Slashdot Mirror

When I installed Chrome it did not pop up a window and offer me a choice of which search engine to use.

You're either lying or blind, Mr. AC. I installed Chrome just now, and I was greeted with a search engine pop-up. If you miss that, you'll see it every time you right click on the URL bar.

When I installed Chrome it did not pop up a window and offer me a choice of which search engine to use.

You're either lying or blind, Mr. AC. I installed Chrome just now, and I was greeted with a search engine pop-up. If you miss that, you'll see it every time you right click on the URL bar.

Indeed.

And purely to prove him wrong out of spite, here you go Canadian (and all other) Slashdotters: I hereby release this recording I made into the public domain: Bach French Suite #3, Menuet & Trio. Free music.

(Oh what, you wanted good music?)

See also Wikipedia

Really. Here's a picture I just snapped of the bog-standard router that came with my DSL package:

http://dl.dropbox.com/u/7086491/pictures/routerphonejack.jpg

As you can see, phone jacks, and there's a whole fully configurable SIP stack in the web interface. The one all the way on the left is the DSL line, and I'm assuming the one on the right is for some special kind of phone (ISDN maybe).

Has anyone in the history of the world ever paid for a RapidShare account to use it for downloading non-pirated content?

Has anyone in the history of Dropbox, one of RapidShare's competitors, ever paid for a Dropbox account?

Eh, maybe some people out there haven't heard of "targeted advertising." After telling YouTube to e-mail me in Japanese, just for kicks, I started getting some hilarious and kind of creepy ads sent my way. Prior, I saw mostly men's products and electronics.

G-mail isn't the only context they use for ad placement, though. Either way, Google gives me free stuff, and makes my web surfing a bit more surreal. I consider it a fair trade.

Microsoft's video is rather crass, but maybe it'll be educational for someone who wouldn't take the Faustian bargain were they fully informed. It's kind of refreshing seeing advertising based on the relative merits of the respective products rather than "Bud Light Summons Women," but on the other hand... Office 365.

Eh, maybe some people out there haven't heard of "targeted advertising." After telling YouTube to e-mail me in Japanese, just for kicks, I started getting some hilarious and kind of creepy ads sent my way. Prior, I saw mostly men's products and electronics.

G-mail isn't the only context they use for ad placement, though. Either way, Google gives me free stuff, and makes my web surfing a bit more surreal. I consider it a fair trade.

Microsoft's video is rather crass, but maybe it'll be educational for someone who wouldn't take the Faustian bargain were they fully informed. It's kind of refreshing seeing advertising based on the relative merits of the respective products rather than "Bud Light Summons Women," but on the other hand... Office 365.

Eh, maybe some people out there haven't heard of "targeted advertising." After telling YouTube to e-mail me in Japanese, just for kicks, I started getting some hilarious and kind of creepy ads sent my way. Prior, I saw mostly men's products and electronics.

G-mail isn't the only context they use for ad placement, though. Either way, Google gives me free stuff, and makes my web surfing a bit more surreal. I consider it a fair trade.

Microsoft's video is rather crass, but maybe it'll be educational for someone who wouldn't take the Faustian bargain were they fully informed. It's kind of refreshing seeing advertising based on the relative merits of the respective products rather than "Bud Light Summons Women," but on the other hand... Office 365.

Eh, maybe some people out there haven't heard of "targeted advertising." After telling YouTube to e-mail me in Japanese, just for kicks, I started getting some hilarious and kind of creepy ads sent my way. Prior, I saw mostly men's products and electronics.

G-mail isn't the only context they use for ad placement, though. Either way, Google gives me free stuff, and makes my web surfing a bit more surreal. I consider it a fair trade.

Microsoft's video is rather crass, but maybe it'll be educational for someone who wouldn't take the Faustian bargain were they fully informed. It's kind of refreshing seeing advertising based on the relative merits of the respective products rather than "Bud Light Summons Women," but on the other hand... Office 365.

o we can ask them whether the page successfully loaded but didn't render, ("Done"), or if it's hung up because the web server is slow ("transferring data from..."), or if it's stuck trying to do a DNS lookup ("Looking up... / Connecting to...")

Chrome somehow manages to do just that. It's only autists that have problems using software without "Ready" or "Num Caps Ins Scr" permanently burned on the bottom of their screen.

The sync server being down would most likely have the same result as not having a network connection at all; Dropbox would just wait until it can connect, not affecting your files in any way.

Down is one thing, but the GP postulates that rights holder may be able to force the deletion of files not only on drop box, but also on your computer by simply continuing to run the servers. Anything in your shared area (as opposed to your encrypted area) could be (possibly) be deleted from your hard drive via this method.

Doing so would seem to be a legally risky move, but who you gonna sue? The DOJ?

Of course no one would have any way of knowing what is in your encrypted area. *Cough*.

Sharing copyrighted material via drop-box's un-encrypted public folder seems pretty dumb since it all ties back to you.

Just FYI.

Dropbox just resells Amazon's S3 storage service. They have a slicker interface, but the heavy lifting is all done by Amazon.

Not to mention they have the inherent security issues from Amazon as well. I guess this is OK as long as you don't mind having your data dumpster dived. If you don't hold a key, your data is exposed. Also the use of SSL(TLS) is susceptible to certificate compromise and man-in-the-middle attack that is currently plaguing the Internet. Asking the average user to use client-side encryption is out of the question, the average joe is not going to implement TrueCrypt. All of the encrypted data in one location is subject to brute force attack. Even Dropbox's blog states, "Dropbox manages encryption keys for you," sure - maybe you'd like them to watch your house and car keys too.

Dropbox just resells Amazon's S3 storage service. They have a slicker interface, but the heavy lifting is all done by Amazon.

It seems that more music companies have been listed on the case on the Irish High Courts website. Take a look here: http://dl.dropbox.com/u/8230342/ScreenClip.png

Yes, it does.

Have you actually watched Fox News? Compared to their venom spouting gibberish fake news BILD would be a quality newspaper.

Heh, I won't get into that discussion. Have a picture I took in Cologne instead :)

They have never made false claims about security - that's a trumped up argument. A logical block to employees accessing your files is what they claimed to have in place, and is perfectly valid - however, someone assumed something else and voila - we have a "security issue".

On their web site, they make the marketing-language claim that they are using AES encryption, without any modifiers to narrow down that statement. Many people obviously thought that they are using encryption on the server's storage, when actually they only encrypt the transmission. For technically-minded people this is obvious (due to the web interface and the cross-user deduplication), but for others it's not.

This has come up in the past. While dropbox uses S3 for the base encryption layer, the staff at dropbox have access to the encryption keys. In fact because of a FTC complaint dropbox had to change the terms of use as explained on their blog To clearly indicate that while the contents are encrypted, that dropbox staff still have access to be able to comply with the US justice system. And the US can order the dropbox to disclose the data without telling you that the data was disclosed. At least if the courts come after the data in the server sitting under some IT guy's desk, you will know about it.

I have a question about the checkbox in installers. What we usually see is an unchecked "I agree" and "Next" is clickable only when the checkbox is ticked.

I teach a course about designing software, some parts of the course are about distributing applications. I also sell software for a living.

This week I held a class in which I discussed installers and the user experience of the installation process. My advice was to remove unnecessary steps: drop the checkbox and rename "Next" to "Agree and continue" (or something similar). The rationale is very simple - reduce the number clicks, bring people closer to their objective.

Here's a EULA I wrote for one of our products: http://dl.dropbox.com/u/3258602/screenshots/Screenshot-SIMple-EULA.png (used on http://sim-reader.com/ there is a checkbox, but it is for customizing the installation settings, it is not related to the agreement. Here's another example, just a "Next" button: http://dl.dropbox.com/u/3258602/screenshots/Screenshot-Private-Disk-EULA.png

This is based purely on common sense and personal experience with other programs. Reason tells me that "Next" won't turn self-aware and click itself, thus if it was pressed - it was a conscious decision of the person using the computer.

However, the rest of the world relies on that checkbox... Am I missing anything? Is there some legal loophole that the checkbox covers? Is there a reason to do this, other than "everybody else does it"?

I have a question about the checkbox in installers. What we usually see is an unchecked "I agree" and "Next" is clickable only when the checkbox is ticked.

I teach a course about designing software, some parts of the course are about distributing applications. I also sell software for a living.

This week I held a class in which I discussed installers and the user experience of the installation process. My advice was to remove unnecessary steps: drop the checkbox and rename "Next" to "Agree and continue" (or something similar). The rationale is very simple - reduce the number clicks, bring people closer to their objective.

Here's a EULA I wrote for one of our products: http://dl.dropbox.com/u/3258602/screenshots/Screenshot-SIMple-EULA.png (used on http://sim-reader.com/ there is a checkbox, but it is for customizing the installation settings, it is not related to the agreement. Here's another example, just a "Next" button: http://dl.dropbox.com/u/3258602/screenshots/Screenshot-Private-Disk-EULA.png

This is based purely on common sense and personal experience with other programs. Reason tells me that "Next" won't turn self-aware and click itself, thus if it was pressed - it was a conscious decision of the person using the computer.

However, the rest of the world relies on that checkbox... Am I missing anything? Is there some legal loophole that the checkbox covers? Is there a reason to do this, other than "everybody else does it"?

Here's another one that follows the same principles: http://dl.dropbox.com/u/3258602/screenshots/Screenshot-SIMple-EULA.png

I wrote it myself, if you scroll to the end, you'll find an Easter egg, something in the lines of "now you can tell your friends you've actually read a EULA" :-)

What about the Chumby?

Well, in their forums they got told to move to HTML5 about 3 years ago... It's even pretty easy to do, I was able to get a browser running on it back then.

Well, if you know anything about reading .reg files, I'll link the one I use
http://dl.dropbox.com/u/230142/folder_setting_savefix.reg

They've always done a good job of being platform independent in their web banking

I've had good experiences, mediocre experiences, and fail experiences. My BoA credit card is getting cancelled because they keep trying to sell me "credit protection" and reporting services, and their calls and junk mail are getting annoying.

They've always done a good job of being platform independent in their web banking

I've had good experiences, mediocre experiences, and fail experiences. My BoA credit card is getting cancelled because they keep trying to sell me "credit protection" and reporting services, and their calls and junk mail are getting annoying.

They've always done a good job of being platform independent in their web banking

I've had good experiences, mediocre experiences, and fail experiences. My BoA credit card is getting cancelled because they keep trying to sell me "credit protection" and reporting services, and their calls and junk mail are getting annoying.

They've always done a good job of being platform independent in their web banking

I've had good experiences, mediocre experiences, and fail experiences. My BoA credit card is getting cancelled because they keep trying to sell me "credit protection" and reporting services, and their calls and junk mail are getting annoying.

Rumor had it that they outsourced development to China. Chocobos were, for a while, horsebirds, but this was later corrected to "chocopo". (Ads on the linked site NSFW).

Better yet, the collector's edition included a tumbler which could be "damaged" by "items including salt and solid materials, carbonated beverages, milk or other dairy beverages, fruit juices, etc." Not sure how that made it through QC.

Then again, Sankaku Complex just really doesn't like China, so it's possible Squeenix just dun goofed. Perhaps after (more than) 14 final fantasies, this was their game design. Anyone who knew for sure what happened met seppuku.

Yup, cheapo 802.11n stuff doesn't support 5GHz. The only reason I'm still running 2.4GHz is my Android smartphone... stupid cheapo Broadcom BCM4329 doesn't support 5GHz.

At least all my Thinkpads support 5GHz and the router's dual band...

I can definitely recommend going with 5GHz if you don't need all too much range (through walls and such) and the airwaves around 2.4GHz are crowded in your neighborhood.

Look at this crap... my neighborhood at 2.4GHz: http://dl.dropbox.com/u/7086491/pictures/2.4ghz.PNG

And 5GHz: http://dl.dropbox.com/u/7086491/pictures/5ghz.PNG

The non-blue bars are other networks and interference from other networks. Crazy huh? Thank God I'm the only one around here who's discovered 5GHz so far ;)

Yup, cheapo 802.11n stuff doesn't support 5GHz. The only reason I'm still running 2.4GHz is my Android smartphone... stupid cheapo Broadcom BCM4329 doesn't support 5GHz.

At least all my Thinkpads support 5GHz and the router's dual band...

I can definitely recommend going with 5GHz if you don't need all too much range (through walls and such) and the airwaves around 2.4GHz are crowded in your neighborhood.

Look at this crap... my neighborhood at 2.4GHz: http://dl.dropbox.com/u/7086491/pictures/2.4ghz.PNG

And 5GHz: http://dl.dropbox.com/u/7086491/pictures/5ghz.PNG

The non-blue bars are other networks and interference from other networks. Crazy huh? Thank God I'm the only one around here who's discovered 5GHz so far ;)

and better than TrueSync.. You can set up some sort of file by file encryption with somethning from here:

http://wiki.dropbox.com/TipsAndTricks/IncreasePrivacyAndSafety

DropBox with local caching and multiple PCs. You do have multiple PCs, don't you? If you don't, GTFO.

http://www.dropbox.com/

Using Kubuntu as an example here.

Well lets see...how about a working network front end?

So, previously I clicked the network tray icon and opened up a dialog to connect to a wireless network.

How about a simple fucking "find drivers" button, like Windows has had for a damned decade now?

I opened up "Additional drivers" (also known as restricted-drivers and restricted-manager).

Try something a little newer though, like Realteck HD Audio, The later Intel/AMD/Nvidia chips, Sigma sound Realtek Ethernet...those don't survive upgrades.

Work fine for me.

Hell try it yourself. Download any distro from 2006, that will be the same as if you had 5 years of support. Now upgrade to the current version and see what happens

I went from Kubuntu Hardy to Kubuntu Natty, didn't have magical problems on the machine that had such hardware (didn't have an earlier version because I didn't acquire that particular hardware until 08). I do have other machines though where I went from Kubuntu Dapper to Kubuntu Lucid, the worst issue I had in one of the upgrade was some init.d files were not updated, but that didn't mean any sort of failure, just the start up would not be faster for the specific daemons due to having legacy init.d files. Not really a deal breaker.

Tell you what, if you think Linux is ready remove your shell.

Honestly, I think you're fishing for issues at this point.

Also, some evidence.

Or, maybe its like PHP. A recursive acronym. Here's an example you can run from my Dropbox account. IT'S (ha!) named (of course) "TITS". If you're using the BetterPrivacy plugin for Firefox (or something similar), you'll have to disable it or the page is blocked (I guess it doesn't like HTML files named "TITS.html" -- and BTW, BetterPrivacy, what does "TITS" have to do with my privacy?).

Here's a description of what it does (and how it does it):

function TITS(String theBigT, Number bandSize, String cupSize)

Called from an HTML FORM that allows the user to select combinations of band size (ribcage size) and cup size (ahem...). The available band sizes (in inches) are: 30, 32, 34, 36, 38 and 40. The available cup sizes (in letter code) are: "AA". "A", "B", "C", "D" and "DD". The greater the band size, the larger the font. The greater the cup size, the brighter the font color. The idea being that 40AA, while large in font size, is still kind of hard to see. Whereas 30DD, while tiny in font size, is still quite visible. And, 30AA? Well, you really gotta look for 'em!

The recursion is controlled by band size. So, a band size of 38 will result in the acronym being recursively generated 38 times.The resulting string is displayed like so:

"TITS TITS TITS...(34 more TITS)...TITS"

It ain't very scientific (or even useful), but it's kind of fun (and a little creepy too -- oh, well).

At last, all that college has paid off!!

Here it is again.

What does this have to do with vanilla AOSP Android again?

I realize we've had our differences but a malware purveyor, I'm not. I just downloaded the Chase app to my phone and pulled it out of the /data/app folder. Enjoy.

Either intentionally or unintentionally, the internal font encoding of the PDF is screwed up. Here's a copy/paste-able version:

http://dl.dropbox.com/u/35070303/CCIA-FairUseintheUSEconomy-2011%5Bocr%5D.pdf

Since when? Taken about 5 seconds ago.

To be clear, aside from the rare exceptions we identify in our Privacy Policy, no matter how the Services change, we won’t share your content with others, including law enforcement, for any purpose unless you direct us to.

however their privacy agreement still says they will gladly decrypt and give your data to law enforcement

Compliance with Laws and Law Enforcement Requests; Protection of Dropbox's Rights. We may disclose to parties outside Dropbox files stored in your Dropbox and information about you that we collect when we have a good faith belief that disclosure is reasonably necessary to (a) comply with a law, regulation or compulsory legal request; (b) protect the safety of any person from death or serious bodily injury; (c) prevent fraud or abuse of Dropbox or its users; or (d) to protect Dropbox’s property rights. If we provide your Dropbox files to a law enforcement agency as set forth above, we will remove Dropbox’s encryption from the files before providing them to law enforcement. However, Dropbox will not be able to decrypt any files that you encrypted prior to storing them on Dropbox.

Oh well, my account is now deleted, not my problem anymore.

Easy, cowboy.

"...If you delete your account, we try to delete your data quickly, but there are some rare cases where we can’t, which are outlined in the privacy policy."

http://blog.dropbox.com/?p=846

Anyway, they've updated the TOS again.

There is, take a look at Keeper:
http://lazybit.com/index.php/2009/08/13/keeper-4-0-preview

Here are the current binaries:
http://dl.dropbox.com/u/3258602/DK-release/Keeper-dusk-x64.zip
http://dl.dropbox.com/u/3258602/DK-release/keeper-dusk-x86.zip
http://dl.dropbox.com/u/3258602/DKbeta/Keeper-mac.zip

I can give you (or anyone else who gives it a try and provides some feedback) a free license, if you like it.

There is, take a look at Keeper:
http://lazybit.com/index.php/2009/08/13/keeper-4-0-preview

Here are the current binaries:
http://dl.dropbox.com/u/3258602/DK-release/Keeper-dusk-x64.zip
http://dl.dropbox.com/u/3258602/DK-release/keeper-dusk-x86.zip
http://dl.dropbox.com/u/3258602/DKbeta/Keeper-mac.zip

I can give you (or anyone else who gives it a try and provides some feedback) a free license, if you like it.

There is, take a look at Keeper:
http://lazybit.com/index.php/2009/08/13/keeper-4-0-preview

Here are the current binaries:
http://dl.dropbox.com/u/3258602/DK-release/Keeper-dusk-x64.zip
http://dl.dropbox.com/u/3258602/DK-release/keeper-dusk-x86.zip
http://dl.dropbox.com/u/3258602/DKbeta/Keeper-mac.zip

I can give you (or anyone else who gives it a try and provides some feedback) a free license, if you like it.

They need to be able to distribute the key too though, as the web interface allows a log-in from everywhere.

It could I suppose generate the key client side, then encrypt the key with the password, then send that to the server.

I don't know how much can be done in pure HTML, but it sounds impractical to have the web interface without using some sort of applet on the client side for file browsing and decrypting, is it possible to decrypt a download using only HTML/JS, how about the file browser itself (though meta data could be sent separately from the client and stored unecrypted).

I think it would alter the nature of the product significantly if all data was stored that way (applets on web browsers, or no web browser), though, an option for a secure folder that was inaccessible by web would work well, as with an actual application you could do whatever you wanted.

I think any user that has seen this page should know they can access your account (even if the software they wrote doesn't let them at the moment, the pieces are there).

https://www.dropbox.com/forgot

the storage of a

The trick is encrypt everything you sync in Dropbox. This can be done transparently. I use encfs and I only sync the encrypted directory to dropbox. I use this solution in my linux, windows and OSX machines. http://www.arg0.net/encfs http://wiki.dropbox.com/TipsAndTricks/IncreasePrivacyAndSafety -- blue

I believe that the file is locked while updating. This is only really an issue if you are using Dropbox collaboratively (i.e. two people making changes to the same file at the same time), but even then Dropbox saves older revisions of files SVN-style so you can rollback to a previous version if there are problems.

By the way, if anyone doesn't already have a Dropbox account, if you use my referal link we can both get an extra 250MB of free storage space.

Sparkleshare is still under development, and it seems to have the most traction of any user-friendly project. When released, it will be the open-source Dropbox replacement.

I agree though, it's very hard to get rid of the convenience of Dropbox. Not just for saving files, but for syncing your configuration across machines (save your .dotFiles in ~/Dropbox and then symlink to ~/). But when they refuse to support the BSD's (2 out of the 4 machines I regularly work on), and their Linux implementation starting requiring disabling SELinux, they pretty much did it to themselves. Not to mention the whole thing where the Dropbox CTO admitted they could look at your files if they wanted.

I think I just found his theme song :)

(Info: Romeo Knight's remix of Bionic Commando stage 1 music)

Interesting point and I'd like to read that professor's work, but I don't believe online services are flourishing for security reasons, but rather that it's coincidental from the average user's perspective. The whole point of this story is that people are not aware and knowledgeable enough about technology and security, so I doubt they factor it in highly enough to use it in their decision to chose an online service.

Security is rarely mentioned in the list of features of these services: nothing in Flickr, Picasa, or DropBox other than to discuss how files you upload can be shared selectively rather than be public. DropBox doesn't turn up anything when you query for "virus" in the help section (and even suggests disabling your anti-virus to solve a connectivity problem). Even Google Docs which has drawn much concern on data security neglects to reassure you that documents you upload are properly safeguarded, and doesn't guarantee that downloading an MS-Office version of a document is devoid of malicious code which may have been uploaded by whoever shared it with you. There's far more concern assuring you that they perform backups and that your data won't be lost. Twitter mentions security only in the context of safeguarding your account from hijacking. Facebook's "privacy" aspects are obviously not worth mentioning and where they mention it it's due to bad publicity, not a way of attracting users away from MySpace by being a safer platform. It has taken major Twitter/EC2/PSN outages for people to even realize there's a risk in relying on online services, which still isn't being discussed in these feature sets- public understanding of availability is as meager as security.

There's certainly a risk and possibly even this hidden cost you're suggesting in using proprietary online services, but I don't see that they are being used to avoid downloading an executable file, or otherwise provide any such protection against browser-based attacks. To the contrary- all of the above popular services except for Google Docs actually encourage or even require (DropBox) users to download binaries (in the case of Facebook/Twitter mobile apps), and Facebook users are clicking random links to the same kinds of nonsense they had been getting in their email.