Slashdot is powered by your submissions, so send in your scoop


Forgot your password?
Take advantage of Black Friday with 15% off sitewide with coupon code "BLACKFRIDAY" on Slashdot Deals (some exclusions apply)". ×

Comment Users Can Make Tracking Difficult (Score 2) 127

I use the Mozilla-based browser, SeaMonkey. Anyone using Firefox should also be able to do the following:

1. On my PC, I marked cookies.sqlite as read only. Web sites might think they are setting cookies, but those cookies disappear as soon as I terminate my browser. For sites where I want to keep cookies, I terminate my browser, change cookies.sqlite to read-write, start a new browser session, visit only the one site, use the Cookie Manager to delete unwanted cookies, terminate my browser, and change cookies.sqlite back to read-only.

2. I installed the AdBlock Plus extension for my browser. I do not use any of the subscription sets of filters. Instead, I create my own filters.

3. I installed the Secret Agent extension from for my browser. This sends ever-changing request headers when I request a Web page. Each time I request a new Web page or reload the current page, the Web server thinks I am a different user. This often makes Web sites respond as if I were in a different nation.

4. I occasionally capture the response headers when I request a Web page. If I see responses from unrelated domains, I check the Web site's privacy policy. I successfully made a bank and a credit union remove hidden responses to Facebook that violated their privacy policies. For the credit union, I had to file a formal complaint with their federal regulatory agency to get a satisfactory response.

5. I often use anti-malware applications to scan for tracking cookies, deleting any that are found.

Comment Clear Out Files You Do Not Want Exposed (Score 1) 324

1. Backup the data files to a single backup file.

  2. Encrypt the backup file using an OpenPGP application (e.g., PGP, Gnu Privacy Guard). Software should not have sensitive data so it does not need to be encrypted.

3. Upload the encrypted backup file to a cloud service whose servers are in a nation that will not respond to a police warrant from the nation whose police worry you.

4. Use a strong eraser application to erase the original files, the backup file, and the encrypted backup file on the laptop.

Comment Leap-Seconds Existed More Than 45 Years Ago (Score 5, Insightful) 291

Leap-seconds were properly handled in computer software before most of today's software engineers and programmers were born.

Back in 1969, I started working on a software system that already handled leap-seconds quite smoothly. At that time, keeping UTC aligned with the rotation of the earth involved introducing fractional seconds and also having UTC seconds NOT the same duration as atomic seconds (TAI). In 1972, this was simplified by having UTC seconds exactly the same duration as TAI seconds and (after an initial fractional leap) introducing only leaps that were full seconds. The software in the system on which I was working DID NOT HAVE TO CHANGE!!.

Internally, the system on which I was working -- which evolved and continued in use to operate military space satellites for over 20 years -- kept all time in TAI, which never has leap-seconds. A relatively small routine converted in either direction between UTC for displays and TAI for internal time. Another small routine converted from UTC to UT! to sidereal time, the latter more closely reflecting the rotation of the earth, which is gradually slowing and also has predictable periodic fluctuations. The purpose of all this was that we needed to know very accurately the spot on the rotating earth directly under the orbiting space satellite. The position of the satellite was known in TAI while the surface of the earth was rotating very closely to sidereal time.

Also note that the network time protocol (NTP) also accounts for leap-seconds and has done so for decades.

I can only conclude that the current attempt to do away with leap-seconds is a result of lazy software "professionals" trying to shift blame for their ignorance about leap-seconds.

Comment Re:Not for Windows? (Score 1) 132

I only use those stratum 1 servers that (a) either serve my geographical area or are worldwide, (b) that have "open access", and (c) do not require me to notify them that I am using them. Also, I only use those stratum 2 servers that meet the same criteria.

The "Rules of Engagement" state: "There are many scenarios where the above rules may not apply, especially ... clients with intermittent connectivity ..." Given that I disconnect from the Internet whenever I walk away from my PC and I shut down my PC whenever I leave my house or go to sleep, I am indeed a client "with intermittent connectivity".

Comment Re:Not for Windows? (Score 2) 132

The Windows capability to synchronize my PC clock depends on a single time server. The default is Microsoft's own, which is not always up.

SocketWatch does not tie me to one particular time server the way the Windows capability does. SocketWatch has a list of servers, which I have edited. My list now has over 200 entries. Per my option settings, SocketWatch queries the top five entries from the list hourly, scoring each entry primarily on how quickly the server responds. The server with the best (lowest) score is then used to reset my PC clock. During that process, the servers in the list are sorted according to their latest scores with the lowest score at the top. Thus, a time server that was in the top five but has problems is replaced with a server that has a better score.

My list includes some stratum 1 servers, which are atomic clocks. Microsoft's is a stratum 2 server, which means it is not a clock but instead is a server that gets its time by synchronizing with stratum 1 servers. Thus, I can get synchronization more accurately than provided by Microsoft's default server.

Comment Not for Windows? (Score 3, Interesting) 132

It appears to me that all the NTP patches and all the NTP alternatives are for UNIX or Linux systems.

I use SocketWatch on Windows 7 to synchronize my PC clock with external time servers around the world. I have it set to run every hour. It warns me whenever an adjustment to my PC clock is excessive (using my definition of "excessive").

The questions are: How do the reported problems with NTP affect me. Or do those problems only affect time servers?

Yes, I know SocketWatch is no longer being maintained. The developer is going out of business and will soon stop distributing it. As long as it works for me, I hope to keep using it.

Comment 1024 DH Keys Are Not Current (Score 1) 217

The journal article cited addresses Diffie-Hellman (DH) certificates with 1024 bits. For browsers, such certificates are being deprecated. Certification authorities are not supposed to issue intermediate certificates or sign subscriber certificates that have less than 2048 bits, and Mozilla reserves the right to require even larger certificates.

Furthermore, the OpenPGP format allows even larger DH parts of the DH/DSS encryption keys. My own DH/DSS key is 4096/1024. The 4096 is the size of the DH part. The 1024 is the size of the one-time, temporary DSS key used to encrypt my files; that temporary key is then itself encrypted with my DH key and appended to the encrypted file. Since a new DSS key is generated each time I encrypt a file -- even for the same file -- the smaller size does not bother me.

Comment Re:This is why you call your bank before tourism (Score 1) 345

I have two Visa cards from my credit union. One I rarely use other than for purchases via the Internet; that one sits in my desk at home. The other Visa card I carry with me.

I always call my credit union before traveling. This past summer, we visited out daughter in Saskatoon, Canada. Going, we changed planes in Edmonton with a long layover. Returning, we changed planes in Calgary. Before the trip, I called my credit union and gave them the dates of travel and the three cities I was visiting. Treating my daughter and her family to dinner in a nice restaurant, the Visa card in my wallet was rejected. We had to use my wife's Master Card, for which I also called the bank before traveling.

Back at our hotel, I called my credit union. They had entered my "vacation alert" into my account only for the Visa card that was still sitting in my desk in California. During this phone call, they added a "vacation alert" for the Visa card in my wallet.

Interestingly, we traveled in France earlier in the year. For that, I also called my credit union and bank about my travel plans. I used the Visa card I had in my wallet and my wife used her Master Card, all without any problems.

Also, my credit union occasionally calls me about very large Visa charges when I have not even left southern California. Frankly, I am happy that they are monitoring my account. Once my pocket was picked in Washington, DC. My Visa credit limit was totally consumed in the three hours between when I last remembered handling my wallet and when I reported the theft to Visa. It took one day to get a replacement Visa card but several days to restore my access to the account, something I hope the current monitoring procedures would prevent.

Comment Just the First Step (Score 1) 40

Becoming a public-benefit corporation is the first step towards becoming a non-profit, 501(c)(3) tax-exempt corporation. A private-benefit corporation cannot be tax-exempt.

Of course, this means much more than Kickstarter merely avoiding taxes. It also means it cannot compete with for-profit companies; any profits unrelated to its public-benefit purpose are taxed at a higher rate than for-profit corporations. This also means that it cannot endorse any candidate for election to public office and severely limits its ability to lobby government officials and agencies.

Comment The Logical Conclusion of Opposing Ad-Blocking (Score 2) 351

Those who would prevent the use of ad-blockers need to consider where the logical path of their position leads. Advertisements also appear on television and radio, in newspapers and magazines, and on billboards along our highways.

Action to prevent ad-blockers must therefore also prohibit Mute buttons on TV remotes and prohibit me from running to the bathroom during long commercial breaks on TV. They must also prohibit me from switching radio stations or turning off the radio while driving They must force me me read every ad in my morning newspaper and make me stop my car to carefully read every billboard.

NO. I can choose to be deaf and blind to advertisements in other media. Why can I not choose to block advertisements on the Internet? What is it about the Internet that mandates its advertisements on me, something other media cannot do?

Comment Old News (Score 1) 527

The updates for the cited KB numbers appeared some time ago. I did not install them.

The best practice now is to set Microsoft Update to check for updates and alert you but not to download or install any updates. Note however that this is NOT an option with Windows 10, which is a good reason to avoid Windows 10. .

Then review the details of why each update should be installed. In Windows Update (Windows 7), select an update. At the right will be a link "More information". Select that link and read the Web page. If the information presented there does not tell you how the update will benefit you, the user, do not install it. In that case, the update most likely benefits only Microsoft.

Comment Age Discrimination is Real (Score 2) 242

For almost 14 years, there has been a justice on the U.S. Supreme Court who used to chair the U.S. Equal Employment Opportunity Commission (EEOC). While heading the EEOC he held up some 20,000 age-discrimination complaints until the statute of limitations for filing lawsuits expired.

Yet there are ways to hide your age until you actually sign-on as an employee. Never discuss any part of your career that ended more than 10 years ago. Touch up your gray hair; Clairol (or some other brand) is your friend. Men should touch up their mustaches and beards, too. (But DO NOT resort to comb-overs, toupees, or other ways to hide your baldness.) You can readily claim your college degrees, but do not mention when you earned them.

Another area for caution is your salary history. Avoid discussing this. Take the position that you prefer to consider total compensation, including fringe benefits. Also indicate that past compensation might have been earned for an effort different from the one you are being considered. If you need the job and are willing to work for less than you used to make, do not allow your prospective employer use your past salary to disqualify you.

Also, remember that old dogs do indeed learn new tricks. If you are experienced in three computer languages and three operating systems, the next one will be very easy to learn. In any case, the old tricks are sometimes very valuable.

See my This might be somewhat dated, but the overall content could prove useful.

Comment Prior-Use (Score 1) 224

Columbia Pictures' claim of some form of intellectual property rights to the term "Pixels" must be invalid on the basis of prior use. Over 10 years ago, one of my copyrighted Web pages used the term "pixels". The Internet Archive contains a copy of that page dated 10 February 2005; that copy contains the notice "Copyright © 2003-2004 by David E. Ross".

The current page is

I was playing poker the other night... with Tarot cards. I got a full house and 4 people died. -- Steven Wright