Forgot your password?
typodupeerror

Comment: Yeah, they just mandate it without legislation... (Score 1) 51

by Willbur (#41924579) Attached to: Australia Scales Back Internet Blacklist, Nixes Full-Scale Censorship

Govt: "Give me all your URLs"
ISPs: "No"
Govt: "OK, will you give me half?"
ISPs: "OK"

This is not a win. It is true that the government is no longer proposing new legislation. This is because they seem to be getting much of what they want without new legislation. In particular, it appears there will be a new industry "Code of Practice" which will then have force under current legislation (think of it as like changing a regulation). There is also going to be a 'police request' to the ISPs. It isn't clear to me at this point which of these, or how the combination, leads to enforceability, but it seems all Aus ISPs are now going to be filtered.

Good:
    - The black-list will be the Interpol black-list, which I understand is at least reasonably well monitored and is quite small. It is also outside of political control in Australia.
    - I'm guessing the filtering will be DNS based for domains on the list, forwarding them to a proxy that checks the URL. This means it will not affect people not accessing those domains.

Bad:
    - We have a filter. This will have two effects: it will lead to worse enforcement of child abuse as people get complacent. It will cause the occasional problem like the Wikipedia/Scorpians cover (see http://en.wikipedia.org/wiki/Internet_Watch_Foundation_and_Wikipedia )

This is a shame. Child porn sites stay up longer than phishing sites because banks actually want the phishing sites down, not just covered up.

It will also be interesting to see what effect DNS-SEC has on this, but that is in the longer term.

Comment: Re:Simple Solution (Score 2) 155

by Willbur (#37535352) Attached to: Global Internet Governance Fight Looms

Give each country its own DNS. [snip]

Each country already has its own DNS. Country code domain names have been around for a long time. Maintaining the root servers that point to the country codes doesn't need to be an automated system. I'd hand it over to the group that agrees on the country codes: the UN.

What you're really suggesting is getting rid of non-country code domain names. All those 'blah.com' addresses would need to choose one or more country codes to occupy... 'blah.com.us' or 'blah.co.uk' or ... . This would be an improvement on the current situation, but it would also be a huge upheaval and I'm not sure the long term benefits are worth the short term cost.

But even once you've done that you still haven't solved all the problems. If a UK resident purchases from a US shop, whose laws apply? US, UK or international law? It is at least clear to customer that they're purchasing from an overseas entity, but that doesn't solve the legal questions. Things could get messier still: what happens if a .co.uk domain name points to a server in the US and there is an Australian customer? Whose laws apply then?

And lets not get started on the allocation of IP addresses... :)

For every complex problem there is a solution that is simple, neat and wrong.

Comment: Re:Anti camera tech - lemon juice :) (Score 1) 482

by Willbur (#37041212) Attached to: The London Riots and Facial Recognition Technology

Reminds me of McArthur Wheeler: (from http://plus.sites.post-gazette.com/index.php/component/content/article/62/103182-pittsburgher-stupidity-in-the-news-the-mcarthur-wheeler-effect- )

At 5 feet 6 inches and about 270 pounds, McArthur Wheeler is an easily recognizable man — even when wearing lemon juice on his face.

That certainly came as a surprise to Wheeler, 45, of Versailles Street, McKeesport. He was incredulous in April when Pittsburgh robbery detectives told him that he had been identified in surveillance photographs as one of the two men who robbed two banks in Brighton Heights and Swissvale on Jan. 6.

"But I wore the lemon juice. I wore the lemon juice,'' a puzzled Wheeler told the even more puzzled detectives.

The detectives' confusion turned to incredulity as Wheeler explained about his would-be lemon aid.
"Someone told him that if you put lemon juice on your face it makes you invisible to the surveillance camera,'' recounted a still chuckling Cmdr. Ronald Freeman of the investigations branch.

Comment: Security apps just placebo? (Score 1) 173

by Willbur (#36197640) Attached to: Ask Slashdot: Android Security Practices?

This may be betraying my ignorance, but I thought that the basic security model behind android held that one app couldn't see another app's code or private data. The sdcard is general storage, so all apps with sdcard permissions can see everything on the card, but mostly what is stored on the sdcard is not security critical anyway. Another caveat is that if you've rooted your phone then you're adult enough to look after yourself.

So, how is a virus scanner supposed to work? It will never be able to see any of the other apps. Similarly with a firewall - it wont be able to see when another app connects to the net. The only way it could work would be to break out of the standard security systems.

This suggests to me that most of these 'security apps' are scams (not counting stuff for rooted phones -- but rooting is itself a security risk. e.g. With most of the rooting mechanisms, if you hook a usb cable to a rooted phone then you get a root shell without any password protection - mmmmm security).

The 'security apps' that I could see working are:
    - Apps that monitor the SIM ID so that they know when another SIM is inserted.
    - Apps that allow remote phone tracking.

It is possible to detect some changes in phone state and quickly try and correct things, or at least alert the user to the issue. This is how the apps that add password screens/PINs to the front of other apps work - they detect the other app being brought to the front and quickly overlay their pin screen over the top. But this seems weak for general protection.

So, what specific protection do people think they're getting from these security programs? Which of the (non-root) programs more than a placebo, and how do they work?

Comment: Re:Time to look at your own desk... (Score 1) 376

by Willbur (#34969370) Attached to: Last Days For Central IPv4 Address Pool

I'm also on internode and use a NetComm NB6Plus4 to get my IPv6 over ADSL. The NB6Plus4 needs a firmware update that internode have on their web site. You then need to use a slightly modified PPPoE login to tell internode you want IPv6.

See http://ipv6.internode.on.net/configuration/adsl-faq-guide/

Note that home ADSL ipv6 is currently a trial and unsupported. But it works well :).

The real holdup with home equipment seems to be getting home modem/routers that support IPv6 (routing and PPPoE). I would have thought this would be fixable with firmware updates though. (Or you can stick your modem in bridge mode and use a PC with PPPoE IPv6 support - but that's unlikely to be a popular option.)

Comment: Congratulations... (Score 4, Interesting) 60

by Willbur (#34278790) Attached to: US Robots Win Big Down Under

Congrats to the teams that did well. I know a bunch of Australian teams that looked into entering and decided not to because:

    a) It was an engineering challenge more than a research challenge,
    b) It was closer to that ethical line of making killer robots than, say, the DARPA Grand Challenge autonomous vehicle competition,
    c) There was an extremely compressed timeline to actually make anything, and
    d) The prize is mostly prestige. i.e. It wouldn't come anywhere near the development costs even for the teams that won.

So, it was a less than perfect competition. But that also means that the teams that did well in it did well under difficult conditions, so good for them. :)

Comment: State, not Federal politician (Score 1) 150

by Willbur (#33566660) Attached to: Australian Politician Caught Viewing Porn

A few things:

    - This guy was a state, not a federal, politician. This is important for two reasons: i) it is the federal govt that is looking to introduce the filter, not the state govt, and ii) The federal govt is 1 by-election away from a change in majority, so that would be much more tricky. iii) The state govt is so dysfunctional that noone really cares any more - they're going to lose the next election and this guy might well be happy to go now before the rush.

    - This story is a little old. Although only a couple of weeks old, so for Slashdot maybe that is ok.

    - There were a number of people 'caught' by the audit, including staffers for one of the more religious parties (no surprise there). But after that it came out that the audit itself may have had some problems...

Comment: Re:If you are a contractor... (Score 3, Informative) 504

by Willbur (#32166296) Attached to: Can Employer Usurp Copyright On GPL-Derived Work?

It is legislation, not case law. Section 35(6) of the Australian Copyright Act 1968: "Where a literary ... work ... is made by the author in pursuance of the terms of his or her employment by another person under a contract of service or apprenticeship, that other person is the owner of any copyright subsisting in the work ... ." Computer Software is a 'literary work' for the purposes of the act.

Note that it isn't all code written by an employee, just code written for your job.

IANAL, but you can look at the law yourself: http://www.austlii.edu.au/au/legis/cth/consol_act/ca1968133/s35.html

Comment: Re:These guys are not helping (Score 1) 75

by Willbur (#30677684) Attached to: Australian Net Filter Protest Site Returns

Oh for Mod points. Arctanx is right. There are at least three quite separate issues here:

    a) Stephen Conroy's policies are woefully misguided. They will have the opposite effect on child protection to that publicly claimed, causing an increase the pain and suffering of many children.
    b) Even so, registering this protest site is not a good response. Have the site, but put it in stephenconroysucks.com.au.
        - I much prefer Australia's rather stricter DNS rules to the loose ones in the US. This is not a freedom of speech issue, it's a truth in advertising issue.
        - Applying for a business name as a workaround is not a good thing. It will make the laws either a) more complex, or b) more vague so that they cover all the misleading behaviour.
    c) Regardless of whether the AuDA rules are good, the AuDA implementation looks like it needs some work. Having said that, I'm a fan of stricter policing of au DNS rules. Noone was taking the server down - they were simply saying it can't have a particular domain name.

Comment: In some ways, this plot succeeded... (Score 1) 809

by Willbur (#30558894) Attached to: Man Tries To Use Explosive Device On US Flight

The TSA causes so much hassle in the US that it is a drain on the country. Some countries, like Australia, have recently started loosening their restrictions (I hear that metal cutlery is back).

Imagine you're a terrorist organisation. You find some idiot willing to do this. If they succeed, great. If they fail, then you're still going to inconvenience the entire travelling world in the middle of one of the busiest times of the year.

Look at the lists of new 'safety rules' that have been instituted. For Al-Qaeda, that's not a bad consolation prise.

"Who cares if it doesn't do anything? It was made with our new Triple-Iso-Bifurcated-Krypton-Gate-MOS process ..."

Working...