Become a fan of Slashdot on Facebook

 



Forgot your password?
typodupeerror
Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×

Comment Re:I use Truecaller for the Android (Score 1) 172

Right. And do you have every one of your contacts' permission to share their personal information with TrueCaller? Please educate yourself about what this app actually does.

We need an opt-out if this ever becomes widespread - and being the default dialler in CyanogenOS it may just start to become widespread - akin to the _nomap georeferencing opt-out for WiFi. IMHO this is nothing more than a trojan horse to collect information on telephone numbers. The opportunities for "monetisation" are clear.

Comment Re:EU Privacy (Score 1) 58

The real issue here is identity. You are not your name. Your name is just a convenient pointer others hang on the person that is you. You are the sum of many things; who you associate with, what you do, how you think, et cetera.

Obviously these customers are hashing with the same hash and seed Google are using; they have to be or the whole exercise would be pointless. These organisations may not have the nous to prevent Google from reassembling the original data, so there are no guarantees. Also, they're not anonymising when they're matching two separate data sources. That's not anonymisation in anyone's book. That's pure sophistry, bollocks and misleading bullshit to cover insidious mining and profiling of people's PII.

All of this becomes irrelevant, however, when you realise that, to Google, your identity is that pesky hash. Talking about anonymity at that point becomes pointless.

Comment Re:EU Privacy (Score 2) 58

The issue here is that a third party has access to the unhashed identities and are hashing it with the same hash and seed Google use - they have to be or there would be no point in giving the results to Google. That party may not have the nous to stop Google from reassembling their massive hoard of privately identifying information if they really wanted to. They can also gain insight into which hashes have relationships with their customers (the advertisers, we're product not customer) in order to poke even deeper into people's online activities.

If you're anonymising, it means just that: The data cannot be traced back to a real identity. If you're data mining on an ongoing basis, don't use the word "anonymised" and say what you really mean, otherwise it's just meaningless, misleading bollocks.

Also to remember is that your identity isn't just your name. In fact, the name is just a convenient pointer others hang on the person that is you. You are the sum of what you do, how you think and who you associate with. Given that, the name/e-mail address/UID is irrelevant, at which point the hash itself becomes your identity, even more so than your name or SSN.

Comment Re:EU Privacy (Score 4, Insightful) 58

Shops giving a HASH of the email address knowing Google can match it to a hash of the list of email addresses it collected by Android, is linkage. It's no anonymized, its simply passed as a hash.

This. Anonymised would be one-way, non reversible obfuscation of the source's identity. This is just pure sophistry foisted upon us simply because the vast majority of people this affects can't tell the bloody difference.

Comment Re: illegal autonomous cars? (Score 2) 398

Flow battery - the latest one with non-toxic electrolytes and long lasting membrane. Minor detail is you'd need four tanks (one for each electrolyte charged and spent) but the recharge process would be much faster - filling station removes spent electrolyte pair and replenishes with charged, recycling the spent electrolyte with its own bulk charger - and it would remove the elephant in the room that nobody mentions when talking about electrical vehicles: The cost of replacing the hideously expensive, highly reactive and toxic LiFePO cells every 500 or so recharge cycles. It also removes the fuel cell issue of storing hydrogen. Filling stations may be able to make a profit from "fuel" instead of relying on cans of coke and sausage rolls, too.

A bigger elephant is that it just moves emissions from the exhaust to the power station but I suppose it may be easier to sequester the output if it's in one place or, at least, manage the release. Filling stations could supplement their income with microgeneration on site feeding the bulk charger, which would help bring the ecobollox down to a dull roar.

Comment Re:WSUSOffline (Score 1) 288

Yes, yes there is. September's happened just when it should have. I don't particularly care what they say about WinX, 7 still gets updates on patch Tuesday, which is what we're discussing here to stop the GetWinX crapware getting in.

WSUSoffline is *NOT* WSUS. It's a custom set of scripts that automates download and installation of critical Windows patches that are deemed to be security essential by the WSUSoffline community. It even runs the collector on Linux - I have it set up as a cron job. You can blacklist patches by kb reference number if they make a mistake.

The whole point was updating fresh installs before letting them go online. It accidentally created the ideal update method for dealing with this crap as a side-effect.
Security

Submission + - Is open source SNORT dead? (networkworld.com)

alphadogg writes: Is Snort, the 12-year-old open-source intrusion detection and prevention system, dead?

The Open Information Security Foundation (OISF), a nonprofit group funded by the U.S. Dept. of Homeland Security (DHS) to come up with next-generation open source IDS/IPS, thinks so. But Snort's creator, Martin Roesch, begs to differ, and in fact, calls the OISF's first open source IDS/IPS code, Suricata 1.0 released this week, a cheap knock-off of Snort paid for with taxpayer dollars.

The OISF was founded about a year and a half ago with $1 million in funding from a DHS cybersecurity research program, according to Matt Jonkman, president of OISF. He says OISF was founded to form an open source alternative and replacement to Snort, which he says is now considered dead since the research on what is supposed to be the next-generation version of Snort, Snort 3.0, has stalled.

"Snort is not conducive to IPv6 nor to multi-threading," Jonkman says, adding, "And Snort 3.0 has been scrapped."

According to Jonkman, OISF's first open source release Suricata 1.0 is superior to Snort in a number of ways, including how it can inspect network packets using a multi-threading technology to inspect more than one packet at a time, which he claims improves the chances of detecting attack traffic

Comment Re:Ads have been shown to harbor malware too (Score 1) 1051

"Ads are invasive, intrusive, annoying, and I don't want to see them. ever." - by Epsillon (608775) on Sunday March 07, @09:34AM (#31389634) Homepage

No, it bloody well isn't a quote from me. Try by mcelrath (8027) on Sunday March 07, @01:25.

No offence, mcelrath. I see nothing wrong or embarrassing about your post, just incorrect attribution really gets up my nose.

Slashdot Top Deals

Nothing ever becomes real until it is experienced. - John Keats

Working...