Become a fan of Slashdot on Facebook


Forgot your password?

Comment Someone please mod that up (Score 2) 411

It was illegal for NSA to gather and to keep that information from the people. Contracts that require illegal acts are invalid.
After NSA decided to work beyond the law Snowden was no longer bound by that contract.

I don't even know for sure if that's literally true but it damn well is worth reminding people: a contract has terms for both parties. We know Snowden violated his terms, but do we know he went first?

Was his consideration purely his paychecks? I know a lot of people go into various branches of government service (everywhere from the mundane office work, to the "glory" of being a warrior) merely as a job, but if you ask people why they work where they work, that's not what all (or even most) of them say. I've never talked (knowingly ;-) to NSA people, but I've talked to 19 year-old-army recruits, 40 year old unemployment insurance workers, a few cops (though it's been a long time), etc and damned if I haven't heard some idealism and oldschool civics from time to time. Do you think those people are lying about why joined the organization? Some, maybe, but not most of them.

There's an expectation that the service has a purpose, and that it's a good purpose. I don't give a flying fuck whether or not "the government shall act in good faith to promote the interest of its citizens" is explicitly written in ink on the workers' contracts or not, because if you get that anal about it, then the very idea of any contracts every having any validity itself becomes nebulous.

Whose place is it to decide whether or not the government has violated its contracts? Everyone's. If you don't believe that, then ask anyone their opinion about Nazi war criminals, to get a better explanation within the context of an easy black/white example. Sure, today's examples are harder and blurrier, but the responsibility hasn't moved.

Comment Yay Progress! (Score 1) 245

Finally. People have been asking for years for software to become even harder to maintain and debug. For too long, we have tolerated too-high quality and reliability, too-low prices, and projects completing absurdly ahead of deadline. I'm glad to see that someone is finally doing something about it.

Comment Re:One other point (Score 1) 223

Interesting that "installing or updating apps" has become a CPU-bound thing, so that more CPUs or cores makes it significantly faster. I normally think of those kinds of activities as being something where your Amiga's single-core 7 MHz 68000 is mostly idle, just waiting for the disk or network I/O.

It's great that my next phone will be quad-core, but I damn well expect it to be using those cores to work on complicated pipelines. If I see more than 10% CPU use on "updating apps" then I'm going to be a bit disappointed.

Comment Name Names (Score 2) 650

The Senate Appropriations Committee supposedly did this unanimously so not a single one of these people can claim it's not their fault:

CHRIS COONS - Delaware
DAN COATS - Indiana
JACK REED - Rhode Island
JEANNE SHAHEEN - New Hampshire
JERRY MORAN - Jerry Moran
JOHN HOEVEN - North Dakota
JON TESTER - Montana
LINDSEY GRAHAM - South Carolina
MARK KIRK - Illinois
MARK PRYOR - Arkansas
MARY L. LANDRIEU - Louisiana
PATTY MURRAY - Washington
ROY BLUNT - Missouri
THAD COCHRAN - Mississippi
TIM JOHNSON - South Dakota
TOM UDALL - New Mexico

But maybe this was one of those "voice votes" where it wasn't really unanimous. It's being reported as unanimous, though, so the disgraced need to issue press releases disclaiming responsibility immediately, if they want to squirm out of this. I live in NM so I blame you, Tom Udall. Explain yourself.

Comment Re:High risk (Score 1) 390

You'd have to avoid anything with obvious wireless access, which means no lock/unlock/panic/remote start systems, and likely not even a car radio since many are on the bus as well.

Ok, you've sold me. I wouldn't miss a single one of those things. Would you?

Comment Re:Obligatory (Score 1) 227

It is, if you then disconnect half of it and move it offsite! I'm not sure that's the best way to do backups, though.

If I were this guy, I'd look into why it takes rsync so long to read the dir tree. This is one of those situations where no matter how much people say "Linux filesystems don't suffer from fragmentation," I nevertheless suspect you're suffering from highly fragmented directories. Let me guess: do you repeatedly come close to filling the disk? Maybe it's time to do this: after the next rsync, destroy your original with a new mkfs.whatever (I hope you have at least two backups) and then cp the data back to it.

Comment It's a start on addressing 10% of the problem (Score 1) 362

Reigning in rogue agencies isn't the answer to the security problem. By all means reign them in, but merely out of civics and saving tax money (our government should be working for us, not against us; all this money being spent on NSA computers could be spent on crack instead, for a net economic gain).

Yet the NSA is merely one (possibly the biggest and most powerful, but still just one) potential adversary out there. Everything they do, someone else could do. And not all adversaries are parts of your government or in any way accountable to you. We have to secure our communications, or else all of your NSA fears (whether currently grounded in reality or not) will eventually come true, but with some other name filled into the bogeyman blank. Please, after we deal with the NSA, let's not go through all this again and again. Can't we learn?

Geez, you could even argue that if we secured our comms, then foreign governments would be less of a threat to us, and the NSA's non-secret agenda would become less necessary. You don't need (quite as badly) the NSA reading the Chinese government's mail, if you start denying the Chinese government the ability to read your mail. In a way, by going to all this extra trouble to make ourselves vulnerable to snoopers, we (at least to some extent) justify the NSA! That's stupid. Even if you think the NSA is necessary (and it probably is!) the goal of all government should be to obsolete itself.

So, NSA guys, I'll at least say this: thanks for the great ciphers. Was this your plan, all along, for persuading us to use 'em? Am I going to read some day, that Clapper ordered Snowden to do what he did? ;-) I don't think it's working, but thanks for trying.

Comment Re:Please Also Note (Score 2) 148

CALEA also requires that encrypted communications be decrypted.

True, within limited context. CALEA requires that the communication providers and equipment decrypt. If you can communicate with general-purpose equipment and networks (e.g. PCs and the Internet) where your software handles things, there currently isn't any law in the US which require it be decrypted. That is why the government wants a "CALEA II," to make it illegal for people to write or use secure software, such as ssh or gpg.

The reason Skype isn't legally allowed to be secure, is that Skype software completely relies on the Skype service, and the dedicated service both falls under CALEA and and has a single point of pressure (currently: Microsoft). If the service were something generic (e.g. use any XMPP server) and replaceable, and if the client software handled the security, then CALEA wouldn't apply. Beyond CALEA itself, governments and other powerful entities can use force against software makers, so just make sure: 1) your software is not single-source; effectively this means it needs to be Free Software 2) it uses generic networks, and the software secures things at the endpoints rather than relying on the service to magically apply security (which is hilarious when you think about it).

Skype's security problems reminds me a lot of some basic strategies for computer freedom in general. While Free Software and standardized services are usually preferred because they're most likely to not work against the user' interests (and if they do, it's almost never deliberate), there actually do exist situations where a proprietary service or application may be fairly safe. The trick is to never, ever use a proprietary application with a proprietary service, combined. As long as one or the other can be replaced, you have a means of keeping the overall system "honest" and responsible to the user.

So while, for example, the iTunes application may be a rather shittier-than-average media player, it's actually fairly safe to use it as a player. Just don't use it with the iTunes store or you're risking getting into a single-source trap. Or if the iTunes store were to opens its protocols so that other applications could transact with it, it would be just fine -- just don't use the iTunes application with it. Similarly, nearly all websites are effectively proprietary (e.g. they're not running GPL3 code) but that's totally not a problem, because your Firefox or Chromium or Konqueror lack special code to screw you over, by for example, locking you into any of these websites (or, say, by leaking session keys to third parties).

The problem with Skype is that you can't use it without the Skype network. And you can't use the network without their app. Together, it adds up to an application and network which are nearly useless, because you'll never be able to trust them. CALEA is almost the very embodiment of the general problem, written into law (!) and limited to the domain of communications. You can see echos (but they're not quite as clear) of the same user-screwing idea written into other laws applying to other domains. e.g. DMCA, which is used to tie proprietary content to proprietary players, keeping users from being able to legally do things the right way (i.e. retain the capacity to "fire" their player or provider).

Comment NSA is not a special case (Score 1) 290

Whatever concerns anyone might have about the NSA, however you think they could have possibly spied on you (whether they bothered or not) your lack of security means there are a thousand other parties just like them, to whom you're just as vulnerable.


If you're worried about the NSA, and I'm not even saying that's dumb, then also worry about the Chinese, the Russians, the kid next door, and Nigerian spammers. Your plaintext is as equally visible to anyone who wants to read it. OTOH if you have your ducks in a row, then the NSA is totally confounded. That is, unless someone has already been waving that $5 wrench at you. But if that's the case, then you already know about it so the issue is moot.

Comment Re:Google should charge for bad/fake DMCA notices (Score 1) 364

They can't put any conditions upon when they'll accept a notice; refusing a notice merely means they lose their liability protection.

But yeah, they could indirectly do it, with other punative measures against recurring abusers. If, say, notices regarding "Boardwalk Empire" were to exceed 50% bogus threshold (i.e. they are wasting Google's time, costing Google money) then Google could just remove HBO's own pages from searches too. Then they could charge in proportion to HBO's abuse, to restore the HBO links. What's really cute about this idea, is that censorship mechanisms already exist at Google, thanks to the same damn industry.

I love the bonding idea too (if anyone should be posting bonds with DMCA notices, it's HBO!), but that's something Congress would have to do.

Comment traitor to his _something_ (Score 1) 719

Regardless of whether you think what Snowden did (and continues to do) is good or bad, he is a traitor to the country.

If you think what he did was bad, then he's a traitor to his country. If you think what he did was good, then he's a traitor to his government and a hero to his country. I think a lot of peoples' opinions on the good/bad question are going to correspond with their opinion about whether or not the country and the government are on the same side.

Slashdot Top Deals

New York... when civilization falls apart, remember, we were way ahead of you. - David Letterman