The rest of us who aren't network admins either have it installed already, can't install it because our network admin won't let us, won't install it because it'll break something and we can't spend five minutes looking for a patch because that's too much work, or we've never heard of it.
You forgot probably the most likely explanation among the WinXP users who read this forum: we've done the research, seen what vulnerabilities are supposed to be addressed, and concluded that we'd rather rely on our existing defences (firewall, anti-virus, yada yada) than risk rendering our system unstable/unusable and spending a lot of time fixing the problem.
In my case, this isn't just paranoia, it's based on watching SP2 take out several completely different boxes belonging to family and friends (and then being drafted in to fix the mess).
Security restricts and breaks functionality, sometimes deliberately
Security might have to restrict potentially dangerous functionality, but if your security is breaking functionality that wasn't a vulnerability in the first place, it's not really security, it's just a bug.
While there might be good reasons for not installing here and there, I suspect most of the so called "admins" are just to lazy or simply clueless when it comes to large scale software distribution.
And yet they've successfully set up those networks in the first place, probably installed numerous other WinXP patches across their networks afterwards, probably installed and configured office apps, corporate database stuff, corporate Intranet stuff, and more.
Really, if installing SP2 from a centralised control point isn't a matter of "Click here" and perhaps fixing some unusual incompatibility problems on a small proportion of machines, then I'm betting it's SP2 (or its installation tools) that is broken, not the IT staff.
What established legal or regulatory principles? If you have been slandered, your recourse is to sue the person.
OK, it seems some respondents in this thread don't understand why I feel that this wouldn't really have fixed the damage here anyway, and hence I didn't pursue legal action at the time. There is an implication in some of the less constructive replies that this was out of laziness, but this is true only in as much as I didn't see what good it would do and therefore didn't do what I viewed as wasting my time.
My argument here is that a traditional court case alleging defamation is not an adequate remedy here. Let me change sides for a moment and play the "you should have sued" game to try and illustrate a few reasons why.
For a start, in what jurisdiction would you suggest I file suit? I am in the UK, as is my ex. The blog site is (AFAIK) run by a company based in the US, and (AFAIK) also hosted there.
If you wanted to take legal action, you should talk to an attorney.
Same question: an attorney in what jurisdiction, and experienced with what area(s) of law? Defamation? International disputes? Technology issues? Family disputes?
In a lot of situations, all you need to silence someone for is a few weeks, and their statements become pointless. And you want to do that on your say-so.
Please read my posts again. More than one person has inferred that from what I've written, but I've never actually written it, at least not without major qualifiers. In fact, I have written explicitly that on balance I wouldn't want service providers to take on the role of the legal system.
I repeat: my point here is simply that the existing legal framework within which the Internet operates is lacking in this area (and, for that matter, many others). The world has never seen a system where massive and almost instantaneous distribution of information is possible. This creates a whole new context in which our moral values must be applied to determine law, and whole new ways to offend those values that are qualitatively different to anything the justice system has had to deal with in the past: viruses and their ilk, P2P copyright infringement, spam and phishing, and of course the kind of widespread and immediate defamation we're discussing here.
There is an implicit assumption in many of the comments in this discussion that the same balance between the individual's rights and freedoms and the restrictions on them for the good of society is appropriate in the Internet age as it was before. This claim has yet to be proven, and certainly the case of the ex here is not the first suggestion that it might not be; see the other dangers I mentioned above.
As the AC pointed out, you're accusing someone of lying. You want here silenced without you providing any evidence to support your allegations.
And as I've pointed out, she was accusing me of much worse; as the kids in the schoolyard chant, "she started it". Any implied accusation that she is herself lying arises purely from my denying the accusations made of me. Trying to turn this around (as some respondents have done) and say that I'm somehow the accuser will create a chicken-and-egg scenario, except that here it's quite clear which came first.
And of course, in any case she was clearly distributing my copyright material: the altered e-mails. This allegation could be proved by simply reading a post where she herself claims I wrote the words, and my agreeing with this, whereupon the onus is on her to demonstrate that I assented to the distribution -- something that would have been rather unlikely given the nature of the material and the subtle but very significant differences between what she posted and the copy in my sent mail folder.
If any of the admins at the blog provider had even looked at the post I was complaining ab
I've spent a long time trying to find a decent programming font that's not tiny but still distinguishes the usual similar characters clearly. (My eyes aren't good enough, particularly when running at the high res I prefer for other reasons, for all these single-figure-square bitmap jobs.)
I did try several proportional fonts for a while, including Verdana, but it just proved too difficult to keep the code tidy. Too many things I read and write take up more than one line, and we try to keep things as inherently messy as multi-line statements as readable as possible using good alignment conventions.
FWIW, at the moment, I'm using Bitstream Vera Sans Mono in quite a large size (something like 12pt IIRC). Neither Courier variations (too light) nor Lucida Console (too heavy) were really working for me.
Also check out the many useful tools available from SysInternals. These guys are serious Windows hackers and know how to integrate tightly with the internals. For general use, Process Explorer is a must-have replacement for task manager, and many of the others are useful if you're working in the areas they concern. And they give them away free, and a fair bit of source code too, bless them.
I would hope that your friends would think less of her for doing that, not less of you.
Eventually, they did. But it took quite a while, particularly for those friends who weren't local and I didn't get to talk to face-to-face for some time after the comments were posted. It wasn't a very nice experience.
While she's wasting her time blogging about you, you should be spending your time finding Miss (soon to be Mrs.) Right.
I tried to do exactly that; I dropped this subject several years ago, and only brought it up again (with everyone anonymous) because it was a directly relevant example in this conversation.
As bad luck would have it, it was my new Miss (we're not betting on the rest yet) Right who actually found the offending blog post in the first place. Fortunately, like most of my friends who read the comments there at the time, she has since seen enough to know what I really said and who I really said it about. Our relationship survived and we consider the matter ancient history.
Still, it's not very pleasant feeling that several of your closest friends don't quite know whether to trust you or not for a few months. It's like an allegation of abuse: old friends know they shouldn't believe the accused could possibly have done it, and the public should know better than to believe everything they read in the paper, but if you're on the wrong end of it the stigma stays around long after the accusation is shown to be false even in a court of public record.
The thing is, I'm not the kind of guy who does talk about people unpleasantly behind their backs
Except for ex-girlfriends, apparently.
Since I haven't given any way of identifying her at any point in this thread, it's hardly the same thing. I could be talking about anyone, and I am defaming no-one. In fact, she's probably one of the few people in the world who knows who Anonymous Brave Guy really is, and the others are probably all familiar with her side of this story anyway. Moreover, since Slashdot allows anyone to post, she's free to reply here if she feels anything I say is inappropriate. That's a lot more right to reply than she and LJ ever gave me.
You know, it's probably still not too late to seek compensatory and/or punitive damages. IF, that is, you can be bothered to prove that your case has merit.
Please read my other posts to this subthread, particularly on the subject of why going after damages after-the-fact isn't relevant to me. The point was that the damage was done as soon as she was able to defame me publicly and I didn't have an immediate means of removing her comments, or at least a right to reply.
Given that the subject of this entire discussion is whether censorship of blogs is ever appropriate, I'm simply providing a data point for somewhere it would have done some good.
Of course they were; the idea that any organisation that maintains a database can't access the data just because internally one of the fields named "private" is set to true is laughable.
I think I speak for most people who have taken the time to read this sub-thread when I respectly submit that the problem may be that you need to grow a pair.
You're entitled to think whatever you like; what you choose to believe is your prerogative. I don't know whether you're right, and I'm pretty sure you can't know that either.
Talking behind peoples' backs can come back to bite you. You were forced to be a man and stand behind some uncomfortable things you said. Must have been awkward. Surely you didn't try to weasel out of it and pretend you didn't mean what you said when you said it. "Taken out of context"... right.
The thing is, I'm not the kind of guy who does talk about people unpleasantly behind their backs, particularly not friends. I find it distasteful, and obviously I don't like having it done to me, so I don't do it to others. The problem is that she could easily make it look like I do by, say, cutting out parts of sentences with negatives in them.
If I'd actually said what was attributed to me, or something that meant even close to the same, I wouldn't have nearly such a problem with the behaviour in question.
Regardless, others have already said better than I that it is not the government's role to step in and regulate the private speech of individuals. Period.
It wasn't private speech, it was public. It was also factually incorrect, defamatory, and hurtful to a lot of people. If the government isn't supposed to fight antisocial behaviour on the part of individuals for the good of society as a whole, WTF are they for anyway?
Sucks to be you, but freedom of speech (while not the absolute) is more important than your personal peace of mind.
I appreciate the sentiment, but please understand the damage that was done here. It wasn't just me that was hurt; those mails contained comments I sent in confidence to my then-girlfriend about mutual friends, which taken out of context (as they were) painted a rather different picture about those friends to what I actually thought, or indeed originally wrote myself. Now, if your best friend's fiancee happens to read such comments and get the wrong idea, that can really upset marriage plans. Is that really just "my peace of mind"?
I'm not saying the ex was trying to hurt anyone other than me when she reposted the comments. She was probably just careless in the editing, but my friends were hurt all the same. It was a long time before I could convince them about what I really wrote and mend those friendships.
We can't allow people like yourself to control what their ex-girlfriends post, because then we would have to allow people who abuse their spouses to control what information said spouses can release to the public.
That doesn't follow, since I'm not suggesting that absolute control is good. However, I do wonder whether the burden of proof isn't the wrong way around here. In a court, you are innocent until proven guilty, yet apparently in today's Internet-enabled world, it's perfectly OK to publish a bitter ex's unsubstantiated damning comments about their former partner without even giving them a right to reply?
Of all the freedoms we cherish, freedom of speech is perhaps the most dangerous, because once something is spoken it can't be unspoken. Sometimes no amount of compensation after-the-fact can ever fully undo the damage of malicious speech. When you've been on the wrong side of this, perhaps you'll understand.
It's not; if he wants to sue his ex-girlfriend for libel, then he can.
Realistically, no, I can't. I have neither the knowledge of how the legal system works where LJ are based to know who to hire, nor the kind of money that this sort of case usually seems to require.
I think you're missing my point anyway: a law suit would have been mostly irrelevant by that stage. The point is that I told LJ shortly after my ex posted her comments that they were inappropriate and why, and asked them politely to remove them. Over the next few days, after they refused to do so (claiming that they couldn't read their own database as a rather poor excuse for this), several close friends of mine came across those opinions. Since I was also blocked from posting a rebuttal comment in the same place as the originals, which might have been an adequate remedy, the damage was done. No trivial amount of financial compensation could make up for months of upset that those comments caused to me and some other people who were involved, whatever the result of a law suit.
If he's not willing to spend the money for a lawyer, he's either asking that someone else spend the money to investigate it, or that government or LiveJournal silence her on his say-so.
I'm not asking for people to be silenced "just because". I'm providing an example of what happens when free speech and an unregulated Internet are allowed to over-rule established legal and/or regulatory principles that apply in similar areas outside the Internet.
If they'd said they wouldn't take the post down without some sort of proof/court order/whatever, that would have been a reasonable answer, if not one I think is ideal. If they'd said they'd take it down for a short period pending delivery of same, that would have been better. I can understand a service provider not wanting to play judge and jury, too; overall, I'd rather they didn't (and indeed couldn't). But that means there has to be some effective means of taking legal action in a timely and affordable manner in cases like this.
Right now there isn't, and that's my point. Paying hundreds of dollars or whatever for a lawyer to successfully pursue a law suit that says "Yes, you were right" six months after the post was made is too little, too late to deal with this kind of crime. Perhaps in an age of instant mass communication, the rule needs to be changed so that the benefit of the doubt goes with the accused until the accuser provides evidence to support their allegations. It's a new idea, I know, but maybe it's better than encouraging a culture where damning someone publicly is an effective means of hurting them, whether or not you have any right to do so?
Got any copies of your old sent mail? Make your own blog and fight back...
I could have done that, or bad-mouthed her behind her back, or posted photographs of her wearing not a lot where I knew her friends would find them, or whatever. I just prefer not to descend to that level. The damage was done, several people including me were deeply hurt by it, and none of the above would have fixed it, so I didn't see much reason to continue the unpleasantness.
His ex isn't stating facts. She's using his copyrighted content (his email) to defame him.
Yes, that's exactly what she was doing (aside from the embellishments to make it worse).
On the other hand, if he notifies them they are hosting his copyrighted content without his consent, they do have some legal liability if they refuse to take it down.
My understanding is that, in the UK at least, that's been the situation since the Demon case, though the whole area is muddy legal water.
However, I did clearly state in my complaint to LJ that (a) she was posting my copyrighted content without my consent, and (b) she was defaming me. Their answer to both boiled down to "we can't read our own database, so there's nothing we can do".
I feel the same about people who read blogs as I do about people who read tabloids. If you don't want to read it, then don't look. If the information is a little too personal for you than never go back, it may be informative for somebody.
The problem isn't me reading a blog entry about me. I already know where I live, what my ID numbers are, etc. etc. The problem is that I can't stop somebody else reading that.
This issue is bigger than just personal info valuable to strangers, too. I've had a bitter ex-g/f post intimate personal e-mails on her blog from the time we were going out, and with a large dose of editing, taking out of context, and outright lies thrown in for good measure. She knew damn well that several close friends of mine also read that blog, and would think less of me after reading what she wrote (or her adapted version of what I had once written).
The real killer is that despite the blog host being a big name, they didn't give a shit. In fact, after the ex made the post "private" (which didn't stop our common friends from reading it) when I wrote to her and asked her to remove the comments, the LJ admins then claimed (in response to my formal complaint) that they couldn't access that area of the database, and therefore couldn't do anything about the post. All of which helped me and my relationships with some formerly close friends not at all.
So, what am I supposed to do? I live in the UK, so I'm hardly going to pay hundreds of $$$ to hire a US attorney and pursue a defamation suit against my ex in the US just to get LJ to take the post down, am I? But without any official, international regulation of this area of the Internet, the damage was done all the same, and it hurt a lot more than posting any credit card number would have.
Freedom of speech is a valuable thing, but it is not the only valuable thing, and it is far too powerful to be an absolute.
I think his point was that you were questioning the authority of the W3C, and he was pointing out that the major browser vendors are explicitly acknowledging this authority by virtue of being members.
Sure, I'm simply suggesting that actions speak louder than words in matters like this. If Microsoft really are behind the W3C, they'll provide the better support for CSS that many in this discussion are hoping for. If they're just trying to avoid looking like saboteurs while simultaneously playing the embrace-and-extend game, the relevance of the W3C will be seriously diminished.
I am using Thunderbird, and I too wondered about the DST issue, since we switched in the UK a few days ago. I thought that one was long-since fixed, though, and other behaviour (notably multiplying up messages in the tree view of the currently selected folder every time you switch to a different folder and switch back) doesn't seem consistent with it.
The problem with reporting a bug, of course, is that to make a useful report you first have to know what the problem is well enough to reproduce it.:-(
There are far bigger problems with using things like Firefox and Thunderbird in large organisations than just the (mostly phantom) CYA aspect.
As much as I love the apps, I'm considering switching back to IE and Outlook at work, mostly for the following reasons:
Firefox's stubborn refusal to support things like file:// links in the same way as 90% of the world means it Just Doesn't Work with many vital areas of our corporate intranet. Yes, I've read about the tweaks you can do. Yes, I know about standards. No, I don't think 20+ people working on my group's Wiki alone are going to write file:///// every time they put a link just so my Firefox works. No, I don't think I'll mail the CTO and ask him to change our intranet scripting coding standards to work with Firefox.
Thunderbird's lack of integration with Exchange Server et al. means I may be instructed to drop it in favour of Outlook shortly, so that I can be hooked into the usual mechanisms for meetings, room bookings, etc.
Thunderbird's mail storage system is not robust. I have lost everything several times with various versions, and my fully up-to-date TBird installation at home seems to be getting deeply confused again: apparently I've got 795 unread messages in my Inbox, even though there are only three messages there, no wait now it's five after I change to another folder and back, and now it's seven, and... At home, such an event means I go back to my last back-up and possibly lose a few random messages from friends since the weekend. At work, it might mean losing a vital message from a senior manager, and I'm not going to risk that. I guess this is a form of CYA, but so be it.
Added to all of these are the current lack of tools for the corporate sysadmins to deploy, configure and patch Moz family apps centrally, and avoid changes by lusers who don't know what they're doing that might break their carefully maintained system. Just moving all the profile data from the Windows-standard-that-hardly-anyone-really-uses location to something that fits in with a corporate back-up strategy is likely to be a chore.
Most of these aren't serious problems (if problems at all) for home users or small businesses where things are done informally. In a megacorp, things work differently, and until basics like the above are addressed, I'm afraid Firefox's chance of becoming the preferred browser is approximately negative regardless of any technical and usability advantages it may have over IE.
Of course; visibly failing to support something like this would generate very bad PR for whichever browser maker was caught out. The real question, as is often the case with standardisation issues in technology, is whether those who are "signed up" are signed up. If enough of them are, the standard is useful.
The "standard" in "CSS standard" refers to a formal document published by an standardization body. It's the ideal that the browsers should aim for.
There is a presumption of authority on the part of the standardization body in the second sentence above. In real life, a formal standard has only as much authority as the field grants it, by aiming to reach it (and thus making it the standard in the other sense you gave).
The CSS standard defines a convention that browsers may aim for. One could (and many people do) argue that if you have 90% of the market share, then your views are a far more realistic standard than those expressed in anyone else's formal document. Thus any formal standard that doesn't have the 90% holder on board has dubious authority at best.
I hate to point out the obvious here, but if he's the Sys Admin, he can log into the DB with the admin password and delete any logs around.
Only if the system has a facility for him to do that. Whether it should have such a facility is a different question.
Even then, you're only talking about deleting logs. The real damage here is if someone can look up confidential data, and there's no need for that to ever be available unencrypted to a sysadmin. He can work just as well with an encrypted version for the purposes of back-ups, configuration, etc.
Even in this case, I wouldn't trust the HR people with the Admin password to anything.
I'm not suggesting you should. But only the appropriate staff, HR or otherwise, need to be able to read the confidential information. For anyone else, including IT staff, encrypted is good enough.
And yes, I can get all of the information you list for anyone at any time. And change it. With almost no record that it was changed.
Then your system security and processes suck, you are incompetent, and your employer is probably being negligent in continuing to employ you.
There is a difference between
being able to access and control all the systems
being able to access and change all the confidential data without adequate checks and balances (such as knowing a separate password to access confidential employee information, or having proper, audited logs so someone will notice if you change anything in that category).
As a sysadmin, you only need one of these. As a responsible sysadmin, you should ensure that no-one can do the other.
Unfortunately, it's really not, at least not if you're going to get any useful long-term benefits from it.
OK, for a small, local outfit maybe something simple would have some value. However, for larger companies, and certainly for those with staff in multiple jurisdictions, the amount of red tape and regulations you have to deal with just to employ someone these days is staggering.
SAP is a monster, it's true, but it didn't become so just because.
You forgot probably the most likely explanation among the WinXP users who read this forum: we've done the research, seen what vulnerabilities are supposed to be addressed, and concluded that we'd rather rely on our existing defences (firewall, anti-virus, yada yada) than risk rendering our system unstable/unusable and spending a lot of time fixing the problem.
In my case, this isn't just paranoia, it's based on watching SP2 take out several completely different boxes belonging to family and friends (and then being drafted in to fix the mess).
Security might have to restrict potentially dangerous functionality, but if your security is breaking functionality that wasn't a vulnerability in the first place, it's not really security, it's just a bug.
And yet they've successfully set up those networks in the first place, probably installed numerous other WinXP patches across their networks afterwards, probably installed and configured office apps, corporate database stuff, corporate Intranet stuff, and more.
Really, if installing SP2 from a centralised control point isn't a matter of "Click here" and perhaps fixing some unusual incompatibility problems on a small proportion of machines, then I'm betting it's SP2 (or its installation tools) that is broken, not the IT staff.
OK, it seems some respondents in this thread don't understand why I feel that this wouldn't really have fixed the damage here anyway, and hence I didn't pursue legal action at the time. There is an implication in some of the less constructive replies that this was out of laziness, but this is true only in as much as I didn't see what good it would do and therefore didn't do what I viewed as wasting my time.
My argument here is that a traditional court case alleging defamation is not an adequate remedy here. Let me change sides for a moment and play the "you should have sued" game to try and illustrate a few reasons why.
For a start, in what jurisdiction would you suggest I file suit? I am in the UK, as is my ex. The blog site is (AFAIK) run by a company based in the US, and (AFAIK) also hosted there.
Same question: an attorney in what jurisdiction, and experienced with what area(s) of law? Defamation? International disputes? Technology issues? Family disputes?
Please read my posts again. More than one person has inferred that from what I've written, but I've never actually written it, at least not without major qualifiers. In fact, I have written explicitly that on balance I wouldn't want service providers to take on the role of the legal system.
I repeat: my point here is simply that the existing legal framework within which the Internet operates is lacking in this area (and, for that matter, many others). The world has never seen a system where massive and almost instantaneous distribution of information is possible. This creates a whole new context in which our moral values must be applied to determine law, and whole new ways to offend those values that are qualitatively different to anything the justice system has had to deal with in the past: viruses and their ilk, P2P copyright infringement, spam and phishing, and of course the kind of widespread and immediate defamation we're discussing here.
There is an implicit assumption in many of the comments in this discussion that the same balance between the individual's rights and freedoms and the restrictions on them for the good of society is appropriate in the Internet age as it was before. This claim has yet to be proven, and certainly the case of the ex here is not the first suggestion that it might not be; see the other dangers I mentioned above.
And as I've pointed out, she was accusing me of much worse; as the kids in the schoolyard chant, "she started it". Any implied accusation that she is herself lying arises purely from my denying the accusations made of me. Trying to turn this around (as some respondents have done) and say that I'm somehow the accuser will create a chicken-and-egg scenario, except that here it's quite clear which came first.
And of course, in any case she was clearly distributing my copyright material: the altered e-mails. This allegation could be proved by simply reading a post where she herself claims I wrote the words, and my agreeing with this, whereupon the onus is on her to demonstrate that I assented to the distribution -- something that would have been rather unlikely given the nature of the material and the subtle but very significant differences between what she posted and the copy in my sent mail folder.
If any of the admins at the blog provider had even looked at the post I was complaining ab
I've spent a long time trying to find a decent programming font that's not tiny but still distinguishes the usual similar characters clearly. (My eyes aren't good enough, particularly when running at the high res I prefer for other reasons, for all these single-figure-square bitmap jobs.)
I did try several proportional fonts for a while, including Verdana, but it just proved too difficult to keep the code tidy. Too many things I read and write take up more than one line, and we try to keep things as inherently messy as multi-line statements as readable as possible using good alignment conventions.
FWIW, at the moment, I'm using Bitstream Vera Sans Mono in quite a large size (something like 12pt IIRC). Neither Courier variations (too light) nor Lucida Console (too heavy) were really working for me.
Also check out the many useful tools available from SysInternals. These guys are serious Windows hackers and know how to integrate tightly with the internals. For general use, Process Explorer is a must-have replacement for task manager, and many of the others are useful if you're working in the areas they concern. And they give them away free, and a fair bit of source code too, bless them.
Blockquoth the AC:
Of course it's possible, but it's not very plausible in this case given that the author of the post can still read it, now is it?
Eventually, they did. But it took quite a while, particularly for those friends who weren't local and I didn't get to talk to face-to-face for some time after the comments were posted. It wasn't a very nice experience.
I tried to do exactly that; I dropped this subject several years ago, and only brought it up again (with everyone anonymous) because it was a directly relevant example in this conversation.
As bad luck would have it, it was my new Miss (we're not betting on the rest yet) Right who actually found the offending blog post in the first place. Fortunately, like most of my friends who read the comments there at the time, she has since seen enough to know what I really said and who I really said it about. Our relationship survived and we consider the matter ancient history.
Still, it's not very pleasant feeling that several of your closest friends don't quite know whether to trust you or not for a few months. It's like an allegation of abuse: old friends know they shouldn't believe the accused could possibly have done it, and the public should know better than to believe everything they read in the paper, but if you're on the wrong end of it the stigma stays around long after the accusation is shown to be false even in a court of public record.
Since I haven't given any way of identifying her at any point in this thread, it's hardly the same thing. I could be talking about anyone, and I am defaming no-one. In fact, she's probably one of the few people in the world who knows who Anonymous Brave Guy really is, and the others are probably all familiar with her side of this story anyway. Moreover, since Slashdot allows anyone to post, she's free to reply here if she feels anything I say is inappropriate. That's a lot more right to reply than she and LJ ever gave me.
Please read my other posts to this subthread, particularly on the subject of why going after damages after-the-fact isn't relevant to me. The point was that the damage was done as soon as she was able to defame me publicly and I didn't have an immediate means of removing her comments, or at least a right to reply.
Given that the subject of this entire discussion is whether censorship of blogs is ever appropriate, I'm simply providing a data point for somewhere it would have done some good.
Of course they were; the idea that any organisation that maintains a database can't access the data just because internally one of the fields named "private" is set to true is laughable.
You're entitled to think whatever you like; what you choose to believe is your prerogative. I don't know whether you're right, and I'm pretty sure you can't know that either.
The thing is, I'm not the kind of guy who does talk about people unpleasantly behind their backs, particularly not friends. I find it distasteful, and obviously I don't like having it done to me, so I don't do it to others. The problem is that she could easily make it look like I do by, say, cutting out parts of sentences with negatives in them.
If I'd actually said what was attributed to me, or something that meant even close to the same, I wouldn't have nearly such a problem with the behaviour in question.
It wasn't private speech, it was public. It was also factually incorrect, defamatory, and hurtful to a lot of people. If the government isn't supposed to fight antisocial behaviour on the part of individuals for the good of society as a whole, WTF are they for anyway?
I appreciate the sentiment, but please understand the damage that was done here. It wasn't just me that was hurt; those mails contained comments I sent in confidence to my then-girlfriend about mutual friends, which taken out of context (as they were) painted a rather different picture about those friends to what I actually thought, or indeed originally wrote myself. Now, if your best friend's fiancee happens to read such comments and get the wrong idea, that can really upset marriage plans. Is that really just "my peace of mind"?
I'm not saying the ex was trying to hurt anyone other than me when she reposted the comments. She was probably just careless in the editing, but my friends were hurt all the same. It was a long time before I could convince them about what I really wrote and mend those friendships.
That doesn't follow, since I'm not suggesting that absolute control is good. However, I do wonder whether the burden of proof isn't the wrong way around here. In a court, you are innocent until proven guilty, yet apparently in today's Internet-enabled world, it's perfectly OK to publish a bitter ex's unsubstantiated damning comments about their former partner without even giving them a right to reply?
Of all the freedoms we cherish, freedom of speech is perhaps the most dangerous, because once something is spoken it can't be unspoken. Sometimes no amount of compensation after-the-fact can ever fully undo the damage of malicious speech. When you've been on the wrong side of this, perhaps you'll understand.
Realistically, no, I can't. I have neither the knowledge of how the legal system works where LJ are based to know who to hire, nor the kind of money that this sort of case usually seems to require.
I think you're missing my point anyway: a law suit would have been mostly irrelevant by that stage. The point is that I told LJ shortly after my ex posted her comments that they were inappropriate and why, and asked them politely to remove them. Over the next few days, after they refused to do so (claiming that they couldn't read their own database as a rather poor excuse for this), several close friends of mine came across those opinions. Since I was also blocked from posting a rebuttal comment in the same place as the originals, which might have been an adequate remedy, the damage was done. No trivial amount of financial compensation could make up for months of upset that those comments caused to me and some other people who were involved, whatever the result of a law suit.
I'm not asking for people to be silenced "just because". I'm providing an example of what happens when free speech and an unregulated Internet are allowed to over-rule established legal and/or regulatory principles that apply in similar areas outside the Internet.
If they'd said they wouldn't take the post down without some sort of proof/court order/whatever, that would have been a reasonable answer, if not one I think is ideal. If they'd said they'd take it down for a short period pending delivery of same, that would have been better. I can understand a service provider not wanting to play judge and jury, too; overall, I'd rather they didn't (and indeed couldn't). But that means there has to be some effective means of taking legal action in a timely and affordable manner in cases like this.
Right now there isn't, and that's my point. Paying hundreds of dollars or whatever for a lawyer to successfully pursue a law suit that says "Yes, you were right" six months after the post was made is too little, too late to deal with this kind of crime. Perhaps in an age of instant mass communication, the rule needs to be changed so that the benefit of the doubt goes with the accused until the accuser provides evidence to support their allegations. It's a new idea, I know, but maybe it's better than encouraging a culture where damning someone publicly is an effective means of hurting them, whether or not you have any right to do so?
I could have done that, or bad-mouthed her behind her back, or posted photographs of her wearing not a lot where I knew her friends would find them, or whatever. I just prefer not to descend to that level. The damage was done, several people including me were deeply hurt by it, and none of the above would have fixed it, so I didn't see much reason to continue the unpleasantness.
Yes, that's exactly what she was doing (aside from the embellishments to make it worse).
My understanding is that, in the UK at least, that's been the situation since the Demon case, though the whole area is muddy legal water.
However, I did clearly state in my complaint to LJ that (a) she was posting my copyrighted content without my consent, and (b) she was defaming me. Their answer to both boiled down to "we can't read our own database, so there's nothing we can do".
The problem isn't me reading a blog entry about me. I already know where I live, what my ID numbers are, etc. etc. The problem is that I can't stop somebody else reading that.
This issue is bigger than just personal info valuable to strangers, too. I've had a bitter ex-g/f post intimate personal e-mails on her blog from the time we were going out, and with a large dose of editing, taking out of context, and outright lies thrown in for good measure. She knew damn well that several close friends of mine also read that blog, and would think less of me after reading what she wrote (or her adapted version of what I had once written).
The real killer is that despite the blog host being a big name, they didn't give a shit. In fact, after the ex made the post "private" (which didn't stop our common friends from reading it) when I wrote to her and asked her to remove the comments, the LJ admins then claimed (in response to my formal complaint) that they couldn't access that area of the database, and therefore couldn't do anything about the post. All of which helped me and my relationships with some formerly close friends not at all.
So, what am I supposed to do? I live in the UK, so I'm hardly going to pay hundreds of $$$ to hire a US attorney and pursue a defamation suit against my ex in the US just to get LJ to take the post down, am I? But without any official, international regulation of this area of the Internet, the damage was done all the same, and it hurt a lot more than posting any credit card number would have.
Freedom of speech is a valuable thing, but it is not the only valuable thing, and it is far too powerful to be an absolute.
Blockquoth the AC:
Sure, I'm simply suggesting that actions speak louder than words in matters like this. If Microsoft really are behind the W3C, they'll provide the better support for CSS that many in this discussion are hoping for. If they're just trying to avoid looking like saboteurs while simultaneously playing the embrace-and-extend game, the relevance of the W3C will be seriously diminished.
I am using Thunderbird, and I too wondered about the DST issue, since we switched in the UK a few days ago. I thought that one was long-since fixed, though, and other behaviour (notably multiplying up messages in the tree view of the currently selected folder every time you switch to a different folder and switch back) doesn't seem consistent with it.
The problem with reporting a bug, of course, is that to make a useful report you first have to know what the problem is well enough to reproduce it. :-(
There are far bigger problems with using things like Firefox and Thunderbird in large organisations than just the (mostly phantom) CYA aspect.
As much as I love the apps, I'm considering switching back to IE and Outlook at work, mostly for the following reasons:
Added to all of these are the current lack of tools for the corporate sysadmins to deploy, configure and patch Moz family apps centrally, and avoid changes by lusers who don't know what they're doing that might break their carefully maintained system. Just moving all the profile data from the Windows-standard-that-hardly-anyone-really-uses location to something that fits in with a corporate back-up strategy is likely to be a chore.
Most of these aren't serious problems (if problems at all) for home users or small businesses where things are done informally. In a megacorp, things work differently, and until basics like the above are addressed, I'm afraid Firefox's chance of becoming the preferred browser is approximately negative regardless of any technical and usability advantages it may have over IE.
Of course; visibly failing to support something like this would generate very bad PR for whichever browser maker was caught out. The real question, as is often the case with standardisation issues in technology, is whether those who are "signed up" are signed up. If enough of them are, the standard is useful.
There is a presumption of authority on the part of the standardization body in the second sentence above. In real life, a formal standard has only as much authority as the field grants it, by aiming to reach it (and thus making it the standard in the other sense you gave).
The CSS standard defines a convention that browsers may aim for. One could (and many people do) argue that if you have 90% of the market share, then your views are a far more realistic standard than those expressed in anyone else's formal document. Thus any formal standard that doesn't have the 90% holder on board has dubious authority at best.
Only if the system has a facility for him to do that. Whether it should have such a facility is a different question.
Even then, you're only talking about deleting logs. The real damage here is if someone can look up confidential data, and there's no need for that to ever be available unencrypted to a sysadmin. He can work just as well with an encrypted version for the purposes of back-ups, configuration, etc.
I'm not suggesting you should. But only the appropriate staff, HR or otherwise, need to be able to read the confidential information. For anyone else, including IT staff, encrypted is good enough.
Then your system security and processes suck, you are incompetent, and your employer is probably being negligent in continuing to employ you.
There is a difference between
- being able to access and control all the systems
- being able to access and change all the confidential data without adequate checks and balances (such as knowing a separate password to access confidential employee information, or having proper, audited logs so someone will notice if you change anything in that category).
As a sysadmin, you only need one of these. As a responsible sysadmin, you should ensure that no-one can do the other.Unfortunately, it's really not, at least not if you're going to get any useful long-term benefits from it.
OK, for a small, local outfit maybe something simple would have some value. However, for larger companies, and certainly for those with staff in multiple jurisdictions, the amount of red tape and regulations you have to deal with just to employ someone these days is staggering.
SAP is a monster, it's true, but it didn't become so just because.