Slashdot is powered by your submissions, so send in your scoop


Forgot your password?

Comment Re:I love this crap (Score 1) 232

> You upgrade the SSL libraries,

This is not always this easy. Even 3 year old versions of OpenSSL have eal compatibility issues with the most recent releases, and the most basic software compiled with the old dependency can be broken by breaking change in the library. Even such robust software as OpenSSH, curl, wget, and apt have had issues with encryption library updates.

Comment Re:I love this crap (Score 1) 232

I'm afraid that the idea that private companies upgrade regularly or reliably is not well founded in corporate experience.

I'm up right now tuning and helping run disk backups to virtualize obsolete software on obsolete hardware because many private companies _do not_ upgrade. Getting proper backups of them before replacing or upgrading them can be quite tricky when the backup software is the policy mandated corporate licensed software, and it's old, buggy, and the upgrade version does not run on the out of date operating system.

Comment Re: Typical (Score 1) 167

Do you actually submit them to Sci-Hub? Then in such a case, I'd completely agree that they are not engaging in theft. Do you transfer copyright ownership or full publication rights to subscription venues when you published there, if you ever did so? In which case, Sci-Hub would still be acting illegally, but without your personal objection. That's a position I'd quite understand.

If you're willing to discuss it, I'd quite welcome an explanation of why you elect not publish with Elsevier.

I'm also afraid that the more I think about Sci-Hub, the more I'm concerned about scientific fraud published there. Sci-hub has no reliable editing or review process that I can see. This lack of quality control is a real risk to scientific research. Exciting, but mistaken or even fraudulent research can displace less exciting that shows that magnetic monopoles were _not_ discovered, or that transplanting animal kidneys into humans does not end well, or that new herbal preparatons do not actually help with obesity, can be overwhelmed by poorly researched work with no editing or peer review. A critical part of the work of scientific journals is to review the work for authenticity before it's published. That would seem to be lost at Sci-Hub.

Comment Re: Typical (Score 1) 167

> Injunctions and special damages are different in large part because injunctions directly prevent or impair further tortious actions, where special damages have only indirect effects, and are meant as a disincentive to offend further.

That is a fascinating point. Thank you for raising it. I'm unconvinced that I completely agree with it. Even pure "damages" awards can be, and sometimes are, pressed that are beyond a direct measurable amount, and _granted_ under legal pretexts to provide punishment. The definition of "punishment" you're raising may have a real legal meaning, and is worth some review. But I suggest it's not the common English one, and seizure of assets or court ordered payment would seem to be "punishment" of a civil defendant in common language.

I'm forced to refer back to your earlier note:

> In this case, there is no punishment, because it was not a criminal case. There are damages and injunctions, and so far the defendant has avoided almost all of those. That unwillingness to face the consequences makes it hard to call it civil disobedience, much less to argue that it was morally justified civil disobedience.

This makes better sense with your clarification of what you meant by "punishment". Thank you for that clarification.

Comment Re: Typical (Score 1, Informative) 167

I'm afraid that it's called "theft", and is treated as such by the courts and by most people who actually _write_ and publish such papers. For most standards of civil disobedience, accepting the legal consequences is part of what makes it "civil" disobedience.

I'm also afraid there is an even more severe problem for scientific work. As best I can tell Sci-Hub makes _no_ effort to verify the content or authenticity of what they host. Such a loss of verification or of provenance of the data published endangers even the best of professional journals. and contributes to problems like this:

The result is that via unchecked content at places like Sci-Hub, the fake journals rise in search engine ranking and reinforce fraudulent or actively dangerous dangerous scientific claims. Similar problems exist for trade websites, such as Good answers get copied from elsewhere, edited down for simplicity or shortness by the copier, and vital safety steps are left out of the most popular answers. The results can be very dangerous when the shortened answers get applied in the field.

Comment Re:Not the first (Score 1) 64

Sourceforge had occasionally proven useful if developers insisted on using Subversion rather than Git based source control. I'm aware of several projects that use it in order be able to sync single directories of upstream project code, rather than having to mirror an entire project locally. But the much cleaner and less overwhelmingly ad based interface to the github or gitlab web interfaces is an enormous timesaver over Sourceforge's pages where over 90% of the screen space is pure advertising. I'm also afraid that the "download" pages for source code or binaries are deliberately cluttered with misleading links designed to install adware on your system.

Sourceforge used to be a very good repository for open source projects, but I'm afraid became quite unsafe and even unusable for most developers or software users due to the deliberately misleading download links.

Comment Re:Is it illegal? (Score 2) 202

The article you cite seems to be based on ignoring _local_ law and its interaction with federal and international law. In the USA, extortion is normally considered a state matter, not a federal or international one. But as soon as the offence crosses state or international lines, it can easily become one.

Please, be careful what you read from such an article. At least in the USA, there is considerable _state_ law about extortion. Much of it is easily discoverable at While not every state has specifically mentioned computer extortion, the older extortion statutes should still apply with little confusion. As soon as money or goods cross state lines, it becomes a matter of federal interest to US law enforcement. If it crosses international lines, it becomes of interest the the UN FACT, which is concerned with money laundering.

It's completely understandable that an exchange like Coinbase would not want state or federal investigators involved in their operations in any way.

Comment Re:Well Done, Coinbase! (Score 2, Informative) 202

> The real motive by Coinbase is probably a fear that they'll be accused of helping facilitate criminal activity. Bitcoin exchanges are on the narrow edge of falling under regulation,

I suspect that, since many exchanges do facilitate quasi-legal and illegal activity, it's important in business terms for them to avoid any involvement in clearly illegal activity that has the kind of paper trail or provenance that a security firm such as Control Risk might provide. An exchange for an illegal activity, such as laundering money paid for extortion, would seem to make a company ripe for examination by the FCC, the IRS, the FBI for participating in extortion, and the CIA for exchanging in wire fraud helping conceal the identity of the extortionists, and the UN Financial Action Task Force

Comment Re: Ham (Score 1) 263

Or vehicles which already carry a quite large lead-acid battery, or homes that did not need land lines or for whom running copper landlines was quite expensive or even dangerous, or for whom landlines have proven vulnerable. The technology has proven useful, especially for disaster recovery where well protected, reliable cell towers have proven lifesaving for isolated people needing, or offering, help.

Comment Re:Ham (Score 2) 263

> This means a potentially unlimited number of people can be watchin

The number is large, but not unlimited. Enough TV receivers, and the effects of their antennas and even their bodies on the radio passing through them, would tend to block out the signal further away. But the effect is modest and it would take a quite large number of antennas to achieve something like a Faraday cage to block the transmission completely.

Comment Re: Easy answer (Score 1) 146

I've been on the board of several in the last 20 years. Phone records are automatically monitorable by the NSA's ubiquitous monitoring, though tying that back to an individual can be difficult. It still counts as monitoring even if it's unidentified. Medical records are a _nightmare_, especially for those needing opiates of any sort, anything that requires syringes such as insulin, and prescripton controlled psychoactive medications which may be hoarded or resold such as Ritalin and Adderall. And I've helped with repairing phone systems in several such institutions.

If you'd care to tighten the category to homeless who can't remember or refuse to provide their names and family contacts, and who have no critical medical requirements, then they are less monitored or monitorable. But it's part of the role of the staff and of social workers who work with the homeless to get contact information to get them in touch with family and with services who can help them, to help establish contacts with the parts of the "social network" that can help them. It can be a very difficult balancing act to protect the privacy of those who are fleeing a very real danger or simply fears, and to get them the resources they need. But if an institution is saying "there will be nothing other than a paper trace, your identity will forever be secret", it's much like the privacy of the HIPAA policies. It's usually nowhere near as secured, and _cannot_ be as secured, as promised.

Slashdot Top Deals

The life of a repo man is always intense.