What if a household member or a random friend "accepts" the EULA, are you hosed forever? Can you take the consent back? (What if the TV was pre-owned?)
There is no telling if they even pay attention to whether you clicked through the EULA or not. The thing is, in order for their surveillance "feature" to work the TV needs access to the Internet. They need to stream the video and audio back to the mother ship for any voice-to-text or image recognition to figure out what you are doing during those commercials, etc. So the traffic would be quite evident on your network. Checking for software updates only takes a split second so the difference is many orders of magnitude.
Economically the processing of this data can not be inside the TV proper because the set would cost more than the competitors, and they would win, so off-loading the processing would be necessary. This might be low fidelity audio and slow page frame video snapshots for simply detecting motion. In the case of the LG an adversary would only have to get you to install an App (aka Android type app) for someone else to divert that traffic flow to their own processors.
Good luck with that. I have three routers, firewalls, and network monitoring to make sure nothing gets in/out I don't know about. I even have a DMZ for my voip. My TV is fed a single HDMI connector from a recording DVR which has full service to the network, but constrained to where even it can connect.
Could even happen in a business or other setting where any random person who gets to hold the remote might click on it, be it an employee, contractor, customer, passers by.
A conference room might have a cheap 65" TV or smaller they're using to cast documents to.
Again, this depends on the internet access you provide to the device. Having onboard WiFi could be a very bad thing for a company, but most conference room monitors I know don't get direct access, but instead are controlled by a computer to display media/presentations. Its only as safe as the IT department is smart, so this gives a whole new meaning to having a Smart-TV?
I bought a LG TV a number of years ago and during a firmware upgrade I was presented with a EULA. Being curious as to why I needed to click-yes for anything I read through the "agreement" which was quickly rejected hands down. The wanted me to agree that they could watch and listen to us in the room and provide aggregated information back to companies collecting/compiling the ratings for shows. The TV has the ability to load programs for games and additional internet content which can not be used unless you buy into the anti-privacy police state utopia where anyone can tap into your life and find out what you are saying about the politics of the day.
.
Honestly, if Trump wants to know what I am saying about his performance he doesn't need to go talk to the Koreans (LG), he can just call me direct. I'm sure he has my number by now, due to the TV still sitting in my living room. I suspect the Government doesn't care about any EULA with the Koreans, and since my TV contacts LG periodically (over seas network connection) for updates, theoretically I'm already on the Government radar despite saying "no" to that EULA. Black tape over the lens, and epoxy in the microphone is all they will see and hear now days. If they want me to turn their "entertainment channel" again they will just need to ask nicely. Maybe I'll trade for one of those Russian channels they've got.
I work with the experts that go to bat both with/for the FAA on many key technologies. I wrote to the FAA about this exact solution over two years ago, before the problem was even that prominent in the news.
Crickets....
No reply. No thanks for the idea, but...
What, not even a demeaning rejection form letter?
I take it that some random Chinese manufacturer has more clout than a UARC research scientist?
Ok, this is the New Government we are talking about here. Maybe I should have just tweeted the idea to get noticed.
I have been using a Tivo with a free Comcast cablecard for many years without renting their "cable box". Comcast was required by law to give me two free cable cards, and each card went into a dual channel Tivo receiver to record two simultaneous standard "broadcast" stations on each, for a total of four recording channels for zero cost beyond the dirt cheap package that Comcast doesn't want you to know exists. Between that and Amazon Prime video I have way more than I can keep up with. I was not about to upgrade the Comcast service with all the wiz-bang-HD-you-pay-for-it channels. When they finally think to unbundle the expensive channels packages and give me what few channels I do want, then we'll see. In the mean time I have _way_ more than enough to watch without all the expensive upgrades.
The billionaires running the country just want to know when they can buy golf clubs made out of this stuff Their brilliant reasoning, that Hydrogen is so light weight, so these clubs ought to sent those balls just flying in Scotland! Never mind the 495 GigaPascals of compression, or the gigawats needed to create just micrograms, they say this stuff is shiny!
Next 2:00AM Tweet: "We got something you don't got #Putin" "I'm going golfing tomorrow #Putin Ha ha"
This is exactly the type of thing they want their future US research dollars going into. None of that wasted warm-whatever research, its millions of new manufacturing jobs on the line! Those Chinese and Mexicans still have a long way to to go to catch up before making that cheap stuff. We will just tax it at the border, raising our own prices, to pay for the wall that they will just swim around, dig under, or buy a plane ticket to fly over legally. We'll show them who's really paying for that wall!
Then one day, he made the mistake of asking me to fudge a time card on a Government contract. He is now history, canned quickly, and unemployable on anything Government at this point.
You can irritate your underlings, you can abuse your power in a small company, but in a slightly larger one with Government contracts don't even get caught breaking the law. Not sure if this helps, but there are some things you just can't talk your way out of with upper management. Being a superstar just won't save you when you royally screw up.
Couldn't happen to a nicer guy. I wonder how that happened?
Solar is already cheaper once you factor in the cost to our Ecology, health, etc. The only thing holding back wind and solar is a good mechanism for load leveling the differences between day and night, wind and no wind. While some regions are capable of pumping water uphill to level out the power availability, what is missing is a more general mechanism such as huge banks of "flow batteries" that charge an electrolyte that can be stored in mass quantity and used to put power on the grid when needed. This temporary energy storage problem should be where the real research grant money should be invested, but don't hold your breath for Trump to do anything like that. For the next four years its up to private investors to choose and invest wisely in technology that has the potential to fix things.
How would a Class Action suit stack up against the 'overly broad' request? Should they not be required to show justification for each request? How is this any different than a bulk search and seizure of personal banking statements without a warrant stating what specific activity is even being searched for?
After consulting with all the new Trump cabinet members whom are knowledgeable in science, there was a major move by Microsoft to help save the [Ecology]^h^h^h^h^h^h^h Economy. After speaking with their elite scientists on Marketing Hyperbole, not only can Investors now say that Microsoft's "new technology" (NT kernel) is "green", but due to the (now hear this) "actual laws of physics", it is undeniable that using the green wavelength rather than a blue one does actually save electricity! Seeing the number of PC's that are perpetually locked in this state of operation, and turning them off would be completely Un-American, to not burn that coal, Trump is claiming we as a nation now stand to save millions on energy costs every day due to this new Government cost control measure!. "More coal, less Government waste!" is the new mantra.
.
And to think some skeptics were going to say Trump's new cabinet was going to be completely techno-phobic and ineffective when it comes to actual "progressive change" and protections for the future [of]^h^h climate change. These guys actually know their physics! Eat Your Words Media! And keep in mind that Trump hasn't even taken office yet! Watch out ISIS! /s
Franklin would be at the top of the [British] no-fly list if he were alive today.
French and American, not so much. United States didn't exist until after he was a dissident, and most Americans would give him a pass on that remark. Besides, how are you going to look him up if he had not been allowed to return back and "discover electricity"? Archibald Spencer might disagree with that so called "discovery" thing, since he had been lecturing on the subject since '43.
Many baby monitors and security cams automagically punch a hole through your home router using Plug-n-play, which is a very bad idea for home security. On the surface thsi doesn't sound much different than what you propose, only I think your profile idea likely was meant to place additional restrictions on how that hole is to be managed. Once the router opens a hole for a device almost anything can flow through that hole unless the router does deep packet inspection, and any SSL used to make that connection safe would likely prevent that. IP and port numbers is what the router can easily manage.
I would think the profile idea would be a sound one, if it created a restricted vpn between known devices. But then that requires user intervention to configure what is allowed to connect to it. Without that information it should be a default deny policy to that port/ip. What I think we need is a simple API used to make associations between user IoT devices that are permitted to talk, and let the routers work out the details of how they communicate. Make it very simple for the non security aware user, to just point and click on registered devices that they own and assign a profile of permissions for non-owned devices to connect to. Let the routers having that API work out the cryptographic key exchanges with all devices on the IoT network.
Gates: There, fixed it to work better! (CP/M ==> QDOS Quick and Dirty OS, aka. PC-DOS).
IBM: Well, except all the arguments are all backwards. How do we ever fix that? How will we ever sell this thing? Nobody will ever figure out how to use it now...
Gates: Easy, I'll write a contract to force everyone to buy a copy along with the machine. Just like selling a car with an engine.
After resisting for the better part of a year, I may finally have a reason to "upgrade" to Windows 10? The killer feature of Windows 10 is being able to remove features. Go figure...
Unfortunately, the most annoying feature I want to remove most often is Windows(tm).
They broke no law that I can see, but they are an enabling technology. An analogy might be that they are like a car rental company that advertises that they have the best get-away-cars money can rent, where as Google is yor normal Hertz or Avis car rental that checks references and credit status before renting. Its not the same thing to index files with the intended audience of thieves vs a general indexing service that tries not to attract the wrong people. Yes, they index legitimate torrents, but that might not be their intended audience. The qualifier is "intent", and that is what the US court system needs to prove, if the extradition is successful. For the time being they are presumed innocent under current US law, so extradition might be a problem as it should be.
One of the main tenants of the blockchain design is that it never have any one organization/person in control of more than 50% of the servers maintaining the financial transaction record. Microsoft will in this case have 100% of the servers, and thus could enable someone to walk off with the whole repository in what would be the biggest cyber-heist in all of recorded history. Of course we all trust Microsoft to never get hacked or do anything wicked in its own self interest.
On my first job as a production line parts pusher we had major problems with managing the production line and inventory. Data Processing told us that a program we needed would be impossible even with with the heavy-iron mainframes. After the second lay-off the Industrial Engineer got riffed and left behind this thing call a PC that just happened to have a 3270 terminal controller board in it. That got me thinking. I reprogrammed the controller board in ASM, and using Borland Pascal Compiler I connected it to the mainframe "pretending" is was someone typing EBCDIC key code information to pull up their worthless production inventory programs, and scraped the screens to grab what I needed. It was the tail wagging the dog kind of implementation, trying to balance the real-time control necessary with the API simplicity I needed to make programming it easy for me.
.
Once I had the standard application pages so that it all groked correctly, and built my temporary DB on the other partition of the Mainframe, it took me only about 6 hours to write the program that DP was telling us was impossible to do. You should have seen the face of my managers face when I walked into his office carrying a very thick ream of printouts with the all the answers he needed that day. Once the DP manger got finished being chewed out by the president of the company, that same program, utilizing the Big-Iron mainframe and with a direct connection to the actual database, it took over 6 man-months to write the same in COBOL. DP offered me a job writing Cobol, and I said no, turned professional a couple of months later and never looked back. I decided solving problems was more fun than pushing parts through a factory.
You have many processors (DMA, GPU, Bus controllers, network boards, IO boards, keyboards, etc) installed in your every day computers, and many pidgin holes in the memory pages that can be utilized for encrypted blobs. When the malware itself is not executed, touched by, or managed by your CPU then your white-list running under your CPU's control won't help much. You want to be running VT-d/IOMMU/IMA based software protection to lock things down as much as possible. While you wait for your BIOS to finish self-check, you could already be rooted by your network card DMA or GPU processor. Any whitelist (default deny policy) that is loaded _after_ you are already rooted, doesn't do a whole lot to keep you safe. Take the red pill to leave the hypervisor you didn't even know you had.
Those little reel-to-reel tape recorders that auto destruct are hard to find these days, and this way I don't even have to eat the little piece of paper afterwards.
Slashdot Mirror
An Operating System should not be used as an Advertisement Delivery System.
What if a household member or a random friend "accepts" the EULA, are you hosed forever? Can you take the consent back? (What if the TV was pre-owned?)
There is no telling if they even pay attention to whether you clicked through the EULA or not. The thing is, in order for their surveillance "feature" to work the TV needs access to the Internet. They need to stream the video and audio back to the mother ship for any voice-to-text or image recognition to figure out what you are doing during those commercials, etc. So the traffic would be quite evident on your network. Checking for software updates only takes a split second so the difference is many orders of magnitude.
Economically the processing of this data can not be inside the TV proper because the set would cost more than the competitors, and they would win, so off-loading the processing would be necessary. This might be low fidelity audio and slow page frame video snapshots for simply detecting motion. In the case of the LG an adversary would only have to get you to install an App (aka Android type app) for someone else to divert that traffic flow to their own processors.
Good luck with that. I have three routers, firewalls, and network monitoring to make sure nothing gets in/out I don't know about. I even have a DMZ for my voip. My TV is fed a single HDMI connector from a recording DVR which has full service to the network, but constrained to where even it can connect.
Could even happen in a business or other setting where any random person who gets to hold the remote might click on it, be it an employee, contractor, customer, passers by. A conference room might have a cheap 65" TV or smaller they're using to cast documents to.
Again, this depends on the internet access you provide to the device. Having onboard WiFi could be a very bad thing for a company, but most conference room monitors I know don't get direct access, but instead are controlled by a computer to display media/presentations. Its only as safe as the IT department is smart, so this gives a whole new meaning to having a Smart-TV?
.
Honestly, if Trump wants to know what I am saying about his performance he doesn't need to go talk to the Koreans (LG), he can just call me direct. I'm sure he has my number by now, due to the TV still sitting in my living room. I suspect the Government doesn't care about any EULA with the Koreans, and since my TV contacts LG periodically (over seas network connection) for updates, theoretically I'm already on the Government radar despite saying "no" to that EULA. Black tape over the lens, and epoxy in the microphone is all they will see and hear now days. If they want me to turn their "entertainment channel" again they will just need to ask nicely. Maybe I'll trade for one of those Russian channels they've got.
I work with the experts that go to bat both with/for the FAA on many key technologies. I wrote to the FAA about this exact solution over two years ago, before the problem was even that prominent in the news.
Crickets....
No reply.
No thanks for the idea, but...
What, not even a demeaning rejection form letter?
I take it that some random Chinese manufacturer has more clout than a UARC research scientist?
Ok, this is the New Government we are talking about here. Maybe I should have just tweeted the idea to get noticed.
I have been using a Tivo with a free Comcast cablecard for many years without renting their "cable box". Comcast was required by law to give me two free cable cards, and each card went into a dual channel Tivo receiver to record two simultaneous standard "broadcast" stations on each, for a total of four recording channels for zero cost beyond the dirt cheap package that Comcast doesn't want you to know exists. Between that and Amazon Prime video I have way more than I can keep up with. I was not about to upgrade the Comcast service with all the wiz-bang-HD-you-pay-for-it channels. When they finally think to unbundle the expensive channels packages and give me what few channels I do want, then we'll see. In the mean time I have _way_ more than enough to watch without all the expensive upgrades.
Next 2:00AM Tweet: "We got something you don't got #Putin" "I'm going golfing tomorrow #Putin Ha ha"
This is exactly the type of thing they want their future US research dollars going into. None of that wasted warm-whatever research, its millions of new manufacturing jobs on the line! Those Chinese and Mexicans still have a long way to to go to catch up before making that cheap stuff. We will just tax it at the border, raising our own prices, to pay for the wall that they will just swim around, dig under, or buy a plane ticket to fly over legally. We'll show them who's really paying for that wall!
If they do use Kudzu they might do without all the expense of barbed wire. Once its established it can be impenetrable despite not even having thorns.
You can irritate your underlings, you can abuse your power in a small company, but in a slightly larger one with Government contracts don't even get caught breaking the law. Not sure if this helps, but there are some things you just can't talk your way out of with upper management. Being a superstar just won't save you when you royally screw up.
Couldn't happen to a nicer guy. I wonder how that happened?
Solar is already cheaper once you factor in the cost to our Ecology, health, etc. The only thing holding back wind and solar is a good mechanism for load leveling the differences between day and night, wind and no wind. While some regions are capable of pumping water uphill to level out the power availability, what is missing is a more general mechanism such as huge banks of "flow batteries" that charge an electrolyte that can be stored in mass quantity and used to put power on the grid when needed. This temporary energy storage problem should be where the real research grant money should be invested, but don't hold your breath for Trump to do anything like that. For the next four years its up to private investors to choose and invest wisely in technology that has the potential to fix things.
How would a Class Action suit stack up against the 'overly broad' request? Should they not be required to show justification for each request? How is this any different than a bulk search and seizure of personal banking statements without a warrant stating what specific activity is even being searched for?
And to think some skeptics were going to say Trump's new cabinet was going to be completely techno-phobic and ineffective when it comes to actual "progressive change" and protections for the future [of]^h^h climate change. These guys actually know their physics! Eat Your Words Media! And keep in mind that Trump hasn't even taken office yet! Watch out ISIS!
Franklin would be at the top of the [British] no-fly list if he were alive today.
French and American, not so much. United States didn't exist until after he was a dissident, and most Americans would give him a pass on that remark. Besides, how are you going to look him up if he had not been allowed to return back and "discover electricity"? Archibald Spencer might disagree with that so called "discovery" thing, since he had been lecturing on the subject since '43.
Better stand back and hold your ears son, one mistake and the implosion from this device could be rather loud!
I would think the profile idea would be a sound one, if it created a restricted vpn between known devices. But then that requires user intervention to configure what is allowed to connect to it. Without that information it should be a default deny policy to that port/ip. What I think we need is a simple API used to make associations between user IoT devices that are permitted to talk, and let the routers work out the details of how they communicate. Make it very simple for the non security aware user, to just point and click on registered devices that they own and assign a profile of permissions for non-owned devices to connect to. Let the routers having that API work out the cryptographic key exchanges with all devices on the IoT network.
Gates: There, fixed it to work better! (CP/M ==> QDOS Quick and Dirty OS, aka. PC-DOS).
IBM: Well, except all the arguments are all backwards. How do we ever fix that? How will we ever sell this thing? Nobody will ever figure out how to use it now...
Gates: Easy, I'll write a contract to force everyone to buy a copy along with the machine. Just like selling a car with an engine.
They probably just recycled a zombie. Nothing to worry about.
Unfortunately, the most annoying feature I want to remove most often is Windows(tm).
Which case is it, USA v. Shkreli Case "1:15-cr-00637" or "1:15-cr-00637-KAM"?
Any chance you would share the court records with us? It seems that the only "public records" I can find are behind a lawyer only pay wall
http://www.plainsite.org/docke...
Unfortunately one needs either a PACER or PainSite.com login account just to check in on how you are doing.
They broke no law that I can see, but they are an enabling technology. An analogy might be that they are like a car rental company that advertises that they have the best get-away-cars money can rent, where as Google is yor normal Hertz or Avis car rental that checks references and credit status before renting. Its not the same thing to index files with the intended audience of thieves vs a general indexing service that tries not to attract the wrong people. Yes, they index legitimate torrents, but that might not be their intended audience. The qualifier is "intent", and that is what the US court system needs to prove, if the extradition is successful. For the time being they are presumed innocent under current US law, so extradition might be a problem as it should be.
Sorry, I'll keep with bitcoin than-you-very-much.
I'll just keep my old slow watch, thankyouverymuch. There already isn't enough time in the day to get everything done that I need to do.
.
Once I had the standard application pages so that it all groked correctly, and built my temporary DB on the other partition of the Mainframe, it took me only about 6 hours to write the program that DP was telling us was impossible to do. You should have seen the face of my managers face when I walked into his office carrying a very thick ream of printouts with the all the answers he needed that day. Once the DP manger got finished being chewed out by the president of the company, that same program, utilizing the Big-Iron mainframe and with a direct connection to the actual database, it took over 6 man-months to write the same in COBOL. DP offered me a job writing Cobol, and I said no, turned professional a couple of months later and never looked back. I decided solving problems was more fun than pushing parts through a factory.
You have many processors (DMA, GPU, Bus controllers, network boards, IO boards, keyboards, etc) installed in your every day computers, and many pidgin holes in the memory pages that can be utilized for encrypted blobs. When the malware itself is not executed, touched by, or managed by your CPU then your white-list running under your CPU's control won't help much. You want to be running VT-d/IOMMU/IMA based software protection to lock things down as much as possible. While you wait for your BIOS to finish self-check, you could already be rooted by your network card DMA or GPU processor. Any whitelist (default deny policy) that is loaded _after_ you are already rooted, doesn't do a whole lot to keep you safe. Take the red pill to leave the hypervisor you didn't even know you had.
oops, the html ate my redirection symbol. Please ignore the syntax error, because the command still works just as well without it.
Those little reel-to-reel tape recorders that auto destruct are hard to find these days, and this way I don't even have to eat the little piece of paper afterwards.