Beta

Slashdot: News for Nerds

×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Comments

top

New Permission System Could Make Android Much Less Secure

gnoshi Re:Broken permissions (249 comments)

"I don't recommend taking any money" said the man as he walked away from the pile of cash he had left on the street.

about a month ago
top

New Permission System Could Make Android Much Less Secure

gnoshi Re: How is this a good idea? (249 comments)

Actually, I think the best way is to do it like both. List the permissions (in groups, sure, that's fine) so that users can decide not to install the torch app which requests permission to their contact list and text messages at all (because you can bet if it is doing that then when an exploit appears one day that developer will pounce) and then on-demand so users can choose whether an app should have permission to XYZ in context. Using Facebook: at one point its app grabbed your phone number and sent it to Facebook before you'd even logged in for the first time.
(For updates, I think it is insane not to require approval for permission changes within groups. 'Why yes, twitter, I know you only wanted to read my contacts and SMS but sure you can delete all my message, contacts, and calendar entries').

Ideally, I think having a default set of options (e.g. Allow or Ask) for permissions, and then at install time when the groups are being shown having the ability to choose to change them (for the more unusual users who want to do it at that point), and finally doing the iOS ask-in-context so that you can see that XYZ app only wants to look at your contacts when you click 'find friends using the service', not 8 seconds after installation and before you even have an account.

There are other issues too: e.g. how do you force an app to only be allowed to record audio or take images from the camera when in the foreground. It would be good to at least get the broad brush strokes right first, though.

about a month ago
top

New Permission System Could Make Android Much Less Secure

gnoshi Re:Clarification (249 comments)

My understanding is that there is no separate 'group' permissions. If an app is granted a permission which falls within a group (e.g. read SMS) then an auto-update can add any other permission within that group without user notification (e.g. change all your text messages to read 'if you ever want to see your text messages again, sent 0.2BTC to xyz).

about a month ago
top

Melbourne Uber Drivers Slapped With $1700 Fines; Service Shuts Down

gnoshi Re:Enough warning? (255 comments)

April 25th, from an article in a major newspaper..

The Victorian transport minister has warned off people from driving others around for a fee in their own car using a new "ride-sharing" feature in the smartphone app Uber.

"The TSC is currently investigating this practice and will take appropriate action if such activity is detected in Victoria," Mr Mulder's spokeswoman said. "All taxi and hire car drivers go through a rigorous accreditation process before they are allowed to drive a taxi or hire car – this is for both the safety of drivers and passengers.

On the face of it, Mr Samuel believed that Uber was not complying with the Victorian public transport legislation.
"If they are not complying with the law we'll prosecute," he said.
To comply, Mr Samuel said Uber would need to obtain a $40,000 private hire car licence for unlimited vehicles and have accredited drivers.

I'd say that was sufficient warning.

about 2 months ago
top

Melbourne Uber Drivers Slapped With $1700 Fines; Service Shuts Down

gnoshi Re:Death sentence (255 comments)

People with a criminal record are statistically more likely to engage in criminal activity than people without a criminal record.
Putting background checks on everything would be a terrible idea, and treating all crimes as equivalent when performing background checks would be a pretty poor idea too. However, we can't pretend that having a criminal record doesn't have any predictive power either.

about 2 months ago
top

Melbourne Uber Drivers Slapped With $1700 Fines; Service Shuts Down

gnoshi Re:Death sentence (255 comments)

You may have missed that Victoria is currently changing taxi regulation to increase the number of available licenses (so that you don't get price inflation due to rarity) and making it easier for people to provide pre-booked hire cars.
Look at:
Changes to hire cars
Victorian Taxis are changing for the better
These were off the back of the report by (Prof.) Allan Fels, previous head of the Australian Competition and Consumer Commission.

about 2 months ago
top

London Police To Wear Video Cameras In Pilot Project

gnoshi Re:Can't turn them off? (152 comments)

One possible solution to the 'recording everything' issue is to encrypt things as they are recorded, and to require a representative from the police and a representative from a civil liberties organisation to provide keys in order to decrypt the video. That way, even constantly-recording video couldn't be used for wholesale surveillance (theoretically).

I imagine the intention is that video would only be viewed if a complaint was made or there was some contention about the events between a member of the public and the police so having a bit of an overhead for viewing the videos wouldn't be unreasonable (I don't think).

about 2 months ago
top

Open Source Program To Give Voters More Active Role In Government

gnoshi Nice to see experiments in democracy (60 comments)

One of the challenges with any democratic system which has voluntary inclusion (e.g. optional voting) is that the voting constituents can be dominated by special interest groups. For example, a religious organisation with a sufficiently large following who are willing to follow the directions of leadership could sway a vote simply because there isn't an organised structure opposing them (so low voter turnout for an opposing position).
Another challenge is that if you have mandatory inclusion, then you can have people who are essentially uninformed on major issues (or worse yet, misinformed - although defining what is 'misinformed' in a challenge all its own) who are voting to determine an outcome. This can turn the entire process into a popularity contest where votes are won not by accurate information or genuine expert knowledge but rather by the most flashy campaigns or best scare tactics. An alternative outcome is that in the absence of good discussion on a topic, the outcome is 'tyranny of the majority' where widespread racism or other such 'isms' dominate.
Some possible interesting approaches could be things like 'citizen juries' where citizens are randomly selected (much like they would be for jury duty) and then are required to be involved in presentation of information on a particular topic and then vote on it. The challenge then becomes deciding how to choose what expert opinions to include or present, who presents, and so forth. Still, if it means there is a voting group for an issue who are not hugely affected by lobbying groups providing cash and threatening to withdraw support if certain things don't happen, maybe that would still be an improvement
Ultimately, getting people to engage is hard and the less people engage the poorer the outcomes will probably be from democracy, because the more poorly informed the decision making will be when choosing representatives (ignoring the question of who the representatives are actually representing).

All that said, it is great to see experiments with new models for democracy. Representative democracy made good sense when communication was limited, voting on issues was geographically challenging, and so on. Things have changed, and there are new challenges, but experimenting with ideas like these are a good start in the process of fumbling towards to a functional democracy.

about 2 months ago
top

"Smart" Gun Seller Gets the Wrong Kind of Online Attention

gnoshi Re:Gun nuts (1374 comments)

Oh, and:

As for the people you speak of? As long as they do not commit a felony, so what? The fear of any given law-abiding person owning a firearm is irrational at best.

Part of the problem is that the person may not have committed a felony until they shot you in the head. Every murder, at some point, wasn't a murderer.

about 3 months ago
top

"Smart" Gun Seller Gets the Wrong Kind of Online Attention

gnoshi Re:Gun nuts (1374 comments)

Neither parent said anything about restricting guns at all.
One said that 'gun nuts go ape shit at the slightest reason', which depending on your definition of 'gun nuts' can certainly be absolutely true. The main problem here is that people often define gun nuts as those people who go ape shit at something like this so it can become a circular definition. There is no avoiding that there are people who do go ape shit at the vaguest smell of the possibility of maybe adding safety features to guns even voluntarily.
The other said 'Why yes! Those kind of people sound *exactly* like the kind of people that should have guns!' which I don't think is unreasonable either. Of all the people who could have guns, those who would employ these sorts of standover tactics and threatening behaviour toward someone who has developed a safety-related technology for firearms are the kind of people who I am dubious about having guns.

All that aside, there are varying interpretations of the second amendment (mostly hinging around membership of a militia, so far as I can tell) so what you're presenting is an interpretation. It is the one that is generally recognised by law, though, so it seems fair to run wit that.
Also, some of the proposed laws (e.g. mandatory background checks on all gun sales, better auditing of gun sales and the associated background checks) are improved coverage of the 'obvious prohibitions' you don't seem to mind. That doesn't stop 'gun nuts going ape shit' about them.

There is no "reasonable" restriction in the eyes of those who wish to promulgate these laws, save for complete abolition.

This is hyperbolic nonsense. It probably is true of a subset of people who wish to promulgate 'these laws' but it is obviously not true of all of those who would like more restrictive gun laws.

about 3 months ago
top

Report: 99 Percent of New Mobile Threats Target Android

gnoshi Re:Market Share (269 comments)

True, but you still need to set your phone to allow installation of apps from untrusted sources to install Android apps purchased as part of bundles, don't you? (Because the Humble Bundle app installs them, not the Play store).

This is an issue of transitivity of trust: Let's imagine that I trust Google Play to only include safe apps, so I install the Humble Bundle app from Google Play. However, in order to install any apps from the Humble Bundle store I have to allow the installation of all other apps. Installing the Humble Bundle app from Google Play doesn't transfer trust to the Humble Bundle app so it can't install apps. Similarly, even if the Amazon store appeared on the Google Play store, it wouldn't be able to install apps without me allowing installation from all unknown app sources.
Generally, I still have the ability to choose what does and doesn't get installed (assuming I don't activate ADB, in which case all bets are off, but I would have to actively choose to do that) so it isn't like I'm allowing any app to install whatever it wants. However, by adding an Android permission to allow an app to install other apps there could be some degree of trust transfer.
Of course, the outcome would probably be that huge numbers of apps would request the permission to install other apps and then have a field day because most people don't read the permissions anyway when they are installing, and this is compounded by the stupid Android security model that doesn't allow any permissions refinement (e.g. no "optional permissions", no "ask on first use", only "accept all the permissions or don't install"). BB has managed to have permission overrides for ages without the world collapsing, and iOS is polite enough to ask when apps want to do certain things (e.g. GPS access).

about 3 months ago
top

Report: 99 Percent of New Mobile Threats Target Android

gnoshi Re:secure from what? (269 comments)

the cheap/low-end Android phones can still be found coming out brand new with 2.2/2.3 installed on the damned things

BS

I was surprised, but you're right: when I looked at the pre-paid devices offered by several mobile providers, I didn't find any that were being sold with a pre-4.x OS version. It is no doubt still possible to buy old Android phones with old Android versions, but even cheap devices by Huawei and ZTE are now coming out with Android 4.x

Unfortunately, because manufacturers often provide very poor ongoing support for devices, a large number of devices already in the market will never be updated. In that way, I agree with the parent's parent: Apple can get props (relative to many Android device manufacturers) for providing relatively long term OS/security updates.

about 3 months ago
top

DarkMarket, the Decentralized Answer To Silk Road, Is About More Than Just Drugs

gnoshi Re:Like a note in the blockchain: 'dodgy stuff her (251 comments)

Was the goal of the SR bust to get the individual dealers though? Tumbling is an interesting way of obscuring the source, although I don't imagine it will be terribly long before you start seeing tumbler operators going to gaol for money laundering (which is exactly what they are doing). There are also a range of limitations to tumbling: it is only effective if there are BCs from numerous sources, and no individual has a disproportionately large number of BCs in the pool (otherwise he/she will just wind up with a disproportionately large number of their own BCs).
It isn't impossible to track a transaction through a tumbler, although it is difficult (which is how it is possible for people like this to hunt BC thieves, but that needs real-time intervention).

But yeah, tumblers can provide some level of anonymity to those who do use them.

about 3 months ago
top

DarkMarket, the Decentralized Answer To Silk Road, Is About More Than Just Drugs

gnoshi Re:Like a note in the blockchain: 'dodgy stuff her (251 comments)

It's an interesting idea, but if you could do that then the transaction information attached by DarkMarket would not be valuable/useful because it would be possible to forge that information. Otherwise a good idea, though.

about 3 months ago
top

DarkMarket, the Decentralized Answer To Silk Road, Is About More Than Just Drugs

gnoshi Like a note in the blockchain: 'dodgy stuff here' (251 comments)

Maybe I'm confused, but it sounds to me like what 'DarkMarket' is doing is irrevocably marking some transactions as being associated with DarkMarket. That strikes me as much like writing 'I was used to buy drugs' on a $50 note except that someone can check the entire transaction history of the $50 note back to the beginning of time.

I guess it will be interesting for researchers assess the proportion of BC that is being used for dubious purposes (unless you actually believe things like 'banned books' are going to be traded on DarkMarket except at the very margins), and feds who want to find people selling drugs (because BC itself is not anonymous).

about 3 months ago
top

Next-Gen Thunderbolt: Twice as Fast, But a Different Connector

gnoshi Re:Intentional sabotage? (178 comments)

Could be worse. You could be using the more expensive Matrox 'doodad' which is like the Belkin one but doesn't have a chaining port.
"Oh, you wanted to be able to connect in another device... that's too bad"

about 3 months ago
top

Next-Gen Thunderbolt: Twice as Fast, But a Different Connector

gnoshi Yay! A new too-expensive-to-use connector! (178 comments)

I, for one, am excited about this new super-fast connector for which all the peripherals will be too expensive to buy. I know that when firewire was being replaced by Thunderbolt, I was worried that they may do away with the chaining that means any hard drive case or breakout unit which doesn't have a pass-through becomes a dead end. Now, with this new Thunderbolt I can be comfortable in the knowledge that there will still be a whole array of amazing devices all of which are too expensive for me to possibly want to buy.

(Note: Thunderbolt is great for some people, but those people are probably the ones that have the company paying for the extra displays and drives)

about 3 months ago
top

Our Education System Is Failing IT

gnoshi Re:Not our education system (306 comments)

First, the majority of people do not possess the ability to think critically.

Yes.

You can't teach that skill. You can try to foster what ability a person might have but you can't turn someone with no ability to think critically into someone who exemplifies that ability. By middle school someone either can think for themselves or they can't.

No. There has been a lot of research on critical thinking in both psychology and education, looking at both the ability of people to engage in critical thinking and the extent to which it can be taught. Typically what is found is that critical thinking is not particularly innate, and that people improve considerably with teaching. Some people grasp it more readily than others, but (like a great many talents) with training and practice most people can become proficient. Quite a few university degrees (e.g. philosophy, some areas of psychology, and if you're lucky politics) include specific courses on critical thinking and formal logic.

about 3 months ago
top

$42,000 Prosthetic Hand Outperformed By $50 3D Printed Hand

gnoshi Re:Obamacare exists because... (288 comments)

An in Australia, if you tried to reverse that you'd get lynched.
People here generally feel that everyone should have access to healthcare regardless of income.

about 3 months ago

Submissions

gnoshi hasn't submitted any stories.

Journals

gnoshi has no journal entries.

Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Create a Slashdot Account

Loading...