Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?
Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×

Comment Re:Bandiwidth is *free* fallacy.. (Score 2) 210

In addition to bandwidth is free you forgot the one about how since the hardware infrastructure for networks is a sunken cost it should be free to use. I haven't figured that one out yet; apparently the underlying assumption is that the investors who paid up front ought to be robbed of their expected returns.

Comment And the concept of extradition is well established (Score 1) 131

Happens all the time. If a person commits a crime against country A and they are in country B, country A may well ask country B to hand them over. If it happens or the details of it vary based off of the specific countries and their treaties, called extradition treaties. For example the US and North Korea? Ya not happening. There are no extradition treaties between those two, and the governments hate each other. so nobody is getting handed over. However EU nations? Extremely strong extradition treaties. If you commit a crime against Germany from France, Germany will have France arrest you and ship you over to stand trial.

The majority of nations have extradition treaties of some level with each other since they don't want criminals able to run off and hide from justice. It has been a thing for a long time.

Comment He's just showboating (Score 4, Insightful) 391

He's trying to get himself attention, and succeeding it would seem as here's a story on it.

Assange has acted rather oddly throughout this whole thing, at least if you take his rhetoric at face value. He happily went to Sweden and spent time there until these allegation came up, at which time he went to the UK. He then claimed that the reason was that the charges were BS and Sweden would just hand him over to the US because they were after him as soon as he went back. That of course makes one questions:

1) Why would he go to Sweden in the first place, if he knew it was a country that would hand him over to the US extra judicially?

2) Why would he flee to the UK and feel safe there, a country with such a special relationship with the US it is literally called the "special relationship"?

He then fought the extradition to Sweden in the UK courts and lost. They were ruling just on the validity of the extradition request, not on the validity of the charge behind it. He then fled to the Ecuadorian embassy, claiming that he'd be handed over to the US if he went to Sweden.

So there we are today. Now near as I know, the US has not sought his arrest. While they don't like him, it doesn't look like he's broken US law. Publishing classified US information isn't a crime if you weren't the one who had access to it. So a guy who has a security clearance and gets information and gives it to a paper, he's breaking the law. However the paper that then publishes it is not.

Now maybe he really does know something most don't, but it seems more likely this is just him trying to get in the news. He knows this is an empty offer since the US wouldn't agree to it as they don't have a valid charge to bring against him. This is all between him and Sweden and now him and the UK (even if Sweden dropped the charges, he still broke UK law be fleeing his bail). The US isn't involved.

Comment Re:No? (Score 1) 375

Don't you know Patrick Henry was a terrorist. If he was alive today he'd definitely be on the no fly list.

Exactly how many Londoners died from Patrick Henry's (or George Washington's for that matter) legions of suicide bombers? Sometimes "freedom fighters" are terrorists, sometimes they're fighting to take the place of the current nobility, sometimes they're fighting for freedoms.

Comment Re: Does anyone speak technical here anymore? (Score 1) 337

He wrote a proxy, so probably something like:


The proxy fetches the content from the remote server to a local directory /speedtest and then serves the content to the phone from there (rewriting URLs in the process to be relative to /speedtest).

Comment Re:Technical Controls (Score 1) 95

I believe LTE does prevent a lot of the snooping. Part of the problem is that things evolved from really old-ass standards and so security was not always the consideration it should be. I mean remember that the original cell network:

1) Was all unencrypted analogue, the only thing preventing people from listening in was not having a radio that could tune the frequencies.

2) Had all kinds of odd shit related to compatibility with the old PSTN.

It was not even remotely secure. However, it was what we could do with the technology of the day.

Things have been getting better, particularly with VoLTE and the move to all packet switched data. It is always hard though because there are always tradeoff between easy of use, cost, features and security. It's easy on the surface to say that security should always be the top concern but you find out when you try to implement things that actually doing really strong security against all kind of attacks can be prohibitive at times and impede usability.

Comment Security is an advantage (Score 5, Interesting) 206

If properly implemented, and it seems Android and Apple do, contactless payment via your smartphone is a lot more secure than anything else. Some advantages it has:

1) A proxy number can be used for each transaction. Your real number need never be used at any time, as a proxy can be created for each transaction. The bank lets the phone know what proxies to use, and the phone lets the bank know when they are used. so even if the merchant gets completely owned, the information gleaned on you is useless as it was valid for that transaction only.

2) You have a device that can notify the bank of the validity of the transaction. Not only will the payment terminal contact the bank for payment, but your phone can let the bank know as well. Now there has to be some slack built in the system to make sure that it can work even if you don't have signal, but basically when your phone gets back on the network if the transactions don't agree, a flag can be raised.

3) You have some defense against a compromised terminal that overcharges (basically a merchant that has messed with their terminals to charge a different amount than displayed. Your phone knows how much the charge was, and shows it to you. If that is different from the amount on the screen, you can contact your bank there and then and stop the transaction.

4) The two-factor auth is taken off the device, on to your device. You have to unlock your phone to use the payment, so you have a 2-factor setup (your phone + either code or biometrics). However with chip+pin, the pin is entered on the terminal so if it is compromised, it can get your pin. The terminal can't get anything when a phone is used as the auth is on the phone, not the terminal.

It isn't flawless, but it is a decent step up from the security of just using a card.

Comment Bad security is NOT an invitation to break in (Score 4, Interesting) 85

You don't want it to become one either, or people can break in your house because it has shit security. Even if you have "good" security for a home, it still sucks in the grand scheme and is trivial to bypass. However I imagine you'd be pretty pissed if someone broke in and said "Well you have abysmal security, don't silence the messenger!"

That doesn't mean people shouldn't try and have good electronic security (and physical security for that matter) but that they don't is not an invitation or excuse for breaking in.

Comment Re:Training is immoral (Score 2) 618

Problem is they still need to demonstrate why the current worker does not have those skills and cannot meet their needs. If you have someone already in a position and you aren't getting rid of them for cause, then presumably they meet the needs of that position. Thus if you bring in someone to replace them saying "This new person has technical skills we need" isn't really a valid argument.

Comment It's not likely to save them money either (Score 4, Insightful) 618

At least not unless there is a reduction in services. I don't know why people think outsourcing always saves money. It often doesn't. Basically outsourcing is a good idea if you are too small to be able to do something yourself efficiently. You either don't do enough of it, or do it often enough to make it worth having an internal team.

For example construction is something basically everyone outsources. You just don't build new buildings often enough to make it a worthwhile proposition to have a dedicated staff for it, they'd be sitting around most of the time.

However when you get large, often you can do shit in house for cheaper, or at least the same price and have more control. It isn't like those contract workers are free, and it isn't like the company who contracts them takes no cut.

With a large university, practically everything should be in house. They are so large they usually have their own police forces, they are literally small cities. So you have enough needs that hiring your own staff usually makes sense. In general when I've seen a university outsource something they used to do it ends up costing them more, and the service is generally worse, sometimes a bit, sometimes a lot.

Thus my bet is in the end this contract costs them more than they were paying.

Worst example I've seen is a friend who consults for a public school system (primary, not university). They outsource most everything, as is evident from him contracting to them to do development. So a project he was doing needed a dedicated Linux virtual server. They balked at that, and he pushed back, confused. It was a low spec server, could be a VM, it just needed to be dedicated for security. The reason they balked? The outsourcing firm that ran their servers charged them well over $1000/year per VM. AT a rate like that, you don't need many VMs before it would be cheaper to buy a server and hire a guy who does nothing but mind after it.

Slashdot Top Deals

All extremists should be taken out and shot.