It never occurred to me before reading this comment that there actually is a use case for the execute permission. To me it was always just this annoying thing I have to do whenever I download an executable which I didn’t have to do on Windows.
The problem is, using a computer is pretty much essential to function in this world, I actually know more people who would run any file sent to them without a second thought because they wouldn’t know better, but they still need to use a computer.
I think a better solution is to give better training to people about computer hygiene at the workplace.
I work for a large IT company so we’ve had numerous such training courses, but then they use third party services for time reporting, manager evaluation, cloud services, personal finance advice, etc. so I regularly get emails with links to domains that I’ve never heard about that I’m supposed to trust…
That’s what happens when executives don’t listen to IT…
The company I currently work for host everything at the building they own. The CEO doesn’t understand much about IT, but his attitude is “I trust your integrity and your expertise, so I’ll approve anything you ask me within reason if it will improve security and reliability.”
I work in a big international company. We regularly have phishing (email) awareness training. But they outsource about everything and regularly change the providers. So we often get totally legit emails from just some random companies and are supposed to visit/ login to some previously unknown domains.
Lazarus’ Operation DreamJob, also known as Nukesped, is an ongoing operation targeting people who work in software or DeFi platforms with fake job offers on LinkedIn or other social media and communication platforms.
Looks like they’re going after desperate job seeking crypto bros. Even if it’s not terribly effective, it’s a spray and pray, so they probably got some people.
When it comes to location tracking and many other things, data retention and use policies are just a useful distraction from the real problem which is that they're able to collect the data at all.
Sadly it does not matter. The company could keep the battle going for close to a decade until there is a final decision. It is financially draining and you have to give up a lot of time in order to attend the hearings (or even travel to the correct jurisdiction).
Firstly, imposing on someone else’s intellectual property is not “illegal”, because that usually refers to crimes. This is a civil issue, as in the some company is demanding the dev stops or else they’ll sue him or something.
Secondly, it doesn’t really matter whether the dev is “right” or could prevail against a legal claim - because you just wouldn’t bother trying. Imagine you have an ok job, take care of your family, and made this plugin on a whim just because you can. Your days are full of taking your kids to the park, spending time with your wife, playing around with your hobbies, that stuff. Maybe you’re not wealthy, but your salary is enough to look after your family and make your mortgage repayments. Then Haier threatens to sue you, and although you could likely prevail mounting a defense would probably cost you a years worth of mortgage repayments. Maybe you could represent yourself but that might take a years worth of saturdays writing and responding to legal stuff that you don’t really know much about. Bear in mind that there’s no financial support from the open source community.
It just doesn’t really matter whether Haier has a legit claim.
Yeah, you’re right, that’s the problem. That system makes sense if big corpos use it to “test” each other for copyright infringement, but when an individual gets involved they just get steamrolled wether they’re in the right or not, since the system assumes they have a team of lawyers on retainer in order to work as intended.
My thoughts exactly. I still remember when the reversed engineered codes for the classic GTAs were out (RE3), all GitHub forks were quickly taken down.
Not a lawyer; would this likely stand up in court? Obviously I wouldn’t risk it were I the dev, but just curious.
It’s pathetic that I’ll happily recommend my Emporia Vue2 energy monitor to folks running HA — not because it works out of the box, but because the company is aware of the community integration projects and seems ok with it, even if they don’t actually support it. (ESPHome Firmware flash gives you local control — It’s been pretty great!)
Not a lawyer; would this likely stand up in court?
I’m not a lawyer either, but I don’t think so.
The developer of this Home Assistant integration is German. European law allows people to reverse engineer apps for the purpose of interoperability (Article 6 of the EU software directive), so observation of the app’s behaviour or even disassembling it to create a Home Assistant integration is not illegal.
In general, writing your own code by observing the inputs to and outputs from an existing system is not illegal, which is for example how video game emulators are legal (just talking about the emulator code itself, not the content you use with it).
If it’s a Terms of Service violation, it’d be the users that are violating the ToS, not the developer. In theory, the Home Assistant integration could have been developed without ever running the app or agreeing to Haier’s Terms of Service, for example if the app is decompiled and the API client code is viewed (which again is allowed by the EU software directive if the sole purpose is for interoperability).
The code in this repo is likely original Python code that was written without using any of Haier’s code and without bypassing any sort of copy protection, so it’s not a DMCA infringement either.
I’m sure the “millions lost” is their theoretical earnings they are “losing” by not being able to monetize the data they collect, spy on users to determine their habits so that they can introduce features that charge for things that are standard today, loss of ad revenue, etc.
We’ve hit a point where since everything collects as much data as they can to be mined, anything that interrupts that stream is now a felony corruption of business model.
it’s like when they compute losses for pirated content, just assuming every download would be equivalent to a Golden Edition Purchase at the highest price charged in their history, when in reality they’d be lucky to convert 1% of those downloads into sales.
I know they are not the best but I put in Mr cool and then ditched their dongle for one built with esphome. Now I have total local control and native Home Assistant control.
Woah I would never do it and would never tell you that I did it because I 100% didn’t do it. The fact there are two new repos in my github is totally a coincidence.
And I thought Chamberlain was bad for intentionally breaking MyQ integrations. This is downright absurd. I guess Haier can lose some more potential business.
I’m still so upset about Chamberlain disabling my smart garage with all that (I’m not about to use their damn app).
Thankfully the open source community have reverse engineered something but still, now I have to spend $40 because Chamberlain got butt hurt that people didn’t want to use their app.
bleepingcomputer.com
Newest