Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror
Compare cell phone plans using Wirefly's innovative plan comparison tool ×

Comment Re:"Adult conversation next year?" (Score 2) 231

It's tough to compare the environment now to what law enforcement has "always" done in history, though. There never used to be a way for them to read every single letter and cable being sent and received everywhere, so in that sense, the power they're looking for is unprecedented, even if they promise only to use it in a way that's analogous to old school manual police work. And even the claim that they've "always" had access to the data they're asking for doesn't entirely hold up. They've never had, say, access to timestamped GPS data about everywhere a person has gone every day or years of archives of mail. In the idealized old days, they could start tapping your phone or reading your mail at a certain point in time and get data for that time window, but not everything you'd done for years before that. There are types and quantities of data about us that exist now because of smart phones and ubiquitous use of the Internet that simply didn't exist in the "good old days" he's pining for.

So I think the fundamental claim he's making is at least a little bit flawed, and that's before we even get into discussions about whether it's technologically feasible or whether law enforcement can be trusted with the expanded powers.

Comment Pre-dug tunnels. (Score 1) 231

He basically wants the right to secretly dig a tunnel under your home, sneak in while you're not there, steal whatever they want, and leave without anyone knowing it. Except in your phone.

Even worse: he want the tunnels being pre-dug (= "backdoors").

You know how in Switzerland every house has a mandatory under-ground shelter ?

What he wants is every single house in the USA having a mandatory underground tunnel that leads to a nearby police station. A *secret* tunnel that you're forbidden to know about when you buy your house.
That's what an encryption backdoor is the equivalent of : a mandatory secret back-door built in every house in the USA.

And with the automation and international connection that is available on the internet, the real-world situation is even worse than this putative mandatory tunnel.
(Now the metaphor is getting a bit harder...)

It would be as if the police station had an nearly infinite amount of low-ranking police personal that could devote their entire time to travel the tunnel each day, sneak into your house every single day, and take a picture of you naked in your shower. And not only you personnally, but though every tunnel, available in every single home built on US soil under US building code. Each fucking day.

But said local police station lacks trained and experienced detective to do anything useful out of the photos/objects/proofs brought back from by the agents.

And meanwhile, all the people living outside of the USA are completely immune to it because their local building code either don't mandate the tunnel (and thus, the US police agents can't even use this tunnel network to peak into the homes of ISIS terrorists, although that was the main selling point of the tunnel network when it was voted in)
Or mandate an entirely different type of tunnel that the US police has never heard off (and leaves some part of the US population at risk, because they buy and install a port-a-potty from China, and never realise that these come with tunnels leading directly into their chinese secret police).

All the while the Russia mafia has trained an incredibly huge army of burglars to roam the US (and Chinese) networks of secret tunnels, stealing as much as possible from every house they happen to reach. And even sometimes using your own house as a base of operation to commit crimes while you're away for work. (botnets).

At the end of the operation, maybe 1 single terrorist happens to get caught due to random chance. And maybe due to the fact that he was bragging that he is a terrorist the whole day in the middle of the street ( = wasn't even using encryption at all. Just plain text SMS.)
At the same time there will be millions of damage due to stolen property through the tunnels network.
( = just have a look at the massive data leaks that you have *today* when hacker still go through the long round about route of actually hacking into servers. Now think how much more damage would be done when the hack don't actually even bother to hack, but just leverage the backdoors that are mandated by the various governments)

Comment Why Does My Browser Need to be a Server? (Score 2) 28

(And "What does God need with a starship?")

Brave is trying to make a profitable business with certain things relating to security, but who in their right mind thinks that this is somehow an improvement upon or necessary for secure web browsing? 26,000 engineers? Grandma? Millennials? Who?

No one's thinking of security, or they'd have kiboshed this and a dozen other features, and put the enablement or access of them in a different binary that the OS mediates access to as needed.

Is there seriously not enough interest in a basic, capable web browser that doesn't implement this stuff that an OSS project can't be started up to focus on it?

Chrome

Google Integrates Cast Into Chrome, No Extension Required (venturebeat.com) 28

An anonymous reader writes from a report via VentureBeat: On Monday, Google announced Google Cast is now built right into Chrome, allowing anyone using the company's browser to cast content to supported devices without having to install or configure anything. The Google Cast extension for Chrome, which launched in July 2013, is no longer required for casting. The report adds: "Here's how it works. When you browse websites that are integrated with Cast, Chrome will now show you a Cast icon as long as you're on the same network as a Cast device. With a couple of clicks, you can view the website content on your TV, listen to music on your speakers, and so on. In fact, Google today also integrated Hangouts with Google Cast: Signed-in users on Chrome 52 or higher can now use the 'Cast...' menu item from Chrome to share the contents of a browser tab or their entire desktop into a Hangout." The support document details all the ways you you can use Google Cast with Chrome.
Encryption

FBI Director Says Prolific Default Encryption Hurting Government Spying Efforts (go.com) 231

SonicSpike quotes a report from ABC News: FBI Director James Comey warned again Tuesday about the bureau's inability to access digital devices because of encryption and said investigators were collecting information about the challenge in preparation for an "adult conversation" next year. Widespread encryption built into smartphones is "making more and more of the room that we are charged to investigate dark," Comey said in a cybersecurity symposium. The remarks reiterated points that Comey has made repeatedly in the last two years, before Congress and in other settings, about the growing collision between electronic privacy and national security. "The conversation we've been trying to have about this has dipped below public consciousness now, and that's fine," Comey said at a symposium organized by Symantec, a technology company. "Because what we want to do is collect information this year so that next year we can have an adult conversation in this country." The American people, he said, have a reasonable expectation of privacy in private spaces -- including houses, cars and electronic devices. But that right is not absolute when law enforcement has probable cause to believe that there's evidence of a crime in one of those places, including a laptop or smartphone. "With good reason, the people of the United States -- through judges and law enforcement -- can invade our private spaces," Comey said, adding that that "bargain" has been at the center of the country since its inception. He said it's not the role of the FBI or tech companies to tell the American people how to live and govern themselves. "We need to understand in the FBI how is this exactly affecting our work, and then share that with folks," Comey said, conceding the American people might ultimately decide that its privacy was more important than "that portion of the room being dark." Comey made his remarks to the 2016 Symantec Government Symposium. The Daily Dot has another take on Comey's remarks, which you can read here.

Comment Re:problems, lol (Score 2) 207

I write web services for remote clients to send information to. 50 msec includes the time to establish a TCP connection to the nginx frontend (written in C!), then to run a little bit of Python code to massage the request and either store it in a database (probably written in C, or maybe Java) or fetch data from one, then to return the results to the remote client. At a previous employer, my code did that about 80,000 times per second, averaged 24/7. At the shop before that, we load tested to 500,000 requests per second but it was only for a few minutes sustained at a time.

When was the last time you personally wrote code to handle 500Kops? Did you know that those durn whippersnappers at Google runs a big chunk of their stack on Python and that they'd laugh at our tiny it doesn't matter to the end user. If we could have reduced a 50ms transaction to 10ms by altering the speed of the light signals carrying our requests, we probably would have. But since we live in a universe with physics, the best we could possible hope for was to reduce the time spent in application code to 0.000ms and thereby drop the entire transaction time to 49ms.

Comment Playing on words (Score 1) 140

        : a device that steers a ship, aircraft, or spacecraft in place of a person

Note the "in place of a person".

Note also the "device that steers" (it more or less keeps a trajectory fro the plane/ship, or in the case of cars like BMW, Tesla, Mercedes-Benz, etc. it keeps a lane).

Not "device that handle entirely automatically the complete travel from point A to point B" (that would be an *AUTONOMOUS* car, like Google's, some subs in big cities, busses by other startups. Or simply horses and donkeys).

Cars' driving assistance like Tesla's Autopilot actually behave exactly like the autopilot in a plane or on a ship. You just need to actually know what an autopilot actually does.

Comment Phone typing solutions (Score 1) 605

I am actually following the "silly wire drone interceptor" discussion (a.k.a: admit you always wanted to build yourself a "Spiderman Gun" !)

If you have problems typing your story on the phone, try using a keyboard (I have an original Think Outside keyboard left from my PalmOS days, that still works perfectly with my current Jolla Phone - Nowadays, the foldable you get from Geyes on Amazon are of slightly less good quality).

externally-powered microUSB OTG hub is another solution that works with any USB keyboard you have around.

Comment Re:problems, lol (Score 1) 207

Or, you know. You could actually learn how to write good code at the most powerful level. That's a radical thought.

I did, and that's why I'm using Python. I'm capable of writing web services in C, but who the hell's got time for that craziness? Also consider Amdahl's Law: in most of stuff I write, the "running code to process data" bit is a teensy portion of wall clock time. Much more is spent in socket handshaking or waiting for database queries to finish. Out of a 50ms request lifecycle, perhaps 1ms is spent inside a box that I have complete control of. Even if I rewrote it in assembler (C is for high-level pansies) to be 1000x faster, the request would still take 49.001ms. An assload of work porting security-sensitive code into an untyped languages so that the end result can be 2% faster? Yeah, no. My boss would fire me with a quickness if I proposed that.

I'd be much more likely to rewrite performance-critical code in Go or Rust. They're as fast as C but without the death of a thousand cuts like gotofail waiting to ruin your careful planning. Life's too short to waste it hacking in languages that hate you and make you want to look incompetent.

Programming

C Programming Language Hits a 15-Year Low On The TIOBE Index (businessinsider.com) 207

Gamoid writes: The venerable C programming language hit a 15-year low on the TIOBE Index, perhaps because more mobile- and web-friendly languages like Swift and Go are starting to eat its lunch. "The C programming language has a score of 11.303%, which is its lowest score ever since we started the TIOBE index back in 2001," writes Paul Jansen, manager of TIOBE Index. With that said, C is still the second most popular programming language in the world, behind only Java. Also worth noting as mentioned by Matt Weinberger via Business Insider, "C doesn't currently have a major corporate sponsor; Oracle makes a lot of money from Java; Apple pushes both Swift and Objective-C for building iPhone apps. But no big tech company is getting on stage and pushing C as the future of development. So C's problems could be marketing as much as anything."

Slashdot Top Deals

Statistics are no substitute for judgement. -- Henry Clay

Working...