Forgot your password?
typodupeerror

Comment: Remember this? (Score 5, Interesting) 472

by Voline (#44793163) Attached to: Ask Slashdot: Linux Security, In Light of NSA Crypto-Subverting Attacks?
Remember this? In December 2010 there was a scandal when a developer who had previously worked on OpenBSD wrote to Theo de Raadt and claimed that the FBI had paid the company he had been working with at the time, NETSEC Inc (since absorbed by Verizon), to insert a backdoor into the OpenBSD IPSEC stack. They particularly pointed to two employees of NETSEC who had worked on OpenBSD's cryptograhpic code, Jason Wright and Angelos Keromytis. In typically open-source fashion, de Raadt published the letter on an OpenBSD mailing list. After the team began a code audit de Raadt wrote,

"After Jason left, Angelos (who had been working on the ipsec stack alreadyfor 4 years or so, for he was the ARCHITECT and primary developer of the IPSEC stack) accepted a contract at NETSEC and (while travelling around the world) wrote the crypto layer that permits our ipsec stack to hand-off requests to the drivers that Jason worked on. That crypto layer contained the half-assed insecure idea of half-IV that the US govt was pushing at that time. Soon after his contract was over this was ripped out. ...

"I believe that NETSEC was probably contracted to write backdoors as alleged."

I'd like to find a more recent report of what they found.

Comment: Re:Long story short... (Score 5, Informative) 347

Great rant, except that over 75% of the Linux code contributed is contributed by paid corporate employees that are simply doing their job.

Supporting evidence for this assertion:

"It is worth noting that, even if one assumes that all of the “unknown” contributors were working on their own time, over 75% of all kernel development is demonstrably done by developers who are being paid for their work."

Corbet, Jonathan, Greg Kroah-Hartman, and Amanda McPherson. Linux Kernel Development: How Fast it is Going, Who is Doing It, What They are Doing, and Who is Sponsoring It . San Francisco: Linux Foundation, March 2012. 9.

Comment: Re:I'm sure this is on the money, but (Score 1) 347

Management cares about features they can sell, and stuff that does not immediately translates into new features is considered a waste of time.

What you're saying may be generally true. That's what made Mac OS 10.6 such an amazing release. As John Siracusa wrote in his Ars review:

At WWDC 2009, Bertrand Serlet announced a move that he described as "unprecedented" in the PC industry.

"0 New Features"

Read Bertrand's lips: No New Features! That's right, the next major release of Mac OS X would have no new features. The product name reflected this: "Snow Leopard." Mac OS X 10.6 would merely be a variant of Leopard. Better, faster, more refined, more... uh... snowy.

I think Mac OS X could use another release like that today. Fewer iOS-like "features" more bugs quashed, please. Too bad Serlet left the company.

Comment: Re:Rudolf Winestock for President (Score 1) 225

by Voline (#43511205) Attached to: The Eternal Mainframe
Slow down. Winestock is not making the "If you're offline you must have something to hide ..." argument, he's anticipating it. He's warning that this is an argument authoritarians will soon be making and so one should be ready to defend the right to even have a general-purpose computer and keep one's data locally.

Comment: Re:Privacy (Score 2) 225

by Voline (#43511127) Attached to: The Eternal Mainframe

I think you're misreading the article. The Winestock is not making the "if you have something to hide ..." argument, he's anticipating it. His argument is that the computer industry, and perhaps computing as a technical endeavor, tends the direction of centralization of computing power and grunt work which then leads to centralization of data. Both governments and business – even cool, supposedly "revolutionary" businesses – like it this way. So, don't look to the high tech companies for help protecting your privacy. As he says in TFA:

Pleading will not help because the interests of those companies and their users are misaligned. One reason why they are misaligned is because one side has all of the crunch; terabytes of data, sitting in the servers, begging to be monetized. Rather than giving idealistic hackers the means to liberate the users from authority, the democratization of computing has only made it easier for idealistic hackers to get into this conflict of interest. That means that more of them will actually do so and in more than one company.

You see, in the past, the computer industry was dominated by single corporations; first IBM, then Microsoft. Being lone entities, their dominance invited opposition. Anti-trust suits of varying (lack of) effectiveness were filed against them. In the present, we don't even have that thin reed. Thanks to progress, we now have an entire social class of people who have an incentive to be rent-seekers sitting on our data.

Being members of the same social class, they will have interests in common, whatever their rivalries. Those common interests will lead to cooperation in matters that conflict with the interests of their users. For example, the Cyber Intelligence Sharing and Protection Act (CISPA) is backed by Microsoft, Facebook, Yahoo, and, yes, Google, too.

As the head of the Software Freedom Law foundation, Eben Moglen says, keep your data locally, at home, where the 4th Amendment still has some effect. As Winestock is saying, you better be ready to defend even the right to do that.

Comment: Re:sword vs polearm (Score 1) 469

by Voline (#43066007) Attached to: What Is Your Favorite Polearm?
It's interesting that, as the middle ages went on, foot soldiers went from bearing a shield and one-handed sword or axe to pole arms like the above, then later, pikes. Also swords went from the one-handed variety used with a shield to the two-handed sort. All this happened after the longbow and crossbow were introduced. Which seems counterintuitive to me because those would make me more inclined to have a shield to hide behind, not less.
Hardware

+ - With 2012 Ends the "Netbook"

Submitted by Voline
Voline (207517) writes "Digitimes reports that Asus and Acer will not be producing netbooks in 2013, signaling the end of a product category that Asus began five years ago with it's Eee PC. The Guardian looks at the rise and fall of the netbook and posits some reasons for it's end. These include: manufacturers shifting from Linux to Windows causing an increase in price that brought netbooks into competition with full-on laptops that offered better specs for not much more money, the global recession beginning in 2008, and the introduction of the iPad and Android tablets. Agree? What are they missing?"

Comment: Good news. (Score 3, Insightful) 151

by Voline (#38670636) Attached to: India Mobile Handset Backdoor Memo Probably a Fake

As the submitter of the original story, I'll be relieved if the leaked memo is a fake. It gives me an excuse to put off migrating from Mac OS X to Linux, which was going to be a good deal of work.

But the earlier case of RIM agreeing to provide in-country servers to enable government surveillance in the UAE, India and Saudia Arabia shows the leverage that governments can wield over companies that operate within their territory. Vigilance is warranted.

Blackberry

+ - Leaked Memo Says Apple Provides Backdoor to Govern 2

Submitted by Voline
Voline (207517) writes "In a tweet early this morning, cybersecurity researcher Christopher Soghoian pointed to an internal memo of India's Military Intelligence that has been liberated by hackers and posted on the Net. The memo suggests that, "in exchange for the Indian market presence" mobile device manufacturers, including RIM, Nokia, and Apple (collectively defined in the document as "RINOA") have agreed to provide backdoor access on their devices.

The Indian government then "utilized backdoors provided by RINOA" to intercept internal emails of the US-China Economic and Security Review Commission, a US government body with a mandate to monitor, investigate and report to Congress on "the national security implications of the bilateral trade and economic relationship" between the US and China. Manan Kakkar, an Indian blogger for ZDNet, has also picked up the story and writes that it may be the fruits of an earlier hack of Symantec.

If Apple is providing governments with a backdoor to iOS, can we assume that they have also done so with Mac OS X?"

What this country needs is a dime that will buy a good five-cent bagel.

Working...