Slashdot Mirror

Privacy Badger has its own "Acceptable Ads" policy, which is as simple as promising to respect the "Do not track" header and supporting HTTPS.

I am an online advertising / tracking company. How do I stop Privacy Badger from blocking me?

One way is to stop tracking third party users who have turned on the Do Not Track header (i.e., stop collecting cookies, supercookies or fingerprints from them). That will work for new Privacy Badger installs.

If copies of Privacy Badger have already blocked your domain, you can unblock yourself by promising to respect the Do Not Track header in a way that conforms with the user's privacy policy. You can do that by posting a specific compliant DNT policy to the URL https://example.com/.well-know..., where "example.com" is all of your DNT-compliant domains. Note that the domain must support HTTPS, to protect against tampering by network attackers. The path contains ".well-known" per RFC 5785.

Privacy Badger currently checks for this specific verbatim policy document, though in the future Privacy Badger may allow content from sites that post different versions of a compliant DNT Policy, and that there may be ways for users to specify their own acceptable DNT policies if they wish to.

Source

Personally, I find the approach to be less naive than ABP's, but only slightly.

I use uBlock Origin and find it to be lighter weight than the old Adblock Plus/edge extensions. Combined with uMatrix, it's a much more responsive and usable combination than the old ABP + NoScript pairing.

The fact that you can still easily disable acceptable ads makes ABP a good option going forward. But, I've recently found out about other products that I'd like to hear what experiences others may have had.

Recently, I heard about and started using Privacy Badger form the EFF. I can't tell if it's useful yet, what are your thoughts.

I've also heard that uBlock Origin is superior to ABP and uBlock. Anyone with experience with these?

PIA doesn't log IIRC, and they have good deals.

Here is an email guide to start with (there are no ideally private email providers, but many are better than gmail). Riseup and ProtonMail look interesting.

A note about using PGP email: This still leaves a trail that is rich in metadata (the who/when/where parts of the messages). Only the what is concealed, leaving much to be desired.

More interesting are new messaging apps which the EFF has rated. I think Signal, Ostel+Jitsi and RetroShare look the most promising. Ring is a newcomer that uses OpenDHT and promises to be what Skype might have been.

For just increasing privacy a couple notches while browsing, add the following extensions (Firefox): Privacy Badger, HTTPS Everywhere, Adblock Edge (not sure if AE is really needed with PB). Using a Firefox derivative like IceWeasel or PaleMoon won't likely include ad-based features that might compromise privacy (though Mozilla is said to have removed ads anyway).

As for browsing with Tor, you cannot beat Qubes OS with the Whonix package. This will help you blend in more and prevent exploits over Tor from accessing any personal data. A system with IOMMU hardware and BIOS is recommended.

After all these years, I2P is still progressing and growing. It marries technologies like onion routing and DHT and its 'I2P Bote' messenger may be the best in class, IMO. Of course, I2P is meant to route all kinds of traffic and even has bittorrent built-in. I'd also recommend running I2P in a Qubes domain, although it comes with TAILS if you're more comfortable booting with that.

> When it comes to ease of use, performance and backwards compatibility, Windows kills Linux all day long. And it always will.

Windows requires a massive multistep procedure to not leak data like crazy to Microsoft.

Ubuntu much?

https://www.eff.org/deeplinks/...

Talking about doing illegal things is sometimes illegal and recently, fantasizing about them was too: https://www.eff.org/deeplinks/...

I've had zero real issues with Netflix on Comcast in the Nashville area.
Maybe impending Fiber makes them behave.

I cannot speak for customer "service" - bought a new house that was previously a rental and had a bad debt associated. This took a two hour wait in line followed by the rep themselves having a 20 minute wait at the counter. All necessary data to confirm ownership transfer was located online. That didn't prevent sales from transferring me to billing and billing trying to send me back to sales. You would think that Comcast would want you to send them money. They kept referring to the "authorized user" on the old account when no such entity existed.

I can confirm that some "throttling" takes place, but Steam and Youtube run full speed (50+Mbit buffering is overkill, even for 4k). It mysteriously disappeared when I went to this site immediately following a slowdown after several failed attempts to download a single 45GB file (OpenStreetMap planet.osm). I was seeing slowed, then killed connections on http, but ftp worked.

Which *BSD or Linux monetizes the users' personal information by sending it to 100+ domains?

Perhaps not 100, but anyone who can remember the Ubuntu Unity Amazon shopping lens and related controversies knows that the GNU/Linux market is not entirely free of privacy intrusions.

Firefox: has telemetry on, Do-Not-Track off, etc. by default. Also has built-in ads that read your browsing history.

You're confused about telemetry:
https://wiki.mozilla.org/Telem...

Also, the Do-Not-Track flag is an utter failure. No ad network listens to the DNT flag. If you don't want to be tracked, you need proactive browser support. Something like:
https://www.eff.org/deeplinks/...

And, for what it's worth, the in-browser advertising project ("tiles") in Firefox is being shut down, per a company-wide announcement sent out earlier today. Look for a public announcement soon.

... before long Apple will put in an 'identity tag detector' inside their new iPhone and only their own brand headphones have the tag - and without the tag the headphone won't work

2009 called, and wants its meme back - https://www.eff.org/deeplinks/2009/03/apple-adds-still-more-drm-ipod-shuffle

The DMCA gives Safe Harbor to ISPs who implement the rules. If Cox never implemented the "repeat offender" policy then they are no longer entitled to the safe harbor provisions. Since the trial has not yet begun, it remains to be seen if they actually did so. We also don't know anything about the DMCA filings that Cox received.

The EFF has an article on what the DMCA repeat infringer policy means.

For those interested, Bruce Schneier's comments to the above article are here: NSA Tracks People Using Google Cookies, and the EFF's comments are here: NSA Turns Cookies (And More) Into Surveillance Beacons.

Some new version of the The EFF SSL Observatory https://www.eff.org/observator... to send details on strange altered deeper browser settings?
3rd party tools that remove all browser related data? Smarter browsers that have built in very deep clean options as a browser closes a window, tab or quits?
The 'analytics tools' are hard to escape even with a rotated VM, different browser, VPN, used OS, reported resolution, time zone?

Put simply, there exist plenty of systems and techniques that don't depend on a third-party who could possibly grant access to secure communications. These systems aren't going to disappear. Why would terrorists or other criminals use a system that could be monitored by authorities when secure alternatives exist? Why would ordinary people?

That's a really easy answer -- terrorists use these simple platforms for the same reason normal people do: because they're easy to use. Obviously a lot of our techniques and capabilities have been laid bare, but people use things like WhatsApp, iMessage, and Telegram because they're easy. It's the same reason that ordinary people -- and terrorists -- don't use Ello instead of Facebook, or ProtonMail instead of Gmail. And when people switch to more complicated, non-turnkey encryption solutions -- no matter how "simple" the more savvy may think them -- they make mistakes that can render their communications security measures vulnerable to defeat.

If the choice was between (easy & insecure) and (hard & secure), you'd have a point, but there's plenty of easy ways to have secure communication: for example, OTR-over-(any IM protocol) is about as simple as it gets (it's literally a one-click thing, and can be set to automatically go secure with no user interaction), doesn't depend on a provider for keys, and can work with any IM network. If someone can install an executable file, they can install and use OTR.

Sure, it doesn't conceal metadata, but most (all?) IM networks leak metadata as well. XMPP-over-Tor-hidden-service can help mask that, and isn't really complicated for the users ("Open Tor, click 'Connect' and wait for the green light, then open your IM client.").

Tox is another option: anonymous, distributed, and with no single point of failure. It's as easy to use as any other IM client.

Even if secure communications weren't as easy as non-secure methods, there's plenty of easy-to-follow guides on how to setup and use secure methods. It's hardly rocket science, and those methods aren't going away, so there's no reason to expect that bad guys that are motivated to keep their communications private will avoid them simply because they may be slightly more difficult.

I'm not saying that the vendors and cloud providers ALWAYS can provide assistance; but sometimes they can, given a particular target (device, email address, etc.), and they can do so in a way that comports with the rule of law in free society, doesn't require creating backdoors in encryption, and doesn't require "weakening" their products. And of course, it would be good if we were able to leverage certain things against legitimate foreign intelligence targets without the entire world knowing exactly what we are doing, so our enemies know exactly how to avoid it. Secrecy is required for the successful conduct of intelligence operations, even in free societies.

Sure, a company could do that (and several do), but there's certainly a lot of interest from users to have secure systems (devices, accounts, etc.) that cannot be remotely unlocked or decrypted by the company or authorities (see Apple). Considering how massively the US Government abused its position of power and authority through massive, warrantless surveillance of people, hacking and snooping corporate networks, doing shady things like parallel construction, and generally violating everyone's trust, it should come as no surprise that there's some pushback from users and industry.

Statistically, the risk posed by terrorists is so low as to not be a concern in my day-to-day life. I'm in far graver danger from occasionally eating hamburgers or riding a bike than I am from terrorists. Considering that "free societies" are hardly permanent things, and that a major event or political upset can dramatically change the nature of government, I'm more worried abo

The NSA has only handed over data on American persons when compelled by a warrant.

https://www.eff.org/deeplinks/...

Full text (PDF) of the Amicus Brief is worth reading and not that long. Excerpts "The Eastern District has adopted certain procedural rules that benefit patent owners—particularly those with weak patents and no products—to the detriment of small innovators and those accused of infringement. These rules drive up costs to defendants and work to increase settlement pressure untethered to the merits of a particular claim for patent infringement." and "These rules, although facially neutral, give significant advantages to patent owners with minimal assets, dubious patents or infringement claims, or a goal of extracting undeserved settlements."

"The remote district’s role has only increased since 2011 and the latest data reveals that the Eastern District of Texas is headed to a record year. An astonishing 1,387 patent cases were filed there in the first half of 2015. This was 44.4% of all patent cases nationwide. And almost all of this growth is fueled by patent trolls." ref

"Recent changes to patent law have made it easier to beat patent trolls, but it hasn't made the patent hotspot of East Texas any quieter. In fact, it's been in the news more. Massive numbers of patent troll suits continue to be filed there, and the judge who hears most of them has erected barriers to defendants seeking to have their cases disposed of early. ref

FWIW, the EFF's HTTPS Everywhere can be configured to send all the certificates your Firefox browser sees to their SSL Observatory and has the option to make the submission over Tor if you choose.

FWIW, the EFF's HTTPS Everywhere can be configured to send all the certificates your Firefox browser sees to their SSL Observatory and has the option to make the submission over Tor if you choose.

Remember this? https://www.eff.org/deeplinks/...

Just do a search for the words (w/o quotes) "NSA spying parallel construction" and start reading.

As for being upset about this or that spying program, I'm looking for some place where the spying program was used in a manner to harm a US citizen who was not actually a criminal or a terrorist. I'm coming up short on that one.

That's unsurprising, since there's usually a few decades of lead time before you find out about these things.

Having said that, there are plenty of examples of real harm to non-criminals, but we don't know how much can be attributed to the wholesale spying program as such.

Effects in GCHQ (...) Now major part of business - 5% of Operations

Propaganda, Deception, Mass messaging, Pushing stories, Alias development, Psychology (quotes from the EFF slides, punctuation is mine)

While I do think controlling the content of the Internet is wrong, and I'm glad the Russians can't do it, it seems wrong to criticize those who wanted to do it in self-defense from people who is actually controlling it, specially without mentioning that and pretending they were paranoid.

Except that, cases like Citizens United relied on the idea that donation is like speech. It's one thing to have a general feeling that American Politicians are corrupt. It's another, completely, to have hard evidence about specific numbers of families. Lots of the scientific process is about questioning basic assumptions and when they turn out to be true, that's science too. In this particular case, last time we had a debate about the USA becoming an oligarchy there were comments warning people that they would lose power by opposing it and other ones claiming that this is about the US system working as intended and blocking change.

In reality the fact that a supposedly "liberal" president is passing (effectively) laws like the TPP which are specifically designed to introduce new protections for corporate interests over the interests of the people who voted for him and the fact that this was started by a supposedly "conservative" president, whilst being specifically designed to increase the power of the government to push corporate interests over the interests of the people who voted for him shows that the US constitution, with it's wonderful idea of separation of powers, has well and truly bypassed by people rich enough to control both major political parties, the courts and the president simultaneously.

Still a serious bug, but if forward secrecy had been widely deployed, much, much less threat exposure would have occurred.

Forward secrecy would have been a dramatic, powerful mitigation, because all the passive data stored by the NSA inside their evil mountain wouldn't be useful, but the remaining unmitigated vulnerability---ability to steal a site's private key and spoof or MITM it---is pretty serious.

That's the lesson. Code audits are great, but they still miss stuff and are expensive. Take good practices more seriously, and you get a lot of bang for your investment in time/money/whatever.

It's a good lesson, but I question your example because it's too roundabout. OpenSSL should've been written in C++ or Go, a low-level language that makes these kind of mistakes much harder for humans to make than C. We should have tools like https://github.com/google/sanitizers to catch the bugs automatically. We should not have twenty different serialization libraries like ASN.1, Protobuf, Thrift, etc., and we should always use a serialization library instead of serializing by hand. We should push our standards committees to design simpler protocols, or ignore them and make simpler nonstandard stuff (like OpenVPN vs IKE).

Still a serious bug, but if forward secrecy had been widely deployed, much, much less threat exposure would have occurred.

That's the lesson. Code audits are great, but they still miss stuff and are expensive. Take good practices more seriously, and you get a lot of bang for your investment in time/money/whatever.

I'll bite and reply to the obviously crazy and just smart enough to be dangerous, but not smart enough to be good...

On AMZN, of course you haven't found a good book on it. You're in an evolving war with hundreds of developers being paid to research better, faster, more accurate ways to track traffic. I personally know at least three people with PhDs working for fortune 500's whose research will never be published, but is being used for demographics right now. If you think cookies are a problem, try imagining what we can track when we control an upstream nameserver and have dynamically generated javascript.

Rewrite, spoof tracking on a case by case? Look, you could edit or rewrite cookies, javascript urchins, 1x1 pixel trackers. But without solving the halting problem, you aren't going to replace every javascript dependent application in existence. So, you get to block all or nothing, or try for your "better than average"/90th percentile solution.

"In theory it wouldn't be utterly hard to utterly micromanage your own computer". I posit that you are either more brilliant and motivated than linus torvalds, or utterly inept. Since you don't understand how to erase cookies without using your browser to do it, you clearly aren't more brilliant. You can manage as much as you're willing to put the time and resources into -- while degrading every other experience associated with it. Your "filesystem with memos" is called a virus scanner. In your case, it sounds like you should buy mcafee or symantec -- which concerns me even more. "Embezzlers everywhere"... really? What doctor discharged you from the psych ward?

1) Detailed information on incoming unexpected read/write requests could be done from a hypervisor or VM with a wrapper around a device driver..but...yuck For write requests, a containerized system like docker could do some of it with a few modifications. Of course, this will be useless on a modern operating system until you condition it to bypass logs, databases, registries, tempfiles, swap, last accessed timestamps.... What you basically suggest is a continuous realtime forensic analysis. A type of activity that typically takes a professional two weeks to write up a report about a 30 second intrusion -- done for every page you visit.

2) Check out an OS called qubes. I'm not sure I'd recommend it, but it's pretty close to what you're talking about in some ways. By the way -- get back to me when you understand you can't tell the difference between good and bad cookies reliably. Good and bad files? Yeah, go buy your antivirus.

3) You can use a whitelist or blacklist, the same as you can with browser plugins. That the add-ons exist does not demonstrate they are correct. If you want to do this, you could look at well known tools such as "privoxy". Enjoy your web without flash, and potentially nearly random broken pages.

4) I'm not sure this merits a reply, but I'd like to suggest you begin by defining "visit" and consider "first vs third party" cookies.

5) Seriously, "shredded"? At that point you should have started running an encrypted VM with memory pinned anyway. But let me wildly speculate by starting with "fuck that stupid idea" -- run a browser inside a VM with a custom profile on a mountpoint shared with the host OS. Of course -- it's up to you to keep the cookies clean.

I'll assume you're prepared to lose most performance enhancing features that keep the internet fast. But what are you prepared to shred? Other cookies? Flash cookies? Browser history? Your IP address? The :visited property? ETag cookies? Are you willing to shred the very privacy enhancing characteristics that make your browser more unique and identifiable? https://panopticlick.eff.org/ ?

My summary: Give up and go back to the shrink.

You should be able to find some pretty straightforward documentation on HTTP cookies, flash data storage, HTTP Local Storage, and browser fingerprinting (see https://panopticlick.eff.org/ ). The tracking services aren't doing anything fancy -- they're just sharing that identifier behind the scenes. When you visit website1 they assign an id to your browser (via a cookie, or whatever). When you visit website2, it loads a script from website1 that puts your id somewhere into the DOM that website2's scripts can read and website2 assigns that id to your browser as well. Website3 does the same, and so forth. Then, websites 1 through N share the browsing habits of your id amongst themselves and gain some insight into what your browser is doing.

Wow. Two stories about how toxic the LKML is and how much of an asshole Torvalds is, and now this. I had thought the gender lunacy had been a little light lately.

Has Dice found a potential buyer? I've been lurking ever since it was announced they wanted to sell Slashdot. It fits right in with the Narrative that the future owners of Slashdot may very well have the primary interest of proving just how awful all of us geeks are. Well, at least the vast majority of posters here who are men.

Seriously, folks, you're just letting Dice troll you, and all you're doing is giving ammunition towards the Narrative. This will become important in the post-TPP, post-TTIP world, especially because the 3rd of these overreaching treaties, TISA may very well break the internet as we've known it.

The internet is anathema to TPTB. There's too many nerds getting in the way of SOPA et al, too many nerds making strong encryption more accessible to the common man. It's not just nerds, either. It's MGTOW, redpillers, and A Voice for Men (when the latter-most isn't busy embarrassing itself). It's the revelation of the gender lunatic agenda every time somebody like me points out how much of a farce rape cultures are. Thanks to the internet, many of us have awoken to realize that race as an issue is not over. On the open internet, built by geeks and nerds, run on open source software, heretical ideas that would completely demolish the control that the Masters of the Universe wish over us such as a minimum guaranteed income and single payer healthcare have begun gaining credibility, even among certain "bleeding heart" libertarians.

This smear campaign against nerds, geeks, etc in tech is just a ramp-up to give credibility towards enacting TPP, TTIP, and TISA. What are we, a bunch of misogynerds who send death threats to any woman with the "temerity to dare" engage in open source and do we endorse revenge porn? I should hope the hell not, and I've seen many, many ways that nerds and geeks are some of the most progressive and accepting individuals I know on matters of race and gender. This is why we allow ourselves to become so worked up at the idea that we've somehow, in the course of pursuing our hobbies and careers, despite our best efforts and egalitarian attitudes, somehow committed the inexcusable sins of sexism and racism and are responsible for the lack of women and minorities among our numbers.

Do not let the news media, which either Dice or the buyer its wooing at the moment, manipulate you. Yes, there's sexism and racism out there. Some damned sexist convinced a very bright young woman I had the honor of mentoring as a developer that she should major in English rather than join our ranks. That damned sexist was not a programmer or a network administrator or an engineer. That damned sexist was in all likelihood a teacher or school counselor who said, "Stay away from those misogynerds! Get a nice English degree so you can find a husband."

There is one point and one point only of stories like TFS: to troll for and generate "proof" of the misogynerd.

Well, that's my $0.02.

For the record, if you're still reading, I have no personal problems with outreach efforts. More power to them. They face an army of non-technical sexists. On that basis, I feel sorry for them. They will likely continue to fail, because the outreach needs to happen in high schools and middle schools. I hope they succeed, but when they fail, it's more proof of the Narrative.

--kurenai.tsubasa

Captcha: denature

Different AC here. The TPP is just one part. TISA and TTIP are the other two parts. TISA would be the relevant one here, since it will effectively undo this EU ruling.

Some of this stuff really is sounding like what shortwave conspiracy shows were talking about in the 90s, just about 10-15 years behind schedule.

Well Slashdot, the Republicans that so many of you despise, are your last line of defense against the rod that is about to be rammed into you...

Lest some of you still harbor some iodide supposition this agreement will be desirable in any way, just look at the updates to DRM

Since Hollywood hates Republicans even more than most Slashdot readers, you'd think blocking this would be a no brainer. But many are swayed by money...

Stronger IP protections are generally being welcomed by the creative types I know.

"Stronger IP protections" are not for the "creative types you know". They're for the ownership types you know. And for the government types you know. Whistleblower protections would disappear and so would anything like fair use. It's the DMCA on a global scale. You comfortable with global enforcement?

The countries signing the TPP are not ones that generally violate IP protections, anyway.

https://www.eff.org/issues/tpp

Marshall, Texas.

NSA-provided data has not been — and can not be, not by itself, anyway — used to frame an innocent person.

You say that like innocent people aren't coerced into taking plea bargains or coerced into becoming government informants all the time.

An innocent person who has the means to get good lawyers can't be sent to prison based on NSA-provided data by itself. If you're willing to spend the time and lose a large chunk of your life in the process, you can probably make it go away eventually. Being sent to prison is hardly the only way that a government agency can harass you.

Remember the FBI's hamfisted attempt to blackmail MLK? He wasn't guilty of a crime, but that didn't matter.

Yeah. Try out that learning thing. And maybe start running a flavor of BSD.

Or stop being a putz, because Linux, BSD or anything else, a chump like you isn't going to audit the source of every program installed on your system.

Nor would you be auditing the code of all software on any system. Nor does any company or agency audit the source for all software in existence. But someplace, somewhere, at some time, somebody adept... will certainly notice some funky ass traffic or process and look into it for any given software, especially an OS. I know I have. The world has a lot of very computer literate people. Some others can't tie shoes.

Your stupid ass argument is that since nobody will read every fucking line of source from every fucking program installed on their system that they won't notice a software or OS doing some shady bullshit. How do you think people found out Microsoft is spying on the entire globe now with Windows 10 and 7/8/8.1 (back-ported) ? Ethereal (called Wireshark now) is not new what-so-fucking-ever. Nor are many other tools and apps to monitor traffic and processes.

People don't have to read the fucking source code for a BSD kernel and the source code for all modules and the source code for drivers and the source code for all apps. Nor do they have to do 4 years of study on each protocol used. What happens is first somebody adept will/does notice the unwanted traffic or unwanted process... then AFTER NOTICING IT they begin to look at why their machine is doing some shady shit like keystroke logging or the other shit Windows does now. Then they have actual devs to reach out to and say wtf. They also can inform users - around the entire planet.

With Windows being the closed source variety of global fucking spyware, even if you identify the processes you can't modify them. You can only possibly block the traffic. There are no devs you can reach out to that isn't bound to an NDA and layers of Microsoft bureaucracy. They won't even say fuck you. They will say "huh? what? oh oh you mean our agreement that you clicked on. Nobody made you use it." Windows 10 is a global fuck you to the public. Windows 10 says "it is our shit, we sell it, fuck you if you want to use it it's by our rules." Also have some bait. DX12.

Nah I can skip a few extra pixels in games in exchange for not having my PC hot-mic'd and keystroke logged and sent by default to some bullshit spyware corporation.

Or stop being a putz

a chump like you

You sound mad and it's obvious as fuck that all you wanted was to call somebody a putz and a chump. You're a punk bitch mother fucker, deal with it.

I have used all flavors of BSD, and most distros of Linux (most means over 50%)... Ubuntu and Redhat/Fedora are the Microsoft wannabe's of Linux. The rest (right now) are great. distrowatch.com

One of the many advantages of open source is somebody can locate the origin and destination of the malware/spyware and identify it's intended purpose. Then the world gets told which lines of code fucked them over. Then they are fixed accordingly, or rejected by the user base and discarded. In general these are people that love computing.

With closed source software like WINDOWS you can't do that shit. And now... guess what putzy chump... Windows 10 is Global mother-fucking global-public-back-stabbing anti-trusted SPYWARE IN TOTALITY. Any Linux that had even a fraction of Windows' new spyware shit... would be a blacklisted distro. The same goes for BSD. Nobody in their right fucking mind would use that shit.

Next you can try to claim that "nothing is perfect" so here use my shitware/spyware/malware Windows Global Spyware 10, because nothing is perfectly secure. Then cite Ubuntu and Redha

Yeah. Try out that learning thing. And maybe start running a flavor of BSD.

Or stop being a putz, because Linux, BSD or anything else, a chump like you isn't going to audit the source of every program installed on your system.

Nor would you be auditing the code of all software on any system. Nor does any company or agency audit the source for all software in existence. But someplace, somewhere, at some time, somebody adept... will certainly notice some funky ass traffic or process and look into it for any given software, especially an OS. I know I have. The world has a lot of very computer literate people. Some others can't tie shoes.

Your stupid ass argument is that since nobody will read every fucking line of source from every fucking program installed on their system that they won't notice a software or OS doing some shady bullshit. How do you think people found out Microsoft is spying on the entire globe now with Windows 10 and 7/8/8.1 (back-ported) ? Ethereal (called Wireshark now) is not new what-so-fucking-ever. Nor are many other tools and apps to monitor traffic and processes.

People don't have to read the fucking source code for a BSD kernel and the source code for all modules and the source code for drivers and the source code for all apps. Nor do they have to do 4 years of study on each protocol used. What happens is first somebody adept will/does notice the unwanted traffic or unwanted process... then AFTER NOTICING IT they begin to look at why their machine is doing some shady shit like keystroke logging or the other shit Windows does now. Then they have actual devs to reach out to and say wtf. They also can inform users - around the entire planet.

With Windows being the closed source variety of global fucking spyware, even if you identify the processes you can't modify them. You can only possibly block the traffic. There are no devs you can reach out to that isn't bound to an NDA and layers of Microsoft bureaucracy. They won't even say fuck you. They will say "huh? what? oh oh you mean our agreement that you clicked on. Nobody made you use it." Windows 10 is a global fuck you to the public. Windows 10 says "it is our shit, we sell it, fuck you if you want to use it it's by our rules." Also have some bait. DX12.

Nah I can skip a few extra pixels in games in exchange for not having my PC hot-mic'd and keystroke logged and sent by default to some bullshit spyware corporation.

Or stop being a putz

a chump like you

You sound mad and it's obvious as fuck that all you wanted was to call somebody a putz and a chump. You're a punk bitch mother fucker, deal with it.

I have used all flavors of BSD, and most distros of Linux (most means over 50%)... Ubuntu and Redhat/Fedora are the Microsoft wannabe's of Linux. The rest (right now) are great. distrowatch.com

One of the many advantages of open source is somebody can locate the origin and destination of the malware/spyware and identify it's intended purpose. Then the world gets told which lines of code fucked them over. Then they are fixed accordingly, or rejected by the user base and discarded. In general these are people that love computing.

With closed source software like WINDOWS you can't do that shit. And now... guess what putzy chump... Windows 10 is Global mother-fucking global-public-back-stabbing anti-trusted SPYWARE IN TOTALITY. Any Linux that had even a fraction of Windows' new spyware shit... would be a blacklisted distro. The same goes for BSD. Nobody in their right fucking mind would use that shit.

Next you can try to claim that "nothing is perfect" so here use my shitware/spyware/malware Windows Global Spyware 10, because nothing is perfectly secure. Then cite Ubuntu and Redhat again.

http://t

Yeah. Try out that learning thing. And maybe start running a flavor of BSD.

Or stop being a putz, because Linux, BSD or anything else, a chump like you isn't going to audit the source of every program installed on your system.

Most reasonable people agree that some adult authority figures made serious mistakes. These mistakes suggest a combination of islamophobia, teenagemalephobia, plain old racism and technophobia. For Ahmed, our binary political rhetoric collapsed into two states and since Ahmed's accusers were wrong, then Ahmed must be right.

I can't think of any of my science or engineering friends who would have made it through school in the 70s and 80s under such a zero tolerance system. But I do have a number of questions: Does Ahmed deserve the praise he is getting or is he merely being used as a political campaign? Put another way, if you had done something like this and Obama stood up and declared you brilliant and innocent, would you feel worthy or would you feel a tiny bit of guilt over the fact that you lie somewhere on the spectrum between guilty and genius?

With all that has been written on Ahmed and his clock, I have a number of unanswered technical questoins:

• What noise did it make? Was a ticking sound also part of its functionality?
• Was the 110V cord plugged in during English class? Why?
• Why was the briefcase/suitcase described as a pencil case? Every pencil case I've seen is large enough to hold no more than a few dozen pencils. Ahmed's seems like it could hold 1000.
• When was the pencil case purchased? Was it a reuse of an old case or was it purchased purposely for the clock? If it was purchased for the clock, why not use a case which would allow the clock's display to be seen from the outside.
• Cool clock? Seriously? Is assembling this really exceptional for an American kids of his age? I work with younger kids at a coderdojo, I've met kids at makeshops and science fairs. Most are capable of far more complex, interesting and scary inventions. A volcano or potato clock might even be more interesting.
• Taking apart, reusing and "hacking" existing devices would have been far more impressive, though potentially much more illegal under DMCA and other draconian federal laws.
• Where was Obama, the tech industry and the press when 14-year old Domanik Green's faced felony cybercrime charges instead of internships and invitations to the Whitehouse?

I would just like to point out that one of the big CableCo execs a few years back suggested that yes, going to the bathroom during commercials is stealing (but they have "tolerance" for that, thanks guys).

https://www.eff.org/effector/1...

Isn't it already in the DMCA laws that complaints must have some merit with regards to fair use?

not explicitly.

the complainer has to assert under penalty of perjury that
“We have a good faith belief that the above-described activity is not authorized by the copyright owner, its agent, or the law.”

Universal argued that fair use didn't count as authorization - but was more like an excuse which protected a user from the normal consequences of their infringing usage.

The court disagreed - they declared that fair use was an explicit authorization under the law.

the ruling is here:
https://www.eff.org/files/2015...

Similar to Panopticlick. Even just information that is easily available from your web browser can narrow you down to a specific machine. Who needs to store cookies on machines when you can pretty much identify the machine uniquely anyway.

Microsoft is fighting a pretty straightforward fight here. There are large ramifications, most negative, for a loss.

Here's the EFF, staunchly advocating for Microsoft on this issue:
https://www.eff.org/deeplinks/...

You want Privacy Badger, from the EFF. Unfortunately not validated on the latest Firefox version. ..
https://www.eff.org/privacybad...

A piece of paper with the authority to throw you in jail.

True, but they would have to go to court to accomplish that.

My understanding is that all NSLs come with a gag order. If you go to a lawyer you violate the secrecy gag.

Not true. The EFF says: "Can I talk to a lawyer if I receive an NSL? Yes, you can talk to an attorney for legal advice if you receive an NSL, but the lawyer is then bound by the gag order just as you are."

Also, not all NSLs come with a gag order, just most.

First and foremost, without a statute or court decision giving this voluntary policy the force of law, there will be no consequences if law enforcement agents flout its terms and continue using Stingrays as they haveâ"without warrants. With only this policy shielding us, thereâ(TM)s nothing keeping warrantless Stingray evidence out of court, and therefore nothing to deter agents from behaving badly.

browser extension by EFF to automatically switch to HTTPs.

https://www.eff.org/Https-ever...

I have to admit I am still hoping that the EFF will win their dmca case https://www.eff.org/deeplinks/...

I would personally like to be able to play tso again even if only on a empty local server.

I paid for a copy of the client and was a 4 year+ subscriber none of it is usable now.

I although I quit buying the sims 2 expansions and stuff packs after sims 2 seasons in 2007 I couldn't keep up with the cost at the time.

Also
Dear EA I am still willing to pay the $100 I offered you a few years back for sims 2 complete collection. How about that physical copy I asked for?

sincerely sims.

This guy was arrested and convicted of conspiracy for fantasizing about kidnapping and canibalizing women in online chat rooms. He claims it was just fantasy role playing.

This is the perfect kind of case for this sort of thing - not only is the talk about something criminal, it is disgusting and morally repugnant. Really easy to get everyone worked up over something like that.

Conspiring to skirt federal open records laws? Nah, not so much. Even if officials actually carry out that sort of conspiracy.

Correct.

By refusing to hear Heptig vs. AT&T and caving to Congressional Complicity by granting (retroactive) immunity to telecom employees, NSA managed to escape a certain level of scrutiny for full-backbone tap technology, and a certain stretch of road that may have had AT&T admitting corroboration in a purely (or massively) domestic spying operation.

As this corroborative glimpse shows... Heptig vs.AT&T may not just have revealed AT&T consenting to unconstitutional, illegal surveillance forbidden by NSA charter by simply plugging in and splitting fiber into racks and rooms provided by NSA. It may have shown that NSA was actively developing this technology in partnership with AT&T (perfectly fine) but also listening to the conversations of Americans while doing so (not so fine).

I hate repeating myself, see this background post. At the very least if you're not up to speed on Heptig vs AT&T please review this case. It's the closest we had been to a true turning point to reveal and roll back true-Orwellian full content tap framework before it's too late.

Judge not Caesar, who is fulfilling his own destiny. Judge the idiots and bastards who are polishing his empty throne in anticipation of his arrival by building a state-wide surveillance apparatus.

Perhaps it's too late.

By refusing to hear Heptig vs. AT&T and caving to Congressional Complicity by granting (retroactive) immunity to telecom employees, NSA managed to escape a certain level of scrutiny for full-backbone tap technology, and a certain stretch of road that may have had AT&T admitting corroboration in a purely (or massively) domestic spying operation.

As this corroborative glimpse shows... Heptig vs.AT&T may not just have revealed AT&T consenting to unconstitutional, illegal surveillance forbidden by NSA charter by simply plugging in and splitting fiber into racks and rooms provided by NSA. It may have shown that NSA was actively developing this technology in partnership with AT&T (perfectly fine) but also listening to the conversations of Americans while doing so (not so fine).

I hate repeating myself, see this background post. At the very least if you're not up to speed on Heptig vs AT&T please review this case. It's the closest we had been to a true turning point to reveal and roll back true-Orwellian full content tap framework before it's too late.

Judge not Caesar, who is fulfilling his own destiny. Judge the idiots and bastards who are polishing his empty throne in anticipation of his arrival by building a state-wide surveillance apparatus.

Perhaps it's too late.