wabrandsma - Slashdot User

Submission + - Music publishers sue an ISP over piracy (arstechnica.com)

Submitted by wabrandsma on Saturday November 29, 2014 @12:39PM

wabrandsma writes: From Ars Technica:
BMG Rights Management and Round Hill Music have sued Cox Communications for copyright infringement, arguing that the Internet service provider doesn't do enough to punish those who download music illegally.
Both BMG and Round Hill are clients of Rightscorp, a copyright enforcement agent whose business is based on threatening ISPs with a high-stakes lawsuit if they don't forward settlement notices to users that Rightscorp believes are "repeat infringers" of copyright.
In their complaint (PDF), the music publishers also decided to publicly post IP addresses.

Comment Re:Europe is jealous (Score 1) 237

by wabrandsma on Friday November 28, 2014 @03:02PM (#48480295) Attached to: Google Should Be Broken Up, Say European MPs

According to the new European Commissioner for the Digital Economy, Germany’s Günther Oettinger, there would be no "break up and no expropriation" with him. Oettinger: Such measures would be "instruments of the planned economy, not the market economy". Only a more competitive Europe could recover lost markershare in the digital economy. Link: Keine Zerschlagung von Google (in German).

But he also suggested a EU-wide "Google Tax": New EU Digital Chief Floats Tough Anti-Google Regulations
"If Google takes intellectual property from the EU and works with it, the EU can protect this property and can demand a charge for it," Mr. Oettinger told the daily Handelsblatt, adding that such a law could be in place by 2016.

Comment Corporate Policies (Score 2) 186

by wabrandsma on Friday November 21, 2014 @06:38PM (#48437469) Attached to: It's Not Developers Slowing Things Down, It's the Process

Corporate Policies requires that developers cannot have so called 'elevated rights' on a server. Any server, including test and development servers.
Well, that is, the developers have been granted local admin privileges for the development servers, but as a special exception to the corporate policies.

The daylight savings patch that has to be installed, requires an upgrade of the application on the server, with an uninstall and a fresh install.
With a full redeploy of the content and reconfiguring connections to ldap, databases, other servers and reconfiguring user autorizations linked to the content.

The developer documents the deployment procedure in an installation guide.

Next the the upgrade has to be deployd to the test server, but none of the developers have local admin rights for the test server.
So, resources from platform operations have to be claimed by the coordinator. For the installation and the finalization of the application upgrade.

The upgrade takes a little more than the standard 2 hours that have been reserved per week, but finally after a week a slot is available to do the part that has to be done that requires local admin rights for the test server, by someone from platform operations.

At this point, the system test has slipped by a week, on a monthly release cycle, that is a significant amount of time.

A couple of day later the upgrade is deployed to the acceptance server for user testing. Except that most of the users refuse to test the changes, because there are no new features. In their eyes it is purely a technical upgrade. Nevertheless a bug has been found, and it is declared blocking. It takes some days to resolved it. By now, due to all the previous delay, the issue has not been resolved in time to get the change in production.

The monthly release date slips. The next slot available is the next month, and the application gets finally released into production.

Essentially, it means that if something does not get tested beforehand, like a deployment procedure, it eventually gets tested in production.
That is the best way to test something, isn't it? A consequence of the Corporate Policies.

Absurd?
Now I am going to watch some South Park episodes. I like documentaries.

Submission + - Court agrees that Google's search results qualify as free speech (arstechnica.com)

Submitted by wabrandsma on Tuesday November 18, 2014 @07:32AM

wabrandsma writes: From Ars Technica:
The regulation of Google's search results has come up from time to time over the past decade, and although the idea has gained some traction in Europe (most recently with “right to be forgotten” laws), courts and regulatory bodies in the US have generally agreed that Google's search results are considered free speech. That consensus was upheld last Thursday, when a San Francisco Superior Court judge ruled in favor of Google's right to order its search results as it sees fit.

Submission + - Tor Project Mulls How Feds Took Down Hidden Websites

Submitted by HughPickens.com on Monday November 10, 2014 @03:12PM

HughPickens.com writes: Jeremy Kirk writes at PC World that in the aftermath of US and European law enforcement shutting down more than 400 websites, including Silk Road 2.0 which used technology that hides their true IP addresses, Tor users are asking : How did they locate the hidden services? "The first and most obvious explanation is that the operators of these hidden services failed to use adequate operational security," writes Andrew Lewman, the Tor project’s executive director. For example, there are reports of one of the websites being infiltrated by undercover agents and one affidavit states various operational security errors." Another explanation is exploitation of common web bugs like SQL injections or RFIs (remote file inclusions). Many of those websites were likely quickly-coded e-shops with a big attack surface. Exploitable bugs in web applications are a common problem says Lewman adding that there are also ways to link transactions and deanonymize Bitcoin clients even if they use Tor. "Maybe the seized hidden services were running Bitcoin clients themselves and were victims of similar attacks."

However the number of takedowns and the fact that Tor relays were seized could also mean that the Tor network was attacked to reveal the location of those hidden services. "Over the past few years, researchers have discovered various attacks on the Tor network. We've implemented some defenses against these attacks (PDF), but these defenses do not solve all known issues and there may even be attacks unknown to us." Another possible Tor attack vector could be the Guard Discovery attack. The guard node is the only node in the whole network that knows the actual IP address of the hidden service so if the attacker manages to compromise the guard node or somehow obtain access to it, she can launch a traffic confirmation attack to learn the identity of the hidden service. "We've been discussing various solutions to the guard discovery attack for the past many months but it's not an easy problem to fix properly. Help and feedback on the proposed designs is appreciated."

According to Lewman, the task of hiding the location of low-latency web services is a very hard problem and we still don't know how to do it correctly and it seems that there are various issues that none of the current anonymous publishing designs have really solved. "In a way, it's even surprising that hidden services have survived so far. The attention they have received is minimal compared to their social value and compared to the size and determination of their adversaries."

Submission + - Disney Patents a Piracy Free Search Engine (torrentfreak.com)

Submitted by wabrandsma on Sunday November 02, 2014 @05:08PM

wabrandsma writes: From Torrentfreak:

Disney has just obtained a patent for a search engine that ranks sites based on various "authenticity" factors. One of the goals of the technology is to filter pirated material from search results while boosting the profile of copyright and trademark holders' websites.

A new patent awarded to Disney Enterprises this week describes a search engine through which pirated content is hard to find.

Titled “Online content ranking system based on authenticity metric values for web elements,” one of the patent’s main goals is to prevent pirated movies and other illicit content from ranking well in the search results.

According to Disney their patent makes it possible to “enable the filtering of undesirable search results, such as results referencing piracy websites.”

Disney believes that current search engines are using the wrong approach as they rely on a website’s “popularity.” This allows site owners to game the system in order to rank higher.

“For example, a manipulated page for unauthorized sales of drugs, movies, etc. might be able to obtain a high popularity rating, but what the typical user will want to see is a more authentic page,” they explain.

Comment Hello Vodafone (Score 5, Informative) 206

by wabrandsma on Friday October 24, 2014 @06:43PM (#48225943) Attached to: Verizon Injects Unique IDs Into HTTP Traffic

From: Using Browser Properties for Fingerprinting Purposes.

Vodafone injects the X-VF-ACR header: 'Vodafone Anonymous Customer Recognition'. It is unclear what this header exactly does; all headers that have been seen start with the string "204004DYNMVFNLACR", followed by 16 X's, and are followed by a BASE64-encoded 256-byte cyphertext, which we were unable to decrypt. It has been suggested that this string might contain the SIM-card identifier (IMSI) or other personal information, as was found in a research conducted by Mulliner in 2010 [14]. Vodafone did not respond to requests of explaining this header. Nevertheless, the presence of this header, certainly identifies customers of Vodafone as being customers of Vodafone.

Submission + - FBI: backdoors in software may need to be mandatory (nytimes.com)

Submitted by wabrandsma on Friday October 17, 2014 @04:19PM

wabrandsma writes: The New York Times:

The director of the F.B.I., James B. Comey, said on Thursday that the "post-Snowden pendulum" that has driven Apple and Google to offer fully encrypted cellphones had "gone too far." He hinted that as a result, the administration might seek regulations and laws forcing companies to create a way for the government to unlock the photos, emails and contacts stored on the phones.

But Mr. Comey appeared to have few answers for critics who have argued that any portal created for the F.B.I. and the police could be exploited by the National Security Agency, or even Russian and Chinese intelligence agencies or criminals. And his position seemed to put him at odds with a White House advisory committee that recommended against any effort to weaken commercial encryption.

Submission + - FBI will hire no one who is lying about illegal downloading (statehornet.com)

Submitted by wabrandsma on Friday October 10, 2014 @05:59PM

wabrandsma writes: On Monday, Sacramento State’s Career Center welcomed the FBI for an informational on its paid internship program where applications are now being accepted. One of the highly discussed topics in the presentation was the list of potential traits that disqualify applicants.

This list included failure to register with selective services, illegal drug use including steroids, criminal activity, default on student loans, falsifying information on an application and illegal downloading music, movies and books.

FBI employee Steve Dupre explained how the FBI will ask people during interviews how many songs, movies and books they have downloaded because the FBI considers it to be stealing.

During the first two phases of interviews, everything is recorded and then turned into a report. This report is then passed along to a polygraph technician to be used during the applicant's exam, which consists of a 55-page questionnaire. If an applicant is caught lying, they can no longer apply for an FBI agent position.

Submission + - Test version Windows 10 includes keylogger (winbeta.org) 1

Submitted by wabrandsma on Sunday October 05, 2014 @07:42AM

wabrandsma writes: From WinBeta:

One of the more interesting bits of data the company is collecting is text entered. Some are calling this a keylogger within the Windows 10 Technical Preview, which isn't good news.

Taking a closer look at the Privacy Policy for the Windows Insider Program, it looks like Microsoft may be collecting a lot more feedback from you behind the scenes.
Microsoft collects information about you, your devices, applications and networks, and your use of those devices, applications and networks. Examples of data we collect include your name, email address, preferences and interests; browsing, search and file history; phone call and SMS data; device configuration and sensor data; and application usage.

This isn't the only thing Microsoft is collecting from Insider Program participants. According to the Privacy Policy, the company is collecting things like text inputted into the operating system, the details of any/all files on your system, voice input and program information.

Submission + - Hong Kong protesters use a mesh network to organise (newscientist.com)

Submitted by wabrandsma on Tuesday September 30, 2014 @02:17PM

wabrandsma writes: from New Scientist:

Hong Kong's mass protest is networked. Activists are relying on a free app that can send messages without any cellphone connection.

Since the pro-democracy protests turned ugly over the weekend, many worry that the Chinese government would block local phone networks.

In response, activists have turned to the FireChat app to send supportive messages and share the latest news. On Sunday alone, the app was downloaded more than 100,000 times in Hong Kong, its developers said. FireChat relies on "mesh networking", a technique that allows data to zip directly from one phone to another via Wi-Fi or Bluetooth. Ordinarily, if two people want to communicate this way, they need to be fairly close together. But as more people join in, the network grows and messages can travel further.

Mesh networks can be useful for people who are caught in natural disasters or, like those in Hong Kong, protesting under tricky conditions. FireChat came in handy for protesters in Taiwan and Iraq this year.

Submission + - DuckDuckGo joins Google in being blocked in China (techinasia.com)

Submitted by wabrandsma on Monday September 22, 2014 @02:38PM

wabrandsma writes: from Tech in Asia:

Privacy-oriented search engine DuckDuckGo is now blocked in China. On Sunday DuckDuckGo founder and CEO Gabriel Weinberg confirmed to Tech in Asia that the team has noticed the blockage in China on Twitter

Weinberg added that he has “no idea” when it happened exactly. We also cannot pinpoint an exact date, but it was accessible in China earlier in the summer. DuckDuckGo had been working fine in mainland China since its inception, aside from the occasional ‘connection reset’ experienced when accessing many overseas websites from within the country. But now the search engine is totally blocked in China. (Update 7 hours after publishing: the GreatFire index of blocked sites suggest that DuckDuckGo got whacked on September 4).

DuckDuckGo joins Google in being censored and blocked in the nation. Google, after years of being throttled by China’s Great Firewall since the web giant turned off its mainland China servers in 2010, was finally blocked totally in June this year.

Submission + - Not Finding a Job after PhD in Computer Science 1

Submitted by Anonymous Coward on Monday September 22, 2014 @02:13PM

An anonymous reader writes: I recently completed my PhD in computer science and hit the job market. I did not think I would have difficulty finding a job esp. with a PhD in computer science but I have had no luck so far in the four months I have been looking. Online resume submittals get no response and there is no way to contact anybody. When I do manage to get a technical interview, it is either “not a good match” after I do the interviews or get rejected after an overly technical question like listing all the container classes in STL from the top of my head. I had worked as a C++ software developer before my PhD but in the past 6 years, software development landscape has changed quite a bit. What am I doing wrong? Has software development changed so much in the last 6 years I was in school or is my job hunting strategy completely wrong. The PhD was on a very technical topic that has very little practical application and so working on it does not seem to count as experience.

Submission + - Middle-School Dropout Codes Clever Chat Program That Foils NSA Spying (wired.com)

Submitted by wabrandsma on Saturday September 20, 2014 @05:07PM

wabrandsma writes: from Wired:

The National Security Agency has some of the brightest minds working on its sophisticated surveillance programs, including its metadata collection efforts. But a new chat program designed by a middle-school dropout in his spare time may turn out to be one of the best solutions to thwart those efforts.

John Brooks, who is just 22 and a self-taught coder who dropped out of school at 13, was always concerned about privacy and civil liberties. Four years ago he began work on a program for encrypted instant messaging that uses Tor hidden services for the protected transmission of communications. The program, which he dubbed Ricochet, began as a hobby. But by the time he finished, he had a full-fledged desktop client that was easy to use, offered anonymity and encryption, and even resolved the issue of metadata—the “to” and “from” headers and IP addresses spy agencies use to identify and track communications—long before the public was aware that the NSA was routinely collecting metadata in bulk for its spy programs. The only problem Brooks had with the program was that few people were interested in using it. Although he’d made Ricochet’s code open source, Brooks never had it formally audited for security and did nothing to promote it, so few people even knew about it.

Then the Snowden leaks happened and metadata made headlines. Brooks realized he already had a solution that resolved a problem everyone else was suddenly scrambling to fix. Though ordinary encrypted email and instant messaging protect the contents of communications, metadata allows authorities to map relationships between communicants and subpoena service providers for subscriber information that can help unmask whistleblowers, journalists’s sources and others.

Submission + - Free will persists (even if your brain made you do it) (newscientist.com) 1

Submitted by wabrandsma on Friday September 19, 2014 @05:38PM

wabrandsma writes: from New Scientist:

The vast majority of people think we have free will and are the authors of our own life stories. But if neuroscientists were one day able to predict our every action based on brain scans, would people abandon this belief in droves? A new study concludes that such knowledge would not by itself be enough to shake our confidence in our own volition.

If people lost their belief in their own free will, that would have important consequences for how we think about moral responsibility, and even how we behave. For example, numerous studies have shown that when people are led to reject free will they are more likely to cheat, and are also less bothered about punishing other wrongdoers.

For those who argue that what we know about neuroscience is incompatible with free will, predicting what our brain is about to do should reveal the illusory nature of free will, and lead people to reject it. Experimental philosopher Eddy Nahmias at Georgia State University in Atlanta dubs this view "willusionism". He recently set out to test it.

For Nahmias, this suggests that, when it comes to free will, people are "theory-lite", which renders the fact that our behaviour is generated by the brain, whose actions can predicted like the weather, largely irrelevant. "People don't have detailed metaphysical views about what underlies free will," says Nahmias. "What people care about is that their own conscious reasoning makes a difference to their behaviour – and nothing in neuroscience suggests it doesn't."

Slashdot Top Deals