This is the wrong way round. Freedom is what helps stop "crime and terror" hitting that level. If the people are not free then the police concentrate on rounding up "politicals" and feel free to profit from taking things from the population. If you are in a free country then the police are afraid of ignoring the public and concentrate on stopping "crime" including "terror".

It's not a coincidence that the safest countries are the ones which have been long term democracies with high levels of freedom whilst the most dangerous are failed states and effective dictatorships.

Firstly; if the Obfuscated C Code scares you then I guess you should look up the underhanded C contest. Notice especially the bits where malware is disguised as small programming bugs. When you say "Openness of the code does not guarantee.." you are 100% right. However, don't forget, "the perfect is the enemy of the good". We don't always need a guarantee; sometimes improvement is enough:

1) Given that there have been plenty of discoveries of problems (e.g. just today a flaw in Android's RNG was reported) there must be quite a few people who are checking.

2) All it takes is one person. You don't need to do anything to benefit if I check it for you.

3) There is a vast increase in the risk for the attacker if it's open source;

• their change is likely visible in the version control and can be traced back to them
• it's easy for someone to change their backdoor into a trap
• if they do use the attack to break in it's much easier to track it back to the original programming mistake

4) Security problems tend to happen in generally insecure code. If code is open source you can avoid this:

• by looking to see how the code is written and choosing the software using the best techniques and languages
• by choosing code written by people you feel you can trust and avoiding others

Several of the things I mentioned are things that most people won't do most of the time. Having them as options means that they will be available when you actually really need them.

defenders can spot the hole and

This helps a bit, but not as much as you would think. When they say "unlocked" what they mean is that this phone comes unlocked for use on multiple operators but probably (unless this changes close to market time) not not unlocked for using your own OS. That makes the whole phone OS close to a binary blob that you can't replace and which they will be able to change without you having true control. If you use cyanogenmod you might argue that the reduced number of binary blobs would allow some kind of auditing. However without true openness like replicant it's almost impossible to be sure.

Maybe worth calling up our ZTE friends and persuading them to provide an easy way to unlock the bootloader on the EBay phones.

You can go further and (as some phones do) prompt the user with "wifi base stations available; do you want to try to connect" when you see unknown APs. This can still be implemented without sending out any signal.

The AP broadcasts its MAC as the BSSID. You could ask before signalling to an AP which has an unknown BSSID. Also, since the phones know where they are, you could ask whenever you see the same name in a different location.

I think you are talking at cross purposes. You are asking for a protocol which allows you to connect automatically to open wifi and stay anonymous. As you say, that's impossible with a fixed MAC address. The posters you are discussing with wants to have their phones connect automatically to chosen WiFi access points without giving away the MAC address but to otherwise require manual intervention. What they ask for is possible simply through listening, though only as long as you never connect to a hidden access point.

The interesting thing here is that cellphone networks have a bunch of interesting work done on the privacy here. They use random temporary identities and tunnelling of data back to the home network which should allow hiding of your identity from local passive attackers. The implementations are not perfect (an active attacker can use flaws in the GSM protocol for man in the middle attacks ; the crypto is/was a bit poor ; 3G phones are subject to fall back attacks etc.) but someone who is just listening to a GSM/3GPP phone should not see enough information to do tracking and someone who forces out enough information to do tracking should be clearly breaking the law (both computer hacking and radio frequency laws).

If the MAC address was a large random number which changed regularly and the standard was to start a VPN tunnel (back to the TOR network?) then untrackable connectivity would be possible. Of course it's not an accident that this is not the way things work.

Nokia N950s go for well over a grand

There are many ways to set price. There's a range between cost (nobody will build it for less) and the maximum value someone can get out of it (no point in buying something for more). You don't show in any way it's outside this. The real question is the value that you can get out of it. That's what should decide how much you can pay for it. You need to compare it with other similar devices, not a bunch of non wireless enabled development boards.

In my view the device is new, but the fundamentals of the value are something we have seen before. I guess there are three devices to look at; OpenMoko, the Nokia N900 and the Nokia N9. There are a bunch of things which would work on those devices which are impractical on other devices. Here are some ideas off the top of my head; maybe other people can add theirs:

• Normally your WiFi and other power consuming parts are off; when the phone detects that it arrives in the base station near your home (requires low level device modem access; was implemented on N900) then it turns on the WiFi, forwards your mobile calls to your VOIP account and turns off the mobile network.
• You can trigger shell scripts when you enter locations - backup and copy media at home;
• All your security audit tools - nmap / nessus / etc. can be installed

Compare these ideas with the closed competition. Windows phones, where you can't even really jail-break, are the worst it is true. iOS phones are also pretty limited (software from the app store only unless you get a developer key) but even Android phones which are supposed to be "open" end up as garbage here. Instead of having the full GNU/Linux you are limited to just small bits re-implemented by Google.

If you want to develop new personal device or wireless network ideas, this is going to be worth thousands of dollars to you. Even if you just want a device which does what you tell it to then it's likely to be worth hundreds more.

If you aren't a developer; you don't have any ideas about how to do something with wireless devices and you don't need a portable computing device, then you may well be right, it's not worth it to you. For a person who just uses it as a phone/PC, the competition would be something like a Samsung S4 - on sale for something like $600. In that case your questions about the level of testing would really matter. For most of the people who read this site, though, it's a chance to get a device which will be able to do things no other current device can do and that can really be worth much more than Canonical are asking for it.

You are saying that the ITC judges accepted bribes? I assume that when you say this you actually have some evidence; right? I mean, where bribing a politician is a protected right in the USA (AKA "lobbying" etc.) and there are even web sites dedicated to documenting how much who bribed who, bribing a judge is an actual crime and if you could show just some hint that Samsung had done so I'm sure there are plenty of people who would be interested. You wouldn't just be randomly spouting off would you?

You may want to look at my signature and posting history (not to mention the recommendation that everyone start's using Tor from the original submission). I guess maybe you could say that the editors deleted the part at the end because they didn't get the comment, but I assume they did it because they thought it was obvious.

Generally though I agree people who just accept this are beyond scary to the extent of being a serious threat. There is a definite space for some limited secret monitoring and much police work couldn't be done without it. Mass gathering of data just has so much opportunity for abuse that it's unreal.

Then again, maybe I'm recommending Tor as an INFO-OP muaaahhaaahahahaha. Or even better as a counter INFO-OP (you'll stop using it if you see it in an obvious INFO-OP like this one) ha.

Right. Unfortunately the Slashdot Editors seem to have started editing (I can see why the trolls keep complaining that this place is going downhill) and deleted my my sarky suggestion to use tor from my submission.. If you want to do anything from work you wouldn't want to know then make sure you use someone else's IP address to do it from. Alternatively buy an Android tablet and a data subscription.

Your statement is a bit of a dodge and I guess you mean a fairly large group of countries when you say "one of" however it's still pretty misleading. It all depends what and how you try to measure, but the USA is no longer nearly at the top of most lists and it really isn't that free in practice. Look at the world press index and you will see the USA comes in 32nd this year, up from 47th (mostly because other countries did more bad things recently). Look even at the "Index of Freedom In the World" which seems pretty biased towards the kind of economic freedom the US is so famed for and you will see that the US isn't in the top five. Try sorting by "personal freedom" separately from "economic freedom" and you will see that it isn't even in the top 20.

The situation is not terrible and the fact that Americans still believe they are free and believe in freedom is actually a cause for hope, however if people don't start acting now to keep that freedom there is going to be a big problem. Most of all the fact that people just don't seem worried by giving up their freedom to big companies and their data to the government is really dangerous.

Things are definitely changing in many ways. Certainly the USA is getting a bit scary in the level of monitoring. However I don't think that's the thing that changed here. Remember though what was done to Charlie Chaplin and company. Snowdon is hardly the first US dissident.

What's new about this is the total level of apparent visible incompetence involved. The fundamental rule of being Russia and China is "never do anything you don't want to do if the USA states openly that you you have to do it". Their entire world power comes from the feeling of other countries that if you have one or both of them your side then you may be able to stand up to the USA and do what you want in your own country. The moment American politicians started threatening Russia and China about asylum there was nothing they could do to avoid helping him. Even weirder because think if the dissidents which the US embassy helps in China and used to help in the USSR.

Given everybody knows this, then the main thing was to get to him in Hong Kong and promise safe passage to a friendly neutral country like Iceland where there would be a chance to limit leakage of damaging material that didn't show illegal activity. They could probably wait a few years, give him an offer of a plea bargain (20 years?) and have the Icelandic winter drive him home. Why the hell drive him to Russia, the country most likely to know what to do with whatever secret information he has?