Slashdot is powered by your submissions, so send in your scoop


Forgot your password?

Comment Re:Everyone Is Guilty, Only Enemies Will Be Indict (Score 3, Insightful) 107

If you are a leftist, beating the shit out of private companies is well and good. Remember: corporations are evil! Prosecuting them is only a good thing. Are you a corporate shill?

I am neither a leftist nor a corporate shill. I believe in beating the shit out of private companies that deserve to have the "shit beat out" of them. You need only look at the lengthy history of consumer protection in the United States to find instances where this was and is necessary. Take, for example, Debt Collection Practices. Please, please, please "beat the shit out" of unscrupulous collection agencies. Please "beat the shit" out of the companies that call my grandmother to deliver unsolicited advertisements about a "warranty extension" on her car. There are plenty of private companies that should have this done to them. The issue I take with China's implementation is 1) that it will never target a state owned business and 2) the guidelines are by no means clearly laid out and can be ambiguously interpreted. Who will interpret them? When will they interpret them? Why just in time and by the same state body that made them. Please tell me, how can I prove that my product's advertising does not "Cause detriment to national dignity"?

Comment Do Not Conflate This With Individual Free Speech (Score 2) 107

Communists don't believe in free speech?


It's not that binary. The United States has its own truth in advertising laws that, in my personal opinion, are beneficial at both the federal and state level. Slashdot readers are free to go the Libertarian route and claim the free market would alleviate these issues on its own or perhaps point out how downright pedantic it can be at times. But the truth of the matter is that, as a consumer, we only have so many hours in a day to decide which of the thousands of products we consume in a year we should spend our money on. So it does come down to federal guidelines for what is "Grade A" or "Organic" or "Green" when there is a label espousing these properties and there are consumers paying a premium for this notion. Without those guidelines those words will mean absolutely nothing and there will be no way to tell where your product was made, how much cadmium it has in it or whether it is the end result of spewing carbon into the atmosphere. Without similar laws, you wouldn't be able to trust the nutritional information at the grocery store. Is it free speech to claim that my potato chips cure cancer and lead to weight loss no matter how many of them you eat? People will know that I'm lying? Cigarettes used to sooth sore throats. Trans fats used to taste awesome.

Speech used by an individual to express ideas is free speech. Advertisements -- especially advertisements representing a very large organization -- are not. Corporations should not have the same rights individuals have and I feel that free speech is one of those clear cut distinctions. There is a long history of consumer protection everywhere in the world -- learn about your own country's struggles with it. It's not a simple issue and advertisement should not be regarded as free speech.

Comment Everyone Is Guilty, Only Enemies Will Be Indicted (Score 5, Insightful) 107

Here is the full text of the newly amended law. Here is the WIPO listing the deltas with the older 1994 version of the law (click expand notes). It appears that this is the first change in this law since 1994. Also the WIPO provides a PDF of their English version which seems to be slightly different. I also found a definition of the extent of what is regulated advertising by the PRC. Here's the WIPO's full list of defined restrictions:

1) Overt or covert use of national flag, anthem or emblem of People’s Republic of China or military flag, anthem or emblem;
2) Overt or covert use of the name or image of national public institute or staff of national public institute;
3) Use of words such as “national-level”, “the most” and “the best”, among others;
4) Causing detriment to national dignity or interests, or disclosing national secrets;
5) Interfering with social stability, or causing detriment to social and public interests;
6) Harming personal or property safety, or disclosing privacy;
7) Interfering with social public order, or going against good social norm;
8) Containing obscene, pornographic, gambling, superstitious, terrifying, or violent content;
9) Containing discrimination based on nationality, race, religion, or gender;
10) Affecting protection of environment, natural resources or cultural heritage;
11) Other situations prohibited by laws and regulations.

Merely sounds like another tool for the Party to deal with companies that are not state owned. Most companies will be found guilty of some section of this but they won't be prosecuted until they run afoul of the Party. In China (and increasingly in the US) everyone is guilty of something but only those that the state wants to be prosecuted will be prosecuted.

So looking at the story, we have a new law enacted a month ago and whose head is on the chopping block today? Xiaomi? Well from wikipedia:

Xiaomi Inc. is a privately owned Chinese electronics company headquartered in Beijing, China, that is the world's 4th[4] largest smartphone maker. Xiaomi designs, develops, and sells smartphones, mobile apps, and related consumer electronics.[5]

Aaaaaand there's your problem. Wake me up when a state owned company is prosecuted under these new laws. Xiaomi's true crime was probably doing better than Huawei.

Comment Re:Huge presumption (Score 2) 146

Yes, their infographic lists "Dronecode" whatever that is, alongside node.js

The other problem with trying to calculate the value of the Linux kernel specifically is that it counts the costs of all the drivers as well and you end up concluding that building a kernel is infeasibly expensive (reality check: there are quite a few of them out there, made by non-huge companies). If Linux was developed from scratch commercially you wouldn't attempt to develop drivers for every piece of hardware known to man all in the same source tree. You'd do what Microsoft do and define a driver API. Then the costs of hardware support are spread out across industry and no one entity ends up paying the entire cost.

The Linux kernel guys don't do that because they prefer being able to refactor/redesign any part of the kernel at whim, even at the huge cost of having all driver development be centralised. But that's not the only way to do it.

Comment Re:There's an even greater flaw here. (Score 5, Insightful) 66


Gatekeeper is not meant to block any unsigned code execution. It's meant to stop you accidentally running malware. If you want to bypass it you can just right click on a .app and click "open", or you can disable it in System Preferences. The "attack" you just described is no attack at all.

It's not even clear to me that what's being described in the article is even an attack. OK, you can bypass Gatekeeper by finding an app that blindly runs code it knows nothing about. That's like complaining that if you run a signed browser and then it executes a malicious web page, bad things happen. That's not a bug in Gatekeeper. That's a bug in the browser.

Comment Re:Speaking of MS and "privacy" (Score 1) 101

Even if we assume this is accurate and this "telemetry" data is the only spying they are doing (a patently incorrect assumption), this is still an incredible amount of metadata being collected.

A lot of people - even some that should know better - have bought the propaganda that spying on "metadata" doesn't matter. In reality, metadata (or "anonymous" usage statistics) is the most valuable data that can be collected in bulk. As former CIA and NSA director Michael Hayden said, "We kill people based on metadata..

This data is obviously profitable among the businesses using surveillance as a business model because you are the product, but that's not the biggest problem.

Knowing what programs you run - and when you run them - can be enough to start building a pattern of life profile. When do you wake up. When do you spend time near your home router's IP address running a web browser. When do you tend to run MS Office, with the telemetry coming from an IP owned by business instead of your usual home IP? I'm sure modern data analysis tools could find a lot more interesting stuff out of telemetry data.

Comment Re:What is the point of this article? (Score 2) 164

Need I remind you that had the U.S. signed up for the GSM standard, CDMA would've been stillborn and we would likely have 50-200 kbps data speeds today

Um, wat? You think the designers of UMTS were incapable of understanding the different radio technologies because they weren't born in America? CDMA was invented by the Soviets, you know.

GSM and its upgrades stomped the mobile phone system called CDMA for all kinds of reasons, one of them being that GSM had the concept of a SIM card and CDMA did not, so GSM users could pick their own phones and trade them. Another is that GSM was developed by an actual international standards process and industry consortium, whereas cdmaONE was basically an attempt to standardise a Qualcomm internal project and it showed. It was expensive, single vendor, etc. Wikipedia refers to the "immature style" of the cdmaONE standards documents. GSM had first mover advantage and international adoption.

Comment Re:How dare they! (Score 1) 166

ISDS doesn't do what you're claiming it does.

The point of ISDS is to handle the case where a company invests in a country and the country then changes its laws such that the investment is invalidated. This has a habit of occurring in some less well run parts of the world as part of e.g. attempting to advantage home grown companies, or appropriating their assets.

ISDS cannot force a country to change its laws. It's a voluntary mechanism by which countries agree to pay compensation to the investors that they just screwed. Whether the screwing is justified or unjustified doesn't matter, the point is to make the investors whole and therefore to reduce the risk of making foreign investments thus increasing their number.

Comment Re:Install Linux (Score 1) 288

That's what you get when you buy a product that depends on a single vendor for its mission-critical supply chain.

As you are a marine, you should be concerned about how much of your ability to function as an armed force depends strictly on a single vendor. Engineering fields and especially defence suppliers traditionally required a second source for any mission-critical parts.

Then again, what do I know. Given that the armed forces seem to be fine depending on China for most military hardware, what's another Sword of Damocles hanging our head?

Comment Re:The backdoors are already in place (Score 1) 142

if the owner of the PC chooses

No, the OEM will get to choose, just like they do today in other areas. I suppose the laptops with UEFI SecureBoot enabled don't exist in your world?

I work for Intel

So you're a collaborator. I hope you like the future you're creating. Maybe you should wake up to what is actually happening in the world?

Comment Re:The backdoors are already in place (Score 1) 142

Every time I see people discussing AMT, they leave out the final piece of the puzzle: Intel's SGX ("Software Guard Extensions") instructions that are in Skylake and future CPUs. SGX lets a program set up "secure enclaves" in RAM that are encrypted in the CPU and cannot be accessed by other programs, including the OS itself. As the data is encrypted outside of the CPU, you cannot even use a cold-boot attack or a logic analyser to access the data the hard way.

The only people talking about these instructions seem to be the occasional crypto researcher musing about how this could be a nice feature for protecting private keys. I'm sure that's possible, but Intel clearly has another goal in mind.

1. Allow application developers to protect sensitive data from unauthorized access or modification by rogue software running at higher privilege levels.


5. Enable the development of trusted applications [...]

6. Enable software vendors to deliver trusted applications and updates [...]


8. Enable applications to define secure regions of code and data that maintain confidentiality even when an attacker has physical control of the platform and can conduct direct attacks on memory.

In case anybody has forgotten, "trusted applications" is a dog whistle for DRM, originally popularized by Microsoft when they announced "Palladium". Good luck investigating what AMT is doing when the RAM it uses is encrypted.

Of course, some people in this very thread are already apologizing for Intel and claiming AMT isn't a threat. They probably said the same thing about Windows 10, too, with claims that the spyware wasn't important because it could (with much hassle) be disabled. Well, good luck in future Windows versions when the spyware is an encrypted SGX enclave.

Dinosaurs aren't extinct. They've just learned to hide in the trees.