×

Announcing: Slashdot Deals - Explore geek apps, games, gadgets and more. (what is this?)

Thank you!

We are sorry to see you leave - Beta is different and we value the time you took to try it out. Before you decide to go, please take a look at some value-adds for Beta and learn more about it. Thank you for reading Slashdot, and for making the site better!

Comments

top

Librem: a Laptop Custom-Made For Free/Libre Software

Burz Re: Want one. (227 comments)

Vpro?

They're avoiding Vpro specifically because of security concerns.

about a week ago
top

Librem: a Laptop Custom-Made For Free/Libre Software

Burz Re:Want one, with signature checking (227 comments)

But using my signature.

I want secure boot from beginning to desktop, with the knowledge that the NSA has not dicked with my computer beyond its initial state.

They are looking into it... https://groups.google.com/d/ms...

The Qubes OS community is interested in this laptop, but without a TPM chip Qubes' AEM firmware guarding feature won't work on the Librem. So they are looking at accommodating us in another way by employing some kind of user-generated cert to protect the system firmware.

Purism did, however, switch their CPU to an i7-770HQ (along with HM87 chipset) specifically to satisfy Qubes' requirement for I/O virtualization. Pending proper support in Coreboot, Qubes should run and provide great protection from remote exploits on the Librem.

about a week ago
top

Adobe Patches Nine Vulnerabilities In Flash

Burz Re:Given the track record of Flash (95 comments)

Given the track record of Fedora, the update will hit the mirrors in about 2 days.

about two weeks ago
top

Investigation: Apple Failing To Protect Chinese Factory Workers

Burz Re:The criticism is fundamentally dishonest. (201 comments)

Well clearly nothing is good enough for you. Try making your criticism constructive sometime.

about a month ago
top

Investigation: Apple Failing To Protect Chinese Factory Workers

Burz Re:The criticism is fundamentally dishonest. (201 comments)

You obviously didn't read the website.

But I get your reasoning... Shiny pocket computers are more important than dealing with servitude.

I don't have to read the whole website to see that all I said was correct.

My hero!!! His Xray vision even works over the Internet.

What is your fucking point anyway? That you are morally superior to me because you have a fair phone - no wait, you said you could get one if you wanted to.

My point (if you read it) is that choices exist out there that the Android market at least makes possible.
 
 

Me, I don't have any shiny pocket computers unlike you hypocrite. Fuck you.

You presume too much, kemosabe... I'm going on 8 years with the same dumb-phone now.

about a month ago
top

Investigation: Apple Failing To Protect Chinese Factory Workers

Burz Re:The criticism is fundamentally dishonest. (201 comments)

You obviously didn't read the website.

But I get your reasoning... Shiny pocket computers are more important than dealing with servitude.

about a month ago
top

Investigation: Apple Failing To Protect Chinese Factory Workers

Burz Re:The criticism is fundamentally dishonest. (201 comments)

What's ridiculous is thinking Android users don't have a choice when it comes to ethics... http://www.fairphone.com/

At least it is something. And while you're reading that page I'd like to remind you of Apple's position as the both the largest and /richest/ smartphone vendor.

about a month ago
top

What Will Microsoft's "Embrace" of Open Source Actually Achieve?

Burz Re:The handwriting's on the wall: Alice v. CLS Ban (217 comments)

Barnes and Noble were shaping up to test a few of em in court - then Microsoft sidled up and 'partnered' with them. That's another part of the MS modus operandi. Wait for a company who you've hurt to be on the ropes financially, and then offer to help if they'll kiss and make up. Happened with Apple and MS too.

They also did this with Corel and Novell.

about a month ago
top

What Will Microsoft's "Embrace" of Open Source Actually Achieve?

Burz Re:Patents (217 comments)

MS have claimed numerous patents which they will STILL not disclose. FAT32 is only a known factor because it is also an issue with cameras, audio players and such.

At the end of the day, if I decide to install Windows on a system bearing Linux, then that Linux system is in peril. If a user receives a Linux ext3-formatted SD card and puts it into a running Windows system, the user will be told the card is unusable until it is formatted.

Where office formats and disk formats are concerned, MS still only has two modes: Pretend its noise that should be erased, or freakout send a SWAT team of marketing psychologists and lobbyists to get you to switch back.

Its nice that MS makes FOSS-friendly noises in the server/cloud space. That is what bullies do when they get their asses kicked. If MS gets the upper hand and their vendor lock-in starts working here, then the friendliness WILL evaporate.

about a month ago
top

RFID-Blocking Blazer and Jeans Could Stop Wireless Identity Theft

Burz Columbia makes RFID blocking wallets (110 comments)

They have both bifold and trifold. Don't know how well they work, though.

about a month ago
top

Ubuntu Gets Container-Friendly "Snappy" Core

Burz Can't wait to try this on Qubes (149 comments)

Because you don't look to containers for security.

about a month and a half ago
top

Why Elon Musk's Batteries Frighten Electric Companies

Burz Ice Bear storage already available (461 comments)

Ice Bears store energy as ice reserves for later air conditioning use when the sun goes down. This sounds like it would fit best in a sunny but humid climate where nighttime cooling needs are greatest.
http://www.ice-energy.com/

about 2 months ago
top

The People Who Are Branding Vulnerabilities

Burz Demote 99% of the vulnerabilities (64 comments)

Keep all the complex interfaces and code if you need them, but put them behind very small paravirtualization codebase ingrained into the OS which keeps them isolated -- from the core system, and from each other. Really, even your devices like USB controllers and NICs can be treated as untrusted in this way if you have an IOMMU. And you can have it in a normal desktop GUI.

Kernel-implemented security is a failure; Its ridiculous to go through continued years & decades of pain by relying on it and worrying about breakouts from its weak sandboxing tactics.

about 2 months ago
top

Launching 2015: a New Certificate Authority To Encrypt the Entire Web

Burz Re:Replace Cisco, and Akamai and then maybe.. (212 comments)

"Lawful intercept" has entered the business models of Verisign and CISCO. I would not trust CISCO... http://www.forbes.com/2010/02/...

Not even an inch... http://arstechnica.com/tech-po...

Proper security on a network is properly done at the endpoints. Its doesn't belong anywhere else.

What is Mozilla thinking?? They could help fund Convergence.io. They could implement clever ways to get it to ride on existing social networks. They could look at network privacy layers that use public keys as addresses. There are options for improving privacy that don't involve elevating the PKi clusterf*ck any further.

about 2 months ago
top

Open Source Self-Healing Software For Virtual Machines

Burz Re:Immune system for operating systems? (50 comments)

This is the one thing QubesOS could use to improve its security-by-isolation approach: Detection and repair in VMs. Even if you assume the hypervisor stays safe (and therefore, your trusted VMs stay safe), you're still relying on VMs to get everything done and the VMs doing the risky tasks are vulnerable to attack. It would be nice if those less-trusted VMs could get automatically restored after a successful attack.

about 2 months ago
top

HBO Developing Asimov's Foundation Series As TV Show

Burz Re:Woo-hoo! (242 comments)

Now I don't have to read the books.

Turn in your /. memberships! The both of you!

about 3 months ago
top

HBO Developing Asimov's Foundation Series As TV Show

Burz Re:Yes! (242 comments)

No that would be Gladia Solaria in The Naked Sun and Robots Of Dawn.

about 3 months ago

Submissions

top

Safety expert: Virgin Galactic 'ignored' repeated warnings

Burz Burz writes  |  about 3 months ago

Burz (138833) writes "AFP reports that a propulsion safety expert warned Virgin Galactic about their choice their choice of propellant for the ill-fated SpaceshipTwo. “Based on the work we’ve done, including me writing a paper on the handling of nitrous oxide, we were concerned about what was going on at Virgin Galactic,” she told AFP. “I sent copies of the paper to various people at Virgin Galactic in 2009, and they were ignored.”

Whether or not the crash was caused by the populsion system, this does make the company's attitude toward safety look questionable. Condsidering SpaceshipTwo was a civil passenger vehicle, were Virgin Galatic's engineers pushing the envelope too fast?"

Link to Original Source
top

EU FairPhone starts 25k+ production run in one week

Burz Burz writes  |  about a year ago

Burz (138833) writes "Ubuntu Edge may not have made it off the drawing board, but more ambitious FOSS-oriented devices have:

FairPhone has garnered over 32,000 orders for its socially-conscious design of the same name, overshooting the original 25k target in the time they allotted (a second run for the same model will start in January). Unfortunately, this sexy phone starts out as an EU-only product. The FairPhone is priced at 325 euros and will come loaded with Android 4.2, a 4.3" touchscreen, dual SIM slots, replaceable battery, and an admirable array of ports and sensors. What FairPhone aren't interested in selling you, however, is another charging brick-- bring your own! :)"
top

Doctorow tears up ISP contract: lack of neutrality

Burz Burz writes  |  more than 6 years ago

Burz (138833) writes "As a reaction to Virgin Media CEO's promise to violate the concept of net neutrality, Cory Doctorow is declaring his ISP contract void, canceling the service, and asking other Virgin customers to do the same. He isn't alone, and neutrality apparently isn't the only reason to drop Virgin. Myself, I am thinking of stopping my Virgin Mobile service in protest."
Link to Original Source

Journals

top

Modern online privacy for the age of Mass

Burz Burz writes  |  about a year ago

Invisible Internet Project...
      I2P is best described as a cross between Tor and Bittorrent. That is to say, the onion routing benefits from the fact that most participants contribute to the available bandwidth. It does also come bundled with a bittorrent client and email service. A number of other I2P apps are available including i2P-Bote, a new server-less email system based on DHT.

Qubes OS...
      Qubes is a desktop OS based on a customized Xen hypervisor. It ships with Fedora 18 to provide Linux desktop functionality, but can also host Windows and other VMs. The philosophy here is that paravirtualization, VT-x and VT-d are all employed in concert to reduce the system's attack-able surface to the base minimum while still providing the functionality of a desktop.

My choices in this area amount to a pretty short list because each one is comprehensive in its approach to privacy and security. I2P keeps everything encrypted and anonymous end-to-end without the worrying about app-specific encryption settings (PGP, OTR, HTTPS, etc) which leads to inconsistent usage. That means using mostly I2P-specific apps, though Firefox for I2P Web is the current exception. Qubes OS secures the system by keeping the high-risk subsystems - IP, firewall and X11 - in their own read-only VMs, and also runs my apps in separate domains according to the trust/risk levels I assign to them. For example: a 'banking' appVM to access bank accounts in Firefox, a 'personal' appVM for email, chat and personal files, an 'untrusted' appVM for general roving around the unsecured Web and multimedia entertainment, an 'i2p' appVM for the growing amount of anon/private communications over I2P, etc. The Qubes project goes so far as to claim "strong security" and I believe them... this is not your run-of-the-mill VM system.

More about some of the interesting features in these puppies later...

top

Submissions: Danish paper makes U-turn on cartoons

Burz Burz writes  |  more than 8 years ago

The Media Guardian is reporting on an infamous Danish newspaper's turnaround regarding the publication of certain cartoons. After initially expressing interest in reprinting cartoons from an Iranian paper, they have decided that some caricatures are beyond the pale: "Jyllands-Posten in no circumstances will publish Holocaust cartoons from an Iranian newspaper". This is the same paper in Denmark which posted a boring-then-shocking caricature of the Prophet Muhammed and is now apologising profusely, "peace be upon him".

Meanwhile the U.S. State Dept. says that the Muhammed cartoon irresponsibly incites ethnic as well as religious hatred; a double-whammy that seems to be ignored when debating the issue.

(Posted here cuz I'm tired of seeing my submissions irretrievably drop down a black hole.)

Slashdot Login

Need an Account?

Forgot your password?