Nope. This is (yet again) about a US company trying to pretend that only US law applies as soon as they enter another country. Google is just the most visible example of that, and I support this decision.
If you want to sell services in a country and generate revenue, you damn well have to follow the local laws there or get fined. Simple.
BTW, I hope people realise that the Swiss clock concept of hanging around for the minute sync pulse automatically implies that the seconds are not 100% accurate other than the "0" - it has to run a bit faster to create the waiting space for the minute or the whole idea falls apart..
Given the average accuracy of a GPS device it's going to be a sod to pinpoint the recipient.
Having said that, I'd go and look around dentists in the vicinity - if that bar really looks the same as a chocolate bar the unlucky finder may need the prize to pay for the dental damage:)
He said he had little money available, so I figured I gave him something that was easy vs. perfect. The key question is if the delta introduced by the odd hash collision is actually significant in the volume of data he is planning to process. If it isn't, I would not try to develop perfection - he can use his little funding better elsewhere..
In other words, in theory you're absolutely right, in practice I suspect there is little difference. But my favourite way of avoiding issues with personal data is simply not collecting them in the first place. Unless you are Google and get away with a pathetic fine, of course..
If at all possible, stay away from personally identifiable data. If your aim is to use identity as an index, work out a way in which you can translate an identity into an an index or hash value (i.e. one way). This is not going to be perfect (there will be about a million "John Smith"s out there), but if you have a consistent pair such as name and phone number, turn that into a hash and use it as data index.
That means you can still do correlations, but a leak will not result in exposure of personal data.
However, first of all, look at what you're holding on personal data and simply assume you got hacked and it's "out there" - plan for that crisis first because there is one question you need to answer:
If you cannot afford to pay for security advice, can you afford to pay for the inevitable consequences?
Thank you. Normally I don't even respond anymore to people that miss the point completely but are happy to deride a post based on their own misunderstanding..
This is an EXTREMELY important aspect to planning space missions, certainly when they go a tad beyond our moon backwater: we have to ensure that the people traveling have learned how to make do with whatever they have.
At a minimum they must have loads of duct tape:) - and someone with pretty old-fashoned handy-man talents. And, apparently, loads of socks..
Only 1/6th gravity, no atmosphere - why not use mirrors? You can afford some inefficiency, such cheap materials would mean you don't need to worry too much about replacement costs due to meteorite hits.
It doesn't always have to cost gazillions - I refer you to the Russian use of pencils..:)
I don't predict it will be much longer before there will be no further drive to innovate
Not necessarily. AFAIK, all innovation has to do is to avoid the USA..
The problem isn't so much where there is *real* abuse, it's the ability for the bigger players to nuke a small innovator off the playing field by draining its pockets in court.
Wasn't it Mark Twain who said that courts are where justice is dispensed with?
If at all possible, see if you can afford an accountant who does the work for you, but still check your books regularly (never trust anyone 100% with your money, and that includes banks - if you can possibly avoid being dependent on your bank, please do).
As for the rest (POS, possible menu management etc), decide if you want to run an IT shop or a restaurant - either is a full job. Go for what works, not for something that matches someone's religion, because there are only 24 hours in the day. On that topic, don't be shy to take something on trial because everything works wonderful on a laptop and in a showroom, but when Real Life hits you will soon find if it's a dog or delight.
If you still want to go "Open", reserve that for year 2. Year 1 will be spent getting the business stable and building a reputation, client base and a way to keep an eye on staff (expect a few iterations there too). About the only Open Source tactic I would keep an eye on from day 1 is that you choose stuff you can swap out, so if something stores files and data in a way you don't have access to it, think very hard before using it.
Such radio signals MUST be read-only. *Any* ability to influence a car from a distance is *extremely* bad news and should not even be considered. It's bad enough that it is already possible today with some vehicles..
I would not even like to *near* a vehicle that can be remotely shut down, let alone inside it.
I can see RFID work in such an application, as long as they are write-once. Otherwise I'd give it a week before everyone is Spartacus:).
RFIDs are actually more practical than ANR - less horsepower required to read, and no games with "accidentally" leaving mud on the plates (however, if they cannot be read very quickly there may be an issue). However, I can only see this work with vehicle attached RFID - license RFID should be separate or you'll have to leave the chip open to reprogramming, which is IMHO where the problems hide here (as above:).
I was actually waiting for something like this to happen - vehicle ID hasn't seen progress since VINs. However, as always I'd be worried about privacy implications - with ANR there is already enough discussion.
I agree with your emphasis, but I have this teeny weeny nagging question for you: how would Google know what is valid?
The reality is that Google is by no means the law or law enforcement, and we have seen enough screwups (Illegitimate automated DCMA takedown of NASA footage at Youtube, for example) to know that (a) themechanism doesn't work and it's (b) subject to abuse.
I can well understand that Google now thinks it's above the law after the frankly pathetic FTC fine (*), but the reality is that it only takes the gaming of one big player and Google will be on the hook for serious consequential damages. What I really read here is Google trying to get away with censorship and to me, that screams monopoly commission investigation in 3.. 2.. 1..
(*) It makes me laugh that the FTC is crowing about the fact that this is the largest ever fine handed out as if that is of any consequence. The fine amounts to a rounding error in Google's earnings, so it's more an encouragement..
An extra thought: that means the one and only business you could still trust Google not to mess with your rights (just trivial stuff like privacy and content ownership) is now in the process of being nuked as well. Time for alternatives?
The problem is that Google is not the law, has no formal role in law enforcement and cannot take any decisions on infringement other than when they have been confirmed.
This means that unless Google is linked to all court decisions in all countries it will be acting as judge and jury - and on top of that is taking a precog approach to the future.
Even if multiple offences have been registered, this could be due to the sheer size of the organisation and guess who would immediately get a hit downwards? Youtube.
I'm old enough to recall the introduction of CDs as data carriers, when you needed a soundblaster card to interface instead of jacking it simply into an IDE chain.
In addition, I never have treated CDs as as indestructible as they were originally labelled, I have an engineering background and care of the devices I work with is thus second nature. Yet, I have seen three CDs from those days turn into schrapnel (or heard, to be accurate:) ) - 3 separate occasions, 3 separate drives, 3 separate sets of circumstances with only one common factor: the age of the CDs.
And that they were child games - maybe the content was just too much for the material:)
One I discovered with very old games: max rotation speed.
If the game is *really* old, it may be on a CD that was designed to spin at maybe 8x speed. No prizes for guess what happens when that gets spun up to 48x, but it's very spectacular and the shrapnel most likely nukes the optics in the drive.
Hmm, that's a game in itself:).
Next up: recycling game CDs by using them as clay pigeons..
The problem was that the hacker engineered an INSIDER (helpdesk) to help. That gets past any password quality, lockouts - the works. I saw some people mention that this would not happen with Google because you can use two-factor. Well, duh, if you get an insider to open the backdoor it becomes pretty irrelevant how shiny and well armoured the front door looks like.
Q for APple: why not ping an iMessage to all devices associated with the Apple ID and ask for some inside info before giving access? It would also have given the account owner an early heads up that something was happening..
That'a s tall order. Even just adding a couple of years to our lifespan will play havoc with the whole pension and retirement planning idea, and there are whole tribes of people who can't even be nice to the elderly.
On the flipside, they could do worse than starting to read SF - plenty of material that deals with the theme.
Slashdot Mirror
I like the sarcasm and pseudo management speak, thanks :)
There's plenty of software out there that makes Flash look like a digital Fort Knox by comparison.
Windows? /me tiptoes away..
Nope. This is (yet again) about a US company trying to pretend that only US law applies as soon as they enter another country. Google is just the most visible example of that, and I support this decision.
If you want to sell services in a country and generate revenue, you damn well have to follow the local laws there or get fined. Simple.
What goes around comes around
LOL. Yup, that's usually the case with a clock :).
BTW, I hope people realise that the Swiss clock concept of hanging around for the minute sync pulse automatically implies that the seconds are not 100% accurate other than the "0" - it has to run a bit faster to create the waiting space for the minute or the whole idea falls apart..
Given the average accuracy of a GPS device it's going to be a sod to pinpoint the recipient.
Having said that, I'd go and look around dentists in the vicinity - if that bar really looks the same as a chocolate bar the unlucky finder may need the prize to pay for the dental damage :)
He said he had little money available, so I figured I gave him something that was easy vs. perfect. The key question is if the delta introduced by the odd hash collision is actually significant in the volume of data he is planning to process. If it isn't, I would not try to develop perfection - he can use his little funding better elsewhere..
In other words, in theory you're absolutely right, in practice I suspect there is little difference. But my favourite way of avoiding issues with personal data is simply not collecting them in the first place. Unless you are Google and get away with a pathetic fine, of course..
If at all possible, stay away from personally identifiable data. If your aim is to use identity as an index, work out a way in which you can translate an identity into an an index or hash value (i.e. one way). This is not going to be perfect (there will be about a million "John Smith"s out there), but if you have a consistent pair such as name and phone number, turn that into a hash and use it as data index.
That means you can still do correlations, but a leak will not result in exposure of personal data.
However, first of all, look at what you're holding on personal data and simply assume you got hacked and it's "out there" - plan for that crisis first because there is one question you need to answer:
If you cannot afford to pay for security advice, can you afford to pay for the inevitable consequences?
.. it should be with oil :)
The lesson being that low tech worked just fine.
Thank you. Normally I don't even respond anymore to people that miss the point completely but are happy to deride a post based on their own misunderstanding..
This is an EXTREMELY important aspect to planning space missions, certainly when they go a tad beyond our moon backwater: we have to ensure that the people traveling have learned how to make do with whatever they have.
At a minimum they must have loads of duct tape :) - and someone with pretty old-fashoned handy-man talents. And, apparently, loads of socks..
Only 1/6th gravity, no atmosphere - why not use mirrors? You can afford some inefficiency, such cheap materials would mean you don't need to worry too much about replacement costs due to meteorite hits.
It doesn't always have to cost gazillions - I refer you to the Russian use of pencils.. :)
Ah, misunderstanding. I obviously have too much blood in my caffeine :).
I don't predict it will be much longer before there will be no further drive to innovate
Not necessarily. AFAIK, all innovation has to do is to avoid the USA..
The problem isn't so much where there is *real* abuse, it's the ability for the bigger players to nuke a small innovator off the playing field by draining its pockets in court.
Wasn't it Mark Twain who said that courts are where justice is dispensed with?
What if the company goes bust, or refuses to fix a problem? What if the company screwed up and it can be hacked (not impossible)?
In addition, that is their data - you can't get more personal than heart data, I think..
If at all possible, see if you can afford an accountant who does the work for you, but still check your books regularly (never trust anyone 100% with your money, and that includes banks - if you can possibly avoid being dependent on your bank, please do).
As for the rest (POS, possible menu management etc), decide if you want to run an IT shop or a restaurant - either is a full job. Go for what works, not for something that matches someone's religion, because there are only 24 hours in the day. On that topic, don't be shy to take something on trial because everything works wonderful on a laptop and in a showroom, but when Real Life hits you will soon find if it's a dog or delight.
If you still want to go "Open", reserve that for year 2. Year 1 will be spent getting the business stable and building a reputation, client base and a way to keep an eye on staff (expect a few iterations there too). About the only Open Source tactic I would keep an eye on from day 1 is that you choose stuff you can swap out, so if something stores files and data in a way you don't have access to it, think very hard before using it.
Fine, maybe, but immobilise?
Such radio signals MUST be read-only. *Any* ability to influence a car from a distance is *extremely* bad news and should not even be considered. It's bad enough that it is already possible today with some vehicles..
I would not even like to *near* a vehicle that can be remotely shut down, let alone inside it.
I can see RFID work in such an application, as long as they are write-once. Otherwise I'd give it a week before everyone is Spartacus :).
RFIDs are actually more practical than ANR - less horsepower required to read, and no games with "accidentally" leaving mud on the plates (however, if they cannot be read very quickly there may be an issue). However, I can only see this work with vehicle attached RFID - license RFID should be separate or you'll have to leave the chip open to reprogramming, which is IMHO where the problems hide here (as above :).
I was actually waiting for something like this to happen - vehicle ID hasn't seen progress since VINs. However, as always I'd be worried about privacy implications - with ANR there is already enough discussion.
They do this already with ANR (Automatic Number plate Recognition)..
I agree with your emphasis, but I have this teeny weeny nagging question for you: how would Google know what is valid?
The reality is that Google is by no means the law or law enforcement, and we have seen enough screwups (Illegitimate automated DCMA takedown of NASA footage at Youtube, for example) to know that (a) themechanism doesn't work and it's (b) subject to abuse.
I can well understand that Google now thinks it's above the law after the frankly pathetic FTC fine (*), but the reality is that it only takes the gaming of one big player and Google will be on the hook for serious consequential damages. What I really read here is Google trying to get away with censorship and to me, that screams monopoly commission investigation in 3 .. 2 .. 1..
(*) It makes me laugh that the FTC is crowing about the fact that this is the largest ever fine handed out as if that is of any consequence. The fine amounts to a rounding error in Google's earnings, so it's more an encouragement..
An extra thought: that means the one and only business you could still trust Google not to mess with your rights (just trivial stuff like privacy and content ownership) is now in the process of being nuked as well. Time for alternatives?
The problem is that Google is not the law, has no formal role in law enforcement and cannot take any decisions on infringement other than when they have been confirmed.
This means that unless Google is linked to all court decisions in all countries it will be acting as judge and jury - and on top of that is taking a precog approach to the future.
Even if multiple offences have been registered, this could be due to the sheer size of the organisation and guess who would immediately get a hit downwards? Youtube.
Now, let me think, who owns that again. Hmmm...
I'm old enough to recall the introduction of CDs as data carriers, when you needed a soundblaster card to interface instead of jacking it simply into an IDE chain.
In addition, I never have treated CDs as as indestructible as they were originally labelled, I have an engineering background and care of the devices I work with is thus second nature. Yet, I have seen three CDs from those days turn into schrapnel (or heard, to be accurate :) ) - 3 separate occasions, 3 separate drives, 3 separate sets of circumstances with only one common factor: the age of the CDs.
And that they were child games - maybe the content was just too much for the material :)
One I discovered with very old games: max rotation speed.
If the game is *really* old, it may be on a CD that was designed to spin at maybe 8x speed. No prizes for guess what happens when that gets spun up to 48x, but it's very spectacular and the shrapnel most likely nukes the optics in the drive.
Hmm, that's a game in itself :).
Next up: recycling game CDs by using them as clay pigeons..
Junior, don't embarras me in front of my office colleagues or I'll put a comment on your Facebook thingy about what you did with fish fingers. Dad. :)
The problem was that the hacker engineered an INSIDER (helpdesk) to help. That gets past any password quality, lockouts - the works. I saw some people mention that this would not happen with Google because you can use two-factor. Well, duh, if you get an insider to open the backdoor it becomes pretty irrelevant how shiny and well armoured the front door looks like.
Q for APple: why not ping an iMessage to all devices associated with the Apple ID and ask for some inside info before giving access? It would also have given the account owner an early heads up that something was happening..
.. no, wait, umm .. :)
That'a s tall order. Even just adding a couple of years to our lifespan will play havoc with the whole pension and retirement planning idea, and there are whole tribes of people who can't even be nice to the elderly.
On the flipside, they could do worse than starting to read SF - plenty of material that deals with the theme.