Follow Slashdot blog updates by subscribing to our blog RSS feed


Forgot your password?

Comment Re:As a content creator and an Australian (Score 1) 109

.. content creators (a.k.a. Hollywood)

I don't think this is / will be specifically aimed at Hollywood (we Australian's do have a small film industry).. I think that was just a rabble-rousing association made by someone who wants to whip up opposition.

That you're a content creator who wants his work protected and you oppose it because of an implication it's for Hollywood shows how effective this tactic is.

FYI I am also a content creator (software dev), but since I write business software that isn't distributed and my personal software is open-source, I do appreciate the benefits of the status-quot (though the proposal isn't particularly hard-line anyway), I don't have strong views on this. I just wouldn't get too foamy at the mouth about an implied association.

Comment Re: Idiot pruf (Score 1) 228

You'd need to exploit the browser in such a way that you can POST to the modem with a custom user agent set, that'd be a pretty serious exploit, and I'd be more worried about that. You could then use the modem to try and trick around with DNS to get on other machines, but it'd be hard to do transparently. It would all have to be pretty well tailored.

Anyway I'm not saying this isn't a security hole that needs to be fixed, but that the idea that this shows the need for increased regulation is nonsense.

Comment Re:Idiot pruf (Score 1) 228

I'd be more worried about your level of reading comprehension being recorded for posterity.. "If you have a serious amount of money riding on your $100 modem/router/wifi being secure from within your own network then no amount of legislation is going to help you."
  • This bug is only exploitable if you enable WAN administration
  • All internet traffic involving money / confidential data should be (and pretty much always is) encrypted
  • If you are sending important unencrypted data over the wire you can just listen to the wire
  • Do you really want to pay for the routers you buy to go through a bureaucratic process to establish whether the software (including third party software) has been thoroughly tested? Should that include the component parts like the processors, thttpd, linux? What would that legislation look like? How would it be enforced for overseas companies?

You'd probably get equally indignant if such legislation actually passed based on your knee-jerk reaction and US router prices shot up. ("But what about the starving family with only $100 budgeted for their router?")

Comment Re:Will this stupidity ever end? (Score 1) 228

From executive team page: "Born in 1952, Roger Kao graduated from Tamkang University with a degree in Electrical Engineering. He went on to earn his Master’s Degree in Electrical Engineering and Computer Science from National Chiao Tung University where he also served as an Associate Professor."

Really though if you don't know whether third party software embedded in a few of your huge range of products contains a hidden backdoor when a rarely used feature is activated what kind of CEO are you?

Comment Re:Idiot pruf (Score 0) 228

Yes government should get involved in the design of routers, and write laws about software code vetting. After all the huge extra costs would be absorbed by the shareholders, not us.

If you have a serious amount of money riding on your $100 modem/router/wifi being secure from within your own network then no amount of legislation is going to help you.

Comment Re:Tor compromised (Score 1) 620

Then again since anyone can be a tor node, and there are never enough tor nodes, and tor nodes are more likely to be used for shady activity, it just takes a decent percentage of tor nodes to be compromised and you can pretty quickly build a picture of who common clients are and who they are talking to. For a server it can't be too difficult, with government resources, to track someone down through tor nodes. I'd say with a decent sized botnet and enough time you'd be able to chip away at anonymity without much difficulty.

Comment Re:Open source browsers? (Score 1) 307

You are in the category "I agree with you". I think DRM will prevent fair use of materials as well as prevent them from falling into the Public Domain at the end of the limited Copyright period, and there needs to be recognition of these problems right now in order to protect society's interests. A straightforward solution is to make technological protection an alternative to Copyright protection - you can chose either one, but not both.

Comment Re:Open source browsers? (Score 1) 307

(All DRM is purposely designed to break content. It provides absolutely no benefit to the user)

Breaking content in a standard way, which can then be unbroken in a standard way (likely to be cross platform and supported by your browser); as opposed to only being unbroken by a dodgy Windows-only rootkit supplied by the content distributor.

Comment Re:Open source browsers? (Score 4, Insightful) 307

Indeed. Encrypted Media Extensions, W3C First Public Working Draft 10 May 2013:

This proposal extends HTMLMediaElement providing APIs to control playback of protected content.

The API supports use cases ranging from simple clear key decryption to high value video (given an appropriate user agent implementation). License/key exchange is controlled by the application, facilitating the development of robust playback applications supporting a range of content decryption and protection technologies.

This specification does not define a content protection or Digital Rights Management system. Rather, it defines a common API that may be used to discover, select and interact with such systems as well as with simpler content encryption systems. Implementation of Digital Rights Management is not required for compliance with this specification: only the simple clear key system is required to be implemented as a common baseline.

That rationale (as I've heard it explained) is that media (video/audio) content distributors are going to implement DRM, so the Hobson's choice is between giving them a standard interface (HTML EME) or having every distributor create their own proprietary media player (probably platform-specific with embedded rootkit).

If you believe that all media should be gratis, or you believe that all media should be open and consumers should be trusted to pay for non-gratis media absent any technological protection, then you will view EME as a bad thing.

If you believe that Copyright should be able to exist on media and that authors and/or distributors should be able to charge for the video/audio, and you believe that technological protection measures may have some impact to reduce non-paid use of such media, and you believe that it is in the interest of consumers to have standards for these sort of things, then you may view EME as a good thing.

Slashdot Top Deals

If I have not seen so far it is because I stood in giant's footsteps.