The idea is you allow people to delegate their votes by topic to other people, who may be experts or may simply delegate again, upwards in a tree. You can change your delegations (sort of like revoting in the election) at any time or simply cast a vote on a particular proposal directly yourself. At initialisation time everyone starts out with their votes for all topics delegated to their local elected representative, so it's backwards compatible.
Usage data is all Google Analytics can be used for. The product literally does not support collection of anything else. What's more, it's not like this is a rare or unusual practice. For instance video games have been collecting telemetry by default for ages now. It helps the studios figure out where they screwed up and made the game too hard, causing players to drop out.
However, these banks will not be accused of laundering money for terrorists, except under an extremely flexible definition of "terrorist". Most likely they will be accused of evading sanctions and/or helping naughty Americans avoid tax (let's ignore that some of these Americans had left America). Unfortunately last time the USA went on the war path over sanction-evading banks it turned out that the countries the financial activity was happening in didn't have those sanctions. Another minor detail for the US Govt. Jurisdiction doesn't seem to matter to them.
I do feel like we're entering dangerous new territory with this constant beating up of banks, often under deeply questionable covers. The DoJ and Treasury dept have realised that bankers are so politically weak they can be made to do anything because people automatically assume they're guilty, and just the threat of prosecution under bogus laws can cow them into subservience - which is a problem because by seizing control of the banks they seize control of the people, who cannot do without bank accounts. Hence Operation Choke Point.
Frankly, I do not believe bankers are a part of some cigar smoking Al-Qaeda terrorist conspiracy and I'd rather they were left alone than we go down this path.... it can only lead to even more gross abuses of power than what we've already seen.
The government can disable every firearm at will already, by shooting the people holding them. You are no match for a professional army that's been told you're a terrorist.
EMV prevents you from extracting the private signing key it uses in EMV transactions. EMV chips also contain a copy of the magstripe data on the chip for convenience, but if you can get access to the chip it's 99.9% certain you could also read the magstripe, so that's hardly a big deal.
The chips used in these sorts of cards have proven remarkably robust. Though there have been several exotic protocol attacks on EMV so far there have been (AFAIK) none on the chips themselves.
It's up to each individual bank. Most banks won't require you to do a CAP authentication (with the little device) just for credit card purchases. Password with hint at most - banks earn mad fees on card transactions so they don't want you to do less of them. If they need more authentication for very risky transactions, they certainly can do that. Though whether the merchant opts in or not is up to them, it costs merchants more money to support 3D-Secure authentication unfortunately.
CAP is used primarily for wire transfers and logging in to online banking, where the sums involved tend to be higher.
That theory would be great except that the EU has a larger population than the USA and it's not like magstripe cards were exactly rare here, or get harder to drop the longer you have them.
The reason the USA hasn't upgraded is just that there's no willpower to do it in the banking sector. Perhaps because there are so many small banks. It's got nothing to do with being an "early adopter", lol. That's nearly as good as the explanation some poor VISA spokeswoman gave once - the USA doesn't need EMV because it had the internet earlier, and Chip/PIN was mostly useful for offline transactions, which only occur in stone age places like Europe. Hilarious.
Out of a regular PoS that's running Windows, yes. C&P transactions take place entirely between a dedicated piece of hardware and the card itself. Also the card signs a nonce so there's nothing to steal if the hardware is bad beyond the old regular magstripe data which is already stealable.
Re:I still use Firefox...on a Mac, occasionally
on
Firefox 29: Redesign
·
· Score: 1
I guess most people forgot that when Firefox came out, it triggered a tidal wave of complaints from people who loved Mozilla/Seamonkey and hated how Firefox took away their favourite Netscape-era UI knob, or how much they loved Composer. But they had to do it to become relevant and Firefox went on to be very successful. Who knows if it's repeat of the same thing, I suspect this is not, but the original Firefox philosophy boiled down to "screw our existing tiny dying userbase, let's try and chase the IE users".
Really?? What is so hard? An American company setting up in Ireland/Singapore etc to sell goods to third country X. It isn't hard to distinguish at all
What makes you think Google is an American company?
Yes, it was founded there. But more than half its employees and more than half its revenues are outside the USA. Looking purely at the numbers as they are today, Google is not an American company.
So what country does "own" Google then? Ireland? No. Most of Google's operations are not in Ireland. France? Certainly not.
Now we see the crux of the problem. Google is in fact a truly trans-national company. It is not obviously located in any one place. It has offices, employees and customers everywhere, and its products are all online where there are no borders.
How do you decide which countries get the biggest slice of the cake? There is no rational way to do it which is why people who design tax systems like the EU designed it to create a deliberate race to the bottom.
Google has a large office of employee's in France, that were involved with negotiating and signing advertising contracts with french companies, then claiming those contracts were actually signed IN IRELAND. This is the part that the tax collectors are taking issue with.
There are so many problems with this, where to begin?
Firstly, this is not some spontaneous action by a bunch of bottom rung tax collectors. Politicians in France got elected by promising things the country could not afford and have been desperately searching for things they can tax to raise revenue, or at least be seen to be doing something. Hence 75% tax on the rich, and so on. Wealthy non-French tech companies are of course a juicy target so top politicians in France have been threatening Google with retroactive tax "re-evaluations" for some time. This is 100% a politically motivated action, what's more, it directly contradicts EU law which France signed up for. It's not at all clear that the EU courts would let such an action stand.
But secondly, and more problematically, you are trying to argue that a contract is not signed with the people it's signed with. There's a very simple way to find out who a contract was actually made with - look at who signed it. If these contracts were signed by an Irish company, they're with a company in Ireland and it doesn't matter what language they're written in (seriously, who comes up with this crap, does the French government expect to tax transactions in Canada now?).
Countries that have a beef with salespeople promoting products that are actually sold elsewhere, will either have to get real, or start cracking down on any kind of affiliate network or company that has a mobile salesforce at all. Attempting to redefine where revenue accrues according the job titles of people who worked on the sale is a losing proposition and can never work - either companies will rename the people who are doing the selling to avoid ad-hoc rules, or they'll just increase the independence of the subsidiaries so they qualify as independent affiliates etc, or if governments get really draconian they'll go to entirely online selling - not exactly a hard thing for a company like Google. There's no way to make this kind of thing stick, which is why EU law does not work that way.
To be legal and not have to pay taxes in France for those contracts, Google would basically have to close their french offices and get everyone to directly deal with their Irish division
No, what they're doing is entirely legal, though whether they choose to fight this in the courts is an open question. But does France really want Google to shut up shop and leave? The entire point of the EU that France is so enthusiastic about is the common single market, which means anyone in it can sell to anyone from anywhere inside it. If France starts trying to undermine that system they're signing up for a whole world of pain far beyond any tax they could gain from Google.
Well, that's partly because that's how it's worked so far with better nutrition, etc.
Also it's not just about the body. A 140 year old in the body of a 40 year old would still think like a 140 year old person. I mean, ye gods, just imagine! You'd have people whose formative experiences were a century ago potentially still running companies, political parties, or just drawing pensions forever. It sounds like a recipe for either cultural stagnation or bankruptcy.
It may be that our society can scale to having people live 2x their current lifespan, but it'd require some serious adjustments. Like pegging pension ages to life expectancy as the very first step.
These sorts of discussions are nothing new. Debates about how to handle modern cryptography have been running since its invention. The police are judged exclusively by their ability to catch criminals. They are not judged on how eloquently they argue for civil rights. Plus, they are exposed to the pointy end of criminal behaviour and its impact on people every single day, so of course they tend to get frustrated when they can't stop it. They are rarely if ever exposed to the pointy end of government abuses of power, partly because it's often them or their colleagues in the national security state doing it.
All the above has been true ever since the modern concept of a police force was created back in Victorian England. The police ask for more powers so they can catch more criminals. The job of the politicians who can give them that power is to weigh the costs and benefits, and try to ascertain the mood of their voters. Sometimes they say yes and other times they say no.
So just because in Australia the police are asking for more powers does not imply anything is wrong or unusual. The real thing to pay attention to is the final outcome.
The real reason these sorts of discussions cause widespread concern, especially on sites like Slashdot, is not the inherent push/pull compromise-based process of making and enforcing law, but rather trust in the whole process has broken down to such an extent that nobody believes the outcomes will be fair or properly enforced.
I am routinely spammed by fake accounts on Facebook. It happened twice in the last week alone. So far I have never received any spam on WhatsApp, probably because they do phone verification for every user, so a spammer would need to control lots of phone numbers, which is possible but not trivial.
Literally everyone I know uses WhatsApp. Just because it didn't take off in the USA doesn't mean these numbers are wrong. It's pretty rapidly replaced SMS as the global mobile messaging standard. Half a billion users sounds about right to me. If you say there's about a billion people online (very rough), subtract a few hundred million for the USA, and WhatsApp is getting close to but hasn't yet saturated the international market, then half a billion is about where I'd expect them to be.
Facebook do not "farm out" people's private data. Go sign up to be an advertiser and try to obtain people's private data. You can't.
As to the second thing - wat? Do you expect any company that's the target of a class action lawsuit to simply not defend it? Also what's up with this "class action lawsuit brought by its userbase" nonsense? I'm a Facebook user and I never brought a class action suit against anyone. I think you mean, "class action lawsuit brought by lawyers who claim to represent Facebook users".
OTOH, power in the West is rotated between two different bands of crooks (or at least two factions of the same band of crooks).
I think if the Snowden affair has taught us anything, it's that real power in the west is not held by politicians but rather the executive branch (US) and civil service (UK). The bureaucrats appear to be able to do whatever they like, then repeatedly lie about it (USA) or simply refuse to turn up at all (UK) and politicians let them get away with it. What's more, the bureaucracy is now routinely blacklisting and even assassinating people based on no kind of formal process whatsoever, with no democratic oversight, and the people doing it are career government employees who are certainly not elected and in many cases their identities are themselves secret.
For background, in my former job I worked on one of the systems at Google that was compromised by GCHQ (they wrote wire sniffers to decode the login traffic). The root cause of this failure was the incorrect idea that western governments are "good" and the nasty Chinese/Russians/Iranians are "bad" thus internal encryption was only worth the cost when traffic transited wires controlled by "bad guys". But it turned out that they're all bad and the degree of badness appears limited only by their budget, so now Google all wire traffic all the time.
So please get out of this idea that the west is better than Russia. Democracy in the anglosphere has become so weak that lots of people simply refuse to vote at all, or are (at best) single issue voters for things like immigration. Anything national security related is uncontrollable by voting at this point.
Why? In the USA Facebook and Google+ are both run by people who could be described as "oligarchs" with strong ties to the White House.
By the way, if you believe this story is true then you should also believe that Putin's answer to Snowden was correct, given that it says:
Earlier this month, Durov claimed that Russia's intelligence agency, the Federal Security Service (FSB), had pressured him to hand over personal data on VK users involved in anti-government protests in Ukraine. Durov said he refused to do so, though he's gradually ceded control of the company in recent months and has long butted heads with government authorities. Experts have speculated that the Kremlin is looking to tighten its grip over VK and other social networks in the same way it controls print and TV media. Many Russians used VK to organize widespread anti-Putin demonstrations in 2011 and 2012, when thousands took to the streets to protest allegedly rigged elections
i.e. they are/were not able to simply access that data in the same way the USA and UK were slurping internal Google/Facebook db replication traffic right off the wire. In which case Putin's assertion that the FSB doesn't monitor "millions of users" might be correct, though of course the rationale given is highly suspect.
Getting from Hong Kong to Ecuador (or wherever he was going) without flying over any US or allied territory requires strange routes - just go to a flight booking flight and notice that the returned results mostly involve changes in the USA.
Taking such a route was wise - look at how US allies forced down the presidential jet of a LatAm leader just to search for Snowden.
But I'm really not sure why you're arguing with me about this. What happened to Snowden is a matter of public record, it's not something that's up for debate. He got stuck in Russia because the USA revoked his passport and he then wasn't allowed to board his onward flight. But once it became clear that no plane was safe, not even those with diplomatic immunity, if it flew over any US allied territory, he would have been an idiot to leave anyway because that would have been a direct flight into a lifetime of solitary confinement.
Fox News is the last place anyone would turn to learn about abuses of power by the government, especially with anything related to national security. It is however VERY effective at making it look like there's real accountability and competition in governance, by turning everything into a personal popularity contest between two men who are little more than figureheads.
Slashdot Mirror
They pass their information to the military that assassinates them instead. Is this meant to be better?
The idea is you allow people to delegate their votes by topic to other people, who may be experts or may simply delegate again, upwards in a tree. You can change your delegations (sort of like revoting in the election) at any time or simply cast a vote on a particular proposal directly yourself. At initialisation time everyone starts out with their votes for all topics delegated to their local elected representative, so it's backwards compatible.
Usage data is all Google Analytics can be used for. The product literally does not support collection of anything else. What's more, it's not like this is a rare or unusual practice. For instance video games have been collecting telemetry by default for ages now. It helps the studios figure out where they screwed up and made the game too hard, causing players to drop out.
Be careful what you wish for. It looks like Holder is going to actually try and jail some bankers.
However, these banks will not be accused of laundering money for terrorists, except under an extremely flexible definition of "terrorist". Most likely they will be accused of evading sanctions and/or helping naughty Americans avoid tax (let's ignore that some of these Americans had left America). Unfortunately last time the USA went on the war path over sanction-evading banks it turned out that the countries the financial activity was happening in didn't have those sanctions. Another minor detail for the US Govt. Jurisdiction doesn't seem to matter to them.
I do feel like we're entering dangerous new territory with this constant beating up of banks, often under deeply questionable covers. The DoJ and Treasury dept have realised that bankers are so politically weak they can be made to do anything because people automatically assume they're guilty, and just the threat of prosecution under bogus laws can cow them into subservience - which is a problem because by seizing control of the banks they seize control of the people, who cannot do without bank accounts. Hence Operation Choke Point.
Frankly, I do not believe bankers are a part of some cigar smoking Al-Qaeda terrorist conspiracy and I'd rather they were left alone than we go down this path .... it can only lead to even more gross abuses of power than what we've already seen.
The government can disable every firearm at will already, by shooting the people holding them. You are no match for a professional army that's been told you're a terrorist.
EMV prevents you from extracting the private signing key it uses in EMV transactions. EMV chips also contain a copy of the magstripe data on the chip for convenience, but if you can get access to the chip it's 99.9% certain you could also read the magstripe, so that's hardly a big deal.
The chips used in these sorts of cards have proven remarkably robust. Though there have been several exotic protocol attacks on EMV so far there have been (AFAIK) none on the chips themselves.
That's not how it works.
It's up to each individual bank. Most banks won't require you to do a CAP authentication (with the little device) just for credit card purchases. Password with hint at most - banks earn mad fees on card transactions so they don't want you to do less of them. If they need more authentication for very risky transactions, they certainly can do that. Though whether the merchant opts in or not is up to them, it costs merchants more money to support 3D-Secure authentication unfortunately.
CAP is used primarily for wire transfers and logging in to online banking, where the sums involved tend to be higher.
That theory would be great except that the EU has a larger population than the USA and it's not like magstripe cards were exactly rare here, or get harder to drop the longer you have them.
The reason the USA hasn't upgraded is just that there's no willpower to do it in the banking sector. Perhaps because there are so many small banks. It's got nothing to do with being an "early adopter", lol. That's nearly as good as the explanation some poor VISA spokeswoman gave once - the USA doesn't need EMV because it had the internet earlier, and Chip/PIN was mostly useful for offline transactions, which only occur in stone age places like Europe. Hilarious.
Out of a regular PoS that's running Windows, yes. C&P transactions take place entirely between a dedicated piece of hardware and the card itself. Also the card signs a nonce so there's nothing to steal if the hardware is bad beyond the old regular magstripe data which is already stealable.
I guess most people forgot that when Firefox came out, it triggered a tidal wave of complaints from people who loved Mozilla/Seamonkey and hated how Firefox took away their favourite Netscape-era UI knob, or how much they loved Composer. But they had to do it to become relevant and Firefox went on to be very successful. Who knows if it's repeat of the same thing, I suspect this is not, but the original Firefox philosophy boiled down to "screw our existing tiny dying userbase, let's try and chase the IE users".
Right, because Gecko and WebKit never have security vulnerabilities in them.
What makes you think Google is an American company?
Yes, it was founded there. But more than half its employees and more than half its revenues are outside the USA. Looking purely at the numbers as they are today, Google is not an American company.
So what country does "own" Google then? Ireland? No. Most of Google's operations are not in Ireland. France? Certainly not.
Now we see the crux of the problem. Google is in fact a truly trans-national company. It is not obviously located in any one place. It has offices, employees and customers everywhere, and its products are all online where there are no borders.
How do you decide which countries get the biggest slice of the cake? There is no rational way to do it which is why people who design tax systems like the EU designed it to create a deliberate race to the bottom.
There are so many problems with this, where to begin?
Firstly, this is not some spontaneous action by a bunch of bottom rung tax collectors. Politicians in France got elected by promising things the country could not afford and have been desperately searching for things they can tax to raise revenue, or at least be seen to be doing something. Hence 75% tax on the rich, and so on. Wealthy non-French tech companies are of course a juicy target so top politicians in France have been threatening Google with retroactive tax "re-evaluations" for some time. This is 100% a politically motivated action, what's more, it directly contradicts EU law which France signed up for. It's not at all clear that the EU courts would let such an action stand.
But secondly, and more problematically, you are trying to argue that a contract is not signed with the people it's signed with. There's a very simple way to find out who a contract was actually made with - look at who signed it. If these contracts were signed by an Irish company, they're with a company in Ireland and it doesn't matter what language they're written in (seriously, who comes up with this crap, does the French government expect to tax transactions in Canada now?).
Countries that have a beef with salespeople promoting products that are actually sold elsewhere, will either have to get real, or start cracking down on any kind of affiliate network or company that has a mobile salesforce at all. Attempting to redefine where revenue accrues according the job titles of people who worked on the sale is a losing proposition and can never work - either companies will rename the people who are doing the selling to avoid ad-hoc rules, or they'll just increase the independence of the subsidiaries so they qualify as independent affiliates etc, or if governments get really draconian they'll go to entirely online selling - not exactly a hard thing for a company like Google. There's no way to make this kind of thing stick, which is why EU law does not work that way.
No, what they're doing is entirely legal, though whether they choose to fight this in the courts is an open question. But does France really want Google to shut up shop and leave? The entire point of the EU that France is so enthusiastic about is the common single market, which means anyone in it can sell to anyone from anywhere inside it. If France starts trying to undermine that system they're signing up for a whole world of pain far beyond any tax they could gain from Google.
Well, that's partly because that's how it's worked so far with better nutrition, etc.
Also it's not just about the body. A 140 year old in the body of a 40 year old would still think like a 140 year old person. I mean, ye gods, just imagine! You'd have people whose formative experiences were a century ago potentially still running companies, political parties, or just drawing pensions forever. It sounds like a recipe for either cultural stagnation or bankruptcy.
It may be that our society can scale to having people live 2x their current lifespan, but it'd require some serious adjustments. Like pegging pension ages to life expectancy as the very first step.
These sorts of discussions are nothing new. Debates about how to handle modern cryptography have been running since its invention. The police are judged exclusively by their ability to catch criminals. They are not judged on how eloquently they argue for civil rights. Plus, they are exposed to the pointy end of criminal behaviour and its impact on people every single day, so of course they tend to get frustrated when they can't stop it. They are rarely if ever exposed to the pointy end of government abuses of power, partly because it's often them or their colleagues in the national security state doing it.
All the above has been true ever since the modern concept of a police force was created back in Victorian England. The police ask for more powers so they can catch more criminals. The job of the politicians who can give them that power is to weigh the costs and benefits, and try to ascertain the mood of their voters. Sometimes they say yes and other times they say no.
So just because in Australia the police are asking for more powers does not imply anything is wrong or unusual. The real thing to pay attention to is the final outcome.
The real reason these sorts of discussions cause widespread concern, especially on sites like Slashdot, is not the inherent push/pull compromise-based process of making and enforcing law, but rather trust in the whole process has broken down to such an extent that nobody believes the outcomes will be fair or properly enforced.
That's effectively what local loop unbundling does, no?
I am routinely spammed by fake accounts on Facebook. It happened twice in the last week alone. So far I have never received any spam on WhatsApp, probably because they do phone verification for every user, so a spammer would need to control lots of phone numbers, which is possible but not trivial.
Literally everyone I know uses WhatsApp. Just because it didn't take off in the USA doesn't mean these numbers are wrong. It's pretty rapidly replaced SMS as the global mobile messaging standard. Half a billion users sounds about right to me. If you say there's about a billion people online (very rough), subtract a few hundred million for the USA, and WhatsApp is getting close to but hasn't yet saturated the international market, then half a billion is about where I'd expect them to be.
Facebook do not "farm out" people's private data. Go sign up to be an advertiser and try to obtain people's private data. You can't.
As to the second thing - wat? Do you expect any company that's the target of a class action lawsuit to simply not defend it? Also what's up with this "class action lawsuit brought by its userbase" nonsense? I'm a Facebook user and I never brought a class action suit against anyone. I think you mean, "class action lawsuit brought by lawyers who claim to represent Facebook users".
That's a pretty huge unless!
I think if the Snowden affair has taught us anything, it's that real power in the west is not held by politicians but rather the executive branch (US) and civil service (UK). The bureaucrats appear to be able to do whatever they like, then repeatedly lie about it (USA) or simply refuse to turn up at all (UK) and politicians let them get away with it. What's more, the bureaucracy is now routinely blacklisting and even assassinating people based on no kind of formal process whatsoever, with no democratic oversight, and the people doing it are career government employees who are certainly not elected and in many cases their identities are themselves secret.
For background, in my former job I worked on one of the systems at Google that was compromised by GCHQ (they wrote wire sniffers to decode the login traffic). The root cause of this failure was the incorrect idea that western governments are "good" and the nasty Chinese/Russians/Iranians are "bad" thus internal encryption was only worth the cost when traffic transited wires controlled by "bad guys". But it turned out that they're all bad and the degree of badness appears limited only by their budget, so now Google all wire traffic all the time.
So please get out of this idea that the west is better than Russia. Democracy in the anglosphere has become so weak that lots of people simply refuse to vote at all, or are (at best) single issue voters for things like immigration. Anything national security related is uncontrollable by voting at this point.
Why? In the USA Facebook and Google+ are both run by people who could be described as "oligarchs" with strong ties to the White House.
By the way, if you believe this story is true then you should also believe that Putin's answer to Snowden was correct, given that it says:
i.e. they are/were not able to simply access that data in the same way the USA and UK were slurping internal Google/Facebook db replication traffic right off the wire. In which case Putin's assertion that the FSB doesn't monitor "millions of users" might be correct, though of course the rationale given is highly suspect.
Your post does not contradict mine.
Getting from Hong Kong to Ecuador (or wherever he was going) without flying over any US or allied territory requires strange routes - just go to a flight booking flight and notice that the returned results mostly involve changes in the USA.
Taking such a route was wise - look at how US allies forced down the presidential jet of a LatAm leader just to search for Snowden.
But I'm really not sure why you're arguing with me about this. What happened to Snowden is a matter of public record, it's not something that's up for debate. He got stuck in Russia because the USA revoked his passport and he then wasn't allowed to board his onward flight. But once it became clear that no plane was safe, not even those with diplomatic immunity, if it flew over any US allied territory, he would have been an idiot to leave anyway because that would have been a direct flight into a lifetime of solitary confinement.
Fox News is the last place anyone would turn to learn about abuses of power by the government, especially with anything related to national security. It is however VERY effective at making it look like there's real accountability and competition in governance, by turning everything into a personal popularity contest between two men who are little more than figureheads.