Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror

Comment Re:Used it for 5 years, happily, but... (Score 1) 96 96

Unlike the first commenter, I regularly see savings of 10-15 cents per gallon. With an 18 gallon tank, that could mean $2.70 in savings...much more than 30 cents.

The first poster said "it's not worth saving 30 cents a gallon on gas", so for an 18 gallon tank that would be $5.40.

It also does not take very long... And when you are in an unfamiliar area, it has benefits for savings and simply locating gas! Going to read the new terms now...

I agree. My tank is much larger 18 gallons, and prices around me vary by about 60 cents, so I can easily save $5 to $10 if needing to fill-up in an unfamilar area versus stopping at the first place I see.

Comment Re:Seems like a piece is missing (Score 1) 129 129

Also missing is the motivation - possible oil and gas reserves under the South China Sea. China wants to strengthen their territorial claim and then say the entire area is theirs.

They already say the entire area is theirs (see the dotted red line in the article). Their plan is for these islands to give them a stronger presence so they can militarily force the issue in the future.

Comment I foresee a sudden demand for raises (Score 4, Interesting) 429 429

Baker claims the spreadsheet compelled more Google employees to ask and receive "equitable pay based on data in the sheet."

90% of drivers think they are better than the average driver, and I would bet 90%+ of workers think they are better than average, and would therefore expected to be paid above the median (note for the statistically challenged - 90% of a group cannot be above the median). This study will give them data to know where they are on the graph. How will management deal with 90% of their workers demanding to be paid more since they are being paid below what they think they should be based on their (biased) self-assessment?

Comment Re: But can it be a Tweet? (Score 5, Informative) 129 129

It's a hip way of saying small. He found that invoking DYLD_PRINT_TO_FILE runs as root, and as such can allow a user to write to /etc/sudoers, giving the user sudo privileges, letting them sudo to root. echo 'echo "$(whoami) ALL=(ALL) NOPASSWD:ALL" >&3' | DYLD_PRINT_TO_FILE=/etc/sudoers newgrp; sudo -s

He found that invoking DYLD_PRINT_TO_FILE runs as root, and as such can allow a user to write to /etc/sudoers, giving the user sudo privileges, letting them sudo to root. echo 'echo "$(whoami) ALL=(ALL) NOPASSWD:ALL" >&3' | DYLD_PRINT_TO_FILE=/etc/sudoers newgrp; sudo -s

Small correction. DYLD_PRINT_TO_FILE doesn't run as root, it just tells the dynamic library where to write error logs. The problem is it is accepted and used by child processes, even setuid ones, so by setting the environment variable, then calling sudo (which runs as root) with an invalid argument that will cause an error to be logged, he can create or append to any file on the machine he wants. He used the sudoers file for his example, but I am sure there are many other possibilities.

BTW, this is a similar exploit to the LD_LIBRARY_PATH exploit from many years ago where you could get a setuid program to use your dynamic library instead of the system one, thereby getting your code to run as root. It was fixed by having the loader check if the program uid doesn't equal euid and if so ignore the LD_LIBRARY_PATH variable. Apparently programmers at Apple are guilty of not learning from history and are therefore repeating it.

Comment Re:This NOT about a Private Call (Score 2) 179 179

That was a major point toward the end of the linked article. The court said:

“The district court’s holding would logically result in the loss of a reasonable expectation of privacy in face-to-face conversations where one party is aware that a participant in the conversation may have a modern cellphone.”

Basically, if you are having a "private" conversation, and know that someone present may have a cell phone, then this precedent may mean you no longer have an expectation of privacy for the conversation.

Comment Re:Ironic (Score 3, Interesting) 195 195

It's called the Maunder Minimum for a reason. There is definitely a correlation with sun activity... and my guess is that it's better than the correlation with volcanism. I don't know that for sure, but that's my best recollection.

It is easier to believe the documented condition of the sun going quiet for a few hundred years was the major factor behind the cooling than it is to believe one or more volcanoes were going off constantly for a few hundred years creating an ash blanket over the Earth for the whole period and caused it.

Comment Re:Cannot happen soon enough. (Score 1) 265 265

I can't wait until this happens. CNN will spin off a whole channel for nonstop coverage.

Los Angeles had a minor earthquake some years ago. I think it was like a 4.0 or so, a truck rumble at best. CNN kept running a black-and-white surveillance video of a grocery story where absolutely nothing moved in the background. Nothing falling, nothing breaking, nothing anything. But CNN made it sound like the BIG ONE already happened and California was sliding into the Pacific Ocean.

I was in the San Francisco Bay Area for the World Series in 1989 during the earthquake that was about 7.0. While the shaking was scary, when you watched CNN, all you saw was a picture of one of the deck plates on the bay bridge that fell onto the one below, and some close up shots of some houses in San Francisco that had partially collapsed (they were build on fill in an area that used to be part of the bay so the ground liquefied). Based on what they showed and what they said, you would think that all of the major roads were impassable, the bridge itself had actually collapsed, and the area was like a war zone. The reality is I had to drive far out of my way to find any visible damage or effect beyond a few items that had fallen off shelves (and the baseball game being cancelled). What I saw on the news and what I saw out my hotel room window were two vastly different things.

What sells news is scary stuff, so they look for things that look scary and then push that like there is no tomorrow, or if necessary, they invent the scary stuff for the same reasons.

Comment Re:Cry More (Score 1) 139 139

They don't publish every public record and have no intention of doing so.

Because doing so isn't free. It takes time and resources, which means money. If a full release plan were implemented, after the first release of something big that shouldn't have been released (opps, all those private tax returns were buried in some miscellaneous filings), a major double-check system would be put in place raising the costs even more. Taxpayers don't want to pay for things they don't feel directly benefit them, and this would be seen as spending a lot of money so that info only desired rarely is available, namely seen as a big waste. It would also open a major can of worms when people start processing all the info to find and monetize what may be in there, just like the websites today that get arrest records and mug shots and charge people to remove them.

There is a certain amount of anonymity that happens due to being lost in the crowd. Sure you could be identified if someone looked, but they have to look. Imagine if the government put cameras everywhere (some say you don't have to imagine) with public feeds (in this scenario the cameras are public so their feeds are too), don't be surprised when people start taking all of it, running various algorithms like facial recognition, then selling their results or promise to destroy undesirable results. If all government documents were directly accessible, I think we would see some major abuses happen, and then people would be scurrying to fix those problem they created, and pointing fingers to find whom to blame.

As the others say, this is a very pointed attack on FOIA requests.

I think it probably occurred to the powers that be that it could have the effect of reducing the number of FOIA requests since it reduces the way their use can be monetized, but I don't think it is a "very pointed attack on FOIA requests." I think as many others have already said, the data belongs to the public but most of the data the government has isn't released for cost reasons, since it hasn't been reviewed to determine if it is allowed to be released. Once the review has occurred and it is now confirmed the data is releasable (the main impediment to its release before), the public's data should be made available to the public. Do you disagree with that last sentence?

Think of it like a legal case where the public is being denied access to a section of a public forest for no good reason (in the opinion of one member of the public), and he sues to gain recreational access to the area. If he wins, does he get exclusive use of the area, and the rest of the public is still barred entry unless they bring their own lawsuits? No, the one legal victory would give access to everyone since it was just that no one had yet forced the issue to examine the reasons for access to be withheld.

Comment Re:Knew it was too good to be true. (Score 4, Informative) 161 161

One other interesting note - all the judges on the FISC are solely appointed by the Chief Justice of the Supreme Court, without any confirmation or oversight by Congress required.

While Congress does not get any oversight of the appointing process itself, the Chief Justice can only appoint the judges from the pool of US District Court Judges. This means the judges on the FISA Court were first nominated by the President to become District Court Judges, and then confimed by the Senate, so there was some congressional oversight in terms of who could be appointed.

I don't know if all of the current judges were picked by John Roberts or not, ...

The FISA judges serve for seven years, and Roberts has been the Chief Justice since 2005, so yes, he picked all of the current judges.

Comment Re:The renewal is the alleged cybersquatting (Score 1) 190 190

As I understand the plaintiff's argument, each renewal is a separate act of cybersquatting. Can anybody more familiar with anti-cybersquatting law clarify whether this is a valid argument?

Basically, no, since the laws deal with the intent of possessing the domain, so unless intent demonstrably changed from when it was first registered, this is just an attempt to shove a wedge into where the plaintiff thinks there may be a crack.

There are a few laws that can get involved, but the most important in the US is the Anticybersquatting Consumer Protection Act.

I haven't read it, but it appears the act lays out some guidelines, and among some defenses are "Registrant’s prior use of the domain name in connection with the bona fide offering of goods or services" which should apply here. The act also lists actions that would indicate bad faith by the domain holder, like "Registrant’s intent to divert customers from the mark owner’s online location" and "Registrant’s offer to transfer, sell, or otherwise assign the domain name to the mark owner or a third party for financial gain, without having used the mark in a legitimate site", but those don't appear to apply here. The fact the domain was renewed is not relevant to this law.

The other important "law" is by appealing to ICANN under the Uniform Domain Name Dispute Resolution Policy, which unfortunately has historically been more fruitful to trademark owners when going after people legitimately using a domain that contains a trademarked name since it allows a person to complain that "a domain name is identical or confusingly similar to a trademark or service mark in which the complainant has rights".

Comment Re:Morons ... (Score 1) 190 190

And that is why I hope the case gets dismissed with prejudice, possibly opening the way for a counter-case of barratry.

Not sure when the last time I saw barratry successfully claimed, but a counter claim for damages and legal fees based on the case being frivolous, yes, that is quite possible. I feel it is clear the plaintiff is pursuing this case, knowing it lacks legal standing, to coerce the domain holder into transferring it since they failed to acquire it through negotiation. The case shouldn't even reach the discovery phase; it should probably die from the first or second motion to dismiss for failure to state a claim (I'll say two since the judge will often reject aspects in the first on procedural grounds, but say why [like "motion didn't identify ..."], so the motion can be redrafted to meet the judge's requirements).

Comment Re:Wow. Just wow (Score 3, Insightful) 98 98

They are intentionally weakening the protections we use to keep ourselves safe.

No, the weaknesses were created by the AV vendors, not the NSA and GCHQ. Do you also object to other security researchers looking though code for weaknesses, and when they find something say they are weakening the software's security? (Unfortunately there are some companies that have tried that). The difference here is mainly in what is done with the knowledge once found, and what these organizations are doing with it is consistent with their missions. In the industry it is called equities, namely deciding what is in the nation's best interest, whether to reveal a flaw so it can be fixed, or keep it secret so it can be used against an adversary.

Comment Re: Run out the Clock (Score 1) 154 154

So you know more about Swedish law than Marianne Ny? I doubt it. [yawn]

I highly doubt I know more than she about Swedish law, and never said I did, but then nothing I have said conflicts with what she has said either. She wants Assange to be interviewed before the pending expiration of the statute of limitations for some of the crimes of which he is suspected (note, only some of the statue of limitations expire soon) to better determine if he should be charged. She can have him charged even without an interview, but wants to get as many facts in hand as possible first. My statements regarding tolling are also still valid and correct.

blah blah fap fap

Sorry, I couldn't parse your statement. By the way, your didn't answer my question. I studied at Bolt Hall. Where did you study law?

Support Mental Health. Or I'll kill you.

Working...