NHacker Next
- new
- past
- show
- ask
- show
- jobs
- submit
login
That means there are probably a lot of great plate names up for the taking that people are just assuming are taken. You'd need to call the DMV to verify.
Hopefully Florida's web page does not have that limitation.
(It could say "React," but still, the interesting part is that you built a scraper/visualizer, not that it used React.)
Whole thing was incredibly fucked up.
Interesting to see how much more thorough the Wikipedia page is now.
> "Parson described the journalist as a “perpetrator” who “took the records of at least three educators, decoded the HTML source code, and viewed the Social Security number of those specific educators” in an “attempt to steal personal information and harm Missourians.”"
>The password to this database was stored unencrypted in an executable file of the middleware product and was the same for all Modern Solution customers
>Modern Solution then reported the security researcher to the police, who searched his home and confiscated his work equipment
>The programmer has thus been sentenced to a fine of 3,000 euros and must bear the costs of the proceedings
⸻
1. Within some limitations: certain types of creative works, most notably typefaces, are excluded from copyright law, although it was determined that digital font files that describe the outlines of the characters are programs and thus eligible for copyright. Bitmap font files on the other hand, as an expression of a typeface design are not eligible for copyright.
2. Although works created by federal employees as part of their job are explicitly excluded from copyright protection.
3. Note though, that the timing of the registration impacts what you can sue for. If registration takes place after the infringement you can only sue for actual damages, but if it takes place before the infringement you can sue for punitive damages.⁴
4. I should add the obligatory disclaimers that all of the above only describes US copyright law and also I’m not a lawyer (although I did used to watch Law and Order a lot) so everything in this comment could quite likely be completely wrong.
"Nonprofit hires woman, but she quits after a few days, asks for pay for that time; they refuse, and things get worse from there. But! They don’t turn off her email access to a board member’s email. She and a friend comb through the account, download internal documents, and then ask for a lot of money. Federal crime? Third Circuit: Not until they actually revoked her access."
As a direct result, anything and everything can be a crime (e.g. violating a private company's Terms & Conditions), and the punishments are completely disproportionate to the actual criminality.
See the AT&T/iPad data leak, where AT&T were leaking private information on the internet with no security checks at all. Someone found it, told the press, who in turn told AT&T, but the FBI still investigated it as a "crime", raided their home, charged them with "conspiracy to access a computer without authorization." AT&T go no punishment at all.
See the AT&T/iPad data leak, where AT&T were leaking private information on the internet with no security checks at all. Someone found it, told the press, who in turn told AT&T, but the FBI still investigated it as a "crime", raided their home, charged them with "conspiracy to access a computer without authorization." AT&T go no punishment at all.
Should they have had better security? Yes. Was the vulnerability extremely basic? Yes. Doesn't change much, a vulnerability was used to dump a bunch of private data.
That's not nuance; the information was publically available on the internet without any security. Even search engines had indexed it before it was patched.
> They then went ahead and scraped as much as they could.
They told the press instead of releasing it.
> AT&T did not leak the information, Andrew did!
So AT&T dumping it all onto the open internet without any security isn't culpable, but the person who let the press know that their information was available to everyone is. That's quite an interesting take.
I'm struggling to see the nuance... You just repeated back what I already said, but added that you dislike the person personally, which is absolutely fine, but we're talking about miscarriages of justice not running a popularity contest. If you feel like they committed other crimes (which they likely did per Wikipedia), that is unrelated to THIS supposed crime.
> Was the vulnerability extremely basic? Yes.
There was no vulnerability. You just needed to request a record from a public web-server, which the server happily provided with no extra steps.
Let me ask this: When you request e.g. google.com, and they return a HTTP response, why is that not a "vulnerability?" Because we'd both agree it objectively is not. So then, why, when AT&T provides a URL with information they're meant to keep private but available to the public, and you then request it, that is suddenly a "vulnerability?"
Here is the actual URL you needed to call:
https://dcp2.att.com/OEPNDClient/openPage?IMEI=0&ICCID=<consecutive id>
You just needed to take any iPad's ICC ID and +1 for the next customer's record. So what is the "vulnerability?" Being able to count consecutively?
It's an easy trap to fall into (we all want consequences for shitty people), but it's also a blurry line to hold.
"First they came…"
Don't forget that the cost is not only the bureaucratic fee; you also have to buy a vintage Aston Martin or Lotus, to display the plate.
Does a kit car count? You can build a Lotus for around the cost of a Honda civic. Like a Lotus 7.
I wonder if the Danish system would prevent ÆØÅ and AEOA from both being registered. Would the Danish system Match "ÆØÅ" if someone input "AEOA"? There are unicode normalization rules, but I wonder if systems would be built to handle that. If you're Danish, you'd just use those letters so it wouldn't be a useful feature. If you're English, you wouldn't often encounter those letters so it wouldn't be a useful feature.
I would assume the UK has worked out a way of dealing with this having had plenty of years of foreign plates being driven around the country.
Any Danish license plate driven in the UK will almost certainly have to a be an EU style plate with the blue band on the left with the "DK" country code. If someone needs to send a fine to the registered owner of this plate I'd guess they'd be handing over the camera footage/images to a contact in the relevant country and letting them confirm what the exact plate is.
(There may be some weird exemptions for old classic/vintage cars that can continue to be driven on their original number plates, in which case you really don't know who to contact.)
The UK is very strict on license plates. I don't think there's any valid reason for driving a car without some form of a license plate on display (cars being driven on trade plates placed in the front/rear windscreens are the closest thing I can think of). I'd expect the UK Police to pull over any car that didn't have plates on it if they spotted it. It's certainly considered very suspicious in the UK if a car is missing either of its plates.
There are plenty of examples of normal ANPR cameras failing to capture plates properly. Or even sillier examples like this: https://www.bbc.co.uk/news/uk-england-somerset-58959930
This story got referenced by the associated Government body here: https://videosurveillance.blog.gov.uk/2021/10/27/the-camera-...
Similarly, I've been flashed for speeding in France, which does have cameras adjusted to my plates' size, but they also didn't bother sending a ticket. Germany - on the other hand - will send you a ticket, but since they allow Ö, Ü, etc. on their plates, their system can probably handle Æ, Ø and Å as well.
Edit: Obviously, they don't bother to a degree; severe infractions will obviously make local law enforcement do something, but it's a rather manual process. Most countries are signatures to a treaty, that recognises other countries' plates.
Based on my experience, the UK approach is to not even bother and try and collect fines from owners of foreign registered vehicles. They do sell them to some private company that has been sending me scary letters for 10 years soon.
⸻
1. Although some specialty plates end up having suffixed letters, usually shown on the plate stacked.
But don't despair! Depending on how crappy the cam's firmware is, NULL might just do the trick.
I started thinking about it when someone parked next to me in a nearly-identical model - same brand, year, etc, the only difference was some roof accessory - and a nearly identical license plate. (Think ABC D12 and ABC E12). I started trying to open their car door, and was confused until I noticed some things in their front seat that were clearly not ours.
Later that week, I was shopping around for car tires, and saw that some shop - PepBoys or something - let you punch in your license plate and let you know what kind of tires you need, and that their API response included the car make and model. I thought about poking around it, and seeing if there was a pattern to the way my state assigned license plates, but never got around to it.
(They live in town, too, and I've seen where they park. I should go introduce myself to our car twin.)
They have a license plate checker on their site. I don't live in the states, therefore I don't have a plate to check. Or do I..... HY in Florida....
@lafond - do you own a 2010 Subaru Legacy with the 2.5L SOHC engine?
Eventually a screwdriver works for both.
https://en.wikipedia.org/wiki/Vehicle_registration_plates_of...
The short plate came back to bite me: Years after I had moved to another state, an automatic license plate reader on a toll road (91 Express Lanes) in Los Angeles misread someone else's plate as mine. It was kafkaesque: My public records request for photographic evidence was blocked because, if I was correct that the offending driver was not me, the law prohibits the release of records revealing others' driving patterns.
The other plates available when I did a similar search were BO and IR. In retrospect IR wasn't a bad choice.
I emailed government employees until I figured out who was responsible for license plate records. I submitted a CORA (Colorado Open Records Request) for the entirety of their dataset. I had hoped to get the data on some regular cadence to build a simple online service for others. Unfortunately, they flat out refused and wouldn't discuss options.
When I told my family what license plate I wanted, they laughed at me and said "No one has that, just go get it". And so I did and it worked. I now have what I consider to be the best possible license plate in Colorado: "LCNZPLT"
Occasionally I'll see someone walk by my car, see the plate, think for a few seconds and then start laughing. Mission accomplished!
LCNSPL8
They're not. Both are bad, but at least there's some utility to LLMs.
Next steps would be to make it LLM assisted and to generate common number/letter replacement combos
Most endpoints now only give you a list pre generated numbers to choose from, AND that endpoint is rate limited to the tits with reCaptcha. No more script kiddies.
Personally, I wouldn't pay extra every year to have an easily recognizable vehicle.
I've never actually used that account, because there are too many anonymous Bart Simpsons (and old people who don't understand email addresses) who use that one.
The shitty thing is that I use Google Apps for Your Domain (a.k.a. Dasher/GSuite) to get around this. For years, things like Photos and Music were stuck to my useless Gmail account, because the PMs involved never bothered going through the approvals to get those things to work on custom domain accounts (which Google ret-conned to be for businesses only).
A lot of these are resolved now, but there are still frustrating places where it comes up:
- I pay twice for YouTube Music - once for myself, and once for my family. I can't share my account with them, because it's attached to my domain name.
- I similarly can't join their Google Home accounts to do things like have my voice recognized when I visit them.
- Gemini CLI thinks I'm a business and quotas me like one.
I'm sure it differs between countries but in the UK vanity plates have become reasonably contentious.
As a gross generalisation they're fine if the car is worth hundreds of thousands or the plate itself is worth hundreds of thousands.
The UK plate "F1" last sold for just under £1m (about US$1.3m) over 10 years ago and it's rumoured that there are offers for ten times that from someone who wants to buy it now.
It comes down to a classic British issue of "class", which is inherently difficult to explain.
If you have the money to have, say, a Ferrari 250 GTO then you can do what the hell you like with it, including getting a vanity plate for it. You are rich enough that you don't care what anyone else thinks about you. Anyone seeing you and that car will know you are rich.
If you have the money to spend close to £1m on a plate like "X1" and decide to put it on beat up 15 year old 1.2 litre Ford Focus then, again, it shows you have stupid amounts of money and some delicious irony in putting it on an old beater of a car.
But if don't have a supercar and you get a relatively cheap vanity plate like "RMZ 1327" and stick it on a Range Rover Evoque that's only a couple of years old then it just shows that you're trying too hard and just aspire to be seen as rich. You don't have enough money for a really nice car, or a really exclusive vanity plate.
I guess the other way of looking at it is that people who don't have the money to get a vanity plate aspire to being able to do so as it would mean they have more money than they have now. Once they get to having that amount of money most realise that the money is best spent elsewhere (or not spent at all). Once they have so much money that having a vanity plate is inconsequential to their finances they may as well do it. So it's natural that some people want to pretend they've reached the "rich" state by buying a vanity plate preemptively - the problem is that this is so easy to spot it just looks gauche.
All of this obviously doesn't apply to countries where vanity plates aren't traded for stupid amounts like famous pieces of art.
It's interesting to see how luxury brands have different segments of clothes that range from no logos at all to a huge alligator the size of your chest, depending on whether you need to announce to the world that you made it or if you just want to have access to good quality clothes.
(One classification of "upper class" is someone who has never had to buy their own furniture because they inherit it and pretty much everything else they need.)
Also, my vanity plate is $0 more than a normal plate. Why wouldn't I?
No price difference for the yellow on black plate when you want personalized.
In the most ironic twist of all - Ontario did away with license plate renewals a few years ago, and now, I would actually consider a vanity plate..
I've always wondered if a regular plate was better for avoiding speeding tickets - a vanity plate is much easier to validate, IMHO.
The issue turned out to be drain covers in the field of the view of the cameras, which the system was detecting belonged to car 11111.
The Frost Report sketch explains it quite well:
https://youtu.be/9XmB59Ax4cE
Lol, wasn't slavery outlawed in the US, or were some states still allowed to keep it? That's absolutely bananas if true.
The contention is about how much they’re paid per hour.
Sorry, do you have a source for that? The requirement to work is a major point of contention, and a very quick check with this[1] directly contradicts your claim in the federal system: "Sentenced inmates are required to work if they are medically able. Institution work assignments include employment in areas like food service or the warehouse, or work as an inmate orderly, plumber, painter, or groundskeeper. Inmates earn 12¢ to 40¢ per hour for these work assignments."
[1] https://www.bop.gov/inmates/custody_and_care/work_programs.j...
> Institution work assignments include employment in areas like food service or the warehouse, or work as an inmate orderly, plumber, painter, or groundskeeper.
Meaning some prisoners work in the kitchen preparing food for other inmates, others are on clean up duty, and so on. You could argue that nobody in prison should have to participate in anything inside their community and that’s a valid debate to be had.
In my state, the jobs that provide things outside of prison are applied for.
> They work as cooks, dishwashers, janitors, groundskeepers, barbers, painters, or plumbers; in laundries, kitchens, factories, and hospitals. They provide vital public services such as repairing roads, fighting wildfires, or clearing debris after hurricanes. They washed hospital laundry and worked in mortuary services at the height of the pandemic. They manufacture products like office furniture, mattresses, license plates, dentures, glasses, traffic signs, athletic equipment, and uniforms. They cultivate and harvest crops, work as welders and carpenters, and work in meat and poultry processing plants.
> From the moment they enter the prison gates, they lose the right to refuse to work. [...] More than 76 percent of incarcerated workers report that they are required to work or face additional punishment such as solitary confinement, denial of opportunities to reduce their sentence, and loss of family visitation, or the inability to pay for basic life necessities like bath soap. They have no right to choose what type of work they do and are subject to arbitrary, discriminatory, and punitive decisions by the prison administrators who select their work assignments.
[1] https://www.aclu.org/wp-content/uploads/publications/2022-06... (relevant quotes are found on page 5)
Not 100% true it seems, but happy for someone else to correct me.
> Prison labor in the US is mostly optional - https://en.wikipedia.org/wiki/Penal_labor_in_the_United_Stat...
https://en.wikipedia.org/wiki/Thirteenth_Amendment_to_the_Un...
https://en.wikipedia.org/wiki/Private_prison
This a good reminder to all Americans to read the Constitution. The amount of bizarre understandings (not necessarily this one) that I see is very high.
[1] the only excluded bit is the followup "Congress shall have power to enforce this article by appropriate legislation." Without this, the power to enforce the 13th Amendment would be left up to the states due to the 10th Amendment ("The powers not delegated to the United States by the Constitution, nor prohibited by it to the States, are reserved to the States respectively, or to the people."), which would have slightly useless given the whole war that had just been fought over some states wanting to keep slavery.
Is it that the latter can be called "slavery" that makes people upset?
So it's not about which one is worse, it's about not supporting something that could lead to corruption or an unfair system.
Often that reason is "too poor to afford proper representation" or "looked vaguely like the actual criminal" or "took a plea bargain because the justice system was threatening them with an immorally-long wait for a trial and a likely worse outcome".
Often it is not.
Often, they too are a victim of our judicial system, and we can't just ignore them due to the peers we locked them in with.
You didn't, but I'm taking your stance to its logical conclusion.
GP: > they shouldnt be paid at all. they're in prison for a reason. they have a debt to society.
Your response: > Often that reason is "too poor to afford proper representation" or "looked vaguely like the actual criminal" or "took a plea bargain because the justice system was threatening them with an immorally-long wait for a trial and a likely worse outcome".
Be that as it may, this is our system. Through a series of laws we have defined due process for our people, and people who end up in prison are a result of this due process. Like it or not this is the best we were able to do.
If we are going to say prisoners should be given more privileges because some prisoners do not deserve to be in there, then why are we holding them in a prison to begin with? Being confined to prison is a thousand times more punitive than not receiving pay for making a license plate.
A better reason for arguing that prisoners should be paid for their work is because it is more humane. That's a better argument than some people are in prison unjustly.
I'm actually in favor of prison reforms. Prisons' number one goal should be to reduce recidivism. I see that as the entire point of the prison system: reducing crime. If a person leaves prison and re-offends, we have failed to do our job.
Practically everyone in human history since the dawn of time has had to go out and produce something of value. Why, all of a sudden, should a murderer or rapist get to sit on their ass and consume what we all produce? I find nothing questionable about a humble job for them at all.
I do find that questionable.
Prisoners already lack freedom in many aspects. "Sitting on their asses" like if they were sipping cocktails on a beach is a bit a misrepresentation don't you think? I wouldn't exchange the possibility to move and do what I want for possibly any amount of money, nor for being able to "sit on my ass" in that sense. Would you?
Besides the moral arguments - which I will say, they are so obvious that it feels incredible even having to discuss why enslaving prisoners is wrong - you can make economic arguments. For example, that having cheap or borderline unpaid labor compresses the salary in that market, or that this system creates a dysfunctional incentive to increase prison population for private profits.
Maybe that's why the US is one of the countries with the highest incarcerated population in the world. The highest among western and larger countries.
I understand though there is a cultural barrier. I am from Europe and in most countries here prison has a rehabilitation purpose, which is what most benefits society, and prisons are not private entities.
1. Why should they be restricted to ludicrously low wages? If they're producing something of value, they should be compensated. Not only is it morally wrong to, you know, enslave people, on a more practical level it would be very helpful for people who are leaving prison after serving their sentence to actually have some money saved up, so they have better opportunities, to avoid recidivism.
2. The reason they can sit on their ass and consume what they produce is that they effectively become wards of the state. They're still human beings, and if we have decided to incarcerate them, we become responsible for them, and they still have rights as human beings.
A humble job is fine; I'm not saying they should be sitting in an aeron chair bullshitting on Slack for 8 hours a day. But slavery for pennies on the hour is wrong.
Then we have people who demand to double down on the punishment and wonder why these people never stop breaking the law.
Americans are a marvelous bunch. Thanks Dog I live in a first world country.