Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
Get HideMyAss! VPN, PC Mag's Top 10 VPNs of 2016 for 55% off for a Limited Time ×

Comment Re:Why do they even seek comment? (Score 4, Informative) 103

Why do they even seek comment?

The reason is "journalistic integrity",

Yes, we all know that the MS mouthpiece is going to respond with some useless boilerplate, but its Journalism 101 to seek comments and responses to all parties when writing stories about them.

It provides for fairness, letting the company have its say (even if it is boilerplat); and also supports journalism principles for verification and accuracy. For example, Microsoft could have responded ...'No, your facts are wrong. They haven't actually served us with any lawsuit yet."... or "No. They have already settled out of court; and are under a non-disclosure about the terms." or disputed/corrected any number of other facts or details about the case, that they wish.

If the journalist has all the facts 100% right, and the company really has no positive spin for it, then yeah, you'll get a boilerplate... "we beleive this case has no merit."

But its a good sign that the journal article reached out for a comment, and even better that they got one and printed it.

Comment Re:The Latest Innovations (Score 5, Interesting) 507

Microsoft continues to amaze and excel as they go to new lengths to make the Windows experience even more excruciatingly intolerable to any user that has the slightest clue what they're doing with a computer.

I have been trying to figure out what the HELL they are thinking.

99.99% of Windows 10 Pro users were NEVER going to mess with group policy editor to tweak those settings anyway. So ~why~ go to the trouble of disabling them.

And as for the one in a thousand that is going to go into group policy and change this stuff... why spend resources getting in his way... there's no money in that. And its just going to piss them off, and they WILL find another way.

So... no I don't think this really has anything to do with preventing consumers from doing what they want.

I think this has everything to with ensuring enterprises have to use the enterprise version, and pay the VLA subscription prices etc. That's where the money is, and that's where it might actually be worth it for microsoft.

i think us power users are just being caught in the cross fire.

The interesting question for me, unless I wish to abandon windows entirely* is how painful moving to the enterprise version would be. I've always paid extra for windows pro, because i wanted to run IIS, and RDP, and not be stuck with the idiot permissions model, etc. So I've long since accepted paying a bit extra to get what I want from windows.

Now, maybe instead of pro, I just want the enterprise version. So what will that cost... because it seems it does everything I want. It lets me turn off telemetry, it lets me turn off cortana, etc, etc. If I had the enterprise version, I wouldn't be stuck fighting with windows, it would just work for me.

http://www.zdnet.com/article/m...

So Microsoft... $84/user (so i can have enterprise on all my computers and laptops, and always up to date?) And I don't have to put up with any of your consumer-freemium-telemetry-cortana-shit? I'm potentially ok making that deal.

* re abandoning windows option; I work with windows so I need it. I own a macbook pro as my primary laptop; and I have linux running in my office as well... so I'm fairly well positioned to leave windows if I really wanted to. But I don't really want to... I use it for games, and I use Windows for work (visual studio and other proprietary stuff), and for accounting, etc, etc.

I like linux, and love it as a server, but find it needs too much tinkering for a gaming PC or HTPC. And OSX ... i like my laptop, but I'm not going to shoehorn myself into apple's extremely limited lineup of overpriced desktop options.

Comment Re:Expected (Score 1) 134

One generally uses a long, complex password for their password vault (which is fine, since you only have to remember the one password).

No. One does not. Because one needs to repeatedly enter that password in everytime one access anything, from as menial as slashdot to as important as one's bank.

Plus one needs to be able to enter it on a smartphone too; again... repeatedly.

Remembering a long complex password is easy. Repeatedly entering it over and over and over again is painful. So the practical length of most people's vault key is relatively short.

So while my bank password is long and complex and random, and i don't even know what it is; my vault password is shorter and easier for me to remember and use.

So my bank account and so forth is secure from bruteforce attacks directly on it, as well as immunity from password re-using since each is random.

My vault is relatively secure, you'd need to get a hold of it from me; and the vault password is relatively secure, but its not a 200 character pass phrase... simply because I'd go mental entering something like that in over and over again... or on a smartphone.

I've actually mitigated it a little bit as I use different vault files for different passwords, so I've actually got a couple vaults; and the vault the bank account is in is harder than the junk account vault, but while its better its still not ideal.

Comment Re:Nope. This involves active sharing and consent. (Score 1) 115

By comparison, I might own all the items in my safe deposit box at the bank. But clearly I don't own the bank, or even the bank lobby. And yet I cannot access my owned items except by using the bank's property.

Not a bad example. And likewise, if I wanted to send someone to the bank to retrieve or add to the contents of the safety deposit box, that would be my prerogative.

Well, OK. Then legally a legal court of law will come to a different legal conclusion than a person with no technical or legal expertise might come to.

Where the law varies significantly from people's expectations is where conflict arises, and the law is usually wrong or ultimately unenforceable, because society en masse simply ignores the law.

The law ultimately is supposed to reflect and enforce the social contract, not the other way around.

Also, civil engineer might build a bridge differently than a normal person would. News at 11!

Of course. But if the normal people couldn't cross the bridge, and kept hurting themselves on it, falling off of it, etc, etc ... because it didn't conform to their expectations of how to use a bridge, then the civil engineer failed.

The CFAA is a such a failure.

Comment Re:74 at time of crash (Score 2) 599

Oh? Please tell me how a bunch of people doing the same speed creates a dangerous situation.

For the record I agree unless you're overtaking don't be in the lane.

Oh, that's an easy one.

When people who speed can't pass they get irrationally angry and start to do dangerous things, like tailgating, swerving, and suddenly accelerating/braking.

So you see, it's really your fault for making them SO DANGED ANGRY because they can't speed and pass people at that particular instant.

:P

Comment Re:How About Some Actual Data... (Score 4, Insightful) 181

Without all of the data ("two dozen known carcinogens" in an unknown concentration), this could still be a net gain for Floridians. There are plenty of substances that the rest of the developed world believes to be inert in small doses, but that "are known to the state of California to cause cancer" at any dosage. If they are loosening the regulations on some substances using actual data to devise allowable limits, and again using actual data to further restrict those chemicals that are harmful, then perhaps this change is completely above the board, and inline with the best interest of the people. Drinkable water is a disappearing resource, so practical guidelines (do I need to mention using actual data again?), seems a prudent course of action, and this article doesn't provide enough information to determine if these changes are indeed practical or detrimental to consumers.

I came here to say the same thing. Let's see the data, not just the knee-jerk "chemicals are bad" screed. Spare us the fear-mongering.

Comment Re:74 at time of crash (Score 2) 599

No wonder autopilot is safer than human drivers per mile driven.

Humans drive everywhere in all weather in all circumstances... autopilot only drives on uninterrupted stretches of highway, in clear weather... and it still demands the human sit there with his hands on the wheel as a backup.

Comment Re:EEE (Score 1) 409

Yes, they have an App Store on MacOSX but it's totally optional

It pretty much HAS to be installed, and you pretty much have to use it for OS updates.

And with each successive release OSX tightens the screws a little more, in the name of security...

You can't run apps you didn't get from the app store on a new mac until you go into security settings and turn on the ability to use apps you didn't get from the app store.

So its totally optional, in the sense that it comes pre-installed, you can't remove it, you have to use it for some things, and out of the box it is only option you are allowed to use to get new apps.

But yes, you can tweak the security settings to allow you to get software from other sources.

So...its like secureboot...which everyone here likes and thinks is ok... right?

Comment Re:Nope. This involves active sharing and consent. (Score 1) 115

Using a public service like twitter isn't in the same ball park as having a private account at a company where you most likely did sign an agreement that said something like 'you will not share company secrets' your company password would be classified as a company secret.

You are right, but that's kind of the point here -- while you and might see them as very different thing (and indeed most people do) ... the CFAA doesn't differentiate.

Comment Re:need to open sandbox to map editing / mods (Score 1) 409

yes, but steam isn't a really good platform for general purpose apps. I mean they're trying it...and also movies too... but I don't think it has a lot of traction... i don't really see it replacing cnet/sourceforge/etc to get torrent clients, file compression utilities, etc, etc. maybe they'll make it happen.

It always seems a bit wonky to have that stuff tied to a steam account in any way. Logging into steam... etc...

Comment Re:Nope. This involves active sharing and consent. (Score 2) 115

This is not stupid at all.

Yes, yes it IS stupid.

It mirrors the obvious principle that everyone here knows, which is that authorization to use a system does not necessarily confer authorization to authorize additional users.

But does that principle automatically apply here? Does a normal person *consider* their Twitter account their own property or the property of twiiter. (Not the legalese... but in terms of how they think about and interact with it.)

Moreover, it's a principle of our daily lives that's so obvious we don't even mention it. I let my neighbor Bob use my pool whenever he wants, but I would be shocked if Jill was using it and just said "Oh yeah, Bob said I could".

Exactly right. Its clearly your property, and your delegate has clearly exceeded his authority according to all social conventions. That would be quite the faux pas, and you'd be rightfully upset.

There is no reason that the principle of non-delegation (that is to say, without explicit authority granted to delegate) shouldn't apply to the virtual world just as much as it applies everywhere else.

It doesn't automatically apply everywhere else. It applies when the property being delegated is recognized as belonging to someone else. It doesn't apply when the property being delegated is recognized as belonging to me. The legalese underneath the transaction may cement that status, but socially what matters is how we perceive the property.

Bob's using YOUR pool. That is the social convention (and the legal reality) of the situation.

If I give you social media account password. Am I giving you access to MY account? Or am I giving you access to a (for example) twitter account that twitter lets me use?

Legally its probably the latter, but that's not how ANYBODY thinks about it. They think of it as THEIR OWN twitter account.

They'll say it's 'my account'; they'll complain 'my account was hacked'... everything surrounding it is framed in that sense of ownership.

The same way they think about their TV service, their cellular phone service, their steam account... that the account "belongs" to them, and they don't give a 2nd thought to whether their friends or guests or babysitters or whatever can watch their TV, or borrow their phone to make a call, or play some video games on my account.

Or even their bank account. People think of that as their property too. It gives them access to their money. Its not the banks money!! It's mine. The password is also mine. I chose it, and the bank shouldn't even know what it is. etc etc.

Yes legally, and when you get deep into it... the money is mine, but the servers are theirs. And the account is permission from them to use their servers using my chosen credential to access the money I entrusted them to hold for me... etc etc.

But if it ever came down to it, and I wanted to give someone my bank account password for some reason, my only thought would be in terms of the risk that represents to the security of MY money. I wouldn't give a 2nd thought to whether or not I had the right to delegate access to the banks servers.

Likewise with twitter... my only consideration in giving out my password would be the risk it represented to my 'reputation', the potential for greif to me from what they might say with it... etc.

The notion that I would be delegating access to twitter's server infrastructure in a way analogous to Bob letting Jill use your pool...? That would NOT be a consideration at all. No normal person thinks of their twitter account in that sense. (even if technically and legally that's what it is.)

Comment Re:Why does this matter? (Score 1) 692

Apparently this is the 'making fun of a black woman's name' thread:

https://wikileaks.org/dnc-emai...

Doesn't really strike me as "racist".

Steven Colbert had Alexander Skarsgaard on a few weeks back and spent spent a few minutes making light of the difficulty of pronouncing his last name correctly... was that racist against Swedes? A few weeks before that they had Steve Buscemi and they talked about the difficulty with his last name too....

Comment Re:Nope. This involves active sharing and consent. (Score 5, Interesting) 115

You might even be considered an "unauthorized user" from twitter's perspective

That is precisely what triggers the fraud and abuse act.

but by giving you their password,
the end-user has made you the defacto authorized user of that account.

The end user is not authorized to do that, per the Terms of Service.

Look, the point is that its is not an open and shut case. There is a valid legal argument, bolstered by recent court rulings that the CFAA can be triggered in this way. The most recent court cases was just such an example of an authorized user sharing their password with an ex-employee. Obviously that's not exactly the same thing.

But its close enough in a lot of ways, the twitter user, like the employee doesn't really 'own the account'. It is assigned to them and they aren't allowed to share it. So if they do share it the person they share it with is NOT an authorized user, and that in theory triggers the CFAA.

Yes, its all kinds of stupid... but the CFAA is all kinds of stupid too.

Slashdot Top Deals

Congratulations! You are the one-millionth user to log into our system. If there's anything special we can do for you, anything at all, don't hesitate to ask!

Working...