Sure, but what businesses are so dumb that they will share their internal communications with another company?
For me it wouldn't even be about "with another company", it would be more along the lines of "look how Facebook has repeatedly fucked over the general end user on privacy issues, are we really going to trust our internal communications to these guys?".
We have found that using Facebook as a work tool makes our work day more efficient," Lars Rasmussen, Facebook's director of engineering
Uhh, yeah. Where's the quote from the director of engineering without the clearly vested interested? I'm suspect thatyou'd be hard-pressed to find a credible DoE who is ready to champion Facebook as a collaboration tool for their business.
And, for the record, if you can't figure out the USPS website you're an idiot. All these idiosyncrasies have been around for as long as I can remember on their site, and yet we ship out stuff all the time with the system.
So you're saying because you're a regular user, who is used to their crappy website that they haven't bothered to fix in ages, everyone else who doesn't know all the pitfalls should just suck it up?
Wouldn't it be nice if someone pointed out all the pitfalls for people who aren't regular users of USPS.com but might have an occasional need to ship something and might try it in future? I wonder where we could find such information...
Archos was one of the first with a really polished player that also supported Flac, and kept making a HDD based one for quite a long time. Sadly, I think Archos backed out of the media player arena (probably because people kept saying "I have longed for XYZ", and then not buying it when they made it).
Archos's players were crap from numerous standpoints (I owned a higher-end one): * Promised support for high resolutions that never came * Constant random reboots that were never properly fixed in any firmware upgrade * Hard drive constantly sleeping while device is sitting in a powered dock attached as USB storage, causing the attached system to stall waiting on IO regularly * High-priced add-on hardware with proprietary connectors * Didn't have certain docks like the battery doc in stock around launches, forcing you to buy higher priced TV capture docs if you wanted to rapid charge * Touch-screen volume controls such that if you were wearing earbuds and touched the wrong part of the screen you'd blow your ears out * Piece-meal buying of additional codecs for your device
I bought one for FLAC and large HD storage. I will never buy *anything* from that company again, *ever*.
Because when you are in a public place you have no right to the expectation of privacy.
Yes you do. Stop repeating that without even thinking about it.
You are communicating via a device that is generally not observable to people surrounding you. You might be sending text messages, IM's, photos, for example. Nobody around you can see that normally. This is all supposed to go over the air with GSM encryption - your phone using the strongest it can negotiate - to your carrier, who you have a contract with to carry your information. Then the signals are supposed to be switched over the phone network where it can't normally be intercepted without a warrant, and your data communications are not normally intercepted either.
The Stingray is specifically designed to masquerade as your carrier so it can get in the middle - aka wiretapping. It tries to downgrade the encryption *so that it can wiretap* and people can intercept communications that would normally be hidden from them.
If your argument was in any way true (i.e. because you are in a public place you have no expectation of privacy because anyone can hear you anyway), then the police would not need a stingray because they are local to that public place and they should just be able to walk up to you as a target and listen in in person, right? Except apart from the very specific case where you're blabbering way too loudly on a voice call, that just isn't true.
The very design of the Stingray condemns it as a wiretapping device.
.. until we start hearing stories about how even though people are listening to streaming music and paying for it, it isn't enough, and the studios are "losing revenue" that "they deserve".
The business model is amazing: 1 - Claim you should be making more than you are based on whatever stupid math you can put in front of the congressman you're lobbying where everybody pays for everything they ever listened to all the time. 2 - Profit from special taxes on sales of CD-Rs, internet subscriptions (everybody infringes at some point!), etc. 3 - Rate hikes bordering on collusion 4 - Never ending copyright extensions
Can't we add support to Android so that e.g. I can load a carrier cert into a special store used only for the cell radio operations and then have an option to authenticate towers before connecting to them? Is there any way for a carrier to publish a whitelist of tower info that can't be easily cloned? How do we have this infrastructure where anyone can start broadcasting and sweep up everyone's traffic and very little is being done about it?
Lots of people view common laws restricting freedoms/imposing on your privacy, law enforcement technology and it's operation/flaws to be "news for nerds". A while back, someone finally managed to get the source code for a breathalyzer, for example, and when dissected numerous flaws were found which would call into question many arrests.
A couple of days ago, someone posted on a reddit thread about the horrible pitfalls of having one of these and dealing with all the problems they bring. I understand DUI is a very serious issue, but if the claims this guy makes are true then the way interlock service companies are run are also outrageous:
For almost any use you might have the biggest threat to the security is going to be all the ways that your communications can be compromised while you are actually using it. Baseband exploits, protocol exploits, software vulnerabilities, poor or crippled RNGs, compromised platform or application updates, cloud storage of sensitive information, etc. etc. the list goes on.
Oh what? It can self destruct? It's probably way too late by then, and assuming it's been compromised the attackers would probably rather you keep the thing. Less work for them!
Let's not credit Apple alone with a solution when there are at least two major players in that market both encompassing a large install base and indeed Apple bringing their solution to the table much later.
A security feature does not have to be perfect to provide value. The user is still significantly more protected with HTTPS than with HTTP.
That is not in dispute. But even with HTTPS there are many risk factors that can be evaluated, including characteristics of the HTTPS connection itself and other factors beyond that, that could be used to present a more accurate assessment of "risk level" to an end user that is much better than teaching the falsehood that "if it's https, it's secure and I don't have to worry". Because when everything is https, the web will definitely be neither secure nor "safe".
The major downside to this is promoting the idea that an https connection is "secure", because especially when it comes to https, there are so many different attacks to level against both an end user and a host that we'd be better using a risk grading system.
I thought the three-letter agencies were spying on all of us to prevent things like this - you know, stop the terr'ists, protect our freedoms, etc. etc.
Seems like a vote of no confidence from various businesses here...
One of the reasons why the world-wide web is buried in a sea of advertising is that the costs associated with hosting a web-site increase as the site becomes more popular.
Costs per visitor are usually extremely small.
The main reason the www has so much advertising is that almost nobody wants to pay for content, yet content is not free to produce, and even if you come up with a schema for which some people will pay, your competitors will steal all your volume by offering something closer to free (or supported by advertising), and volume is essential for almost all internet-based businesses.
None of this will change because of the distribution method. Content is still not free to produce.
I have a scanner and periodically listen to HAM and GRMS channels, and my opinion is that licensed operators have killed the platform. In my area conversation is about *absolutely f'ing nothing of interest to almost anyone*, some douche periodically transmits junk to annoy everyone else, and any time someone with an interesting use comes along someone who knows all about the rules scares them away - doubtlessly feeling like they've just done everyone a great service. And perhaps keeping the airwaves clear for emergencies is one idea, but having those airwaves there and nobody using them for anything useful most of the time is such a waste.
I realize Slashdot is full of HAMs waiting for the next disaster so they can save us all with their radios as our last bastions of hope, but there is my anecdotal personal opinion for you. Maybe traditional HAM would be more popular vs e.g. encryption/packet radio if traditional licensees weren't so anal.
What makes Sony relevant as a company are it's people, their skills, their connections, the power they have to move the industry, the content rights they own, the technologies and products they develop, their brand, etc. etc.
100tb can leak today and be irrelevant within 12 months because life continues and projects move on. I'd say in the wake of massive disclosure employee morale may be the biggest factor in the recovery.
And you feel that this is equivalent, do you? What % of Sony employees do you believe actually had a hand in the decision to use the DRM, knew how it worked, and knew that it had a backdoor?
If I had to guess, it would probably be fewer than 50.
I would also guess that most people involved in shipping off the Jews knew they were doing something pretty bad.
I've just been reading some of the articles, and it seems that in fact Sony has unfortunately been storing a lot of communication that contains discussion of medical issues amongst other things.
This is an example of where a company could have done a better job of assessing the risk of retained data becoming a liability and applied suitable retention policies and other risk mitigation strategies like encryped storage (some articles suggest most files were not meaningfully protected).
IT folks and legal departments in today's climate should be asking themselves what is being stored, what are thr benefits, what is a liability, what is the actual business need, what are the mitigation options.
Bearing a grudge against a company for the decisions of it's higher-ups is one thing, wishing horrors upon the majority of employees who are probably everyday folk earning a living - many probably sharing your view on the matter of the rootkit saga - might be going a little too far...
I also suspect moderation has slowed down. I suspect more generally long-term members with good karma and mod points have been coming here less due to the content and the beta site.
Slashdot Mirror
Sure, but what businesses are so dumb that they will share their internal communications with another company?
For me it wouldn't even be about "with another company", it would be more along the lines of "look how Facebook has repeatedly fucked over the general end user on privacy issues, are we really going to trust our internal communications to these guys?".
We have found that using Facebook as a work tool makes our work day more efficient," Lars Rasmussen, Facebook's director of engineering
Uhh, yeah. Where's the quote from the director of engineering without the clearly vested interested? I'm suspect thatyou'd be hard-pressed to find a credible DoE who is ready to champion Facebook as a collaboration tool for their business.
And, for the record, if you can't figure out the USPS website you're an idiot. All these idiosyncrasies have been around for as long as I can remember on their site, and yet we ship out stuff all the time with the system.
So you're saying because you're a regular user, who is used to their crappy website that they haven't bothered to fix in ages, everyone else who doesn't know all the pitfalls should just suck it up?
Wouldn't it be nice if someone pointed out all the pitfalls for people who aren't regular users of USPS.com but might have an occasional need to ship something and might try it in future? I wonder where we could find such information...
"You've got questions. We've got phone plans."
FTFY
Archos was one of the first with a really polished player that also supported Flac, and kept making a HDD based one for quite a long time. Sadly, I think Archos backed out of the media player arena (probably because people kept saying "I have longed for XYZ", and then not buying it when they made it).
Archos's players were crap from numerous standpoints (I owned a higher-end one):
* Promised support for high resolutions that never came
* Constant random reboots that were never properly fixed in any firmware upgrade
* Hard drive constantly sleeping while device is sitting in a powered dock attached as USB storage, causing the attached system to stall waiting on IO regularly
* High-priced add-on hardware with proprietary connectors
* Didn't have certain docks like the battery doc in stock around launches, forcing you to buy higher priced TV capture docs if you wanted to rapid charge
* Touch-screen volume controls such that if you were wearing earbuds and touched the wrong part of the screen you'd blow your ears out
* Piece-meal buying of additional codecs for your device
I bought one for FLAC and large HD storage. I will never buy *anything* from that company again, *ever*.
Because when you are in a public place you have no right to the expectation of privacy.
Yes you do. Stop repeating that without even thinking about it.
You are communicating via a device that is generally not observable to people surrounding you. You might be sending text messages, IM's, photos, for example. Nobody around you can see that normally. This is all supposed to go over the air with GSM encryption - your phone using the strongest it can negotiate - to your carrier, who you have a contract with to carry your information. Then the signals are supposed to be switched over the phone network where it can't normally be intercepted without a warrant, and your data communications are not normally intercepted either.
The Stingray is specifically designed to masquerade as your carrier so it can get in the middle - aka wiretapping. It tries to downgrade the encryption *so that it can wiretap* and people can intercept communications that would normally be hidden from them.
If your argument was in any way true (i.e. because you are in a public place you have no expectation of privacy because anyone can hear you anyway), then the police would not need a stingray because they are local to that public place and they should just be able to walk up to you as a target and listen in in person, right? Except apart from the very specific case where you're blabbering way too loudly on a voice call, that just isn't true.
The very design of the Stingray condemns it as a wiretapping device.
.. until we start hearing stories about how even though people are listening to streaming music and paying for it, it isn't enough, and the studios are "losing revenue" that "they deserve".
The business model is amazing:
1 - Claim you should be making more than you are based on whatever stupid math you can put in front of the congressman you're lobbying where everybody pays for everything they ever listened to all the time.
2 - Profit from special taxes on sales of CD-Rs, internet subscriptions (everybody infringes at some point!), etc.
3 - Rate hikes bordering on collusion
4 - Never ending copyright extensions
Yes, and then we'd have proof, somewhere, of how many there are and could track where they have been used and who was actually affected.
Can't we add support to Android so that e.g. I can load a carrier cert into a special store used only for the cell radio operations and then have an option to authenticate towers before connecting to them? Is there any way for a carrier to publish a whitelist of tower info that can't be easily cloned? How do we have this infrastructure where anyone can start broadcasting and sweep up everyone's traffic and very little is being done about it?
Lots of people view common laws restricting freedoms/imposing on your privacy, law enforcement technology and it's operation/flaws to be "news for nerds". A while back, someone finally managed to get the source code for a breathalyzer, for example, and when dissected numerous flaws were found which would call into question many arrests.
A couple of days ago, someone posted on a reddit thread about the horrible pitfalls of having one of these and dealing with all the problems they bring. I understand DUI is a very serious issue, but if the claims this guy makes are true then the way interlock service companies are run are also outrageous:
https://www.reddit.com/r/AskRe...
For almost any use you might have the biggest threat to the security is going to be all the ways that your communications can be compromised while you are actually using it. Baseband exploits, protocol exploits, software vulnerabilities, poor or crippled RNGs, compromised platform or application updates, cloud storage of sensitive information, etc. etc. the list goes on.
Oh what? It can self destruct? It's probably way too late by then, and assuming it's been compromised the attackers would probably rather you keep the thing. Less work for them!
Or Google Wallet.
Let's not credit Apple alone with a solution when there are at least two major players in that market both encompassing a large install base and indeed Apple bringing their solution to the table much later.
A security feature does not have to be perfect to provide value. The user is still significantly more protected with HTTPS than with HTTP.
That is not in dispute. But even with HTTPS there are many risk factors that can be evaluated, including characteristics of the HTTPS connection itself and other factors beyond that, that could be used to present a more accurate assessment of "risk level" to an end user that is much better than teaching the falsehood that "if it's https, it's secure and I don't have to worry". Because when everything is https, the web will definitely be neither secure nor "safe".
The major downside to this is promoting the idea that an https connection is "secure", because especially when it comes to https, there are so many different attacks to level against both an end user and a host that we'd be better using a risk grading system.
I thought the three-letter agencies were spying on all of us to prevent things like this - you know, stop the terr'ists, protect our freedoms, etc. etc.
Seems like a vote of no confidence from various businesses here...
One of the reasons why the world-wide web is buried in a sea of advertising is that the costs associated with hosting a web-site increase as the site becomes more popular.
Costs per visitor are usually extremely small.
The main reason the www has so much advertising is that almost nobody wants to pay for content, yet content is not free to produce, and even if you come up with a schema for which some people will pay, your competitors will steal all your volume by offering something closer to free (or supported by advertising), and volume is essential for almost all internet-based businesses.
None of this will change because of the distribution method. Content is still not free to produce.
I have a scanner and periodically listen to HAM and GRMS channels, and my opinion is that licensed operators have killed the platform. In my area conversation is about *absolutely f'ing nothing of interest to almost anyone*, some douche periodically transmits junk to annoy everyone else, and any time someone with an interesting use comes along someone who knows all about the rules scares them away - doubtlessly feeling like they've just done everyone a great service. And perhaps keeping the airwaves clear for emergencies is one idea, but having those airwaves there and nobody using them for anything useful most of the time is such a waste.
I realize Slashdot is full of HAMs waiting for the next disaster so they can save us all with their radios as our last bastions of hope, but there is my anecdotal personal opinion for you. Maybe traditional HAM would be more popular vs e.g. encryption/packet radio if traditional licensees weren't so anal.
What makes Sony relevant as a company are it's people, their skills, their connections, the power they have to move the industry, the content rights they own, the technologies and products they develop, their brand, etc. etc.
100tb can leak today and be irrelevant within 12 months because life continues and projects move on. I'd say in the wake of massive disclosure employee morale may be the biggest factor in the recovery.
And you feel that this is equivalent, do you? What % of Sony employees do you believe actually had a hand in the decision to use the DRM, knew how it worked, and knew that it had a backdoor?
If I had to guess, it would probably be fewer than 50.
I would also guess that most people involved in shipping off the Jews knew they were doing something pretty bad.
I've just been reading some of the articles, and it seems that in fact Sony has unfortunately been storing a lot of communication that contains discussion of medical issues amongst other things.
This is an example of where a company could have done a better job of assessing the risk of retained data becoming a liability and applied suitable retention policies and other risk mitigation strategies like encryped storage (some articles suggest most files were not meaningfully protected).
IT folks and legal departments in today's climate should be asking themselves what is being stored, what are thr benefits, what is a liability, what is the actual business need, what are the mitigation options.
That's what I thought. I guess "insurance information" doesn't have enough scare factor for a story.
Bearing a grudge against a company for the decisions of it's higher-ups is one thing, wishing horrors upon the majority of employees who are probably everyday folk earning a living - many probably sharing your view on the matter of the rootkit saga - might be going a little too far...
What is Sony doing with medical records?
I also suspect moderation has slowed down. I suspect more generally long-term members with good karma and mod points have been coming here less due to the content and the beta site.