Please create an account to participate in the Slashdot moderation system

 



Forgot your password?
typodupeerror

Comment Re:Why I am not joining Google+ (Score 1) 1223

I'm a strong believer in having people use their real names in social networks, this I find is useful in weeding out a lot of strange interactions online. Having to use your real name and or easily identifiable account seem to make people post more cautiously than they would anonymously.

Having said that, I still feel the current enforcement of Google+'s real name policy and data deletion is not up to par with any type of decent policies I would expect Google to come up with. As this is a test phase, I hope this would be ironed out. Even a strike system ( like France's 3 strike or ISP's 6 strike) would be more agreeable instead of the current implementation.

I would suggest people test Google+ with Google accounts that do not contain a lot of sensitive or valuable data.

Comment Re:Why I am not joining Google+ (Score 2) 1223

I'm sorry, in this case they have already implemented such a policy. In the case of the name scenario. A warning appears that if you do follow with the change to your name, all information in your account would be deleted and account access would be blocked. Test it out on a throw away account. This harsh warning/implementation would probably be changed at a latter time, but right now I do not feel linking my content to a service that can quickly delete it.

Comment Re:Why I am not joining Google+ (Score 4, Interesting) 1223

I left Google+ due to their data deletion policies, Google+ would blanket delete your entire Google existence without warnings if you even innocently did something that they did not like on Google+. Which such a policy, I do not feel comfortable having Google+ linked to the rest of my Google data.

I am a content creator, and I would not like having things on my various accounts deleted cause of a simple policy violation. I figure they still have to iron out the legal issues to do with this, but till they figure it out, I'm out.

For example: If you change your name 5 times (or just correct it), Google says it would delete all your information. I kid you not. Saw this dialog and felt Google+ was not for me. As a content creator, I already deal with similar issues on YouTube, at least there you can appeal.

Comment They should have a school for copyright trolls. (Score 1) 182

I make original game video on my YouTube channel, even then I get my video's claimed by people like "IMG Media UK" (google them) weekly, basically they go around throwing DMCA on video they find just to have people subscribe to them. To the point videos that aren't disputed are removed from YT.

A few months ago another copyright troll (Kanobu Networks) tried doing this on a bunch of my videos that they ripped from my channel (Yes they ripped my video, re-posted it and claimed copyright on the original video). Frustrated with a lack of option to deal with this type of copyright troll, I looked around for other victims of Kanobu and had them protest on Kanobu's YT channel (since google does nothing to stop copyright trolls). Eventually Kanobu got so much negative comments that they stopped claiming copyright on other people's YT videos and apologized. Kanobu too was trying to get subscription to their channel.

Comment Re:What about CentOS? (Score 4, Informative) 201

Straight clones should still be possible as long as redhat complies with the GPL, the main things their changes to kernel packaging will do it

1: make it harder for unrelated distros (e.g. debian) to pigyback of redhats long term support work for kernel releases 2: make it harder for anyone else to provide high quality support for redhats patched kernels by making it much harder for them to answer the question when something goes wrong of "what did redhat change and why".

Debian does not use Redhat kernels. Two different distributions, packing systems and philosophies.

Android

Nexus S Beats iPhone 4 In 'Real World' Web Browsing Tests 260

bongey writes "In a series of measured real-world web load tests, the Android-based Nexus S phone spanked the iPhone 4. The Android phone and iPhone 4 median load times were 2.144s and 3.254s respectively. The sample size was 45,000 page loads, across 1000 web sites. It also follows rumors that Apple is intentionally slowing down web apps to make their native apps more favorable."
Real Time Strategy (Games)

Blizzard Suing Creators of StarCraft II Hacks 385

An anonymous reader writes with this excerpt from Rock, Paper, Shotgun: "Blizzard have taken the extremely peculiar decision to ban players from playing StarCraft II for using cheats in the single-player game. This meant that, despite cheating no one but themselves, they were locked out of playing the single-player game. Which is clearly bonkers. But it's not enough for the developer. Blizzard's lawyers are now setting out to sue those who create cheats. Gamespot reports that the megolithic company is chasing after three developers of hacks for 'destroying' their online game. It definitely will be in violation of the end user agreement, so there's a case. However, it's a certain element of their claim that stands out for attention. They're claiming using the hacks causes people to infringe copyright: 'When users of the Hacks download, install, and use the Hacks, they copy StarCraft II copyrighted content into their computer's RAM in excess of the scope of their limited license, as set forth in the EULA and ToU, and create derivative works of StarCraft II.'" Blizzard used similar reasoning in their successful lawsuit against the creators of a World of Warcraft bot.
Linux

Torvalds Becomes an American Citizen 654

netbuzz writes "Having brought his open-source work and family to the United States from Finland some time ago, Linus Torvalds has marked an important personal milestone by attaining US citizenship. A casual remark on the Linux kernel mailing list about registering to vote led to the community being in on the news. Torvalds has acknowledged being a bit of a procrastinator on this move, writing in a 2008 blog post: 'Yeah, yeah, we should probably have done the citizenship thing a long time ago, since we've been here long enough (and two of the kids are US citizens by virtue of being born here), but anybody who has had dealings with the INS will likely want to avoid any more of them, and maybe things have gotten better with a new name and changes, but nothing has really made me feel like I really need that paperwork headache again.' In that post he also expresses dislike for the American style of politics in which he will now be able to participate directly."

Comment Re:Ok you've got my attention (Score 5, Informative) 136

Here is a better explanation of what happened by Danny O'Brien (http://twitter.com/mala)

---- posted in verbatim for /. proof ----

Theres been a lot of alarming but rather brief statements in the past few days about Haystack, the anti-censorship software connected with the Iranian Green Movement. Austin Heap, the co-creator of Haystack and co-founder of parent non-profit, the Censorship Research Center, stated that it had halted ongoing testing of Haystack in Iran; EFF made a short announcement urging people to stop using the client software; the Washington Post wrote about unnamed engineers who said that lax security in the Haystack program could hurt users in Iran.

A few smart people asked the obvious, unanswered question here: What exactly happened? With all that light and fury, there is little public info about why the worlds view of Haystack should switch from it being a step forward for activists working in repressive environments that provides completely uncensored access to the internet from Iran while simultaneously protecting the users identity to being something that no-one should consider using.

Obviously, some security flaw in Haystack had become apparent, but why was the flaw not more widely documented? And why now?

As someone who knows a bit of the back story, Ill give as much information as I can. Firstly, let me say I am frustrated that I cannot provide all the details. After all, I believe the problem with Haystack all along has been due to explanations denied, either because its creators avoided them, or because those who publicized it failed to demand one. I hope I can convey why we still have one more incomplete explanation to attach to Haystacks name.

(Those whod like to read the broader context for what follows should look to the discussions on the Liberation Technology mailing list. Its an open and public mailing list, but it with moderated subscriptions and with the archives locked for subscribers only. Im hoping to get permission to publish the core of the Haystack discussion more publicly.)

First, the question that I get asked most often: why make such a fuss, when the word on the street is that a year on from its original announcement, the Haystack service was almost completely nonexistant, restricted to only a few test users, all of whom were in continuous contact with its creators?

One of the things that the external investigators of Haystack, led by Jacob Appelbaum and Evgeny Morozov, learned in the past few days is that there were more users of Haystack software than Haystacks creators knew about. Despite the lack of a public executable for examination, versions of the Haystack binary were being passed around, just like unofficial copies of Windows (or videos of Iranian political violence) get passed around. Copying: its how the Internet works.

We were also told that Haystack had a centralized, server-based model for providing the final leg of the censorship circumvention. We were assured that Haystack had a high granularity of control over usage. Surely those servers could control rogue copies, and ensure that bootleg Haystacks were excluded from the service?

Apparently not. Last Friday, Jacob Appelbaum approached me with some preliminary concerns about the security of the Haystack system. I brokered a conversation between him, Austin Heap, Haystack developer Dan Colascione and the CEO of CRC, Babak Siavoshy. Concerned by what Jacob had deduced about the system, Austin announced that he was shutting down Haystacks central servers, and would keep Haystack down until the problems were resolved.

Shortly after, Jacob obtained a Haystack client binary (I think from Evgeny). On Sunday, Jacob was able to conclusively demonstrate to me that he could still use Haystack using this client via Austins servers.

When I confronted Austin with proof of this act, on the phone, he denied it was possible. He repeated his statement that Haystack was shut down. He also said that Jacobs client had been permanently disabled. This was all said as I watched Jacob incontrovertibly using Haystack, using his supposedly disabled client, using the same Haystack servers Austin claimed were no longer operational.

It appeared that Haystacks administrator did not or could not effectively track unofficial users and that the methods he believed would lock them out were ineffective. More brutally, it also demonstrated that the CRC did not seem able to adequately monitor nor administrate their half of the live Haystack circumvention service.

Rogue clients; no apparent control. This is why I and others decided to make a big noise on Monday: it was not a matter of letting just CRCs official Haystack testers quietly know of problems; we feared there was a potentially wider and vulnerable pool of users who were background users of Haystack that none of us, including CRC, knew how to directly reach.

Which brings us to the next question: why reach out and tell people to stop using Haystack?

As you might imagine from the above description of Haystacks system management, on close and independent examination the Haystack system as a whole, including these untracked binaries, turned out to have very little protection from a high number of potential attacks including attacks that do not need Haystack server availability. I cant tell you the details; youll have to take it on my word that everyone who learns about them is shocked by their extent. When I spelled them out to Haystacks only core developer, Dan Colascione late on Sunday, he was shocked too (he resigned from Haystacks parent non-profit the Censorship Research Center last night, which I believe effectively kills Haystack as a going concern. CRCs advisory board have also resigned.)

Deciding whether publishing further details of these flaws put Haystack users in danger is not just a technical question. Does the Iranian government have sufficient motivation to hurt Haystack users, even if theyre just curious kids who found a strange binary on a bulletin-board system? Theres no evidence the Iranian government has gone after the users of other censorship circumvention systems. The original branding of Haystack as Green Movement software may increase the apparent value of constructing an attack against Haystack, but Haystack client owners do not have any connection with the sort of high-value targets a government might take an interest in. The average Haystack client owners is probably some bright mischievous kid who snagged a binary to access Facebook.

Lessons? Well, as many have noted, reporters do need to ask more questions about too-good-to-be-true technology stories. Coders and architects need to realise that you simply cant build a safe, secure, reliable system without consulting with other people in the field, especially when your real adversary is powerful and resourceful state-sized actors, and this is your first major project.The Haystack designers lived in deliberate isolation from a large community that repeatedly reached out to try and help them: that was a very bad idea. Open and closed systems alike need independent security audits.

These are old lessons, repeatedly taught.

New lessons? Well, Ive learned that even apparent vapourware can have damaging consequences (I originally got re-involved in investigating Haystack because I was worried the continuing lack of a real Haystack might encourage Iranian-government-created fake Haystack malware as though such things were even needed!).

Should one be a good cop or a bad cop? I remember sitting in a dark bar in San Francisco back in July of 2009, trying to persuade a blase Heap to submit Haystack for an independent security audit. I spoke honestly to anyone who contacted me at EFF or CPJ about my concerns, and would prod other human rights activists about what they knew about Haystack whenever I met them (most of us were sceptical of his operation, but without sufficient evidence to make a public case). I encouraged journalists to investigate the back story to Haystack. I kept a channel open to Austin throughout all of this, which I used to occasionally nudge him toward obtaining an audit of his system, and, finally, get a demonstration that answered some of our questions (and raised many more). Perhaps I should have acted more directly and publicly and sooner?

And now I am think about Austin Heaps own end quote from his Newsweek article in August, surely the height of his fame.A mischievous kid will show you how the Internet works, he warns. They certainly did in this case.

Slashdot Top Deals

If you fail to plan, plan to fail.

Working...