Please create an account to participate in the Slashdot moderation system

 



Forgot your password?
typodupeerror

Slashdot videos: Now with more Slashdot!

  • View

  • Discuss

  • Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).

×

Comment: Another proof of concept (Score 1) 34

by Anal Surprise (#37652426) Attached to: Facebook's URL Scanner Vulnerable To Cloaking Attack

A while back I actually wrote a tool for Rickrolling people several months ago:
http://brokenthings.org/
based on poisoned link redirection. It works well enough. The only way to avoid redirector tricks is to follow redirectors all the way to The Actual Page and then use *that* as the reference. Then, at least if the link is poisoned, it'll be obvious.

Comment: "Standard practice"... if you're an asshole (Score 1, Troll) 510

by Anal Surprise (#31977082) Attached to: Mass. Data Security Law Says "Thou Shalt Encrypt"

It's a little irritating to read all the comments about how this is really easy, standard industry practice, etc. Please give me a fucking break.

Suppose you're running a church newsletter. You're not computer-literate. You want to send a newsletter. You write out the names of church members and their mailing addresses on a sheet of paper, and accidentally leave it at the copy shop. This is legal.

Now, you do the same thing on a computer that you keep locked in your church. You use it to print out labels, you put the labels on envelopes, and you put the envelopes in the mail. Is it really reasonable that you've broken the law here? Most of this information is available in public databases anyway. You don't know "encryption" from your asshole. Your computer runs Windows 98, and there's no network.

To my mind, if "creating a list on paper" is legal, "creating a list in a computer" should be too. If you want to hit %%loss or misuse%% of personal information, write a law that does that. Penalize a lack of security, don't legislate what security is, because every situation is not the same.

Research is what I'm doing when I don't know what I'm doing. -- Wernher von Braun

Working...