Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 


Forgot your password?
Close
typodupeerror
×

Comment My response (Score 1) 1

Good find. I left a comment. I'm not sure if they'll publish it, as it is too lengthy.

It seems rather disingenuous to compare Weev-and-Gawker with any sort of legitimate, responsible behavior. There were so very many failures:
1.Weev could have tried to contact AT&T. I understand the reasons for not doing so. One of them is the legitimate fear of being accused of wrong-doing oneself! I know that can happen. Or one may be ignored entirely. I have seen that too, on many professional and not-so-professional information security researchers' websites. One should try though. Otherwise, what was the point in pen testing, beyond self-serving or malicious intent?
2. Weev did not need to provide Gawker with the entire list of 114,000 user IDs. For all practical purposes, 100 or 10 or 1 would have been sufficient, for Gawker's purposes.
3. Gawker behaved in a grossly irresponsible manner, in accepting the list.

I am sympathetic, and find plausible, the argument that Gawker was equally culpable as Weev. If Weev is prosecuted, deemed guilty and sentenced, the same should apply to Gawker, or whomever made the decision to proceed. It isn't an issue of "Freedom of the Press". Gawker is no Wikileaks. Gawker was crucial in disseminating personal, private information, thus victimizing 114,000 people who had committed no wrong.

I guess that it is easier to argue in favor of Weev, instead of against Gawker. I remain unconvinced that this action. taken by the illustrious group of computer scientists and researchers via the Amicus brief, is the correct way to proceed. Who will file an Amicus brief in defense of any individual who, for example, hacks Google servers, and discloses 114,000 account names and passwords to... I was going to say Al Jazeera or The Jerusalem Post or FARS. But I don't believe that we'd have anything to fear or be concerned about, as Al Jazeera, Jerusalem Post, FARS, any and every decent major or minor media outlet with any professional (or amateur!) code of ethics would not facilitate such a betrayal of trust.

Part of e-discovery, as practiced in the legal profession, includes the tenet that one should only accept and keep the bare minimum necessary of data required to do one's work. Accepting and keeping information creates an obligation and responsibility to do the right thing with it, to safeguard it. In this case, it is the data disclosure that caused damage. The only way to require companies to report breaches is through regulatory law. Is that what the end goal is, in this Amicus? I don't know.

Submission + - When did transformative use become a defense against copyright infringement? (photo-mark.com) 1

Submitted by Mrs. Grundy
Mrs. Grundy writes: Almost every major copyright case in the last twenty years has hinged on whether the accused infringer has used the original work in a transformative way. Transformative use has been especially prevalent in cases where technology creates novel uses of existing work such as Perfect 10 v. Google. But neither the word "transformative" nor the concept of transformative use is found anywhere in the U.S. statute that defines copyright and fair use. Photographer Mark Meyer outlines the legal history of transformative use as a defense for copyright infringement tracking how the idea started from a short journal article and became the law of the land.

Submission + - Stanford Files Weev Amicus with Mozilla, Security and Privacy Experts 1

Submitted by Anonymous Coward
An anonymous reader writes: Andrew Auernheimer ("weev") was convicted of a federal felony for something many of us do routinely: changing a user-agent and crawling a public website. His case is now on appeal in the Third Circuit. The Stanford Center for Internet and Society has filed an amicus brief, clarifying the technical issues and arguing that the conviction poses a grave risk to research. Signatories include the Mozilla Foundation and a litany of security and privacy luminaries.

Submission + - Switzerland tops IPv6 adoption charts as US lags behind at fourth place (paritynews.com)

Submitted by hypnosec
hypnosec writes: According to recent statistics Switzerland has aced the IPv6 adoption charts by leapfrogging Romania, which topped the charts for nearly a year. According to Google Switzerland’s adoption stands at 10.11 percent – the highest for any country. Romania on the other hand has an adoption rate of 9.02 percent followed by France at 5.08 percent. Switzerland took the top position near the end of May and the primary reason seems to be Swisscom and its drive to adopt the next IP version. US stands at fourth place with just 2.76 percent adoption.

Comment Automated user support for enterprise customers? (Score 1) 1

by Ellie K (#43790031) Attached to: IBM releases 'Watson box'

The article is a good read. IBM'ls decision to use Watson for this purpose doesn't seem likely to improve customer service at the enterprise level. If you're an enterprise or major corporate customer, you are presumably paying plenty for user support, and will want a person to help you. The not-automated usage scenario could work though. A live customer service person would benefit from Watson type assistance.

This doesn't seem well-suited toward small businesses, but I didn't find anything about the target market.

Submission + - IBM releases 'Watson box' (computerworld.com.au) 1

Submitted by angry tapir
angry tapir writes: IBM has released a new product based on the game-show-winning technology used in Watson. The new 'Watson Engagement Advisor' is designed to let companies better interact with their customers, either directly through providing an intelligent agent that draws on natural language processing, a knowledge store and data about an individual customer or indirectly by advising the people who directly engage with a business' customers. IBM says that performance of the Watson system has increased by 240 per cent since it won Jeopardy! and its size has been reduced to the equivalent of four pizza boxes.

Comment Google+ card look (Score 1) 1

by Ellie K (#43739181) Attached to: Google's House of Cards
I just saw it. "Cards", yes. That post was phrasing it politely.

WHAT is Google doing?! Google+ looks like Newsvine or Tumblr now, with three columns of stacked "card" blocks. I liked Google+ a lot for the past 2 years. Now, it is a mess. 41 changes were rolled out today.

Submission + - Google's House of Cards 1

Submitted by theodp
theodp writes: In The Design That Conquered Google, The New Yorker's Matt Buchanan reports that "cards" — modeled after real cards — are set to become one of the dominant ways in which Google presents certain types of information to users. The power of a card as a visual-organization metaphor, the secret of its infiltration, said Matias Duarte (lead designer of Android), is that "it makes very clear the atomic unity of things; it’s still flexible while creating a kind of regularity." Hey, maybe that Bill Atkinson was really on to something with that dadgum HyperCard software of his back in the '80s!

Submission + - Canada courts, patent office warns against trying to patent mathematics (www.slaw.ca)

Submitted by davecb
davecb writes: The Canadian Intellectial Property Office (CIPO) warns patent examiners that ..."for example, what appears on its face to be a claim for an “art” or a “process” may, on a proper construction, be a claim for a mathematical formula and therefore not patentable subject matter.” (Courtesy of Paula Bremner at Slaw)

Submission + - Ask Slashdot: What is the best hard-copy backup of my digital identity? 1

Submitted by Megaport
Megaport writes: 'Digital identity' can mean whatever set of unique digital artifacts happen to be most precious to you, or the keys to those things. In my case, it probably comes down to all my ssh & gpg keys and password safes. What is the best way to get a printout or other physical representation of that data in a medium that is inexpensive and inconspicuous?

My current idea is to pass-phrase encrypt and ASCII armor all my keys and safes, then sign the package using each of the keys it contains. I've collected these through 20 years of working in the industry with a lot of people who would be easily able to recognize and verify them from among their own crypto-collection, so my feeling is that this could also be useful for establishing myself in a digital environment through ad-hoc webs of trust.

Put the whole thing onto a QR code, print it out cards, stickers and t-shirts which I take everywhere and also leave in my trail behind me. My digital identity would be secure of everything this side of a rubber hose for the pass-phrase. Is this a reasonable security trade-off?

Please slashdot, tell me how paranoid I need to be. Anyway, I can't think of anyone better to ask whose name doesn't start with 'Bruce'.

Submission + - North Carolina May Ban Tesla Sales To Prevent "Unfair Competition" (slate.com) 7

Submitted by nametaken
nametaken writes: From the state that brought you the nation’s first ban on climate science comes another legislative gem: a bill that would prohibit automakers from selling their cars in the state.

The proposal, which the Raleigh News & Observer reports was unanimously approved by the state’s Senate Commerce Committee on Thursday, would apply to all car manufacturers, but the intended target is clear. It’s aimed at Tesla, the only U.S. automaker whose business model relies on selling cars directly to consumers, rather than through a network of third-party dealerships.

[The article adds] it’s easy to understand why some car dealers might feel a little threatened: Tesla’s Model S outsold the Mercedes S-Class, BMW 7 Series, and Audi A8 last quarter without any help from them. If its business model were to catch on, consumers might find that they don’t need the middle-men as much as they thought.

Comment Re: Moxie (Score 3, Interesting) 128

by Ellie K (#43718525) Attached to: Saudi Arabian Telecom Pitches to Moxie Marlinspike

Aside from the fact that he's been championing against the certificate authority system...

Yes! I was wondering when someone would mention this! Anyone who's curious can glance at Moxie's repositories on Github. It is exactly as you described, about his efforts to make a better certificate authority system. I don't know if it was because it gave the U.S. too much power, or because it was not especially reliable (I think DigiNotar or Digi something cert auth break happened around then), many other issues.

I have mixed feelings about Moxie. He's very much the Anarchist, rebel hax00r. But he isn't insufferably arrogant like some of his peers are. He's a good sailor (not yachts!); sometimes I like what he has to say. And he looks sweet, handsome in the one photo I've seen of him, not overstated or hipster-odious. Anyway, the last time I checked, Moxie was a Twitter employee.

Good point too about the oddity that "agents of a foreign power", whether Saudi Arabia or any other, would approach Moxie for such work. It is unlikely that Saudi Arabia would be less informed than you and I. Moxie has a hefty entry in Wikipedia. I even wrote a post on my hobby blog about one of his projects a few years ago! I have no doubt that retaining Moxie's services would be worthwhile. But there are many less visible, less vocal alternatives.

I wish I could say "thank you" to whomever submitted the original post here. Good find!

Slashdot Top Deals

This place just isn't big enough for all of us. We've got to find a way off this planet.

Close