Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!
A high school teacher interviewed for the article confessed to having not read ClassDojo's policies on handling student data, saying: "I'm one of those people who, when the terms of service are 18 pages, I just click agree." And, if all this doesn't make you parents just a tad nervous, check out this response to the "Has anyone ran a data analysis on their CD data?" question posed to the Class Dojo Community: "I needed to analyze data in regards to a student being placed on ADHD medicine to see whether or not he made any improvements. I have also used it to determine any behavioral changes depending on if a student was with mom/dad for a custody review. I use dojo consistently, so I LOVE getting to use the data to evaluate and share with parents, or even administrators."
By stripping out this flag, these ISPs prevent the email servers from successfully encrypting their conversation, and by default the servers will proceed to send email unencrypted. Some firewalls, including Cisco's PIX/ASA firewall do this in order to monitor for spam originating from within their network and prevent it from being sent. Unfortunately, this causes collateral damage: the sending server will proceed to transmit plaintext email over the public Internet, where it is subject to eavesdropping and interception.
We can start by stating the obvious: It is never appropriate to use slurs, metaphors, graphic negative imagery, or any other kind of language that plays on someone's gender, race/ethnicity, sexual orientation, or religion. Not only is such language inappropriate regardless of one's passion on a given subject, but any valid arguments that existed independently of such rhetoric should have been initially presented without it. Once a poster crosses this line, they should lose all credibility.
Similarly, it is never acceptable to dox, harass, post nude pictures, or in any other way violate someone's privacy due to disagreement with their opinions. While most people would probably agree with this in theory, far too many are willing to access and distribute this humiliating (and often illegal) content. Instead of simply viewing stories of doxing, slut-shaming, and other forms of online intimidation as an unfortunate by-product of the digital age, we should boycott all sites that publish these materials.
However the number of takedowns and the fact that Tor relays were seized could also mean that the Tor network was attacked to reveal the location of those hidden services. "Over the past few years, researchers have discovered various attacks on the Tor network. We've implemented some defenses against these attacks (PDF), but these defenses do not solve all known issues and there may even be attacks unknown to us." Another possible Tor attack vector could be the Guard Discovery attack. The guard node is the only node in the whole network that knows the actual IP address of the hidden service so if the attacker manages to compromise the guard node or somehow obtain access to it, she can launch a traffic confirmation attack to learn the identity of the hidden service. "We've been discussing various solutions to the guard discovery attack for the past many months but it's not an easy problem to fix properly. Help and feedback on the proposed designs is appreciated."
According to Lewman, the task of hiding the location of low-latency web services is a very hard problem and we still don't know how to do it correctly. It seems that there are various issues that none of the current anonymous publishing designs have really solved. "In a way, it's even surprising that hidden services have survived so far. The attention they have received is minimal compared to their social value and compared to the size and determination of their adversaries."