> Interestingly, putting detailed quotes in got me modded down about twice as fast! And it's a lot more effort.
If you haven't put any effort into your thoughts, why should anyone listen to them?
Also, I can't find any quotes from Damore's piece on this story, you only seem to be quoting other Slashdot posters.
Downmods are nothing, anyhow. I get all my submissions auto-flagged as spam by certain users ever since I posted the story about Trump winning that seems to be permanently stuck in the "related stories" feed. Never mind I was one of the more active submitters for years without issue, especially Groklaw stories. I could see it if it was politics, but why do that to a post about SNES game preservation to say that byuu had recovered the lost package when they accepted the same story from someone else? And even on the Trump wins story, they appear to have cloned my submission instead of using the actual one so that it doesn't show up on my submissions for some reason... Go figure?
So, you're saying he's a modern day civil rights leader, but we shouldn't listen to him because you think he's gay? This is one of your least coherent insults, and that's saying a lot.
> However, as much as you might use the dogwhistle of "free speech," this has nothing to do with it; Google is not the government
Funny thing about that, but California's free speech protections go beyond just the First Amendment. Damore may have a state law claim under California's laws that prohibits discrimination based on political activities or affiliations. I think he would have to raise that claim in California's courts, rather than the NLRB, however, so I'm not clear that it will ever get heard.
So there is a free speech angle here, though I can imagine that many of the courts in CA might be hostile to his claims.
The memo is here. There are these crazy things called "quotes" that one normally uses to support a particular point like that. You have posted six times on this story as of a moment ago when I went here and counted. I note a conspicuous lack of supporting quotes in your posting.
I do not and will not believe that you have read the actual, uncensored memo until and unless you quote from the memo to support your claims. You appear to have read reports about the memo while ignoring the memo itself and then conflated what's been reported about the memo with that which was actually written. This is hilariously bad because some outlets have done stupid things like strip all the citations.
Because what reader would want to bother with pesky things like facts in a discussion like this?
Right, but I'm saying that the lawsuit would be dismissed before you even got to the part of the lawsuit where the feds had to give out their evidence. And we're also neglecting that they can mumble "national security" and get out of showing their cards as well...
FWIW, Kaspersky did respond to many of the allegations against it. There were also separate responses about picking up the NSA malware from the contractor's computer. The contractor's computer was backdoored & they ran a scan on it to get rid of that, not really Kaspersky's fault there if the contractor is taking things home they shouldn't be.
Yeah, but the thing is you're going to get an expensive diversion that doesn't even get to the point of actually talking about the issue. You have a long hard fight with respect to jurisdiction and immunity, where you're likely to lose on procedural grounds and never get to the point of even discussing whether the statements were true or not. And then you'd suffer a PR hit for losing on the basis that the government won't allow you to sue it.
In short, this really sounds like a money pit to me, rather than an effective way to dispute this. This is a PR issue, they'd do better to hire a PR firm.
I haven't seen any defamation lawsuits that were criminal. Exactly who do you see them suing under which statute(s)? Also, many agents of the government have various forms of immunity for things they're doing as part of their job.
I don't think this is anywhere near as simple as you make it sound.
Unless you can point to a statute wherein we've waived Sovereign Immunity for that exact type of lawsuit, that would violate the 11th Amendment:
The Judicial power of the United States shall not be construed to extend to any suit in law or Equity, commenced or prosecuted against one of the United States by Citizens of another State, or by Citizens or Subjects of any Foreign State.
Funny thing is that there's a far more interesting technical article about all of this out there that's totally ignored because it was written by Kaspersky. Yet nobody cares that this article is from the Daily Beast, as if we didn't know Chelsea Clinton was there...
Well, that's the thing, we can't trust ANY of them.
We already know what the NSA does with NSLs and all the other providers have the capability to upload samples, so it's hard to see why your threat model can ignore that the NSA probably has access to all of this (and every other software update you use, via some means). We've known how deep this sort of rabbit hole can get since Reflections on Trusting Trust was written. Hell, we just watched Facebook build a new datacenter next door to the spooks a week or two ago. I'm sure they only did it to take advantage of some good fiber there...
If you've seen the TAO catalog, you know that this sort of capability is the tip of the iceberg. The spies have so much crazy stuff that it's hard to imagine that you can go up against them.
Well, the problem here is that ALL the nation states are spying on us, including America. So the NSA/Israel hates Kaspersky because they've detected their Stuxnet-based malware. Kaspersky actually put out this paper describing just how hard it is to attribute anything to any specific actor. You can say that's Russian so you don't have to even listen (which is a bit silly in an article from the Daily Beast, especially if you know Chelsea Clinton's relationship with it) but that doesn't mean they're wrong.
My personal opinion is that all of them are spying on us via whatever means they have and I don't like any of it, though I don't know how to stop any of them. It's reasonable to be outraged by all of it, NSA or FSB, and to take it into account when doing threat modelling. But, frankly, from what we've seen of the TAO catalog, if they want to own you they probably already have. They probably owned your router before it was even shipped to your doorstep. You cannot assume that they're exfiltrating data over any kind of link you could monitor and they may be leaking it via channels you didn't know the existence of.
So in a way I'm glad for the outrage, I just don't see how to channel it to any productive ends. Ideally we'd stop or control this crazy mass spying by every major power on everyone, but the tech is so scary that I don't know just what sort of crazy security measures that would require.
I read all four of those articles. The only things they provide that are remotely verifiable are a fake Facebook account from one Melvin Redick of Harrisburg that talked about DCLeaks--real, actual, emails showing various bits of dirty dealing. There is no mention of anything to connect that account to Russia. If we're going to play "consider the source" then I'd like to point out that Chelsea Clinton is at the Daily Beast, which is the source of this particular Slashdot story.
I'd also like to point out that Correct the Record / ShareBlue employed thousands of "nerd virgins" (their own words) to create exactly this sort of fake account. And that seems especially funny given that Russia has been accused of stirring up dissent by supporting BLM and similar Democratic causes.
It's also funny that you talk about everything being "fake news" but we know the emails were real via DKIM headers I personally have showed everyone how to verify on Slashdot. And those same emails show how CNN colluded with the DNC to rig the debates as well as how the DNC went behind its own lawyer's backs to hold that secret fundraiser with the Washington Post. Things that anyone could legitimately be upset about independently of who (allegedly) revealed them to us.
Frankly, if this is what foreign "collusion" looks like--exposing American political corruption that our own media won't touch--I have trouble seeing why that's a bad thing. We should root out all political corruption, regardless of party. Of course, it helps if you have actual verifiable facts. Paying $100k for foreign spies to dig up ridiculous and unverifiable fanfics (AKA "raw intelligence") is just a little bit pathetic.
I'm not the OP and technically, it would be the JavaScript engine that is exploited, rather than the JavaScript language per se. But that's a trivial distinction in this context, given that every browser uses some JavaScript engine to execute it.
Anyhow, it's was really easy for me to find a repo of CVEs for JavaScript engine bugs containing the code to reproduce them with that might interest you. As you can see from this list, there are good reasons not to run untrusted code, sandbox or no sandbox.
So, the idea of "sovereign immunity" in the USA is found in the 11th Amendment which says:
"The Judicial power of the United States shall not be construed to extend to any suit in law or equity, commenced or prosecuted against one of the United States by Citizens of another State, or by Citizens or Subjects of any Foreign State."
There was a recent ruling that said this applies to the IPR process. This is all quite new, so there haven't been a lot of cases around it yet and this is the first time someone has tried to use this so far. Someone saw that ruling, found a tribe to go along with the licensing scheme, and then used it as a defense in court. This is why the ruling in the case about the Indian tribes goes on about whether or not to join the Indian tribe to the case--that's a procedural trick they're trying to employ.
Disclaimer: Everything about this is complicated, if you're looking at this for reasons beyond idle curiosity, get a lawyer.
The response is good, but the funny thing is that I have long refused to let them store my CC number because the password policy they have is insane. I can't remember what it is right now, but I think they wouldn't let you use most symbols or spaces and had a really short maximum length.
I figured that anyone who would force their customers to use laughably weak passwords had poor internal security. I'm glad to see their response is better than I would've expected, but the fact that they got cracked does not surprise me at all. Fortunately, all they have is my address.
It appears to imply that the government is not going to get to examine the data, but it is going to get to examine the data subject to a protective order.
I realize that different people may read it differently, but I thought this was an important point to clarify.
That's what happens practically every time, though. There's no benefit to asking for less than the moon, because you don't get what you don't ask for. It's sort of like how they generally go for the max sentence, because they know that your lawyer will negotiate downwards, so they have to ask for too much to get a fair sentence in the end. Granted, the part about getting a fair sentence doesn't always happen, especially if you or your lawyer negotiate badly. It's sort of like what happens if you play tug-of-war and one side doesn't pull the rope.
If I were writing this, I'd have said that the judge granted the search warrant subject to a protective order. As written, one would tend to assume that the search warrant was denied. It's wasn't. There's no need for all the drama here. They always ask for the moon. Sometimes they even get the moon. There's a sensible protective order in place and they get to look at everything they're allowed to under the judge's supervision, which is fair & reasonable.
The problem is that this kind of nonsense has way too much support in Congress in general. Telecoms have more lobbyists than the general public does and there's a lot of money to be made in fleecing the general public:(
There are maybe a handful of people in Congress in general who have made an actual principled stand on this one. So yeah, nobody's going to be lining up.
Sadly, there aren't a lot of good guides that go into how it works that aren't overly technical. That said, I think that this info on search warrants covers the basics pretty well. As far as different justice systems go, I think, this article should be pretty readable.
To get a any sense of how things normally work, you pretty much have to read a lot of cases. That's harder these days because most news stories don't bother to link to whatever they're discussing, but I will give credit to this submission for linking to a proper source, at least.
It's not clear that it's exactly sending it to the Kremlin directly, nor would it have to. If they have anything like what we have, they simply tap the internet traffic. Our government almost certainly does something similar. Kaspersky told us back in 2015 that they caught a Stuxnet-like malware invading them, so there's some credibility to this one, though there's not a lot of info other than anonymous rumors repeated by the press.
It's fair to criticize both spying apparatuses for that, mind you. I don't know how to stop either one, though. They have some pretty crazy tools at their disposal, if you've ever seen the TAO catalog.
The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.
The Constitution doesn't exactly provide a lot of details, so one normally looks at the actual laws on the subject. To re-derive the constitutional contours of search warrants from constitutional principles every time would be sort of like trying to do this every time you want to add 2+2. In short, no, it doesn't work that way.
It's normal for demands to be overly broad. They ask for whatever they might plausibly get, because sometimes the judge agrees with them and they won't get anything they don't request. This is how an adversarial justice system works. There are other models, for example, inquisitional systems, in use in other countries.
Note that I am not arguing with you about this being non-public information. You were right to correct the other poster about that. And you were right that it is, in fact, completely obvious from the fact that they issued a search warrant. The judge realized there were real concerns here, so they narrowed the scope of what was asked and are allowing the police to search it first, then unmask people later if they have probable cause to believe they were participants in a crime.
In short, it's a detailed and perfectly sensible decision that appears to be quite fair to both sides.
> Their goal was to get more access than they needed for whatever reason, and they failed at reaching that goal. I'd say they lost; now they're going to have to do their jobs (or whatever facsimile thereof they've been tasked with) using only the legal amount of information.
Right, and you're a mind reader now? I don't know about you, but I'm more wary of people who have decided the police are out to get them, like those crazy people who assassinated random cops for no reason...
Anyhow, I suggest taking some actual law classes someday, instead of getting your education from fiction. We have an adversarial justice system. They always ask for the max and it's the defense's job to whittle that down with the court as the referee. I realize it may be strange if you're from a country where they have, say, an inquisitional system or any of the other models, but this is pretty much normal. They basically always ask for everything they could possibly get and leave it to the judge to whittle that down. Sometimes nobody bothers to contest it and they get everything, after all.
Sure, this one's a bit abnormal because it's getting a lot of attention, so the judge put more effort into that order than usual. But there's nothing particularly noteworthy here other than the level of controversy.
This is far too preliminary to be interesting. Sure, it's important because it lays the foundation of the case(s) to come, but it's usually more instructive to wait until there are trials and both sides show what evidence they have.
Slashdot Mirror
> Interestingly, putting detailed quotes in got me modded down about twice as fast! And it's a lot more effort.
If you haven't put any effort into your thoughts, why should anyone listen to them?
Also, I can't find any quotes from Damore's piece on this story, you only seem to be quoting other Slashdot posters.
Downmods are nothing, anyhow. I get all my submissions auto-flagged as spam by certain users ever since I posted the story about Trump winning that seems to be permanently stuck in the "related stories" feed. Never mind I was one of the more active submitters for years without issue, especially Groklaw stories. I could see it if it was politics, but why do that to a post about SNES game preservation to say that byuu had recovered the lost package when they accepted the same story from someone else? And even on the Trump wins story, they appear to have cloned my submission instead of using the actual one so that it doesn't show up on my submissions for some reason... Go figure?
So, you're saying he's a modern day civil rights leader, but we shouldn't listen to him because you think he's gay? This is one of your least coherent insults, and that's saying a lot.
> However, as much as you might use the dogwhistle of "free speech," this has nothing to do with it; Google is not the government
Funny thing about that, but California's free speech protections go beyond just the First Amendment. Damore may have a state law claim under California's laws that prohibits discrimination based on political activities or affiliations. I think he would have to raise that claim in California's courts, rather than the NLRB, however, so I'm not clear that it will ever get heard.
So there is a free speech angle here, though I can imagine that many of the courts in CA might be hostile to his claims.
The memo is here. There are these crazy things called "quotes" that one normally uses to support a particular point like that. You have posted six times on this story as of a moment ago when I went here and counted. I note a conspicuous lack of supporting quotes in your posting.
I do not and will not believe that you have read the actual, uncensored memo until and unless you quote from the memo to support your claims. You appear to have read reports about the memo while ignoring the memo itself and then conflated what's been reported about the memo with that which was actually written. This is hilariously bad because some outlets have done stupid things like strip all the citations.
Because what reader would want to bother with pesky things like facts in a discussion like this?
Right, but I'm saying that the lawsuit would be dismissed before you even got to the part of the lawsuit where the feds had to give out their evidence. And we're also neglecting that they can mumble "national security" and get out of showing their cards as well...
FWIW, Kaspersky did respond to many of the allegations against it. There were also separate responses about picking up the NSA malware from the contractor's computer. The contractor's computer was backdoored & they ran a scan on it to get rid of that, not really Kaspersky's fault there if the contractor is taking things home they shouldn't be.
Yeah, but the thing is you're going to get an expensive diversion that doesn't even get to the point of actually talking about the issue. You have a long hard fight with respect to jurisdiction and immunity, where you're likely to lose on procedural grounds and never get to the point of even discussing whether the statements were true or not. And then you'd suffer a PR hit for losing on the basis that the government won't allow you to sue it.
In short, this really sounds like a money pit to me, rather than an effective way to dispute this. This is a PR issue, they'd do better to hire a PR firm.
I haven't seen any defamation lawsuits that were criminal. Exactly who do you see them suing under which statute(s)? Also, many agents of the government have various forms of immunity for things they're doing as part of their job.
I don't think this is anywhere near as simple as you make it sound.
Unless you can point to a statute wherein we've waived Sovereign Immunity for that exact type of lawsuit, that would violate the 11th Amendment:
https://legal-dictionary.thefreedictionary.com/11th+Amendment
Funny thing is that there's a far more interesting technical article about all of this out there that's totally ignored because it was written by Kaspersky. Yet nobody cares that this article is from the Daily Beast, as if we didn't know Chelsea Clinton was there...
Well, that's the thing, we can't trust ANY of them.
We already know what the NSA does with NSLs and all the other providers have the capability to upload samples, so it's hard to see why your threat model can ignore that the NSA probably has access to all of this (and every other software update you use, via some means). We've known how deep this sort of rabbit hole can get since Reflections on Trusting Trust was written. Hell, we just watched Facebook build a new datacenter next door to the spooks a week or two ago. I'm sure they only did it to take advantage of some good fiber there...
If you've seen the TAO catalog, you know that this sort of capability is the tip of the iceberg. The spies have so much crazy stuff that it's hard to imagine that you can go up against them.
Well, the problem here is that ALL the nation states are spying on us, including America. So the NSA/Israel hates Kaspersky because they've detected their Stuxnet-based malware. Kaspersky actually put out this paper describing just how hard it is to attribute anything to any specific actor. You can say that's Russian so you don't have to even listen (which is a bit silly in an article from the Daily Beast, especially if you know Chelsea Clinton's relationship with it) but that doesn't mean they're wrong.
My personal opinion is that all of them are spying on us via whatever means they have and I don't like any of it, though I don't know how to stop any of them. It's reasonable to be outraged by all of it, NSA or FSB, and to take it into account when doing threat modelling. But, frankly, from what we've seen of the TAO catalog, if they want to own you they probably already have. They probably owned your router before it was even shipped to your doorstep. You cannot assume that they're exfiltrating data over any kind of link you could monitor and they may be leaking it via channels you didn't know the existence of.
So in a way I'm glad for the outrage, I just don't see how to channel it to any productive ends. Ideally we'd stop or control this crazy mass spying by every major power on everyone, but the tech is so scary that I don't know just what sort of crazy security measures that would require.
Parent was me, apparently I wasn't logged in.
I'm not the OP and technically, it would be the JavaScript engine that is exploited, rather than the JavaScript language per se. But that's a trivial distinction in this context, given that every browser uses some JavaScript engine to execute it.
Anyhow, it's was really easy for me to find a repo of CVEs for JavaScript engine bugs containing the code to reproduce them with that might interest you. As you can see from this list, there are good reasons not to run untrusted code, sandbox or no sandbox.
So, the idea of "sovereign immunity" in the USA is found in the 11th Amendment which says:
"The Judicial power of the United States shall not be construed to extend to any suit in law or equity, commenced or prosecuted against one of the United States by Citizens of another State, or by Citizens or Subjects of any Foreign State."
There was a recent ruling that said this applies to the IPR process. This is all quite new, so there haven't been a lot of cases around it yet and this is the first time someone has tried to use this so far. Someone saw that ruling, found a tribe to go along with the licensing scheme, and then used it as a defense in court. This is why the ruling in the case about the Indian tribes goes on about whether or not to join the Indian tribe to the case--that's a procedural trick they're trying to employ.
Disclaimer: Everything about this is complicated, if you're looking at this for reasons beyond idle curiosity, get a lawyer.
The response is good, but the funny thing is that I have long refused to let them store my CC number because the password policy they have is insane. I can't remember what it is right now, but I think they wouldn't let you use most symbols or spaces and had a really short maximum length.
I figured that anyone who would force their customers to use laughably weak passwords had poor internal security. I'm glad to see their response is better than I would've expected, but the fact that they got cracked does not surprise me at all. Fortunately, all they have is my address.
It appears to imply that the government is not going to get to examine the data, but it is going to get to examine the data subject to a protective order.
I realize that different people may read it differently, but I thought this was an important point to clarify.
> I really don't see how it's misleading.
It implies that the search warrant was denied, when it was granted subject to a protective order.
That's what happens practically every time, though. There's no benefit to asking for less than the moon, because you don't get what you don't ask for. It's sort of like how they generally go for the max sentence, because they know that your lawyer will negotiate downwards, so they have to ask for too much to get a fair sentence in the end. Granted, the part about getting a fair sentence doesn't always happen, especially if you or your lawyer negotiate badly. It's sort of like what happens if you play tug-of-war and one side doesn't pull the rope.
If I were writing this, I'd have said that the judge granted the search warrant subject to a protective order. As written, one would tend to assume that the search warrant was denied. It's wasn't. There's no need for all the drama here. They always ask for the moon. Sometimes they even get the moon. There's a sensible protective order in place and they get to look at everything they're allowed to under the judge's supervision, which is fair & reasonable.
Yes, Law Comic is very good, I will second that recommendation.
If you want a good law movie, oddly enough, My Cousin Vinny is one of the more realistic movies. Many of the others are... not so good.
The problem is that this kind of nonsense has way too much support in Congress in general. Telecoms have more lobbyists than the general public does and there's a lot of money to be made in fleecing the general public :(
There are maybe a handful of people in Congress in general who have made an actual principled stand on this one. So yeah, nobody's going to be lining up.
Sadly, there aren't a lot of good guides that go into how it works that aren't overly technical. That said, I think that this info on search warrants covers the basics pretty well. As far as different justice systems go, I think, this article should be pretty readable.
To get a any sense of how things normally work, you pretty much have to read a lot of cases. That's harder these days because most news stories don't bother to link to whatever they're discussing, but I will give credit to this submission for linking to a proper source, at least.
It's not clear that it's exactly sending it to the Kremlin directly, nor would it have to. If they have anything like what we have, they simply tap the internet traffic. Our government almost certainly does something similar. Kaspersky told us back in 2015 that they caught a Stuxnet-like malware invading them, so there's some credibility to this one, though there's not a lot of info other than anonymous rumors repeated by the press.
It's fair to criticize both spying apparatuses for that, mind you. I don't know how to stop either one, though. They have some pretty crazy tools at their disposal, if you've ever seen the TAO catalog.
Don't be silly, this is a stupid decision and it's completely fair to criticize the FCC for this idiocy.
This is the Superior Court of DC, so I think this is actually the relevant law on search warrants:
https://beta.code.dccouncil.us/dc/council/code/sections/48-921.02.html
The Constitution doesn't exactly provide a lot of details, so one normally looks at the actual laws on the subject. To re-derive the constitutional contours of search warrants from constitutional principles every time would be sort of like trying to do this every time you want to add 2+2. In short, no, it doesn't work that way.
It's normal for demands to be overly broad. They ask for whatever they might plausibly get, because sometimes the judge agrees with them and they won't get anything they don't request. This is how an adversarial justice system works. There are other models, for example, inquisitional systems, in use in other countries.
Note that I am not arguing with you about this being non-public information. You were right to correct the other poster about that. And you were right that it is, in fact, completely obvious from the fact that they issued a search warrant. The judge realized there were real concerns here, so they narrowed the scope of what was asked and are allowing the police to search it first, then unmask people later if they have probable cause to believe they were participants in a crime.
In short, it's a detailed and perfectly sensible decision that appears to be quite fair to both sides.
> Their goal was to get more access than they needed for whatever reason, and they failed at reaching that goal. I'd say they lost; now they're going to have to do their jobs (or whatever facsimile thereof they've been tasked with) using only the legal amount of information.
Right, and you're a mind reader now? I don't know about you, but I'm more wary of people who have decided the police are out to get them, like those crazy people who assassinated random cops for no reason...
Anyhow, I suggest taking some actual law classes someday, instead of getting your education from fiction. We have an adversarial justice system. They always ask for the max and it's the defense's job to whittle that down with the court as the referee. I realize it may be strange if you're from a country where they have, say, an inquisitional system or any of the other models, but this is pretty much normal. They basically always ask for everything they could possibly get and leave it to the judge to whittle that down. Sometimes nobody bothers to contest it and they get everything, after all.
Sure, this one's a bit abnormal because it's getting a lot of attention, so the judge put more effort into that order than usual. But there's nothing particularly noteworthy here other than the level of controversy.
This is far too preliminary to be interesting. Sure, it's important because it lays the foundation of the case(s) to come, but it's usually more instructive to wait until there are trials and both sides show what evidence they have.