×

Announcing: Slashdot Deals - Explore geek apps, games, gadgets and more. (what is this?)

Thank you!

We are sorry to see you leave - Beta is different and we value the time you took to try it out. Before you decide to go, please take a look at some value-adds for Beta and learn more about it. Thank you for reading Slashdot, and for making the site better!

Comments

top

Investigation: Apple Failing To Protect Chinese Factory Workers

Burz Re:The criticism is fundamentally dishonest. (191 comments)

What's ridiculous is thinking Android users don't have a choice when it comes to ethics... http://www.fairphone.com/

At least it is something. And while you're reading that page I'd like to remind you of Apple's position as the both the largest and /richest/ smartphone vendor.

yesterday
top

What Will Microsoft's "Embrace" of Open Source Actually Achieve?

Burz Re:The handwriting's on the wall: Alice v. CLS Ban (215 comments)

Barnes and Noble were shaping up to test a few of em in court - then Microsoft sidled up and 'partnered' with them. That's another part of the MS modus operandi. Wait for a company who you've hurt to be on the ropes financially, and then offer to help if they'll kiss and make up. Happened with Apple and MS too.

They also did this with Corel and Novell.

2 days ago
top

What Will Microsoft's "Embrace" of Open Source Actually Achieve?

Burz Re:Patents (215 comments)

MS have claimed numerous patents which they will STILL not disclose. FAT32 is only a known factor because it is also an issue with cameras, audio players and such.

At the end of the day, if I decide to install Windows on a system bearing Linux, then that Linux system is in peril. If a user receives a Linux ext3-formatted SD card and puts it into a running Windows system, the user will be told the card is unusable until it is formatted.

Where office formats and disk formats are concerned, MS still only has two modes: Pretend its noise that should be erased, or freakout send a SWAT team of marketing psychologists and lobbyists to get you to switch back.

Its nice that MS makes FOSS-friendly noises in the server/cloud space. That is what bullies do when they get their asses kicked. If MS gets the upper hand and their vendor lock-in starts working here, then the friendliness WILL evaporate.

2 days ago
top

RFID-Blocking Blazer and Jeans Could Stop Wireless Identity Theft

Burz Columbia makes RFID blocking wallets (110 comments)

They have both bifold and trifold. Don't know how well they work, though.

2 days ago
top

Why Elon Musk's Batteries Frighten Electric Companies

Burz Ice Bear storage already available (461 comments)

Ice Bears store energy as ice reserves for later air conditioning use when the sun goes down. This sounds like it would fit best in a sunny but humid climate where nighttime cooling needs are greatest.
http://www.ice-energy.com/

about two weeks ago
top

The People Who Are Branding Vulnerabilities

Burz Demote 99% of the vulnerabilities (64 comments)

Keep all the complex interfaces and code if you need them, but put them behind very small paravirtualization codebase ingrained into the OS which keeps them isolated -- from the core system, and from each other. Really, even your devices like USB controllers and NICs can be treated as untrusted in this way if you have an IOMMU. And you can have it in a normal desktop GUI.

Kernel-implemented security is a failure; Its ridiculous to go through continued years & decades of pain by relying on it and worrying about breakouts from its weak sandboxing tactics.

about three weeks ago
top

Launching 2015: a New Certificate Authority To Encrypt the Entire Web

Burz Re:Replace Cisco, and Akamai and then maybe.. (212 comments)

"Lawful intercept" has entered the business models of Verisign and CISCO. I would not trust CISCO... http://www.forbes.com/2010/02/...

Not even an inch... http://arstechnica.com/tech-po...

Proper security on a network is properly done at the endpoints. Its doesn't belong anywhere else.

What is Mozilla thinking?? They could help fund Convergence.io. They could implement clever ways to get it to ride on existing social networks. They could look at network privacy layers that use public keys as addresses. There are options for improving privacy that don't involve elevating the PKi clusterf*ck any further.

about a month ago
top

Open Source Self-Healing Software For Virtual Machines

Burz Re:Immune system for operating systems? (50 comments)

This is the one thing QubesOS could use to improve its security-by-isolation approach: Detection and repair in VMs. Even if you assume the hypervisor stays safe (and therefore, your trusted VMs stay safe), you're still relying on VMs to get everything done and the VMs doing the risky tasks are vulnerable to attack. It would be nice if those less-trusted VMs could get automatically restored after a successful attack.

about a month ago
top

HBO Developing Asimov's Foundation Series As TV Show

Burz Re:Woo-hoo! (242 comments)

Now I don't have to read the books.

Turn in your /. memberships! The both of you!

about a month ago
top

HBO Developing Asimov's Foundation Series As TV Show

Burz Re:Yes! (242 comments)

No that would be Gladia Solaria in The Naked Sun and Robots Of Dawn.

about a month ago
top

Mayday PAC Goes 2 For 8

Burz Re:Don't totally agree (224 comments)

Then write someone else in... Anyone else who would make a statement.

about a month ago
top

Tor Project Mulls How Feds Took Down Hidden Websites

Burz Come on over to I2P (135 comments)

There are no privileged routers (or 'guard' nodes) on I2P, and from the perspective of "relays" I2P has many times the number Tor has.

Its way better than Tor when you're looking mainly to communicate with other anon sites/users. Comes with bittorrent and an option for decentralized (serverless) securemail.

about a month ago
top

Mayday PAC Goes 2 For 8

Burz Re:Don't totally agree (224 comments)

Its dumbasses like you that think "As long as you are voting for the lesser of two evils you are making a difference"

There is such a thing as a protest vote, "dumbass".

Showing up to vote is critically important. At the very least it ensures the authorities will have to do the dirty, dirty work of physically turning people away if they have been purged from the rolls.

about a month and a half ago
top

Joey Hess Resigns From Debian

Burz Re:Unfortunate, but not surprising (450 comments)

As a (primarily desktop) Linux user since 1998, the unfolding of this debacle is starting to look like an example of why Linux distros in general lack appeal in the desktop space. Desktop/laptop users can't 'make do' with server architecture; there isn't enough veritcal integration of the powerful features we need. When layers represented by systemd and wayland must be considered swappable, the more talented users turn off to the possiblity of building stable user-facing applications on that platform.

One bit of advice is, don't be such primadonnas. Like the laptop users, you'll have to explain to the world which workflows and features are getting broken by these recent changes. OTOH, if all that's getting 'broken' is your philosophy then you might want to take a step back and consider that a better (if larger) one may have replaced it.

about a month and a half ago
top

EFF Begins a Campaign For Secure and Usable Cryptography

Burz Re:Would love to see how I2P-Bote fares. (96 comments)

Thus, any packet sniffer out there (be it by a credit card thief, the NSA - who may also be credit card thieves, or anyone else) can't look for context to decide what packets to grab. There is no context.

Actually, there is the very important context of who is transmitting to whom, and when, which IPSec is giving away. Each user, therefore, might as well be the subject of a pen register.

With I2P, all they see is a stream of encrypted packets to random points and even the 'when' is obscurred (I2P users onion-route traffic for other users by default and expectation, so you can think of this protocol as marrying ideas from IPSec, Tor and Bittorrent).

That means having to decrypt absolutely everything, including DNS lookups...

Speaking of DNS lookups: Why make your addressing dependant on centralized, establishment-controlled scheme? If PKI can be subverted to let them eavesdrop, then IP addresses and DNS certainly can be as well. Addresses that operate like public keys are much better.

Its already there on your TAILS disc... try it out. ;)

about a month and a half ago

Submissions

top

Safety expert: Virgin Galactic 'ignored' repeated warnings

Burz Burz writes  |  about a month and a half ago

Burz (138833) writes "AFP reports that a propulsion safety expert warned Virgin Galactic about their choice their choice of propellant for the ill-fated SpaceshipTwo. “Based on the work we’ve done, including me writing a paper on the handling of nitrous oxide, we were concerned about what was going on at Virgin Galactic,” she told AFP. “I sent copies of the paper to various people at Virgin Galactic in 2009, and they were ignored.”

Whether or not the crash was caused by the populsion system, this does make the company's attitude toward safety look questionable. Condsidering SpaceshipTwo was a civil passenger vehicle, were Virgin Galatic's engineers pushing the envelope too fast?"

Link to Original Source
top

EU FairPhone starts 25k+ production run in one week

Burz Burz writes  |  1 year,17 days

Burz (138833) writes "Ubuntu Edge may not have made it off the drawing board, but more ambitious FOSS-oriented devices have:

FairPhone has garnered over 32,000 orders for its socially-conscious design of the same name, overshooting the original 25k target in the time they allotted (a second run for the same model will start in January). Unfortunately, this sexy phone starts out as an EU-only product. The FairPhone is priced at 325 euros and will come loaded with Android 4.2, a 4.3" touchscreen, dual SIM slots, replaceable battery, and an admirable array of ports and sensors. What FairPhone aren't interested in selling you, however, is another charging brick-- bring your own! :)"
top

Doctorow tears up ISP contract: lack of neutrality

Burz Burz writes  |  more than 6 years ago

Burz (138833) writes "As a reaction to Virgin Media CEO's promise to violate the concept of net neutrality, Cory Doctorow is declaring his ISP contract void, canceling the service, and asking other Virgin customers to do the same. He isn't alone, and neutrality apparently isn't the only reason to drop Virgin. Myself, I am thinking of stopping my Virgin Mobile service in protest."
Link to Original Source

Journals

top

Modern online privacy for the age of Mass

Burz Burz writes  |  1 year,25 days

Invisible Internet Project...
      I2P is best described as a cross between Tor and Bittorrent. That is to say, the onion routing benefits from the fact that most participants contribute to the available bandwidth. It does also come bundled with a bittorrent client and email service. A number of other I2P apps are available including i2P-Bote, a new server-less email system based on DHT.

Qubes OS...
      Qubes is a desktop OS based on a customized Xen hypervisor. It ships with Fedora 18 to provide Linux desktop functionality, but can also host Windows and other VMs. The philosophy here is that paravirtualization, VT-x and VT-d are all employed in concert to reduce the system's attack-able surface to the base minimum while still providing the functionality of a desktop.

My choices in this area amount to a pretty short list because each one is comprehensive in its approach to privacy and security. I2P keeps everything encrypted and anonymous end-to-end without the worrying about app-specific encryption settings (PGP, OTR, HTTPS, etc) which leads to inconsistent usage. That means using mostly I2P-specific apps, though Firefox for I2P Web is the current exception. Qubes OS secures the system by keeping the high-risk subsystems - IP, firewall and X11 - in their own read-only VMs, and also runs my apps in separate domains according to the trust/risk levels I assign to them. For example: a 'banking' appVM to access bank accounts in Firefox, a 'personal' appVM for email, chat and personal files, an 'untrusted' appVM for general roving around the unsecured Web and multimedia entertainment, an 'i2p' appVM for the growing amount of anon/private communications over I2P, etc. The Qubes project goes so far as to claim "strong security" and I believe them... this is not your run-of-the-mill VM system.

More about some of the interesting features in these puppies later...

top

Submissions: Danish paper makes U-turn on cartoons

Burz Burz writes  |  more than 8 years ago

The Media Guardian is reporting on an infamous Danish newspaper's turnaround regarding the publication of certain cartoons. After initially expressing interest in reprinting cartoons from an Iranian paper, they have decided that some caricatures are beyond the pale: "Jyllands-Posten in no circumstances will publish Holocaust cartoons from an Iranian newspaper". This is the same paper in Denmark which posted a boring-then-shocking caricature of the Prophet Muhammed and is now apologising profusely, "peace be upon him".

Meanwhile the U.S. State Dept. says that the Muhammed cartoon irresponsibly incites ethnic as well as religious hatred; a double-whammy that seems to be ignored when debating the issue.

(Posted here cuz I'm tired of seeing my submissions irretrievably drop down a black hole.)

Slashdot Login

Need an Account?

Forgot your password?