Slashdot Mirror


User: mysidia

mysidia's activity in the archive.

Stories
0
Comments
13,354
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 13,354

  1. Re:Meh on Seattle Bar Owner Bans Google Glass, In Advance · · Score: 1

    In Norway you cannot publish photo/ video of people in the public when they are clearly identifiable. Any person in said photo/ video can ask for its removal.

    It's actually a nice idea to favor privacy so much, but Norway's approach is extreme.

    There should be cases where you can publish a video against the will of someone in it when (1) they knowingly participated in its recording [otherwise, they might just object to it -- because they after the fact decided they wanted to renegotiate their payment for participating], or (2) their presence in the video actually has journalistic value or meaningful speech value, and isn't just there to personally embarrass or harass the subject; those portions of the video should be allowed -- otherwise, politicians or other public officials such as police officers, could squelch free speech.

    So other countries are more reasonable than Norway

  2. Re:Meh on Seattle Bar Owner Bans Google Glass, In Advance · · Score: 1

    If the sign says it's for customer safety, and you leak an embarrassing video of your customer, you'll have a good case for a law suit.

    The signs usually just say there is video surveillance, without specifying a reason, or what the footage might be used for. Even if they did, the argument that there is an implied contract about the use of surveillance content, would be a very weak one.

    Companies and governments alike frequently use a pretext to justify something, all the time -- the patriot act was meant to help bring terrorists to justice; that doesn't mean law enforcement won't be using the new warrantless wiretap and similar powers to catch a greater number of petty criminals more efficiently, and assist the RIAA.

    It would be a very big stretch of the imagination to suggest such a sign is a "contract" or guarantee about how it will be used, once gathered. Companies are not known for posting privacy policies, or privacy agreements in public, even though that becomes more common online.

    There could be a case for a lawsuit, just like there could be, if someone on the street filmed you, and released an embarrassing video.

    So long as there is no journalistic value in the video, and you can prove that actual financial damages were incurred, there would be a complaint you could make.

    (It doesn't mean you will be successful)

    You can sue over an embarrasing video someone posted. You can contact online video sharing sites, with cease and decist letters, demanding they remove video; as long as you can afford the lawyers.

    The problem, of course, is that these actions can draw more attention to the embarrasing video online -- the lawsuit may lead to broader consumption of the content complained about.

  3. Re:Meh on Seattle Bar Owner Bans Google Glass, In Advance · · Score: 1

    I enter into an implied contract with the property owner, and not with the other customers.

    The sign isn't a contract; it's a warning/alert/notice.

    What's implied is consent to surveillance, by remaining in the area where such a sign has been posted. Provided the sign is posted prominently.

    Granted, someone who cannot read the sign, because they are blind or illiterate has consented to nothing.

    The property owner/manager responsible for the surveillance, might or might not be the same organization that runs the business operating at that location, and might or might not be beholden to protect the privacy of people at the place of public accomodation.

  4. Re:Meh on Seattle Bar Owner Bans Google Glass, In Advance · · Score: 1

    The owner may not be able to arrest you, but he can sure as hell kick you out and ban you from ever entering again.

    He can order you to leave, and use lawful means to encourage you to leave. If he threatens to touch you, then he has committed a crime (assault). If he actually touches you in an unlawful physical way such as "kicking you", "grabbing you", "shoving you", or "hitting you", then he has committed a crime (battery).

    If he lawfully orders you to leave, and you refuse to leave, then he may summon the police to have you removed.

    If you come back in again, he really can have you arrested and hauled off for trespassing by actual cops.

    Probably not. He would need to be able to demonstrate at that later time that you had no express, legal, or implied authorization to enter and remain on the property.

    There are a number of ways you could obtain that; one of those, would be calling in, at a later date, and making arrangements on the phone to conduct some sort of business, or come by to pay an outstanding bill. It is likely that you would be able to in fact, obtain explicit authorization from whoever was answering the phone.

    In any case, if he attempted to have you arrested, this could result in you suing and collecting damages.

  5. Re:Meh on Seattle Bar Owner Bans Google Glass, In Advance · · Score: 3, Insightful

    Citation please. If there are cameras, those are publicly visible and there's likely a notice stating that there's surveilance. The tapes themselves are likely only viewed by security and even then most of what's on there gets discarded within a couple months.

    The notice that there is surveillance alone reduces expectation of privacy to zero.

    It may be their internal policy to destroy tapes and restrict who can view them. But you as a customer have no ability to rely on that, because they didn't sign an agreement with you that that's what they do.

    They might use the tapes of hidden and visible cameras and microphones for any permissible business purpose -- up to and including, employee training; performance reviews; identifying customer behaviors; publicity/public relations purposes (such as advertising).

    What they will do in fact, is probably just maintain an archive of footage, to review in case of theft or damage is later discovered, or police come with a warrant to review/seize video footage.

    However, that doesn't eliminate the privacy reduction at all. The bar's management can change their policy in any way they see fit at any time

  6. Re:Meh on Seattle Bar Owner Bans Google Glass, In Advance · · Score: 0

    If he also has a policy of not letting people run around with cameras filming staff and customers, this is nothing more then a continuation of the policy. I rather like going to PRIVATE establishments and not being filmed and recorded for all to see.

    Most bars are publicly accessible spaces; anyone off the street can come in. Which means that in general, legally; the expectation of privacy is pretty much zero. Commonly for security or other various reasons, the property owner will in fact have hidden cameras and microphones recording everything.

    This also means, that while the property owner can have a policy that no cameras are allowed filming staff or customers, and can "encourage ass kicking anyone seen with Google glass" policy does not have the force of law.

    In the event someone's ass gets kicked, or their Google glass damaged in any way, there are civil and criminal charges that could be filed against the bar, staff, or others involved. Even if they know cameras are banned and bring a hidden one in, anyways, the photographer has a right to their recordings.

    Anyways, I rather agree that the concept of possibly being recorded so surreptitiously is a bit concerning.

    Personally, I think there should be a law, that the operation of portable concealable cameras should require a permit.

    A portable camera is concealable if it is either does not weigh at least 3 pounds, or is not (at least dimensions X by Y by Z or immediately recognizable as a camera) AND capable of capturing a picture or video image without generating both an audible and a visual signal of a legally specified loudness and intensity in the direction that the image was or will be captured from Or capable of recording for an extended period of time.

    Portable cameras for sale, should be required to emit both signals, when the capture begins, to alert people that they are being recorded. And if there is an extended video capture, using a portable concealable device -- a visual and audible signal every 5 minutes thereafter, which must be included in the video recording.

    Portable cameras available for permitted concealable use should still be required to incorporate the signals and be required to contain a GPS, and a DRM-style licensing function of the ability to perform a concealed recording activity -- with concealed recording only allowed, through the use of a government-issued permit key.

    Permits requiring a fee of ~$10 per use of such a device filed in advance; requiring any non-law-enforcement use be cleared with the owner of any property on which concealable cameras would be used and state specific time and place or time and individuals to be recorded with specific GPS boundaries; possible exceptions for business owned devices, where the business can produce documentation that they are for news gathering purposes, and the operator is required to follow restrictive privacy rules.

    In other words: Fine, have concealable devices, but no readily available surreptitious operation for just anyone.

  7. Re:Meh on Seattle Bar Owner Bans Google Glass, In Advance · · Score: 4, Interesting

    Just because I'm out in public doesn't mean that you should have the right to record everything I'm doing

    Yeah, it does actually... you are in public; you have no right to not be recorded; and you have a right to operate recording equipment you own, even in public.

    If the scene were a public street, without any special legal restrictions on recording, you have a right to record what you see.

    However, just because a place is publicly accessible does not mean there are no controls.

    On private property that the public has access to, the owner of the property can impose rules, or require you agree to certain conditions before you set foot on the property.

    They can (1) require you agree to not bring recording devices onto the property; (2) they can search your person as you are coming in and only grant access if they find no recording equipment, (3) they can require you not operate recording devices on the property, (4) they can have people monitoring what occurs on the property, and order anyone seen holding or wearing a recording device to leave.

    In the case of (1) you violate an agreement, and could in theory be sued; however, most property owners won't implement the requirements -- they don't police the entrance and force visitors to sign an actual contract before being allowed in, they may just post a sign.

    In this case, a photographer/videographer still has a right to record anything and everything they see on the property, even though the sign says they can't, because they haven't actually signed anything, and a sign stating that something is banned here does not carry the force of law. Ditto for (2), if the searcher fails to find the hidden camera.

    Ditto for (3). The property owner has a right to control the use of their property, but the visitors still have all rights not restricted by the law.

    (4) is the condition under which photo and video recording may be restricted in public. However, if the property owner fails to detect recording they don't authorize, then it's the photographer's right to have made the recording in public

    Normally there will be few legal restrictions -- there are a few such as not using a camera that can see through clothing, and not incurring civil damages such as intrusion upon seclusion (EG, a patron hiding a portable camera in a bathroom).

    So there is in general a right to record anywhere in public, with a few qualifications, even in publicly accessible places, where the property owner has stated that its banned.

  8. Re:Not the answer on The Data That Drove Yahoo's Telecommuting Ban · · Score: 1

    The point of random sampling is to help provide management some reliable insight into specifically what a remote worker is doing.

    Merely checking in might not be adequate to determine if a worker is slacking: or if the worker is less-effective than they could be otherwise.

    It may be that the worker is doing plenty of work remotely, and they are checking in; however, the working remotely has an effect on quality/reliability of the work produced, the frequency extent and kind of interactions between that remote worker and other members of their team

    And the team's effectiveness goes down.

    Just because the remote worker doesn't slack, does not necessarily mean that them working remotely has no adverse effect on their team.

    It some cases it can be beneficial (fewer minutes per day on face to face meetings -- less time wasted fewer large distractions); in other cases it can be harmful - possibly less communication due to the added burden of placing a phone call, reduced interaction; less idea exchange, less effective teams due to members not on the same page.

    So yeah, just checking in every now and then doesn't provide management a good metric, to help monitor and show that the remote working is a good OK arrangement, or provide a mechanism to help quickly remediate any issues, through feedback to the employee....

  9. Re:I can slack off anywhere on The Data That Drove Yahoo's Telecommuting Ban · · Score: 1

    A good network security design should reflect that every host is untrustworthy, and possibly breached; no host that has any firewall exception or any access possible by VPN users should be allowed to be trusted more than any random host on the internet. Just because a host is local or known, under the same management, and believed to be secure, does not mean that its security has not been defeated, permitting its use to facilitate an APT.

    but when properly managed you can secure the organization as a whole.

    It doesn't work so well in practice; in practice, you expose the organization as a whole by having a network design that promulgates a need for a VPN gateway in the first place.

    As soon as one laptop or server on the inside gets a piece of malware on it, the usefulness "public/outside bad", "inside good" concept breaks down, and as number of remote access users and devices increase, the probability of it eventually happening and escaping immediate detection approaches 100%.

    Which means, that the properly secure design approach is assumption of breach.

    I'd much rather the organization have a VPN (single or multiple) that can be used instead of having all the servers open to the public.

    I'd much rather the organization have a strong firewall, not allow exceptions such as "VPN" or "pass rules" for certain ports or outside addresses to the internal network. Only specific traffic flows arranged in advanced, and originated from the more secure network, allowed.

    E.g. Only outgoing connections from more secure to less secure. And only with thorough inspection of contents by an IDS, and application aware firewalls, including inspection involving intermediary SSL decryption.

    Anything that remote workers might need, belongs in a DMZ.

    Instead of authenticating to a VPN gateway, authenticate using a combination of a smartcard certificate or SSH client key to secure the channel, and credentials to every server.

    A VPN, SSH tunnel, or firewall port opening is no different from a server being properly open to the public.

    I recommend that any resource workers have access to be placed in a DMZ, and VPN devices _and_ office workstations all be placed in networks that are at the same trust level by the firewall as other hosts on the internet.

    With no direct TCP/IP communications enabled or possible from one workstation to another workstation, or between VPN hosts, or between VPN users and workstations.

    Use cryptographic secrets tied to the actual workstation (whether local or remote), to authenticate the establishment of network connections to such infrastructure, not the IP address of the remote device.

    Nowadays, this is possible, even Terminal services can be done without having a dedicated VPN, otherwise known as "backdoor network device".

  10. Re:Not the answer on The Data That Drove Yahoo's Telecommuting Ban · · Score: 1

    Tighten up the rules! The problem is people don't check up and hence people get lazy. Create rules such as check in with the VPN twice a day or make sure you at least two major status updates a day with work to follow.

    I would suggest an internal service such as twitter, with a requirement for a minimum of 2 work-related status updates a day sent to your team, explaining what you are doing, and more encouraged -- with a clear notice from management, that they factor into performance reviews.

    Requirement that you have a webcam on your PC when working; screenshots of your desktop, and pictures from your webcam, automatically sent to management at random, hourly, at random unpredictable times during the hour.

  11. Re:I can slack off anywhere on The Data That Drove Yahoo's Telecommuting Ban · · Score: 1

    all you work is tracked locally, and no VPN connection is required.

    The answer is it depends... anyone making such absolute statements about manners of getting work done as BitzTream has no place in management, and certainly doesn't belong in IT either -- as he's completely closed minded and not thinking things through, his firm would be mismanaged, giving others a potential opportunity to profit by acquiring his firm and replacing him as manager :)

    Not only is it true that frequent contact to RCS servers may not be required, but you may be pushing over SSH or HTTPS to a server, using a keypair/certificate installed on the client, not requiring a separate VPN connection.

    And using Outlook Anywhere (RPC over HTTPS) for email.

    Often enough corporate systems will be publicly exposed to the internet, these days, in many organizations, to work without requiring a VPN connection, and only occassionally is a VPN connection necessarily useful in that case.

    VPN connections present a number of security challenges, risks, and costs, for organizations.

    If it's possible to have workers connecting to internal resources through other properly secured methods, then in many cases, it will be the best course.

  12. Re:I can slack off anywhere on The Data That Drove Yahoo's Telecommuting Ban · · Score: 1

    VPN logins, butts in seats, donuts missing from the lounge are numbers that don't really matter.

    Wait... donuts missing from the lounge matter, because donuts cost money. Butts in seats also effect building facilities costs.

    Fewer butts in seats = less office space required = lower rent = lower cost per unit of productivity.

  13. Sounds like an opportunity for escalation on EU To Vote On Proposal That Could Ban All Online Pornography · · Score: 1

    The IT department of the European Parliament is blocking the delivery of the emails on this issue, after some members of the parliament complained about getting emails from citizens."

    How about making complaints about the improper behavior of the IT department, then. Send snail mail complaints as well.

    And ask that the IT department be investigated for criminal wrongdoing (attempts to manipulate the outcome by illegally intercepting and destroying communications from constituents).

  14. Don't tell Teraptus on Sunstone Unearthed From Sixteenth Century Shipwreck · · Score: 1

    Guard it closely...

    The Mayan apocalypse, the sequester, and the zombie apocalypse all put together, are a walk in the park, compared to a dark wizard getting ahold of the Sunstone, and casting away the light...

  15. Re:File a police complaint for littering on Don't Want a Phonebook? Give Up Your Privacy · · Score: 1

    will I be able to collect? Probably not from the yellow pages, even if the small claims court would allow such a thing. No I would have to hire someone to track down the transient worker,

    Probably you get to collect. There is an argument to be made, that the company is liable for their contractor's behavior, because they knew or had a duty to monitor them, and it will be your right to recover from the phone book company, and the phone book company's right to recover from their contractor.

  16. Re:File a police complaint for littering on Don't Want a Phonebook? Give Up Your Privacy · · Score: 1

    Clearly, they cannot - Because phone books do not count as fucking speech.

    It doesn't even matter if they do. There are plenty of infringements that count as "speech", but are not constitutionally protected. For example; violence is a form of speech.

    Chopping down a tree in someone's front yard and painting a smiley face on it (by an anti-environmentalist group) would be a form of speech.

    Still very illegal.

    Just like throwing random crap, or books on someone's front lawn is.

    It doesn't matter whether that crap is the phone book, an almanac, or a religious book.

    The issue is not the content of the thing thrown; it's the depositing it without the approval of the property owner, or the agreement in advance of the property owner to receive it.

    Knocking on your door, and offering the person the book in person, EXCLUSIVELY handing it to a person, and not leaving it on the ground somewhere, or on furniture = Annoying, but OK.

    Chunking it on the doorstep/porch/drive/yard/walkway, and driving off, without any acceptance, or opportunity to refuse = NOT OK.

    The content of the speech is irrelevent, because it's not the actual content of the book at issue.

  17. Re:File a police complaint for littering on Don't Want a Phonebook? Give Up Your Privacy · · Score: 2

    The courts decided correctly that this was a violation of the 1st amendment. The government is not allowed to censor speech regardless if that is what the citizens want.

    The court decided incorrectly. The government is allowed to prevent certain forms of speech, regardless of its content.

    For example, I have a right to be secure in my property.

    You can have your free speech on your own property, or on public property in permitted ways, but the moment you step on my property, the actions you may take without my approval are subject government regulations.

    For example, you don't have a right to come erect a 5 foot sign on my lawn, against a candidate that I am not in favor of. Why? Because it's an infringement of my free speech rights and my property rights.

    On my private property, I have a right to not have your free speech, and I have a right to shut your free speech out. And, I have a right to have my government assist me in doing so, when I wish it to.

  18. Re:File a police complaint for littering on Don't Want a Phonebook? Give Up Your Privacy · · Score: 1

    You don't own your mailbox in the USA.

    Neither do they. Unless they mail it to you through the USPS, inserting into your mailbox would be a criminal offense.

  19. Re:So? on DRM Chair Self-Destructs After 8 Uses · · Score: 1

    Um... you make it sound like carpentry skills are rare and unusual. They're pretty common actually.

    Yeah, but they're a DMCA violation, if not approved the manufacturer who licensed you the per-sitting use of their furniture :)

  20. Re:One question... on DRM Chair Self-Destructs After 8 Uses · · Score: 1

    So chair manufacturers can license instead of selling chairs, and they can license them by number of one-time uses, instead of just issuing per-seat licenses.

  21. Re:the right thing on Cisco Looking To Make Things Right With West Virginia · · Score: 1

    Yes it is. As a trusted vendor and supplier it is your duty to ensure the client is purchasing what they need, not what they want.

    Nonsense... it's your duty as supplier to supply what your customer ordered.

    It's first and foremost, the network designer's job to not overspec the requirements.

    In fact, if you supply them just what they need, their costs may go up 2X, as what they need changes, than if they got the bare minimum that they need, plus additional resources for expansion.

  22. Re:the right thing on Cisco Looking To Make Things Right With West Virginia · · Score: 4, Insightful

    . To really make things right, they'd also offer to find the state suitable routers, at cost, and set'em up as well.

    Cisco's not a charity -- the management who approved the mistaken design, and the firm that designed and selected inappropriate router choices, should have to deal with this.

    It's not Cisco's job to stop you from buying equipment that can do more than what you need it to do right now.

  23. Re:The World is not entirely filled with idiots on 'Download This Gun' — 3-D Printed Gun Reliable Up To 600 Rounds · · Score: 1

    A larger company engineers the manufacturing, not only the part, to be reliable

    Yes, they engineer it to be reliable. However, they don't engineer the manufacturing process to be perfect, because it's impossible. Regardless of the product, there will be some defective or substandard units, and they might or might not get to customers.

    The companies are not too concerned about this; they just want to produce few enough defective units, that on average, the losses due to product returns, and losses in terms of settlements as a result of being sued over safety issues, is overshadowed by the amount of profits made.

    Perhaps if you can develop a suitable inspection and testing procedure, in fact, the product you manufacture for yourself should be less likely to have a defect --- because the safety risk is to you the manufacturer, you now have a more strongly vested interest in making sure that it is not defective, before you put the product to use in a situation where it would be potentially dangerous, should the product fail.

    E.g. test your self-made primary and secondary parachutes somehow on the ground, before you dare go skydiving with them.

  24. Any VPS provider with dual-stack on Home Server On IPv6-only Internet Connection? · · Score: 2

    SSH into the Virtual private server, then SSH from the virtual private server to your LAN's IPv6 address

    For VNC, open SSH back to your remote computer from inside your LAN in remote tunnel mode, using the -R option, to tunnel the port to the local VNC at the remote end, then connect to that local port on your local computer with VNC for remote access to your home.

  25. Re:Please don't let that happen -- not yet on Copyright Alert System To Launch Monday · · Score: 1

    Copyright reform needs to happen before we get to everyone encrypting everything by default, or it's in danger of being the catalyst for something far worse than anything the **AA and their international brethren have ever done.

    We don't necessarily need copyright reform first.

    Encrypt everything by default, and allow nothing unencrypted, just needs to become default behavior in all operating systems, and become the de-facto standard, for everything, for security purposes, before anyone else can act.

    Before that can happen, we need broader DNSSEC adoption, and replacement of PKI, with DANE for initializing TLS sessions.

    And better interfaces for mutual authentication (no more form-based login with passwords sent to remote servers to login to websites).