Slashdot Mirror

← Back to Stories (view on slashdot.org)

Slashback: Discipline, License, Name-calling

Posted by timothy on from the departure-arrival dept.

Slashback tonight brings you a boatload of updates and amplification to previous Slashdot stories, including: the outcome of the RIAA-driven administrative crackdown on file trading at the U.S. Naval Academy, the legal status of ambiguously labeled Microsoft "gimme" software, more information on the insecurities of Blackboard's card-based payment system, and more. Read on for the details!

Every day, in every way, I am becoming a better and better Lt. Junior Grade. alanjstr writes "The Baltimore Sun reports 'The Naval Academy has disciplined 85 students who used a military Internet connection to illegally swap copyrighted music and movies, but it stopped short of carrying out its threat to impose the maximum penalties of expulsion or court-martial, an academy document shows.' It goes on to say that the raid was spurred less by the RIAA and more by the threat of losing the internet connection due to the enormous amount of bandwidth consumed. The academy had given students several warnings before raiding the dorm rooms. Some of the hard drives seized last November were found to contain one or two copyrighted files, while others ran into the hundreds or thousands."

I bet they could make a better agreement with Xiph.org Magnetic Confinement writes "In an effort to make life more difficult for civic-minded Mac users, NPR has decided to drop Quicktime from its available streams. Nothing specific on their webpage addresses it, just some suspicious vacancies remain. Their helpdesk response is officially:

'NPR.org had been offering some of its audio in the Apple QuickTime format under an arrangement with Apple QuickTime. We regret that we were unable to reach mutually acceptable terms for a new arrangement with Apple QuickTime. As a result, NPR is unable to continue offering its content in this format.

You can also contact Apple QuickTime directly at: quicktime@apple.com

Weston
NPR Online'"

A note that got lost in the bin for too long ... JulesVD writes "Microsoft has agreed to tweak its Windows XP operating system in response to recent feedback from the Justice Department over its antitrust settlement with the federal government. (See news on Yahoo!) Microsoft will give more prominent display to a button in Windows that allows computer users to remove the company's Internet Explorer browser, company spokesman Jim Desler said. The Justice Department is overseeing Microsoft's compliance with the settlement. Placement of the button in a hard-to-reach spot in Windows was one of several complaints Microsoft's rivals made to the department last year."

Proportionality isn't just for the personals. You may still be boggling (I am) at the recently announced RIAA suits alleging that colleges and college students are liable for billions of dollars in damages to the music industry for facilitating online file trading. Reader Derek Lomas writes in with another editorial indicating "growing support at Yale for legal alternatives".

Even biggerness. The Gathering is billed by some as the the world's largest computer party. MC68040, though, writes "I'd like to remind everyone to have a look at dreamhack, that 'also' is the largest LAN in Sweden twice a year ... Which had over 5000 participants in 2001 and even more in 2002.. *arhem* Biggest you say?"

If you want to fight about "LAN party" vs. "Computer party," leave me out of it!

How about calling it "900t"? An anonymous reader writes "As previously reported, mozilla.org's Phoenix browser has been renamed to Firebird. This hasn't pleased supporters of the Firebird relational database project. In an Australian LinuxWorld article, one of their administrators calls the name change "one of the dirtiest deeds I've seen in open source so far." In a MozillaZine article, the same person accused mozilla.org of "theft" and "corporate bullying". They don't explain how it was different when they picked a name that was already used by a BBS, financial software manufacturer, Fenix IDE and games company. Meanwhile, IBPhoenix, an organisation that supports the development of the Firebird database, has put up a protest page, encouraging people to spam the MozillaZine forums (even though MozillaZine had nothing to do with the decision) and send masses of email to many Mozilla developers (most of whom were not involved in selecting the new name). I find it rather hypocritical that the Firebird database people are accusing Mozilla of "the filthiest of dirty tricks" while at the same time advocating the harassment of many Mozilla developers."

Point of clarification. batkid writes "In response to the article 'Microsoft pirating their own software,' Seems like MS is taking it pretty seriously. I got the following response from Microsoft (I am a faculty member, but the response should be the same to students).

April 9, 2003

RE: Visual Studio .NET Professional Edition and Windows XP Professional software distributed during the Microsoft Faculty Seminars

Dear Faculty Member, Thank you for attending the recent Microsoft Faculty Seminar. The purpose of this letter is to clarify questions concerning the legal use of the Visual Studio .NET Professional and Windows XP Professional software distributed to faculty who attended the Seminar. The software received is governed by the electronic license embedded in the product set up that appears prior to installation and no additional documentation is required.

Notwithstanding language on the CD label for the copies of Visual Studio .NET Professional Edition and Windows XP Professional Edition that you received during your attendance at the Seminar, which appeared to indicate that a separate license document was required in order for you to legally use the software, this letter will confirm that use by you of the software received is governed by the electronic license embedded in the product setup that appears prior to installation.

You are required to agree to accept the terms and conditions of this license prior to proceeding with the products' installation. Acceptance by you of these "Click to Accept" licenses is the only license required for your use of the copies of Visual Studio.NET Professional Edition and Windows XP Professional Edition received. We recommend that you keep a copy of this letter in your personal files for future reference."

Thanks for passing that along.

What if Masterlock security was assured this way? Monday, you read that security researchers Billy Hoffman and Virgil Griffith (known as Vergil and Acidus) were were prevented from speaking at a security conference by means of a Cease and Desist order from Blackboard, Inc.. The two planned to talk about security flaws found in Blackboard's Transaction System.

In a mail posted at Declan McCullagh's Politech mailing list, David Yaskin of Blackboard responds to the criticism that the company's legal action has drawn. John R. Hall has posted a FAQ explaining some particulars of the Blackboard Transaction System which Virgil and Acidus aren't at liberty to discuss, as well as contradicting some claims that Yaskin makes in the posted email.

34 of 340 comments (clear)

  1. Hey, I could use one of those... by avalys · · Score: 5, Funny

    *highlights*
    *Ctrl-C*
    *Ctrl-V*
    *Prints Letter*
    *Launches Gnutella*

    --
    This space intentionally left blank.
  2. Why blame NPR? by Anonymous Coward · · Score: 5, Insightful

    In an effort to make life more difficult for civic-minded Mac users, NPR has decided to drop Quicktime from its available streams.

    How do we know Apple wasn't being unreasonable in the terms they wanted?

    BTW, those Phoenix database people sound really mature.

    1. Re:Why blame NPR? by ragingmime · · Score: 5, Interesting

      I don't think it would be a matter of Apple wanting an agreeable contract. Nobody needs Apple's permission to do Quicktime streams - you just buy Quicktime server software, plug it in, and go. It sounds (although I'm really not up on how these contracts work) like NPR wanted some sort of reimbursement from Apple for them to provide Quicktime streams. I see no reason (or legal method) for Apple to prevent NPR from using its software - I just think they decided that having NPR broadcast in their format wasn't worth the money. Just a theory - I have no real hard evidence on that - but I think it makes sense.

      --
      I produce electronic music and write little games. Have a look.
    2. Re:Why blame NPR? by ryochiji · · Score: 4, Informative
      > If you are a big broadcaster you pay for capabilities per simultaneous stream at a specific bitrate

      Where did you get that from? According to the QTSS FAQ:

      Both QuickTime Streaming Server 4 and Darwin Streaming Server 4 are free, with no per-stream license fees.

      So, no, it doesn't seem like licensing fees were the issue.

      --

      ---
      Open Source Shirts
  3. The Blackboard Presentation by Jeremiah+Cornelius · · Score: 5, Informative
    The whole Blackboard presentation - including a .PPT attachment with photos of GT's physical security problems - is available at Cryptome.

    Don't worry. It opens in Open Office Impress just fine!

    --
    "Flyin' in just a sweet place,
    Never been known to fail..."
    1. Re:The Blackboard Presentation by BitHive · · Score: 3, Insightful
      I looked through these things yesterday, and while they were interesting, there was little information of substance in them. All of the supposed vulnerabilities are theoretical, and the author himself does not claim to have tried any of them. Yes, a replay attack would work if the system works as he claims it does. Has he taken the first step of patching into one of the RS-485 drops that he claims are so very insecure? No. Does he know what kind of encryption is used on the IP converter? No. He merely speculates that it is "DES on the high end; XOR on the low end". How informative! The same could be said for any system that uses encryption.

      I am following this closely because my college has installed the Blackboard system to provide all-hours card access to dorms and after-hours access to academic buildings. All of the readers are bolted into concrete or brick, or are installed on steel posts. You would have to do more physical damage to the building or the post to gain access to the supposedly insecure RS-485 drops than you would to simply force the door open. My school, however, has not extended this system to anything using real money, perhaps because they are aware of the flaws and want to limit the risks, or perhaps because the damn thing is so motherfucking expensive.

      One thing that really detracts from the credibility of this "security analysis" is that in the PowerPoint presentation, someone is circled using paintbrush, identified by name, and labelled "piece of shit" or something like that. Apparently this is one of the guys that insists the system is secure. It may not be, but you can't expect anyone to take you seriously if you put crap like that into your presentation.

  4. Dishonest statistics by Elpacoloco · · Score: 5, Insightful

    Remember that joke about the kid who prooves that he has no time to attend school, since he must spend x days sleeping and x days eating and x days are weekends.....

    The kid in this joke arrives at the figure that he does because the way he does it counts a good portion of time twice. (IE: Sleep and weekends overlaps...)
    The RIAA I think is counting things twice when it obtains these "Billion Dollar" figures. I think that it counts the number of P2P transactions and multiplies it by the cost of an album. This dispite people downloading songs that they would never buy. In fact, one could further inflate the figures by including incompleted transactions as a full one.

    Billions of Dollars? Baloney.

    1. Re:Dishonest statistics by menasius · · Score: 4, Insightful

      I agree, it doesn't fit logically.

      The Music Industry is a big thing. However, my arguement to the exageration of these figures is that the music industry has supposedly taken "billions in losses". Even a behemoth like that would feel billions in losses and it would be visible. The airlines are having rough times and its obvious, it's not that they are trying to screw anyone it just seriously looks like they are in a great hurry to fix things and are making mistakes.

      All the music industry has done is file suit, but the state of the industry doesnt say "we are fighting a loosing battle". If they lost billions where are the record labels that are dropping production or cutting wages to try to save the ship.

      Thats just my 2 billion cents.

      -bort

    2. Re:Dishonest statistics by Slowping · · Score: 4, Interesting

      They also conveniently don't count back in compensating income designed to offset these "losses", like the RIAA CDR tax. Seeing as how they haven't really paid any of that tax back to the artists, I'm guessing that's quite a deep source of income for the RIAA.

      Anyone got numbers for the amount they collect via CDR tax?

      --
      (\(\
      (^.^)
      (")")
      *beware the cute-bunny virus
  5. Oh my by Raul654 · · Score: 3, Insightful

    The fact is that most students at Yale are very familiar with breaking copyright law, because they are not willing to give up learning about music just because they can't afford the $15 cost of each CD.

    Does anyone else find that laughable?

    --


    To make laws that man cannot, and will not obey, serves to bring all law into contempt.
    --E.C. Stanton
    1. Re:Oh my by clonebarkins · · Score: 4, Funny

      Yes, but where can you buy CDs for only $15? Enquiring minds want to know!

      --

      "The evil of the world is made possible by nothing but the sanction you give it." -- Ayn Rand

    2. Re:Oh my by madmaxx · · Score: 3, Informative

      From Canada, of course. And that's $15 Canadian, which is abou $11USD. Two national chains here (A&B, FutureShop) have stuck it to the recording industry by ignoring fixed pricing (for several years now).

      --
      mx
  6. Phoenix-Firebird...... by Garion911 · · Score: 4, Funny

    They should just rename it "TransAm", its the same thing anyways......

    --
    Slashdot is like Playboy: I read it for the articles
  7. gotta love the military by mrjive · · Score: 5, Funny

    "Some kids were running miniature Napsters," said the academy official, referring to the now-defunct music-sharing site. "They had enormous drives - multigigabite drives - and they were on all the time. They became little Web sites."

    Just goes to show how educated some naval personell are about computer technology. I mean MULTIgigabyte drives?!? Holy shit man, that's a lot of storage!!!

    *note sarcasm above*

    --
    If you can't beat them, arrange to have them beaten. -George Carlin
  8. Blackboard by mrbrown1602 · · Score: 4, Informative

    We use the Blackboard transaction system here at LSU, and a lot of our food/drink machines with the system are usually offline... now, if you swipe your card in the machine while its offline, it'll display what's supposively stored on the card - your social security #.

    Just something I thought was kind of interesting.

  9. Skepticism Abounds by yoink! · · Score: 4, Insightful

    I don't believe that Microsoft intends to allow users to actually remove much software with any of these "new" features. Even if a user edits his/her sysoc.inf (you can find it in "%systemroot%\inf" if you so will) file and removes the word "hide" from applications which are not appearing under the "add/remove windows components" manager, most of the applications remain on the hard disk even after they are supposedly "uninstalled." I have found this to be true with Outlook Express and Media Player. Frankly who cares about Internet Explorer at this point. Most people I know use it on their windows machines anyway, regardless of how buggy and insecure it may. At this point, Microsoft being forced to alter XP so much that Internet Explorer is "uninstalled" is nothing more that a friendly pat on the ass compared to the original goals of the anti-trust case(s). The justice department should be absolutely ashamed.

  10. Why is it so hard to pick an original name? by interactive_civilian · · Score: 3, Insightful
    About the Mozilla naming thing...you can't pick a much less original name than Thunderbird...

    Is it really that hard to pick an original name and then run a few searches to make sure there are no similar products with that name?

    For example, why not pick something from another language that fits the product well? Something like 'gaiyuu' (Japanese: foreign travel) or 'michiyuki' (Japanese: going down the road)...

    Seriously...it seems ridiculous the amount of trouble these people have coming up with original names...

    IMHO.

    --
    "Empathise with stupidity, and you're halfway to thinking like an idiot." - Iain M. Banks
    1. Re:Why is it so hard to pick an original name? by Guppy06 · · Score: 4, Funny

      "About the Mozilla naming thing...you can't pick a much less original name than Thunderbird..."

      That may be why they're calling it Firebird.

      Sheesh, confusing a Ford with a GM... People have been lynched for less...

    2. Re:Why is it so hard to pick an original name? by Sialagogue · · Score: 3, Funny

      I'm all for this name, only because their ad slogan could be:

      "Yozizza? Foshizza. . ."

      --
      The only acceptable defense of scientific results is to say that they were the product of the Scientific Method.
  11. 1000s of copyrighted files by poppen_fresh · · Score: 5, Insightful

    It say that the Navy found some hard drives with 100s and 1000s of copyrighted files on them. It never says if the students had a right to have those files... I have 1000s of "copyrighted" files on my hdd in the form of mp3s, which I obtained by buying the CDs and then ripping them...

    1. Re:1000s of copyrighted files by Mononoke · · Score: 4, Interesting
      It say that the Navy found some hard drives with 100s and 1000s of copyrighted files on them. It never says if the students had a right to have those files... I have 1000s of "copyrighted" files on my hdd in the form of mp3s, which I obtained by buying the CDs and then ripping them...
      Even worse. Every single file on my hard drive is copyrighted, as is every single file on yours, most likely.

      You see, I'm the author of many of the files, and as such, I hold instant copyright. Quoting from US government copyright office:

      Copyright protection subsists from the time the work is created in fixed form. The copyright in the work of authorship immediately becomes the property of the author who created the work. Only the author or those deriving their rights through the author can rightfully claim copyright.
      I'll bet we're all guilty of possession of copyrighted Slashdot images in our browser caches. I hope they don't mind.

      --
      NetInfo connection failed for server 127.0.0.1/local
  12. Microsoft anti-trust by eniu!uine · · Score: 5, Funny

    It's about time. Making internet explorer easy to remove will definately eliminate the problem with Microsoft's monopoly. The only reason Linux hasn't been adopted as a major desktop competitor is that it was widely felt that the internet explorer icon needed to be removed from Windows before you could install Linux, and this should clear that up. The justice department deserves a big pat on the back for this. Way to go DOJ!

    --
    My Blog
  13. Oh, please by jesterzog · · Score: 4, Informative

    I guess most people have come to expect this from slashdot, but it should be pointed out all the same. It's too bad everyone (me included) puts up with it.

    From the slashdot writeup:

    "Meanwhile, IBPhoenix, an organisation that supports the development of the Firebird database, has put up a protest page, encouraging people to spam the MozillaZine forums (even though MozillaZine had nothing to do with the decision) and send masses of email to many Mozilla developers (most of whom were not involved in selecting the new name). I find it rather hypocritical [--snip--]"

    From the linked article (slightly summarised):

    Let the Mozilla forums know how you feel. They've already taken some heat in forums on their website. To join that fray, you must register. Check http://www.mozillazine.org/forums/index.php and http://www.mozillazine.org/talkback.html?article=3 075 for the discussion.

    You might also send mail to the following people and groups:

    Asa Dotzler - he made the announcement [..]

    drivers@mozilla.org - drivers are the project managers of Mozilla [..]

    These people are the technical project leaders of Mozilla. They too should be aware that the possibility for confusion exists. [--snip eight addresses--]

    Listing the eight technical project leaders at the end might have been a tad excessive, but I'd hardly call that "encouraging people to spam the mozillazine forums" or harrassing mozilla developers in the way that slashdot makes out to be. It looks like an ordinary informational page to tell people how they can contact the people who are able to make a decision.

  14. Click Here to Remove Internet Explorer ... by Snork+Asaurus · · Score: 4, Funny

    Warning: Since Internet Explorer is part of the operating system, your operating system will no longer function after you click the button. Please forward all concerns to the US Department of Justice. Have a nice day.

    --
    Sigs are bad for your health.
  15. Sinapse by lpret · · Score: 4, Interesting

    I'm working on a project called sinapse that is a PHP/db portal for students. It's in use by Oklahoma University, Oklahoma State University, and I'm currently working on the Baylor University implementation. However, I've been writing a module for it specifically for teachers to be able to cover the same functions as Blackboard. Sinapse is the only education focused software for this usage AFAIK.

    --
    This is my digital signature. 10011011001
  16. Available NPR stream by Theaetetus · · Score: 4, Informative
    Pssst... check out the Boston NPR affiliate, WBUR at wbur.org - they (all right, we) have a quicktime streaming format available from the 'listen live' link on the front page.

    We carry BBC, Morning Edition, The Connection, Here & Now, Fresh Air, All Things Considered, Talk of the Nation, On Point, Wait Wait Don't Tell Me, Car Talk, et al...
    And we originate most of those. :)

    -T

  17. Adware in Qicktime? by ragingmime · · Score: 3, Informative

    Adware? I have Quicktime, and I don't remember getting any adware with it... but maybe I missed something. But yeah, an open source alternative would be really nice... go Theora! (I'm assuming that someone will work out a way to stream it after it comes out, the way Icecast does for Ogg.)

    --
    I produce electronic music and write little games. Have a look.
  18. 3 kinds of lies by ralico · · Score: 3, Funny

    Well, you know there are 3 kinds of lies:
    "Lies, damned lies, and statistics," Disraeli

    --

    SCO to Hell
  19. BECAUSE IT'S FREE by SuperBanana · · Score: 4, Interesting
    How do we know Apple wasn't being unreasonable in the terms they wanted?

    Maybe because Quicktime streaming server is freely downloadable.

    Well, okay, you've got to have OS X Server to get that one, but if you don't want to even run OS X Server, guess what? Darwin streaming server is both open source and runs on Linux, Solaris, OS X(server or regular, 10.1.x or better), AND WINDOWS(both win2k and NT).

    If -that- isn't good enough for you, there's no shortage of MP3 streaming servers. If THAT isn't good enough, there's ogg-vorbis.

    Something smells, folks. MS -bought- their way into this one, probably via strong-arming or simply bribing with free hardware+licenses. By the way, PBS dropped Quicktime recently too.

    --
    Please help metamoderate.
  20. Re:Masterlock by SuperBanana · · Score: 4, Informative

    Having had a coworker who was a professional locksmith, I can say that absolutely everything you said is wrong. Point by point:

    tumbler locks only have 10 height levels at most

    Wrong. They have many, many possible height levels. They are completely analog devices. Any locksmith should be able to make pins that are whatever height he wants, completely analog. Its not just like they have a box of pins, only available in 10 different lengths.

    Less secure tumbler locks will allow each individual tumbler to move independantly of the rest.

    Wrong. All(that I know of) tumbler locks allow individual tumblers to move independently, otherwise you wouldn't be able to insert or remove the key(duuuh.)

    oh and most locks also have a master key that will work on every lock of that type, not just the specific tumbler combination given to your door specifically.

    Again, WRONG. Only if the key is set up with several separate pins in each tumbler. Otherwise, there is only ONE position where all the pins will clear.

    It is simply amazing how such a simple, very plain and ordinary device is completely misunderstood and given an almost magical status. Locks are VERY simple devices. Even picking them isn't rocket science, just methodical and you need a ton of practice. Most of the tricks used by lock-pickers are very obvious once you see how a lock works.

    --
    Please help metamoderate.
  21. "Analog" by yerricde · · Score: 3, Informative

    They have many, many possible height levels. They are completely analog devices.

    Analog devices have noise. Therefore, analog devices are built with tolerances, and on a given brand of lock, these tolerances may allow for only about ten distinct height levels per pin.

    --
    Will I retire or break 10K?
  22. Blackboard has put an official response on the web by geddes · · Score: 4, Informative

    http://www.blackboard.com/docs/Statement_on_System _Security.pdf

  23. Re:Firebird by helebor · · Score: 5, Interesting
    Under "reactions of the Firebird folk", do you believe this posting from an anonymous reader, that slashdot headlined today? --
    "How about calling it "900t"? [snip] In an Australian LinuxWorld article, one of their administrators calls the name change "one of the dirtiest deeds I've seen in open source so far." [that article quoted me, btw]
    [snip]
    "In a MozillaZine article, the same person accused mozilla.org of "theft" and "corporate bullying". They don't explain how it was different when they picked a name that was already used by a BBS, financial software manufacturer, Fenix IDE and games company."

    I did post a comment about these other "Firebird" projects, which all except one are either more recent than ours, or are long defunct. The BBS project (a year older than our project) is a Chinese bulletin board, scarcely to be considered as being in the same space the way an open source browser and an open source database are...

    "Meanwhile, IBPhoenix, an organisation that supports the development of the Firebird database, has put up a protest page, encouraging people to spam the MozillaZine forums"

    This is a patent LIE - hence, no doubt, the poster's desire to stay anonymous. The readers were invited to write, not "encouraged to spam". As background to why the need to do so, our private emails to the Mozilla people at the start of all this have gone unanswered. What else could we do?

    "(even though MozillaZine had nothing to do with the decision)"
    Another misrepresentation. The announcement was made on the Mozillazine talkback forum and feedback was expressly invited.
    " and send masses of email to many Mozilla developers"
    Another outright lie. The suggestion was "You might like to write to..."
    "(most of whom were not involved in selecting the new name)" The announcement said "we". Absent better information, how could anything be assumed except that the whole Mozilla team made the decision, since that was how it was announced.

    "I find it rather hypocritical that the Firebird database people are accusing Mozilla of "the filthiest of dirty tricks" while at the same time advocating the harassment of many Mozilla developers."
    I find it highly hypocritical that an anonymous poster would construct a spin like this -- and rather depressing that Craig Ringer and others are buying the spin.

    Helen Borrie
    Firebird Project Admin

  24. Why NPR really did this... by Jeremy+Erwin · · Score: 3, Interesting

    You can download audio of many articles directly from the site. Unfortunately, Apple's web browser of choice (Safari) thinks that the audio links are served up as *.smi files--perhaps "self mounting image files".

    Safari will, instead of opening these files with RealPlayer, Quicktime or downloading them to a desiganted directory, will open them up directly with Disk Copy-- an operation that wil surely fail.

    And because NPR uses javascript to decide what kind of stream to serve up, it's rather difficult to cut and paste a link directly into one of the audio streaming clients. I suppose you could uncheck the "open safe files automatically,", and control click the downloaded file, select "Open With RealOne Player" and enjoy the results, but that solution is rather complicated.

    NPR blames Apple for this. I'm sure that in the confusion, angry Safari users have jammed already strained technical support queues. So NPR does the only sensible thing-- it seeks petty revenge by dropping Quicktime.