Slashdot Mirror

Compared to Facebook, that's pretty harmless.

The "Like" button reveals to facebook every website you visit:
http://in-other-news.com/2011/What_Facebooks_Like_buttons_reveal

And facebook even tries to ban workarounds that prevent their buttons from sending data without being clicked:
http://www.heise.de/newsticker/meldung/Facebook-beschwert-sich-ueber-datenschutzfreundlichen-2-Klick-Button-2-Update-1335658.html

According to what i understand: The leak is confirmed (1) independently and also by one of the WL partners (4), which claimes it was in relation to Daniel Domscheids Bergs (DDB) return of this data and a human error on the side of wikileaks which resulted in a password and the data being published. It has been known to insiders for some time, claims a known german tech Journalist who wrote (3) in a comment to (1), direct link to his commen (6). Several of these suggest that the handling of the data which was returned by DDB to Wikileaks and the uncontrolled release of the data an password were the reasons for DDB to destroy the remaining WL data instead of returning it. Other sources claim he is wrong.

(1) http://netzpolitik.org/2011/leck-bei-wikileaks-bestatigt/

(2) https://netzpolitik.org/2011/leck-bei-wikileaks/

(3) http://www.heise.de/tp/artikel/34/34398/1.html

(4) http://www.spiegel.de/netzwelt/web/0,1518,782923,00.html

(5) http://www.golem.de/1108/85993.html

(6) http://netzpolitik.org/2011/leck-bei-wikileaks-bestatigt/#comment-434548

If you are in the EU, there is currently a public EU consultation on open access (deadline 09 September). This was also mentioned on German heise.de earlier this week.

Well, according to heise.de (german), about 250 policemen were involved. On my scale that is massive, even if the number of people arrested is not that high.

19 policemen per person seems like a bit of overkill.

This is it: http://www.heise.de/newsticker/meldung/Microsoft-bevorzugt-HTML5-statt-Silverlight-1128262.html (article is in German)

Well, according to heise.de (german), about 250 policemen were involved. On my scale that is massive, even if the number of people arrested is not that high.

Copying and pasting the first paragraphn is 1) misleading 2) an extremely poor way to do a SUMMARY. This is what is missing "GVU states that Kino.to was working closely with the sites that hosted the copyrighted films, and that they profited from commercial partnerships with these companies."

So it was not a SIMPLE linking as the first paragraph make seem to believe.

Good point. Also stated in these articles here: (sorry could not find anything in english) http://heise.de/-1257486/ and http://www.spiegel.de/netzwelt/netzpolitik/0,1518,767375,00.html/

Basically what was stated is that not only was kino.to taken down but also the filehosting and portal sites behind it. The people running these sites (kino.to and others) are not explicitly being charged for linking copyrighted material(ASFAIK this is still somewhat of a grayzone in Germany) But rather for building an organized criminal organization. If prosecuted in a German criminal court this could lead to a 5 year jail sentence.

The summary is very uninformative. This needs to be mentioned:

- The reason for the seizure was topic of speculation all day long. It was very soon suspected that the reason was abuse of the "piratenpad", a publically available etherpad installation operated by the pirate party. Apparently this platform was used to coordinate a DDoS attack against the french energy and utility company (according to Wikipedia the largest of the world) EDF. Pirate party later stated that a SSH key for there webserver was posted on the piratenpad. See http://www.heise.de/newsticker/meldung/Polizei-kapert-Server-der-Piratenpartei-1246963.html (german).

- This service was only running on one of the servers but the police took all servers nethertheless which includes their mail and other important infrastructure.

- The seizure was not the result of some german investigation but rather a reaction to a judicial assistance request by the french police.

- As well-known german lawyer Udo Vetter points out (http://www.lawblog.de/index.php/archives/2011/05/20/ein-akt-der-deutschen-behrden/ - german) the german police was not required by law to react in this way. Furthermore political parties are somewhat protected by law and it is very arguable that the measures taken were adequate as required by law.

- There is a state election in the German state of Bremen on Sunday. The pirate party is running there. This seizure is of course very unfortunate in light of this. This has promptly caused conspiracy theories that the reason for the seizure might be political.

Occasionally we document it when we do, like the NSA back door in Lotus Notes: http://www.heise.de/tp/artikel/2/2898/1.html

OTOH, sometimes we don't; like when we blew up the Soviet pipeline with software trojans: http://www.damninteresting.com/the-farewell-dossier

But regarding Windows and this anti-virus software? C'mon - you can pretty much bet that every country in which Microsoft has software developers already has their own back doors (disguised as accidental security bugs). How else can you explain that OS having so many more QA resources than comparable scale OS's (linux, bsds, unixes, etc) but having so much worse a security reputation.

The result: The best technique is using polarized glasses, as those are the lightest and thus best to wear (i.e. a non-technical reason) while tester subjects found the shutter glasses to be too heavy and in some cases unbearable. Furthermore the reduced resolution of the polarization technique did not matter (most of the test subjects did not even notice). They also point out, however, that one of the main argument commonly heard against shutter glasses - flickering - was not a problem reported by any of the test subjects.

I would love to see a scientific study with a greater number of subjects...

Tens of thousands of people were probably killed by the quake and the resulting tsunami.

But anti-nuke activists will consider this the worse tragedy and use it at every chance to fight against the building of more modern and much, much safer designs.

Exactly. Your point being: When the house is shaking one shouldn't worry about the butcher knife stored on the shelf above your bed. Instead you recommend going on with that practice.

Telepolis assumes more is happening: if the reactor breaches, Tokyo is within the fallout radius. - Unless one encapsulates the reactor in concrete and sacrifices the workers doing that job:

Heise Google translate

After looking up the Wiki source for the claim here and then butched with Google translate, I get the (bad engrish) line of:

Apple DEP since 2006 and the first implementation was to have only for the stack, not even for the heap.

What this tells me is that while Apple had a form of DEP since 2006, it was a very small, non-complete version of DEP (so to speak) which would explain when Charlie Miller states that OSX didn't have DEP until Snow Leopard (guessing thats when they used a more full/true version of DEP).

I find it funny that they write that there were no "immediate" increased costs, which probably means that they have a moratorium on license fees for a year or two after which the costs will skyrocket. The article also says that security issues were independent of whether or not open source was used. That completely contradicts every unbiased assessment ever made.

And, of course, the results of the actual studies performed in 2009 and 2010 came to a different conclusion (my translation) "Both studies referenced in the unpublished reports come to the conclusion that the open source strategy for the foreign ministry has worked correctly and that Linux desktops are a viable route. However, there are issues with interoperability and acceptance issues which need to be addressed. McKinsey warned that a return to Windows would cause significant middle-term license and migration costs, even though this route might seem attractive to users with less linux acceptance."

Original: http://www.heise.de/newsticker/meldung/Linux-im-Auswaertigen-Amt-Rueckmigration-auf-Windows-nicht-zwingend-1192284.html
Beide Male, wird aus den nicht öffentlichen Ergebnisberichten zitiert, kommen die Unternehmensberater zu dem Schluss, dass die Open-Source-Strategie im AA funktioniert und dass Linux-Desktops ein "gangbarer Weg" seien; allerdings müssten die Interoperabilitätsprobleme angegangen und gegen die vorhandenen Nutzervorurteile angekämpt werden. Für den Fall einer Rückmigration auf Windows warnt McKinsey vor mittelfristig erheblichen Lizenz- und Migrationskosten, auch wenn dieser Weg angesichts der geringen Linux-Akzeptanz bei den Mitarbeitern aus Nutzersicht attraktiv sei.

necessarily .

The german foreign office is headed by Guido Westerwelle, FDP. FDP is the german liberals party, and they have "aligned [themselves] closely to the promotion of free markets and privatisation" from wikipedia.org https://secure.wikimedia.org/wikipedia/en/wiki/Free_Democratic_Party_(Germany).

netzpolitik.org seems to have documents from a McKinsey survey which support the opposit claim, in particular that Windows single boot would be technically possible and attractive from a user's perspective, but expensive, work intensive and hard to justify [Freely translated from https://www.netzpolitik.org/2011/interne-dokumente-des-auswartigen-amtes-zur-anderung-der-open-source-strategie/#more-20730]

A survey article about the matter can be found at [heise.de http://www.heise.de/open/artikel/Die-Woche-Kein-Linux-im-Auswaertigen-Amt-1191310.html] google translate is http://translate.google.com/translate?hl=en&sl=auto&tl=en&u=http%3A%2F%2Fwww.heise.de%2Fopen%2Fartikel%2FDie-Woche-Kein-Linux-im-Auswaertigen-Amt-1191310.html

The article on heise.de has a link to internal documents of the Foreign Office, which shed a little bit different light on the whole thing.

Systemimmanentes Analphabetentum in Hinsicht auf Technik / Polytechnik, auf die Arbeitswelt und in abgemilderter Form auch auf die Ökonomie

The left-wing agenda behind proposed solutions does not take the truth out of the deficiencies identified in their argument.
As a matter of fact much of Europe has long suffered from a "brain drain" to the U.S. perceived to promise more recognition (and reward) in scientific careers.

...or try to use them but fail and fallback to IPv4 a millisecond later.

Almost right. If the browser thinks it has IPv6 connectivity it will try, and it will fallback to IPv4. The fallback to IPv4 will take something like 30-60 seconds though!

That's exactly the problem Yahoo faces. People with broken IPv6 connectivity will experience serious delays when visiting their site. This has withheld other large sites, such as Google, from running dual-stack before. A test done by the large German website Heise.de shows the reality is not that rough. During one day they enabled dual-stack access for their website. Among the approximately one million visitors, only five experienced problems due to broken IPv6. After this experiment they decided to simply keep IPv4 + IPv6 enabled. See http://www.heise.de/netze/meldung/IPv6-Tag-bei-heise-de-Erste-Ergebnisse-1081201.html

Of course this percentage will vary according to the demographic of a site so, as Heise has shown, the best way is to test it. On 8 June, 2011, Google, Facebook, Yahoo!, Akamai and Limelight Networks will be amongst some of the major organisations that will offer their content over IPv6 for a 24-hour "test drive". See http://isoc.org/wp/worldipv6day/

All of Germany (or at least those that understand how a computer works) has been facepalming over this since it was introduced (article is in German) 10 days ago.

What's worse: It was lauded by our minister of consumer protection as an example of German innovation. How embarrassing. Government-sponsored publicity for something that even the inventor admits won't stop anyone from taking a screenshot. Geeks in Germany have been taking the system apart over the last couple of days. There's already a hack that circumvents the Firefox plugin.

They had their servers respond to both IPv4 and IPv6 on the same domain name for a day. Among one million visitors they only had 5 with a problem. 2 could be solved by rebooting the router and or the computer, 2 had unreleated problems with their internet, and one actually had triggered a bug in the OS.

http://www.heise.de/netze/meldung/IPv6-Tag-bei-heise-de-Erste-Ergebnisse-1081201.html

The operator of one of the biggest German web sites, the Heise publishing house, held its own IPv6 day on the 16th of September 2010. Their domains got AAAA records in addition to the IPv4 A records and the web servers responded to IPv4 and IPv6. Long story short: The test produced much fewer problems than expected and two weeks after the test, Heise.de enabled IPv6 permanently. The story is here (in German).

http://www.spiegel.de/politik/deutschland/0,1518,636397,00.html http://www.heise.de/newsticker/meldung/Familienministerin-bedauert-Kinderporno-Fauxpas-mit-Indien-5885.html http://www.rga-online.de/lokales/bergische3Wirtschaft.php?userid=&publikation=2&template=phparttext&ausgabe=39610&redaktion=1&artikel=109544842

There are many router manufacturers, that plan to roll out devices, which are IPv6-capable, in Q1/Q2 2011. In Germany, Telekom (german only, sorry) plans to give IPv6-Adresses to end users in 2011. The rough tranlation is, that they plan to give people a /56-prefix to build own subnets.

Pretty much. The largest german consumer ISP recently announced its plan to enable an IPv4/IPv6 dual-stack on all DSL connections by the end of 2011. Source in German.
Several server hosters already implemented IPv6 during the last few months.

It's really overdue. All mobile ISPs that I've seen so far only offer NAT'ed Internet access. Horrible.

Had! They had iPhone exclusivity. O2 and Vodafone will soon sell them, too. (German article).

Wow, I didn't know Steve Ballmer was german

There was an interesting interview in a german online magazine about how Nobel's ideas have been betrayed by politicians. This years peace price - just like many in the recent years and decades - has nothing to do with peace and everything to do with politics.

Major german IT publisher Heise just went live A/AAAA with all their domains yesterday.
Their comments from the full 24h hour test they ran the other week: the rate of real ipv6 problems for http clients was barely measurable.

Article in German.

They also run an english service targetting the UK.
Although they don't seem to have switched AAAA on for that domain

or just get a wetab http://wetab.mobi/en

Word is that it sucks bad [German]... (Ships without the promised Android compatibility layer, without hardware video acceleration enabled, without Flash...) Pity, it's a nice concept...

Quoi que l'on fasse, les lois positives ne sauraient jamais entièrement remplacer l'usage de la raison naturelle dans les affaires de la vie. Les besoins d'une société sont si variés, la communication des hommes est si active, leurs intérêts sont si multipliés, et leurs rapports si étendus, qu'il est impossible au législateur de pourvoir à tout.

Behold, a CRT vector graphics implementation of Asteroids. The article (in German) describes the whole project. The logic hardware is recreated as an FPGA "program". An X-Y-capable oscilloscope can be used as the display.

Behold, a CRT vector graphics implementation of Asteroids. The article (in German) describes the whole project. The logic hardware is recreated as an FPGA "program". An X-Y-capable oscilloscope can be used as the display.

The next best thing would be a dedicated live-CD for online banking. There is Bankix http://www.heise.de/ct/projekte/Sicheres-Online-Banking-mit-Bankix-284099.html, but afaik only in German.

Seconded.

C't - Magazin fuer Computertechnik

Learn German if you must; this magazine is a winner, most other magazines don't come close to its hobbyist- and tinkering-friendliness. Published by Heise. It's also translated into Dutch.

Tip: Speicher = memory, Festplatte = harddisk :-)

To give you an idea, the C't magazine was the first place I found out about the AARD code. Recommended!

Horst Köhler just hesitated to sign the law because he wanted to inspect it thoroughly. Later he signed it
http://www.heise.de/newsticker/meldung/Bundespraesident-unterzeichnet-Websperren-Gesetz-933180.html

There has been a similar european project named "Hopper". It was planned as a first stage for a launch to orbit. Unfortunately it did not get past a glide test with automatic landing of a 1:7 prototype (German article with pictures). I remember that German state funding was cut after politicians became aware of the project, and comanies unwilling to finance this solely.

Sorry, but you have totally misunderstood the case. There was no law against Open Wifi, in fact there was no fine or damages involved.

However due to the copyright infringement that did occur on the user's network he was liable for the [capped] lawyer fees involved in sending him the cease-and-decist letter.

The law in question actually stops copyright holders from demanding damages and limits this kind of cases to a maximum of 100 Euros in compensation [to the complainant].

The judge stated that users have a responsibility under German law to secure their networks, simply turning on encryption and changing the default password, based upon the existing legal situation.

Even if the user fails to secure it, properly or not, he could not be held liable for damages.

"Wer folglich ein nach diesen Kritierien unzureichend gesichertes oder gar gänzlich offenes WLAN betreibt, kann künftig für jede Urheberrechtsverletzung auf Unterlassung in Anspruch genommen werden, die über den Anschluss begangen worden ist. Allerdings dürften nunmehr die zu erstattenden Abmahnkosten auf 100 Euro beschränkt sein, außerdem muss kein Schadensersatz an den Rechteinhaber geleistet werden."

http://www.focus.de/digital/computer/bundesgerichtshof-wlan-betreiber-muessen-ihr-netz-schuetzen_aid_507474.html

http://www.heise.de/newsticker/meldung/BGH-schraenkt-Folgen-der-Stoererhaftung-fuer-WLAN-Betreiber-ein-998591.html

I sometimes can't decide whether comments like this are supposed to be funny (which they admittedly are) or whether they're an honest expression of deep self-loathing.

David: Is this a game or is it real?
WOPR: What's the difference?

A strange game, and dammit, I just lost The Game, I mean, I shoulda hooked up with that hot married woman back when I was in college and hadn't fully achieved nerdvana :)

Once upon a time, the DE-NIC was very respected in the german internet community. But several things happened lately, that let the trust erode. There were internal power struggles, the rising influence of domain traders inside the DE-NIC and the surprising distribution of the two-letter-domain-rush (25% of all domains ending in the hands of a single person). Perhaps this outage will be a wakeup call. If we only count the time spent on customers calling the hotline, the damage for my company is several thousand dollars.

CU, Martin

Obviously, you're not well-versed in Erik Moeller's groundbreaking off-Wikipedia research, "Kinder sind Pornos":

http://www.heise.de/tp/r4/artikel/4/4158/1.html

"Nonviolent pornography does no harm"

"I would also reiterate that there is no empirical support for the hypothesis that pornography promotes harmful behavior in adolescents or adults."

He's clearly an expert.

The German computer magazine c't held a contest (German link) for the best Asteroids-playing artificial intelligence - it wasn't mechanical, but merely transmitted virtual keystrokes to a server that was running the game.

I suppose adding a robotic element would add additional complications such as the reaction time of the limbs, and recognizing the playing field via optical sensors.

German computer magazine c't started a very similar project called http://www.heise.de/ct/projekte/Sicheres-Online-Banking-mit-Bankix-284099.html (German) a few years ago. It's not set up for any one bank, obviously.

See http://www.heise.de/ct/projekte/Sicheres-Online-Banking-mit-Bankix-284099.html
(in German. Babelfished translation here:http://translate.google.com/translate?js=y&prev=_t&hl=en&ie=UTF-8&layout=1&eotf=1&u=http%3A%2F%2Fwww.heise.de%2Fct%2Fprojekte%2FSicheres-Online-Banking-mit-Bankix-284099.html&sl=de&tl=en)

From a today's article over at German IT news portal Heise. Revenue in 2009:

• Zynga: $200 million
• Playfish: $75 million
• Playdom: $50 million

Overall estimated money spent on social gaming in 2009: $490 million. Estimates for 2010: $835 million.

There was a study done by the german computer magazine c't some years ago.
Result: While all participants were music semiprofessionals, their rate of correct attribution to the right source was only slightly above random chance, with the best one being someone with impaired hearing and thus a different reception than a normal person, who was pretty good in spotting the MP3. With higher bitrates for MP3, they even got worse than random chance.

You could google on _NSAKEY or NSA_KEY or NSAKEY and find what some security researchers in Europe discovered and published. For instance http://www.heise.de/tp/r4/artikel/5/5263/1.html
A Microsoft officer offered to explain the presence of NSA_KEY, and indeed gave a partial clarification. Microsoft then declined to answer the follow-up questions which were asked, and refused to explain why they were not answering. http://cryptome.org/nsakey-ms-dc.htm
Read into this whatever you like - innocent, tinfoil hat, or otherwise. Here's the wikipedia story about it; feel free to vandalize^W improve it with your comprehensive knowledge. http://en.wikipedia.org/wiki/NSAKEY

Movies and television. I live in Germany and exclusively watch US TV because German TV is shit.

True

(And German IT sites for that matter).

heise.de Probably the best IT site out there. Period.

Dr Nicko van Someren reported at last year's Crypto 98 conference that he had disassembled the ADVADPI driver. He found it contained two different keys. One was used by Microsoft to control the cryptographic functions enabled in Windows, in compliance with US export regulations. But the reason for building in a second key, or who owned it, remained a mystery.

Two weeks ago, a US security company came up with conclusive evidence that the second key belongs to NSA. Like Dr van Someren, Andrew Fernandez, chief scientist with Cryptonym of Morrisville, North Carolina, had been probing the presence and significance of the two keys. Then he checked the latest Service Pack release for Windows NT4, Service Pack 5. He found that Microsoft's developers had failed to remove or "strip" the debugging symbols used to test this software before they released it. Inside the code were the labels for the two keys. One was called "KEY". The other was called "NSAKEY".

Fernandes reported his re-discovery of the two CAPI keys, and their secret meaning, to "Advances in Cryptology, Crypto'99" conference held in Santa Barbara. According to those present at the conference, Windows developers attending the conference did not deny that the "NSA" key was built into their software. But they refused to talk about what the key did, or why it had been put there without users' knowledge.

The NSA has also been "helping" Windows' security development since then as well.

I always thought that was one of China's motivations for Red Flag linux: take out the U.S's backdoor and put in their own. Red Flag first appeared in 1999, the same year that this speculation of the NSA backdoor began.

German c't magazine recently published an interesting design for a directional WiFi antenna (about 9 dBi gain) which can be built from materials lying around in most households (not in mine, though - unless someone invents an antenna made out of discarded pizza cartons):

Example (he should have been more careful with the length and spacing of the wires)
The original article in c't (German)

Doesn't do much good for 11n, though, as that standard uses several antennas and the signal processing algorithms are optimized to use their specific characteristics.

The English-speaking media seem to fail to mention that Plurk is Taiwan based[1]... not in the People's Republic of China.

----
[1] http://www.heise.de/newsticker/meldung/Microsoft-hat-Aerger-in-Asien-886233.html (German)