Follow Slashdot blog updates by subscribing to our blog RSS feed


Forgot your password?

Comment Re:The enabling technology, itself, is ridiculous. (Score 1) 94

It wouldn't be difficult to steal a signing key.

Ok, it might be difficult, but it's certainly not impossible or unheard of. They've been found in GitHub repos, for example.

If an malware app was installed without an icon, it could spread prolifically before anybody detected it and the signature could be revoked. Depending on the purpose, it might not need to survive very long anyway.

If anyone actually used AirDrop, that is. I don't know anybody who does, or has it enabled. Most people just send photos via text or email, and share apps via links, if at all. The only time I've personally used it was in a location with poor cell service and no WiFi. I just turned it on in my office, and it didn't find anyone nearby either. YMMV...

Comment None (Score 1) 381

Most countries, especially in the five eyes, monitor their communications infrastructure. Outside of that, the ones that don't are still likely being monitored by other countries. Also, communications often transit borders, and once it's out of your network, it's definitely out of your control.

Encryption raises the bar, but unless you are a mathematician who can prove that P != NP (or vice versa) and implement a perfect version of a cryptographic method, you can't really be sure of anything anyway. If it's important enough to conceal a communication, or a collection of communications taken as a whole, then do a key exchange in person with single-use keys, AKA a one-time-pad. Make sure to never, ever use the same key twice, and use an isolated device to perform the encryption/decryption. Keep that device as isolated as possible by, for example, using OCR on printed documents instead of digital media. That will protect against mass surveillance, especially if your encryption algorithm is both unique AND at least as strong as AES, which, again, is hard to prove. (See the section just on attacks on TLS/SSL, and those are the algorithms that secure some of the most valuable corporate data on the planet.)

If you want to communicate in private, then do it in private, in a secure environment. Assume everything else is no different from communicating in public and is being recorded, because it is probably being recorded, and at some point it may very well be public.

Comment Re:Justice is complex. (Score 1) 235

You are equating that justice should be proportional to the damage caused, vs intent, and chances for reoccurrence.

Of course it should. As you mention, it should also factor in the variable of deterrent effect on the individual, and likelihood to reoffend, but it should absolutely consider the magnitude of the damage caused. Anything else would be arbitrary and capricious.

Also, money is replaceable, and victims can be made whole, while lives are irreplaceable, at least to the people who lose them.

Comment Re:This is reasonable? (Score 1) 235

I'm pretty liberal when it comes to both sentencing and piracy, but I can't agree in this case.

So piracy is not theft, but there was clearly economic harm, in that he offered a service for profit that competed against other, licensed, for-profit services, and clearly drew some business. If someone steals your car, there are economic losses as well. Should car theft not be punished by jail time? If not, should any economic harm? I would argue that it should.

Now, is the sentence just? I would say that two months, with a month for good behavior should be more than enough in most cases. Sometimes people just don't think about consequences, and a taste of consequence is all they need. In this case, however, "He continued to run the website even after he was served a cease and desist order by the Federation Against Copyright Theft (FACT) and after he was initially arrested." [Emphasis mine.] So this wasn't just a case of someone thinking they wouldn't get caught, or that it was no big deal. He *got arrested*, and kept running the site. That's not just trying to skirt the law, that's overtly flaunting the law, and I think 2 years was reasonable.

Comment Re:Unibody? (Score 1) 345

Phones aren't unibody, in that they always have a front and back. The front may be the screen itself, but it still exists. (There would be no way to get the electronics and battery inside if it were not so.)

The iPhone 4 was probably the easiest iPhone to disassemble, and to compensate for that, Apple used proprietary pentalobe screws to deter the casual user. Still, with a pentalobe screwdriver and a suction cup, it was trivial to open the phone. The connections inside, however, required a degree of dexterity to carefully remove and reattach. Could those connections be made easier? Probably. So Apple could have made the phone easier to service in at least one way, and probably two, and at least one of those obstacles was deliberate.

Compare that to something like the newer iPads, which require the application of heat to soften the glue holding the screen in place. There's nothing user-friendly about that design. There's something to be said for the aesthetics of a sealed case, but it would have been trivial to use screws through the back instead, as with MacBook Pro's, and that would make the devices far more user-serviceable.

Clearly making these devices accessible to the user would be beneficial from a cost standpoint, but it would be beneficial from an environmental standpoint as well. The most environmental choice is almost always to continue using an existing product instead of using the resources to produce a new one, and this is as true for electronics as it is for cars. How many more people would replace their batteries, or cracked screens, for $5 or $10 instead of buying a new phone? Many of my non-tech friends are still using their 3-4 year-old phones, or 10 year-old iPods, and I suspect they will continue using them until the devices die, as much as Apple or Samsung would like them to buy a new one every two years.

Personally, as long as I can get a device open without breaking it, I will always service it myself. That said, I'm getting ready to upgrade my iPhone this week, as I do every two years. And like many tech geeks, I make up for it by rarely buying new clothes. ;)

Comment Re:No discs = no buy (Score 1) 230

The only reason these tactics work, along with other horrible policies, is because there's no powerful voice giving pushback in the public arena. Perhaps it's about time for the EFF to start making commercials, or for a consumer group to be established to lobby and donate and advertise, like the NRA or MADD. I may not agree with those groups' policies, but I cannot argue with their effectiveness.

Mommy, what happens to your files when you die?