Search
Search the archive with full-text matching across story titles, bodies,
and comments. Phrases are quoted; or, -word,
and parentheses behave as in a web search. Queries must be at least
3 characters.
Stories · 3,636
-
Microsoft Says It Never Meant To Knock Cryptome Offline
CWmike writes "Microsoft withdrew on Thursday its demand that Cryptome.org yank the 'Microsoft Global Criminal Spy Guide' document from the site, and said it had never intended for the whistleblower's domain to be knocked off the Web. 'In this case, we did not ask that this site be taken down, only that Microsoft copyrighted content be removed,' said a Microsoft spokeswoman. 'We are requesting to have the site restored and are no longer seeking the document's removal.' The document, a 17-page guide to law enforcement on how to obtain information about users of Microsoft's online services, including its Windows Live Hotmail, the Xbox Live gaming network and its Windows Live SkyDrive storage service, was published by John Young, who runs Cryptome.org, on Feb. 20. Earlier this week, Microsoft demanded that Young remove the document from his site, citing the Digital Millennium Copyright Act. When Young refused, his Internet provider shut down the site, and Network Solutions, the registrar of Young's domain, put a 'legal lock' on the domain name. The last prevented him from transferring the URL to another ISP. Computerworld blogger Preston Gralla dug into the document today in his 'Leaked Microsoft intelligence document: Here's what Microsoft will reveal to police about you' post."
-
GoDaddy Wants Your Root Password
Johnny Fusion writes "The writer of the Securi Security Blog had an alarming awakening when a honeypot on port 22 on a GoDaddy-hosted VPS recorded login attempts using his GoDaddy username and password and even an attempt to login as root. It turns out the attempt was actually from within GoDaddy's network. Before he could 'alert' GoDaddy about the security breach, he got an email from GoDaddy Demanding his root login credentials. There is an update where GoDaddy explains itself and says they will change policy."
-
Cryptome in Hot Water Again
garg0yle writes to tell us that Cryptome appears to have stepped in it again with a recent leaked document concerning Microsoft's "Global Criminal Compliance Handbook." "Microsoft has demanded that Cryptome take down the guide — on the grounds that it constitutes a 'copyrighted [work] published by Microsoft.' Yesterday, at 5pm, Cryptome editor John Young received a notice from his site’s host, Network Solutions, bearing a stiff ultimatum: citing the Digital Millennium Copyright Act (DMCA), Network Solutions told him that unless he takes the 'copyrighted material' down, they will 'disable [his] website' on Thursday, February 25, 2010. So far, Young refuses to budge." In a gesture of goodwill, Wikileaks has offered to host Cryptome via their twitter feed.
-
Utah Considers Warrantless Internet Subpoenas
seneces writes "The Utah State Legislature is considering a bill granting the Attorney General's Office the ability to demand customer information from Internet or cell phone companies via an administrative subpoena, with no judicial review (text of the HB150). This represents an expansion of a law passed last year, which granted that ability when 'it is suspected that a child-sex crime has been committed.' Since becoming law, last year's bill has led to more than one non-judicial request per day for subscriber information. Pete Ashdown, owner of a local ISP and 2006 candidate for the US Senate, has discussed his position and the effects of this bill."
-
Ars Analysis Calls Windows 7 Memory Usage Claims "Scaremongering"
Via newsycombinator comes a reaction at Ars Technica to the recently reported claims of excessive memory use on machines running Windows 7. From the article: "I installed the XPnet performance monitoring tool and waited for it to upload my data to see what it might be complaining about. The cause of the problem was immediately apparent. It's no secret that Windows 7, just like Windows Vista before it, includes aggressive disk caching. The SuperFetch technology causes Windows to preload certain data if the OS detects that it is used regularly, even if there is no specific need for it at any given moment. Though SuperFetch is a little less aggressive in Windows 7, it will still use a substantial amount of memory—but with an important proviso. The OS will only use memory for cache when there is no other demand for that memory."
-
The 25 Most Dangerous Programming Errors
Hugh Pickens writes "The Register reports that experts from some 30 organizations worldwide have compiled 2010's list of the 25 most dangerous programming errors along with a novel way to prevent them: by drafting contracts that hold developers responsible when bugs creep into applications. The 25 flaws are the cause of almost every major cyber attack in recent history, including the ones that recently struck Google and 33 other large companies, as well as breaches suffered by military systems and millions of small business and home users. The top 25 entries are prioritized using inputs from over 20 different organizations, who evaluated each weakness based on prevalence and importance. Interestingly enough the classic buffer overflow ranked 3rd in the list while Cross-site Scripting and SQL Injection are considered the 1-2 punch of security weaknesses in 2010. Security experts say business customers have the means to foster safer products by demanding that vendors follow common-sense safety measures such as verifying that all team members successfully clear a background investigation and be trained in secure programming techniques. 'As a customer, you have the power to influence vendors to provide more secure products by letting them know that security is important to you,' the introduction to the list states and includes a draft contract with the terms customers should request to enable buyers of custom software to make code writers responsible for checking the code and for fixing security flaws before software is delivered."
-
Quality Concerns For Kingston microSD Cards
Andrew "bunnie" Huang, whom we've discussed before for his book on Xbox hacking and development of the Chumby, has made an interesting blog post about problems he's found with Kingston microSD cards. He first encountered a batch of bad cards during production of the ChumbyOne, and found Kingston initially unhelpful when trying to get them replaced. After noticing some unusual markings on the chips, he decided to investigate for himself, comparing the ID data and dissolving the cards' casings with nitric acid to take a look inside. He found that each of his Kingston-branded samples actually had a Toshiba/SanDisk memory chip inside, and that the batch of low-quality cards he received may not be as uncommon as he thought. "Significantly, Kingston is revealed as simply a vendor that re-marks other people's chips in its own packaging. Every Kingston card surprisingly had a SanDisk/Toshiba memory chip inside, and the only variance or 'value add' that could be found is in the selection of the controller chip. ... This tells me that Kingston must be crushed when it comes to margin, which may explain why irregular cards are finding their way into their supply chain. Kingston is also probably more willing to talk to smaller accounts like me because as a channel brand they can't compete against OEMs like Sandisk or Samsung for the biggest contracts from the likes of Nokia or RIMM. Effectively, Kingston is just a channel trader and is probably seen by SanDisk/Toshiba as a demand buffer for their production output. I also wouldn't be surprised if SanDisk/Toshiba was selling Kingston 'A-' grade parts, i.e., parts with slightly more defective sectors, but otherwise perfectly serviceable. As a result, Kingston plays a significant and important role in stabilizing microSD card prices and improving fab margins, but at some risk to their own brand image."
-
Re-Engineering the Immune System
destinyland notes a microbiology professor describing "Immunity on Demand" (or "Immunity 2.0") and wonders whether we could genetically engineer all the antibodies we need. "...there's a good chance this system, or something like it, will actually be in place within decades. Caltech scientists have already engineered stem cells into B cells that produce HIV-fighting antibodies — and an NIH researcher engineered T cells that recognize tumors which has already had promising clinical trials again skin cancer. Our best hope may be to cut out the middleman. Rather than merely hoping that the vaccine will indirectly lead to the antibody an individual needs, imagine if we could genetically engineer these antibodies and make them available as needed?"
-
Game Difficulty As a Virtue
The Wii and various mobile gaming platforms have done wonders for the trend toward casual or "easy" games. But the success of a few recent titles, despite their difficulty, has caused some to wonder whether the pendulum has swung too far; whether a little frustration can be seen as a good thing. Quoting: "The evidence is subtle but compelling. For one example, look to major consumer website GameSpot's Game of the Year for 2009: Atlus' PS3 RPG Demon's Souls, which received widespread critical acclaim – none of which failed to include a mention of the game's steep challenge. GameSpot called it 'ruthlessly, unforgivingly difficult.' Demon's Souls was a sleeper hit, an anomaly in the era of accessibility. One would think the deck was stacked against a game that demanded such vicious persistence, such precise attention – and yet a surge of praise from critics and developers alike praised the game for reintroducing the experience of meaningful challenge, of a game that demanded something from its players rather than looked for ways to hand them things. It wasn't just Demon's Souls that recently flipped the proverbial bird to the 'gaming for everyone' trend. In many ways, the independent development scene can be viewed on the macro level as a harbinger of trends to come, and over the past year and into 2010, many indies have decided to be brutal to their players."
-
Landmark Ruling Gives Australian ISPs Safe Harbor
omnibit writes "Today, the Federal Court of Australia handed down its ruling in favor of the country's third largest ISP, iiNet. The case was backed by some of the largest media companies, including 20th Century Fox and Warner Bros. They accused iiNet of approving piracy by ignoring thousands of infringement notices. Justice Cowdroy said that the 'mere provision of access to internet is not the means to infringement' and 'copyright infringement occurred as result of use of BitTorrent, not the Internet... iiNet has no control over BitTorrent system and [is] not responsible for BitTorrent system.' Many Internet providers had been concerned that an adverse ruling would have forced themselves to police Internet traffic and comply with the demands of copyright owners without any legislative or judicial oversight."
-
Univ. Help Desk Staffer Extorts Over Copyright Violations
McGruber writes "The Atlanta fishwrap is reporting that an University of Georgia 'IT security support' employee was accusing students of copyright violations, then demanding money to clear their names. Sounds like he's been caught stealing the RIAA business model."
-
And Now, the Animated News
theodp writes "'You have a lot of missing images, in the TV, in the news reporting,' explains billionaire Jimmy Lai. It's a gap that Lai's Next Media intends to fill with its animated news service. Artists lift details from news photos while actors in motion sensor suits re-create action sequences of stories making headlines. Animators graft cartoon avatars to the live-motion action, and the stories hit the Web. When news agencies didn't have footage of scenes from the Tiger Woods car crash, Lai's team raced to put together animation dramatizing the incident that became a YouTube sensation. Thus far, Lai has been denied a television license, but with or without his own station, he thinks his animations are headed for televisions worldwide. His company is currently in talks with media organizations to churn out news animations on demand using Next Media's graphic artists and software tools."
-
Making Sense of ACTA
Hodejo1 writes "This past week Guadalajara, Mexico hosted the 7th secret meeting of ACTA proponents who continue to ignore demands worldwide to open the debate to the public. Piecing together official and leaked documents from various global sources, Michael Geist has coalesced it all into a five part ACTA Guide that offers structured insight into what these talks might foist upon the populace at large. 'Questions about ACTA typically follow a familiar pattern — what is it (Part One of the ACTA Guide listing the timeline of talks), do you have evidence (Part Two), why is this secret (Part Three), followed by what would ACTA do to my country's laws (Part Four)? Countering the momentum behind ACTA will require many to speak out" (Part Five).'"
-
Universal, Pay Those EFFing Lawyers
Slashdot frequent contributor Bennett Haselton writes "The EFF is seeking over $400,000 in attorney's fees from Universal Music Group after Universal sent a DMCA takedown notice to YouTube, demanding the removal of a video posted by user Stephanie Lenz. Lenz had posted a video of her toddler dancing to a 30-second clip of the Prince song "Let's Go Crazy"; after Universal sent the takedown notice, the EFF sent YouTube a counter-notice on behalf of Lenz arguing that the video was fair use, and YouTube restored it. Now the EFF is asking the judge to award them attorney's fees for their work." Use your magical clicking device below to read many more words.
Section 512(f) of the DMCA says pretty clearly that anyone who "knowingly materially misrepresents under this section... that material or activity is infringing... shall be liable for any damages, including costs and attorneys' fees", which would seem to apply here; the EFF argues that Universal should have reasonably known that the video obviously constituted fair use. In a Law.com article about the case, attorney Kelly Klaus, representing Universal, countered that "Congress also said that there was another remedy, which is the counter-notice procedure, which is what happened here." But this seems to miss the point -- the DMCA says that the remedies are the counter-notice procedure and an award for attorney's fees. (Klaus's firm did not respond to requests for comment for this article.) Anyway, as EFF staff attorney Corynne McSherry points out, if there were no possible award for attorney's fees against copyright holders who make false accusations, then there would be no disincentive for copyright holders not to file frivolous accusations in the first place.
I'm an EFF member and support their request for attorney's fees, but let's play devil's advocate. Suppose you were an indie musician who sold your songs online, and you found a number of YouTube videos that used your song without permission, so you sent a long list of DMCA takedown notices to YouTube. Included in that list was one video that used only a brief portion of your song, short enough to count as fair use. Is $400,000 a fair punishment for accidentally including one video in your list that wasn't a bona fide copyright infringement?
On the other hand, if the EFF doesn't get their attorneys fees, then they have to eat the cost of the work they did, and that doesn't seem fair either.
The problem is that once you have a $400,000 bill on the table, someone has to pay it, which punishes one or both parties usually vastly out of proportion to any wrongdoing. ($400,000 is almost half of what Reebok had to pay when one of their lead-tainted bracelets killed a child.) Huge attorney's fees awards also limit access to the court system for plaintiffs who might have a reasonable case, but can't afford the risk of having to pay attorney's fees if they lose, and for defendants who might also have a reasonable case, but are under pressure to settle quickly to avoid the risk of a huge attorney's fees award against them.
This suggests an economics / game theory problem: Could you come up with a system that takes into account the incentives of parties on both sides, and that prevents huge legal bills from being generated?
Now, any argument about the legal system usually raises two kinds of objections. The first is that the existing system "works". Well, in many ways it does, but everybody also knows that wealthy corporations and individuals enjoy a huge advantage in the court system, even though courts are supposed to treat all parties equally. So at least in that respect it doesn't "work" the way it's supposed to. The second objection is that it's too hard to change the rules and traditions that are built into legal proceedings, so it's better just to work within the system. True, but that's not the question I'm asking. I'm posing it as a logical brainteaser: If you had carte blance to modify the way that legal disputes were held, could you do it in a way that respects the rights and interests of all parties and still minimizes the legal fees incurred? (Whether I'm right or wrong, my goal is to make this argument more interesting to mathematicians and game theorists, than to lawyers; otherwise, I've failed.)
From a game-theoretic point of view, you might argue that large attorney's fees serve a useful purpose by discouraging frivolous lawsuits. The problem is that the fees don't just discourage frivolous lawsuits but also non-frivolous lawsuits where there's a reasonable chance of losing. On the other hand, a person who is already broke would have little disincentive to file a frivolous lawsuit, since the worst that can happen is that they'd get hit with a huge award for attorney's fees and have to declare bankruptcy, which they might consider worth the risk for a small shot at a million-dollar payout. So assume that attorney's fees are not themselves the best way to deter frivolous lawsuits, and that avoiding large fees in general is still a desirable thing. How do you design rules to achieve that?
I think you could save a lot of money by enforcing a rule that a lawyer is not allowed to seek attorney's fees from the other side for arguing any points that the other side offered to concede anyway. So the incentive would be that if party A's lawyer concedes some point of fact or point of law, and party B ultimately wins the case and an award for attorney's fees, then party B is not allowed to seek attorney's fees for arguing the point conceded by party A's lawyer.
In all of my legal cases where the other side was represented by a lawyer who was getting paid by their client up front, it was clear from reading the other side's briefs (and my own lawyers agreed with me) that opposing counsel had spent a lot of time spinning their wheels and arguing obvious or irrelevant points before getting to the crux of the dispute. If their client wants to pay them for that busy-work, that's between them and their client, but if they had won the case and an award for attorney's fees, I would have objected that they shouldn't be allowed to charge us for time they spent arguing points that we would have given to them anyway. The hypothetical savings from implementing and enforcing this rule, are not trivial.
So how does game theory predict that the two sides would behave under this rule? Suppose MegaCorp is suing or being sued by IndieActivist. MegaCorp's first priority is to win, and if possible to hit IndieActivist with a huge award for attorney's fees to discourage other would-be IndieActivists. MegaCorp doesn't want to lose, but if they do lose, they don't much care about the attorney's fees award they would have to pay to IndieActivist's lawyers. In this scenario, they would be expected to concede very little, disputing trivial points in order to drag out the case as long as possible, hoping that IndieActivist's lawyers would run out of time or money and pressure their client to settle. In other words, MegaCorp would behave about the same as they would under the existing rules.
For IndieActivist, on the other hand, their first priority is to win, but they also care very much about not having to pay a staggering award for attorney's fees if they lose. So they would be expected to concede any points of fact or law, even if favorable to MegaCorp, if those points are so obvious that they don't think the judge would be likely to rule in their favor on those questions anyway. This way, even if IndieActivist loses and has to pay attorney's fees to MegaCorp, those fees would be limited to the time spent arguing the actual point of disagreement that formed the crux of the lawsuit.
Suppose, for example, that Universal had actually sued Lenz for violating Prince's copyright by using a 30-second excerpt of his song in her video. Lenz or her lawyers could have filed a brief conceding all the obvious points that they would expect Universal's lawyers to make: Prince was the holder of the copyright, the copyright had been filed with the Copyright Office, Lenz never sought permission for using the recording, etc. Very quickly, the whole case could be distilled down to: "Show this video to the judge and let them decide if it qualifies as 'fair use'." Any effort spent arguing any points beside that, is wasteful. And if the legal system encourages lawyers to rack up billable hours arguing other points, then the system is wasteful. Concede the obvious, and everybody's costs are kept under control.
This only partially addresses the problem of large attorney's fees, because it still leaves the fees that are generated in the process of arguing points that the other side wouldn't concede. Solving this problem is much harder, because while you can simply eliminate the work that's spent on arguing points that the other side would give to you anyway, you can't eliminate the work spent on points that are genuinely in dispute, you can only try to make that work shorter and cheaper. I've argued for my own fairly complicated remedy in a separate article, but my main point was that legal costs aren't driven up so much by the complexity of the law as by the ambiguity in it. The Windows programming interface, after all, is also very complex, but if you can write a clear description of what you want a simple program to do, you can often get a programmer to write the program for you for dirt cheap. In arguing a legal case, on the other hand, the number of possible outcomes grows exponentially with each point of ambiguity in the law where there's no way to predict how the judge will interpret a particular rule.
But still, even if you can't reduce the ambiguity in how a legal question will be interpreted, you can avoid a lot of unnecessary attorney's fees by distilling the case just down to that particular question. Is it fair use to use a 30-second clip of Prince's song in a video of a dancing toddler? Let the judge decide. But if that's the one and only point that both sides can't agree on, then neither side should be able to bill for time spent arguing about anything else.
Perhaps someone mathematically or logically inclined can come up with a better algorithm for avoiding the billing hours generated by arguing the obvious. I'm not entirely happy with my own solution, because it still allows MegaCorp to concede absolutely nothing, and to try and bleed IndieActivist dry by forcing them to argue even the most trivial points. IndieActivist's lawyer could be reimbursed for that time if they win and get an award for attorney's fees, but they might run out of money or patience before then. To counter this tactic, you could allow either side to seek penalties for Frivolously Arguing The Super-Obvious. If IndieActivist's lawyer wants MegaCorp to concede an obvious point and MegaCorp won't do it, IndieActivist could seek a FATSO penalty, and the judge could decide whether to award them that penalty if the point is really and truly obvious, without deciding on the merits of the case as a whole. The penalty doesn't have to be large enough to hurt MegaCorp, it just has to be large enough to compensate IndieActivist's lawyer for their time, so that MegaCorp can't run them into the ground by forcing them to argue every point unnecessarily. However, economic game theorists might think of some unintended consequence of the FATSO rule. Could MegaCorp flood IndieActivist's lawyer with a gigantic list of requested concessions, so that if IndieActivist's lawyer screws up and forgets to concede one of the points that the judge turns out to consider "obvious", MegaCorp could hammer them with a FATSO award too? It's hard to anticipate all the ways that either party might abuse a new rule of the game.
Meanwhile, under the existing system, while it may be unfair to Universal in some cosmic sense that they have to pay out $400,000 for sending one mistaken DMCA takedown notice, it would be more unfair to force the EFF to eat those costs, and in any case the DMCA does clearly allow for an award of attorney's fees. But it would be better for everyone in the long run -- especially for the EFF and the kind of relatively powerless clients that they usually represent -- if there were more ways to keep legal costs from spiraling out of control in the first place.
-
Fighting With Your Fingers — A Canceled Indie Game Concept For Natal
ChiefMonkeyGrinder writes "Though Microsoft's Project Natal won't be released until later this year, indie studio Arkedo has already revealed a canceled project for the peripheral. Called 2 Finger Heroes, it was to be a beat 'em up where your fingers do the fighting. 'Characters would be controlled by moving your fingers, while special moves could be done by incorporating your whole hand. The environment could even be affected by moving your arms folded at your chest.' On why it was canceled, one of the developers said, 'One of the design flaws of this, apart from the fact that it demanded some very precise pattern recognition from the Natal system, is that it would have been HELL to localize. Yup, what can be understood as the victory sign in France could be a terrible insult in the UK, for instance. And we are not even talking about Italian. Oh, the possibilities...'"
-
USPTO Grants Google a Patent On MapReduce
theodp writes "Two years ago, David DeWitt and Michael Stonebraker deemed MapReduce a major step backwards (here are the original paper and a defense of it) that 'represents a specific implementation of well known techniques developed nearly 25 years ago.' A year later, the pair teamed up with other academics and eBay to slam MapReduce again. But the very public complaints didn't stop Google from demanding a patent for MapReduce; nor did it stop the USPTO from granting Google's request (after four rejections). On Tuesday, the USPTO issued U.S. Patent No. 7,650,331 to Google for inventing Efficient Large-Scale Data Processing."
-
What's Holding Back Encryption?
nine-times writes "After many years in IT, I've been surprised to notice how much of my traffic is still unencrypted. A lot of businesses that I interact with (both business and personal) are still using unencrypted FTP, and very few people use any kind of encryption for email. Most websites are still using unencrypted HTTP. DNSSEC seems to be picking up some steam, but still doesn't seem to be widely used. I would have thought there would be a concerted effort to move toward encryption for the sake of security, but it doesn't seem to be happening. I wanted to ask the Slashdot community, what do you think the hold up is? Are the existing protocols somehow not good enough? Are the protocols fine, but not supported well enough in software? Is it too complicated to manage the various encryption protocols and keys? Is it ignorance or apathy on the part of the IT community, and that we've failed to demand it from our vendors?"
-
Half of All Data Centers Understaffed
alphadogg writes "Fifty percent of IT executives say their data centers are understaffed, and companies are still looking for more ways to cut costs, according to Symantec's latest 'State of the Data Center' report. Sixteen percent of survey respondents said their data centers are extremely understaffed, and another 34% called their data centers somewhat understaffed. At the same time, data centers are becoming more complex and harder to manage, with more applications, data and increasingly demanding service-level agreements. 'Data center complexity has led to a lot of staffing challenges,' says Sean Derrington, director of storage management and high availability at Symantec."
-
Politicians Worldwide Asking Questions About ACTA
An anonymous reader writes "Legislators around the world are demanding more information on the secret Anti-Counterfeiting Trade Agreement. US Senator Ron Wyden demanded answers in a letter to the USTR (PDF) this week, ACTA arose in the UK House of Commons yesterday, and French Deputy Nicolas Dupont-Aignan raised ACTA questions in the National Assembly late last year. All of this comes on top of earlier efforts from Swedish Member of the European Parliament Jens Holm, as well as New Zealand MP Clare Curran, who has repeatedly raised concerns about ACTA, and NDP MP Charlie Angus, who posed questions about ACTA in the Canadian House of Commons late last year."
-
Why Everyone Has High Hopes For Apple Tablet
waderoush writes "The deafening roar of anticipation around Apple's expected 'iSlate' announcement on January 27 is strange, to say the least, given the public's utter apathy about tablet computers to date. What's going on? Xconomy's analysis makes three points. 1) Previous tablet makers have shown little imagination around UIs and how a touchscreen changes things. 2) With the iPhone, Apple has shown what's possible in this regard. 3) There's latent demand for a mobile computing device that's smaller and lighter than a laptop but has more screen real estate than a smartphone — something reminiscent of a Star Trek tricorder or PADD. Hence the hopes for the iSlate — which are so high that it may be difficult for even Apple to meet them."