Ad networks

There are millions of websites on the Internet, operated by millions of publishers. A single advertiser cannot practically contact millions of publishers individually to inquire about placing ads. Nor can an advertiser necessarily trust reach metrics (views and clicks) provided by a publisher that isn't well known. So instead, advertisers and publishers use web advertising networks. These allow an advertiser to place an advertisement on websites operated by a wide variety of publishers.

Interest-based targeting

Advertisers don't want to waste their money buying ad space only to show ads that are completely irrelevant to a viewer's demographic. So they pay a premium for ad space more closely aligned to a particular interest. To better match ads to viewers, ad networks build interest profiles about the behavior of visitors to sites operated by publishers that use the ad network.

"Retargeting" occurs when these profiles become as narrow as "viewers who have visited a page about X product". Sellers of this product then place ads for this product through the network in order to encourage people who are interested in this product to complete the purchase. Some users consider retargeting creepy, as if the stores were "stalking" a particular user.

But as phozz bare pointed out in a comment:

Sure, "retargeting" [has] happened to me. As a Firefox user. I don't really care

So long as the ad network operator doesn't disclose an individual visitor's interest profile to the advertisers or publishers using the network, what's the downside of this surveillance?

See Have Bruce Perens Keynote Your Confference at perens.com

It's possible to install a GNU/Linux environment on a Chromebook using Crouton. The first step is to put the Chromebook into developer mode, as described in the article "How to Enable Developer Mode on Your Chromebook" by Chris Hoffman. But every time you turn on a Chromebook in developer mode, the Chromebook firmware begs the user to wipe it. Here's the exact wording that the firmware displays:

The first screen (screenshot):

OS verification is OFF

Press SPACE to re-enable.

The second screen (screenshot):

OS verification is OFF

Press ENTER to confirm you wish to turn OS verification on.
Your system will reboot and local data will be cleared.

To go back, press ESC.

(The screenshots are from How-To Geek. Please ignore its pop-ups requesting that you add yourself to the site's mailing list.)

The primary user of a Chromebook in developer mode can press Ctrl+D to skip this prompt each time it appears. But someone else who turns on the device is unlikely to know Ctrl+D. Instead, she is likely to follow the prompts ("Press SPACE" then "Press ENTER") without fully understanding the hardship that following them could cause for the device's owner.

This means the device's owner will not be able to trust the device's internal storage for anything. He will have to operate the device with a USB flash drive sticking out of its USB port, so that all user data gets written to external storage, which is less vulnerable to this sort of data loss. He will also need to carry a second USB flash drive containing reinstallation media for Crouton so that he reinstall Crouton should someone wipe it.

How practical is it to ensure the data on your Chromebook doesn't get wiped without losing eligibility for fixes to, say, the screen hinge and power jack?

So Reddit - where most veteran Slashdotters have been hanging out these days - is melting down, and for good reason.

I've been coming back here more lately.

But man, there's things that Reddit does better. No limit on mod points, for one. A better story queue mechanism for another.

There is a window here, if Slashdot admins have the balls to try. Implement Reddit's up vote system and subreddits. Maybe limit the latter to departments more traditional for Slashdot, but allow all users to submit stories in the Reddit manner. Hell, just clone the thing! You'd get a huge amount of your readership back.

Maybe the Slashdot front page is curated a la /r/bestof to get that moderator filtered quality for the front page, but subslashes should be open season.

Is the spirit of Rob Malda still alive in /. HQ? Can a tiger team code this in a hurry? You should.

Ah, nobody will ever read this....

I can type at over 100wpm. Slashdot's comment timer was set to 5 minutes a few years back. So if there is a particularly interesting article with interesting comments, I can comment and reply every 5 minutes.

If I'm going at 100wpm, I could write a 500 word essay as a comment. Or what happens more frequently is, I type out a nice constructive reply to someone, and am granted the text telling me I'm going too fast.

So I close the window and go elsewhere.

5 minutes between messages on a good conversation isn't conversing. I had FidoNet conversations go faster than that. I could type up and send faxes faster than that. With a bit of practice, I could send messages over short wave radio in morse code faster than that.

Even if my comment were "you sir are a moron", that leaves well over 4 minutes waiting for the timer to run out.

If anyone wants to have an intellectual conversation with me on an old Slashdot topic (like, appropriate for the genre "News For Nerds. Stuff That Matters"), find me elsewhere. Even this comment, would still have a 3 minute timeout before I could post it.

I dreamed I bought a REALLY big computer monitor, but I didn't notice the brand until I opened the box and saw "Arrivals" printed on the bezel.

[original date Wed Feb 11, '15 10:52 AM ]

SSDs already use wear-leveling technology that effectively turn all file-updates into copy-on-write operations.

If SSD devices would keep track of the old copies so that an operating system or SSD-vendor-supplied data-rescue-utility could easily treat non-overwritten data as if it were a "shadow copy"
AND
if the SSD would hide that data from the host computer unless a particular switch or jumper was set,
THEN
it would aide in data recovery after a ransomware attack.

Why hide it from the host when the switch is not set? If the "shadow copy" IS visible to the OS, all the ransomware has to do is write to the disk until the data it wants to erase is no longer there in the "shadow copy." If it is invisible to the host, the ransomware has to write enough data to overwrite all existing "shadow copies" to guarantee success.

Why would a user have the switch on all the time? Backups.
Having a hardware-based "shadow copy" mechanism that the backup software or host OS understood would make backups easier without the necessity of the host OS or filesystem having to implement a shadow-copy system of its own.

--------------------------
[Followup added 5/18/2017 8:08PM UTC, see also https://slashdot.org/comments.pl?sid=10630029&cid=54443823 "You need hard-to-erase disks" which is a reply to https://linux.slashdot.org/story/17/05/18/1757205/wannacry-makes-an-easy-case-for-linux ]

Drive firmware that implemented data-preservation for 72 hours:

All logical blocks are marked as either "in use," "available to be written," or "pending until X" where "x" is a time, in seconds, that the device has received power since it was first initialized.

When a device received a request to write to a logical block, it would see if there was an available logical block. If there was, new data would be written to the new logical block and the old logical block would be marked as "pending until [72 hours from now]."

If there was no available logical block, the write would fail.

An "available logical block" is defined as one that has either never been written to or as one who is "pending until" some time in the past.

A more robust implementation would have "spare logical blocks" that could be used:

If there is no available logical block but there is an available spare logical block, the roles would be swapped:
The block containing the old block would be marked "pending until [72 hours from now]" AND it would be marked as a spare block.
A spare block would be marked as "active" (i.e. not a spare block) and the new data would be written to it.

If "spare logical blocks" are used, then all logical blocks - both spare and active - would have a unique "drive-logical block number."

Under normal circumstances, spare logical blocks and the drive-logical block number and related meta-data would not be visible to the host computer, but they might be made available in a rescue situation by shorting a jumper or issueing special commands to the firmware.

An even more robust implementation would keep a journal of when each block was written to, when each block changed state between live and active and when each one had its "pending until" value changed. This could be used for restoration of recently deleted data.

Considerations:

Host system:

Operating systems would need to be aware that drives may report "success" when deleting data but that the deletion would not result in an increase of free space. Likewise, they would need to be aware that the reported free space may increase at any time for reasons that are opaque to the host system.

Data storage technology:

In situations such as solid-state drives where data must be deleted in very large chunks, the firmware would treat all logical blocks which were in use or which had an unexpired "pending until" time as if they contained data, and treat other logical blocks as if they did not. Physical blocks which did not correspond to an active logical block would be treated as if they did not contain data.

Updated 2018-02-17

Knowledge is how to play a game, intelligence is how to win, wisdom is knowing what game to play.

--
Updated 2016-07-08 (the day after a multi-criminal police shooting in Dallas, Texas, USA, leaving 5 police dead, 7 other police injured, and 2 non-police civilians injured)

#IAmDallas - remembering the fallen of 7/7/2016

Updated 2016-04-25 (temporary/for a few weeks)

Ed D., rest in peace my friend, 1968-2016, you were a true fan's fan.

Updated 2014-08-14
All your e are belong to Mother Nature.

Past sigs:

http://slashdot.org/journal/281635/signature-line-update-2012-04-23

http://slashdot.org/journal/94557/my-sig-lines

Storing a private key "in the cloud":

Key is K1. Key is thousands of seemingly-random bits, probably based on a pair of 1024-bit-or-larger prime numbers. You typically store K1 on your computer using a good encryption algorithm. Your password to decrypt the key is P1. P1 is typically tens of characters. Decrypting K1 with P1 is a fast (in human-time-scale) operation, under a second.

Although K1 is typically used to encrypt or decrypt data, for the purposes of this document, K1 is the thing to be encrypted. It will not be used to encrypt or decrypt anything.

Problem:

How to safely store a backup of key K1 online such that the end user can access it from any device if he has both the password P1 and something else that is not mathematically related to K1.

Method 1, the "something else" is a one-time pad:

Create a random one-time pad, R1, which is the same size as K1.
"Encrypt" (XOR) K1 with R1 then encrypt both with P1, creating the safe copy S1. Store S1 online.
Print off a copy of R1 such that it can be easily photographed and re-constructed. Store R1 or an encrypted version of it in a safe place, such as a safe-deposit box or distributed in parts to trusted secret-keepers.
Without R1 it is provably impossible to extract K1 from S1, so S1 is "safe."
R1 by itself is useless.
R1 with S1 constitutes a compromise but it will mean the attacker has to either guess P1 or exhaustively search for it.

If the person loses their local copy of K1, they can use R1, P1, and S1 to reconstruct K1.

Method 2, create a file S2 which from which is computationally hard to extract K1 without P1, acceptably moderately difficult to extract K1 with P1 and no other information, and easy to extract K1 with P1 and "something else" not related to K1.

For example, create a one-time pad R2 which consists of P1 combined with some random-ish filler-number B2 whose size is dependent on how "moderately difficult" it can be to extract K1 given only P1.

If this pad R2 is at least as long as K1, proceed on as in Method 1: "Encrypting" (XOR) K1 with R2 and encrypting both with P1, creating a safe copy S2. As neither P1 nor B2 are known or predicatble, S2 is safe.
The time to recover K from S2 with only P1 will be the time it takes to go through all (or, on average, half) of the possible values of B2. Since the length of B2 was chosen in advance based on how hard this decription should be, K1 will be recoverable in a predicable, acceptable amount of time. With B2 and P1 recovering K1 from S2 is quick.

If the pad R2 is not as long as K1, one option is to re-use the one-time pad and as such will not satisfy the goal o being "comptationally hard to extract K1 without P1," but it may be good enough for some applications.

A different solution is to encrypt K1 with P1 (the file that is normally stored on the person's local computer will qualify) then encrypt the result with either B2 or some combination of P1 and B2 to create S2. The difficulty of extracting K1 from S2 with only P1 depends on the time it takes to go through all (or, on average, half) of the possible values of B2. Depending on the lenghts of P1 and B2 and the encryption algorithms used, this may not be safe enough. With B2 and P1, recovery is quick.

This method has the advantage that the "something else," B2 in this case, need not be kept at all.

A typical scenario where the "B2" method would be preferred over the "R1" method is where it is acceptable if key K1 becomes unavailable for an extended period of time in exchange for a zero-risk that an adversary will acquire or discover R1.

The problem is that our society has been systematically eliminating most of the occupations where an honest, hard-working, but not-especially-bright-nor-politically-savvy person can make a decent living.

Then I wrote:

Then perhaps we need to encourage people with those biological advantages to breed more.

Another Slashdot regular told me that comments like these are "dude, not funny". This is something that I occasionally need help to discern because of my mental condition. I think part of my problem comes from trying to fit in with other users on Slashdot who write comments suggesting similarly impractical workarounds out of hardcore laissez-faire ideology: "No jobs in your area? Just move." "No good ISP in your area? Just move." (1 | 2 | 3 | 4) Some such comments even get moderated up.

Sometimes I can get through to them: "Cost of living in some areas has become so high that an entry-level job doesn't pay a living wage." Or "Public high schools aren't doing a good job of teaching basic life skills such as how to relocate for a job. For example, about how much money should I have saved up before I move to, say, Austin?" Yet some posters can't even come up with a ballpark figure. Or a more tongue-in-cheek approach takes them up on their "offer": "How should I go about qualifying for even a temporary work visa in your country?"

But other times I've concluded that it's easier just to try to fit in. If it has in fact gone too far, perhaps I should take the advice of Jesus of Nazareth. To paraphrase Mark 9:45: "If your Slashperger buddies cause you to stumble, cut them off."

A self-proving identification card:

Display in human-readable and computer-readable form:
Identifying information such as name, card number, issuer/certifying agent, expiration date, face or thumbprint, signature, etc.

Display the same in a computer-readable form. For easy-to-scan things like letters and numbers that are on the card in a pre-defined layout, the human-readable form and computer-readable form may be identical.

For things like a photo, the computer-readable form may be a simpler version, such as an 8- or 16-color 64x64 bitmap.

Have the comptuter-readable form be digitally signed by the issuer/certifying agent and have the signature on the card in both a computer- and human-readable form.

Have the scanning device display the computer-read data in a human-readable form so that a human being can compare what is on the screen with what is on the card.

The same human being would compare what is on the card with either another form of ID or, if the card had a picture or thumbprint, with that of the person presenting the card.

OPTIONAL:
Some information on the card could be encrypted and require a password or other authentication token to decrypt.

Other than this optional part, the card would be "self proving" provided that the public key of the issuer/certifying agent was available to the authentication terminal.

Yes I admit it I am tired of the idiot ACs that post on Slashdot. Really just make people log in and even allow them to hide there Nick when posting but at least give them the karma hit when they post something foul and and or racist. It is not like Slashdot karma is important in the real world so the chilling effect should be very low.

Mystikkman claims that I've been posting messages perceived as unjustly hateful toward Microsoft. I would prefer to express my feelings without hate, but sometimes I have the wrong idea of what is hate and what isn't. Please point out which of my comments are hateful and why so that I can understand how not to post next time.

The surviving Boston Bombing suspect has not read his rights and as of Monday April 22, 2013, it's been several days since his arrest. Law enforcement has already said they believe the two bombers were acting alone. It would be one thing to press a suspect for information if you catch a guy and think an accomplice is about to set off another one within hours but anything after that is trampling on the Constitution. Therefore we petition the White House to only use the "imminent threat" exception to the Miranda warning when the threat really is imminent and getting information now is more important than preserving the Constitution.

White House Petition URL:

https://petitions.whitehouse.gov/petition/quickly-mirandize-arrested-people-no-matter-how-serious-crime/DncN0Pm2

"Let your speech always be with grace, seasoned with salt, that you may know how you ought to answer each one."--Colossians 4:6, NKJV.

In this post, h4rr4r wrote in a reply to a post by roman_mir:

It appears roman_mir is not a native English speaker. Through the "Homepage" link in his profile, I found what appears to be his user page on Mozdev. Roman Mironenko's native language appears not to even be written with Latin letters.

On Slashdot and other web forums, a lot of people reply to comments just to correct the grammar, usage, or mechanics. It's more polite to phrase your correction as a throwaway bit at the beginning of your comment and then, with that out of the way, proceed to make a thoughtful reply to the comment's topic. This way, your comment is more likely to be seen as a sincere attempt to build another user up, rather than the sort of abrasive and inconsiderate personal attack on one's intelligence that has caused people to associate corrections with National Socialism.