Slashback: Walmart and Wiki, Alan Ralsky

Slashback, as always, provides updates and clarifications to previous Slashdot stories. Tonight we bring you updates on Australian Smart ID Cards, the security danger that USB memory sticks pose, Wal-Mart's Wikipedia War, Lego Mindstorms, LiveJournal's stance on Ad-Blocking software, and news about 'Spam King' Alan Ralsky. Read on for more. Update on Australian Smart ID Card. CaptainDefragged writes "According to an article at Australian IT News, the data from Smart Card that our government is introducing is going to be used for a lot more than just health care and welfare fraud prevention. From the article: 'Intelligence agencies and police will be given access to a vast database of biometric photographs of Australians to be created for the new health and welfare smart card to fight terrorism and more general crime. ASIO and the Federal Police will be allowed routine access to the smart card database on national security issues, while state police will have restricted access for general crime investigations.'"

USB sticks as a security threat. martijnd writes "The BBC follows up on the risks of USB sticks as a threat to business by looking at data theft and virus-spreading-as-from-a-floppy infiltration."

More On Wal-Mart's Wikipedia War. An anonymous reader writes "Past the media coverage of their article 'Wal-marts Wikipedia War', Whitedust has apparently received an interesting email from Mike Krempasky (representing Edelman Public Affairs in Washington, DC). While maintaining that Whitedust has no actual specific issue with Wal-Mart - the article was published on the simple premise that Wikepedia's important neutrality was apparently being compromised - and in the interests of a more balanced argument, Whitedust have published the email in full to their readership along with some other interesting notes."

Mindstorms NXT: Mindstorms Resurrected?. Since the announcement of Mindstorms NXT; many people believe that my earlier article was completely off target. My latest article, Mindstorms NXT: Mindstorms Resurrected?, attempts to complete the analysis. It concludes that Mindstorms NXT does not represent any change of direction for Lego; and unless forced by competition to act otherwise, Lego will continue to market Mindstorms as a niche product line."

Spam King Alan Ralsky NOT Jailed. narzy writes "DailyTech.com is reporting that contrary to reports last week, spam king Alan Ralsky was in fact not picked up by the Feds. Inquires put in to the DoJ and Detroit FBI field office resulted in puzzling dead ends as both agencies had no information as to having Mr. Ralsky in custody. Early Monday morning the original source recanted the story of Mr. Ralsky's arrest."

LiveJournal Explains Ban on Ad-Blocking Software. An anonymous user writes "LJ Founder, Brad Fitzpatrick, blames the change to the Terms of Service on boilerplate language put into the document by 'some lawyers'." From the article: "This is a pre-announcement that a more user-friendly TOS change is on its way. (After all, we can't even detect that you're even using ad blockers to begin with, so there's no point in us saying you can't. Plus you might not even have control over what's installed on your computer, etc.) So, yeah, sorry: we messed up."

Full Disclosure

[narzy]

I am Tim Thorpe, I am also narzy I wrote the article on dailytech.com and submitted it to /.

Re:Full Disclosure

[Rob+T+Firefly]

I'm Tim Thorpe, and so is my wife!

Can't detect ad blockers?

[Anonymous+Crowhead]

I just ad blocked images from a local web server and looked in the logs afterwards. No more requests for the images. Maybe I am missing something seems that it would be trivial to detect. Just look in the logs. You wouln't even have to look through all of them, you could just take samples.

Re:Can't detect ad blockers?

[Anonymous+Crowhead]

Browser information is also in the logs. And before you reply saying you can spoof that, I know. Fact is, outside of tech circles like this, text only browser usage and spoofing the user-agent is rare. I'd say text based web browsing is probably fairly rare here too, though I'm sure someone will post ancedotal evidence in the form of "I use lynx all the time" or "$text_browser represents 75% of my $conspiracy_theory blog visitors". I use lynx too, but it only represents about 0.1% of my total browsing.

Re:Can't detect ad blockers?

[strider44]

Plenty of adblockers allow downloading of the images but don't show them on the page. In fact mine does this.

Re:Can't detect ad blockers?

[Anonymous+Crowhead]

Yup, but a lot of "administrators" won't be smart enough to notice things like that. They won't get past the "how dare they not download our ads. They must be stopped..." part of the thought process

Well, in my experience, it's the PHBs who do the "how dare they not download our ads. They must be stopped..." and issue the directive of "find me all/how many/etc of the users who block our ads" to the administrators. Having been given somewhat similar tasks, if you don't find that fun, maybe you shouldn't be an adminstrator of a high traffic web site. Analyzing that sort of stuff is par for the course.

Re:Poor Mindstorms

An expensive toy that appeals to a small percentage of the population should have the full marketing resources of the company behind it.
--
I use a Mac, asshole.

No need to be redundant.

Re:Poor Mindstorms

[drinkypoo]

Actually, I can't imagine why either. This new product is so clearly superior, and will probably also be easier to use (if for no other reason, than that it has servos) that I can't picture anyone buying any more mindstorms. Certainly I will not be purchasing any more mindstorms equipment, and I do currently have some (but I only have a couple of the blue RCXs, even, so it's not like I have a huge investment.)

Re:Livejournal Incompetent?

[Solra+Bizna]

user didn't download ads, user is using an ad blocker.

AdBlock has a feature to download the ad but not display it.

-:sigma.SB

Australia as a testbed

[Oldsmobile]

It seems Australia could be used as a testbed for invasive smart card and biometric technologies, seeing as how the populace on the whole embraces the anti-terrorism-means-restricting-our-rights -mantra.

I am sure that the Australian experience will be looked at in the US, once the final decision has been made to implement a universal biometric ID system.

There are many things, such as the PASS-card as well as requireing biometrics on your passport, that can be seen as groundlaying work for such a system.

Things like these, after all, don't come all of a sudden, instead they are slowly implemented, one step at a time. In the end, you will find it strangely convinient, and not really all that bad, to have to carry your biometrically enhanced universal RFID card along with you.

Re:So why isn't Ralsky in jail?

[Skadet]

Maybe they should get some Cell-alis and increase the size of their cells anywhere from 2-6 feet?

Flaw in detecting ad blocker

[ParanoidJanitor]

If a user for Livejournal is using a text-only browser they won't load any images. If you just look for images loaded in a log a text-only browser will show up as adware when it's really not.

Re:Livejournal Incompetent?

[Neil+Blender]

And how much would it cost to monitor, analyze and store the data from the tracking of even a small percentage of their 10,169,726 users and communities?

They are already doing that. Any site with any traffic that generates revenue monitors this very closely. It's the blood of the net.

Would it be worth going out of their way to shut down any of the users they found in violation, particularly in the eyes of the advertisers?

For sites of that magnitude, changing click-through ratios by just a few percentage points can mean millions in revenue - lost or gained.

prisoner locator

[www.sorehands.com]

There is a web page to check for Federal prisoner: http://www.bop.gov/iloc2/LocateInmate.jsp

I checked before, and found out that a spammer that I sued Gary Hunziker was recently released. http://www.bop.gov/iloc2/InmateFinderServlet?Trans action=NameSearch&needingMoreList=false&LastName=H unziker&Middle=&FirstName=gary&Race=U&Sex=U&Age=&x =0&y=0
It sometimes is a handy web site.

Re:Wal-Mart Wiki Manipulation unlikely

While I don't work directly for W*M, I do work with their IT dept very closely. One thing I've learned is they are very serious about ROI's (return on investment). I find it very hard to believe anyone (Public Relations or IT) would be able to convince management that fighting over a Wiki entry had a solid ROI. The average W*M customer just isn't very concerned with Wikipedia. Dollars spent in local community donations and advertising speak much stronger to the typical W*M shopper.

I don't find it so hard to believe that some very dedicated IT guys/gals like Wikipedia but don't like what they read about Wal-Mart there. Being a CS grad, I've met my share of people who I can imagine taking a wiki entry very seriously, even to the point of it being personal. This seems like a much more likely scenario than a broad corporate scheme to better the W*M wiki-image.

WalMart needs a mouthpeice?

[redelm]

I'm a bit surprised: Why would WalMart use an external consultant (especially a lobbyist) to deal with a press inaccuracy? Don't they have people who do that in-house?

If they don't have'em, how likely is it they have people to manipulate a wiki in-house? They'd just contract it out, like the defense. Plausible deniability.

Re:WalMart needs a mouthpeice?

[AKAImBatman]

Why would WalMart use an external consultant (especially a lobbyist) to deal with a press inaccuracy?

If you read his email, he was just trying to establish a dialog with the author to prove or disprove his claims. Whitedust decided to act irresponsibly (again) and published it rather than forwarding it to the author.

Honestly, if I have any security needs in the future, Whitedust will be the LAST company I look to for help or recommendations.

Re:Wal-Mart Wiki Manipulation unlikely

[cant_get_a_good_nick]

One reason that Wal-Mart is so efficient is the have a killer IT department. They have a very good inventory and order system, that is a real competitive advantage. One of the reasons K-Mart failed in their bid to re-invent themselves is that they couldn't compete with Wal-Mart efficiency. They have some of the best tech, if not the best tech, in the industry. Just because they're in Arkansas don't think they're goobers.

Erm..wow, that's some quality research.

[Phanatic1a]

According to our latest poll, at time of writing 74% of Whitedust readers believe that Wal-Mart have manipulated Wiki.

A purported *security* company thinks this is valid evidentiary support? "The lurkers support me in email" is even lamer in the real world than it is on Usenet.

Re:Poor Mindstorms

[sbaker]

The biggest problem with NXT for me is that they skimped on the memory. That thing really cries out for a decent amount of Flash memory.

Re:Livejournal Incompetent?

[petard]

I don't notice the bandwidth difference, but I see a huge difference (on some pages) in the time it takes to display pages on my 3Mbps DSL line. The way some pages are written, browsers can't render the page until they've fetched the ads. IIRC it has something to do with sizes not being included in an img tag...

Some of the ad servers are quite slow to respond, and I can see my browser waiting for ads.mediaplex.com or some such. If I configure a proxy to remove all references to these servers, pages load much faster even though the bandwidth difference is negligible. So for me, 50% of the joy of blocking ads is the latency difference, not the bandwidth difference.

But to address OP's point, they can't tell whether you've fetched the image or not in anything resembling real time if they don't host the image themselves. So it's not incompetence alone that prevents them from noticing this, it's the desire of ad providers to track their own stats rather than trust LJ to do so themselves. Well, that and the desire of the ad providers to be able to send cookies to your site and track you across different sites, which they couldn't do unless you make an HTTP request to the ad provider...

Re:Wal-Mart Wiki Manipulation unlikely

[Zeinfeld]

While I don't work directly for W*M, I do work with their IT dept very closely. One thing I've learned is they are very serious about ROI's (return on investment). I find it very hard to believe anyone (Public Relations or IT) would be able to convince management that fighting over a Wiki entry had a solid ROI.

Try editing the Walmart article on Wikipedia and you will soon learn that you are wrong. They always have someone on the Wikipedia article. Every piece of criticism is pushed as far down the article as possible and then deleted. They have something like ten different editors. If you look at their histories they don't edit many other articles.

This is a big problem across Wikipedia in general, it is pretty easy for a politician or a company to erase negative information.

If you look at the Fox News article you will find that pretty much all mention of its role as a conservative propaganda organization is eliminated. The only mention of the fact that many people consider Fox has a hard right tilt comes right at the end. Thats just the folk comming in from the wingnut-sphere. I really doubt Fox cares about being considered conservative, its just an act they put on because they know it gets up the nose of liberals (but not as much as Colbert got up their nose this week).

If you read the Katherine Harris article you will find that there are people who don't think the fact that she had a meal costing $2,800 with a defense contractor who just pled guilty to corruption and bribery notable at all, nor the fact that she tried to send a $10 million federal contract his way through an earmark the next day and subsequently lied about doing so repeatedly. That fight is particularly amusing because the people most desperate to get Harris off the November ballot are her own party. Jeb Bush, Karl Rove and Ed Rollins are all on the record briefing against Harris.

You can even find bogus info in the history articles and the articles on religion. There is a group that is very eager to tell us that nothing really bad happened during the Spanish Inquisition.

Crank contributions come in from both the left and the right. Its quite interesting to see an MIT full professor being told he does not understand the technology he pioneered.

I think that these problems are fixable but it needs a change of priority that Jimbo does not seem willing to make at this point. The priority is to have the widest range of participation with the lowest barriers. That may not be the best way to create articles on controversial subjects.

I think that there needs to be a bit more process and a mechanism to track editor reputation, similar to the slashdot scheme but with something added to cope with the partisanship factor. Slashdot forays into politics are none to successful unless it is on a topic like CALEA where there is a guaranteed 500 posts, all with the same opinion.

Re:Poor Mindstorms

[rossifer]

Shortly after release, there will be a hack to add a secure digital card controller to the NXT. The card controllers can be wired into almost any standard flash memory circuit and cost about $5 each. Then you can throw a gig of flash on there for $30, or four gigs for $120 (don't know if it will be able to use all four gigs, though...)

Regards,
Ross

National Healthcare == National ID

[Jah-Wren+Ryel]

After reading the recent article about people in the UK being healthier than people in the USA, it struck me that if we ever have nationalized health-care in the USA, it is guaranteed to come with a national-id card as part of the implementation.

Sure, it is technically possible, even technically easier, to not implement a full-on big-brother national-id just to do socialized medicine. But the political climate in the USA is such that it just won't come to pass without such a draconian requirement. There are just too many corporate and political powers with an interest in tracking all citizens at some level or another and too few citizens that understand or care about the huge risks that such systems bring with them.

So, while some arguments for a single-payer healthcare system are compelling, I find the threat of the one database to rule them all and in the darkness bind us to be sufficiently compelling on its own to oppose any nationalized health-care system in the USA.

I guess it could be worse - we could still end up with the identity card and the subsequent corporate-police-state-utopia without any of the benefits like nationalized healthcare.

Re:Wal-Mart Wiki Manipulation unlikely

[Zeinfeld]

This type of activity just doesn't make business sense. The overhead would be enormous, and the payback would be undefined. That's not to say someone isn't doing it...I just don't think it's Wal-Mart Store, Inc.

It would not be the first time that that Walmart spent a pile of cash on a pointless operation. They spend a fortune trying to avoid paying their staff a living wage or give them real health benefits.

Exxon spent tens of millions last year on phony think tanks dedicated to peddling the myth that there is scientific doubt over global warming.

Walmart is penny wise pound foolish. Their financial results over the past five years are far from impressive. Pay peanuts, get monkeys. Costco has a much better, much more sustainable model. Pay an honest wage, control costs by selling in bulk.

Try it. Just check the html and it should be obvio

[SmallFurryCreature]

The answer why you can't just check the logs is obvious IF you have a browser that somehow can tell you what it is getting from who as it loads the page.

Thats right. The ads are served from a different server.

What is therefore missing is the link between requests.

IF you served your own ads you could indeed build in some system that checks wether the ad you inserted into the page is being downloaded. You would have to start a session for each user, you would have to write a script around your image server that notes in the session wether the image was retrieved but it is doable.

But how do you do this with ads from a third party?

I serve a page to you with a link to get an image from another server. UNLESS I can communicate with that server I have no way of telling wether you did that.

How it could work.

• Client sends request for page.
• Server starts a session and generates the page includings ads.
• Server sends the page to the client with the ad link (including sessionid).
• Client loads page following the link to the adserver (sending the sessionid with the request for the ads).
• Adserver sends a message to the server that an ad has been downloaded for this sessionid.
• Server checks if all the ads it included got a response from the adserver and if all are loaded the user is allowed to ask pages again (with this sessionid) or told to fuck off.

There are other ways as well, the server could send a list of ads included to the adserver and get a single message back if they all been requested or not. But the idea remains the same, you need communication between the adserver and the page server.

That, to my knowledge isn't in use yet.

Oh and the above "solution" ain't perfect either. Ad blockers that retrieve the ad but don't show it would be unaffected. How do you deal with a slow client who browses to fast for the ads to download? You also end up sending your content and are only able to block the user from getting stuff again within the same session.

More problems then, for now, it seems worth to taggle.

There is one form of ad that bypasses all this. The blocking flash ad. You know those screens you get before you go to the content page with a huge flash ad? Some require you to wait some time but what if the content link is only IN the flash ad.

Just make the link to the content only display after the ad has played. Forced ads. Lovely eh?

I have had to think about this problem before. The writeup above is very simple because I can't be arsed to write it all down again because at the time I came to the realisation that it is hard to sell anti-ad-blocker solutions to people who use IE and don't even know how to block virusses.