Title is difficult to decipher, here’s what it’s about:
> A new report on old privacy incidents [2017] suggests that at least one Nintendo leak came from a Google employee showing off private YouTube videos to a friend.
"Nintendo leak: Google employee accessing private YouTube videos" would be clearer. Showing those videos "only" to a friend isn't really that relevant.
The friend is quite relevant. There is no expectation of a video stored on a Google system being private to Google employees, but there is an expectation that they will not take that information outside of Google.
> There is no expectation of a video stored on a Google system being private to Google employees
"No expectation" of it not being available to "some" employees maybe, but there is certainly ways to restrict access to only a need-to-know employees. Ideally no employees at all unless some sort of automated monitoring system flags it or there is an outside report.
Just like some social networks, I would "expect" only security and moderation people would have access to profiles but there are always stories of entire companies having unrestricted access.
It's unclear from the article where the access boundaries are in this case.
There should be auditing of such access as well. Companies need to post videos early in order to be sure they are available as soon as they launch a product. I wonder what kind of insider trading opportunities this has created for Google employees.
The private information is shared with Youtube/Google, so the assumption is that anyone who is an agent of Google is in on the secret. If it must only be in the hands of one or a small group of people at Google, you'd best go to those individuals directly, not through the overarching entity of Google as a proxy.
> so the assumption is that anyone who is an agent of Google is in on the secret
I think there is a difference here between "expectation" and "assumption".
Without the ability to do a third-party audit I agree the only reasonable assumption to make is that everyone is in on the secret and when dealing with sensitive information it should always be the assumption you go with.
However, as an expectation, I expect SaaS and social network providers (and by extension most of the HN crowd) to be better.
There may be a difference, but it seems you have them flipped. It is a reasonable assumption to think that they have controls to limit who is able to see information[1], but one must go in with the expectation that every acting agent has access.
[1] Of course, since you don't know who the individuals are, you still have to place your trust in every single agent that works for the entity you chose to entrust. As such, nothing is gained by restricting access. It remains that if it is important that it be private with only one or a few, you must go to those individuals you trust directly. Granting them private information by proxy will always be subject to man-in-the-middle-ing.
its from one of the content moderators. they are all hired and managed through recruiting agency. there was over 10k of us while I was there. and most people are just kids with one week of on boarding doing short term contract. whoever did it is blackballed by biggest recruiting agency in the world. way to get your life crazy difficult over reddit points
A lot of these tank "leaks" are just PDF's of manuals you can buy on ebay. They're restricted but legal to own. It only becomes illegal when you export them to other countries.
I believe what GP is referring to is the Air Force National Guardsman who's going to jail for leaking classified intelligence on a discord server to prove he was right. I don't think it was actually about tanks, just that it happened in a WarFrame discord (or something like that).
Great, "it was only a friend" is the same thing anyone says when caught revealing a secret that was meant to "remain between us". That's a load of horseshit for an excuse.
No, it's not. Typically moderators can view content that needs moderation, i.e. is visible to other users. There is no reason to give them access to all private videos, which are different from unlisted.
Yes it is. You can keep saying "no it's not" until the cows come home, but every single bit of unencrypted content (and possibly well known hashes of encrypted content) is subject to moderation on any large corporate property.
In many states its legal for people 16-18 to work, usually with limitations on hours worked per shift/week an what kind of jobs they can do.
Even then, many older people in the US will call someone 18-20 "kids", even though they're technically adults.
As a US English speaker I took it to mean "a bunch of young and immature people, probably on their first job" when I heard "most people are just kids", not that they're literally hiring 12 year olds or something.
I can't say I know the law in every state so I typically don't say absolutes like that. If that's true, thanks for clarifying/correcting.
Also, it looks like you're right for at least the states I normally deal with. Looking back the first job I had started when I was still 15, I must have just blended those shift schedule restrictions during the rest of my time working as 16-17 as well. So yeah, I guess that's probably true.
Violating labor laws with children is actually really common, and plenty of places DO abuse young labor. It is NOT avoided
Do you think all the workers in your company's call center in some random country are all truthfully 18? Hell, do you think none of them are working against their will?
Some places hiring child labor != all places hiring child labor.
I do agree there's too much illegal child labor going on in the US and around the world, but its a stretch to assume everyone hires child labor.
Otherwise, why won't you stop hiring child labor? You've probably hired someone to do some kind of work around your home at least once, I take it you most definitely hired children then. After all, apparently everyone does it.
Why WOULDN'T mrguyorama hire child labor to do the plumbing around his home or to do his lawn work?!
When companies can get away with it (read: they abide by all laws) why would they not? It is cheaper and money is prime directive number one. Do you actually think companies make money and have a finely tuned moral compass at the same time?
I made the parent comment exactly for this discussion. Do not assume corporations have a moral compass. They do not care and will outsource each and everything if that is cheaper than handling stuff themselves.Why is it chaeaper to pay some people to get the law on your side than actually start doing normal human moral behaviour? Why can they actually outsource responsibility at all? Strange planet we live on.