Google crossed a threshold last month where over 50% of their users accessed it via IPv6.
If you were wondering if this would be a good time to make your service available over IPv6: yes. Yes, it would.
Ow, ow, ow. A car pulled mostly through the crosswalk before their light turned and they got stuck. I started crossing the street behind it when the owner panicked and started to back up. I reflexively whacked their trunk with my hand to make them stop. The driver rolled down their window and yelled at me for slapping their car. I resisted the urge to practice amateur, ad-hoc orthodontia.
I think I bruised my wrist, though. Ow. Ow. Ow.
Pentesters: there’s a fine line between diligence and being freaking annoying. Last year a tester found that our auth provider’s SDK generated a sensitive one-time-use URL for our client to connect to their server with, over TLS. I’m still dealing with this dumb finding, which pissed me off so badly that I fired the testing firm and switched to someone else this year.
Do be diligent, but don’t pick stupid hills to die on.
Currently reading: Beowulf: A New Translation by Maria Dahvana Headley 📚
Finished reading: The Random Universe by Andrew H. Jaffe 📚
I won the Internet! My blog post was shared to Hacker News and was #1 on the page at the same time my karma hit 31337.
Getting the Flock out
I wrote to Flock’s privacy contact to opt out of their domestic spying program:
I am a resident of California. As such, and because you are subject to the CCPA, delete all information about me, my vehicle, and other household members from all of your databases. I do not give you permission to collect or store data about me, my vehicles, or my relatives, in any future situation.
[Me] [My address]
They replied today:
Dear [misspelled name, i.e. not copied and pasted],
Your request cannot be completed at this time.
Dear [misspelling again],
Thank you for submitting your privacy request. At this time, we are unable to process this request for the reasons detailed below.
Flock Safety provides its services to our customers, and our customers are owners and controllers of the data Flock Safety processes on their behalf. Flock Safety processes data as a service provider and processor for our customers and as a result, we are unable to directly fulfill your request. We recommend contacting the organization that engaged Flock Safety’s services to submit your request, as they are responsible for assessing and responding to it.
Here are a few additional points about Flock Safety’s data collection and privacy practices:
- Customer Contracts: Flock Safety’s processing activity as a service provider and processor is governed by the contract we have with our customers, which captures their instructions and the limitations on how Flock Safety may process their data. Flock Safety’s customers own the data and make all decisions around how such data is used and shared.
- No Sale of Data: Because Flock Safety’s customers own the data, Flock Safety may only process the data in accordance with our customer’s instructions, as outlined in our contracts with customers. Flock Safety is not permitted to sell, publish, or exchange such data for our own commercial purposes.
- Information Collected: Where Flock Safety’s customers leverage License Plate Reader (LPR) technology, the LPRs do not process sensitive information like names or addresses. Instead, LPRs only capture images of publicly available and visible vehicle characteristics that are taken in the public view.
- Purpose: Flock Safety customers use data for security purposes, including managing public safety or responding to safety concerns and reports. Additionally, such data may be used to help solve crimes and provide objective evidence.
- Retention: By default, Flock Safety’s systems only retain data for 30 days, which means that any data collected on behalf of customers is permanently hard deleted on a rolling 30 day basis. Flock Safety customers are able to adjust this retention period based on their local laws or policies.
For more information about how Flock Safety processes data, please refer to our Privacy Policy and LPR Policy.
Thank you,
Flock Safety Privacy Team
I think that’s legally inaccurate. They’re the entity collecting and processing my personally identifiable information, and my non-lawyer reading of the California Consumer Privacy Act (CCPA) would seem to obligate them to comply with my request. I haven’t decided to engage a lawyer yet, but neither have I ruled it out.
I’m playing Silent Hill F, which is beautiful, well made, and playable for up to 30 minutes per day until I get the heebie jeebies and have to put it down.
In certain forums I frequent, some people developed the habit of commenting on other users that “this sounds like AI wrote it”. Confession: I downvote every one of those. This blog you’re reading at this moment is 100% handwritten. I haven’t used AI to write a single word or edit a single sentence. It’s wholly, completely, my work. Yet, one tool I tested labeled it “about 30% slop”, apparently because I enjoy punctuation and sentences longer than 4 words. I have no patience for that.
Huh, whatever could that be?
It looks promising.
Awww, yeah.
