soyagi

joined 1 year ago
[–] soyagi@yiffit.net 1 points 1 year ago (2 children)

Who said anything about challenging views all or most of the time?

The issue with constructive dissent is that if someone perceives an initial idea as bad, it cannot be dismissed or criticised; it has to be built on. Do we want things to be built on flawed foundations? We should be able to say "no" without being cast out from our own community.

[–] soyagi@yiffit.net 4 points 1 year ago (1 children)

I think we need to either redefine safe spaces, change people's expectations of them, or get rid of them entirely.

[–] soyagi@yiffit.net 7 points 1 year ago (1 children)

This is a very extreme example. I'm saying that more nuanced discussion and differences in views from within a community struggle in safe spaces.

[–] soyagi@yiffit.net 5 points 1 year ago (6 children)

I understand the concept. I'm saying that this way of working creates echo chambers.

[–] soyagi@yiffit.net 14 points 1 year ago (13 children)

Unfortunately, a lot of these safe spaces become echo chambers. People don't want to have their views challenged or try to see things from other perspectives. Many attempts at constructive dissent as mentioned in this post are discouraged and are generally unwelcome.

 

cross-posted from: https://yiffit.net/post/1251788

Archived version: https://archive.ph/KYO3X

On Thursday, two more lawsuits were filed against Western Digital over its SanDisk Extreme series and My Passport portable SSDs. That brings the number of class-action complaints filed against Western Digital to three in two days.

In May, Ars Technica reported about customer complaints that claimed SanDisk Extreme SSDs were abruptly wiping data and becoming unmountable. Ars senior editor Lee Hutchinson also experienced this problem with two Extreme SSDs. Western Digital, which owns SanDisk, released a firmware update in late May, saying that currently shipping products weren't impacted. But the company didn't mention customer complaints of lost data, only that drives could "unexpectedly disconnect from a computer."

Further, last week The Verge claimed a replacement drive it received after the firmware update still wiped its data and became unreadable, and there are some complaints on Reddit pointing to recent problems with Extreme drives.

All three cases (one, two, and three) filed against Western Digital this week seek class-action certification (Ars was told it can take years for a judge to officially state certification and that cases may proceed with class-wide resolutions possibly occurring before official certification). Ian Sloss, one of the lawyers representing Matthew Perrin and Brian Bayerl in a complaint filed yesterday, told Ars he doesn't believe class-action certification will be a major barrier in a case "where there is a common defect in the firmware that is consistent in all devices." He added that defect cases are "ripe for class treatment."

Familiar stories

Both complaints filed yesterday reference Lee's ordeal and Ars' reporting on the matter, and they share new accounts that sound similar to complaints we've seen reported online.

Perrin and Bayerl's complaint says Perrin bought "at least" eight SanDisk Extreme SSDs off Amazon, including 2TB and 4TB Extreme and 4TB Extreme Pro models, and that Perrin "lost all data stored on several SanDisk SSDs."

Similarly, Bayerl reportedly bought "at least two" Extreme SSDs, including a 4TB Extreme, off Amazon. The complaint claims the drives still had busted firmware:

Plaintiff Bayerl has experienced the failure of two drives within minutes of each other and is now reluctant to use SanDisk Extreme products. Due to the nature of his work and the data on the devices, Plaintiff Bayerl spent nearly $8,000 on only partially successful efforts to retrieve the data from the failed drives through various data recovery third parties. These efforts also determined that the issue was caused by faulty internal firmware on the drives.

Perrin and Bayerl's complaint mentions the 2TB Extreme, which Western Digital hasn't officially confirmed as an affected device. A separate complaint filed on Wednesday mentions the 500GB and 1TB Extreme-series and My Passport models, which Western Digital hasn't said are affected.

Here are the drives Western Digital has said are affected:

  • SanDisk Extreme Portable 4TB (SDSSDE61-4T00)
  • SanDisk Extreme Pro Portable 4TB (SDSSDE81-4T00)
  • SanDisk Extreme Pro Portable 2TB (SDSSDE81-2T00)
  • SanDisk Extreme Pro Portable 1TB (SDSSDE81-1T00)
  • Western Digital My Passport 4TB (WDBAGF0040BGY).

Perrin and Bayerl's complaint says that "the now-known issues with the defective SanDisk SSDs and significant risk of permanent data loss, has rendered the SanDisk SSDs worthless to individuals seeking reliable data storage."

"Worthless" is also used in the complaint filed Wednesday by Nathan Krum. The complaint filed Thursday on behalf of Saif Jafri also dubbed drives Western Digital named in its firmware update page, as well as the SanDisk Pro-G40 (PetaPixel recently claimed this drive broke after less than a month, but Ars has been unable to determine if the drive has a widespread problem), as "worthless."

Jafri's complaint says he bought an Extreme Pro (capacity not specified) because he was on an extended van trip and needed storage for drone footage, photos, and travel mementos. The drive reportedly "failed only a few weeks after" purchase.

"He had written data to the Drive no more than a handful of times, yet he nonetheless lost precious personal data," the complaint says.

The complaints also note that Western Digital's 30-day return and five-year warranty policies don't remedy lost data. The cases seek restitution, including damages, and for Western Digital to stop selling the affected drives until they're fixed or the problems are fully disclosed on all labels, packaging, and advertising.

Sloss told Ars that challenges of the case might include establishing how frequently drives failed after Western Digital shared its May firmware update.

"We believe the case is strong, that Western Digital’s response to the issue has been delayed, inadequate, and incomplete, and we believe people are continuing to purchase defective SSDs based on misleading information Western Digital has provided," Sloss said.

Sloss said that firms frequently agree to prosecute similar cases together, with one firm leading. He believes there could be even more law firms investigating claims that may file complaints against Western Digital.

Western Digital told Ars yesterday that it "does not comment on pending litigation."

 

Archived version: https://archive.ph/4QzFt

After 30 years, Simon* is facing the prospect of moving.

“I think we’ve been using their products since we built the house,” he says. “We’ve gone through dial-up and then eventually there was an ADSL connection.”

The Canberra-based iiNet customer has had the same email address since the 1990s. For millennials and younger, the notion of getting your email address from the company you pay for broadband might seem antiquated. Free online services such as Gmail, Hotmail, Outlook and others not tied to the internet provider are the default. It is now not uncommon for someone to set up their own email address in a domain of their choosing.

But in the nascent days of the internet before Google and Microsoft were the online internet behemoths, getting your email address from your internet service provider was the norm, and even attractive as a bundle package – and a way for internet providers to lock you into their service.

The cost for relatively small – by comparison to Google – companies to offer the service has gone up in server and administration costs without the economies of scale.

Australia’s largest internet provider – Telstra – ceased offering its Bigpond.com email addresses to new customers in 2016, shifting to using Telstra-branded email.

TPG – which owns brands that have historically offered email including iiNet all the way back to OzEmail – informed customers in July that it would migrate their email to a separate private service, the Messaging Company, by the end of November. Users will keep their exisiting email addresses on this service, and would get it free for the first year. After that, there will be options of paying for a service, or an ad-based free service after that.

The amount to be charged from next year has not yet been decided.

The announcement was met with outrage among users of the long-running web forum Whirlpool.

“It’s a shitty move. My wife has never set up a Gmail or Yahoo and only ever used her iiNet email address for her business as well as personal. This screws us royally,” one user said.

“Us oldies couldn’t start out using Gmail etc because they weren’t in existence 25 years ago,” another said.

“It’s a nightmare trying to change logins at many places.”

Simon too says he is not happy about the sudden shift, describing the move as “shrinkflation” given the change didn’t come with a reduction in his internet bill. He said he is still considering his options.

He says it is difficult as he viewed his email address as part of his identification, and with not everyone on social media, it’s also the only way some people might locate him.

“That email address is used to identify me in what I estimate to be probably 50 or 60 different locations,” he says. “I’ve sold a car on Carsales.com, I have a Gumtree account, Booking.com, Duolingo. I’ve got to go to all of those and say I’ve changed my email address.”

An RMIT associate professor in the school of engineering, Mark Gregory, says he is having to help move his father away from his iiNet email address.

“There’s going to be an impact on quite a few older people that took up some of those accounts with some of the companies that were absorbed by TPG,” he says. “I’m still at the stage where I’m trying to convince [my father] that he has to do it.”

Gregory says the shift reflects the changing business dynamics, and businesses looking to minimise costs. Even Google appears to be feeling the pinch, messaging its customers in recent weeks saying that accounts deemed inactive in the past two years could be deleted beginning 1 December 2023.

The other factor is the increasing security risk. Legacy systems, particularly those managed under a variety of absorbed companies, as with TPG, can over time become more at risk of a cybersecurity attack or breach. External providers who offer this service either in place of, or on behalf of the internet service provider are becoming seen as the more secure option.

Randall Cameron, the director of sales and marketing at AtMail, the parent firm of the Messaging Company, says there’s been a good opt-in rate for users wanting to keep their existing email addresses so far.

“When the bar tab that is TPG runs out, we’ve got to make sure people hang around. And if we say it’s now 20 bucks a drink they’re going to say, ‘Well, thanks, I’ll go somewhere else.’”

The Australian Communications Consumer Action Network chief executive, Andrew Williams, says that ultimately internet providers getting out of the email game is a good thing because it means customers don’t feel locked into one internet company. But it will take a while for people to get set up in new accounts if they decide to switch.

Gregory advises those who need to switch to a new account to start preparing now. That means figuring out which services you need to alert to switch to a new email address. “It’s not going to be as straight forward as some people might think, because when you’re talking to the older generation it becomes quite complex.”

TPG won’t say how many customers will be affected by the changeover, citing commercial confidentialities with the new email provider. A spokesperson says the strategic decision was made to allow TPG to focus on mobile and broadband services.

“Migrating our hosted email services to a specialist provider will ensure our customers have an updated and modernised webmail experience with the tools they require for all their email needs,” the spokesperson says.

“We appreciate this change could be challenging for some customers who have been with us a long time and thank them for their understanding and cooperation during this transition.”

There’s no sign Telstra will follow and stop providing services to its legacy Bigpond customers. While the company did not answer questions on how many still remained seven years after it stopped offering new accounts, the chief executive, Vicki Brady, said they were still very active.

“We have a really engaged Bigpond email customer base … which is why we made the decision to actually upgrade and make sure we had the right features and functions to be able to support their needs. So it’s absolutely important part of our broadband service for our customers.”

With the rise in data breaches, and the avalanche of spam and scams, the shift offers people the opportunity of a clean email slate, according to Andrew Williams, of the Australian Communications Consumer Action Network.

“Your email accounts do build up with a lot of redundant information over time,” he says. “So it’s a good opportunity to have a clean start and just really look at what was really important.”

*Name changed

 

cross-posted from: https://lemmy.world/post/3405817

Have to use Windows for work (I've asked), the ads have been getting worse and worse on my work laptop. Today got a game ad notification... That's clearly too far, right? Like I have to clear notifications, so I have to see it

 

Archived version: https://archive.ph/KYO3X

On Thursday, two more lawsuits were filed against Western Digital over its SanDisk Extreme series and My Passport portable SSDs. That brings the number of class-action complaints filed against Western Digital to three in two days.

In May, Ars Technica reported about customer complaints that claimed SanDisk Extreme SSDs were abruptly wiping data and becoming unmountable. Ars senior editor Lee Hutchinson also experienced this problem with two Extreme SSDs. Western Digital, which owns SanDisk, released a firmware update in late May, saying that currently shipping products weren't impacted. But the company didn't mention customer complaints of lost data, only that drives could "unexpectedly disconnect from a computer."

Further, last week The Verge claimed a replacement drive it received after the firmware update still wiped its data and became unreadable, and there are some complaints on Reddit pointing to recent problems with Extreme drives.

All three cases (one, two, and three) filed against Western Digital this week seek class-action certification (Ars was told it can take years for a judge to officially state certification and that cases may proceed with class-wide resolutions possibly occurring before official certification). Ian Sloss, one of the lawyers representing Matthew Perrin and Brian Bayerl in a complaint filed yesterday, told Ars he doesn't believe class-action certification will be a major barrier in a case "where there is a common defect in the firmware that is consistent in all devices." He added that defect cases are "ripe for class treatment."

Familiar stories

Both complaints filed yesterday reference Lee's ordeal and Ars' reporting on the matter, and they share new accounts that sound similar to complaints we've seen reported online.

Perrin and Bayerl's complaint says Perrin bought "at least" eight SanDisk Extreme SSDs off Amazon, including 2TB and 4TB Extreme and 4TB Extreme Pro models, and that Perrin "lost all data stored on several SanDisk SSDs."

Similarly, Bayerl reportedly bought "at least two" Extreme SSDs, including a 4TB Extreme, off Amazon. The complaint claims the drives still had busted firmware:

Plaintiff Bayerl has experienced the failure of two drives within minutes of each other and is now reluctant to use SanDisk Extreme products. Due to the nature of his work and the data on the devices, Plaintiff Bayerl spent nearly $8,000 on only partially successful efforts to retrieve the data from the failed drives through various data recovery third parties. These efforts also determined that the issue was caused by faulty internal firmware on the drives.

Perrin and Bayerl's complaint mentions the 2TB Extreme, which Western Digital hasn't officially confirmed as an affected device. A separate complaint filed on Wednesday mentions the 500GB and 1TB Extreme-series and My Passport models, which Western Digital hasn't said are affected.

Here are the drives Western Digital has said are affected:

  • SanDisk Extreme Portable 4TB (SDSSDE61-4T00)
  • SanDisk Extreme Pro Portable 4TB (SDSSDE81-4T00)
  • SanDisk Extreme Pro Portable 2TB (SDSSDE81-2T00)
  • SanDisk Extreme Pro Portable 1TB (SDSSDE81-1T00)
  • Western Digital My Passport 4TB (WDBAGF0040BGY).

Perrin and Bayerl's complaint says that "the now-known issues with the defective SanDisk SSDs and significant risk of permanent data loss, has rendered the SanDisk SSDs worthless to individuals seeking reliable data storage."

"Worthless" is also used in the complaint filed Wednesday by Nathan Krum. The complaint filed Thursday on behalf of Saif Jafri also dubbed drives Western Digital named in its firmware update page, as well as the SanDisk Pro-G40 (PetaPixel recently claimed this drive broke after less than a month, but Ars has been unable to determine if the drive has a widespread problem), as "worthless."

Jafri's complaint says he bought an Extreme Pro (capacity not specified) because he was on an extended van trip and needed storage for drone footage, photos, and travel mementos. The drive reportedly "failed only a few weeks after" purchase.

"He had written data to the Drive no more than a handful of times, yet he nonetheless lost precious personal data," the complaint says.

The complaints also note that Western Digital's 30-day return and five-year warranty policies don't remedy lost data. The cases seek restitution, including damages, and for Western Digital to stop selling the affected drives until they're fixed or the problems are fully disclosed on all labels, packaging, and advertising.

Sloss told Ars that challenges of the case might include establishing how frequently drives failed after Western Digital shared its May firmware update.

"We believe the case is strong, that Western Digital’s response to the issue has been delayed, inadequate, and incomplete, and we believe people are continuing to purchase defective SSDs based on misleading information Western Digital has provided," Sloss said.

Sloss said that firms frequently agree to prosecute similar cases together, with one firm leading. He believes there could be even more law firms investigating claims that may file complaints against Western Digital.

Western Digital told Ars yesterday that it "does not comment on pending litigation."

 

Archived version: https://archive.ph/9WPwx

The Sotheby's auction house has been named as a defendant in a lawsuit filed by investors who regret buying Bored Ape Yacht Club NFTs that sold for highly inflated prices during the NFT craze in 2021. A Sotheby's auction duped investors by giving the Bored Ape NFTs "an air of legitimacy... to generate investors' interest and hype around the Bored Ape brand," the class-action lawsuit claims.

The boost to Bored Ape NFT prices provided by the auction "was rooted in deception," said the lawsuit filed in US District Court for the Central District of California. It wasn't revealed at the time of the auction that the buyer was the now-disgraced FTX, the lawsuit said.

"Sotheby's representations that the undisclosed buyer was a 'traditional' collector had misleadingly created the impression that the market for BAYC NFTs had crossed over to a mainstream audience," the lawsuit claimed. Lawsuit plaintiffs say that harmed investors bought the NFTs "with a reasonable expectation of profit from owning them."

Sotheby's sold a lot of 101 Bored Ape NFTs for $24.4 million at its "Ape In!" auction in September 2021, well above the pre-auction estimates of $12 million to $18 million. That's an average price of over $241,000, but Bored Ape NFTs now sell for a floor price of about $50,000 worth of ether cryptocrurrency, according to CoinGecko data accessed today.

Investors previously sued Bored Ape creator Yuga Labs, four company executives, and various celebrity promoters including Paris Hilton, Gwyneth Paltrow, Kevin Hart, Snoop Dogg, Serena Williams, Madonna, Jimmy Fallon, Steph Curry, and Justin Bieber. The original class-action was filed in December 2022, and Sotheby's was added as a defendant in an amended complaint submitted on August 4.

Yuga describes its collection of 10,000 Bored Ape NFTs as "unique digital collectibles living on the Ethereum blockchain" that double as a "Yacht Club membership card." The website has some "members-only" areas. "When you buy a Bored Ape, you're not simply buying an avatar or a provably rare piece of art," the NFT collection's website says. "You are gaining membership access to a club whose benefits and offerings will increase over time. Your Bored Ape can serve as your digital identity, and open digital doors for you."

Lawsuit: Yuga “colluded” with Sotheby’s

The amended lawsuit alleges that "Yuga colluded with fine arts broker, Defendant Sotheby's, to run a deceptive auction." After the sale, a Sotheby's representative described the winning bidder during a Twitter Spaces event as a "traditional" collector, the lawsuit said.

The lawsuit said it turned out the auction buyer was now-bankrupt crypto exchange FTX, whose founder Sam Bankman-Fried is in jail awaiting trial on criminal charges. Ethereum blockchain transaction data shows that after the auction, "Sotheby's transferred the lot of BAYC NFTs to wallet address 0xf8e0C93Fd48B4C34A4194d3AF436b13032E641F3,77 which, upon information and belief, is owned/controlled by FTX," the complaint said. Speculation that FTX was the buyer had been percolating since at least January 2023.

The lawsuit alleges that Yuga Labs and Sotheby's violated the California Unfair Competition Law, the California Corporate Securities Law, the US Securities Exchange Act, and the California Corporations Code. The plaintiffs also claim that Sotheby's Metaverse, an NFT trading platform opened after the auction, "operated (or attempted to operate) as an unregistered broker of securities."

"FTX has several deep ties to Yuga such that it would be mutually beneficial for both Yuga and FTX (as well as Sotheby's) if the BAYC NFT collection were to rise in price and trading volume activity. Upon information and belief, given the extensive financial interests shared by Yuga, Sotheby's and FTX, each knew that FTX was the real buyer of the lot of BAYC NFTs at the Sotheby's auction at the time that Sotheby's representatives were publicly representing that a 'traditional' buyer had made the purchase," the lawsuit said. FTX is not named as a defendant.

Ape prices soared, then plummeted

After the auction, the price of Bored Ape digital assets hit a new high and kept rising for months. It peaked at over $420,000 in April 2022 but plummeted to about $90,000 six weeks later, according to CoinGecko.

The class action lawsuit's named plaintiffs are Johnny Johnson, Ezra Boekweg, Mario Palombini, and Adam Titcher. They are trying to get certification of a class consisting of "all investors who purchased Yuga's non-fungible tokens ('NFTs') or ApeCoin tokens ('ApeCoin') between April 23, 2021 and the present." There were over 103,000 account holders of Yuga securities as of December 1, 2022, the lawsuit said.

"While the Executive Defendants made hundreds of millions of dollars, investors were left with NFTs worth a fraction of their artificially inflated value," the original version of the complaint in December said.

Yuga and other defendants have a September 12 deadline to file motions to dismiss the complaint. Sotheby's told CNN this week that the "allegations in this suit are baseless, and Sotheby's is prepared to vigorously defend itself." Yuga Labs similarly called the allegations "completely without merit or factual basis."

 

Matthieu Ricard is an ordained Buddhist monk and an internationally best-selling author of books about altruism, animal rights, happiness and wisdom. His humanitarian efforts led to his homeland’s awarding him the French National Order of Merit. (Ricard’s primary residence is a Nepalese monastery.) He was the Dalai Lama’s French interpreter and holds a Ph.D in cellular genetics. In the early 2000s, researchers at the University of Wisconsin found that Ricard’s brain produced gamma waves — which have been linked to learning, attention and memory — at such pronounced levels that the media named him “the world’s happiest man.”

 

Do you sometimes get frustrated at how slow your computer's operating system can be? Now is your chance to prove that you could do a better job!

Behold the nerdiest game ever, in which YOU are the operating system! As such, you have to manage the computer's processes, memory and input/output events, and try not to get rebooted by an impatient user. Good luck!

 

Archived version: https://archive.ph/3vfmc

How much ink does an all-in-one printer need in order to fax a document? Or to scan one to your computer? The obvious answer is "none." But if you own certain printers from companies like HP and Canon, you won't be able to use core features unless the device has ink—even if those features have nothing to do with ink.

Unfortunately, all-in-one printers arbitrarily demanding ink to perform non-printing functions isn't a new frustration. And that's despite some companies having printers that can scan without ink. Clearly, scanning or faxing without requiring an ink cartridge would improve users' experience—and they've illustrated that through class-action lawsuits. But this hasn't stopped printer makers from fighting to keep the nettlesome practice.

No ink, no scan

Since mid-2022, HP has been fighting a class-action lawsuit alleging that certain all-in-one printer models won't scan or fax without ink and that HP doesn't properly disclose this to shoppers. On January 13, 2023, the complaint was dismissed but allowed to be amended (you can view the amended complaint here: [PDF]), and on August 10, a Northern District of California judge dismissed HP's motion to dismiss the amended complaint [PDF].

HP Envy 6455e and HP Deskjet 2655 purchasers Gary Freund and Wayne McMath filed the complaint, which states that HP printers are designed to enter an error state when low or out of ink, preventing usage until the installment of a new ink cartridge. The plaintiffs are also peeved that HP marketing and advertising doesn't clearly disclose this, the complaint says. The complaint also notes that an HP support agent has said that HP printers are "designed in such a way that with the empty cartridge or without the cartridge the printer will not function."

"HP’s All-in-One Printers do not work as advertised. Ink is not a necessary component to scan or to fax a document," the complaint reads.

It adds:

Tying the scan or fax capabilities of the All-In-One Printers to ink contained in the devices offers no benefit and only serves to disadvantage and harm consumers financially. However, tying the scan or fax capabilities of the All-In-One Printers to ink contained in the devices does, however [sic], serve to benefit HP.

Anyone who's owned an inkjet printer knows how expensive ink can be. That suggests a reason to push people to buy ink through tactics like blocking core features if no ink is present and reportedly selling printers below cost. Ink-buying programs have also become cash cows. HP in 2021, for example, said its Instant Ink subscription business was worth $500 million, per CRN. In its Q2 2023 financial report, HP named Instant Ink a key growth area.

The complaint against HP says:

Indeed, HP designs its All-in-One printer products so they will not work without ink. Yet, HP does not disclose this fact to consumers. … Even were it technically possible to scan a document without all ink cartridges present, HP does not disclose any 'workaround' to consumers in any of the product packaging nor in any of HP’s advertising and marketing materials regarding its multi-function devices.

The complaint seeks monetary damages as well as the end of HP's "misleading advertising and marketing campaign" and for HP to "engage in a corrective campaign to inform consumers of the misleading advertising."

Here are all the HP printer models listed in the complaint:

  • HP Deskjet 2755e
  • HP DeskJet 3755
  • HP DeskJet 4155e
  • HP ENVY 6055e
  • HP ENVY 6075
  • HP ENVY 6455
  • HP ENVY Pro 6475
  • HP OfficeJet 250 Mobile
  • HP OfficeJet Pro 7740 Wide Format
  • HP OfficeJet Pro 8025
  • HP DeskJet 2622
  • HP DeskJet 2655

HP declined to comment on this story.

Canon's doing it, too

HP isn't the only company demanding ink for scans and faxes. It's not even the only one that has faced litigation over it.

As noticed by The Verge, Canon back in March settled a class-action lawsuit [PDF] stating that Canon all-in-one printers can't scan or fax with low or empty ink cartridges and its "advertising claims are false, misleading, and reasonably likely to deceive the public."

The settlement terms weren't disclosed, and Canon didn't respond to Ars Technica's request for comment. But here are the models listed in that complaint:

  • MAXIFY GX7020
  • MAXIFY GX6020
  • PIXMA TS3520
  • PIXMA G3260
  • PIXMA G7020
  • PIXMA G2260
  • PIXMA MX330
  • PIXMA MX452
  • PIXMA TS9520
  • PIXMA TR8620
  • PIXMA TS6420
  • PIXMA TS6320
  • PIXMA TR4520
  • PIXMA MG3620
  • PIXMA MG2522
  • PIXMA TS3320
  • PIXMA TR7020
  • PIXMA TS9521C
  • PIXMA TS8320
  • PIXMA TR8520
  • PIXMA TR7520
  • "and any and all predecessor models"

Similarly to the HP situation, representatives on Canon's support forum allegedly confirmed that certain all-in-one printer models require "all ink tanks installed and they must all contain ink in order to use the functions of the printer" and that "there is no workaround for this."

However, the posts that are linked to in the complaint (here and here) as of November 22, 2022, have a comment from a moderator saying, "It's possible to scan with an empty ink tank or cartridge." The support page provides instructions for disabling the function that detects ink levels.

Canon didn't explain why its printers ever required ink to scan in the first place. But the company has at least agreed to instruct users on disabling the ink requirement, which is better than where HP is currently.

Semantics prioritized over customers

As of this writing, HP doesn't seem to be working toward enabling its printers to scan and fax without ink. When trying to get the complaint dismissed, HP claimed that support agents who said printers are designed to not scan without ink don't represent HP and were not referring to printer models owned by the complaint's plaintiffs.

The printer industry has long had an issue with customer trust. HP, for instance, has bricked third-party ink (and issued other problematic printer firmware updates), along with the company's controversial HP+ program and region-locked printers . HP has already paid settlements for abruptly bricking third-party ink via its Dynamic Security "feature."

The Verge noticed that HP at least changed its language for the Envy 6455e's Amazon product page to say that you can "print, scan, and copy from your phone—from whenever, wherever" to "print, scan, and copy from your phone—from anywhere."

Such semantic games feel more like HP seeking a loophole than trying to please customers.

Such corporation-first tactics may be why Epson thinks it's dunking on competitors with its own support page dedicated to this topic. It reads, "Since 2008, all Epson printers will scan even when there is little or no usable ink left in the cartridge."

But, as is often the case with printers, a sneaky little caveat could abruptly ruin your day. As the support page also states:

However, all of the genuine Epson cartridges must be installed in the printer, even if depleted of usable ink and the printer displays the replace cartridge message.

So you still need an Epson ink cartridge to scan. If you happened to have tossed your ink cartridge when it became useless, your all-in-one printer could be virtually useless, too. (Epson didn't respond to a request for comment.)

It's alarming that printer makers know customers feel swindled and confused—but won't eliminate the problematic design. Printer vendors have become too bold in expecting customers to accept wordplay, settlements, and confusing support responses. Class-action lawsuits may light a fire under these companies, but it shouldn't be up to disgruntled customers to complain to support agents, lawyers, and judges.

If printer companies can't deliver a reliable, easy experience, customers will have no choice but to consider alternatives.

 

Archived version: https://archive.ph/eSuy1

A few months ago, an engineer in a data center in Norway encountered some perplexing errors that caused a Windows server to suddenly reset its system clock to 55 days in the future. The engineer relied on the server to maintain a routing table that tracked cell phone numbers in real time as they moved from one carrier to the other. A jump of eight weeks had dire consequences because it caused numbers that had yet to be transferred to be listed as having already been moved and numbers that had already been transferred to be reported as pending.

“With these updated routing tables, a lot of people were unable to make calls, as we didn't have a correct state!” the engineer, who asked to be identified only by his first name, Simen, wrote in an email. “We would route incoming and outgoing calls to the wrong operators! This meant, e.g., children could not reach their parents and vice versa.”

A show-stopping issue

Simen had experienced a similar error last August when a machine running Windows Server 2019 reset its clock to January 2023 and then changed it back a short time later. Troubleshooting the cause of that mysterious reset was hampered because the engineers didn’t discover it until after event logs had been purged. The newer jump of 55 days, on a machine running Windows Server 2016, prompted him to once again search for a cause, and this time, he found it.

The culprit was a little-known feature in Windows known as Secure Time Seeding. Microsoft introduced the time-keeping feature in 2016 as a way to ensure that system clocks were accurate. Windows systems with clocks set to the wrong time can cause disastrous errors when they can’t properly parse timestamps in digital certificates or they execute jobs too early, too late, or out of the prescribed order. Secure Time Seeding, Microsoft said, was a hedge against failures in the battery-powered onboard devices designed to keep accurate time even when the machine is powered down.

“You may ask—why doesn’t the device ask the nearest time server for the current time over the network?” Microsoft engineers wrote. “Since the device is not in a state to communicate securely over the network, it cannot obtain time securely over the network as well, unless you choose to ignore network security or at least punch some holes into it by making exceptions.”

To avoid making security exceptions, Secure Time Seeding sets the time based on data inside an SSL handshake the machine makes with remote servers. These handshakes occur whenever two devices connect using the Secure Sockets Layer protocol, the mechanism that provides encrypted HTTPS sessions (it is also known as Transport Layer Security). Because Secure Time Seeding (abbreviated as STS for the rest of this article) used SSL certificates Windows already stored locally, it could ensure that the machine was securely connected to the remote server. The mechanism, Microsoft engineers wrote, “helped us to break the cyclical dependency between client system time and security keys, including SSL certificates.”

Simen wasn’t the only person encountering wild and spontaneous fluctuations in Windows system clocks used in mission-critical environments. Sometime last year, a separate engineer named Ken began seeing similar time drifts. They were limited to two or three servers and occurred every few months. Sometimes, the clock times jumped by a matter of weeks. Other times, the times changed to as late as the year 2159.

“It has exponentially grown to be more and more servers that are affected by this,” Ken wrote in an email. “In total, we have around 20 servers (VMs) that have experienced this, out of 5,000. So it's not a huge amount, but it is considerable, especially considering the damage this does. It usually happens to database servers. When a database server jumps in time, it wreaks havoc, and the backup won’t run, either, as long as the server has such a huge offset in time. For our customers, this is crucial.”

Simen and Ken, who both asked to be identified only by their first names because they weren’t authorized by their employers to speak on the record, soon found that engineers and administrators had been reporting the same time resets since 2016.

In 2017, for instance, a Reddit user in a sysadmin forum reported that some Windows 10 machines the user administered for a university were reporting inaccurate times, in some cases by as many as 31 hours in the past. The Reddit user eventually discovered that the time changes were correlated to a Windows registry key in HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W32Time\SecureTimeLimits. Additional investigation showed that the time changes were also linked to errors that reported valid SSL certificates used by the university website were invalid when some people tried to access it. The admin reached the following conclusion:

TLDR: Windows 10 has a feature called Secure Time which is on by default. It correlates time stamp metadata from SSL packets and matches them against time from the DCs. It processes these various times by means of black magic and sets the system clock accordingly. This feature has the potential to flip out and set the system time to a random time in the past. The flip out MIGHT be caused by issues with SSL traffic.

Other examples of people reporting the same behavior—for example, here and here—date back to 2016, shortly after the rollout of STS. More recent reports of harmful STS-induced time changes are here, here, and here.

“We've run into a show-stopping issue where time on a bunch of production systems jumped forward 17 hours,” one Reddit user wrote. “If you've been in the game more than a week, you know the havoc this can cause.”

STS primer

To determine the current time, STS pulls a set of metadata contained in the SSL handshake. Specifically, the data is:

  • ServerUnixTime, a date and time representation showing the number of seconds that have elapsed since 00:00:00 UTC on January 1, 1970
  • Cryptographically signed data obtained from the remote server’s SSL certificate showing whether it has been revoked under a mechanism knowns as the Online Certificate Status Protocol.

Microsoft engineers said they used the ServerUnixTime data “assuming it is somewhat accurate” but went on to acknowledge in the same sentence that it “can also be incorrect.” To prevent STS from resetting system clocks based on data provided by a single out-of-sync remote server, STS makes randomly interspersed SSL connections to multiple servers to arrive at a reliable range for the current time. The mechanism then merges the ServerUnixTime with the OCSP validity period to produce the smallest possible time range and assigns it a confidence score. When the score reaches a sufficiently high threshold, Windows classifies the data as an STSHC, short for Secure Time Seed of High Confidence. The STSHC is then used to monitor system clocks for “gross errors” and correct them.

Despite the checks and balances built into STS to ensure it provides accurate time estimates, the time jumps indicate the feature sometimes makes wild guesses that are off by days, weeks, months, or even years.

“At this point, we are not completely sure why secure time seeding is doing this,” Ken wrote in an email. “Being so seemingly random, it’s difficult to [understand]. Microsoft hasn't really been helpful in trying to track this, either. I've sent over logs and information, but they haven't really followed this up. They seem more interested in closing the case.”

The logs Ken sent looked like the ones shown in the two screenshots below. They captured the system events that occurred immediately before and after the STS changed the times. The selected line in the first image shows the bounds of what STS calculates as the correct time based on data from SSL handshakes and the heuristics used to corroborate it.

The “Projected Secure Time” entry immediately above the selected line shows that Windows estimates the current date to be October 20, 2023, more than four months later than the time shown in the system clock. STS then changes the system clock to match the incorrectly projected secure time, as shown in the “Target system time.”

The second image shows a similar scenario in which STS changes the date from June 10, 2023, to July 5, 2023.

Simen, meanwhile, said he has also reported the time resets to multiple groups at Microsoft. When reporting the problems on Microsoft’s feedback hub in May, he said, he received no company response. He then reported it through the Microsoft Security Response Center in June. The submission was closed as a “non-MSRC case" with no elaboration.

The engineer then tapped a third party specializing in Microsoft cloud security to act as an intermediary. The intermediary relayed a response from Microsoft recommending STS be turned off when the server receives reliable timekeeping through the Network Time Protocol.

“Unfortunately, this recommendation isn't publicly available, and it is still far from enough to stop the wrongly designed feature to keep wreaking havoc around the world,” Simen wrote in an email.

Warning: STS will “bite you in the butt”

Simen said he believes the STS design is based on a fundamental misinterpretation of the TLS specification. Microsoft’s description of STS acknowledges that some SSL implementations don’t put the current system time of the server in the ServerUnixTime field at all. Instead, these implementations—most notably the widely used OpenSSL code library starting in 2014—populate the field with random values. Microsoft’s description goes on to say, “We have observed that most servers provide a fairly accurate value in this field and the rest provide random values.”

“The false assumption is that most SSL implementations return the server time,” Simen said. “This was probably true in a Microsoft-only ecosystem back when they implemented it, but at that time [when STS was introduced], OpenSSL was already sending random data instead.”

While official Microsoft talking points play down the unreliability of STS, Ryan Ries, whose LinkedIn profile indicates he is a senior Windows escalation engineer at Microsoft, wasn’t as reticent when discussing STS on social media last year.

“Hey people,” he wrote. “If you manage Active Directory domain controllers, I want to give you some UNOFFICIAL advice that is solely my personal opinion: Disable Secure Time Seeding for w32time on your DCs.” When someone asked him why, Ries responded, “Because it's just a matter of time—wink—before it bites you in the butt.”

A Microsoft representative emailed the following statement several hours after this post went live on Ars:

Secure Time Seeding feature is a heuristic-based method of time keeping that also helps correct system time in case of certain software/firmware/hardware timekeeping failures. The feature has been enabled by default in all default Windows configurations and has been shown to function as intended in default configurations.

Time distribution is unique to each deployment and customers often configure their machines to their particular needs. Given the heuristic nature of Secure Time Seeding and the variety of possible deployments used by our customers, we have provided the ability to disable this feature if it does not suit their needs. Our understanding is that there are likely unique, proprietary, complex factors in deployments where customers are experiencing Secure Time Seeding issues and these customers do not benefit from this feature as it is currently implemented. In these isolated cases, the only course of action we can recommend is to disable this feature in their deployments.

We agree that the overall direction of technology with the adaption of TLS v1.3 and other developments in this area could make Secure Time Seeding decreasingly effective over time, but we are not aware of any bugs arising from their use. This technology direction also makes heuristic calculation of time using SSL/TLS far less attractive when compared to deterministic, secure time synchronization.

We continue to investigate how to best secure time synchronization on the Internet and welcome customer input on how to best meet their future needs.

The mystery continues

As Simen noted earlier, it's not clear precisely what causes STS to make the errors sometimes but not always.

"This is what really strikes me as odd," Simen wrote. Microsoft "know the field they look at might contain random data, so my guess is that their implementation breaks down when this is skewed so that most/all implementations they communicate with contains random data rather than just some."

HD Moore, CTO and co-founder at runZero, speculated that the cause is some sort of logic bug in Microsoft code. On Signal, he wrote:

If OpenSSL has been setting random unix times in TLS responses for a long period of time, but this bug is showing up infrequently, then it's likely harder to trigger than just forcing a bunch of outbound TLS connections to a server with bogus timestamp replies—if it was that easy, it would happen far more frequently.

Either the STS logic requires different root certificates as the signer, or some variety in the hostnames/IPs, or only triggers on certain flavors of random timestamp (like values dividable by 1024 or something).

It smells like a logic bug that is triggered infrequently by fully random timestamps (32-bit) and likely just some subset of values and with some other conditions (like multiple requests in some period of time to multiple certs, etc.).

There are other means to ensure server clocks remain accurate, Moore said:

[Clock-setting] seems like something better handled through NTP, or at least through a trusted TLS connection to a known endpoint operated by the vendor (time.windows.com and friends). The super lazy (but arguably safer) way to get a trusted timestamp is something like: ❯ curl -s -vvv https://www.microsoft.com/4040 2>&1 | grep -i '< date:'< date: Wed, 16 Aug 2023 04:37:31 GMT.

Second-ish precision, and if you lock the HTTP client to a short list of trusted CA roots for the target domain, pretty hard to mess with. I used something similar forever ago on Linux systems where the clock would go wrong often—set the hwclock to the HTTP response timestamp of a known good server, then run NTP, which would succeed since the clock was close enough to be within the boundary check—otherwise NTP would fail since the clock was too far off.

As the creator and lead developer of the Metasploit exploit framework, a penetration tester, and a chief security officer, Moore has a deep background in security. He speculated that it might be possible for malicious actors to exploit STS to breach Windows systems that don't have STS turned off. One possible exploit would work with an attack technique known as Server Side Request Forgery.

Microsoft’s repeated refusal to engage with customers experiencing these problems means that for the foreseeable future, Windows will by default continue to automatically reset system clocks based on values that remote third parties include in SSL handshakes. Further, it means that it will be incumbent on individual admins to manually turn off STS when it causes problems.

That, in turn, is likely to keep fueling criticism that the feature as it has existed for the past seven years does more harm than good.

STS “is more like malware than an actual feature,” Simen wrote. “I’m amazed that the developers didn’t see it, that QA didn’t see it, and that they even wrote about it publicly without anyone raising a red flag. And that nobody at Microsoft has acted when being made aware of it.”

[–] soyagi@yiffit.net 9 points 1 year ago

A spokesperson told Bloomberg that the fee will "help cover the costs of running a separate infrastructure and measuring its effectiveness." So a significant part of the fee is to pay for measuring it? What's that phrase about the bureaucracy expanding to meet the needs of the expanding bureaucracy again...?

 

Archived version: https://archive.ph/hroNJ

Bradley Cooper is facing criticism for performing in “Jewface” after the release of the trailer for his biopic of Leonard Bernstein, which revealed the facial prosthetics he employed for the role.

Bernstein, the son of Jewish-Ukrainian immigrants to the US, was a hugely talented conductor and composer, best known for writing the music for West Side Story as well as composing three symphonies and becoming music director of the New York Philharmonic. Cooper, who directs, co-writes and stars in Maestro, is not Jewish, and can be seen in the trailer with a noticeably prominent fake nose opposite Carey Mulligan, who plays Bernstein’s wife Felicia Montealegre.

British actor and activist Tracy-Ann Obermann criticised Cooper on social media, writing: “If [Cooper] needs to wear a prosthetic nose then that is, to me and many others, the equivalent of Black-Face or Yellow-Face … if Bradley Cooper can’t [play the role] through the power or acting alone then don’t cast him – get a Jewish Actor.”

Obermann added, referencing Cooper’s performance on stage in 2014 as John Merrick in The Elephant Man: “Bradley Cooper managed to play the ELEPHANT MAN without a single prosthetic then he should be able to manage to play a Jewish man without one.”

The Hollywood Reporter’s chief TV critic Daniel Fienberg called the prosthetics “problematic” when photos from the set emerged in May, and subsequently described the film as “ethnic cosplay”.

In a statement posted on social media, Bernstein’s children Jamie, Alexander, and Nina defended Cooper, saying: “It breaks our hearts to see any misrepresentations or misunderstandings of [Cooper’s] efforts … Bradley chose to use makeup to amplify his resemblance, and we’re perfectly fine with that. We’re also certain that our dad would have been fine with it as well.”

The controversy follows objections to the casting of Cillian Murphy as nuclear physicist J Robert Oppenheimer – again, a non-Jewish actor playing a notable Jewish figure – in the biopic directed by Christopher Nolan, with David Baddiel describing such casting as “complacent” and “doubl[ing] down” on “Jewish erasure”. Baddiel also criticised the casting of Helen Mirren as Israeli prime minister Golda Meir, writing in the Guardian that “over a period of extreme intensification of the progressive conversation about representation and inclusion and microaggression and what is and isn’t offensive to minorities, one minority – Jews – has been routinely neglected”.

 

Archived version: https://archive.ph/hroNJ

Bradley Cooper is facing criticism for performing in “Jewface” after the release of the trailer for his biopic of Leonard Bernstein, which revealed the facial prosthetics he employed for the role.

Bernstein, the son of Jewish-Ukrainian immigrants to the US, was a hugely talented conductor and composer, best known for writing the music for West Side Story as well as composing three symphonies and becoming music director of the New York Philharmonic. Cooper, who directs, co-writes and stars in Maestro, is not Jewish, and can be seen in the trailer with a noticeably prominent fake nose opposite Carey Mulligan, who plays Bernstein’s wife Felicia Montealegre.

British actor and activist Tracy-Ann Obermann criticised Cooper on social media, writing: “If [Cooper] needs to wear a prosthetic nose then that is, to me and many others, the equivalent of Black-Face or Yellow-Face … if Bradley Cooper can’t [play the role] through the power or acting alone then don’t cast him – get a Jewish Actor.”

Obermann added, referencing Cooper’s performance on stage in 2014 as John Merrick in The Elephant Man: “Bradley Cooper managed to play the ELEPHANT MAN without a single prosthetic then he should be able to manage to play a Jewish man without one.”

The Hollywood Reporter’s chief TV critic Daniel Fienberg called the prosthetics “problematic” when photos from the set emerged in May, and subsequently described the film as “ethnic cosplay”.

In a statement posted on social media, Bernstein’s children Jamie, Alexander, and Nina defended Cooper, saying: “It breaks our hearts to see any misrepresentations or misunderstandings of [Cooper’s] efforts … Bradley chose to use makeup to amplify his resemblance, and we’re perfectly fine with that. We’re also certain that our dad would have been fine with it as well.”

The controversy follows objections to the casting of Cillian Murphy as nuclear physicist J Robert Oppenheimer – again, a non-Jewish actor playing a notable Jewish figure – in the biopic directed by Christopher Nolan, with David Baddiel describing such casting as “complacent” and “doubl[ing] down” on “Jewish erasure”. Baddiel also criticised the casting of Helen Mirren as Israeli prime minister Golda Meir, writing in the Guardian that “over a period of extreme intensification of the progressive conversation about representation and inclusion and microaggression and what is and isn’t offensive to minorities, one minority – Jews – has been routinely neglected”.

[–] soyagi@yiffit.net 5 points 1 year ago

I did use the cross-post feature. Many apps do not recognise or acknowledge cross-posting yet which might explain why this article may have appeared multiple times for you.

 

Archived version: https://archive.ph/Feh55

For two years, workers have embraced the concept of “quiet quitting,” as they reject hustle-culture and prioritize work-life balance.

But for a long time, you’ve probably known co-workers who are the “noisier cousins” of quiet quitters — they’re sometimes called “loud laborers,” a term coined by André Spicer, an organizational behavior professor and dean of Bayes Business School.

These are employees who place more emphasis on making their work known, rather than “focusing on the work itself,” said Nicole Price, a leadership coach and workplace expert.

“They use various methods of self-promotion, talking more about what they are doing or plan to do rather than getting on with their tasks.”

According to Price, there are two easy ways to tell who’s a loud laborer: You don’t see much work getting done, and they talk “an awful lot” about the work they are “doing.”

“Loud laborers are often quite politically savvy and are very active on professional social networks, where they publicize their tasks and achievements,” she added.

Vicki Salemi, a career expert at jobs portal Monster.com, makes the distinction between someone who confidently asserts themselves at work and a loud laborer: “The former picks and chooses when to speak up to shine a spotlight on their work.”

“Whereas the latter may crave attention and love to hear themselves talk even when it was nothing extraordinary, they were simply doing their jobs,” she added.

Why some workers ‘focus on visibility and self-promotion’

Why do loud laborers exist?

“Believe it or not, some people talk too much about their accomplishments — or lack thereof — because they lack self-esteem or are insecure. Therefore, they overcompensate,” explained Price.

“Also, some people are motivated by external rewards and recognition rather than the inherent satisfaction of the work itself. This can lead to a focus on visibility and self-promotion in order to attract these rewards.”

Salemi pointed out that these workers may feel the need to self-promote constantly because they are not getting the recognition or attention from bosses or colleagues.

“Or it could be the other extreme: they’re overly confident about their work and brag about it, but here’s the thing — there are stellar performers, but boasting about every project every day is usually not exemplary,” she added.

Impact on team dynamics

Unfortunately, if you are a loud worker, your behavior could negatively impact your team and even your career, experts said.

“It can be ingratiating and put people off, especially your peers, to always toot your own horn,” said Salemi.

Furthermore, a 2021 study found that having a self-promotion climate within work groups can “diminish work group cohesion.”

Loud laborers may create a work environment where visibility and self-promotion are valued more than actual results, which could demotivate employees who are quieter or prefer to let their work speak for itself, said Price.

“The constant self-promotion may create an atmosphere of competition rather than collaboration,” she added.

“It may lead to an imbalance in perceived effort and recognition, which could impact team morale negatively.”

What you can do about loud laborers

While loud laborers in the workplace may be irksome, it is important to set boundaries as best you can, said Salemi.

“If you’re leading a team call or participating on one and your colleague won’t be quiet about something irrelevant … you can say, ‘I want to be aware of everyone’s time — we only have 10 minutes left, so we need to be direct about the work itself only.’”

For Price, loud working is persistent in a workplace because such behavior has been rewarded or validated by leadership.

“A leader can ensure that all team members are evaluated on their actual performance and not just their ability to promote themselves,” she explained.

“This encourages everyone to focus on their work and helps to ensure that quieter team members are recognized for their contributions.”

Here’s what she suggests companies and leaders can do to tackle loud workers in the workplace:

  1. Recognize effort, not just showmanship

Often the quiet and unflashy work is what keeps an organization running.

Leaders should look beyond the noise and recognize the contributions of those who may not be as vocal about their work. This encourages a culture where actual productivity and results are valued, not just visibility.

  1. Understand different work styles

Some are more vocal about their efforts, while others are quieter and more focused on the tasks at hand.

A good leader should value and acknowledge both approaches, recognizing that different styles can contribute to a diverse and effective team.

  1. Communicate and provide feedback

If you notice a team member who consistently emphasizes their work more than the actual results, have a conversation with them about it, Price advised.

Provide constructive feedback that encourages a balance between self-promotion and productive work. This not only helps the individual but benefits the whole team.

[–] soyagi@yiffit.net 16 points 1 year ago (2 children)

This was originally published in 2021 so I wonder why it has a new article.

https://www.iflscience.com/fully-intact-dinosaur-embryo-found-inside-fossilized-egg-62004

[–] soyagi@yiffit.net 6 points 1 year ago

This exact article was posted here 16 hours ago: https://lemmy.world/post/3034605

This bot should see when a link has already been posted and not duplicate it. Similarly, some kind of automod should prevent the same article being posted twice.

[–] soyagi@yiffit.net 6 points 1 year ago (2 children)

This exact article was posted here yesterday: https://lemmy.world/post/2956248

[–] soyagi@yiffit.net 4 points 1 year ago

Very sad to see this level of gatekeeping in a rather small, slow and quiet community. Good luck to you.

[–] soyagi@yiffit.net 1 points 1 year ago (1 children)

As you've been very diligent reporting errors and suggesting changes to map data, have you ever considered contributing to OpenStreetMap? You might like helping by using the app Every Door on iOS, for example.

view more: next ›