Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?

Comment Re:Consider the background of auto makers (Score 2) 158 158

The question isn't what I think *should* be, it's what I think about what they already *did*. Of course I think that banks should have to encrypt data over their website. And I would support regulation that requires it, and enforcement of that regulation. But not holding them responsible for something that wasn't in the rules when they did it.

Further, there is a big difference between being able to sniff packets in the clear and reverse-engineering a car's ROM. How perfect does a car's system have to be before you don't fault them? No system will ever be unhackable, so when whatever system they use gets hacked, are they always going to be held responsible in hindsight in your eyes?

Comment Re:Consider the background of auto makers (Score 4, Insightful) 158 158

If a carmaker builds a car that explodes in a normal accident, then they are negligent. But if they build a car that explodes when someone fires an RPG at it, I don't blame the automaker.

The kind of hack that takes control of a car and disables the brakes is not an accident. It is like someone cutting the brake lines. And we don't require car manufacturers to make brake lines out of triply reinforced kevlar and steel so that people can't maliciously cut through them, nor require automakers to wrap the car in fireproof material in case somebody douses it in gasoline and sets fire to it. They just need to be enough to make it through standard operating conditions, not outright attacks.

There will always be security holes as long as there is enough reason for someone to want to take control of a car. So although I think it is a good idea for carmakers to build better systems ("Mercedes Benz - the only luxury car that isn't affected by the ZeusMobile trojan!"), I think assigning liability in hindsight is a bit harsh. But some additional regulations that require some of the obvious best practices (air-gapped systems, etc) would also make sense.

Comment Re:Nonsense law still can't be ignored (Score 2) 157 157

The points that you (and AC) raise are legitimate concerns, and the way that they have been addressed is by giving ex ante review by the courts on probable cause and ex post review as to the admissibility of the evidence. Of course one can always say that these reviews are insufficient, but the whole point of a warrant is for the state to acquire specific evidence of a crime, and the proper time for the target to challenge it and have it reviewed is ex post. If targets were able to challenge warrants before they were executed it would give criminals plenty of opportunity to destroy evidence that they knew the government is looking for. And if you are saying that 2 judicial reviews are not sufficient to ensure justice for the accused, then why would 3 (including Facebook who at the end of the day doesn't care as much as you do) provide the standard of justice that you want?

Note that this is very different from a subpoena, which is what Facebook argued the warrant was really like. With a subpoena, the whole process is 2 sided, because the subpoena'd party is being asked to actually create evidence, such as answering questions in a deposition. So there is no fear that the evidence can be destroyed - it doesn't exist yet! However, actually getting the evidence that you want is, by its very nature, more difficult because it is not simply sitting on the floor of a garage or something.

But the important thing to point out is that it is much easier to serve somebody with a subpoena than it is to obtain a warrant. If Facebook had won, it would have meant that investigators would have had to prove the probable cause standard to obtain the warrant (like a warrant), then would have to fight to actually get the information (like a subpoena) which really doesn't make sense.

If you think that warrants don't currently provide sufficient protection for individuals, then you should provide those additional protections to all defendants, not just those whose potentially incriminating evidence is "on a computer." But before you say that you want targets to have their say before a warrant is executed, think hard about what that means for the man standing in the doorway, trying to read the warrant as the police show up at the door, trying to figure out what to do next. If he doesn't speak up, does he lose his right to object to the warrant at trial? Does he have a time limit for how long he can review it? The fact that the target can't contest the warrant before it is served is actually a protection because it puts the review in the correct place - in a courtroom in the bright light of day instead of a traffic stop or a sidewalk pat down.

Comment Re:Nonsense law still can't be ignored (Score 1) 157 157

Fourth Amendment:

[t]he right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.

This is not something new at all, and not at all at odds with the 4th amendment. The 4th amendment protects you from "unreasonable searches" - not *all* searches, and they can't issue the warrant in the first place without probable cause (as determined by a judge who signs the warrant). Lastly, the place to be searched (Facebook) and the things to be seized (photos and comments) are well specified. Where is the 4th amendment violation?

If you lived at any time since the founding of this great Republic, and stole your neighbor's pig and ate half of it, then hid the leftovers at a friend's house, then the authorities could search your friend's house looking for the the remaining bacon, even though you did the crime and it is your neighbor's property that is being searched. Just because your friend's house is now "on a computer" and the incriminating evidence is a photograph instead of a pig doesn't change any of that logic.

Comment Re:Nonsense law still can't be ignored (Score 5, Insightful) 157 157

This case has nothing to do with "nonsensical legislation." It is straightforward rules of evidence and criminal procedure. The judge didn't say the warrant was OK, she just said that:

1) an invalid warrant "on a computer" is the same as an invalid warrant i.r.l. Meaning that a properly issued warrant gets served, then the thing the prosecutor wants to search gets searched, then if the defendant has reason to believe that the warrant was improperly issued or the search was done improperly, then those issues get brought up at trial to determine the admissibility of the evidence obtained from the search. It's what you see in courtroom dramas when evidence gets thrown out at trial - note that it is getting thrown out at trial, not being prevented from being found in the first place.

2) Even if the warrant was improper, Facebook isn't the defendant here and isn't the right person to challenge it anyways. Let's say the prosecutors suspect that you used rat poison bought at the local mom & pop general store to poison somebody. And the mom & pop store doesn't have any computers - you paid cash and they just took an old fashioned carbon copy imprint of your credit card. So they get a warrant to go through all those paper receipts to prove that you bought the rat poison. The mom & pop store isn't in the position to challenge that warrant, only you are. This case with Facebook is the same thing just "on a computer"

If we want to hold that "on a computer" isn't anything unique or different for patent purposes, we can't argue that "on a computer" has a different meaning for rules of evidence in a criminal proceeding.

Comment Re:I was really excited about this (Score 1) 134 134

Any time you have an in-group/out-group dynamic, you have to be careful that it doesn't turn into one of the many times in human history when that becomes a source of unspeakable pain and suffering. Snubbing the contributions of other nations in the control room paid for by American taxpayers by employees whose paychecks are paid by American taxpayers is not really comparable to, say, African colonization or the First World War. Maybe you can hope that humans stop seeing some people as part of their group and other as not part of that group, but I don't see that happening any time soon. Since that way of viewing the world seems to be hard wired into humanity, I think it is great when it gets channeled into increasing human knowledge, or even scoring more goals than the guys in the red jerseys, rather than "let's slaughter them because they talk funny."

Comment Re:Good point, but Uber is a bad example (Score 1) 432 432

I'm not sure I understand how "surge pricing" will increase drunk driving fatalities. I guess you are thinking that someone gets out of a bar to go home, and because surge pricing is too expensive, they drive home themselves instead of calling a cab/Uber (or instead of someone else setting one up for them). But the limitation on the availability of cabs is because there are more people looking for cabs than there are cabs on the street. Surge pricing brings more cabs out on the street, since supply curves slope upwards. With more cabs on the street, there are more drunk people getting rides home. You can't have a scenario where surge pricing is in effect because there is a lot of demand for cabs, and at the same time, having less people using cabs.

Comment Re:as always.... (Score 1) 204 204

I'm not sure that is what is happening here. It seems reasonable that a rocket owner will refuse to take liability for the stuff on the rocket, since a rocket blowing up is not uncommon. So they basically say, "you can send stuff on our rocket at your own risk." Maybe the satellite owner should go out and buy insurance, but if it was up to the rocket owner to buy the insurance they would just pass that exact cost on to the payload owner (making the payload owner pay for the insurance indirectly).

So the question is, if a Boeing (or whatever) satellite was destroyed on a NASA rocket that blew up, did NASA reimburse Boeing for the damages, or was it the same as here? And then, if it is always the payload owner who bears the risk, should the US government buy insurance? I think the answer to that is no, since the cost of insurance will have to be greater than the expected cost of actual losses in the long run, and the government can afford to self-insure in this case.

Submission + - Ask Slashdot: 1 1

njnnja writes: My wife receives periodic emails (about once every other month) from a cable company that is not in our service area that purport to confirm that she has made changes to her account, such as re-setting her password. Her email address is not a common one so we do not believe that it is someone accidentally using it; rather, we believe that an identity thief is subscribing to cable services intentionally using her name and email address.

Whenever we have gotten an email we have called the cable company, been forwarded to their security department, and we are assured that her social security number is not being used and that they will clear her name and email address out of their system. Yet a few weeks later we get another email. Our concern is that when the cable company goes after my wife for the unpaid balance on the account I am sure that neither they nor a collection agency will care much that it's not her social security number — it's her name and they will demand she pays.

We have a very strong password (long, completely random string of chars, nums, and symbols) and 2-factor authentication on the email account so we are fairly certain that no one is currently hacking into her email (at least, it's not worth it for however many thousands of dollars they can actually steal off this scam), But we think that the cable company should be doing more to not be complicit in an attempted identity theft. We have made it clear that we don't live in the area they cover so we should not have an account, but the fact that they keep setting up an account in her name means that they just don't care. Which is fine; I don't expect a cable company to care that they inconvenience us, but I would like to know if there is any way that we can make them care about it (liability, regulations, etc). I know YANAL but does anyone have any ideas about how to handle this? Thanks.

Comment Re:A long time coming... (Score 1) 364 364

I'm not sure exactly what you are saying, but you can't compare the United States today to China today. China is undergoing one of the world's largest mass migrations in the history of the world, as it has gone from about 30% urban to 50% urban in just about 10 years. The US has been about 3/4 urbanized for the last 40 years. So China needs new buildings because people are moving to new places. In the US, cities just aren't growing as fast.

For example, everybody has heard of how difficult it is to find a place to live in San Francisco (or how expensive it is) because of the lack of new building and the large influx of new people. But San Francisco is only growing about 10,000 people per year. In China, many cities are growing at 10 or 50 *times* that amount. Without building lots of excess capacity (that is quickly used up) they could never keep pace.

Comment Re:This triggers my WW3 theories. (Score 2) 190 190

Sure those sites will be offline, but just as you can get to the next floor on a stopped escalator, you can communicate with anybody in the world on an internet without facebook and twitter. You just have to put forth a little more effort than just standing there.

Comment Re:This triggers my WW3 theories. (Score 5, Funny) 190 190

Speaking of Die Hard and "key sites" like facebook, one of my favorite scenes in any movie is in the first Die Hard when the terrorists shut down the building, there are a bunch of cut scenes to big locks engaging and the building going into lockdown. However, one of those scenes is a very dramatic shot of the escalators stopping. Because of course that would prevent anybody from getting to the next level of the building. Similarly, if Facebook and Twitter were shut down, only the totally clueless would be hindered in any meaningful way.

Facebook and Twitter - the escalators of the internet.

Comment Re:A long time coming... (Score 4, Insightful) 364 364

The whole "Chinese ghost city" bubble tends to be misunderstood. Sure there are boondoggles in Mongolia but a lot of those ghost cities are basically extensions of boomtowns. And it is tough for people to understand just how big a boomtown in China is; Shenzen is adding almost 300,000 people every year, Tianjin almost 600,000. So the general area of Shenzen needs to build a city the size of Pittsbugh, and Tianjin needs to build a city the size of Boston *every year*. Most of those empty cities were built in anticipation of people relocating from elsewhere and have filled up quickly. And for those that haven't, with building on that massive a scale, if they build residences for an extra 100,000 people in the wrong place here and there it's hardly a sign of foolhardy building that isn't necessary *somewhere*.

Comment Re:Citizen of Belgium here (Score 2) 1307 1307

You are confusing money, value, creation, and notional. Not everything that has value is money. And the notional of derivative contracts is not the same as its value. If we make a bet on a coin toss for $100, we have created $100 of notional, not of value, and we have certainly not created $100 of money.

In these matters the only certainty is that there is nothing certain. -- Pliny the Elder