Slashdot Mirror


User: mysidia

mysidia's activity in the archive.

Stories
0
Comments
13,354
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 13,354

  1. Re:Technically... on Australian Courts Will Be Able To See Your Browsing History · · Score: 4, Insightful

    If using DuckDuckGo, then maybe you'll be presumed to have had something to hide; therefore, you automatically lose the action.

    Such is the way of tyrannical systems which don't respect personal privacy...

  2. Re:So they patented this because....? on Disney Patents a Piracy Free Search Engine · · Score: 1

    They don't need an act of congress; they just need to chip away at the DMCA safe harbor through legal challenges that existing search engines are complicit with infringement due to not using industry-standard algorithms as a policy of deterring infringement, such as Disney's patented algorithm.

  3. Re:West Virginia too on Boo! The House Majority PAC Is Watching You · · Score: 1

    Good luck with that, the People most likely to get campaign material are people who actually vote and the people most likely to vote this year are the people who voted last election.

    I would call this a privacy violation. I didn't opt in to receive any of this spam.

    This could be handled simply: No unsolicited personalized direct mail to voters. Appoint an administrator to allow candidates to pay a specified flat fee to include a flier in a monthly mailing for the 3 months before an election day to all registered voters who have opted in.

    Voters who wish to receive further messages from a candidate may send in a reply form.

  4. Re:West Virginia too on Boo! The House Majority PAC Is Watching You · · Score: 2

    A list of who voted does need to exist to some extent. Otherwise it becomes too easily possible for some entity to start casting votes for other people or dead people without much risk of getting caught

    I agree with the record being public; However, there should be a terms of use. It should not be simply freely available for all uses without restriction --- it should be available for on-premises review by any member of the public who signs an agreement but no note-taking, information extraction, disseminating or copying the information without filling out an application, showing a legitimate use, and providing a surety bond to protect the information and use only as approved.

    Generating marketing or campaign materials based on names in the list or voting rosters or republishing names should be strictly prohibited.

  5. Re:West Virginia too on Boo! The House Majority PAC Is Watching You · · Score: 2

    Taking publicly-available information, then releasing it to the public, can't damage you. The information is already public.

    It depends on context. It is possible that there are ways they could republish details gathered from public records which would be damaging.

    For example; it may be technically public, however, individuals do not ordinarily disseminate the information. If their actions "advertised" or made the information more easily accessible, then it would still be a damaging intrusion.

    If they contact your neighbors or employers, provide a website with clickable links to your neighbors and easy search lookup, Tweet to your followers, or send messages to your Facebook friends, then they have actually taken additional actions which are defamatory and call undue attention to the records, which is intrusive, and there may be compensating damages to be recovered, if financial loss results, such as an employee being fired because they learned through Twitter that their Employee failed to vote.

  6. Re:How is this different from a key? on Virginia Court: LEOs Can Force You To Provide Fingerprint To Unlock Your Phone · · Score: 2

    How is this really any different than requiring you to surrender a key to a locked filing cabinet?

    The key is a physical piece of property just like your physical phone which can be lawfully seized.

    Technically isn't your fingerprint also information which is stored outside your brain?

    Your fingerprint is information, BUT the application of your fingerprint to indicate your approval is a kind of signature, just like if you can't write, going to the bank, and using your fingerprint to approve a withdrawl is a form of validation.

    The police have a gather information which constitutes your fingerprint, BUT they have no right to severe your finger, or to use their access to the information to impersonate you such as by using the information to defraud another person or service that they are you.

    Same deal if you have a signature stamp which allows you to approve documents by applying a stamp; the police can seize the physical asset, but they have no right to pretend to be you and apply the signature stamp to a document advising your personal lawyer to take some action, such as drop the case, or produce a recording of your private session.

    Also.... your iPhone has a built-in signature verifying device, and they have no right to forge your personal signature to impersonate you and cause your Apple product to take some action.

  7. This is not like giving a DNA sample on Virginia Court: LEOs Can Force You To Provide Fingerprint To Unlock Your Phone · · Score: 4, Insightful

    This is like being required to sign your name.

    The security feature on your phone is designed to not unlock unless you signify approval.

    Giving up a key or DNA sample is not signifying your approval; it's just surrendering information which is stored outside your brain.

  8. Nice things on Ask Slashdot: Can You Say Something Nice About Systemd? · · Score: -1, Offtopic

    So I thought it might be instructive to turn the question around and ask the membership about what makes SysVInit or Upstart good.

    There, fixed it for you.

    Post each new Nice Thing as a new post, not as a reply to another post.

    CHECK.

    Nice thing about SysV Init: It is simple, just works, and the project adheres to the unix philosophy. There is no NTP client software in the package, there is no DHCP client software in the package, there are rarely updates to the SysVInit or Upstart projects themselves, and updating doesn't require a reboot.

    Only one concrete Nice Thing about SysVInit/Upstart per base-level post.

    CHECK

  9. Re:Common Carrier on First Detailed Data Analysis Shows Exactly How Comcast Jammed Netflix · · Score: 2

    Not "for free". Settlement Free Peering is based on a mostly balanced flow of traffic. The instant that ratio moves from 1:1 to 100:1 .... "free" isn't in the room anymore.

    And THIS is what makes them not common carriers; ISPs can do this. In the Telco world, interconnect fees are required to be symmetric, for example: if the agreement is that charges carrier A $0.05 per call record to terminate onto carrier B's network, then it must charge carrier B $0.05 a call to terminate onto carrier A's network, it's not allowed to charge carrier A $0.05 per call and give carrier B free service into carrier A's network. An interconnect agreement cannot be terminated or repriced to favor specific networks, just based on the ratio of calls in or out.

  10. Re:Common Carrier on First Detailed Data Analysis Shows Exactly How Comcast Jammed Netflix · · Score: 2

    Since when were fibre cables, $20000 optics, Switch ports, and 40-Gigabit port licenses free when the link is turned off?

  11. Re:Common Carrier on First Detailed Data Analysis Shows Exactly How Comcast Jammed Netflix · · Score: 1

    That would have zero impact. This is like the telephone company in city A have 96 channels to the telephone company in city B, but then 100 people try to make calls. Only some of them will go through, and that's a capacity issue, not regulated by Common Carrier status.

    That's not the scenario. It's not capacity between cities, in this case, it is capacity between networks. The problem is they are discriminating against some networks and refusing to build capacity at the same time as they are building capacity to other networks for free; that's not a common carrier.

    A telco expands capacity based on utilization, and in building more capacity to other networks in the same area: it's not a case of some networks get capacity built to them for free and some have to pay, it's..... each telco pays their own costs to build that capacity needed by their customers AND asymmetric usage is settled through the USAGE fees associated with LD termination on each call.

  12. Re:888 bytes is a pretty fair amount. on Help a Journalist With An NFC Chip Implant Violate His Own Privacy and Security · · Score: 1

    P.S. Alternatively, the information can be uploaded in encrypted format + Base64 to places such as Pastebin, or Freenet, or other massively distributed publication platform.

    The card can then contain just a few 40-character URLs followed by 512-bits worth of cryptocurrency wallet addresses.

    Then a couple of 256-bit decryption keys for the coded messages and the rest of the card can be used for a list of randomly generated initialization vectors that will be used for further encrypted messages.

    So the website can contain an arbitrarily large amount of information which can then be decrypted using the data on the card.

    Also, additional information can be added later by creating a spend transaction to one of the cryptocurrency addresses listed on the card, and publishing the information in the public blockchain, but on the public blockchain the text can be encrypted with the key and one of the initialization vectors on the card can be used. More random initialization vectors and additional addresses and crypto keys required to be provided inside each Nth encrypted message uploaded to the blockchain.

  13. Re:We can do that thing you like on Windows 10 Gets a Package Manager For the Command Line · · Score: 1

    As long as they're going to build and provide plugins for the common use cases, who cares? It could be pretty cool. Sounds like a more flexible architecture if they can support multiple package systems.

    On the other hand, it might just be unneeded complexity. Frankly, in a lot of places I like things that are SIMPLE, Reliable, and Fast. I prefer programs that do one thing well and work with other programs using standard text-based communications to meet the rest of needs instead of attempting to accomadate every possible use case within one piece of software ----- a plugin architecture with proprietary interactions is not necessarily "working well" with other programs; it's kind of the opposite idea, expanding one program with addons.

    It makes sense for a PACKAGE system to support multiple kinds of storage repositories, like Yum or APT does.... you can have your CD-based Repos, FTP based Repos, and private mirrors.

    I'm not sure it makes sense for a package management system to support arbitrary backend plugins.

  14. Re:H1B applicants are people too on Labor Department To Destroy H-1B Records · · Score: 1

    Or just anonymizing the records as soon as no longer required.

    However, 5 years is not very much time if they may need to investigate the possibility of fraudulent applications in the future.

  15. Re:We can do that thing you like on Windows 10 Gets a Package Manager For the Command Line · · Score: 1

    They're late comers to this party: We already have community repos. Chocolatey and BoxStarter. Why would we need OneGet?

    It's Internet Explorer vs Netscape all over again :)

  16. Re:888 bytes is a pretty fair amount. on Help a Journalist With An NFC Chip Implant Violate His Own Privacy and Security · · Score: 5, Interesting

    Let's change that up slightly, to use 3715 bits out of the 7104 available, approximately 50%:

    • E-mail address = 40 bytes
    • Social Security Number binary encoded - 9 digits = 29 bits.
    • Health Insurance Provider Name - 16 alphanumeric characters = 12 bytes
    • Health Plan ID - Encoded 6 bits per symbol 8 symbols = 48 bits.
    • ZIP CODE of City of birth = 15 bits
    • GPS Latitude and Longitude of current primary workplace (two 32-bit floats) = 64 bits
    • Employer company name - 16 alphanumeric characters (encoded 6 bits per character) = 12 bytes
    • Driver's License Number - 10 digits = 32 bits.
    • Driver's license State (number from 00 to 49)= 6 bits
    • Driver's license Expiration date (Number of days Since Jan 1, 1970) = 15 bits
    • Current vehicle license plate 9 alphanumeric characters (encoded 6 bits per character) = 54 bits
    • Current vehicle VIN number 17 alphanumeric characters (encoded 6 bits per character) = 102 bits
    • Job Title - 16 alphanumeric characters = 12 bytes
    • Annual Income in US Dollars - 1 to 14 digits = 47 bits
    • Mother's maiden name (max: 20 characters) = 15 bytes
    • Date of birth = 15 bits
    • Telephone number with area code - 10 digits = 34 bits
    • Full name - Encoded using 6 bits per character, Uppercase alphabetic characters, digits, spaces, field separator, and NULs only 50 characters = 37 bytes
    • ZIP CODE of Previous residence = 15 bits
    • Date moved into current residence = 15 bits
    • ZIP CODE of Current residence = 15 bits
    • GPS Latitude and Longitude of current residence (two 32-bit floats) = 64 bits
    • Street name and house number of current resident Address (6 bits per character ) = max 20 bytes
    • Apartment number or suite number = max 20 bytes
    • Bank1 - Account number = 29 bits
    • Bank1 - Routing number 12 digits = 37 bits
    • Bank2 - Account number = 29 bits
    • Bank2 - Routing number 12 digits = 37 bits
    • Credit card 1 - primary account number - 12 digits = 37 bits
    • Credit card 1 - CVV number - 3 digits = 10 bits
    • Credit card 1 - Track 1 data 79 alphanumeric characters = 60 bytes
    • Credit card 1 - Track 2 data 40 digits = 17 bytes
    • Credit card 2 - primary account number - 12 digits = 37 bits
    • Credit card 2 - CVV number - 3 digits = 10 bits
    • Credit card 2 - Track 1 data 79 alphanumeric characters = 60 bytes
    • Credit card 2 - Track 2 data 40 digits = 17 bytes
    • Credit card 3 - primary account number - 12 digits = 37 bits
    • Credit card 3 - CVV number - 3 digits = 10 bits
    • Credit card 3 - Track 1 data 79 alphanumeric characters = 60 bytes
    • Credit card 3 - Track 2 data 40 digits = 17 bytes
  17. Re:If they're doing it, it's correct. on OpenBSD Drops Support For Loadable Kernel Modules · · Score: 1

    No... that was just Theo's excuse. He called OpenSSL's memory allocation strategy an "exploit mitigation countermeasure."

    Actually, that was just a side effect, and what OpenSSL does that "counteracted" the defense is extremely common in software and software libraries.

    It's also generally a good idea as far as performance is concerned ---- and with a library such as SSL which needs to process network traffic (HTTPS, for example); adequate performance is pretty darned important.

  18. Re:I wish I'd thought of that on Car Thieves and Insurers Vote On Keyless Car Security · · Score: 1

    They run the plate and get the vehicle description. If it matches, odds are its not stolen or switched plates. If it doesn't match, they boot it or tow it.

    Towing requires time and dispatch of the proper equipment. They'll probably just find the VIN somewhere else or break in in some manner.

    If it's switched plates and they boot it, the boot can likely be removed in about 2 minutes by picking the lock then using a standard ratchet + spark plug socket. Clamps could also be taken off pretty quickly with a hand drill and a $1.00 grinding wheel or a hammer and chisel to cut through some spot welds in the design of these things, but the city authorities might try and bring up some bullshit about "damage" to city property that had to be done by the owner in order to expeditiously recover the essential use of their vehicle.

  19. Re:I wish I'd thought of that on Car Thieves and Insurers Vote On Keyless Car Security · · Score: 1

    I'd have a hard time finding it. It'd require me to read the car manual to check on the location of it.

    The police know where the manufacturers put the number, which include some additional locations outside and beneath the vehicle which can be read with a flashlight or optically scanned.

    But they are all less convenient for the officer than looking down at the dash, or forcing entry to read it off the door frame or pop the hood to read one of the plates off the engine block, major vehicle components, or one of the other dozens of locations where extra hidden VIN plates are placed.

  20. Re:I wish I'd thought of that on Car Thieves and Insurers Vote On Keyless Car Security · · Score: 1
  21. Re:I wish I'd thought of that on Car Thieves and Insurers Vote On Keyless Car Security · · Score: 1

    Perhaps because, in the USA, don't you physically change the licence plate every year?

    No.... the plate is easily removable, and someone could steal it or swap an incorrect or forged plate there, but every year or 2 years you get a new special little sticker to attach to a corner your plate to show the new registration expiration date.

  22. Re:I wish I'd thought of that on Car Thieves and Insurers Vote On Keyless Car Security · · Score: 1

    They'll just break out the drill if you make it too hard to pick quickly. Or the screwdriver. It's amazing what a long-handled flat-bladed screwdriver will do to your average pin/wafer tumbler lock...

    I suggest the use of a lever tumbler lock design with some defense of the lock surface using hard plate steel containing tungsten-carbide chips, randomization of placement, and false drill points where an entering drill will pierce a pressurized bladder triggering separate re-locking mechanisms to prevent the car from being started or the door from being opened.

  23. Re:I wish I'd thought of that on Car Thieves and Insurers Vote On Keyless Car Security · · Score: 2

    Keep your VIN number covered up.

    Obstructing VIN = Violation of the law, possible Ticket.

    Sufficient probable cause for police to force entry into the vehicle to investigate.

    Suspicion of car theft, may result in you being detained.

    "Any person who, individually or in association with one or more others, knowingly removes, changes, alters, or conceals any motor number, serial, or other identification number, decal or device affixed to a motor vehicle, trailer, semitrailer or motor vehicle part as required by federal law without the consent of the Department, shall be guilty of a Class 6 felony."

  24. Re:I wish I'd thought of that on Car Thieves and Insurers Vote On Keyless Car Security · · Score: 1

    The problem is lost keys. There has to be a mechanism for an automotive dealer or manufacturer to replace lost keys, and it has to function without the original key.

    No there doesn't.... they can have a frickin' lock control module mated to the keys which must be physically removed and replaced with a new unit paired to new keys, like various manufacturers have been doing with the immobilizer chips since the 2000s.

    The "recovery" mechanism should involved forced entry.

    Alternatively... a backup traditional lock on the trunk or a door that can be picked by a qualified locksmith but requires such skill that no ordinary thief could achieve it.

  25. Re:someohow I think on "Police Detector" Monitors Emergency Radio Transmissions · · Score: 1

    The only reason for needing to know if the police are nearby is if one is a criminal and/or thinking of doing something criminal.

    False. This is nothing more than an assumption or your opinion stated as if it were a fact. Someone might want to do something that is perfectly legal, but may be perceived as suspicious or likely to draw ire of the police.

    They might also want to know when police are operating nearby so they know to pull out their camera phone and look for something interesting.

    They might also like to know what areas police are frequenting, so they can stick to those areas for their protection against thugs, or avoid those areas for protection against vigilante police thugs.

    Whatever