Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?
Compare cell phone plans using Wirefly's innovative plan comparison tool ×

Submission + - Proposed 'social media ID, please' law met with anger (computerworld.com)

dcblogs writes: A plan by the U.S. government to require some foreign travelers to provide their social media IDs on key travel documents is being called by critics “ludicrous,” an “all-around bad idea,” “blatant overreach,” “desperate, paranoid heavy-handedness,” “preposterous,” “appalling,” and “un-American." That's just a sampling of the outrage. Some 800 responded to the U.S. request for comments about a proposed rule affecting people traveling from “visa waiver” countries to the U.S., where a visa is not required. This includes most of Europe, Singapore, Chile, Japan, South Korea, Australia and New Zealand. Travelers will be asked to provide their Twitter, Facebook, Instagram, LinkedIn, Google+, and whatever other social ID you can imagine to U.S. authorities. It’s technically an “optional” request, but since it’s the government asking, critics believe travelers will fear consequences if they ignore it. People who are traveling from a country where a visa is required, such as India or China, get a security vetting when they apply for a visa at a U.S. consulate, so this proposal doesn’t apply to them. In a little twist of irony, some critics said U.S. President Obama’s proposal for foreign travelers is so bad, it must have been hatched by Donald Trump.

Comment Re:Here's the problem with stereo Bluetooth: (Score 1) 374

SBC, AAC and MP3 are lossy codecs. I never saw a product that accept AAC or MP3

Creative Roar 2 speakers support AAC over Bluetooth. My MacBook Pro uses AptX though with this speaker, and it does sound better connected via USB than wirelessly. I also had to hack around with some BT tools to ensure the Mac doesn't use SBC, which sounds horrible. You'd hope that iTunes would pass-through any AAC streams it's playing without re-transcoding, but 1) I don't know if it or any other player can do this, and 2) there're probably some special encoding settings required such as limiting the bitrate or using AAC-LC instead of AAC-HEv2.

I'd say BT isn't really a good choice for music playback given its quality, difficulty correctly configuring and how flaky it is (say hello to the microwave and other 2.4GHz interference!)

Comment Interesting idea (Score 1) 442

We need the 'I'm not in business, I facilitate micro business" model to exist.

But at the same time, we have to admit that those micro businesses avoid the regulation that normal small (and large) businesses have to do. This is an unfair advantage. As such, it makes a good compromise to allow them to exist, but have them pay a tax to equalize things out. They avoid the business regulations, but have to pay to do it.

Ideally, this will allow the innovation - such as getting clients via apps - but prevent the major abuses.

We should use this same model for the other 'facilitating micro businesses" such as AirBnB.

Comment Re: Rape sympathizers (Score 2) 227

Assange committed a "crime" that isn't a crime in the US. He lied to a woman to convince her to have sex with him. Apparently that's "rape" in Sweden, and not in the US.

Nope, that's a lie. He had sex with an unconscious woman, knowing that before she fell asleep, she told him 'no'. And not only is that a crime in Sweden, it's also a crime in the US. And it's also a crime in the UK, where Assange tried exactly the defense you're offering: he said that because she didn't fight him off later, it shouldn't be a crime. The UK High Court, in its opinion upholding extradition, stated:

Our view is, as we have set out, that a jury would be entitled to find that consent to sexual intercourse with a condom is not consent to sexual intercourse without a condom which affords protection. As the conduct set out in the EAW alleges that Mr Assange knew SW would only have sex if a condom was used, the allegation that he had sexual intercourse with her without a condom would amount to an allegation of rape in England and Wales.

As the EAW sets out the circumstance that SW was asleep, s.75 which applies to rape is also material: [quote of statute removed].
As it is alleged SW was asleep, then she is not to be taken not to have consented to sexual intercourse.

Comment Re:SJW Bullshit (Score 0) 227

I posted this in another post below, but I just wanted to reiterate it here, for those who might not fully understand the situation.

It might help your understanding of the situation to understand that the CIA and NSA now use fake rape and sexual assault/harassment claims as their preferred method of character assassination (much easier, less messy, and just as effective as actual assassination). It happened to the poor bastard IMF head who made the VERY stupid mistake of challenging the supremacy of the U.S. Dollar.

What would you call someone who repeatedly changes their story, offering details, then recanting them over and over? The "poor bastard IMF head", maybe? He originally said nothing happened and he had never even seen his accuser; then that he may have been in the room while she was cleaning but he doesn't pay attention to housekeeping staff; then that he was naked in the room while she was cleaning; then that they had consensual sex; then that they had "rough" consensual sex during which he tore her rotator cuff. That doesn't sound like someone who is the victim of character assassination - you'd expect that such a victim would be able to maintain a constant story.

It also happened to Julian Assange and others.

Assange who has admitted he had sex with an unconscious woman? If all it takes to be a honeypot is to fall asleep around Assange, then they're not really entrapping him into doing anything he wouldn't do otherwise, are they?

Comment Re: Disable, then VM or Mac (Score 1) 399

You're worried about her workflow but you're going to completely change her environment and make her learn a new way of working? Seriously I'd be more worried about Adobe than Microsoft breaking something.

BTW, I guess your wife's professional setup doesn't rely on 10-bit graphics? I can see banding in blue sky gradients in Lightroom on my MBP.

Comment Re: Linux. (Score 1) 399

Huh? What are you taking about? Connect a keyboard with these if you want them. There have always been key chords for these and I particularly like that many keyboard shortcuts are the same as on Linux, like the Ctrl+E/-A combos. Pointy-clicky and advanced people are satisfied, but Windows users have to learn a new way (and so what?)

Comment Re:I lean the other way. (Score 1) 147

In general (not talking about actual crypto here), the whole password/passcode policy thing is nothing more than a CYA and comfort food for the paper pushers.

You make a password more complex than 8 characters and a cap (or number or special)... you got the easiest password to break. The monitor post-it.

But if you ignore the enforced artificial complexity and suggest pass phrases, you get easily remembered, but very strong passwords. For example, even assuming a brute force attacker limits their search space to 26 characters plus punctuation - and further limits it to common english words - if you have a pass phrase like "everyday for breakfast, my cat, muffin, enjoys eating tuna dipped in milk", the resulting Shannon entropy is 365 bits. By comparison, a keyboard-mashed password of "a8gh!#hZ0-" only has 40 bits of entropy. Even though the former has a very limited search space, the length is sooooo much longer that protons will decay before you brute force it.

Comment Stupidity to follow: (Score 4, Insightful) 209

"What's your password or you go to jail?"

"I don't remember what's my password."

"He's lying, throw him in jail!"

Five years later, released from jail because they crack the password, finding embarrassing porn, but nothing illegal.

But no compensation for throwing a man in jail for the 'crime' of a poor memory.

Comment Re:There's an easy solution to this (Score 4, Interesting) 426

I've already started clicking on every ad to hide it, and then choose offense / sexually explicity. Time to pollute their data set, and if they actually action on this feedback then that system will get broken if enough people also do the same.

Oh and I've started using FB on my phone because of the advertising. If they put up a wall then like other sites I've encountered doing the same then I will say "no thanks" and move on. There's just not enough value in FB at the end of the day.

Submission + - One in Five Vehicle Software Vulnerabilities are 'Hair on Fire' Critical (securityledger.com)

chicksdaddy writes: One of every five software vulnerabilities discovered in vehicles in the last three years are rated “critical” and are unlikely to be resolved through after the fact security fixes, according to an analysis by the firm IOActive, The Security Ledger reports. (https://securityledger.com/2016/08/one-in-five-vehicle-vulnerabilities-are-hair-on-fire-critical/)

“These are the high priority ‘hair on fire’ vulnerabilities that are easily discovered and exploited and can cause major impacts to the system or component,” the firm said in its report (http://www.infosecurity-magazine.com/download/227664/), which it released last week. The report was based on an analysis of more than 150 vehicle security flaws identified over three years by IOActive or publicly disclosed by way of third-party firms.

The report studied a wide range of flaws, most discovered in IOActive’s work with automakers and suppliers to auto manufacturers, said Corey Thuen, a Senior Security Consultant with IOActive. Thuen and his colleagues considered what kinds of vulnerabilities most commonly affect connect vehicles, what types of attacks are most often used to compromise vehicles and what kinds of vulnerabilities might be mitigated using common security techniques and tactics.

The results, while not dire, are not encouraging. The bulk of vulnerabilities that were identified stemmed from a failure by automakers and suppliers to follow security best practices including designing in security or applying secure development lifecycle (SDL) practices to software creation. “These are all great things that the software industry learned as it has progressed in the last 20 years. But (automakers) are not doing them.”

Slashdot Top Deals

Some of my readers ask me what a "Serial Port" is. The answer is: I don't know. Is it some kind of wine you have with breakfast?