Catch up on stories from the past week (and beyond) at the Slashdot story archive


Forgot your password?

Comment Re:How to crack: (Score 1) 183

I think this speaks to the fact that post-Snowden, the game has entered a new stage.

Pre-Snowden the NSA or whoever would not have been willing to do such a thing, due to the very high likelyhood of detection. Yes, 99.9% of people aren't going to notice their phone doing something unexpected. But if you apply it to everyone because you want the ability to grep their communications for keywords a.k.a. selectors then you need all of it, all the time. There are over a billion Android activations now. Even 0.01% of users being tech savvy and using custom/modified ROMs or analyzing their phone more carefully would notice what's up, and then their secrecy (the most prized asset) is blown. Secrecy is a double edged sword, it protects them but also limits them. So - not feasible.

Unfortunately, post-Snowden, the intelligence agencies know two things. Firstly, their secrecy is blown. Everyone knows they spy on every person alive, all the time. Most of their secrets are now ex-secrets. There's nothing to defend anymore there. The second thing they know is that it seems people don't give a shit. There were no protests in the streets. There were no diplomatic repercussions. It went in front of Congress and got voted down. The UK didn't even get to have a vote, the government just went full Orwell and other than some angry newspaper columns jack shit happened. Time to invade Syria? Parliamentary recall. Journalists have their materials seized? Stay on vacation. Generally they learned, totalitarian surveillance ranks lower in the priority stack than whether to invade Syria or not.

The combination of these two things means they're going to get really aggressive now. Automatically MITM every SSL connection using a FISAd CA? Unthinkable before, too easily detected. Post-Snowden, why not, it's just another way to do what people already know about. Force Google to back door every Android? Why not! They already track peoples movements everywhere, including people who switch phones to try and avoid detection. They apparently have the ability to turn phones into bugs, even if they appear to be switched off. Automatic, global backdooring of every mobile device wouldn't surprise people.

In short I think we may have lost as much as we gained from Snowden's leaks. Sure, the veil of secrecy was torn down. But society failed to rise up. The secret police have won. Now they can do anything without fear, and there's literally nothing to stop them.

Comment Re:Very little utility here (Score 2) 183

Er, what? We just learned this summer that governments are sucking up EVERYTHING and storing it for god knows how long, and you think it's useless because you would need to obtain the device to read the content?

No way! At this point any kind of crypto, even the unauthenticated kind, is a good step forward.

Comment Re:now i will never fly BA (Score 1) 286

I'm very forgiving when things break. If there's a problem with my plane's engine, by all means, please take all the time you need to repair it!

But I'm not at all forgiving of poor planning, like suddenly realizing that the scheduled pilot has worked too many hours in a row and isn't allowed to fly any more that day. Or maybe noticing that the engine is due for an oil change, and delaying the flight for an hour while that's performed. Both of those are real world examples of the fun I've had with United.

Comment Re:Don't build big *concave* glass buildings (Score 1) 151

As a Londoner myself, I think I'm allowed to take the piss out of Americans who habitually bring up that stereotype, even though it's blatantly not true. As somebody who's lived in a few places around the world, my chief complaints about the weather are that it doesn't get hot enough in summer and the winters are pretty mild and boring too! It doesn't stop the locals whinging like a bunch of babies.

Comment Re:So basically... (Score 1) 459

how is it that common standards make so much sense for html, programming languages, engineering but not for human communication?

I know this one!

It's because everyone has been talking for as long as they can remember and they confuse that with communication.

After that it becomes a question of what they want to communicate versus what communication you expect to receive. Ever met a manager who talks during the entire meeting even though nothing he is saying applies to the subject of the meeting?

Comment Re:Why was this even posted? (Score 2) 141

From the article:

It is queried for phone numbers of interest mainly using what are called “administrative subpoenas,” those issued not by a grand jury or a judge but by a federal agency, in this case the D.E.A.

In other words, no, there's no oversight. The DEA issues its own legal requests. The AT&T "contractors" who issue the queries sit next to the agents and are paid for by the DEA (in other words, they're employees of the government). Elsewhere the presentation makes a reference to routing requests via Washington state which somehow converts them into court orders, not sure what that's about.

Also, the presentation tells agents to cover up the fact that it exists and how to do so, so we're back into "parallel reconstruction" terroritory.

That said, I actually care less about this sort of thing than what the NSA is doing, as it's (a) not classified and apparently can be learned about via the regular channels despite their requests for secrecy and (b) it's being used to catch more ordinary, every day criminals like people who rob jewellery shops or make bomb threats. The almost total blurring between corporation and state is very concerning because it implies there's nothing stopping it from stepping over the line and becoming used for petty political activism or worse, but at least they try to actually justify the programs existence with examples (unlike nearly all NSA training material, it seems).

Comment Re:Disclaimer (Score 1) 141

Not only that, but actually current cell-site data for any phone is publicly available for a small fee (1 cent). The GSM Home Location Register is a worldwide database which all carriers need access to for roaming to work, the fact that somehow some companies are able to sell access to it perhaps should not really surprise anyone. What you get back are cell tower IDs, not co-ordinates, but I guess it may be possible to build a map of tower IDs to physical locations (or obtain one) if you're determined enough. For many uses it's not even that hard, as you don't need all of them but just the small set of locations where you expect your target is likely to be.

I guess the next step for drug dealers and other people who don't want to carry a portable tracking device would be to use VoIP via VPNs or other proxy services. I anticipate that over time proxying traffic will become illegal ("packet laundering" anyone?). No way are governments going to give up this wonderful gift society gave them in the form of knowing everyones location, all the time.

Comment Re:Actually, you do not have the freedom to exceed (Score 1) 732

Current laws already recognise it's not all or nothing - that you can ride a bicycle does not mean that driving a car is exactly the same, so bicycles are treated differently than cars (here bicycles have a right to operate on the highway, cars do not - they and their driver must be licensed and insured).

As for responsiblility, you're going to need rules for that too I'm afraid. When your untrained unlicensed driver runs over some pedestrian, and does not have enough money to pay for the pedestrian's health care, someone has to enforce that they have financial responsibility.

Comment Re:Not really (Score 2) 732

That's fine to the safety nazis. They would say "Well just don't overtake and be more patient".

We already see this with motorways with lorries. You get one lorry with its limiter set to 55.9999998 mph and another lorry with its limiter set to 56.0000001 catches it up and starts to overtake. 15 miles later it's finally past after causing all of lanes 1 and 2 to be going at 56 mph for the last 15 miles, and lane 3 bunched up nose to tail traffic doing about 60.

Slashdot Top Deals

ASCII a stupid question, you get an EBCDIC answer.