There are actually philosophical arguments to be made about why blackmail should not be illegal, but the resemblance between this and blackmail is only superficial in any case.
In my opinion, this is more of a white hat operation than black hat.
A true black hat would be getting whatever they could for the bug on the black market (and silently hurting Apple's customers), rather than taking an action that could (a) help Apple help its customers better long-term (even if there is short term pain) and (b) help other security researchers (who also have to eat, after all) by forcefully pointing out Apple's current policy. If Apple changes the policy to a researcher's liking, that researcher could decide to invest time and effort on Apple stuff; otherwise, perhaps the researcher might decide that his efforts are better spent helping other companies that show how much they appreciate the efforts of external researchers.
Or the researcher might just decide that, since Apple has a huge user base and a demonstrated lack of commitment to security, it should be a fertile hunting ground if he wishes to go over to the dark side.
I coach a sports team at a high school. We need to be able to reach parents and students and services like Remind (which we use) help a LOT with this.
And thus shows your bias.
I had girls in high school, and could not get the damn school to stop sending me automated calls for stupid shit. Maybe if they have to pay for each call/text, they will consider them more carefully.
Umm, no. Or yes, only if you define taxes narrowly. Social security takes a huge bite out of the poor, and the highest marginal rate is the poor schmuck who cannot earn another dollar without losing his medicaid benefits.
When China makes everybody behave with an all-encompassing credit score, it's bad.
When Uber kills off all the taxi companies by sheer volume, and then makes everybody behave (except Kalanick, I suppose) it's just good business, right?
Cross-selling was ongoing and implicated the highest levels of management. TCPA violations have been ongoing for some time, and Wells Fargo keeps petitioning the FCC to allow more robocalls. Deposit/check reordering to cause more NSF check bounces wasn't anything but home-grown, either. IOW, nice trolling, WF turd.
Not being manipulated is not at all the same thing as not having feelings.
The Turing Test is not a black and white thing, and AI is getting more capable daily. If you think that no computer will ever be able to tug at your heart strings, then either you are a psychopath (who knows that no humans manage to tug at your heartstrings), or you are the one who will be the fodder for the new overlords, because you will have no clue when their emotional capabilities have managed to sway you.
Sensitivity requires removal of entropy. This has to be done company-by-company, person-by-person, and it may not stick, because entropy is always being added.
Even worse are the carpetbaggers who thrive on misery. When a loved one dies, be as prepared as you can for this sort of thing -- letters commiserating with you at this terrible occasion, and offering to buy your house immediately for cash. Half of these letters will be addressed to the deceased.
In general (at least around here), the carpetbaggers are not breaking any laws, and the most you can do is write to them or call them, and ask "Does your mother know what you do for a living?" Not that that does any good with those illegitimate sons of crack whores, but it might temporarily make you feel better.
The big companies are sometimes somewhat trainable, and I comment Mr. Durdle for attempting to train Paypal. I myself have attempted to train a few companies, such as Netflix. After trying multiple times to get their customer service people to do the right thing, I finally sent an email to their general counsel:
From: Netflix <info@mailer.netflix.com>
To: xxxx@zzzz.com
Subject: xxxx, come back today to more TV shows & movies.
More TV Shows & Movies to Love
A lot has changed since you left. Come back to Netflix and enjoy newly added TV shows & movies. There's something for everyone to enjoy and we're always adding more, including Netflix original series and movies.
(ad copy, buttons, etc.)
From: yyyy <yyyy@zzzz.com>
To: David Hyman <dhyman@netflix.com>
Subject: Re: Fwd: xxxx, come back today to more TV shows & movies.
Dear Mr. Hyman:
It would be great if xxxx would come back. She could watch all the netflix she wanted and I wouldn't mind.
But she's not coming back.
(link to obituary)
I canceled her account two months ago; somehow I managed to explain the situation to one of your people. But that's not good enough; now, in order to get your system to stop sending her email, I either need to provide information I don't have (a credit card number from a bank account which I closed), or I need to get a code so I can log into her netflix account.
This is apparently done in the name of PCI compliance. Like SOX, or ISO-9000, those things done in the name of PCI compliance often don't actually help and may actually harm. E.g. I want to give her privacy, and absolutely do not want to log into her netflix account.
I have fulfilled my responsibilities here; it is up to your company to insure that you stop sending advertising to my dead wife.
It would also be great if you could empower your people enough so that issues like this could be taken care of with a single phone call, but that no longer seems to be the American way.
Thank you for your prompt attention to this matter.
I'm right there with you. Many credit card companies (and certainly Amex in particular) are awesome.
But finding a registered agent and emailing them is not a lot of effort; usually about 5 minutes. (If it's a publicly-held company, I just go straight for the general counsel. His name is easy to find, and his email address is usually easy to find, as well, e.g. on a state bar association website.) And then if the thing ever winds up in a lawsuit or arbitration, you have really good evidence, from your efforts at communicating, that you're the good guy.
So I always consider sending off an email as part (or even just documentation, really) of the half-hearted attempt. As far as keeping products, yeah, that happens sometimes, and that might have happened this time if I didn't happen to have the receipt in my pocket for taking it to the service desk, and no real reason to take it back home with me.
Yeah, but that's not what was going on. LM Sensors indiicated no problems whatsoever, and it wasn't an RPM issue, and was the chassis fan, not the CPU fan.
In any case, I'm much happier with the Lenovo replacement I bought (which didn't have the sticker).
A few years ago I bought a really nice ASUS desktop from Fry's. I scraped off Windows and loaded Linux.
But after a day and a half, the fan got really loud and stayed that way. (Not the CPU fan; it sounded like the chassis fan was rubbing on something.)
So I unplugged everything, hefted the desktop up onto the work table, and.... encountered the sticker.
Rather than opening it up, I took it back to Fry's and told them there was a problem with it. When I entered the store with it, they logged it and gave me a receipt I could use to take it back out of the store when I was finished at the service desk.
At the service desk, I explained that since the sticker disallowed me from opening the computer up, I was contemplating bring it back for a refund, but that even if I kept it, it needed to be quited down. The dude booted it up, and told me that Linux was unsupported, so of course I couldn't bring it back -- I'd already voided the warranty by scraping Windows off.
After a couple of minutes of fruitless conversation with him and his boss, I just left (having proof in my pocket that I had taken the machine in). I got Fry's registered agent's information from the secretary of state, and emailed them, explaining that, if I needed to, I would explain to the credit card company that I returned the machine at the store since it was malfunctioning, and then they could sue me in small claims court for whatever damage they claim I did to it. They caved and issued a full refund after a couple of weeks.
Slashdot Mirror
Or grits?
Where am I?
There are actually philosophical arguments to be made about why blackmail should not be illegal, but the resemblance between this and blackmail is only superficial in any case.
Nobody forced those users to choose Apple.
Quite the contrary -- if a flaw exists, someone else is probably already exploiting it.
A true black hat would be getting whatever they could for the bug on the black market (and silently hurting Apple's customers), rather than taking an action that could (a) help Apple help its customers better long-term (even if there is short term pain) and (b) help other security researchers (who also have to eat, after all) by forcefully pointing out Apple's current policy. If Apple changes the policy to a researcher's liking, that researcher could decide to invest time and effort on Apple stuff; otherwise, perhaps the researcher might decide that his efforts are better spent helping other companies that show how much they appreciate the efforts of external researchers.
Or the researcher might just decide that, since Apple has a huge user base and a demonstrated lack of commitment to security, it should be a fertile hunting ground if he wishes to go over to the dark side.
And thus shows your bias.
I had girls in high school, and could not get the damn school to stop sending me automated calls for stupid shit. Maybe if they have to pay for each call/text, they will consider them more carefully.
Someone should set up a go-fund-me to get more tablets. Maybe those people who helped that homeless guy -- they have a proven track record.
Physics!
Who knew?
Yeah. Pretty ineffective.
Umm, no. Or yes, only if you define taxes narrowly. Social security takes a huge bite out of the poor, and the highest marginal rate is the poor schmuck who cannot earn another dollar without losing his medicaid benefits.
https://xkcd.com/937/
When Uber kills off all the taxi companies by sheer volume, and then makes everybody behave (except Kalanick, I suppose) it's just good business, right?
Yes, it's incidental to the discussion.
No, the trolls shouldn't be allowed to get away with those bullshit representations.
Is that really a canard, or is it true for most who aren't psychopaths or sociopaths?
Cross-selling was ongoing and implicated the highest levels of management. TCPA violations have been ongoing for some time, and Wells Fargo keeps petitioning the FCC to allow more robocalls. Deposit/check reordering to cause more NSF check bounces wasn't anything but home-grown, either. IOW, nice trolling, WF turd.
The Turing Test is not a black and white thing, and AI is getting more capable daily. If you think that no computer will ever be able to tug at your heart strings, then either you are a psychopath (who knows that no humans manage to tug at your heartstrings), or you are the one who will be the fodder for the new overlords, because you will have no clue when their emotional capabilities have managed to sway you.
Or maybe it's a good test for psychopathy and you'd fail.
After all, look at the target market.
Even worse are the carpetbaggers who thrive on misery. When a loved one dies, be as prepared as you can for this sort of thing -- letters commiserating with you at this terrible occasion, and offering to buy your house immediately for cash. Half of these letters will be addressed to the deceased.
In general (at least around here), the carpetbaggers are not breaking any laws, and the most you can do is write to them or call them, and ask "Does your mother know what you do for a living?" Not that that does any good with those illegitimate sons of crack whores, but it might temporarily make you feel better.
The big companies are sometimes somewhat trainable, and I comment Mr. Durdle for attempting to train Paypal. I myself have attempted to train a few companies, such as Netflix. After trying multiple times to get their customer service people to do the right thing, I finally sent an email to their general counsel:
From: Netflix <info@mailer.netflix.com>
To: xxxx@zzzz.com
Subject: xxxx, come back today to more TV shows & movies.
More TV Shows & Movies to Love
A lot has changed since you left. Come back to Netflix and enjoy newly added TV shows & movies. There's something for everyone to enjoy and we're always adding more, including Netflix original series and movies.
(ad copy, buttons, etc.)
From: yyyy <yyyy@zzzz.com>
To: David Hyman <dhyman@netflix.com>
Subject: Re: Fwd: xxxx, come back today to more TV shows & movies.
Dear Mr. Hyman:
It would be great if xxxx would come back. She could watch all the netflix she wanted and I wouldn't mind.
But she's not coming back.
(link to obituary)
I canceled her account two months ago; somehow I managed to explain the situation to one of your people. But that's not good enough; now, in order to get your system to stop sending her email, I either need to provide information I don't have (a credit card number from a bank account which I closed), or I need to get a code so I can log into her netflix account.
This is apparently done in the name of PCI compliance. Like SOX, or ISO-9000, those things done in the name of PCI compliance often don't actually help and may actually harm. E.g. I want to give her privacy, and absolutely do not want to log into her netflix account.
I have fulfilled my responsibilities here; it is up to your company to insure that you stop sending advertising to my dead wife.
It would also be great if you could empower your people enough so that issues like this could be taken care of with a single phone call, but that no longer seems to be the American way.
Thank you for your prompt attention to this matter.
Best regards,
yyyy
Obviously they want to keep their bandwidth costs low. Yeah, they make lots of money, but margins could easily evaporate in a bad regulatory climate.
But their large financial stake in this (and their other well-known issues) don't make them wrong in this.
But finding a registered agent and emailing them is not a lot of effort; usually about 5 minutes. (If it's a publicly-held company, I just go straight for the general counsel. His name is easy to find, and his email address is usually easy to find, as well, e.g. on a state bar association website.) And then if the thing ever winds up in a lawsuit or arbitration, you have really good evidence, from your efforts at communicating, that you're the good guy.
So I always consider sending off an email as part (or even just documentation, really) of the half-hearted attempt. As far as keeping products, yeah, that happens sometimes, and that might have happened this time if I didn't happen to have the receipt in my pocket for taking it to the service desk, and no real reason to take it back home with me.
Is that you, Mr. Gates? Great! Maybe you can use Bing tell me where in my town I can buy a computer that doesn't have your crap pre-installed!
In any case, I'm much happier with the Lenovo replacement I bought (which didn't have the sticker).
But after a day and a half, the fan got really loud and stayed that way. (Not the CPU fan; it sounded like the chassis fan was rubbing on something.)
So I unplugged everything, hefted the desktop up onto the work table, and.... encountered the sticker.
Rather than opening it up, I took it back to Fry's and told them there was a problem with it. When I entered the store with it, they logged it and gave me a receipt I could use to take it back out of the store when I was finished at the service desk.
At the service desk, I explained that since the sticker disallowed me from opening the computer up, I was contemplating bring it back for a refund, but that even if I kept it, it needed to be quited down. The dude booted it up, and told me that Linux was unsupported, so of course I couldn't bring it back -- I'd already voided the warranty by scraping Windows off.
After a couple of minutes of fruitless conversation with him and his boss, I just left (having proof in my pocket that I had taken the machine in). I got Fry's registered agent's information from the secretary of state, and emailed them, explaining that, if I needed to, I would explain to the credit card company that I returned the machine at the store since it was malfunctioning, and then they could sue me in small claims court for whatever damage they claim I did to it. They caved and issued a full refund after a couple of weeks.
What you say would be true if "floating point gate arrays" were a thing.