Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?
Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×

Comment Private, secure, open standards required for IoT! (Score 1) 58

This is a great example of how the "Internet of Things" can be beneficial, but I worry that in our current American (and in some cases, global) climate of hyper-capitalist "I'll get mine, get yours, and then lock up the source so nobody else can have it...that's the way to MY perpetual growth!" ideal, such benefits won't be realized.

Consider for instance electronic medical records. EMRs are in theory, a great benefit and both patients and medical professionals were promised the wonders of the age. Instant knowledge about a patient's complete history! All facets of healthcare providers will be able to easily and securely transfer health info upon request! Patient records will be more complete and legible than ever with patients themselves able to be in custody of their own charts without their doctors and hospitals losing anything; plus, physical copying with all its cost on time (and sometimes finances) would be a thing of the past! Prescriptions can be transferred instantly and securely, including special case (ie controlled substances)! Even the Affordable Care Act had a provision that would provide tax breaks and subsidy to encourage doctors and hospitals to switch to EMR so we can start realizing these great benefits. The results however fell significantly short of projection. While there were certainly some other issues (such as poor training on the new EMRs), the main culprit was a lack of mandatory standardization and openness with respects to the EMR software. Each EMR company spawned its own proprietary product (costing tens to hundreds of thousands of dollars or more!) that not only was often incompatible with other EMRs, but often had so many variants, plug-ins, and configuration options that two offices using the same EMR might not actually be compatible. For all these variations these products often were not flexible enough when it counted, so if a practice or hospital wanted to modify something it would range from cumbersome to impossible. Updates also proved a problem despite the fact these companies should have known that frequent updates would be required due to changes in everything from billing parameters and CPT codes to diagnosis ICD-9 (ICD-10, and soon ICD-11 ) codes and prescription databases. The only constant was cost - every little thing was a chance to gouge a little deeper! Today, my nearby hospital has a patchwork setup of EMR modules from 3 vendors, partly or completely incompatible with each other and most of the office practices have similarly incompatible EMRs. Few if any of the benefits of transition arrived as described and many doctors and patients alike had to go through considerable amounts of frustration. Only the EMR software companies and the cottage industry that sprung up around them benefited from this quagmire and they did so heavily, thanks to this problematic implementation of what should have been a good idea.

We already know that the Internet of Things provides a similar divergent path - at its best, it will make for a more informative, convenient and usefully interconnected world, but at its worst it will be a patchwork network of privacy and security vulnerabilities on an as of yet unheard-of scale. Its all well and good to talk about the potential benefits but especially with something like elder care or any other use where peoples' lives and well being may be on the line, it is even more important that the Internet of Things be developer and implemented in the right way - which in some cases means "not at all". Proper implementation hinges upon enforcing strict guidelines of openness and compatibility.

For instance, all IoT must communicate via open standards, ideally using existing open source/spec tools when possible. When not, new standards and protocols will be created that adhere to the underlying ideals of the project (openness, security, power etc..) through a partnership between industry groups, NGOs (IEEE and such), and perhaps certain gov't agencies (like how NIST was involved in ratifying AES as a standard, picking the algorithm etc) No more of this "Your video doorbell IP cam can only be accessed with our proprietary, cloud powered app!" nonsense - make it accessible via browser through a web control panel, SSH in etc. Harden what you can for security, which should be easier with the open source nature of development. Now, its likely that some industry groups will lash out and cry because they won't get their lock in, and/or those with deeper pockets may try to offer to throw a competing standard or other sort of proprietary whatzit into the mix to regain control. One way to get around this is to ensure that any IoT connected devices that are being used for any sort of government, public, or subsidized use must use the open standards and anything they develop/extend/upgrade in the process, must contribute back. This is an overall good policy for any sort of tech involved in public funded use, but will certainly be especially useful here to ensure that few could claim the standard (even though it was designed to be extensible and to grow as necessary) is behind some proprietary alternative, as well as putting an end to those who try to push said alternative en masse. If the IoT is fully inter-operable, it will also control costs and ensure that the most beneficial use cases (such as care for those who can't care for themselves) are financially accessible to the public by removing many types of platform lock-in, forcing device manufacturers to never grow complacent and just assume they have a captive audience who will never leave because "It would cost a fortune to switch to X, as none of my stuff will work with it and I'll have to get all new X-compatible items".

The Internet of Things can bring great benefits, but without a strong counter to those who profit at the cost of user experience, security, and privacy I worry those benefits will never come to fruition.

Comment Enough with "sharing" economy dodging regulations (Score 1) 242

I know this will be an unpopular comment, especially with the group of people who use "statist" as a slur of choice, but lets be honest - Airbnb, Uber, and the whole so-called "sharing" economy needs to stop mincing words to get out of paying and adhering to regulations that everyone else has to do so. They choose to use the word "disruptive", but what it really comes down to is running an unlicensed hotel or so-called "gypsy cab" service.

      Uber (and most other competitors) isn't a "ride share" service (ie I'm going where you are, let me pick you up), but a full fledged taxi/sedan service that you just happen to call or hail via an app. How they manage their entire business is evidence of this. However, they claim they're "ride sharing" and thus get around all of the regulations on what it means to be a ride-for-hire business in areas where they operate. AirBNB is no better, with legitimate "couchsurfing" being replaced with running unlicensed hotels/BNBs. Hell, there are many areas where it has impacted the real-estate market because now businesses and individuals alike are beginning to buy out residential property and then post it on AirBNB which means legitimate tenants are going to find housing even less affordable. Prior to the loophole being exploited, it would have not been possible to run short term rentals/hotels in these areas, without having to have the insurance and inspections required, collect taxes if necessary in said jurisdiction etc... but hey, they're "just a disruptive app for the sharing economy".

On Slashdot and elsewhere we rightly become irate when we hear that governments use "Because its happening on a computer, its somehow worse/different/not bound by the same rights and protections", don't we? When someone gets a decades long prison sentence for some sort of hacking issue tried under RICO? When your digital correspondence can be grabbed without a warrant in a way postal mail could never be? So why are we okay when some corporate entity uses that same excuse to justify this scam? If you want to run a hotel or limo/car service, that's great. However, you have to follow the same standards as everyone else. This doesn't mean we shouldn't change and modernize those rules, but if you suggest that regulation itself is somehow the enemy or that we should just give these businesses a pass, then you're complicit in pushing this nation even further over the ledge for the goods of corporate profit, damn the consequences.

The suit against AirBNB is valid and they exist and in fact, profit, exclusively through being a "wink wink nudge nudge couchsurfing site". Now they're whining because the "compromise" they asked for, which would still allow them to basically exploit short term rentals in a way you couldn't and frankly shouldn't in most residential zones, could actually require them to do some due diligence on their part? They should be thankful it isn't more dramatic legislation. I'd favor putting an end to these loopholes all together, forcing AirBNB (and those that list their properties within) to comply with bed-and-breakfast/hotel ownership regulations. This, in hand with modernizing those regulations and making them both more sensible and easier to understand and comply should make a better experience for everyone.

Tech companies and those behind them seem to comport themselves as being "better, more socially conscious" than the "bad, old money professions" such as finance and the like, but they share the same "fuck everyone else, I should be able to 'disrupt' the industry, externalize my risk/costs onto the public to reap in even larger private profits" attitude. Driving a Tesla while you foist another weight on an already overburdened, affordable housing market is no better than going to four and five figure a plate galas for poverty, while your business practices put millions into said poverty in the first place. Corporate and financial interests must be monitored and if necessary, cowed, for the good of society lest whatever their excuse of choice - "disruption" or "fiduciary responsibility to our shareholders" - justifies profit at the expense of the rules and regulations we must have for a more equitable, healthful, and prosperous nation as a whole.

Comment Thunderbird deserves support, modernized features (Score 1) 294

The lapse in Mozilla support for Thunderbird since 2012 has been frustrating and saddening to me. I've used Thunderbird (with its Lightning calendaring and Enigmail for OpenPGP/GnuPG, among other extensions) since just about its inception and I still do today. It has always been the only cross platform and open source, user focused/privacy respecting, newbie-to-guru accessible, full featured and extensible email/PIM client I've found.

Unfortunately , I admit that its age has begun to show since Mozilla stopped funding and focusing upon it. For instance, the lack of support for two-factor authentication for many services (which I believe has been sorted recently, perhaps?), as well as being unable to keep up with some of the newer features in popular webmail clients. One use case I hear frequently is regarding Gmail. Awhile ago, Gmail implemented the options for pre-filtered category-based inboxes, separate from Labels (ie Priority, Updates, Promotions and Sales, etc..) but Thunderbird even when connecting via IMAP can't easily support this feature. This seems like something for which a solution could be created, either as an extension or (preferably) a native Gmail support feature (much like how Thunderbird automatically knows the Gmail account servers for SMTP/IMAP and the like) ,if there was only some funding/drive to do so. Likewise, supporting new generations of encrypted mail services, such as Tutanota and (especially) ProtonMail, are currently missing. These services claim to be built in such a way that you have to either connect via their special app or webmail because of how they handle encryption. I don't want to be forced into using webmail or some sort of app for each provider, but those behind these services hypothesize that at very least there could be an addon/plugin of some sort that would allow for more comprehensive encryption. These are just a few of the places that Thunderbird should shine, but instead is being left behind.

It seems that Mozilla has made a handful of positive steps recently (ie - embedding a cut-down version of the open source Disconnect addon into Firefox's private browsing, Firefox Hello etc..) but they've been stumbling back through a larger share of negative ones, including leaving Thunderbird to rot. Mozilla became a pinnacle of geek friendly yet accessible FLOSS because it offered some great, user focused software with better features as well as privacy/security compared to other offerings - they have to do more than allow Google to lead the way, providing halfassed "also-rans" .

I will support Mozilla as we need their voice when it comes to an open Internet. We must urge them to keep pushing forward, remember what made their software great, including modernizing and bringing Thunderbird to the forefront again.

Comment Not without privacy laws, open standards... (Score 3, Interesting) 98

I'll open with a (perhaps the only) positive - Good on Apple for releasing the ResearchKit as open source. That said, there are still a LOT of barriers here.

First of all, while ResearchKit is open source, it is still predicated on iPhone sensors and the like, so in this way it is proprietary. Now, perhaps with time and effort it can be expanded to allow the same sort of thing to be done on Android devices, but as of right now it is effectively proprietary. However, this leads into a bigger issue: Standardization AND privacy for health data and metrics.

Right now we have a horrible platform when it comes to medical data and privacy. Despite HIPAA and the mandate to move to electronic medical records, these were horrible half measures that in many ways did more harm than good by not being specific enough. For instance, the idea between EMRs was that any doctor, hospital, pharmacy etc.. should be able to transfer and use data from any other. HA! Fat chance. Why? Because of our old friend that has fouled up accessible quality medical care for years - the unregulated profit motive, and its friend: proprietary lockdown!

EMR systems, even for a small office based practice, cost hundreds of thousands of dollars. We're talking millions for hospitals or other larger centers or networks. And yet, they're all horribly modular and insular. Each EMR has their own proprietary data formats which are incompatible with modules from most other EMRs...or at best, require an expensive format-shifting module. For many physicians, EMRs are more trouble, not less - as they have to deal with tons of incompatible formats and halfassed implementations. I don't even want to get into the ICD-9 > ICD-10 > ICD-11 shift... All these systems do for now is leech money from providers and create a cottage industry of training, upgrades, and modules to sell. It does not improve patient care; at times it can be a threat to it.

The only proper solution will take an act of Congress, sadly. To require a single, completely open, unencumbered, universal, extensible, privacy respecting/encrypted, format for electronic medical records (and all facets thereof, from scheduling, to patient information, notes, etc..) - and then stipulate that all public insurance programs (ie Medicare etc..) will ONLY accept said format. Thus, you can use any EMR provider that you want, but they will all support the universal OpenEMR format. This is the only way to bring the original impetus behind switching to EMRs to fruition. I'd love to see the government mandate that the formats of GNU Health ( https://health.gnu.org/ ), the Free Software EMR would be used as a baseline for required standardization, as well as using a solution used GnuPG to help encrypt said records (patients have public and private keys as do physicians/practitioners, allowing complete control and traceability who has access to protected health info, who's making changes, and when). Until then, we shouldn't expect Apple or anyone else to have a myriad of applications that monitor and ostensibly involve themselves in the patient's health, yet report unknown and unknowable amounts of data in random forms to all sorts of individuals and somehow consider them to be in the best interest of the patient.

The other half of this equation is privacy; sadly something it seems we're losing more and more each day. Patient health data is already hugely mined and monetized; your pharmacy is selling your data to insurance companies and pharmaceutical companies. These same industries are buying your browsing habits and what you search, to try to figure who has X condition that will cost them money. The amount of privacy that a user can give up more or less unknowingly (or cryptically hidden behind innocuous seeming requests and permissions) simply by installing an application for iOS/Android is enormous - expanding this to health any further is a nauseating prospect in my mind. Lets not forget that even when some big name medical center puts their name on an app, they're using all sorts of middleware and third parties (including Apple themselves) to pass that data along, or even to write and manage the updating of the app for them, all of which must be "trusted" not do to the more profitable thing. Some will say "but HIPAA protections...!" Well, consider how many health-monitoring apps today get around those - they are not considered to generate "protected health information".

Simply put, we have bigger problems to deal with first, when it comes to technological healthcare intervention and failure to do so is at the peril of one's privacy and healthcare efficiency and effectiveness. The idea behind ResearchKit, if it wasn't so Apple focused, is good - but the current climate in which it operates is a dangerous swamp. We need a properly reformed healthful environment, conducive to best practices for patient care and privacy. Convenience is important, but it cannot take precedent over the aforementioned.

Comment AMD more FLOSS friendly than most (Score 5, Interesting) 88

Perhaps you're an AC trolling, but in case someone is actually interested in a reply, it doesn't seem that you're giving AMD nearly enough credit.

Now, I grant that Intel has a great policy when it comes to providing driver components, being open sourced For those who aren't going to use their GPU for anything more intensive than watching media, an Intel integrated GPU is probably sufficient. However, given that Intel's GPUs are orders of magnitude weaker than discrete modern GPUs, those who wish to use graphically intensive creative software, use GPU-preferred workflows for certain tasks (ie crypto-currency mining, video encoding, anything with OpenCL etc..), or just plain wish to play modern 3D games, Intel's hardware is likely insufficient.

Thus, users have the choice between AMD and Nvidia, and of the two AMD is MUCH more free software / open source friendly, as well as overall more ethically aligned than its competitor. To answer your question, especially if you're not gaming, you do not need a binary blob to have a working AMD GPU on Linux. The open source "ati" driver has been honed over the last few years to the point that for many it provides not only great 2D performance and support for video acceleration, but a bit of 3D as well. Yes, they offer the binary "Catalyst" driver as an option (which supports pretty much all the high end 3D acceleration that someone purchases a discrete GPU to use) so if you're going to be gaming and doing intense 3D work it is a better choice, but - aforementioned open source driver is always available.

AMD has actually gone out of their way to embrace open source and the Linux community. . Much of the bias against AMD is left over from ATI's disastrous drivers (even proprietary) back in the day. They knew they had a lot of ground to make up in Linux performance (not necessarily openess...) when they acquired ATI, and its pretty impressive how they've managed to catch up to Nvidia. Subsequently, they put lots of emphasis on contributing to the FOSS driver projects. They aren't keeping Catalyst proprietary so far simply because they're evil, but because of patents and other tech licensed to third parties that go back years. In their overall business plan, they clearly favor openness compared to Nvidia. Where NV creates proprietary implementations and engines like their G-Sync monitors and the frustrating presence of PhysX in gaming, AMD champions open standards and projects such as FreeSync, OpenCL, and Vulkan.

In fact, the release of AMDGPU and in fact their entire unified driver plan leads to more openness. As the article notes, this will mean that the vast majority of AMD's GPU driver components will be completely free software.! Where Catalyst used to be a completely different animal in every way, now it will only be just an additional binary component that can be added. This is one reason why it is being written with the next generation of hardware in mind (though it may be partially compatible with some current cards); they need to have some entirely new hardware etc....that doesn't require certain patented/licensed tech. This is a great advance for openness as well as driver quality. While it would be great if they were able to instantly fully open the entire Catalyst driver stack, one would be remiss to not see the current path as progress.

  While I can only speak from personal experience (and I've owned both Nvidia and AMD GPUs. At current, I'm using an AMD 290x), running an AMD GPU under Linux is viable. Sure, there are issues that can arise same as dealing with any other non-kernel-included Linux driver. If you want to stay entirely Free Software, there is a FLOSS driver that will likely work well unless you plan to use a lot of 3D or OpenCL etc. If you want 3D acceleration and you're willing to go binary, Catalyst is an option. In the future, the openness, compatibility, performance, and ease of use will likely increase with AMD's unified driver plan we're reading about here. AMD is far from perfect, but they do seem to be interested in making FLOSS a part of their future, along with a whole slew of open technologies.

Comment Re:Groupware? (Score 3, Interesting) 15

Though some consider it an antiquated term in the days of social media, "groupware" typically refers to integrative software for enabling / scheduling communication and collaboration, typically client/server based and often in business settings. Email and instant messaging, calendar and task assignment/scheduling/reminders, PIM / address book, file sharing, sync etc... that all work together are typically involved in groupware solutions. Novell GroupWise, Outlook / Exchange, Zimbra, Google Mail / Apps for business etc... are some of the big names people recognize and offer different levels of support and solutions.

There are also several FLOSS a projects that fall into this category, with Kolab being one that is well integrated and supported.

Comment MEGA vs SpiderOak? MEGA targeted b/c of history! (Score 1) 136

Everyone wanting to comment on this decision should read the TorrentFreak article - https://torrentfreak.com/under... - as it seems to have the most information. Many typical sites and blogspam make it act as though PayPal did this through its own volition, when it is really the case of the US Gov't and financial services (banks, payment processors) who put pressure on PayPal - in this case, the US Gov't is acting as the enforcer for the Entertainment industry (MPAA/RIAA etc.) , further evidence of governments being little more than tools for wealthy private interests. . This is much the same thing that happened to donations to WikiLeaks and a large amount of other advocacy and privacy related groups; despicable though it is. Its a horrid, unjust practice that shows yet that many governments, and the corporate and financial cartels that pull their puppet strings, are completely in opposition to the public good.

That said, I think it is an interesting quandary that MEGA's encryption seems to be the focal point here; I'm not sure this is the issue. After all, there are other services that are not on the end of this rebuke that offer "zero knowledge" encryption, where the user's keys are not held by the "cloud" business. For instance, SpiderOak - isn't its encryption protocol very similar to MEGAs? Both services are cloud storage providers that are homed in US and/or Five Eyes nations (so it isn't like they're being targeted for being in a non-compliant jurisdiction like Switzerland, the Seychelles, Hong Kong etc.), have client-side exclusive encryption/decryption purportedly, so any encrypted files server side should in theory not be accessible, while neither of them are completely Free Software, both offer some open source (it seems that SpiderOak has been more transparent than MEGA from my inspection). ? If anyone knows of detailed technical reasons why one would be more secure/private than the other, I'd be interested to know, but they both seem to have similar status.

So why go after MEGA and leave SpiderOak alone? I think the reason here is purely political, not encryption related. For instance, if you look at the document that prompted this, it is regarding "evil, evil piracy cyber-locker" services. You won't see Dropbox, Google Drive, Microsoft, Box, or SpiderOak listed. Why? because these are the "good guys", made for individual back up and syncing. Sure, they may have some sharing features, affiliates, and may or may not offer anonymity/guest services but this isn't their focus. On the other hand there are the "sleasy file locker types", RapidShare, FileGator, Netload, and hundreds of others...including Kim Dotcom's now defunct MegaUpload - one of the largest of its type during its reign. These services are, rightly and wrongly depending on particular services, characterized as for facilitating piracy and having monetization strategies that are often sleazy, such as pay-per-download/upload, reselling of premium accounts, click through, spam, and even porn and malware ad networks set up as gateways. This is probably the crux of the issue.

  As the Torrent Freak article notes, MEGA is listed next to a bunch of these file-locker services. This is likely not because of its encryption or other technical features, but because of its name/marketing/history of" Mega Upload" that came before, regardless of how different the current MEGA site may be. This is even more likely because the one who comprised the report that caused the gov't to act - "Digital Citizens Alliance and Netnames" - are already heavily biased towards anything that in their eyes, enables piracy and/or any of the other behaviors online that threaten the hegemony of their masters. Thus, those "legit" appearing "cloud sites" are the good guys, where the "evil piracy producing file lockers" are the bad guys, and because of MEGA's links, no matter how tenuous, they've been improperly dropped into the second category.

Comment Hopefully will be FLOSS, Oculus compatible (Score 3, Insightful) 48

It is exciting to see Valve putting effort into VR, but I hope that their implementation does not contribute to fragmentation of this nascent technology.

Ever since the early stages of Oculus awakened the tech community's interest in VR again, suggesting that the economic and technological necessities have converged to provide "good enough, cheap enough" consumer VR, there have been many "also-rans" putting forth their own, similar plans. From Sony's Playstation visor project to tons of indie developers, there are tons of interested parties trying to make their VR product into a market leader. Considering that overall many of these projects are proprietary in nature, it could ultimately lead to fragmentation - a major threat as the consumer VR landscape unfolds. Tons of different, often incompatible hardware and software offerings each trying to lock down their little niche could ultimately threaten the widespread adoption of the technology.

With this in mind, I hope Valve is going forward as not just another (admittedly, well heeled) company making their own paradigm, but are planning an open, compatible implementation. I'll certainly give them the chance to prove it, as I think many others will - Valve has been willing to strike a blow for openness and long term growth in ways that others in the industry wouldn't dream of (ie SteamOS, Steam for Linux etc...), so it certainly seems to be a step in the right direction for Valve to a SteamVR platform in an open manner. Allowing developers who want to integrate with or launch products on Steam to be able to freely implement seamless VR support sounds like a great benefit.

  However, there are still questions of licensing and how SteamVR hardware and software will fit in the larger picture. For instance, Valve is launching a SteamVR dev kit that includes hardware. That's great. However, we don't yet know if the SDK will play nice with third party hardware, such as the Oculus Rift itself. Likewise, on the software side, will the majority of it be FLOSS licensed and platform independent? The best case scenario comes to Valve joining with those like OSVR (www.osvr.com), for instance, who have already seen the threat of fragmentation and are acting against it.. Logically, joining with this sort of industry group would seem to be a win for Valve, as it would mean SteamVR being poised for adoption well beyond its own sphere. However, Valve could certainly have reasons for wanting to go it alone, worrisome as they may be from an outside perspective.

We're on the cusp of bringing affordable, enjoyable VR tech to developers and consumers alike, but this adoption could be threatened without enough openness. This is not a development that is going to give way into a clear market leader who then gets the entire ecosystem to themselves and we should not put up with those who try to make it so. Users and developers should ideally be able to use any hardware of sufficient specs with compatible, FLOSS drivers and software. Hopefully Valve is aware of this and will make SteamVR as open as possible.

Comment Better ideas - RISUG aka "VasalGel" (Score 1) 369

While it is nice to see continued research along these avenues, I feel that methodology that require us to alter internal, chemical bodily functions via some sort are going to have pretty considerable side effects. Even after more than a half-century of research, we've still not been able to create female chemical/hormonal birth control that doesn't have significant side effects and trade offs. While many women put up with the side effects, which can range from lack of libido, depression, weight gain, acne, mood swings, to rarely more serious cardiovascular issues and other dangers, it is far from a simple choice. Best outcomes often require a knowledgeable and caring physician to tweak and find out what particular product works best for a given woman's individual chemistry.

  Keep in mind that all of these issues come from more or less, attempting to safely replicate a very natural part of a woman's reproductive cycle: pregnancy. Men have no such natural state of post-pubescent infertility, which makes it even more difficult to find a solution for for male birth control that comes in a pill. Thus, lot of attempts that seem promising end up failing thanks to the domino effect of messing with hormones that do more than one thing. As we become more technologically advanced the possibility of compiling a "custom" compound with less interaction outside the desired sphere is more likely, but as the article mentions this is still a long, long way from being deemed safe and effective in humans, especially over the long term. However, there is a much better male birth control solution that is going through trials in the US and Europe: VasalGel

VasalGel is a trade name for a well known process that has gone through more than 20 years of human trials in India: RISUG. RISUG is basically a significantly upgraded, reversible vasectomy. The process begins by injecting an inexpensive, safe polymer into the vas deferens (the same tubes cut/blocked in the case of male sterilization) . This polymer occludes, but does not totally block the flow of sperm, which is a major improvement as it avoids the side effects found in both "open" (ie sperm dripping into surrounding tissues, causing sperm granulomas and training the immune system to attack said sperm, a possible cause of failed vasectomy reversal) and "closed" (ie epididimitis, "blowout", reduced overall production and more) vasectomies. As the sperm pass through they touch the polymer which in essence denatures them, robbing them of the chemical charge they need for viability. Those that aren't immediately destroyed still lose their viability to penetrate the ovum and fertilize, breaking down long before All sperm fragments are reabsorbed by the body and it doesn't seem to limit quality or quantity of future sperm production. There are long human trials in India, where men had the same RISUG polymer placed for in excess of a decade without any issues and with continued effectiveness! Furthermore, the process is safely reversible over 98% of the time. Another injection, this time of a a complimentary safe agent, dissolves the polymer and returns the vas deferns to pristine condition, allowing reproduction.

This method allows men to take control of their reproduction in a safe, long term, convenient way that I think will be very alluring to many. By putting effort into such a localized effect, it means there is unlikely to be the sort of side effects that can happen when you're trying to mess with hormones, attach things to certain receptors and more. The Indian trials have been successful indeed and similar methods have been investigated in other nations. So why don't we have this procedure available to us now? Well, the answer as you might expect: Money. It isn't exactly profitable to provide a man one injection that will prevent pregnancy every 10 years. Consider that in the US, female IUDs that are much more comfortable, newer, and have lesser side effects aren't available for a similar reason: despite their existence in Europe, they don't wish to spend the funds for FDA approval for something likely non-patented. Drug companies haven't been enthralled to bring a competitor to market for all their hormonal daily/weekly/monthly devices, and a product like I describe here if proves viable, could mean the ability for many women to give up their current means of birth control. Even more so, in that there is investigation into a female formulation that does the same thing to the ovum in the fallopian tubes as RISUG does for men.

However, there is hope! A non profit called the Parsemus Foundation intends to bring the RISUG process to the US and get it FDA approved! They will be reformulating the polymer itself when possible, for maximum safety and easy of progressing through the varying trial stages, and giving it the trade name VasalGel They've already had several major animal studies (rabbit, baboon) and are making considerable progress for their shoestring budget. If you're like to learn more about VasalGel, feel free to check out their website; they're also working on a handful of other novel reproductive projects. Oh, and it is important to note that some of their developments haven't been updated on the website proper, but were conveyed via social media (ie links to the rabbit/baboon studies to be journal published) and email lists; this reminds me to write them again to ask about updating the site with some newer developments.


Signing up for their mailing list gets you an occasional email discussing their progress and more. While they do ask for donations (I personally have donated as I find it a worthy cause) they certainly don't spam you. Small scale human trials are scheduled for this very year and many have already expressed interest, but you can do so as well if you are so inclined. VasalGel is a potentially groundbreaking addition to contraception and I hope to see human trials begin here in the US soon.

Comment Bad idea - All negatives for Valve, for users. (Score 1) 216

I think this is a significant misstep for Valve. There is zero realistic expectation it will provide any benefit and it has a huge potential for negative effects. Valve has built Steam into the 800lb gorilla of the digital distribution of games (and now, some software as well), making generally good decisions. However, this is one of their rare blunders that cannot help anyone involved.

Steam thrives due to a multifaceted system of technical and logistical policies that one could consider "open handed" in terms of accessibility. For instance, on the pricing side, Steam's legendary sales were a great component of its success. When developers and publishers alike generally were restrictive with pricing, Steam demonstrated the success when you allow your product to go for a lower price and more than make it up in the volume of sales. Steam also doesn't force any DRM (though they will not oppose if someone else wants to make that bad decision, but at least list it on the game's page), and when they created Steamworks, those who opt to use it for all the multitude of benefits (such as basically not having to code in a separate multiplayer server, account, comm system) find themselves without many restrictions. These kinds of successes have allowed Valve (along with admittedly, a very important third factor: the fact the company is privately owned, so no stockholders and venture capitalists demanding quarterly ROI damn the consequences) to branch out even further technically, such as all their investment in Linux gaming: the Steam for Linux client, SteamOS etc... as well as items like Big Picture Mode. Valve also built the community aspect of Steam in thoughtful ways - a unified account system with sane defaults, loads of community features, and features like achievements,trading cards, unlockable account items (emotes etc.), and the Player Marketplaces. The vast majority of what Steam has become is predicated on open-handed accessibility for all involved.

The decision to censor chat, especially without even noting that anything has been removed, is a significant step backwards and out of character for Valve and Steam. They had to know that when discovered, users would take umbridge at this behavior and much like this very post- becomes negative PR. Valve spent time creating Steam's community system and encouraging people to use it - for chat, video etc... censoring their conversations is antithetical to this end. While there are the usual prohibitions one expects on the public-facing community elements like forums (including warez, porn etc..), when it came to private user-to-user messages or chat rooms, Valve didn't interfere. While some behavior was able to be flagged for report (ie phishing attempts etc) it required action on the part of of those involved in the private message/chat and certainly was not automated. This new development however, is troublesome for doing just that - private user conversations being edited by an algorithm and to the recipient there is no trace the message even existed. Of course, the senders must be instantly aware that a certain block of text did not send as it should.. unless it is even more egregious and similar to "shadowbanning" where the sender sees everything normal, but the recipient doesn't see anything sent at all!

Regardless of personal experience with the policy, many of Steam's users are going to object on philosophical grounds; as well they should! There is no good that comes from this change. We now have a system in place that through automatic filtering eliminates one piece of "problem speech" so there is every indication that others will follow if this is somehow deemed as "success". It seems strange to me to choose to censor mentions of a torrent website, considering that Steam has basically been a major success story in the face of piracy. Steam, HumbleBundle etc... and others who choose a more even, open handed respect for the player and their finances, have been rewarded compared to the other parts of the industry that demand maximum charges and lockdown. Sure, there will always be some piracy, but there are plenty of people who a given title on Steam (especially on sale, or if it is an inexpensive title overall) even when they could pirate it. I personally go out of my way to purchase games that support Linux, which have grown exponentially in recent years thanks in part to Steam having a Linux client/support. Furthermore, not to rehash the entire discussion on piracy, but the vast majority of the time cracked titles don't make use of Steam's servers/assets; even if the game had Steamworks or whatnot, the crackers would replace the Steam calls to a dummy library, so it isn't like cracked players are playing next to purchased ones online.

This is a reason such a change in policy is so puzzling - why summon all sorts of negative PR by intruding into private chats and censoring, when it will have zero positive and likely non-zero negative returns for Valve in terms of piracy. ? I can't expect them to be naive enough to think "Well gee, if kids can't type The Pirate Bay, then they won't know where to pirate and will just turn around and buy whatever they were discussing!" That's asinine. If anything, those users capable/interested in piracy (who, statistics have shown are also the greatest legal consumers of media) may choose to purchase less from Steam as a form of editorial comment on this policy. I hope Steam retracts these changes. While it is understandable to have some community standards for public posting, encouraging people to use your messenger service for private exchanges and moderating/filtering the content thereof , especially in this manner, is not constructive.

Comment Great idea, but some concerns... (Score 1) 108

It seems like OpenBazaar is off to a good start, but there is still a long way to go before users can use it with confidence. Some issues I can think of that the current implementation doesn't yet solve

Privacy/viewability of content between "open" nodes and "darknet" nodes. If OpenBazaar is to be equally for people selling homemade handicrafts and those who want to sell or trade in substances their governments find illicit, its going to be a big issue to have both of them displayed side by side. How do you browse for sellers of what you want and what sort of search algorithm do they have? After all, if "Etsy Jane" goes online and says "Show me all current sellers", and a percentage of what comes up includes the illicit, she's not going to be likely to want to transact on the same site. Likewise, "Silk Road Sam" opens up the marketplace and sees a whole bunch of people who are not there looking for his illicit wares, he's not going to be comfortable selling knowing that any busybody or "do-gooder" could see, call attention to, and otherwise make trouble for him. Unless they go with the very restrictive "You have to know the specific identity of the user or group of users in order to see their sales/buy from them etc.", a la say..RetroShare etc.. this will be a problem. The other option for them to have specific "groups" so to speak - connect to Node X for Y Goods etc.. but this could be a point of failure as well, as whomever manages/monitors "Node X", could be in control and thus vulnerable. Maybe there's something I've not seen yet that deals with these issues, but it is important to facilitate good usage. In a related discussion, there's a big difference between "Accessible optionally to those using TOR" and "Only accessible to TOR or other darknet users". If connecting is only optional, then its possible that clearnet connections could be leveraged to gain more information about obfuscated traders and the like. Ultimately, figuring out who sees WHAT buyers and sellers will be important and what qualifications are deemed necessary, who deems them so, and who manages them. This goes double for the transactions of funds via Bitcoin. If there is not an in-built coin-scrambler, that means its going to be a lot easier to track some transactions than others. I''m not sure that it is good enough to give the people the "option" of better security and privacy - it needs to be mandatory. If this means you HAVE to log in via i2p and/or TOR. So be it. ALL transactions all over the network have to go into a coin-scrambler of some sort etc.. yet it has to be built into real-time transactions, so that it isn't as though there's a big Bitcoin account owned by "the network" where the jumbling takes place, thereby creating a point of failure (who manages this bitcoin account? If it is compromised, everyone loses their coins etc... the same issues with many current darknets etc)

Lets not forget that this platform is going to be targeted - by scammers, by governments and corporate stooges etc. How are you going to deal with bad actors, if this becomes an "ebay" level scale for "normal" users. Darknet users dealing exclusively in illicit goods or those that are unlikely to be sold elsewhere for whatever reason may put up with the chance of scams because its much better than the alternative, but standard users will say "Why should I use this when I can get Buyer Protection from Ebay, Amazon etc.." Yes, "reputation" systems can be built up over time, but Bitcoin doesn't have any sort of "chargeback" system. Imagine the amount of people who could scam, create a new node/identity, scam etc... all without much repercussion if there isn't any authority to provide chargebacks, bannings and the like. Some may say "then only buy from high reputation sellers and vice versa", but that limits the growth of the marketplace because nobody is going to want to transact with newcomers. Either that or scammers will work with their friends/networks and build up "just enough" rep to look legit, before scamming. The other option is to restrict accounts/nodes somehow, and that is incompatible with the privacy issue. The system has to have enough built in security and privacy to withstand the assault of government and corporate stooges as well. There will be undercover operatives, honeypots, and many others out there trying to rend its secrets open.

I'm just not sure how they plan to make something accessible enough for "normal commerce" while also having darknet-level protections for transactions deemed illicit. They absolutely need to have very best security practices in order go up against the threats of scammers, governments and corporate weasels, but I really don't see a way to balance this with ease of use so that anyone can safely go onto OpenBazaar , regardless if they want to buy and sell yarn, videogames, or drugs etc.. and be able to find transactions of interest to them and undertake them with confidence .

Comment A few FOSS, security, usability apps for Android (Score 5, Informative) 167

I tend to gravitate towards FOSS when possible to be used on a rooted, custom Android ROM. Here are a few useful ones I've found...

Note: Most of the following can be found on GooglePlay, in addition to other locations. They may also be on other app marketplaces, but these are those I've confirmed. Sometimes, there is a difference in version number or whatnot between F-Droid, GooglePlay, and an .apk downloaded from a homepage, so be aware.

F-Droid (www.f-droid.org) - a FOSS app marketplace. Not the only place to find FOSS apps, but a great option for any interested uses.

RomToolbox Pro (Google Play) - If you like to tweak, mess around with rooting and custom ROMs, RomToolbox has a great selection of utilities. Not entirely
FOSS, but it is basically a wrapper for a ton of utilities, some of which have source available. The Pro version opens a few new features and supports the platform; generally worthwhile!

Firefox for Android (Google Play) - Mozilla's privacy focused, FOSS browser. Has many of the same great features (add-ons etc..) as on desktop.

GuardianProject apps (www.guardianproject.info) - Lots of great utilities here, including Orbot (TOR for Android) and Orweb (TOR browser bundle for Android so to speak, based on Orbot and Firefox Mobile), ChatSecure (OTR-enabled XMPP client), and more. They also support Ostel.co, a SIP provider with privacy in mind.

Antox (www.tox.im) - Android version of the FOSS "Skype alternative, but secure" TOX project

OpenWhisperSystems apps (www.whispersystems.org) - TextSecure and RedPhone are FOSS, encrypted SMS (and other text messaging) and mobile dialing apps respectively. If talking to a fellow user of the program, it automatically negotiates a secure connection, yet they still both work to send common texts and calls. Using them as your main apps still have some benefits (ie such as TextSecure taking both text and pictures you receive and storing them in an encrypted form on arrival). Note - TextSecure is new and up to par, RedPhone is a bit sparse and is being completely redone. They also offer Flock (very newly developed), a CardDAV/CalDAV FOSS app that allows you to sync contacts, calendars and more. Pay a couple a bucks and user their servers, or host your own.

FreeOTP (Google Play) - With Google Authenticator no longer FOSS, this is your new best friend in Android 2-factor Authentication. You can generate and pair lots of different codes; if I remember correctly a RedHat dev wrote/maintains it. Works with all major 2FA standards and has lots of options!

CSipSimple (https://code.google.com/p/csipsimple/) - A ZRTP/OTR supporting SIP client for Android. LinPhone (found on F-Droid) is a good alternative as well.

K9 Mail (F-Droid) - This is a great, full featured Android mail client, that just happens to be FOSS. Plugin system too.

MediaCrush (https://mediacru.sh) - Not really an app per se, but one of my favorite image/media hosting sites around. Works with just about every media format, has an API, clients, and plug-ins for various browsers and platforms. FOSS, if you want to host your own MediaCrush site. Privacy focused too.

KeePass2Android (https://keepass2android.codeplex.com/ and GooglePlay) - A FOSS, full-featured, modern form of the KeePass database software for Android. Works with the newest KeePass 2.x database (.kdbx) styles. There's even an offline-only version if you prefer! Note, this is different from "KeePassDroid", which has less features and limited compatibility with the 2.x database format.

Plumble (F-Droid) - A quality Android client for connecting to Mumble servers (Mumble being the gaming-focused, FOSS VOIP system)

OwnCloud (www.owncloud.org, GooglePlay ) - One of the best FOSS cloud storage options, OwnCloud has an official client for Android. You can compile it yourself, but the pre-compiled version on GooglePlay is $0.99. You will need an OwnCloud server to connect to somewhere, of course. Consider this an alternative to something like Dropbox, Box.net and the like.

OsmAnd (F-Droid) - Maps and navigation using the OpenStreetMap data, for times when you don't want to use Google Maps!

Clover, RedReader (F-Droid) - Ever browse 4chan or other image boards, or read Reddit? Clover (4chan style imageboards) and RedReader (Reddit) are comprehensive FOSS clients for these sites that have extensive features and mobile formatting.

These are just a few general-use, FOSS/privacy focused alternative applications that some may find interesting. Don't be afraid to browse around F-Droid's repository, go to www.prism-break.org, or check around for other applications that could serve you well. If you have a specific interest, you'll likely find an app that relates to it, but especially in these days its important to ensure that the latest shiny doesn't require giving up one's personal information or privacy. At least, it is an important consideration in my eyes.

Comment Major improvements w/ newer OwnCloud versions (Score 2) 275

I don't know how long ago you used OwnCloud, but it may be worth another look. OwnCloud has come onto the scene relatively recently and there have been major quality improvements as the version number increased. What may have been lacking a given feature or feeling kludgy in 4.x, could be replaced by a smooth implementation when 5.x rolls around. The latest OwnCloud 7.x highlights many of its most recent improvements here, for instance - https://owncloud.org/seven/ , some of which seem like they may be beneficial to you use cases. Likewise, improvements to the client apps seem to come almost as swiftly.

It may also be worthwhile to consider using other means to connect aside from the official clients - there are many applications that have integrated support for OwnCloud, and if the clients aren't working out to your liking, enabling say.. WebDAV/CardDAV/CalDAV etc.. and then connecting to these services with whatever best suits your users, can also be a worthwhile endeavor.

For enterprise production use, it doesn't seem like you should be reliant on community forums and documentation, as they have what appears to be subscription enterprise variants and support services, similar to many other high-end FOSS projects.

Now admittedly I've never worked with OwnCloud in a business environment as you describe and it may not be for your needs, but these are just a few things to consider as the software matures.

Comment Only viable if privacy upheld... (Score 1) 142

While I generally support Mozilla's endeavors, as one of the last bastion of noob-to-guru accessible, Free/open source, secure and most important privacy respecting software around, this has me worried. The statement about "Publishers will then be able to collect and use this content for other forms of storytelling and spark ongoing discussions by providing readers with targeted content and notifications." could mean yet another data mining and targeted advertising opportunity, for instance.

The only way I could see any value in this for users is if it adheres to privacy-respecting principles. We've seen a handful of alternatives on the net, such as Disqus, but ultimately these tend to centralize personal information, not much different than 'log in via Facebook, Google etc.." . We don't need any more of this; I give up convenience all the time and create a variety individual site accounts specifically to avoid someone being able to see and profile all the sites upon which I comment.

Now, giving Mozilla the benefit of the doubt, it is possible that this endeavour is built out of their "Persona" project ( https://www.mozilla.org/en-US/... ) , which seems to be the best SSO type option I've seen on the web, at least in theory. It requires only an email address, doesn't disseminate personal information all around the web or allow for site-owners / third parties to mine your data, and what little information that passes through Mozilla is under their privacy policy which is very reasonable. Mozilla has shown in the past, especially with Sync, that there are ways to provide convenience to users while protecting their privacy, so I'd like to think that Persona could very well do the same. However, I am worried that this project, funded by third party grants and media giants, may have other interests in mind. If this is the case, I'd prefer that Mozilla not sully themselves by getting involved.

I suppose time will tell. I can only hope Mozilla has the fortitude to make the decisions that put user intent and privacy before the whinging financial desires of data miners and trackers.

Comment Firefox / Mozilla support privacy, support them! (Score 2) 195

This is yet another reason that I'm a great fan of Firefox and Mozilla as a whole. Firefox (and Mozilla) remains the only major browser that has the user's privacy, functions, and security in mind; not to mention a great example of FOSS that is equally viable and usable to the neophyte as the guru. I'm glad that they backed off their latest endeavor in response to user worries, but we users need to figure out a palatable way to support Mozilla monetization soon!

Now personally, I didn't have a problem with the sponsored starting "quickslots" as I understood them. They only existed on a completely new install, were visibly marked as being sponsored, didn't send back any sort of user data or have other privacy issue, and vanished as soon as the user visited 9 web pages to take up all the "quick dial" slots with their own content! People being worried that it could bleed into something more is understandable, but we need to avoid lashing out at ANY monetization system, because we'll end up in a much worse state.

Like it or not, Mozilla needs funds to do what they do; acting the paragon of web virtue and privacy, having full time developers etc... isn't cheap. Especially in a market where the "bad guys' are offering "FREE SHINY SUPER CONVENIENCE FEATURE HEY LOOK AT THIS" at every turn, while simultaneously selling the user's data to the highest bidder (see: Google) , it is hard to offer a competing level of service and features with a better ethical bend; its even worse when the "bad guys" offer the biggest bucks (ie the reason that porn, faux antivirus sites, other dataminers and outright malware ads pay the most per click. On the other side, those like American health insurance companies, people search slime etc.. are willing to pay top dollar for your data if Google or whomever gathers it. Atop all of this, Google has to compete with "Joe User's" preferences. Though they do an excellent job bringing their support of an open web and privacy to light, Joe User still may like Chrome Widget A or Feature B, which is part of the reason that Firefox is trying to provide "Chrome UI styles" to those that want them in recent variants.

Ultimately, I want Mozilla to continue with its FOSS, openness, and privacy-focused mission and I am willing (and do) donate to the foundation in the hopes to help them do so. However, I know I am a minority - most people aren't going to donate and/or pay for a browser. If it is true that Firefox is going to lose a huge chunk of its revenue from including Google as one of its Search Bar default engines, they are going to have to make that up somehow. Honest and innocuous attempts to do so like the previous "quickdial sponsored starting pages" idea should likely be supported. Especially the tech and FOSS geek community shouldn't be rebuking any attempt for monetization, lest we end up with Mozilla either falling further and further behind as they don't have the money to keep up, or worse abandoning their principles to pay the bills. Instead, we need to be supporting Mozilla's attempts to make money that is still in line with their mission and our desires for openness, privacy, security and the like.

P.S. Despite being one of my favorite pieces of software, recently Thunderbird really needs some support too (especially, being able to detect the new Gmail Categories etc... that's something that the clout of Mozilla should be able to sit down with Google and work out a way to handle it) . Its sad that Mozilla hasn't the resources to invest in continuous improvements and have put the project on the back burner. We don't want to see this happen to Firefox too!

Slashdot Top Deals

"Truth never comes into the world but like a bastard, to the ignominy of him that brought her birth." -- Milton