Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
Get HideMyAss! VPN, PC Mag's Top 10 VPNs of 2016 for 55% off for a Limited Time ×

Comment Re:Incoming Security Errors (Score 4, Insightful) 86

you want to pull a js library from www.bar.com

Don't do that. You're introducing latency, you're violating the privacy of your visitors (bar.com knows about them) and you're putting them at risk, security-wise (bar.com gets 0wn3d? your visitors get 0wn3d as well). Don't be a lazy hacker and just spend the 2 minutes needed to store a local copy.

Submission + - Free Software supporter, Canadian MP David Graham speaks OSS in Government (linux-magazine.com)

ShawnX writes: If David Graham sounds familiar, you might know him better as cdlu (short for "confused debian linux user"). For years, cdlu was my colleague at Linux.com and Newsforge and well-known in Debian circles as well. Since then, he has been a presence in the back rooms of the Liberal Party until, in the federal election in October 2015, he was elected for the first time. He now describes himself (no doubt correctly) as "the only Member of Parliament to be in the Debian key ring."

Video of his discussion of using more Open Source in government can be seen here:

https://www.youtube.com/watch?...

Comment Re:So just hand them encrypted data (Score 1) 190

Apple fighting the Three Letter Agencies over this

Naïve. More and more "telemetry" is built-in in Apple operating systems, making user spying "legitimate". The iDevices constantly call the mother ship and "backup" your data on the iCloud. The iDevices are running proprietary software so random hacker cannot really tell what it does (are the camera/microphone on? you're sure?).

Maybe you can prevent some of this data leak with a complex set of fine-tuned firewall rules, ensuring you never use anything else than WiFi you control. You'll be one in a million. At the end of the day, the phone's filesystem is encrypted, but who cares if most/all of the sensitive data already has escaped away from it?

Comment Where's my tinfoil hat? (Score 4, Insightful) 610

I wouldn't be surprised if this was nothing more than a joint PR stunt to mislead people into assuming privacy on their cellphone so they wouldn't be afraid to use it for sensitive information. Government has nothing to win by disclosing they have a backdoor, neither does the cellphone manufacturer. Even thinking lo-fi decryption, how long must the passcode be before brute-forcing gets more inconvenient for the government than for the user?

Submission + - Voptop, the new Skype challenger (voptop.com)

An anonymous reader writes: A few days ago a new Skype challenger released its first beta version for Windows, Ubuntu Linux and Debian Linux.

Voptop is the new contender on the Internet telephony market. Since the Snowden revelations it is clear to what extent the market leader for Internet telephony from Redmond forwards customer data to US intelligence, and treats the privacy of its users with contempt. With the re-introduction of telecommunications data retention in mind you do not have to look into the distance to realise why the anonymization and encryption of Internet communication etc. is a good idea. This is where Voptop sets in...

Voptop offers video chat, screen sharing, instant messaging and file exchange in an “end-to-end encrypted” and anonymized way, similar to “TOR (the onion routing)”. In addition, according to there press release Voptop encrypts in RSA with a key length of 4096 Bit and XTEA in CBC mode, furthermore Voptop shall be open source.

Voptop (client & server) are under a software license based on the MIT-license. The Voptop source code will be published with the first Release Candidate“.


Comment ... that is, until Apple ads start showing (Score 1) 417

Just wait until the marketing department of Apple produces slick ads that show cool kids using their in-vehicle tech, and finds a way for people to easily advertise their car as “Apple-powered”. As long as Apple keeps on playing the conspicuous consumption card, they'll sell. The fact people won't use it is totally irrelevant.

Comment Re:How about this... (Score 5, Informative) 184

create a competing standard that is designed specifically to avoid patents, and license it royalty-free

That's exactly what Xiph does with the Daala project. They're trying to implement lapped transforms for video (more or less the same principle as Opus does for audio) and since it's not based on traditional block encoding, Daala should avoid most patents. Their demos are already pretty impressive.

Comment Re:Aftermath (Score 1) 546

After Snowden, what could previously be attributed to ignorance can now be attributed to stupidity as surveillance is now confirmed real, and not just a conspiracy theory for paranoid lunatics anymore. Which could've been a stop-and-think-for-a-minute moment for humanity, but I see no riots in the street nor any change in people's "convenient" privacy-leaking ways. Maybe if something like Snowden revelations had happened ten years earlier, it would've made a bigger impact. Maybe.

Comment Decrypted? (Score 2) 546

AFAIK, the encrypted versions weren't widely distributed; chances are that the documents weren't force-decrypted by RU/CN. I mean, if a cracker gets access to one of the few computers who holds the encrypted documents, he for sure can wait just a bit until the encryption key is entered into a keylogger. Snowden using weak keys? seems unlikely.

Submission + - Researchers Detect Android Apps That Compromise Your Privacy (technologyreview.com) 1

An anonymous reader writes: A group of European researchers has developed software that tracks the URLs to which cellphone apps connect.After downloading 2,000+ fee apps from Google Play, they indexed all the sites those apps connected to, and compared them to a list of known advertising and user tracking sites. "In total, the apps connect to a mind-boggling 250,000 different URLs across almost 2,000 top level domains. And while most attempt to connect to just a handful of ad and tracking sites, some are much more prolific. Vigneri and co give as an example “Music Volume Eq,” an app designed to control volume, a task that does not require a connection to any external urls. And yet the app makes many connections. 'We find the app Music Volume EQ connects to almost 2,000 distinct URLs,' they say. [Another major offender] is an app called Eurosport Player which connects to 810 different user tracking sites." The researchers plan to publish their software for users to try out on Google Play soon.

Submission + - Stallman joins Internet, talks net neutrality, patents and more

alphadogg writes: According to Richard Stallman, godfather of the free software movement, Facebook is a “monstrous surveillance engine,” tech companies working for patent reform aren’t going nearly far enough, and parents must lobby their children’s schools to keep data private and provide free software alternatives. The free software guru touched on a host of topics in his keynote Saturday at the LibrePlanet conference, a Free Software Foundation gathering at the Scala Center at MIT.

Slashdot Top Deals

Can't open /usr/fortunes. Lid stuck on cookie jar.

Working...