Readit News logoReadit News
ColoursofOSINT commented on Giphy is sharing your IP address and private data to 816 partners   twitter.com/illyism/statu... · Posted by u/illyism
ColoursofOSINT · 2 years ago
Giphy also does not have a privacy policy for their Firefox extension, but run an analytics script, which I wrote about and sent them an email to which they ignored me despite sending conformation of receiving it.

No way to know the data being collected, or opt out.

https://www.coloursofosint.com/posts/Investigating-Firefox-P...

ColoursofOSINT commented on German Court Fines Security Researcher for Reporting Company's Vulnerabilities   socket.dev/blog/ethical-h... · Posted by u/ankitdce
radu_floricica · 2 years ago
I'm not at my best to argue this, since it's evening here and I had a couple of glasses of wine with dinner. But my first instinct is to comment on how the case you're describing is at the edge of the law, where things are naturally fuzzy, as most borders are. So we're talking about an edge case of a metaphor - quite a bit removed from the main topic.

I stand by my previous example - a proper counter-example would be somebody reaching over the fence and stealing something. My main argument is that any password signifies a fence - be it a tall wall or a picket fence. Going beyond it is clearly not ok. Law and custom carve exceptions for white hats looking for security flaws - but both law and custom also specify how those white hats are supposed to behave. And a 3 day ultimatum followed by public disclosure is not it.

ColoursofOSINT · 2 years ago
> I'm not at my best to argue this, since it's evening here and I had a couple of glasses of wine with dinner.

And you probably shouldn't be, this is a internet discussion, don't let it interrupt your life.

My argument was not that the password wasn't a line not to be crossed, but that laws can be based on a sliding scale.

ColoursofOSINT commented on German Court Fines Security Researcher for Reporting Company's Vulnerabilities   socket.dev/blog/ethical-h... · Posted by u/ankitdce
radu_floricica · 2 years ago
First link is actually extending privacy outside the house. So it's very much not making fences fuzzy.

The second link is basically about the wavelength you use when looking at the outside of the house. Not surprisingly, it doesn't matter. This is common sense, not a revelation.

A challenge to my comment would be if a house had a picket fence, somebody came by and took a hoe from the yard, and a judge said "nah, it's not theft, the fence was too low, all he had to do was reach out and take it". That would be a proper counter-argument.

ColoursofOSINT · 2 years ago
What an interesting response.

You say essentially state that my information is not a “proper counter-argument.”, while in the same response argue that I am wrong because this is “this is common sense”, rather than any real response.

The court recognized there was a fence for privacy, but that is was applicable to certain situations, for example, the purpose of the recording. So it would be fine to record someone if they were in the background of your picture, but not if was for sexual purposes. Hence the numerous criteria to be considered. So its very much about making fences fuzzy, since they only apply to certain types of filming, the purpose, personal attributes....etc.

Thermal imaging and its effects on the fourth are not common sense. Thermal imaging was initially ruled to be fine, then appealed, ruled fine, then it ruled to not be fine, but only with a 5 - 4 ruling. With the dissenting opinion including “Heat waves, like aromas that are generated in a kitchen, or in a laboratory or opium den, enter the public domain if and when they leave a building.”

All you would have to do is read the Wikipedia article I gave to see that “Scalia's phrases "sense-enhancing technology" and "device that is not in general public use" in the Kyllo ruling have become influential in later rulings on police search procedures, but in an inconsistent fashion.[22] Several scholars and legal analysts noted the ambiguity in Scalia's use of those phrases.

To use your example, a police officer could “reach over” and see the illegal activity with his own eyes through a hole in your fence and that is legal. However, they could not use binoculars to get over your fence from a public area.

https://www.ojp.gov/ncjrs/virtual-library/abstracts/telescop...

ColoursofOSINT commented on German Court Fines Security Researcher for Reporting Company's Vulnerabilities   socket.dev/blog/ethical-h... · Posted by u/ankitdce
radu_floricica · 2 years ago
This is an old, old interpretation, and it is correct. You can't base law on a sliding scale like entropy. The value of the password is symbolic, not that it's easy or difficult - anything beyond a password is clearly private.

I don't love metaphors very much, but doing anything other than that opens the door to absurd defenses like "your honor, he left his wallet on the table when he went to the bathroom, it's obvious anybody can legally pick it up". Not to mention a cop favorite which is unfortunately in use: if you dare report a robbery, they'll fine you for not having your security system up to date. Yes, it's a thing. Does wonders for their closure rates.

It's not the height of the fence that makes it theft - it's that there is a fence at all.

ColoursofOSINT · 2 years ago
"You can't base law on a sliding scale like entropy."

I would disagree. Courts decide on the sliding scale. I am no lawyer, but in Canada and the USA you have a "A Reasonable Expectation of Privacy" [1].

For example, see thermal imaging use by police[2].

[1]: https://www.cwilson.com/a-reasonable-expectation-of-privacy/

[2]:https://en.wikipedia.org/wiki/Kyllo_v._United_States

ColoursofOSINT commented on Roundcube open-source webmail software merges with Nextcloud   phoronix.com/news/Roundcu... · Posted by u/mikece
coolliquidcode · 2 years ago
I think you think I'm someone else.
ColoursofOSINT · 2 years ago
You're correct, I'll retract my statement.

Both start with coll/cooll, I've got to increase my zoom apparently.

ColoursofOSINT commented on Roundcube open-source webmail software merges with Nextcloud   phoronix.com/news/Roundcu... · Posted by u/mikece
coolliquidcode · 2 years ago
Then I wouldn't use Roundcube either.
ColoursofOSINT · 2 years ago
What?

You said "i'm happy running it on my ...vps."

And now "Then I wouldn't use Roundcube either." So you're not running roundcube then?

Also, love how you said you loved roundcube because it works on "lightweight el cheapo VPS", and then backtracked once you found out it uses PHP.

ColoursofOSINT commented on Crypto-Themed NPM Packages Found Delivering Stealthy Malware   blog.phylum.io/crypto-the... · Posted by u/arsabulhaiue
ColoursofOSINT · 2 years ago
Would love to read the article but the website seems to be blocking VPNs.

Oh well.

https://web.archive.org/web/20231125231757/https://blog.phyl...

ColoursofOSINT commented on Sam Altman's sister, Annie Altman, claims Sam has severely abused her   lesswrong.com/posts/QDczB... · Posted by u/doener
squigz · 2 years ago
Out of curiosity, in this specific case, what sort of direct proof would satisfy you
ColoursofOSINT · 2 years ago
Something more than a few tweets would be a start.
ColoursofOSINT commented on Framework Laptop prices go as low as $639 thanks to refurbs and factory seconds   arstechnica.com/gadgets/2... · Posted by u/gslin
ColoursofOSINT · 2 years ago
Never doubt the ability of an Apple Fanboy to turn conversation into anything about Macs.

Either that or God tier trolling.

ColoursofOSINT commented on OpenAI's board has fired Sam Altman   openai.com/blog/openai-an... · Posted by u/davidbarker
ColoursofOSINT · 2 years ago
Can I add to the speculation train despite having no other information?
_

u/_susn

KarmaCake day427June 12, 2023View Original