The big problem with any form of widely-available and widely-supported identity verification scheme is that government tends to think that they need to run centrally and be centrally controlled - which in turn makes a big target for criminals [and potentially institutional abuse].
As an alternative, I would offer the model adopted by GNU Privacy Guard, which is entirely federated, but, best of all, under the control of the individual concerned.
For those not familiar with GPG, here is [in my own words] a brief explanation of the way in which it could be adopted for a national or even international identity scheme:-
Like all public-key based solutions, this approach begins with key pair generation. The private key, being electronic in nature, would need to be placed on some form of storage medium.
The public key, also in digital form, could then be offered to well-known and well-respected organisations so that they might add their digital signature. For example, imagine key-pair generation at my birth. The hospital where I was born [or the location of the mid-wife for home births] could be invited to sign my key.
The schools and colleges I attend could sign my key.
Each employer I work for - after background checks and verification, of course - could sign my key.
Any financial institution with whom I open an account or borrow money could sign my key.
Obviously there would have to be guidelines to ensure that unscrupulous institutions did not start to charge ridiculous fees. However, this private key would, over a period of time, gradually evolve a level of authenticity that would be easy for me to prove, extremely difficult for anyone else to fake and, best of all, convey very little of value to a criminal, because without my private key, they could do nothing of value with the "public" part.
Obviously the alternative would be to have the equivalent of a centralised "Certificate Authority" [the Government, aka Big Brother] demand to sign all public keys and demand to be used, OCSP-style, to validate each time an individual attempted to assert their identity using the system. Not only do I not like that approach on privacy/freedom grounds, I don't think it would be sufficiently robust, nor do I think it would scale effectively.
By contrast, the advantage of using the GPG scheme would be that it would be *my* choice in terms of who I asked to sign my key to prove my identity.
One last thing... Imagine a scenario where I approach you and attempt to assert my identity and we discover that we have no mutually trusted key associates, which means that even though I have a signed key, you are not able to recognise it. In this case, a mature system would then attempt to "cross the bridge", perhaps GPS style - i.e. it would programmatically look at all my signatures, and all your recognised authorities, but then, using an OCSP-stype query system, it would be able to suggest to both of us which mutually-acceptable third parties I could use to then get my key signed until you would be willing to accept it.
Perhaps there are also aspects of the blockchain that we could use to support that "networking" step, i.e. have a signed blockchain that records accepted connections between trusted entities, which could then be queried to identify new connection routes.
One of the lovely things about GPG would also be the way that we can express degrees of confidence, and/or set conditions on what type of signature we would be willing, as individuals, to accept. For example, some people might be willing to accept a key from any employer of an Incorporated company; others might insist on a key from an institution with a banking license, or a recognised university or so on.
Although I like the flexibility of this approach, the one thing I think it has to commend it above all others is that it places control in the hands of the individual.
If Vallerius is guilty of the charges being made against him, then I have absolutely no problem with due legal process being used to hand down the appropriate due punishment.
However, reading the OP, a question regarding jurisdiction springs to mind. The extract quotes a DEA agent, who says (of Vallerius), "His profile listed 60 prior sales and five-star reviews from buyers. In addition, his profile stated that he ships from France to anywhere in Europe."
I ask this question because I am trying to understand how the Unites States Government believes that it has standing to prosecute in this case? The only logical answer to that question that I can see would be if the transactions conducted on the darknet actually took place on US soil - but even that seems to me to be somewhat of a vague area of international law.
Perhaps another reader can clarify this point for me: if we have three directly involved parties [a buyer, a seller and the platform-running middle-man] in a transaction, plus perhaps the network connections between them, then how would an international court of law decide the location and/or terms under which a case could be brought? Is it the law of the land for the buyer, the seller or the middleman? Does the fact that any identifiable part of an illegal transaction takes place within a nation's jurisdiction give that nation the right to prosecute a case?
I will re-iterate what I said at the beginning of this post: I have no sympathy for anyone involved in selling drugs. But in order for society at large to respect the law, we need to trust the law. We need to see that the law is applied transparently, consistently and fairly. We need to understand both the powers and the limits of the law. Without these things, then as individuals within that society, we are at risk from all sorts of different types of corruption and injustice.
Very interested to know if anyone can clarify this...
I can't disagree with what you write - you nail it, basically.
But, you describe a situation that is fundamentally wrong - and wrong in a way that not only allows or encourages sloppy practices, but which acts as a re-enforcing loop to make things steadily worse.
Let's take two examples from your selection - bank robbery and gun crime - and look deeper.
Despite the fact that today we probably see 98% of financial transactions conducted electronically, there are still occasional robberies of banks - for example the Hatton Garden raid in which an estimated £60 Million in valuables were taken. I would concede that the robbers went to extraordinary lengths to achieve their objectives, but:
1. If you look at the photographs of the entry point, you can see that the robbers cut through "20 inches" of pure concrete that had no steel re-enforcement in it. This looks to be a sub-standard design.
2. There were clearly inadequate motion-sensor alarms in the safety-deposit box vault itself.
3. Although an alarm was in fact triggered on the Good Friday, the Police simply failed to turn up.
I am sure there are other examples we could use, both with respect to the preventative measures that the Hatton Garden Safety Deposit company *could* (should) have taken, or in the lack of action of the Police who failed to response.
In short, it is entirely probable [likely] that this crime could have been completely prevented, if only a few simple protective measures had been taken.
The same is largely true of gun crime - murders, wounding, armed robbery and so on. Yes, at this point we have to concede that today there are a large number of illegal firearms in circulation in the UK, but we allow that situation to persist... It is still possible to own and register a variety of different firearms: but why? The answer to that is that a certain sector of society [and one which wields un-due influence in legislative circles] want to retain ownership of their "sport" weapons so that they can go and kill defenceless birds. Because of this small minority, laws have to be written that allow gun ownership.
If we compare the UK situation on firearms with, say Japan, the differences in the use of firearms with crime could not be more clear. Japan has incredibly tight restrictions on gun ownership. It is not banned outright, but the controls are much, much more stringent. As a consequence, Japan has a tiny fraction of the gun-related crime that the UK sees. Oh, and Japanese land-owners don't shoot defenceless birds for "sport"... Maybe that has something to do with it, too...
In this example, preventative controls can stop the unwanted criminal acts from taking place, before it is necessary to have police spies, drones, surveillance and all the other methods you rightly mention. And we haven't even got to the observation that a gun is only useful with ammunition, so control of ammunition would be a handy way to control guns...
In simplistic terms, we can think about three different ways of controlling the use of guns [for example]. We can have preventative, detective or corrective measures. Criminal charges, giving police forces extraordinary powers such as drones, helicopters, vans, government malware an the like are *all* corrective controls, because they are effective after-the-fact. Detective controls, such as microphones able to detect gunshots [that can be broadly mis-used] are of scant re-assurance to the person who may have just been shot as the result of a detected firearm discharge... Preventative controls, however, are less popular and harder to implement:-
1. Outright ban on firearms in private ownership/custody. Period.
2. Outright ban on the manufacture, import, sale or use of ammunition [including raw materials such as the propellant, casings, assembly machinery, presses, etc]
3. Immediate life term for any person found to be guilty of possession of a firearm [deterrent].
Sorry if this veers just a tad off your extremely valid observations, but today - more often than not - the output of all of the remarkable research done by a vast collective of largely under-appreciated and incredibly hard-working people - is then "acquired" by some publishing "agency" that has struck a deal with a university or college and... presto! Work which was often funded by the public purse is suddenly pay-walled and access is denied to all but subscribing academic centres or the extremely wealthy.
I don't think these two things are directly related, but I do think that the overt politicisation of education is analogous to planting fields with land mines instead of crops.
I'll [deliberately] side-step any question regarding the legitimacy of this as a piece of legislation, but would like to ask a question about implementing it.
The question is, how can someone who has no intent to break the law be expected to know or have reasonable confidence that they *abide* by the law. If I see a link on a page that reads, "how to make your own garden pond" and the link instead takes me to a page about home made explosives, am I guilty?
If I work in the defence industry to design and build armour for military vehicles - and I research different types of explosives and their capabilities on line, have I broken the law?
If I *don't* work in the defence industry, but read the same material as the previous comment, does that put me across the line?
In one sense I can see and am willing to try to understand the predicament of legislators when it comes to this type of challenge. But the problems with censorship of this type - and this is censorship, no doubt about it - are:-
1. How can we possibly have a set of unambiguous, clear-cut guidelines that tell a citizen so they understand what is acceptable and what is not? If I exceed 70mph on a motorway in the UK, I am breaking the law. But if the law said, "must not exceed a reasonable speed given conditions at the time", then the law becomes subjective and impossible to enforce. The same is true here. This question becomes infinitely more complex if you consider cases of reading about divisive figures from history. Was Mahatma Ghandi a terrorist for encouraging passive civil disobedience? How about Che Guevara? Could reading about the Cuban Revolution mark me as a terrorist?
2. Who gets to decide where we draw the line? Put this another way - what about scope creep? Is today's political ideologist tomorrow's terrorist?
Whatever the relative merits of this as an idea, any, *any* implementation is so fraught with dangers for a society as to be worthy of deep and thoughtful scrutiny. This is the top of a very, very slippery slope.
Over the years I've read various discussions concerning the problems caused by use of mobile phones in certain areas - for example within a cinema or theatre. Suggestions for remedies have included, for example, extending the cell phone standard to allow a "local suppressor signal", which could be generated by a licensed and restricted-access transmitter, and which would then need to be respected by handset OS providers.
I think the complexity of implementation prohibited further development...
However, there is a much simpler approach that could be of specific relevance to prisons, since these are, by their very nature, often "stand-alone" structures, kept well away from other buildings. The solution would involve placing multiple local cell towers at the periphery of the prison grounds, and have them provide a strong, healthy signal in the area. This would force all local handsets to handshake with one of these local towers.
Except these would be special towers, with the ability for the prison officers to use triangulation to determine the location of the handset. If there was a suggestion that a handset requesting access to the tower was physically within the area of the prison, then the handset could be blocked from accessing the cell network. Since the local towers would know the ID of the handset, it could simultaneously be sent a simple SMS message explaining why access had been blocked [as a courtesy to innocent passers-by, so they would know it wasn't a general reception problem]. This technique could easily be modified to permit guards to use their handsets in appropriate areas [such as a canteen]. Obviously, for security reasons, you would not want to permit guards to walk around inside a prison with a cell-phone [because a bribed guard could easily give an inmate access].
When enough towers are available, triangulation of handsets is both reliable and accurate, so not only could it be used to block use of handsets by inmates, it could in theory be used to determine the physical location of handsets to an area of the prison of no more than a few cells. If that could then be coupled with local hand-held scanners, locating and confiscating illegal handsets might become quite a lot easier.
Several years ago, the Murdoch-owned Mirror Group newspapers in the UK became embroiled in a really nasty [sinister] story when it became known that a whole host of celebrities were being subjected to phone hacking, with their SMS messages and voicemails being intercepted. When the full implications became apparent - and it was clear that the scale of the illegal acts had the potential to put senior management in a *very* difficult position, former British Prime Minister Tony Blair started to offer advice to the then Mirror Editor Rebekah Brookes.
In emails which subsequently came to light in discovery during an investigation and trial, Blair advised Brookes and Murdoch to "hold an internal enquiry". There is an interesting explanation of that here:-
The key point about Blair's advice is that he advocates a "Hutton-style" inquiry. This was a judicial inquiry, run by Lord Hutton, into the death of MoD scientist Dr David Kelly. The inference in Blair's advice to Brookes is to set up an *internal* inquiry, staffed by people who might look independent but would be loyal to her, then direct them to go and find the answer that Brookes wanted them to find. In other words, do something which looks official to outsiders, but which in reality can be a complete sham.
I am reminded of that episode in this context, because this is starting to look for all the world as though Equifax management are hoping that any further accusations of wrong-doing can be stopped at the feet of those who have already left the company. Right now, the worst possible outcome for them would be a wide-ranging SEC or Federal investigation that looked at their own internal controls relating to such things as the sale of shares.
Disclosure - I've worked for a major US financial institution who, through caution regarding this specific issue, regularly implements "share blackout" windows to literally *prevent* staff from trading shares in the run-up to the reporting of quarterly figures. In other words, I've seen some of the lengths that some companies are willing to go to in order to demonstrate that they are "squeaky clean" with nothing to hide. This latest from Equifax looks for all the world as though the Board are now worried that the SEC might sanction more of them, even further, if it can be shown that their internal financial and governance controls are wanting.
The idea would be to implement this bogus review and find issues which could then be "fixed".
There are several advantages to this for Equifax:-
1. It is an attempt to persuade the SEC that their own internal controls do not require additional sanction for other directors/employees - i.e. a last-ditch attempt at damage limitation...
2. If they find issues and implement changes to address them, the changes will be of their choosing and not imposed on them by an outside third party.
3. It is an attempt at a public message to major shareholders that the company still takes their fiduciary duty seriously. As if anyone would believe them at this juncture.
Of course, the thing to bear in mind here is that this is complete and utter tosh. If the company wanted to "do the right thing", they would either wait for the SEC to finish, or the board of directors would appoint a firm of outside auditors, given them wide ranging authority to go where the evidence took them, and arrange for discussions on the findings to be held with major shareholders in the room. That last would be important given the implications that any wrong-doing might include directors themselves...
The fact that Equifax *aren't* going to the trouble of implementing an externally-led inquiry really tells you everything you need to know about the validity of what they are doing...
Lots of interesting observations here - thank you...
However, just to take issue with one specific point you make. When you write, "Unless you agree to let them. That little checkbox that says "save my credit card info for future purchases"? That's not just for your convenience. That's what grants the merchant permission to store you credit card info in their database.", you are rather making my point for me.
Even if I *do* agree to let the vendor keep a copy of my card details on file to streamline subsequent purchases , I absolutely do not agree to let them use my purchase history for other purposes. Even more seriously - if the vendor attempted to claim that my agreement with the question you quote as giving them the right to re-use my data, then they would be explicitly breaking the law. That is because, by making an explicit statement of use [for one specific purpose - future purchases] they are explicitly excluding themselves from having my permission ***for any other purpose*** .
In other words, the only reason that vendors "get away with this" at the moment is simply the cost to private individuals for taking one to court to have their practice over-turned, because, even if successful, it would only cover that one vendor. It would be virtually impossible for that one case to set a legal precedent that could be enforced. Well, short of taking the issue to the European Court of Human Rights, perhaps.
But the escape route [for the vendor] that you suggest is absolutely not viable in the context here.
I appreciate that the comments I make here might be more relevant to EU readers than US ones, but I think the principles should be universal.
When I trade with any company, those transactions are confidential between myself and that company. If I *choose* to perform that transaction with a debit or credit card in order to make the transaction easier or more convenient, that is my choice.
However, the Data Protection Act and associated EU data protection laws basically prohibit the use of information, which may have been collected for one purpose [i.e. to transact a sale] from being used for another purpose [i.e. to provide credit reference information] without the expressed, written consent of the data subject. The reason that Equifax and Experian and all the other credit-reference agencies "get away" with what they do is simply that the terms and conditions - which we are essentially forced to accept if we want a credit/debit card, mortgage, loan or other financial service - are written to allow the creditor to do exactly that. The creditor writes the terms and conditions that way ostensibly to have the ability to cross-check our credit history and so protect themselves from bad debt and from financial crime. Except, as we know, this is now being completely abused.
Governments turn a blind eye to this practice because their elected officials are on the receiving end of so much lobbying money from the companies that do this, it is easy for the industry to "buy off" potentially opposing votes from all parties until the industry can propose a change to laws and buy the result that they want. Unfortunately, this creates a situation in which the government is acting against the best interests of the majority of people that elected them.
I have no problem with a law being passed that legally requires me to declare all pertinent parts of my credit history if I want a loan or a credit card or a bank account. I have no problem with a law that allows for certain forms of credit history - for example, people being declared bankrupt, or having court judgements against them - being "on the record" and visible to lenders.
Where I *do* have a problem is in the use, sale and profit from my personal information, in a manner that is not compatible with the purpose for which I originally agreed to disclose that information, without my knowledge and/or consent.
That is plainly an unacceptable level of scope creep.
Rather than simply push to see Equifax ditch a few of their senior officers, we need to be pushing to have the entire credit-checking, data-sharing-for-profit industry declared illegal and to have these parasitic outfits shut down permanently. All they do is increase the amount of junk mail that comes through my door offering me new credit cards.
I am no fan of banks or lenders, but in this specific case I have to say you are wrong. Completely wrong.
The reason that banks demand so much information from you if you want to open and account, or borrow money, or have a credit or debit card, is because the governments recognise that opening false accounts using fake identities is one of the best methods of laundering money from criminal schemes. So, for example, the United States Government demands that anyone operating in the US must comply with OFAC Screening requirements, [ OFAC = Office of Foreign Assets Control] because it was discovered that vast amounts of stolen or otherwise illegal money was washing through the US banking system...
Any bank or lender in the US that *fails* to demand really good proof of identity could be prosecuted by the Federal Government and suffer sanctions up to and including the loss of their banking license.
You also state that "The only solution is to render this information useless. We need to get precedence set. Banks can not claim "XYZ defaulted on a loan" without actual proof that it was really XYZ not someone claiming to be XYZ. Else they are liable for libel and they should be penalized heavily."
The problem with this statement is that what you are implicitly asking for is a hypothetical situation in which banks have some "other" means of "knowing" you. Fifty years ago, loans were offered to companies and individuals because they were literally known by the manager of the lending branch of the bank. Personal banking relationships were important because that was the way the world did business. Today, with on-line applications and risk-score-based loan decisions, the world has abandoned those principles. Instead, then, the bank needs to have a way of validating your identity, so that it can know with certainty who you are. [ And, incidentally, one reason this is crucial is it stops an individual from borrowing more than they can afford to repay by creating false identities - a risk that could put a lot of banks out of business].
Yet by demanding that banks find a way of validating the identity of creditors "without" recourse to personally identifiable information of this kind, you are actually implicitly opening a door to ever-more intrusive spying and monitoring of individuals by faceless corporations. And/or you are opening the door to the introduction of mandatory ID cards.
I dislike the idea of identity theft being used to defraud banks of money, because all the legitimate clients - like me - end up paying in the long run. But if your only solution is that I have to give up personal privacy and other personal freedoms [such as the right to anonymity] in return for cheaper banking, then I will pay a little more. At the end of the day we are all going to have a different preference on a question like this, but you have to think of the big picture and understand the full context of a situation before making decisions on this sort of thing...
and in many countries they could have identified your Mother's maiden name if they knew your date of birth, because the Register of Births, Marriages and Deaths is now typically on line...
For those people not actually serving on the board [or boards] of a top multinational company, the environment experienced [enjoyed?] by those at the top will be utterly alien. Like high political office, the principle motivators are going to be power and money - and as much of both as possible.
When the news of the breach became public, the Board of Directors likely knew that there would be scalps. It is not clear if the trading of shares by some of their number [between the breach being discovered and being made public] was common knowledge or not.
However, we should not be surprised to see the Chief Executive ask the CIO and CSO to step down. The aim of anyone operating at a CxO or board level is to minimise disruption. The more executives that get fired, the worse the message being sent to shareholders and clients - something which will directly impact the CEO in their pocket, because, of course, they are major shareholders thanks to their "packages"...
So although it looks to us, from the outside, as though the CEO threw two of his former colleagues "under the bus" [and I am sure there are cases where office politics makes that the expedient thing to do] there is an equal chance that they were simply trying to protect themselves. When the decision to fire these two former colleagues was made, the CEO was obviously hoping that they could weather the storm and continue to collect their fat pay check for a bit longer. In fact - given the nature of megalomania that seems to infect board rooms these days, they were no doubt planning how to use this to their advantage by demanding "stretch objectives" tied to their next bonus that included strengthening their IT and Security disciplines - which they would then claim to have achieved by simply hiring someone else...
Lastly, the final possible reason for the CEO asking for these resignations / firing these former colleagues, is to try and head off any form of criminal sanction. If we remember back to the accounting scandals at Enron, the scale of the malpractice there was sufficient for the Sarbanes-Oxley act to be introduced. This act includes provisions for mandatory jail time for CEOs and board level management/directors if it is found that a company is materially mis-representing their financial position, or failing to adequately disclose risks. It is highly likely that there will be attempts at shareholder lawsuits in the wake of this incident, since investors will argue that they would not have invested in the company had they known about the poor security practices that led to the breach.
All of this takes this to the weird situation in which it is likely that other CEOs, CIOs, CTOs across corporate America would actually be encouraging the termination of these three Equifax executives. Their reason will be self-preservation. If these three decided to tough it out, their belligerence could easily be what is necessary to force a US legislator to propose tightening the laws in a way that increases the legal liability on directors and senior management of publicly traded companies. This is the very last thing that other CxOs want to see happen - so from their perspective the Equifax incident must "stop the rot". We could summarize their view as, "Don't tip the gravy train off the tracks... Go quiet for a couple of months and then someone will offer you some executive directorships..."
Amid the clamour demanding that "something must be done", a termination or resignation is going to infinitely preferable to jail time.
If you as a private individual elect to use services such as "Google Docs" or Microsoft "Office 365", then implicitly you are using on-line services and functionality to capture and store your creative output. The terms [for Google, certainly] under which this happens are pretty clear. See:-
However, if you elect to purchase products [say CDs or Blurays] from an on-line retailer, then your use of that on-line service is captured, analyzed, but then used to sell other product to other people. Amazon are pretty transparent about this - look for "The Page You Made" as a link on their site after you've been browsing for a bit...
There are two key differences. Firstly, Amazon are using your input as a mechanism to generate profit for themselves - income that they do not share with you, despite the fact that they are at least partially dependent upon you for the information. Secondly, the respective terms and conditions - crucially, for activities that are legally similar - are very, very different.
The retailers believe that they own anything you "do" with their web site. The cloud utility providers make it explicitly clear they make no such claims. Obviously, these differing opinions can both be legally claimed thanks to the terms and conditions that we implicitly accept when we access these different resources. It's equally obvious that the effort that the retailers put into their analysis pays off - or they would stop.
Where this gets interesting is the way that the retailers are essentially leveraging our use of their product to market yet more "stuff" to us, thereby actions which benefit the retailer but not the consumer. I would be quite happy to argue that my use of a retailer's web site constitutes a unique creative activity on my part and that, as such, my actions should be considered a copyright-protected work, and something that I explicitly do not agree to be re-used, in any way, without my express permission. Unfortunately for me, the law [and the retailers] would laugh themselves silly.
I think we can pretty quickly conclude that the dynamic in the relationship between retailers and consumers [and this is no longer exclusively related to on-line shopping, given the way that CCTV and wifi tracking is now being used to track shoppers around stores] has become seriously imbalanced. When that happens, we rely upon the law to keep the game even and fair. Unfortunately, these retail changes are coincident with extraordinary levels of lobbying, and essentially it pitches private citizens against both the state [because the state wants to spy on us] and corporations [which also want to monitor and track us].
Sadly, I think the chances of our seeing fair and equitable protections for shoppers or service consumers being enacted as law stand less of a chance than the proverbial snowball in hell.
Pretty much exactly this. Although, in fairness, ForEx is a mugs game... When there are institutions such as CLS Bank (Continuous Linked Settlements) that charge fees for conversions; when the data from CLS themselves shows that 80% of ForEx transactions are speculative and not for trade or "legitimate" purpose, then you realise that it is basically being used to prove the old adage, "A fool and their money are soon parted" is true...
... or, at least, his predictions are incomplete. In the article he is asked why we are so bad at predicting certain things, such as Donald Trump winning the Presidency - his answer was that Trump is not technology.
In 1900 - Kurzweil discusses changes to farming since the end of the 19th century - the distribution of wealth across the world and within individual nations was relatively even compared to today. Since then, wealth re-distribution has been massive, and has not helped the majority. This change didn't come as a gradual trickle, either, but with emergent events driving or enabling change. The two World Wars of the 20th century bore witness to a massive transfer of wealth and power; certain governments, such as the UK Conservative government from 1979-1997 - so-called tax reforms of both US "Bush" Presidents... all these things had the net effect of transferring a vast amount of wealth and power into the hands of a relatively tiny minority. In January 2016 reports from Oxfam suggested that the wealthiest 1% of the world's population held as much value as the remaining 99%. In January 2017 the Guardian in the UK reported that the wealthiest 8 people - just 8 individuals, held as much value as 50% of the planet.
In other words, against the backdrop of evolutionary change driven by technology, we've seen fundamental, seismic shifts in economics, power and government. That isn't to say that it was impossible to have such concentration of wealth back in 1900, only that the "architecture" of our society makes that easier today.
The other fundamental shift in the last 120 years has been a hidden one, within government. There has likely always been lobbying of one form or another, but in the last 100 years we've witnessed a steady emergence of 'sponsored legislation'. There are plenty of examples of draft EU bills where a Commissioner has taken a piece of work prepared by a commercial lobbyist, working for a company who would directly benefit from that legislation, put their name at the top of the piece and then submit it as their own work. We see the same in the United States, with big business "buying" votes from Senators and Congressmen. And when the rules governing those practices are written by the people who benefit from that corporate largesse, it should come as no surprised to see a gradual erosion of the protections for the "little guy" in favour of big corporate sponsors. Interestingly, not all of that has been in support of driving fundamental technological change. Just look, for example, at the resistance Tesla have faced in the US with respect to car dealerships. Or the fact that every major contract today seems accompanied by a slew of lawsuits from unlucky bidders.
The backdrop to the technological evolution is the concentration of power in board rooms and major shareholders - two communities that have no desire or motivation to share their wealth with anyone, least of all a shop-floor worker. [ If you look at the priorities of any company with publicly-held shares, you will see that their priorities always boil down to 1. Shareholders; 2. Customers; and, if you're lucky, 3. Employees.] What is worse, the economic foundations of our society may be forcing *everyone* into this mode of thinking: suppose I ran a national chain of stores [it almost doesn't matter what market, but let's say groceries]. The average wage for grocery store employees might be pennies over the minimum wage, so I decide to be a decent human being and offer an actual liveable wage to all employees. Guess what happens? A more ruthless competitor will undercut my prices and force me out of business? Or a shareholder revolt will force out that management.
This is absolutely not trying to suggest that basic market forces, or capitalism, or free markets, are inherently bad; only that they can be bad when they are uncontrolled.
I think Kurzeil might have made some interesting *technological* predictions over the years, but as society and technology integrate ever more closely, the degree of impact that technology has on society becomes ever greater - and not always in ways that benefit society at large.
... is that Wired put a positive spin on this article. The author sees it as a good thing that Amazon can recruit Chuck and Barb and all the other "CamperForce Army"... but not because circumstances are so dire that those folk have pretty much no other options left. They have become easy pickings for the corporate giants. Where millennials would get tired of the graft and quit shortly after learning the ropes [leaving Amazon with the headache of perpetually training new and thus under-performing] workers, the CamperForce Army have no other choice but to stick it out.
Perhaps even more scary, though, is the almost throw-away way that Chuck's downturn in fortune is described. He took his life savings and invested it with Wells Fargo - a supposedly reputable bank. They told chuck that his nest-egg of $250,000 would return him $4,000 a month as income. That's $48,000 a year. That's a ~ 19% return on investment from the capital - assuming that he did not draw down on the capital [which, if he did, would not last long]. Really? On what planet or in which universe did Wells Fargo believe that a 19% return was reasonable for Chuck's savings? As responsible bankers they would have known or should have known that a 19.2% return was unrealistic even in the most bullish of bull runs, even if Chuck was taking far more risk with his portfolio than his circumstances should allow.
Yet what happened to Wells Fargo? Any of their employees in Camperforce? It doesn't seem likely, does it?
The really scary thing, though, is this: how long will it be before the large conglomerates and the big banks look at the lessons of 2008-today and think, "Actually, this has been really good for us. We've created an under-class of people who are so desperate for income that they will work at slave-labor rates. We can pay them the minimum wage, dock them for imagined slights to go below even that, all of which maximises our profits. All we really need to keep this going is a steady supply of people whose circumstances are so dire that they are willing to do this... Hmmm... so maybe what this means is that all we really need is a good financial crash every 7-10 years or so..."
Do we really believe that, in the 21st century, we can't manage to contain boom-and-bust cycles? Are we really willing to settle for this?
... it took lone-contributor security researcher, Marcus Hutchins, to stop the WannaCry ransomware outbreak [by registering a domain name].
Ian Levy, the Director of the UK National Cybersecurity Centre and the individual quoted in the OP, heads an agency that is so good, so capable, so on-the-ball, that it took a private individual to identify a means of neutering WannCry.
Never mind the fact that it would have been Levy's organisation that was responsible for preventing the NHS and other UK government agencies from being compromised in the first place...
To give you an idea for just how misguided the man's thinking is, here's another of his quotes, from the same article:-
"“Cybersecurity professionals have spent the last 25 years saying people are the weakest link. That’s stupid!” he said, “They cannot possibly be the weakest link – they are the people that create the value at these organisations."
So, let's just get this right. When we have an abundance of evidence that shows that it is people, not technology, who select easily-guessed passwords, people, not technology, that click the links in phishing emails, people, not technology, that try and promote code that hasn't been properly tested, "because they know it's OK, they don't need to test..."... Mr Levy is certain that all this evidence is wrong, and he is correct.
I think that having Mr Levy in charge at the NCC is actually more scary than his claims of a "Major Cyber Attack Happening Soon"...
Perhaps there is another way of looking at the data.
When dealing with astronomical observations of this type, we accept that the observations we are making could be millions or even billions of years old, based on the distance from which the phenomena originate. OK, so: old data.
We are also told by physicists that our universe started with a "big bang", a state and point in time at which the state of our universe was so energised that the sub-atomic particles we take for granted today [never mind atoms and molecules] did not exist - because the universe had not cooled sufficiently.
So if you extrapolate this facts, don't they suggest that it stands to reason that, the further away in distance [and thus the further back in time] that we look, the higher the energies we would expect to observe. Everything else is [just / subject to] entropy.
I'm not sure where Occam's Razor would swing across this story, but suspect the explanation - whatever it is - will be a simple one.
Fascinating post, article and lots of good comments on this - thank you.
With the caveat that I don't know what I'm talking about [ ! ] the article got me thinking about the way that our senses operate differently at altitude. Essentially, this means, "at a significantly different atmospheric pressure"... So obviously the first thin to think about is : what, exactly, is that pressure difference? Well, according to this calculator, at mide.com,
A "typical" air pressure at sea level might be 101.325kPa[kiloPascals], in which case the corresponding air pressure at 8,000ft would be approximately 75,250 kPa - which is approximately 75% of sea level pressure. OK, for a "starting point", I'd hope we'd agree that this delta is sufficient for physical and chemical reactions to be potentially altered.
Then I got to thinking about passengers from a physiological perspective. Essentially, the human being is a mass of semi-permiable membranes. Yes, there is plenty of chemistry going on within us - turning foods into energy, for example - but it also stands to reason that our 5 senses are going to be quite sensitive to changes in pressure... For example - a reduced atmospheric pressure will mean that inhalations bring fewer air molecules in to our lungs, which would also surely involve changes in our sense of smell. OK, I don't know how pressure differential would impact the dispersal of scent chemicals in a gas mix, but there is likely to be a difference...
Our sense of taste is going to be based on diffusion and/or osmosis, as the chemical trace signatures of what we eat are absorbed and processed by the cells in our taste buds. But of course the actual mechanics of tasting are going to be based on chemicals being transferred into saliva and then offered up to the taste processing centres on our tongues. Whether the underlying processes are osmosis or diffusion, or a mix or variation is almost secondary to the point that there will be something like this underpinning the necessary chemistry that drives the sense of taste. Mess with partial pressures, absorption rates, osmosis or diffusion rates and it rather makes sense.
If we were sensitive enough, we might even expect to witness a very slight change in the sense of touch... Just as we know that limbs can swell in low pressure, so sub-cutaneous blood capillaries are going to change and this should impact our touch. Would sight be impacted? Perhaps, if the lower atmospheric pressure caused a slight outward swelling of our eyes?
The thing that really interests me, though is the comment from TheRaven64, where they observe that Gin & Tonic is "one of the few alcoholic beverages that tastes better at low air pressure." Describing something as "tasting better" is way too subjective for us to be likely to reach a consensus upon, but the observation of the change, alone, might be enough to suggest that there could be ways of compensating for altitude-related changes to our senses by altering the composition or chemistry of what we eat...
Lastly - just as a final thought - I wonder if gravity [or the absence of it] plays a part in our senses too? OK, so the reduction in the gravity we experience between sea level and 40,000ft might not be enough of a difference, but we could theoretically extrapolate by looking at feedback from astronauts as to whether ultra-low gravity environments impact their senses... I'd be very interested to know if we've got any readers who can better explain the relationship between the change in what we sense during a flight and the environmental impact on our physiology - I've just been guessing in this post, but suspect there's some pretty interesting material here somewhere...
Agreed, but I think we're maybe looking at this from two very different perspectives...
First, you rightly point out that both traditional banks and credit card companies offer credit. In order to do this, those companies need to have either a full banking licence, or something very similar to one, or they will simply not be permitted to operate in any major, well-developed economy.
On the other hand, we're also talking about a simple transaction in which funds from one currency are translated in to another currency. There is no loan involved in this transaction - it is essentially "asset swapping for a fee"... Banks make money in a variety of ways; among them are the extension of credit and the provision of a service for a fee... We are looking at those two activities in the context of this discussion...
If all you want to do is visit a country that uses a different one to where you live, then any multinational Bitcoin exchange that can keep their transaction fees below the typical 2.75% "foreign currency handling fee" of a credit card is going to do very well indeed...
There is absolutely no doubt that use of blockchain technologies will continue to expand as more and more people develop solutions that use it. However, there is a world of difference between having the technical means to handle transactions in the volumes discussed, but this is entirely distinct from actually being able to compete with an institution like VISA, for non-technical reasons...
The global card payment processing infrastructure generates literally billions and billions of dollars of revenues for Mastercard, VISA, plus all banks. The resultant and incredible profits are further enhanced by insane "transaction processing fees" when purchases are made in any currency other than the card's default.
Do we think for a moment that the vast, established financial services industry will simply roll over and allow Bitcoin or Ethereum to displace it? No. This is why we see all of these grossly exaggerated claims regarding crypto-currencies - that it is used only by drug dealers, paedophiles and terrorists. Of course, these arguments conveniently forget the fact that actual paper cash is even more anonymous than crypto-currency will ever be, yet we don't hear [most] of these organisations clamouring for cash to be withdrawn. [ Most: VISA have been pushing this for a while now].
As a crypto-currency becomes established and generates the infrastructure to actually make a dent on the current cartel of big banks, expect to see horror stories regarding the criminal use of it, expect to see all sorts of legislation to outlaw it being proposed. Expect to see scandals and stories like the Mt Gox exchange hack being trumpeted as reasons that cryptocurrency should be doomed.
On balance, I think the distributed ledger concept has a lot to commend it - it makes the financial infrastructure of the world much more robust - but the biggest challenge it faces will come from the entrenched players in this market - the big banks. Which, by the way, are already developing their own, proprietary and "closed" blockchain technologies... Fancy that...
The short but honest answer is "It will depend"...
The longer and slightly more complicated answer is to observe that there are all sorts of different ways that the Hyperloop design, as explained, could fail. Examples include things like gradual pressure increase within the conveyance tube [loss of vacuum], collisions [between a moving capsule and a stationary one], contact-leading-to-damage [for example between a capsule and the conveyance tube], and so on.
A complete and thorough answer to your [entirely valid] question would require far more time and space than slashdot typically affords us. Suffice to say that there are some excellent engineering disciplines and practices that have been developed to answer precisely the question you have asked. It is highly unlikely that us mere mortals would ever get visibility of the results of that analysis, but it is entirely to be expected that the relevant Federal/Government regulator will do so. A common framework [but by no means the only one used today] is FMEA - Failure Mode and Effect Analysis.
Readers may be interested to note that in the aviation industry, for example, each airline prepares and publishes their own Operating Procedures, Safety Manuals/Training and ensures the relevant level of awareness among employees, contractors and clients [passengers]. I do not know for certain, but suspect that this model is done from a liability perspective - if an airline followed government-mandated safety procedures [or aircraft manufacturer supplied procedures] to the letter, but an accident occurred, then in any subsequent investigation or challenge regarding legal liability, the airline would try and argue that they met every requirement made of them. Instead, by making the airline responsible for developing and following their own practices, the regulator carefully avoids ultimate authority for any failure of process design... Given the highly litigious nature of the modern world, it is likely that the safety procedures and operating practices of any commercial Hyperloop solution will be designed and implemented by the Operator, ideally with some form of Federal or governmental oversight.
If true, this story would be disappointing, because of the hypocrisy if for no other reason. I've searched for articles or photographic proof of the claim but not found any yet... There are images of the presentation up and running, but the display shows an all-screen slide and it isn't possible to definitively identify the operating software.
The only reason I ask [and I don't have an opinion on the claim one way or the other] is because I'm aware of several friends of mine who run both Windows and Linux on MacBook Pro hardware. Their justification is that even though it's crazy-expensive, the Apple MacBook Pro hardware is among the very best available today, hence their use of the product. I make this additional observation because if Zemlin walked in to the theatre / hall carrying a MacBook Pro it would be easy to conclude that he was running MacOS. However, until there is actual concrete proof, nobody can say with certainty what OS the guy is running.
Perfectly happy to express my disappointment when the evidence is on the table, but until then...
Slashdot Mirror
Had we "just lost" this Dark Matter in the same way that Mr Bean "just lost" his binoculars?
https://www.youtube.com/watch?...
Completely agree with you - Occam's Razor Wins Again...
Or maybe "Swings Again", depending on how you take your puns...
The big problem with any form of widely-available and widely-supported identity verification scheme is that government tends to think that they need to run centrally and be centrally controlled - which in turn makes a big target for criminals [and potentially institutional abuse].
As an alternative, I would offer the model adopted by GNU Privacy Guard, which is entirely federated, but, best of all, under the control of the individual concerned.
For those not familiar with GPG, here is [in my own words] a brief explanation of the way in which it could be adopted for a national or even international identity scheme:-
Like all public-key based solutions, this approach begins with key pair generation. The private key, being electronic in nature, would need to be placed on some form of storage medium.
The public key, also in digital form, could then be offered to well-known and well-respected organisations so that they might add their digital signature. For example, imagine key-pair generation at my birth. The hospital where I was born [or the location of the mid-wife for home births] could be invited to sign my key.
The schools and colleges I attend could sign my key.
Each employer I work for - after background checks and verification, of course - could sign my key.
Any financial institution with whom I open an account or borrow money could sign my key.
Obviously there would have to be guidelines to ensure that unscrupulous institutions did not start to charge ridiculous fees. However, this private key would, over a period of time, gradually evolve a level of authenticity that would be easy for me to prove, extremely difficult for anyone else to fake and, best of all, convey very little of value to a criminal, because without my private key, they could do nothing of value with the "public" part.
Obviously the alternative would be to have the equivalent of a centralised "Certificate Authority" [the Government, aka Big Brother] demand to sign all public keys and demand to be used, OCSP-style, to validate each time an individual attempted to assert their identity using the system. Not only do I not like that approach on privacy/freedom grounds, I don't think it would be sufficiently robust, nor do I think it would scale effectively.
By contrast, the advantage of using the GPG scheme would be that it would be *my* choice in terms of who I asked to sign my key to prove my identity.
One last thing... Imagine a scenario where I approach you and attempt to assert my identity and we discover that we have no mutually trusted key associates, which means that even though I have a signed key, you are not able to recognise it. In this case, a mature system would then attempt to "cross the bridge", perhaps GPS style - i.e. it would programmatically look at all my signatures, and all your recognised authorities, but then, using an OCSP-stype query system, it would be able to suggest to both of us which mutually-acceptable third parties I could use to then get my key signed until you would be willing to accept it.
Perhaps there are also aspects of the blockchain that we could use to support that "networking" step, i.e. have a signed blockchain that records accepted connections between trusted entities, which could then be queried to identify new connection routes.
One of the lovely things about GPG would also be the way that we can express degrees of confidence, and/or set conditions on what type of signature we would be willing, as individuals, to accept. For example, some people might be willing to accept a key from any employer of an Incorporated company; others might insist on a key from an institution with a banking license, or a recognised university or so on.
Although I like the flexibility of this approach, the one thing I think it has to commend it above all others is that it places control in the hands of the individual.
Interested to know what other think...
If Vallerius is guilty of the charges being made against him, then I have absolutely no problem with due legal process being used to hand down the appropriate due punishment.
However, reading the OP, a question regarding jurisdiction springs to mind. The extract quotes a DEA agent, who says (of Vallerius), "His profile listed 60 prior sales and five-star reviews from buyers. In addition, his profile stated that he ships from France to anywhere in Europe."
I ask this question because I am trying to understand how the Unites States Government believes that it has standing to prosecute in this case? The only logical answer to that question that I can see would be if the transactions conducted on the darknet actually took place on US soil - but even that seems to me to be somewhat of a vague area of international law.
Perhaps another reader can clarify this point for me: if we have three directly involved parties [a buyer, a seller and the platform-running middle-man] in a transaction, plus perhaps the network connections between them, then how would an international court of law decide the location and/or terms under which a case could be brought? Is it the law of the land for the buyer, the seller or the middleman? Does the fact that any identifiable part of an illegal transaction takes place within a nation's jurisdiction give that nation the right to prosecute a case?
I will re-iterate what I said at the beginning of this post: I have no sympathy for anyone involved in selling drugs. But in order for society at large to respect the law, we need to trust the law. We need to see that the law is applied transparently, consistently and fairly. We need to understand both the powers and the limits of the law. Without these things, then as individuals within that society, we are at risk from all sorts of different types of corruption and injustice.
Very interested to know if anyone can clarify this...
I can't disagree with what you write - you nail it, basically.
... Maybe that has something to do with it, too...
But, you describe a situation that is fundamentally wrong - and wrong in a way that not only allows or encourages sloppy practices, but which acts as a re-enforcing loop to make things steadily worse.
Let's take two examples from your selection - bank robbery and gun crime - and look deeper.
Despite the fact that today we probably see 98% of financial transactions conducted electronically, there are still occasional robberies of banks - for example the Hatton Garden raid in which an estimated £60 Million in valuables were taken. I would concede that the robbers went to extraordinary lengths to achieve their objectives, but:
1. If you look at the photographs of the entry point, you can see that the robbers cut through "20 inches" of pure concrete that had no steel re-enforcement in it. This looks to be a sub-standard design.
2. There were clearly inadequate motion-sensor alarms in the safety-deposit box vault itself.
3. Although an alarm was in fact triggered on the Good Friday, the Police simply failed to turn up.
I am sure there are other examples we could use, both with respect to the preventative measures that the Hatton Garden Safety Deposit company *could* (should) have taken, or in the lack of action of the Police who failed to response.
In short, it is entirely probable [likely] that this crime could have been completely prevented, if only a few simple protective measures had been taken.
The same is largely true of gun crime - murders, wounding, armed robbery and so on. Yes, at this point we have to concede that today there are a large number of illegal firearms in circulation in the UK, but we allow that situation to persist... It is still possible to own and register a variety of different firearms: but why? The answer to that is that a certain sector of society [and one which wields un-due influence in legislative circles] want to retain ownership of their "sport" weapons so that they can go and kill defenceless birds. Because of this small minority, laws have to be written that allow gun ownership.
If we compare the UK situation on firearms with, say Japan, the differences in the use of firearms with crime could not be more clear. Japan has incredibly tight restrictions on gun ownership. It is not banned outright, but the controls are much, much more stringent. As a consequence, Japan has a tiny fraction of the gun-related crime that the UK sees. Oh, and Japanese land-owners don't shoot defenceless birds for "sport"
In this example, preventative controls can stop the unwanted criminal acts from taking place, before it is necessary to have police spies, drones, surveillance and all the other methods you rightly mention. And we haven't even got to the observation that a gun is only useful with ammunition, so control of ammunition would be a handy way to control guns...
In simplistic terms, we can think about three different ways of controlling the use of guns [for example]. We can have preventative, detective or corrective measures. Criminal charges, giving police forces extraordinary powers such as drones, helicopters, vans, government malware an the like are *all* corrective controls, because they are effective after-the-fact. Detective controls, such as microphones able to detect gunshots [that can be broadly mis-used] are of scant re-assurance to the person who may have just been shot as the result of a detected firearm discharge... Preventative controls, however, are less popular and harder to implement:-
1. Outright ban on firearms in private ownership/custody. Period.
2. Outright ban on the manufacture, import, sale or use of ammunition [including raw materials such as the propellant, casings, assembly machinery, presses, etc]
3. Immediate life term for any person found to be guilty of possession of a firearm [deterrent].
I am sure ther
Sorry if this veers just a tad off your extremely valid observations, but today - more often than not - the output of all of the remarkable research done by a vast collective of largely under-appreciated and incredibly hard-working people - is then "acquired" by some publishing "agency" that has struck a deal with a university or college and... presto! Work which was often funded by the public purse is suddenly pay-walled and access is denied to all but subscribing academic centres or the extremely wealthy.
I don't think these two things are directly related, but I do think that the overt politicisation of education is analogous to planting fields with land mines instead of crops.
I'll [deliberately] side-step any question regarding the legitimacy of this as a piece of legislation, but would like to ask a question about implementing it.
The question is, how can someone who has no intent to break the law be expected to know or have reasonable confidence that they *abide* by the law. If I see a link on a page that reads, "how to make your own garden pond" and the link instead takes me to a page about home made explosives, am I guilty?
If I work in the defence industry to design and build armour for military vehicles - and I research different types of explosives and their capabilities on line, have I broken the law?
If I *don't* work in the defence industry, but read the same material as the previous comment, does that put me across the line?
In one sense I can see and am willing to try to understand the predicament of legislators when it comes to this type of challenge. But the problems with censorship of this type - and this is censorship, no doubt about it - are:-
1. How can we possibly have a set of unambiguous, clear-cut guidelines that tell a citizen so they understand what is acceptable and what is not? If I exceed 70mph on a motorway in the UK, I am breaking the law. But if the law said, "must not exceed a reasonable speed given conditions at the time", then the law becomes subjective and impossible to enforce. The same is true here. This question becomes infinitely more complex if you consider cases of reading about divisive figures from history. Was Mahatma Ghandi a terrorist for encouraging passive civil disobedience? How about Che Guevara? Could reading about the Cuban Revolution mark me as a terrorist?
2. Who gets to decide where we draw the line? Put this another way - what about scope creep? Is today's political ideologist tomorrow's terrorist?
Whatever the relative merits of this as an idea, any, *any* implementation is so fraught with dangers for a society as to be worthy of deep and thoughtful scrutiny. This is the top of a very, very slippery slope.
Over the years I've read various discussions concerning the problems caused by use of mobile phones in certain areas - for example within a cinema or theatre. Suggestions for remedies have included, for example, extending the cell phone standard to allow a "local suppressor signal", which could be generated by a licensed and restricted-access transmitter, and which would then need to be respected by handset OS providers.
I think the complexity of implementation prohibited further development...
However, there is a much simpler approach that could be of specific relevance to prisons, since these are, by their very nature, often "stand-alone" structures, kept well away from other buildings. The solution would involve placing multiple local cell towers at the periphery of the prison grounds, and have them provide a strong, healthy signal in the area. This would force all local handsets to handshake with one of these local towers.
Except these would be special towers, with the ability for the prison officers to use triangulation to determine the location of the handset. If there was a suggestion that a handset requesting access to the tower was physically within the area of the prison, then the handset could be blocked from accessing the cell network. Since the local towers would know the ID of the handset, it could simultaneously be sent a simple SMS message explaining why access had been blocked [as a courtesy to innocent passers-by, so they would know it wasn't a general reception problem]. This technique could easily be modified to permit guards to use their handsets in appropriate areas [such as a canteen]. Obviously, for security reasons, you would not want to permit guards to walk around inside a prison with a cell-phone [because a bribed guard could easily give an inmate access].
When enough towers are available, triangulation of handsets is both reliable and accurate, so not only could it be used to block use of handsets by inmates, it could in theory be used to determine the physical location of handsets to an area of the prison of no more than a few cells. If that could then be coupled with local hand-held scanners, locating and confiscating illegal handsets might become quite a lot easier.
Several years ago, the Murdoch-owned Mirror Group newspapers in the UK became embroiled in a really nasty [sinister] story when it became known that a whole host of celebrities were being subjected to phone hacking, with their SMS messages and voicemails being intercepted. When the full implications became apparent - and it was clear that the scale of the illegal acts had the potential to put senior management in a *very* difficult position, former British Prime Minister Tony Blair started to offer advice to the then Mirror Editor Rebekah Brookes.
In emails which subsequently came to light in discovery during an investigation and trial, Blair advised Brookes and Murdoch to "hold an internal enquiry". There is an interesting explanation of that here:-
https://www.theguardian.com/uk...
The key point about Blair's advice is that he advocates a "Hutton-style" inquiry. This was a judicial inquiry, run by Lord Hutton, into the death of MoD scientist Dr David Kelly. The inference in Blair's advice to Brookes is to set up an *internal* inquiry, staffed by people who might look independent but would be loyal to her, then direct them to go and find the answer that Brookes wanted them to find. In other words, do something which looks official to outsiders, but which in reality can be a complete sham.
I am reminded of that episode in this context, because this is starting to look for all the world as though Equifax management are hoping that any further accusations of wrong-doing can be stopped at the feet of those who have already left the company. Right now, the worst possible outcome for them would be a wide-ranging SEC or Federal investigation that looked at their own internal controls relating to such things as the sale of shares.
Disclosure - I've worked for a major US financial institution who, through caution regarding this specific issue, regularly implements "share blackout" windows to literally *prevent* staff from trading shares in the run-up to the reporting of quarterly figures. In other words, I've seen some of the lengths that some companies are willing to go to in order to demonstrate that they are "squeaky clean" with nothing to hide. This latest from Equifax looks for all the world as though the Board are now worried that the SEC might sanction more of them, even further, if it can be shown that their internal financial and governance controls are wanting.
The idea would be to implement this bogus review and find issues which could then be "fixed".
There are several advantages to this for Equifax:-
1. It is an attempt to persuade the SEC that their own internal controls do not require additional sanction for other directors/employees - i.e. a last-ditch attempt at damage limitation...
2. If they find issues and implement changes to address them, the changes will be of their choosing and not imposed on them by an outside third party.
3. It is an attempt at a public message to major shareholders that the company still takes their fiduciary duty seriously. As if anyone would believe them at this juncture.
Of course, the thing to bear in mind here is that this is complete and utter tosh. If the company wanted to "do the right thing", they would either wait for the SEC to finish, or the board of directors would appoint a firm of outside auditors, given them wide ranging authority to go where the evidence took them, and arrange for discussions on the findings to be held with major shareholders in the room. That last would be important given the implications that any wrong-doing might include directors themselves...
The fact that Equifax *aren't* going to the trouble of implementing an externally-led inquiry really tells you everything you need to know about the validity of what they are doing...
Lots of interesting observations here - thank you...
However, just to take issue with one specific point you make. When you write, "Unless you agree to let them. That little checkbox that says "save my credit card info for future purchases"? That's not just for your convenience. That's what grants the merchant permission to store you credit card info in their database.", you are rather making my point for me.
Even if I *do* agree to let the vendor keep a copy of my card details on file to streamline subsequent purchases , I absolutely do not agree to let them use my purchase history for other purposes. Even more seriously - if the vendor attempted to claim that my agreement with the question you quote as giving them the right to re-use my data, then they would be explicitly breaking the law. That is because, by making an explicit statement of use [for one specific purpose - future purchases] they are explicitly excluding themselves from having my permission ***for any other purpose*** .
In other words, the only reason that vendors "get away with this" at the moment is simply the cost to private individuals for taking one to court to have their practice over-turned, because, even if successful, it would only cover that one vendor. It would be virtually impossible for that one case to set a legal precedent that could be enforced. Well, short of taking the issue to the European Court of Human Rights, perhaps.
But the escape route [for the vendor] that you suggest is absolutely not viable in the context here.
I appreciate that the comments I make here might be more relevant to EU readers than US ones, but I think the principles should be universal.
When I trade with any company, those transactions are confidential between myself and that company. If I *choose* to perform that transaction with a debit or credit card in order to make the transaction easier or more convenient, that is my choice.
However, the Data Protection Act and associated EU data protection laws basically prohibit the use of information, which may have been collected for one purpose [i.e. to transact a sale] from being used for another purpose [i.e. to provide credit reference information] without the expressed, written consent of the data subject. The reason that Equifax and Experian and all the other credit-reference agencies "get away" with what they do is simply that the terms and conditions - which we are essentially forced to accept if we want a credit/debit card, mortgage, loan or other financial service - are written to allow the creditor to do exactly that. The creditor writes the terms and conditions that way ostensibly to have the ability to cross-check our credit history and so protect themselves from bad debt and from financial crime. Except, as we know, this is now being completely abused.
Governments turn a blind eye to this practice because their elected officials are on the receiving end of so much lobbying money from the companies that do this, it is easy for the industry to "buy off" potentially opposing votes from all parties until the industry can propose a change to laws and buy the result that they want. Unfortunately, this creates a situation in which the government is acting against the best interests of the majority of people that elected them.
I have no problem with a law being passed that legally requires me to declare all pertinent parts of my credit history if I want a loan or a credit card or a bank account. I have no problem with a law that allows for certain forms of credit history - for example, people being declared bankrupt, or having court judgements against them - being "on the record" and visible to lenders.
Where I *do* have a problem is in the use, sale and profit from my personal information, in a manner that is not compatible with the purpose for which I originally agreed to disclose that information, without my knowledge and/or consent.
That is plainly an unacceptable level of scope creep.
Rather than simply push to see Equifax ditch a few of their senior officers, we need to be pushing to have the entire credit-checking, data-sharing-for-profit industry declared illegal and to have these parasitic outfits shut down permanently. All they do is increase the amount of junk mail that comes through my door offering me new credit cards.
No thanks.
I am no fan of banks or lenders, but in this specific case I have to say you are wrong. Completely wrong.
The reason that banks demand so much information from you if you want to open and account, or borrow money, or have a credit or debit card, is because the governments recognise that opening false accounts using fake identities is one of the best methods of laundering money from criminal schemes. So, for example, the United States Government demands that anyone operating in the US must comply with OFAC Screening requirements, [ OFAC = Office of Foreign Assets Control] because it was discovered that vast amounts of stolen or otherwise illegal money was washing through the US banking system...
Any bank or lender in the US that *fails* to demand really good proof of identity could be prosecuted by the Federal Government and suffer sanctions up to and including the loss of their banking license.
You also state that "The only solution is to render this information useless. We need to get precedence set. Banks can not claim "XYZ defaulted on a loan" without actual proof that it was really XYZ not someone claiming to be XYZ. Else they are liable for libel and they should be penalized heavily."
The problem with this statement is that what you are implicitly asking for is a hypothetical situation in which banks have some "other" means of "knowing" you. Fifty years ago, loans were offered to companies and individuals because they were literally known by the manager of the lending branch of the bank. Personal banking relationships were important because that was the way the world did business. Today, with on-line applications and risk-score-based loan decisions, the world has abandoned those principles. Instead, then, the bank needs to have a way of validating your identity, so that it can know with certainty who you are. [ And, incidentally, one reason this is crucial is it stops an individual from borrowing more than they can afford to repay by creating false identities - a risk that could put a lot of banks out of business].
Yet by demanding that banks find a way of validating the identity of creditors "without" recourse to personally identifiable information of this kind, you are actually implicitly opening a door to ever-more intrusive spying and monitoring of individuals by faceless corporations. And/or you are opening the door to the introduction of mandatory ID cards.
I dislike the idea of identity theft being used to defraud banks of money, because all the legitimate clients - like me - end up paying in the long run. But if your only solution is that I have to give up personal privacy and other personal freedoms [such as the right to anonymity] in return for cheaper banking, then I will pay a little more. At the end of the day we are all going to have a different preference on a question like this, but you have to think of the big picture and understand the full context of a situation before making decisions on this sort of thing...
and in many countries they could have identified your Mother's maiden name if they knew your date of birth, because the Register of Births, Marriages and Deaths is now typically on line...
For those people not actually serving on the board [or boards] of a top multinational company, the environment experienced [enjoyed?] by those at the top will be utterly alien. Like high political office, the principle motivators are going to be power and money - and as much of both as possible.
When the news of the breach became public, the Board of Directors likely knew that there would be scalps. It is not clear if the trading of shares by some of their number [between the breach being discovered and being made public] was common knowledge or not.
However, we should not be surprised to see the Chief Executive ask the CIO and CSO to step down. The aim of anyone operating at a CxO or board level is to minimise disruption. The more executives that get fired, the worse the message being sent to shareholders and clients - something which will directly impact the CEO in their pocket, because, of course, they are major shareholders thanks to their "packages"...
So although it looks to us, from the outside, as though the CEO threw two of his former colleagues "under the bus" [and I am sure there are cases where office politics makes that the expedient thing to do] there is an equal chance that they were simply trying to protect themselves. When the decision to fire these two former colleagues was made, the CEO was obviously hoping that they could weather the storm and continue to collect their fat pay check for a bit longer. In fact - given the nature of megalomania that seems to infect board rooms these days, they were no doubt planning how to use this to their advantage by demanding "stretch objectives" tied to their next bonus that included strengthening their IT and Security disciplines - which they would then claim to have achieved by simply hiring someone else...
Lastly, the final possible reason for the CEO asking for these resignations / firing these former colleagues, is to try and head off any form of criminal sanction. If we remember back to the accounting scandals at Enron, the scale of the malpractice there was sufficient for the Sarbanes-Oxley act to be introduced. This act includes provisions for mandatory jail time for CEOs and board level management/directors if it is found that a company is materially mis-representing their financial position, or failing to adequately disclose risks. It is highly likely that there will be attempts at shareholder lawsuits in the wake of this incident, since investors will argue that they would not have invested in the company had they known about the poor security practices that led to the breach.
All of this takes this to the weird situation in which it is likely that other CEOs, CIOs, CTOs across corporate America would actually be encouraging the termination of these three Equifax executives. Their reason will be self-preservation. If these three decided to tough it out, their belligerence could easily be what is necessary to force a US legislator to propose tightening the laws in a way that increases the legal liability on directors and senior management of publicly traded companies. This is the very last thing that other CxOs want to see happen - so from their perspective the Equifax incident must "stop the rot". We could summarize their view as, "Don't tip the gravy train off the tracks... Go quiet for a couple of months and then someone will offer you some executive directorships..."
Amid the clamour demanding that "something must be done", a termination or resignation is going to infinitely preferable to jail time.
If you as a private individual elect to use services such as "Google Docs" or Microsoft "Office 365", then implicitly you are using on-line services and functionality to capture and store your creative output. The terms [for Google, certainly] under which this happens are pretty clear. See:-
https://support.google.com/dri...
However, if you elect to purchase products [say CDs or Blurays] from an on-line retailer, then your use of that on-line service is captured, analyzed, but then used to sell other product to other people. Amazon are pretty transparent about this - look for "The Page You Made" as a link on their site after you've been browsing for a bit...
There are two key differences. Firstly, Amazon are using your input as a mechanism to generate profit for themselves - income that they do not share with you, despite the fact that they are at least partially dependent upon you for the information. Secondly, the respective terms and conditions - crucially, for activities that are legally similar - are very, very different.
The retailers believe that they own anything you "do" with their web site. The cloud utility providers make it explicitly clear they make no such claims. Obviously, these differing opinions can both be legally claimed thanks to the terms and conditions that we implicitly accept when we access these different resources. It's equally obvious that the effort that the retailers put into their analysis pays off - or they would stop.
Where this gets interesting is the way that the retailers are essentially leveraging our use of their product to market yet more "stuff" to us, thereby actions which benefit the retailer but not the consumer. I would be quite happy to argue that my use of a retailer's web site constitutes a unique creative activity on my part and that, as such, my actions should be considered a copyright-protected work, and something that I explicitly do not agree to be re-used, in any way, without my express permission. Unfortunately for me, the law [and the retailers] would laugh themselves silly.
I think we can pretty quickly conclude that the dynamic in the relationship between retailers and consumers [and this is no longer exclusively related to on-line shopping, given the way that CCTV and wifi tracking is now being used to track shoppers around stores] has become seriously imbalanced. When that happens, we rely upon the law to keep the game even and fair. Unfortunately, these retail changes are coincident with extraordinary levels of lobbying, and essentially it pitches private citizens against both the state [because the state wants to spy on us] and corporations [which also want to monitor and track us].
Sadly, I think the chances of our seeing fair and equitable protections for shoppers or service consumers being enacted as law stand less of a chance than the proverbial snowball in hell.
Shame.
Pretty much exactly this. Although, in fairness, ForEx is a mugs game... When there are institutions such as CLS Bank (Continuous Linked Settlements) that charge fees for conversions; when the data from CLS themselves shows that 80% of ForEx transactions are speculative and not for trade or "legitimate" purpose, then you realise that it is basically being used to prove the old adage, "A fool and their money are soon parted" is true...
... or, at least, his predictions are incomplete. In the article he is asked why we are so bad at predicting certain things, such as Donald Trump winning the Presidency - his answer was that Trump is not technology.
In 1900 - Kurzweil discusses changes to farming since the end of the 19th century - the distribution of wealth across the world and within individual nations was relatively even compared to today. Since then, wealth re-distribution has been massive, and has not helped the majority. This change didn't come as a gradual trickle, either, but with emergent events driving or enabling change. The two World Wars of the 20th century bore witness to a massive transfer of wealth and power; certain governments, such as the UK Conservative government from 1979-1997 - so-called tax reforms of both US "Bush" Presidents... all these things had the net effect of transferring a vast amount of wealth and power into the hands of a relatively tiny minority. In January 2016 reports from Oxfam suggested that the wealthiest 1% of the world's population held as much value as the remaining 99%. In January 2017 the Guardian in the UK reported that the wealthiest 8 people - just 8 individuals, held as much value as 50% of the planet.
In other words, against the backdrop of evolutionary change driven by technology, we've seen fundamental, seismic shifts in economics, power and government. That isn't to say that it was impossible to have such concentration of wealth back in 1900, only that the "architecture" of our society makes that easier today.
The other fundamental shift in the last 120 years has been a hidden one, within government. There has likely always been lobbying of one form or another, but in the last 100 years we've witnessed a steady emergence of 'sponsored legislation'. There are plenty of examples of draft EU bills where a Commissioner has taken a piece of work prepared by a commercial lobbyist, working for a company who would directly benefit from that legislation, put their name at the top of the piece and then submit it as their own work. We see the same in the United States, with big business "buying" votes from Senators and Congressmen. And when the rules governing those practices are written by the people who benefit from that corporate largesse, it should come as no surprised to see a gradual erosion of the protections for the "little guy" in favour of big corporate sponsors. Interestingly, not all of that has been in support of driving fundamental technological change. Just look, for example, at the resistance Tesla have faced in the US with respect to car dealerships. Or the fact that every major contract today seems accompanied by a slew of lawsuits from unlucky bidders.
The backdrop to the technological evolution is the concentration of power in board rooms and major shareholders - two communities that have no desire or motivation to share their wealth with anyone, least of all a shop-floor worker. [ If you look at the priorities of any company with publicly-held shares, you will see that their priorities always boil down to 1. Shareholders; 2. Customers; and, if you're lucky, 3. Employees.] What is worse, the economic foundations of our society may be forcing *everyone* into this mode of thinking: suppose I ran a national chain of stores [it almost doesn't matter what market, but let's say groceries]. The average wage for grocery store employees might be pennies over the minimum wage, so I decide to be a decent human being and offer an actual liveable wage to all employees. Guess what happens? A more ruthless competitor will undercut my prices and force me out of business? Or a shareholder revolt will force out that management.
This is absolutely not trying to suggest that basic market forces, or capitalism, or free markets, are inherently bad; only that they can be bad when they are uncontrolled.
I think Kurzeil might have made some interesting *technological* predictions over the years, but as society and technology integrate ever more closely, the degree of impact that technology has on society becomes ever greater - and not always in ways that benefit society at large.
... is that Wired put a positive spin on this article. The author sees it as a good thing that Amazon can recruit Chuck and Barb and all the other "CamperForce Army" ... but not because circumstances are so dire that those folk have pretty much no other options left. They have become easy pickings for the corporate giants. Where millennials would get tired of the graft and quit shortly after learning the ropes [leaving Amazon with the headache of perpetually training new and thus under-performing] workers, the CamperForce Army have no other choice but to stick it out.
Perhaps even more scary, though, is the almost throw-away way that Chuck's downturn in fortune is described. He took his life savings and invested it with Wells Fargo - a supposedly reputable bank. They told chuck that his nest-egg of $250,000 would return him $4,000 a month as income. That's $48,000 a year. That's a ~ 19% return on investment from the capital - assuming that he did not draw down on the capital [which, if he did, would not last long]. Really? On what planet or in which universe did Wells Fargo believe that a 19% return was reasonable for Chuck's savings? As responsible bankers they would have known or should have known that a 19.2% return was unrealistic even in the most bullish of bull runs, even if Chuck was taking far more risk with his portfolio than his circumstances should allow.
Yet what happened to Wells Fargo? Any of their employees in Camperforce? It doesn't seem likely, does it?
The really scary thing, though, is this: how long will it be before the large conglomerates and the big banks look at the lessons of 2008-today and think, "Actually, this has been really good for us. We've created an under-class of people who are so desperate for income that they will work at slave-labor rates. We can pay them the minimum wage, dock them for imagined slights to go below even that, all of which maximises our profits. All we really need to keep this going is a steady supply of people whose circumstances are so dire that they are willing to do this... Hmmm... so maybe what this means is that all we really need is a good financial crash every 7-10 years or so..."
Do we really believe that, in the 21st century, we can't manage to contain boom-and-bust cycles? Are we really willing to settle for this?
... it took lone-contributor security researcher, Marcus Hutchins, to stop the WannaCry ransomware outbreak [by registering a domain name].
... Mr Levy is certain that all this evidence is wrong, and he is correct.
...
Ian Levy, the Director of the UK National Cybersecurity Centre and the individual quoted in the OP, heads an agency that is so good, so capable, so on-the-ball, that it took a private individual to identify a means of neutering WannCry.
Never mind the fact that it would have been Levy's organisation that was responsible for preventing the NHS and other UK government agencies from being compromised in the first place...
To give you an idea for just how misguided the man's thinking is, here's another of his quotes, from the same article:-
"“Cybersecurity professionals have spent the last 25 years saying people are the weakest link. That’s stupid!” he said, “They cannot possibly be the weakest link – they are the people that create the value at these organisations."
So, let's just get this right. When we have an abundance of evidence that shows that it is people, not technology, who select easily-guessed passwords, people, not technology, that click the links in phishing emails, people, not technology, that try and promote code that hasn't been properly tested, "because they know it's OK, they don't need to test..."
I think that having Mr Levy in charge at the NCC is actually more scary than his claims of a "Major Cyber Attack Happening Soon"
Perhaps there is another way of looking at the data.
When dealing with astronomical observations of this type, we accept that the observations we are making could be millions or even billions of years old, based on the distance from which the phenomena originate. OK, so: old data.
We are also told by physicists that our universe started with a "big bang", a state and point in time at which the state of our universe was so energised that the sub-atomic particles we take for granted today [never mind atoms and molecules] did not exist - because the universe had not cooled sufficiently.
So if you extrapolate this facts, don't they suggest that it stands to reason that, the further away in distance [and thus the further back in time] that we look, the higher the energies we would expect to observe. Everything else is [just / subject to] entropy.
I'm not sure where Occam's Razor would swing across this story, but suspect the explanation - whatever it is - will be a simple one.
Fascinating post, article and lots of good comments on this - thank you.
With the caveat that I don't know what I'm talking about [ ! ] the article got me thinking about the way that our senses operate differently at altitude. Essentially, this means, "at a significantly different atmospheric pressure"... So obviously the first thin to think about is : what, exactly, is that pressure difference? Well, according to this calculator, at mide.com,
https://www.mide.com/pages/air...
A "typical" air pressure at sea level might be 101.325kPa[kiloPascals], in which case the corresponding air pressure at 8,000ft would be approximately 75,250 kPa - which is approximately 75% of sea level pressure. OK, for a "starting point", I'd hope we'd agree that this delta is sufficient for physical and chemical reactions to be potentially altered.
Then I got to thinking about passengers from a physiological perspective. Essentially, the human being is a mass of semi-permiable membranes. Yes, there is plenty of chemistry going on within us - turning foods into energy, for example - but it also stands to reason that our 5 senses are going to be quite sensitive to changes in pressure... For example - a reduced atmospheric pressure will mean that inhalations bring fewer air molecules in to our lungs, which would also surely involve changes in our sense of smell. OK, I don't know how pressure differential would impact the dispersal of scent chemicals in a gas mix, but there is likely to be a difference...
Our sense of taste is going to be based on diffusion and/or osmosis, as the chemical trace signatures of what we eat are absorbed and processed by the cells in our taste buds. But of course the actual mechanics of tasting are going to be based on chemicals being transferred into saliva and then offered up to the taste processing centres on our tongues. Whether the underlying processes are osmosis or diffusion, or a mix or variation is almost secondary to the point that there will be something like this underpinning the necessary chemistry that drives the sense of taste. Mess with partial pressures, absorption rates, osmosis or diffusion rates and it rather makes sense.
If we were sensitive enough, we might even expect to witness a very slight change in the sense of touch... Just as we know that limbs can swell in low pressure, so sub-cutaneous blood capillaries are going to change and this should impact our touch. Would sight be impacted? Perhaps, if the lower atmospheric pressure caused a slight outward swelling of our eyes?
The thing that really interests me, though is the comment from TheRaven64, where they observe that Gin & Tonic is "one of the few alcoholic beverages that tastes better at low air pressure." Describing something as "tasting better" is way too subjective for us to be likely to reach a consensus upon, but the observation of the change, alone, might be enough to suggest that there could be ways of compensating for altitude-related changes to our senses by altering the composition or chemistry of what we eat...
Lastly - just as a final thought - I wonder if gravity [or the absence of it] plays a part in our senses too? OK, so the reduction in the gravity we experience between sea level and 40,000ft might not be enough of a difference, but we could theoretically extrapolate by looking at feedback from astronauts as to whether ultra-low gravity environments impact their senses... I'd be very interested to know if we've got any readers who can better explain the relationship between the change in what we sense during a flight and the environmental impact on our physiology - I've just been guessing in this post, but suspect there's some pretty interesting material here somewhere...
Agreed, but I think we're maybe looking at this from two very different perspectives...
... Banks make money in a variety of ways; among them are the extension of credit and the provision of a service for a fee... We are looking at those two activities in the context of this discussion...
First, you rightly point out that both traditional banks and credit card companies offer credit. In order to do this, those companies need to have either a full banking licence, or something very similar to one, or they will simply not be permitted to operate in any major, well-developed economy.
On the other hand, we're also talking about a simple transaction in which funds from one currency are translated in to another currency. There is no loan involved in this transaction - it is essentially "asset swapping for a fee"
If all you want to do is visit a country that uses a different one to where you live, then any multinational Bitcoin exchange that can keep their transaction fees below the typical 2.75% "foreign currency handling fee" of a credit card is going to do very well indeed...
There is absolutely no doubt that use of blockchain technologies will continue to expand as more and more people develop solutions that use it. However, there is a world of difference between having the technical means to handle transactions in the volumes discussed, but this is entirely distinct from actually being able to compete with an institution like VISA, for non-technical reasons...
The global card payment processing infrastructure generates literally billions and billions of dollars of revenues for Mastercard, VISA, plus all banks. The resultant and incredible profits are further enhanced by insane "transaction processing fees" when purchases are made in any currency other than the card's default.
Do we think for a moment that the vast, established financial services industry will simply roll over and allow Bitcoin or Ethereum to displace it? No. This is why we see all of these grossly exaggerated claims regarding crypto-currencies - that it is used only by drug dealers, paedophiles and terrorists. Of course, these arguments conveniently forget the fact that actual paper cash is even more anonymous than crypto-currency will ever be, yet we don't hear [most] of these organisations clamouring for cash to be withdrawn. [ Most: VISA have been pushing this for a while now].
As a crypto-currency becomes established and generates the infrastructure to actually make a dent on the current cartel of big banks, expect to see horror stories regarding the criminal use of it, expect to see all sorts of legislation to outlaw it being proposed. Expect to see scandals and stories like the Mt Gox exchange hack being trumpeted as reasons that cryptocurrency should be doomed.
On balance, I think the distributed ledger concept has a lot to commend it - it makes the financial infrastructure of the world much more robust - but the biggest challenge it faces will come from the entrenched players in this market - the big banks. Which, by the way, are already developing their own, proprietary and "closed" blockchain technologies... Fancy that...
The short but honest answer is "It will depend"...
The longer and slightly more complicated answer is to observe that there are all sorts of different ways that the Hyperloop design, as explained, could fail. Examples include things like gradual pressure increase within the conveyance tube [loss of vacuum], collisions [between a moving capsule and a stationary one], contact-leading-to-damage [for example between a capsule and the conveyance tube], and so on.
A complete and thorough answer to your [entirely valid] question would require far more time and space than slashdot typically affords us. Suffice to say that there are some excellent engineering disciplines and practices that have been developed to answer precisely the question you have asked. It is highly unlikely that us mere mortals would ever get visibility of the results of that analysis, but it is entirely to be expected that the relevant Federal/Government regulator will do so. A common framework [but by no means the only one used today] is FMEA - Failure Mode and Effect Analysis.
Readers may be interested to note that in the aviation industry, for example, each airline prepares and publishes their own Operating Procedures, Safety Manuals/Training and ensures the relevant level of awareness among employees, contractors and clients [passengers]. I do not know for certain, but suspect that this model is done from a liability perspective - if an airline followed government-mandated safety procedures [or aircraft manufacturer supplied procedures] to the letter, but an accident occurred, then in any subsequent investigation or challenge regarding legal liability, the airline would try and argue that they met every requirement made of them. Instead, by making the airline responsible for developing and following their own practices, the regulator carefully avoids ultimate authority for any failure of process design... Given the highly litigious nature of the modern world, it is likely that the safety procedures and operating practices of any commercial Hyperloop solution will be designed and implemented by the Operator, ideally with some form of Federal or governmental oversight.
If true, this story would be disappointing, because of the hypocrisy if for no other reason. I've searched for articles or photographic proof of the claim but not found any yet... There are images of the presentation up and running, but the display shows an all-screen slide and it isn't possible to definitively identify the operating software.
The only reason I ask [and I don't have an opinion on the claim one way or the other] is because I'm aware of several friends of mine who run both Windows and Linux on MacBook Pro hardware. Their justification is that even though it's crazy-expensive, the Apple MacBook Pro hardware is among the very best available today, hence their use of the product. I make this additional observation because if Zemlin walked in to the theatre / hall carrying a MacBook Pro it would be easy to conclude that he was running MacOS. However, until there is actual concrete proof, nobody can say with certainty what OS the guy is running.
Perfectly happy to express my disappointment when the evidence is on the table, but until then...