Slashback: DRM, Eldred, Aridity

Slashback's updates and corrections tonight include Declan McCullagh's photos from the Eldred / Lessig Supreme Court appearance, a denial from Microsoft that the company is planning to charge customers extra for security features, a reminder about your chance (well, if you're an American) to tell your elected representatives what you think about mandated DRM technology, and more. Read on.

Looking sharp in their suits. Declan McCullagh writes: "Here are some photos from after the arguments, including activists who slept on the courthouse steps, an exhausted but optimistic Larry Lessig, and the Internet Archive bookmobile, which visited Washington DC for the event."

A new meaning for 'decimation.' Martin writes "Here is a good write-up on what happened with the whole sendmail hack a week or so back. Apparently every 10th copy of the source that was downloaded from sendmail.org received the trojan'd version. Nice to see a linux hack getting some attention for a change, instead of the usual MS bashing. Here is the write-up."

I won't be charging entrance fees to Shangri La, either. After a report posted the other day indicating that Microsoft was considering charging customers more for certain security features, Software writes "According to a little snippet from Yahoo News (look towards the bottom), Microsoft won't be charging for security updates after all. As Yahoo puts it, 'Microsoft, however, said Mundie was referring to an internal proposal to begin offering stand-alone security software in the future.' No confirmation of this on Microsoft's site for the press"

As denials go, that seems like a weak one.

Where is Deep Fritz's deep game? screenbert writes "In an exciting best-of-eight chess match-up, the human is leading the computer 2 1/2 to 1/2. I find the fractions of winning amusing, almost as amusing as seeing that the best-of-eight series will take at least nine games since one of those games was a draw. For a general overview there is a good review here(1) or here(2) or here(3). And to save the 38 mandatory karma whoring comments I'll say it: Imagine if Deep Fritz ran on a beowolf cluster."

So it's back to BYOB. gnarly writes "An earlier report of detection of water masers on extrasolar planets has been debunked."

Workaround: Get your congresspuppet hooked on Free software. Several readers wondered why (complained that) the post offering a link to the place where you can submit your comments on DRM technology to the Senate Judiciary Committee was posted section-only. So here's a reminder; if you live near D.C. (or get a chance to stop by a local office), perhaps you'll be able to stop to chat a bit about how you determine who gets your vote. (Maybe you should check out the sections, too.)

Every tenth download?

[Savatte]

I like those odds!

Re:Every tenth download?

[UniverseIsADoughnut]

can I triple my money betting on email #9 ?

Didn't focus on First Amendment

[powerbarr]

From what I've read about the hearing, it seems that Lessig's approach to go back to the copyright clause and not focus on the first amendment issues was not the right approach. However, IANAL, especially a scholarly constitutional one, so my opinion means squat.

This was an interesting analysis that summed this up.

Re:Didn't focus on First Amendment

[Loki_1929]

"Lessig's approach to go back to the copyright clause and not focus on the first amendment issues was not the right approach."

Considering the fact that the supremes basically dismissed the First Amendment approach immediately, I'd say focusing on it now would be a bit of a mistake. That being said, I think a well-developed argument against the insanely long extended copyrights based exclusively on the idea that they are detrimental to the free and open exchange of ideas (read: free speech), and that the costs outweigh whatever benefits are derived from the latest extension to copyrights would have at least as much of a chance in court as does the current arguement. I also think that someone needs to point out, in response to the justices' repeated questions about the ensuing copyright chaos that would follow a decision against the mouse act, that chaos already reigns supreme in the world of copyrights. Patents and trademarks are fairly well tracked, but copyrights are most certainly not. If they want to keep copyrights more simple, strike down every single extension and go back to the original 14 years. (I think it was 14, could be wrong - too lazy to double check) If the whole of Disney's entertainment empire rests squarely on its control over an imaginary rodent, then perhaps the investors should re-evaluate their portfolios.

Put simply, if your business sucks, no amount of legislation can keep you afloat forever, and shame on those elected officials who would help you at the expensive of those they (supposedly) represent.

Updated score : Kramnik 3 - Deep Fritz 1.

Official 4th game result annoucement (However the final position graphic is currently wrong).

P.S. To our troll wannabe: Beowulf is spelled BeowUlf.

security

[orangeaaron]

so you're saying microsoft is going to start paying attention to security now? seriously though, there may be some good in paying for something you *know* is secure. after all, you pay more for a good safe to put your money in than under the mattress... of course, do you trust microsoft when it proclaims something as "secure"?

Re:security

[dirvish]

It seems like a paid microsoft security program would be a huge target. I am sure there is nothing more some people would like than to throw mud in M$ face by hacking there extra secure pay thingy. I would find it humorous if a bunch of people paid microsoft money for extra secure software just to have it get hosed worse than anything else.

Re:security

[thomas.galvin]

And don't forget the standard EULA clause, "If this software doesn't work, it isn't our fault!"

Sometimes I really don't know why people even buy software anymore. Say you buy a car, and after 15 miles, the wheels fall off. If you knew that you would have no recourse, would you still invest thousands of dollars in a car?

Re:security

[crucini]

Spurious comment I know but do you trust a company that claims the safe they're selling is 'secure'

Since you ask, the security of a safe is assured by its UL label. Construction labels, typically B and C, simply specify certain thickness of steel. Performance labels, such as TL15, TL30 specify resistance to expert attack for a certain time period. A safe rated TXTL-60 will:

Successfully resist entry for a net assault time of 60 minutes when attacked with common hand tools, picking tools, mechanical or portable electric tools, grinders, drills, pressure devices, explosives and oxy-fuel gas cutting or welding torches.

(more here).

Press and Vulnerabilities in *nix

"Nice to see a linux hack getting some attention for a change, instead of the usual MS bashing."

Is it not true that whenever there's a *nix vulnerability it gets posted on CERT? Is this really a "change?" Recall that there was a trojaned version of SSH going around that got plenty of attention. Maybe these "hacks" don't get as much press because there aren't so many of them. Just remember that many of the high-profile vulnerabilities have affected M$ products. If one affected a *nix product, I'm sure it'd get just as much attention, as such vulnerabilities cannot be ignored, especially by administrators.

Re:Press and Vulnerabilities in *nix

[NanoGator]

"Recall that there was a trojaned version of SSH going around that got plenty of attention. Maybe these "hacks" don't get as much press because there aren't so many of them. "

Um, no. I can recall one week (3-4 weeks ago?) where the front page of Slashdot had a couple of anti-MS rantings. Go a level or two deep in Slashdot (not the main page), and there was a pretty nasty Linux worm or something floating around. Wish I had the details on me. I just remember somebody's post with a +5 moderation asking why it didn't make the front page like the similar MS stuff.

The fact is that /. finds MS stories juicy. The more the details are twisted and bent, the more contraversial the story is. This means more people commenting, and co-incidentally, more banner ads getting exposed.

It's gotten to the point that one cannot rely on the article summaries. Anybody remember the 'Microsoft kicks Sony out of Ce-Bit' article last... March or April I think? Microsoft didn't throw Sony out of a Tradeshow. Sony was breaking tradeshow rules and MS reported them. Compromises were offered, but instead Sony packed up all their PS2s and stormed out like a little kid throwing a tantrum. Despite that Sony broke the rules and refused to play because they weren't allowed to do things other trade show attendees couldn't do, MS is the one that got the bad press for it on Slashdot. Sony cheats, MS gets bad press out of it. Yeah, that's fair.

Sorry, but the Linux Community here on Slashdot has no right to complain about that comment. Stop dishing the shit out if you can't handle some of it getting thrown back.

Re:Press and Vulnerabilities in *nix

[qortra]

Sorry, but the Linux Community here on Slashdot has no right to complain about that comment.

Much of community here on Slashdot that engages in what Martin would call "MS Bashing" are actually MS OS users, so I would probably not use the term "Linux Community" to generalize them. In fact, these are often people who have been victimized by MS related viruses/worms, and so they actually do have the right to complain.

I'm sure that I can find for you plenty of trojaned win32 software that never made it to Slashdot. So your argument that one particular worm ("or something" as you so specifically point out) not being mentioned indicates the single-mindedness Slashdot is void.

Finally note that although sendmail is a program that was often used in GNU/Linux systems, this was not a "Linux hack" per say. In fact, I believe the ftp server that was compromised was actually running freeBSD.

More than that, MS flaws usually come about as a result of careless programming, whereas this problem was probably the fault of the web admin at Sendmail (a company with decidedly few resources). As long as MS has $40 billion sitting in the bank and their products are still insecure, I believe the computing community at large as the right to bash them just as much as they please.

Re:Press and Vulnerabilities in *nix

[Anonvmous+Coward]

"Of course they don't get the benefit of the doubt, after all the shit they've pulled do they honestly deserve it? "

Who's to judge that? Dude pointed out that the articles are biased to begin with. If they're biased, how could they fairly 'punish' MS?

No dice.

Re:Press and Vulnerabilities in *nix

[Anonvmous+Coward]

"notice a pattern? if everyone is biased against microsoft, maybe there is a good reason."

I doubt he'd be arguing that point if he thought there was a good reason. It's 'cool to hate Microsoft'. "Look at me, I'm a masochistic Linux user. I don't need no stinking Windows."

So let me ask you this: If, by far, the vast majority of people are running Windows, then doesn't that mean there's something horribly deficient with Linux? I mean, it's free. You can go get it if you want it. Yet... well gee, Windows seems to be doing its job.

So using your own logic, wouldn't the much larger number of people using Microsoft have a good reason that the anti-MS zealots are too narrow-minded to see?

Re:Press and Vulnerabilities in *nix

[NanoGator]

"good point. in the same vain, i want to point out that we really have no right to criticize hitler and stalin. everyone has a biased opinion of these two (that they were bad people), therefore we cannot make any sort of judgement on them.

in addition, AIDS is not necessairly a bad thing. it may be, but we have no way to be sure, since everyone considers them to be bad, we have no unbiased source on them. "

I make the point that /. is biased against MS, and your rebuttal is an indirect comparison if Microsoft to AIDS, Hitler, and Stalin?

That was a bit of a self destructive point there, don'tcha think? That's kind of like saying "Yo mama's ugly. I know this because mine's even uglier!"

Hehe. Thanks for the laugh!

Re:Press and Vulnerabilities in *nix

[Anonvmous+Coward]

"I predict that it will quickly surpass Windows in popularity."

Linux has had 10 years to do that. It hasn't even made a scratch.

(Note: I'm only referring to desktops, servers are kicking Windows' butt thankfully.)

"Yes, they are too technically ignorant to install a decent OS."

A 'decent OS' does not matter. People buy computers to do stuff. If the computer does its job, then it is a reasonable decision.

Frankly, Linux makes it too hard to do stuff like surf the net and get your email. Some of that has to do with support of Windows due to it being the de-facto standard. Some of it has to do with the fact that Windows was designed to be useful on the net. Linux is being geared towards catching up with Windows.

So yeah. Fun debate. ::eyeroll::

Re:Press and Vulnerabilities in *nix

[Zeinfeld]

install some new driver- Blues screen with the message The following file is missing or corrupt: windows/system/xxxxx

I have never seen that behavior. Would the driver be unsigned perchance? Only XP crashes I have ever had were caused by the Archos driver which will bring XP down if the device powers down while attached to the PC.

Linux will also crash every five minutes if you install a buggy driver.

The fact that your experience is so different from everyone else suggests to me that there is something different about your config.

Sounds to me as if you have installed something that overwrites a system DLL.

Re:Press and Vulnerabilities in *nix

[Fjord]

This is the link I think you are referring to.

Re:Press and Vulnerabilities in *nix

[Zeinfeld]

You misunderstand me, I do tech support and this is what I get calls on all day long. I personally will not use WinXP. My only experience with buggy drivers were

Ahh you do Windows tech support and hear lots of problems and by comparing that sample against your own experience with Linux draw conclusions.

So if you were a 911 call operator in Buffallo Ohio you would conclude from hearing of accidents burglaries, shootings etc that it was the traffic blackspot and crime capital of the country, rather than Washington DC, the Bronx or Aspen Collorado?

Re:Press and Vulnerabilities in *nix

[Zeinfeld]

Oh, how cute. You make a trite remark to trivialize my findings

No I demonstrated that you had presented a biased sample and you had no counter argument. Your findings were not 'trivial' they were misleading.

You can try the politico-hack tactic of downplaying the counter-argument but from where I stand you have zero credibility at this point.

Irony?

[SubtleNuance]

Nice to see a linux hack getting some attention for a change, instead of the usual MS bashing.

sendmail != GNU/Linux.

...and i hope the GNU/Linux bash -- subtle as it wanted to be -- wasnt missed by the slashdotters... Isnt a little strange do some bashing while complaining about the "usual bashing"?

Pot this is kettle; Kettle, Pot.

Re:Irony?

[Myco]

And, to be fair, IIS != Windows.

Re:Irony?

[daniel_isaacs]

But, IIS = Microsoft. ;)

Re:Irony?

[pnatural]

Really? IIS now runs on a platform other than windows?

I counter that "windows != IIS" and yet "IIS == windows". Windows can exist without IIS (even if it's installed and you don't know it), but IIS cannot exist without Windows.

To be sure, the majority of the flaws in IIS have done little more than reveal flaws in the OS upon which it runs.

Re:Irony?

[NanoGator]

"Isnt a little strange do some bashing while complaining about the "usual bashing"?"

No it's not unusual. If somebody takes a poke at MS, you're not going to care. But when somebody takes a painful poke at Linux, suddenly you understand what your pokes at MS feel like.

It's not hypocracy, it's illustration. A very effective one at that since it got a reaction out of you. A lot of the anti-MS shit that flies around Slashdot (and usually ends up as +1 Funny) is every bit as ill-founded as the Sendmail/Linux relationship. Yet, it still flies around and people pat themselves on the back. What reason would they have to tone it down if they don't know what it feels like?

You can dismiss his comment as hypocracy if you like. I wouldn't, though. You should see it as a reflection of what the GNU/Linux community puts out. If that kind of comment bothers you, you lose your right to complain once you start making Windows insecurity jokes.

Re:Irony?

[RobotRunAmok]

Yeah, but hasn't it been pretty well established here that all the silly dollar-sign-for-esses posts and virulent Anti-MS vitriol here is coming from the high school kids/L33t HAXX0rs? You're not gonna get that crowd to change merely by talking sense. For them, MS is like some comic-book super-villain.

As far as the whole quid-pro-pro thing goes, you gotta figure that there is probably very little you could do to some teen who gets so worked up over a computer operating system that their better-adjusted classmates haven't already done to them, in spades.

Re:Irony?

[NanoGator]

"I counter that "windows != IIS" and yet "IIS == windows". Windows can exist without IIS (even if it's installed and you don't know it), but IIS cannot exist without Windows."

Heh nice bending of word definitions to sugar- coat a point there.
IIS is a service. IIS is not Windows, it's not a feature of Windows, it's a service that runs on top of Windows in much the same way that Apache runs on top of whatever OS it's running on. MS could port it to other OS's if they wanted to. We all know they won't. And no, just because it's on the install CD doesn't mean that it's Windows.

Let's apply your logic (or lack of) to some other examples:

Gnome == Linux because it's installed with it.
KDE == Linux because it's installed with it.
Apache != Linux because it can be installed on Windows
Emacs == Linux because it's installed with it.

And so on...

Sorry, but your argument does little for me but show ya hate MS, but don't really know what you're talking about.

Re:Irony?

[pnatural]

IIS is a service. IIS is not Windows,

Yes and yes.

it's not a feature of Windows,

I agree. It's not a feature. It's a liability.

it's a service that runs on top of Windows in much the same way that Apache runs on top of whatever OS it's running on.

Wrong. Apache is cleanly separated from the OS upon which it runs. IIS is not, nor can it be, separate from windows.

MS could port it to other OS's if they wanted to.

You can't prove this without the source. Do you have it? Uh-huh. I counter that it cannot be ported, and in the same vein, you can't prove that statement to be false.

Gnome == Linux because it's installed with it.

Not on my disto.

KDE == Linux because it's installed with it.

Ditto there.

Apache != Linux because it can be installed on Windows

Well, duh.

Emacs == Linux because it's installed with it

Again, not in my distro.

Sorry, but your argument does little for me but show ya hate MS, but don't really know what you're talking about.

I'd bet my house that I know more about windows (the NT-2k-XP strain) than you do. But for the record, yes, I hate MS as of late.

Re:Irony?

[Anonvmous+Coward]

"You can't prove this without the source. Do you have it? Uh-huh. I counter that it cannot be ported, and in the same vein, you can't prove that statement to be false."

So, you negated your own rebuttal? Brilliant debate technique. Heh.

Re:Irony?

[Xtifr]

KDE, emacs, and parts of GNOME can also be installed on Windows, so by that logic, they'd all be != Linux.

Exactly! None of those are Linux. Emacs, in particular, predates Linux by years. (In a loose sense, it predates Unix.) And GNOME is supported by Sun because they're making it part of Solaris.

As far as Sendmail goes, it's not even the default MTA on the (very popular) distro I use. However, it's been the default MTA on every commercial Unix I've used since long before Linux appeared. So, given that Sendmail is not (necessarily) the default MTA on Linux, but is on Sun, it would make more sense to call Sendmail bashing "Sun bashing" than "Linux bashing". (Although it's still just Sendmail bashing.)

Re:Irony?

[Jah-Wren+Ryel]

I think you've been drinking the MS kool-aid, or at least somebody's kool-aid. I mean, what the heck is a hypocracy? Rule by under-acheivers? Government by the extremely mellow?

Would Spicoli be president if the US were a hypocracy? Would we be sending dubies to Iraq instead of bombs? Or, dude!, how about some of the poppies we got when we took over Afghanistan?

Re:Irony?

[Sn4xx0r]

Gnome == Linux because it's installed with it.

Gnome is in the kernel tar-ball now?

you mean in pursuit of the corporate dollar

[waspleg]

not in pursuit of a "larger good"

tool? puppet? troll? some combination?

I bet you'll start caring once the Thought Police (spelled h-m-l-nd s-c-r-t-, previous example also includes DRM Gov't Approved removal of vowels as per the Free Thought Prevention Act of 2005 -- move along citizen) have your balls in a vice.

happy halloween

Re:DRM

[rowdent]

I'm very glad you believe each and every one of us is a thief. The fact is DRM will curtail a lot of fair-use applications for technology. In the 80s we were allowed to make copies of media for personal use, so why not now? Because the technology has improved and the Industries are losing their ability to peddle their overrated drivel to the masses at a bloated price. If anything DRM will oppress innovation as each new technological advancement that interferes with the profits of the Industries is proclaimed illegal. Instead of spending their money on lobbying for laws against piracy why not make a better, more reasonably priced product that people will buy to save the inconvenience of piracy. I know I'm more likely to buy many $10 CDs that any $20 CD.

I think screenbert needs to play more chess

[parliboy]

Since they published his comment as is, I'll assume that this isn't as commonly understood as it should be. The match will end after eight games, period. If the remaining 5 games are drawn (which they won't) then the human wins, 5-3. There are no additional games to make up for draws. If it were to be 4-4 after eight games, the match would just end in a draw.

Re:I think screenbert needs to play more chess

[skyhawker]

It also seems that many folks don't understand why such matches have an even number of games -- in order to equalize the number of times each player plays as white or black. Also, it's theoretically possible for all games to be drawn, so there's never really a guarantee that any match will be decisive.

Re:I think screenbert needs to play more chess

[catfood]

And what's so funny about the fractional scores? In chess, a draw is a 1/2 win. That's just the way it is. At a sufficiently sophisticated level of plays, draws are incredibly common. You can't just write them off as "do-overs" or play overtime periods.

Re:DRM

[pyrrho]

Newton should have copyrighted those laws!

Elastic Clause

[rc27]

According to Law.com:

Olson gained ground when he invoked another clause of the Constitution, the "necessary and proper" clause, as a justification for the legislation as a matter of equity.

I am appalled that this guy invoked the necessary and proper clause on an issue that the Constitution already addresses. That is NOT what the clause was intended to do. I don't know why we even bother paying lip service to the Constitution anymore.

Re:Elastic Clause

That is NOT what the clause was intended to do.

I disagree. That IS exactly what it was intended to do. Quoth the Constitution (Art I, Sec 8):

"To make all laws which shall be necessary and proper for carrying into execution the foregoing powers, and all other powers vested by this Constitution in the government of the United States, or in any department or officer thereof."

The "foregoing powers" are the enumerated powers of Congress, one of which happens to be:

"To promote the progress of science and useful arts, by securing for limited times to authors and inventors the exclusive right to their respective writings and discoveries;"

So calling in the necessary and proper clause is perfectly acceptable. His claim is that the CTEA is necessary and proper to carry out the promotion of science and useful arts. I stress again that this is an acceptable argument.

HOWEVER, this is Eldred's point; the CTEA is NOT necessary, nor is it proper, in promoting science and art. Retroactive extensions do not promote.

This case is about whether the CTEA is necessary and proper, so I find his reference to the nec. and proper clause to be a bit daft. Yes, thank you for telling us that Congress is allowed to make good laws. If this wasn't a enumerated power then maybe there would be a purpose for calling attention to the clause. But in this case all he's done is say Congress can make laws about copyrights and patents. Duh. Nobody is challenging that Mr. Olson.

Chess scores

[emarkp]

Come on, the fractional scores make sense. You have to count the draws or the matches would never end.

It's 1 point for a win
0.5 points for a draw
0 points for a loss.

Some people think that a stalemate should count for something other than 0.5-0.5 (say, 0.75-0.25 favoring the player with the advantage when the stalemate happens), but I won't go into that.

Re:Chess scores

[WetCat]

Imho it's much better to count stalemate for 0.25-0.75 to mark that player who trick other monster with all figures that easily could have make a mate to stalemate

gas giants not like ours

[nounderscores]

IIRC, jupiter and saturn both have trace water in their atmosphere. If these extrasolar planets (with masses similar to our gas giants) have no water, they must have something different going on. Is their star too young? not enough impacts from the right comets? Or is it just that if we were that far from jupiter the water content would be too small to detect?

Story is a troll?

[cdf12345]

And to save the 38 mandatory karma whoring comments I'll say it: Imagine if Deep Fritz ran on a beowolf cluster."

What will the karma whores do now that the submitter beat them to it?

Re:Story is a troll?

[popeyethesailor]

Well he forgot the 39th one :)

Imagine if Drip Fritz would run on a Beowulf cluster !

There's no groupthink but whining about groupthink

[0xdeadbeef]

Nice to see a linux hack getting some attention for a change, instead of the usual MS bashing.

It's nice to see that now, since Linux has gone mainstream, all the cool kids have turned from criticising the straw man of mindless Linux promotion to the straw man of mindless Microsoft bashing in order to be the outsider rebels.

Say what you will about the Microsoft anathema, no Linux vendor has promoted the forced inclusion of DRM technology, or, before finding that religion, poo-pooed the importance of security. Through its entire history, Microsoft has given us plenty of justification for criticism. If you don't understand that, then you're as dim as the 'slashbots' to which you feel superior.

Re:Fair Use

[rowdent]

So I guess I'll have to buy 3 copies of an artist's work to satisfy the RIAA if I would like to have a copy on CD, one on MD, and one on my computer, hmmm... That doesn't seem right. I'd like to see a copying ring that would bite into the RIAA profits. The decline of profits for the RIAA is IMHO because the new acts suck.

Re:DRM

[Soko]

I've already told my rep what I think of DRM, though I don't suppose it would hurt to tell him again. I believe DRM is 21st century solution to a 21st century problem. We need to have some way of protecting innovation from those, like the inhabitants of Slashdot, that choose to steal rather than create. If this means that I lose a little convience in the pursuit of a larger good, well then so be it.

I whole heartedly agree. I will gladly give up a little convenience in order to help out artists - or Physicists that write important papers.

I will not, however, give up my personal freedoms in order to help out artists. This is a "larger good" than making sure artists get paid. There is a subtle but important difference, Mr. PhysicsGenius. DRM must accomodate what I want to do within the confines of the Law as well, or it is worthless.

I'm a computer guy, so my future is in (for lack of a better term) cyberspace. DRM must not package up the keys to the digital future solely for the use of those already in power. To just stand idly by and let my personal freedoms be trampled on just to ensure the status quo in a market segment would be an insult to all those who have fought for my freedom in the past will have done so for naught. If you feel that your right to money exceeds my right to freedom, so be it - we will have to agree to be at odds then.

Soko

P.S. - No, I'm not a hypocrite. I own the CD to every MP3 on my computers, paid for the licenses of the software that requires doing so and P2P networking is nowhere to be seen on my systems.

Re:Goddamn Micro$oft

[WeaponOfChoice]

I think it's more like charging more for seatbelts and crumplezones myself.

And with this model sir, for only a little more, you and your family will enjoy a full 30% increase in their chances of survival in the event of a head on crash...

On the other hand you could look at it like brakes: they keep you alive and need regular fluids and servicing that doesn't come free...

On DRM and Frtiz...

[carlmenezes]

DRM is wrong. Given the fact that it's a law that the person who buys the software has the right to make a backup copy, it's a perfect example of corporate America pushing the envelope on what they can get away with - as in, keep making it more difficult to make a backup. What DRM SHOULD be is a technology that allows the purchaser to make a backup, but not distribute that backup - something along the lines of authentication that the person installing the software from backup is who he says he is (using smart cards comes to mind here). In it's current form, we need to fight DRM as it is nothing but another monopoly tool.

On a different note, Fritz is going to get a thorough beating. Why? Because Kramnik is known for his defensive play and he even bested Karparov using the Berlin Defense. Now, what is needed is either a LOT more processing power to search for the right moves, or a little unpredictability (which I think would be better). GMs and IMs use programs like Fritz everyday for practice and hence know it's playing style. Though you can train Fritz depending on what game databases you feed it, it still plays like a computer. Contrast this with the fact that a program called Arasan beat Vishwanathan Anand (currently no. 2) in a best of three Blitz tournament, because it had trained on Anand's games, AND, the programming team drastically changed it's playing style before the match. It is easy for a computer to change it's playing style and still play well - not so for a human. I feel this is what they should be concentrating on - unpredictability.

Re:On DRM and Frtiz...

[GigsVT]

On DRM and Fritz...

Confusing post, I thought you were talking about the senator from Disney until your second paragraph.

Every tenth download

[MavEtJu]

If the evidence confirms the theory, the hack would definitely be a strange way to compromise a downloadable file, said Marc Maiffret, chief hacking officer for security software firm eEye Digital Security.

"I'm not sure why they would want to do that," he said.

Come on guys, it's not rocket-science. It's all just to prevent alarms going off.

Scenario 1: I just downloaded an infected version of sendmail and verify the checksum: failed. Hmm... let's try again. Aha, it's okay this time.

Scenario 2: I just downloaded an infected version of sendmail, verified the checksum and informed the people at sendmail.org about it. They say: nothing wrong here, try again. I try again and it's okay this time.

Scenario 3: As 2, but the people at sendmail.org get too many complaints and start to get suspicious.

Scenario 4: I just downloaded an infected version of sendmail, verified the checksum and informed the people at sendmail.org about it. They say: nothing wrong here, try again. I try again and it's okay this time. I kept the broken version and find out what the difference is.

How often do the scenarios happen?

Scenario 1: 99% of the time.
Scenario 2: 0% of the time.
Scenario 3: 0% of the time (less than 2).
Scenario 4: 0% of the time (less than 2).

With the OpenSSH hack I tried to re-download the broken version twice too before I started to get suspicious. I wouldn't have been suspicious at all if it worked fine the second time.

Edwin.

Re:Every tenth download

[Erasmus+Darwin]

"I just downloaded an infected version of sendmail and verify the checksum: failed. Hmm... let's try again. Aha, it's okay this time."

I believe your analysis is mostly dead-on. However, I do think there's one additional fact that would trigger a bit more suspicion (although probably not nearly enough): There are actually two checksums in play; the published one that you're verifying against, and the one used by the compression system (most likely gzip in this case).

So the official checksum would fail, indicating it's not the official release. However, the compression system's checksum would pass, indicating that what you downloaded is what someone delibrately placed on the server. While someone still might write it off as a race condition where they grabbed the new official checksum yet the previous version of sendmail, it might still raise a few more eyebrows. Probably not many more, but it's a start.

Re:Why...

[timster]

well, the predecessor to Deep Blue was called Deep Thought. "Deep Thought" is the name of the computer in the Hitchhiker's Guide to the Galaxy series who concluded after many years of processing that the answer to life, the universe, and everything was 42.

Re:Goddamn Micro$oft

[umStefa]

Except that Ford does not have a virtual monopoly.

Micorsoft's controls the desktop OS market and hence, if they decided to charge for security features the majority of people would have no choice but to spend the money.

Of course people could always switch to Linux (like I did) but the associated frustrations with initial configuration would prevent most users from sucessfully making the switch.

And another reason

[lithiumcloud]

And "Planet Fritz" sounds suspiciously like Palladium.

Re:Security Through Obscurity

[ninewands]

True that ... BUT IE == Windows. Just ask Microsoft.

Talking to your Congresscritter

[Guppy06]

"... a reminder about your chance (well, if you're an American) to tell your elected representatives what you think about mandated DRM technology"

Yes, it's coming up this November 5th. Here's how to get involved.

If you're going to write your Congresscritter about DRM, be sure to also write his/her/its opponents in the upcoming election.

Charge for updates?

[MoTec]

Microsoft won't charge for security updates or patches, that just seems a bit too audacious even for Mr. Gates.

However, there is a new niche for Microsoft.

Earlier today I was helping a buddy update and clean his Win2k box - And no, he wouldn't let me clean it with Gentoo... He thought he was infected by a virus (he wasn't) so he bought a 'subscription' to McAfee virus scanner. After we ran that, I downloaded AdAlert (free), to remove the spyware... Found lots of that. Then I downloaded ZoneAlarm (free) and set him up a personal firewall.

We've seen MS, in the past, include options like then in the OS... WinXP already includes a personal firewall but there are lots of 'extra' services that MS could add... And why bother including them for free in the OS - expecially when they get sued for it?

I'll bet we see a MS virus scanner/privacy guard/whatever utility sometime soon. With MS's advantage of having OS and Apps in house it could, at least in theory, be faster and better integrated than the competition... And the MS name would go a long way to having the masses buy it over Norton or McAfee... A product like that has to be what Mundie was referring to.

Re:Goddamn Micro$oft

[Yorrike]

On the other hand you could look at it like brakes: they keep you alive and need regular fluids and servicing that doesn't come free

That's the equivalent of keeping your apps up to date. The fact the brakes are there free of addition charge to the car's initial cost is the point. Maintenance of safety features != existance of safety features.

Re:Goddamn Micro$oft

[s20451]

Did you read the article? The only secure machine is a machine that is properly configured and continuously updated with the latest patches. They were originally arguing that they should charge for providing security as a service, in lieu of on-site technicians. In fact, they mentioned that the alternative to guarantee security would be to force customers to sign restrictive license agreements which would prevent anyone except a qualified tech from ever adjusting the machine's settings. An interesting compromise, if you ask me. And an altogether predictable knee-jerk response from Slashdot.

Political Reality

[sterno]

Let me ask you this: are you more likely to vote a politician into office because of his position on DRM or his position on military action in Iraq?

The problem is that, in a time when there are really serious concerns, something relatively obscure like DRM is going to get pushed to the bottom of the priority list. The state of the economy is a whole lot more important than the state of DRM. Both issues concern me, but one has to weigh them very differently. Hard to seriously vote against somebody who's in the RIAA's pocket but is willing to make a stand against military action in Iraq (if you tend to lean that political direction).

Re:Goddamn Micro$oft

[AvitarX]

Except saftey features are extra. Air bags were once an addon, then passenger airbags. Now side airbags are. ABS are not on all cars, and usally cost more. A sturdy safe car costs more then a cheap econo car. Run flat tires are an add on.

On autos lots of saftey features cost more. So your analogy doesn't work.

Used CD's

[Jus+ad+Bellum]

I don't know if this is entirely related to DRM. But I was wondering if anyone had info on the legalities of buying used CD's, records, books, etc... (I'm interested in Canadian law in specific, but I would assume that it is the same as the States law)
I recall a few years back that some artists and the big record companies were upset at the idea of reselling their music without recieving the royalties (I remember that the dude with the Kentucky Waterfall that did 'Aceky Breaky Heart' was whining about royalties). I was wondering if there is still a push for this, or if it has been implimented. If it has then the companies and artists that fall under the Mickey Mouse law would still be able to recieve payments on used items sold until the products fall apart...

Copyright motivates creation of works after death?

According to the paper,

The court, [Olsen] said, should not say that 99 years is too long for a copyright to exist, noting that the works of Herman Melville and Franz Schubert ''weren't valued until many years after their deaths.''

Someone please explain to this taxpayer employee that the purpose of copyright is to encourage writers to contribute more work to the public. No amount of copyright extension, illegal or otherwise, would be sufficient to get Melville and Schubert to rise from their graves and start creating again.

Re:Goddamn Micro$oft

[Iamthefallen]

All Linux distributution makers think of is profit margins. Making the product hard to use and then charging extra for support is similar to MS charging for security when the product isn't secure to begin with. Hey look, it swings both ways, ain't that sumfin.

MS/Linux Bashing

[KagatoLNX]

Why does this crap bother everyone so much? For anyone who cares, try the following science experiment:

Hypothesis: Microsoft software is buggier and less secure than Linux software.

Experiment: Debian 3.0 and Internet Explorer 6 SP1 are recent releases (i.e. good examples of respective software packages). Test each one's security needs by updating each from their respective security archives. The one with the most fixes is the most buggy (this assumes bugs are the norm and fixes indicate their prevalence in the code, history bears this out).

Results: Debian has about 8 updates. IE6 SP1 has about 15 critical updates. The IE updates are five times the size of the Debian ones.

Analysis: IE should have the advantage here. It is only a web browser against an entire distribution. It also was released noticibly later, giving less time to discover bugs.

Conclusion: Hypothesis is supported.

Any other experiments?
How about a histogram of bugtraq notices? How about one weighted by severity?

Software is software. It all has bugs. The only way to combat it is good development practices--things like rigor, testing, attention to detail, lots of review, and careful design.

MS has shown (and still shows) that it puts these goals second to political maneuvering, time to market, and (sometimes underhanded) competition.

I damn well will bash a business that is only after my pocketbook (MS) every time they screw up. I also will vehemently defend people developing code for all to use (OSS). Even if they were equally buggy, I'll pick goodwill over greedy corporation any day.

Sorry, but Open Source and Microsoft (a.k.a. good versus evil :) is not Tommy Hilfigger versus Ralph Lauren. If you want to argue fashion go read Cosmo or Vogue. I care about nothing less or more than solving problems with computers in an open, useful, honest, secure way that doesn't make me a corporate whore.

I just wish that "Visual Basic" and the like hadn't convinced a bunch of second rate graphic artists that they were "programmers". There's nothing more disheartening than being surrounded and outnumbered by loud idiots desparate to cling to the greedy corporate teat that enabled them do something other than flip burgers.

Remember

[PaddyM]

Any rebroadcasts of the pro-DRM statements of the establishment are prohibited without the express written consent of the establishment.

Re:Copyright motivates creation of works after dea

[Samrobb]

So, make copyright extend for the lifetime of the human (not corporate) creator; but once it passes from the control of the creator, then they copyright period is N years, period.

With this, if N = 20, then Melville's works would be (C) H. Melville until his death. At that point, they copyright would be inherited by his heirs, and they would hold it for a maximum of 20 years. If at some point in his life Neville decided to sell the copyright for one of his works to some other individual or corporation, then the copyright on the work would last 20 years from the date of the sale.

All in all, far too sensible for a legislator to even think about.

Come to think of it, this could lead to some weird legal loopholes... for example, in many states, a husband and wife are considered to be a single person in some senses; someone doesn't "inherit" from their spouse when s/he dies, because they are considered to own property jointly. So you could see some bizzare marriages of convenience, for example, where an aging Walt Disney marries a much younger woman who coincidentally just happens to be a Disney corporation executive, with a prenuptial agreement that states if she ever remarries, it will be at age 60 to yet another young Disney executive... and so on, and so on, and...

Sendmail roulette...

[knightPhlight]

...is still better than Micro$oft odds.

Especially if all you have to do is verify a checksum. Shrink-wrapped, over-priced software comes out of the box "as is."

What's the checksum for IE + all 15 updates?

Comment removed

[account_deleted]

Comment removed based on user account deletion

Microsoft to replace the Zone Alarm

[gregm]

I've been waiting on this one for awhile. It has to drive them nuts to have a firewall like the zone alarm reporting all the behind the scenes discussions the print spooler subsystem etc are. having with someone on the net. They'll probably include some lite version of their zone alarm for free and a pro version for money... think defrag... Of course neither version will tell us anything about any of their covert communications with our computers.

And think of all the money they're losing out on to McAfee and Norton for antivirus software. If I were a conspiracy theorist...oh wait... I am, I might think they've purposely not cleaned up outlook just to create a market that they can swoop in and take over like they're known to do. bastards

Re:Microsoft to replace the Zone Alarm

[Anonynnous+Coward]

I think the way to go here is to set up your computer without TCP/IP (use IPX/SPX or Netbeui for your internal network), then do all the internet interaction inside a VMware VM. Thus, the core operating system, where you do your personal and private stuff (e.g. Quicken), doesn't get to call home. Inconvenient, yes, but a little more secure.

Roulette versions

[Quila]

Sendmail was roulette with a 10-shooter revolver with one round loaded.

MS is roulette with a semi-automatic pistol with one round loaded.

No way

[Aapje]

That being said, I think a well-developed argument against the insanely long extended copyrights based exclusively on the idea that they are detrimental to the free and open exchange of ideas (read: free speech), and that the costs outweigh whatever benefits are derived from the latest extension to copyrights would have at least as much of a chance in court as does the current arguement.

The problem with that kind of argument is that it's not very objective. It's about weighing the available evidence/research/etc and deciding what the rights of various groups (with different interests) should be. That seems to be about identical to the job description of congress members. I don't see how the supreme court could make such a decision instead.

Lessig's argument makes a lot more sense IMHO. First of all, it's much more difficult to argue that retrospectively extended copyright will have even a mildly reasonable influence on promoting arts. In fact, if one sees the public domain as promoting arts, it's highly questionable whether congress should be allowed to destroy all kinds of interests and business models that are based on the public domain (see the publisher that wanted to publish an out of print, about to expire book). Those people had reasonable expectations that the works they were after wouldn't suddenly be locked up for another x years. An artist/publisher sh/wouldn't expect the copyright term to be extended for works that were created in the past (especially since the constitution uses the words 'limited term' which conflicts (in theory) with a gratuitous extension).

Furthermore, a copyrighted work is never guaranteed to be added to the public domain if its copyright term can be extended again and again. I don't think it's far-fetched to say that this breaks the 'limited duration' as specified by the constitution. If only prospective extensions are allowed, you will at least have a guarantee that the copyrighted work will expire into the public domain at a known date. It might take 1 billion years, but I'm afraid that the only way Americans can prevent that is by voting differently (in theory*).

*See [Two party system] & [bribes]

Re:No way

[WEFUNK]

While I agree that the free speech argument seemed to have less resonance with the supreme court and is probably the weaker argument in general, note well the broad wording of the second question under consideration:

"2. Is a law that extends the term of existing and future copyrights "categorically immune from challenge[] under the First Amendment"?"

Even just one example of a possible exception to categorical immunity (no matter how contrived, farfetched, or unlikely) would have made the answer to this question "No" and could have opened further challenges to copyright, although probably on a case by case basis. From what I've read, no such example was offered during court. Even if it made sense to focus on the first question, was this a missed opportunity?

Re:No way

[Aapje]

The most far-fetched example is of course a copyright term of infinity minus one. Suppose that such an extension would have been in effect when Keynes wrote his books and that the publishing rights would have been sold by his heirs to Marx Publishing Inc. Marx Publishing has a competing set of books and so they lock up Keynes' works forever (minus one year). This extremely important part of our culture is thus (in essence) destroyed.

I'm not very knowledgable on the subject of the first amendment, but this at the very least sounds extremely scary.

Comment removed

[account_deleted]

Comment removed based on user account deletion

Re:Copyright motivates creation of works after dea

[teamhasnoi]

I disagree. This post won't become popular until the year 2525. I would like to see copyright extended until then, so I can make some Benjamins.

Thanks.

Re:There's no groupthink but whining about groupth

[FurryFeet]

...yet.

Re:Here's the solution

[Aapje]

Copyrights are supposed to ENCOURAGE development of works by giving the authors an ability to exclusive use/profit from them. So of course retroactive application of the exentions is silly.

In theory I could benefit from that extension and use that as a justification for creating more works. Of course, it's quite unlikely that the original artists has any benefit after 50 years, so an extension to 70 won't promote anything. However, if the copyright term were fairly short, a retroactive extension could actually encourage new creations. I wonder if that's what Lessig meant when he confused the courts by saying that he would support retrospective extensions that do promote the arts.

There are a LOT of works out there that the copyrights are still legally in force, but no one is around who wants them... but the off chance that there COULD be a massive penalty for infringement, no one will risk republishing that long out-of-date stuff. For example, some short stories, articles, illustrations from long defunct magazines from the 50's.

And so the promotion of arts is hampered. An effect of copyright extensions that congress does not seem to understand.

Requiring copyright holders to renew the copyrights every 20 years will allow authors who are actively still publishing and profiting from a work, or who still want to control its publication, to do so.

I don't think a company should be allowed to lock up a once published book/film/etc for a lifetime. Controlling the publication of a work should not be possible for 70 years. You might require copyrighted works to be available before you can renew, but publishers already lie about books that supposedly are still in their inventory (although they won't sell them to you), so I don't see how renewal can change that. No, I think we should reduce the copyright term to much more reasonable terms (different for some items, like software). Those terms should optimally be the time in which most publishers expect to make the majority of their profits. For instance, hardly any software is still sold in it's original form after 20 years, so software should be copyrighted for less than 20 years.

A way in which renewal might work would be a renewal fee that keeps rising. Once the publisher stops paying the work automatically moves into the public domain. That way you still can lock up a certain work or keep it in print for a very long time, but you will have to pay for the privilege.