Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?
Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×

Comment And the concept of extradition is well established (Score 1) 126

Happens all the time. If a person commits a crime against country A and they are in country B, country A may well ask country B to hand them over. If it happens or the details of it vary based off of the specific countries and their treaties, called extradition treaties. For example the US and North Korea? Ya not happening. There are no extradition treaties between those two, and the governments hate each other. so nobody is getting handed over. However EU nations? Extremely strong extradition treaties. If you commit a crime against Germany from France, Germany will have France arrest you and ship you over to stand trial.

The majority of nations have extradition treaties of some level with each other since they don't want criminals able to run off and hide from justice. It has been a thing for a long time.

Comment He's just showboating (Score 4, Insightful) 385

He's trying to get himself attention, and succeeding it would seem as here's a story on it.

Assange has acted rather oddly throughout this whole thing, at least if you take his rhetoric at face value. He happily went to Sweden and spent time there until these allegation came up, at which time he went to the UK. He then claimed that the reason was that the charges were BS and Sweden would just hand him over to the US because they were after him as soon as he went back. That of course makes one questions:

1) Why would he go to Sweden in the first place, if he knew it was a country that would hand him over to the US extra judicially?

2) Why would he flee to the UK and feel safe there, a country with such a special relationship with the US it is literally called the "special relationship"?

He then fought the extradition to Sweden in the UK courts and lost. They were ruling just on the validity of the extradition request, not on the validity of the charge behind it. He then fled to the Ecuadorian embassy, claiming that he'd be handed over to the US if he went to Sweden.

So there we are today. Now near as I know, the US has not sought his arrest. While they don't like him, it doesn't look like he's broken US law. Publishing classified US information isn't a crime if you weren't the one who had access to it. So a guy who has a security clearance and gets information and gives it to a paper, he's breaking the law. However the paper that then publishes it is not.

Now maybe he really does know something most don't, but it seems more likely this is just him trying to get in the news. He knows this is an empty offer since the US wouldn't agree to it as they don't have a valid charge to bring against him. This is all between him and Sweden and now him and the UK (even if Sweden dropped the charges, he still broke UK law be fleeing his bail). The US isn't involved.

Comment Re:Technical Controls (Score 1) 95

I believe LTE does prevent a lot of the snooping. Part of the problem is that things evolved from really old-ass standards and so security was not always the consideration it should be. I mean remember that the original cell network:

1) Was all unencrypted analogue, the only thing preventing people from listening in was not having a radio that could tune the frequencies.

2) Had all kinds of odd shit related to compatibility with the old PSTN.

It was not even remotely secure. However, it was what we could do with the technology of the day.

Things have been getting better, particularly with VoLTE and the move to all packet switched data. It is always hard though because there are always tradeoff between easy of use, cost, features and security. It's easy on the surface to say that security should always be the top concern but you find out when you try to implement things that actually doing really strong security against all kind of attacks can be prohibitive at times and impede usability.

Comment Security is an advantage (Score 5, Interesting) 206

If properly implemented, and it seems Android and Apple do, contactless payment via your smartphone is a lot more secure than anything else. Some advantages it has:

1) A proxy number can be used for each transaction. Your real number need never be used at any time, as a proxy can be created for each transaction. The bank lets the phone know what proxies to use, and the phone lets the bank know when they are used. so even if the merchant gets completely owned, the information gleaned on you is useless as it was valid for that transaction only.

2) You have a device that can notify the bank of the validity of the transaction. Not only will the payment terminal contact the bank for payment, but your phone can let the bank know as well. Now there has to be some slack built in the system to make sure that it can work even if you don't have signal, but basically when your phone gets back on the network if the transactions don't agree, a flag can be raised.

3) You have some defense against a compromised terminal that overcharges (basically a merchant that has messed with their terminals to charge a different amount than displayed. Your phone knows how much the charge was, and shows it to you. If that is different from the amount on the screen, you can contact your bank there and then and stop the transaction.

4) The two-factor auth is taken off the device, on to your device. You have to unlock your phone to use the payment, so you have a 2-factor setup (your phone + either code or biometrics). However with chip+pin, the pin is entered on the terminal so if it is compromised, it can get your pin. The terminal can't get anything when a phone is used as the auth is on the phone, not the terminal.

It isn't flawless, but it is a decent step up from the security of just using a card.

Comment Bad security is NOT an invitation to break in (Score 4, Interesting) 85

You don't want it to become one either, or people can break in your house because it has shit security. Even if you have "good" security for a home, it still sucks in the grand scheme and is trivial to bypass. However I imagine you'd be pretty pissed if someone broke in and said "Well you have abysmal security, don't silence the messenger!"

That doesn't mean people shouldn't try and have good electronic security (and physical security for that matter) but that they don't is not an invitation or excuse for breaking in.

Comment Re:Training is immoral (Score 2) 618

Problem is they still need to demonstrate why the current worker does not have those skills and cannot meet their needs. If you have someone already in a position and you aren't getting rid of them for cause, then presumably they meet the needs of that position. Thus if you bring in someone to replace them saying "This new person has technical skills we need" isn't really a valid argument.

Comment It's not likely to save them money either (Score 4, Insightful) 618

At least not unless there is a reduction in services. I don't know why people think outsourcing always saves money. It often doesn't. Basically outsourcing is a good idea if you are too small to be able to do something yourself efficiently. You either don't do enough of it, or do it often enough to make it worth having an internal team.

For example construction is something basically everyone outsources. You just don't build new buildings often enough to make it a worthwhile proposition to have a dedicated staff for it, they'd be sitting around most of the time.

However when you get large, often you can do shit in house for cheaper, or at least the same price and have more control. It isn't like those contract workers are free, and it isn't like the company who contracts them takes no cut.

With a large university, practically everything should be in house. They are so large they usually have their own police forces, they are literally small cities. So you have enough needs that hiring your own staff usually makes sense. In general when I've seen a university outsource something they used to do it ends up costing them more, and the service is generally worse, sometimes a bit, sometimes a lot.

Thus my bet is in the end this contract costs them more than they were paying.

Worst example I've seen is a friend who consults for a public school system (primary, not university). They outsource most everything, as is evident from him contracting to them to do development. So a project he was doing needed a dedicated Linux virtual server. They balked at that, and he pushed back, confused. It was a low spec server, could be a VM, it just needed to be dedicated for security. The reason they balked? The outsourcing firm that ran their servers charged them well over $1000/year per VM. AT a rate like that, you don't need many VMs before it would be cheaper to buy a server and hire a guy who does nothing but mind after it.

Comment Re:It also doesn't jive with other evidence (Score 1) 112

If all you can point out is stuff "in China for China" then you aren't strengthening your case. Linux isn't made "in Finland for Finns", Windows isn't made "in the US for Americans," QNX isn't made "in Canada for Canadians," and so on. When you are really good at something, you export it and sell it worldwide. You see that with US and European (as well as other) software, just like you see it with Chinese SMPSes. When you are really good in this interconnected world you cross borders, you aren't only able to sell in a rather walled off, controlled market. Canon, Zeiss, Leica, Nikon, etc don't sell glass just in their native countries or regions, they are the worldwide leaders because they are good. You find Canon cameras for sale through out the world, not just in Japan.

Baidu is probably actually the best example: It is such a huge force in China, yet nobody outside China uses it. Everyone else uses Google (or to a much lesser extent Bing and Yahoo). Despite Google being an American company in origin, their product is not limited to one country. It isn't limited to English speakers either, you find it all over the world. In fact the only places it doesn't have a lot of penetration are places like China, Iran, North Korea and so on.

Why? Because China wants to maintain control on the information their populace can see. So Baidu, being local, works well for that. Google, being global, does not. That combined with a bunch of protectionism means that Baidu is the big thing in China. But that's artificial, it isn't because Baidu is so amazingly great. You can get to Baidu from the US no problem, but few people do because it is a Chinese only site, you go to the homepage and it is in Chinese with no apparent way to change languages. By contrast Google picks a language based on your country location (which you can easily change) and supports searches in essentially every language, including Chinese.

When you look at the heavy hitters in tech, Chinese companies just don't make the list except extremely rarely. Let's take a quick look at a few major areas:

OSes: Windows (US), Linux (Finland, though worldwide really), OS-X (US), iOS (US), Android (US), QNX (Canada), BSD (US/worldwide), vxWorks (US).

CPUs: Intel (US), AMD (US), ARM (UK), MIPS (US), Power (US), Hitachi (Japan).

Databases: Oracle (US), MySQL (Swedish, though US now), Postgres (US/global), MSSQL (US), DB2 (US).

FPGAs: Xilinx (US), Altera (US), Amtel (US), Lattice (US).

Video Production: Avid (US), Final Cut (US), Premiere (US), Vegas (Japan/US, now moving to Germany).

Video Game Engines: Unity (US), Unreal Engine (US), iDTech (US), Frostbite (Sweden), Source (US), Gamebryo/Creation (US), Cryengine (Germany), Dunia (Canada), PhyreEngine (Japan), Unigine (Russia).

Seeing a trend?

Comment It also doesn't jive with other evidence (Score 1) 112

The big one being software that gets produced and used/sold. The US and Western Europe dominate that arena. You go and look at who it is producing the big commercial and OSS stuff, from OSes to games to productivity software to media creation tools and so on and those are the areas that dominate. To be sure it is an international endeavour, software is great in that there isn't a huge fixed startup cost so a great many people can participate. But those regions see -by far- the most production. It isn't like it is all immigrants working for the companies either, lots of domestic labour.

So, if China and Russia really are so amazing, so far ahead, I mean we are talking #1 vs #28, then where are all the software companies? Where are all the people contributing to OSS projects? Where are all the indies from those areas?

There is just no way if China is this unstoppable force of the "most talented" developers (not just most numerous) that they wouldn't also be a huge force in the software industry. They just aren't though. They are a participant, as nearly every nation is, but they aren't anything special, nowhere even approaching the US.

Comment Re:You know I could get in to something like this (Score 1) 84

Well personally I've been quite happy with a number of the new features. Also security isn't irrelevant to me, given that I do work to keep my device secure by updating it, by running security software, and be screening what I install and only installing things I need.

I am talking about MY interest in something and ya, having new versions of software is something that I consider. If I'm getting a new device that is something I want.

Comment You know I could get in to something like this (Score 3, Interesting) 84

But only if they'd start releasing OS updates for their older hardware. Given that Samsung drops support after just 18 months, I don't think I'd want to buy a refurb since it is going to get updates for, at most 6 more months. If I am going to get something with no updates, I'd want it for actual used market prices, which is to say really cheap.

Comment Re:What the fuck are you whining about? (Score 1) 150

No, that's not the approach you take. If you think it is, well you need to grow up. You don't cause massive compatibility problems and huge disruptions just for the fun of it. Instead, you do things as smoothly as possible. There is no need to rush out IPv6, it isn't like the world will blow up. IPv4 works, and will continue to work.

You thinking that implementing something like this on a worldwide scale being cheap, easy or quick just shows a massive lack of experience and perspective.

Comment Re:Which US ISPs? (Score 1) 150

I can't speak authoritatively to Comcast, not having it, but everything I see says they have dual-stack on their entire residential network. Have you tried it? You have to set up DHCP-PD on your router (that is how most ISPs are doing it) and they should give you a prefix that your devices can use.

Slashdot Top Deals

"Intelligence without character is a dangerous thing." -- G. Steinem