Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!



Future Hack: New Cybersecurity Tool Predicts Breaches Before They Happen

raymorris Mostly Wordpress, then. 50% accurate: all sites (7 comments)

I see of the top "features" they identified, mostly is just various tags that mean Wordpress is in use. So they learned that Wordpress sites tend to get hacked. Duh. The Wordpress team isn't interested in security. I demonstrated an exploit for a serious vulnerability in Wordpress and submitted it to their bug tracker. For two years it sat, with one WP developer saying "it can't be exploited" - even though I attached an exploit directly to the tracker issue. Two years later, the vulnerability was added to a 'sploit kit and thousands of sites were compromised over the course of just a few days. That's when WP finally got around to patcing the clear and significant vulnerability.

I see TFA claims "66% accuracy". "All sites will be hacked at some point" is about 50% accurate. I bet we could have 66% accuracy simply by saying "sites running PHP 5.2 or below will be hacked."

just now

Microsoft Lobby Denies the State of Chile Access To Free Software

raymorris Chile is America? South America I guess (64 comments)

> America brands itself ...

Chile is America now? This article is about politics is Chile.

1 hour ago

Ask Slashdot: What Do You Wish You'd Known Starting Out As a Programmer?

raymorris C and Basic(.net) to learn both sides,tree forest (373 comments)

I think it's very valuable to be at least a little bit familiar with C, so you understand what the interpreter or .NET runtime is doing behind the scenes, and something like a .NET language for a bigger view. For example, I didn't really "get" objects until I worked on VB for a while. Graphical objects like text boxes and buttons are clearly objects which have their own properties, events, and methods. Until then, I thought of objects as little more than function libraries. Working in C or something else low level, sometimes you can't see the forest for the trees.

On the other hand, people who only know very high level, highly abstracted, languages routinely do stuff that's obviously incredibly stupid - obvious to the person who can roughly translate that C# into ansi C. If you don't know what the runtime is doing behind the scenes, you don't realize that while you could access the disk 1,000 times, you're instead accessing it 1,000^2 times (1,000,000).

Not that everyone should be GOOD at C or assembly and good at Java or .NET, but being familiar enough with both high and low level will make you much better at whichever you prefer.

1 hour ago

Smartphone Kill Switch, Consumer Boon Or Way For Government To Brick Your Phone?

raymorris All roads lead to Rome. (you're both silly) (267 comments)

You're both being silly. Roads, including PAVED roads, have existed for THOUSANDS OF YEARS.
  Appius Claudius Caecus, a government official in Rome, commissioned the Via Appia (Appian Way) over two thousand years ago, but thousands of years before that there was a road to Bethhoron. Consider also:

Then they said, Behold, there is a feast of the LORD in Shiloh yearly in a place which is on the north side of Bethel, on the east side of the highway that goeth up from Bethel to Shechem, and on the south of Lebonah.
Judges 21:19

As marauders lie in ambush for a victim, so do bands of priests; they murder on the road to Shechem, carrying out their wicked schemes.
Hosea 6:9

Raise your hand if you know all about Canaanite infrastructure projects in the third millennium BC. I'm going to venture a guess that neither of you have any idea how the roads in Horeb were built.

Those would be early examples of _improved_ roads. Roads, as named routes, existed in the stone age. Which one of you is going to claim you were at the tribal council meeting in Grog's cave 14,000 years ago to witness the road improvement project being contracted out to Ork?

6 hours ago

Google Receives Takedown Request Every 8 Milliseconds

raymorris not just theory, knowingly false = actual damages (154 comments)

> In theory false takedowns could be pursued in court.

The statute specifically says that if someone KNOWINGLY misrepresents tge facts in a DMCA notice, they can be sued for actual damages. In contrast , someone who NEGLIGENTLY infringes can be sued for statutory damages. Knowingly is a much huger standard than recklessly or negligently. If Google can prove that Warner Brothers KNOWS a notice they are sending is bogus, Google can sue for their actual costs, about $5. That's in the DMCA law , and that's the problem with tge DMCA law.

> The real problem here is automated takedowns.

The automated notices you're talking about are sent recklessly or at least negligently. If Google and the target could sue fir reckless notices and receive statutory damages, that would solve the problem.

> How can you have a computer send

You had your computer send that message to Slashdot's computer. You did so carefully, not recklessly or negligently.


Google Receives Takedown Request Every 8 Milliseconds

raymorris I own Apache code. I allege your post infringes it (154 comments)

As an author, I own rights to Apache httpd.
I allege that your post infringes my copy rights on Apache and demand that Slashdot remove your post.

I am indeed "the owner of an exclusive right that is allegedly infringed." My ownership of my Apache contributes is a true fact. I allege that you've infringed those rights. The perjury part applies (only) to my statement that I do in fact own the rights to my contributions. Whether or not your post infringes my rights is for a judge or jury to decide, because it's a complicated question.

Whether or not the whole complaint is true is the subject of the "knowingly misrepresents" clause, which would be better if it was "recklessly misrepresents" or "negligently misrepresents".


Google Receives Takedown Request Every 8 Milliseconds

raymorris Yeah, we objected to the "knowingly" false. Neglig (154 comments)

Yeah, an earlier draft was better, but since you can only recover damages for KNOWINGLY false claims, and there are no statutory damages, it allows large-scale bogus claims. Truly, though, if it allowed damages for recklessly false or negligent claims, and had statutory damages, that would pretty much fix it. The procedure outlined in the law is actually pretty good. The content goes right back up if the person who posted it says it's not infringing. It's just the lack of any penalty for reckless claims that screws up an otherwise pretty reasonable law.


Google Receives Takedown Request Every 8 Milliseconds

raymorris DMCA has a section for search engines. Full text (154 comments)

The DMCA has a section titled "Information Location Tools" which covers linking. Here's the relevant text of the law:

        for infringement of copyright by reason of the provider referring or linking users to an online location containing infringing material or infringing activity, by using information location tools, including a directory, index, reference, pointer, or hypertext link, if the service provider—
                (A) does not have actual knowledge that the material or activity is infringing;
                (B) in the absence of such actual knowledge, is not aware of facts or circumstances from which infringing activity is apparent; or
                (C) upon obtaining such knowledge or awareness, acts expeditiously to remove, or disable access to, the material;

Further up, it says that once you've received a DMCA notice with all the blanks filled in, you have actual knowledge. So Under d 1 c, after receiving notice a search engine or other locator service (torrent tracker) must "acts expeditiously to remove, or disable access to, the material"

The problem is that there's no statutory damages for even knowingly false claims, and no damages at at for reckless claims.
Adding statutory damages for reckless claims would mean these big companies would stop filing all the reckless claims.


Google Receives Takedown Request Every 8 Milliseconds

raymorris perjury re identity only not accuracy. EZ fix DMCA (154 comments)

DMCA requires a statement:

        "under penalty of perjury, that the complaining party is authorized to act on behalf of the owner of an exclusive right that is allegedly infringed."

The perjury statement is just that the person sending the complaint is an authorized representative of the _alleged_ owner.
In other words, if you or I sent a complaint that someone is violating Bill Clinton's copyright, THAT would violate that section, because we're not authorized to enforce Clinton's rights.

As to the accuracy of the complaint, DMCA provides that you can be sued for actual damages if you KNOWINGLY file a false complaint. "Knowingly" is a special word in law, with a carefully established definition. It means more than recklessly or negligently. To sue them, you have to prove that they KNEW it was bogus. If they filed it without caring whether or not it was bogus, that's insufficient. It would be better if you could sue for reckless or negligent claims, but you can only sue for knowingly false claims. Changing that one word from "knowingly" to "negligently" or "recklessly" would go a long way toward fixing DMCA.

Secondly, the bogus claimant can be sued only for actual damages. Suppose it costs Google $5 to process each takedown. For a knowingly false takedown notice, they can sue to get that $5 back. They're not going to pend $100K to sue someone for $5. Not going to happen. What would fix that would be the same thing that holders of registered copyrights have under the law - statutory damages. The current text of the law is:

        Any person who knowingly misrepresents ... shall be liable for any damages ... incurred

We could just change that to:

        Any person who RECKLESSLY misrepresents ... shall be liable for the greater of $25,000 or any damages ... incurred.
        Any person who negligently misrepresents ... shall be liable for the greater of $10,000 or any damages ... incurred.

A Google lawyer could then sue Warner Bros for 100 reckless notices and damages would be _at_least_ $2.5 million which pays the lawyer's salary for several years. They'd settle for the $1 million "negligent" amount, and Google could have a staff of lawyers suing all the assholes, hitting them for a million dollars each time until they stopped sending notices recklessly.


Introducing Slashdot's New Build Section

raymorris Must be one of your posts I can't see (34 comments)

Whatever you're talking about must be one of your posts removed by my filter.
I'm adding a few words from this post to my filter, so I won't be able to see any replies you might make.
Have a great day, spamming piece of shit.


Google Receives Takedown Request Every 8 Milliseconds

raymorris They'd become liable,thanks to DMCA (1998) (154 comments)

If they asked for evidence, they'd become liable for any infringement. This is all controlled by the Digital Millennium Copyright Act of 1998. Under DMCA, when they receive a notice, they have to remove the content. If the other side sends them a counter-notice, they have to put it back up. If the complainant then notifies the carrier that they are filing suit in federal court, the carrier takes the content own again. If they choose not to follow this procedure, if they set themselves up to judge the evidence, they then become liable for any infringement. In other words, if they are going to judge the evidence, they better get it right 10% of the time, always coming to the same conclusion that a judge or jury does later. Otherwise, Google would be liable for any instances where the court disagreed with Google's decision. The problem is that DMCA doesn't effectively provide penalties for filing bogus notifications. You can send out completely false notifications and have things taken down all day long and nobody can do anything to stop you (almost). DMCA does one good thing in that it allows Google (or a web hosting company, or Slashdot) to operate without having their own internal court system to decide these things. The problem is that it requires Google to do the claimant's bidding without any cost or risk to the claimant.


Google Receives Takedown Request Every 8 Milliseconds

raymorris Clinton is a republican? (154 comments)

DMCA is 1998, so Bill Clinton.


Solar Plant Sets Birds On Fire As They Fly Overhead

raymorris That's true. Crap, you're reasonable. (478 comments)

There is that. I just clicked on your post history and saw that your last few posts seem to be quite reasonable and level-headed. I guess that means I won't have the opportunity to use this joke. If you were a goofball extremist, I'd have to reply to one of your comments by saying: What are you, stoned out of your mind?

ganjadude said:
Whatever blah blah

Oh Ganjadude. Never mind.


Solar Plant Sets Birds On Fire As They Fly Overhead

raymorris International Rivers for more information (478 comments)

Ps, International Rivers is a good place to start if you want to know more about the environmental damage done by dams, particularly large dams as used for hydroelectric power. They are advocates of course ; just as the ASPCA isn't objective about animals, International Rivers isn't objective about rivers. They advocate for what they believe is right, but each is a good source of information about their side of the side of the issue.


Solar Plant Sets Birds On Fire As They Fly Overhead

raymorris best and worst for wildlife are (478 comments)

I don't have figures for birds specifically handy, but I can tell you the best and worst for wildlife generally. Ignoring minor things like tidal power, the two best are geothermal and nuclear. It's too bad that geothermal is limited to certain geological areas, because it's pretty good on all measures. It releases some greenhouse gases and often requires fracking, but it's pretty safe for wildlife and generally a good idea. Nuclear is quite clean, except of course on the two instances of a major accident.

The worst for wildlife are coal and hydroelectric dams. Hydro surprises some people, but in the best case a dam starts outby destroying a large swath of habitat, then permanently disrupts fish migration and the ecosystems dependant on the waterway. In the worst case, Banqiao. The Banqiao hydroelectric dam disaster was far, far worse than any nuclear accident ever has been.


Comcast Training Materials Leaked

raymorris true. laws against competition suck. Google fiber (237 comments)

That's true, they have little reason to care about serving the customer. All that does is help them upsell to a more expensive package, voip, etc. There's no competition , due to legally enforced franchise monopolies.

    Some people correctly point out that in a perfect world, with perfectly unselfish people, and people who all have identical preferences, it would be most efficient to have only one company providing lines to each home.

That's true of course. In a perfect world, it wouldn't make sense to have two cell towers covering the same area. It would be more efficient more Verizon to build towers in one state, Cricket to build towers in another state, and Cricket to cover a third state. Of course, people are not perfectly unselfish, and people do have preferences. Because Boost Mobile doesn't have a monopoly, because other companies have towers covering the same homes, Boost has to compete on price and service. It's not perfectly efficient, but it works much better than an "efficient" monopoly like cable.

Come to think of it, it's pretty inefficient to have two grocery stores right next to each other, Whole Foods and Walmart. It would be more efficient for one store to serve the neighborhood, getting rid of the duplication. Rather than arbitrarily allow one company to run the store, we could have the government run the store in each neighborhood. Like the USSR. It sounds stupid when you replace "cable service" with "cell phone service" or "grocery service", but the facts are the same- avoiding duplication would be more efficient. It only works well if people are perfect, though; perfectly competent, perfectly unselfish, and if people don't have different preferences.

I want a strong signal on my cable modem, so it is very reliable, and fast response to problems because I rely on my cable internet. For my phone, price is more important. Your preferences may be the opposite. That's fine, I can use Boost Mobile because they're cheap and in the same place you can whichever company gives you what you want.

I can't wait until Google fiber comes to town and the cable company has to start competing on speed, price, and service.


Comcast Training Materials Leaked

raymorris FIRST fix the problem. Happy customers buy more (237 comments)

In my business, about 90% of customers who called to cancel ended up buying more, and leaving happy.
The difference is, we solve their problem, make them a HAPPY customer, THEN see what more we can offer that further meets their needs.

Here's a typical call:

Customer: I want to cancel.
Me: Sure, no problem. While I do that, I'm curious, is there something about the product that wasn't meeting your needs?
C: Your product doesn't do X.
Me: Oh, yes, that is important. Our product can actually do that for you, one second ...
[keyboard tapping]
Me: You're now configured for X, and the cool thing about the way we do X is ...
C: Oh, uhm, that's cool I guess.
Me: If you ever want to do X++, we can certainly do that for you too.
C: That's pretty cool. I never knew you could do that.
Me: Our product has a lot of features that aren't immediately obvious, so if there's ever anything you need, just let us know and we can probably help you.
C: Hidden features? Like what?
Me: Y, and Z are kind of handy. Come to think of it, since you said you want to do X, you might want to do ABC with that. Last week we just released an addon that does ABC.
C: Gee, I could really use ABC. How do I get that addon?

2 days ago

Introducing Slashdot's New Build Section

raymorris That would be interesting. I'd include APK remover (34 comments)

User-uploaded CSS would be interesting. I bet I could figure out a way to do the following in pure CSS. Right now it's a user.js file.
It sets display: none on any posts by APK so I don't have to scroll past his spam on my phone. // ==UserScript== // @name NoAPK // @namespace // @include * // @version 1 // ==/UserScript==

if(window.location.hostname.indexOf("") > -1)
        var xpath = '//li[contains(concat(" ", normalize-space(@class), " "), " comment ") and contains(., "hosts file") and contains(., "apk") and string-length(.) > 10000]';
        apkposts = document.evaluate(xpath, document, null, XPathResult.UNORDERED_NODE_SNAPSHOT_TYPE, null);
        for ( var i=0 ; i apkposts.snapshotLength; i++ )
                apkposts.snapshotItem(i).style.display = 'none';

2 days ago



ask - what do you think caused the NSA to start collecting so much data?

raymorris raymorris writes  |  about 7 months ago

raymorris (2726007) writes "Many people believe that the NSA collects far too much data, violating the privacy rights of the very citizens the NSA is supposed to protect. How did we get here? What specific structural or cultural changes can be identified that led some to believe it is okay to engage in this sort of broad dragnet surveillance as opposed to getting specific court orders for specific suspects?

Many people simply assign the blame to the opposite political party, which doesn't get very far in solving the problem and ensuring it doesn't happen again. Can we look at specific, identifiable factors and show exactly how they directly caused the intelligence community to get off track? For example, precisely which sections of which laws are being used to justify these programs, and what caused those laws to be passed? Is the surveillance directly authorized by law, or do the justifications require "creative" interpretation of the law?

In order to avoid getting into yet another fruitless political flame war and keep the discussion factually focused, please provide citations where possible."

Link to Original Source

Linux based drone copter goes mainstream, fully hackable with HD for under $300

raymorris raymorris writes  |  about a year and a half ago

raymorris writes "The recently released AR.Drone 2.0, running Linux 2.6 brings hackable drones mainstream at under $300. The wifi controlled drone copter running open source software includes a 1Ghz processor, an HD video camera, and a second downward facing camera onboard."
Link to Original Source


raymorris has no journal entries.

Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>