Become a fan of Slashdot on Facebook


Forgot your password?
DEAL: For $25 - Add A Second Phone Number To Your Smartphone for life! Use promo code SLASHDOT25. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. Check out the new SourceForge HTML5 internet speed test! ×

Comment This is symptomatic of a larger problem (Score 1) 596

If the free (libre) software / free whatever else community had managed to solve the last mile problem with regard to wireless communications, we wouldn't be in this mess. Consider a situation where the last mile connectivity is much more decentralized. There would be no "phone company" type carrier to be a single point of wiretapping or a coercive force keeping device firmware and software locked down. Consolidation of power, (wireless and media industries,) is what has caused the diversion of energy from writing freedom-preserving software to arguing about whether or not the FBI should get a backdoor in phones. The free (libre) software community can take some of these matters into their own hands by developing stuff that is an alternative to proprietary products.

Current WiFi, bluetooth, and other wireless standards could be used to implement mesh networking. IP is inherently decentralized. The internet was designed to route around points of failure. There are alternatives to captive mobile phone/broadband service that could exist now, with existing hardware. I don't know of anyone working on this stuff because nobody seems to talk about things like that anymore. I assume this is because the common forums for such discussions are all now owned and operated by entities that have consolidated significant power. I unfortunately don't know how to fix this when nobody seems to be interested in anything that smells like a DIY project.

Comment Snowden is probably right (Score 2) 596

Remeber one of the major rules of security: If you have physical access to the machine, you have access to the data. If the machine can decrypt the data, then whomever has the machine can decrypt the data.

If the FBI is even remotely intelligent, the first thing they did upon seizing the phone was crack that sucker open and disconnect the battery to prevent any data self-destruct or remote wipe mechanisms from functioning. To consider the case where the FBI wants to brute force it like they have been claiming, there are probably a few different ways of getting at the data. The first thing you would want to do is get a byte-for-byte copy of the flash contents. This can probably be done via JTAG, but if it can't or it is considered too risky to try, the flash chips can be unsoldered from the board and sent read commands directly via a dev board. It is not like such hardware is hard to get or restricted in any way. Once the data from the flash chips is backed up, you can brute force without risk of losing something useful. Does anyone know of any reason this wouldn't work?

This means that all the instructions required to boot and decrypt the data are now available to be dissected offline, since the phone couldn't decrypt the data without those instructions. All that is missing is whatever the secret is that is used to encrypt the user data.

One exception to the "immediately unplug the battery" rule might involve putting the phone in some sort of ICE mode via JTAG without rebooting it so as to get a RAM dump of the running system. If Apple were sloppy, they might have left a copy of the secret in plantext somewhere in memory. I don't know if it is possible to inject instructions into an iPhone via JTAG that would allow this without rebooting the phone, but I'm sure that could be figured out on a test device first. Maybe "immediately remove the battery" should be replaced by "immediately put the phone in a Faraday cage with a charger."

In any case, what is most distressing about all of this is that both Apple and the FBI are clearly using this situation and the courts to get press that is favorable to their agendas. Apple wants everyone to think they are super pro-security, anti-government power, and the FBI wants everyone to think that they can't decrypt an iPhone without a backdoor. This is all just theater.

Comment The GPL. (Score 1) 113

I would say the GPL itself. It is the only thing that has allowed the software part of the computer industry to at least partially transcend the iron fist of capitalism, (or whatever the iconic hand thing is supposed to be for capitalism.) Without the GPL, we probably wouldn't have internet access at home. We wouldn't have smartphones. Google wouldn't exist. GPS would probably still be military only. It will probably always be at or near the top of any sane, "biggest tech/freedom promoting work," list.

Comment Re:It's the cloud (Score 1) 146

Chrome OS isn't a complete unknown from the user's point of view. Imagine a laptop that runs Chrome, (the browser) in full screen mode and has as it's home page a selection of commonly used office-type web apps and and an app store that works pretty much like the Android web store. You log on to the machine with your Google/Gmail account credentials. That is not particularly unknown even to non-technical users. I don't really like Chrome OS because the hood is welded shut, but for every day usage, (browsing, email, Pandora, video conferencing, etc.), it works fine.

Comment Re:It's the cloud (Score 4, Informative) 146

I was actually going to point out that probably 98% of the Office 365 (Word) users out there would be entirely fine using whatever the most recent version of Word was in 2005. I wrote plenty of stuff in Word in the early-late 90s when I was in school. Lab reports including Excel graphs, etc.. Nearly everything that annoyed me about Word and Excel in 1995 still annoys me about Word and Excel in 2015.

Comment Re:It's the cloud (Score 1) 146

"And I know there's a lot of MS hate from IT people, and sure, I hear you, they could do a lot more to make it better for all you tech wizards that know networking like the back of your hand. It's probably that which is clouding your judgment of their system. To a non-programmer, non-tech guy who thinks CLI is some small government agency and not common language infrastructure or command line interface, MS's stuff is gosh darn fantastic."

Your post implies that non-tech guys' opinions are the only ones that matter. When you need a tech guy, and they can't/won't help you because you have chosen the option that nobody can easily fix, you better have honed your vendor arse-kissing skills in advance because most vendors aren't that helpful unless you give them lots of money first and 90% of the market share isn't going to pay a vendor (much, if at all) for tech support. Knowing networking well does not cloud one's judgement of the system; being technically knowledgable allows one to see features and flaws that the less knowledgable cannot; being knowledgable only "clouds" judgement if your goal is to be wrong.

Comment Re:off topic (Score 1) 223

I have been very concerned about this as of late. (Not slashdot, I mostly gave up on it a long time ago, there are other sites that have sort of picked up where slashdot left off, however.) The only thing that makes me feel a little better about systemd is that it is actually GPLd, and the distros I have looked at that are switching/have switched to systemd still have full-fledged init.d packages. The "roll another distro" is probably the right answer. That being said, I think the real reason to be concerned is that there has been a stunning lack of transparency on the part of the distros that are switching. Reasons that have been given are clearly BS. It appears that docker and similar things benefit from systemd, but it isn't obvious how. I wish I knew. Gentoo FTW.

Comment Re:Patents? (Score 1) 223

Actually, I believe Ballmer was the one who first publicly referred to open source as "open sores". I think that qualifies as at least some amount of disgust at open source, if not visceral hatred. And yes, the GPL's intentionally viral nature is the one thing that pisses MS off the most about it. I'm guessing it is because MS was started by the offspring of lawyers and they didn't think of it first. :) Don't forget Bill Gates' "Open Letter to Hobbyists", wherein he mentions that he is opposed to sharing software because it deprives developers of royalties. This is at least, against the "free" in "Free Open Source Software", though not against open source explicitly.

Comment Re:Beware Rust, Go, and D. (Score 1) 223

The GPL does not prohibit anyone from producing software and then not distributing the source code. The GPL prohibits someone from distributing a binary derived from GPL code without also making the source that compiled into that binary licensed under the GPL and available. An entity can take GPL code, modify it, write stuff that uses it, whatever, and as long as they don't distribute binaries of the derivative work, they are not obligated to release any code at all.

Comment Re:Beware Rust, Go, and D. (Score 1) 223

I would love to believe that MS really is a different company. Realistically, if MS isn't a different company, then it is circling the drain, (albeit, from a great distance still.)

But nobody should believe that a company that has for decades made tons of money by selling units of something that has no incremental cost of production, (copies of software or licenses to use them,) and which is publicly traded and whose investors expect it to do more of the same, will suddenly embrace a project that promises no direct revenues and which will compete with their existing product.

One of the ways you can tell that MS doesn't understand open source is that they are pushing Mono. There is a reason that Mono has been around for more than 10 years without gaining any real traction. It is a clone of .NET. Why on earth would the open source community care about cloning .NET? Particularly back when Mono started, and still now to a large degree, this is what the open source community mostly seems to say about Mono: if you want a .NET runtime, run Windows. What is the point of running .NET stuff on, say, Linux?

Slashdot Top Deals

Any given program will expand to fill available memory.