Is this news? Whatever software you are using has vulnerabilities.
So what if the software came from China? Do you think software from San Jose is any better? I don't see any evidence of some communist party conspiracy here.
This sounds like a really bad idea to me. How about giving the photos to the police?
Who will verify the images are authentic, and not photoshopped to insert other people - enemies, friends (ha ha!), famous people?
Who will make the fine judgements of what the people in the images are doing? Are they committing a crime, merely in the vicinity, or passing through? Or, how close are they to the burning car behind them? -- depth in photos is hard to judge. And what constitutes a crime in Vancouver? If the mob makes the judgement, you can bet that they will leap to wild, sensational conclusions.
What will happen to the people who are 'convicted' by this court? Will they get carefully considered justice, or a senseless angry mob? Will they be endlessly vilified and hounded, people finding their personal address online, ringing their doorbell, calling their employer, their family, etc.... and for a misdemeanor, or a misunderstanding?
Finally, it sets the precedent that all our public activity is subject to being recorded and publicized. You can argue that we don't have a right right to privacy on a public street, but if we only have privacy in lead-shielded basement, with no communication or anything else passing in or out, we really don't have privacy at all.
So, uh, I trust my security to... myself? Instead of someone whose job it is to keep on top of shit like this? Even my work offers webmail with their email addresses.
I think that is a valid issue (though I'm not sure what your workplace has to do with it, unless you work with top secret data). But I think it's overridden by the fact that Google and GMail are huge targets for attackers; that their service, by design, makes the confidential data accessible from any computer in the world via a web browser; that thousands of Google employees and contractors (I'm guessing at the number) have access to the data and/or physical access to the servers; and that you are putting life-and-death information in the hands of an outside company (Google).
No security consultant would recommend that design for highly valuable confidential data. That's not how the military or NSA stores its most valuable data.
They need private mail servers, with proxies and firewalls between the servers and the public Internet (and attackers), with proper security including minimized access, even for authorized users.
These people need professional advice, or common sense: Don't store highly valuable (i.e., dangerous to people's lives), confidential information on a free public webmail service!
Really, how hard is that to figure out? How many very well-publicized successful attacks has Google experienced, and they still haven't figured it out?
The most interesting thing from my point of view was that when i did raise issue with my Chinese friend, he came back with a reply i hadnt anticipated. (and i consider myself very politically aware)
Don't be surprised; they're just repeating the typical talking points of the gov't propaganda. The Chinese Communist Party still needs to sell itself to maintain control (as does any authoritarian dictatorship), and they have a propaganda operation that spreads these carefully-crafted, plausible-sounding talking points (which are complete BS, of course). They even have a hired army to post the propaganda to online forums, referred to jokingly as the Fifty Cent Party (paid 50 cents per post).
It's not at all unusual. Every sophisticated dictatorship in history seems to do the same.
If you're interested in Chinese politics, here are a few relatively credible sources that provide a much more nuanced, sophisticated perspective:
* The Diplomat: Foreign policy publication from Japan, has some very well-respected writers, and you'll learn much about China you had no idea of. If you read one, I'd read this.
* Asia Sentinal: AFAIK founded by writers of the defunct but excellent Far East Economic Review, and based in Hong Kong.
* Caijing: Based in Beijing, so subject to gov't influence, but seems relatively independent, has a good reputation, and provides sophisticated points of view on China.
He said china considers the Tibetan leaders to be exploiting its people, the tibetan people didnt have much, and they should have to give it to their leaders. China was trying to 'liberate' the people of tibet. Its the same excuse the US used to to invade iraq.
Falung-Gong is considered to be a font for the pro-democracy movement. Remember how the US persecuted communists and anyone associated with them, well, same thing.
Of course two wrongs dont make a right, and these reasons probably justify such actions in the eyes of most westerners, but its wise to at least consider the opinion of the other side rather than just listen to the biased media of one side.
To say these things are comparable because similar words were used to describe them is absurd:
* The US invaded Iraq in 2003, deposed a brutal dictator, handed the government to the Iraqi people who select their own leaders (who often oppose US policy), and now is leaving within 10 years. China conquered Tibet in 1951, imposed a Communist dictatorship ruled from Beijing in which the Tibetans have no power or representation, even took over their religion, and claims Tibet will be eternally part of China. I don't think we were right to invade Iraq, but it's not the same thing as Tibet at all. We also liberated the South Koreans, the French, the slaves in the Confederacy and many others; are those all the same because we used the word 'liberation'?
* Americans did unfairly persecute Communists, but that's not remotely the same as the brutal repression, imprisonment, and re-education camps that the Chinese government use to oppress the Falun Gong. Communism has remained legal in the United States, in fact. Was the persecution of Tutsis in Rwanda the same as the Communists in the US, simply because the same words were used?
Invicta - Apparently you are a health care professional. It's amazing to me that you can close your eyes to the shockingly inefficient and dangerous performance of the U.S. health care industry, or deny any responsibility for it. How many people die each year because the industry is too inefficient to make health care available to them? How many die because of poor quality care? How much lost productivity do these problems cause for living people? How many jobs and how much productivity is lost from our economy because health care is so absurdly expensive?
How sad that you abdicate all responsibility for what occurs in our society beyond your office walls.
Before I noted how doctors blame insurers, lawyers, and everyone else for failures to deliver services. Now it's time to blame the patients. What's missing from this narrative?
the decisions ARE up to you. Your doctor is there to advise/educate you, not tell you what to do/make you do it.
I don't see where I asked them to make my decisions.
It also seems as though you have a need for complete certainty
Perhaps you missed where I said, I'm not asking for scientific precision; even an order of magnitude would be nice.
Symptoms do not exist in a vaccuum. They are tied with other factors like other symptoms, root cause(s), your particular makeup/physiology, certain combinations of these etc.. What you are asking for, you can NEVER get.
But I and everyone who makes medical decisions do get it -- we just have to guess at the likely outcomes in order to make the decision. Instead of me, a non-expert, trying to assess those variables and estimate outcomes, the results are likely much better if the expert does it (which is what he is trained and paid to do). Then I can decide what risks I want to take.
if you email a question to a lawyer or an accountant, that question can be answered by looking in a book or off the top of their head since those professions don't require critical analysis.
Other professionals would beg to differ. These arguments amount to nothing more than a belief in the exceptionalism of doctors. Believe it or not, other professions do perform critical analysis and face scheduling challenges, and everyone else manages to use electronic communication and schedule their activities reliably. Unless you want to argue that doctors are exceptionally unprofessional or incompetent, then there is not reason they can't do it too.
At what point does preventative treatment start paying off? I'm 42 and an annual office visit is $150 for me for the doctor to ask me a few questions, check my respiration, hit my knew with a rubber hammer and send me off. What could he possibly find and prevent other than bad knees or a chest infection?
Tell them not to worry about it? Find a way to deliver your services efficiently, perhaps by having someone less expensive screen 75% of them? None of this seems hard to imagine.
Did you know physicians are not allowed to charge for e-mail or phone calls, yet are completely liable for any problems that result? Is that true of your lawyer, accountant, tech support
Yes, it is true. They answer questions all the time via email, don't bill me for quick questions, and are liable for their advice. The same is true of my interactions with my clients. Plus, it's 2011; it's time for doctors to figure out how to integrate email into their business processes, including billing, just like everyone else in the world.
As another ER doctor, I usually don't have the benefit of going through cost/benefit of everything I do..... BTW, we understand risk management.
These two statements don't seem to go together.
I can't teach everything I have learned to every pt that think he/she is dying of some questionable malady.
This is just arrogance and laziness. I have a profession and expertise too, I deal with ignorance, and I don't have to teach anyone anything. I just give them costs and probable outcomes in a language they can understand. Every other profession has to deal with the same situation all the time, from car mechanics to architects to accountants to IT professionals; there's nothing exceptional about doctors.
The primary reason why doctors have not integrated e-mail into practices is that the people who pay them (insurers, not you) have not developed ways to compensate doctors for answering e-mail.
Doctors are not helpless victims; it's time to stop blaming everyone else (lawyers, insurers, etc.) and claiming exceptional status (it's tactile and visual), and to deliver their services effectively. I answer my clients' emails, even where they take the innovative step of describing things that I need to see (sometimes they send photos!), and I don't charge for the quick questions.
Now, I'm not suggesting all doctors are the same, which would be absurd. But there are widespread problems.
Here's a perspective from the other side of the relationship: If you want an honest, intelligent assessment from a doctor, good luck. Most doctors I interact with treat everyone like ignorant hypochondriacs, insist I waste my time on pointless visits, and don't seem to understand basic risk management.
A good decision should be based on the cost/benefit analyses of the distributions of outcomes. If I ignore this symptom, what is the distribution of outcomes? Is there a 50% chance of serious harm? 5%? 0.05%? I'm not asking for scientific precision; even an order of magnitude would be nice but most doctors won't answer that question at all and just keep asking me what I want them to do, insisting I make a decision based on no expertise or information. It's an absurd situation I've come to expect.
Also, no matter how I present it, most treat patients like hypochondriacs. Again, I just want a rational assessment. Finally, one doctor told me, 'if a patient brings me something, they must be scared about it so I'm going to treat it'. No you idiot! I'm starting to suspect that the medical community has a contemptuous view of its customers.
Finally, I can now email a quick question to everyone in the universe -- my lawyer, my accountant, my technical support, probably even my God -- except one class of people who haven't yet mastered integrating the telephone into their business process, much less email. For those special people, I have to set aside hours of time (and more, because they are incapable of being punctual like every other professional) for even the simplest question. Nobody else treats their customers so disrespectfully./end of rant
And it isn't something unique to Taiwan, I've observed similar things in Japan and some parts of Europe. Who the hell isn't going to take advantage of something if it's cheap? In my experience the US is the opposite. Unless you're well-off or have a low co-pay you're going to put a visit off until you really need it.
Interesting that people in other rich countries use health services more often than the US, yet the countries spend one-half to one-third as much per capita on health care and their citizens are at least as healthy as Americans.
My understanding is that Americans don't have enough access to primary care. A few extra visits to primary care cost much less than one visit to the ER. Preventative medicine is very cost effective.
You can't connect to POP, IMAP, or Exchange servers directly from the tablet, as you can from an iOS or Android device -- you must have a BlackBerry tethered via Bluetooth using the BlackBerry Bridge application
But then on page 3 he writes,
But if you don't use BlackBerry tethering, then you have no security, as you must use standard IMAP and POP connections to your email.
Which is it? And why can't you use standard security for your your standard IMAP and POP connections (i.e., SSL)?
As the author of the post, I'm glad someone raised this point, but either you didn't read the last sentence or it didn't have the effect (on you) that I intended.
I'm aware of some anti-Chinese sentiment in the US (and from what I understand, it goes both ways), to which I'm strongly opposed -- it's not only ignorant, it's illiberal and unfair to the people of China, who deserve just as much as anyone else, and it leads to dangerous political decisions. It's also true that the Chinese government and possibly others in China have a pretty well-documented reputation for aggressive IT espionage, and several diverse, credible sources connect Huawei to the PLA.
I hoped people would first be seized by the implications of Symantec's (indirect) relationship with the Chinese gov't, which are real and serious (but read on before you object). Perhaps I even meant to provoke a little. But I hoped that the last sentence would make people reconsider and that the more jingoistic their response, the more of a non-sequitur it would seem and the bigger its impact:
Wouldn't they be crazy not to? That's not a question of good or evil, but of smarts and pragmatism. And you can't avoid the thought that if it's smart and pragmatic for the Chinese gov't, it's the same for others. And we know well that other gov'ts indeed do similar things, so are the Chinese wrong? It's pragmatism, not evil. I also hoped it would raise the question of just how widespread these threats are; how can anyone secure anything without completely DIY IT (which is impossibly expensive)?
I think both issues are central questions of the day.
We most certainly do. The government wouldn't be doing its job if it didn't, and we do also have done many well-documented things that weren't part of the job, unfortunately.
Slashdot Mirror
Is this news? Whatever software you are using has vulnerabilities.
So what if the software came from China? Do you think software from San Jose is any better? I don't see any evidence of some communist party conspiracy here.
Hmm, who to take the word of... a respected judge, or an anonymous person with nothing but uncited claims.
If we are just going to Appeal to Authority, what is the point of even reading the news? Is it possible that people in authority make mistakes or have biases. I know we've never seen it, but is it conceivable?
Judge Posner has spoken!
I thought nothing companies were entitled to the same justice as the big shots. Isn't that much of the point of our judicial system?
This sounds like a really bad idea to me. How about giving the photos to the police?
Who will verify the images are authentic, and not photoshopped to insert other people - enemies, friends (ha ha!), famous people?
Who will make the fine judgements of what the people in the images are doing? Are they committing a crime, merely in the vicinity, or passing through? Or, how close are they to the burning car behind them? -- depth in photos is hard to judge. And what constitutes a crime in Vancouver? If the mob makes the judgement, you can bet that they will leap to wild, sensational conclusions.
What will happen to the people who are 'convicted' by this court? Will they get carefully considered justice, or a senseless angry mob? Will they be endlessly vilified and hounded, people finding their personal address online, ringing their doorbell, calling their employer, their family, etc. ... and for a misdemeanor, or a misunderstanding?
Finally, it sets the precedent that all our public activity is subject to being recorded and publicized. You can argue that we don't have a right right to privacy on a public street, but if we only have privacy in lead-shielded basement, with no communication or anything else passing in or out, we really don't have privacy at all.
So, uh, I trust my security to... myself? Instead of someone whose job it is to keep on top of shit like this? Even my work offers webmail with their email addresses.
I think that is a valid issue (though I'm not sure what your workplace has to do with it, unless you work with top secret data). But I think it's overridden by the fact that Google and GMail are huge targets for attackers; that their service, by design, makes the confidential data accessible from any computer in the world via a web browser; that thousands of Google employees and contractors (I'm guessing at the number) have access to the data and/or physical access to the servers; and that you are putting life-and-death information in the hands of an outside company (Google).
No security consultant would recommend that design for highly valuable confidential data. That's not how the military or NSA stores its most valuable data.
They need private mail servers, with proxies and firewalls between the servers and the public Internet (and attackers), with proper security including minimized access, even for authorized users.
I mean, don't use any webmail at all. Use your own local mail server.
These people need professional advice, or common sense: Don't store highly valuable (i.e., dangerous to people's lives), confidential information on a free public webmail service!
Really, how hard is that to figure out? How many very well-publicized successful attacks has Google experienced, and they still haven't figured it out?
... so I can retrieve them, as well as search, copy (!), and do everything else I can do with data on a computer, from anywhere.
The most interesting thing from my point of view was that when i did raise issue with my Chinese friend, he came back with a reply i hadnt anticipated. (and i consider myself very politically aware)
Don't be surprised; they're just repeating the typical talking points of the gov't propaganda. The Chinese Communist Party still needs to sell itself to maintain control (as does any authoritarian dictatorship), and they have a propaganda operation that spreads these carefully-crafted, plausible-sounding talking points (which are complete BS, of course). They even have a hired army to post the propaganda to online forums, referred to jokingly as the Fifty Cent Party (paid 50 cents per post).
It's not at all unusual. Every sophisticated dictatorship in history seems to do the same.
If you're interested in Chinese politics, here are a few relatively credible sources that provide a much more nuanced, sophisticated perspective:
* The Diplomat: Foreign policy publication from Japan, has some very well-respected writers, and you'll learn much about China you had no idea of. If you read one, I'd read this.
* Asia Sentinal: AFAIK founded by writers of the defunct but excellent Far East Economic Review, and based in Hong Kong.
* Caijing: Based in Beijing, so subject to gov't influence, but seems relatively independent, has a good reputation, and provides sophisticated points of view on China.
He said china considers the Tibetan leaders to be exploiting its people, the tibetan people didnt have much, and they should have to give it to their leaders. China was trying to 'liberate' the people of tibet. Its the same excuse the US used to to invade iraq.
Falung-Gong is considered to be a font for the pro-democracy movement. Remember how the US persecuted communists and anyone associated with them, well, same thing.
Of course two wrongs dont make a right, and these reasons probably justify such actions in the eyes of most westerners, but its wise to at least consider the opinion of the other side rather than just listen to the biased media of one side.
To say these things are comparable because similar words were used to describe them is absurd:
* The US invaded Iraq in 2003, deposed a brutal dictator, handed the government to the Iraqi people who select their own leaders (who often oppose US policy), and now is leaving within 10 years. China conquered Tibet in 1951, imposed a Communist dictatorship ruled from Beijing in which the Tibetans have no power or representation, even took over their religion, and claims Tibet will be eternally part of China. I don't think we were right to invade Iraq, but it's not the same thing as Tibet at all. We also liberated the South Koreans, the French, the slaves in the Confederacy and many others; are those all the same because we used the word 'liberation'?
* Americans did unfairly persecute Communists, but that's not remotely the same as the brutal repression, imprisonment, and re-education camps that the Chinese government use to oppress the Falun Gong. Communism has remained legal in the United States, in fact. Was the persecution of Tutsis in Rwanda the same as the Communists in the US, simply because the same words were used?
Invicta - Apparently you are a health care professional. It's amazing to me that you can close your eyes to the shockingly inefficient and dangerous performance of the U.S. health care industry, or deny any responsibility for it. How many people die each year because the industry is too inefficient to make health care available to them? How many die because of poor quality care? How much lost productivity do these problems cause for living people? How many jobs and how much productivity is lost from our economy because health care is so absurdly expensive?
How sad that you abdicate all responsibility for what occurs in our society beyond your office walls.
Before I noted how doctors blame insurers, lawyers, and everyone else for failures to deliver services. Now it's time to blame the patients. What's missing from this narrative?
the decisions ARE up to you. Your doctor is there to advise/educate you, not tell you what to do/make you do it.
I don't see where I asked them to make my decisions.
It also seems as though you have a need for complete certainty
Perhaps you missed where I said, I'm not asking for scientific precision; even an order of magnitude would be nice.
Symptoms do not exist in a vaccuum. They are tied with other factors like other symptoms, root cause(s), your particular makeup/physiology, certain combinations of these etc.. What you are asking for, you can NEVER get.
But I and everyone who makes medical decisions do get it -- we just have to guess at the likely outcomes in order to make the decision. Instead of me, a non-expert, trying to assess those variables and estimate outcomes, the results are likely much better if the expert does it (which is what he is trained and paid to do). Then I can decide what risks I want to take.
if you email a question to a lawyer or an accountant, that question can be answered by looking in a book or off the top of their head since those professions don't require critical analysis.
Other professionals would beg to differ. These arguments amount to nothing more than a belief in the exceptionalism of doctors. Believe it or not, other professions do perform critical analysis and face scheduling challenges, and everyone else manages to use electronic communication and schedule their activities reliably. Unless you want to argue that doctors are exceptionally unprofessional or incompetent, then there is not reason they can't do it too.
Nobody else treats their customers so disrespectfully.
You have clearly not "Flown the Friendly skies" within the last couple of decades.
Ha. I admit, I say the same thing about airlines occasionally.
At what point does preventative treatment start paying off? I'm 42 and an annual office visit is $150 for me for the doctor to ask me a few questions, check my respiration, hit my knew with a rubber hammer and send me off. What could he possibly find and prevent other than bad knees or a chest infection?
short-sightedness?
Very interesting indeed.
So what do you do with 99.5% of people?
Tell them not to worry about it? Find a way to deliver your services efficiently, perhaps by having someone less expensive screen 75% of them? None of this seems hard to imagine.
Did you know physicians are not allowed to charge for e-mail or phone calls, yet are completely liable for any problems that result? Is that true of your lawyer, accountant, tech support
Yes, it is true. They answer questions all the time via email, don't bill me for quick questions, and are liable for their advice. The same is true of my interactions with my clients. Plus, it's 2011; it's time for doctors to figure out how to integrate email into their business processes, including billing, just like everyone else in the world.
As another ER doctor, I usually don't have the benefit of going through cost/benefit of everything I do. .... BTW, we understand risk management.
These two statements don't seem to go together.
I can't teach everything I have learned to every pt that think he/she is dying of some questionable malady.
This is just arrogance and laziness. I have a profession and expertise too, I deal with ignorance, and I don't have to teach anyone anything. I just give them costs and probable outcomes in a language they can understand. Every other profession has to deal with the same situation all the time, from car mechanics to architects to accountants to IT professionals; there's nothing exceptional about doctors.
The primary reason why doctors have not integrated e-mail into practices is that the people who pay them (insurers, not you) have not developed ways to compensate doctors for answering e-mail.
Doctors are not helpless victims; it's time to stop blaming everyone else (lawyers, insurers, etc.) and claiming exceptional status (it's tactile and visual), and to deliver their services effectively. I answer my clients' emails, even where they take the innovative step of describing things that I need to see (sometimes they send photos!), and I don't charge for the quick questions.
Now, I'm not suggesting all doctors are the same, which would be absurd. But there are widespread problems.
Here's a perspective from the other side of the relationship: If you want an honest, intelligent assessment from a doctor, good luck. Most doctors I interact with treat everyone like ignorant hypochondriacs, insist I waste my time on pointless visits, and don't seem to understand basic risk management.
A good decision should be based on the cost/benefit analyses of the distributions of outcomes. If I ignore this symptom, what is the distribution of outcomes? Is there a 50% chance of serious harm? 5%? 0.05%? I'm not asking for scientific precision; even an order of magnitude would be nice but most doctors won't answer that question at all and just keep asking me what I want them to do, insisting I make a decision based on no expertise or information. It's an absurd situation I've come to expect.
Also, no matter how I present it, most treat patients like hypochondriacs. Again, I just want a rational assessment. Finally, one doctor told me, 'if a patient brings me something, they must be scared about it so I'm going to treat it'. No you idiot! I'm starting to suspect that the medical community has a contemptuous view of its customers.
Finally, I can now email a quick question to everyone in the universe -- my lawyer, my accountant, my technical support, probably even my God -- except one class of people who haven't yet mastered integrating the telephone into their business process, much less email. For those special people, I have to set aside hours of time (and more, because they are incapable of being punctual like every other professional) for even the simplest question. Nobody else treats their customers so disrespectfully. /end of rant
And it isn't something unique to Taiwan, I've observed similar things in Japan and some parts of Europe. Who the hell isn't going to take advantage of something if it's cheap? In my experience the US is the opposite. Unless you're well-off or have a low co-pay you're going to put a visit off until you really need it.
Interesting that people in other rich countries use health services more often than the US, yet the countries spend one-half to one-third as much per capita on health care and their citizens are at least as healthy as Americans.
My understanding is that Americans don't have enough access to primary care. A few extra visits to primary care cost much less than one visit to the ER. Preventative medicine is very cost effective.
Which is it? On the first page the author writes,
You can't connect to POP, IMAP, or Exchange servers directly from the tablet, as you can from an iOS or Android device -- you must have a BlackBerry tethered via Bluetooth using the BlackBerry Bridge application
But then on page 3 he writes,
But if you don't use BlackBerry tethering, then you have no security, as you must use standard IMAP and POP connections to your email.
Which is it? And why can't you use standard security for your your standard IMAP and POP connections (i.e., SSL)?
As the author of the post, I'm glad someone raised this point, but either you didn't read the last sentence or it didn't have the effect (on you) that I intended.
I'm aware of some anti-Chinese sentiment in the US (and from what I understand, it goes both ways), to which I'm strongly opposed -- it's not only ignorant, it's illiberal and unfair to the people of China, who deserve just as much as anyone else, and it leads to dangerous political decisions. It's also true that the Chinese government and possibly others in China have a pretty well-documented reputation for aggressive IT espionage, and several diverse, credible sources connect Huawei to the PLA.
I hoped people would first be seized by the implications of Symantec's (indirect) relationship with the Chinese gov't, which are real and serious (but read on before you object). Perhaps I even meant to provoke a little. But I hoped that the last sentence would make people reconsider and that the more jingoistic their response, the more of a non-sequitur it would seem and the bigger its impact:
Wouldn't they be crazy not to? That's not a question of good or evil, but of smarts and pragmatism. And you can't avoid the thought that if it's smart and pragmatic for the Chinese gov't, it's the same for others. And we know well that other gov'ts indeed do similar things, so are the Chinese wrong? It's pragmatism, not evil. I also hoped it would raise the question of just how widespread these threats are; how can anyone secure anything without completely DIY IT (which is impossibly expensive)?
I think both issues are central questions of the day.
The US does not.
We most certainly do. The government wouldn't be doing its job if it didn't, and we do also have done many well-documented things that weren't part of the job, unfortunately.