Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?
Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. ×

Comment I think I got dumber reading that... (Score 1) 143

Let's break it down...

"We need a 'trip mode' for social media sites that reduces our contact list and history to a minimal subset of what the site normally offers."

If you don't want things in public, don't put them on social media.

"Not only would such a feature protect people forced to give their passwords at the border, but it would mitigate the many additional threats to privacy they face when they use their social media accounts away from home."

No it wouldn't. The oligarchs who want the data will just get it via other means. "Giving passwords at the border" is a convenience for them, but not the only way to get the data. And what are these "additional threats to privacy"? That's just meaningless add-on to the sentence. You created the threat to your privacy when you posted the information in public.

"Both Facebook and Google make lofty claims about user safety, but they've done little to show they take the darkening political climate around the world seriously."

Facebook and Google never have and never will care as much about your privacy as you do. They MAKE MONEY off of mining your information! And another meaningless sentence add-on... "darkening political climate"... huh? When did governments stop wanting information on travelers, ever?

"A 'trip mode' would be a chance for them to demonstrate their commitment to user safety beyond press releases and anodyne letters of support."

And it would be a false sense of security. All it takes is a subpoena or a claim that you're a "terrorist" to get any social media company to quite-willingly hand over whatever law enforcement wants, without you even knowing about it.

"What's required is a small amount of engineering, a good marketing effort, and the conviction that any company that makes its fortune hoarding user data has a moral responsibility to protect its users."

Or just stop feeding them user data.

"To work effectively, a trip mode feature would need to be easy to turn on, configurable (so you can choose how long you want the protection turned on for) and irrevocable for an amount of time chosen by the user once it's set. There's no sense in having a 'trip mode' if the person demanding your password can simply switch it off, or coerce you into switching it off."

They can switch it off whenever they like... it's called a subpoena. You're fixing the wrong problem putting a "mode" in the user front-end. What's needed is encryption on the back end and even the company "hoarding" the data you willingly gave them NOT being able to read it at all, which... obviously isn't their business model...

The key thought here is, you do NOT need social media. No one NEEDS social media. Whatever you GIVE WILLINGLY to a company about yourself is easily accessed by anyone who can even hint that you are some sort of "threat" to anyone in society. No "mode" will fix that. Just STOP providing the information if you don't want it seen by everyone.

Comment Re:Lovely (Score 4, Interesting) 76

It's fine that you don't, but those of us who are aren't really worried. Client side encryption means not trusting the transport layer - even https.

No 1Password data is put at any risk through the bug reported about CloudFlare. 1Password does not depend on the secrecy of SSL/TLS for your security. The security of your 1Password data remains safe and solid.


(I use LastPass myself)

The security I get from having unique 14+ char completely random passwords for _every_ site by far outweighs the slight possibility that access to both my encrypted binary as well as my master password slips out. The by far easiest attack vector for that would be hacking my systems, and if that happens any system I log on to can be snooped then and there as well.

Comment Re:Weak/nonexistent punishments for faulty notices (Score 1) 81

All patent applications are signed under penalty of perjury. However, the US Patent and Trademark office disbanded its enforcement department in 1974. So, you can perjure yourself on a patent application with impunity.

Unless it's testimony in a criminal case, or the perjury trap in front of a grand jury, or something they want to prosecute like lying on your tax form, the Federal government is in general lassiez faire about perjury, or even encouraging of it with their reluctance to prosecute, especially perjury committed by a so-called intellectual property holder.

Comment Re:ECC (Score 1) 263

No boot ROM means that a hardware device constructed from discrete logic and analog chips directly demodulates digital data from the radio, addresses the memory, and writes the data. Once this process is completed, it de-asserts the RESET line of the CPU and the CPU starts executing from an address in memory. Really no ROM!

Slashdot Top Deals

Elegance and truth are inversely related. -- Becker's Razor