Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror
Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×

Comment Re:Security is an illusion (Score 1) 153

There's just too much volume to track all the content everywhere.

There are 350 million people in the USA, more or less. Including kids not of age to use computers. One computer, just one, operates at billions of instructions per second (when the code is written in anything efficient, like c.) The NSA has a newish huge data center located on the main trunks.

You do the math. If you still think they can't sieve that amount of data effectively, why then, good on you for your optimism. :)

Comment Re:Trump Derangement Syndrome (Score 1) 476

Trump is assumed by some to have won based on (anticipated) EC votes. However, three facts:

1 - The EC hasn't voted yet.

2 - The EC does not have to vote for Trump.

3 - Clinton got (a lot) more votes from, you know, the people.

Trump may well end up to be president. But he isn't the president yet; he isn't even the president-elect yet.

Encryption

Encryption Backdoor Sneaks Into UK Law (theregister.co.uk) 111

Coisiche found a disturbing article from The Register about the U.K.'s new "Snoopers' Charter" law that has implications for tech companies around the world: Among the many unpleasant things in the Investigatory Powers Act that was officially signed into law this week, one that has not gained as much attention is the apparent ability for the U.K. government to undermine encryption and demand surveillance backdoors... As per the final wording of the law, comms providers on the receiving end of a "technical capacity notice" will be obliged to do various things on demand for government snoops -- such as disclosing details of any system upgrades and removing "electronic protection" on encrypted communications. Thus, by "technical capability," the government really means backdoors and deliberate security weaknesses so citizens' encrypted online activities can be intercepted, deciphered and monitored... At the end of the day, will the U.K. security services be able to read your email, your messages, your posts and private tweets, and your communications if they believe you pose a threat to national security? Yes, they will.
The bill added the Secretaries of State as a required signatory to the "technical capacity" notices, which "introduces a minor choke-point and a degree of accountability." But the article argues the law ultimately anticipates the breaking of encryption, and without customer notification. "The U.K. government can certainly insist that a company not based in the U.K. carry out its orders -- that situation is specifically included in the new law -- but as to whether it can realistically impose such a requirement, well, that will come down to how far those companies are willing to push back and how much they are willing to walk away from the U.K. market."
Operating Systems

Taking a Stand Against Unofficial Ubuntu Images (ubuntu.com) 97

Canonical isn't pleased with cloud providers who are publishing broken, insecure images of Ubuntu despite being notified several times. In a blogpost, Mark Shuttleworth, the founder of Ubuntu, and the Executive Chairman and VP, Product Strategy at Canonical, made the situation public for all to see. An excerpt from the blog post: We are currently in dispute with a European cloud provider which has breached its contract and is publishing insecure, broken images of Ubuntu despite many months of coaxing to do it properly. The home-grown images on the cloud, VPS and bare metal services of this provider disable fundamental security mechanisms and modify the system in ways that are unsupportable. They are likely to behave unpredictably on update in weirdly creative and mysterious ways (the internet is full of fun examples). We hear about these issues all the time, because users assume there is a problem with Ubuntu on that cloud; users expect that 'all things that claim to be Ubuntu are genuine', and they have a right to expect that. We have spent many months of back and forth in which we unsuccessfully tried to establish the same operational framework on this cloud that already exists on tens of clouds around the world. We have on multiple occasions been promised it will be rectified to no avail. We are now ready to take legal steps to remove these images. We will seek to avoid affecting existing running users, but we must act to prevent future users from being misled. We do not make this move lightly, but have come to the view that the value of Ubuntu to its users rests on these commitments to security, quality and updates.
Microsoft

Microsoft Says Summer's Windows 10 Upgrade Fit For Business (computerworld.com) 117

Microsoft has moved Windows 10 August update to the Current Branch for Business release track, putting the "Anniversary Update" in the queue for automatic downloads and installation on enterprise PCs. From a report on ComputerWorld: The move will also set in motion a two-month countdown clock on support for the original mid-2015 version of Windows 10. "Windows 10 1607, also known as the Windows 10 Anniversary Update, has been declared as Current Branch for Business (CBB) and is ready for deployment," Michael Niehaus, a director of product marketing, said in a post to a company blog that used similar wording to the first upgrade to the CBB. In April, Microsoft moved the November 2015 upgrade to the corporate delivery track. Microsoft issued the Anniversary Update Aug. 2, even though its numerical designation of 1607 referred to July (07) of this year (16). The upgrade will be released in January through Windows Update, Windows Update for Business and Windows Server Update Services (WSUS), Niehaus said.
Google

Google's New Public NTP Servers Provide Smeared Time (googleblog.com) 178

Google says it has built support for the leap second into the time servers that regulate all Google services. An anonymous reader shares a blogpost by Google:No commonly used operating system is able to handle a minute with 61 seconds, and trying to special-case the leap second has caused many problems in the past. Instead of adding a single extra second to the end of the day, we'll run the clocks 0.0014% slower across the ten hours before and ten hours after the leap second, and "smear" the extra second across these twenty hours. For timekeeping purposes, December 31 will seem like any other day. All Google services, including all APIs, will be synchronized on smeared time, as described above. You'll also get smeared time for virtual machines on Compute Engine if you follow our recommended settings. You can use non-Google NTP servers if you don't want your instances to use the leap smear, but don't mix smearing and non-smearing time servers.
Privacy

Uber Wants To Track Your Location Even When You're Not Using the App, Here's Why (businessinsider.com) 130

With the most recent update to Uber's ride-hailing app, the company has begun requesting users if they are willing to share their location data with Uber app even while the app is not in use. The company says it plans to use the data gained to improve user experience -- including offering improved pick-up times and locations. From an article on Business Insider: In August the company moved away from using Google Maps for its service and began using its own mapping technology. Google's lack of accuracy in many non-Western countries led to increased friction between consumers and drivers. This means the company needs to boost the amount of location data it has. Location data could also be used to provide new channels of revenue for the digital platform. This could include serving ads of local businesses or recommending nearby places of interest to users. Mobile marketing, which relies on accurate location data is a rapidly growing industry and could serve as a revenue windfall for Uber in the years ahead as it faces increasing competition. In fact, revenue from location-targeted mobile ads is expected to grow at an annualized rate of almost 34% between 2014 and 2019, surpassing $18 billion, according to a forecast from BIA/Kelsey.

Comment Warrants not required (Score 1) 153

They are not allowed to hack my computer even IF THEY HAVE A WARRANT, because no warrant can be granted for a computer on foreign soil.

I think what our courts would (eventually) say is that the constitution doesn't protect anyone, or anything, outside of the USA itself, and so no warrant is required in the first place.

That's pretty much the entire basis our CIA was built upon.

I'm not saying this is a good outlook; but I am saying it is the outlook.

Comment Security is an illusion (Score 1) 153

I have canceled more things than I've submitted for that exact reason.

They could have read it right off your keyboard anyway. By far the easiest place to monitor communications is at the unencrypted endpoints. If you don't want anyone to know what you're thinking, don't say it, don't enter it into a computer in any form, and don't write it down. That'll protect you. For at least a little while longer, anyway.

"Two people can keep a secret -- if one of them is dead."

Comment Re:Pay attention. (Score 2, Interesting) 153

This allows the government to hack AN UNLIMITED NUMBER OF COMPUTERS if they have a rubber stampped warrant from a judge who has no understanding of what they are signing.

I would assume that a judge would have some common sense. A warrant might say "All computers own by XXX person" or "all computers at XXX location." I doubt that a judge will sign a warrant for "all computers in Utah."

What is the alternative? "Whoops, we got a warrant to search five computers, but all of the illegal stuff is on computer #6, so we have to let this criminal go?"

Judges had to go through law school -- they are generally not stupid. I bet that most of them even own a computer or two.

Slashdot Top Deals

You had mail, but the super-user read it, and deleted it!

Working...