Slashdot is powered by your submissions, so send in your scoop

 



Forgot your password?
typodupeerror
×

Comment Subway...? (Score 2) 68

As a NYC resident, I appreciate the idea of free WiFi. I especially like the idea of having some kind of free Internet access for people who can't afford it, since... really... it's getting more and more of a disadvantage to not have access. I think Internet access should be considered linked to issues of economic opportunity, of public safety, and of free speech rights (your freedom of speech is hindered by not having access to telecommunications infrastructure).

But if I'm honest, the biggest thing I'd like to see for my own benefit is some kind of Internet access for the subway. Some subway stations get cell phone reception, depending on your carrier. Reception in the tunnels themselves is a bit of a rarity. Given that subway rides can take a couple of hours, it'd be nice to expect some kind of wireless access during that time.

Comment Re:Wrong question. (Score 2) 297

See I do have a backup of my laptop on a local NAS, but that's actually my sort of "safeguard" backup, in case my primary plan fails somehow. My primarily plan is, I keep everything of importance in my Dropbox folder. Anything sensitive is encrypted, but it's all in Dropbox, which is synced as soon as I alter a file.

In this day and age, you should be able to be absolutely blasé about hard drive failures. At any moment, you should be able to say, "Fine, wipe my hard drive. I might lose an hour of work while I reinstall the OS, but on the other hand, give me a spare computer and I'll work from there. I don't need to 'restore from backup'. I have access on any computer that I trust."

Comment Re:Paying for WHAT? (Score 4, Insightful) 134

Apple did not have the right to make that decision for the artists

Here's the thing, though: Apple does not have the right to make that decision for the artists. However, under current law, those artists' record labels may have the right to make that decision for their artists, and if the record labels signed off on the whole thing, it's not Apple's fault that the artists are unhappy and feel blindsided.

Comment Re:Am I included? (Score 1) 134

I'm not a lawyer and I don't know what the deal here is, but if I were you, I'd review your agreement with Ditto Music, and contact them to find out if there has been any agreement between them and Apple. Either way, whether you'd like your music included or would not like it included, it's most likely that Apple would negotiate their deal with Ditto and not you. I'm sure you made some agreement with Ditto for the distribution of your album, and depending on your agreement, I suppose it's possible that it included the right to negotiate this kind of deal with Apple on your behalf.

Comment Re:Meh... (Score 1) 255

That may well be true, but if they brought examples of their work that were far superior to any of the other interviewees, and you use Adobe and they used Adobe, you'd also give them the job. And that's how it works, typically.

Comment Meh... (Score 1) 255

I don't know. This is kind of true. Being an expert in Adobe products won't "get you the job" by itself... unless you happen to walk into a job where they're looking for an Adobe expert, in which case, it might.

But also, in all honesty, if you want a job doing design work and you only know how to use Adobe tools, that's probably totally fine. Can't use GIMP? That's fine. Nobody uses GIMP. I mean, yes, some people use it, but go around to professional design firms and ad agencies, and they all are using Adobe. Knowing Adobe isn't enough-- you need to have a work ethic and a design sense and whatever else, but it's not like you really need to know other tools.

I haven't read the entire article, but the beginning (and the summary) seems to imply that the purpose of education is to further your career, and I feel that belief is a bigger mistake than training on industry-standard tools. Ideally, if you go to college, you shouldn't just be learning how to use Adobe, but you shouldn't just be learning how to use graphic design tools (open source or otherwise). You should be learning about things, and not just how to do things. Like, you should learn about history and science and literature and art. There should be trade schools and vocational schools that teach you how to use Photoshop or GIMP, but a real college should teach you about the concepts design and aesthetics.

Comment Re:London's fantastic... (Score 2) 410

I then took stock, realised that I was spending so much on being close to the centre and was so stressed out by the downsides (noise, antisocial behaviour, general crowding) that I wasn't actually enjoying the supposed benefits.

This reminds me of NYC. For lots of people, "living in New York" means living in Manhattan. But you do that for a few years, you get over it, and an awful lot of people realize that the other boroughs can be far more pleasant. After a while, Manhattan starts to look like a tourist trap filled with douchebags.

Comment Re:Frivolous (Score 1) 88

Yeah, I think it should really boil down to a question of whether it can be shown that TWC is refusing the peering agreement as a method of throttling, or whether their refusal is justified. Unfortunately, I have doubts about the average person understanding the technology well enough to serve on a jury for this kind of thing.

Comment Re:Eat yours (Score 1) 196

Ok, so let me ask you two questions: 1) Do you have any information on your computer that you would not like to share with the world? 2) Did you build the entire computer from scratch?

If your answers were "yes" and "no", respectively, then to some extent, you're trusting your hardware vendor to have not included some kind of... well, who knows what they could theoretically include. A chip that serves as a keylogger, but that will send the info out through the NIC without involving the OS. If they designed and manufactured all the hardware, they might have done any number of things.

Comment Re:The basic tenet of security (Score 1) 196

You might think that "security" is a concept that only applies to some information, and then that information is either "secure" or "not secure". Essentially what I'm arguing (and I think you are too) is that "security" is a concept that applies to all information, and it's a spectrum of "how inaccessible is it to people that I don't want to have this information" vs. "how accessible is it to people that I do what to have access to this information". Nothing falls outside of that.

So even the contents of your post, this post that I'm responding to, falls under a sort of security scheme that you're not really thinking about. The key thing with this post is, there probably isn't anyone who you're particularly averse to them having access, and you want it to be accessible to the public in general, so security is very light. Therefore, the level of security that Slashdot offers (basically none) is an appropriate level of security. As I pointed out, when you log into Slashdot, you type in your username, which has a security level comparable to the contents of your post. For both of those things, you have to trust Slashdot only a very small, almost non-existent amount, but it's still trust.

Now you might be thinking, why is this trusting Slashdot to put in public information? Well, that's where it gets a bit foggy and complicated. You don't know what they're doing with that information, and you probably don't know exactly what you're disclosing to Slashdot. By your word choice, you might be giving them information about your background. Use "lift" instead of "elevator", and it hints that you're not American. Mention that you went sledding when you were a kid, and it tells us something about the region where you grew up. There has actually been research into identifying the author of an anonymous writing sample by word choice and sentence structure alone, potentially allowing someone to identify all of your posts across various sites and usernames as "written by the same person".

Really, who knows what information you give away when you post something online, but the point is, that is information that you're trusting Slashdot (and the rest of us) to have.

But then in addition, you also give Slashdot your password. You can say, "Well I don't care about that password. I don't reuse it anywhere and so it doesn't constitute trust." I bet that you don't want me to have your Slashdot password, though, because you don't trust what I'd do with it. That means, when you're logging into the Slashdot website, you're trusting that the site is valid and not compromised, and that Slashdot will keep the password secret. The level of security you're demanding may not be very high, but it's higher than what you're expecting from the contents of your post.

In addition to that, by visiting the site, you're trusting that Slashdot doesn't have malicious code that will compromise your computer. You're also trusting them with information about what browser you're using, and what your IP address is. Now you might have your browser set up to be super-secure, not to run any javascript or Flash, to route through Tor, to block tracking attempts, to obscure data about the system you're working on, etc. In that case, then you're trusting Tor, the developers of your browser, etc. to do those things competently.

No matter what, you're trusting some people, to some degree, with some information. It may all be information that you don't care that much about, but sharing it still implies some base level of trust.

Comment Re:Eat yours (Score 1) 196

Why should I "implicitly" trust hardware as praxis stated?

It's not so much a matter of "you should" as it is a matter of "you do." You already do trust hardware. I assume you're posting on Slashdot using some kind of electronic computing device, and you're typing this by banging rocks together.

Do you know what you are defending?

Yes, I'm defending the concept of security from those who have a very poor understanding of it.

Comment Re:Key exchange (Score 1) 196

But the risk isn't them decrypting with your private key, it's them adding their own public key (or one they generate) to your list of keys without your knowledge.

Well yeah, or they could also backdoor the whole device without doing anything half so subtle or sneaky. So could RIM, Microsoft, or Android phone manufacturers. On some level, with every device you use, every service you use, and every piece of software you use, you are assuming that the manufacturer/provider/developer isn't a malicious evil mastermind.

But in general, their system is designed so that it won't add a public key without approval from an already approved device, or some other authorization. It seems like that's about as good as you're going to get for any system where there's a repository of approved public keys, which is basically what we do for GPG and HTTPS as well. (e.g. if you don't trust certificate authorities, than HTTPS is not secure)

For example, if you're texting someone who's not using an iPhone.

In those cases, it's actually pretty clear whether you're using iMessage or SMS. iMessage users turn blue, and it says "iMessage", while SMS users are grey/green and it says, "Text Message". I have no objection to the idea of them including a setting that says, "Just don't use SMS no matter what, and only allow iMessage," but it doesn't seem fair to criticize that it "silently" switches. I would say that the switch is obvious yet unobtrusive, which is honestly what most people want.

Comment Re:The basic tenet of security (Score 4, Insightful) 196

I trust nobody

Bullshit. As praxis pointed out, you trust some people, sometimes, with some data. Otherwise you wouldn't post here. At a bare minimum, you've trusted Slashdot with your username and password, and you've trusted us, the Slashdot readership, with the contents of your post. What's more, whatever computer you're working on has at least hardware (with BIOS/firmware), an OS, and a web browser. You've trusted whoever made all of those things. Even if you are using FOSS, unless you've performed a thorough code review of the sort that you would perform on a suspected virus, you've trusted the community to review the code and remove security threats. Even if you encrypt your data, you're trusting whoever wrote the encryption software, along with the people who created the platform that the encryption software runs on, to be both honest and competent.

What praxis was pointing out, which is entirely correct, is that security is not about being "absolutely secure". It's about balancing "making things accessible to those who I'd like to grant access" against "making things inaccessible to those who I would not like to have access." It inherently includes trusting authorized users, but also it pretty much always includes some level of trust (not necessarily absolute trust) of some 3rd parties. When you put money in the bank, you're putting some trust in the people who own the bank, in the bank's guards and tellers, in the police to protect the bank, and in the government to oversee the whole system and provide legal recourse if anyone else violates your trust. You don't have to trust any of those people absolutely, but that's because of the security practice of dispersing trust among multiple parties.

So no, you're trusting someone, whether you admit to it or not.

Slashdot Top Deals

Don't panic.

Working...