Re:GPL'd code available only by request?
on
Phoenix BIOSOS?
·
· Score: 1
Nifty!
Has anyone done a diff on the code to see what changes they've applied to the standard libraries?
Actual annotated commits to version control would be much nicer, but if they aren't going to distribute that then I guess we could just look at their diff on the code.
Re:Just work on coreboot damnit!
on
Phoenix BIOSOS?
·
· Score: 2, Informative
There are a number of boards and chipsets that work with coreboot, but there are many more that do not.
My guess is that Phoenix is trying to jump on the it-runs-linux bandwagon, leverage a bit of the benefits of the kernel to make a shiny app, and not really contribute back to the FOSS community any more than they have to. I could be wrong here, and I'd be more than happy to have someone from Phoenix correct me, but that's what these new quick-to-boot environments sound like.
One possible benefit from this work is that Phoenix will probably need to release the underlying kernel code that they use to talk to all of the hardware. Even if they don't want to make all of their toys Free Software, if we can at least get enough information from the Phoenix kernel improvements to make coreboot talk to the hardware, then we're in pretty handy shape.
Here's a way to speed up your Firefox and make it MUCH MUCH faster.
Then why isn't it turned on by default?
Set "network.http.pipelining" to "true"
The page you linked to has this to say about that entry: "Note: Pipelining is not well-supported by some servers and proxies. Things may break -- use with caution."
So it might work, or it might break your interactive banking session online. I'd be wary of giving this to anyone who didn't already know how to poke at about:config.
Set "network.http.pipelining.maxrequests" to some number like 30. This means it will make 30 requests at once.
From the docs: network.http.pipelining.maxrequests (Integer) Determines the maximum number of HTTP requests in the pipeline (sent sequentially without waiting for a response). Values greater than 8 are assumed to be 8; values less than 1 are assumed to be 1. Default value is 4.
It looks like you'll get 8 requests, maximum, not 30.
Well, it's one better, isn't it? It's not ten. You see, most blokes, you know, will be browsing along at ten. You're on ten here, all the way up, all the way up, all the way up, you're on ten on your browser. And it's like the SPAM is just pouring in from everywhere around and there's no way out. Where can you go from there? Where?
I don't know.
Nowhere. Exactly. What we do is, if we need that extra boost of browser power, you know what we do?
Hence, sometimes people distinguish between animals and fish
Animals and fish? I don't think I've ever heard that split before. People often say things like "well at least we're not animals," or "humans can contemplate their existence, unlike animals," however I feel like that just stems from not having a precise term defining the set of all animals, minus humans.
Of course, even if we did have such a term, would it include homo sapiens sapiens and neanderthals? At what point would we be considered separate from the rest of the animal kingdom?
Getting back to the animals, we have several terms that can mean different things. For example a vegetarian might say "I don't eat meat," but in common parlance of lots of cookbooks (especially cookbooks over a decade or two old) you have meat, poultry, fish, game, and pork.
So-called pescetarians might eat plants + seafood, or just plants + fish. Wikipedia indicates that the word is a portmanteau of the Italian word pesce ("fish") + vegetarian; if a person eats things beyond just fish (e.g. crustaceans), should we use a different word?
"Omnivore" isn't much better, as I certainly don't eat everything. I can't even eat tomato plants and rhubarb leaves -- things that look remotely edible. But people generally understand each other, even if our words aren't as precisely specified as much people would like.
What if they guy had had a lipstick cam behind his ear? What if he just walked up to the techs while they were refilling the ATM and made smalltalk about how he used to refill ATMs as well? He could have gotten MUCH better snapshots and the techs would have been none the wiser.
If companies don't want people to see the innards of an ATM, then put up a curtain around them while you're refilling them. No, I'm serious. Walk into the place with a folded-up room divider and your boxes 'O cash, set up the divider around the ATM, and have one guy go inside and fill the machine while the other guy waits outside and watches everyone. Then you take down the divider and go back to the armored car. Simple.
That way if someone tries to take a picture of the ATM, it's really obvious that the techs are trying to keep it shielded and it's a lot easier for them to tell the person to stop and/or call the police on them.
Second, people who aren't law enforcement agents cannot generally stop or detain people. They may have a license to carry a handgun, and they may dress like a police officer, but they aren't empowered to act like an officer. If someone tries to talk to you or asks you to talk to them, politely refuse and walk away.
In this kind of situation, if a guy with a gun who is not a cop tells me that he wants to talk to me, I'd usually suggest walking away. Put down the purchases, hand them to a friend, ask the woman behind the counter to put them on hold for you, whatever. Just walk out of there.
The benefit of such a situation is that you get out of there, you clear your head, etc... and then you can go back and conduct your business later, hopefully when man-with-gun is gone. And if this armed person who is not a member of the law enforcement tries to detain you (an unarmed person walking away), then the cops, the court, the company, and the crowd around you (yes, I alliterated that for y'all) will probably be much more supportive of your actions.
Unless this guy with the camera was an active danger for them, then I don't see any reason for them to talk to him. The second the armed guys engage him they know that it will put him on the defensive, and considering the fact that there are two armed guys there, the power dynamic is going to get really bad, really quickly.
The only thing these guys should say is something like "please stand back from the ATM," "Please don't take pictures", etc... The only time they should engage with a civilian is when they are feeling actively threatened.
"The Loomis guys wanted me to give them my ID so they could write a report about me for their bosses...The REI security people that had been called in by now wanted the same thing.
Um...no?
Both Loomis and REI have lawyers. And my guess is that both teams of them are (correctly) telling every one of their employees involved in this incident to have a big slice of superglue pie. You can ask anyone for their ID, but only the police can make the request a requirement, and only in certain instances.
Would having the ID make life easier for the Loomis and REI employees? Sure. But so would having each store patron take off their clothes at the entrance to ensure that they aren't carrying-in weapons and aren't carrying-out shoplifted goods. I don't want to be subjected to either of these unreasonable privacy invasions by stores, so I won't patronize businesses that employ them.
Don't try to leave. I will tackle you.
The photographer didn't remove any cash or any other items. Had the Loomis guys tackled him, that would have probably been a threat of assault, followed by assault. Further, the guys are armed, which probably raises the penalty for both charges a few notches.
...let's make it the "Young hottie of the mountain"
Ah... I think I get the plan: Putting the Old Man of the Mountain back up ourselves wouldn't be natural, no siree, but if we install a Young Hottie of the Mountain, then the Old Man of the Mountain might *ahem* rise again.
In Afghanistan, where the Taliban destroyed centuries-old statues, they are rebuilding them in stone. So too should the majesty of the stone face be returned in stone form.
If someone had gone and blown up the Old Man then I would be gung-ho to rebuild it as it was, but the Old Man just let go of his own accord. He'd been up there for what -- a few thousand years? And we'd gone and given him a facelift with cables and such a couple of times already.
If the Old Man of the Mountain finally fell down, then perhaps he should stay down where he fell. I like the idea of working in stone, as it's durable to last for another thousand years -- maybe taking the stone that fell down and building something lower-down on the slope? Part of the draw of the whole thing was the natural aspect of it. Whatever is done, I hope that they try to work with nature rather than fighting against it every step of the way.
i have no need to be on wifi 250 feet from my house...
Not until the kids get a bit bigger. At that point you can put in two APs on different channels, slap a low-power device on their back and then triangulate their position as they run around the yard.
Heck, that would be one heck of a game -- you could give them a challenge of drawing a circle or a star or whatever -- even 3D shapes if you have a lot of nifty trees around. Eventually they'll get old enough and take off the device, but if they're old enough to discover/disable/hide it, then it's probably time to take it off them and trust them, anyhow.
Amen. I wish the open graphics project the best of luck -- imagine how much better our drivers could be if we had real documentation for our graphics hardware!
What's probably going to happen is that the second that the OGP starts to get a decent graphics card, some of the major vendors will start releasing documentation and/or much better Free Software drivers. And hopefully everyone will benefit.
"how can I forge bounce messages so that they think my email address is invalid?"
Yeah, nice trick. Except when I get those fake bounce message from an address I *know* is valid on some mailing list because my post happened to have adult language in it or mention the word mortgage, etc..
If you have a perfect SPAM filter, then go ahead and send fake bounce messages. But my attitude is that if I get a bounce message than that email address doesn't exist and I shouldn't route mail to it anymore. The standards aren't perfect, but forging messages isn't the right solution.
They then present that without explaining what prompted them to look there
In that situation I feel like the defense lawyer would cross examine the police as to why they searched for the stuff they found. If police can prove that they "would have found it anyway", that's one thing, but if their search for evidence has been tainted by inadmissible evidence, I feel like a judge might throw it all out.
Of course, this implies that the server has to operate on every element of the encrypted data to do its job...If you're willing to accept...the additional computational overhead, you can design such a system.
Where's Bruce? He has the right combination of math and cs theory to spout off some usefulness on this thread:-)
Anyhow, let's think about this plan:
Let's say we store n chunks of encrypted data on the server d_1, d_2,..., d_n. If they were PDFs, we could just store a corresponding text file for full text search on our local machine t_1,..., t_n, which could be much smaller. If space were at a premium, we could even store each t_i (encrypted) on the server as well, but in order to get to the text, we'd have to download them.
Now it sounds like someone is suggesting that if (and this is a big if) we know our search domain before we upload the data, we can encrypt a special search table T along with our data and upload that as a separate d_i on the remote machine.
For example, if we have 30 documents and know that the word "tenacious" appears in docs 2, 15, 18, along with the rest of the d_i we can create T: tenacious (2 15 18)
Then we encode each field separately to get: xxxxx yyyyy
Allowing us to use the same encoding on our local machine to search for "tenacious", which is encoded to "xxxxx", which we pass to the remote machine to look up in our table and return to us.
Of course, once we decode "yyyyy" and get (2 15 18), we're going to reveal information to an attacker that "xxxxx" and "yyyyy" relate to d_2, d_15, and d_18. We could randomly select a few more documents to pull down to disguise our search, but that only protects us if (1) we choose enough random data at the same time and (2) we never perform the same search twice. We could keep track (on the local machine) of what docs we request for a given search, but then we're storing data on the local machine, which we wanted to avoid.
Even putting these hurdles aside, this only works if you set up the search tables in advance. This might work well in practice if you basically store full text/directory structure locally. Then you can just search the local database and the only information you reveal is what d_i blocks you accessed and when.
But if you want to do other types of searching on the data, you'll have to download the entire dataset first because you don't trust the remote machine.
if GoogleArchive (or whatever) gets a subpoena, can they (be required to) surrender your whole legal strategy to the prosecution?
As far as I understand it, attorney-client privilege is stronger than doctor-client privilege -- in fact, I'm not sure if there IS a stronger commitment our laws have to privacy and confidentiality.
If a lawyer is a ridiculous n00b and uploads unencrypted data about a client to an online service, my guess is that even though he was an idiot for doing such a thing, the court would still recognize that as being protected client data and would rule it inadmissible. I mean, it might show up as front page material if it leaks, but theoretically the court wouldn't take that information into consideration.
probably rather easy to move to.pdf (which I'd say would be the higher priority)
If all you have is images or hard copies of documents, then scan them to PDF, but if you have text files, I'd suggest storing both PDFs (to retain the precise markup) as well as text/wordperfect/OOo/whatever. It's difficult to do PDF editing and/or full-text searching across lots of docs (although I hear that FOSS tools to do both are getting better).
Software patents are WRONG, and so I'm on Microsoft's side
While I agree that the Supreme Court should run software patents through with a sword and throw them down their elliptical staircase, it's worth noting that the patent Microsoft was found guilty of infringing is used in Uniloc's "SoftAnchor, which provides copy protection for software and games to prevent the creation, distribution and use of unauthorized copies."
So Microsoft was found guilty of infringing a software patent on a DRM system.
I'm not sure whether I'm happier about the fact that Microsoft lost a court case for implementing DRM or the thought of Microsoft gearing up to use their own legal department to invalidate a software patent. It seems almost surreal...
...it actually makes the most sense to have Apple people working on this...Who else would have the best understanding of what solutions do manage to work around the patent in question than Apple people who would understand what Apple would or would not do in response?
I don't know the exact details of this situation, but presumably the W3C created a draft standard that they liked, using technology that was understood and considered appropriate for this task. Ideally, we wouldn't have to deal with Apple's patent and could just use the standard as is.
Having people sit out makes sense where there is a conflict of interest. But there is no conflict of interest on Apple's part in wanting the eventual standard to not conflict with Apple's patents. There is no monetary gain to be had from Apple in having a solution worked up that successfully works around Apple's patent.
The W3C's goal in this process is to publish a standard without patent encumbrances. There are several avenues for them to take with this, including getting prior art and seeking to invalidate Apple's patent completely. I don't think that a company that refuses to grant royalty-free terms on a patent will have any interest in seeing that patent invalidated, so as a result I don't see a way for Apple employees to remain impartial while having a vote on this advisory committee.
While I believe that it's in the best interests of all parties for Apple to be available for discussion, it's clear that Apple wants to retain this patent and therefore should have its employees recuse themselves.
Having Apple not sit in would only be retribution, not a choice made from thinking about the issue in practical terms.
Personally, I think that software patents are just a flat-out bad idea, so while I appreciate the manner in which Apple refused to license the patent, I'm not feeling much love for them either. If a company or person possesses a software patent which is hindering the creation of open standards then I am doubly at odds as to why they should be indulged.
Could employees of Apple help the W3C to draft a standard that does not infringe on Apple's patents? Of course they could! But what will we get out of that process? Would Apple's employees cripple the spec to ensure that it didn't violate any of Apple's patents? Would the employees, in the process of drafting the spec, purposefully leave out interesting mechanisms so that they could later be patented by Apple?
Yes, Apple's in the doghouse on this one. By leveraging one software patent here they've basically said that they're only committed to the creation of open standards to an extent. Standardize your widgets all you like, but if you want to auto-update them then you have to pay Apple.
The whole idea behind standards is that they're...well.. standard. People can use them to ensure interoperability. My app and your app and that server and that cellphone browser can all talk the same language. If Apple is cordoning-off a little piece of tech and making it impossible for the W3C to put technology into a open standard then they are necrotizing that technology -- making it essentially dead for everyone using open standards. We don't need lumps of dead technology littering our possibilities -- we need companies to breathe life into standards instead.
According to the Patent Advisory Group they've formed to deal with this hurdle, the PAG membership includes "Advisory Committee Representatives of each Member participating in the Web Applications Working Group".
Slashdot Mirror
Nifty!
Has anyone done a diff on the code to see what changes they've applied to the standard libraries?
Actual annotated commits to version control would be much nicer, but if they aren't going to distribute that then I guess we could just look at their diff on the code.
There are a number of boards and chipsets that work with coreboot, but there are many more that do not.
My guess is that Phoenix is trying to jump on the it-runs-linux bandwagon, leverage a bit of the benefits of the kernel to make a shiny app, and not really contribute back to the FOSS community any more than they have to. I could be wrong here, and I'd be more than happy to have someone from Phoenix correct me, but that's what these new quick-to-boot environments sound like.
One possible benefit from this work is that Phoenix will probably need to release the underlying kernel code that they use to talk to all of the hardware. Even if they don't want to make all of their toys Free Software, if we can at least get enough information from the Phoenix kernel improvements to make coreboot talk to the hardware, then we're in pretty handy shape.
Here's a way to speed up your Firefox and make it MUCH MUCH faster.
Then why isn't it turned on by default?
Set "network.http.pipelining" to "true"
The page you linked to has this to say about that entry:
"Note: Pipelining is not well-supported by some servers and proxies. Things may break -- use with caution."
So it might work, or it might break your interactive banking session online. I'd be wary of giving this to anyone who didn't already know how to poke at about:config.
Set "network.http.pipelining.maxrequests" to some number like 30. This means it will make 30 requests at once.
From the docs:
network.http.pipelining.maxrequests (Integer)
Determines the maximum number of HTTP requests in the pipeline (sent sequentially without waiting for a response). Values greater than 8 are assumed to be 8; values less than 1 are assumed to be 1. Default value is 4.
It looks like you'll get 8 requests, maximum, not 30.
My Firefox does 11 times more work than Chrome.
Oh, I see. And most browsers go up to ten?
Exactly.
Does that mean it's better? Is it any better?
Well, it's one better, isn't it? It's not ten. You see, most blokes, you know, will be browsing along at ten. You're on ten here, all the way up, all the way up, all the way up, you're on ten on your browser. And it's like the SPAM is just pouring in from everywhere around and there's no way out. Where can you go from there? Where?
I don't know.
Nowhere. Exactly. What we do is, if we need that extra boost of browser power, you know what we do?
Put it up to eleven.
Eleven. Exactly. One step better.
Hence, sometimes people distinguish between animals and fish
Animals and fish? I don't think I've ever heard that split before. People often say things like "well at least we're not animals," or "humans can contemplate their existence, unlike animals," however I feel like that just stems from not having a precise term defining the set of all animals, minus humans.
Of course, even if we did have such a term, would it include homo sapiens sapiens and neanderthals? At what point would we be considered separate from the rest of the animal kingdom?
Getting back to the animals, we have several terms that can mean different things. For example a vegetarian might say "I don't eat meat," but in common parlance of lots of cookbooks (especially cookbooks over a decade or two old) you have meat, poultry, fish, game, and pork.
So-called pescetarians might eat plants + seafood, or just plants + fish. Wikipedia indicates that the word is a portmanteau of the Italian word pesce ("fish") + vegetarian; if a person eats things beyond just fish (e.g. crustaceans), should we use a different word?
"Omnivore" isn't much better, as I certainly don't eat everything. I can't even eat tomato plants and rhubarb leaves -- things that look remotely edible. But people generally understand each other, even if our words aren't as precisely specified as much people would like.
arrested for taking a photo of an ATM being serviced
But why would he get arrested for just taking a photo? Was the ATM underage?
...people are going to see.
That's pretty much a "No duh!" situation there.
What if they guy had had a lipstick cam behind his ear? What if he just walked up to the techs while they were refilling the ATM and made smalltalk about how he used to refill ATMs as well? He could have gotten MUCH better snapshots and the techs would have been none the wiser.
If companies don't want people to see the innards of an ATM, then put up a curtain around them while you're refilling them. No, I'm serious. Walk into the place with a folded-up room divider and your boxes 'O cash, set up the divider around the ATM, and have one guy go inside and fill the machine while the other guy waits outside and watches everyone. Then you take down the divider and go back to the armored car. Simple.
That way if someone tries to take a picture of the ATM, it's really obvious that the techs are trying to keep it shielded and it's a lot easier for them to tell the person to stop and/or call the police on them.
Second, people who aren't law enforcement agents cannot generally stop or detain people. They may have a license to carry a handgun, and they may dress like a police officer, but they aren't empowered to act like an officer. If someone tries to talk to you or asks you to talk to them, politely refuse and walk away.
In this kind of situation, if a guy with a gun who is not a cop tells me that he wants to talk to me, I'd usually suggest walking away. Put down the purchases, hand them to a friend, ask the woman behind the counter to put them on hold for you, whatever. Just walk out of there.
The benefit of such a situation is that you get out of there, you clear your head, etc... and then you can go back and conduct your business later, hopefully when man-with-gun is gone. And if this armed person who is not a member of the law enforcement tries to detain you (an unarmed person walking away), then the cops, the court, the company, and the crowd around you (yes, I alliterated that for y'all) will probably be much more supportive of your actions.
Unless this guy with the camera was an active danger for them, then I don't see any reason for them to talk to him. The second the armed guys engage him they know that it will put him on the defensive, and considering the fact that there are two armed guys there, the power dynamic is going to get really bad, really quickly.
The only thing these guys should say is something like "please stand back from the ATM," "Please don't take pictures", etc... The only time they should engage with a civilian is when they are feeling actively threatened.
"The Loomis guys wanted me to give them my ID so they could write a report about me for their bosses...The REI security people that had been called in by now wanted the same thing.
Um...no?
Both Loomis and REI have lawyers. And my guess is that both teams of them are (correctly) telling every one of their employees involved in this incident to have a big slice of superglue pie. You can ask anyone for their ID, but only the police can make the request a requirement, and only in certain instances.
Would having the ID make life easier for the Loomis and REI employees? Sure. But so would having each store patron take off their clothes at the entrance to ensure that they aren't carrying-in weapons and aren't carrying-out shoplifted goods. I don't want to be subjected to either of these unreasonable privacy invasions by stores, so I won't patronize businesses that employ them.
Don't try to leave. I will tackle you.
The photographer didn't remove any cash or any other items. Had the Loomis guys tackled him, that would have probably been a threat of assault, followed by assault. Further, the guys are armed, which probably raises the penalty for both charges a few notches.
...let's make it the "Young hottie of the mountain"
Ah... I think I get the plan: Putting the Old Man of the Mountain back up ourselves wouldn't be natural, no siree, but if we install a Young Hottie of the Mountain, then the Old Man of the Mountain might *ahem* rise again.
In Afghanistan, where the Taliban destroyed centuries-old statues, they are rebuilding them in stone. So too should the majesty of the stone face be returned in stone form.
If someone had gone and blown up the Old Man then I would be gung-ho to rebuild it as it was, but the Old Man just let go of his own accord. He'd been up there for what -- a few thousand years? And we'd gone and given him a facelift with cables and such a couple of times already.
If the Old Man of the Mountain finally fell down, then perhaps he should stay down where he fell. I like the idea of working in stone, as it's durable to last for another thousand years -- maybe taking the stone that fell down and building something lower-down on the slope? Part of the draw of the whole thing was the natural aspect of it. Whatever is done, I hope that they try to work with nature rather than fighting against it every step of the way.
http://wiki.services.openoffice.org.nyud.net/wiki/Renaissance/Design_Proposals_for_%E2%80%9CAccessing_Functionality%E2%80%9D
http://wiki.services.openoffice.org.nyud.net/wiki/Proposal_by_Jaron_Baron
http://wiki.services.openoffice.org.nyud.net/wiki/Proposal_by_Constantin_B%C3%BCrgi
http://wiki.services.openoffice.org.nyud.net/wiki/Proposal_by_Johannes_Eva
http://wiki.services.openoffice.org.nyud.net/wiki/Proposal_by_Miroslav_Mazel
http://wiki.services.openoffice.org.nyud.net/wiki/Proposal_by_J%C3%B6rg_Sievers
http://wiki.services.openoffice.org.nyud.net/wiki/Proposal_by_Knoxy
http://wiki.services.openoffice.org.nyud.net/wiki/Proposal_by_Michel_Renon
http://wiki.services.openoffice.org.nyud.net/wiki/Proposal_by_J%C3%B6rg_Wartenberg
http://wiki.services.openoffice.org.nyud.net/wiki/Proposal_by_Rodrigo_Carvalho
http://wiki.services.openoffice.org.nyud.net/wiki/Proposal_by_Frank_Loehmann
http://wiki.services.openoffice.org.nyud.net/wiki/Proposal_by_Loehmann_Jansen
http://wiki.services.openoffice.org.nyud.net/wiki/Proposal_by_Cinly_Ooi
i have no need to be on wifi 250 feet from my house...
Not until the kids get a bit bigger. At that point you can put in two APs on different channels, slap a low-power device on their back and then triangulate their position as they run around the yard.
Heck, that would be one heck of a game -- you could give them a challenge of drawing a circle or a star or whatever -- even 3D shapes if you have a lot of nifty trees around. Eventually they'll get old enough and take off the device, but if they're old enough to discover/disable/hide it, then it's probably time to take it off them and trust them, anyhow.
You think your Commodore 64 is really neato
What kinda chip you got in there...
n is sort of a garbage band, with microwave ovens and so on
For some reason I'm imagining "Garbage Band" as something that Psystar would bundle with their hackintoshes.
One Chinese biotech company, Beike, is now building a 21,500 square foot stem cell storage facility
Amen. I wish the open graphics project the best of luck -- imagine how much better our drivers could be if we had real documentation for our graphics hardware!
What's probably going to happen is that the second that the OGP starts to get a decent graphics card, some of the major vendors will start releasing documentation and/or much better Free Software drivers. And hopefully everyone will benefit.
"how can I forge bounce messages so that they think my email address is invalid?"
Yeah, nice trick. Except when I get those fake bounce message from an address I *know* is valid on some mailing list because my post happened to have adult language in it or mention the word mortgage, etc..
If you have a perfect SPAM filter, then go ahead and send fake bounce messages. But my attitude is that if I get a bounce message than that email address doesn't exist and I shouldn't route mail to it anymore. The standards aren't perfect, but forging messages isn't the right solution.
I suggest creating a facebook group and tying a coloured ribbon around the antennae of your car. This is what we do in Canada.
I dunno -- pirates with colored ribbons? I don't think it'll catch on very well.
I'd suggest that you tie an appropriate flag on there instead.
They then present that without explaining what prompted them to look there
In that situation I feel like the defense lawyer would cross examine the police as to why they searched for the stuff they found. If police can prove that they "would have found it anyway", that's one thing, but if their search for evidence has been tainted by inadmissible evidence, I feel like a judge might throw it all out.
Of course, this implies that the server has to operate on every element of the encrypted data to do its job...If you're willing to accept...the additional computational overhead, you can design such a system.
Where's Bruce? He has the right combination of math and cs theory to spout off some usefulness on this thread :-)
Anyhow, let's think about this plan:
Let's say we store n chunks of encrypted data on the server d_1, d_2, ..., d_n. If they were PDFs, we could just store a corresponding text file for full text search on our local machine t_1, ..., t_n, which could be much smaller. If space were at a premium, we could even store each t_i (encrypted) on the server as well, but in order to get to the text, we'd have to download them.
Now it sounds like someone is suggesting that if (and this is a big if) we know our search domain before we upload the data, we can encrypt a special search table T along with our data and upload that as a separate d_i on the remote machine.
For example, if we have 30 documents and know that the word "tenacious" appears in docs 2, 15, 18, along with the rest of the d_i we can create T:
tenacious (2 15 18)
Then we encode each field separately to get:
xxxxx yyyyy
Allowing us to use the same encoding on our local machine to search for "tenacious", which is encoded to "xxxxx", which we pass to the remote machine to look up in our table and return to us.
Of course, once we decode "yyyyy" and get (2 15 18), we're going to reveal information to an attacker that "xxxxx" and "yyyyy" relate to d_2, d_15, and d_18. We could randomly select a few more documents to pull down to disguise our search, but that only protects us if (1) we choose enough random data at the same time and (2) we never perform the same search twice. We could keep track (on the local machine) of what docs we request for a given search, but then we're storing data on the local machine, which we wanted to avoid.
Even putting these hurdles aside, this only works if you set up the search tables in advance. This might work well in practice if you basically store full text/directory structure locally. Then you can just search the local database and the only information you reveal is what d_i blocks you accessed and when.
But if you want to do other types of searching on the data, you'll have to download the entire dataset first because you don't trust the remote machine.
Because there are sharp sawblades, knives, chisels, and all kinds of other genital-unfriendlies in the Tool Department!
if GoogleArchive (or whatever) gets a subpoena, can they (be required to) surrender your whole legal strategy to the prosecution?
As far as I understand it, attorney-client privilege is stronger than doctor-client privilege -- in fact, I'm not sure if there IS a stronger commitment our laws have to privacy and confidentiality.
If a lawyer is a ridiculous n00b and uploads unencrypted data about a client to an online service, my guess is that even though he was an idiot for doing such a thing, the court would still recognize that as being protected client data and would rule it inadmissible. I mean, it might show up as front page material if it leaks, but theoretically the court wouldn't take that information into consideration.
probably rather easy to move to .pdf (which I'd say would be the higher priority)
If all you have is images or hard copies of documents, then scan them to PDF, but if you have text files, I'd suggest storing both PDFs (to retain the precise markup) as well as text/wordperfect/OOo/whatever. It's difficult to do PDF editing and/or full-text searching across lots of docs (although I hear that FOSS tools to do both are getting better).
While I agree that the Supreme Court should run software patents through with a sword and throw them down their elliptical staircase, it's worth noting that the patent Microsoft was found guilty of infringing is used in Uniloc's "SoftAnchor, which provides copy protection for software and games to prevent the creation, distribution and use of unauthorized copies."
So Microsoft was found guilty of infringing a software patent on a DRM system.
I'm not sure whether I'm happier about the fact that Microsoft lost a court case for implementing DRM or the thought of Microsoft gearing up to use their own legal department to invalidate a software patent. It seems almost surreal...
...it actually makes the most sense to have Apple people working on this...Who else would have the best understanding of what solutions do manage to work around the patent in question than Apple people who would understand what Apple would or would not do in response?
I don't know the exact details of this situation, but presumably the W3C created a draft standard that they liked, using technology that was understood and considered appropriate for this task. Ideally, we wouldn't have to deal with Apple's patent and could just use the standard as is.
Having people sit out makes sense where there is a conflict of interest. But there is no conflict of interest on Apple's part in wanting the eventual standard to not conflict with Apple's patents. There is no monetary gain to be had from Apple in having a solution worked up that successfully works around Apple's patent.
The W3C's goal in this process is to publish a standard without patent encumbrances. There are several avenues for them to take with this, including getting prior art and seeking to invalidate Apple's patent completely. I don't think that a company that refuses to grant royalty-free terms on a patent will have any interest in seeing that patent invalidated, so as a result I don't see a way for Apple employees to remain impartial while having a vote on this advisory committee.
While I believe that it's in the best interests of all parties for Apple to be available for discussion, it's clear that Apple wants to retain this patent and therefore should have its employees recuse themselves.
Having Apple not sit in would only be retribution, not a choice made from thinking about the issue in practical terms.
Personally, I think that software patents are just a flat-out bad idea, so while I appreciate the manner in which Apple refused to license the patent, I'm not feeling much love for them either. If a company or person possesses a software patent which is hindering the creation of open standards then I am doubly at odds as to why they should be indulged.
Could employees of Apple help the W3C to draft a standard that does not infringe on Apple's patents? Of course they could! But what will we get out of that process? Would Apple's employees cripple the spec to ensure that it didn't violate any of Apple's patents? Would the employees, in the process of drafting the spec, purposefully leave out interesting mechanisms so that they could later be patented by Apple?
Yes, Apple's in the doghouse on this one. By leveraging one software patent here they've basically said that they're only committed to the creation of open standards to an extent. Standardize your widgets all you like, but if you want to auto-update them then you have to pay Apple.
The whole idea behind standards is that they're...well.. standard. People can use them to ensure interoperability. My app and your app and that server and that cellphone browser can all talk the same language. If Apple is cordoning-off a little piece of tech and making it impossible for the W3C to put technology into a open standard then they are necrotizing that technology -- making it essentially dead for everyone using open standards. We don't need lumps of dead technology littering our possibilities -- we need companies to breathe life into standards instead.
No!
(I can't find a good video of the context there -- this one has a bit more)
According to the Patent Advisory Group they've formed to deal with this hurdle, the PAG membership includes "Advisory Committee Representatives of each Member participating in the Web Applications Working Group".
Of course, the Web Applications Working Group includes: "Apple, Inc. (4 representatives)".
Isn't it kind of a conflict of interest for Apple to be sitting on the committee that has the purview to:
?