Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror

Comment Exactly who would buy Chrome? (Score 4, Insightful) 144

Outside of any potential technical difficulties of selling Chrome (code base, licensing, patents, etc. Presumably Chrome as a 'brand' would also be packaged, and so on) just who do they expect would *buy* it? And who gets to set the price?

One also suspects that if foreign companies attempted to buy Chrome, there would be protests/lawsuits/whatever.

Or rather, if someone bought Chrome, how would the purchaser expect to make money with Chrome? Charge for it? Or do... exactly what Google is doing now? And if there is no way to make a profit from the purchase, why would anyone be interested in buying Chrome?

Comment So, GDPR enforcement? (Score 0) 82

If the EU is going to force the situation so people can install software on their phones from anywhere, that would imply people could install software which is not GDPR compliant.

So, how would the EU expect to enforce the GDPR? Why wouldn't 'free' versions (or cloned knock-offs) of software (that incidentally harvest all personal information) start showing up for downloads hosted in places outside the reach of the EU?

Comment Unrealistic Scheduling (Score 2) 209

> Following their designation, gatekeepers will have six months to comply with the requirements in the DMA, at the latest by March 6, 2024.

Six months? Really? To engage in major software changes to some government whims? From start to finish with some sort of certified compliance and without accidentally violating some other regulations/accounting/business contracts in the process?

Comment Decentralized utopia version 421.68 (Score 3, Informative) 27

It sounds like this group is trying to re-invent https://solidproject.org/

From: https://en.wikipedia.org/wiki/...
Solid [1] is a web decentralization project led by Sir Tim Berners-Lee, the inventor of the World Wide Web, developed collaboratively at the Massachusetts Institute of Technology (MIT). The project "aims to radically change the way Web applications work today, resulting in true data ownership as well as improved privacy"[2] by developing a platform for linked-data applications that are completely decentralized and fully under users' control rather than controlled by other entities. The ultimate goal of Solid is to allow users to have full control of their own data, including access control and storage location. To that end, Tim Berners-Lee formed a company called Inrupt to help build a commercial ecosystem to fuel Solid.

Comment The first app from a third party app store... (Score 3, Interesting) 69

The very first app from a third party app store will be an application that turns the phone itself into an app store, so the user can 'share' everything to other phones over WiFi/BlueTooth.

The second app will be a combination app store and onion routing network so that groups of phones can join together in ad hoc onion routing networks -- every high school, college, etc. will end up with a floating ad hoc onion cloud that is over WiFi or other local networks so the students can share apps/movies/music with each other without being easily traced.

Comment The Gift that keeps on Giving (Score 5, Informative) 60

One aspect of this vulnerability is that the attacker does not need to have opened or connected directly to the vulnerable Java program. The Java program just has to be exposed to an exploit string from *some* source such that the program logs it with a vulnerable version of log4j. At which point the program opens its own outbound connection to the exploit server. (The port number can be specified to 80 or 443 so it looks like outbound HTTP or HTTPS traffic, so just blocking outbound connections to LDAP default ports won't save you.)

So I have moderate expectations that there will be a burst of systems exploited at the end of the month when automated billing/accounting/auditing/etc. systems start processing this month's data for the end of month or end of year reporting. It will be something like the software which drives the business bulk mailing label printer or something -- some minor Java utility that has nothing at all to do with the network -- somewhere in the processing chain which will dutifully try to execute the exploit.

Comment An Idiot Savant's Idiot (Score 5, Interesting) 39

I am curious if the example referred to where the system apparently reproduced an entire chunk of code with command and copyright notice was the system actually cutting and pasting, or if it has simply 'learned' that those text items were 'supposed' to be there from processing other code.

In either case, if it is not actually applying any understanding of the code, then this is a glorified, automated, cut-and-paste coding system -- which means if the source material is poisoned with errors, security holes, or backdoors, then the system is just going to cut-and-paste the problems into what is generated.

Comment Somewhat interesting. (Score 2) 76

It's easy to see all the things wrong with the modern Internet, and how the reality of most peoples' experience online doesn't align with the dreams of its early creators.

That's a somewhat presumptuous statement in implications -- that the dreams of the early creators are the correct ones for the modern Internet. Perhaps they are, perhaps they aren't. If this is just going to be a "You young folks should listen to your elders and do things the way we intended! You should follow our dreams, not yours!", that's going to be fairly weak sauce. (Proof by authority.)

It's entirely possible that the reason why 'all the things wrong with the modern Internet' happened is because the original dreams weren't necessarily good or practical ideas. It ought to start with a critique of those first to establish whether or not in hindsight all those 'original dreams' were a good idea -- whether or not all the 'wrong' things that happened were in spite of, or because of those dreams, then it can argue about "Getting it right" rather than waving a cane and shouting "You kids get off my lawn!"

Comment And this is surprising? (Score 1) 96

It's generally held that once an attacker has physical access to a device, the device is going to be cracked. So this is not a real surprise.

It would be more interesting to see data on the cost/effort/time it takes for police to do so based on phone model, and also to plot how the cost/effort/time changes from year to year. (That is, how fast after a brand new phone is released does the situation go from "There's no tool available to break into this new model", to "We have a 90% chance of getting into the phone in a week", to "Give me five minutes to open this up.")

This is also going to be an interesting suspect pressure argument-- law enforcement will claim, "See? We can already unlock it, so why don't you make it easier for everyone and unlock your phone for us?" to try to convince people to voluntarily unlock their phones.

Comment Re:So much greed (Score 2) 37

Because somehow the USA has arrived at the situation where retirement planning is based on corporate performance -- pension funds that are invested in the stock market, and 401Ks.

People will rant about excessive corporate greed and excessive corporate profits, then turn right around and check the stock market to see how their 401Ks are doing and complain bitterly when the value drops. Whoever managed to trick people into the idea that 401Ks were a good idea was an evil genius -- people will clamor for Wall Street to be reformed, and Wall Street will say, "Sure. This is what you're asking for will do to your retirement plans. See?" and people will suddenly fall quiet and stop complaining about greed.

Comment Re:Dig up some of the crap they did to Gab (Score 3, Insightful) 134

Do you believe the GPL in all its variations is enforceable? That is, if someone downloads a bunch of GPL's software, should they be bound by the GPL? If a person downloads GPL software onto their own hardware, do they 'own' it? Can they do whatever they want regardless of the GPL?

The GPL functions because software (aka 'intellectual property'. Sigh.) is *licensed*, not sold. There is no transfer of ownership. The owner of the iPhone owns the hardware, not the software. The software is licensed. The owner has no inherent rights to the software. The owner only has the rights granted by the license and under the terms of the license (see the GPL.)

So, the owner of the phone can do whatever they want with the hardware. They can put whatever they want on the hardware... unless they are using iOS, or the Apple firmware, or other Apple software to do so. Apple software is always Apple's and only licensed to the owner to use under the terms of the license agreement (again, this is why the GPL is enforceable. The owner of the 'intellectual property' gets to set the terms of use.) Apple can't enforce what software is run on the hardware, but they can enforce what software is run on their software. (See GPL3 and variants where just 'linking' with other software can trigger the terms.)

The linkage of hardware (which is bought and sold with transfer of ownership) with software (which is licensed) is getting to be a bit of a problem because companies are using the latter to control the former, but this is how the current 'intellectual property' system is set up. There is certain arguments to be made that it should be changed -- but people should probably be wary of doing so. If limits are placed on what the creators of software can and cannot limit in the licenses... there are no doubt many, many companies that would enjoy being able to blow off the GPL class of licenses if such terms were no longer enforceable.

That's the long winded way of saying, basically, yes, Apple does have the 'right' to determine what software iOS on the phone can run. That's what 'copyright' grants them. The right ends at the hardware, but as long as the hardware requires the firmware/drivers/software to operate, from the practical point of view, it's pretty much the same. To say otherwise implies that the GPL on any hardware driver would be invalid. If people claim that Apple cannot specify the terms of use for an operating system, then people will argue that the GPL cannot be applied to Linux.

This isn't a great situation. However, it's not clear how to deal with 'intellectual property' (ugh) in a way that reduces the power of large companies without imperiling smaller companies. I suspect because of this most of the cases will fizzle out because the judges will want to punt the issue to congress (particularly given issues of international commerce/copyright treaties) rather than make dramatic rulings.

Slashdot Top Deals

Dynamically binding, you realize the magic. Statically binding, you see only the hierarchy.

Working...