Slashdot is powered by your submissions, so send in your scoop


Forgot your password?

Comment Re:Because Reasons (Score 1) 412

Indeed, I've been looking at uMatrix (in combination with NoScript), and there's a lot to recommend it. As far as cookie management goes, however, it's not as fine-grained as what Firefox had. You can only enable/disable a site's ability to set cookies. You can't inspect/approve every single cookie request itself. Sometimes you can get a site to work by accepting certain cookies and denying all others. FF's facility let you do that.

Comment Re:Because Reasons (Score 1) 412

You're the third person in this sub-thread alone to recommend Self-Destructing Cookies.

While I like the idea of its behavioral detection of tracking cookies, and its stats panel is informative, my ultimate problem is that it allows the cookies to be set in the first place. 99.9% of the cookies shoved at my browser are entirely, provably unnecessary -- the page displays the same regardless. As such, my philosophy is that they should never be accepted in the first place, even temporarily.

The cookie request is also a waste of bandwidth. If you're going to display the same page either way, why clog the pipe with a cookie that you're manifestly not doing anything meaningful with?

Comment Because Reasons (Score 4, Interesting) 412

It occurred to me after submitting the article that the per-cookie approval feature has been part of Firefox since it was called Netscape, so it's been around for a very long time.

Moreover, the allegation that enabling the feature destabilized the browser is pharmaceutically pure bullshit. I've been using the feature since its inception, and have Firefox windows open and running for days at a time without ill effect.

Contrariwise, I just went to check my cookie store, and found a bunch of new, unapproved, unwelcome, provably unnecessary cookies have appeared in just the week since I moved from v43 to v44. Deleting them after the fact is not a solution. Once set, tracking can take place immediately. The damage has already been done.

The proffered reasons for the change are easily shown to be false, so I do not hold out any hope that Mozilla management will have a change of heart on this matter and reinstate the long-standing feature.

Would anyone care to recommend a cookie management add-on?

Submission + - Firefox 44 Deletes Fine-Grained Cookie Management (

ewhac writes: Among its other desirable features, Firefox included a feature allowing very fine-grained cookie management. When enabled, every time a Web site asked to set a cookie, Firefox would raise a dialog containing information about the cookie requested, which you could then approve or deny. An "exception" list also allowed you to mark selected domains as "Always allow" or "Always deny", so that the dialog would not appear for frequently-visited sites. It was an excellent way to maintain close, custom control over which sites could set cookies, and which specific cookies they could set. It also helped easily identify poorly-coded sites that unnecessarily requested cookies for every single asset, or which would hit the browser with a "cookie storm" — hundreds of concurrent cookie requests.

Mozilla quietly deleted this feature from Firefox 44, with no functional equivalent put in its place. Further, users who had enabled the "Ask before accept" feature have had that preference silently changed to, "Accept normally." The proffered excuse for the removal was that the feature was unmaintained, and that its users were, "probably crashing multiple times a day as a result" (although no evidence was presented to support this assertion). Mozilla's apparent position is that users wishing fine-grained cookie control should be using a third-party add-on instead, and that an "Ask before accept" option was, "not really nice to use on today's Web."

Submission + - All 12 Countries Sign off on the TPP (

Dangerous_Minds writes: News is surfacing that the TPP has officially been signed by all 12 countries. This marks the beginning of the final step towards ratification. Freezenet has a quick rundown of what copyright provisions are contained in the agreement including traffic shaping, site blocking, enforcement of copyright when infringement is "imminent", and a government mandate for ISPs to install backdoors for the purpose of tracking copyright infringement on the Internet.

Comment Re:Please call or email this idiot? (Score 1) 251

Unfortunately, Jim Cooper's district is in California's central valley, between Sacramento and Stockton. Not the middle of nowhere, but not exactly the center of high-tech, either.

Your best bet would be to contact the Assemblyman for your own district, inform them of this odious bill, and instruct them to oppose it.

Comment Re:By Design (Score 1) 188

I dunno; the uMatrix plugin looks very interesting, and seems to have a lot more flexibility than NoScript. NoScript blocks/enables script domains globally, whereas uMatrix will allow script domains to run depending on the domain of the page they're running on. This means you can let Facebook scripts run while viewing Facebook pages, but block them from running on any other site.

uMatrix doesn't offer defenses against Cross-Site Scripting (XSS) exploits, or provide Application Boundary Enforcement (ABE). The consensus among uMatrix users appears to be to install NoScript for its XSS and ABE features, but turn off its script blocking, leaving that task to uMatrix.

Comment Very Bad (Score 3, Insightful) 48

Who remembers the DeCSS DVD kerfuffle?

Briefly, a kid in Norway named Jon Johansen, along with other programmers in Germany, reverse-engineered the Xing DVD player, and published DeCSS, an independent implementation of the Contents Scrambling System (CSS) that was used on DVDs to deter unsanctioned copying, allowing Linux users for the first time to view DVDs on their computers. Subsequent research among crypto experts yielded more general solutions, and now CSS is effectively a no-op.

The DVD Copy Control Association -- DVD-CCA, the organization that licenses the creation of Hollywood-sanctioned DVD players -- tried to sue DeCSS out of existence in a California court. Their primary argument? That CSS was a trade secret that Johansen had improperly obtained and disclosed.

What was "improper" about it? His reverse-engineering violated the (*snicker*) "license agreement" attached to the Xing player.

Further, the DVD-CCA (incorrectly) argued, everyone who came in contact with DeCSS "knew or should have known" that CSS was a trade secret, and not to traffic in it, and asked the judge to put a restraining order on the Internet to prevent further distribution. (DVD-CCA also tried to argue that reverse-engineering is never proper or appropriate.)

Although the DVD-CCA's case was never resolved, CSS today is effectively useless as a copy protection mechanism, and DeCSS or its functional equivalent is widely available.

This legislation from Microsoft would appear to be an attempt to defend against such activity, and prevent people from ever inspecting or exercising control over their computers again.

Trade secrets are a weird edge case in intellectual property. They are not explicitly called out in the Constitution (as are copyrights and patents), but enjoy recognition in the courts. Unlike trademarks and patents, however, trade secrets do not need to be registered -- they exist solely by fiat (i.e. they exist because the company declares they exist). Trade secrets also do not have a formally defined "limited time" as Constitutionally required of copyrights and patents -- the inherent fragility of maintaining any kind of secret indirectly establishes the trade secret's limited lifetime.

Microsoft's proposal would greatly extend the reach and lifetime of trade secrets beyond their traditional scope.

Slashdot Top Deals

When Dexter's on the Internet, can Hell be far behind?"