Just common sense. You don't write anything in an email that could be used as evidence against the company in a court case. Everything you write can and will be used against the company in a court case, no matter how much it has to be taken out of context. Much easier to just avoid some words.
If you know that writing "the car has a defect" can cost the company millions, while writing "the car has a condition" has the same meaning, and your fellow engineers know it has the same meaning, why would you want to write "the car has a defect"?
If google had no assets in Europe, it could shoot Europe the big finger,
Even without assets, they would risk any ad revenue coming from Europe. If there is a fine to be paid and no assets to recover, they can just contact everyone owing money to Google (like every advertiser) and tell them to make the payments to the EU instead of Google.
to buy and sell a piece of software? what one does with it is obviously a different story, but I didnt think there was anything illegal against buying and selling a piece of software.
If it teaches a lesson to fucking imbeciles who think it is fun hacking into innocent people's computers, I'm all for them getting locked up. The lesson is that computers are "real world". That unknown people owning these computers are not "slaves" as they like to call them, but real people.
They have no simple way to prove to potential customers that their gear hasn't been hacked or compromised in some way.
Maybe ask Apple for help, since they allowed them to use the name "iOS" for their operating system. The essential parts of the operating system on iOS are signed with Apple's private key and don't work otherwise. Even if there was a "jailbreak", you can reset an iPhone and you know that all hacks are gone. The phone also allows new OS software only if it is signed by Apple. That should be equally possible on an Cisco router. (You can get around this with a jailbreak, but the important point is that at a customer, you _can_ put the device into a state where the OS is Apple only, and Cisco customers would like the ability to put the device into a state where they knew the software is Cisco only).
Isn't it? In many countries fair dodging is a crime, rated similar to theft of a small amount of money. And I can't see what makes you think it is illegal for a company to keep track of who they found cheating on them.
Problem is that it also complicates usage. The music industry eventually gave up - I suspect a similar outcome with the film industry, but it'll be a long, devastating fight.
Unfortunately not true for audio books, for example Amazon-owned audible.
That's a contradiction in terms, right there. DRM is friendly if it does something *for* me. I'll agree that there's more and less cumbersome DRM implementations, but the argument that less-cumbersome DRM is in *any* way friendlier than no DRM at all obviously falls flat on its face.
There's one situation where DRM is good for you, and that is video rental. If I have a choice to buy a movie for $12 or to rent it for $4, and I most definitely only want to watch it once, then the ability to rent saves me $8. And renting wouldn't be possible without DRM.
Nothing to eat, your kids are dying of some horrible disease and you can't the medicine they need, but the datacomm is improving every day! I really, really hate to admit it, but for once Bill Gates is right.
Should be downvoted as downright stupid. If one of the three towns 20 miles footwalk away has the medicine your kid needs and the other two don't, then having a phone to find out which one can save your kid's life. People in Africa use phones to get information about markets so they can go to the right market to buy or sell things. You really can't imagine that people in bad living conditions could use the power of communication supplied by a phone to improve their living conditions?
I had read early on that most of the code they had stripped out was code supporting Windows and OSX. Is that true or was that just the initial pass? Dumping hundreds of thousands of lines of code is impressive--but if it comes at the cost of multiplatform support it's not surprising.
Code for MacOS is thrown out. That's from MacOS 1 released in 1984 to MacOS 9, where Apple ceased all development in 2001. And there is no need for OS X code. They are writing POSIX code, and POSIX runs just fine on MacOS X and iOS.
If you clear out the various multi-platform work for OpenSSL, _of course_ it can progress more quickly and more securely. The multi-platform work is where so much of the work has been done.
As a person making their living writing software for MacOS X and iOS, do I care about this code running in MacOS 9? I don't care one bit.
They explain it very well: You don't need to be "multi-platform" if you are standard. Instead of "we have thirteen implementions of SSL_memcpy that run on a dozen completely outdated platforms that nobody cares about", they use memcpy and say "if your platform doesn't support a standard C function correctly, fuck you and your platform". Which is the correct approach.
Yeah, that's what I don't understand. So, she's suing because she can't figure out the iOS settings menu?
She sold her phone, so she hasn't got an iOS settings menu anymore. It's not obvious what things you have to do before you sell a phone. Maybe there should be an app for it - "Selling my phone" which reminds you of all the things you need to do before you sell it, does them for you if possible, and finally wipes the phone so the buyer can use it with their own account.
Next thing would be to go to some Apple support site. Which should be easy, but may be difficult for some. Especially if you use the old and new phone for communication and not much for internet access. She could go to an Apple Store; they will fix the problem. If she forgot her Apple ID, it may be a problem (on the other hand, any of her friends who tried to contact her should have that information).
Finally, there is the possibility that there is an easy method that works - for 99.9% of the people. And some bug keeps it from working for 0.1%.
I have never been discriminated against because of my age, nor have I seen it happen to anyone else. If such practices exists (in Australia) I think they are limited to small outfits run by cheapskates and crooks. Shitty companies in any industry will always want to hire young people simply because they are cheaper and more easily manipulated.If you're that old you can't learn a new technology then it's time to retire and get your Alzheimer's problem looked at.
Case 1: Idiot manager thinks that people should work 60 or 80 hours a week (obviously without compensation). Young, unexperienced developer might do it. Experienced developer tells him to shove it.
Case 2: Shitty company runs out of money. Young, unexperienced developer can be tricked into accepting empty promises instead of payment. Experienced developer tells them to shove it.
So that would be two kinds of situations where a young, unexperienced developer would be preferred.
Ok, writing "goto fail;" twice in a row is a bug. But it's not the real bug. This code was checking whether a connection was safe, and executed a "goto fail;" statement if one of the checks failed. It also executed one "goto fail;" by accident, skipping one of the checks. But one would think that a statement "goto fail;" would make the connecction fail! In that case, sure, there was a bug, but the bug should have led to all connections failing, which would have made it obvious to spot (because the code wouldn't have worked, ever).
So the real problem is a programming style where executing a statement "goto fail;" doesn't actually fail! If a function returns 0 for success / non-zero for failure like this one, it should have been obvious to add an "assert (err != 0)" to the failure case following the fail: label. And that would have _immediately_ caught the problem. There should be _one_ statement in the success case "return 0;" and _one_ statement in the failure case "assert (err != 0); return err;".
And yet, their employees do not jump off the factory roofs.
Well, this is the first article ever on Slashdot about Samsung killing its employees. (It was reported elsewhere, but on Slashdot I'm generally surprised about the headline calling them "Samsung" and not "Apple supplier"). Numbers about other deaths at Samsung factories haven't been reported. Seems unlikely that their employees die from cancer and are invulnerable to accidents. Numbers of suicides haven't been reported. Seems unlikely that there aren't any, but reporters in South Korea trying to report negatives about Samsung tend to lose their jobs quickly.
No, 16, can make own decisions according to law? No. Not adult. Best keep it that way.
I was thinking more along the lines of execution. Someone this stupid needs to be removed from the gene pool. And at 16 there's still a chance.
That's how I interpreted "Best keep it that way":-) This "swatting" should be treated as assault and attempted murder if it fails, and as assault and murder if it succeeds.
Happened to look up the definition of "murder" in the UK: It is murder if you intend that a person should be killed or seriously injured, and a person dies as the result. Intent of a person being killed or seriously injured is quite clear. By the definition, the person making the phone call also is guilty of murder if one of the police officers dies by accident in the action.
RTFA, the reward is about 1/10 of the damage done, insulting and hardly a deterrent.
1/10th of the claimed damage. It would be actual damage if each single one of those 64,000 class members actually would have found a different job paying $50,000 more.
If you write down that sequence, then yes, it's copyrightable. Heck, even a scribble on a piece of paper is copyrightable.
If you write it down, and there was some creative process involved. For example, if you create a phone book of New York, with names sorted in alphabetical order, we'd all hope that there is very little creativity involved.
All phones probably use the same salt so it's a backdoor it also means that someone out there will find that backdoor.
The lack of thought... What happens when the passcode screen comes up and you type in your passcode 1234? The software takes your passcode, 1234, and no other input that isn't directly available to the passcode software, and unlocks your phone. A police officer taking your locked phone takes five seconds to type a passcode, and your phone gets erased after ten attempts, because that's what Apple's passcode software does.
Apple can replace the passcode software. (Nobody else can, because only software codesigned by Apple can do the needed hardware access). The replacement software tries 0000, 0001, 0002, etc. as if you had typed them in, just faster, at a rate of ten per second. That's it. And then they try until they find the right passcode. You can calculate how long it takes at ten keys per second.
There is no back door. Apple patiently tries all the possible combinations on the front door, while turning the burglar alarm off.
So, let me understand your point better. You're saying that you believe what Apple publishes on its own security mechanism?
Don't you?
Remember, we are Apple's customers. We are the people paying Apple. How much money do you think does Apple make by supporting law enforcement? I'd say $0 if they are lucky, but quite possibly a loss. What interest does Apple have in reading your data or making it available to someone? Apple's biggest source of profit is selling phones, followed by selling tablets, followed by selling computers. Just like Google, Apple's interested in keeping their customers happy so they keep paying money. Unlike with Google, _you_ are Apple's customer.
It's been known for a while that their "Filevault" has a corporate key (allegedly for employees but wouldn't it work for anyone?) to unlock it.
Oh my god. When you turn Filevault on, it displays a 20 digit hex string which you can write on a piece of paper, hide in your cupboard, and use to decrypt the hard drive if you forgot the password. Alternatively, in an enterprise setting, where your Mac is under company control, that same 20 digit hex string can be sent to your company, so they can decrypt your drive if you unexpectedly leave the company. And third alternative, you can enter three security questions + answers, the same 20 digit hex string is encrypted with the answers, and sent to Apple with that encryption. You need the exact answers to get your 20 digit hex string back.
No, think of it this way: You don't understand what is and is not a "public forum". The "texts, contacts, photos and videos, call history and audio recordings" stored on your personal phone are not accessible in a "public forum", and Apple is somehow (allegedly) pulling these things from your device remotely (heaven knows why the security model even allows this to happen) at the behest of law enforcement.
The whole thing and how it works has been well-documented for a long time.
First, an iOS device's flash storage is always encrypted. The encryption is basically unbreakable. But obviously, the iPhone can still read it. That's because you enter your passcode, and that passcode is used to unlock the data.
The bit of code where you enter your passcode is written and signed by Apple. Only code that is cryptographically signed by Apple is capable of checking a passcode and with the right passcode giving access to the flash drive. And Apple's code that you have installed on your iOS device has features like erasing the drive when you enter the wrong code too often, requiring longer and longer delays between attempts, and so on. So a policeman taking away your phone can try a few times to unlock it, but most likely this doesn't work.
Apple, and nobody else, can write code that tries more passcodes and sign it with Apple's key, which is required for it to work. The passcode checking algorithm is designed to take about 1/10th of a second. So if Apple has your phone, and a search warrant, they can check passcodes at a rate of ten per second.
Without the phone physically there, or with a broken phone, there is no way. If the data has been erased, no way. Removing the flash drive from the phone, no way. Imagine a switch where any delays in the passcode checking is turned off, and a robot hand capable of entering ten keys per second. That's about what Apple can do. 8 digits + letters is uncrackable.
Libertarian chooses unregulated cab. Said unregulated cab hits pedestrian. Insurance company of unregulated cab says 'your policy is for personal use only, we are not paying'. Who pays for pedestrian's injuries, the libertarian?
German insurances would pay to the third party victim. And then they would go after the driver for the rest of his life to recover the cost.
Slashdot Mirror
Just common sense. You don't write anything in an email that could be used as evidence against the company in a court case. Everything you write can and will be used against the company in a court case, no matter how much it has to be taken out of context. Much easier to just avoid some words.
If you know that writing "the car has a defect" can cost the company millions, while writing "the car has a condition" has the same meaning, and your fellow engineers know it has the same meaning, why would you want to write "the car has a defect"?
If google had no assets in Europe, it could shoot Europe the big finger,
Even without assets, they would risk any ad revenue coming from Europe. If there is a fine to be paid and no assets to recover, they can just contact everyone owing money to Google (like every advertiser) and tell them to make the payments to the EU instead of Google.
Its asinine to pretend there are absolute rights. they dont exist - even in the US you have no right to certain speech
Even if you did pretend there are absolute rights, you'd have to figure out what happens when absolute rights collide.
As a teen, I remember actually getting some bozo on IRC to install BO on his PC for me. Social engineering is so fun. Dem were the days.
That's called "dehumanizing the victim". It wasn't a human being, it was a bozo, so it was alright.
to buy and sell a piece of software? what one does with it is obviously a different story, but I didnt think there was anything illegal against buying and selling a piece of software.
If it teaches a lesson to fucking imbeciles who think it is fun hacking into innocent people's computers, I'm all for them getting locked up. The lesson is that computers are "real world". That unknown people owning these computers are not "slaves" as they like to call them, but real people.
They have no simple way to prove to potential customers that their gear hasn't been hacked or compromised in some way.
Maybe ask Apple for help, since they allowed them to use the name "iOS" for their operating system. The essential parts of the operating system on iOS are signed with Apple's private key and don't work otherwise. Even if there was a "jailbreak", you can reset an iPhone and you know that all hacks are gone. The phone also allows new OS software only if it is signed by Apple. That should be equally possible on an Cisco router. (You can get around this with a jailbreak, but the important point is that at a customer, you _can_ put the device into a state where the OS is Apple only, and Cisco customers would like the ability to put the device into a state where they knew the software is Cisco only).
B) This is not a criminal offence
Isn't it? In many countries fair dodging is a crime, rated similar to theft of a small amount of money. And I can't see what makes you think it is illegal for a company to keep track of who they found cheating on them.
Problem is that it also complicates usage. The music industry eventually gave up - I suspect a similar outcome with the film industry, but it'll be a long, devastating fight.
Unfortunately not true for audio books, for example Amazon-owned audible.
That's a contradiction in terms, right there. DRM is friendly if it does something *for* me. I'll agree that there's more and less cumbersome DRM implementations, but the argument that less-cumbersome DRM is in *any* way friendlier than no DRM at all obviously falls flat on its face.
There's one situation where DRM is good for you, and that is video rental. If I have a choice to buy a movie for $12 or to rent it for $4, and I most definitely only want to watch it once, then the ability to rent saves me $8. And renting wouldn't be possible without DRM.
Remember, DRM doesn't just stop 'piracy', it stops fair use of copyright content too.
When was the last time that you wanted to do something that would be considered "fair use" under copyright law?
Nothing to eat, your kids are dying of some horrible disease and you can't the medicine they need, but the datacomm is improving every day! I really, really hate to admit it, but for once Bill Gates is right.
Should be downvoted as downright stupid. If one of the three towns 20 miles footwalk away has the medicine your kid needs and the other two don't, then having a phone to find out which one can save your kid's life. People in Africa use phones to get information about markets so they can go to the right market to buy or sell things. You really can't imagine that people in bad living conditions could use the power of communication supplied by a phone to improve their living conditions?
I had read early on that most of the code they had stripped out was code supporting Windows and OSX. Is that true or was that just the initial pass? Dumping hundreds of thousands of lines of code is impressive--but if it comes at the cost of multiplatform support it's not surprising.
Code for MacOS is thrown out. That's from MacOS 1 released in 1984 to MacOS 9, where Apple ceased all development in 2001. And there is no need for OS X code. They are writing POSIX code, and POSIX runs just fine on MacOS X and iOS.
If you clear out the various multi-platform work for OpenSSL, _of course_ it can progress more quickly and more securely. The multi-platform work is where so much of the work has been done.
As a person making their living writing software for MacOS X and iOS, do I care about this code running in MacOS 9? I don't care one bit.
They explain it very well: You don't need to be "multi-platform" if you are standard. Instead of "we have thirteen implementions of SSL_memcpy that run on a dozen completely outdated platforms that nobody cares about", they use memcpy and say "if your platform doesn't support a standard C function correctly, fuck you and your platform". Which is the correct approach.
Yeah, that's what I don't understand. So, she's suing because she can't figure out the iOS settings menu?
She sold her phone, so she hasn't got an iOS settings menu anymore. It's not obvious what things you have to do before you sell a phone. Maybe there should be an app for it - "Selling my phone" which reminds you of all the things you need to do before you sell it, does them for you if possible, and finally wipes the phone so the buyer can use it with their own account.
Next thing would be to go to some Apple support site. Which should be easy, but may be difficult for some. Especially if you use the old and new phone for communication and not much for internet access. She could go to an Apple Store; they will fix the problem. If she forgot her Apple ID, it may be a problem (on the other hand, any of her friends who tried to contact her should have that information).
Finally, there is the possibility that there is an easy method that works - for 99.9% of the people. And some bug keeps it from working for 0.1%.
I have never been discriminated against because of my age, nor have I seen it happen to anyone else. If such practices exists (in Australia) I think they are limited to small outfits run by cheapskates and crooks. Shitty companies in any industry will always want to hire young people simply because they are cheaper and more easily manipulated.If you're that old you can't learn a new technology then it's time to retire and get your Alzheimer's problem looked at.
Case 1: Idiot manager thinks that people should work 60 or 80 hours a week (obviously without compensation). Young, unexperienced developer might do it. Experienced developer tells him to shove it.
Case 2: Shitty company runs out of money. Young, unexperienced developer can be tricked into accepting empty promises instead of payment. Experienced developer tells them to shove it.
So that would be two kinds of situations where a young, unexperienced developer would be preferred.
Ok, writing "goto fail;" twice in a row is a bug. But it's not the real bug. This code was checking whether a connection was safe, and executed a "goto fail;" statement if one of the checks failed. It also executed one "goto fail;" by accident, skipping one of the checks. But one would think that a statement "goto fail;" would make the connecction fail! In that case, sure, there was a bug, but the bug should have led to all connections failing, which would have made it obvious to spot (because the code wouldn't have worked, ever).
So the real problem is a programming style where executing a statement "goto fail;" doesn't actually fail! If a function returns 0 for success / non-zero for failure like this one, it should have been obvious to add an "assert (err != 0)" to the failure case following the fail: label. And that would have _immediately_ caught the problem. There should be _one_ statement in the success case "return 0;" and _one_ statement in the failure case "assert (err != 0); return err;".
And yet, their employees do not jump off the factory roofs.
Well, this is the first article ever on Slashdot about Samsung killing its employees. (It was reported elsewhere, but on Slashdot I'm generally surprised about the headline calling them "Samsung" and not "Apple supplier"). Numbers about other deaths at Samsung factories haven't been reported. Seems unlikely that their employees die from cancer and are invulnerable to accidents. Numbers of suicides haven't been reported. Seems unlikely that there aren't any, but reporters in South Korea trying to report negatives about Samsung tend to lose their jobs quickly.
No, 16, can make own decisions according to law? No. Not adult. Best keep it that way.
I was thinking more along the lines of execution. Someone this stupid needs to be removed from the gene pool. And at 16 there's still a chance.
That's how I interpreted "Best keep it that way" :-) This "swatting" should be treated as assault and attempted murder if it fails, and as assault and murder if it succeeds.
Happened to look up the definition of "murder" in the UK: It is murder if you intend that a person should be killed or seriously injured, and a person dies as the result. Intent of a person being killed or seriously injured is quite clear. By the definition, the person making the phone call also is guilty of murder if one of the police officers dies by accident in the action.
RTFA, the reward is about 1/10 of the damage done, insulting and hardly a deterrent.
1/10th of the claimed damage. It would be actual damage if each single one of those 64,000 class members actually would have found a different job paying $50,000 more.
If you write down that sequence, then yes, it's copyrightable. Heck, even a scribble on a piece of paper is copyrightable.
If you write it down, and there was some creative process involved. For example, if you create a phone book of New York, with names sorted in alphabetical order, we'd all hope that there is very little creativity involved.
All phones probably use the same salt so it's a backdoor it also means that someone out there will find that backdoor.
The lack of thought... What happens when the passcode screen comes up and you type in your passcode 1234? The software takes your passcode, 1234, and no other input that isn't directly available to the passcode software, and unlocks your phone. A police officer taking your locked phone takes five seconds to type a passcode, and your phone gets erased after ten attempts, because that's what Apple's passcode software does.
Apple can replace the passcode software. (Nobody else can, because only software codesigned by Apple can do the needed hardware access). The replacement software tries 0000, 0001, 0002, etc. as if you had typed them in, just faster, at a rate of ten per second. That's it. And then they try until they find the right passcode. You can calculate how long it takes at ten keys per second.
There is no back door. Apple patiently tries all the possible combinations on the front door, while turning the burglar alarm off.
So, let me understand your point better. You're saying that you believe what Apple publishes on its own security mechanism?
Don't you?
Remember, we are Apple's customers. We are the people paying Apple. How much money do you think does Apple make by supporting law enforcement? I'd say $0 if they are lucky, but quite possibly a loss. What interest does Apple have in reading your data or making it available to someone? Apple's biggest source of profit is selling phones, followed by selling tablets, followed by selling computers. Just like Google, Apple's interested in keeping their customers happy so they keep paying money. Unlike with Google, _you_ are Apple's customer.
It's been known for a while that their "Filevault" has a corporate key (allegedly for employees but wouldn't it work for anyone?) to unlock it.
Oh my god. When you turn Filevault on, it displays a 20 digit hex string which you can write on a piece of paper, hide in your cupboard, and use to decrypt the hard drive if you forgot the password. Alternatively, in an enterprise setting, where your Mac is under company control, that same 20 digit hex string can be sent to your company, so they can decrypt your drive if you unexpectedly leave the company. And third alternative, you can enter three security questions + answers, the same 20 digit hex string is encrypted with the answers, and sent to Apple with that encryption. You need the exact answers to get your 20 digit hex string back.
No, think of it this way: You don't understand what is and is not a "public forum". The "texts, contacts, photos and videos, call history and audio recordings" stored on your personal phone are not accessible in a "public forum", and Apple is somehow (allegedly) pulling these things from your device remotely (heaven knows why the security model even allows this to happen) at the behest of law enforcement.
The whole thing and how it works has been well-documented for a long time.
First, an iOS device's flash storage is always encrypted. The encryption is basically unbreakable. But obviously, the iPhone can still read it. That's because you enter your passcode, and that passcode is used to unlock the data.
The bit of code where you enter your passcode is written and signed by Apple. Only code that is cryptographically signed by Apple is capable of checking a passcode and with the right passcode giving access to the flash drive. And Apple's code that you have installed on your iOS device has features like erasing the drive when you enter the wrong code too often, requiring longer and longer delays between attempts, and so on. So a policeman taking away your phone can try a few times to unlock it, but most likely this doesn't work.
Apple, and nobody else, can write code that tries more passcodes and sign it with Apple's key, which is required for it to work. The passcode checking algorithm is designed to take about 1/10th of a second. So if Apple has your phone, and a search warrant, they can check passcodes at a rate of ten per second.
Without the phone physically there, or with a broken phone, there is no way. If the data has been erased, no way. Removing the flash drive from the phone, no way. Imagine a switch where any delays in the passcode checking is turned off, and a robot hand capable of entering ten keys per second. That's about what Apple can do. 8 digits + letters is uncrackable.
Libertarian chooses unregulated cab. Said unregulated cab hits pedestrian. Insurance company of unregulated cab says 'your policy is for personal use only, we are not paying'. Who pays for pedestrian's injuries, the libertarian?
German insurances would pay to the third party victim. And then they would go after the driver for the rest of his life to recover the cost.