Follow Slashdot stories on Twitter


Forgot your password?
Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×

Comment Explicitly destroying objects (Score 1) 239

I'm working in Unix and Network programming and also Systems programming, and I made an early habit of explicitly destroying / releasing / closing resources that are not needed anymore, even when they are reclaimed by the OS when the program exits. This includes in particular open files, and all kinds of network descriptors. Why? Because most of my code usually ends up repackaged into libraries and reused inside longer running programs (i.e. inside loops); and not being disciplined about releasing resources would result in all kinds of leaks. This is particularly bad when that code gets reused inside device drivers.

Of course, things got a lot easier once I switched from C to C++ and the STL and RAII idiom, but trying to release resources is still ingrained in my muscle memory; it takes a conscious effort in C++ NOT to explicitly release a resource acquired through initialization.

Comment Re:How to escape being compelled to decrypt your d (Score 1) 319

Please help refine this by pointing out shortcomings of this scheme.

The shortcomings is that the encryption is visible to the average guard and unnecessarily raises eyebrows.

How about this (on Android)? You install two operating system images on the phone, say, two instances of CyanogenMod, one encrypted, and the other non-encrypted, and you setup the boot loader TWRP so that it usually boots the unencrypted one. So, if the unsuspecting guard boots the phone, he'll be able to login and see a perfectly regular OS. But if YOU want to access your confidential files, you reboot the phone into TWRP with the usual key combo, and then you boot into the encrypted instance of the OS. Added bonus: you modify TWRP so that it doesn't even display that encrypted OS in the list of available bootable partitions.

Shortcomings: forensics will show that there is an encrypted partition on the phone... if they ghosted it. But if it is just the guard booting up the phone and nosing around a little bit, you're pretty safe.

Comment Always use a "clean" phone when travelling abroad (Score 1) 319

It's worth repeating ad nauseam: when traveling abroad, always use a new clean phone, i.e. another phone with a new SIM card that is not linked to your Google and other accounts... It's not just the US that seizes or snoops on phones at its borders, foreign countries do so as well. Basically, once they got hold of your phone and take it out of your sight for a couple of minutes, you never know if it hasn't been copied, and bugged. And when you're back home, always assume the phone has been physically tampered with, and make sure to throw it away (or sell it e.g. on eBay to some poor unsuspecting buyer, fair warning would be nice though). Sorry, but that's the way it is.

Comment Still waiting for that damn Windows 10 download (Score 1) 151

On one of my Windows 7 machines, I actually reserved the Windows 10 upgrade many months ago, but nothing happens. Clicking on the icon in the task bar always shows "Your upgrade is reserved... blah blah blah". So it's kind of funny to be nagged by GWX, and at the same time to wait in vain for a download that never completes. Not that it matters that much to me, it's just funny. If it doesn't complete by the deadline, that machine will stay on Windows 7 which runs just fine. I got an upgrade on another test machine without any problems; and all this is only to analyze the behavior of Windows 10 w.r.t. security. Real work with sensitive data I do on Linux and FreeBSD anyway.

Comment Re:Different expectations (Score 1) 1592

Indeed. And even if we opt for a USE, there are different models for such a USE: a centralized ideal French-style, a federalized one German-style, ... and economically, a more socialist-authoritarian one French/German-style, a more capitalist-liberal one British/Eastern-European-style. Trying to find a common ground and to converge towards a model that is acceptable by all member states is nearly impossible. Just look at the total fiasco that the single currency Euro turned out to be: due to different financial philosophies between North and South, the whole Euro-Zone is shattered, and their central bank is printing billions of Euros like there's no tomorrow, heading right towards a super crash. Frankly, the anti-USE in the UK have won, and it pains me to say: they were right. I too was hoping for some kind of USE, but I grew disillusioned. I think right now that the EU should be rebooted and rebuilt (much more carefully) from scratch. On the second try, things could improve. As it stands now, keeping working on it will only add more misery to an utterly broken design, IMHO.

Comment Re:Next: France? (Score 1) 1592

Why would France wants to leave the EU? Unlike Britain, they get more from the EU in the form a subsidies than they pay into it. Those wanting to get out of the EU are those people who are feeling that they are constantly paying more than they are getting back, like the Brits (and the Germans, Finns, Dutch...). The financially poorer "Club Med countries" like France would stay as long as they can find financially more stable countries in the EU like Germany, the Netherlands, Finland etc. would will be more or less willingly footing their bills. Greece, Italy, France, Spain, ... would be the last to leave. I'll be more worried about the northerners, and, maybe the easterners at this point in time. What we're seeing right now is an "Who is John Galt?" kind of Ayn Rand-ish moment, Euro-style. Maybe more countries will quietly vanish from the EU as times flies by...

Comment Re:Opting out (Score 1) 85

Actually, very long-term sysadmin here, responsible for huge number of servers and users. Believe it or not, once you're herding a certain threshold of users/machines, you stop being curious about individuals' behaviors, porn, lives, whatever... it becomes totally irrelevant.

Those guys working at 3/4 letter agencies are in the same position: I'll bet what you want that most of them are bored senseless when they are alerted by the algorithms that they have to look into some real-life data, just to find out that it is in 99.9% a false positive, again! Sure, you'll have some rogue PFY in there too with BOFH phantasies doing his or her thing w.r.t. their near relatives, but hey, that's bound to happen anyway, with or without surveillance agencies. That's NOT the rule, that's the tiny exception.

Personally, I'm not worried at all about that kind of surveillance and their personnel; as I've said, I'm more concerned about keeping THEM and their commercial and criminal counterparts out of networks they persistently try to infiltrate for industrial espionage purposes. THAT's where they are a nuisance, not their amateurish-organized mass-surveillance business that is still in its infancy, despite claims to the contrary.

Yes, I'm strongly pro-privacy, but I'm too long in this area to be easily impressionable: there are simply logistical and physical limits to what such a system of mass surveillance can achieve; limits that can't be overcome, no matter what efforts are being put into it. Some will be worried by this fact, others will be reassured by it, but however we see it, that's life. I'd rather prefer life to be somewhat random, and not totally under control, and I think it will always remain this way, thankfully.

Comment Re:Opting out (Score 1) 85

I'd think that doing this would put a bigger target on you.

What's so bad about this? I mean, seriously? You'll be drawing a couple of mW and CPU cycles of NSA/GCHQ's computers more than they would have wasted otherwise, and occupied a couple of additional bytes in their storage system. That's all there is to it. No more, no less. As long as your behavior doesn't trigger an alert that forces a human operator to briefly look at your data, no harm has been done. And if a human op has to look, the only harm done is his or her wasted time, time that would be better put to use to investigate real targets instead of false positives. They don't care about your petty life, that's not what their mission is about.

Mass surveillance is widely overrated, IMHO. Even directed surveillance is not as effective as it should have been... so relax. The only ones who should be worried are foreign corporations whose trade secrets are being systematically spied upon, and, of course, governments who have traditionally always been a legitimate target of spying. Regular people aren't interesting enough, even though they would be flattered if it were otherwise.

Comment Surveillance can prove your innocence too (Score 1) 85

Sure, it's annoying to be tracked by algorithms around the clock via smartphones, but let's see it in a positive, or at least less negative, light for a change. Suppose you have the same name and/or a similar profile as someone who has raised some red flags and who landed on a couple of Governments' black lists. If you are really unlucky, next time you want to board a plane, you'll be in for a nasty surprise at secondary. Even if things get sorted out this time, next time you'll be again in trouble, and again, and again...

Now, suppose you are the privacy-conscious guy, who shies away from smartphones, who doesn't use credit and debit cards any more than absolutely necessary and prefers to pay cash as much as he can, and who in general keeps a low digital footprint. Now you're screwed, because you'll have a whole lot of red flags floating all around you. Not only can't you prove that you were not where your alter ego was, your disappearance from the surface makes you prime suspect and will have you listed on even more lists than ever before. Good luck cleaning your name and reputation after that! Maybe having carried your private portable Orwellian telescreen with you would have spared you all those troubles.

Yes, I know, that's not the world we would like to live in: being forced to accept surveillance as a way to prove one's innocence would have been considered a typical dystopia some 30-40 years ago, but sadly, that's where we're living in right now. We've allowed ourselves to fall into a collective panic, but that's how it is.

Slashdot Top Deals

Put not your trust in money, but put your money in trust.