Catch up on stories from the past week (and beyond) at the Slashdot story archive


Forgot your password?

Comment Re:Protect yourself (Score 1) 29

Re "it still means you need 2 boxes. but really, since one box (the cell part) will never be 'ours' or trustable, might as well make it its own separate box, create an IP boundary and talk just IP."
Or just pen and paper to create the encoded message :) Enter the message and be seen with normal fancy hardware
The next question is how good is the filtering of all data at a city, state or federal level for all free, open source, commercial encryption use or interest.
A city/state based journalist shows an interest in unique crypto software and is then using it 12-24 hours later... who with and can the journalists end be collected from. Where is the data flowing? In the city? State? Another local whistleblower is found in near real time :)
If the news story is been created and communications is been encrypted on a computer like device using well understood digital methods, privacy is gone.
So yes the 'cell phone as simple a transport, only, and never a data entry or even data display device" is one way to try and keep privacy.

Comment Re:Protect yourself (Score 1) 29

Re: "arranged back doors", weak crypto, trap doors designed in. Equipment interference options for the state or city is now at a very low cost per user from federal/mil contractors or other nations/private sectors.. Collect it all is now at a city budget per year per interesting user.
Users cannot gain anonymity on any cell network given todays tracking methods and key loggers that are placed at low software levels beyond any user complied crypto app.
The only way to keep mail, digital documents, text messages safe from unreasonable searches and seizures is to encrypt before digital data entry.
ie the keystrokes are in code as entered.
Electronic communications content is safe after sending or waiting to be accessed sounds good to a court and the press but the key loggers at one and then both ends will get all the plain text everytime.

Comment Re:encryption weaknesses (Score 1) 174

AC In the 1920s GC&CS gave the UK great access to Soviet embassy/Trade Mission, traffic thanks to the work of Ernst Fetterlein.
Soviet "Mask" material was then worked on after the 1920's under John Tiltman
The UK had all Russian systems under total collection into the 1940's . Correct use of one time pads made Russia very difficult in the early 1950's but Russia had so much traffic it reverted to fast advance systems that the NSA and GCHQ quickly got back into after the early 1950's.

Comment Re: That'll be popular (Score 1) 174

re 'This is about having a tamper-proof connection, safe against crime and anyone else."
That is a huge issue. If a nation is too good with banking encryption it gets US diplomatic pressure until its banking system starts to report on every "international" account or movement of funds.
The issue about "safe against crime and anyone else" is that the US and UK military have so many generations of experts, staff at many shared bases globally that work with local staff on the the same export grade decryption systems that the more basic methods start to leak per decade.
Any faith, cult, political party, other nation, military, gov, well backed NGO with endless funding, the media can then go shopping for the same weak crypto backdoors for their own nationals now ex staff or former mil/gov staff. Its win win win for everyone with an interest in weak international crypto standards.
Contractors and groups can sell their experts to anyone as the crypto is weak and so many governments can only break weak networks.
Banking is just a small part of decades of tame crypto games.

Comment Re:Common sense (Score 1) 174

The US and UK hope they can induce the public to react in ways that expose privacy and anonymity at all levels.
A face to face meeting to exchange one time pads set up on a leaky computer network ;)
Using advance encryption from a web site thats always been under constant observation.
The software works but just been interested made all network connections by a person to that website interesting.
The public is been pushed to find, use or seek or consider different strong encryption. The very act of looking breaks anonymity for decades.
The privacy of a message aspect is just a tame OS or weakened hardware product away once a computer or network user is discovered.
The use of informants as gatekeepers over entire generations of emerging math and crypto or software release, hardware creation.
Building in back doors at a lower hardware level while the public gets told the big brand software and hight level OS is secure and can be tested by anyone.
Public and private sector partnerships to track all interest in emerging crypto. From educational, to start up to funding, open source to multi national. All considered, shaped, weakened, pushed, hyped or superseded.

Comment Re:encryption weaknesses (Score 1) 174

Think back to ww2, the Soviet Union in the 1930's, France in the 1950-60's. The US and UK have always enjoyed total access to all other nations data by setting junk standards or allowing international crypto research standards to settle on weak standards for decades.
If a service is secure along the length of transmission, go for the encoding, decoding systems at one end TEMPEST.
If that is secure, ensure a nation picks a junk international standard that is weak by design.
Get to the OS developers, equipment makers over decades. Ensure only tame brands and tame products get international traction and marketing.
Ensure a flood of media and press about standards, the best designers and providers always reaches diplomats and governments. What they buy into from neutral nations or experts is then plain text junk.

Comment Re:That'll be popular (Score 1) 174

Re "Break all ability to make payments or move money online."
Most nations have versions of Australian Transaction Reports and Analysis Centre
Real time tracking of all banking. No paperwork needed.
The other option for all other nations is the setting of standard banking interconnect encryption is set at a tame level and the NSA and GCHQ can read it all in real time.

Comment Whats been done (Score 1) 81

Re "erase cookies using the browser"
Thats really all that can be done to average users by most ad brands legally as the settings and use allow that short or long term access by default. Beyond that and it gets to be equipment interference.
Lots of apps on different OS will find the super cookies, Local SharedObject .SOL shared cross-browser tracking, flash and other deeper tracking options.
"Has this already been done and automated" Different browsers have add ons that can do that based on some level of settings.
The other option was the ISP level deal with brands to alter the users internet experience. Very hard to escape that one as it flows with the basic network.
The final option is the security services or police passing code to detect a user when a visit a site has to resolve the original ip or to classical track a browser of interest for a while.
Classically the option was for ISP backed cookies that only an ad brand could read (2008).
Later users are starting to understand more about Unique Identifier Header (UIDH) and terms like perma-cookie.
A provider using JavaScript to inject packets to show an ad. ie the provider starts altering or initiating data packets for branding, ads.
Other network systems used personalized marketing ie search terms, websites visits, time spent ie all data that a provider can log.
Re "Has this already been done and automated, say, under Linux?"
Search the Firefox add ons some listed are options like: Better Privacy, Self destructing cookies, Cookie time.
Re " Why is it so hard to find the specifics of" Its now been done at the server, isp, web 2.0 provider, social media site level.
Ads have followed the security services thinking, why be in the users machine, just become the network used for all connections.
re "Or have I not really identified the root?"
An average user is now buying generations of hardware and OS software, OS updates from an ad brand... using their ad brand search engine on their OS..
The internet in some countries will be provided by in totally by a social media company or via ad brand hardware. Collect it all.
Every packet in and out is then up for logging, over any browser. ie the classic ISP becomes the advertizing brand not just selling logs to third parties .
The only easy solution might be a new virtual machine with a modern browser and OS on fast dedicated hardware every browsing session. ie a laptop or desktop computer just for the new VM to surf the internat.

Comment Re:Host it yourself (Score 1) 112

+1 for that. In your own country with the real physical hardware at your own site. Expect and understand every in/out packet will be split at a regional site in your/any country and shared with a growing number of other nations every day, all day.
ie Collect it all.
Encrypt and fully understand any default or suggested settings with any hardware of software.
When buying any new international hardware under your own brand or company expect it to arrive with extra code, tame/junk encryption settings and hardware trap doors.
German TV had a video in German "Gemeinsam spionieren Deutsch-amerikanische Geheimdienstfreunde" (31.03.2015) video.
An animation at 2:22 has packet path options for regional splitting.

Comment Re:And what, pray tell, is a "digital agenda"? (Score 1) 109

Re "Because it seems the US likes technology plenty"
Playing computer games and slowly upgrading to faster broadband is not really the funded thinking production, educational side.
Re: "US R&D centers, and many of them have a lot of US production."
Mostly for branding, per state and federal tax breaks, historical, top level US security clearances, past unique gov funded educational excellence.
Re "mainstay in virtually every segment of software"
Who is sitting next to the emerging generation of US students soaking up the same educational decades? Getting US post graduate positions and learning even more per university, every year? Foreign paying or paid for students are soaking up what made the US unique for free and then returning home as smart or smarter than the very top few % of US science, math, computer graduates..
Why? The US like the propaganda aspect when they return home, some might invest or be a gateway for US products and services back home after years of exclusive, intensive US educational experiences.
The payments per seat is a nice win for the educational institution too.
What was 1950-90's inward looking US academic exceptionalism is now a world wide production line of random students equal to the best emerging US academic experts. Advanced math, science, crypto, physics, design are now just gifted away to anyone, any nation with the cash, every generation.
Other nations are repatriating that US academic excellence, merging it with their own regional low costs and winning.
Merit based US education is also a long term question given the costs of seats per year per class and pure academic top percentile over the nation and decade.
Is US standardize testing still ensuring only the very best academically get the limited places with the very best educators?
The US can bring in a lot of experts from around the world to keep cost down and have union free staff but at a point its going to need a lot of security cleared trusted locals of a very high standard.
A vast pool of US taskforces, ONDI, OICI, Dept of Energy, NSB, treasury, NRO, NSA.. will all need next gen staff from a shrinking pool of top, trusted cleared graduates.
So will the US private sector that services the above mil and gov sectors. How can the US stock its "strategic partnerships" with staff? Try NZ, UK, Australia, Canada with staff that work on US sites? Try Germany again? Virtual desk from some distant land for the US mil?
Re "Also as an aside, what's wrong with being #2 or #3 in something?"
Look back to emerging jet, nuclear, computer and rocket design and production lines in the 1930-70's. Lots of nations had their own projects but had to drop out/got forced out and all the expert work just drops away a over a generation of workers. Once a local work force from the workers, scientists, technicians, engineers drop behind the costs to catch up or even import what is needed is expensive or not an option.
A lot of complex projects demanding equal access to the same number of trusted graduates.
Thats why South Africa, Brazil, India, China, Russia worked so hard to create and keep their own national jet, rocket, nuclear, computer production lines at any cost.
The UK has its Skynet project from the 1970's - huge imports of US hardware as the UK just did not have the ability to produce or create the needed mil standard sat parts for own military communications networks and terminals. In the end it had to buy in US export grade sat systems with the US having some say in what got offered and how the UK would be allowed to use the final product. Never good to be #2 or #3 in something a nation needs to have total control over.

Submission + - Uber raided by Dutch authorities, seen as "criminal organization" (

An anonymous reader writes: Uber offices in Amsterdam, the Netherlands have been raided by Dutch authorities, as reported by several local media sources (here in dutch or google-translated). This follows intimidatory deterrence practices in that country, with Uber drivers being fined in the past months, and fresh allegations that the company would act as a "criminal organization" by offering a platform for taxi rides without license (read: without the authorities earning money from the practice). Time to leave the Netherlands and move your tech-company European offices elsewhere?

Comment Re:separation until 9/11 showed drawbacks (Score 1) 86

Re "There was more separation between intelligence and law enforcement in the US prior to" 2000? 1990? 1980?
Pick a decade, any decade.
Main Core "The data which is believed to come from the NSA, FBI, CIA, and other sources,[1] is collected and stored without warrants or court orders"
Operation CHAOS

In Nature there are neither rewards nor punishments, there are consequences. -- R.G. Ingersoll