Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror

Comment: Re:What complete and utter bullshit. (Score 1) 204

by Kjella (#48928589) Attached to: Anonymous No More: Your Coding Style Can Give You Away

What complete and utter bullshit.

95% of 250 coders. That means that out of a million programmers they will misidentify 200000.

You know it's not a contest to come up with the worst bullshit. If you're left with one person 95% of the time when you have 249 possible wrong answers, it's like being left with 4000 people when you have 999999 wrong answers. If all those are too close to tell apart you'll misidentify >99.9%.

Imagine for example that you wanted to find people by height and weight, as measured to nearest cm and kilo. It might work decently on a small group, but if you scale it up to a million people there'll be a lot of duplicates and then you're just guessing, double the population and you halve the chance of being right.

Comment: Re:Simple (Score 1) 217

by Archangel Michael (#48928069) Attached to: Facebook Censoring Images of the Prophet Muhammad In Turkey

Well, if you keep voting for the same thing, expecting different results, who is the crazy one?

I know, how about taking the fucking power away from people we have no access to and giving it back to the people to live their lives as they see fit? Oh right, because (R) want to toss Grandma off a cliff and (D) are in bed with the Islamists (IOW ... Fear Mongering).

Oh, don't forget to mention Somalia in your next reply.

Comment: Re:But power corrupts (even if unintentionally) (Score 4, Interesting) 396

Interesting story. One of the things I find most reassuring about the police service* in the UK is that they have long maintained, great consistency and at almost any rank, that good community relations are the heart of good policing. Officers who go out on patrol** have consistently and overwhelmingly said they do not want to routinely carry firearms, because that goes against the basic principle of policing by consent, and instead they tend to assume that the solution to local problems often starts with trying to improve those relations if they are failing. Concerns are also raised often by the police themselves about the balance between having officers patrolling in vehicles for rapid response and having officers literally walking the beat and actually making contact with the public. I get the feeling that police officers in certain other parts of the world have a very, very different attitude to their relationship with the public.

*I remember well that when the local police schools liaison officer visited us, he made a point of saying he didn't like the term "police force" because it had the wrong connotations before you even started to look at what the police did.

**It's curious how often police officers and politicians in some places refer to officers "on the front line", this being about as overt a military metaphor as I can think of (short of being "on the front line in the war against $ABSTRACT_NOUN" I suppose).

Comment: Re:Security is a yes/no question (Score 1) 396

The key point from an ethical/legal point of view might be the warrant. The key safeguard from a practical point of view is that to plant those bugs someone has to actually visit the site and do something. This requires time, effort, and a risk of getting caught, which means it's potentially an option if you really do have a good reason to consider a specific individual to be a threat but it's prohibitively expensive to spy on everyone all of the time. As far as defending democracy is concerned, that is a much healthier balance than mass surveillance of the many by the few.

Comment: Re:Simple (Score 1) 217

by Archangel Michael (#48927337) Attached to: Facebook Censoring Images of the Prophet Muhammad In Turkey

The original poster implied it wasn't culturally acceptable in the US, and I was making it clear that under certain circumstances and depending on how you look at things, it is culturally acceptable, just narrower in scope.

AND if you ask me, it is always has been and will be culturally acceptable until such time as we start tossing the likes of everyone involved in things like TARP I and II in jail.

Comment: Re:Uh, okay? (Score 2) 342

by Kjella (#48927323) Attached to: Why Screen Lockers On X11 Cannot Be Secure

It doesn't bode well for Linux that it is also not the year of the Windows Desktop or Apple Desktop. It is the year of the smart phone. The year of the desktop may never return. Desktops are better suited for developers and smart phones are better suited to consumers.

Developers and a ton of other professionals. If Linux/FLOSS could replace Windows, Office, Outlook/Exchange, Sharepoint and SQL Server that's probably 15 of Microsoft's $26 billion dollar revenue. Open source has not managed to commodify basic business and collaboration tasks, despite so many years of trying. It's not all about smartphones and tablets.

Comment: Re:When everyone is guilty... (Score 1) 396

All agreed, though I am increasingly of the view that systemic bias in favour of the accused is not sufficient. Merely being dragged through the legal system even if ultimately found not guilty is sure to be stressful, time-consuming, and possibly costly in more ways than one. People who have committed even quite serious crimes are sometimes released immediately after conviction on the basis that they've already served as much or more time than their sentence -- but of course, someone who was entirely innocent and not convicted in court also served that time. Right now you're unlikely to get much financial compensation for any of that, and even less any obligation for those who caused the damage to do anything else to set the record straight or otherwise make things right as much as possible.

The more I've thought about these kinds of issues as I get older, the more I think our modern "justice" systems are no longer fit for purpose, if indeed they ever were. In particular, they take an absurd amount of time and resources to deal with trivial infractions, sometimes at a cost to all involved that is far greater than any damage done by the alleged act itself. For major cases, the court proceedings can cost millions and drag on for years, and by the time they are finally over the result is no longer relevant anyway.

I think we would probably do much better if we built on the kinds of distinction we already make about severity: misdemeanour vs. felony in the US, magistrates vs. crown courts here in the UK, small claims courts with less formal procedures for minor civil disputes, and so on. For example, I don't see why any very minor offence can't be fully tried and a judgement made within a single court session and within a matter of days after the alleged infraction. Either there is clear evidence to convict, or you acquit. If you convict in a fast track procedure, you have strict limits on the level of penalty that can be imposed.

Then for repeated minor offences within some defined time period or for more serious crimes (probably anything including violence that allegedly caused significant injury and/or damage needing repairs exceeding a certain cost, for example) you can extend the timescales involved to a degree to allow for more careful preparation of the case, perhaps increase the degree of scrutiny in terms of magistrates vs. judge and jury and allow the use of expert witnesses, and so on.

Crucial to all of this, in my ideal world, would be the idea that there was also proper compensation for anyone brought through the system at any given level but not ultimately found guilty, making it not cost effective to bring cases in the first place without a reasonable expectation of a conviction. No doubt experienced lawyers could come up with much better ideas for the specific details of any such system, but I think the idea of having more well-defined tiers with strict limits on applicability and proportionate compensation arrangements is basically a sound one.

Comment: But power corrupts (even if unintentionally) (Score 3, Insightful) 396

I agree with your basic point about the need for balance. Of course there are bad people in the world and of course we need police and courts and the like.

I think the problem today is that many in our current political class don't recognise that need for balance so much as they see "them and us" and even start to forget whose side they are supposed to be on. The truly evil part of the situation is that this result seems almost inevitable. The people calling the shots are exactly the people who necessarily deal with the worst of humanity as part of their job. How could this not affect their perspective? They naturally want to trust their allies, who are the people who would be empowered under all these proposed security measures and aided by restrictions on the privacy and security of others. And of course being influential figures within the government, it is highly unlikely that they will personally ever find themselves on the wrong side of a government screw-up and unable to get the problem fixed very quickly.

I don't think these people are evil. On the contrary, I suspect most people in government, including their agents in the police and security services, are probably just normal people who have a job to do and who genuinely want to do the right thing. As with any large group, there will eventually be a few bad actors included as well and it is necessary to identify and contain them, but that isn't usually the main problem.

However, I do think we're talking about people who are heavily biased, even paranoid, because it would take a superhuman level of detachment not to be when you look at the kind of people they have to deal with at times. I also think in most cases they are ignorant about the technologies they are dealing with, and therefore unable to make rational, objective judgements about the likely effects of the technical measures they propose as policy. Finally, I think that the more senior these figures get within the government and its agencies, the more detached they tend to be from reality for average citizens and the more ignorant or dismissive they can become of how things tend to play out for innocent people in less privileged positions who are nevertheless caught up by the measures the politicians propose.

As the saying goes, power corrupts. It doesn't necessarily have to be malicious or intentional. Obviously in some cases it has been, but often I think the corruption is more of a slow but almost inevitable change in perspective caused by the situations you find yourself in when you have power to wield.

And so it is necessary for those who are looking from outside, those who don't spend disproportionate amounts of their time dealing with a particularly nasty minority of the human race, those who understand the technical issues, to speak out about what is happening and where it could lead. As with any issue of civilised government, in the long run you're going to get much further by educating people about relevant issues and promoting intelligent discourse than you are with wildly exaggerated rhetoric and extreme positions backed by intimidation and ultimately violence. The latter are seductive, and often appear quite effective in the short term, but I doubt they've ever truly solved much.

Comment: Re:If it's accessing your X server, it's elevated (Score 2) 342

by vux984 (#48925949) Attached to: Why Screen Lockers On X11 Cannot Be Secure

Are you familiar with the traditional attack

Computer somewhere running some OS.
Regular authorized but non-priviledged user logs in and runs regular non-priviledged user-space application "program that looks like lock screen" and then leaves computer.

Another coworker, or perhaps an administrator walks up to use the computer; types in his credentials... and the app saves them...

Windows solution to the attack implemented decade(s) ago:

real windows desktop lock screen can only be unlocked with ctrl-alt-delete which user-land non-priviledged apps can't intercept.
train users never to login to a computer unless they hit ctrl-alt-delete to unlock it first.

Comment: Re:Security is a yes/no question (Score 1) 396

Notice that I very carefully said secure against a certain attack in my previous post. You are talking about something different to breaking the encryption technically: the xkcd attack, which any large organisation with weapons can apply, but not covertly and not without consequences if they try to apply it systematically against innocent people.

Life is a game. Money is how we keep score. -- Ted Turner

Working...