Dean Landolt 's Techdirt Comments

Latest Comments (59) comment rss

  • On the post: Football Player Sues Hanes; Says It Can't Fire Him Over Controversial Things He Said On Twitter

    Dean Landolt ( profile ), 27 Jul, 2011 @ 07:42pm

    there's more to it, right?

    What did he say that was that controversial? I hope there's more to it than what's published in the article, otherwise I can't see how that clause possibly could be enforceable.

  • On the post: Not Securing Your Internet Access To Block Infringement Is 'Negligence'?

    Dean Landolt ( profile ), 31 Mar, 2011 @ 01:48pm

    Re: Isn't it, technically?

    Not unless you think BitTorrent is incapable of "substantial non-infringing use" -- that'd be a tough case to make these days.

  • On the post: Defending The Indefensible: Lawyers Who Love Loopholes Ignoring Serious Constitutional Issues In Domain Seizures

    Dean Landolt ( profile ), 26 Mar, 2011 @ 02:25pm

    Re: Re: Re: Re: Re: Re: Re: Re:

    I'll grant you that the AC you're responding is so very wrong. Still, there are so many inaccuracies in your short explanation here that I don't even know where to start. When you're trying to argue from authority ("because I have a computer science degree") you should probably be sure you're right.

    I'm not trying to be a pedant but almost everything you said here is technically inaccurate. I can believe this comment was moderated insightful -- that's a major hivemind fail.

  • On the post: Texas Law Bars Workers Comp Lawyers From Saying They're From Texas

    Dean Landolt ( profile ), 11 Mar, 2011 @ 12:09pm

    @Marcus: Heh, but I doubt the patent lawyers in Marshall need to advertise at all!

    Which brings up an important point about free speech: IIRC the bar for protection is substantially lower for commercial speech. You'd think this lawyer would know that and not specifically pigeon-hole his complaint by referring to "unnecessary restrictions on advertisement". This is of course more than just a restriction on commercial speech so this seems like a pretty bad move.

  • On the post: Senator Schumer Fails To Properly Use HTTPS On His Own Site, After Pushing Other Sites To Use It [Updated]

    Dean Landolt ( profile ), 03 Mar, 2011 @ 01:45pm

    Mike

    I'm glad to see you updated the article -- but the update is *still* inaccurate. I probably should have been more clear about this in my first comment -- the problem isn't whether sites use SSL during the login or payment phases (this is been considered a best practice for years now). You've got to use SSL for the lifetime of the session, at the _very_ least for users on unencrypted wifi where MITM attacks have been made so very easy by tools like firesheep.

    Since there's no way to know which users are on coffee shop wifi it is now considered a best practice to push everyone to SSL. If you don't believe me download firesheep and see what you can get away with on another user's amazon account. You may not be able to buy anything but you'll be able to do quite a bit of damage.

  • On the post: Senator Schumer Fails To Properly Use HTTPS On His Own Site, After Pushing Other Sites To Use It [Updated]

    Dean Landolt ( profile ), 01 Mar, 2011 @ 02:22pm

    Mike, I love you man, but you're really out of your element here. It's already been pointed out how Schumer's staff wouldn't control the cert, and that it's a dead endpoint anyway, and that (surprisingly!) the senator is actually *correct*...

    But more importantly: if you understood the attack vector in question you'd understand that it is only really relevant for hijacking user sessions in progress. If you'd looked at the port 80 version of the site you may notice the lack of a login feature anywhere, thus your complaint is completely baseless. In this case you're the one doing the grandstanding.

  • On the post: Senator Schumer Says Websites Should Default To HTTPS

    Dean Landolt ( profile ), 01 Mar, 2011 @ 06:43am

    @Mike

    While you're right that encryption was left out of HTTP by design (for the caching benefits) it was relatively recently (even later than 2007) that it become obvious that HTTPS was more than just a best practice for any web application where users log in.

    Before tools like firesheep [1] came on the scene it was generally assumed that simply encrypting the login exchange was sufficient. I'm pretty sure I remember you mentioning firesheep in a story so you ought to be aware of this but it sounds like you may have missed the wider implications.

    RE: vpn, as pointed out by the first Coward, your statement is not quite true. It _will_ however help you in a proximity-based attack (e.g. coffee shop wifi + firesheep).

    [1] http://codebutler.com/firesheep

  • On the post: Dead Baltimore Cop Signed and 'Certified' Red Light Camera Tickets

    Dean Landolt ( profile ), 18 Feb, 2011 @ 09:19am

    I would imagine that anyone who got one of these tickets is likely to be able to get out of it in court by pointing to the deceased officer's "certification."


    How? That's the grand scam. These people already paid up. It's not like they can escalate this to a higher court. It seems to me these tickets are being treated as tolls -- very expensive tolls. And sadly, people seem fine with it.

  • On the post: Online Appliance Shop Makes Customers Sign Agreement Threatening Criminal Libel Suits For Negative Reviews

    Dean Landolt ( profile ), 15 Feb, 2011 @ 12:25pm

    "Of course, I'm also wondering if he's violating the law himself in threatening people with criminal charges based on absolutely nothing..."

    If he's not, he ought to be. I don't say this often, but there ought to be a law...

  • On the post: Once Again, If You Don't Offer Authorized Versions Of Released Content, Don't Be Surprised If People Get Unauthorized Copies

    Dean Landolt ( profile ), 10 Feb, 2011 @ 12:03pm

    Re:

    Not available in digital form does *means* not available! Shipping a cd takes substantially longer than shipping a few megabytes. He'd already invested too much of his precious time trying to find this thing legitimately, now you want him to *wait* a week and then spend another 20 minutes ripping it? Screw that.

  • On the post: Building A Censor-Resistant Web?

    Dean Landolt ( profile ), 27 Dec, 2010 @ 04:40pm

    Re:

    "The internet is mostly a free, open place. Push too hard, and the most restrictive countries will step in and put their foot down. If you really want freedom, then you need to back off a bit and keep it that way."

    This is absurd. And your otherwise thoughtful (if ill-informed) comment suggests you know this as well. For starters, you cannot say "mostly free" and "push too hard" in the same breath -- is it free or not? If it were, you couldn't "push too hard". You can't say "the most restrictive countries will step in and put their foot down" -- they already have. Are you saying they'll put their foot down harder? Sure, but they're far from "mostly free" (such a silly phrase anyway). You *certainly* can't say "imagine the US having only two peering points to the outside world" without providing some roadmap where this were feasible. You just say "It is possible" -- sure, but *wildly* improbably.

    But your points about DNS are spot on -- it's not *fixable* but it's definitely feasible to route around it. It may be inextricably linked to the internet but it's by no means required.

  • On the post: How Wikileaks & Operation Payback Have Exposed Infrastructure That Should Be Decentralized, But Isn't

    Dean Landolt ( profile ), 16 Dec, 2010 @ 03:11pm

    not a shame at all

    > The real shame, of course, is that the US government, who has been speaking so forcefully about being against online censorship over the last year or so, may ultimately be the leading cause for these new infrastructure tools to be built...

    It's an embarrassment, yes. But not a shame. It's a gift, plain and simple. Intent is irrelevant -- as you've noted DNS is especially in need of a swift kick in the ass. It's about time.

  • On the post: Did Library Of Congress Lie? White House Says No Requirement To Block Wikileaks

    Dean Landolt ( profile ), 06 Dec, 2010 @ 12:39pm

    off base

    While I agree with your sentiment, you're a little off base in your analysis. The LoC is not part of the executive branch like most gov't agencies: it's quite literally "of Congress", and as such is beholden to the wimbs of congress, for better or worse.

  • On the post: DailyDirt: Somewhat Alien Life And Outer Space

    Dean Landolt ( profile ), 03 Dec, 2010 @ 09:41am

    Michael

    You linked to the times paywall -- please don't do that!

  • On the post: FTC Wants Do-Not-Track Browser System… But Does The Government Need To Be Involved?

    Dean Landolt ( profile ), 01 Dec, 2010 @ 03:09pm

    Disabling cookies gets you nowhere. There are many other systems you'd have to disable -- including a variation on the css history hack you referenced earlier that can actually persist arbitrary data) you'd have to disable. And that leak has only been plugged in FF4 -- every other browser is susceptible. But that's just scratching the surface...

    If you're privacy-sensitive, try not to shit your pants: http://samy.pl/evercookie/

    There are some interesting possible technical solutions to these problems -- but a policy solution is just absolutely impossible. The browser is just too insecure -- we can't reasonably expect every company to vet every bit of ad code that goes on their servers. Censorship through third party liability indeed.

  • On the post: How YouPorn Tries To Hide That It's Spying On Your Browsing History

    Dean Landolt ( profile ), 01 Dec, 2010 @ 01:00pm

    rot-13? that's not nearly nefarious enough!

    they should have used Billy Hoffman's javascript dehydration technique (http://blip.tv/file/3684946 ~ 50 min mark) -- it hides your javascript in whitespace (tabs and spaces being 1s and 0s) -- brilliant and pure evil

  • On the post: Turns Out TV Cord Cutters Are, In Fact, Young, Educated And Employed

    Dean Landolt ( profile ), 02 Nov, 2010 @ 04:41am

    "living on dog food"?

    Come on Mike, you're better than that. You're clearly taking the "dog's breakfast" quote completely out of context...

    "The reality is it's someone who's 40 years old and poor and settling for a dog's breakfast of Netflix and short-form video."

    I don't know where the "40 years old and poor" comes from (sounds like the typical shill bs) but be fair -- even if you don't completely buy the "dog's breakfast" part you could at least represent it fairly.

    And as someone's who's cut the cord more than once (and yes, I'm young, educated and employed) I have to admit that while I'm plenty happy with my entertainment options online my girlfriend would probably agree with the dog's breakfast characterization. Needless to say we have cable again, at least for now.

  • On the post: We've Already Surpassed Last Year's Patent Totals

    Dean Landolt ( profile ), 07 Oct, 2010 @ 07:20pm

    the 500 million dollar problem

    Back when I with the USPTO (when it was the Dudas regime, not long ago) they'd already decided the number one problem was the time it takes to get a patent. In fact they often referred to it as the "$500 million problem", though I still don't *quite* understand why. Same as it ever was...

  • On the post: Ex-CIA Chief Says US Gov't Should Be Able To Shut Down The Internet

    Dean Landolt ( profile ), 29 Sep, 2010 @ 01:37pm

    NSA

    Just to small correction: the source article at fair.org actually says he was the NSA chief. Too late to change a headline?

  • On the post: Little Ceasar's Says Pizza Pizza Pizza Menu Offering Infringes On Its Pizza Pizza Slogan

    Dean Landolt ( profile ), 19 Aug, 2010 @ 08:08am

    used in commerce?

    Heh. I didn't know that mark was still "used in commerce" -- I thought Little Caesars died off years ago (it certainly did in the DC area).

Next >>