Slashdot is powered by your submissions, so send in your scoop

 



Forgot your password?
typodupeerror

Comment Re:Stop calling it a court. (Score 1) 165 165

The thing that sets the FISA court apart from any other judge issuing warrants is that the evidence shows they act purely as a rubber stamp. Any court or judge who has never denied a warrant after having seen thousands of them is suspect.

"Never denied a warrant" is hyperbole, but the court does have a very high acceptance rate. That's a little misleading, though: the Wikipedia page mentions that the 99% acceptance rate only reflects "final" submissions, and that many requests have been changed or dropped before that point based on informal advice from a judge that the request was unlikely to be approved. Also, the NSA knows what the FISA court's rules are, and can avoid submitting requests in the first place that are unlikely to make it through. So it's not 99% of "whatever the NSA wants", it's 99% of things that the NSA thought were likely to be approved even after informal feedback from a judge. That's a very different beast.

It's valid to be concerned about the FISA court approving things it shouldn't. (In particular, I think the court overstepped its constitutional authority in approving the bulk phone metadata collection.) But the 99% approval rate doesn't support a claim that the court is a rubber stamp; it's a misleading statistic if used that way.

Comment Re:Stop calling it a court. (Score 1) 165 165

Furthermore, how does the foreign intelligence court have jurisdiction on matters involving domestic surveillance?

The FISA court's job is to issue warrants for surveillance of suspected foreign agents (e.g. spies, terrorists) within the US. Americans' privacy rights are protected by the Fourth Amendment, so the warrant is necessary. (Foreigners don't have Fourth Amendment protection, so no warrant is needed for the US to spy on them.)

Comment Re:Stop calling it a court. (Score 1) 165 165

In a court of law, issues are argued by two sides before a neutral magistrate.

I've seen this same point made in a few other places too. Maybe I'm missing something, and I'm certainly not a lawyer, but I don't think it holds water.

In a trial, the case is argued by two sides. But other things happen in courts besides trials — such as warrant requests. Those don't use the adversarial process AFAIK.

FISA aside: if the police suspect you have stolen property in your house and want to search your house to find it, they go to a judge and explain why they think you have stolen property. If the judge agrees that it's a reasonable suspicion, he or she issues a search warrant. You're not notified of this, and you don't get to come in and defend yourself. Probably the first you hear of it is when the police show up at your door with the warrant in hand. If they arrest you and charge you with a crime, then you get a trial where you can defend yourself against the charges. But for the search, it's the judge's job alone to weigh the evidence against your privacy rights.

The FISA court issues search warrants; no one is on trial there. You don't get to defend yourself in FISA court, but how is it any different from a normal court in that regard?

Comment Re:So, UEFI is a good thing now? (Score 5, Interesting) 471 471

First of all, UEFI is more than Secure Boot. UEFI has been standard on PCs for the past few years, and on Macs ever since they switched to x86. Secure Boot is just a feature of some newer UEFI implementations.

Second, Secure Boot is a legitimate security feature that helps to protect against boot-time malware. There's nothing inherently evil about it. The controversy is over who should have the power to decide which OS is considered trustworthy and allowed to boot: the owner of the computer, or the vendor of the OS that came preinstalled on the computer?

Naturally, you don't want to buy a computer that doesn't let you choose which OS you trust. But if you have a computer that does give you that choice, why not take advantage of it? Seems to me that it's good to have hardware vendors see increased demand for machines that support securely booting the OS of your choice, as opposed to those where you just have to disable Secure Boot entirely if you want to run something other than Windows.

Comment Re:Java sandboxing helped in this case (Score 1) 127 127

Not quite.

First, sandboxing in Android isn't done at the Java level, it's done at the OS level, by running each app under a different UID and letting the kernel take care of enforcing what that UID is (and isn't) allowed to do. It's the same system that prevents different users on a "conventional" Linux system from accessing each other's private files. This is why Android apps can load and run native code (via JNI) without needing any special security permission or exemption. Native code is still in the sandbox.

Second, the real danger in this flaw isn't malicious apps tricking the user, it's malicious apps tricking other apps. Android's permissions system includes a feature called "signature-level permissions" which allows apps that are signed by the same publisher to grant each other permissions that aren't available to apps signed by other publishers. This bug means that a malicious app can pretend to be signed by Company X in order to gain signature-level permissions to interact with actual Company X apps in privileged ways. Depending on the app, this may allow access to sensitive data.

Submission + - Give Us Your Tired, Your Poor, Your FB Engineers

theodp writes: ReadWrite's Brian Hall observes that — surprise — Mark Zuckerberg's immigration fix favors Facebook. 'Fairly or not,' writes Hall, 'by repeatedly linking the larger immigration issue with 'the Internet,' as Zuckerberg does in his [Washington Post] editorial, he appears less concerned with America's future — or even the future of those children residing in the U.S. illegally — and more with boosting the value of his own Internet concern.' FWD.us, the self-described 'diverse' political group formed by Zuckerberg and other Silicon Valley luminaries, also raised an eyebrow from immigrant Om Malik. 'What I hate is the focus put on a specific immigration issue [H-1B visas],' Malik wrote. 'I don't buy that just because an immigrant works on an algorithm make her more important.' BTW, the Terms of Service for FWD.us indicates that you're really using the website 'tech4immigration.org', apparently one of a number of sites operated by an organization called the 'Campaign for Innovation.' This entity in turn appears to be linked to the 'March for Innovation' ('it’s a no brainer to keep and attract brain power in America'), which enjoys support from many of the same members of Zuckerberg's FWD.us ratpack, as well as groups like the 'Partnership for a New American Economy' (aka RenewOurEconomy.org), whose co-chairs include Steve Ballmer, Michael Bloomberg, and Rupert Murdoch. On its website, RenewOurEconomy boasts it's been successfully getting newspapers to run its Op-Eds for years. With all that lobbying muscle (and what some might call Astroturfing), it's really no surprise that Silicon Valley on Tuesday scored what the NY Times called its biggest win yet in Washington with a proposed overhaul of immigration law that 'shifts the emphasis in immigration policy from one that prioritized family ties to one that will prioritize professional degrees.'

Comment Wait for Haswell (Score 4, Informative) 260 260

If you can wait awhile longer before buying, Intel's upcoming Haswell processor is reported to have significantly improvied graphics performance, and Intel GPUs are well-supported with free drivers in Linux and Xorg. They're less-powerful than NVIDIA and AMD GPUs, but should be fine unless you need to play high-end games on high quality settings.

Comment Re:but its Java? (Score 2) 154 154

Apps can be written to use new features where available but degrade gracefully where they're not.

Every app has both a "minimum SDK version" that identifies which version of Android it requires, and a "target SDK version" that identifies the latest version of Android that it knows about. At runtime, the app can check which version it's actually running on, and enable or disable features as appropriate.

If an app is is run on an Android version newer than the app's "target", the OS itself will do whatever's needed to be backward-compatible with the target version. The developer can update the app and change the target version in order to take control of any new features and differences.

Businesses

Facebook Testing the Want Button 147 147

redletterdave writes "Facebook already knows what you 'Like.' Soon, it may ask you what you 'Want'. Tom Waddington, a Web developer for the craft website Cut Out + Keep, discovered that Facebook has included code for a disabled 'Want' button within the Javascript of its list of social plug-ins. The code was released to the Facebook Javascript SDK last Wednesday, but Waddington discovered the disabled button among other embedded tags, including 'degrees,' 'social context' and 'page events.' Waddington says the 'Want' button would work with Open Graph projects that use the tag 'products.'"

Comment Re:Fork it, then (Score 1) 403 403

As I recall, Mozilla was willing to grant Debian a license for the Firefox trademark, but they weren't willing to grant it recursively to all Debian users who might want to make (and distribute) their own modified versions of the code they got through Debian. Since Debian doesn't accept licenses that are specific to Debian (DFSG #8), Debian couldn't accept Mozilla's offer of a Firefox trademark license, and thus had to rename it.

The discussions at the time — this is based on my memory from reading the list archives — were all about the fact that Debian applies patches to the code; I don't think the logo issue came about until later.

A slow pup is a lazy dog. -- Willard Espy, "An Almanac of Words at Play"

Working...