Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror

Comment Re:I don't want cheaper!!! (Score 1) 97 97

I don't want cheaper, nobody does. We want better instead.

Sadly, only for a very tightly constrained definition of "we." Far too many people are either too poor or too stupid to buy quality products when they can save 20% and buy a similar product, even if it will only last 50% as long.

Even those that fall more to the "poor" side of the argument are stuck banking on the fact that the 30% difference is a future cost and buy the cheap shit anyway, because its that or nothing.

Its a well-known and well-documented phenomena. Unfortunately its also well-ignored. All "simple" economic arguments (ie: the only ones the people in power care about) start along the lines of "assume two equivalent competing products" and proceed to draw out pretty graphs showing marginal profits at various price points. You very rarely see quality difference being used as a pricing measure in these arguments (just like you rarely see irrational consumers in them.)

I mean I'm sure all of this stuff is covered as you get more in-depth into economic theory but very few politicians, never mind lay people, have degrees in economics. Most people know the major talking points from ECON101, if that, and precious little else.

Comment Re:Free trade with non-free countries? (Score 1) 97 97

Generally speaking, that should be an obvious "yes."

Very few of us outsiders deal directly (in a business sense) with any individual American people so when we bitch about "America" we are almost always referring to their generally horrific foreign policy rather than any specific person.

We all read /. and other news sources. We're well aware that much of your internal policy sucks as much if not more for Americans than your foreign policy sucks for non-Americans. But we've all got our own internal problems to bitch about so we generally only rant about America's foreign policy since that's the part that affects us (somewhat) directly.

Comment Re:Right ... (Score 1) 117 117

they have a responsibility to pay the developer whatever is necessary to fix it

Says who? Last I checked the only responsibility we assign to corporations is "maximize profit," barring the odd edge case where a court requires them to do something above and beyond that (usually cleaning up some mess that they wrought and hoped nobody would notice.)

Its a pretty shitty deal for us normal citizens but unfortunately its the way the world works these days (and well, pretty much always.. money has never been far from power nor ever had much trouble getting its way regardless of the cost to the citizenry.) And unfortunately simply asserting otherwise won't change that fact.

Comment Re:Customers Let Them (Score 1) 117 117

The trouble with that line of thinking is that you don't really have any other option. Even when there actually is competition in the market for the device you need, their ToS is around 100% guaranteed to be just as bad.

As a consumer, our options these days basically amount to "go back to 1800s lifestyle" or "bend over and enjoy it" because every piece of tech sold, up to and including your phone, car, stereo, etc, all come with these types of strings attached and there's a whole lot of jack all you can do about it.

You can't even say "I'll go back to 1980s or 1960s lifestyle" because while primitive by today's standards, the main difference between those eras and the 1800s was the tech available -- and any of that that still exists will have had a consumer-unfriendly ToS attached to it by now.

Hell try ordering a bloody pizza online. I have to agree to a fucking ToS button just to have Panago take my money. Its insane. But its the world we live in and until/unless some sort of guardian angel comes forward with both the motivation and the deep pockets to actually fight Sony or Apple or whoever in court to set a proper precedent over ToS (rather than just accepting a settlement,) its pretty damned unlikely that we'll see any significant improvement for a long time to come.

(And thanks to copyright, vendor lock-in and other BS, "competition" is even a lot narrower of a term than we expect from more classic products. Linux or even Mac just isn't a replacement for Windows if you absolutely can't live without some piece of Windows-only software. Nor is an nSync album really in direct competition with a Pearl Jam album even though they're both music.

Its like saying a motorcycle and a bicycle are in direct competition with each other because they're both two-wheeled vehicles. Sure that's probably true if you're within peddling distance of everywhere you need to go but its pretty disingenuous to suggest that either one could completely fill the role of the other.)

So may as well bitch about it on the internet. Just make sure you click that ToS button on the way there.

Comment Re:So...political violence is the "ugliest" corner (Score 1) 169 169

Its called word play and sensationalism.

Looking in the "ugliest corners" doesn't necessarily mean you're looking for the ugliest acts -- just that you have to be in the same vicinity of them.

The Twitter reference is just to garner eyeballs. I mean I'm sure they ARE watching Twitter (while most grandstanders are too stupid to follow through with their threats, some may actually have the capability and decide to make the attempt so you can't just ignore them even if the S/N ratio is pretty low.)

Chances are any serious (non-grandstanding) plot involving multiple people (and thus requiring a communications channel) will be hiding in the worst areas of the net right beside the child pornographers and other nasties. So yes, they will have to dig into the "ugliest" parts of the net -- Twitter just isn't that particular part and the article writer is being intentionally vague in order to draw attention.

Similarly, they're probably not just Googling for "Obama AND assassination" and calling it a day. They'll be looking for code phrases and questionable purchase patterns and other indicators of a serious plot made by people who are intelligent enough to at least attempt evading detection.

Comment Re:They have no intent to ban Whatsapp and others (Score 1) 174 174

Absolutely, which is why "pull out" is another option if they feel they can't comply. My real point is that attempting to subvert the law is probably not going to be the choice they make. Taking that tack is a lot of risk for very little payoff, which may be worthwhile for political reformists but less so for businesses.

Though that brings up a more interesting issue -- what happens if they decide to comply in some way other than "no encryption?" Do they now have to figure out ways to generate separate key sets for every government? What happens when the UK decides that they don't want China being able to snoop on their communications, but China demands this same kind of back dooring that they're demanding? Encryption keys don't give two craps about the global political situation.. never mind figuring out how to later add or revoke keys as that political situation changes.

As for complying with laws in different countries.. its not THAT hard -- for communication that's purely within the one country. It becomes extremely difficult for communication that leaves the country (and then the whole issue of messages that just happen to bounce to a foreign router even though both the source and the destination are local -- an issue we have great interest in here in Canada since most of our traffic still goes through US routers. We have no control over what they do and they have no interest in protecting non-American rights, so we get the worst of both worlds and essentially have no digital privacy rights at all thanks to that border hop.)

Comment Re:Cry More (Score 1) 139 139

I'm not a journalist, but I'm going to assume that in most cases, if I think something's up.. probably my competitor will be thinking something's up as well. Sure there's the occasional deep investigative effort that requires months or years of sifting through clues and evidence to find facts but the vast majority of the news is just "hey look something happened and we managed to be first to print."

Sure under the current system chances are both parties will file their own FOIA requests, but it becomes a bit of a first-mover race at that point and that's where the problem lies. It would be like nVidia publishing their preliminary chip design that won't be completed for 2 years and then hoping AMD doesn't take it and beat them to the punch. Sure they're a bit ahead of the game at that point but if they get slowed down for some reason and AMD doesn't, they're still going to lose. Why take that risk when there's no benefit to yourself for doing so?

Comment Re:Cry More (Score 1) 139 139

the requester gets copyright on the documents?

Uhhh no? Even if copyright applies to public documents, selling a use of the document does not imply selling the copyright. We wouldn't have all the issues with RIAA/MPAA that we do if the world worked like that!

The government has to keep it a secret?

Uhhh no? There's nothing stopping somebody else filing their own FOIA request for the same document.

Doesn't matter who is paying to gather them together.

Yes it does. It matters if "nobody" is paying to gather them together, which is what you'll see happen (or at least a lot closer to it) if there's no chance for a return on investment. The only people making FOIA requests without an ROI opportunity is public advocacy groups, and they tend to have limited resources to work with.

Comment Re:Cry More (Score 1) 139 139

The problem is that if I have to pay to get something released, and I'll see no ROI, then I'm not going to pay for it.

I agree it would be grand if the government would just release all public documents on their own dime. But they don't. And if this stops investigators putting in their dime as well, the result will be NO documents being released to anybody, which is not an improvement over the current system.

Doing this but implementing say, a 1 month moratorium on public release rather than immediate, would probably be a good tradeoff. Of course that only helps the general public without doing much for either the government or the investigators (in comparison with the current system) so why would they bother?

Comment Re:Call it what it is (Score 1) 174 174

Snooper's Charter sounds even more ominous to be honest. At least a "firewall" has some implication of protection even if everyone knows its true purpose.

"Snooping" on the other hand has pretty much purely negative connotations since early grade school for most people.

Then again, its kind of refreshing that the government is at least being honest about the purpose of the program. If it was in the US it would be called PINKUNICORN or some other absurd backcronym created purely to sound "nice" in print without giving away its sinister underpinnings (see: USA PATRIOT.. and a whole lot more listed here.)

Comment Re:What about medical records? (Score 1) 174 174

Fax?

Other than that.. hand-waving and magic. Government officials (in every country) that come up with these plans seem to be under the impression that its possible to have a government back door while still being generally secure against everybody else.

Its dreadfully obvious that these people don't know the first thing about computer security, but unfortunately only to people who DO know the first thing about computer security. The Dunning-Kruger effect is in full force when it comes to politicians creating computer security legislation.

Of course, it doesn't help that they're "right" in the technical sense that you can build secret-sharing encryption schemes. But they tend to overlook two serious issues here:
1) The secret will get out with probability approaching 1 given enough time. Of course if that amount of time is "50 years" as is the case with, for example, many military operation secrets, then maybe that's OK. Chances are it will be a lot less though given that the digital secret will have to be fairly wide-spread amongst government and telecom employees (who are generally a lot less disciplined than military personnel) in order to be useful.

2) Secret sharing schemes are a completely different type of encryption. You can't just "add" a shared key to an existing AES-encrypted (for example) message. The message would have to be decrypted with the original scheme + key and then re-encrypted with the new shared scheme and new keys. And even if you're only interested in transient communication (so you don't have to worry about pre-existing messages,) the developer will have to rebuild their product (and force-distribute it) to handle the new schemes. Might be plausible for the majors like Facebook but pretty insane to think everybody who operates in your country could pull that off.

Comment Re:They have no intent to ban Whatsapp and others (Score 1) 174 174

Which they won't do. They'll either comply (probably by just disabling the encryption layer,) or pull out completely.

Remember, WhatsApp (and other such companies) aren't in the business of social reform. They're in the business of making money. The only way they would go to the effort of decentralizing their software (or any significant change) is if they thought it would provide a reasonable ROI (which may be in the form of stifling losses as opposed to producing profits.)

I have significant doubts that a single country would provide those incentives, especially for something like decentralizing which would make it much more difficult to monetize the product in the first place.

Comment Re:The end of on-line banking and shopping (Score 1) 174 174

even significant parts of Cameron's own party are likely to vote against it and block the legislation.

Never underestimate the stupidity of politicians. Especially if they're being bribed, coerced or threatened (I don't know how UK politics works but here in Canada, going against the party line is a good way to get yourself backbenched.)

Comment Re:Experts? (Score 1) 102 102

Its not that we don't trust the technology, its that we don't trust the people implementing and operating the technology.

They don't have our best interests in mind, and are far too often either too incompetent or too cheap to properly implement the necessary measures even if they do have good intentions. And even if they manage to pass that test, their replacements in 4 years may not be so noble.

And that's the government. Private companies don't even have to pay lip service to our best interests. I mean they'll do so anyway in some cases (such as Apple pre-enabling encryption) but its not because they have to, and they'll stop as soon as it becomes more financially advantageous to screw us over.

And even if by some miracle, all of that goes in the favor of us average citizens.. somebody, somewhere is eventually just going to make a mistake and leak the keys by pure accident.

And once the keys are out, there's no take-backs. Every single device using those keys must be considered immediately and permanently compromised.

Comment Re:backdoor versus sidedoor. (Score 1) 102 102

My safe deposit box (well, if I had one..) is most certainly not vulnerable to one person with a good drill.

Its vulnerable to one person with a good drill, who can bypass bank security, can get into the cage, and drill the box out all without anyone noticing (and/or faster than anyone can respond.)

Your average internet-enabled computer is more along the lines of the safe sitting in the middle of nowhere where nobody can hear the drill, nobody is likely to respond, and no other security measures are in place beyond the lock on the box itself.

While from a mathematical point of view, encryption is the strongest security we've ever developed, we're still pretty sloppy on the human side of the equation (ie: not putting the keys somewhere they can be found, which includes everywhere except being a secret known to exactly one person) while we've been figuring that shit out with respect to banks for hundreds if not thousands of years.

There's also the downside that a bank lock is (essentially) unique while an encryption protocol tends to be used everywhere. If someone gets a key to your lockbox, you grumble about whatever got taken and replace the lock. If someone gets a hold of an encryption master key then every device everywhere using that protocol needs to be replaced (PS3 anyone?) Firmware isn't sufficient due to the obvious downside of being able to overwrite it, so its minimally a chip replacement (and even that's questionable.. black blob is more likely if you need it to be actually secure, which generally means entire board replacement.)

How can you do 'New Math' problems with an 'Old Math' mind? -- Charles Schulz

Working...