Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?
Slashdot Deals: Deal of the Day - Pay What You Want for the Learn to Code Bundle, includes AngularJS, Python, HTML5, Ruby, and more. ×

Comment Re:Phone book (Score 1) 47

People can at least opt out of the phone book. And with the prevalence of mobiles and the decline of landlines, there's an entire generation of people now who have never been listed in a phone book and don't have to worry about it. I don't even remember the last time I got an updated white pages tossed on my porch, it's been years for sure.

Battered wives, stalking victims, controversial bloggers, Twitch gamers, and people who just value their privacy in general, really don't need Comcast broadcasting their home address to the world. Especially when nobody knew it was happening, and especially when Comcast explicitly said they wouldn't do that. Getting doxxed and stalked/swatted/etc. is a big enough threat already without one's ISP making things even easier.

Comment Re:Next step? (Score 2) 111

So I'm likely to know I'm on a Stingray. Do you think I could sort of wardrive to try to locate the device?

Kinda. You can install AIMSICD on an Android phone; it displays a map of cell towers and alerts you when the presence of a stingray is likely. An icon in the phone's status bar will change from green, to yellow, to orange, to red indicating the threat level. I've seen a couple of yellows, which means something weird is going on with tower IDs, but isn't necessarily dangerous. If you got an orange or red icon you could pull up the tower map, find the dot, and drive towards it (or very fast away from it!).

Comment Re:Why use stingrays at all? (Score 2) 111

Is there any information a stingray can collect that the cellular carriers don't also collect?

Yes, everyone else's information in addition to the hypothetical suspect's, with zero requirement for any semblance of probable cause.

The stingray just seems like an end-run around getting a court order to subpoena the information from the carriers.

Right, that's the whole point. The court would never grant a subpoena for information about "everyone who was in the area of Main St. and 4th Ave. on January the 9th," so they're subverting the court altogether.

Comment One TFA is paywalled, the other has a big pop-up (Score 1) 69

With Apple's market penetration, I can see this taking off where some previous offerings haven't done so well. I wonder about the logistics behind any such system, would you have to tie a checking account to your Apple ID? Would people be willing to do that?

On a lighter note, I saw a recent episode of Drugs Inc. where they showed a cocaine dealer with his Square dongle plugged into his phone, bragging that he can take credit cards. Consumer to consumer micro-transactions are an interesting [To Read the Full Comment, Subscribe to My Comments]

Comment Are you alive? You are on a watchlist. (Score 4, Interesting) 400

Do you use the internet? You are on a watchlist. The more interesting question would be which ones, and of course most of us have no way to know.

I spend a lot of time reading and commenting on current events on another site, and I like to back up my comments with citations, so this leads me to Google all sorts of things. Offhand today I've searched for feces swastika (re: the U of Missouri stuff) and officers shot or killed (a story about one officer shooting another off-duty officer). Last night I was reading a thread about the Mazda RDX and so I Googled RDX; RDX is also the name of a military explosive. Around that time I was also searching for various terms related to the Missouri protests.

Some overzealous algorithm might see a person searching for RDX and Mizzou and officer and shooting all within close proximity, and get me on a list I really would rather not be on. That's one of the big problems with automated bulk surveillance, I imagine it's connecting a lot of dots that truly aren't connected.

See you on the list!

Comment Re:âoeItâ(TM)s like drinking freaking vo (Score 1) 38

Chase is good in my experience. They let you set up your own alerts, for example they'll send you a text message anytime a purchase is made over a certain dollar amount. You can set it to $1 and receive a text every single time the card is used, which is nice both for fraud detection and for remembering how much money you're spending on recurring subscriptions. I think other card issuers offer this feature now but Chase was the first of my cards to implement that. They were also the first to send me a chip-style card, almost a year before the requirement became effective.

All credit card issuers in the US are required to reimburse you for unauthorized charges. The law states you're liable for up to $50 but in practice I've never heard of a card issuer sticking the customer with any charge at all, if you dispute a (legitimately) fraudulent charge, they just remove it from your statement. Not sure how things work in Thailand. Anecdotally, I've never seen a bogus charge on my Chase Freedom card, but I don't know whether that's because they've prevented things from going through or whether nobody's tried.

Comment Re:Additional "features" (Score 1) 123

I was finally talked into getting an iphone when it was time to upgrade. So far I don't have any problems with the phone itself... but one BIG noticeable difference is every few weeks after using my new phone I get random calls from phone scammers/telemarketers.

Did you install the LinkedIn app on that phone?

Comment Re:What are you people doing with your lives? (Score 1) 153

The real heavy hitters have to be tethering, but there are normal use cases that can consume 23GB a month on the phone itself. Streaming practically anything adds up faster than you might notice.

Let's look at Spotify. They stream at 160kbps (72MB/hr) when you choose high quality, and paid Spotify users get a 320kbps (144MB/hr) option. Suppose you routinely leave Spotify streaming throughout your 8 hour workday; I know people who do this. Over the course of a month, 4 x 40-hour weeks, the 160kbps stream will use up 11.5 gigs of data. Interestingly enough, that means the 320kbps stream will use up... 23 gigs! Anyway, that's just listening to background noise while you're at work.

Now add in a month's worth of checking emails, random brief web surfing sessions, watching some funny YouTube clips here and there, checking in with a couple of games, poking around at a sports scoreboard app full of refreshy ajaxy bandwidth-hungry gadgets, posting a dozen 2MB photos to Facebook and Instagram every day, watching your local TV news livestream during your lunch break and/or the train ride home, and all the other shit people like doing on their phone. It adds up. You and I might not use our phones like that, but look around. Millions of people do.

23 gigs isn't the enormous quantity of data that it once was, especially when we're being constantly bombarded with advertisements telling us to consume even more.

Comment Re:What's Wordpress walling ... (Score 1) 80

Your idea is not a money-maker, but thanks for playing.

From what I've seen, the primary reason Wordpress installs get exploited is to install advertisements or links across every page of the site. The links are intended to boost somerandompharmacy.ru's Google pagerank, to the benefit of its owner. The advertisements generate revenue if someone clicks them. Sometimes they'll add a drive-by browser exploit to own visitors directly, who knows what they do to monetize that; ransomware, bank trojans, etc.

If you don't see any financial motive for these compromises, you aren't thinking hard enough.

Comment Re:Yeah, that's sound about right (Score 1) 228

Certified ADS-B transponders run multiple thousands of dollars, but as with everything in aviation, much of that cost comes not from the product but from the certification process. The hardware itself is not necessarily expensive. Proving to the FAA that the hardware is safe and reliable, and maintaining insurance coverage for when NTSB inevitably cites the device as a contributing factor to an accident, is what incurs the expense for manufacturers and why the prices are so high.

There are pilots building battery powered homebrew ADS-B receivers out of a Raspberry Pi and a USB software-defined radio tuner. The whole setup runs around $120. They aren't FAA certified, of course, but are not required to be since all they do is receive. It wouldn't be difficult to turn this design into a transponder with little additional weight. Surely it's conceivable to manufacture something even lighter and smaller and less expensive when done on a large scale, if the certification requirements were set reasonably enough to make such a unit commercially viable for consumer level "drones."

Comment Re:the penalty is way to light (Score 2) 42

Hold up, as the summary doesn't jive with the facts. From the DOJ's release, emphasis mine,

According to industry estimates, Citadel, and other botnets like it, infected approximately 11 million computers worldwide and are responsible for over $500 million in losses. In 2012, Belorossov downloaded a version of Citadel, which he then used to operate a Citadel botnet primarily from Russia. Belorossov remotely controlled over 7,000 victim bots, including at least one infected computer system with an IP address resolving to the Northern District of Georgia.

This guy didn't create the malware, he wasn't responsible for 11 million infections, nor was he responsible for $500 million in losses. He downloaded and tweaked some existing bank trojan, got it onto 7,000 computers, and stole some undetermined amount of money, which the DOJ has not disclosed but which is probably much closer to his restitution amount of ~$320K than it is to $500M.

The shortest distance between two points is under construction. -- Noelie Alito