Forgot your password?
typodupeerror
Electronic Frontier Foundation

DOJ Often Used Cell Tower Impersonating Devices Without Explicit Warrants 146

Posted by Unknown Lamer
from the bending-the-rules dept.
Via the EFF comes news that, during a case involving the use of a Stingray device, the DOJ revealed that it was standard practice to use the devices without explicitly requesting permission in warrants. "When Rigmaiden filed a motion to suppress the Stingray evidence as a warrantless search in violation of the Fourth Amendment, the government responded that this order was a search warrant that authorized the government to use the Stingray. Together with the ACLU of Northern California and the ACLU, we filed an amicus brief in support of Rigmaiden, noting that this 'order' wasn't a search warrant because it was directed towards Verizon, made no mention of an IMSI catcher or Stingray and didn't authorize the government — rather than Verizon — to do anything. Plus to the extent it captured loads of information from other people not suspected of criminal activity it was a 'general warrant,' the precise evil the Fourth Amendment was designed to prevent. ... The emails make clear that U.S. Attorneys in the Northern California were using Stingrays but not informing magistrates of what exactly they were doing. And once the judges got wind of what was actually going on, they were none too pleased:"
Networking

Misconfigured Open DNS Resolvers Key To Massive DDoS Attacks 179

Posted by Unknown Lamer
from the check-your-sources dept.
msm1267 writes with an excerpt From Threat Post: "While the big traffic numbers and the spat between Spamhaus and illicit webhost Cyberbunker are grabbing big headlines, the underlying and percolating issue at play here has to do with the open DNS resolvers being used to DDoS the spam-fighters from Switzerland. Open resolvers do not authenticate a packet-sender's IP address before a DNS reply is sent back. Therefore, an attacker that is able to spoof a victim's IP address can have a DNS request bombard the victim with a 100-to-1 ratio of traffic coming back to them versus what was requested. DNS amplification attacks such as these have been used lately by hacktivists, extortionists and blacklisted webhosts to great success." Running an open DNS resolver isn't itself always a problem, but it looks like people are enabling neither source address verification nor rate limiting.
Google

Google Pledges Not To Sue Any Open Source Projects Using Their Patents 153

Posted by Unknown Lamer
from the now-and-forever dept.
sfcrazy writes "Google has announced the Open Patent Non-Assertion (OPN) Pledge. In the pledge Google says that they will not sue any user, distributor, or developer of Open Source software on specified patents, unless first attacked. Under this pledge, Google is starting off with 10 patents relating to MapReduce, a computing model for processing large data sets first developed at Google. Google says that over time they intend to expand the set of Google's patents covered by the pledge to other technologies." This is in addition to the Open Invention Network, and their general work toward reforming the patent system. The patents covered in the OPN will be free to use in Free/Open Source software for the life of the patent, even if Google should transfer ownership to another party. Read the text of the pledge. It appears that interaction with non-copyleft licenses (MIT/BSD/Apache) is a bit weird: if you create a non-free fork it appears you are no longer covered under the pledge.

Comment: "Why not both?" (Score 3, Insightful) 383

by Jaryn (#42751557) Attached to: Ask Slashdot: Name Conflicts In Automatically Generated Email Addresses?
My university takes the unique usernames approach ( abc123@mail.domain.tld ), but also creates aliases for everyone ( generally in the form first.last@domain.tld , but the user actually can choose whatever they want, if there's a collision). Seems to work well enough.

Comment: a fair compromise, medium risk, high return (Score 1) 634

by Jaryn (#40394703) Attached to: Ask Slashdot: How To Introduce Someone To Star Trek?

Not sure this is any help. But a while back I thought my young nephews should learn about Star Trek. They had watched very little of any sort of TV, so they were up for anything, but I wasn't sure where to start. I thought classic Trek would be too old or dated for them, but they could appreciate it later, so I decided they should start with TNG because it may be more accessible for them.

But where should they start in TNG? Yes, we could start with Encounter at Farpoint, the first episode... But that is a pretty cheesy, crappy, strange episode(s). Right? Though it does introduce Q, who is a recurring 'integral' 'villain'. As a completist, you really would have to start here. (Or with TOS.)

Or I could just jump right in and show basically the best episode (or at least best cliffhanger) of Star Trek ever, The Best of Both Worlds I & II. But would it be as good an episode if they don't know any of the characters at all, and never previously encountered the Borg. In fact, so much would be lost by showing that episode first, I decided we couldn't.

So, stay with me here-- I decided to start them with Coming of Age. Now, yes, this is a Wesley episode. And it's near the end of the first season. But Wesley is not at all insufferable in this episode-- he's actually interacting in a more or less reasonable way with his fellow candidates, and my nephews are of the age (12ish) where they could actually maybe see themselves in his place, going through those tests. And while I skipped over a lot of (bad) first season episodes to get to that one, I thought I shouldn't skip the entire first season. That wouldn't be right! So this is a compromise. But most of all, the episode actually does a fairly good job of introducing the characters, through Remmick's interviews/interrogations, and we see Picard have to make a big choice; to become Commandant of Star Fleet Academy, or remain Captain of the Enterprise. (His decision??!? I won't spoil it for you!)

Its weakness (apart from being a first season episode) is that there are no big space battles or major alien encounters. But some smaller scale alien and ship things happen. And this episode is actually a great setup for one of the darkest (though sometimes still cheesy) suspenseful/ominous (though never paying off later) episodes of TNG, Conspiracy.

But before you go there, you can jump back to Datalore (to lead into future Lore episodes), if you like. Also Heart of Glory (for Klingon/Worf episodes), and Neutral Zone (actually, some say, a lead in to the Borg, but also, more obviously, The Romulans). Perhaps even Naked Now, Skin of Evil, and Encounter at Farpoint, if you're brave. But then follow this on in Season 2 with, at the very least, Q Who, The Measure of a Man, and a Matter of Honor. (And these all will effectively have formed mini-arcs.) Then you can watch (almost) everything from seasons 3, 4, and 5 without too much worry. And they will mean more when you watch them.

Anyway, long story short--my plan is somewhat higher risk, but higher return: if your girlfriend is anything like my 12-year-old nephews (huh??) get her to agree to give the show a proper chance by watching several episodes, then set her up with some of the more solid, early episodes, which you may both laugh at a bit but then she will be properly and emotionally invested when OMG Picard is Locutus! in BoBW, or LOOK Tasha is back??? in YE, or, oh no--IS SPOT GONNA BE OKAY???

Comment: Somewhat Meta... (Score 2) 249

by Jaryn (#37859842) Attached to: Ask Slashdot: How Are You Haunting Your House This Hallowe'en?

Instructions:
Purchase at least a half dozen children's full body Halloween costumes (ie spiderman, darth vader, princess, tigger, ladybug, robot, etc).
Set a small table on your front step, porch, or main sidewalk.
On table, place bowl of candy, and large visible sign reading "CANDY"
Take costumes above, stuff them realistically with pillows/towels/other clothing, lay them strategically on ground around table, and douse area with lots of (fake?) blood.
Hide around corner with large (fake?) axe.

You can figure out the rest.

Comment: Atlas companies have used copyright traps (Score 3, Insightful) 433

by Jaryn (#37630074) Attached to: Civil Suit Filed, Involving the Time Zone Database

Atlas companies have used copyright traps before.. Just add a couple fake towns on your map, and if you find another company selling a map with those towns, you know you can sue them for copying your map.

Could a company add a fake time zone to a list of time zones, name it something funny (creative), and claim copyright infringement when it appears in a database? Since really, it's not a fact at all, the made up entry was... art?

Comment: Don't Panic (Score 1) 499

by Jaryn (#37559388) Attached to: Ask Slashdot: Best Long-Term Video/Picture Storage?

Personally, I keep my primary backup in the bottom of a locked filing cabinet stuck in a disused lavatory with a sign on the door saying 'Beware of the Leopard.'

This works quite well.

However, in the event of the destruction of the Earth, this solution seems somewhat.. inadequate. So I believe you would be well served to set up an auxiliary backup system on an interplanetary satellite, or on the moon, and probably also on another not-too-conspicuous planet within our solar system, and just to be safe, one more in another solar system in this (or another) galaxy. (I recommend Ursa Minor Beta.) You don't want a localized catastrophe to eliminate all your files and backups in one fell swoop.

And every few days just swing by the backup sites to be sure there hasn't been any data degradation.

Comment: Unprecedented? (Score 5, Insightful) 78

by Jaryn (#37363172) Attached to: Kepler Discovers 'Phantom' Exoplanet

Unprecedented? Isn't this pretty well the way we discover all extra-solar planets? Through star wobble? Unless we're lucky enough to line up for a full on occlusion?

I mean, I guess in this case it's "planet wobble". But FTFA: "Interestingly, planets in our solar system have been detected through a similar method."

So uh... unprecedented?

Comment: Feature's OK - But personalized filtering better (Score 1) 252

by Jaryn (#34178402) Attached to: Google Give Searchers 'Instant Previews' of Result Pages

Rather than bringing up a small screenshot of each site, Google, just give me some personalized filtering options, please.

And it doesn't need to be complicated, it just need a single checkbox/radio button set like this:

[_] Do not filter my results
[X] Delete all results from domain experts-exchange.com

Comment: Actually, MUDs could and did do that (Score 1) 232

by Jaryn (#29470169) Attached to: Major MMO Publishers Sued For Patent Infringement
I once programmed for and was an admin on a mud that actually had some functions / mini-games which used 'aggregation over an interval' and 'sending the status periodically' (ansiblemoo.org) The code was written this way partly to save bandwidth, but also to just keep that part of the game orderly and fair for all players, regardless of connection speed. It meant not spamming the players every second with soon out-dated information, and the delay also meant that players couldn't simply hammer their keyboard into victory. I think this effectively covers the patent... The code in question was first completed in 1995... or something like that - before my time (and the patent's) - and other similar code was written from 1996 through 2002/2003.

The universe is all a spin-off of the Big Bang.

Working...