Slashdot Mirror
Slashback: Cheats, Entries, Loki
From the email I've gotten on it, it seems like a whole passel of schools have at least a homegrown solution to CS cheats.
Perhaps the cute dog will end up changing Sony's stance? CodeMonkey555 writes "Here is a story that chronicles Sony's little foray into the DMCA with a hacker who added software for the Aibo robot."
It's nice to see that publications like SciAm are following the results and consequences of the DMCA.
Care to help edit an online software reference? SteveMallett writes "We at Open Source Directory (OSD) have opened the directory to volunteer editors now that we've given app authors and maintainer's a good chance to start and/or maintain their own listings.
Those interested may wish to visit our volunteer page which outlines what we're looking for. Don't worry. We're not that picky. The outline includes guidelines and tips for being a volunteer. Unlike dmoz, which has volunteer editors, we _will_ delete unupdated or neglected editor work in accordance to our Social Contract.
We hope that editors will help fill in the missing apps, take over those listings that they can do a better job of or have become neglected, and find those diamonds in the rough."
See our earlier post about the project if you're not sure what this is about.
Yes, someone has to read all those emails. kcurtis writes "Boston.com's tech site has this AP article about the large response to the Court's request for comment on the MS case's proposed settlement."
Now all they need is a trowel with an emblazoned smiley. enigma48 writes "Looks like the C'T article a little while ago about Smoothwall prompted some changes after all. Juergen Schmidt even gets a little credit. Shadow passwords are now in, but it looks like the ppp secrets file is still open (they describe it as being a "non-vulnerability"). A-patchin' I will go, a-patchin' I will go..."
So you don't have to stop playing your games ... Scott Draeker of Loki has some encouraging words for those who thought the announced (upcoming) closure of Loki would mean the loss of Loki's code and community. Draeker sent word of this a few days ago, but here are more details.
He writes:
"We have prepared tarballs of the public CVS, FAQs, mailing list archives, demos and Loki_Update which will be available for people to host. That's exactly what's going on with icculus.org.The official repository will be hosted by the SEUL group at MIT. Once that site is set up we'll point the loki domains that direction. They'll also be adding some Loki projects to public CVS which were never completed."
Or does the Loki email imply the release of Loki game source code? And how much of it?
This is probably wishful thinking, of course it is, but the impact it would have on the Linux gaming world would be awesome. Heh, Loki would do more for Linux gaming dead that it ever did alive...
Ohh well, it's only karma..
It is illegal to break into peoples homes, but I still lock my door...
Reverse engineering and breaking in are two VERY different things. Sure, breaking in is illegal, but there is an age-old engineering principle that states that it is acceptable to reverse-engineer something as long as it isn't patented.
I pledge allegiance to the flag...
of the Corporate States of America...
Can you hack an AIBO to make it hump people's legs, or micturate on their shoes?
It seems interesting to me that the DMCA allows no condition of fair use when it comes to breaking encryption on purchases - at least, this is how the article presents it.
Notice that Aibopet never actually uses the code within the Aibo to make a profit. Someone could argue, technically, that he uses it to make a name for himself, but he hardly even does that. I think it's interesting that Sony would choose to pursue legal action on the basis that the code was cracked, not that something illegal was done with the code.
This is something like purchasing a refrigerator, dismantling it, using the fan to cool yourself, and using the shelves inside to hold books. Sure, it wasn't the intended use of the product, but who's the seller to determine the intended use and then legally enforce that use? Encryption was brought about for a variety of reasons, but one of the reasons wasn't to make sure that a product was used in a specific way - rather, it's primary ability is to keep other people from making a profit on someone else's ideas.
As long as Aibopet isn;t doing that, I don't really understand Sony's original position on the issue.
It's as if the little "no user-servicable parts inside -- do not open" stickers that you see on some appliances were legally enforced. Remove the case from your Nintendo, go to jail.
I don't care if it's 90,000 hectares. That lake was not my doing.
I wonder if a projection exists in the corporate organs of Sony that demonstrates how much loss of revenue and market share Sony Consumer Electronics Division stands to loose in the next five years thanks to the aggressive lobbying, litigation and posturing of the Sony media and content creation divisions.
It just seems to me that the money in consumer electronics is going to go to companies like Phillips and other (smaller) manufacturers that help consumers exploit and enjoy content any damn way they want.
Sony makes some marvelous and high quality components and gadgets, but revenue will go to the companies that offer devices that accommodate the way consumers want to use them, rather then devices that will accommodate the way a company wants to use consumers.
Trying to have a market created and tamed through legislation and ill conceived laws damn well should torpedo your empire.
If I buy a padlock, it is perfectly legal for me to bring it home and pick it open with paper clip. Even though picking it is not the intended use.
The question is -- is it, or rather, should it be, legal for me to disseminate information about _how_ to pick that lock?
(The answer is _of course_. The really interesting question is _why_.)
Why does sony even care? I mean, maybe they're hoping for a long history of upgrades in the future that they can charge end users for, but in the end, if there is other software available for AIBO, people will still have to buy the product to use them. And if more poeple are buying AIBO's so they can use the hack than those who are purchasing it for the original intent, WHO CARES!
Sony still gets their money from it.
-Restil
Play with my webcams and lights here
If the illegality is in breaking the encryption, could some secure 3rd party break the encryption and send me the results. Posetion of cracked data is not an offence, is it? Maybe some Ukranian crack-boy could make a living cracking the encryption on popular items and then selling the results back into the US. What is anybody going to do if I release some code for something, based on publicly available specs. (Even if those specs are the result of some work done elsewhere that couldn't be done here.) Isn't that how PC cloning got started with Clean Room reverse engineering?
"Meanwhile, back in America, some owners delight in replacing Aibo's soothing beeps with the voice of Cartman, the potty-mouthed South Park character. "
I can see it now.
Me: Fetch fido
dog: AAaaaah my ass is on fire!!
-THIS SPACE FOR RENT!
You can reverse engineer something that's patented to discover its inner workings. Having the patent itself will help you; that's the idea behind disclosure of patents. The trick is to build something similar or interoperable without violating the patent.
N4st0r, trixx0r h0bb1tz0rz! Th3y st0l3 0ur pr3c10uzz!
Even if Loki donates all the code to the community. The community cannot port games. Since the game publisher needs a company to license the code under some contract.
..
I hope another company picks up everything from Loki. Does all the contract/licensing stuff, but unlike Loki try and make use of volunteer work from the community to save money. I am willing to provide few hours of my time, for getting games on Linux and I sure hope there will be others.
I am aware of the issues of volunteer work vs full time employees. The contarct/licensing issues of closed source games. Maybe its all just wishfull thinking. Sigh
I hope the open source directory takes off and actually takes in editors. I applied to DMOZ for a not too large category and got an instant rejection saying new editors should apply for a smaller category. Ok, I reapplied on for a much smaller category. That was about 2 months ago. (Both categories needed an editor, BADLY). Still haven't heard back. I begin to wonder if DMOZ is even using editors anymore.
I hate these stickers after a really bad experience with a case power supply.
One day, my trusty case power supply just gave up on me. "Oh well," I thought, "Must have blown a fuse." (I was pulling some serious power through the poor thing.)
So with gleeful abandon I grabbed the nearest sharp, pointy tool and began to remove screws. I carefully grounded and opened up the power supply to change the fuse- Lo And Behold, the stupid thing was soldered in place!
I hope this short, true satire shows why I distrust any company handing me the black box syndrome. If you don't want me inquiring as to how it works, don't sell/rent/loan it to me; and don't think strange headed screws are a detterent- I just love a challenge >:-). Furthermore, never scream at me (even in legalese) about how I wasn't supposed to look inside- you aren't supposed to sell me junk. (There may be no legal constraint, but doing so is a good way to get boycotted. Just ask Microsoft, Universal Music, or Intel: they top my list.)
Do you like Japanese imports?
Hi,
One of the reasons that I submitted the link to the software used at my University was to point out how routine this kind of thing has become.
The idea of automated cheat detection is fundamentally a good one, it helps to remove complete weeds from around us. However, at the same time we must remember that software is only as good as what you put in to it. False positives and other negative aspects quickly displace the usefulness of such applications in my mind - especially when you may find that the analysis of "similarity" between submissions is publically available for all to see.
The problem in my mind is when automated cheat detection develops in to other forms of automated assessment, which in my opinion are wrong. I do not believe that even the best current AI software is able to judge submissions in quite the same way as a human being, we should remember this.
In any case, I suggest that you guys take a look around at the information each organisation has on its assessment software - it's become quite an interest of mine of late.
--
Jon Masters
http://www.jonmasters.org/
http://www.jonmasters.org/
I, for one, believe that reading those comments would be a very instructive exercise.
Your local federal repository library (my local university's library is onesuch) keeps back copies of the Federal Register around. If you're in the US, you probably have one nearby, too.
I do agree, however, that online copies would be a Good Thing.
In my first year of university they had the bright idea of running some plagurism detection software against our classes submissions. I believe 127 people were accused of cheating by the CS department - including me.
... it's infeasible to hope that no two students will produce very similar results.
I was sent a letter telling me that I had been accused of conspiring wiht one other person and consequently my mark would be halved.
Naturally I was outraged and got on the phone to the head of department. He explained that my submission was unacceptably similar to one other person and either someone copied it or we had collorated - I hadn't collaborated, copied or let my work be copied.
I arranged to meet with the course organiser and they showed me both submissions. Mine had originally been given 34/35 and the other had been handed in 2 weeks late and even then given 0/35. The other submission looked virtually identical to mine but had oddities like capital I's as loop control variables (suspiciously as if it had been typed into M$ Word). My guess is that he'd picked my code up from the recycle bin in the lab and typed it in.
However faced with this, they still argued that I could have allowed this person to copy my code (even hinting that I might have accepted payment for it) and if I had any further evidence to prove my innocence then I should draw it to their attention.
My father and I responded that it wasn't right that I should have to prove my innocence since it's a basic human right to be presumed innocent until proven otherwise. We suggested we would seek legal council, and they were quick to write back reinstating my original mark.
What frustrated me further was that the other party involved (who was never identified to me) was punished equally - by having his mark of 0 halved!
Cheat detection systems are fine as a mechanism to prompt staff to possible problems but they certainly shouldn't be used as the judge and jury.
Given that CS typically has large class sizes - mine was over 300 at one point - and CS assignments are often quite short and often closely related to textbook examples
The other thing that's NEVER been made clear to me is the distinction between permitted collaboration and plagurism. Every university document is fairly vague about what's acceptable and what's not. And as one of my other professors put it - "In the real world before you embark on any assignment it's worth asking, searching, begging and borrowing as much of it as possible"
Without such a changelog, honest students are vulnerable to a situation where someone else gets their code by dumpster-diving for printouts -- then it's one person's word against the other as far as establishing who really wrote it.
This solution also has the benefit of showing that the issue is plagiarism (not giving credit where credit is due), not code sharing. Code sharing is ok -- it's the programming equivalent of using a properly attributed quote in an English paper. After all, nobody expects students to rewrite glibc from scratch for use with their class project!
Find free books.
MIT holds an important part in the history of the Free Software Foundation, GNU/Linux distributions and the General Public License and Lessor General Public License. Despite this, Loki games intends to pass redistribution of binaries which violate the LGPL on the MIT and as such get MIT to violate it's own policies.
The Loki demos and updates contain executiables which are statcially linked to glibc, libSDL and OpenAL. Each of these libraries are covered by the LGPL. Unlike the GPL, this license does allow for both dynamic and static linking with close-source binaries. But unlike a BSD or X style license, there are still other requirements which must be followed. For example, a statically linked work which displays copyright banners must also display the copyright information for the statically linked libraries. Each update contains a statically linked executiable which displays either an about or title screen with copyright information. But for whatever reason Loki has decided to exempt itself from the reasonable request of displaying copyright notice. None of the statically link binaries will ever display the copyright notices for glibc, libSDL or OpenAL.
Then there is the primary reason for the LGPL, to ensure modification of the library is possible by allowing the modified library to be relinked with the programs that use it. Loki has choosen to only partically follow this. They do provide an execitable which is dynamically linked to glibc. But honoring this part of the LGPL for libSDL and OpenAL is something Loki again choose not to follow. There is no way to relink modifications to libSDL to HereticII including the updated one from the Loki ftp site. There is also no way to relink modification to OpenAL including the latest update.
So is all of this theoretical problems? Not really. Violating the LGPL has practical problems. For example, all joystick handling in HereticII is passed through libSDL. The Logictech WingMan Extreme Digital 3D has five axises of which HereticII only recognizes two (X and Y-axis). It would be desirable to be able to use the other axises such as the third axis which registers twisting the joystick clockwise or counter-clockwise to control strafe left and strafe right. The HereticII layer which uses the libSDL layer will support 15 joystick buttons where the Wingman Extreme normally has 7 and the libSDL layer is capable of recognizing all the joystick axises. So, if the additional axises are each translated as two additional buttons (one button which is on when the axis is negative and another button which is on when the axis is postive) then strafing using the twist axis would be possible.
As a proof of concept, I have written kernel code to present the axises as additional buttons and HereticII does then allow strafing left and right using the WingMan twist. But this code will never be released and will never be accepted into the kernel. It suffers from too many probelms. Such as it only effects USB joysticks, to generically support these "virtual" joystick buttons would also require changing the serial and game port joystick code to also "create" them. And in addition to having to modify three different locations in the kernel, the creations of virtual joystick buttons in kernel space ends up being messy. Finally, this type of modification bloats the kernel with code that really should be handled in user-space.
According the LGPL, Loki must allow that this type of modification be permitted in user-space by allowing a "virtual joystick button" version of libSDL to be relinked. I even have such a version of libSDL. But Loki has decided to lock the user into one specific implimentation of the libSDL thus locking the user from making joystick code modifications in user-space code. A modification lock-out that the LGPL says can't legally be redistributed but Loki and MIT appear to be willing to do so anyways.
Maybe it is Scott Draeker/Loki's inablity to read/follow licenses and contracts that contributed to them going out of business?
I think you've misunderstood what "fair use" is, it is meant for the owner of the media to be able to copy the original data incase of damage. Nowhere is disseminating the procedures on how to copy the data is part of fair use. It *only* means that if you make copies, never share them with anyone else, you can't be busted if you are caught with them (also have some library exclusions, etc.). It never says anywhere under fair use that the maker ever has to make it easy or even feasibly possible to make a copy, just that you can't be prosecuted for having a personal copy of the data.
So in fact the DMCA does NOT trample on fair use, the guy could muck with Aibo as much as he wanted, and if you figured out how to make copies of DVD's for yourself you could copy to your hearts content. What the DMCA prevents is the ability to share the knowledge of *how* to do things, which is completely different than fair use.
Don't get me wrong, I don't agree with the DMCA, it paints with too wide of a brush; but it pains me greatly when people don't understand the items that they are arguing for/against.
You might want to checkout http://fairuse.stanford.edu/ it is an excellent site
IMO, the real reason for cheat detection is not because of some moral reason to stop cheaters, but because of laziness.
What I'm getting at is really, how many professors actually look at the code to a program and not just run it to make sure it does what it's supposed to do? I had a CS teacher once tell everyone to make sure we output to a file so he could run the programs in batches and compare the outputs to what should be the output easily. Then he would run the source through a cheat detector and viola, he's done for the night.
I'm not saying professors are lazy, but programming is a rare example where this kind of detection could proove useful because often times it doesn't matter what the source of a program is, how poor or good it is, just that it does what you want it to do. This may seem like bad engineering, but its a real life fact in CS. English teachers are required to read the papers of their students -- thus they'll know a cheater off bat. But CS professors are not held to the same requirements, or let alone standards.
The problem with computer cheat detection is that there is, currently, no match for human cheat detection. You don't hear of a cheat detection system for English papers, why for CS?
The solution I think will be to have professors that actually go through the source code of each student. A particular case that I know of is a professor that would go through a project and comment on the source line by line, right along with your comments with things like "Good idea, great OOP use." or something like "You might try a linked list like this...". Not only was this invaluable assistance leading to better programmers, it was VERY easy to spot cheaters, because...he actually checked the source.
Why am I saying cheat detection is bad? Well, I'm certainly not a cheater. I know of several people who love CS -- not for actually liking programming, but for rushing through with assignments and turning them over to those who are helplessly lost for a quick profit. I don't like cheat detection because it not only can implicate those who don't cheat, but it allows professors to be lazy. If I was a suit at a university, I would bet on the professor I mentioned earlier who goes through source commenting than one who analyzes outputs and then runs the source through the latest cheatdetect.pl script.
"I'll just chip in a bit for RedHat: I actually have that installed on my university machine." - Linus, '95
For the exact purpose you mention (compliance with the terms of the LGPL license), Loki started to release both static patches (on which technical support was available), and dynamic patches - dynamically linked binaries against all the LGPL libraries like SDL, OpenAL, glibc, etc...
Of course those were unsupported because it's just goddamn impossible to try to support the zillions of possible combinations.
Call it a trade-off if you wish, but Loki was doing their best to comply with the GNU licenses, while still trying to make everybody's life easier on the support side of things...
Stéphane Peter
Codehost, Inc.