Slashdot Mirror


User: causality

causality's activity in the archive.

Stories
0
Comments
4,788
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 4,788

  1. Re:Not thinking clearly on Federal Appeals Court Tosses Spam Patent · · Score: 1

    Unless of course - the Feds or the Patent Office have something to gain by allowing spam to continue.

    Perhaps it's another instance of Thesis, Antithesis, Synthesis; aka Problem, Reaction, Solution. If so, then it just hasn't become enough of a problem yet. When it can be called a "crisis" in the media, then naturally the solution will be to give the federal government just a little more power so they can fix it right up for us.

  2. Re:Guess whose contract with Sprint is up for rene on Sprint Revealed Customer GPS Data 8 Million Times · · Score: 5, Insightful

    You think the cops are watching YOU? What are you doing that makes you so paranoid?

    That's cute, quaint, and outdated. It used to be that the state had limited resources and therefore, of economic necessity, it could only focus its manpower and its surveillance capability on what it considered to be the most dangerous/influential dissidents. That has been the case, historically.

    Technologies like automated GPS and massive databases have changed the game. The more technology advances, the cheaper it becomes to surveil more and more people. A state that would have had to focus its efforts on the 50 most dangerous dissidents 100 years ago can now use those same resources to monitor hundreds or thousands. Over time, that becomes more and more the case. You now have modern governments with plenty of manpower, nearly unlimited funding (thanks to deficit spending), and high technology which can efficiently keep tabs on millions of people at once. The more this is the case, the less unusual you have to be to stand out from the crowd and attract unwanted attention and scrutiny. We are quickly heading towards a future where even expressing a slightly unpopular political opinion can get you noticed whether or not you are informed of this fact.

    Think of all the people who have committed no crimes, have not even been accused of a crime, yet end up on the "no-fly" list for no apparent reason and are not allowed to find out why. Right here in America, the "land of the free." Then consider that this list is special because its existence is publically acknowledged and its use appears to be relatively limited.

  3. Re:automated tool for locating cells? on Sprint Revealed Customer GPS Data 8 Million Times · · Score: 4, Insightful

    You are paranoid, a conspiracy nut and have a highly inflated self-image if you honestly think that anyone in the government gives a flying fuck about what you're doing.

    If I exceed the speed limit by 10 mph and a traffic cop notices, at that moment someone in the government has chosen to give a fuck about what I am doing. Therefore, it doesn't take much to meet this definition you have given, and that's assuming an honest cop and honest state legislators. I don't even want to know what kind of extralegal problems dishonest cops and corrupt officials could cause with impunity.

  4. Re:automated tool for locating cells? on Sprint Revealed Customer GPS Data 8 Million Times · · Score: 1

    he funny thing is, those of us who saw this coming and knew that any sort of GPS capability for which it is technically possible for the phone company to read that GPS data would be abused in this fashion were usually called "paranoid" or "conspiracy nuts"

    It really doesn't matter that they use GPS. Any transmitting radio device can be tracked. It's just a matter of having the right tools and the training to do so. The question you've got to ask yourself is whether or not the convenience of a cell phone is worth the trade off of the phone company having access to your whereabouts whenever you carry said cell phone with you.

    While that's absolutely true, it's also a less convenient way to track someone. Less convenient than having their handset automatically and periodically broadcast its already-calculated whearabouts to anyone who wants to know. Is either carrying a transmitting radio, or carrying a transmitting radio with GPS perfect? No, that's why I never claimed that it was. Do I prefer that we raise the bar as much as possible for this sort of surveillance, and consider it in terms of "the more effort, training, and equipment it takes to do this, the better"? Yes, I do.

  5. Re:automated tool for locating cells? on Sprint Revealed Customer GPS Data 8 Million Times · · Score: 5, Insightful

    The true 1984 will come, when all your health records will be known to the Federal Government so that it can monitor both the health care you are getting and whether you are complying with the mandate to carry health insurance.

    It sure is "Orwellian" and it is true... Republicans may have skirted some laws (although no more than Democrat Roosevelt did, when arresting thousands of Americans of Japanese, German, or Italian origin) in their "war on terror", but to establish a true Big Brother, a nation needs an Illiberal in office...

    Or it needs to have one party, the Statist Party. This party has two factions; one is called the Democrats while the other is called the Republicans. Their value to the Statist Party is derived from maximizing small, petty differences and minimizing fundamental similarities. I'll explain one such similarity.

    Traditionally, the Democrats/Leftists prefer personal freedoms at the expense of economic freedoms, while tradtionally the Republicans/Rightists prefer economic freedoms at the expense of personal freedoms. This is the case even though a freedom, once restricted, is never made unrestricted again. So the parties take turns being in power, and while there they implement their particular brand of restrictions. When the other party reacquires power, they further implement their brand of restrictions without lifting those enacted by the party that was previously in power. This guarantees that over time, you end up with less freedom and eventually end up with a total police state. This is only one technique in use. The notion that over generations of time, no one in those parties would have noticed this and decided to change it is absurd. Therefore there can be nothing accidental about it.

    The important thing about this system is that it appears to provide choice to the electorate. The electorate must remain convinced that their votes matter and might really change the system, or else they lose all incentive to participate in the system and accept it as valid. This is necessary because the British have already tried to control this region by brute force and overt authority and were not successful; therefore something more deceptive is needed.

  6. Re:automated tool for locating cells? on Sprint Revealed Customer GPS Data 8 Million Times · · Score: 5, Insightful

    Uh, with 8 million requests in a year I'd say it's already very 1984ish. Wonder if this overrides the '911 only' setting on many handsets?

    The funny thing is, those of us who saw this coming and knew that any sort of GPS capability for which it is technically possible for the phone company to read that GPS data would be abused in this fashion were usually called "paranoid" or "conspiracy nuts". How many examples like this do we need before people are less quick to dismiss what they should be examining as a real possibility?

  7. Re:Can confirm the issue from personal experience on Microsoft Investigates Windows 7 "Black Screen of Death" · · Score: 2, Informative

    This is the one thing I wish linux had... Windows style file/directory permissions.

    The 3 bit file permissions of RWX is so... 20 years ago

    Not all the permissions in Windows are useful but here are a couple that I would love to see in *NIX systems -List directory contents -Create new files/folders -Delete

    Sorry but after reading that, I have to conclude you are not very knowledgable about Unix and Unix-like systems. All of these apply to *nix:

    A user can list the contents of a directory if he has execute (X) permissions for that directory.
    A user can create new files/folders in a directory if he has write (W) permissions for that directory.
    A user can delete a file if he has write (W) permissions on that file.

    *nix permissions have three categories: owner, group, and all users. It does not matter for any of the above whether the necessary permissions occur because the user owns that file, is in a group that has those group permissions, or if the file has those permissions set for all users.

    Delete may be a special case. For certain items like logfiles you may wish to have them writable but not deletable. For that, *nix can use file attributes to mark files as append-only.

  8. Re:Heh, simple. Don't update. on Microsoft Investigates Windows 7 "Black Screen of Death" · · Score: 1

    Glad to see someone else not following the herd.. I use the machine for browsing th'interweb (I'm on it now) & for a spot of retro gaming, Dungeon Keeper Gold at the moment (surprisingly good) As I said before; it's firewalled (hardware firewall, not some soppy software *running on windows* rubbish) so is perfectly safe. To all of the morons mentioning botnets & stuff, your milk is warm & there's a special cookie for you if you spit out your comforter....

    A modern Linux distro has several Web browsers available. I enjoy Dungeon Keeper myself (it's old but good); I run it via WINE along with a few other games like Fallout 3, Mass Effect, and Bioshock.

    There may be some debate about the merits of a modern Windows system versus those of a modern Linux system. However, I think I can safely say there is no such debate concerning a six-year-old Windows system and a modern Linux system. Considering that, the fact that Linux can be obtained as a free download (if that's not good enough, some distros will send you a free CD/DVD), and you sound like you can handle the installation of an operating system, I have this to say: the burden of proof is not on the people who wonder why you would do this. I doubt that your patronizing tone is compatible with this reality, though it's somewhat understandable since participation in a botnet is a rather severe charge that was levelled against you.

    At any rate, if there was something of value that your 2003 OS could provide that cannot be had elsewhere, your action and your defense of that action would make a lot more sense. To the rest of us it looks like you are deliberately seeking an inferior experience and actively resisting anyone who points this out. If that's your thing, that's cool, but it's a bit hard to understand.

  9. Re:Why bother? on Trying To Bust JavaScript Out of the Browser · · Score: 1

    I actually wish JavaScript and other client-side browser scripting would be done away with completely, but JS is not a particularly 'good' language. The only advantage I can see is that thousands of Web developers can now write desktop applications. Is that necessarily a good thing? or will it just lead to more inefficient crapware?

    I'm guessing there will be a few really good, well-written apps and all of the rest will either be blocked with NoScript or special tools/addons will be created for the sole purpose of selectively blocking (or whitelisting) them.

  10. Re:Slow ads... on Are Ad Servers Bogging Down the Web? · · Score: 1

    Maybe you've never interacted with humans before, but outside of the jungle and libertarian utopias, we have standards of behaviour that go beyond what the other party is able to enforce.

    Absolutely. The standard of "you knew this was a public network when you put your content on it and made it publically accessible" is a particularly good one.

  11. Re:Re flash cookie blocking on Are Ad Servers Bogging Down the Web? · · Score: 2, Interesting

    Why not just go to Adobe's site and block them at the source?

    That link doesn't personally appeal to me because it (and Flash cookies in general) is a default-allow policy. I greatly perfer a default-deny policy. I also dislike the idea that I would need Adobe's blessing in order to fully control the behavior of my own computer and the applications on it. That BetterPrivacy addon for Firefox is a better way to deal with this. So is making ~/.adobe/ a symlink to /dev/null, or deleting everything in it and then making it read-only (and root-owned if the plugin tries to modify the permissions). None of those depend on the goodwill of Adobe or its decision to have a default-allow policy for a proprietary and manifestly insecure plugin.

  12. Re:Global government on EU ACTA Doc Shows Plans For Global DMCA, 3 Strikes · · Score: 1

    That's a bit unfair. The goal is undermining the freedom of all people.

    Why? Why would they prefer to rule with an iron fist over oppressed and unhappy masses when they could instead be revered as wise leaders of a happy, prosperous, free people? What makes the former scenario so much more appealing to our leaders than the latter? Are they just sociopaths (or if they are, is that alone really a satisfying explanation?)?

    I'd be interested in whether anyone can adequately explain that. Obviously it appears to be the case, but the "why" answer is either missing or unsatisfactory.

  13. Re:Nothing escapes the web on Government Delays New Ban On Internet Gambling · · Score: 1, Insightful

    Why should their pursuit of happiness be impeded because of those who can't responsibly manage to do the same?

    So that a bunch of well-meaning but foolish people can feel good about having done something, without ever addressing any of the underlying issues and personal weaknesses that make a person vulnerable to gambling addiction or any other addiction. It's an example of "politician's logic" which says "something must be done -- this is something, so it must be done!" It amounts to an attempt to remove the underlying problem by banning only its most visible symptom and without ever seeking to understand the underlying problem, its causes, and how it manifests as those symptoms.

    Superficial solutions like this have never accomplished anything other than the erosion of civil liberties, because prohibition is nearly unenforcable so long as civil liberties are strong and well-respected. Superficial solutions like this take what is really a medical or public health issue and turn it into a law enforcement problem, not because it's the best way to handle the issue but because we as a society are much more skilled at locking people up than we are at producing happy, healthy individuals.

    Not to mention that if the society can blame all of its ills on inanimate objects (drugs, guns) and voluntary activities among consenting adults (gambling), a transfer of guilt takes place. It removes the need to admit that only an ill society would manifest so many of these problems on such a systemic level. It removes the need to admit that maybe something is fundamentally wrong with our priorities, policies, and institutions when so many people engage in self-destructive behaviors. It means that we're "all right" and are just suffering from the evils of whatever thing we have chosen to demonize. All of this is patently false, but it sells very well and creates the impression that if we're working this hard, we must be accomplishing something.

  14. Re:Nothing escapes the web on Government Delays New Ban On Internet Gambling · · Score: 4, Insightful

    No, there wasn't any loan shark. His "buddies" just wouldn't play with him until he paid off what he owed them. Also, the arson wouldn't have been so bad if the insurance money had gone to a new house instead of being gambled away.

    As I said in another post, I don't think banning gambling (or any other vice) is a solution. I just hate the argument that there are no victims when I've seen them and been one.

    But that's just it. You're not a victim of gambling. You're a victim of your uncle's inability to confine his vices to himself and prevent them from affecting others. To give an analogy, you could consider drinking to be a vice. However, if I stay home, get drunk, watch a movie, and sleep it off, then I am confining the effects to me. Any liver damage, other health problems, or other dangers will be mine alone to experience. On the other hand, if someone gets drunk and then decides to drive drunk, they are endangering everyone else on the road. Other people who do not drink will suffer either the real damage of a car accident that was completely preventable or the potential damage of a much greater risk for one. The person who drives drunk has failed to confine his vice to himself.

    So what's the difference between the person who uses alcohol appropriately and the person who drives drunk? Personal responsibility. But the flaw of driving drunk is in the person who refuses to be responsible. It's not found in the carbon, oxygen, and hydrogen atoms that constitute the ethanol. People who are hit by drunk drivers are not victims of ethanol; they are victims of irresponsible people.

  15. Re:Nothing escapes the web on Government Delays New Ban On Internet Gambling · · Score: 1

    And take away the gambling and would the arson happen? Take away the drugs and would the mugging for drug money happen?

    The efforts to do both of those things have always failed. They only resulted in driving the behavior underground and creating huge amounts of organized crime. Since these are failed ideas, they should be off the table in any sane/rational discussion about how to handle things like gambling and drugs. Then and only then we might find a solution that does work. Until such time, it needs to be understood that those are failed ideas, and trying harder to implement a failed idea doesn't change the fact that it's a failed idea.

  16. Re:Nothing escapes the web on Government Delays New Ban On Internet Gambling · · Score: 4, Insightful

    Callously worded, I'll grant you, but I don't think it's entirely wrong. That is:

    You are not a victim of the fact that gambling exists. You are a victim of your stepfather's addiction. This doesn't make it any better for you, but it's worth realizing.

    Trying to outlaw gambling to prevent that is a bit like trying to outlaw alcohol -- there are many victims of people in a drunken rage, but it doesn't get better when we try to outlaw it, and there are plenty of people who can drink responsibly. The problem is not the alcohol itself, it's the people who can't tolerate it.

    In fact, if we try to outlaw everything that might be a dangerous addiction, we could start with alcohol, then move on to World of Warcraft, caffeine, television, and so on. I'd be amazed if we had anything left by the end of it.

    Thank you because I might have been a bit harsher without really intending it. The GP exhibits just the sort of emotionalism that needs to be REMOVED from these discussions entirely, at least if good public policy is our goal. Shit happens and sometimes people get traumatized by this. When traumatized, they look for something to blame, preferably something easier to blame than the individual human being who was responsible and could have chosen differently. Something easier to blame may include an inanimate object (drugs, guns) or a voluntary activity (gambling). This illogical, grief-driven process of scapegoating is quite understandable but we should not base policy decisions on it.

    No casino forces anyone to gamble. No drug forces anyone to ingest it. No gun forces anyone to pick it up, load it up, point it at another person, and fire it. Those things are all completely passive elements. Without humans to actively engage them, the casino will become an abandoned building, the drug will rot and spoil, and the gun will rust. Sorry but his uncle's gambling problem is not a reason to take away EVERYONE'S right to choose to gamble, just like one car accident is not a reason to ban all automobiles.

  17. Re:Nothing escapes the web on Government Delays New Ban On Internet Gambling · · Score: 5, Insightful

    This situation aside, I don't believe the prohibition failure is a universally applicable example that can be cited every time the government wants to regulate something that's inherently hard to regulate. It's a balance between the cost associated with enforcement and the cost of allowing the activity to occur unregulated.

    Prohibition is a great example because drugs and gambling have two things in common: there's no victim. Someone can gamble away their last cent if that's really how they want to spend their mortal life; this doesn't force you or me to do anything. As I view the protection of civil rights to be the main reason why government has law enforcement powers, and no one is using force or fraud to infringe anyone's civil rights here, I am having a hard time understanding why government is even involved. This is exactly like Prohibition, during which some people wanted to drink alcohol, didn't force anyone else to drink if they didn't want to, and still the government felt a need to create a victimless crime. Just like with alcohol, this seems to be based on some kind of Puritannical outrage and has little to do with logic and reason.

    If you don't apply the calculus correctly then you could argue that murder is hard to prosecute, therefore we should just allow it. After all, prohibition failed. Ditto for all hard drugs. Should we allow unrestricted use of heroin and cocaine? There may be some callous people who would argue that banning drugs is interfering with Darwinian mechanisms, but the reality is that many youth don't know what's good for them, and need to have access to hard drugs removed to protect themselves from making poor decisions in the period they are still learning to evaluate choices maturely.

    If you think drug prohibition has removed the street availability of drugs, it's because you frankly haven't done the slightest research on it. For many youths, alcohol is actually more difficult to obtain than illegal drugs for the simple reason that the store clerk wants to see ID but the drug dealer doesn't. People might go into drug withdrawals because they cannot afford heroin and cocaine, but not because they don't know where to find them. The War on Drugs has been a total failure in this regard, just like alcohol Prohibition was a total failure. A total failure unless, of course, your goal was to expand the police powers of government, in which case it has been quite successful.

  18. Re:Yet Another Reason on Massive Badware Campaign Targets Google's "Long Tail" · · Score: 1

    The HTTP referrer field may create privacy concerns for some people, but there are definite concrete benefits in web development to having data from this field available on an aggregate level. Examples:

    - See the paths people take when browsing a site, and arrange/optimise the design accordingly (generaly to make browsing a site easier)
    - See what search engine queries generally land a user at a page, so in the long run the content can be tailored towards what people are actually searching for

    I just don't view browsing a Web site as some terribly difficult process that needs to be made easier. I suppose the things you mention might be desirable for anyone trying to impress people with flashiness and slick marketing rather than substance and the ability to provide something truly useful. In that case, perhaps whether the link to the one thing I am looking for is at the very top of your homepage or whether I need to scroll down might seem important. However, it's never been a goal of mine to cater to or otherwise encourage this kind of (frankly childish) behavior.

    When I am on a site, I am going to find the product I am looking for whether it's prominently displayed on the main page or whether I have to click a couple of links to get to it. In other words, I just don't base purchasing decisions on trivial and superficial things like this. I realize that your target market might feel differently about it, but the only thing that tells us is that I am probably not in your target audience. It says nothing whatsoever about the merits of my preferences and does not constitute a denial of my right to have them.

    I think this needs to be said: if I visit a Web site to purchase something, I am the customer. It is not the role of a business to tell a customer how he may or may not configure his own equipment. The convenience of designing your site is squarely within the realm of "not my problem." Counting on me to supply data to help you design your site amounts to an attempt to offload some of your marketing efforts onto your customers. Most will go along with this, if only because they don't understand how browsers work, but some of us will not. My advice to you is to enjoy the fact that most people will go along with it because you're not going to win any converts among those who won't, particularly not by arguing that your site-design convenience is more important than our privacy.

    I don't think a war against the HTTP referrer field is really warranted

    I don't consider my refusal to participate in a mechanism with which I disagree to be an "act of war". If you don't like vanilla ice cream and refuse to eat it, are you conducting a war against the dairy industry? Hardly. Either this is an attempt to dramatize or you should consider yourself fortunate that you are a stranger to what real conflict is all about.

    At the end of the day, I am the final judge of what is "really warranted" when it comes to my Internet connection and what the equipment that I own will and will not transmit through that connection. Anyone who disagrees with me is free to use their equipment as they see fit and will receive no interference from me. The claim that there is anything wrong with this constitutes a denial of basic property rights. The message is that you don't approve of how I choose to configure my system, therefore I should not configure it that way. Good luck with that.

    given the privacy implications are only relevant to particularly committed privacy fanatics.

    I believe that opt-in is a superior approach to opt-out. However, the HTTP Referrer is an opt-out situation because it's enabled by default. I am merely opting out of something that would otherwise reveal data with or without my informed consent. While I do this for privacy reasons, this very story is an example of reasons other than privacy for doing do the same. I am taki

  19. Re:Yet Another Reason on Massive Badware Campaign Targets Google's "Long Tail" · · Score: 2, Interesting

    When I use Google or any other search engine, all of the links in the results go directly to the actual site. It is not redirected in any way. Therefore even Google does not know which link I clicked, or whether I clicked any at all. With the measures I mentioned above, the site I visit has no idea that I got there from Google. It looks to the site like I just opened a new browser window and directly typed its URL into the Address bar no matter how I actually got there.

    I was wondering how you manage this? Google search results all output a google-based url that then redirects . The printed URL is often truncated, so you can't go to it automatically.

    Try turning off Javascript. Or in my case, leave Javascript turned on and use NoScript. I personally add all Google domains to the "untrusted" list of Noscript. For me, there are no redirects of any sort. I get the direct URLs. I can copy-and-paste them into a new tab and it's a direct link straight to the site with no evidence that it came from a Google search. Of course, not using Google's Javascript means that my statusbar is honest about where the link goes, so there's no need to do all of that just to see that there is no redirection taking place.

    Removing the redirection alone is half of it. Combining that with spoofing the HTTP Referrer guarantees that the site I visit has no idea how I got there or where I was previously. You should also disallow so-called HTTP Ping because that's just a substitute for redirection and serves the same purpose.

    While their search works perfectly for me, successfully doing this may mean not using Gmail or other (non-search-related) Google services. I say that because I imagine you must accept Javascript and probably also cookies from Google in order to use Gmail. Incidentally, I don't accept their cookies either.

    On this Linux system, I run my own local SMTP server. I use Fetchmail to (periodically, automatically) grab e-mails from my POP3 mailbox as provided by my ISP. Those are forwarded to the SMTP server on localhost. That server processes them through Spamassassin before depositing the e-mails into my user's mbox-style mail directory. I then use a local POP3 server to serve those processed e-mails to any standard e-mail client. In my case, I use Thunderbird because it can use the Spamassassin data as input to its own spam filtering.

    I know that sounds a bit complex but once set up, it just works. I simply fire up Thunderbird like anyone else might do and have no need to concern myself with the chain of events. This provides me with excellent spam filtering and the ability to use Thunderbird's rules to automatically sort my e-mail into convenient folders based on criteria. All of this occurs locally and is fully within my control. None of it requires me to allow Google or anyone else to datamine my e-mail. The only network traffic involved is between Fetchmail and my ISP's mail server; everything else listens on localhost. With a setup like this, I have never felt a need to use Gmail or any similar service -- why would I use those and accept the compromises involved when I can do it myself the way I want? So for me, it's quite easy to just blanket deny all Javascript and all cookies from Google. For people who use many of their services, this probably won't be the case.

  20. Re:Yet Another Reason on Massive Badware Campaign Targets Google's "Long Tail" · · Score: -1, Redundant

    Playing a little "devil's advocate", I suppose the case could be made that browser windows created by remotely originating Javascript should not be able to create windows that look like locally created warnings. Perhaps the windows Javascript can create should be marked in some way to make it obvious that it's the result of a Web site.

    This is a good idea, but unfortunately dynamic HTML allows the creation of "windows" within the browser, and there really is no way to limit this without seriously destroying page layout.

    Sure, these moveable HTML elements are confined to the browser window, but I think that somebody who would believe that a web site has "scanned" a D:\ drive that doesn't exist and found malware wouldn't notice that a window wasn't "outside" the browser.

    Was it your intention to regurgitate my own explanation of why I referred to that as "devil's advocate?"

  21. Re:Yet Another Reason on Massive Badware Campaign Targets Google's "Long Tail" · · Score: 3, Interesting

    the actual security issue is the vulnerability of Windows browsers to what the summary describes as "aggressive attempts to install" these fake anti-virus programs

    There's no vulnerability in the browser, the issue is that the site displays fake warning messages, tricking the user into downloading and installing their malware.

    I re-read the article and you are absolutely right about this. Thank you for correcting me. This apparently is a social engineering attack and is not the "drive-by download" attempt that I assumed.

    From the article:

    These site (they act only as redirectors) immediately redirect people further to acual scareware sites (e.g. antivir3 .com, antimalware-3 .com, cyber-scan008.com etc.) which perform a fake test and make people think that their computers are infected (Displaying Windows interface even for Linux and Mac users ;-)). Pretty much the same as what I described a year ago. Just slightly improved interface (the fake warning window is now draggable!). Don’t be fooled.

    Playing a little "devil's advocate", I suppose the case could be made that browser windows created by remotely originating Javascript should not be able to create windows that look like locally created warnings. Perhaps the windows Javascript can create should be marked in some way to make it obvious that it's the result of a Web site. Then you would end up with a warning to the effect of "Your system is infected with a virus, oh noes!" with an immutable titlebar that says "This window created by the Web site example.com" which should make the warning less convincing.

    I call that devil's advocate because I don't believe these problems will ever really go away until and unless the average user gets a clue. Titlebars on windows that label the origins of the windows are nice and consistent with full disclosure, but they are no substitute for user education.

    I think it should be explained to average users sort of like this: "there is and for some time has been a class of user that is easily exploited by all the latest scams, adware, and spyware. That class represents the lowest common denominator of user expertise and are targeted because they are the low-hanging fruit, the easiest to fool. The only choice in the matter available to you is whether you will be a member of that class. Your membership in that class is entirely voluntary because no one forces you to remain ignorant or to use what you do not understand. Do you still think that informing yourself, achieving a basic level of competency, and maybe reading a book or two is 'only for experts' or otherwise is such an unreasonable burden?"

    The way I see it, you pay one way or the other. You pay with a little of your time and effort to understand the tools you use each day, how they are supposed to work, and this naturally includes an ability to understand how someone might attempt to use them against you. If you are unwilling to pay that way, then you pay in the form of higher exposure and greater vulnerability to all kinds of malware and scams and other attacks that have become so commonplace today. The attempts to deny the reality of this situation all have one thing in common: they depend on pretending that the individual user is not making a choice when they allow themselves to remain ignorant in the face of abundant information. In other words, they falsely advocate the essential helpless victimhood of people who are not helpless and could choose differently.

    The way I view things, the scammers are just attaching a higher price tag to the poor decision-making that is already systemic in our society. For example, people who accept car loans with a duration of 60 months (and sometimes more) are doing the same thing financially. They look at only the monthly payment and do not account for the total amount that they will end up paying, nor do they account

  22. Re:Bogus blogs and duplicate newsfeeds on Massive Badware Campaign Targets Google's "Long Tail" · · Score: 3, Insightful

    Speaking of bogus blogs... What really ticks me off is if I'm searching for a answer to a technical problem, I often find the same message thread on 10 different sites. I wish google would realize these are all the exact same thread and combine them into a single response.

    No joke. You omitted one part, however. You'll find the same message thread on 10 or more different sites, true. The part I would add is that in each instance, someone is asking the question but no one has responded with a meaningful answer. Sometimes I have better luck excluding terms like "archive" and "mailing list" from the search results.

    I forgot their name but there is a company or two that I would describe as parasites. They try hard to have high visibility in search results when it comes to someone asking questions. When you click the link, however, you find that they want you to pay a fee to see the answer. Usually this is for basic technical support information that is not secret or otherwise proprietary in any way. I bet they had to work really hard to craft their pages in such a way that the Google summary gives no indication that it's a for-pay site. It makes me wonder if they are subsidized in some way or whether enough people really do pay them enough money to stay in business on their own.

  23. Re:Badware? on Massive Badware Campaign Targets Google's "Long Tail" · · Score: 1

    Good idea to dumb it down... most of my family or collegues will stop understanding and thus really listening when they hear words like malware. When you want to educate people be prepared to explain it in a simple way they understand, it will save you work later. And when you start to lose them just tell them "the evil hackers will plunder their bank account", this will give you about 3 minutes extra attention span. ;)

    I derive no pleasure from saying it, but maybe a plundered bank account is the natural price attached to holding their own security in such low esteem. The way I describe these situations is "if you want my help it's there for the asking, but I am not going to fight you in order to help you." I frankly have better things to do and there are people who would have more appreciation for how my knowledge of computers and networks can help them.

  24. Re:Yet Another Reason on Massive Badware Campaign Targets Google's "Long Tail" · · Score: 2, Informative

    For example, the HTTP Referrer sent by my browser always gives the site its own homepage no matter what the actual referrer would have been

    Want that. Is that a released add-on or did you just patch and recompile the source?

    I use the FireFox addon RefControl to handle the HTTP Referrer.

  25. Re:Yet Another Reason on Massive Badware Campaign Targets Google's "Long Tail" · · Score: 5, Informative

    Please, explain. Is this a FF addon, a custom browser, or what? 'cuz AC wants it.

    I use Firefox on Linux with several addons. For the HTTP Referrer, I use an addon called RefControl. I have it set to fake the referrer by default. So if I do a Google search and from the search results decide to click on http://www.someblog.com/blogs/page.html, the Web server does not receive a google.com referrer. The referrer it receives is http://www.someblog.com/. The only exceptions are certain Web sites I do business with, because this fake-referrer behavior can break some shopping carts. That particular add-on lets you specifically exempt certain sites and only those sites.

    In addition to that, I use Adblock Plus with the Element Hiding Helper and the Easyprivacy+Easylist subscription. I also use NoScript and that alone takes care of many Javascript tricks that redirect or obfuscate the actual destination of a link. I also disable so-called "HTTP PING", which can be done in Firefox under "about:config". My /etc/hosts file is 1.5MB, all of which blocks various ad servers by directing them to localhost. My machine will not accept any references to Google Analytics or various other analytics/tracking services. As a side-effect, all of this makes pages load much faster.

    When I use Google or any other search engine, all of the links in the results go directly to the actual site. It is not redirected in any way. Therefore even Google does not know which link I clicked, or whether I clicked any at all. With the measures I mentioned above, the site I visit has no idea that I got there from Google. It looks to the site like I just opened a new browser window and directly typed its URL into the Address bar no matter how I actually got there.

    I've always felt that if your business model relies on getting information about me against my will, then your business model deserves to fail. I'll add too that the actual security issue is the vulnerability of Windows browsers to what the summary describes as "aggressive attempts to install" these fake anti-virus programs. The measures I describe above do not provide real computer security -- they provide human privacy. In this case, however, they make it much harder for the sites in question to target you because their "targeting data" is based on first compromising your privacy.