Follow Slashdot stories on Twitter


Forgot your password?

Slashdot videos: Now with more Slashdot!

  • View

  • Discuss

  • Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).


Comment: So back to the old way when the laws worked (Score 1) 392

The bulk of the laws involving surveillance pivoted on this "Close" work. It was hard to do, and it required some motive to be "worth the effort". So in the old days where you needed to intercept physical mail or actually enter a property to spy, the laws were in balance.

Of late the state has had a free ride, with the information being pumped into it at central stations and spycraft was just a click away. And the state has gotten fat and lazy, and with the decreased minimum effort the spying has become free. And the state, fat and happy, likes it that way.

But strong encryption would put the state back into the footrace. It would require the same work and effort as the old days. Boo farking hoo. It was _supposed_ to be hard to spy. The entire Big Brother 1984 idea was about the destructiveness of surveillance made too easy to bother being selective. The "just watch everybody" economy of effort leads to gluttony and abuse. We kwow that.

So Omand's "warning" is that of the plaintive child. But mom, then I'll have to _try_ and I want my participation trophy!

So Omand has made the case for why strong encryption should be universal so that the state cannot engage in universal surveillance.

Comment: If it's a "subsidiary" it's within reach. (Score 1) 749

by IBitOBear (#47478015) Attached to: Obama Administration Says the World's Servers Are Ours

If it was a Mexican _partner_ you'd be right. If it's a Mexican _subsidiary_ you are wrong.

A "subsidiary" is an owned asset. If you own an asset and it was in Brunei and you are here before the court, the court can order you to surrender that asset because you onw it and you are subject to the law where you are.

I don't have to subpoena you in Brunei if I've got you here.

Your only defense is if Mexican law makes it _illegal_ for you to move or copy the asset. In that case you'd have the "the court cannot require me to break the law" defense, which is not the same as the "it's far away" defense Microsoft is attempting.

For instance, lets say Fidelity (a french company) was required, in French court, to produce my financial records for the purpose of auditing Fidelity for alleged misconduct. And let's say Fidelity didn't want to do so. They could resist the production order under various U.S. laws such as HIPPA if my records incidentally contained medical information.

Likewise, if the E.U. privacy regulations covered some or all of these documents then Microsoft _could_ _have_ argued _that_ against the production order. Same for things like Attourney Client Privilege and any number of other things. I work for a company in the U.S. that is a wholly owned subsidiary of a brittish company. But the brittish crown and court cannot successfully supponea any of our non finincial documents because we do defense work and so U.S. law would prevent the export of that material. But the money stuff is fair game.

So too for paper documents. The "that would be illegal" defense cuts very fine. If the documents were in Afghanistan, and printed on pure marijuana leaf, then you could argue against shipping the original documents here because marijuana is illegal here. But the court could then require you to photocopy or fax the documents here on a more legal paper.

Now people have been talking "warrant" vs "subpoena" and I don't actually know for sure which thing is happening. A demand for surrender (subpoena) is different than a warrant to enter and search. This sounds like a subpoena not a warrant, as a warrant woudln't be served to Microsoft here, it would be processed by the foreign government and would be served _there_ by local law enforcement.

Given all that, "the old paper courts" are no different than the current paper courts. The "on a computer" bit is immaterial.

If Microsoft controls the documents personally, or through an agent, and a "subsidiary" is a kind of agent with lots of legal precident, the documents are fair game unless an actual law in the other jurisdiction says they are not. Paper or not.

The question is one of control not format of storage.

Comment: Re:You have this backwards. (Score 2) 749

by IBitOBear (#47454329) Attached to: Obama Administration Says the World's Servers Are Ours

If I used a Saudi document escrow or storage service to store my documents, and they stored them in Botswana, there would be at least three jursidictions with the ability to subpoena those documents. Botswana, Saudi Arabia, and Wherever I live (so State of Washington, and U.S.A. federal jurisdictions).

It was _my_ choice to involve the Saudis and they were acting as my agent when they involved Botswana.

Sucks to be me if my documents are not actionable here but against the law there. I got those places involved in my business by doing business with them. That's the nature of actual, personal responsibility.

Really read this sentence: "In essence, President Barack Obama's administration claims that any company with operations in the United States must comply with valid warrants for data, even if the content is stored overseas."

This is a core tenant of law. It is the same legal principle that says the U.S. can prevent and punish a U.S. company from shipping heroin and sex slaves from Afghanistan to Brunei because they _are_ a U.S. company. It's also the same reason that a Brunei court can go after the same company.

If I go to mexico I am bound by Mexican _and_ U.S. Law. You can substitute any countries for any countries in this scenario.

This is also why I am mostly untouchable in Utah and Montana since I've never been in Utah, and I drove through Montana once. But that could change if I started a partnership with someone who lived in Utah. That relationship between them and I could bring many of my details under the jurisdiction of the Utah court.

You step in a river, you get water on you. You splash around in business in a particular country, the law of that country will stick.

Microsoft does business here. The dispute is a dispute here. That Microsoft stores the relevant material there, by accident of fate or by purpose of design, doesn't insulate that material from this court.

Where is the dispute, who created the material, and where are they, and where were they when they made the material. These are not very advanced questions.

It's more or less the same reason that a U.S. court can prosecute a U.S. citizen for "sex toruism" if they do the under-aged nasty in a land where that's supposedly okay, because they did it under the tacit protection of the U.S. because they could call their council and embassy via their citizenship and passport etc.

It's very, very hard to wash off a jurisdiction. One of the reasons the Swiss were so useful for so long is that they just wouldn't say what they were holding. Other jurisdictions could hold you responsible for what they could prove you "must have", but they couldn't ever get the swiss to _be_ that proof because they would simply remain silent.

There is no dispute that Microsoft has these documents. There is no dispute that Microsoft is a U.S. company. There is no dispute that the dispute is taking place in the U.S. So Microsoft's claim is _almost_ pro forma. They don't _want_ to cough up the stuff, but they likely have no belief that this defense will work.

Part of what Microsoft sells here is "if they mess with your bull they'll get _our_ horns, so trust us with your stuff". The very fact of the defense, despite its absurdity, is a feather in their cap.

But eventually the documents will be produced.

Comment: You have this backwards. (Score 5, Insightful) 749

by IBitOBear (#47452751) Attached to: Obama Administration Says the World's Servers Are Ours

Microsoft is trying the "you can't hold me responsible for yesterday's shooting because the gun is in my other pants" defense.

The law has _always_ held that if you are before the court, everything relevant to the case is before the court.

If this were not the case then the Tobacco and Asbestos companies could have just said "all those meeting minutes and research records are stored in our warehouse in mexico so ha ha, you all lose." Any company or person, on any issue, could just mail the evidence out of state or out of country and get off scott free.

That just never happened.

Just because the evidence is "on a computer" instead of "printed on paper" doesn't make the "other pants" defense viable.

The court is not reaching across a border. Microsoft is _here_. Microsoft does business _here_. The complaint is _here_, and the court is _here_. The proper legal response to "the other pants" gambit is to tell the guy in his shorts to send someone to go get whatever it is from those pants and bring it back.

Criminals don't just "move" their assets to other countries, they "hide" them because if it can be found it's on the table.

Every court. Every country. Every topic. From the beginning of time.

This is no different.

Comment: No so much actually. (Score 0) 749

by IBitOBear (#47452641) Attached to: Obama Administration Says the World's Servers Are Ours

This isn't a case of the U.S. reaching across a border. Microsoft is _here_. Microsoft is doing business _here_. The court _here_ is ordering microsoft _here_ do produce documents _here_. Microsoft's claims that the docuements are "in their other pants" (e.g. on a server in Ireland) is immaterial because microsoft is _here_ and _microsoft_ owns those documents.

Now _if_ this were a case where a U.S. Court was ordering a company that was not _here_, say an Irish company that was _there_ in Ierland called Irish Pizza Delivery Co. to cough up emails even though they don't do any business here... that would be a huge over-step. That over-step is because they are _there_, or more correctly _not_ _here_, and the court is _here_.

This is _exactly_ the same reason that the U.S. Tobacco companies and Asbestos companies could not dodge legal responsibility by just shipping their money and internal paperwork to south america as soon as people started coughing.

Comment: Or are bitter and jaded (Score 3, Interesting) 255

I know that when I am being data mined I am very likely to pick the funny or ironic answer to any poll. The less intelligent the dumbest option is, the more likely I am to select it. My data is valuable and if you aren't gong to pay a fair price, and you intend to use it to subvert my happiness, I am not likely to go quietly to the slaugter.

I remember some movie where a guy lands in a Gulag and is being forced to make mitten liners. He learns from one of the other guys to sew them shut across the fingers and then hide the sabatoged ones by slipping them into the "already inspected" pile. It is sabatoge and it's faster than making the proper stitch so it's easier to meet the quota.

Lots of people maliciously answer polls and such, or so I suspect, which is why they are such a terrible instrument of governance and polity.

And P.S. if you don't limit people to thinking about tech, well there are _many_ blue species of sting and mant rays, so contextually they might have a point on answering some of those questions. Its that whole ability to read past typos that humans are so gifted with.

So conclusion? Polls suck, they suck slightly more than the pollsters conducting them, um-kay?

Comment: The case _for_ goto (Score 1) 231

by IBitOBear (#46406465) Attached to: Bug In the GnuTLS Library Leaves Many OSs and Apps At Risk

The linux kernel is full of gotos. Assembly is bereft blocks and that sort of structure. So "goto" isn't the source of all evil.

Consier this example of the linux goto paradigm below. When taking locks and establsihing component preconditions you can write an optimal routine that does the stepwise creation, and includes the non-conditional cleanup. Then skipping the cleanup if all the parts succede. The example below is trivial, but when it comes to preserving locking orders it solves a hard problem very simply. And if you check out the generated code its very efficent. More so if you hint the compiler that the success case is most likely for each conditional.

So take the simple example and imagine you are building something complex like a network request with data and metadata buffers and the actual request structure itself et al... as the number of parts grow the number of bizarre else conditions you have to use to do stepwise cleanup become bothersome repetitions of code. Its even worse if it's part1 _or_ part2 along with part3 etc. Complexity and repetition of phrases in the elses is plenty of reason to use goto.

complex_thing * hard_thing() {
complex_thing * retval = 0;
thing_pt1 * pt1 = 0;
thing_pt2 * pt2 = 0;
if (pt1 = generate_first()) {
    if (pt2 = generate_last(pt1)) {
        if (retval = generate_final(pt1,pt2)) {
            goto success;
if (pt2) cleanup_last(pt2);
if (pt1) cleanup_first(pt1);
return retval;

Simply put, there are times when a well-placed goto with a clear purpose and precondition can simplify code and accelerate execution.

Do I use a lot of gotos? no. Probably six C/C++ gotos in the last fifteen years. But when they are the correct tool to use, they can be magical.

Comment: Writing safety-aware code _somewhere_ (Score 2) 231

by IBitOBear (#46406365) Attached to: Bug In the GnuTLS Library Leaves Many OSs and Apps At Risk

Since all machine code is potentially brittle, the argument for using "safety aware languages" is itself brittle. For instance, Ada is safe because it doesn't allow deallocation unless you use ada.unchecked_deallocation(), or in the alternate, build nothing on the heap, or just hope that the Ada implementation has garbage collection, or..., or... etc.

_Someone_ has to do the work to protect whatever the brittleness is at issue.

For years I have used "struct Buffer { char * start, char * end};" instead of just char * string. (thing.end-thing.begin) is faster than strlen() and the constraints are always present. I've got a library full of simple bits that make this work (a wrapper around write(2) and read(2) for example).

Bad code can be written in any language. Java is safe? Well kind of, until you start making circles of referencds and losing them. sounds harmless unles there is a task and open socket in that circular reference and you've left a link back to some structure so that the socket is now able to access some nonsense.

The best tools in the worst hands are far worse than the worst tools in the best hands. Yelling for tools is a specious argument. Someone has to do the work, and that someone may well bone the job.

Comment: I propose "Snowden" become a active tense op (Score 2) 231

by IBitOBear (#46405211) Attached to: Bug In the GnuTLS Library Leaves Many OSs and Apps At Risk

(v) Adding a bit of code, hardware, or operation you know you shoudln't because an authority requires you do so.
"Hey honey, I'll be late for dinner, I have to snowden the latest release of firefox."

(n) the sneaky bit of intrusive technology
"Hey what's this bit?" "Shhh, that's the snowden."

I know he was the wistleblower, but we should enshrine his deed and the knowledge that this is happening using his name in memoriam.

Comment: Definition of "Enough" and "fase dichotomy" (Score 1) 231

by IBitOBear (#46405153) Attached to: Bug In the GnuTLS Library Leaves Many OSs and Apps At Risk

ASIDE: Your point is mute [look up "moot" before attempting correction. 8-) ]. Enough is enough, and any less is not enough. That's the definition of enough.

Consider: "If you eat enough pudding you'll die"... the only test case is to keep eating pudding till you die. If you stop before you die you didn't eat enough. 8-)

Now the point that all eyeballs are not equal is fine and obvious. It only takes one metaphorical eyeball, connected to the correct brain, to find a bug. So one is enough if the rest of the configuration is suitable, and an infinite number are not enough if they lack the context.

The real difference between FOSS and others is not the quality of the eyeballs but the opportunity for the correctly quipped eyeball to fall on the relevant bit. In closed source applications the right post-eyeball configuration would have to first be part of the set of allowed eyeballs, and it would likely have to be actively paid to look for the bug directly or indirectly since the limited herd of eyeballs all have their assignments.

Pretending that the better solution (FOSS IMHO) is unworkable because it's demonstrably imperfect ignores the fact that the far less functional (NON FOSS IMHO) has a demonstrably worse track record. That comparason and derision is just "false dichotomy" and kind of an example of, perhaps, why you aren't the set of eyeballs in charge.

In non-FOSS circumstances virtually all eyeballs lack the context to find and fix problems because they lack access to the source.

So your argument fails because it implicitly argues against exposure, or argues that exposure isn't enough if the right people aren't looking. The failure isn't one of fact but of position. You offer no counter proposal. You are pissing on the model that exists but offering no alternative. In short you are engaged in venting of some sort but you are apparently not one of the set of eyeballs ready to offer solutions.

Comment: Didn't "run away" from europe... (Score 1) 835

Actually the "Prutian Sepratists" were kicked out of europe for advocating regicide (trying to get someone to kill the king). They were granted title to what is now Verginia but decided to stay where they made landfall instead (not very good sailors). And they didn't come for freedom of religion, they wanted to set up their very own Jonestown (Guyana). It's right there in their name "puritan sepratists".

We don't necessarily have a thing for fear. We have a thing for authoritarianism.

So dear Europe, the next time you decided to export all your religious wacos, don't sent them all to the same place... it weakens the gene-pool.

There just happens to be a high correlation between fear and republicanism, so they run on the more police, more prisons, and to do so the conservative media bias is deliberately miss-sold as a liberal one. It's a self-perpetuating cycle.

On top of that, criminals all want to be cops, but only the petty criminals can make it though the background check. The cirminals want a taste of the power that previously held them down. So you end up with a lot of well armed, otherwise petty criminals ganged up in one profession exercising their egos.

Comment: So ask nicely and don't be a dick. (Score 3, Insightful) 298

Seriously, just ask your client base not to copy the mag, and maybe even do "pay what you want". It worked really well for The Humble Bundle.

If the product is good and you treat your customer base well, they will pay. IF you don't they wont.

The people who are going to copy it are not the people you want to care about as customers. Count them for ad revenue (like any other advertisement model, the reader is the product as far as the advertisers are concerned so copying is good from that angle.

You just need to find the sweet spot between universally free distribution (for high advert return) and enough direct sales for it's own sake.

And don't be a dick.

Comment: Sharpshooter Falacy (Score 3, Insightful) 107

You know, when people talk about who was warned about what, they completely forget the sharpshooter falacy. Warn everyone about everyone, then when some one does some one thing you can say "you were warned" because, in the huge pile of everything-squared you can find that nedle in the nedle-stack.

Now all the people who pointed at the nedle demand a bigger nedle-stack full of smaller and smaller nedles.

More signal. But more noise. And more noise per each increment in signal.

And more blame to go around.

There was a song, it has a point. "You have to hold-on loosly but don't let go". There was a movie, and it has a point "the more you tighten your grip the more systems will slip through your fingers." It's like there are all these old aphorisms and they came about for having truth within them. The truth of moderation.

More isn't better, it likely never was.

Committees have become so important nowadays that subcommittees have to be appointed to do the work.