Slashdot Mirror

I'm a big fan of Privacy Badger, mainly because it can automatically block trackers based on behavior rather than having to rely on someone's premade block list.

https://www.eff.org/privacybad...

The same folks provide HTTPS Everywhere, another must-have.

https://www.eff.org/HTTPS-EVER...

How are you going to actually your HTTPS-only web sites when every single site you visit gives "Certificate error" until the householder has confirmed his censoring preference? This happens on open hotspots in hotels and restaurants, for example. The answer to "Why is HTTPS Everywhere preventing me from joining this hotel/school/other wireless network?" in the HTTPS Everywhere FAQ recommends visiting an HTTP-only site first in order to be redirected to the login page.

So says the professor.

The Judges don't always agree.
https://www.eff.org/deeplinks/...

Encouraging the web to go 100% SSL only is a unquestionably a good thing.

The issues with performance were gone a decade ago...and certs can be obtained cheaply or an no cost. It makes no sense that all the "anti-SSL"
posts have been modded up.

Telecom providers are required to make sure that any voice service they sell is compliant with CALEA

In that case, CALEA would effectively render end-to-end encryption illegal. So, IMHO, they should be hunted down by lawyers for either not complying with CELEA or for not offering what they advertise.

And remember that CALEA is not about mass wireless surveillance a la NSA but is actually about targeted recordings of specific individuals where there is probable cause enough to get a judge to sign off on the wiretap order. Very different things.

Indeed. But there's nothing that keeps the NSA from using the same interface, too. either by serving wiretap orders themselfs (decorated with a nice gag order) or by targetting the CELEA equipment.

the Andy Griffith type cop is becoming a minority in this day and age.

The Andy Griffith type cop never existed, and was unique even within the context of the show (remarked on by outsiders visiting Mayberry constantly). At best, you might get Adam-12 or Dragnet type cops.

I guess I should have said a caring friendly neighborhood cop but at the time I was thinking Andy Griffith to be an analogous example of what I was thinking.

Interestingly I actually live near Mount Airy (aka Mayberry, however there is no actual Mayberry) and I can't really say much for the cops in Mount Airy but I've had run-ins with the local county sheriff's department and the state troopers stationed there and in both encounters the officers seem to have something of a condescending superiority complex, but I do want to say though that Sheriff Graham Atkinson himself is a super nice guy and from personal experience always makes himself available to residents. I've always had really great encounters with cops in nearby Winston-Salem which is located just a couple counties away. Some of the smaller communities in between I don't particularly trust the small town cops because if you get in a car accident or something the officer will always take the side of the local resident.

In one particular case I took a picture from my porch of a car accident literally in front of my house and the officer got in my face and yelled at me that he was going to arrest me and confiscate my expensive camera and when politely and calmly asked him about relevant statutes prohibiting my activity it made him even angrier and louder.
I was rather shook up and asked the EFF for help, or at least some advice, but they told me that since I was intimidated into complying with the officer's demands and never asked him if I was under arrest I had no basis for a complaint and they couldn't help me (I can at least say that is where my deep interest in law and the legal processes began).
That being said I really would prefer the Joe Friday type cop from Dragnet because at least those cops in that show had the utmost respect for the law let alone knowing the law like the back of their hands.

Nobody is being "backdoored" here except as required by law. The linked story summary is a troll for mentioning the NSA - it has nothing to do with them, but either the writer doesn't know what they're talking about or they just figured that would get more clicks.

Telecom providers are required to make sure that any voice service they sell is compliant with CALEA. There is no direct CALEA equivalent today for data services, interestingly - this is how far behind the times the Feds can be. And yes everything in LTE is data but for the purposes of the law, anything where you are talking - for example VoIP - is considered a voice service.

CALEA basically means that if you (the telecom) get a wiretap order - signed by a judge - from a law enforcement agency, you need to wiretap and record that user's calls for the specified time period, decrypt them if necessary, and then turn them over to the law enforcement agency. Verizon had to make this service CALEA compliant, or they couldn't have offered it. And remember that CALEA is not about mass wireless surveillance a la NSA but is actually about targeted recordings of specific individuals where there is probable cause enough to get a judge to sign off on the wiretap order. Very different things. You can dislike CALEA but you can't blame Verizon for putting in some magical backdoor - that has absolutely zero to do with the NSA - which they are required by law to have.

However for the privacy-minded it should be noted that the way things work, CALEA only applies to telecom providers. If you bought the same software from a non-telecom source (e.g. the software OEM themselves) and put it on your phone, then CALEA won't help law enforcement because Verizon wouldn't have the key to decrypt your calls with and could only turn over the encrypted stream. So if you are worried about being wiretapped by the police, don't buy your encryption service from your phone company.

Here is my problem: Google has a long history of cooperating with NSA.

Don't believe me? Fine: read these links instead... Yahoo News article about cooperation between Google and NSA, Guardian article, Tom's Guide article.

Even if Google does not/did not/will not cooperate with NSA, Eric Schmidt himself has been cooperating with the US Government, which cast serious doubts about his desire to protect the private information of Google clients.

Again, don't believe me? Fine, read this instead: Julian Assange on Eric Schmidt. Or (even better) this transcript.

Even if Eric Schmidt does not cooperate with the US Government, he has said himself, repeatedly, that privacy is dead and that it's something for hackers.

Don't believe me? Fine, read this instead: EFF article, Gawker article.

In other words, a company that cooperated with the NSA, led by a man who does not care about your privacy (but cares very much about his) is telling you that there is nothing to see here, sure we are protecting your privacy, please buy our products, we are safe and professionals and there is nothing to be afraid of.

Seriously? How come this gasbag is a freaking CEO, paid millions of dollars a year?

As others have noted, the EFF Panopticlick is the better service.

I just spent far too much time playing around with this, on an extended lunch break. I note the following things:

- You had better disable explicit tracking services (Ghostery), or it all doesn't matter anyway.

- Fonts are a big factor. Fonts are identified through Flash. There is a configuration file "mms.cfg" that can disable this. The location of this file depends on your operating system and on your browser - it took me a good half-hour to find it for my particular configuration.

- However, even after disabling fonts, and even using a "user-agent switcher" to look like a Windows/Chrome combination (instead of Linux/Chrome), I was still uniquely identifiable. The biggest factor were my language preferences, the list of plugins, and the precise browser version. Refusing to report system fonts was also pretty important :-/

In short, there's not much way around it - if you include other information available, like your IP address, you will be uniquely identifiable, and trackable across websites.

What is missing from this picture: Browsers provide an "incognito" mode. This mode needs to be extended to provide only absolutely essential information to the server. The server needs to know roughly what level of standards support you have (e.g., "Mozilla/5.0"), and what language to send content in (one language, not a list with weights). Everything else could be omitted, and virtually all websites would work perfectly.

Go a step farther and disable JavaScript in incognito mode, to prevent explicit sniffing. That will disable more websites, but if those sites start losing traffic, they'll offer versions that don't require JS.

Their sample size is 11-thousand. According to my results, 1-in-6 computers are running Linux!

We had to start somewhere. Mostly geeks go to the site anyway, so the data is skewed towards them.

It started as a small project to understand fingerprinting.So far it's been quite successful for our research purposes :)

This is absurd, unscientific to the extreme, fear-mongering.

It's just a site that collects stats and then shows them. It also implements other fingerprinting techniques that other sites do not. How is this unscientific or fear mongering?

In your example, based only on the statistics you provided, there were 11099x0.0109 or 120 people in the central time zone *in their sample*, which is the sample size of UTC-6 users.

Their data is useless.

In comparison, https://panopticlick.eff.org/i... has almost 5-million in their database. This is somewhat more helpful.

As said before, we needed to start somewhere, right? It seems people have taken unexpected interest in the site. We'll be improving it little by little.

Besides, as others have said, panopticlick paints a far worse picture with more data. Now consider that they fingerprint less attributes than amiunique.

Disclaimer: my colleagues and I work on, among other things related to fingerprinting, amiunique.org

The only thing I found interesting was this:

Use of AdBlock 49.28%

But that probably says more about the people who would visit the site than it does of AdBlock users.
Especially with the sample size so small at is is. https://panopticlick.eff.org/ has a much much higher sample base.

Other things that could be checked but which aren't include whether the browser allows SSL2, SSL3, TLS1.0, TLS1.1, and what kind of encryption.
Also, the ballpark speed at which it evaluates Javascript.

Their sample size is 11-thousand. According to my results, 1-in-6 computers are running Linux!

This is absurd, unscientific to the extreme, fear-mongering.

In your example, based only on the statistics you provided, there were 11099x0.0109 or 120 people in the central time zone *in their sample*, which is the sample size of UTC-6 users.

Their data is useless.

In comparison, https://panopticlick.eff.org/i... has almost 5-million in their database. This is somewhat more helpful.

First, the simplest of script blockers completely prevented the home page from loading at all.

Second, when I allowed the site in my script blocker, it was slow as hell to load.

But Third, and more to the point: EFF's Panopticlick has been around for a long time now, and it's far better.

Agreed! Page isn't loading, that was fast as hell.

For those looking for other resources tho, that DO load

http://samy.pl/evercookie/

https://panopticlick.eff.org/

The EFF has some specific guides for protecting yourself/cellphone:
https://www.eff.org/deeplinks/2014/08/cell-phone-guide-protesters-updated-2014-edition

In terms of documenting police, the ACLU also provides specific guides:
https://www.aclu.org/kyr-photo

Google Removes Vital Privacy Feature From Android

How about Google does something about it?

Google can do something about it ... but doesn't want to. Because Google's business model is data collection:

Google Removes Vital Privacy Feature From Android

How can Facebook get personal information that you don't voluntarily share with it?

Offline data collection:

• Datalogix
• Data brokers
• Outside data sources

Tracking your browsing:

• WSJ article

Getting tentacles in your OS:

• iOS
• More on Apple

Running analytics software and servers for other websites and apps:

• Parse

Etc.

You should seriously revise your [cynic mode on] I do not even have an idea why people use Tor [off]. And in the corporate word, often you have not a say own your work station is installed of which certificates come with the default setup. Or what people is logged besides you. And besides passive surveillance, there are more nefarious activities to worry about. ( https://www.eff.org/wp/detecti... ) Packet interception, DNS interception, packet sniffing, man in the middle attacks, logging all your network activity on several ways, levels and technics, divert your traffic to where it should not go...and so on. Certifications only give you an illusion of privacy. You suffer from a simple delusion that I have witness in some coworkers, which is to not recognised, that as a single point is compromised in the infra-structured, you cannot count on your privacy ever.

There was no "unconstitutional domestic spying". It was simply records of which phone number called another phone number. If you think that is spying then your phone company has been spying on you for decades. Stop parroting what you hear on the news and actually do some research yourself.

Research? Ten seconds with a search engine shows you're wrong. So you're either trolling, stupid or a government shill.

Well, yes, they do that. But they are also doing this:

Real Time Access to Phone and Internet Traffic Second, the same telecommunications companies also allowed the NSA to install sophisticated communications surveillance equipment in secret rooms at key telecommunications facilities around the country. This equipment gave the NSA unfettered access to large streams of domestic and international communications in real time—what amounted to at least 1.7 billion emails a day, according to the Washington Post. The NSA could then data mine and analyze this traffic for suspicious key words, patterns and connections. Again, all of this was done without a warrant in violation of federal law and the Constitution.

The relevant Executive Order (12333) details the scope of domestic surveillance for US Intelligence agencies (Section 2.3b) and states:

Information constituting foreign intelligence or counterintelligence, including such information concerning corporations or other commercial organizations. Collection within the United States of foreign intelligence not otherwise obtainable shall be undertaken by the FBI or, when significant foreign intelligence is sought, by other authorized agencies of the Intelligence Community, provided that no foreign intelligence collection by such agencies may be undertaken for the purpose of acquiring information concerning the domestic activities of United States persons; [emphasis added]

Good idea but I would think the EFF would be better for things like this.

- DETEKT

What is Detekt and how does it work?

"Detekt is a free tool that scans your computer for traces of known surveillance spyware used by governments to target and monitor human rights defenders and journalists around the world. By alerting them to the fact that they are being spied on, they will have the opportunity to take precautions.

It was developed by security researchers and has been used to assist in Citizen Lab's investigations into government use of spyware against human rights defenders, journalists and activists as well as by security trainers to educate on the nature of targeted surveillance.

Amnesty International is partnering with Privacy International, Digitale Gesellschaft and the Electronic Frontier Foundation to release Detekt to the public for the first time."

###

Official Sites:

https://resistsurveillance.org...
https://github.com/botherder/d...
https://github.com/botherder/d...
https://github.com/botherder/d...

- version 1.1 download (Nov 20, 2014) .exe & sig
https://github.com/botherder/d...

###

- Detekt Author's GPG key:

The distributed binary is signed with my personal PGP key, the public key is available at

https://nex.sx/nex.asc

###

- More info/News stories:

https://www.eff.org/deeplinks/...
http://www.theguardian.com/wor...
http://www.amnesty.org/en/news...
http://www.amnestyusa.org/news...
https://en.wikipedia.org/wiki/...
https://threatpost.com/detekt-...
https://firstlook.org/theinter...
http://www.bbc.com/news/techno...
http://www.zdnet.com/amnestys-...

###

- Author's Twitter Page:

https://twitter.com/botherder

While WhatsApp does have a security hole. Using WhatsApp is more secure than using no encryption.

This seems to be most reasonable of the responses so far.

EFF has mentioned that when the end-to-end encryption is implemented, and then IF it passes their tests, they will update their Secure Messaging Scorecard for it. Right now its score is rather dismal: 2 of 7.

Currently there are only a few text messaging apps that get full points: TextSecure, Silent Text, OTR (Windows), CryptoCat, and something called ChatSecure which I had not heard of before.

Some people objected to CryptoCat being awarded all points, in that it hadn't been fully audited yet. EFF replied that it passed tests to their satisfaction.

I did not list phone apps such as Redphone because they're primarily voice not text per se.

I'll start this off by stating I'm non-partisan and have no particular party affiliation. That said, the AC above is being disingenuous at best.

Domestic surveillance of the American populace by the NSA as almost certainly been in place since its inception, but it didn't really come into full-force until Bush signed the order to begin domestic spying on Oct.4, 2001. (see https://www.eff.org/nsa-spying... say that its reached "new and unimagined levels" under the current administration is true, but only because the program has grown and expanded steadily since 2001.

But all of that is history to be rewritten by those with the motivation to do so, and relearned by those with short memories. As Americans, our forefathers built a nation upon the idea that we could create and maintain a country free of political tyranny; that those with power could not subjugate those without; that as humans, we have the unalienable rights of life, liberty and the pursuit of happiness; that its laws will provide justice and protection for all its citizenry; and that those citizens will be brave in the face of those who would try to take those ideas from us, and fight to preserve what we have built.

The Senate had the chance to take a stand to honor the sacrifices made by so many, and everything that we've fought and bled for 238 years; but they did not. Perhaps that is fine. Perhaps ISIS, and Al-Qaeda before them, have shown us that the idea of America is a false one. That all it takes to shake our country to its foundation is to sneak in and blow up some buildings. Maybe we were delusional in thinking that we could really ever be free? Maybe it's all been romanticized through movies, literature, and rewritten history books; and that we never really were a "land of the free and home of the brave". Maybe that's just song lyrics. Maybe it is the best form of government on the planet, or maybe that doesn't matter because it's government of and by an animal driven by greed and fear. And maybe it's always been that way since we came out of the caves.

That's what I take away from this vote, and all the other votes on all the other measures that either erode our freedoms, or prevent that erosion from happening. That it doesn't matter what we do, no form of government can overcome our failings as species.

Actually the US Department of Defense and dozens of other governments have their own CAs with which they could issue a certificate for your domain, if they wished to. Here's a map we made of them using our SSL Observatory datasets.

Nonetheless we should be able to use publication mechanisms such as Certificate Transparency to ensure that any compromise or compulsion of the Let's Encrypt CA could be quickly detected.

Actually the US Department of Defense and dozens of other governments have their own CAs with which they could issue a certificate for your domain, if they wished to. Here's a map we made of them using our SSL Observatory datasets.

Nonetheless we should be able to use publication mechanisms such as Certificate Transparency to ensure that any compromise or compulsion of the Let's Encrypt CA could be quickly detected.

Just reading through the EFF page on this and it sounds like they got a patent on setting a header to track... Wow. That just sounds, ... , I don't know, but :(

here's the link to the actual EFF press release/post, not some random board post linking to it. https://www.eff.org/deeplinks/...

Perhaps a new paradigm is needed; hosting within Tor but on servers the US gov has difficulty getting to, and a cold money trail. The "important" people in the network would need anonymity and would also need to not make money as admins or VIPs. Instead, they'd collect their profit as minor users (with different accounts) and keep most of their money within the system (e.g. free drugs). Real profits would go to charities (e.g. the EFF accepts bitcoin donations), ensuring that there is no usable money trail (obviously, the EFF would not back this kind of work).

Atop that, the new system could be better distributed (decentralized) and perhaps even free software (self-hosted via Trac or whatever) to follow the cryptographer philosophy of more eyes (reviewers) ensuring more security.

Of course, this assumes the Silk Road community has selfless idealists willing to coordinate this...

Perhaps a new paradigm is needed; hosting within Tor but on servers the US gov has difficulty getting to, and a cold money trail. The "important" people in the network would need anonymity and would also need to not make money as admins or VIPs. Instead, they'd collect their profit as minor users (with different accounts) and keep most of their money within the system (e.g. free drugs). Real profits would go to charities (e.g. the EFF accepts bitcoin donations), ensuring that there is no usable money trail (obviously, the EFF would not back this kind of work).

Atop that, the new system could be better distributed (decentralized) and perhaps even free software (self-hosted via Trac or whatever) to follow the cryptographer philosophy of more eyes (reviewers) ensuring more security.

Of course, this assumes the Silk Road community has selfless idealists willing to coordinate this...

The actual 'scorecard' can be found here. No need to go to extremes and RTFA.

[Snarky comment about sloppy /. submissions.]

http://www.spiegel.de/internat...
https://en.wikipedia.org/wiki/...
http://www.spiegel.de/internat...
https://www.eff.org/document/2...
http://www.spiegel.de/internat...

Slashdot IS social media, which is why NSA and GCHQ created a fake Slashdot to hack into a Belgian Telecom company.

You dirty terrorists, you! Bad Slashdot! BAD!

Seriously, though, this is beyond belief and beyond the pale. Where do they get these morons? Most of these people are guilty of perjury (at best) and outright conflict of interests and gross violations of basic human rights at worst.

When is this going to stop and when are we going to get rid of these idiots? Where is Senator Franck Church when we need him?

I've been against DRM for years... the EFF has a good website on it so I won't go into all the specifics, if you're interested, read it here: https://www.eff.org/issues/drm It has been proven time and again that if manufacturers would sell their products at a reasonable rather than inflated price, people would buy in vast numbers. All DRM does is piss off your customers. When you buy a product, you want to be able to do with it what you wish. Telling customers the solution to a broken Blu-ray is to buy another is unacceptable. As an aside, I read recently where the MPAA is banning Google Glasses from their theaters to stop piracy. Like people who want to view a movie at home would be interested in viewing a Google Glass recording of that movie on their 60 inch Plasma with Dolby surround sound. If they do, it's because they're extreme fans of that movie and are going to buy it anyway.

If you browse it with TBB (Tor browser bundle), you still have that "identify yourself" part, but the cookie gets deleted the moment you close tor browser. Browsing tor with your normal browser is something very stupid, not just because of cookies, but also because of fingerprinting. Tor browser for example deactivates canvas tracking, or webrtc, and spoofs the useragent. Try this site with your favourite browser and with tor browser, and compare the results.

The FRA has always been close to the NSA and GCHQ. A close third party to the 5 eye nations.
Cable collection, an expansion of collection sites shared with the NSA, Tailored Access Operations, Quantum, help with telecommunications.
Sweden helps US spy on Russia, Snowden leaks show December 6, 2013
http://www.smh.com.au/world/sw...
"excerpt of a larger document showing Sweden’s status as a closely allied “Third-party partner”"
http://www.svt.se/ug/read-the-... (11 december 2013)
https://www.eff.org/nsa-spying... has a few Sweden links to media reports.

The EFF is deeply involved in the legal fight against National Security Letters. NSL's tie the hands of service providers by their very nature and there is little they can do about any one NSL. But by working with the EFF, they have been able to stand up a strong foundation in the fight to have NSL's declared unconstitutional.

Read the FAQ, and make a donation.

The EFF is deeply involved in the legal fight against National Security Letters. NSL's tie the hands of service providers by their very nature and there is little they can do about any one NSL. But by working with the EFF, they have been able to stand up a strong foundation in the fight to have NSL's declared unconstitutional.

Read the FAQ, and make a donation.

The EFF is deeply involved in the legal fight against National Security Letters. NSL's tie the hands of service providers by their very nature and there is little they can do about any one NSL. But by working with the EFF, they have been able to stand up a strong foundation in the fight to have NSL's declared unconstitutional.

Read the FAQ, and make a donation.

Even if was the government (or any of the associated companies, or a low-level new hire, or whatever) doing it, would be not the first time that the government uses the authority meant to fight terrorism with other purposes.

First, a court cannot exactly enforce any decision ruling or anything else. That gets passed on to the executive so I'm not going to argue the futility you expressed as it is more than appropriate. We saw this first hand several times in history- one of which was when FDR's new deal legislation was declared unconstitutional and FDR basically said "so what" forcing the court to expand the interstate commerce clause into the monster it is today in order to avoid a constitutional meltdown.

But even if a government official can lie in court, it doesn't mean they will win when it is known they are lieing. As for a pardon, yes, a president can pardon anyone for any violation of any law. It would stop the court proceeding but a pardon implies guilt with no consequences or at minimum the equivalence of no contest without the ability to punish the person. That provides sort of a quirky area where the court can still rule on the case but not impose punishment. Or in other words, a pardon on a person would not prevent the court from saying the program must stop because it is unconstitutional. The pardon does not remove a court order declaring the program unconstitutional and ordering it shut down as matter of fact within the case. At that point, it will be up to the electorate if they want to keep someone in office who violates the law and constitution or not. I suspect that the answer will be no and they will demand congress impeach the president or vote overwhelmingly for any person of another party who pledges to end the program.

As for showing cause, you are correct, and if a law existed that did not allow the NSA to collect the crap that we all know violates the constitution, cause could be shown. In fact, cause was shown before and a case was advancing which is why congress passed a law allowing the collection and implemented the retroactive immunity for the telecoms. I think it was Hepting v. AT&T another seems to be advancing on what was learned from that case and NSA whistle blowers but is directed at the government itself which doesn't have the immunity.

First, a court cannot exactly enforce any decision ruling or anything else. That gets passed on to the executive so I'm not going to argue the futility you expressed as it is more than appropriate. We saw this first hand several times in history- one of which was when FDR's new deal legislation was declared unconstitutional and FDR basically said "so what" forcing the court to expand the interstate commerce clause into the monster it is today in order to avoid a constitutional meltdown.

But even if a government official can lie in court, it doesn't mean they will win when it is known they are lieing. As for a pardon, yes, a president can pardon anyone for any violation of any law. It would stop the court proceeding but a pardon implies guilt with no consequences or at minimum the equivalence of no contest without the ability to punish the person. That provides sort of a quirky area where the court can still rule on the case but not impose punishment. Or in other words, a pardon on a person would not prevent the court from saying the program must stop because it is unconstitutional. The pardon does not remove a court order declaring the program unconstitutional and ordering it shut down as matter of fact within the case. At that point, it will be up to the electorate if they want to keep someone in office who violates the law and constitution or not. I suspect that the answer will be no and they will demand congress impeach the president or vote overwhelmingly for any person of another party who pledges to end the program.

As for showing cause, you are correct, and if a law existed that did not allow the NSA to collect the crap that we all know violates the constitution, cause could be shown. In fact, cause was shown before and a case was advancing which is why congress passed a law allowing the collection and implemented the retroactive immunity for the telecoms. I think it was Hepting v. AT&T another seems to be advancing on what was learned from that case and NSA whistle blowers but is directed at the government itself which doesn't have the immunity.

lack of funding transparency for advocacy groups and think tanks, which critics say subverts the political process.

Wouldn't "critics say" that about a discussion of any other idea as well?

I also seem to recall, that the Slashdot crowd generally supports anonymous speech — indeed, the consensus is, we have a right to remain anonymous, while speaking...

Why wouldn't that same right extend to people talking (and spending money, which is the same thing) in opposition to "net neutrality"? Why must they be unmasked (and shamed) with prejudice, while those talking on other matters enjoy all the anonymity they care to maintain?

Every person browsing the web today should be using the HTTPS everywhere extension.

To forestall the typical slashdot objection: No, it's not perfect. That doesn't mean it isn't damned useful.

I think we're in agreement on how the world _should_ be, but maybe we don't agree on how to operate in the world the way it is. I definitely considered the patents software oriented, so if I came across as playing coy there, that was shadowing a much deeper discussion that I didn't want to get into. I think there are shades of grey even there... I'm very happy with the recent court opinions striking down software implementations of things that were derived from non-software ideas. Doing something on a computer that used to be done without one should not be patent-able at ALL. For other, truly "novel" inventions (and I realize there's always contention there), I tend to follow the EFF's guidance. Their current recommendations -- their 7 steps -- don't get rid of software patents entirely. They limit their duration, which I'd surely agree with, and require more specificity, which again i agree with.

But you're accusing me of being "antisocial" (I'd think bringing this up on Slashdot is the opposite of anti-social; that's certainly my intent), and "wrong", while I honestly do struggle with the issue, as I think many people do. The EFF and FSF don't seem to fully agree on how a software inventor should handle this. I hold both groups in high regard, but there is certainly not unanimous consent in the slashdot crowd). I'm familiar with the register allocation history (maybe not as much as some). I had closer contact with the photo-mosaic patents that were at issue some years ago, and I always find the codec IP issues (MP3, H.264, GIF, etc.) fascinating and troublesome. In fact, I worried over the use of "IP" in the original post, due to Stallman's position on the phrase (and in retrospect probably used the term too much).

I intend to focus on these issues, and I certainly don't want to be accused down the road of being similar to any of the debacles you cited. I'll let my actions speak for themselves as time unfolds. I'm optimistic that there's a "right" way to behave, within the current system, that is ethical while still affording the protections that patents are idealistically designed for (even if reality is not ideal). Maybe we disagree on those details. In any case my reason for posting this question to slashdot was different and, importantly, time sensitive, so I'm going to stop veering off topic (I felt your post was nice enough to deserve a response).

I do appreciate the even-handed and non-trolling response, and the advice on estate planning; I have a nice flowchart in my will; I'll make sure to add the legal assets to it, and yes, donating them to someone like the EFF is the path I'd like to take -- hopefully it won't matter by then. Thanks!

No, I didn't patent those ideas, the links were examples; but I completely agree that the patent system is failing, and I pointed that out. The question is how to deal with it. I think it's a valid approach to continue to patent ideas until the issue is fixed because the mixed-bag approach is very difficult.

The EFF agrees at least that the situation is not black and white... from their site: "While [abandoning patents is] compelling, there are risks to this strong approach. Every piece of software released to the world without legal protections may leave open a door for someone else to attempt to patent the same technology (and may leave its creators more open to legal threats without a patent to wield defensively)." (https://www.eff.org/patent).

I am genuinely not trying to get rich (well, not through patent evil or trolling), or to be exploitative, and while I don't want to contribute to the problem, I don't want to be a victim of it. Anyway, I appreciate the comments, but again I was trying to shy the focus away from software patents... much ink has already been spilled on that topic. Assuming the patents were one that met your complete approval, would you feel differently?

Your examples are flawed. There isn't a database with a complete record of all license plate movements.

LOL. I stopped reading here. You are so naive. There are multiple different databases with a complete record of all license plate movements.

https://eff.org/

The US did the same for AT&T and the rest.

https://www.eff.org/cases/hept...

Or as another staffer said, "I find the whole rulemaking context almost hilarious in many instances, because you know you're reading something, and you know it's not true. And you're guessing, you know, the person is hallucinating." Ordinary comments were, in other words, prone to error and lacked truthfulness, in the eyes of many of the Commission's staff. They also represented one person's opinion or experience, whereas according to staff, comments submitted by legal or economic experts collated information in a more systematic way, and from a much broader population of consumers.

The FCC got three million responses, or almost one percent of the entire US population. And FCC staffers deride the public comment process as filled with 'hilarious hallucinations.' Because, according to this staffer, those comments submitted by 'legal and economic experts' prepared under the employ of institutions with a vested interest "collated information in a more systematic way" and "from a much broader population of consumers."

Think about this. Actual citizen voices don't matter because private interests have the money to hire people and staff time to organize large submissions with systematically collated information about the population of Net product consumers. Do you see how citizenship to impact public policy has been stripped from the process, leaving the public as nothing more than consumers of product in a rigged market?

They think we don't understand. That we're simply unqualified to understand the nuance of policy. But that's clearly not the case. As highly qualified Lawyers for the Electronic Frontier Foundation, including Harvard Law Professor Lawrence Lessig have been stumping for Net Neutrality for the better part of a decade. These people are not policy stupid. They've submitted comments with 'systematically collated information' by nationally and internationally recognized experts.

These FCC staffers quoted would have us believe the public is misinformed and uneducated. That is the spin they want to present to the press.

It's offensive. Regardless of what position you take on the matter.