I'd prefer to avoid possibilities of fraud in the first place rather than placing the onus on me to have to report fraud and then try and convince someone that I really didn't make that particular purchase in the first place. Is your attitude that it's okay for companies to have lax security because you're able to reconcile your statements at the end of the month?
If this isn't the largest piece of FUD I've seen this month, I don't know what is. Good god man, it's just wireless internet access. Get a grip. There's no magic train derailing webapp on the website. The ticketing isn't tied into the system. It's about as harmless as some idiot flooding the bathroom at the train station. A pain in the ass? Absolutely. A reason to start wondering in deeply fearfull tones "what could he do? Umm.. no.
Considering that he was able to obtain a list of usernames and passwords as well as change the prices charged for WiFi access -- anything from "Free" to perhaps hundreds of dollars per hour -- he could have either caused the station to lose revenue or, at worst, jacked up the price, use others' login accounts, and maybe their credit cards would have been automatically billed without them knowing.
That's probably why the text said "unfortunate notoriety". And your point is well made -- in terms of total losses, I would be surprised if the US isn't number one for fraud. Certainly it's been shown many times that the bulk of all spam originates in the US.
Fair enough, but how do you suggest they do their homework? So the RIAA hit squad finds IP address 12.34.56.78 is sharing hundreds of MP3 files, a clear violation of the person's fair use copyright rights. They request the contact information from the ISP. They get back Jane Smith, 1234 Main Street, Anywhere, USA.
Now, how should they find out the age of the person? Run a credit check? And if that person has an internet connection provided by their ISP, isn't it reasonable to assume that the person who is being billed is still alive? How many dead people sign up for internet service? Granted, upon death it may take a while to get things sorted out but it would be extremely rare to find someone who is using and paying for a service, something apparently illegal is going on with that service, but the person has died in the meantime.
Your 10,000 people in the phonebook example is a nice strawman, but it's not the same at all. The RIAA, in finding the person who's using a particular IP address, has already gathered evidence that their rights are being infringed by said person. If the RIAA were suing random people without any evidence at all, then your argument would have merit.
I will agree with you when it comes to automated notices based solely upon filenames. If I am sharing a file called "Michael Jackson - Beat It.mp3" but it's really a recording of ambient sound, then they should be required to verify that the files in question are indeed infringing.
Or her daughter was the one using the computer and was just bullshitting to the press perhaps. Or did you expect her to admit that she was the one who should be sued? "My mother was computer illiterate. She hated a computer," Chianumba said. "I had Kazaa running there every day downloading gigs of mp3s, and thankfully the DSL connection was in my mother's name so I can't be sued for it."
This isn't a criminal trial where they would need to prove beyond a reasonable doubt that it was the individual concerned. For example, if a murder were traced back to a knife that I had purchased and that was in my home prior to the murder being committed, I could not be found guilty unless they could prove it was I who used the knife in the commission of the muder.
In a civil trial such as what the RIAA would have to go through, it's preponderance of evidence. So if it's your computer, your connection, and you're the one usually using it, odds are good that you committed the act.
That's why OJ Simpson wasn't criminally guilty for the murder of Smith but was found civilly liable for her death.
As for whether or not the person being used is alive or dead, if the person was alive at the time you investigated and then it goes to trial (remember, sometimes your trial date is up to a year after you sue) then what's wrong with that? I'm currently involved in some legal matters where it often takes months between the lawyers talking, relating the matters to their clients, and then the clients thinking about it, making a decision, and getting back to the lawyers.
Things don't move as quickly as you appear to think in the legal world. That this happened to the RIAA only fuels your preconceived notions that they are evil, abusing the law, etc. Perhaps they do abuse the law but this isn't certain evidence of that.
I always thought the old cheap VHS movies for $10 are recorded using EP (extended play?) instead of SP (slow play?). When you look through the little window, the spool size is quite small.
when they filed that stuff they made a 'promise' that they had done their homework on the case and had proof that the defendant did it.
Okay. So what if she really did do it, they had proof of it, and she subsequently died? Of course, from the sounds of it, it was one of her [grand]kids that was using the computer but she was likely the one being billed from her phone/cable company for the connection.
"the tougher rules only make them harder for users to remember, not harder for hackers to guess"
So it's not harder to guess complex passwords like "Sh!t32" or "Dinner5pm" rather than simple passwords like "pencil" and "double"? How does that work? Most brute force programs first run through a list of the most common passwords, then do a dictionary attack, username backwards, etc. and only if those fail do they start doing character iteration.
Here you go: http://it.slashdot.org/article.pl?sid=05/02/07/231 0237
I'd prefer to avoid possibilities of fraud in the first place rather than placing the onus on me to have to report fraud and then try and convince someone that I really didn't make that particular purchase in the first place. Is your attitude that it's okay for companies to have lax security because you're able to reconcile your statements at the end of the month?
If this isn't the largest piece of FUD I've seen this month, I don't know what is. Good god man, it's just wireless internet access. Get a grip. There's no magic train derailing webapp on the website. The ticketing isn't tied into the system. It's about as harmless as some idiot flooding the bathroom at the train station. A pain in the ass? Absolutely. A reason to start wondering in deeply fearfull tones "what could he do? Umm.. no.
Considering that he was able to obtain a list of usernames and passwords as well as change the prices charged for WiFi access -- anything from "Free" to perhaps hundreds of dollars per hour -- he could have either caused the station to lose revenue or, at worst, jacked up the price, use others' login accounts, and maybe their credit cards would have been automatically billed without them knowing.
Did you even RTFA?
Take your new mini-van back to the dealership and demand that they fix it, plus provide you with a loaner in the meantime. What make is it?
That's probably why the text said "unfortunate notoriety". And your point is well made -- in terms of total losses, I would be surprised if the US isn't number one for fraud. Certainly it's been shown many times that the bulk of all spam originates in the US.
Fair enough, but how do you suggest they do their homework? So the RIAA hit squad finds IP address 12.34.56.78 is sharing hundreds of MP3 files, a clear violation of the person's fair use copyright rights. They request the contact information from the ISP. They get back Jane Smith, 1234 Main Street, Anywhere, USA.
Now, how should they find out the age of the person? Run a credit check? And if that person has an internet connection provided by their ISP, isn't it reasonable to assume that the person who is being billed is still alive? How many dead people sign up for internet service? Granted, upon death it may take a while to get things sorted out but it would be extremely rare to find someone who is using and paying for a service, something apparently illegal is going on with that service, but the person has died in the meantime.
Your 10,000 people in the phonebook example is a nice strawman, but it's not the same at all. The RIAA, in finding the person who's using a particular IP address, has already gathered evidence that their rights are being infringed by said person. If the RIAA were suing random people without any evidence at all, then your argument would have merit.
I will agree with you when it comes to automated notices based solely upon filenames. If I am sharing a file called "Michael Jackson - Beat It.mp3" but it's really a recording of ambient sound, then they should be required to verify that the files in question are indeed infringing.
Or her daughter was the one using the computer and was just bullshitting to the press perhaps. Or did you expect her to admit that she was the one who should be sued? "My mother was computer illiterate. She hated a computer," Chianumba said. "I had Kazaa running there every day downloading gigs of mp3s, and thankfully the DSL connection was in my mother's name so I can't be sued for it."
This isn't a criminal trial where they would need to prove beyond a reasonable doubt that it was the individual concerned. For example, if a murder were traced back to a knife that I had purchased and that was in my home prior to the murder being committed, I could not be found guilty unless they could prove it was I who used the knife in the commission of the muder.
In a civil trial such as what the RIAA would have to go through, it's preponderance of evidence. So if it's your computer, your connection, and you're the one usually using it, odds are good that you committed the act.
That's why OJ Simpson wasn't criminally guilty for the murder of Smith but was found civilly liable for her death.
As for whether or not the person being used is alive or dead, if the person was alive at the time you investigated and then it goes to trial (remember, sometimes your trial date is up to a year after you sue) then what's wrong with that? I'm currently involved in some legal matters where it often takes months between the lawyers talking, relating the matters to their clients, and then the clients thinking about it, making a decision, and getting back to the lawyers.
Things don't move as quickly as you appear to think in the legal world. That this happened to the RIAA only fuels your preconceived notions that they are evil, abusing the law, etc. Perhaps they do abuse the law but this isn't certain evidence of that.
But if they make corn DVDs, we will then have pr0n on corn.
Get with the times, man. It's called a cr0n collection.
I always thought the old cheap VHS movies for $10 are recorded using EP (extended play?) instead of SP (slow play?). When you look through the little window, the spool size is quite small.
Satan wants you to something, but you can only really tell if you have the code book.
Yeah, he wants you to insert the word do between "to" and "something".
... and so's your mother! Sheesh, you thought I wouldn't catch that insult buried in your text?
when they filed that stuff they made a 'promise' that they had done their homework on the case and had proof that the defendant did it.
Okay. So what if she really did do it, they had proof of it, and she subsequently died? Of course, from the sounds of it, it was one of her [grand]kids that was using the computer but she was likely the one being billed from her phone/cable company for the connection.
If I had a hole in *my* throat, I'd stick pennies in it!
Push is big again though. Only now it's called "RSS."
And an RSS feed is pulled down by a client on demand, not pushed by the server.
"the tougher rules only make them harder for users to remember, not harder for hackers to guess"
So it's not harder to guess complex passwords like "Sh!t32" or "Dinner5pm" rather than simple passwords like "pencil" and "double"? How does that work? Most brute force programs first run through a list of the most common passwords, then do a dictionary attack, username backwards, etc. and only if those fail do they start doing character iteration.
No kidding. Are they planning to raise a few million dollars and fund a show, perhaps two?
Oh maybe that's why they called it a "Brief History".
It's like the Reader's Digest version of Stephen Hawking's A Brief History of Time:
"Well, here we are."
The end.
If it is a proven scientific fact that old people drive like they are drunk, why are they allowd to drive?
I heard that in Korea, that's not the case...
Now that's just cheating... but you had me going for a second! :)
bah... journals are easy to predict. :)
Have a post which links to itself and then I'll be impressed!
And then Affleck chimes in with his trademark "Hhhhhhhhhhhhhhold this position."
Nonsense! I did a search and didn't find anything like that.
You're only saying that because noone ever has!
I've figured out how to put my Ford engine, stereo, and electrical system into my Porche!
You'd think every household in the southern US has a ford engine, stereo, and electrical system on their porch.