Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. ×

Comment A bad tradeoff: power over users vs some speedup (Score 1) 76

I wouldn't be worried about the caching from third parties picking up snapshots (ala Internet Archive's Wayback Machine) because I doubt there's any way one could make the organization delete their copies on the basis of a third-party bug (the web is global and no single legal regime covers it all), particularly when adversely affected users need only change their credentials to avoid inadvertent credential exposure.

As to allowing a few organizations act as gateways to the information on the web: that's a major issue and I charge the sites that choose to use the caching services with the responsibility. It's bad enough that the web is so centralized—there's no easy way to replicate even websites that have largely static data so that one can browse them offline, for instance. But caches one can't avoid make this worse by making users contend with single points of failure that are also empowered to needlessly require Javascript, discriminate against traffic from VPNs, etc., on behalf of so many websites. My experience is that admins who choose to use such cache services aren't so picky about the elements I recommend against (browse with JS off, eliminate a site's cookies soon after the need for those cookies are gone, don't run nonfree software, etc.). Unavoidable caching is a very bad choice and the caching feature strikes me as no benefit worth the price of giving away such power.

Comment David Manning says "But wait, there's more!" (Score 1) 48

Not just a rootkit, there's also another new patent-encumbered format you don't really need for doing something you'd be better off doing another way, and proprietary firmware that will take away advertised features at some as-yet unannounced date. David Manning says it's "this year's hottest new star!" but I think you'll BE MOVED to consider other options.

Comment Committed to the least they can get away with (Score 2) 121

Microsoft, owner of Skype (which Microsoft changed specifically for spying, not that Skype was trustworthy under its previous owner either as The Guardian tells us, "Eight months before being bought by Microsoft, Skype joined the Prism program in February 2011.") and NSA "provider" since 2007-09-11 (the NSA's first PRISM provider) wants us to understand their "commitment to our customers' security". Apparently that commitment is as little as they can get away with.

That's true of every software proprietor, Google included. The problem is the lack of software freedom which is designed to leave users at the mercy of the only programmers allowed to inspect, alter, and publish improvements to the proprietary software—these are the very programmers users couldn't trust with their security in the first place.

Comment Software freedom for cars is necessary. (Score 2) 102

I don't think that will be sufficient or even a good plan for the car owner.

The correct and complete solution is simple (and it's high time /. readers start endorsing this to each other and to their Congressional representatives): complete corresponding source code for all of the car's software licensed to the car owner under a free software license. I recommend the AGPLv3 or later in order to help maintain software freedom when people provide remote services to do this job. This would allow the car owner to have an application they trust running on and in the car which allows them to list all connections to other parties and selectively break whichever connections they wish ad-hoc. Few dealers would prefer this because it cuts them out of the loop; only dealers that genuinely want you to have the best available support and service, even extending beyond the dealer's business.

Practical problems with a dealer-only arrangement include: no possibility of getting this fixed ad-hoc (dealers in the US often don't do business on Sundays) which means your privacy means less to them than their ability to engineer new monopolies, no way to trust that the connection to someone's monitor is complete (you're trusting the dealer not to screw you but they have already shown a desire to do that in other ways), dealers are like any other business in that they sometimes go out of business which leaves car owners in the dark for getting this operation done, cooperative dealers are sometimes too far to realistically deal with (if I sell the car from the US mainland to someone in Hawaii they won't want to ship the car back to get this done because their Hawaiian dealer either doesn't exist or isn't cooperative).

Comment Don't trust proprietary SW or their services (Score 0) 29

It appears that multiple posters are buying right into the unproven, undefended assertions the article makes. A couple of strong claims go well beyond the article author's knowledge.

If you are worried about hackers or government agencies accessing this data, you shouldn't. As long as you properly secure your iCloud account with a strong password and two-factor authentication, the data is only accessible by you.

For all one knows, Safari, a proprietary program running on proprietary OSes, uploads data to the user's server account encrypted with two keys, one supplied by the user the other by Apple. This would allow Apple to decrypt the data and access whatever they wish. Without knowing what the software does we can't assert that users ought not be worried about others gaining access to their data.

The article also claims

Apple may be in the process of fixing this, as some accounts are now only showing two weeks worth of deleted records. It isn't clear why all records have not been purged.

Unfortunately this result is indistinguishable from Apple hiding data from users. Any competent developer knows how to not return all the data in the database to a user's query. Any competent sysadmin knows how to move data from one place accessible to the user interface to another place only accessible to Apple. In other words, we can't know if data is "purged" as the article claims.

Comment Why don't you let Sony treat you badly today? (Score 1) 45

So this is what the shills have to offer—a blanket and unjustified declaration that people in the know (who presumably read /.) should not only be willing to be treated badly but an attempt at narrowing the scope of allowable debate to exclude reminding people of Sony's horribly bad choices which treat consumers badly ("pointless rant"). Sony's defenders/shills must be seeing the increasing retelling of such stories as a threat, otherwise there would be no need for posts such as the parent post in the first place.

Comment There's no unilaterialism with software freedom (Score 1) 95

Please guys that write this stuff - you cannot make unilateral decisions on security and not impact workloads. Yes, the average Internet user is an idiot and needs to be protected, but those non-idiots don't have the hours of time needed to get around your unilateral coding decisions.

Apparently they can and they do just that, hence your plea for help. But discussing this in terms of your workload is really discussing a distraction. Computer owners benefit from software freedom because software freedom grants users the ability to make the software do what they want it to do. If your chosen Java runtime doesn't behave the way you want, pick a free software Java runtime and customize it to be more efficient for your needs. If Firefox doesn't have the UI you want, you can customize it to gain that UI or port older code you liked to the current version. Sure, this comes at a price: learning development, testing code, documenting one's work, and possibly coordinating changes with others (such as publishing for upstream adoption). But the alternative is non-free software where you don't have options and you beg developers to see things your way—as you said, the proprietors "make unilateral decisions" and these decisions affect more than just security issues. Software freedom lets you decide how much you want others to control your computer.

Comment You can stop funding the people that harm you. (Score 1) 146

A perfect example of the point I made earlier and previously when talking about Star Wars under Disney versus under Lucas. Not funding your own oppression is hardly radical, it's quite sensible to recognize that politics are very much a part of the matter involved in dealing with corporate media (such as Hollywood movies and TV shows). This also isn't a matter of seeking perfection -- if /.ers stop paying to see Star Trek we don't take down Paramount -- that argument puts more power in your hands than you have (flattery) and then tries to argue how you shouldn't use that power to get what you (presumably) want: more Star Trek-related works and the option of being a participant in that, not just a consumer. It's a matter of recognizing whether you want your money to go toward organizations that needlessly restrict their biggest fans from celebrating the work or organizations that show they're not jerks by letting the derivative works coexist and even considering them a challenge to come up with better plots, interesting characters, and another innovative series.

Comment RT blew a chance to get an answer on this (Score 1) 564

Earlier today, Melinda Taylor (one of Julian Assange's lawyers) spoke to RT from The Hague. But unfortunately the interviewer stacked so many different questions on top of each other in his interview with Taylor, she could easily escape having to plainly answer whether Assange will turn himself in to the US sometime in May after Manning walks free. At one point (2m06s) the interviewer asked:

Right, so what is the likely outcome of that going to be? What's your best guess at the moment, you are one of his lawyers, what do you think is gonna happen next? Are we gonna see him going off to America? Is there some sort of deal behind the scenes as well, you think? There has been some surmising that there may be some kind of behind-the-scenes deal in Obama's last few days to finally try to get him to go over to America. Is that—any mileage in that or not?

RT's article about this (https://www.rt.com/on-air/374100-assanges-lawyer-melinda-taylor/) currently redirects to their news page instead of showing the article "Assange's lawyer Melinda Taylor talks to RT".

Comment Freedom is cheaper and safer in the long run. (Score 1) 124

So many /. posters won't do this eminently sensible thing. A story comes out about how copyright term extension hurts Americans and lots of people who read /. know that Disney was a big push behind the Sonny Bono Act, but /. won't stop giving Disney their money anytime a Star Wars movie comes out. Paramount alienates their core audience by not only not making more Star Trek TV show episodes but working to restrict or shut down fan-made shows. /. readers won't stop seeing Star Trek movies in the theaters (and probably already paid CBS in anticipation of the next Star Trek TV show). They also won't run free software because it might get in the way of their gaming. And I'd bet most of them own trackers (cell phones, mobile phones) despite the non-freedom and constant tracking. Privacy, security, and not handing over sovereignty to corporations are all things to be given lip service to here but not actually acted on by making wise choices and having the spine to say "no" on principled grounds.

Comment You could choose software freedom (Score 4, Informative) 503

All proprietary software should be suspected of being malware. Microsoft Windows before version 10 was known to not behave in the user's interest and certainly not in the user's control (as per the definition of proprietary software). Microsoft tried pushing a Windows 10 "upgrade" on users by force, for example. Other "features" in Windows 10 (such as ignoring a user's privacy settings and doing what is in Microsoft's interest) were simply more along this line. Microsoft's aggressive sales tactics pointed to in this /. story are another example. In time there will be an announcement that Windows 7 will no longer receive updates and the hard sell for Windows 10 (or some other Windows variant) will continue. The question for all Windows users is how much more treatment like this they'd like to receive. It's never been easier to switch to a fully free software OS and run nothing but free software on top of that.

Comment Re:A lack of software freedom can be lethal & (Score 1) 60

So the threat of death is enough for you to argue the status quo standing behind proprietors and denying the user full control of a device they obtained (in Sandler's case wear inside their body) but not enough for you to let the user control. We still don't think that's the case for more common devices that are involved in lot of harm such as cars. In light of what's actually already happened to Sandler, your response is remarkably sycophantic to power. Automakers would probably be interested to talk to you in light of the ongoing embarrassment they face in Dieselgate.

Interested people already modify the source code to the software running on various devices, it's a matter of which people get to inspect, share, and modify. For all you know, in Sandler's case she could take said code to someone who is sufficiently skilled. In any event, to whom the user takes the source code is nobody's business but theirs and not a justification for the failures that have already occurred or foreseeable problems to others.

Comment But are users smart to rely on proprietary luck? (Score 2) 145

Chrome does that now, but Google could make Chrome behave differently and not ask, simply accept the new plugin (with its spying turned on by default) without prompting the user.

Ultimately this allegation of "smarts" is not under the user's control, it's unsafe and a minor stroke of luck that things happened to work out the way they did for now. It doesn't strike me as smart to dismiss this as a settled matter, just as it was not smart for Microsoft Windows 10 users to believe that the OS privacy settings were being obeyed when they weren't.

Comment A lack of software freedom can be lethal & sca (Score 4, Informative) 60

Karen Sandler, Executive Director of the Software Freedom Conservancy, has an enlarged heart (hypertrophic cardiomyopathy) and is at risk of suddenly dying (due to a medical condition called "sudden death"). She has no symptoms. She has given a talk about this many times at tech conferences, you should be able to find a copy of her talk online quite easily. She calls herself a "cyborg lawyer running on proprietary software" because she needs to wear a pacemaker/defibrillator device on her heart which keeps her heart beating within a predetermined acceptable range (not too slow, not too fast) by shocking her heart until it beats at an acceptable rhythm. Sandler said she's been shocked before and it's like being kicked in the chest and it takes the wind out of her for a while, requiring her to take some time for recovery.

She knew of software freedom and figured on these weaknesses in these devices, some of which can be controlled remotely at some distance, because all of them run on proprietary software. She tried to get the source code, even offering to sign a non-disclosure agreement to do so, and nobody would share the code with her. She said she was the only one to ask her doctors about what ran on the device. She therefore chose an older model which requires the "programmer" device which sends a signal to the pacemaker/defibrillator be quite close to her body so that she'd probably know if someone were doing things to her device. The lack of software freedom and full user control (ownership) of the device is quite obviously a health risk and possibly lethal. Don't let anyone tell you a lack of software freedom isn't serious.

An interesting thing happened during her pregnancy, which she explained in an update to her talk: She learned that a pregnant woman's heart sometimes naturally races. For most women of childbearing age this isn't a problem as they're unlikely to need a pacemaker/defibrillator, so their heart can occasionally race without serious consequences. For Sandler this racing triggers the device to shock her back into an "acceptable" heart rhythm. It appears that the pacemaker/defibrillator device makers didn't test this device on women young enough to be of childbearing age but they're apparently happy to sell the devices for implanting into users of any age. This lack of testing in combination with the lack of software freedom means the device manufacturers aren't doing due diligence and they're preventing younger women, such as Sandler, from looking out for their own interests—avoiding "sudden death". One can only imagine what horrible multiply lethal outcome could predictably result for a pregnant woman with the same condition Sandler has whose heart races when she was driving while receiving a shock from her non-free pacemaker/defibrillator device. Don't let anyone tell you a lack of software freedom isn't serious.

Slashdot Top Deals

A committee takes root and grows, it flowers, wilts and dies, scattering the seed from which other committees will bloom. -- Parkinson

Working...