nkw | 8 years ago | on: Savitech USB audio drivers install a new root CA certificate
Some parts of the law are easier to appreciate if one considers vagueness and ambiguity can be features instead of bugs.
nkw's comments
nkw | 8 years ago | on: Savitech USB audio drivers install a new root CA certificate
"Whoever [...] knowingly causes the transmission of a program, information, code, or command, and as a result of such conduct, intentionally causes damage without authorization, to a protected computer [...] shall be punished as provided in subsection (c) of this section."
"[T]he term 'protected computer' means a computer [...] which is used in or affecting interstate or foreign commerce or communication, including a computer located outside the United States that is used in a manner that affects interstate or foreign commerce or communication of the United States"
"[T]he term 'damage' means any impairment to the integrity or availability of data, a program, a system, or information"
nkw | 8 years ago | on: What Do IBM Mainframe Computers Look Like Today?
This reads like an Enron financial statement. I wouldn't at all be surprised if this is the unintelligible gobbledygook that IBM actually uses to sell their stuff. Between stuff like this and "Watson curing cancer", I continue to be amazed IBM still exists, but the IBM name and reputation will likely allow them to float along for quite a bit longer. Just a few weeks ago I was speaking with a relative about their employer -- a large Fortune top 10 company -- buying into some IBM Watson b.s. because their CTO was an "IBM guy". It is really amazing.
nkw | 8 years ago | on: Cloud Firestore: A New Document Database for Apps
This is great. I had a feeling something like this was coming given most firebase people were pretty open about what the shortcomings of the Realtime DB were and AngularFire received some much needed attention to its database API last week.
That said, I really hope there are plans for some full text search ability beyond the current suggestions[1]. I would very much like to ditch Elasticsearch in favor of db engine provided search. Even a small subset of the Elasticsearch/Solr feature set (similar to the full text search capability now available for Postgres[2]) would be a very welcome addition.
[1] https://firebase.google.com/docs/firestore/solutions/search [2] https://www.postgresql.org/docs/9.5/static/textsearch.html
nkw | 8 years ago | on: W3C abandons consensus, standardizes DRM, EFF resigns
>Media companies couldn't give any less fucks about the web. They can go 100 years without publishing on the web, since they have other revenue paths that they're perfectly happy with.
LOL. With what? Their paper? Their DVDs? Their CDs? Their cable channel subscribers?
nkw | 8 years ago | on: Stop Buying Things and Start Borrowing Them
> But members break the tools all the time and don't take responsibility for it. Even though there are cameras and people have to swipe their card at the door it still happens.
>I think one reason sharing is not as common is because people are jerks.
I agree with this. I visited a local maker space a number of people raved about (and still do) online. They did have a number of tools which I probably would not otherwise acquire (for instance laser cutters, etc.) either because of cost, space, or rarity of need, and I thought it would be neat to have a community of other similar minded people, however I found myself really turned off by the way the place and tools were kept up. Maybe I'm too fastidious when it comes to tools, but I found the tools weren't really kept clean, stuff was scattered about, unorganized, and ultimately I thought an untidy hodgepodge of mid-tier tools that weren't really well cared for by their users.
It is too bad, I think it is a good concept and I've seen youtube videos of what appear to be nice operations with hobbyists that are a bit more 'professional'. (I guess that could be somewhat of a contradiction..).
nkw | 8 years ago | on: Former Silicon Valley CEO Indicted for Allegedly Defrauding Employees of StartUp
18 USC 1343, 18 USC 1001, and/or 15 USC 78j(b)?
nkw | 8 years ago | on: iMac Pro
> A Pro machine with external monitors can't force an upgrade the same way as an all-in-one machine.
Trashcan MacPro user here. I would have happily purchased a new one with Thunderbolt 3 and an semi-up-to-date Nvidia card (OR external GPU support), if they had actually updated the Pro when Thunderbolt 3 became a thing. Instead they just let it die.
nkw | 8 years ago | on: iMac Pro
This is getting to the point that honestly I would rather just pay Apple for a license to OS X and buy the hardware I want. I'm sure I am in the minority, but I would shell out $600+ to legally use OS X on a Hackintosh with worrying about updates breaking the setup. I own a trashcan MacPro and Macbook Pro and just want to be able to do development on a desktop with a decent Nvidia graphics card and a laptop with at least 32G of ram.
nkw | 8 years ago | on: Why Criminals Target Patient Data
>"For example, HIPAA regulations require PHI to be encrypted in transit and at rest"
Really? What about all those records faxed back and forth between health care providers.
>"Lastly, how exactly is patient data a virtual gold mine"
Take an antidepressant? Have an STD? Abortion? Treated by a psychiatrist? I would imagine a lot of people would pay a bitcoin or two not to have those issues become public.
nkw | 9 years ago | on: Why isn't there a Google for the law?
Interesting. I have never been able to put my finger on if the resistance to opening pacer comes from the judiciary itself (judges fearing public scrutiny of the entire corpus of court filings) vs the Admin Office / IT wanting to maintain what is essentially a court-tech slush fund. Probably the reality is a little bit of both. I think the only way it gets fixed is with congressional action, so not holding my breath.
nkw | 9 years ago | on: Why isn't there a Google for the law?
> pushing to open Pacer (meeting with the federal judiciary and offering to just pay the revenue they make)
Wait what? You offered to pay the ~$145M/year they bring in for access fees in return for an open access PACER system? Was this offer just made to the PACER people or was it brought to the attention of the Judicial Conference?
nkw | 9 years ago | on: Ask HN: Password manager recommendation?
I'm a fan of 1Password and use it on desktop (mac/win) and mobile (ios/Android), mandate it for some of our employees, and recommend it to family and friends. I am however not a fan of their push into to 1Password for clouds/teams/families/whatever. I demoed it and thought it was a vastly increased cost for marginal additional functionality compared to buying licenses. Worse is they appear to be devoting resources to the 'cloud' product while features of the stand alone software are put on the back burner. Could be a great business move from them. Who doesn't love MRR? (Well, besides customers). I still use and recommend it when the opportunity arises, but their new direction worries me.
nkw | 9 years ago | on: The User Experience of Mobile Phone Numbers
> But his premise of a DNS for phone numbers is ridiculous.
nkw | 9 years ago | on: One More Sign World Is Shrinking – eBay Is for Suckers
RE: a class action suit
See: http://pages.ebay.com/help/policies/user-agreement.html
"You and eBay each agree that any and all disputes or claims that have arisen, or may arise, between you and eBay relating in any way to or arising out of this or previous versions of the User Agreement, your use of or access to eBay's Services, or any products or services sold, offered, or purchased through eBay's Services shall be resolved exclusively through final and binding arbitration, rather than in court. Alternatively, you may assert your claims in small claims court, if your claims qualify and so long as the matter remains in such court and advances only on an individual (non-class, non-representative) basis."
[...]
"Prohibition of Class and Representative Actions and Non-Individualized Relief YOU AND EBAY AGREE THAT EACH OF US MAY BRING CLAIMS AGAINST THE OTHER ONLY ON AN INDIVIDUAL BASIS AND NOT AS A PLAINTIFF OR CLASS MEMBER IN ANY PURPORTED CLASS, OR REPRESENTATIVE OR PRIVATE ATTORNEY GENERAL ACTION OR PROCEEDING. UNLESS BOTH YOU AND EBAY AGREE OTHERWISE, THE ARBITRATOR MAY NOT CONSOLIDATE OR JOIN MORE THAN ONE PERSON'S OR PARTY'S CLAIMS, AND MAY NOT OTHERWISE PRESIDE OVER ANY FORM OF A CONSOLIDATED, REPRESENTATIVE, CLASS, OR PRIVATE ATTORNEY GENERAL ACTION OR PROCEEDING. ALSO, THE ARBITRATOR MAY AWARD RELIEF (INCLUDING MONETARY, INJUNCTIVE, AND DECLARATORY RELIEF) ONLY IN FAVOR OF THE INDIVIDUAL PARTY SEEKING RELIEF AND ONLY TO THE EXTENT NECESSARY TO PROVIDE RELIEF NECESSITATED BY THAT PARTY'S INDIVIDUAL CLAIM(S). ANY RELIEF AWARDED CANNOT AFFECT OTHER USERS."
nkw | 9 years ago | on: Slack Calls: Now with video
Probably a wide band or at least mid-band codec. One thing I learned working with VOIP is people perceive quality based on what they have been using recently, which for most people is the absolutely horribly stepped on audio of skype, cheap voip, or the cellphone network. Carriers have pretty much let their baseline audio quality go to \\\\ because no one cares anymore. (Remember the Sprint pin-drop campaign?) Now, when you give somebody a wide band high quality audio connection they are blown away.
nkw | 9 years ago | on: A Backdoor in Skype for Mac OS X
Here is a recent article discussing the DEA doing this:
https://www.washingtonpost.com/news/powerpost/wp/2016/09/30/...
$600k to a particular airline employee, $1 million for a single parcel worker (this was over a few years).
Also there is the various NSA efforts to insert people into the encryption standards process, as well as use cooperative sources within companies to insert vulnerabilities in the commercial encryption systems:
http://www.nytimes.com/interactive/2013/09/05/us/documents-r...
Also the FBI/Yahoo email program was apparently done by just the CEO, a lawyer, and a few members of the email team. The security team wasn't informed, nor the board.
https://www.theguardian.com/technology/2016/oct/04/yahoo-sec...
nkw | 9 years ago | on: A Backdoor in Skype for Mac OS X
Big corporations are, by definition, large complex organizations. There is legal, executive management, developers, ops, etc. Hypothesizing about their actions as a singular entity can over simplify things. I don't know about the specifics in the article, but as a general rule there are a number instances where an intelligence agency may approach only a developer, an ops person, or someone in legal to obtain what they want instead of showing up and serving the corporate entity with a NSL. Saying the organization as a whole could provide data exfiltration much more efficiently by other means, does not rule out the possibility that other techniques could be used instead for various non-technical reasons.
nkw | 9 years ago | on: Proposed server purchase for GitLab.com
> I basically know every DC in Frankfurt, so if you need any help or info in that regard feel free to contact me :-)
I (and others I bet) would be interested in a quick summary of the options (and your opinions of them) for facilities in Frankfurt.
nkw | 9 years ago | on: Using the 2016 MacBook Pro as a development machine
> Once I change the laptop, maybe I should look at an android phone?
FWIW, I run a MacPro, MacBookPro, family has iPhones/iPads, office runs on iMacs/MacBookPros. Owned every iPhone generation since the first, and I switched to a Pixel XL last week. My experience has been very pleasant.
It probably doesn't hurt that software/services wise I'm much deeper into Google's ecosystem than Apple's. I don't find Siri useful, iCloud is a mess that I only have for holding phone backups and a @mac.com email address I never use. I pay for G Suite, Google Music and Dropbox rather than the equivalent Apple services, so maybe it was a little easier than it would be for others.
I haven't decided where to go after my mid-2015 MBP is to be replaced. I hope there are better options by then.