Slashdot is powered by your submissions, so send in your scoop


Forgot your password?

Comment Re:Righthaven (Score 1) 66

What is right wing about filing a lawsuit to unmask a doe, suing that person, then settling for a much smaller amount. It seems this is used by many different trolls, and likely doesn't have any political ideology behind it. It is sleazy though. Filing a lawsuit with the intention of settling just to get a payout is wrong. It is short circuiting the justice system for personal profit.

Yeah that's neither right nor left, it's the universal language of greedy bloodsuckers.

Comment Re:Righthaven (Score 3, Interesting) 66

What is right wing about that process? The Democrats support the movie industry, not the Republicans.

The fact that Democrats support something doesn't negate the possibility of something being right wing. The Democrats are not ideologically pure, or ideologically homogenous, and very few of them can be considered "left".

To me, pretending that copyright is only about property rights, and ignoring the fact that copyright was also supposed to be about free speech and about making material available for free to the public after a limited time, is definitely "right wing".

Comment Re:DMCA needs to die (Score 1) 66

This has nothing to do with the DMCA, this is a straight out copyright infringement lawsuit being filed. The real problem is that the methods the copyright holders (or the copyright enforcement goons acting on their behalf) are using to identify torrent users aren't good enough and its good to see at least one judge willing to call these enforcers out on it.

Exactly. Would have been nice for judges to start doing this 11 years ago, but glad they've come around.

Submission + - All Malibu Media subpoenas in Eastern District NY put on hold

NewYorkCountryLawyer writes: A federal Magistrate Judge in Central Islip, New York, has just placed all Malibu Media subpoenas in Brooklyn, Queens, Long Island, and Staten Island on hold indefinitely, due to "serious questions" raised by a motion to quash (PDF) filed in one of them. Judge Steven Locke's 4-page Order and Decision (PDF) cited the defendant's arguments that "(i) the common approach for identifying allegedly infringing BitTorrent users, and thus the Doe Defendant, is inconclusive; (ii) copyright actions, especially those involving the adult film industry, are susceptible to abusive litigation practices; and (iii) Malibu Media in particular has engaged in abusive litigation practices" as being among the reasons for his issuance of the stay.

Comment Re: Voting - how to ensure a secret ballot? (Score 1) 69

At which point this solution degenerates into the same solutions that already exist, with the same problems. Take voter ID cards. Lots of people don't like them because they say it disenfranchises people who would have problems acquiring them, like the poor. A digital signature is going to have the same arguments.

But, I agree: that's not the point of the block chain, its ancillary. But involving the blockchain adds about as much towards solving the real problems with voting as saying "Hey! What if wrote down the votes, but not the person!" Ballot stuffing is about all the blockchain solves.

Comment Re: As much as possible (Score 2) 350

Same here with Maya. I've even thought about bumping it up to 64 GB from its current 32.

Really, anytime I see these kinds of articles pop up, I just substitute its title with "How much X is enough for our product's target market" anymore. They're really not useful as a general analysis, the desktop market is just to broad.

Comment Re:logs? (Score 4, Informative) 104

Actually, we got the same response when we offered to send the actual logs.

A very similar thing happened to USU. We received a summons from Homeland/ICE to produce 3 months of records (plus identifying info) for an IP that was one of our TOR exit nodes.

I eventually managed to contact the Special Agent in charge of the investigation. He turned out to be a reasonable person. I explained that the requested info was for an extremely active TOR exit node. I said that we had extracted and filtered the requested data, it was 90 4 gig files (for a total of 360 gigs of log files) or about 3.2 billion log entries. I asked him how he wanted us to send the info. He replied that all he needed to know was that it was a TOR exit node. I then asked again if he wanted the data. He said something like: "Oh God no! Somebody would have to examine it. It won't tell us anything. It would greatly increase our expenditures. Thanks anyway."

And that was the end of it.

YMMV. All Rights Reserved. Not Available In All States. It helps if your institution has it's own Police, Lawyers, and (an extremely active and effective) department of Journalism. And, it doesn't hurt if it is cheaper (and easier) for you to respond to the summons/subpoena, than it is for the Authority to issue it and deal with the result.

Comment Re:Why would they want to deal with that? (Score 2) 37

TOR exit nodes are nothing but trouble.

I think this is an issue where some are more equal than others.

If an individual runs a TOR exit node, they can be easily intimidated and hassled. There is very little cost to law enforcement for engaging in the intimidation.

At the other end of the spectrum, a large public institution is not susceptible to this kind of intimidation. And, there is a very large cost if law enforcement attempts the intimidation. For example, at the institution I support, if the local cops or low level FBI attempted this kind of intimidation, they would be met by the institution's police force, the institution's lawyers and the institution's journalists. Everything would be recorded in multiple ways. Heck, we even have a state assistant DA permanently assigned to USU. He participated in the process that created the policy and procedures approving the TOR infrastructure.

At this point, if a major university's CS group is not investigating TOR, they should probably give back the funding and become a trade tech. The issues surrounding TOR are critical to our society. A university should not turn it's back to these issues.

Given all that, a law enforcement attempt at intimidation would be ineffective. And, it would likely result in the kind of bad publicity that can cause law enforcement to lose budget.

However you have a good point, libraries are widely distributed in the gap between your unfortunate friend and USU. The smaller ones would be easily intimidated. The larger ones, not so much.

Comment Re:Balance TOR's costs against the benefits. (Score 2) 37

Thanks DamonHD,

I am interested to understand what level of inspection you could and did perform to decide "abusiveness". Especially for the secure traffic.



We did traffic analysis using net flow information of a few days of traffic on a preliminary TOR exit node. In this situation, traffic analysis is very powerful. We did not try to determine who was talking. But, we have spent years deciphering the nature of connections using flow analysis. We are very successful in determining the nature of the various connections. Encryption does not change the underlying size, flow and pace of the connection. The TOR structure does little to obscure the ultimate timing of request and response. It does nothing to conceal the size of the requests and responses leaving the exit node. We can easily distinguish:

  • * Password guessing.
  • * Port scanning.
  • * Automated vulnerability assessment tools.
  • * Automated attack tools.
  • * Human driven web browsing.

When we tallied all the traffic for browsing, almost all of it was human driven. When we tallied all the traffic destined to a SSH or RDP port, over 90% of it was abusive.

Comment Re:Balance TOR's costs against the benefits. (Score 1) 37

Thanks Westlake,

I would replace the work "cost" with "risk."

As in exposure to a hostile legal, political and social environment.

We had risk in there earlier. But we later changed it to cost. USU is weird. I suspect all universities are weird. USU is a top tier research university. USU is not run by accountants and MBAs. It is run by researchers and teachers. We are shielded from most legal issues. We are constrained by funding. If we can fund it, we can invest in long term experiments. This is one of them.

I don't see many public libraries having the resources to implement your plan.

This is an extremely significant point. In order to understand the TOR issues and implement TOR properly, an institution has to have a significant investment in IT. Not a problem for universities, and large metropolitan libraries. But, most smaller libraries will not have the expertise to even understand the issues and how to mitigate them.

When the shit hits the fan, "thinking it over" and "hoping for the best" is no longer an option. In the end, you have to make a decision or one will be made for you.

True. We may need to clarify that abuse response message to make the following points more clear:

  • We have made our decision.
  • Here is our rationale.
  • When things change, we may change.

I expect we will change our decision to implement TOR sometime in the next 5 years for one of the following reasons:

  • TOR is replaced by something better. (Quite likely.)
  • TOR is infiltrated by the NSA and discredited. (Somewhat likely.)
  • The majority (greater than 80%) of TOR browsing traffic becomes abusive. (Somewhat likely.)
  • USU decides to get serious about privacy and implements an interior solution that uses NAT and non-logging proxies to obscure to external inspection, who is doing what. (Somewhat likely.)

A rock store eventually closed down; they were taking too much for granite.