Domain: slashdot.org
Stories and comments across the archive that link to slashdot.org.
Stories · 37,380
-
Senators Recommend FTC Perform Antitrust Investigation Of Google
SharkLaser writes "U.S. Senators have written to the U.S. Federal Trade Commission about their concerns over Google's Internet monopoly. Google executives did themselves no favors when the Senators looked at Google's business practices in September. When asked if Google has monopoly in online search, Google chairman Eric Schmidt is quoted as saying 'I would agree, Senator, that we are in that area.' Another worrying quote is from Marissa Meyer, Google's VP of location services, who said that it was 'only fair' that Google put its own sites on higher placements than competitors. The Senators are also warning that Google is only facing one real competitor (PDF), Microsoft's Bing. Almost all other metasearch engines use either Google or Bing technology to deliver search results, including DuckDuckGo which uses Bing. In Europe Google is currently under investigation of monopoly abuse and the EU has also delayed Google's purchase of Motorola Mobility." -
Senators Recommend FTC Perform Antitrust Investigation Of Google
SharkLaser writes "U.S. Senators have written to the U.S. Federal Trade Commission about their concerns over Google's Internet monopoly. Google executives did themselves no favors when the Senators looked at Google's business practices in September. When asked if Google has monopoly in online search, Google chairman Eric Schmidt is quoted as saying 'I would agree, Senator, that we are in that area.' Another worrying quote is from Marissa Meyer, Google's VP of location services, who said that it was 'only fair' that Google put its own sites on higher placements than competitors. The Senators are also warning that Google is only facing one real competitor (PDF), Microsoft's Bing. Almost all other metasearch engines use either Google or Bing technology to deliver search results, including DuckDuckGo which uses Bing. In Europe Google is currently under investigation of monopoly abuse and the EU has also delayed Google's purchase of Motorola Mobility." -
Coders Develop Ways To Defeat SOPA Censorship
Hugh Pickens writes "The Atlantic reports that one developer who doesn't have much faith in Congress making the right decision on anti-piracy legislation has already built a workaround for the impending censorship measures being considered, and called it DeSOPA. Since SOPA would block specific domain names (e.g. www.thepiratebay.com) of allegedly infringing sites, T Rizk's Firefox add-on allows you to revert to the bare internet protocol (IP) address (e.g. 194.71.107.15) which takes you to the same place. 'It could be that a few members of Congress are just not tech savvy and don't understand that it is technically not going to work, at all,' says T Rizk. 'So here's some proof that I hope will help them err on the side of reason and vote SOPA down.' Another group called 'MAFIAAFire' decided to respond when Homeland Security's ICE unit started seizing domain names, by coding a browser add-on to redirect the affected websites to their new domains. More than 200,000 people have already installed the add-on. ICE wasn't happy, and asked Mozilla to pull the add-on from their site. Mozilla denied the request, arguing that this type of censorship may threaten the open Internet." -
US Asks Scientists To Censor Reports To Prevent Terrorism
Following up on a disturbing story we discussed in November, Meshach writes "The United States is asking scientific journals publishing details about biomedical research to censor articles out of fear that terrorists could acquire the information. 'In the experiments, conducted in the United States and the Netherlands, scientists created a highly transmissible form of a deadly flu virus that does not normally spread from person to person. It was an ominous step, because easy transmission can lead the virus to spread all over the world. The work was done in ferrets, which are considered a good model for predicting what flu viruses will do in people.' The panel cannot force the journals to censor their articles, but the editor of Science, Bruce Alberts, said the journal was taking the recommendations seriously and would most likely withhold some information. Are we heading for another Rorschach-style cheat sheet being developed?" -
US Asks Scientists To Censor Reports To Prevent Terrorism
Following up on a disturbing story we discussed in November, Meshach writes "The United States is asking scientific journals publishing details about biomedical research to censor articles out of fear that terrorists could acquire the information. 'In the experiments, conducted in the United States and the Netherlands, scientists created a highly transmissible form of a deadly flu virus that does not normally spread from person to person. It was an ominous step, because easy transmission can lead the virus to spread all over the world. The work was done in ferrets, which are considered a good model for predicting what flu viruses will do in people.' The panel cannot force the journals to censor their articles, but the editor of Science, Bruce Alberts, said the journal was taking the recommendations seriously and would most likely withhold some information. Are we heading for another Rorschach-style cheat sheet being developed?" -
Australian Government Bans New Syndicate Game
An anonymous reader writes "It looks like the Australian Government's move to introduce a new R18+ classification for adult video games hasn't yet taken force, with video game maker EA confirming today that its reboot of the classic Syndicate series has been banned in Australia due to extreme violence. Left 4 Dead, Mortal Kombat and now Syndicate — what game will be banned next in Australia is anybody's guess." -
Music Player Amarok 2.5 Released
jrepin writes with this quote from an article at The H: "The Amarok development team has released version 2.5 of its open source music player and organizer, code-named 'Earth Moving.' Among the changes highlighted by the developers are re-written support for USB mass storage devices, GPodder.net podcast synchronization and an integrated Amazon MP3 store. The GPodder.net support includes the ability to browse directly from Amarok through the list of recommended podcasts on GPodder.net. Users of playlists on Amarok will find the new playlist functionality in 2.5 such as the ability to use formatted strings in Playlist layout items as prefixes and suffixes, dragging and dropping tracks in an empty area in the list of playlists to create a new playlist, and, in that same empty area, the addition of a new 'create new playlist' action." -
Apple Patents Using Apps During Calls
bizwriter writes "Apple has had quite a week in patents for the iPhone, and it's only Tuesday. First was the victory at the International Trade Commission over HTC. And now there's a shiny new patent on switching to an app during a live phone call (#8,082,523). There may be non-infringing ways of doing something similar, but they probably will be clumsy in comparison." -
Mozilla and Google Sign New Agreement For Default Search
An anonymous reader writes "It appears Google will not cut their default search arrangement with Mozilla. From the official blog post: 'We're pleased to announce that we have negotiated a significant and mutually beneficial revenue agreement with Google. This new agreement extends our long term search relationship with Google for at least three additional years.'" -
Google Working On Siri Competitor Majel
judgecorp writes "Google is working on a competitor to Apple's Siri voice input system. It's an extension to its existing Voice Actions offering with a name that should ring bells. Majel is named after Majel Barrett-Roddenberry, who was the voice of most of the Star Trek on-board computers, as well as playing Nurse Christine Chapel in the first series and being Gene Roddenberry's wife." -
Will Toys-R-Us Carry Spy Drones?
First time accepted submitter TomOfAmalfi writes "People are concerned about government use of domestic surveillance drones, but how is that different than what happens when people make their own drones, or buy them at a toy store? These units don't have the endurance or performance of the 'professional' models, but they can be useful and will get better. I can hear the police now when they realize the protesters are tracking them with toys." -
Kim Jong-Il Was an "Internet Expert"
pigrabbitbear writes "The late Kim Jong Il made many bizarre claims and bestowed upon himself many extravagant titles during his iron-clad rule over North Korea. But here's one that's particularly interesting in light of the recent SOPA debate – 'Internet expert.' The DPRK's Dear Leader fancied himself as such during an international summit in 2007. Seven years prior, he had asked U.S. Secretary of State Madeline Albright for her email address, indicating that the North Korean internet black hole was perhaps not as thoroughly opaque as we made it out to be — at least not for those at the top." -
Kim Jong-Il Was an "Internet Expert"
pigrabbitbear writes "The late Kim Jong Il made many bizarre claims and bestowed upon himself many extravagant titles during his iron-clad rule over North Korea. But here's one that's particularly interesting in light of the recent SOPA debate – 'Internet expert.' The DPRK's Dear Leader fancied himself as such during an international summit in 2007. Seven years prior, he had asked U.S. Secretary of State Madeline Albright for her email address, indicating that the North Korean internet black hole was perhaps not as thoroughly opaque as we made it out to be — at least not for those at the top." -
Denver Must Prove Red-Light Cameras Improve Safety
An anonymous reader writes "An audit of accidents at Denver intersections where red light cameras were installed versus increasing the length of the yellow light shows little difference in the results. In a case of putting the public ahead of the corporation, the Denver auditor is recommending canceling the red light camera program unless the city can prove a public-safety benefit." I hope that private citizens offering analysis or recommendations are treated fairly. -
Tech Forensics Take Center Stage in Manning Pre-Trial
smitty777 writes with some updates from Bradley Manning's Article 32 hearing: "Wired has been reporting all [yester]day on the prosecution's technological evidence against Bradley Manning. The first is on the technology and techniques used by Manning. In the second, the examiners admit they didn't find any matching cables on Manning's computer. And finally, evidence that Manning chatted directly with Assange himself." The prosecution was able to access chat logs and other bits of evidence (which had been deleted, but not scrubbed from the disk) thanks to PFC Manning's use of the same password for his OS login and encryption passphrase. Oops. -
Victory For Irish File Sharers Dashed By Government Report
2phar writes "The Irish Government is 'to publish an order early in the new year to allow music publishers, film producers and other parties to go to court to prevent ISPs from allowing their customers access to "pirate" websites.' The government has 'written to music publisher EMI Ireland confirming the order will be published and incorporated into existing legislation in January ... EMI Ireland recently warned the Government that it would take legal action against the State if the Government did not address the problem.'" This is a response to a ruling that Eircom's current "three strikes" rules were illegal due to privacy issues. -
Software Bug Caused Qantas Airbus A330 To Nose-Dive
pdcull writes "According to Stuff.co.nz, the Australian Transport Safety Board found that a software bug was responsible for a Qantas Airbus A330 nose-diving twice while at cruising altitude, injuring 12 people seriously and causing 39 to be taken to the hospital. The event, which happened three years ago, was found to be caused by an airspeed sensor malfunction, linked to a bug in an algorithm which 'translated the sensors' data into actions, where the flight control computer could put the plane into a nosedive using bad data from just one sensor.' A software update was installed in November 2009, and the ATSB concluded that 'as a result of this redesign, passengers, crew and operators can be confident that the same type of accident will not reoccur.' I can't help wondering just how a piece of code, which presumably didn't test its input data for validity before acting on it, could become part of a modern jet's onboard software suite?" -
Moxie Marlinspike Answers Your Questions
A few weeks ago you asked security guru Moxie Marlinspike about all manner of security issues, being searched at the border, and how to come up with a good online name. He's graciously answered a number of your inquiries which you will find below. Who writes your paychecks?
SirGarlon
From your Web site it looks like you've worn a number of hats. How do you mainly earn your living by penetration testing, developing software as a contractor, or what? Or do you have a day job? (I won't ask where). Do you have any advice for software engineers seeking an independent career?
I was the CTO at WhisperSystems, which was just acquired by Twitter. In the past, I've done both contract and full-time software engineering work, and I've worked on boats and as a delivery captain. I've also spent a considerable amount of time being broke and living without money.
I don't think I have any particularly sage advice for software engineers looking to go independent, so I'll answer a different question: on a somewhat regular basis now, I receive inquiries from young people coming out of high-school or college, asking me what they should do to get started in their software or security career. My most common response is "don't do it." Or at least, not right now.
I think the biggest thing young people fail to realize is the interminable nature of a career. As a young person in the global north, your whole life is generally marked by periods with definite beginnings and endings: elementary school is 5 years, middle school is 3 years, high-school is 4 years. It's significant because when you're in high-school and hating the indignity of it all, there is at least a definite endpoint that you can look forward to. But if you're coming out of that, you might not fully comprehend that when you start a career, you're expected to do that... for the rest of your *life*! Don't be too anxious to jump into that, because it's not as different as what's come before as you might think.
A friend of mine recently quipped "most people working in software discovered technology before they discovered themselves." There are so many people in the industry working on projects without a real personal narrative as to *why* they're doing them, other than the intrinsic feeling that solving technical problems is fulfilling. There is a whole entrepreneurial scene in the Bay Area right now; I can understand the draw of building things, but the level of self-seriousness that people bring to something like a "customer loyalty" startup baffles me. Honestly, it's simply not true that this stuff is "changing the world," so don't be too concerned about missing out if you don't jump in as quickly as you can.
Please, don't spend your late teens or early twenties in front of your computer at a startup. If you're a young person, I think the very best thing you could do is get together with a group of friends and commit to a one year experiment in which the substantial part of your life will be focused on discovery and not be dedicated to wage work -- however that looks for you. Get an instrument, learn three chords, and go on tour; find a derelict boat and cross an ocean; hitchhike to Alaska; build a fleet of dirigibles; construct a UAV that will engage with the emerging local police UAVs; whatever -- but make it count.
security and society
xappax
In addition to being a very sharp security researcher, you seem to have a strong interest in issues of social and political control. What emerging security trends do you see as being most important or helpful for authoritarians (at home and abroad)? What security trends are most important for anti-establishment movements?
I'll mention a few things I think about:
1) A lot has been said from people like Clay Shirky about the horizontalizing effect of the internet. And while it's true that platforms have emerged on the internet which make horizontal coordination and communication possible, what's often glossed over is that the infrastructure of the internet itself is actually extremely hierarchical. I know this seems obvious, but it's not something that comes up in the dialog about this stuff very often. It's worth remembering that this is how things are currently structured, and that the dreams of the Clay Shirkies of the world can never be fully realized as long as that's true; especially since those in control of the infrastructure seem to be taking increasing notice of that fact.
2) It's also just more of what we've been seeing for years: the economics of "information capitalism" have created a world where data is for the most part unsellable, driving businesses towards surveillance and profiling of their users for targeted advertising as the only means of obtaining revenue. Perhaps this isn't so bad in itself, but it puts us in a dangerous position, because it means the data is there for the (very efficient) taking. This becomes a magnet for governments and attackers.
3) Security vulnerabilities have become more difficult to find and exploit. Rather than making things "secure," however, it's shifted the balance of who has access to these vulnerabilities. There are still plenty of dumb sqli bugs out there, but more and more it's shaping up to mean that those with the most money and resources will have access to the exploits, while everyone else will be vulnerable to them. Which is not the way I'd like to see it.
Hardware for the traveling hacker?
capnkr
I'd be interested to know more about the hardware and/or platform you use on a daily/regular basis to do your work/research. I would assume that with your 'itinerant' lifestyle you have had to make choices and compromises in this area. IIRC, you "temporarily bought" ;) a laptop to edit Hold Fast, but that isn't something you do on a regular basis is it? Are there any suggestions/tips/tricks about hardware or methods that you'd care to share for the traveling hacker with the above in mind?
As an aside - Thanks for all the good work and entertaining tales! :) Been using that Capt's license much lately?
I secretly hate technology, so I actually have a mostly boring setup. I just run Linux on a laptop, which I replace about every eight years. I'm pretty stubborn about making a laptop last; the one I have now has cooling problems, so every time I do a long compile I have to find an ice pack to put under it. In some small way, it probably makes me feel like my computer is accomplishing something really difficult.
Every once in a while I'll need to do something creative if my setup isn't cutting it. So yeah, it's true that I edited Hold Fast on a nice machine with a 14 day return policy. =)
These days I can't travel internationally without CBP wanting to search (or failing that, confiscate) my electronics on my return to the US. So I just don't travel with them if I'm leaving the country.
As for the captain's license, I still get out every now and then, but rarely make deliveries. There's an anarchist yacht clubb convergence happening in Guatemala at the end of February.
WhisperCore
dark_requiem
I really like the idea behind WhisperCore. The problem, as I see it, is that it's only available for two devices, and the Android source is updated regularly, making it difficult to keep WhisperCore up to date with the latest version of Android. Also, there are a wide variety of existing ROMs, each sporting its own array of features, but WhisperCore is the only one focusing on full-device encryption and a quality firewall interface. Given that security is becoming more critical on mobile devices, I would love to see WhisperCore's functionality integrated into every ROM. Have you given any consideration to integrating the WhisperCore project into an existing community such as CyanogenMod, or opening the source to build a community around WhisperCore? It would definitely help with making it available on more devices.
WhisperSystems was acquired by Twitter recently, so the answer to this question has changed a little for us. In general, though, we never saw WhisperCore as something that could be a pervasive aftermarket solution. We made it available on the Nexus devices with an aftermarket installer because we wanted to give something free to the security community and those devices make it easier with unlocked bootloaders. However, the bulk of our distribution efforts were spent trying to get the software through OEM channels, so that it would just appear on new devices.
CyanogenMod has done an excellent job of supporting a wide range of devices, but as you note, they are only able to do this because it's an open source project with enough volunteers to deal with all of the proprietary integration, build, and test issues. They only get access to the source after Google does public drops (that is to say, long after the rest of the industry does), and the device vagaries are endless. WhisperCore was a commercial product focused on the enterprise security market, and that market isn't particularly interested in reflashing ROMs onto their employee's phones. We were simply making it available in that form so that individuals could benefit from our work, but it wasn't our main focus. The other integration problem with CyanogenMod is that they are not a security-focused community, and have actually done a number of things to reduce the security of the platform (which is a shame, since the bar was low to begin with). So the interests of our user bases are fairly distinct, and actually in conflict on some important points.
WhisperCore - why not OSS?
nullchar
Are there business or technical reasons you do not want to open the source code for WhisperCore or any of the sub-projects like WhisperMonitor?
Same reason most enterprise software vendors' products aren't OSS, harder to sell software that way. =)
CarrierIQ nnet
Does Whisper Monitor stop CarrierIQ as well?
Haven't tested it, but it should. That said, it doesn't come with WhisperCore, so it seems unlikely that you'd encounter it on a device with WhisperMonitor.
Thoughts on TLS-SRP as a partial solution?
WaffleMonster
Most secure sites we normally depend on require you to establish an account. Rather than sending our passwords in the "clear" over SSL as everyone is foolishly doing today couldn't part of this problem be solved using trust previously established between you and the site in the form of mutually authenticated credentials?
The best case example would be an online banking site first requiring you to physically come into the office with proper ID. There would no longer be any need for this bank to need to trust or use any third party.
TLS-SRP RFCs have already been written, SSL stacks used by all popular browsers already patched with support... obviously this does not fully eliminate the need for trusted third parties.
I think these types of approaches are interesting for things like SSH, IMAPS, and SMTPS. The way that webapps tend to be architected and deployed, however, makes this tricky.
of trust versus online consensus
DamnStupidElf
PGP provides a model for partial trust in a public key based on the trust placed in signers of that key. I think a similar model would work much better for SSL certificates than either the current forest of fully trusted root CAs or projects like Convergence because it would allow long term trust in entities instead of merely the ephemeral keys used for SSL connections while also providing offline security and the ability to separate the keys used for privacy and identification.
If I wanted to validate the hypothetically secure https://slashdot.org/ I would be happy seeing an SSL certificate signed by Geeknet's PGP key (assuming they cared enough to be in the strong set), but even happier if it was also signed by a couple certificate authorities and some other folks in the strong set. I would assign partial trust to each of the certificate authorities' root certificates and use PGP to measure the partial trust of other signatures and set a threshold for the security of any SSL site, perhaps requiring "full trust" for automatic acceptance of an SSL certificate, a warning for marginal trust, and a bigger warning for anything less.
One of the primary advantages is separation of privacy and identification; the private key for identifying an entity would only be used to sign SSL certificates, reducing the likelihood of an attacker compromising an identity certificate. Notaries, as in Convergence, would simply be entities who sign a large number of SSL certificates after verifying the owner's identity through the existing trust network. The advantage for notaries is that they would not need to keep their private keys online and would only serve signatures. SSL sites could also just include the signatures in the initial SSL/TLS exchange, shifting bandwidth costs to the entities that benefit from the signatures. Site owners could also pre-distribute new SSL keys to certificate authorities and notaries to obtain signatures similar to the way that the existing PKI works, without relying on projects like Convergence to correctly identify a legitimate key change through heuristics.
The biggest advantage is a much more robust framework for trusting the privacy and identify of web sites. The likelihood of obtaining fraudulent SSL certificates signed by enough entities to achieve full trust is much lower than the likelihood of compromising a single fully trusted root CA or tricking a Convergence-style network into trusting a fraudulent SSL certificate by DNS poisoning or other methods.
Do you think this is a workable and, if so, good idea?
The MonkeySphere project is working on something quite similar to your proposal. Personally, I always have trouble with suggestions for bringing the "web of trust" to some new context, because I never found it workable in the context it was invented for. I use PGP more consistently for email than almost anyone else I know, and the truth is that I almost never find a new key with signatures that are meaningful to me.
While there are organizations and individuals I trust, there aren't thousands of them, and probably not even hundreds of them. I think that trust agility is essential to any solution moving forward, but as I see it trust agility requires two things:
1) The trust relationship has to be initiated by the client.
2) A trust decision can be easily revised at any time.
I don't believe that using WoT style signatures meets these requirements, at least in their most obvious form. In the WoT model, if I look up a certificate, I don't have any influence over who's chosen to sign it. I'm given the signatures I'm given, and that's that. If I decide to make it work by trusting some entity that has made it a habit to sign a bunch of certificates, untrusting them becomes difficult, because maybe the entity I'd really like to trust hasn't signed as many. And if it's a matter of manually evaluating the signatures I'm given for any site I visit, that sounds pretty unpalatable to me.
All that said, this idea is not incompatible with Convergence. Just build a MonkeySphere notary backend, and it'll plug right in alongside any other notary strategies you'd like to simultaneously query from your client. I anticipate that it would give you a lot of "stand aside" votes for the foreseeable future, however.
Is everyone just re-inventing _parts_ of the WoT?
Sloppy
It seemed to me that what Perspectives notaries do, as expressed in OpenPGP-speak, is act as sophisticated Robot CA. (Is this wrong?) Is a Convergence notary "merely" a more sophisticated Robot CA, or does it provide information which couldn't be represented in a Web of Trust?
Well, I dunno, on some level I think all knowledge can be expressed as simile through any particular domain of knowledge. It's important to remember that a Convergence notary isn't bound to any particular validation technique, meaning that not all notaries will use network perspective. I prefer to think of notaries as SSL Certificate Authorities with an inverted trust relationship. They're pretty similar, but rather than the server initiating the trust relationship, it's the client. It's a subtle but powerful change.
bootstrapping -- notary trust
Onymous Coward
Do you see the matter of how users come to trust the notaries themselves as a concern? What methods do you see for assuring users that a list of notaries is in fact recommended by a given party? I see notaries distributed with the Convergence plug-in (is the distribution signed?), but doubtlessly that's not meant as a steady-state solution as it does not promote trust agility.
Have you considered notary list configuration based on "subscriptions" a l AdBlock lists. For example, if the EFF periodically published a signed "EFF Trusted Notaries" list, as one of a number of organizations doing so?
And how much is a working web of trust required for this? Do you feel there is one?
Right now installing Convergence is a leap of faith, as is true for most software. I'm being intentionally inflammatory by making a point of not distributing it over SSL, because if you're installing it, you don't have it to validate your SSL connection yet. Once you have it, however, all updates are signed.
I don't actually see pre-distributed lists of trusted notaries as anathema to trust agility, however. It's nice for a user to be able to select who they trust, but it's also essential that browser vendors can revise those defaults as well. Right now that's not the case, and it means that a browser vendor's entire user base suffers.
I would like to imagine that one day browsers will ship with Convergence support built in, and that it will come with a list of default notaries that the browser has curated. If one of those notaries starts acting in bad faith, the browser can remove them. If you as a user would like to make different trust decisions, they can do that as well.
Notary subscription lists are a good idea. You can kind of do this with the HA Notary bundles right now, but it'd be better to break them out into a meta-bundle. In any case, the bundle auto-update logic is in there, so it wouldn't be too difficult (git pull requests gladly accepted!).
Switch from Perspectives?
Burz
I'm already using the Perspectives extension (and not sure what benefit I'm getting from that)... Why should I switch from Perspectives to Convergence?
Convergence is obviously inspired by Perspectives, but slightly more generalized (not tied to network perspective), and designed to address what I felt were shortcomings in the Perspectives protocol. The biggest differences are browser integration, notary lag, and privacy.
Perspectives doesn't work for any of the CSS/JS/Image content on a page load, only the initial GET. It will suffer from notary lag since it requires notaries to regularly poll target sites. And you'll leak your entire browsing history to notaries.
Choice of name?
Alioth
Completely unrelated to your work, but the name "Moxie Marlinspike" sounds wonderful. It's obvious why you chose "Marlinspike", after all as a sailor it's an object that you may have found useful (and it's not that uncommon to have a last name that is a tool or a trade). But the first name you chose - why did you choose it? Looking around for references to Moxie the most prominent one is for one of the earliest carbonated beverages sold in the world, which doesn't sound too probable as an origin.
Apparently the etymology of the word "moxie" is thought to originate with the soda, although there is some indication that it might have been a word from a native American language that meant "dark water." I actually know another person named Moxie in the Bay Area, and someone got us a six pack of Moxie Cola to split once. I couldn't even finish one!
I'd estimate that in roughly 1/3rd of the cases where I introduce myself to someone, they ask whether Moxie is my "real name." There are a few interesting things about this to me. First, apparently we're all so used to a limited pantheon of possible names that anything outside of it must be "not real." And second, that when people say "real," it seems that what they actually mean is "legal."
What's interesting to me about the corpus of "real sounding" names is that they're mostly drawn from the bible. The name my parents put on my birth certificate is "Matthew." For as long as I can remember, however, people have called me Moxie Marlinspike. There's obviously a story there, but it's actually not that interesting. In the end, it's just what stuck. I don't switch back to Matthew, however, because it's a biblical name. I'm not that inspired by the stories from the bible, so it feels counter-intuitive for me to literally identify with them. So while many people find my name "strange," what's more bemusing to me is that many of those same people *also* don't find the stories of the bible to be the major inspiration of their lives, and yet continue to be walking endorsements for them with every handshake.
The notion of "realness as legality" is interesting to me because it seems like it should be possible for reality to extend beyond whatever is defined by law, yet this seems to be the litmus in most people's minds. If I have a name which literally everyone in my life since childhood has known me by, it seems to me that this should be the definition of "reality," not whether the government (who, by contrast, has a pretty cold and distant relationship with me as far as acquaintances go) agrees. -
Man Changes Name to "Mark Zuckerberg" After Facebook Sues Him
An anonymous reader writes "This has to be the funniest Facebook name story in a while. Facebook disabled the account of Israeli entrepreneur Rotem Guez because he runs a business called the Like Store, where he sold Likes to advertisers. Guez countered by suing Facebook for deleting his accounts on the social network. Facebook countered with its own cease and desist letter. Guez didn't respond to Facebook's demands. Instead, he legally changed his name to Mark Zuckerberg. 'If you want to sue me, you're going to have to sue Mark Zuckerberg,' Guez reportedly told Facebook." -
MapReduce For the Masses With Common Crawl Data
New submitter happyscientist writes "This is a nice 'Hello World' for using Hadoop MapReduce on Common Crawl data. I was interested when Common Crawl announced themselves a few weeks ago, but I was hesitant to dive in. This is a good video/example that makes it clear how easy it is to start playing with the crawl data." -
YouTube Says UMG Had No 'Right' To Take Down Megaupload Video
An anonymous reader writes "Contrary to a previous story, Google played no part in the Megaupload takedown. From Wired: 'YouTube said Friday that Universal Music abused the video-sharing site's piracy filters when it employed them to take down a controversial video of celebrities and pop superstars singing and praising the notorious file-sharing service Megaupload.'" -
Smallest Known Black Hole Found
smitty777 writes "Adding to the recent black hole discoveries of gas clouds and a quasar accretion disc, Forbes is reporting on a recent discovery by NASA's Rossi X-Ray Timing Explorer (RXTE) on the smallest known black hole. From the article: 'If the astronomers' calculations are correct, this black hole is located about 16,000 to 56,000 light years away from Earth (a more precise distance hasn't yet been determined). The black hole itself is only about three times the mass of the Sun, which means that the original star was just barely big enough to form a black hole.'" -
Smallest Known Black Hole Found
smitty777 writes "Adding to the recent black hole discoveries of gas clouds and a quasar accretion disc, Forbes is reporting on a recent discovery by NASA's Rossi X-Ray Timing Explorer (RXTE) on the smallest known black hole. From the article: 'If the astronomers' calculations are correct, this black hole is located about 16,000 to 56,000 light years away from Earth (a more precise distance hasn't yet been determined). The black hole itself is only about three times the mass of the Sun, which means that the original star was just barely big enough to form a black hole.'" -
PCMCIA Computer Project Aims Even Higher (and Cheaper) Than Raspberry Pi
lkcl writes "An initiative by a Community Interest Company Rhombus Tech aims to provide Software (Libre) Developers with a PCMCIA-sized modular computer that could end up in mass-volume products. The reference design mass-volume pricing guide from the SoC manufacturer, for a device with similar capability to the Raspberry Pi, is around $15: 40% less than the $25 Raspberry Pi but for a device with an ARM Cortex A8 CPU 3x times faster than the 700mhz ARM11 used in the Raspberry Pi. GPL Kernel source code is available. A page for community ideas for motherboard designs has also been created. The overall goal is to bring more mass-volume products to market which Software (Libre) Developers have actually been involved in, reversing the trend of endemic GPL violations surrounding ARM-based mass-produced hardware. The Preorder pledge registration is now open (account creation required)." Of course, the Raspberry Pi is not only only much further along, but has recently announced an expansion module (the Gertboard). -
Self-Contained PC Liquid Coolers Explored
MojoKid writes "Over the last few years an increasing number of liquid coolers have been positioned as high-end alternatives to traditional heatsink and fan combinations. This has been particularly true in the boutique and high-end PC market, where a number of manufacturers now offer liquid coolers in one form or another. These kits are a far cry from the water coolers enthusiasts have been building for years. DIY water coolers typically involve separate reservoirs and external pumps. The systems tested here, including Intel's OEM cooler that was released with their Sandy Bridge-E CPU, contain significantly less fluid and use small pumps directly integrated into the cooling block as a self-contained solution. Integrated all-in-one kits may not offer the theoretical performance of a high-end home-built system, but they're vastly easier to install and require virtually no maintenance. The tradeoffs are more than fair, provided that the coolers perform as advertised." -
Technical Details Behind the LAN-Party Optimized House
New submitter Temporal writes "Yesterday, Slashdot reported on my LAN-party optimized house. But, lacking from the internet at that time were key technical details: How do I boot 12 machines off a single shared disk? What software do I use? What does my network infrastructure look like? Why do I have such terrible furniture? Is that Gabe Newell on the couch? The answer is a combination of Linux, PXE boot, gPXE, NBD/iSCSI, and LVM snapshots running on generic hardware over generic gigabit ethernet. I have even had several successful LAN parties with a pure-Linux setup, using WINE." -
New Standard For Issuance of SSL/TLS Certificates
wiredmikey writes "In light of the many security breaches and incidents that have undermined the faith the IT industry has in Certificate Authorities (CAs) and their wares, the CA/Browser Forum, an organization of leading CAs and other software vendors, has released the 'Baseline Requirements for the Issuance and Management of Publicly-Trusted Certificates,' an industry-wide baseline standard for the operation of CAs issuing SSL/TLS digital certificates natively trusted by the browser. The CA/Browser Forum is requesting Web browser and operating system vendors adopt the requirements (PDF) as part of their conditions to distribute CA root certificates in their software. According to the forum, the Baseline Requirements are based on best practices from across the SSL/TLS sector and touch on a number of subjects, such as the verification of identity, certificate content and profiles, CA security and revocation mechanisms. The requirements become effective July 1, 2012, and will continue to evolve to address new risks and threats." -
The Future of Battle Tech
PolygamousRanchKid tips a story about research into futuristic military technology currently being funded by DARPA. The Disc-Rotor Compound Helicopter 'is propelled by rotor blades that extend from a central disc, letting it take off and land like a helicopter. But those blades can also retract into the disc, minimizing drag and letting the Disc-Rotor fly like a plane, powered by engines beneath each wing.' The Vulture program aims to keep a plane in the sky for five years or more, and 'LANdroids' are pocket-sized robots which soldiers can scatter around urban areas to seed a communications network. FastRunner is a 'two-legged robot that can cover a moderately rough terrain as fast as the best human sprinters.' The article mentions the flying humvees we've discussed in the past, as well as projects for 'smart' binoculars and a method for recycling space junk. -
Google Deal Allegedly Lets UMG Wipe YouTube Videos It Doesn't Own
Sockatume writes "Ars Technica is reporting that Google has given music conglomerate UMG the right to arbitrarily eliminate YouTube videos. When UMG had Megaupload's 'Mega Song' removed from the site, it was assumed that they had made a DMCA claim, and that YouTube was responding under its 'safe harbor' obligations. Megaupload's legal response argues that UMG has no grounds to request a DMCA takedown. However in court filings (PDF), UMG claims that its licensing agreement with Google gives it the power and authority to unilaterally wipe videos from the site, bypassing the DMCA entirely. If true, that means that your activities on YouTube are not just curtailed by the law, but by the terms of their secret agreements with media conglomerates." -
Nightingale Media Player Preview Released
First time accepted submitter ilikenwf writes "You may or may not remember the Mozilla-based Songbird media player, which dropped official Linux support in April, 2010. Since then, the Nightingale community fork has waxed and waned in terms of membership and progress, but thanks to having a completely new dev team has today produced a preview build based on Songbird 1.8.1. The team promises a release of a Songbird trunk based build later this year, with fixes and an upgrade to Gecko 6. Plans to support Linux, Windows, and Mac are in the works, with the preview builds being available only for Linux and Windows at the moment. Aside from trying to pull in refugees from the Songbird community, Nightingale wants more developers to aid in fixing dropped and broken features from Songbird — and to add new ones." -
US Sentinel Drone Fooled Into Landing With GPS Spoofing
McGruber writes "Following up on the earlier Slashdot story, the Christian Science Monitor now reports that GPS spoofing was used to get the RQ-170 Sentinel Drone to land in Iran. According to an Iranian engineer quoted in the article, 'By putting noise [jamming] on the communications, you force the bird into autopilot. This is where the bird loses its brain.' Apparently, once it loses its brain, the bird relies on GPS signals to get home. By spoofing GPS, Iranian engineers were able to get the drone to 'land on its own where we wanted it to, without having to crack the remote-control signals and communications.'" -
At Universal's Request, YouTube Yanks News Podcast Over Music Snippet
Snaller writes "Tech News Today does what the name says — it's a podcast reporting on Tech news, Monday to Friday. They, like Slashdot, reported on the Megaupload vs. Universal copyright dispute. But during their coverage, they played a snippet of the music video and immediately Universal Music Group had the news podcast yanked from YouTube. Tech News Today has outlets other than YouTube, but should a music company have the right to have a news podcast removed on copyright grounds, when it's not even clear that said company has had any copyrights violated?" -
Book Review: The Economics of Software Quality
First time accepted submitter BenLinders writes "The Economics of Software Quality provides solutions to quantify software quality, helping you to manage software development and maintenance. It contains software quality data that you can use to build a business case to improve the quality of your software, and decide upon processes and techniques that can help to implement the needed improvements in your organization." Read below for the rest of Ben's review. The Economics of Software Quality author Capers Jones and Olivier Bonsignour pages 587 publisher Addison-Wesley rating 8/10 reviewer Ben Linders ISBN 978-0-13-258220-9 summary To build your Business Case for Software Quality Improvement Quantifying software quality is not an easy thing. Several measurements exist, for instance estimating and tracking the number of defects that are found (both within development/maintenance and from customers), measuring software quality with static analysis tools (complexity, fan in/fan out), or measuring the effectiveness of software development methods and techniques (like inspections, test, and Cost of Poor Quality). This book covers software quality factors that influence the quality of software products as perceived (and believed!) by customers. An extensive list of factors is provided, where the authors have selected those factors that they consider most significant to achieve quality.
Many software development processes and techniques are covered in this book, from a quality and economic point of view. This also includes agile methods, where a body of data is available about the effects of agile techniques like user stories, Test Driven Design, Scrum Sessions, Measuring Technical Debt, and Pair Programming. For instance, about agile user stories the book states "... the user story method seems to be concise and fairly trouble-free, User stories average below 0.5 pages per function point and seem to contain fewer than 0.5 defects per function point`. This kind of information can be very helpful to build a business case for using agile methods in your organization.
Most of the data on software quality that the book provides is in "Defects per Function Point". A backfiring table is also provided, to translate language statements/lines to function points. So if you are not using function point, but programming in Java, Ruby, C++ or any other popular programming language, the data can still be used.
There is a full chapter covering defect prevention. Methods like Reuse, Formal Inspections and Quality Function Deployment are the most effective in preventing defects, and also techniques like Root Cause Analysis and PSP/TSP are claimed to be very effective. Given that the top ten techniques reduce defects with 40% — 85%, makes it interesting for many organizations to investigate the business case to improve the quality of their products, using these methods and techniques.
Additional information is provided on how to measure the effects on quality from a given method or technique. The book also provides warning for quality measurements that can be unreliable. An example is measuring cost-per-defect. When the quality of your development activities increases, for instance by improving requirements practices and implementing defect prevention for design and coding, the number of defects that testing finds will go down. Since test case preparation is a fixed cost, the cost per defect for testing will go up when the software has fewer defects. This makes such a measurement potentially unreliable. I believe that the main benefits will come when you can reduce your testing activities, based upon measurements that quantify the quality of your products before testing starts. Techniques like risk based testing can also reduce your testing hours, thus saving time and money on tests that are not needed.
Defects measurements and tracking are used in more then 55% of the military and defense software applications (using CMMI, TSP, QFD, etc), but in less then 15% of IT, commercial, web or embedded applications. Given their prevention effectiveness of -35%, and removal effectiveness of 25%, it is still surprising to me that this is not used more often. The data needed for these kinds of measurements is usually available in the defect management systems, though some addition effort is needed to classify defects and to do Root Cause Analysis. The benefits of using these kinds of measurements, combined with estimations of the expected quality at release, to decide and steer software development and prevent defects during the development and before release are significant.
The book also gets into methods to quantify structural quality issues that are not exactly "defects" but have an important impact – "Technical Debt" being one of these methods of quantification. These kind of measurements help to manage the quality of your code base, being able to see the impact on quality from changes, and take action to get quality back on the desired level when needed.
Reviews and inspections are very effective ways to remove defects before testing. Several techniques are described, both informal and formal techniques. Several of them are also usable within agile methods, supporting teams in developing better quality software. Applying these techniques effectively requires training, and arrangements within your company that enable employees to use them. The book makes clear that if you want to reduce post release defects and lower your maintenance costs, the work needs to start with early software development activities, like using better techniques for managing requirements, software modeling and design, reviews and inspections, and automatic code analysis. Testing alone is not sufficient to improve quality, and is also very costly.
The relationship between quality and risks is also explored. Many major software problems are related to the quality of the software products, e.g. outages, data loss, security issues or regulatory non compliances. Investigating such issues, for instance with Audit or Root Cause Analyses, and taking action to prevent similar problems in the future can be essential for your business. Measuring the losses and estimating potential benefits from preventive actions helps you to select the right improvements, and acquire commitment and funding to implement them.
The capabilities and skills of the staff that develops the software have significant impact on the quality. The benefits of training, skill development, and sharing of experiences to develop a learning organization can be huge. Software methods like Agile and RUP include mechanisms to continuously evaluate, learn and improve the capabilities of your staff. E.g. using retrospectives and scrum boards, to identify and follow up with improvement actions.
Overall the book covers the economic perspective of quality. The information provided can be overwhelming for some readers. If you need to improve your product quality, and are limited in time and money to do it, this book helps you to select effective quality methods and techniques, and to measure and track your progress when implementing improvements.
Ben Linders is a specialist in quality, process improvement and organizational development.
You can purchase The Economics of Software Quality from amazon.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page. -
Book Review: The Economics of Software Quality
First time accepted submitter BenLinders writes "The Economics of Software Quality provides solutions to quantify software quality, helping you to manage software development and maintenance. It contains software quality data that you can use to build a business case to improve the quality of your software, and decide upon processes and techniques that can help to implement the needed improvements in your organization." Read below for the rest of Ben's review. The Economics of Software Quality author Capers Jones and Olivier Bonsignour pages 587 publisher Addison-Wesley rating 8/10 reviewer Ben Linders ISBN 978-0-13-258220-9 summary To build your Business Case for Software Quality Improvement Quantifying software quality is not an easy thing. Several measurements exist, for instance estimating and tracking the number of defects that are found (both within development/maintenance and from customers), measuring software quality with static analysis tools (complexity, fan in/fan out), or measuring the effectiveness of software development methods and techniques (like inspections, test, and Cost of Poor Quality). This book covers software quality factors that influence the quality of software products as perceived (and believed!) by customers. An extensive list of factors is provided, where the authors have selected those factors that they consider most significant to achieve quality.
Many software development processes and techniques are covered in this book, from a quality and economic point of view. This also includes agile methods, where a body of data is available about the effects of agile techniques like user stories, Test Driven Design, Scrum Sessions, Measuring Technical Debt, and Pair Programming. For instance, about agile user stories the book states "... the user story method seems to be concise and fairly trouble-free, User stories average below 0.5 pages per function point and seem to contain fewer than 0.5 defects per function point`. This kind of information can be very helpful to build a business case for using agile methods in your organization.
Most of the data on software quality that the book provides is in "Defects per Function Point". A backfiring table is also provided, to translate language statements/lines to function points. So if you are not using function point, but programming in Java, Ruby, C++ or any other popular programming language, the data can still be used.
There is a full chapter covering defect prevention. Methods like Reuse, Formal Inspections and Quality Function Deployment are the most effective in preventing defects, and also techniques like Root Cause Analysis and PSP/TSP are claimed to be very effective. Given that the top ten techniques reduce defects with 40% — 85%, makes it interesting for many organizations to investigate the business case to improve the quality of their products, using these methods and techniques.
Additional information is provided on how to measure the effects on quality from a given method or technique. The book also provides warning for quality measurements that can be unreliable. An example is measuring cost-per-defect. When the quality of your development activities increases, for instance by improving requirements practices and implementing defect prevention for design and coding, the number of defects that testing finds will go down. Since test case preparation is a fixed cost, the cost per defect for testing will go up when the software has fewer defects. This makes such a measurement potentially unreliable. I believe that the main benefits will come when you can reduce your testing activities, based upon measurements that quantify the quality of your products before testing starts. Techniques like risk based testing can also reduce your testing hours, thus saving time and money on tests that are not needed.
Defects measurements and tracking are used in more then 55% of the military and defense software applications (using CMMI, TSP, QFD, etc), but in less then 15% of IT, commercial, web or embedded applications. Given their prevention effectiveness of -35%, and removal effectiveness of 25%, it is still surprising to me that this is not used more often. The data needed for these kinds of measurements is usually available in the defect management systems, though some addition effort is needed to classify defects and to do Root Cause Analysis. The benefits of using these kinds of measurements, combined with estimations of the expected quality at release, to decide and steer software development and prevent defects during the development and before release are significant.
The book also gets into methods to quantify structural quality issues that are not exactly "defects" but have an important impact – "Technical Debt" being one of these methods of quantification. These kind of measurements help to manage the quality of your code base, being able to see the impact on quality from changes, and take action to get quality back on the desired level when needed.
Reviews and inspections are very effective ways to remove defects before testing. Several techniques are described, both informal and formal techniques. Several of them are also usable within agile methods, supporting teams in developing better quality software. Applying these techniques effectively requires training, and arrangements within your company that enable employees to use them. The book makes clear that if you want to reduce post release defects and lower your maintenance costs, the work needs to start with early software development activities, like using better techniques for managing requirements, software modeling and design, reviews and inspections, and automatic code analysis. Testing alone is not sufficient to improve quality, and is also very costly.
The relationship between quality and risks is also explored. Many major software problems are related to the quality of the software products, e.g. outages, data loss, security issues or regulatory non compliances. Investigating such issues, for instance with Audit or Root Cause Analyses, and taking action to prevent similar problems in the future can be essential for your business. Measuring the losses and estimating potential benefits from preventive actions helps you to select the right improvements, and acquire commitment and funding to implement them.
The capabilities and skills of the staff that develops the software have significant impact on the quality. The benefits of training, skill development, and sharing of experiences to develop a learning organization can be huge. Software methods like Agile and RUP include mechanisms to continuously evaluate, learn and improve the capabilities of your staff. E.g. using retrospectives and scrum boards, to identify and follow up with improvement actions.
Overall the book covers the economic perspective of quality. The information provided can be overwhelming for some readers. If you need to improve your product quality, and are limited in time and money to do it, this book helps you to select effective quality methods and techniques, and to measure and track your progress when implementing improvements.
Ben Linders is a specialist in quality, process improvement and organizational development.
You can purchase The Economics of Software Quality from amazon.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page. -
KDE Releases Plasma Active Two
jrepin writes with a snippet from the release announcement of Plasma Active Two: "Mobile devices that adapt to who you are, reflecting what you are doing when you are doing it. This concept is at the heart of the Plasma Active user experience. Plasma Active One was released in October 2011, providing early adopters the first opportunity to experience Activities on a tablet. Since then, the design and development team behind this open source touch interface has been hard at work on an update. ... information about real-world usage enabled the team to improve the end-user experience significantly over the past two months." -
Sony, Universal and Fox Caught Pirating Through BitTorrent
New submitter Bad_Feeling sends in a followup to the story we discussed on Monday about a new site that scanned a few popular torrent trackers and linked torrents to IP addresses. The folks at TorrentFreak decided to check IP addresses belonging to major companies in the entertainment industry and published lists of pirated files from several, including Fox, Sony, and NBC Universal. Of course, they used the information to make a slightly different point than the industry usually does: "By highlighting the above our intention is not to get anyone into trouble, and for that reason we masked out the end of the IP addresses to avoid a witch hunt. An IP address is not a person, IP addresses can be shared among many people, and anyone can be behind a keyboard at any given time." -
Wikipedia Debates Strike Over SOPA
An anonymous reader writes "Jimbo Wales has suggested that English Wikipedia restrict its services for a period to protest against the anti-piracy SOPA bill in the United States. This follows a similar action by the Italian Wikipedia last month." Reader fiannaFailMan points out another bit of Wikipedia news: they've taken the wraps off a prototype for a new visual editor. A sandbox is available to try out. The Wikimedia Foundation hopes easier, more intuitive editing will shore up waning contributor numbers. -
Carrier IQ Responds To FBI Drama, EFF Wants More Information
New submitter realized writes "Yesterday Carrier IQ released a report (PDF) which tries to answer some questions about how their system operates. Also, after reports of the FBI using Carrier IQ data, the company responded by saying, 'Carrier IQ has never provided any data to the FBI. If approached by a law enforcement agency, we would refer them to the network operators.' Additionally, the EFF just released a report which says they believe keystroke data 'is in fact being inadvertently transmitted to some third parties,' but they would like to study carrier profiles to verify information." Reader Trailrunner7 adds that Carrier IQ's report indicates "under some limited circumstances its software will log the contents of SMS messages sent to a user's phone, but that that the contents of those messages would not be human readable. Instead, they would be in an encoded form that could not be decoded without special software and the carriers don't have access to the contents of the messages either. The company said it has worked on a fix for the bug, which affected devices running the embedded version of the Carrier IQ agent." -
Judge Dismisses 'Other OS' Class-Action Suit Against Sony
An anonymous reader writes "You may recall that in early 2010, Sony decided to roll out an update that would remove the ability for PlayStation 3 owners to install a different operating system on the console, citing security concerns as the reason. Geeks and Linux enthusiasts were outraged at the move, particular since the "Other OS" functionality had been advertised as a feature of the PS3. A class-action lawsuit was soon brought against Sony. Many of the initial claims were thrown out, and now, a federal judge in California has granted Sony's motion to dismissed the lawsuit, saying, 'As a matter of providing customer satisfaction and building loyalty, it may have been questionable. As a legal matter, however, plaintiffs have failed to allege facts or articulate a theory on which Sony may be held liable.' Here's the full text of the order (PDF)." -
Judge Dismisses 'Other OS' Class-Action Suit Against Sony
An anonymous reader writes "You may recall that in early 2010, Sony decided to roll out an update that would remove the ability for PlayStation 3 owners to install a different operating system on the console, citing security concerns as the reason. Geeks and Linux enthusiasts were outraged at the move, particular since the "Other OS" functionality had been advertised as a feature of the PS3. A class-action lawsuit was soon brought against Sony. Many of the initial claims were thrown out, and now, a federal judge in California has granted Sony's motion to dismissed the lawsuit, saying, 'As a matter of providing customer satisfaction and building loyalty, it may have been questionable. As a legal matter, however, plaintiffs have failed to allege facts or articulate a theory on which Sony may be held liable.' Here's the full text of the order (PDF)." -
Adblock Plus Developers To Allow 'Acceptable' Ads
First time accepted submitter Roman Grazhdan writes "Developers of Adblock Plus, an award-winning add-on for Mozilla Firefox and Google Chrome boasting over 12,000,000 users, announced that starting from version 2.0 the extension would come with a white list of unobtrusive, privacy-respected ads. These will be allowed by default; users will still be able to block them by unchecking 'Allow non-intrusive advertising.' The developers say: 'Only 25% of the Adblock Plus users seem to be strictly against any advertising.' What is this — betrayal of ideals of annoyance-free web or birth of independent authority for standards for advertisement?" Ads are sometimes annoying, but they also make certain websites (like this one!) possible. Getting the balance right is tricky — I know I often avoid sites because of interstitial advertising, pop-ups, etc. Whitelisting sounds like a good way to reward sites that try to keep it subtle; offloading and generalizing the task of categorizing ads into annoying or acceptable gives sites and advertisers a good threshold to duck beneath. Next step I'd like to see: a sliding scale, so browsers can be set to zero, or eleven, for tolerable annoyance. Update: 12/13 14:54 GMT by T : My fault: I liked the story so much that I missed it the first time. -
Million Dollar Crowdturfing Industry Dupes Social Networks
New submitter bowlinearl writes "Three weeks ago Slashdot featured a story on the Chinese Water Army. A new study from researchers at UCSB delves even deeper into the problem of crowdturfing (full disclosure: I am one of the authors of the study). The study reveals that evil crowdsourcing services in China are a multi-million dollar industry, and that the number of jobs and the amount of money are growing exponentially. Hundreds of thousands of workers are involved, including a small contingent of career crowdturfers who each manage hundreds of accounts on social networks. The researchers observed the behavior of workers and the unwitting users who click on the generated spam by infiltrating the two largest crowdsourcing sites in China. However, crowdturfing isn't confined to China: the researchers discovered crowdsourcing sites in the U.S. that are 95% astroturf, as opposed to Amazon's Mechanical Turk, which actively polices itself, and is only 12% astroturf." -
Internet Explorer Users Have Low Risk Intelligence
First time accepted submitter benne2011 writes "A hoax report earlier this year claimed that people who used Internet Explorer had a lower IQ than those using other browsers. Inspired by this bit of fun, Projection Point decided to carry out a real study comparing the risk intelligence (RQ) of people using different browsers. We found that Internet Explorer users performed worse than everyone else; they had lower RQ scores and were grossly overconfident." -
Verizon Considering Purchase of Netflix
schwit1 writes "Shares of Netflix soared more than 6% Monday on a report that Verizon Communications is considering buying the troubled movie renter. Verizon is reportedly evaluating whether a purchase of Netflix could provide an entry into the video delivery business, DealReporter said, citing a source close to the matter. The news comes as Netflix continues to struggle from a series of missteps earlier this year when it raised subscription prices and separated its DVD-by-mail service and streaming. Netflix's stock price plunged to a new 52-week low two weeks ago when the company warned it would fall to a loss in 2012 if it failed to boost its bruised customer base." -
Tizen, webOS, & the Future of Mobile Open Source
jfruhlinger writes "When HP announced it would release webOS as open source, it added a competitor to a narrow niche: there's already Tizen, the descendant of MeeGo, which is, like webOS, an open source Linux-based operating system for smartphones. Can they co-exist, or will one come out on top? One built-in advantage for webOS is that already has hardware, in the form of all those $99 TouchPad's being snapped up on eBay." -
German Court Issues Injunction Against iPhone & iPad
angry tapir writes "A German court has ruled that Apple's iPhone and iPad devices infringe a Motorola patent and issued an injunction against sales of the products in Germany, in the latest move in a long series of legal battles between the companies. It's the latest stage in the international patent conflict that's been raging over mobile devices, which has included the recent Samsung victory over Apple in an Australian court and a defeat for Samsung in a Dutch court." -
German Court Issues Injunction Against iPhone & iPad
angry tapir writes "A German court has ruled that Apple's iPhone and iPad devices infringe a Motorola patent and issued an injunction against sales of the products in Germany, in the latest move in a long series of legal battles between the companies. It's the latest stage in the international patent conflict that's been raging over mobile devices, which has included the recent Samsung victory over Apple in an Australian court and a defeat for Samsung in a Dutch court." -
Ask Slashdot: Best Tablet For Running a Real GNU/Linux Distribution?
bmsleight writes "Android is nice, but I do not want to pay to print or be beholden to the cloud to do everything or chroot. I just want a tablet that can run a MythTv-client, OpenOffice.org and good old apt-get instead of an app market. I have a Joggler — which costs £60 — I'd like something similar but with a battery, a bigger screen, and other modern tablet features. So, what's the best tablet for running a real GNU/Linux distribution (ideally Debian)? Bonus points for the best apt-get-able distribution that works with a tablet." -
Is the Earth Special?
Hugh Pickens writes "Planetary scientists say there are aspects to our planet and its evolution that are remarkably strange. In the first place there is Earth's strong magnetic field. No one is exactly sure how it works, but it has something to do with the turbulent motion that occurs in the Earth's liquid outer core and without it, we would be bombarded by harmful radiation from the Sun. Next there's plate tectonics. We live on a planet that is constantly recycling its crust, limiting the amount of carbon dioxide escaping into the atmosphere — a natural way of controlling the greenhouse effect. Then there's Jupiter-sized outer planets protecting the Earth from frequent large impacts. But the strangest thing of all is our big Moon. 'As the Earth rotates, it wobbles on its axis like a child's spinning top,' says Professor Monica Grady. 'What the Moon does is dampen down that wobble and that helps to prevent extreme climate fluctuations' — which would be detrimental to life. The moon's tides have also made long swaths of earth's coastline into areas of that are regularly shifted between dry and wet, providing a proving ground for early sea life to test the land for its suitability as a habitat. The 'Rare Earth Hypothesis' is one solution to the Fermi Paradox (PDF) because, if Earth is uniquely special as an abode of life, ETI will necessarily be rare or even non-existent. And in the absence of verifiable alien contact, scientific opinion will forever remain split as to whether the Universe teems with life or we are alone in the inky blackness." -
GNOME 3 Wins Linux Journal's Readers' Choice Award
msevior writes "Although Linus Torvalds and some Slashdot commentators may disagree, GNOME 3 has many admirers. GNOME 3 was awarded the Linux Journal Readers' Choice award for 2011." Though I'm one of the complainers, I hope to be converted with the help of Gnome Shell extensions.