Catch up on stories from the past week (and beyond) at the Slashdot story archive


Forgot your password?

Comment Re:Santa isn't coming this year (Score 4, Funny) 86

The liberals just raised taxes again on his corporation North Pole Inc. and forced him to provide Obamacare for his elves. They also sued him for giving coal to bad children, saying it that every child should be a winner and it was unfair to black kids who grew up in worse situations than whites, so therefore Santa's policy was racial discrimination. The fine was $400,000,000.

He is no longer able to make a profit and therefore had to declare bankruptcy. Sorry kids. ;(

Vote for Trump in 2016 if you want Santa to come back. Make America great again!

What? I thought that Santa Claus is Canadian, based on his legitimate Canadian mailing address:


So all of his elves should have be fully covered by universal single payer health care, decades before Obama was elected. And as a Canadian non-profit organisation, his corporate tax rate is zero.

Besides I have no idea why you are praising Trump, when up north, there is no greater hero than Ted Cruz for renouncing his Canadian citizenship.


If only we can get Justin Bieber to do the same.

Submission + - Kazakhstan mandates country-wide MiM root cert to decrypt all TLS Traffic ( 1

ad454 writes: From 1 January 2016 pursuant to the Law of the Republic of Kazakhstan On communication Committee on Communication, Informatization and Information, Ministry for investments and development of the Republic of Kazakhstan introduces the national security certificate for Internet users.

According to the Law telecom operators are obliged to perform traffic pass with using protocols, that support coding using security certificate, except traffic, coded by means of cryptographic information protection on the territory of the Republic of Kazakhstan.

The national security certificate will secure protection of Kazakhstan users when using coded access protocols to foreign Internet resources.[/quote]

By words of Nurlan Meirmanov, Managing director on innovations of Kazakhtelecom JSC, Internet users shall install national security certificate, which will be available through Kazakhtelecom JSC internet resources. User shall enter the site and install this certificate following step by step installation instructions”- underlined N.Meirmanov.

Kazakhtelecom JSC pays special attention that installation of security certificate can be performed from each device of a subscriber, from which Internet access will be performed (mobile telephones and tabs on base of iOS/Android, PC and notebooks on base of Windows/MacOS).

Detailed instructions for installation of security certificate will be placed in December 2015 on site

Comment Re:Waiting for secure version without Intel vPro/A (Score 3, Insightful) 104

Yes processors run microcode.

But that is no reason to connect it to an antenna which allows a pc which is turned off to still be able to run wireless remote management commands.

In security one of the most critical consideration is to reduce the attack surface.

Intel vPro/AMT has such a large attack surface, that if we can assume there are no deliberate back doors, it is a safe bet that having it still introduces a wide range of new attack methods against us.

And for what? Just to help make corporate IT's job a bit easier? And remember those extra gates to support it does increase the chip's die size, power consumption, and cost.

Why not have AMT/vPro only in corporate PC's on request, and not have it in anything else.

Comment Waiting for secure version without Intel vPro/AMT (Score 5, Interesting) 104

For some reason I get very nervous with an out of band remote proprietary management system baked into recent Intel chips, which operates below the OS, and has not been independently audited and reviewed by trusted 3rd parties (such as those not associated with mass surveillance).

Note that AMT is also in all Intel chips with vPro:

This posting from the FSF (Free Software Foundation) has a decent writeup about it:

It seems that we are now in the age of hardware backdoors.

Maybe AMD which cannot seem to compete with Intel on performance and low-power, can make a niche for itself as a secure (backdoorless) alternative.

These days, I would value my privacy over performance.

Comment Re:Isn't the current mouse protection rule ... (Score 3, Interesting) 207

Doesn't the current mouse protection rule set the clock to death of creator plus 70 years for copyright?
Shouldn't that be not only enough for anyone but utterly overboard?

This is my understanding as well. And "Philip Francis Nowlan" who is the creator of Buck Rogers died in 1940, which was more than 75 years ago.

So with the current rules, Buck Rogers should be fully in the USA public domain.

Unfortunately, we will have to wait until 2036 for Mickey Mouse to enter public domain, and by then I suspect that Disney will bribe enough government officials to prevent it.

Comment Details missing... (Score 3, Informative) 163

When does the bios install the files, at boot time, or when the OS is running?

If at boot, this should require bios drivers for read+write ntfs filesystem support in order to know where in the primary drive the bios needs to install the files, which means the bios can hold a much larger amount of storage then expected.

If when the OS is running, this opens up the potential for many new scarier exploits and backdoors, even for a more secure OS with different file systems, such as Linux or *BSD, beyond just storage, such as memory and network access.

Does this still work with FDE (Full Disk Encryption), such as bitlocker, truecrypt, bestcrypt, pgpdisk, etc.?

Comment Burkas as future privacy fashion? (Score 0) 110

I hope that I am not forced to wear a burka just to keep some small amount of personal privacy, once big data is able to tap into nearly every single survailence camera, and use face recognition to automatically track everything I do, even with my mobile phone at home or turned off.

Western society is be becoming more and more Orwellian.

In the old days, people would fight and die for freedom and liberties. But now societies are willing to sacrifice these to prevent one person from being harmed from terrorists even though the odds are insignigant compared to other threats we accept such as traffic accidents, or having one child from being molisted even though this is nearly always done by someone close or known to the child.

Comment Bury him alive in Boston Cesspit (Score -1, Flamebait) 649

Due to the difficulty in finding execution drugs in the USA, why not bury him alive in a cesspit, placed far enough below a few outhouses in a predominate Boston location?

Victims and their immediate families can freely use those outhouses. And everyone else can be charged $1 for each use, with 100% of that money going into a victim fund.

Comment Genetics provide too much info about people (Score 1) 135

Currently DNA analysis is quite crude, basically enough to determine some genetic predisposition to illness and family relationships.

But there is indication that researcher might be able to find generic markers with predispose people to various conditions and traits (such as being left handed, homosexual, overweight, balding violent, psychopathic, etc.). Do you really want this information to be in the hands of big government and multi-national corporations?

Even if someone is genetically predisposed to some trait, there are additional environment factors which can prevent this from surfacing.

Why should a person who may have genetic markers to make them predisposed to violence, but was raised in a loving environment and taught at a young age to use anger management techniques and never hurt a fly, be discriminated against like someone who has countless violent acts against innocent people?

DNA should only be allowed to be freely collected, when people have the technology and option to change their own genetics, so that they are not victimized by discrimination.

Comment FDE is unreliable in Android (Score 2) 124

So many people have issues when it comes to enabling and using FDE (full disk encryption) with Android.

Quite often when they upgrade their OS they are advised to first decrypt their OS in order to avoid bricking their devices or losing data.

When when there is no FDE and users try to enable it, it often fails, especially with 3rd party OS such as Cyanogenmod, often due to partition issues such as the main file system overlapping the crypto footer region, forcing many to give up in order to avoid having to repartition and then reinstall OS, apps, data, etc.

Forcing FDE in all future Android version as the default, just as Apple does with iOS, will ensure that always-on encryption is normal consistent state which is always tested against, instead of the messy mixed encrypted and unencrypted Android ecosystem we have today.

Comment I just want to know: backdoor or nobackdoor (Score 4, Interesting) 109

With recent Intel chips containing AMT (Active Management Technology) and vPro, which contain integrated 3G radio support plus hidden processing core running separate hidden "management" instructions from the main core, what I really want to know is which Intel chips have a potential backdoor and which do not.

Otherwise any smart competitor which can prove that their don't have any backdoors, would have a significant marketing advantage. (Are you listening AMD?)

Comment Let NSA+GCHQ buy Gemalto since their own their ass (Score 5, Interesting) 99

North Korea hacks Sony => Cyber-Terrorism
USA & Great Britain hacks Gemalto => Patriotic-Duty

Of course Gemalto will say anything they can to limit economic damage, but without proper and transparent oversight of secret agencies they is no way to validate any claim by Gemalto that their 3G/4G SIM secrets were not stolen.

The best course of action is for Gemalto to simply be bought out official by the NSA and GCHQ, since they already own their asses, oops I mean assets.

Comment Re: In other news... (Score 3, Insightful) 78

Interested comment from an Anonymous Coward, who is too scared to stand behind their words.

The fact is that numerous polls in many countries including the USA show that there is unfortunately significant public support for increasing police powers and decreasing oversight.

Keep in mind that these same idiots also vote for the same corrupt politicians from the same corrupt parties as well.

When the sheeple finally reach their breaking point and have enough, they end up supporting whatever nut cases can best sell them the simplest counter-production solution which best promotes the fantasy that they can have their cake and eat it too. (Think USA rightist tea parties and Greek syriza leftists.)

Slashdot Top Deals

An engineer is someone who does list processing in FORTRAN.