Slashdot Mirror


User: raymorris

raymorris's activity in the archive.

Stories
0
Comments
10,114
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 10,114

  1. I missed sentence in my message body on Florida Court Says Suspected Voyeur Must Reveal His iPhone Passcode To Police (bbc.com) · · Score: 1

    My message subject mentioned it, but I forgot to state plainly in the message body:

    Under current interpretation of the fifth amendment there are two competing interests:
    Congress' power to investigate, or order to make good law.
    The 5th amendment.

    Those can be reconciled, SCOTUS has ruled, by granting immunity from criminal prosecution. The fifth says you can't be coerced to testify against yourself in criminal prosecution and that has been interpreted to also include instances where criminal prosecution is likely forthcoming. By barring criminal prosecution, the fifth amendment issue is reduced sufficiently that Congress may then compel testimony (with certain other restrictions that are off on a tangent from this discussion).

  2. Criminal immunity overcomes 5th, must testify on Florida Court Says Suspected Voyeur Must Reveal His iPhone Passcode To Police (bbc.com) · · Score: 1

    You may have noticed that when witnesses claim the fifth before Congress, there is sometimes discussion of granting them immunity from criminal prosecution. Under federal law 18 USC ÂÂ 6002 and 6005 Congress can grant that immunity.

    SCOTUS discussed the finer details of this greatly during the 1950s, with McCarthy etc. Some of the SCOTUS opinions are a hundred pages or so long.

  3. No, the reference was 8-1 losing opinion on Florida Court Says Suspected Voyeur Must Reveal His iPhone Passcode To Police (bbc.com) · · Score: 1

    > didn't the case law in the cited case clearly indicate that he didn't need to turn over the combination.

    No, the case mentioned was where the one justice who disagreed with the other 8 mentioned, as an aside, thinking about a combination lock. Eight of the nine justices disagreed.

  4. Proven beyond a reasonable doubt, two years on Florida Court Says Suspected Voyeur Must Reveal His iPhone Passcode To Police (bbc.com) · · Score: 2

    > So if the judge orders you to "dig up the body", you have to do it? And if you won't (perhaps you even claim that you don't know what he's talking about) then he can hold you in contempt and put you in jail forever?

    If proven beyond a reasonable doubt that the defendant hiding the body, the maximum sentence for criminal contempt is two years. The judge generally couldn't order you to dig because it's an "undue burden" given that the prosecution has the resources to do the digging.

    > Or can the judge order you to: "Find and show us any pictures of you committing said crime"?

    Yes, anyone in possession of material evidence must turn it over. You say "any pictures", for criminal contempt it must be proven beyond a reasonable doubt that you have the evidence.

    > I mean I'm no expert in American law, but if you have a rule with the purpose to prevent forced self incrimination (with the technicalities that you are not forced to testify against yourself

    That's not "technicalities", that's the exact wording of the Constitution:
    --
    No person shall be compelled in any criminal case to be a witness against himself
    --

    The purpose is to avoid the police forcing false confessions through beatings, etc. That happened too often before. There hasn't been a wideapread problem such problem of police beating suspects until they falsely hand over physical evidence ordered by the court.

    > which is in it self a pointless rule since you already have the right to remain silent both in speech and writing)

    Contrary to the summary in the Miranda warning, there is in fact no absolute right to remain silent in American law. The right enshrined in the fifth amendment is you shall not be compelled to:
    Be a witness
    against yourself
    in a criminal case

    That's three elements which all must be true for the protection to apply. You can be compelled to say things that aren't witnessing (speaking evidence) such as filling out your tax form, a selective service card, etc. You can be compelled to testify in a case against your boss or someone else. You can be called as a witness in a civil suit against you.

  5. It is tricky. What if a police body camera is encr on Florida Court Says Suspected Voyeur Must Reveal His iPhone Passcode To Police (bbc.com) · · Score: 1

    > It's a real minefield

    It is a tricky subject. It doesn't make it any easier when people conflate "what seems like a good idea right now" vs "what's written in the Constitution". Not at all bad ideas are unconstitutional. (If the Constitution prohibited all bad ideas, neither Trump nor Obama would be able to become president).

    > What if he revealed the passcode, then there was a hidden 2nd level of passcode with the REAL data? Or a 3rd level? The judge could hold you in jail because he thinks there is a 4th level when there isn't.

    What if the judge thinks he murdered his wife? It needs to be proven beyond a reasonable doubt.

    > willing to turn over everything he's got. He's just not willing to help them interpret what the 1s and 0s on it mean by decrypting it for them.

    Suppose a cop shot an unarmed person. The person survives, but is paralyzed for the rest of their life. The cop is wearing a body camera which took video of the whole thing. The apparent victim sues, and wants to use the video in court. The cop says "here's the body camera. The video is encrypted. I'm not going to tell you the passcode." Has the cop properly provided the evidence? Most people would say no. Most of us here would insist that the truth come out, that the cop must provide the decrypted video.

    What if George Zimmerman's security camera recorded him shooting Travon Martin, and Zimmerman encrypted the video evidence?

    We need a line of reasoning that makes sense regardless of whether we feel sympathetic to the person who has the passcode - that's the very first requirement of fairness.

    It's not an easy question to wrestle with.

  6. Both sides get to see the evidence on Florida Court Says Suspected Voyeur Must Reveal His iPhone Passcode To Police (bbc.com) · · Score: 2

    > Which means he would still need to assist the government in securing his own conviction. Don't think so.

    The fifth amendment says you don't have to give TESTIFY against yourself. It does not say you can refuse to do anything which might assist an investigation. Maybe you'd prefer it said that, but it doesn't.

    US law is that a person CAN be compelled to hand over evidence which may assist the prosecution or the defense. Both sides get to see the evidence. You may recall recently Mrs. Clinton was ordered to turn over her private email server. The Constitution says you can't be compelled to TESTIFY against yourself. It doesn't say you're allowed to hide evidence. A person can also be compelled to co-operate in other ways, they just don't have to testify (provide spoken evidence) against themselves. One example of co-operation that can be compelled is turning over the key to a box which contains evidence. The key is not testimony because a) it' not evidence, it's a way to access evidence, and also b) it's not spoken.

    That's well-settled law, regardless of your opinion on the subject or mine.

    In this case, the contents of the phone is material evidence. A person can be compelled to produce any evidence they are capable of surrendering, so at first blush existing law is that IF the court had ordered him to turn over the photographic content his phone, he would have to comply. However, it seems the court didn't order him to turn over the contents of his photos folder; instead the court ordered him to turn over the passcode. That leaves two questions which apply to determine if the pass code is testimony (spoken evidence):

    A) Is it evidence?
              If the police found a phone and wanted to prove it was his, him knowing the passcode would be evidence that it's his phone. That doesn't apply here, he admits it's his phone. The pictures are the evidence is stored behind the passcode. The passcode is needed to *see* the evidence, but the passcode itself is not evidence, many would argue. Indeed the prosecutor isn't going to show the passcode to the jury, saying "this passcode proves he's guilty", so it's probably not evidence.

    B) Is it *spoken* evidence (testimony)?
    It's not evidence at all, so no it's not spoken evidence.
    Not spoken evidence = not testimony = not a 5th amendment violation.

  7. Re:You're lumping MANY things together, don't seem on Fossil Fuel Divestment Has Doubled In the Last 15 Months (vice.com) · · Score: 1

    I see you have, for some reason unknown, made up your mind that you're going to take a *highly* unusual position regarding treatment of drug addiction, a position no professional has ever taken, probably. That's fine. For anyone else reading this, methadone is generally used analogous to a an iron lung - to keep the patient alive long enough that other treatments can be attempted to fix the problem. Methadone doesn't fix anything. Essentially all other medications used with addicts are even shorter term symptom medication, used to control blood pressure etc during the physical withdrawal for 2-3 days. After three days, you have a drug addict with vital signs stable.

    > Really, at the end of the day, if you're going to throw stones at liberals for using "feelings"

    If you think that caring and feelings are bad, that pointing out decisions involve caring is "throwing stones", you're missing much of life. The most important parts, in fact. Neither thinking/logic nor caring/feelings are better or worse than the other. Wise people select their objectives based on caring and their methods based on reasoning.

    Fools select their methods without without sound reasoning, sociopaths choose their objectives without caring for others.

  8. You're lumping MANY things together, don't seem on Fossil Fuel Divestment Has Doubled In the Last 15 Months (vice.com) · · Score: 1

    > > Better, in my experience, is to put some of that money in a drug court program,

    > The studies that exist show that on the whole, rehab, Narc Anon, Al Anon, interventions, and the like have extremely low success rates

    You're confusing many very different things. If you decided that once a meth-head, always a meth-head, that's fine, think what you want.

    If you have any interest in actually finding out what works, I can start you with a few pointers, based on not only reading the studies, but working directly with hundreds of alcoholics and drug addicts, many of whom have now been sober for years. First, understand that drug court is not "Narc Anon, Al Anon, interventions, and the like". Actually Narcanon and Al-Anon have nothing whatsoever to do with the addict getting sober, so you may as well have said "McDonald's and Chevron". Al-Anon and Narcanon are for family members figuring out how to live their own lives while their spouse or whoever is an active alcoholic / drug addict.

    When it comes to the alcoholic or addict sobering up, some experienced counselors in rehab programs will tell you "my job is to help you get ready and decide to do AA". That's necessary because because Alcoholics Anonymous is bunch of things an alcoholic can DO, hard things, not somewhere to GO and "get cured". Studies show, and common sense confirms, that forcing offenders to visit a group of AAs doesn't get them to become sober any more than forcing them to visit a medical school a couple times turns the offenders into doctors.

    On the other hand, you can imagine that having any group of people visit a medical school a few times would slightly increase the chance that a few of them would become interested and end up becoming doctors. Such it is with AA. Forcing offenders to at least find out what AA is, so they have a chance to decide whether to do it, decreases recidivism around 5%-10% during probation, though more during post-confinement parole, when many offenders are a) more motivated to avoid returning to prison and b) detoxed and somewhat accustomed to disciplined living.

    So yeah, forcing people to visit an AA group doesn't work most of the time, though saving even a few lives might be worth it. On the other hand, people who CHOOSE to go to medical school and do the hard work are successful 85% of the time. AA is similar.

    I was going to give you a run down of basic facts about each of several programs, but I've typed too much already and it's time for me to go. I'll just say the idea drug court is they combine many things that each work maybe 10% of the time. Recidivism rates are significantly lower than 62% rate of similar offenses handled through traditional criminal courts. It's not 0%, closer to 35%-45%, but it's a lot better than 62%, and it doesn't cost much (it pays for itself in reduced costs).

  9. A very general trend, both pander. Utah is red on Fossil Fuel Divestment Has Doubled In the Last 15 Months (vice.com) · · Score: 1

    > Look at drug tests for welfare recipients - they cost far more than they save,

    I think many conservatives realize that's a gimmick, pandering to a certain group of voters. That's pandering, which both sides do. I don't think it's a good example of conservative policy in general, it's not something Speaker Ryan would propose. As you said:

    > No party has a monopoly on stupidity, although some groups capitalize on it to greater effect.

    > giving homeless people apartments has been a huge success in Utah, ... $10k/yr for a basic apartment than $15k-$20k/yr for emergency room visits, police calls, jail time, etc.

    Utah is a VERY conservative state - Republican presidential candidates get twice as many votes as Democrats in Utah. Not knowing the details of the Utah program, I can still be fairly certain it's informed by conservative principles.

    While at first glance that math makes sense, and at least according to you the Utah program has worked well, there's another factor to watch out for. This math says you'd break even:
    Handing a person who doesn't work another $20,000 on top of the $10,000 we already give them might save up to $20,000 in "emergency room visits, police calls, jail time, etc." HOWEVER, we're not talking about A PERSON. Handing a total of $30,000 to anyone who decides they want to stop working, and anyone non-working person who moves to Utah, will undoubtedly encourage more people to stop working. You'd be paying them $30,000 to stop working; and you'd be paying meth heads $30,000 to come to Utah. That could get real expensive, and real bad, real fast. So you have to be careful. Paying pot heads and crack-whore pimps $30K / year to come to your city could have some negative consequences. Better, in my experience, is to put some of that money in a drug court program, where people who get busted by police are strongly encouraged to participate in a program that can lead to drastically improving their lives in a permanent way.

  10. They're caring and feeling, more than *thinking* on Fossil Fuel Divestment Has Doubled In the Last 15 Months (vice.com) · · Score: 2, Insightful

    You're confused about what they're thinking. They're *caring*, not thinking. What mostly matters, to them, is what they're *feeling*. It doesn't matter much whether it works or not, it's mostly about the emotions, the math is beside the point.

    That may come across as critical; it's not meant to be. Liberals criticize conservatives saying conservatives don't care. The liberal parody of a conservative is an accountant type, working the numbers quite dispassionately. There is a grain of truth to that. We do the arithmetic of the stock transactions, they *care*.

  11. Can't release it right now, company sells for $25 on New Ransomware Offers The Decryption Keys If You Infect Your Friends (bleepingcomputer.com) · · Score: 1

    Right now I can't release the documentation because the company I used to work for sells it, with off-site backups to their cloud. If you remind me a month from now, I may be able to release something.

  12. Agreed on the purpose. Hopeful for a side-effect on Does The 'Snoopers Charter' Also Enshrine Lying In Court? (theregister.co.uk) · · Score: 1

    > The point of this clause isn't to protect the public from misuse of the intercepted communications, it's to keep the interception program itself out of the public eye.

    Agreed, absolutely. And one way to keep it out of the public eye is to not have it involved in public trials, aka criminal cases. If they can't legally reveal the source of the information amd they can't *legally* lie about the source, than they can't really use the information for criminal prosecution without breaking the law. Hopefully they follow the law most of the time, meaning that they don't use it for domestic criminal investigations.

  13. More objectively, a promoter, and deal maker on Why Did Japan Just Ratify The TPP? (businesstimes.com.sg) · · Score: 1

    > Trump just says stuff, he hasn't read the Constitution much less the TPP, he said what people wanted to hear.

    Absolutely.

    > Read any of his books and he freely admits to being a con man.
    > I mean, dealmaker.

    Many years ago, before he was involved in politics at all, I read some of his books. He's a) a promoter, someone who gets press coverage, and b) a deal-maker. He's not a Constitutional scholar, though it seems even a professor of Constitutional law turned president is happy to disregard the Constitution.

    In one deal, the owners of the Empire State building gave him 50% ownership. His cost to buy in? $0. If he was made half-owner, he'd find ways to make it more profitable; that was his "investment". That's a pretty darn good deal. He did turn it profitable too. In another deal, he got the other party to agree to pay the full cost of building a hotel and casino, they agreed to operate it, and he got half the money. He's obnoxious (because that gets publicity), and he's damn good at negotiating some incredible deals.

    On TPP, he's shown that the US is ready to walk away, that we don't feel we *need* this deal. Other countries who want the deal are now in the position of thinking about what, if anything, they can offer to sweeten the deal for the US. For Obama, having TPP fall through would be (was) a failure, once he committed to the deal politically it was hard to walk away, so his negotiating position wasn't as strong for the last few years.

  14. Robin Williams made a ton of money on If You Get Rich, You Won't Quit Working For Long (bbc.com) · · Score: 1

    Robin Williams was paid $20 million for Bicentennial Man, $5 million for Night at the Museum, $3.5 million for the Crazy Ones. Money does not make people happy. Lack of money, or more specifically spending more than you make, can certainly cause stress, but most everyone on Slashdot is already in the top 2% richest people in the world. Being even richer than rich in no way guarantees any level of happiness.

    I notice pretty much everything you say starts with "Bull shit!". You don't *sound* like a joyful person. Maybe you haven't yet found what really makes you happy long term.

  15. I hope that changes, per CID 53469967 on If You Get Rich, You Won't Quit Working For Long (bbc.com) · · Score: 1

    I hope you end up doing some work you really enjoy, something that "gets your juices flowing". Like this person said:

    https://news.slashdot.org/comm...

  16. Trump is unusual. Also "it's the economy, stupid" on Why Did Japan Just Ratify The TPP? (businesstimes.com.sg) · · Score: 1

    That's a good point, sitting presidents are most often re-elected. Also, presidents are normally politicians - they have years of experience in other political offices before becoming president. Presidents normally have strong support from their party leadership. Presidents are normally diplomatic, they don't say grossly inflammatory things on a weekly basis. Trump is not typical. I'd be very wary of predicting anything about Trump based on previous presidents.

    On the other hand, presidents are so arrogant that they think a) they should be president and b) most people will agree that they should be president. Most presidents also value loyalty very, very highly. Trump's personality is quite typical of a president.

  17. And people who back up to a network share, or rota on New Ransomware Offers The Decryption Keys If You Infect Your Friends (bleepingcomputer.com) · · Score: 1

    There are a lot of people who backup to a network share, and others who keep only one copy of backups. Most ransomware will encrypt network shares as well. People who have only one copy are hoping nothing goes wrong at night; in the morning they'll have two copies pg garbage.

    I created a backup / warm spare system based on read-only rsync pull to a remote server that keeps several de-duplicated copies, and makes each backup bootable as a VM. I called it Clonebox.

  18. That would be "the US and Japan" on Why Did Japan Just Ratify The TPP? (businesstimes.com.sg) · · Score: 1

    As I said, "as currently written, the US and Japan have to be among the six." A new agreement *could* consist of one sentence: "strike the 85% requirement".

  19. 12 countries since 2008, not only USA today on Why Did Japan Just Ratify The TPP? (businesstimes.com.sg) · · Score: 2, Interesting

    Twelve countries are party to TPP. It only has to be ratified by six in order to become binding (on those six). As currently written, the US and Japan have to be among the six, but certainly the other 11, or some of them, could decide to put it into effect among themselves. TPP can exist without the US, if Japan is included. Heck, the US isn't party to a precursor of TPP, the Transpacific Economic Partnership Agreement.

    Also, Trump could have a heart attack tomorrow - he may never become president. After all these years of negotiations, there's no reason for Japan to just drop it, based only on something someone said during a campaign; people say all kinds of things during campaigns. The US could even ratify TPP in 2020, after Trump leaves office. (At least I don't know if any time limit offhand.)

  20. Speaking of most people who lived through WWII on Twitter Reinstates White Nationalist Leader's Account (buzzfeed.com) · · Score: 1, Insightful

    > Racist bigots never magically disappear. Unfortunately, almost all of the people who fought in WWII are gone now, or they'd tell you

    They'd tell you "n*ggers sit in the back of the bus." Most people from WWII would have told you that black people people shouldn't be allowed in restaurants where white people eat. The majority were "racist bigots". That didn't change by whooping their ass, as fun as that might have been.

  21. > You a pentester or writing a pentesting kit??

    I write vulnerability assessment tools. It's a broader more than pentesting proper because we also find weaknesses that aren't strictly part of pentesting.

    > You actually finding new gaps or just learning how to exploit known issues?

    Mostly we're assessing issues that are known to some degree, sometimes we find undocumented weaknesses, sometimes we assess the impact of newly discovered vulnerabilities, and how potential mitigating or aggravating factors affect the risk. Often the "new" stuff is yet another case of a well-known type, such as SQLi.

    > Btw, I think 100x is a bit hyperbolic? :)

    You can spend $3,000 on Cisco ASA, then to have the same functionality as OpenWRT you'd add the strong ciphers upgrade and the upgrade for more VPN seats, and pay annually for upgrades. Altogether, you certainly CAN spend $5,000 on Cisco firewall, and you can deploy OpenWRT for $50. So 100X the price is certainly possible, though that is at the high end. You can also get a small Cisco ASA for $450. (You can get an outdated, unsupported, and vulnerable ASA 5505 for $200 used with power adapter, but that's dumb.)

  22. Ps: I don't use OpenWRT for enterprise, b/c CYA on Vulnerability Prompts Warning: Stop Using Netgear WiFi Routers (securityledger.com) · · Score: 1

    BTW my postb might have been unclear. I mentioned I've been doing this professionally for a long time, and that I use OpenWRT. What I didn't make clear is that I don't deploy OpenWRT professionally.* Putting aside what might be technically best for a particular role, we're all heard the saying "nobody ever got fired for buying IBM", nobody ever got fired for buying Cisco.

    * One time I needed a VPN end point to serve ONE user, for a company with total annual revenuev around $100K. OpenWrt met the requirements.

  23. How do you think frames get to your VM on Vulnerability Prompts Warning: Stop Using Netgear WiFi Routers (securityledger.com) · · Score: 1

    >> If you run your firewall / router in a VM, that means there's a physical box hosting it which is physically plugged directly into the internet

    > What are you taking about? I run this exact setup and my host isn't "unprotected by the firewall."

    How exactly do you think ethernet frames GET to your VM, at layer 1 and layer 2?

    As I said, it's not impossible to do it reasonably safely, but I much prefer to have nothing but the firewall *physically* plugged into the internet. In theory, software should route all the frames to your VM, via the internal virtual switch, if and when everything is working as designed. Do you trust that a switch will never ever forward a frame to the wrong port? If so, you've never heard of a CAM overflow attack, or gratuitous ARP. I can tell you with certainty that I can cause the switch to broadcast those frames rather than sending them only to your pfsense VM.

  24. The reason I have Cisco and Juniper firewalls on Vulnerability Prompts Warning: Stop Using Netgear WiFi Routers (securityledger.com) · · Score: 4, Interesting

    I have a stack of Cisco and Juniper firewalls and routers, ASAs and ISRs. The reason I have them hooked up right now is I'm writing scripts to detect and exploit (at POC level) various vulnerabilities in them.

    Some of the vulnerabilities have fixes available, some don't. There are reasons to spend a hundred times as much on a Cisco, but security isn't a very strong reason, compared to OpenWRT. I actually trust OpenWRT more than I trust my Cisco ASA, based on my twenty years of experience.

  25. Here's the text of the law, which subsection is th on Does The 'Snoopers Charter' Also Enshrine Lying In Court? (theregister.co.uk) · · Score: 2

    > They are not allowed to lie about the content, but they ARE allowed to lie about the source

    Here's the actual text of the law. Where exactly do you see that? I see that by the plain words of the law they "may not disclose ... any content of an intercepted communication", I don't see any authorization to disclose the content and lie about the source.

    (1) No evidence may be adduced, question asked, assertion or disclosure made or other thing done in, for the purposes of or in connection with any legal proceedings or Inquiries Act proceedings which (in any manner)â"

    (a) discloses, in circumstances from which its origin in interception-related conduct may be inferredâ"

    (i) any content of an intercepted communication, or

    (ii) any secondary data obtained from a communication, or

    (b) tends to suggest that any interception-related conduct has or may have occurred or may be going to occur.