The problem is, how will companies learn and how will customers access those essential services in the meantime? Of course we could just not use the site, but then they'd likely see that as evidence that people didn't like online banking, not that their site was locking people out, and justify spending less on their site development (and probably supporting a smaller number of browsers) as a result. The real issue is that banks have a (fairly) essential service - they know they can dick you around and make you use a different browser and you'll accept it because you need to use the service, and let's face it, there's no real choice between them (they all care as little about the customer as the next bank).
Well I'd have guessed it was purely based on browser usage stats (how can we save money - oh yeah, let's drop support for the bottom 10% of our customers and make them jump through hoops to use our service - typical bank thinking) but then WebTV seems baffling. Are people really still using this in sufficient numbers to justify continued support? Or maybe the bank did some deal in the past to get WebTV users banking online and now they're forced to support it ad infinitum - whatever the reason there has to be something behind this other than the security FUD.
The other problem is they're pretty much all poor in one area or another. Leave your bank because you're not happy with their online presence and you'll pass someone moving from your new bank to your old one because they weren't happy with the opening hours, or the unauthorised overdraft fees, or the cheque clearing times, or the customer service. It's pretty much a confusopoly which ensures there's little real movement of customers.
He's talking about the Cannon Fodder clone which copies the "look and feel". Apple have yet to approve the Lemmings port, and I'd be surprised if they did since it's so well known and someone somewhere is likely to still have a vested interest in the rights and will pop up and challenge this.
I would argue that tendering postal deliveries to whoever can do it cheapest will result in a poorer level of service, but then I remembered all the times my mail got wrongly delivered, or just dumped outside my front door for the whole world to see, or outright lost or stolen, or the one time we got a letter from the postal service explaining that they were investigating our postman for fraudulently disposing of mail and they were sorry but were trying to recover the mail (and then over the course of the next week we got a bunch of fire damaged letters - I kid you not, the guy had been burning our mail instead of delivering it - stuck through the letterbox, luckily we weren't waiting on anything important at the time) - it'd be pretty hard for even private commerce to top those levels of poor service.
I'm sure they've calculated this down to the last penny, but I don't really see how it helps anyway. It's just going to shift more pressure onto the other days, and unless they're ridiculously overstaffed on those days, they'll need to hire extra capacity to deal with it. I don't see where the savings come in (I'm assuming they'll still be doing some sorting over the weekend so they don't save anything on plant costs, and X number of packages will always take X amount of time to deliver, no matter which day you deliver them on).
Definitely badly handled - how about the next time I restart the app, they just give me a splash screen explaining it's been flagged as... well, I don't know how to describe it since they even claim the app's not malicious, but I guess something along the lines of raising privacy concerns with a link through to a page explaining the issues and an option to allow or uninstall. That doesn't seem a problem - in fact make it a choice of the user when they first use the phone to decide if they want such flagged content automatically uninstalled or whether they preferred to be warned (by a system message immediately or by an email). There might be all kinds of legitimate reasons for wanting to keep a flagged app on the phone (security researcher, setting up a honey trap to trace people spreading malicious apps, etc), and I don't think it's any company's prerogative to remotely overrule that, whether the intention is purely benevolent or for financial/liability purposes.
Or they might, you know, point to the fact that it's not true. Hell, you don't even need to RTFA on this one, just RTFT(itle): "20 percent of Android apps can threaten privacy, says vendor". This is about the fact that apps give access to areas of the phone like web browsing, contacts, call notification (to be able to suspend, etc) and that there are privacy concerns. In no way does that even come close to malicious, in fact it's standard behaviour, this isn't a Google issue, all the other operating systems with user-installable apps do exactly the same thing, I think possibly the only difference is Google apps actually tell you in advance exactly which areas of the phone it needs access to, so at least you can make an informed judgement (i.e. why does this screensaver need access to my phone's dialler).
Just chalk this up to ITWorld being click-whoring sensationalist garbage and move on.
I guess the solution would be to allow some tweaking of position during the import process, if they wanted people to get this spot on (for most people close will perhaps be good enough).
Agreed, it happens probably a hell of a lot more than people think - although admittedly it's usually technicalities these days (evidence obtained with the wrong kind of warrant, or possibly contaminated or incorrectly processed, or some legal issue in the casework brought against the defendent) that are voiding people's convictions rather than ostensibly planted evidence. The reason for this isn't that the police have become more honest in the last 30 years (ha!), it's that there is a hell of a lot more scrutiny involved at every stage of the process, and for the vast majority of cases it's just not worth planting evidence, especially if the guy is definitely guilty. Better to let him go to court with flimsy evidence than risk voiding the whole process and throwing your career away by planting something more substantial.
The only way to tackle worldwide monetary deficits is by puring money down a huge hole until we eventually end up back at the bartering economic standard. If love of money is the root of all evil, these politicians are saintly indeed for disposing of it as quickly and pointlessly as possible, no? (Note: misunderstanding of money flows intentional for comedic effect).
While I don't disagree that this is a massive waste of public money (I've always wondered why the bill for these events falls on the hosts - why not split it and that way everyone will be arguing for doing things on the cheap rather than insisting on the best knowing some other foo' is footing the bill and you'll probably be out of power when your country's turn comes around), I have to say that this kind of complacency is what makes terrorist attacks so effective. Terrorists will be looking for targets that haven't been hit for a long time and are less likely to expect it. There must be other ways of minimising costs and maximising security - teleconferencing seems to make the most sense to me - massively distributed user locations, extremely cheap to implement, completely re-usable. What we need to do is vote in more geeks who are comfortable with technology and don't believe you can only get the measure of a man by looking him in the eye, and we could have this solution up and running in a couple of years max.
Why even meet at all in that case? Teleconferencing, hell even some kind of virtual reality system so you get the feeling of being there, would probably be a cheaper option (certainly long term and likely even short term depending on how sophisticated it needs to be). I don't understand why, when everyone's being told to tighten their belts and save money, we persist in flying these people all over the world - and then they tend not to even reach any agreements.
I'd guess the venue is as much about schmoozing the media as anything else - make them traipse out into the middle of nowhere (and probably end up sleeping in camper vans if they're lucky, since the politicos have the only accommodation in the area) and you're not going to get favourable news reports. Of course there's also the logistics of getting all these diplomats safely from international airports out to the middle of nowhere and back, although hiring a fleet of helicopters would probably still come in much cheaper.
If I take a gun and walk around the streets popping heads like pumpkins, can I claim to be an independent researcher testing the police response to gun crime? At the very least the guy's a vigilante taking the law into his own hands (I'm sure the G20 have very expensive agencies testing their security, and you won't hear about those agencies because they're very good at their job and aren't busy dumping reports of security flaws onto a public forum where real bad guys can easily access them), at worst he's a terrorist. Either way he gets to have his day in court and plead the lesser offence and have his actions judged by a jury of his peers. What reasonable alternative do you suggest, leave him be and see what happens?
The 46 of them stood around and thought "thank god this didn't turn out to be a fortress full of armed nutjobs and we actually get to go home to our families tonight." When you're in a police armed response unit, a call-out that doesn't end in a mass shoot out is almost certainly considered a good result. Would it be better if they'd sent four cops, they got gunned down and the gunman escaped, or would you then be complaining about how stupid the police were for not taking a credible threat seriously?
I always thought it was illegal to listen into police chatter in the UK, but I noticed there's actually an app in the Android market place which allows you to do this, so I suspect they just perpetuate the myth that it's illegal when in fact it's not.
If I found they were using unencrypted radio chatter (and does he really know they don't have the ability to encrypt this when necessary, or that they're not encrypting the old fashion way by using misdirection and code words on an open channel), I might tell people about it. What I wouldn't do is tool up with weapons and bomb making components and tell the world I was going to put this security to the test. The first is being a responsible citizen, the second is being a loon, and while that's not specifically illegal we shouldn't be surprised if it leads said loon into situations where he is criminally culpable. Of course there's the chance the police are lying about the guns/bomb equipment so maybe we should wait to hear a more full account of the evidence, but they tend not to invent such charges when the entire world's media are watching them so I'd err on the loon explanation rather than the frame-up.
It's as patently absurd an excuse as those people who justify looking at child porn by claiming to be "hunting it down to report to the police" (incidentally, I never hear in those cases that the people arrested have previously reported X incidents of offending material that they've found in the past, they're always incredibly unfortunate to be discovered on their first attempt). If you're planning on helping out the police, the first thing you should do is speak to the police. The chances are they will tell you that they have everything under control and thanks, but they don't need your assistance.
If you really think there are big holes in the security, report it to their superiors or contact someone in the government about your concerns. If they agree and if they think your insight is worthwhile, they might even hire you as an official security consultant to test their security. The fact is, most people who claim they're only testing security are either Walter Mitty characters living out some deluded fantasy, or else they're people with bad intentions seeking to cover them up with a shield of ineptitude.
I know we tend to want to support the plucky underdog, and some guy "testing the security" of a political event such as this is awfully similar to the plucky hacker "testing the defences" of the Military's computers, but really, even if you have the very best of intentions, if you put yourself in a situation where you mirror the actions of the "bad" guys without the explicit consent of the "good" guys, don't be surprised when the "good" guys treat you like a "bad" guy. As you said, he'll get his day in court to argue his point (but the courts tend to frown on vigilantes just as much as the police), but really if his actions were merely to test security and he did so fully aware of and ready to accept the risks inherent, he should be happy he got caught and happy to take whatever punishment is meted out (as this both proves that security is better than expected and acts as a deterrent).
1) No mention of price in the article - if current 3g broadband setups are anything to go by, don't expect to see much of a GB allowance compared to standard 'wired' dsl
Indeed, most of the telcos in the Uk are now shying away from their initial "unlimited" (subject to FUP anyway) data packages in favour of tiered charges. 02 have gone from unlimited to 1GB per month plus £5 per 500MB above that (or else they throttle your connection if you're over your allowance). You're certainly not going to want it for streaming video or audio...
The same way all companies test these claims. They sell it to a bunch of people, then they see whether the proportion of claims for failed data within 100 years is less than the profit made on the devices. If it is, then the device was a success, regardless of the actual ability to retain data:)
The chances are they will be using this to store records of arrests rather than evidence. Evidence tends to have a short lifespan anyway - except in a very few rare cases where the crime is solved decades later, most evidence is utilised within a couple of years (when the person is either caught or the case is marked unsolvable).
If you have important data that you need to store and you're using media that's guaranteed for 100 years but you wait 100 years to read/format shift it, you're asking for trouble anyway. Assuming these became cheap enough, why not back them all up every 20 years (and keep the last four sets of backups) for ultra-redundancy.
Slashdot Mirror
The problem is, how will companies learn and how will customers access those essential services in the meantime? Of course we could just not use the site, but then they'd likely see that as evidence that people didn't like online banking, not that their site was locking people out, and justify spending less on their site development (and probably supporting a smaller number of browsers) as a result. The real issue is that banks have a (fairly) essential service - they know they can dick you around and make you use a different browser and you'll accept it because you need to use the service, and let's face it, there's no real choice between them (they all care as little about the customer as the next bank).
Well I'd have guessed it was purely based on browser usage stats (how can we save money - oh yeah, let's drop support for the bottom 10% of our customers and make them jump through hoops to use our service - typical bank thinking) but then WebTV seems baffling. Are people really still using this in sufficient numbers to justify continued support? Or maybe the bank did some deal in the past to get WebTV users banking online and now they're forced to support it ad infinitum - whatever the reason there has to be something behind this other than the security FUD.
The other problem is they're pretty much all poor in one area or another. Leave your bank because you're not happy with their online presence and you'll pass someone moving from your new bank to your old one because they weren't happy with the opening hours, or the unauthorised overdraft fees, or the cheque clearing times, or the customer service. It's pretty much a confusopoly which ensures there's little real movement of customers.
He's talking about the Cannon Fodder clone which copies the "look and feel". Apple have yet to approve the Lemmings port, and I'd be surprised if they did since it's so well known and someone somewhere is likely to still have a vested interest in the rights and will pop up and challenge this.
I would argue that tendering postal deliveries to whoever can do it cheapest will result in a poorer level of service, but then I remembered all the times my mail got wrongly delivered, or just dumped outside my front door for the whole world to see, or outright lost or stolen, or the one time we got a letter from the postal service explaining that they were investigating our postman for fraudulently disposing of mail and they were sorry but were trying to recover the mail (and then over the course of the next week we got a bunch of fire damaged letters - I kid you not, the guy had been burning our mail instead of delivering it - stuck through the letterbox, luckily we weren't waiting on anything important at the time) - it'd be pretty hard for even private commerce to top those levels of poor service.
I'm sure they've calculated this down to the last penny, but I don't really see how it helps anyway. It's just going to shift more pressure onto the other days, and unless they're ridiculously overstaffed on those days, they'll need to hire extra capacity to deal with it. I don't see where the savings come in (I'm assuming they'll still be doing some sorting over the weekend so they don't save anything on plant costs, and X number of packages will always take X amount of time to deliver, no matter which day you deliver them on).
Definitely badly handled - how about the next time I restart the app, they just give me a splash screen explaining it's been flagged as... well, I don't know how to describe it since they even claim the app's not malicious, but I guess something along the lines of raising privacy concerns with a link through to a page explaining the issues and an option to allow or uninstall. That doesn't seem a problem - in fact make it a choice of the user when they first use the phone to decide if they want such flagged content automatically uninstalled or whether they preferred to be warned (by a system message immediately or by an email). There might be all kinds of legitimate reasons for wanting to keep a flagged app on the phone (security researcher, setting up a honey trap to trace people spreading malicious apps, etc), and I don't think it's any company's prerogative to remotely overrule that, whether the intention is purely benevolent or for financial/liability purposes.
Or they might, you know, point to the fact that it's not true. Hell, you don't even need to RTFA on this one, just RTFT(itle): "20 percent of Android apps can threaten privacy, says vendor". This is about the fact that apps give access to areas of the phone like web browsing, contacts, call notification (to be able to suspend, etc) and that there are privacy concerns. In no way does that even come close to malicious, in fact it's standard behaviour, this isn't a Google issue, all the other operating systems with user-installable apps do exactly the same thing, I think possibly the only difference is Google apps actually tell you in advance exactly which areas of the phone it needs access to, so at least you can make an informed judgement (i.e. why does this screensaver need access to my phone's dialler).
Just chalk this up to ITWorld being click-whoring sensationalist garbage and move on.
I guess the solution would be to allow some tweaking of position during the import process, if they wanted people to get this spot on (for most people close will perhaps be good enough).
Agreed, it happens probably a hell of a lot more than people think - although admittedly it's usually technicalities these days (evidence obtained with the wrong kind of warrant, or possibly contaminated or incorrectly processed, or some legal issue in the casework brought against the defendent) that are voiding people's convictions rather than ostensibly planted evidence. The reason for this isn't that the police have become more honest in the last 30 years (ha!), it's that there is a hell of a lot more scrutiny involved at every stage of the process, and for the vast majority of cases it's just not worth planting evidence, especially if the guy is definitely guilty. Better to let him go to court with flimsy evidence than risk voiding the whole process and throwing your career away by planting something more substantial.
The only way to tackle worldwide monetary deficits is by puring money down a huge hole until we eventually end up back at the bartering economic standard. If love of money is the root of all evil, these politicians are saintly indeed for disposing of it as quickly and pointlessly as possible, no? (Note: misunderstanding of money flows intentional for comedic effect).
Those examples are from 40 and 25 years ago
While I don't disagree that this is a massive waste of public money (I've always wondered why the bill for these events falls on the hosts - why not split it and that way everyone will be arguing for doing things on the cheap rather than insisting on the best knowing some other foo' is footing the bill and you'll probably be out of power when your country's turn comes around), I have to say that this kind of complacency is what makes terrorist attacks so effective. Terrorists will be looking for targets that haven't been hit for a long time and are less likely to expect it. There must be other ways of minimising costs and maximising security - teleconferencing seems to make the most sense to me - massively distributed user locations, extremely cheap to implement, completely re-usable. What we need to do is vote in more geeks who are comfortable with technology and don't believe you can only get the measure of a man by looking him in the eye, and we could have this solution up and running in a couple of years max.
Why even meet at all in that case? Teleconferencing, hell even some kind of virtual reality system so you get the feeling of being there, would probably be a cheaper option (certainly long term and likely even short term depending on how sophisticated it needs to be). I don't understand why, when everyone's being told to tighten their belts and save money, we persist in flying these people all over the world - and then they tend not to even reach any agreements.
I'd guess the venue is as much about schmoozing the media as anything else - make them traipse out into the middle of nowhere (and probably end up sleeping in camper vans if they're lucky, since the politicos have the only accommodation in the area) and you're not going to get favourable news reports. Of course there's also the logistics of getting all these diplomats safely from international airports out to the middle of nowhere and back, although hiring a fleet of helicopters would probably still come in much cheaper.
If I take a gun and walk around the streets popping heads like pumpkins, can I claim to be an independent researcher testing the police response to gun crime? At the very least the guy's a vigilante taking the law into his own hands (I'm sure the G20 have very expensive agencies testing their security, and you won't hear about those agencies because they're very good at their job and aren't busy dumping reports of security flaws onto a public forum where real bad guys can easily access them), at worst he's a terrorist. Either way he gets to have his day in court and plead the lesser offence and have his actions judged by a jury of his peers. What reasonable alternative do you suggest, leave him be and see what happens?
The 46 of them stood around and thought "thank god this didn't turn out to be a fortress full of armed nutjobs and we actually get to go home to our families tonight." When you're in a police armed response unit, a call-out that doesn't end in a mass shoot out is almost certainly considered a good result. Would it be better if they'd sent four cops, they got gunned down and the gunman escaped, or would you then be complaining about how stupid the police were for not taking a credible threat seriously?
I always thought it was illegal to listen into police chatter in the UK, but I noticed there's actually an app in the Android market place which allows you to do this, so I suspect they just perpetuate the myth that it's illegal when in fact it's not.
If I found they were using unencrypted radio chatter (and does he really know they don't have the ability to encrypt this when necessary, or that they're not encrypting the old fashion way by using misdirection and code words on an open channel), I might tell people about it. What I wouldn't do is tool up with weapons and bomb making components and tell the world I was going to put this security to the test. The first is being a responsible citizen, the second is being a loon, and while that's not specifically illegal we shouldn't be surprised if it leads said loon into situations where he is criminally culpable. Of course there's the chance the police are lying about the guns/bomb equipment so maybe we should wait to hear a more full account of the evidence, but they tend not to invent such charges when the entire world's media are watching them so I'd err on the loon explanation rather than the frame-up.
It's as patently absurd an excuse as those people who justify looking at child porn by claiming to be "hunting it down to report to the police" (incidentally, I never hear in those cases that the people arrested have previously reported X incidents of offending material that they've found in the past, they're always incredibly unfortunate to be discovered on their first attempt). If you're planning on helping out the police, the first thing you should do is speak to the police. The chances are they will tell you that they have everything under control and thanks, but they don't need your assistance.
If you really think there are big holes in the security, report it to their superiors or contact someone in the government about your concerns. If they agree and if they think your insight is worthwhile, they might even hire you as an official security consultant to test their security. The fact is, most people who claim they're only testing security are either Walter Mitty characters living out some deluded fantasy, or else they're people with bad intentions seeking to cover them up with a shield of ineptitude.
I know we tend to want to support the plucky underdog, and some guy "testing the security" of a political event such as this is awfully similar to the plucky hacker "testing the defences" of the Military's computers, but really, even if you have the very best of intentions, if you put yourself in a situation where you mirror the actions of the "bad" guys without the explicit consent of the "good" guys, don't be surprised when the "good" guys treat you like a "bad" guy. As you said, he'll get his day in court to argue his point (but the courts tend to frown on vigilantes just as much as the police), but really if his actions were merely to test security and he did so fully aware of and ready to accept the risks inherent, he should be happy he got caught and happy to take whatever punishment is meted out (as this both proves that security is better than expected and acts as a deterrent).
1) No mention of price in the article - if current 3g broadband setups are anything to go by, don't expect to see much of a GB allowance compared to standard 'wired' dsl
Indeed, most of the telcos in the Uk are now shying away from their initial "unlimited" (subject to FUP anyway) data packages in favour of tiered charges. 02 have gone from unlimited to 1GB per month plus £5 per 500MB above that (or else they throttle your connection if you're over your allowance). You're certainly not going to want it for streaming video or audio...
And the bigger question - in a post apocalyptic world, will retrieving 100 year old tax returns really be top of our list of priorities.
The same way all companies test these claims. They sell it to a bunch of people, then they see whether the proportion of claims for failed data within 100 years is less than the profit made on the devices. If it is, then the device was a success, regardless of the actual ability to retain data :)
Oblig: xkcd...
The chances are they will be using this to store records of arrests rather than evidence. Evidence tends to have a short lifespan anyway - except in a very few rare cases where the crime is solved decades later, most evidence is utilised within a couple of years (when the person is either caught or the case is marked unsolvable).
If you have important data that you need to store and you're using media that's guaranteed for 100 years but you wait 100 years to read/format shift it, you're asking for trouble anyway. Assuming these became cheap enough, why not back them all up every 20 years (and keep the last four sets of backups) for ultra-redundancy.