Slashdot Mirror


User: fuzzyfuzzyfungus

fuzzyfuzzyfungus's activity in the archive.

Stories
0
Comments
15,204
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 15,204

  1. Re:Question #1 on George W. Bush Live From Facebook · · Score: 1

    In the immortal words of Henry Kissinger, another highly successful war criminal, "Power is the ultimate aphrodisiac". I'm guessing that sleeping isn't a huge problem. (no, sorry, the eyebleach required to efface that mental image is sold separately...)

  2. Re:I hope it's moderated on George W. Bush Live From Facebook · · Score: 5, Insightful

    Even without recognizing the authority of the ICC, the US has punished users of waterboarding (both Americans and captured foreign opponents) independently, and some of the legal precedent on the subject actually comes from crackdowns on certain rather dodgy police forces which had stumbled upon this most excellent method of closing cases...

    Furthermore Ronald Reagan, practically a saint among the right, was the one who pushed for the US ratification of the UN convention against torture, saying:

    "The United States participated actively and effectively in the negotiation of the Convention . It marks a significant step in the development during this century of international measures against torture and other inhuman treatment or punishment. Ratification of the Convention by the United States will clearly express United States opposition to torture, an abhorrent practice unfortunately still prevalent in the world today. The core provisions of the Convention establish a regime for international cooperation in the criminal prosecution of torturers relying on so-called 'universal jurisdiction.' Each State Party is required either to prosecute torturers who are found in its territory or to extradite them to other countries for prosecution."

    Even if we have not the slightest interest in giving the ICC the time of day, we have a legal obligation to prosecute torturers we find on our soil, and in some cases to extradite them to the jurisdictions where their crimes took place, assuming extradition agreements are in place.

    We can only assume that Ronald Reagan was actually a soft-on-terror deep-cover liberal...

  3. Re:The real problem is... on Security Expert Warns of Android Browser Flaw · · Score: 1

    "Patch Tuesday solution" basically implies "Asserting the amount of control needed to push quick patches to 3rd party embedded devices".

    Unfortunately, patching embedded devices is something of a problem industry wide: many of them are weird/customized enough that 1st party patching would be truly heroic, for any issues that aren't isolated near the top of the stack, and many of the 3rd parties who made them are basically uncaring, incompetent, or both. PCs, by contrast, are both fairly heavily standardized(their are oddities; but if it won't boot Windows, or freaks out if you pop in a card with an option ROM, it is going to have market problems) and are typically free to patch themselves. Embedded devices are often somewhat odd, architecturally, and in ways that may not be public knowledge(even Microsoft, not exactly a big OSS fan, had to start distributing large portions of WinCE as source, albeit under a proprietary licence, because binaries were too inflexible for embedded developers). You see much the same thing regardless of OS. PCs running NT-derived OSes are generally patched, unless the user is a pirate, already compromized, or an idiot, or the PC is in some tightly locked-down and change averse IT shop(where, at least, it probably has firewalls an IDSes and stuff). PCs running linux are generally the same way. Devices running WinCE or NT embedded and derivatives, or embedded devices running Linux, are frequently dependent on the vendor for fixes(either cryptograhpically enforced, or because they are weird enough that you need dev skills and dev tools in the respective OS to update them) and are typically woefully out of date and vulnerable.

    In this specific context, Google's blessed Android devices, or devices sufficiently well understood for 3rd party ROMs to be a valid alternative, will probably be the "PCs" of the android world, running code close to new, and as secure as is available. The problem is the ones that deviate from that. Google has fair leverage over prominent telcomm devices(in the sense that proprietary google software, app store, navigation, etc. are seriously important selling points for expensive smartphones); but telcos have serious pushback power. Random pacific rim crapgadget guys have zero power; but they are generally just shipping digital photoframe hardware running a compile of the OSS elements, along with some terrible custom software. Google has no leverage, and they aren't exactly to be trusted for timely software updates and general code quality.

    It is a large, and general, problem now that embedded devices of all sorts are internet-connected(y hello thar, stuxnet worm...)

    Apple has "solved" the problem by simply eliminating all 3rd party vendors. This does solve the 3rd party vendor issue; but has some downsides.

    The best case that I can imagine for Android, would be for Google to move as much as possible into safely-updateable modules(rather like linux with a package manager, rather than updates only by writing an entire firmware lump) to make it easier to push updates between point releases or to devices that will never receive point releases(this still won't save them if Vendor X's shitty custom skin depends on, say, the vulnerable version of the browser and won't work with the updated one; but it will at least help devices whose hardware or vendor's commercial considerations keep them at some obsolete release forever.

    Second, it is to be hoped that, eventually, the market will settle down a bit into two camps: A)Relatively high profile devices, shipped by major telcos and the like, which are either produced by outfits willing to do their own security work, or willing to stay very near stock and adopt Google's security work. B) "Relatively-best-of-breed" cheapy tablets and mysteriously brandless-countlessly rebadged hardware whose relative superiority over other such hardware, and relative low cost and weak tivoization vs. telco locked gear, attract sufficiently large communities of cheapskates and freedom enthusiasts

  4. And in other news... on Aging Reversed In Mice · · Score: 1

    The stock price of the Umbrella Corporation was up 36 points amid heavy trading as the markets opened this morning...

  5. Re:Ok im waiting. on USCG Sues Copyright Defense Lawyer · · Score: 3, Insightful

    I'm pretty sure it involves a form of serfdom...

  6. Re:The real problem is... on Security Expert Warns of Android Browser Flaw · · Score: 1

    I suspect that they knew about it, in theoretical terms; but how do you respond to such knowledge? Asserting the amount of control needed to push quick patches to 3rd party embedded devices would make the 3rd parties run screaming. Delivering perfect software on anything resembling a budget isn't really a happening thing.

    It's sort of like knowing that you are going to die. The number of things you can do isn't zero; but you can never really "react usefully" to this knowledge because there just isn't anything that you can do about it. I assume that Google encourages 3rd parties to follow the mainline with the same enthusiasm that some individuals reserve for eating healthy foods and getting exercise; but both are facing an ultimately futile exercise.

  7. Re:Good enough to Jailbrake? on Security Expert Warns of Android Browser Flaw · · Score: 1

    I wouldn't hold my breath for a jailbreaking/modding community for a device so popular that it doesn't even have its own wikipedia page, and only gets about a paragraph on the main Sony Mylo page.

  8. Re:Chester Wisniewski's point is invalid, IMO on Security Expert Warns of Android Browser Flaw · · Score: 4, Interesting

    His point is arguably more valid for some types of problems than for others...

    Some things are inherently difficult in an environment with numerous hardware variations that cannot be depended upon(designing UIs that work nicely across multiple screen sizes/keyboards vs. softkeys only, etc, substantial differences in proccessing power, RAM, storage); but most security bugs, unless apocalyptically foundational in some ugly way, generally don't qualify. Nor are security fixes(unlike new features, or issues related to custom skins and other OEM differentiation crap) generally something that carriers are likely to be conflicted about from a marketing perspective. Lots of carriers are doing a lousy job of updating existing handsets to newer android versions because they would really rather just sell you the Model N+1 and another two year contract. Doing that with an obscure bug is harder.

  9. I, for one, have childlike faith... on X-37B Secret Space Plane To Land Soon · · Score: 1, Interesting

    That somebody will explain how our superiority in the highly competitive black-ops space-plane carrying mystery cargo arena will eventually be converted into a solution for the fact that we can't seem to fight a ground war against a 14th century tribal rabble armed with 1950's eastern bloc shit without getting our stuff blown up all the time...

  10. Re:Full Of Shit? on DHS Seizes 75+ Domain Names · · Score: 5, Informative

    This one was pretty classy. Nothing says "due process" like denying a mental patient access to care, and then deporting him to a country whose language he doesn't even speak, and from which he isn't even descended, despite having evidence that he is a US citizen(and thus not even under ICE jurisdiction)...

    This article is rather more general. Cool thing is, immigration violations/deportations are considered to be civil, rather than criminal matters, despite the fact that people involved in them are generally detained in jail-esque conditions. No public defender for you, sucker. And proving your citizenship is a total cakewalk under those conditions...

    Googling turns up a variety of similar stories. Perhaps the snappiest is the one that begins with the money quote from one 'James Pendergraph, then executive director of Immigration and Customs Enforcement's Office of State and Local Coordination': "If you don't have enough evidence to charge someone criminally but you think he's illegal, we can make him disappear.".

    Obviously, if only by sheer statistical probability, ICE does manage to deport a fair number of authentic illegal immigrants every year; but they are about as callous and sloppy about it as you'd expect a bunch of jackboots with broad power and limited oversight to be.

  11. Re:no surprise on Satellites Spy On Black Friday Shoppers · · Score: 4, Interesting

    I am moderately surprised that the fairly low-resolution data you would get from a visual surveillance satellite(ie. you can tell how full the parking lot is on Black Friday. How many people are there to buy el-cheapo crap to satisfy their Christmas obligations without going further into debt, and how many are there to pick up toys just because they can? Can you tell the difference between my 'Insignia' brand bottom-of-the-barrel-but-good-enough-to-watch-football-with-my-browskies LCD TV and a top of the line cinemaphile disposable-income-eater of similar size just by the box, from space?), even with sophisticated machine vision algorithms or more analysts than the National Reconnaissance Office, would be competitive with consumer metrics available from other sources.

    I'm guessing that most Black Friday purchases are not made with cash and the ones that are are probably comparatively small and could be estimated just by putting a few flunkies near a statistically relevant sample of checkout lines. This would mean that any of the major credit/debit card guys should have a much better, and much more machine readable, trace on consumer spending. Retailers, of course, many of whom are publically traded and nearing the end of their fiscal year, obviously know what they sold; and I'm guessing that the guys in the shipping sector know reasonably well how much stuff had to be shlepped from the pacific rim to refill Wally World after the event.

    Pictures from space have been a given for years now; they just seem like a sloppy source of data compared to all the others that already exist...

  12. Re:So much for the hoax theories on DHS Seizes 75+ Domain Names · · Score: 1

    While I'm sure there are plenty of people and entities who would like them to try, I suspect that that wouldn't get very far, unless the jurisdiction in which the other registry is operating already agrees with the US on whatever the policy being enforced is.

    "Control" over DNS isn't magic, nor is there automatically just a single, consistent, DNS structure. Back in the .com boom days, there were a number of outfits peddling various crapware that would tinker with a PC's DNS setup to point them to various cowboy DNS servers affiliated with entities selling trendy TLDs that didn't officially exist. All foundered; because weird TLDs are kind of a ghetto, and weird TLDs that most people can't even see are essentially worthless; but architecturally it was unproblematic enough.

    The only DNS entries that really matter are the ones that ISPs use, since those are the entries that the overwhelming majority of people are going to be using when they type in a domain name. Unless ISPs in assorted foreign lands voluntarily, or under pressure from their own governments, start going to the US for lookups of their own local TLDs, instead of just going to the local registrar, it won't much matter(outside of the US) what the US root servers have to say about those TLDs.

    The US would, in all probability, have much better luck using assorted "trade agreements" and ostensibly multilateral treaty instruments(ACTA, WIPO, etc.) to just have what they want enforced locally, not that they don't already. Virtually nobody, outside of the US, would notice if the US root DNS servers started returning odd results for specific domains in assorted foreign TLDs, since most users of those TLDs would never have their DNS lookups go any higher than an ISP's cache(the only exception would be those little pacific island TLDs, which essentially have zero domestic market, and are used largely as novelty TLDs in the US and elsewhere. .TV and the like).

  13. Re:So much for the hoax theories on DHS Seizes 75+ Domain Names · · Score: 1

    Luckily the world is just overflowing with even better options...

    What we need is an expert system that parses the legal codes(and news reports/statistics concerning de facto behavior, since de jure codes are often a poor predictor of that) and then tells you where you should, and really shouldn't, obtain things like domain names and hosting, depending on the nature of your content.

    Gung-ho for for Falun Gong? Strong opinions about the mud races? Fancy a spot of borderline libel? Consider hosting in America, Land of the Free(tm)!

    About to hoist the Jolly Roger? Avast matey, ye'd best seek a fairer port...

    Depending on the details, this sort of jurisdiction shopping can get you toleration of virtually anything you might fancy(consider it the poor man's equivalent of the much more lucrative jurisdiction shopping in tax schemes, labor markets, and environmental regulations...); but I don't think that there is a single jurisdiction on Earth(and Mars has ghastly ping) where you could safely host everything you might want. America is a lousy place to violate the draconian local IP laws; but not a bad spot for unpopular opinions(being Fred Phelps is legal here, what more do you need to know?). The UK is probably the worst place you could choose for saying mean things about people and so forth.

  14. Re:One of Our Cancers on DHS Seizes 75+ Domain Names · · Score: 5, Informative

    Ironically, of course, grabbing 75 domain names as part of a taxpayer funded handjob for the MPAA's bottom line is a tiny; but highly visible, slice of ICE's activities and, by far, not the most sinister.

    This is an organization, after all, that has approximately 380,000 detainees enjoying its involuntary hospitality at any given time, in a nationwide network of facilities that range from "low profile" to "seriously shadowy". A fair percentage of them are undesirables of various stripes, so the public is wholly uninterested; but the process is opaque enough that their decisions aren't exactly subject to rigorous double checking. On occasion, a mysterious death or tragicomic "American citizen of the brown persuasion accidentally repatriated to some random country that he looked like he might be from, ICE tells his lawyer that they don't know where he is" story makes local headlines; but that is about it.

    I realize that Slashdot is a good headline for melodramatic techie myopia; but domain-name seizures are boy scout stuff by the standards of ICE's bread-and-butter activities...

  15. Re:let me clear your mind. on UK Asks News Outlets Not To Publish WikiLeaks Bombshell, US Prepares For Fallout · · Score: 1

    I'd date it earlier than that. We'd already managed to pass the Alien and Sedition acts in 1798. Unless we wish to acknowledge that arbitrary executive power and suppression of dissent are, de facto, among our founding ideals, then it might be suggested that we managed to deviate from them surprisingly quickly(and that's only considering our legally ratified treatment of white guys; never mind the unofficial stuff, or those people who hadn't yet become human at the time...)

  16. Re:Well... on Early Look At Acer's Iconia Dual Touchscreen Device · · Score: 1

    With a European release price of 1,500 euros, I'm guessing that that'll be a "no".

    Which is disappointing; but may actually be a good thing. Touch responsiveness and LCD visual quality in off-axis use are two of those variables which are difficult to swiftly quantify; but where money talks, and there is a low end too low to be worth delving into. The prospect of using two LCD panels at 90 degrees off axis, with only the touch sensitive system they could afford after cramming an entire computer and two LCDs into a $500 sale price, sounds like about as much fun as trying to sandpaper your eyeballs in an early-90's VR rig...

  17. Re:Less editorialization please on Windows Phone 7 Sales Continue To Struggle · · Score: 3, Insightful

    It is editorializing(hardly shocking in a slashdot submission); but extremely low phone prices, on average, are actually a rather ambiguous sign for the success of a platform, depending in no small part on what the platform was intended to do.

    If Windows Phone 7 was supposed to beat Apple at its own game, the fact that Apple can keep merrily having among the highest 'on-contract' prices with a shitty carrier, while MS has to basically give them away, then this is a sign that MS is failing. If, on the other hand, Windows Phone 7 is supposed to buff MS's mobile marketshare enough to court developers, ideally without hemorrhaging too much money in the process, then contract-subsidized cheap hardware is a pretty logical way of doing that. No matter how good or bad a platform is, its sales will likely be better at a somewhat lower price and developers care about how many potential customers your platform represents. Also, from a pure financial perspective, it strongly depends on who is taking the hit to make the phones that cheap. If MS is getting their licensing fee, and some hardware OEMs are getting squeezed, that will just be business as usual. If MS has been forced to offer a giant pile of 'well, legally, they aren't actually kickbacks and subsidies' then shareholder enthusiasm is going to cool, possibly fast.

    Similarly, with Android, if Android is in fact Google's move into Apple's territory, then the continued low average handset price, and comparatively small market for the Google-blessed 'flagship' models is bad news. On the other hand, if(as was commonly suggested originally) Android is intended as a relatively low-cost way of kicking the dumbphones of the world in the ass and onto the internet, where they can then be used to look at Google ads, then a low handset selling price is actually a feature.

  18. Re:Where can I try N900? on Symbian Foundation Sites To Close · · Score: 1

    Maybe they've fixed this with the N900; but prior linux-running N-series stuff has always seemed to have one or two critical drivers that are binary only(wi-f seemed to be the popular choice). Not nearly as evil as proper DRM; but it did tend to mean that older devices were more or less toast the minute Nokia lost interest. If you were lucky, you might limp through a few userspace bumps; but largely game over on the kernel side...

  19. Re:So how is Symbian free software? on Symbian Foundation Sites To Close · · Score: 2, Insightful

    Ummm, a policy of distribution, on request, for no more than a reasonable cost recovery fee, is actually explicitly GPL compatible(and I'm not aware, offhand, of any reasonably common "free software" license that does specify http rather than fedex). Legally, a change from having a website to distributing dumps of the backups on request makes no difference at all.

    De-facto, of course, seeing as web pages(along with things like torrents if you really have no bandwidth money and big files to move) are by far the most convenient and cheap means of distributing code and facilitating its open development, pulling the site down typically announces an intention to quietly move to a "legally open, in practice closed consortium that the unwashed can visit if they fill out a request in triplicate six months in advance" or (as is not wholly implausible with symbian) just take the project out back and shoot it. From a "free software" perspective, a move away from the overwhelmingly easiest way to run a project openly certainly doesn't scream "team player"; but it isn't a legally salient move.

  20. Re:I don't get it on Symbian Foundation Sites To Close · · Score: 2, Funny

    I'm pretty sure that this is the software-industry equivalent of taking a body home for a closed-casket funeral.

  21. Re:SSL can only be adopted if provided by websites on Deep Packet Inspection Set To Return · · Score: 1

    I'm obviously not expecting 100% noncompliance from all websites, there is always somebody willing to try, if the money looks good; but I would argue that Phorm, and anybody with a similar business model, are a necessarily pro-isp, anti-site operator outfit and that that will not endear them to web operators.

    The situation is actually quite analogous to net-non-neutrality. Some sites will likely play ball; but the overall effect of such a scheme is(quite evidently to any player paying attention) a net transfer of wealth from website operators to ISPs.

    Phorm et al. are, essentially, in the business of providing the technology for ISPs to leverage their man-in-the-middle position to extract rents from the online advertising/behavioral-research market, rather than just being a dumb pipe for it; just as deals to selectively speed, degrade, or redirect traffic are attempts to exploit that same position with respect to the market in data transmission. In both cases, certain sites, particularly losers owned by entities with substantial capital from other operations(say, for example, Myspace, which is getting its clock cleaned by Facebook; but might be tempted to buy an otherwise unavailable advantage by making a deal with the men-in-the-middle) may be tempted to bite; but the overall intent is quite clearly against the interests of website operators and advertisers as a class.

    A website operator or advertiser can already show ads and gather data on people who they manage to entice, by offering something of interest or value, to visit them. With Phorm and friends, an ISP can snap up exactly the same data from all their subscribers, while still getting paid. Even if they refrain from actively modifying content(it would be technologically trivial, for instance, to strip google ads and insert bing ones in their place on an unencrypted site) site operators and advertisers aren't going to be happy. If they don't refrain, There Will Be Blood...

  22. Re:WHO doesn't want to be embarrassed? on UK Asks News Outlets Not To Publish WikiLeaks Bombshell, US Prepares For Fallout · · Score: 1

    You are so mean. Why should being an elected official mean having to give up having my cake and eating it too? I want to do shameful things and be hailed as a good and honest man!

  23. Re:let me clear your mind. on UK Asks News Outlets Not To Publish WikiLeaks Bombshell, US Prepares For Fallout · · Score: 4, Insightful

    Is that still a question? I thought that we'd settled that years ago...

  24. What surprises me... on Company Seeks To Boost Linux Game Development With 3D Engine Giveaway · · Score: 5, Interesting

    What I find curious about the general poverty of the linux gaming scene is how the prerequisite elements that do exist seem to have come together much less well than I would have expected, even as, in other areas, the prerequisite elements come together better than I would expect.

    A lot of effort gets dumped into Linux and the software ecosystem that people generally mean when they say "linux"(gnome, KDE, prominent programs for both, etc.) A fair percentage of it is paid for(kernel work that makes it more suitable for vendor X's servers and vendor Y's embedded platforms, some Freedesktop consortium stuff, etc.); but much of it is purely voluntary, even the sort of thing that corporations might shy away from under the advice of their lawyers(swift reverse-engineering of iPod and MTP syncing, that one French physicist who single-handedly built support for about a bazillion pre-UVC webcams, etc.).

    Similarly, a lot of purely voluntary effort gets dumped into the modding scene. On occasion, a very prominent and successful mod team gets snapped up and goes pro; but that is a sucker's bet. There is a lot of hard, sometimes tedious, modding/art/game balance work going on around commercial games purely voluntarily.

    On the Linux side, support for cutting-edge, just-released games and engines is rather sparse; but there are a number of fully free engines and generic asset packs that have been kicking around for a while. All of ID's older engine properties have been cleaned up and open-ified, some from-scratch engines have as well, as well as a few other scratch developed or commercially abandoned projects.

    There exist the engines(not cutting edge; but adequate enough for reasonably pretty graphics), there exists a talent pool, as proven by the modders, and their exists a reasonable amount of volunteerism and paid-for-by-people-unconcerned-by-free-riders paid work in the linux ecosystem generally. Why does that so seldom come together on the Linux side? Are the modding tools with contemporary-release proprietary games just that superior to the tools available to the freed engines? Is the mass of potential gamers to turn into modders just that much larger on Windows? Something else?

  25. Re:Deja vu on Deep Packet Inspection Set To Return · · Score: 4, Interesting

    Unfortunately, so called "outrage fatigue" is both well recognized and quite effective. People with a direct profit motive can just keep trying, again and again, until all but the hardcore tinfoil hatters lose interest)...