Slashdot Mirror


User: Aighearach

Aighearach's activity in the archive.

Stories
0
Comments
12,400
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 12,400

  1. Duh on Court Mulls Revealing Secret Government Plan To Cut Cell Phone Service · · Score: 3, Interesting

    Lets say there is a bomb. And it has a phone attached. And you have inside information that it is really connected to a real cell phone. And you don't know where the person is with the other phone. And you know from your inside information that the timer will wait 6 hours before the fail-safe makes it blow up.

    What if it is not a bomb. What if a war breaks out, and you know for a fact that there is an intelligence agent reporting over a regular cell phone, using coded words, about the movements of ships out of a harbor. Cutting off that flow of information while you set sail might be very valuable.

    I'm not arguing for (or against) the wisdom of these policies. But there are obvious and legit reasons for the government to make plans for how to deal with unlikely emergencies.

    They probably also have plans for what to do if we're invaded by Canada. Not because it is likely, but because a nation this large can afford to plan for unlikely things. Some of those unlikely things will actually happen.

    As to this case, the Executive gets to tell the Court that their reason is that their conclusion is that National Security requires it. That it is their opinion makes it a good enough reason, because national security is not the business of the Court. Expect this story to be nothing, and go nowhere. For or against the policy, you should be able to see this approach will not yield any fruit.

  2. Re:USA behind the rest of the progressive world on Judge Allows Divorce Papers To Be Served Via Facebook · · Score: 1

    Right. So when you have only rights of custom and religion, and the discussion is about legal rights, then you have "no rights."

    Don't misunderestimate your capacity to understand words.

  3. Re:For both OOM killer and battery use on Google: Less Than One Percent of Android Devices Are Affected By Harmful Apps · · Score: 1

    sqlite doesn't work that way

    Let me rephrase in a way that doesn't depend quite as much on the technical details of a particular platform: How many seconds of the most recent work do users expect to accept losing when an app is killed?

    LOL no, that won't help you understand any better. At best it helps you sound less ridiculous. What would the use of making technical comments with less understanding be?

    file write buffers don't disappear and lose data when an app is killed.

    My experience differs, at least on a different platform. When I was in college...

    Woah there cowboy, maybe the crap you used in college just sucked, eh? You mention windows, so I have to tell you... other platforms already had buffers and shit that didn't suck. Sorry you had... whatever it was... happen to you. But it doesn't help you understand the issue on the Android platform where you have to expect things to get killed on you at any time, and you won't get warning. Your fantasy that people ask for phone status in order to flush their buffers is funny. But it is not correct, or close, or even a small part of what is happening here. And Android does usually give you a small window of time to flush your shit before it kills you. But guess what? When you get the status change, that stuff already happened. That is information you get afterwards, not information you get in advance. It isn't helpful in the way you imagine.

    If an app is claiming not to need or use personal information, why would the programmer be worried that it has to download its publicly, anonymously available data files over HTTP?

    My assumption was that the user would create a username and password and then decline to specify any real-world personal information for account recovery. The user still expects that the communication be authenticated and private even though not associated with a real-world identity.

    Well, then your assumption is invalid wherever the app doesn't require a login. So if you have to concede that my point is sometimes valid, you can then also address your arguments about it to the cases where it is valid. You know, the cases I was talking about.

  4. Re:A hit-piece of a submission... on Why Is the Internet Association Rewarding a Pro-NSA Net-Neutrality Opponent? · · Score: 1

    When a person can't tell the difference between Somalia and Sweden, and doesn't understand the result of a lack of government, or of good governance, there is not much left except to ignore them or laugh at them. Making fun of them doesn't improve the conversation any, granted. But there is no conversation there anyways.

  5. Re:A hit-piece of a submission... on Why Is the Internet Association Rewarding a Pro-NSA Net-Neutrality Opponent? · · Score: 1

    In many states there is no government monopoly. The cable companies divide up the territory in the exact same way even when States allow for competitive access. You're just translating anti-government propaganda onto the issue blindly.

    In Portland we found out how real the availability of competition was when Google Fiber threatened to come to town, and suddenly multiple cable companies were asking for permits for the same neighborhoods. That really happened. There was no barrier in the way. And yet, the whole rest of the State, under the same rules, has exactly 1 cable provider in each location.

    The idea that these are government monopolies is easily refuted. And, cable isn't even the only way to deliver internet. ;) Do you assume that in the future, cable will still be the fastest offering most people have? There is no reason for it to be. Network neutrality does not invoke the problems with the cable industry naturally, you have to force these ideas together, and it still falls flat.

  6. Re:Enjoy Your New Internet Taxes on Why Is the Internet Association Rewarding a Pro-NSA Net-Neutrality Opponent? · · Score: 1

    you're going to have to bring up some citations, because when the government gave AT&T a monopoly, they might have done some shitty things, and blocked some innovation, but the quality of service was second to none. They had a phrase called "five nines" to describe their uptime. To date, no other information system can match the 99.999% reliability of Ma Bell. You picked up the phone and the dial tone was always there. No exceptions. They also pushed innovation and gave back to the community. UNIX for example was given away for Free when they had a monopoly. They didn't care, they just wrote it off. AT&T Bell Labs was the envy of the fucking world, and the state of the art for electronic engineering for 5 fucking decades.

    I'd like to see actual sources to back up the usual rhetoric, because your information is lacking.

    Bullshit. You picked up the phone and the dial tone was not "always there," it was only there 99.999% of the time. In the 80s when the SF quake happened, so many people in my city (not even in California) were calling to check on relatives, most people were getting the "fast busy" signal when they picked up their phones, because the system was swamped. It was probably 4 hours before we could make local calls reliably again.

    Five nines might be really good. But it isn't always.

  7. Re:Enjoy Your New Internet Taxes on Why Is the Internet Association Rewarding a Pro-NSA Net-Neutrality Opponent? · · Score: 1

    Actually no they do not. The new rules do not disallow taxes but that is not the same thing, and there is NOTHING in the rules that allow content control.

    The people that complain about the new net neutrality rules are either corporate telco shills or just misinformed idiots.

    Or both.

  8. Re:Enjoy Your New Internet Taxes on Why Is the Internet Association Rewarding a Pro-NSA Net-Neutrality Opponent? · · Score: 1

    Don't forget to be equally outraged when it is flipped around, and a weak supporting argument for mainstream pro-government policies is followed by low-taxes anti-government attacks.

  9. Re:USA behind the rest of the progressive world on Judge Allows Divorce Papers To Be Served Via Facebook · · Score: 1

    My understanding is that in that context the divorce takes place when he's told her. It isn't a legal process. Any legal process that follows, as in your link, will only be asking if he told her. If a religious adviser to the court says that he told her, he told her. She has no rights, and her marriage exists at the whim of her husband.

  10. Re:Still No Word... on Judge Allows Divorce Papers To Be Served Via Facebook · · Score: 1

    Actually, you're wrong. Very wrong.

    If you can arrange the catapult payload such that the papers will land in the persons hands, or the person will pick them up, and you can prove that they did, then it is totally valid. Just like, hiring somebody to pretend to be a utility worker with a work order, who hands them the papers and shouts, "You've been served!" is totally legit. That's the sort of crap that a creative litigant is encouraged to do in order to overcome procedural nonsense like avoiding service.

    If you load the catapult with 1000 copies of the papers, even better. It gets harder and harder to claim you didn't know about the case even after you hired a bunch of people to clean up your yard. Be advised, their counter-suit might force you to pay for the cleanup.

  11. Re:How do they know that he accepted it? on Judge Allows Divorce Papers To Be Served Via Facebook · · Score: 0

    You don't get to accept or deny legal papers. The requirement is simply to receive them, so that you have an opportunity to arrange for your legal defense or response.

  12. Re:Minimum Requirements on Judge Allows Divorce Papers To Be Served Via Facebook · · Score: 1

    In Oregon any person can apply to get a license to officiate marriages, you don't have to be a member of a religion. There are probably already a bunch of IT Marriage Ministers in Portland. They have... a lot of options.

    The thing is, you have to witness the marriage in person. So you'll need more than just any server, you'll need a webcam with a live feed. There are probably states that allow the official simply to "know of" the wedding.

  13. Re:I'm not surprised on Judge Allows Divorce Papers To Be Served Via Facebook · · Score: 4, Informative

    It isn't news anyways. The harder a person makes themselves to be served legal papers, the more permissive the courts are in how service may be performed. Avoiding service is not intended by the courts to be a winning strategy, and they work hard to get around abusers and find a good-enough means of service. That is how they balance against the strict requirements to serve the papers. After all, if you're trying that hard to avoid receiving legal paperwork, you probably do actually know about it.

  14. Re:For both OOM killer and battery use on Google: Less Than One Percent of Android Devices Are Affected By Harmful Apps · · Score: 1

    sqlite doesn't work that way, and file write buffers don't disappear and lose data when an app is killed. That is LOL-level stuff, man.

    Googling the details of a specific issue in programming for an API may not return useful results when you're not a programmer in that area. However, your ignorance doesn't demonstrate anything. It actually refutes the idea that you're even disagreeing with me, or participating in the conversation. You don't understand the details, so you'll have to take my word for it; or not. But it won't affect me, and it won't contribute anything to the discussion for you to choose a side you don't understand.

    If an app is claiming not to need or use personal information, why would the programmer be worried that it has to download its publicly, anonymously available data files over HTTP? A sensitive user would be using a VPN anyways, and the apps wouldn't need to worry about it. A user whose HTTP traffic just goes out the default unencrypted connection, they're not benefiting by somebody asking for extra permissions to view their private data... in order to hide their anonymous data access. That is a totally absurd combination of claims.

  15. Re:"Phone status" to avoid the OOM killer on Google: Less Than One Percent of Android Devices Are Affected By Harmful Apps · · Score: 1

    There are other mechanisms to save work. Also, the whole platform requires you to assume you can be interrupted at any time. This is almost entirely mitigated by the API giving you a sqlite database to store all your crap in. It will still be there. The part the user is interacting with is just a viewer, it is not the core of an app.

    It is absolutely, unquestionably, an awful app that would try to use it as you describe. The platform isn't designed to tell you what is happening and to preserve your running instance until it tells you otherwise; and the vast majority of causes of your app getting whacked don't have any warning, or some side-channel thing you check to see why. You just close the GUI part, serialize your data in the backend process, and you're ready to either get control back, or have the backend killed by force, either of which is possible without any error state.

    The only app that needs to know the phone state is a dialer app, or something else that is intended to be used as a phone interface. The feature they want is not any of that. They reason it is requested is because they bundled the device ID with the phone status. So any app that you want to be able to identify your device, for example to save a high score on a server, or auto-login to a game server, is to also give that app access to all the numbers you call, all the numbers that call you, etc.

    The main use of the feature has nothing to do with your phone number or your contacts, and yet it leaks that data. It is too big a conflation to believe it is accidental. The only logical answer is that Google intends to leak all the numbers called to all the apps that have an interest in identifying a device. So basically, anybody that wants to track your use of their app on your device, also gets to track all the numbers you call. And it is specifically designed to work that way. They put engineering hours into combining these things, bundling them together. It is not an accident.

    Also, no, you don't need "full network access" to access anything outside a web browser. You only need it to go off port 80 HTTP. You can still just use a subdomain for the remote app API. You're conflating two different permissions.

  16. Re:A less biased source please? on Google: Less Than One Percent of Android Devices Are Affected By Harmful Apps · · Score: 1

    While I mostly agree with you, there are location-faking apps out there. Probably require root, but on the Google-branded devices that is easy to get since they are unlocked. It doesn't really help much, though.

    The ironic thing is that when it comes to Google's money-maker, advertising, they're the only company that protects the consumers data. (by keeping it to themselves and being the middle-man) And then when it comes to their platform, they started with that philosophy, then changed their ways and features, and now they conspire with the app devs to help those app devs get direct access to the users private information. They seem totally ignorant of the fact that this leaks into their whole brand, that it takes their strongest feature from their biggest money-maker, and destroys the trust it built.

  17. Re:A less biased source please? on Google: Less Than One Percent of Android Devices Are Affected By Harmful Apps · · Score: 1

    To expand on this:

    If they wanted to add to the dev tools the capability to auto-generate permissions by running the app in a sandbox, measuring what permissions it actually used, and then generating the manifest, that would be easy to do. In fact, you could just have a test suite that exercises all the app features to drive it. That way for people who write tests, they would get tailored permissions for free; and any missing permission would be parallel to a missing test, and so it would help mitigate bug escalation.

    I'd be happy to write it for them, except that the terms of using their dev tools prevents me from writing dev tools. If they decided it was harmful or encouraged forking, I could be banned from even compiling apps with their toolchain. If google was the same company today that they were when they first wrote Android, I'd probably already have put out a version of this sort of tool.

  18. Re:A less biased source please? on Google: Less Than One Percent of Android Devices Are Affected By Harmful Apps · · Score: 1

    Actually, Google specifically assumes that your privacy does have value to you, and that you should be able to decide what you'll trade it for.

    So when are you going to give us the ability to disable permissions on a per-app basis? You know, like you added to the OS a few revisions back, then took away again?

    This is the biggest single reason I recommend people not to buy Android these days if they ask. I'm sick of apps asking for all kinds of permissions that I don't want to give them, and not having any way to block them.

    That really blasts their Pollyanna "it's all roses" line out of the water. If they hadn't made something that was really great on a technical level, that can give us what we want, and then scaled it back so we can't have it... then I'd still be listening to their line. A few short years ago there was nothing I loved more than a new Google API. Now, it reads the same as "Microsoft API," e.g., something I may have to be aware of at work, but not the thing we're actually going to be using.

  19. Re:A less biased source please? on Google: Less Than One Percent of Android Devices Are Affected By Harmful Apps · · Score: 1

    The honest truth is that they think less than 1% of android apps do harm that doesn't benefit google.

    Benefit to Google, or lack thereof, is completely irrelevant to the Android security team's decision to classify an app as potentially harmful or not.

    Nonsense. Broaden the meaning of the words until what I said sounds like a true statement; good, now you've understood my statement. ;)

    Like you admit, if you attribute it to laziness you just assume there is no problem. It would be harmful for google to actually try to address the problem, because the only solution for lazy developers would be to inconvenience them in some way; kick their apps out until they fix their permissions. Your whole statement just reinforces my original view; the problem is addressed only in the area that google gets blamed for ("malicious" apps) and totally ignores the problem that hurts users more: incompetence that turns any app security bug into super-malware. Your position makes perfect sense, if the PR of the Google Play Store is the concern.

    And history of walled garden software repositories shows that this approach results in malicious parties putting their apps in without the bad parts first, then later making changes in updates. If you're accepting security problems as long as they are only lazy mistakes, you're not protecting against much. The first wave of security work is just enabling the second wave of attacks in that case. The same thing as is happening to advertisers. Google is what it is today mostly because of text ads; there is no malware vector. Everybody else gives power to advertisers to spew HTML blocks at customers, and it is full of malware. Reviewing the ads in advance isn't helping the competition. Google's left hand doesn't have the wisdom of the right hand, unfortunately.

    With f-droid though, I can just download the source code, remove the permissions, recompile, and install by hand. Done and done.

  20. Re:Reasons why I don't like the Internet of Things on DHS: Drug Infusion Pumps Vulnerable To Trivial Hacks · · Score: 1

    I don't want the internet of things to watch me while I make passionate love to your wife, either.

  21. Re:I can believe this on Google: Less Than One Percent of Android Devices Are Affected By Harmful Apps · · Score: 1

    You're probably asking the wrong company. Ask the company who built your device. The google branded Nexus devices don't have that limitation.

  22. Re:A less biased source please? on Google: Less Than One Percent of Android Devices Are Affected By Harmful Apps · · Score: 1

    You don't "know" that, because if you spent time with it and were paying attention, you'd know otherwise.

    In some cases they strip out analytics libraries, for example. However, many of those apps are still asking for your device ID and "phone status." "Phone status" sounds like it is about the current status, but actually that exposes all the numbers you call, when, for how long, etc.

    And the same app will ask for full network access, even though if you look at the traffic, almost all of them are using HTTP to talk to their services, and they have no legit need for full network access. However, it lets them look at what all your network connections are.

    If the defense is, "Golly gee, writing apps is easy but writing an android manifest that only requests actually used permissions is hard" then that is pretty bad news. But it isn't at all the same as, "they're not doing it."

    "Nobody" cares, if there was going to be outrage there already would be. If they wanted to fix the way they handle permissions, they would have already. F-Droid may push malware, but they're not ignorant of the choices they make. There is no utility at all in naming examples, you can click on 5 or 10 and have 4 to 9 examples of it. Install 10 random apps, you'll likely have exactly 1 that doesn't request any special permissions. And that will be the only one that needed its permissions. Even various "sky map" and "mountain map" apps want your phone ID. Why? No reason? Then why did they ask? Do you trust people who ask for personal information they claim not to have any use for? If I knew they asked for it out of incompetence, it wouldn't increase my trust at all.

  23. Re:A less biased source please? on Google: Less Than One Percent of Android Devices Are Affected By Harmful Apps · · Score: 4, Insightful

    Even in F-Droid, over half the apps want to read my device ID and permission to record all my calls and contacts, and less than 1% have a legit reason for that info. The vast majority of apps in their walled garden don't actually need any special permissions at all to do whatever the app does, or maybe 1 permission. Find an app that has only the permission it needs. Good luck, hope you ate a big breakfast before you started searching.

    How is tracking me with nothing given in return not "harmful?" My privacy has value to me, surely. The claim that there is no harm relies on the known lie that my privacy has no value to me.

    The honest truth is that they think less than 1% of android apps do harm that doesn't benefit google . That is actually a different thing than what they're saying, though. So I call lie .

  24. Re:So watch out what you say. on NASA Denies New Space Station Partnership With Russia · · Score: 1

    When you say you want to work together, it doesn't mean you agreed to specific plans together.

    Just like, if somebody says, "we should go to coffee sometime," it doesn't mean that you have plans to go to coffee together. It means you have a shared desire to schedule that activity at a future time.

    The person claiming a specific agreement when only a general spirit of cooperation was offered, that is the person lying.

  25. Re:Putin's getting desperate... on NASA Denies New Space Station Partnership With Russia · · Score: 1

    The rocket market isn't just a "failing" of NASA, they were confident that those rockets would be on the market, so they accepted having to use them for a few years in order to be able to afford other things on their limited budget.

    Especially now that there are multiple new rockets coming to market to compete in that space, it doesn't look like a failing at all. It looks like they have quality analysts, actually.

    They didn't trip over their shoelaces and accidentally end up having to buy Russian rockets.