Slashdot Mirror

← Back to Domains

Domain: eff.org

Stories and comments across the archive that link to eff.org.

Comments · 6,386

  1. And for documentation about the NSA closets by thesandbender · · Score: 4, Informative · on For 18 Minutes, 15% of the Internet Routed Through China

    http://www.eff.org/nsa/

  2. Fear leads to anger, hate, suffering by AmElder · · Score: 1 · on Apple the No. 1 Danger To Net Freedom

    Wu shouldn't be afraid of Apple. None of us should. Fear gets in the way and makes you do stupid things. Let's just keep building the open web. Also, maybe advocacy helps.

    --
    I must not fear. Fear is the mind-killer. Fear is the little-death that brings total obliteration. I will face my fear. I will permit it to pass over me and through me. And when it has gone past I will turn the inner eye to see its path. Where the fear has gone there will be nothing. Only I will remain. --Bene Gesserit, litany against fear.

  3. Re:"Web bugs"? by LordKronos · · Score: 1 · on Google Says No More Cash For Trash Web Bugs

    you are using "bug" as a verb.

    Really? I am? The phrase "bug your phone line" certainly uses "bug" as a verb, but are you saying that in the phrase "plant a bug in your office", the word "bug" is also a verb?

    "tracking pixel" is a term that already has a commonly understood meaning (and has for OVER A DECADE)

    Excellent. And so has the term "web bug" been used for OVER A DECADE.

    November 11, 1999 - http://w2.eff.org/Privacy/Marketing/web_bug.html

    And that's not even the earliest usage of the word, but simply the oldest and most authoritative usage of the word I could find on the the first page of results from a google search for "web bug".

  4. Re:"Web bugs"? by LordKronos · · Score: 0, Flamebait · on Google Says No More Cash For Trash Web Bugs

    I don't really care how long you've been doing web development. Perhaps you haven't been paying enough attention. Perhaps you've been too wrapped up in the developer terminology that your not so familiar with what the ordinary user typically calls it. I've been doing development just as long as you and I've heard the term countless times. "Tracking pixel" is not a word that non-developers typically use. Just with a really quick google search, here's a result from 1999
    http://w2.eff.org/Privacy/Marketing/web_bug.html

    And your complaint about his usage...verb vs noun, "bug" is a dual purpose word where the verb form is the action of applying the noun form. Much like label. I label a jar with a label. I also bug your phone with a bug. Are you seriously unfamiliar with the term "bug" used in the noun form related to eavesdropping? It's not really new. Oxford English Dictionary has documented this usage going back to 1946.

  5. Do it from Javascript by Anonymous Coward · · Score: 1, Interesting · on Research Inches Toward Processor-Specific Malware

    You know, assuming Javascript engines in web browsers use the FPU to do floating point math operations, you could roughly categorize what hardware visitors to your website use.

    And/or you could run a JS benchmark, and on the server side have baseline benchmark results for different web browsers and web browser versions on known hardware configurations - and then use that to deduce the user's clock speed. That is assuming that they aren't running anything else at the same time, but 99% of the time desktop systems are idle. You could do a run of 5 benchmarks over a period of say 30 seconds and throw out the outliers.

    Of course you could combine this with the kind of stuff Panopticlick does, like detect the screen size, time zone, flash variables etc. For extra evil points, combine it with Samy Kamkar's evercookie.

  6. Re:virtual machines by gozar · · Score: 1 · on Nevercookie Eats Evercookies

    I wonder how well that does against https://panopticlick.eff.org/ ...

  7. Re:virtual machines by Anonymous Coward · · Score: 0 · on Nevercookie Eats Evercookies

    That page has got to be faulty. Go to the main link, http://panopticlick.eff.org/ - the results are staggeringly different. That tells me I'm unique out of everyone (>1.2 million) whereas the link given in GP says I'm 1 out of around 85k.

    The difference is that the previously posted link does not include &js=yes param, where as the link on the main page does.

    What this param does is sniff you out using javascript (or not, obviously)

  8. Re:virtual machines by Amorymeltzer · · Score: 3, Interesting · on Nevercookie Eats Evercookies

    That page has got to be faulty. Go to the main link, http://panopticlick.eff.org/ - the results are staggeringly different. That tells me I'm unique out of everyone (>1.2 million) whereas the link given in GP says I'm 1 out of around 85k.

  9. Re:virtual machines by leuk_he · · Score: 2, Interesting · on Nevercookie Eats Evercookies

    You are unique Just like everyone else

    please tell me how unique you are there... (me: one in 627,021 browsers have the same fingerprint as yours.)

    Since you have a special setup i wonder if you can really hide in the crowd.

  10. Or SSL encrypt more websites by z3nwizard · · Score: 1 · on Sophos Researcher Suggests Password 'Free' to Spur Wi-Fi Encryption

    I know they is an overhead to small devices being forced into using SSL but wouldn't WPA2 cause the same sort of overhead? I prefer to just connect then use a VPN as they are loads of them around but it is true that your going to need a bigger passphrase then just "Free" due to the limit.. If people used the firefox plugin that forces SSL from EFF.org.. https://www.eff.org/deeplinks/2010/06/encrypt-web-https-everywhere-firefox-extension then most the top sites would be more secure but of course problems will still occur.. Last option freeradius but again could be a config nightmare. Personally I would promote SSL or just get people used to a VPN provider... Open Wireless in the UK like BTFON or BTOpenZone do give the user the option of free VPN software.. traced the VPN server to somewhere in London but it was very slow last time I tried it. Here... http://www.btopenzone.com/help/security/vpn-software.jsp I agree the solution needs to be tackled by the FreeWireless supplier more so then the end user.

  11. HTTPS Everywhere by chebucto · · Score: 1 · on Firesheep Countermeasure Tool BlackSheep

    This firefox extension from the EFF will force an HTTPS connection if possible. It works with Firefox (ie keeps the connection in https mode throughout the session, not just during the login).

  12. Re:or just use proper security by iammani · · Score: 5, Informative · on Firesheep Countermeasure Tool BlackSheep

    Exactly, this is what EFF's Firefox Addon does

  13. The EFF already did this... by Anonymous Coward · · Score: 0 · on NSF Funds Data Anonymization Project

    Panopticlick already showed that it was child's play to track somebody, even with cookies disabled. Unless the way websites/browsers work is fundamentally changed, this will continue to be the case.

  14. Re:Even forced SSL doesn't work by Anonymous Coward · · Score: 0 · on Herding Firesheep In NYC — Do Users Care?

    You can install the Firefox extension HTTPS everywhere to force Google, Twitter, and Facebook to use HTTPS whenever possible.

  15. The EU directive may be going down in flames by bradley13 · · Score: 1 · on Australia's Privacy Boss Slams Gov't Data-Retention Scheme

    Note that the EU directive is being fought - successfully - by activist in individual countries. In March, Germany ruled the directive to be unconstitutional:

    From the linked article dated March 10, 2010: Last week, the German Constitutional Court issued a much-anticipated decision, striking down its data retention law as violating human rights. It was an important victory for Europe’s Freedom Not Fear movement, which was formed to oppose the EU Data Retention Directive. But it was also a reminder of the political work which remains to be done to defeat it.

  16. Re:My suitcase always gets opened by Leebert · · Score: 1 · on British Airways Chief Slams US Security Requests

    This is what you're looking for: https://secure.eff.org/site/Ecommerce/3366529?VIEW_PRODUCT=true&product_id=1441&store_id=2441

  17. HTTPS Everywhere by mepperpint · · Score: 1 · on How To Protect Against Firesheep Attacks

    The right answer is to use encryption on all websites. Unfortunately we're not yet at a point where all websites can be bothered to support encryption which means that we should use encryption for every website that supports it and carefully consider whether websites that don't support it are worth the risk. It would be nice if your web-browser would automatically use encryption on sites where it is available and, thanks to the EFF, there is a Firefox plug-in that does just that. Consider giving HTTPS Everywhere a try.

  18. Re:ISTR... by fuzzyfuzzyfungus · · Score: 1 · on How To Protect Against Firesheep Attacks

    I know that The Emirates Telecommunications Corporation is one. The same guys who tried to send an eavesdropping trojan horse(labeled as a system update) to 100,000 or so blackberry users...

    https://www.eff.org/observatory has more details on the ~650 different entities who will be silently trusted by your standard IE or FF install.

  19. Re:Let's just encrypt everything all the time by 2muchcoffeeman · · Score: 1 · on How To Protect Against Firesheep Attacks

    There's a couple of Firefox extensions that actually do encrypt everything all the time ... or, at least, they redirect everything that has an encrypted SSL to that HTTPS URL instead.

    HTTPS Everywhere | Electronic Frontier Foundation

    (which is also here: HTTPS Everywhere :: Add-ons for Firefox)

    Force-TLS :: Add-ons for Firefox

  20. Re:Why bother? EFF bothers. by andydread · · Score: 2, Insightful · on Xbox 360 Jailbreaker May Need Real Jailbreak

    Now how do you get the ignorant masses from running out and purchasing/licensing DRM infected gear? There is no warning label on such goods that state "WARNING: If you modify this device you may go to prison" Maybe there should be a campaign to educate consumers in such a fashion. Who is going to sponsor it? Maybe EFF? How many people on Slashdot donate to the EFF? I do. Every time the make news I donate again. People can thank the EFF for it now being legal to jailbreak their Iphones. Just a quick google search shows some of the valuable work they have done and you can go here to see a list of that valuable work. I urge every Slashdotter to Join the EFF and help them fight the RIAA/MPAA/BSA juggernauts. Any little bit helps.

  21. Different situation completely by cappp · · Score: 5, Informative · on Xbox 360 Jailbreaker May Need Real Jailbreak
    The jailbreaking finding (pdf) was narrow, specifically noting that the

    critical question is whether jailbreaking an iPhone in order to add applications to the phone constitutes a noninfringing use...

    it appears fair to say that the purpose and character of the modification of the operating system is to engage in a private, noncommercial use intended to add functionality to a device owned by the person making the modification, albeit beyond what Apple has determined to be acceptable. The user is not engaging in any commercial exploitation of the firmware, at least not when the jailbreaking is done for the user’s own private use of the device

    The Library of Congress specifically made Iphone jailbreaking permissable, for the reasons given above. As with all things legal, a specific permission isn't just instanlty transformed into general allowance to do whatever the hell you want. The Xbox was not included in the permission granted and therefore such hacking is a violation of the current statute until found otherwise in a court.

    The fact that Crippen is making money from breaking the law, and in likelyhood abetting a little casual piracy, suggests he's going to get made an example of.

  22. Re:https everywhere by anti-pop-frustration · · Score: 4, Interesting · on Firefox Extension Makes Social-Network ID Spoofing Trivial

    https everywhere is indeed a great extension, and everybody should be using it.

    But some of the services that Firesheep target don't offer an https option *at all*. This is no rebuttal, it only proves Firesheep developer's point : these services have an unappropriate level of security.

    The worst offender is probably Yahoo! Mail. They don't even offer https to their paying customers! For one of the leading webmail service this is utterly unacceptable. https for login is a fig leaf, the only thing this does is give users a false sense of security.

  23. Re:No HTTPS encryption by lavagolemking · · Score: 4, Informative · on Firefox Extension Makes Social-Network ID Spoofing Trivial

    Facebook does submit your information over HTTPS; they just load the page over HTTP by default. Passive sniffing won't work on it. Here, take a look at the following code from http://www.facebook.com/:

    <form method="POST" action="https://login.facebook.com/login.php?login_attempt=1" id="login_form">

    The problem with this approach is, while it saves server resources, an attacker could trivially perform a man-in-the-middle attack on an average person connecting to http://www.facebook.com/ rewriting the above code to HTTP or running a squid proxy or something, and they would never notice because their browser says "http" like always.

    That said, if you're worried about it you could always install HTTPS Everywhere and it will make Facebook always load using SSL.

  24. Re:No HTTPS encryption by muckracer · · Score: 4, Informative · on Firefox Extension Makes Social-Network ID Spoofing Trivial

    > Kudos to FaceBook and most other networks for NOT using encryption for anything but the log in [--DrYak]

    > I still have to manually change http to https in the URL every time they decide to sign me off. [--cindyann]

    Install the HTTPS-Everywhere FF Plugin. It will SSL-encrypt Facebook and a host of other domains. Only draw-back: Chat doesn't work via SSL atm.

    https://www.eff.org/https-everywhere

    And while you're at it, also install the BetterPrivacy Add-on:

    https://addons.mozilla.org/en-US/firefox/addon/6623/

    which will get rid of the LSO cookie Facebook sets each time you use it. Best used in conjunction with AskforSanitize.

  25. Re:https everywhere by skywatcher2501 · · Score: 3, Informative · on Firefox Extension Makes Social-Network ID Spoofing Trivial

    And here's the link: https://www.eff.org/https-everywhere

  26. Re:A better explaination by thomst · · Score: 3, Informative · on Firefox Extension Makes Social-Network ID Spoofing Trivial

    here: http://codebutler.com/firesheep.

    Steve Manuel of TechCrunch claims that the Force-TLS 2.0 Firefox extension can defeat Firesheep. (You have to configure it manually for each site you want to protect, though, so it's somewhat of a PITA.)

    Another option is the HTTPS Everywhere Firefox extension from EFF and the Tor Project. Although HTTPS Everywhere has a predefined ruleset that includes some of the most popular Web sites, you'll still have to write your own ruleset for any site not on their default list.

  27. Re:A better explaination by thomst · · Score: 3, Informative · on Firefox Extension Makes Social-Network ID Spoofing Trivial

    here: http://codebutler.com/firesheep.

    Steve Manuel of TechCrunch claims that the Force-TLS 2.0 Firefox extension can defeat Firesheep. (You have to configure it manually for each site you want to protect, though, so it's somewhat of a PITA.)

    Another option is the HTTPS Everywhere Firefox extension from EFF and the Tor Project. Although HTTPS Everywhere has a predefined ruleset that includes some of the most popular Web sites, you'll still have to write your own ruleset for any site not on their default list.

  28. Re:A shame I won't be playing it. by yukk · · Score: 1 · on Blizzard Announces Final Diablo 3 Class, PvP Arena Battles

    Yeah, the smart guys tried this before. And it didn't go so well.
    bnetd was a battle.net emulator that was permanently shut down by lawyers.

  29. Re:need more input by gnapster · · Score: 1 · on Bicycle Thief Barred From Using Encryption

    [The battle against escrowed encryption] was fought and lost in the mid 1990s.

    Don't look now, but that threat was not put to rest permanently. The price of freedom is vigilance.

  30. Not so sensasonal headline by NobodyExpects · · Score: 2, Informative · on UK To Track All Browsing, Email, and Phone Calls

    The Government's Strategic Defence and Security Review, which revealed: "We will introduce a programme to preserve the ability of the security, intelligence and law enforcement agencies to obtain communication data and to intercept communications within the appropriate legal framework.

    Yes, it is _just_ a proposal, do you want it to come about? So... time to ramp up development of https-everywhere, ensure that you use GNU Privacy guard for all EMail, bit locker on your drives, and dust off your NT box to run https-everywhere!

  31. Re:FB Privacy...FWIW by muckracer · · Score: 1 · on Top Facebook Apps Violate Privacy Terms

    > Any other ideas?

    The EFF's HTTPS Everywhere Firefox plugin will SSL-encrypt, among other things, your connection to Facebook. Works OK (chat doesn't work and I had some issues here and there with some images, which apparently get loaded from somewhere else). Still worth it though and you can always unset FB temporarily in the Plugin Preferences if needed:

    https://www.eff.org/https-everywhere

  32. If not this, then what? by TheNucleon · · Score: 5, Interesting · on FSF Announces Hardware Endorsement Criteria
    There is a lot of criticism in the comments - for instance:

    Hardware mfgs won't go for this
    Consumers won't care
    There aren't enough people who _do_ care to make a difference

    Some of this may be true, stark reality. But if that's the case, then I ask, what do we do instead?

    A lot of us feel strongly that the rise of constrained, "walled garden" computing, especially in mobile devices (phones, iPad, etc.) is a Bad Thing(tm). These mobile devices, along with increasingly complex embedded systems, may well be the future of computing. These days, computing = access to information. Do you really, really want your information device to be nothing more than a puppet for someone else to control? We've all read the books and seen the movies - we know where this road ends. I don't want to go there.

    Already, the corporate-owned and operated consolidated media is doing its best to spoon-feed everybody the daily ration of irrelevant crap or pre-digested "here's what to think" news stories. And due to the trend we're discussing, soon the only place we'll be able to get any information at all is with our fully-controlled, censored, happy happy joy joy goodcitizendevices.

    But this gets worse, because once the corporations control everything, it's only one small step away from government abuse. Been paying attention to the trends lately? Don't get me wrong, I'm not anti-law enforcement, but there must be balance. When all tech is locked down and we have no choices, it will be too late to wonder if we should have just allowed it to happen.

    So, honestly, if this FSF effort isn't the answer, what is? Because as long as we want to remain a free people, we can't just stand by and watch, if not facilitate, as a select few take full control of the systems we rely on for our information.

  33. If not this, then what? by TheNucleon · · Score: 5, Interesting · on FSF Announces Hardware Endorsement Criteria
    There is a lot of criticism in the comments - for instance:

    Hardware mfgs won't go for this
    Consumers won't care
    There aren't enough people who _do_ care to make a difference

    Some of this may be true, stark reality. But if that's the case, then I ask, what do we do instead?

    A lot of us feel strongly that the rise of constrained, "walled garden" computing, especially in mobile devices (phones, iPad, etc.) is a Bad Thing(tm). These mobile devices, along with increasingly complex embedded systems, may well be the future of computing. These days, computing = access to information. Do you really, really want your information device to be nothing more than a puppet for someone else to control? We've all read the books and seen the movies - we know where this road ends. I don't want to go there.

    Already, the corporate-owned and operated consolidated media is doing its best to spoon-feed everybody the daily ration of irrelevant crap or pre-digested "here's what to think" news stories. And due to the trend we're discussing, soon the only place we'll be able to get any information at all is with our fully-controlled, censored, happy happy joy joy goodcitizendevices.

    But this gets worse, because once the corporations control everything, it's only one small step away from government abuse. Been paying attention to the trends lately? Don't get me wrong, I'm not anti-law enforcement, but there must be balance. When all tech is locked down and we have no choices, it will be too late to wonder if we should have just allowed it to happen.

    So, honestly, if this FSF effort isn't the answer, what is? Because as long as we want to remain a free people, we can't just stand by and watch, if not facilitate, as a select few take full control of the systems we rely on for our information.

  34. "Yellow Dots" MICT and EURion constellation by plcurechax · · Score: 1 · on Canon Blocks Copy Jobs Using Banned Keywords

    This is more about printers, mostly colour printers I believe, but it is a related technology as far as I know.

    About EURion constellation and bank notes:

  35. "Yellow Dots" MICT and EURion constellation by plcurechax · · Score: 1 · on Canon Blocks Copy Jobs Using Banned Keywords

    This is more about printers, mostly colour printers I believe, but it is a related technology as far as I know.

    About EURion constellation and bank notes:

  36. Re:R & D please? by AHuxley · · Score: 1 · on DMCA Takedown Notice Leveled Against Ohio Congressional Race Ad

    http://www.eff.org/deeplinks/2010/10/copyright-abuse-ohio-governor-election
    "In response, the Ohio Democratic Party promptly published a YouTube video capitalizing on this, illustrating its point with short clips from Redden's acting career."
    Seems the Republicans wanted a slick 'pro' feeling ad and paid for it.

  37. Fair use must be considered by Todd+Knarr · · Score: 2, Informative · on DMCA Takedown Notice Leveled Against Ohio Congressional Race Ad

    And the Strickland campaign might want to point out this ruling in Lenz v. Universal Music where the judge said that copyright holders must consider whether the use of the material constitutes fair use under copyright law before filing their takedown request.

  38. Re:Yup, just crazy by koiransuklaa · · Score: 1 · on Can Large Scale NAT Save IPv4?

    You're still free to do weird things in your network for whatever odd reason you want, go ahead.

    As a counterpoint to the specific example you mentioned: https://panopticlick.eff.org/

  39. Re:TRUSTe all over again? by cjb658 · · Score: 1 · on Privacy Option Proposed To Control Behavioral Ads

    Meh, just use Tor

  40. how about fingerprinting instead? by anton_kg · · Score: 1 · on Introducing the Invulnerable Evercookie

    You don't need to mark client's browser. it's not secure and yet possible to protect against. The best solution is to use browser fingerprint. Apparently, each browser is unique by itself. See the link bellow http://panopticlick.eff.org/

  41. Re:What irks me the most... by Anonymous Coward · · Score: 0 · on MPAA Asks If ACTA Can Be Used To Block Wikileaks

    Your second point, that the majority of first-world nations will ratify this treaty, is currently invalid. The EU, which makes up a large percentage of the first world, has already all-but-rejected ACTA in its current form. That doesn't necessarily mean things won't get worse for the US, however.

  42. Re:not protects by hairyfeet · · Score: 5, Interesting · on HDCP Master Key Is Legitimate; Blu-ray Is Cracked

    Uhhhh...I hate to break the new to you dude, but this "cracking" stuff? Damned useful to those of us who AREN'T pirates. Want an example? I have a lovely complete collection of Joss Whedon's series right in front of me on a shelf, with a cool Buffy and Spike collectible figure on each side for bookends given to me by my late sister. Now here I am, with frankly an assload of HDD space at nearly 1Tb, yet thanks to their DMCA bullshit I can't just walk into Walmart and buy software that'll let me rip these discs, which I fricking paid nearly a grand for, to my HDD. Instead I'm supposed to break them open and go through the hassle of loading them each time I want to watch an episode of Buffy or firefly. That sucks! WTF is the point of having all this space if I'm not allowed to put my fricking media on it??

    So until some sanity comes to the media and game companies I'm ALL FOR the pirates. It is the pirates that made the older games I PAID FOR work on my new windows 7 X64, thanks to their No-CD/DVDs making it so the non x64 DRM crap isn't called. It is the pirates that come up with the software that lets me rip my movies and convert them into formats that makes them easy and convenient FOR ME, the customer!

    I personally could give a flying crap about what content producers, who frankly thanks to http://en.wikipedia.org/wiki/Hollywood_accounting are often screwing the artists as bad if not worse than they screw us consumers, want anymore. I fricking paid for it, its mine, and if I want it in Xvid or H.264 or whatever then that is none of their business. Remember these very same content producers who you are championing say ripping YOUR CD to your iPod is NOT fair use because you didn't cut the greedy pigs a check for the privilege. After bribing our congress and trying to force 150+ year copyrights on the planet I personally hope the whole lot DIAF myself.

  43. Re:Ok you've got my attention by doomy · · Score: 5, Informative · on EFF Says 'Stop Using Haystack'
    Here is a better explanation of what happened by Danny O'Brien (http://twitter.com/mala)

    ---- posted in verbatim for /. proof ----

    Theres been a lot of alarming but rather brief statements in the past few days about Haystack, the anti-censorship software connected with the Iranian Green Movement. Austin Heap, the co-creator of Haystack and co-founder of parent non-profit, the Censorship Research Center, stated that it had halted ongoing testing of Haystack in Iran; EFF made a short announcement urging people to stop using the client software; the Washington Post wrote about unnamed engineers who said that lax security in the Haystack program could hurt users in Iran.

    A few smart people asked the obvious, unanswered question here: What exactly happened? With all that light and fury, there is little public info about why the worlds view of Haystack should switch from it being a step forward for activists working in repressive environments that provides completely uncensored access to the internet from Iran while simultaneously protecting the users identity to being something that no-one should consider using.

    Obviously, some security flaw in Haystack had become apparent, but why was the flaw not more widely documented? And why now?

    As someone who knows a bit of the back story, Ill give as much information as I can. Firstly, let me say I am frustrated that I cannot provide all the details. After all, I believe the problem with Haystack all along has been due to explanations denied, either because its creators avoided them, or because those who publicized it failed to demand one. I hope I can convey why we still have one more incomplete explanation to attach to Haystacks name.

    (Those whod like to read the broader context for what follows should look to the discussions on the Liberation Technology mailing list. Its an open and public mailing list, but it with moderated subscriptions and with the archives locked for subscribers only. Im hoping to get permission to publish the core of the Haystack discussion more publicly.)

    First, the question that I get asked most often: why make such a fuss, when the word on the street is that a year on from its original announcement, the Haystack service was almost completely nonexistant, restricted to only a few test users, all of whom were in continuous contact with its creators?

    One of the things that the external investigators of Haystack, led by Jacob Appelbaum and Evgeny Morozov, learned in the past few days is that there were more users of Haystack software than Haystacks creators knew about. Despite the lack of a public executable for examination, versions of the Haystack binary were being passed around, just like unofficial copies of Windows (or videos of Iranian political violence) get passed around. Copying: its how the Internet works.

    We were also told that Haystack had a centralized, server-based model for providing the final leg of the censorship circumvention. We were assured that Haystack had a high granularity of control over usage. Surely those servers could control rogue copies, and ensure that bootleg Haystacks were exc

  44. Phonebook? by Torodung · · Score: 1 · on Judge Allows Subpoenas For Internet Users

    Bollocks! By analogy, does this mean that if my name is in the phonebook, I no longer have a reasonable expectation of privacy in my phone calls? Does this mean that if I give the utility company my name, they no longer have to ring the doorbell to read an indoor meter, or they can be granted a warrant to pick the lock of my backyard gate?

    On the heels of the "first sale" ruling, I think it's time to donate to the EFF again. The courts have gone nuts, and I am sickened by what American business interests are willing to ask of the courts, if their slimy counsel can justify it to a judge. It's disgusting.

    This cannot be tolerated. Not to catch a bunch of idiots watching screen-cam bootlegs. I'd sooner outlaw the entire entertainment industry than suffer this level of invasive surrender of basic rights. We can go back to making hand shadows for each other and playing Parcheesi as far as I'm concerned.

    I hope to get traction for bills which clarify that just because the "Interwebs" are involved doesn't mean we've hit the reset button on basic privacy rights, since it's clear the courts are unable to understand that the basic precedents set in telcom bills apply.

    --
    Toro

  45. Re:do you live in a hole? citation is easy. by conspirator57 · · Score: 2, Informative · on WikiLeaks Set To Release Unpublished Iraq War Docs

    the eff thinks otherwise.

    http://www.eff.org/deeplinks/2009/04/jewel-v-nsa-roundup-media-obamas-position

    Salon blogger Glenn Greenwald and others in the left blogosphere were on the story early, just as they were throughout the fight over telecom immunity last year. Greenwald declared the Obama position to be worse than Bush:

    It is hard to overstate how extremist is the "sovereign immunity" argument which the Obama DOJ invented here in order to get rid of this lawsuit. I confirmed with both ACLU and EFF lawyers involved in numerous prior surveillance cases with the Bush administration that the Bush DOJ had never previously argued in any context that the Patriot Act bars all causes of action for any illegal surveillance in the absence of "willful disclosure." This is a brand new, extraordinarily broad claim of government immunity made for the first time ever by the Obama DOJ -- all in service of blocking EFF's lawsuit against Bush officials for illegal spying.

    The Raw Story weighed in on the case, and TPM Muckraker checked in with constitutional scholars Ken Gude, Amanda Frost and Lewis Fisher to see if they agreed with Greenwald's analysis:

    Is it a sweeping power grab by the executive branch, that sets set a broad and dangerous precedent for future cases by asserting that the government has the right to get lawsuits dismissed merely by claiming that state secrets are at stake, without giving judges any discretion whatsoever?

            In a word, yes.

    http://www.salon.com/news/opinion/glenn_greenwald/2009/04/06/obama/index.html
    http://tpmmuckraker.talkingpointsmemo.com/2009/04/expert_consensus_obama_aping_bush_on_state_secrets.php?ref=fp1

    tpm says it's the same, but there are new claims made by the Obama DoJ which Bush never had the audacity (pun intended) to make. to me, that's enough to make Obama worse in an objective sense. but moreover, he's subjectively worse in that he's poisonous and harmful because he both says the right thing (excessive secrecy is bad) while simultaneously cementing the bipartisan consensus and legitimizing Bush's radical and harmful policies. This is simply a grievous blow to the rule of law in America.

  46. Re:Go Away Idiot by Jackie_Chan_Fan · · Score: -1, Flamebait · on Google Instant Announced

    Yes there are... Idiots are like EFF

    http://www.eff.org/deeplinks/2010/08/google-verizon-netneutrality

    Enjoy reading.

    Oh and btw... Fuck your mothers rotted cunt, while I fuck your sister poorly.

    YEAH... I'm a shit lay.

  47. Re:Clear Channel by EDinWestLA · · Score: 3, Informative · on Radiohead Helps Fans Make Crowd-Sourced Live Show DVD

    They could raise a fuss...

    Not anymore.

    EFF Kills Bogus Clear Channel Patent

  48. Re:Hehehe by Andorin · · Score: 2, Informative · on Open Source PS3 Jailbreak Released

    How did you get modded up with a comment like "No one was affected by that silly rootkit?" Apparently enough people were affected that the Texas Attorney General sued, class action suits were filed in New York and California, and even even Italy, the EFF, and the FTC investigated Sony over the rootkit scandal. Dismissively saying that nobody was affected by it is just ignorance or trolling.

    And it wasn't just "a particular CD"; it was a nice list of titles; 102 different albums in total according to Wikipedia. Millions of CDs. MediaMax alone went out on 20 million discs.

    Your point that other IT concerns outweigh the problems with Sony's rootkit is valid, but you're comparing apples and oranges here. And the way you dismissed the seriousness of the rootkit makes you look like a fool or someone with an agenda.

  49. Re:Also Banning IMAP+SSL? by Anonymous Coward · · Score: 0 · on RIM Reaches Temporary Agreement With India

    Gmails defaults to HTTPS and gmail is the most popular one.

    Yes. And there are lots & lots of crooked certificate authorities out there that would happily issue a fake certificate for gmail. One of them is Eitisalat, the UAE cell phone carrier that sent spyware to all their blackberry users.

    http://www.eff.org/deeplinks/2010/08/open-letter-verizon
    http://www.slate.com/id/2265204/

    Feel safer about your https now? Most people don't check the certificates...

  50. Re:Why really does Apple behave this way? by jbn-o · · Score: 1 · on iPhone App In App Store Limbo Open Sourced

    The answer is simple: the API terms are there to build at least two monopolies out of what could clearly become multiple commonses: no competing app store and no competing developers for apps (whether Apple holds the copyright or not). Apple has a long track record of denying users software freedom. The terms of their app store agreement is hardly surprising.

    The more interesting question is why do application developers put up with this. The real power is in the application developer's hands; developers are submitting to the horrible iPhone Developer Program License Agreement. Why? I'm guessing the reason is similar to the lottery logic that persuades millions to buy into a scheme where the vast majority lose to prop up very few winners. Convincing people "you gotta play to win" instead of the more accurate "you're most likely gonna lose". In other words, it's a question of values: developers are taught to value popularity over all things, including their own software freedom and the software freedom of their users. Remember that if an application copyright holder chooses to agree to the aforementioned license and Apple denies them a place in their app store, the copyright holder has agreed not to distribute in competing app stores. This is one power one would normally have under copyright law and it is signed away in an attempt to prop up Apple's app store.

    Who teaches them these values? Some open source movement proponents, to be sure; that movement was designed to never bring up ethics and that movement shuns talking about computer user's freedoms to run (recall that Apple can "kill" a deployed iPhone app on any non-jailbroken iPhone), share, and modify. Proprietors, including Apple, like it that way. This arrangement helps Apple more easily address an audience of talented software developers that might look at a digital phone as another general-purpose computing device which ought to properly be the property of its owner. As the EFF points out:

    Overall, the Agreement is a very one-sided contract, favoring Apple at every turn. That's not unusual where end-user license agreements are concerned (and not all the terms may ultimately be enforceable), but it's a bit of a surprise as applied to the more than 100,000 developers for the iPhone, including many large public companies. How can Apple get away with it? Because it is the sole gateway to the more than 40 million iPhones that have been sold. In other words, it's only because Apple still "owns" the customer, long after each iPhone (and soon, iPad) is sold, that it is able to push these contractual terms on the entire universe of software developers for the platform.