Become a fan of Slashdot on Facebook


Forgot your password?
Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×

Comment Re:Why do we care? (Score 1) 45

Your analogy is flawed in two ways.

First, “cloud repositories” are not used just to distribute malware. But that is not the most important.

Second, if someone shoots me with a gun, I die, I do not have any choice. If someone hands me malware, I ignore it and move to something else.

Malware is a non-issue. The real issue is the abysmal security of consumer devices and software.

Comment Re:GPL (Score 1) 176

Actually, you are slightly wrong. The three options you suggest apply before you are in a situation of copyright violation: when you are considering distributing your project, you have to do one of these things.

But after the copyright violation, it is too late. If you steal something, get caught and give it back, you still go to prison. The same applies to any kind of wrongdoing: undoing it after getting caught does not avoid the punishment.

The GPL has an explicit provision for violations: (emphasis mine) “Any attempt otherwise to copy, modify, sublicense or distribute the Program is void, and will automatically terminate your rights under this License.”

In other words, if someone violates the terms of the GPL and gets caught, they lose all right to the software, and have to beg the copyright holders to get them back. The copyright holders may be satisfied with simple compliance, but they may require extra good will proofs.

Of course, if the infringer does not want to comply, the only option becomes to sue them. And the judge would not order compliance, only damages.

Comment Re:Why is that possible in the first place? (Score 1) 97

Why is it possible in the first place?

If I were to design a protocol of this kind, one of the first measures I would take, in the protocol itself if relevant and in any implementation, would be to check that peer-provided source addresses match the routing system, making spoofing impossible. I cannot fathom that the people who designed this particular protocol did not do the same from the beginning, and even more so that they did not fix it since then.

Comment Re:He can buy it back ... (Score 1) 111

Hear, hear.

This is exactly wanting to have the cake and eat it. Or even more appropriately, the French version: he wants the butter and keep the butter money.

As a side note, since trademarks are associated with a particular kind of products, he could sell McAfee sandwiches or open the MacAfee massage salon and be ok.

Comment Re:You are missing the point (Score 2) 219

Indeed. I should have been more explicit in my message: the wad of cash and the brass knuckles were colorful examples, but the real threat comes from peer pressure within the family, even more so because it is most often implicit.

(There is a scene in an Astérix comic book: the village must vote between its current (male) chief and a woman; the Druid explains the secret ballot procedure, the woman candidate proposes a show of hand, and then a show of hand to decide if the actual vote will be by a show of hand; all the women raise their hand for the show of hand, and when the men want to raise theirs for the secret ballot, a dark look from their wives stops them. It loses a lot of its funny if you think about the actual reality of domestic abuse that is being parodied and that usually goes the other way around, but I think it illustrate how important and tricky the secret ballot is.)

Comment You are missing the point (Score 5, Insightful) 219

You are completely missing the point. All the cryptography and the blockchains and the secure protocols in the world can not detect if someone is standing behind the computer with a wad of cash (vote buying) or brass knuckles (coercion) and checking that you are voting right.

One of the core features of the secret ballot is the voting booth, where the voter is alone to do the final choice, with official oversight.

Of course, the privacy of the voting booth is not perfect, it is weakened by all sorts of features, from absentee voting to tolerating children in the booth with their parent. But it is still the norm for most voters and is way more solid than a situation where the norm would be to vote from home.

Comment Lack of anonymity (Score 5, Interesting) 204

Vote-by-mail, or any system where there is no voting booth with official overseer, lacks anonymity.

Voters need the right of keeping their vote secret, but that is not enough. If voters can show who they voted for, they can be intimidated or otherwise induced into voting for someone in particular. They can of course say who they voted for, but they cannot be allowed to prove it to someone else.

That is what the voting booth is for. With generalized vote-by-mail, we would see much more vote buying and small-scale intimidation such as “vote for my stepbrother if you want to keep your job”.

I am surprised that so few people make that connection when the issue arises.

Comment Re:Load malware? (Score 1) 112

Yes, just typing, and in a matter of seconds. Just typing: no seeing what you type, no knowing the keyboard layout, no knowing the user interface running, nothing except keys blindly. As was already pointed out by numerous persons before you posted your duplicated comment, this would work on lusers computers left to the default values. A rather costly attack (requires hardware and physical presence) that can only work generically on the most worthless of targets. Not really worrying. (Of course, for targeted attack, that is another story entirely.)

Well, I suppose I shall expect still half a dozen of similar comments from self-styled geeks that are so proud to know the default keyboard shortcut for running a command on the only OS and desktop environment they know.

Slashdot Top Deals

1 Mole = 007 Secret Agents