Please create an account to participate in the Slashdot moderation system


Forgot your password?

Slashdot videos: Now with more Slashdot!

  • View

  • Discuss

  • Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).


Comment: Re:Can we fix mobile app sandboxes now? (Score 1) 71

by sparty (#46103825) Attached to: Rovio Denies Knowledge of NSA Access, Angry Birds Website Defaced Anyway

Rubbish. You could add a "This app may send your credit card info to third parties randomly or may turn on the camera when specific grunting or fapping sounds are detected on the microphone (which is always on)" permission to Android and 80% of the people who installed the app would click "OK".

That's part of my point—there's no incentive for app or OS developers to be more sensible as long as 80% (and that may be optimistically low) will click "OK, do it" for any permission requested. If people in general suddenly became more aware of the security risks, maybe that number would drop to 50% and there would be some incentive to do things right...

Comment: Can we fix mobile app sandboxes now? (Score 1) 71

by sparty (#46102691) Attached to: Rovio Denies Knowledge of NSA Access, Angry Birds Website Defaced Anyway

Any chance this means that mobile OS and mobile app developers might actually start setting up permissions structures that allow apps to function with the minimum necessary privileges?

The permissions framework on Android (and iOS) seems like a reasonable start, but when the norm for a flashlight app is to have full network access and full camera access, it becomes painfully obvious that we as users are not leveraging the frameworks to protect ourselves. If more people cared about Facebook asking for write access to your first-born's soul, they (and other app developers) might have some incentive to build apps that work within the narrowest ruleset possible.

Instead, we have the current disaster, where my stopwatch app requires full network access, Flood-It has full network access *and* access to the contents of the phone's USB storage, etc. Set up an API to allow ads to get pulled in without granting full network access, limit the access the apps have, and it won't matter if the NSA can access your Angry Birds game.

Comment: Re: Get a real mail account (Score 1) 388

by sparty (#45927971) Attached to: Ask Slashdot: What To Do With Misdirected Email?

That doesn't always solve it. My personal address is on my personal domain, which is my name (dot com). My name is not particularly common, but not terribly uncommon, either, and on several occasions I've gotten misdirected email because someone got the domain wrong. My personal favorite was the Verizon FIOS signup info, because clearly the person who signed up screwed up his *own* email address.

I've given up on dealing with them, I just hit the GMail archive button.

(and yes, I could reduce the volume by turning off the catchall inbox feature, but I prefer to leave it on so that I can sign up for websites with unique email addresses and then know which jackasses sold (or lost) my info to a spammer down the road.)

"Freedom is still the most radical idea of all." -- Nathaniel Branden