Josh in CharlotteNC (profile), 11 Jun 2013 @ 12:11pm
Who has access
Who has access to stuff? I'm currently working on a project to audit and secure access to thousands of servers at the bank I work for. What I find daily is frightening.
"No, this developer doesn't need root access to a group of servers that controls some business critical production application. He should only have access to the develoment environment."
"No, these three application support guys do not need to be able to access a few hundred servers - the app they support is only on this dozen over here."
"No, this DBA doesn't need to be able to do anything he wants to every Oracle database in the domain. He only runs this database over there."
Every organization I've worked with has the same problems. Of course the government is the same way - if not worse. Proper access control takes time, planning, effort, and money. In a business context, people don't want to pay for that, and don't want to deal with the hassle of figuring out and investigating what really is needed, and its always a fight to take away access that someone already has even if they don't need it. In a government context, I'll bet its more about just getting things to work, and then fights about who gets control over this bit of turf. So much of the monitoring infrastructure we're talking about was thrown together quickly, down by multiple contractors, and if my experience in the private sector is similar - competing, conflicting, and changing requirements. Not an ideal situation for proper controls to be put in place.
My point was that "violent overthrow of the US government" is not a sane option. We are still a democracy (or more accurately a republic), so political discourse and persuasion against this type of encroachment on our freedoms are more achievable goals.
Josh in CharlotteNC (profile), 10 Jun 2013 @ 12:41pm
In other words
The way I read his comments can be summed up as:
"We authorized this, but deliberately kept ourselves ignorant of the details, so that if it became public, we can act outraged and keep our cushy positions of power."
Josh in CharlotteNC (profile), 10 Jun 2013 @ 12:37pm
One problem. All of the documents and information being widely reported in the press is still classified (under the theory believed by two-year-olds that also covers that when you put your hands over your eyes, you're invisible). So expect every objections that the documents cannot be used.
Josh in CharlotteNC (profile), 10 Jun 2013 @ 11:00am
Re:
As much as I hate crime, I hate lynch-mobs and anonymous crowd justice even more. For 1 person who might be guilty, 9 innocent people might not be. Everyone deserves due process and assumption of innocents.
I'm not a fan of lynch mobs of any sort, because they tend to react emotionally and are prone to go much farther than a reasoned protest. But they tell us something important: they happen when there is a difference between how the law functions and what a significant portion of society thinks the laws should be. The mobs are not always right - but they are an indicator that there is injustice present - it may be the people being mobbed suffering, or it may be because of some other injustice.
Josh in CharlotteNC (profile), 10 Jun 2013 @ 6:48am
Re:
The government has all the tanks, missiles, fighter jets, etc. Even if you're well-armed in the eyes of 2nd amendment advocates, your local national guard unit or medium sized police force has you well outmanned and outgunned. Fighting force on force isn't an achieveable option.
Josh in CharlotteNC (profile), 5 Jun 2013 @ 6:44am
"and most U.S. homes have routers that can't support the speed already available to the home."
Hold on. There's two ways to interpret this. One is absolutely wrong, the other is intentionally misleading.
First, if he's talking about the additional router or wireless router most people have to connect multiple devices, he's flat out wrong. The ones that aren't gigabit have 100Mb/s ethernet ports. As far as wireless, even if they're the old 802.11a/b spec, they can handle 54Mbit/s. And since the average broadband speed (either by what they're paying for, or what is actually delivered) is lower than that, he's flat out wrong. As far as the 105MBit/s down that Comcast offers in some locations, well, few people see that rate in reality, so no, it's still not "available" in their homes.
Alternatively, he might be referring to the router functionality built into most cable modems. The problem with that is that he's the guy writing for the company that supplied most of them. Sure, people can buy their own cable modems, but the average user (not most Techdirt readers) doesn't. Last I looked, Comcast was the biggest cable operator, so they're the one that likely supplied the most.
While you're right in one respect - that only applies to software that includes license terms forbidding you from reselling it. Software that does not include that term is still perfectly legal to resell. (And frankly, even when it includes it, is effectively unenforceable anyway.)
Josh in CharlotteNC (profile), 4 Jun 2013 @ 6:47am
Re: Re:
And will that extra data about who you're related to and what diseases you're more likely to get come in handy at solving any crimes? No.
Incorrect. Identifying close blood relatives can be very useful when solving crimes.
Seeing as they have cops take finger prints of children when they're in elementary school for helping to solve future crimes, I don't see how DNA is much different.
That is not why most parents have their children finger printed. They do it to that if the child is lost or abducted, or if there is a dispute over who's child it is, they can be identified correctly.
Josh in CharlotteNC (profile), 3 Jun 2013 @ 7:42am
Re: Re: Re:
Recording phone conversations between two parties, neither of which knows the conversation is being recorded, is generally forbidden for very good reasons (privacy and confidentiality).
While that is true in general, it does not apply in this case. There were 3 parties on this call - the 2 GMs, plus the pranksters. And making it illegal or forbidden to record *your own* phone call (whether or not the other party(ies) know it is being recorded) is all sorts of problematic.
Josh in CharlotteNC (profile), 24 May 2013 @ 9:55am
Re:
I've been trying to come up with something that doesn't make me look like an insensitive jerk, but am utterly failing.
(Here's proof that you have to be brain damaged to agree with Prenda.) Argh. That's just as bad.
Actually, now that I think of it, and remember Mr. Nazaire, is there something to be said for Prenda (Steele, Hansmeier, Duffy) intentionally hiring local lawyers that are easy scapegoats when something goes bad?
Josh in CharlotteNC (profile), 20 May 2013 @ 2:59pm
Re: Re: Re:
that the registar knows is criminal,
Do you have a plausible way for the registrar to determine that in advance of the site existing? Something that doesn't involve time-travel, perhaps?
"the Pirate Bay" is just a name. Are you arguing that simply having a domain name that includes words that might indicate referral to a previously criminal action is in and of itself illegal? Are you implying that if Bernie Madhoff writes a book, he can't register berniemadhoffponzischeme.com to promote it, because it might refer to something illegal?
Josh in CharlotteNC (profile), 20 May 2013 @ 2:44pm
Re:
Why don't you ever mention the millions and millions of valid takedown notices that reflect a pirate getting nothing but a slap on the wrist.
Why do you continue to willfully ignore the thousands of abusive DMCA notices that reflect abusive lawyers causing damage to free speech rights and not even getting a slap on the wrist? If you really support the rule of law, the huge numbers of these abuses should interest you. Yet, you turn a blind eye to them. Don't keep spreading FUD, as you're really bad at it and it is as transparent as glass. Just keep trolling and evading questions, cause we all know how useless you really are.
Josh in CharlotteNC (profile), 20 May 2013 @ 12:42pm
Re: Re: Re: Re: Re: Re: Re: Re: Re:
So in general, transparency is a good thing, except when it's too hard. That sure sounds like an ideal to strive to. /s
So if the text is public, I think it would have been a good thing for Mike to post it. But instead of adding something useful to the discussion, such as the text in question or a link to it, all you're doing is complaining that Mike didn't include it. Why don't you put forth an opinion and support it with evidence instead of just whining?
On the post: Perhaps The NSA Should Figure Out How To Keep Its Own Stuff Secret Before Building A Giant Database
Who has access
"No, this developer doesn't need root access to a group of servers that controls some business critical production application. He should only have access to the develoment environment."
"No, these three application support guys do not need to be able to access a few hundred servers - the app they support is only on this dozen over here."
"No, this DBA doesn't need to be able to do anything he wants to every Oracle database in the domain. He only runs this database over there."
Every organization I've worked with has the same problems. Of course the government is the same way - if not worse. Proper access control takes time, planning, effort, and money. In a business context, people don't want to pay for that, and don't want to deal with the hassle of figuring out and investigating what really is needed, and its always a fight to take away access that someone already has even if they don't need it. In a government context, I'll bet its more about just getting things to work, and then fights about who gets control over this bit of turf. So much of the monitoring infrastructure we're talking about was thrown together quickly, down by multiple contractors, and if my experience in the private sector is similar - competing, conflicting, and changing requirements. Not an ideal situation for proper controls to be put in place.
On the post: The Real Scandal: Not That The NSA Broke The Law In Vast Spying, But That It Probably Didn't
Re: Re: Re:
However, unless you've got more than 2.3 million friends ready for a violent overthrow of the government, the active and reserve military outnumbers you. https://en.wikipedia.org/wiki/List_of_countries_by_number_of_military_and_paramilitary_personnel
My point was that "violent overthrow of the US government" is not a sane option. We are still a democracy (or more accurately a republic), so political discourse and persuasion against this type of encroachment on our freedoms are more achievable goals.
On the post: Author Of The Patriot Act Says NSA Surveillance Is An Abuse And Must End
In other words
"We authorized this, but deliberately kept ourselves ignorant of the details, so that if it became public, we can act outraged and keep our cushy positions of power."
On the post: Remember When Supreme Court Rejected Review Of FISA Amendments Act, Because It Was 'Too Speculative' That Plaintiffs Were Being Monitored?
On the post: Anonymous Participant Who Drew Attention To Steubenville Rape May Face More Years In Jail Than Rapists
Re:
I'm not a fan of lynch mobs of any sort, because they tend to react emotionally and are prone to go much farther than a reasoned protest. But they tell us something important: they happen when there is a difference between how the law functions and what a significant portion of society thinks the laws should be. The mobs are not always right - but they are an indicator that there is injustice present - it may be the people being mobbed suffering, or it may be because of some other injustice.
On the post: The Real Scandal: Not That The NSA Broke The Law In Vast Spying, But That It Probably Didn't
Re:
On the post: White House Also Releases Report On Patent Problems
Re: Re: Re: Re: Re:
Mike supports trademark laws that allows a company to prevent competitors from confusing the public as to who the maker of particular products are.
If you want to lump vastly disparate laws under the heading of IP, well, I can play that game, too. Your move, sparky.
On the post: Comcast's Top Lobbyist Pens Editorial To Remind Americans That US Broadband Service Is Awesome
Hold on. There's two ways to interpret this. One is absolutely wrong, the other is intentionally misleading.
First, if he's talking about the additional router or wireless router most people have to connect multiple devices, he's flat out wrong. The ones that aren't gigabit have 100Mb/s ethernet ports. As far as wireless, even if they're the old 802.11a/b spec, they can handle 54Mbit/s. And since the average broadband speed (either by what they're paying for, or what is actually delivered) is lower than that, he's flat out wrong. As far as the 105MBit/s down that Comcast offers in some locations, well, few people see that rate in reality, so no, it's still not "available" in their homes.
Alternatively, he might be referring to the router functionality built into most cable modems. The problem with that is that he's the guy writing for the company that supplied most of them. Sure, people can buy their own cable modems, but the average user (not most Techdirt readers) doesn't. Last I looked, Comcast was the biggest cable operator, so they're the one that likely supplied the most.
On the post: Microsoft's Attack On Used Game Sales Asks Customers To Sacrifice Their Rights To Save An Industry
Re: Re: Re: Re:
I'm guesing you're referring to the Vernor/Autodesk ruling.
http://www.techdirt.com/articles/20100912/12212110968.shtml
While you're right in one respect - that only applies to software that includes license terms forbidding you from reselling it. Software that does not include that term is still perfectly legal to resell. (And frankly, even when it includes it, is effectively unenforceable anyway.)
On the post: June 4th: The Struggle Of Memory Against Forgetting
Winston Smith
On the post: Horrifying Supreme Court Ruling Lets Police Collect DNA Because You Might Just Be A Horrible Criminal
Re:
On the post: Horrifying Supreme Court Ruling Lets Police Collect DNA Because You Might Just Be A Horrible Criminal
Re: Re:
Incorrect. Identifying close blood relatives can be very useful when solving crimes.
Seeing as they have cops take finger prints of children when they're in elementary school for helping to solve future crimes, I don't see how DNA is much different.
That is not why most parents have their children finger printed. They do it to that if the child is lost or abducted, or if there is a dispute over who's child it is, they can be identified correctly.
On the post: Prank Resulting In 2 NFL GMs Talking To Each Other Results In Up To 5 Years Of Prison, $500k Fine
Re: Re: Re:
While that is true in general, it does not apply in this case. There were 3 parties on this call - the 2 GMs, plus the pranksters. And making it illegal or forbidden to record *your own* phone call (whether or not the other party(ies) know it is being recorded) is all sorts of problematic.
On the post: Ex-Prenda Lawyer Brett Gibbs Pleads Poverty To Judge Wright
Re:
(Here's proof that you have to be brain damaged to agree with Prenda.) Argh. That's just as bad.
Actually, now that I think of it, and remember Mr. Nazaire, is there something to be said for Prenda (Steele, Hansmeier, Duffy) intentionally hiring local lawyers that are easy scapegoats when something goes bad?
On the post: Reporters Find Exposed Personal Data Via Google, Threatened With CFAA Charges
Re: Pure Half-Assed CYA ...
"Typical usage of GNU Wget consists of invoking it from the command line"
We all know that anyone using the command line instead of a GUI is a dirty hacker.
/s
On the post: Trade Group Representing Many Large Companies Claims That Exceptions For The Blind Would 'Cast Aside' Copyright
Re: Re: Re:
There's a few sayings about heat and kitchens and cooking implements and their colors that would fit as a reply.
Hilarious. You're remarkably thin-skinned when the first thing you do in nearly every story is to attack the author with a slew of personal attacks.
Hypocrisy, can you spell it? Even in your complaint about being attacked personally, you find the time to throw some insults in Mike's direction.
On the post: Swedish Prosecutor Claims Registrar Of .se Domains An 'Accomplice' In Infringement Because Of Pirate Bay Domain
Re: Re: Re:
Do you have a plausible way for the registrar to determine that in advance of the site existing? Something that doesn't involve time-travel, perhaps?
"the Pirate Bay" is just a name. Are you arguing that simply having a domain name that includes words that might indicate referral to a previously criminal action is in and of itself illegal? Are you implying that if Bernie Madhoff writes a book, he can't register berniemadhoffponzischeme.com to promote it, because it might refer to something illegal?
Two words:
Prior Restraint
On the post: Major Hollywood Studios All Sent Bogus DMCA Takedowns Concerning The Pirate Bay Documentary
Re: Re: Re:
On the post: Major Hollywood Studios All Sent Bogus DMCA Takedowns Concerning The Pirate Bay Documentary
Re:
Why do you continue to willfully ignore the thousands of abusive DMCA notices that reflect abusive lawyers causing damage to free speech rights and not even getting a slap on the wrist? If you really support the rule of law, the huge numbers of these abuses should interest you. Yet, you turn a blind eye to them. Don't keep spreading FUD, as you're really bad at it and it is as transparent as glass. Just keep trolling and evading questions, cause we all know how useless you really are.
On the post: Trade Group Representing Many Large Companies Claims That Exceptions For The Blind Would 'Cast Aside' Copyright
Re: Re: Re: Re: Re: Re: Re: Re: Re:
So if the text is public, I think it would have been a good thing for Mike to post it. But instead of adding something useful to the discussion, such as the text in question or a link to it, all you're doing is complaining that Mike didn't include it. Why don't you put forth an opinion and support it with evidence instead of just whining?
Next >>