For this reason the sane way to implement IPv6 as to do DHCPv6-PD and assign either 0 or 1 IPv6 address on the link interface.
From reading the linked bug report/discussion, it seems the Android team are open to implementing DHCPv6-PD. Their objection is basically to the notion that a lazily run network might use DHCPv6 to try and ensure devices only get a single IP address, thus forcing app/OS developers and users to deal with the crappy flakyness of NAT all over again. They are worried about snatching defeat from the jaws of victory, in other words.
So I think your position is not so incompatible with Google's. Though if/when they plan to support DHCPv6-PD I do not know.
DHCP v6 exists not to coddle or comfort admins used to a v4 world. DHCP v6 was added because v6 will/Never/ be adopted without it. Ever. Full stop. DHCP facilitates two-way communication prior to address assignment and lends flexibility to deployments that are now considered indispensable.
Having waded through the mega-thread with Lorenzo (who I've met by the way and he is a top class guy), this appears to be the nub of the dispute. It's some kind of immovable object/irresistible force situation.
The Android team build what is primarily a consumer product. When they make decisions, they think in terms of what is best for ordinary consumers. They also consider the needs of software developers. Therefore they highly prise qualities like "it just works" and "my apps don't break" and "I can tether without restriction". From this perspective as far as I can tell, Lorenzo's position is 100% correct. The founding vision of IPv6 was that you should always have as many addresses as you need for whatever purpose, and we should never need bizarre technical hacks to work around a lack of addresses ever again.
The network admins on that thread are building what they perceive as a 'take it or leave it' service, often, provided to a captive audience like a university campus or enterprise. Therefore they highly value qualities like "I can satisfy the legal department" and "I can use my existing hardware that only supports feature X" and "I can block tethering to my network to implement some security policy". They care relatively little about user or developer experience, as evidence by the number of comments on the thread of the form "If we can't get our way we'll just ban all Android devices" or "The device should tell the user that 464xlat is unavailable and let apps break" or "the device should tell the user that tethering is forbidden". They care little about application reliability or complexity as long as they can tick some boxes at the end of the day and satisfy various policies. From their perspective Android is just making their jobs harder and Lorenzo is therefore being mind-numbingly unreasonable.
This situation is somewhat confused and hard to distill because there seem to be multiple different things being discussed on the same thread, e.g. DHCPv6 PD which is apparently unrelated to address allocation.
Now, frankly, having read and understood many of these comments, I find myself siding (weakly) with Lorenzo, and not just because I know him. As an Android user and an app developer, my priorities are more closely aligned with that of the Android team. I do not wish to experience apps breaking or "tethering denied" messages in future due to some lawyer buttcovering that was translated into a network setup with the absolute minimum of effort by a monopolist IT department. If that means I fall back to IPv4 for a while instead, well, so be it. If that means my phone cannot reach the small number of IPv6 only networks when connected to some random university campus, OK, I'll use my LTE connection. And then I'll complain to the IT office and tell them "just buy an iPhone" is not an acceptable answer, so they had better get on it and allow my device to grab as many devices as it wants without having to go through a DHCPv6 server. Just like my home and mobile ISPs do. And if that means they have to do more work to satisfy the next BSA audit - well, that's why they get paid the big bucks.
Even recent history is littered with examples of the biggest military machine on the planet (and it's cronies) having much more trouble with "inferior" forces than they should.
Define "trouble"? Recent history is littered with examples of the US military immediately and utterly crushing the armies and rebel groups in any country they invade. The rabble that remain and try to resist occupation cannot inflict any conventional military damage, which is why they resort of extreme tactics like suicide bombings. Tactics that don't work, but between soldiers, drones, warplanes, and NSA surveillance they have no better ideas that might work.
Likewise, the chances of any US citizens successfully engaging in armed resistance against the US government is zero. Here's what would happen:
1) If you decide to take your gun and resist oppression alone you will be gunned down within minutes or seconds, reported in the press as having mental health problems and everyone will have forgotten your name within a couple of days
2) If you try to find other like minding people and raise a resistance group the FBI and/or NSA will learn of your plot before it happens, and you will be arrested before you have any chance to make real progress with your plan. You will be charged with domestic extremism, terrorism, or some variant thereof, and disappear for the rest of your adult life into a Supermax.
In no situation does having a gun allow you to resist even very petty government corruption or abuse. You simply stand no chance at all, you will always lose. The only way to seriously change a government is through the ballot box, which is why every country except the USA doesn't pretend an armed populace has anything to do with freedom.
I am sure that if one were to carefully analyze the situation, some of the deaths caused by the police are due to the fact that Americans are more likely to be armed. But I do not believe that is the exclusive or even majority cause of so much violence by our police.
Why not, though? In the UK virtually all police are unarmed. It's very hard to get shot by the police due to a misunderstanding or otherwise. In the USA all police are armed and there has been a steady stream of stories, videos and even civil unrest triggered by on-the-spot police executions.
Those things aren't happening because someone might be carrying a gun.
Then why are they happening and why do the statistics suggest levels of police violence in the USA are wildly different to otherwise very similar countries?
I know ownership of weapons in America is a highly contentious topic so I fully expect to get modded down aggressively for this post. I want to try out the argument anyway. Please humour me.
Let us imagine two different countries: Macroland and Microland. The governments of the two countries are mostly similar, with two notable exceptions.
The government of Macroland punishes resistance to its rule heavily. It jails approximately 0.7% of its population. Its enforcement troops kill about 60 of its own people each month.
The government of Microland is dramatically less aggressive. It jails only 0.1% of its population, but more importantly, it virtually never kills its own citizens no matter what they did or how strongly they resist the government's rule. It took Microland about a quarter of a century to kill as many people as Macroland did in just one month.
Which country has the most oppressed people? Microland or Macroland?
I think most reasonable people would say that the citizens of the country that kills them the most often are the most heavily oppressed. After all, what's the basic power that lies behind abusive government oppression? What's the basic mechanism governments use to remove people's freedoms? It's violence. The country that dishes out the most against its own people would seem to be the most oppressive.
You have, of course, already figured out that the statistics given above are real. Macroland is the USA. Microland is (just for comparison) the United Kingdom.
Americans have the US Constitution and it is a mighty document. The Constitution has always been a vital part of protecting the freedoms of ordinary Americans from overreach by government. Yet the Constitution is flawed in one terribly dramatic way. By allowing and even encouraging a heavily armed society, it fails to strike any blows for freedom - as police have always had and always will have better access to top grade weaponry and armour. The chances of ordinary US citizens successfully mounting an armed uprising against the government is zero. And yet it simultaneously gives those same police a cast iron excuse for arming themselves to the teeth, as they are expected to enforce the law against an exceptionally dangerous population.
The result is that whilst Americans and British people have very little differences in their levels of freedom, they have enormous differences in their chances of being executed by their own governments..... or by random mental patients.
I am British and I would like to see the UK adopt a US-style constitution. But not if it included a copy of the second amendment. Real data from today's world seems to suggest it makes no real difference to freedom but does make the world a vastly more dangerous place.
The problem with articles like this one is that they tend to under-represent the benefits of static analysis. Products like PVS-Studio are designed to work with C++ and because they have to run in a big compile job, they get run in batch at the end of each day.
This is a problem because (a) C++ is very hard to statically analyse so performance is often poor and (b) the most critical time when you need/want static analysis feedback is when you're actually writing the code itself.
So let me insert a plug here for IntelliJ IDEA by JetBrains. Up until I used this (free, open source) program I didn't really appreciate static analysis. I mean, I appreciated it in a theoretical way, but my experience was that running it tends to generate thousands of spurious warnings that rarely reveal serious bugs. But that was because by the time the analysis got to run it was on code that had long since crashed in production, been debugged, unit tested, etc. So there was little meat left to harvest.
IntelliJ has a thing called the Inspector, which runs constantly in the background on spare CPU cores. It scans for hundreds of different kinds of bugs and when it spots one it highlights the bogus code in yellow, right in the editor. What impressed me most about this is that often the editor can highlight very complex bugs within seconds of you writing them, long before any time has been spent on unit testing or in a debugger. It can do this partly because the languages the inspector supports (things like Java, Kotlin, Scala etc) are much easier to parse and analyse than C++. You don't need to invoke a full blown compiler. Also the use of annotations to give the analysers more information is widespread.
But the best thing about IntelliJ is that when it does find a bug (and it frequently does), you can just press a hotkey and get a menu that lets you either suppress the warning....... or automatically fix it, right there in the editor! So not only does IntelliJ find brainfarts like writing an if statement that will always yield true, but it can do it in real time and then it can often even fix it for you! This video I recorded a while ago shows a few seconds of this feature in action.
holding someone liable for refusing to take down illegal speech hosted by them is not a free speech violation
That's rather a contradiction in terms, isn't it. Refusing to take down illegal speech is not a free speech violation. How can you have both free speech and illegal speech simultaneously?
I think this case sums up one of the most glaring problems with the ECHR which is obvious the moment you read the document they are interpreting. This list of rights is nothing like the American Bill of Rights. The BoR is quite specific, clear and the rights are fairly tightly defined, arguments about the meaning of "well regulated militias" notwithstanding.
The European equivalent (and I say this as a European) is a complete clusterfuck. It lists many rights that directly contradict each other, with no way to prioritise between them. Every "right" has exceptions. It is written so vaguely that anyone could reach any conclusion at all based on it. The fact that nobody knew about this so-called right to be forgotten before it was "found" in the text by a court ruling is indicative of the deep-rooted problems with the document. It's a design-by-committee wishlist written by people with no strong principles.
For instance Article 2 supposedly grants a right to life. It says governments may not engage in "unlawful killing". Except suppressing insurrections by killing the rebels is explicitly allowed. And lawful executions were also totally OK, meaning of course the entire article disappeared into a puff of contradiction as any execution at all could be considered lawful if the government so wished it. Eventually the absurdity of that one became too much even for the ECHR and there was a "protocol" passed (sort of like an amendment) that barred the death penalty. Of course, this article does not stop ECHR members from going to war either.
Article 4 forbids slavery and forced labour. Unless you're a prisoner. Or it's the draft. Or unless it's a part of your "civic duties".
Article 8 gives the famous right to privacy...
except such as is in accordance with the law and is necessary in a democratic society in the interests of national security, public safety or the economic well-being of the country, for the prevention of disorder or crime, for the protection of health or morals, or for the protection of the rights and freedoms of others
In other words you get a right to privacy unless someone deems it inconvenient for almost any purpose. This article is such a joke it may as well not exist.
But article 10 is the best. The First Amendment and it's interpretation by the US Supreme Court is quite clear: freedom of speech and freedom of the press are highly protected. Article 10 in the European equivalent says:
Everyone has the right to freedom of expression. This right shall include freedom to hold opinions and to receive and impart information and ideas without interference by public authority and regardless of frontiers. This article shall not prevent States from requiring the licensing of broadcasting, television or cinema enterprises.
LOL! But it gets worse:
The exercise of these freedoms, since it carries with it duties and responsibilities, may be subject to such formalities, conditions, restrictions or penalties as are prescribed by law and are necessary in a democratic society, in the interests of national security, territorial integrity or public safety, for the prevention of disorder or crime, for the protection of health or morals, for the protection of the reputation or rights of others, for preventing the disclosure of information received in confidence, or for maintaining the authority and impartiality of the judiciary.
So freedom of speech can be subject to penalties if they "are necessary in a democratic society" for example "for the protection of morals". Oh yes, exposing state secret
The European Court of Human Rights is not actually an EU institution, regardless of the similarities in naming. It's more like a court that countries submit to voluntarily. I saw quite an interesting presentation about it from some human rights lawyers a year or two ago. Apparently it does some good work, especially in addressing more run-of-the-mill rights violations in former Soviet bloc countries.
Regardless, this is now the second time that some EU court has fucked up extremely basic internet related rulings. First there was the idiotic "right to be forgotten" ruling that makes it effectively impossible for anyone to make a search engine unless they have a vast human army of lawyers and money for lawsuits. Now they want to make websites responsible for everyone who comments on them? Like someone who runs a party should be responsible for anything anyone says whilst there?
It's quite clear that the judges at this place must either be interpreting extremely vague and piss poor laws, or have never used the internet, or both.
At the moment the Tory government in the UK is wanting to pull out of the ECHR, partly because it keeps blocking deportation of various 'undesirables' on the grounds of their right to a family life. They want to replace it with a British-specific bill of human rights. I don't really trust the Tories on this matter, their track record of upholding civil liberties is pretty terrible lately, but every time the ECHR produces a disastrous ruling like this I think - you know, maybe there's something in it.
How about sons outed as gay to their parents by their browsing history being used to target advertisements to the same IP address?
Citation needed. No ad network I know of targets anything by IP address, exactly because they are so often shared.
I know I've also heard of one pregnant girl outed in the same way.
Prove it. Then go ahead and explain why the fix for this is Belgium and not, say, user profiles on the computer in question.
It's not some nebulous thing that should require victim lawsuits before anything is done.
It's extremely nebulous, poorly defined and yes - generally we would hope to see actual victims before punishing someone for a so far quite literally victimless crime.
Straw man - I didn't say financial harm. I said ANY meaningful kind of harm. Embarrassment, family problems, whatever.
There have been a bunch of blowups like this over the years. The worst "harm" that anyone has been able to demonstrate was that some people, somewhere (who are nameless as none of them filed any complaints) might have seen a better targeted advert.
Don't these privacy regulators have anything else to do? Where is their input in the Snowden affair, for example? Suspiciously missing in action.
Here's a good place to start when evaluating the utility of these investigations: a list of people who have been objectively harmed in some way by the alleged action. Can't find anyone who has been harmed by Facebook's actions in an entire countries worth of people? Then maybe that suggests the taxpayer money is better spent elsewhere.
It was all over the British press. The BBC did run it but yes, they showed a great deal more skepticism and quoted other skeptical people. The BBC gets ragged on a lot but I tend to find it's still a lot more obviously neutral than newspapers are.
There is a simple web based IDE that you can use to experiment and learn the language at try.kotlinlang.org. For me it seems there's a layout issue with Chrome right now, but it works fine in Safari.
Is Swift suitable for writing applications for all? If not, developers would be writing for a limited, albeit popular platform, but limited to a certain subset nonetheless.
No, it's Apple specific. However that's OK because there's a language which is much like Swift, except it runs on pretty much every device you might have.
That language is new. It's called Kotlin, and it is from JetBrains, the makers of the highly popular IntelliJ series of IDEs (+ WebStorm, PHPStorm, RubyMine, PyCharm etc).
Kotlin targets the JVM and JavaScript. It interops perfectly with Java. That means code written in it runs on Windows, Mac, Linux and Android. Additionally, via the RoboVM project, JVM bytecode can be compiled to native ARM iOS/OSX binaries. There is no JIT compiler. RoboVM provides bindings to all Objective-C APIs on iOS so you can build native UIs and access all the same functionality as a native app. Programs written this way are on the app store, so Apple is cool with the technique.
Kotlin has a clean, concise syntax and many modern features that match those in Swift. For example it has nullability/optionality integrated with the type system. It has Markdown comments. It has extension functions. It has some support for pattern matching. It has named parameters. It has the ability to define "data classes" that have easy immutability, content equality, hashcodes, serialization etc all in a single line of code. It has type inference and compile-time inlined lambdas, so you can do high performance functional programming with it. It has features to support complex DSLs. It has a full IDE with many built in refactorings, online static analysis, and via the JVM it has high quality CPU/memory profilers and debugging support.
In short, programming with Kotlin is much like programming with Swift, except you have better tools, an IDE at least as strong as Xcode and in my experience stronger, and you can write apps with it that are indistinguishable from native iOS and Android apps.
google really throws a hissy fit when I send email from my home (on a vpn) using imap. mostly they grey list me and time me out. but this anti-vpn concept annoys me. I don't believe it rejects fraud.
It does reject fraud. I know this because I designed the system at Google that is rejecting your logins, back when I worked there. There's a blog post about the system here. Obviously location (actually: geographical coordinates) are not the only thing that is used, it's just a signal that's carefully blended with others.
The main reason location works as a useful anti-fraud signal is that the datasets that hackers are working off are very sparse. Normally only usernames and passwords. So they don't know where in the world you live, meaning that they have to guess. It's almost like a second password. And mostly their guess will be wrong, leading to an ID verification check.
Now if you use VPNs or Tor or whatever that actually move you around the world constantly, then you're in a tiny minority of people that this heuristic doesn't work for. That's not so great. But here's a tip - if you enable 2-step verification on your Google account and then give your IMAP client an "app specific password" you shouldn't see rejected logins anymore, as is documented in the Google support pages. If your IMAP client knows how to use OAuth to log in, that would also work, but most don't.
They didn't just "have" her number, it was on a list of numbers being tapped.
Also, the US admitted it and then said they weren't doing it anymore. That's kind of odd - normally a public admission backed by documentary evidence would be sufficient for a criminal prosecution, no? Certainly it often happens with less (like almost any rape case).
Sounds more like the powers that be didn't want to disturb the intelligence agencies cosy little setup. And let's face it, the BND were not exactly going to co-operate with any investigation.
What if the claim that the files have been decrypted is false?
That's almost certainly the case. The story reeks of propaganda. For instance, the claim that the UK has some kind of large Russian spy network is rather contradicted by the fact that they only recently started recruiting Russian speakers. Pretty hard to get intel from a country where you don't have any staff that speak the language.
The notion that a "cache of documents" was cracked also sounds like nonsense. None of the Snowden documents have dealt with human intelligence ("HUMINT" as they call it). We're being asked to believe that there's hugely detailed info about British spies in what Snowden leaked, yet, no mention of documents from MI6 has been made up until now? Not even alluded to?
And the Russians and Chinese, working independently, both managed to crack this cache... at the same time?
And none of the spies that were found after this calamitous event were arrested or deported? Not a single one? Even though when Russian spies were found in the USA they were turned into a media circus and then put in front of a judge?
No way. None of the things we're being asked to believe make even a shred of sense. There's a far, far more plausible explanation that does fit the facts: British intelligence was far, far more reliant on SIGINT for insight into Russia and China than they wanted their bosses to believe. MI6, in particular, is stretched to the limit. We know that they routinely cancel surveillance of people they believe might be dangerous jihadis because they don't have the resources to continue. Lacking Russian language speakers, lacking any real motivation to spy on Russia until very recently, you can see how they might have become super reliant on the very fragile techniques used by GCHQ. Now I absolutely do believe that foreign governments became harder to spy on as a result of Snowden, but this terrible disaster that has afflicted UK intelligence is much more likely to be the result of foreign embassies upgrading their VPNs to non-weak Diffie-Hellman, than the result of moving agents who may or may not even exist.
There won't be any evidence offered, because this event is almost certainly a work of fiction. A careful reading of the articles and simply thinking things through will reveal colossal, gaping holes in the story the British government is peddling.
Firstly: we know beyond doubt that this story is at least partly fictional. We know this because the anonymous government sources (i.e. civil service officials) keep contradicting each other. We see for example this quote in the Independent, "However, despite a senior government official was quoted by the paper as saying that Snowden had "blood on his hands", Downing Street confirmed that there was “no evidence of anyone being harmed” as a result of his leaks". Different versions of the same story contradicting each other is a good sign that what we're being fed is a story: things always grow in the telling, especially when we're hearing a third or fourth hand account of what happened. The way US officials contradicted each other in the wake of the bin Laden assassination is a good example of that.
Secondly: this story asks us believe several extraordinary and completely implausible things.
In the UK foreign spying with people is the mandate of MI6, a separate agency to GCHQ, which handles signals intelligence only. It's like the split between the CIA and the NSA. Yet in several years of Snowden reporting there has never been any mention of documents from MI6. There has in fact only been a single mention of MI6 in the GCHQ/NSA documents, and that was a joint presentation about spying on climate change conferences! So the UK government is asking us to believe that journalists like Greenwald (who hates the UK because of the holding of his partner at Heathrow) would have a large cache of documents from an entirely separate agency and yet find nothing newsworthy in them at all..... indeed, apparently MI6 is so boring that the existence of such documents isn't even worth mentioning? Apparently the UK has never done anything even embarrassing in many years of engaging in foreign HUMINT? That stretches the bounds of credulity beyond breaking point.
But it goes on. We are asked to swallow a second utterly ridiculous idea. Apparently the Russians and Chinese suddenly got access to a wealth of information on British spies, information so detailed it allowed them to be targeted:
The newspaper quoted a senior Home Office source as saying: “Putin didn't give him asylum for nothing. His documents were encrypted but they weren't completely secure and we have now seen our agents and assets being targeted.”
What normally happens when spies are caught? Well, they are normally arrested and tried, or at minimum thrown out of the country. Yet Downing Street is telling us that there was "no evidence of anyone being harmed". In short, we're being asked to believe that Russian and Chinese counter-intelligence suddenly found themselves with information so detailed that it amounts to a brain-dump of MI6, including lists of foreign agents...... yet they walked away from the biggest gift in counter-intel history with nothing at all. Not a single arrest, not a single trial.
That the KGB and Chinese counter-intelligence are so incompetent defies belief - indeed, it is literally unbelievable.
There's a third totally implausible thing about this story. It asks us to believe that there is a cache of encrypted Snowden documents out there.... somewhere..... and the Russians/Chinese were both able to obtain this cache, yet they could not obtain the accompanying password. So where did this cache come from? Again, the civil service is asking us to believe something utterly stupid: "Putin didn't give him a
If you can't beat them, destroy their revenue stream. It's the same reason Google released free online office software to combat Microsoft and why Android is free. It's just good business sense.
That analogy is really poor - Google Apps is only free for personal use. Corporates pay for it. And Android is free because they wanted to help unify the mobile OS space, and knew that doing an open source OS was one way to do that.
With this strategy Apple are trying to destroy the revenue stream not only of Google, but of lots of companies that don't compete with them and have nothing to do with them. In fact advertising is the revenue model of most of the web, ignoring a handful of paywalled newspapers and other services. If this is Apple's way to try and "compete" with Google, then it's a scorched earth policy that says they don't care how many enemies they make along the way. And it's not about making a better or cheaper product, like how Android competes with iOS, it's about using existing market share to quietly interfere with other people's businesses.
This is far closer to Microsoft strategies than Google's. It's only "good business sense" if you've confused legitimate capitalist competition with destroying your competitors via any means possible.
I thought that at first too. But if you read the reports more closely it strongly suggests this is Israeli intelligence, not NSA.
One strong indicator of this is that Kaspersky already found and analysed the current-gen NSA malware platform, they call the NSA the "Equation Group" and the things linking it to the NSA are extremely strong, to the extent that known NSA codenames are found in the binaries. However they also say that they found at least one victim that was hacked by NSA and "Duqu 2" simultaneously. It wouldn't really make sense for the NSA to have two entirely duplicative/redundant malware development projects over such a long period of time.
Additionally, various other things suggest Israeli intelligence, like timestamps and working hours indicative of Israel and the fact that one of the victims was linked to some anniversary of the liberation of Auschwitz.
The people from Kaspersky posited the idea that Duqu has no value to the people who wrote it - likely because by the time they attacked Kaspersky, they had already infected the people they were really after and could safely throw it away.
I believe Israeli intelligence has a big budget for hacking. But not that big. Duqu 2 seems to have over 100 plugins. They burned three zero days on this attack. Much of the code is clearly an evolution of Duqu 1.0 which was being used years ago.
It seems obvious that each intelligence agency has developed its own malware platform over a period of many years and these things must represent large investments for them. To simply throw it away by attacking Kaspersky makes no sense.
Occam's Razor says pick the simplest theory. We know from the Stuxnet leaks that the Israeli's fucked up and made Stuxnet way too aggressive, that's why it spread way outside its intended victims. We know Israel is an astonishingly aggressive country that thanks to the US protection it gets, sees itself as being able to do whatever it likes. The simplest explanation is that they got cocky and thought they could beat Kaspersky. Perhaps they had beaten Kaspersky: the report notably doesn't give many details about when they think they got attacked. They might have been compromised for a long time already. Regardless, eventually they lost, and now any company that uses Kaspersky AV is probably able to detect the Israeli malware platform. Unless they have a limitless supply of kernel exploits, eventually they will not be able to patch the AV driver's brains out and their platform will start getting detected.
The report says that at least one victim has been targeted by Equation Group (NSA) and Duqu simultaneously. The targeting of something related to a WW2 anniversary also strongly suggests Israel.
Slashdot Mirror
Probably would have prevented Satoshi being anonymous when he launched bitcoin.org, and thus might have led to Bitcoin never existing at all.
From reading the linked bug report/discussion, it seems the Android team are open to implementing DHCPv6-PD. Their objection is basically to the notion that a lazily run network might use DHCPv6 to try and ensure devices only get a single IP address, thus forcing app/OS developers and users to deal with the crappy flakyness of NAT all over again. They are worried about snatching defeat from the jaws of victory, in other words.
So I think your position is not so incompatible with Google's. Though if/when they plan to support DHCPv6-PD I do not know.
Having waded through the mega-thread with Lorenzo (who I've met by the way and he is a top class guy), this appears to be the nub of the dispute. It's some kind of immovable object/irresistible force situation.
The Android team build what is primarily a consumer product. When they make decisions, they think in terms of what is best for ordinary consumers. They also consider the needs of software developers. Therefore they highly prise qualities like "it just works" and "my apps don't break" and "I can tether without restriction". From this perspective as far as I can tell, Lorenzo's position is 100% correct. The founding vision of IPv6 was that you should always have as many addresses as you need for whatever purpose, and we should never need bizarre technical hacks to work around a lack of addresses ever again.
The network admins on that thread are building what they perceive as a 'take it or leave it' service, often, provided to a captive audience like a university campus or enterprise. Therefore they highly value qualities like "I can satisfy the legal department" and "I can use my existing hardware that only supports feature X" and "I can block tethering to my network to implement some security policy". They care relatively little about user or developer experience, as evidence by the number of comments on the thread of the form "If we can't get our way we'll just ban all Android devices" or "The device should tell the user that 464xlat is unavailable and let apps break" or "the device should tell the user that tethering is forbidden". They care little about application reliability or complexity as long as they can tick some boxes at the end of the day and satisfy various policies. From their perspective Android is just making their jobs harder and Lorenzo is therefore being mind-numbingly unreasonable.
This situation is somewhat confused and hard to distill because there seem to be multiple different things being discussed on the same thread, e.g. DHCPv6 PD which is apparently unrelated to address allocation.
Now, frankly, having read and understood many of these comments, I find myself siding (weakly) with Lorenzo, and not just because I know him. As an Android user and an app developer, my priorities are more closely aligned with that of the Android team. I do not wish to experience apps breaking or "tethering denied" messages in future due to some lawyer buttcovering that was translated into a network setup with the absolute minimum of effort by a monopolist IT department. If that means I fall back to IPv4 for a while instead, well, so be it. If that means my phone cannot reach the small number of IPv6 only networks when connected to some random university campus, OK, I'll use my LTE connection. And then I'll complain to the IT office and tell them "just buy an iPhone" is not an acceptable answer, so they had better get on it and allow my device to grab as many devices as it wants without having to go through a DHCPv6 server. Just like my home and mobile ISPs do. And if that means they have to do more work to satisfy the next BSA audit - well, that's why they get paid the big bucks.
Define "trouble"? Recent history is littered with examples of the US military immediately and utterly crushing the armies and rebel groups in any country they invade. The rabble that remain and try to resist occupation cannot inflict any conventional military damage, which is why they resort of extreme tactics like suicide bombings. Tactics that don't work, but between soldiers, drones, warplanes, and NSA surveillance they have no better ideas that might work.
Likewise, the chances of any US citizens successfully engaging in armed resistance against the US government is zero. Here's what would happen:
1) If you decide to take your gun and resist oppression alone you will be gunned down within minutes or seconds, reported in the press as having mental health problems and everyone will have forgotten your name within a couple of days
2) If you try to find other like minding people and raise a resistance group the FBI and/or NSA will learn of your plot before it happens, and you will be arrested before you have any chance to make real progress with your plan. You will be charged with domestic extremism, terrorism, or some variant thereof, and disappear for the rest of your adult life into a Supermax.
In no situation does having a gun allow you to resist even very petty government corruption or abuse. You simply stand no chance at all, you will always lose. The only way to seriously change a government is through the ballot box, which is why every country except the USA doesn't pretend an armed populace has anything to do with freedom.
Thankyou for your polite reply.
Why not, though? In the UK virtually all police are unarmed. It's very hard to get shot by the police due to a misunderstanding or otherwise. In the USA all police are armed and there has been a steady stream of stories, videos and even civil unrest triggered by on-the-spot police executions.
Then why are they happening and why do the statistics suggest levels of police violence in the USA are wildly different to otherwise very similar countries?
I know ownership of weapons in America is a highly contentious topic so I fully expect to get modded down aggressively for this post. I want to try out the argument anyway. Please humour me.
Let us imagine two different countries: Macroland and Microland. The governments of the two countries are mostly similar, with two notable exceptions.
The government of Macroland punishes resistance to its rule heavily. It jails approximately 0.7% of its population. Its enforcement troops kill about 60 of its own people each month.
The government of Microland is dramatically less aggressive. It jails only 0.1% of its population, but more importantly, it virtually never kills its own citizens no matter what they did or how strongly they resist the government's rule. It took Microland about a quarter of a century to kill as many people as Macroland did in just one month.
Which country has the most oppressed people? Microland or Macroland?
I think most reasonable people would say that the citizens of the country that kills them the most often are the most heavily oppressed. After all, what's the basic power that lies behind abusive government oppression? What's the basic mechanism governments use to remove people's freedoms? It's violence. The country that dishes out the most against its own people would seem to be the most oppressive.
You have, of course, already figured out that the statistics given above are real. Macroland is the USA. Microland is (just for comparison) the United Kingdom.
Americans have the US Constitution and it is a mighty document. The Constitution has always been a vital part of protecting the freedoms of ordinary Americans from overreach by government. Yet the Constitution is flawed in one terribly dramatic way. By allowing and even encouraging a heavily armed society, it fails to strike any blows for freedom - as police have always had and always will have better access to top grade weaponry and armour. The chances of ordinary US citizens successfully mounting an armed uprising against the government is zero. And yet it simultaneously gives those same police a cast iron excuse for arming themselves to the teeth, as they are expected to enforce the law against an exceptionally dangerous population.
The result is that whilst Americans and British people have very little differences in their levels of freedom, they have enormous differences in their chances of being executed by their own governments ..... or by random mental patients.
I am British and I would like to see the UK adopt a US-style constitution. But not if it included a copy of the second amendment. Real data from today's world seems to suggest it makes no real difference to freedom but does make the world a vastly more dangerous place.
Free/illegal speech is about government restrictions, not restrictions on speech in private forums.
The ruling is now established for all similar cases, no?
The problem with articles like this one is that they tend to under-represent the benefits of static analysis. Products like PVS-Studio are designed to work with C++ and because they have to run in a big compile job, they get run in batch at the end of each day.
This is a problem because (a) C++ is very hard to statically analyse so performance is often poor and (b) the most critical time when you need/want static analysis feedback is when you're actually writing the code itself.
So let me insert a plug here for IntelliJ IDEA by JetBrains. Up until I used this (free, open source) program I didn't really appreciate static analysis. I mean, I appreciated it in a theoretical way, but my experience was that running it tends to generate thousands of spurious warnings that rarely reveal serious bugs. But that was because by the time the analysis got to run it was on code that had long since crashed in production, been debugged, unit tested, etc. So there was little meat left to harvest.
IntelliJ has a thing called the Inspector, which runs constantly in the background on spare CPU cores. It scans for hundreds of different kinds of bugs and when it spots one it highlights the bogus code in yellow, right in the editor. What impressed me most about this is that often the editor can highlight very complex bugs within seconds of you writing them, long before any time has been spent on unit testing or in a debugger. It can do this partly because the languages the inspector supports (things like Java, Kotlin, Scala etc) are much easier to parse and analyse than C++. You don't need to invoke a full blown compiler. Also the use of annotations to give the analysers more information is widespread.
But the best thing about IntelliJ is that when it does find a bug (and it frequently does), you can just press a hotkey and get a menu that lets you either suppress the warning ....... or automatically fix it, right there in the editor! So not only does IntelliJ find brainfarts like writing an if statement that will always yield true, but it can do it in real time and then it can often even fix it for you! This video I recorded a while ago shows a few seconds of this feature in action.
That's rather a contradiction in terms, isn't it. Refusing to take down illegal speech is not a free speech violation. How can you have both free speech and illegal speech simultaneously?
I think this case sums up one of the most glaring problems with the ECHR which is obvious the moment you read the document they are interpreting. This list of rights is nothing like the American Bill of Rights. The BoR is quite specific, clear and the rights are fairly tightly defined, arguments about the meaning of "well regulated militias" notwithstanding.
The European equivalent (and I say this as a European) is a complete clusterfuck. It lists many rights that directly contradict each other, with no way to prioritise between them. Every "right" has exceptions. It is written so vaguely that anyone could reach any conclusion at all based on it. The fact that nobody knew about this so-called right to be forgotten before it was "found" in the text by a court ruling is indicative of the deep-rooted problems with the document. It's a design-by-committee wishlist written by people with no strong principles.
For instance Article 2 supposedly grants a right to life. It says governments may not engage in "unlawful killing". Except suppressing insurrections by killing the rebels is explicitly allowed. And lawful executions were also totally OK, meaning of course the entire article disappeared into a puff of contradiction as any execution at all could be considered lawful if the government so wished it. Eventually the absurdity of that one became too much even for the ECHR and there was a "protocol" passed (sort of like an amendment) that barred the death penalty. Of course, this article does not stop ECHR members from going to war either.
Article 4 forbids slavery and forced labour. Unless you're a prisoner. Or it's the draft. Or unless it's a part of your "civic duties".
Article 8 gives the famous right to privacy ...
In other words you get a right to privacy unless someone deems it inconvenient for almost any purpose. This article is such a joke it may as well not exist.
But article 10 is the best. The First Amendment and it's interpretation by the US Supreme Court is quite clear: freedom of speech and freedom of the press are highly protected. Article 10 in the European equivalent says:
LOL! But it gets worse:
So freedom of speech can be subject to penalties if they "are necessary in a democratic society" for example "for the protection of morals". Oh yes, exposing state secret
The European Court of Human Rights is not actually an EU institution, regardless of the similarities in naming. It's more like a court that countries submit to
voluntarily. I saw quite an interesting presentation about it from some human rights lawyers a year or two ago. Apparently it does some good work, especially in addressing more run-of-the-mill rights violations in former Soviet bloc countries.
Regardless, this is now the second time that some EU court has fucked up extremely basic internet related rulings. First there was the idiotic "right to be forgotten" ruling that makes it effectively impossible for anyone to make a search engine unless they have a vast human army of lawyers and money for lawsuits. Now they want to make websites responsible for everyone who comments on them? Like someone who runs a party should be responsible for anything anyone says whilst there?
It's quite clear that the judges at this place must either be interpreting extremely vague and piss poor laws, or have never used the internet, or both.
At the moment the Tory government in the UK is wanting to pull out of the ECHR, partly because it keeps blocking deportation of various 'undesirables' on the grounds of their right to a family life. They want to replace it with a British-specific bill of human rights. I don't really trust the Tories on this matter, their track record of upholding civil liberties is pretty terrible lately, but every time the ECHR produces a disastrous ruling like this I think - you know, maybe there's something in it.
Citation needed. No ad network I know of targets anything by IP address, exactly because they are so often shared.
Prove it. Then go ahead and explain why the fix for this is Belgium and not, say, user profiles on the computer in question.
It's extremely nebulous, poorly defined and yes - generally we would hope to see actual victims before punishing someone for a so far quite literally victimless crime.
Straw man - I didn't say financial harm. I said ANY meaningful kind of harm. Embarrassment, family problems, whatever.
There have been a bunch of blowups like this over the years. The worst "harm" that anyone has been able to demonstrate was that some people, somewhere (who are nameless as none of them filed any complaints) might have seen a better targeted advert.
No, not yay for Belgium.
Don't these privacy regulators have anything else to do? Where is their input in the Snowden affair, for example? Suspiciously missing in action.
Here's a good place to start when evaluating the utility of these investigations: a list of people who have been objectively harmed in some way by the alleged action. Can't find anyone who has been harmed by Facebook's actions in an entire countries worth of people? Then maybe that suggests the taxpayer money is better spent elsewhere.
It was all over the British press. The BBC did run it but yes, they showed a great deal more skepticism and quoted other skeptical people. The BBC gets ragged on a lot but I tend to find it's still a lot more obviously neutral than newspapers are.
Oops, I forgot something important.
There is a simple web based IDE that you can use to experiment and learn the language at try.kotlinlang.org. For me it seems there's a layout issue with Chrome right now, but it works fine in Safari.
No, it's Apple specific. However that's OK because there's a language which is much like Swift, except it runs on pretty much every device you might have.
That language is new. It's called Kotlin, and it is from JetBrains, the makers of the highly popular IntelliJ series of IDEs (+ WebStorm, PHPStorm, RubyMine, PyCharm etc).
Kotlin targets the JVM and JavaScript. It interops perfectly with Java. That means code written in it runs on Windows, Mac, Linux and Android. Additionally, via the RoboVM project, JVM bytecode can be compiled to native ARM iOS/OSX binaries. There is no JIT compiler. RoboVM provides bindings to all Objective-C APIs on iOS so you can build native UIs and access all the same functionality as a native app. Programs written this way are on the app store, so Apple is cool with the technique.
Kotlin has a clean, concise syntax and many modern features that match those in Swift. For example it has nullability/optionality integrated with the type system. It has Markdown comments. It has extension functions. It has some support for pattern matching. It has named parameters. It has the ability to define "data classes" that have easy immutability, content equality, hashcodes, serialization etc all in a single line of code. It has type inference and compile-time inlined lambdas, so you can do high performance functional programming with it. It has features to support complex DSLs. It has a full IDE with many built in refactorings, online static analysis, and via the JVM it has high quality CPU/memory profilers and debugging support.
In short, programming with Kotlin is much like programming with Swift, except you have better tools, an IDE at least as strong as Xcode and in my experience stronger, and you can write apps with it that are indistinguishable from native iOS and Android apps.
It does reject fraud. I know this because I designed the system at Google that is rejecting your logins, back when I worked there. There's a blog post about the system here. Obviously location (actually: geographical coordinates) are not the only thing that is used, it's just a signal that's carefully blended with others.
The main reason location works as a useful anti-fraud signal is that the datasets that hackers are working off are very sparse. Normally only usernames and passwords. So they don't know where in the world you live, meaning that they have to guess. It's almost like a second password. And mostly their guess will be wrong, leading to an ID verification check.
Now if you use VPNs or Tor or whatever that actually move you around the world constantly, then you're in a tiny minority of people that this heuristic doesn't work for. That's not so great. But here's a tip - if you enable 2-step verification on your Google account and then give your IMAP client an "app specific password" you shouldn't see rejected logins anymore, as is documented in the Google support pages. If your IMAP client knows how to use OAuth to log in, that would also work, but most don't.
They didn't just "have" her number, it was on a list of numbers being tapped.
Also, the US admitted it and then said they weren't doing it anymore. That's kind of odd - normally a public admission backed by documentary evidence would be sufficient for a criminal prosecution, no? Certainly it often happens with less (like almost any rape case).
Sounds more like the powers that be didn't want to disturb the intelligence agencies cosy little setup. And let's face it, the BND were not exactly going to co-operate with any investigation.
That's almost certainly the case. The story reeks of propaganda. For instance, the claim that the UK has some kind of large Russian spy network is rather contradicted by the fact that they only recently started recruiting Russian speakers. Pretty hard to get intel from a country where you don't have any staff that speak the language.
The notion that a "cache of documents" was cracked also sounds like nonsense. None of the Snowden documents have dealt with human intelligence ("HUMINT" as they call it). We're being asked to believe that there's hugely detailed info about British spies in what Snowden leaked, yet, no mention of documents from MI6 has been made up until now? Not even alluded to?
And the Russians and Chinese, working independently, both managed to crack this cache ... at the same time?
And none of the spies that were found after this calamitous event were arrested or deported? Not a single one? Even though when Russian spies were found in the USA they were turned into a media circus and then put in front of a judge?
No way. None of the things we're being asked to believe make even a shred of sense. There's a far, far more plausible explanation that does fit the facts: British intelligence was far, far more reliant on SIGINT for insight into Russia and China than they wanted their bosses to believe. MI6, in particular, is stretched to the limit. We know that they routinely cancel surveillance of people they believe might be dangerous jihadis because they don't have the resources to continue. Lacking Russian language speakers, lacking any real motivation to spy on Russia until very recently, you can see how they might have become super reliant on the very fragile techniques used by GCHQ. Now I absolutely do believe that foreign governments became harder to spy on as a result of Snowden, but this terrible disaster that has afflicted UK intelligence is much more likely to be the result of foreign embassies upgrading their VPNs to non-weak Diffie-Hellman, than the result of moving agents who may or may not even exist.
There won't be any evidence offered, because this event is almost certainly a work of fiction. A careful reading of the articles and simply thinking things through will reveal colossal, gaping holes in the story the British government is peddling.
Firstly: we know beyond doubt that this story is at least partly fictional. We know this because the anonymous government sources (i.e. civil service officials) keep contradicting each other. We see for example this quote in the Independent, "However, despite a senior government official was quoted by the paper as saying that Snowden had "blood on his hands", Downing Street confirmed that there was “no evidence of anyone being harmed” as a result of his leaks". Different versions of the same story contradicting each other is a good sign that what we're being fed is a story: things always grow in the telling, especially when we're hearing a third or fourth hand account of what happened. The way US officials contradicted each other in the wake of the bin Laden assassination is a good example of that.
Secondly: this story asks us believe several extraordinary and completely implausible things.
In the UK foreign spying with people is the mandate of MI6, a separate agency to GCHQ, which handles signals intelligence only. It's like the split between the CIA and the NSA. Yet in several years of Snowden reporting there has never been any mention of documents from MI6. There has in fact only been a single mention of MI6 in the GCHQ/NSA documents, and that was a joint presentation about spying on climate change conferences! So the UK government is asking us to believe that journalists like Greenwald (who hates the UK because of the holding of his partner at Heathrow) would have a large cache of documents from an entirely separate agency and yet find nothing newsworthy in them at all ..... indeed, apparently MI6 is so boring that the existence of such documents isn't even worth mentioning? Apparently the UK has never done anything even embarrassing in many years of engaging in foreign HUMINT? That stretches the bounds of credulity beyond breaking point.
But it goes on. We are asked to swallow a second utterly ridiculous idea. Apparently the Russians and Chinese suddenly got access to a wealth of information on British spies, information so detailed it allowed them to be targeted:
What normally happens when spies are caught? Well, they are normally arrested and tried, or at minimum thrown out of the country. Yet Downing Street is telling us that there was "no evidence of anyone being harmed". In short, we're being asked to believe that Russian and Chinese counter-intelligence suddenly found themselves with information so detailed that it amounts to a brain-dump of MI6, including lists of foreign agents ...... yet they walked away from the biggest gift in counter-intel history with nothing at all. Not a single arrest, not a single trial.
That the KGB and Chinese counter-intelligence are so incompetent defies belief - indeed, it is literally unbelievable.
There's a third totally implausible thing about this story. It asks us to believe that there is a cache of encrypted Snowden documents out there .... somewhere ..... and the Russians/Chinese were both able to obtain this cache, yet they could not obtain the accompanying password. So where did this cache come from? Again, the civil service is asking us to believe something utterly stupid: "Putin didn't give him a
That analogy is really poor - Google Apps is only free for personal use. Corporates pay for it. And Android is free because they wanted to help unify the mobile OS space, and knew that doing an open source OS was one way to do that.
With this strategy Apple are trying to destroy the revenue stream not only of Google, but of lots of companies that don't compete with them and have nothing to do with them. In fact advertising is the revenue model of most of the web, ignoring a handful of paywalled newspapers and other services. If this is Apple's way to try and "compete" with Google, then it's a scorched earth policy that says they don't care how many enemies they make along the way. And it's not about making a better or cheaper product, like how Android competes with iOS, it's about using existing market share to quietly interfere with other people's businesses.
This is far closer to Microsoft strategies than Google's. It's only "good business sense" if you've confused legitimate capitalist competition with destroying your competitors via any means possible.
I thought that at first too. But if you read the reports more closely it strongly suggests this is Israeli intelligence, not NSA.
One strong indicator of this is that Kaspersky already found and analysed the current-gen NSA malware platform, they call the NSA the "Equation Group" and the things linking it to the NSA are extremely strong, to the extent that known NSA codenames are found in the binaries. However they also say that they found at least one victim that was hacked by NSA and "Duqu 2" simultaneously. It wouldn't really make sense for the NSA to have two entirely duplicative/redundant malware development projects over such a long period of time.
Additionally, various other things suggest Israeli intelligence, like timestamps and working hours indicative of Israel and the fact that one of the victims was linked to some anniversary of the liberation of Auschwitz.
I believe Israeli intelligence has a big budget for hacking. But not that big. Duqu 2 seems to have over 100 plugins. They burned three zero days on this attack. Much of the code is clearly an evolution of Duqu 1.0 which was being used years ago.
It seems obvious that each intelligence agency has developed its own malware platform over a period of many years and these things must represent large investments for them. To simply throw it away by attacking Kaspersky makes no sense.
Occam's Razor says pick the simplest theory. We know from the Stuxnet leaks that the Israeli's fucked up and made Stuxnet way too aggressive, that's why it spread way outside its intended victims. We know Israel is an astonishingly aggressive country that thanks to the US protection it gets, sees itself as being able to do whatever it likes. The simplest explanation is that they got cocky and thought they could beat Kaspersky. Perhaps they had beaten Kaspersky: the report notably doesn't give many details about when they think they got attacked. They might have been compromised for a long time already. Regardless, eventually they lost, and now any company that uses Kaspersky AV is probably able to detect the Israeli malware platform. Unless they have a limitless supply of kernel exploits, eventually they will not be able to patch the AV driver's brains out and their platform will start getting detected.
The report says that at least one victim has been targeted by Equation Group (NSA) and Duqu simultaneously. The targeting of something related to a WW2 anniversary also strongly suggests Israel.