Become a fan of Slashdot on Facebook


Forgot your password?

Comment: Re:Manual config (Score 1) 63

by MikeMo (#48936691) Attached to: D-Link Routers Vulnerable To DNS Hijacking
It seems most consumers will only buy whichever router is the cheapest. They have no concept of quality, performance, features, configurability, etc. when it comes to routers. So, router makers have to keep making them cheaper and cheaper or they don't sell at all. Kinda like the whole PC market, only worse. Obviously, they get to the point where they barely run, barely have any thermal headroom, have the cheapest possible components, and buggy firmware.

Comment: Oi (Score 1) 227

by fyngyrz (#48929867) Attached to: Facebook Censoring Images of the Prophet Muhammad In Turkey

I was saying that it makes a lot of sense for Facebook not to allow pictures of Mohammad in Turkey. Just like they don't allow boobies in the USA.

It doesn't "make sense", it simply retards social progress by keeping neurotics from considering the darker corners of their own thought processes. I mean, seriously. "Boobies bad"? That's just... pitiful. I am perfectly ready to describe anyone who isn't pleased by the sight of a nice pair of boobies in any neutral, humorous, peaceful, appreciative or loving context as a broken human being. One for whom I have sympathy and pity, but in no way does this engender any urge to force the world into a form that serves to insulate them from the toxic processes of their own twisted psyches.

As for drawing Mohammad, your assertion that there is no purpose but offense is wrong out of the gate. Art is one reason, political commentary is another, historical illustration is another, simple choice is another, and yes, offense is one but that doesn't make it an invalid use.

Comment: Re:If it's accessing your X server, it's elevated (Score 1) 369

by JesseMcDonald (#48929037) Attached to: Why Screen Lockers On X11 Cannot Be Secure

Oh how about a new protocol extension that allows one designated program to receive all keyboard inputs regardless of any other grabs. The X11 server can keep on pretending that the other grabbers still have such a grab.

I'm not really sure how creating yet another way for a "designated program" to monitor input events is supposed to address the problem that any X11 client can monitor keyboard events on any window in the absence of a grab, unless you intend to rewrite all existing software to grab the keyboard on receiving input focus, and force all the desktop environments to implement support for the extension and move their global keybindings into a specially designated client. At that point you might was well switch to a system designed for secure I/O from day one—like Wayland.

Look: X11 works on Windows even though windows can apparently REALLY gab the keyboard. X11 will we are told work on Wayland too despite the fact that wayland can apparently REALLY grab they keyboard. Do you really think it couldn't be extended to do that itself?

It's no different with a rootless X server on Windows. Input received by any X window can be observed by any X client, unless one client grabs the input. XWayland will probably work the same way, with native Wayland clients secure from each other and from X11 clients but no isolation between X11 clients and no support for grabbing input directed at non-X11 windows. XWayland is meant as a shim between the Wayland compositor and ordinary X clients; it doesn't support external window managers and isn't expected to host a full X11 desktop environment. You wouldn't run something like a screen locker as an X11 client under XWayland. It wouldn't be secure, for the same reasons that screen lockers aren't secure under X11 now, and similar compatibility problems would occur if you tried to implement the Wayland input model with X11 extensions.

It's easy to implement the insecure X11 model on top of a secure system. The reverse is much more difficult.

Comment: Who says it serves no purpose? (Score 3, Insightful) 227

by fyngyrz (#48928309) Attached to: Facebook Censoring Images of the Prophet Muhammad In Turkey

What offends you may not offend me. And vice-versa. What serves no purpose for you, may serve a purpose for me. Be it intended offense, or otherwise, or both at once.

No one in the USA has the "right to not be offended." Being offended is subjective. It has everything to do with you as an individual, or as part of a particular group; it varies due to your moral conditioning, your religious beliefs, your upbringing, your education; what offends one person or group (of any size) may not offend another, nor a person of another grouping; and in the final analysis, it requires one person to attempt to read the mind of other persons they do not know in order to anticipate whether a specific action will cause offense in the mind of another.

And no, codifying an action in law is not in any way sufficient... it is well established that not even lawyers can know the law well enough to anticipate what is legal, and what is not -- any more than you can guess what is offensive to me, or not.

Sane law relies on the basic idea that we try not to risk or cause harm to the bodies, finances and reputations of others without them consenting and being aware of the risks. It does not rely on the idea that we "must not cause offense."

Law that bans something based upon the idea that some individual or group simply finds the behavior objectionable is the very worst kind of law, utterly devoid of consideration or others, while absolutely permeated in self-indulgence.

Comment: Re: If it's accessing your X server, it's elevated (Score 2) 369

by JesseMcDonald (#48928091) Attached to: Why Screen Lockers On X11 Cannot Be Secure

Some other window most likely does have the keyboard focus, but that's not the same as grabbing the keyboard. Having the focus doesn't prevent input events from also being delivered to other windows, it just tells the non-focused windows to ignore the events. Integrity and privacy for both input and output is a hard problem and something very few windowing systems manage to get right. The solutions tend to involve some degree of inconvenience for the user.

Comment: Re:If it's accessing your X server, it's elevated (Score 1) 369

by JesseMcDonald (#48927973) Attached to: Why Screen Lockers On X11 Cannot Be Secure

What exactly would you propose to add? This isn't a matter of implementing new functionality, but rather removing fundamental misfeatures. Any change to address this issue is going to end up breaking existing applications which depend on the original input behavior.

In any case this is hardly the only reason to switch to Wayland. It's just one of many areas which highlights the drawbacks of trying to tack modern best practices on top of an aging framework. Better to adopt a clean and modern design as the base and confine the hackish workarounds needed to support older clients to a separate compatibility layer.

Comment: Re:First they came for... (Score 2) 227

by fyngyrz (#48927551) Attached to: Facebook Censoring Images of the Prophet Muhammad In Turkey

what have you "won" exactly?

You "win" Turkish citizens annoyed with their government -- a win in the only venue likely to be able to create change there.

so you're for not opening diplomatic relations with cuba? we should just never ever ever reconcile or talk with cuba?

Diplomatic relations are not on the same level as corporate sponsorship of repression. Yes, we should talk to other governments, definitely including cuba, and yes, we should allow our citizens access if they wish to go there, and vice-versa.

But no, I don't think it is a positive thing when corporations adopt behavioral restrictions that are antithetical to freedom in general. It's not that I expect them to change, it's just that I don't like it, and as I am free to object and explain here, I do so.

we don't talk to iran? what is iran's attitude going to be then?

This is a straw man. I am all for talking to, and mutual visitation of, Iran (Cuba, etc.) These things allow cultural values to spread -- because generally, the dialog is quite open. I am not for FB repressing speech. These are not the same issues.

you are a dogmatic rigid ideologue

It's always entertaining to watch someone slinging mud at their own straw man.

If you want to know what I think, ask me. Don't put words in my mouth.

Comment: They only come for the ad viewers (Score 2) 227

by fyngyrz (#48927447) Attached to: Facebook Censoring Images of the Prophet Muhammad In Turkey

the absence of facebook won't make those problems go away.

I missed addressing that; responded a bit too quickly, sorry.

I consider this assertion to be flawed; here's why. FB has a very high public profile. Any visitor to the US that is exposed to social media is likely to be aware of both the institution and its reach. They can also learn that the reason "they can't have nice things" is because their government has stepped in the way of their citizens using religion as an excuse. Likewise, US family members who cannot connect with Turkish family members are likely to hold strong opinions, and share them.

If anything is going to make things change, I think that's far more likely than a FB presence that is repression-compliant.

Of course, this would require Zuckerberg and crew to operate using a metric quite different from the "maximize users as ad viewers" model, and that doesn't seem to be in the cards.

Comment: Agreed (Score 2) 227

by fyngyrz (#48927347) Attached to: Facebook Censoring Images of the Prophet Muhammad In Turkey

There is an issue of State here, the Turkish State, requiring Facebook to filter and or creating at least the implied thread[sic] they will be blocked if they do not filter.

Yes. But it is, in fact, the Turkish state. Not the US state.

I agree with you that I don't like FB's policy here (nor Turkey's) and I would be much happier if FB operated with a lean towards freedom of speech, but that's never been who they were -- they mute, restrict and ban US posters on a regular and constant basis WRT written material and photographs, and they have inflicted their "Real Name" policy on members without regard for the numerous negative consequences.

The objective of FB is to sell ads they can put in the faces of their members. Those who describe members as FB's "product" seem to me to be very close to the mark. How they treat membership, then, can be expected to be the fruits of a policy to maximize the size of the group. And frankly, that's what I see when I look at their policies. Not care for quality, safety or freedom of speech -- just a place to farm ad consumers.

I suspect we're in a similar position to someone trying to tell a happy dictator that "absolute power is bad." It wastes our time and annoys the pig. Er, Zuckerman, I mean. But I repeat myself.

Comment: Re:First they came for... (Score 1) 227

by fyngyrz (#48926947) Attached to: Facebook Censoring Images of the Prophet Muhammad In Turkey

If gays were members in places with fundamentalist islam, as soon as they were discovered they would likely be killed.
Banning gays from facebook in those places actually protects them

Say I'm gay, I speak the language of Some Islamic State, and I live here in the US, and I have a FB page and otherwise post around FB. Facebook bans gays in Some Islamic State. They refuse to display my page or commentary in Islam.

Or just say I'm female, same set of circumstances otherwise.

This does not protect me, it only serves to eliminate gay/female voices. The consequences of that are fairly obviously negative to you, are they not?

This is also one of the consequences common to FB's "Real Name" policy. If you are a member of some forbidden or politically disadvantaged community, your speech is constrained. This simply serves to keep you down.

Comment: Re:If it's accessing your X server, it's elevated (Score 5, Informative) 369

by JesseMcDonald (#48926131) Attached to: Why Screen Lockers On X11 Cannot Be Secure

I'm not familiar with writing apps for X, but are you saying that every program that displays a window in X can log all keystrokes including in windows that are not associated with that program?

Yes. This isn't just X, by the way; it's a common design across most operating systems. Any client can register to receive keyboard and mouse input regardless of the current focus, unless another client has already "grabbed" the input device. This is how things like global keybindings are typically implemented. Windows used for password entry (including lock screens) can grab the keyboard to prevent other programs from listening in. The problem is that this only works if no other program has already grabbed the keyboard.

Secure input handling is one of the many reasons why everyone is eventually planning to switch to Wayland. Under Wayland, only the compositor has access to the raw input or the ability to inject simulated input events. The compositor manages any global keybindings and forwards the remaining events exclusively to the active window.

From Sharp minds come... pointed heads. -- Bryan Sparrowhawk