliment.

As you say, it fits in well with the "Rachman" methodology, where you move the tenants into a building that is half finished (or demolished), and try to shore it up around them before getting bored and moving on to the next (dynamic, innovative, cutting edge) development, leaving the roof still leaking and bare wires poking out of the walls. Nothing wrong with that for a disposable web ad campaign of course, but it's a disaster if you're handling medical records or benefit payments or train bookings or - well, anything that actually matters.

Lysenko

I mean... WTF? If you use a third party module in live code, you surely don't link it to a live repository. What am I missing here?

You're missing the fact that almost all modern JavaScript development is based on exactly this model (via node/npm/yarn) and it is even considered to be "bad practice" to bring code into your own source tree rather than download on demand. Given that so many developers start with JS these days, this becomes standard practice and they don't even think about it.

It took us less than 30 seconds to find banned 'deepfake' AI smut on the internet

Lysenko

Such videos are made possible by neural network technology that can learn the features of anyone’s face and maps it onto bodies in videos.

Such videos are possible because some artists/cartoonists are capable of approaching photorealism and they now have tools more sophisticated than crayons to play with.

I've seen porn featuring Slebs that was obviously created with a pencil and paper, other stuff created with photoshop, and now we're supposed to collapse in pearl-clutching horror because those 'shops have been stitched together into "moving pictures"!? Seriously?

It's almost as bad as someone phoning around doing a Tom Baker impression. I mean, someone might think they have a genuine Time Lord on the line!

Uber: Ah yeah, we pay women drivers less than men. We can explain!

Lysenko

All of this combines to factors which if you want true equity between the genders, meaning women need to get paid more per trip.

People with fewer hours worked and therefore less domain relevant experience should have their earnings equalised by executive fiat? I'm impressed. Ideological denial of economic reality to rival cold fusion and anti-gravity matter.

In any case, you will be/are doubtless applying this logic in your own industry? Junior devs (junior anything actually) should be hired at exactly the same salary as project leaders. In fact, to redress historical inequity, junior new hires need to be on higher salaries than senior guys with a couple of decades of experience. Genius! I mean, no-one puts in extra time and effort for anything as crass as "money" anyway. Seniority can be signalled by "employee of the month" awards, decided by democratic secret ballot!!

Ah. You're trolling, aren't you? Variant of Godwin's Law. Well played....

Lauri Love judgment: Extradition would be 'oppressive' and breach forum bar

Lysenko

Re: @lysenko

I agree with all your points bar the one above - I think its somewhat absurd to pretend that someone who is obviously as au fait with computers as this guy wouldn't have the first clue that hacking is illegal.

I agree in this case. I was speaking in terms of general principle. Establishing mens rea should be perfectly straightforward and I fully expect a CPS prosecution in a British court to succeed as soon as the USA stops withholding evidence (which is essentially what the Court said, minus the prejudicial assumption).

Lysenko

Re: The argument makes me sick

I really don't see how this works. We've had Mexican nationals shoot across the Rio Grande and hit (kill?) US government agents. Do they stand trial in Mexico for gun possession?

According to US jurisprudence, they don't stand trial at all and there is controversy over whether there is even civil liability.

This illustrates another aspect of the problem I was describing. As a British citizen, I am quite clear that if challenged by a police officer I can ignore him if I believe his orders to be unlawful, and reach into my inside pocket for my phone. The policeman in question has no right to assault me (let alone shoot me!) as a precaution just because I might theoretically be reaching for a weapon. The right to self-defence hinges on minimum force in response to actual threats, not lethal force in response to hypothetical threats.

Obviously, I know US law is different and based on the principle of "shoot first, ask questions later". That's a decision the American people make in respect of their own country and I have an obligation to be aware of that and behave accordingly if I'm in America. The problem arises if I am expected to take American law into account when I am nowhere near the USA.

For all I know I'm committing offences under numerous foreign laws at this very moment. I can't possibly know. Can I start a club called the "Falkirk Bowling Institute" and tell people I'm from the "FBI"? Can I mention "second amendment remedies" in respect of the US President? Can I (using the principle of reciprocity and the supremacy clause of the US constitution) strike down the 1st Amendment and extradite Americans publishing material which contravenes UK discrimination law?

It is ridiculous to imagine anyone could even be aware of the full range of law in every country. The UK has extradition treaties with Botswana and Cuba! Personally, I oppose extradition on general principle, but insofar as extradition treaties exist, the requesting party should have to prove that the offence exists in British law, that there is sufficient evidence to convict, that the proposed penalties are comparable and that the accused's rights under the HRA/ECHR will be upheld (which is why the USA can't extradite and use the death penalty).

There is nothing specifically anti-American about this, any more than it is anti-German to refuse to accept their Holocaust Denial laws (as the UK and the USA both do) or anti-Botswanan to point out that only a handful of UK citizens are likely to have any idea about the specifics of Botswanan law.

Lysenko

What's with all the hate for the US justice system?

Well, there's the absurd 99 year potential sentence and the fact that they want to run 5 different prosecutions in different jurisdictions (i.e. he would be on remand longer than the entire UK sentence).

Also, UK prosecutors are civil servants with zero public profile. They are not there to launch a political career, the public doesn't know or care what their personal conviction rates are (unless they are obviously incompetent) and they can't plea bargain or usurp the Judge with sentencing. Getting cases overturned on appeal or thrown out on grounds of over-zealous prosecutorial misconduct are their primary concerns so they have no incentive to pad charge sheets and play poker, bluffing innocent people into guilty pleas with trumped-up charges and absurd sentencing threats.

A prosecutor with a conviction rate substantially above average (80-84%) would be viewed with some suspicion because he would likely either be cherry picking cases (corruption) or bending the rules of evidence & disclosure (more corruption). In contrast, I have heard that some American prosecutors can have 100% conviction rates and instead of being criminally investigated for their (statistically obvious) perjury and corruption, they are applauded!!

Lysenko

Re: The argument makes me sick

He may have been in the UK but the computers he broke in to were not.

This again...

It is a basic principle of jurisprudence that ignorance of the law is no defence. That principle collapses into absurdity if it hinges on the expectation that an individual must know and adhere to the legal code of every country with an internet connection. That's without even considering the vast abridgement of democracy implicit in being held liable according to laws passed by a body that is totally undemocratic from the perspective of the accused (EU citizens can't vote in congressional elections).

To engage in a little reductio ad absurdum:

"I think the Holocaust didn't happen and here is a photo of a swastika."

Someone reads that in Berlin or Vienna. You are suggesting that the Germans have grounds for extradition? The computer screen my comment appeared on was in Germany after all?

It is absurd. A British citizen, acting in the UK commits an offence under British law or he doesn't. Nothing else should be relevant. The electorates and legislatures of foreign countries can enact whatever laws they like for whatever reasons they like and there should be no expectation that a British Citizen, in Britain should pay the slightest attention or even be aware of what those laws are.

Simply writing disrespectfully about 'lil Kim is probably a capital offence in Pyongyang. I don't know, I don't care and there should be no expectation to the contrary.

The many-faced god of operational excellence, DevOps and now 'site reliability engineering'

Lysenko

First, what exactly is DevOps?

That's an easy one.

DevOps is a concept borrowed from sewage engineering and describes strategies and tactics for flushing crap through the continuous delivery pipeline as rapidly as possible, ensuring there is never a pause long enough for an accurate assessment of just how bad it smells (otherwise known as "Q.A.").

If you accidentally pump a particularly toxic batch of effluent, there is no need to evaluate how it happened ("No responsibility blame culture") or adopt preventative procedures (wetware Q.A testing), you simply accelerate the flow rate and hope to bury your previous noxious sludge under the next incoming batch ("Mean time to remediate" metrics).

Naturally, this integrates extremely well with [FR]Agile methodology which is itself concerned with shipping half finished, poorly specified and largely untested mockups "iterations" and worrying about details like security, compliance and reliability at some (hypothetical) future time (after the budget runs out).

When dealing with sewage, the priority is always to ensure that you hit your sprint flush timing targets. Everything else is secondary as any qualified scrum master sanitation supervisor will confirm.

How did I do?

South Wales cops crow about facial recognition arrests on social media

Lysenko

Re: Nothing more

I'm Catholic with "irish heritage" so a black balaclava is cultural

Risky line to take. Plod might use the same argument in respect of their rubber hose equipped morris dancing lessons in the cells.

Lysenko

Re: Nothing more

It is now illegal in the UK to hide your face from cameras.

No it isn't. It was, until 1823, when they repealed the Black Act because cameras hadn't been invented yet.

The police can require you to remove a mask using a Section 60 order, but that has to be authorised by an Inspector and applies only to a specific location during a specific timeframe (i.e. to deal with Black Bloc, Hunt Saboteurs, Football Thugs etc). It is not an offence to actually wear a mask, even if you freely admit that your purpose in doing so is to conceal your identity (balaclavas also keep your head warm).

Lysenko

One possible benefit...

...proper hats might make a comeback in place of those "Beany" things.

Long haul flights on a one-aisle plane? Airbus thinks you’re up for it

Lysenko

Re: The Golden Age of flying is over

If the seat is configured to recline, it is acceptable to recline it, and common courtesy to accept that the people around you will so recline.

No, it is common courtesy not to invade someone else's space without asking permission. Reclining seats on planes, just like the ones in cars, are designed for use when the seat behind you is empty.

Lysenko

Re: The Golden Age of flying is over

I can barely sleep on a plane anyway, there's no chance if I'm required to sit bolt upright for 11 hours.

I don't mean to gloat (yes I do), but I've got an odd sort of travel narcolepsy. Car, train or plane unless I'm driving the thing or actively engaged in conversation, I'll be asleep within 20 minutes of it starting to move. Doesn't matter if I'm curled up like a bronze age kist burial either. I've never been able to understand people who have to remain awake unless it's silent, dark and they're at maximum linear extension like they've been mugged by an ancient Egyptian embalmer.

You've only gone and committed to becoming cloud native

Lysenko

Re: Cloud Native Foundation is a neutral organisation

Not a single vested interest or self fulfilling prophecy in sight. With this sort of rigorous objectivity and independence, I don't know about you, but I'm completely sold!! GDPR be damned. They'll never find me in my secret S3 bucket lair!!

On the NHS tech team? Weep at ugly WannaCry post-mortem, smile as Health dept outlines plan

Lysenko

Re: The NHS

it does nothing to solve the issue of boxes stuck in corners of the network and not being patched for a decade.

It resolves the problem of not being able to disentangle security patches from other updates and puts you (the device vendor) in complete control of the patch deployment process. You can also test/verify anything coming from upstream down to source code level and debug your own device drivers down to hardware (as opposed to kernel API) level.

None of that helps if you have a bunch of chancers trying to run the kit indefinitely with no maintenance contracts of course, but that isn't down to the vendor.

Lysenko

Re: Suits having meetings and producing reports is not going to help...

Most NHS entities treat their technology as an afterthought

Really? MRI machines, Electroencephalographs, ultrasound scanners etc. are afterthoughts? I doubt it.

The problem (I suspect) is that non-IT staff fail to grasp that their new CAT scanner is essentially the same thing as a new laser printer. It is a peripheral and consequently useless junk if the computer it is plugged in to becomes unreliable or non-functional. Ergo, you invest in the computer first and then spend whatever you have left on the best quality peripherals you can afford.

Lysenko

Re: The NHS

Any software upgrade requires us to prove that it is safe. According to our regulator we aren't allowed to let Microsoft roll out updates to our machines until we have checked them. However cybersecurity updates have to be installed immediately.

Presumably, this means that you discontinued new product development using embedded Windows a decade or so ago and this is a legacy tail problem that will diminish as your newer Linux/OpenBSD/FreeRTOS replacements progressively come online?

DevOps: Bloody hell, we've got to think about security too! Sigh. Who wants coffee?

Lysenko

DevOps is all about rapid iteration and continuous delivery

DevOps is all about cutting corners optimising processes and prioritising instability speed over all other considerations. Consequently, the iron triad of software development dictates that the result will be wrong, expensive or both.

In the security field, your unit test robots are up against active attack by teams of highly skilled and motivated professionals commonly known as "hackers". The current balance of power between automation and Human Brain Mk 1 dictates that the robots frequently lose. Increase your attack surface feature release cadence and the equation always favours the attacker.

Face facts. DevSecOps is an oxymoron. If you are determined to ship "Must have colours! Hot new look!!" then your quality will be crap or your costs will be astronomical. Having said that, TopShop are obviously more successful than Saville Row tailors. That's perfectly fine and fine for DevOps too - so long you face up to the fact that you're peddling cheap, low quality, high street tat rather than something hard wearing, well designed and reliable.

Capita contract probed after thousands of clinical letters stuffed in a drawer somewhere

Lysenko

Surely the common sense approach, yeh I know that is a bit of a tall order for the NHS, would be to have one central correspondence receiving center address that never changes, regardless of who is running the contract ????

Perhaps one of those new-fangled "P.O. Box" thingies?

Crowdfunding refund judgment doesn't quite open the floodgates

Lysenko

IndieGogo and KickStarter etc. are essentially just advertising platforms. Trying to go after them because a project fails is as ludicrous as going after your local paper because the second hand car you bought via the classifieds turns out to be nicked. If you really want a secondary target, pay by credit card and then invoke S. 75 of the Consumer Credit Act 1974 to get a refund from VISA et. al.

What a Hancock-up: MP's social network app is a privacy disaster

Lysenko

Out of curiosity...

It has also been pointed out that the developer, Disciple Media Ltd, which pinches off dime-a-dozen apps for anyone who will pay them, does not appear on the data protection registry of the Information Commissioner's Office.

Why would an app developer necessarily need an ICO registration? Is this a cloudy "App as a Service" thing rather than actual software development?

Who can save us? It's 2018 and some email is still sent as cleartext

Lysenko

Re: progress

When it comes to email it should never be encrypted in the senders client and decrypted in the recipients client. Otherwise you have sod all security.

Unfortunately, the above version is also sometimes true and the fact that this gets missed is indicative of a lack of threat modelling (probably the most pervasive security problem there is).

From a corporate perspective, the threat posed by disgruntled/bent employees forgetting/changing a password may be far more serious than that posed by some emails getting read by the wrong person. A GDPR fine may be far less costly than a compliance failure that gets you shut down entirely. Rampant, untraceable insider trading that can't be detected because communications are encrypted point-to-point may be regarded as reckless negligence bordering on active facilitation.

I'm not really disagreeing with your points, just noting that blindly cargo culting "best practices" can be a security threat in itself. That's why encrypted passwords (for example) do not always mean the designer is an idiot. The threat model may dictate that inability to break into someone's systems and communications is the primary threat that the design needs to address[1].

[1] I'm discussing intranets and corporate. Not random TLA snooping on private citizens.

Lysenko

Re: email is so last century

Mailbird isn't too bad. Yes, it has the nasty whiff of Electron about it (I haven't checked if it actually is), but it's usable. On Linux, there's Evolution for those who find ThunderBird disagreeable. The only webmail I use is RoundCube (which runs on one of my own servers).

As for the "bright young things": I thought they all used SnapFarceTwitGram? If you're a narcissistic exhibitionist already, what do you need encrypted communications for? If internet slurp engines can't read and index everything it might be harming your search engine rankings !!! (Hmmm ... business opportunity: SSL/TLS deactivation services marketed as SEO).

Crim-checker IT system update fail has cost UK taxpayer 'MEEELLIONS'

Lysenko

Re: Hmm

It is government wanting this product, it is government allocating the job to who they choose, it is the gov who choose to outsource. In fact its gov all the way down except for the very end point who are selected by the gov to do the job. Hence it is the gov's fault yet again.

Sure, it is government all the down to the point where something is actually (not) achieved. I'm not defending HMG powerpoint ninjas project managers or procurement. They're ultimately responsible for this fiasco.

The difference with an outsourcer vs. direct development staff is the latter are HMG rather than mere suppliers who both have to kowtow to the customer and have a perverse incentive to agree to every bit of scope creep because it means more work and therefore more money.

In-house development teams have no such incentive. There is no concept of a "failed but profitable" project. They are therefore far more focussed on delivering core product, resist scope creep more fiercely and have lines of reporting capable of doing an end run around idiocy from the department specifying the requirements.

The first point is the most important though: there should never be an incentive to agree to extra work or specification changes and the delivery team must have an independent chain of command that can say "no" without worrying about whether that annoys the end user or not.

Lysenko

Re: Hmm

Nationalisation !== outsourcing:

the Home Office contracted Tata to design, build and run a new IT system for the provision of DBS and transition existing services, including the update service, from Capita.

Now, that's not to say that GDS have no skeletons in the closet and I don't work for HMG anymore, but I have yet to see an IT fiasco perpetrated by programmers on the direct civil service payroll that can compare with disasters the private sector (i.e. outsourcers) have orchestrated.

ServiceNow plans non-devs writing non-code for real enterprise apps

Lysenko

Re: Programming is scale invariant

Programming without coding is like arithmetic without numbers. Yes, you can approximate some of the functions with a giant bag of coconuts and arranging them into differently sized piles, but sooner or later you realise that the guys who built Stonehenge were probably more sophisticated than this - and you reinvent numbers.

Lysenko

Discomfort?

And this no-code development capability enables that.”

[Apologies to any developers whose spines just twitched uncomfortably - Ed]

Well, maybe, if you laugh too hard. Yet another delusional fool tries to re-invent the Last One, the only question being whether the result will be tragedy, farce or both.

The blockchain era is here but big biz, like most folk, hasn't a clue what to do with it

Lysenko

Re: Am I the only one who doesn't really have a clue what blockchain is?

I agree with this general comment. I don't see what business problem this technology will solve for me that isn't already solved by something simpler. Can anyone enlighten me from a business perspective?

Certainly. The "blockchain" concept was invented by a secret cabal of contract lawyers who were concerned that increasing amounts of authoritative case law was constraining future litigation growth potential (this is why the "inventor" of Bitcoin is so mysterious btw). By yanking the rug out from under the previous contract model and (crucially) distributing verification, the number of potential litigation targets increases exponentially.

To take a basic example: Dave and Crapillion Corp. have a "smart contract" that ensures he is paid for work done when his side of the deal is fulfilled. This is authorised by the distributed blockchain with different bits under the control of different entities in different jurisdictions.

But!! There is a dispute over whether Dave's work was up to standard ... and Crapillion have called in the receivers for unrelated reasons. Is the cash in Dave's account? Can the receiver get it back? Can Dave enforce payment? The potential litigation surface has expanded beyond all recognition and every case is a test case!! You've invented the legal equivalent of building Salisbury Cathedral - ongoing work you can pass on to your grandchildren ;)

Eggheads: Cities, don't woo rich Amazon with sweetheart HQ deals

Lysenko

Re: How do they get away with it?

It is not socialism, it is the opposite of socialism. Socialism is the practice of collecting funds that are then re-distributed among the population to even wealth and services distribution. The proposed tax cuts are the *exact opposite* of that.

I meant quasi-socialist in the sense that it is the subsidization of a protected class by levying taxation on the rest of the population. The bizarre part is that a multi-billion dollar corporation, owned by a billionaire is the protected class!

I'm still astounded that this is legal. I always assumed that the state would be compelled to treat everyone equally via a combination of Corporate Personhood and the 14th Amendment and even if the first part failed, the rights of the shareholders (of competing companies) would come into play. Presumably, they get away with it using the same sort of arguments they use for "Eminent Domain".

Lysenko

Re: How do they get away with it?

Corporate socialism. We've been doing that since the '90's. It's still very much in fashion. Bill Clinton invented it, Obama perfected it.

My real question was why organisations Amazon competes with who don't get these state subsidies don't sue and win?

If there is no equal treatment provision in this area of US law, that implies that the Government is free to rig any sector by differential taxation. You don't like Apple encryption policies? Impose a huge cellphone tax and then give specific breaks to Android vendors. That sort of thing is legal !?

Lysenko

How do they get away with it?

Surely a state-financed bung like that is essentially "socialism", or at the very least a gross market distortion? I would have expected Amazon competitors to cry foul and demand equal treatment. That's partly why the (Commie, Pinko) EU has "illegal state aid" rules.

I'll torpedo Tor weirdos, US AG storms: Feds have 'already infiltrated' darknet drug souks

Lysenko

Re: Just like Prohibition did for alcohol use! Good luck with that...

It's curious that Republicans who are supposedly anti-government and pro-personal responsibility are so determined to police what people put into their bodies of their own free will in their own time and in the privacy of their homes.

It's perfectly simple: riffing off the Ten Commandments, the function of "authority" (i.e. government) is to impose and enforce restrictions, particularly where "sin" is concerned. On the other hand, the (optional) hippy, socialist stuff about "Love thy neighbour..." refers to personal charity (preferably via Pastor Tammy Lee Snakejuggler) and is not a valid activity for a public body.

That's why the sex acts you engage in are government business (SIN!!!), but the welfare of any resulting children (post-birth) is an entirely private (sector) matter.

Lysenko

Re: Single provider health care

So, fixing up the insane way that health insurance is provided in the US of A would do a lot to assist the authorities to track prescription medications. Yes, this is not very sexy and exciting popular with purchasers of politicians a.k.a. "donors"

FTFY. This is just poodles taking out some competition on behalf of their owners. If people are selling drugs online, whether on Tor or simply from Canada, it is obvious that cash that could be used for vital healthcare priorities like executive bonuses and bribing GPs is being diverted for other purposes. That needs to be stopped.

The real reason US opioid prescription outstrips other countries is that Americans suffer more backache from gazing up in stupefied wonder at the magnificence of every aspect of their incomparably perfected society; particularly their outstandingly responsive and well-stocked pharmacies.

What do you press when flaws in Bluetooth panic buttons are exposed?

Lysenko

Re: Really?

Maybe not - but how about a creepy taxi cab driver who doesn't want someone calling for help?

Such a person grabs a magnetron from an old microwave, plugs it into the cigarette lighter socket (via an inverter if necessary) and relaxes knowing that all 2.4GHz BT channels are jammed solid inside his vehicle (along with several blocks of cellphone spectrum in many cases). You can easily damp down the power to avoid damaging organics while still swamping feeble milliwatt transmitters.

Dodgy parking firms to be denied access to Brit driver database

Lysenko

Re: GDPR

DVLA are a GDPR exempted authority, I'm afraid.

They're not exempt, they just rely on the Road Vehicles (Registration and Licensing) Regulations 2002, R.27 for authority to share such data. How that will shake down in respect of GDPR and potential implicit repeal/amendment will take case law to resolve.

The following quote from the DVLA Head of Data Sharing illustrates this:

"[I] can confirm that appropriate procedures to ensure the same level of assurance [as with the preceding DPA] will be in place to meet the requirements of the new General Data Protection Regulation in May 2018."

...if he was asserting absolute exemption this would be pointlessly mendacious. Given that cash from parking cowboys is fairly trivial compared to overall licensing revenue, they may be calculating that getting some good PR, avoiding tiresome court wrangles and bankrupting parasitic scum is a pretty good overall strategy.

Lysenko

GDPR

As title. I don't recall giving the DVLA permission to share data with "Arthur Daley Parking Ltd." This may be a pre-emptive attempt to grab credit for simply obeying incoming law.

Julian Assange to UK court: Put an end to my unwarranted Ecuadorean couch-surf

Lysenko

Re: If he gets his way...

Not in this case because the UK is not explicitly signatory to the Vienna Convention.

Yes it is and has been since 1964 source.

Since the rest of your points rest on that faulty premise, there isn't really anything else to address besides the fact that it wouldn't be the first time the UK breached international law. In the end, whether a condemnatory statement from the UN SC passes would be a matter for the French.

Lysenko

Re: If he gets his way...

Article 9, which does take precedence because it covers more fundamental issues, including the issue of personae non gratae.

Article 9 just gives the UK the power to demand that Ecuador remove him from the country, which is the outcome they (Ecuador and Assange) are looking for anyway.

You're right that the Convention isn't UK law (few treaties explicitly are), but invoking that loophole puts you on exactly the same thin to non-existent ice as detaining a courier - it's a flagrant breach of international law.

That's an awkward position to be in since you're explicitly asserting that local statutes trump the Convention which means that you're agreeing that Afghan blasphemy law (for example) overrides the immunities of our people in Kabul. You won't get the FO to sign up for that in a month of Sundays. That's why we let the staff of the Libyan Embassy go, even though one of them had demonstrably just murdered a policewoman.

Lysenko

Re: If he gets his way...

I recall there's a different article in the same document that says you have to going on official diplomatic business with no side business involved (as one user put it, "taking the mick").

Citation? The only thing I can think of is Article 37, and that applies to diplomatic agents, not couriers. The relevant provisions for couriers are:

5.The diplomatic courier, who shall be provided with an official document indicating his status

and the number of packages constituting the diplomatic bag, shall be protected by the receiving State in the performance of his functions. He shall enjoy person inviolability and shall not be liable to any form of arrest or detention.

6.The sending State or the mission may designate diplomatic couriers ad hoc. In such cases the

provisions of paragraph 5 of this article shall also apply, except that the immunities therein mentioned

shall cease to apply when such a courier has delivered to the consignee the diplomatic bag in his charge.

Immunity is absolute and continues until the courier reaches his destination (Ecuador, in this case).

The article isn't written that way by accident. The whole point of it is to make clear that even though/if the courier is a wanted criminal according to local law, that cannot be used as an excuse to detain him. This prevents regimes with questionable ethics manufacturing criminal proceedings to interfere with diplomatic traffic. Arguments like "but we're the good guys" and "he's taking the piss" don't hold water.

I'm not defending Assange. Just noting what the treaty provisions are. There is no way around the fact that arresting Assange while acting as an Ecuadorian diplomatic courier would be a lawless act and that is a precedent the FO would ferociously oppose due to the dangers it would pose to future British diplomatic staff.

If you're going to bend the rules because you think someone is "taking the piss" then one day you might find one of your own people being seized for a crime (locally) far more serious than bail jumping - like blasphemy - or being gay.