Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?
Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×

Comment Re:I use Truecaller for the Android (Score 1) 172

Right. And do you have every one of your contacts' permission to share their personal information with TrueCaller? Please educate yourself about what this app actually does.

We need an opt-out if this ever becomes widespread - and being the default dialler in CyanogenOS it may just start to become widespread - akin to the _nomap georeferencing opt-out for WiFi. IMHO this is nothing more than a trojan horse to collect information on telephone numbers. The opportunities for "monetisation" are clear.

Comment Re:EU Privacy (Score 1) 58

The real issue here is identity. You are not your name. Your name is just a convenient pointer others hang on the person that is you. You are the sum of many things; who you associate with, what you do, how you think, et cetera.

Obviously these customers are hashing with the same hash and seed Google are using; they have to be or the whole exercise would be pointless. These organisations may not have the nous to prevent Google from reassembling the original data, so there are no guarantees. Also, they're not anonymising when they're matching two separate data sources. That's not anonymisation in anyone's book. That's pure sophistry, bollocks and misleading bullshit to cover insidious mining and profiling of people's PII.

All of this becomes irrelevant, however, when you realise that, to Google, your identity is that pesky hash. Talking about anonymity at that point becomes pointless.

Comment Re:EU Privacy (Score 2) 58

The issue here is that a third party has access to the unhashed identities and are hashing it with the same hash and seed Google use - they have to be or there would be no point in giving the results to Google. That party may not have the nous to stop Google from reassembling their massive hoard of privately identifying information if they really wanted to. They can also gain insight into which hashes have relationships with their customers (the advertisers, we're product not customer) in order to poke even deeper into people's online activities.

If you're anonymising, it means just that: The data cannot be traced back to a real identity. If you're data mining on an ongoing basis, don't use the word "anonymised" and say what you really mean, otherwise it's just meaningless, misleading bollocks.

Also to remember is that your identity isn't just your name. In fact, the name is just a convenient pointer others hang on the person that is you. You are the sum of what you do, how you think and who you associate with. Given that, the name/e-mail address/UID is irrelevant, at which point the hash itself becomes your identity, even more so than your name or SSN.

Comment Re:EU Privacy (Score 4, Insightful) 58

Shops giving a HASH of the email address knowing Google can match it to a hash of the list of email addresses it collected by Android, is linkage. It's no anonymized, its simply passed as a hash.

This. Anonymised would be one-way, non reversible obfuscation of the source's identity. This is just pure sophistry foisted upon us simply because the vast majority of people this affects can't tell the bloody difference.

Comment Re: illegal autonomous cars? (Score 2) 398

Flow battery - the latest one with non-toxic electrolytes and long lasting membrane. Minor detail is you'd need four tanks (one for each electrolyte charged and spent) but the recharge process would be much faster - filling station removes spent electrolyte pair and replenishes with charged, recycling the spent electrolyte with its own bulk charger - and it would remove the elephant in the room that nobody mentions when talking about electrical vehicles: The cost of replacing the hideously expensive, highly reactive and toxic LiFePO cells every 500 or so recharge cycles. It also removes the fuel cell issue of storing hydrogen. Filling stations may be able to make a profit from "fuel" instead of relying on cans of coke and sausage rolls, too.

A bigger elephant is that it just moves emissions from the exhaust to the power station but I suppose it may be easier to sequester the output if it's in one place or, at least, manage the release. Filling stations could supplement their income with microgeneration on site feeding the bulk charger, which would help bring the ecobollox down to a dull roar.

Comment Re:WSUSOffline (Score 1) 288

Yes, yes there is. September's happened just when it should have. I don't particularly care what they say about WinX, 7 still gets updates on patch Tuesday, which is what we're discussing here to stop the GetWinX crapware getting in.

WSUSoffline is *NOT* WSUS. It's a custom set of scripts that automates download and installation of critical Windows patches that are deemed to be security essential by the WSUSoffline community. It even runs the collector on Linux - I have it set up as a cron job. You can blacklist patches by kb reference number if they make a mistake.

The whole point was updating fresh installs before letting them go online. It accidentally created the ideal update method for dealing with this crap as a side-effect.

Submission + - Is open source SNORT dead? (networkworld.com)

alphadogg writes: Is Snort, the 12-year-old open-source intrusion detection and prevention system, dead?

The Open Information Security Foundation (OISF), a nonprofit group funded by the U.S. Dept. of Homeland Security (DHS) to come up with next-generation open source IDS/IPS, thinks so. But Snort's creator, Martin Roesch, begs to differ, and in fact, calls the OISF's first open source IDS/IPS code, Suricata 1.0 released this week, a cheap knock-off of Snort paid for with taxpayer dollars.

The OISF was founded about a year and a half ago with $1 million in funding from a DHS cybersecurity research program, according to Matt Jonkman, president of OISF. He says OISF was founded to form an open source alternative and replacement to Snort, which he says is now considered dead since the research on what is supposed to be the next-generation version of Snort, Snort 3.0, has stalled.

"Snort is not conducive to IPv6 nor to multi-threading," Jonkman says, adding, "And Snort 3.0 has been scrapped."

According to Jonkman, OISF's first open source release Suricata 1.0 is superior to Snort in a number of ways, including how it can inspect network packets using a multi-threading technology to inspect more than one packet at a time, which he claims improves the chances of detecting attack traffic


USPTO Lets Amazon Patent the "Social Networking System" 265

theodp writes "After shelling out a reported $90 million to buy PlanetAll in 1998, Amazon shuttered the site in 2000, explaining that 'it seemed really superfluous to have it running beside Friends and Favorites.' But years later in a 2008 patent filing, Amazon described the acquired PlanetAll technology to the USPTO in very Facebook-like terms. And on Tuesday, the USPTO issued US Patent No. 7,739,139 to Amazon for its invention, the Social Networking System, which Amazon describes thusly: 'A networked computer system provides various services for assisting users in locating, and establishing contact relationships with, other users. For example, in one embodiment, users can identify other users based on their affiliations with particular schools or other organizations. The system also provides a mechanism for a user to selectively establish contact relationships or connections with other users, and to grant permissions for such other users to view personal information of the user. The system may also include features for enabling users to identify contacts of their respective contacts. In addition, the system may automatically notify users of personal information updates made by their respective contacts.' So, should Facebook CEO Mark Zuckerberg worry about Amazon opening a can of patent whup-ass?"

Slashdot Top Deals

I have a theory that it's impossible to prove anything, but I can't prove it.