Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror
Compare cell phone plans using Wirefly's innovative plan comparison tool ×

Submission + - Proposed 'social media ID, please' law met with anger (computerworld.com)

dcblogs writes: A plan by the U.S. government to require some foreign travelers to provide their social media IDs on key travel documents is being called by critics “ludicrous,” an “all-around bad idea,” “blatant overreach,” “desperate, paranoid heavy-handedness,” “preposterous,” “appalling,” and “un-American." That's just a sampling of the outrage. Some 800 responded to the U.S. request for comments about a proposed rule affecting people traveling from “visa waiver” countries to the U.S., where a visa is not required. This includes most of Europe, Singapore, Chile, Japan, South Korea, Australia and New Zealand. Travelers will be asked to provide their Twitter, Facebook, Instagram, LinkedIn, Google+, and whatever other social ID you can imagine to U.S. authorities. It’s technically an “optional” request, but since it’s the government asking, critics believe travelers will fear consequences if they ignore it. People who are traveling from a country where a visa is required, such as India or China, get a security vetting when they apply for a visa at a U.S. consulate, so this proposal doesn’t apply to them. In a little twist of irony, some critics said U.S. President Obama’s proposal for foreign travelers is so bad, it must have been hatched by Donald Trump.

Comment Interesting idea (Score 1) 442

We need the 'I'm not in business, I facilitate micro business" model to exist.

But at the same time, we have to admit that those micro businesses avoid the regulation that normal small (and large) businesses have to do. This is an unfair advantage. As such, it makes a good compromise to allow them to exist, but have them pay a tax to equalize things out. They avoid the business regulations, but have to pay to do it.

Ideally, this will allow the innovation - such as getting clients via apps - but prevent the major abuses.

We should use this same model for the other 'facilitating micro businesses" such as AirBnB.

Comment Stupidity to follow: (Score 4, Insightful) 209

"What's your password or you go to jail?"

"I don't remember what's my password."

"He's lying, throw him in jail!"

Five years later, released from jail because they crack the password, finding embarrassing porn, but nothing illegal.

But no compensation for throwing a man in jail for the 'crime' of a poor memory.

Submission + - One in Five Vehicle Software Vulnerabilities are 'Hair on Fire' Critical (securityledger.com)

chicksdaddy writes: One of every five software vulnerabilities discovered in vehicles in the last three years are rated “critical” and are unlikely to be resolved through after the fact security fixes, according to an analysis by the firm IOActive, The Security Ledger reports. (https://securityledger.com/2016/08/one-in-five-vehicle-vulnerabilities-are-hair-on-fire-critical/)

“These are the high priority ‘hair on fire’ vulnerabilities that are easily discovered and exploited and can cause major impacts to the system or component,” the firm said in its report (http://www.infosecurity-magazine.com/download/227664/), which it released last week. The report was based on an analysis of more than 150 vehicle security flaws identified over three years by IOActive or publicly disclosed by way of third-party firms.

The report studied a wide range of flaws, most discovered in IOActive’s work with automakers and suppliers to auto manufacturers, said Corey Thuen, a Senior Security Consultant with IOActive. Thuen and his colleagues considered what kinds of vulnerabilities most commonly affect connect vehicles, what types of attacks are most often used to compromise vehicles and what kinds of vulnerabilities might be mitigated using common security techniques and tactics.

The results, while not dire, are not encouraging. The bulk of vulnerabilities that were identified stemmed from a failure by automakers and suppliers to follow security best practices including designing in security or applying secure development lifecycle (SDL) practices to software creation. “These are all great things that the software industry learned as it has progressed in the last 20 years. But (automakers) are not doing them.”

Comment Re:Not understanding the issue (Score 4, Insightful) 195

The real problem with your philosophy is that so much of that information is secretly personably identifiable.

It is like the extra data a browser gives - things like versions, addons, etc. There is enough variability that you can determine the exact person.

It may not be good enough in a court of law, but it is good enough for a private investigator.

Submission + - American Bar Association votes to DRM the law, put it behind a EULA (boingboing.net)

schwit1 writes: Rogue archivist Carl Malamud writes, "I just got back from the big debate on is free law like free beer that has been brewing for months at the American Bar Association over the question of who gets to read public safety codes and on what terms."

In my remarks I made the point that this resolution was perhaps well-intentioned, but bought into a really dangerous idea that somehow DRM-based access to the law from an exclusive private provider is "good enough." I was actually joined by the standards establishment in arguing strenuously that "read only access" simply doesn't exist and DRM is futile. A law is either public or it isn't. (And if a law isn't public, it isn't a law!)


Submission + - Assange implies murdered DNC staffer was WikiLeaks' source (foxnews.com)

Okian Warrior writes: WikiLeaks founder Julian Assange implied in an interview that a murdered Democratic National Committee staffer was the source of a trove of damaging emails the rogue website posted just days before the party's convention.

Speaking to Dutch television program Nieuswsuur Tuesday after earlier announcing a $20,000 reward for information leading to the arrest of Seth Rich's killer, Assange said the July 10 murder of Rich in Northwest Washington was an example of the risk leakers undertake.

Comment Same with keys. (Score 4, Insightful) 87

Most locks can be opened in 5 seconds with a 'bump key'.

Even the best locks can easily be defeated by a sledge hammer.

The real advantage of most locks is that it TELLS you when they have been attacked. A good Bluetooth lock should keep an easily accessible record of how many times and when it was opened.

But yes, this should be fixed. Even simple encryption is better than plain text password transmission.

Submission + - Industry Pushes Foreign Labor, Claiming 'U.S. Students Can't Hack It in Tech' (breitbart.com)

geek writes: According to Caroline May "The tech industry is seeking to bolster its argument for more white-collar foreign tech workers with the insulting claim that the education system is insufficiently preparing Americans for tech fields, according to pro-American worker attorneys with the Immigration Reform Law Institute."

"But if the H-1B program really is meant to correct the failings of our education system, as BigTech’s new messaging-push implies, why is it importing so many people from India? According to results from the Programme for International Student Assessment (PISA), a global standardized math and science assessment sponsored by the OECD, India scored almost dead last among the 74 countries tested. The results were apparently so embarrassing, the country pulled out of the program all together. Not surprisingly then, there isn’t a single Indian university that appears within the top 250 spots of the World University Rankings Survey. And unlike American bachelor’s degrees, obtaining a bachelor’s in India takes only three years of study."

Comment No duh (Score 1, Insightful) 100

People that play computer games tend to be:

1) Computer literate = average or greater intelligence and having the skills to self-teach technological skills.

2) Not dirt poor = having the many advantages of the middle class life.

3) Not have parents that are tyrannical puritans that discourage kids from learning.

Submission + - SPAM: Kids killed by carmaker's pennyshaving, again 1

LeadSongDog writes: Cars today have thermometers, sound systems, microphones, power windows, alarms and computers galore. For a few lines of added code they could detect children or pets left in closed cars and prevent them from baking there. Will the SAE step up to the plate, before the hacktivists?
Link to Original Source

Comment Because I WANT to share the same password with all (Score 3, Interesting) 91

You don't use the same password for your email as you use for your bank account because you want to make sure that when one is compromised, the other is not.

Using a single login is just a slightly easier version of using the same password for all your accounts.

It is JUST as stupid as using the same password for your every account.

The only difference is that the people with your password are promising not to steal money from you outright.

They don't promise to respect your privacy in any way, because they are planning on abusing the crap out of it.

Trusting someone that's outright plan is to abuse your trust is not a smart thing to do.

Slashdot Top Deals

Air pollution is really making us pay through the nose.

Working...