Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror

Comment: Re:Use an Outbound Firewall (Score 1) 340

by lfaraone (#30724756) Attached to: Malicious App In Android Market

I wish this functionality was built into the OS, rather than having to do it manually (for example, a way to disallow internet access during installation) -- but at least it's doable on Android. I don't think any other phone platforms give this level of permission separation or control. I'm not so sure that app review would really fix the overall problem; it might catch the obviously-malicious phishing apps like in this story, but I bet that the app auditors' opinion on what is a privacy violation differs greatly from my own.

Maybe you're thinking of http://wiki.laptop.org/go/Rainbow, which implements http://wiki.laptop.org/go/OLPC_Bitfrost, which does exactly what you're describing. It's currently in Debian ( http://packages.debian.org/unstable/main/rainbow ) and Fedora ( http://ppc.koji.fedoraproject.org/koji/packageinfo?packageID=7262 ).

Comment: Re:New business model (Score 1) 316

by lfaraone (#30450982) Attached to: Busybox Developer Responds To Andersen-SFLC Lawsuits

While I completely agree with OS, the GPL and its enforcement. The question that I ask myself is what impact those lawsuits will have on the OpenSource model.

Will patent trolls become OS Trolls and will OpenSource become Open 'sue us'?

This may be the rise of a new business model...

You're missing the part about how you have to actually *steal code* from a project in order to violate their copyright, whereas a patent violation can be thought up independently without knowledge of the filing. GPL code is not code you can use in any way you see fit, it's code that you can use provided you comply with the license terms.

Comment: Re:Stupidity is not color-blind. (Score 1) 783

by lfaraone (#30236552) Attached to: Google Apologizes For "Michelle Obama" Results

So racism is dead in America right? Until that happens of course it is still unacceptable to apply monkey parody to black public figures. You cannot ignore America's (or much of the West's) shameful history of racism. Do not imagine for a second that the people who create images of Michelle Obama that make her look more monkey like are doing it simply because they noticed the striking similarity between humans and monkeys. They are doing it because they are racists.

But when people do the same of George Bush it's simply parody? http://images.google.com/images?hl=en&um=1&q=george+bush+monkey

Comment: Re:High profile target and popular CMS' (Score 1) 219

by lfaraone (#29876489) Attached to: White House Website Switches To Open Source

The problem with using Drupal for the White House is that it's a popular CMS and has lots of people looking for exploits and vulnerabilities. The second a proof of concept piece of code or an easy exploit is discovered, a few thousand script kiddies will decend to get their 15 minutes of fame. I'm not sure how Drupal fares with bugs and patching speed (I know Wordpress seems to get some high profile holes discovered) but even if all vulns are patched before someone takes advantage of it, you're still going to need an admin who's going to be constantly alert to patching it. I'm not arguing against closed source vs open, more about popular vs obscure.

They're the federal government. Anything they do won't be obscure.

Comment: Re:So, the way I read this is ... (Score 1) 153

by lfaraone (#29370977) Attached to: Terrorists Convicted With Help of NSA E-mail Intercepts

While I agree they needed the warrant in the first place, proponents would argue that they wouldn't have known about these guys without the program. Given that these guys were arrested in the U.K. I don't know if the N.S.A. tipped off U.K. authorities, or if the program was entirely useless in this scenario. Regardless, the real question is was this worth the liberties lost?

What liberties lost? There aren't any laws protecting the transmission of Email, AFAICT. The analogy I use when explaining email to other people is that of a postcard; anybody who handles it (relay servers, ISPs, etc) can read it, but they *probably* won't. It's not like sealed postal mail, which I believe has some legal status. If you want any security in your electronic communications, use strong crypto.

Comment: Re:Huh? (Score 1) 500

by lfaraone (#29075599) Attached to: Encryption? What Encryption?

Yeah, but then you run into the trouble where some government agency "convinces" one of the developers to put a back door into the encryption module.

Security works better when there's diversity. I've mentioned this in the past with regards to operating systems, but it's like evolution and natural selection. When disaster strikes, the more genetically diverse species will survive. Likewise, when some government agency gets involved, there's a better chance of emerging unscathed when there's more variations in security products.

Fortunately the developers of TC prefer to remain pseudonymous. Moreover, it's all open-source, so you can compile-from-that and check the code beforehand.

Comment: Re:"M$" (Score 1) 1008

by lfaraone (#28509249) Attached to: Richard Stallman Says No To Mono

No it isn't. Go have a look at it - meta mod is just "here's 10 comments. Wanna mod them up or down?"

From http://slashdot.org/faq/metamod.shtml:

Metamoderation is a second layer of moderation. It seeks to address the issue of unfair moderators by letting "metamoderators" (any logged-in Slashdotter) "rate the rating" of ten randomly selected comment posts. The metamoderator decides if the moderator's rating was fair, unfair, or neither.

Comment: Re:Really.... (Score 1) 288

by lfaraone (#28452371) Attached to: Has Google Broken JavaScript Spam Munging?

Really with the development of better OCR technologies and such comes the elimination of e-mail security by obscurity. If you don't want spam either A) have a decent spam filter (I don't think I've had a single piece of spam pass through G-mails filter and only one false positive) or B) don't share your e-mail address. Those are the only two ways to prevent spam that will continue to work.

Well, my email address is made up of my name, so I just tell people it's myfirstname@mylastname.cc. (use sensible replacements)

Comment: Re:Um, (Score 1) 146

by lfaraone (#28452051) Attached to: OLPC Fork Sugar On a Stick Goes 1.0

The problem with that is that a lot of computers that old don't support booting off of a USB drive. Plus, some of the computers might only have USB 1.1 leading to slower transfer times. If this is your goal why not try to have it be "sugar on a disk" thats going to be infinitely easier than "sugar on a stick".

That's a solution too: all the sugar packages in SoaS are in the Fedora repos (and soon also Debian/Ubuntu), so you can just install it like any other package.

When you don't know what you are doing, do it neatly.

Working...