Follow Slashdot blog updates by subscribing to our blog RSS feed


Forgot your password?
Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. ×

Comment Re:How to they block hotspot? (Score 2) 57

Multiple different detection methods:
-Your phone queries the network to see if tethering is permitted, or it explicitly tells the network it's tethering.
-TTL value on packets are an unexpected value. If many of your packets have a TTL of say 30, but they suddenly see an influx of packets with a TTL of 29, that's a sign
-Examining MAC addresses. Similar to above, if they normally get packets with a MAC of XYZ but then get a bunch of ABC, sign of tethering.
-Fingerprinting of the network stack. By examining characteristics of network settings they can guess what OS is being ran
-Examining data and URLs. Was a desktop webpage requested? Did the user agent match to a desktop OS? etc.

Not everything is foolproof and guaranteed-false positives would be easy to happen. But it's not very hard to detect if the person is lazy. End to end encryption and running everything through a VPN tunnel can help mask many of the detection methods.

The Courts

Appeals Court: You Have the Right To Film the Police ( 174

An anonymous reader quotes a report from Ars Technica: A divided federal appeals court is ruling for the First Amendment, saying the public has a right to film the police. But the 5th U.S. Circuit Court of Appeals, in upholding the bulk of a lower court's decision against an activist who was conducting what he called a "First Amendment audit" outside a Texas police station, noted that this right is not absolute and is not applicable everywhere. The facts of the dispute are simple. Phillip Turner was 25 in September 2015 when he decided to go outside the Fort Worth police department to test officers' knowledge of the right to film the police. While filming, he was arrested for failing to identify himself to the police. Officers handcuffed and briefly held Turner before releasing him without charges. Turner sued, alleging violations of his Fourth Amendment right against unlawful arrest and detention and his First Amendment right of speech. The 2-1 decision Thursday by Judge Jacques Wiener is among a slew of rulings on the topic, and it provides fresh legal backing for the so-called YouTube society where people are constantly using their mobile phones to film themselves and the police. A dissenting appellate judge on the case -- Edith Brown Clement -- wrote Turner was not unlawfully arrested and that the majority opinion from the Texas-based appeals court jumped the gun to declare a First Amendment right here because one "is not clearly established."

Comment Re:Isn't it the victim's Echo they want info from? (Score 1) 116

I'm far from a legal expert but doesn't the gov't already have the power to subpoena library records to see if a defendant checked out books on poison or bombs?

Thanks to Section 215 of the Patriot Act, the government didn't even need to have a lawful request with judicial review. They could just ask for it and demand the library not tell anyone. That section has expired, but most states still allow records to be requested with a court order or lawful request.

Comment Re:For variable values of "practical" and "relevan (Score 2) 142

This can only be done with a collision attack if the CA is really, really stupid. Proper CAs should include chain-length restrictions in their certificates.

Please correct me if I'm wrong, but it appears that most CAs are really, really stupid. Here's a list of the CAs included in Firefox: https://mozillacaprogram.secur... . I split the PEMs into a pile of files, and checked them:

$ for pem in * ; do openssl x509 -text -in $pem | grep pathlen ; done
        CA:TRUE, pathlen:4
        CA:TRUE, pathlen:1
        CA:TRUE, pathlen:1
        CA:TRUE, pathlen:7
        CA:TRUE, pathlen:7
        CA:TRUE, pathlen:3
        CA:TRUE, pathlen:5
        CA:TRUE, pathlen:12
        CA:TRUE, pathlen:12
        CA:TRUE, pathlen:12
        CA:TRUE, pathlen:12
        CA:TRUE, pathlen:3
        CA:TRUE, pathlen:10
        CA:TRUE, pathlen:3

So out of 172 root CAs only 14 include any path length restrictions, and even the ones who do still allow some chaining. This is what allowed the beautiful Short Chosen-Prefix Collisions for MD5 and the Creation of a Rogue CA Certificate to succeed.

I don't think the SHApocalypse will be tomorrow. This was an identical-prefix attack instead of a chosen-prefix which constrains the attacker considerably, and the computation required is much higher even to generate simple collisions. However, (again, please correct me if I'm missing something) it does seem plausible that that further weaknesses will be found which provide just enough leverage to forge a signature with one of those 172 CAs, and we may eventually see a rogue sha1WithRSAEncryption CA issued.

Comment Re:Artificial Gravity (Score 1) 154

Almost all of the issues that are described in that article are less about sleeping in space and more about sleeping in a new environment. If you take someone who is use to sleeping out in the country and put them next to a train station in a busy city, they're going to have problems sleeping. Or take the person use to sleeping next to the train station and put them out in the country where there isn't that same constant background noise.

The only thing that seemed to be especially unique to a space environment was the unnatural floating which is likely gotten use to with a prolong period in space. Short shuttle or capsule stay, you aren't there long enough to really get use to it. Multi-month space station stay, you get use to it and probably have a problem sleeping when you come back to earth and that pesky gravity thing returns.

Comment Re:They are more likely to do what I want if I pay (Score 2) 274

Extracting copper, gold, etc isn't the purpose of recycling them, that's just what makes it possible to do so affordably and hopefully for the recycler, profitable. The purpose of recycling them is to safely recover or at least contain the hazardous materials that would otherwise be buried, released into the air, or leech into water supplies where it becomes an environmental or health hazard.

Comment Re:0.21 what? (Score 1) 641

Some googling show me that the legal limit in Indiana is 0.8 percent, so I guess she had a blood alcohol level of 0.21 percent or 2.1 per mille.

You're right on her conversion but not on Indiana's legal limit. The law states it's .08% or .08 grams per deciliter (.8 milligrams per milliliter).

It's not uncommon for it to be misstated as .8, so whatever source you found might have had it wrong.

Slashdot Top Deals

Practical people would be more practical if they would take a little more time for dreaming. -- J. P. McEvoy