> Collection is not actually part of the sorting problem.
Well, you can define the sorting problem however you like, but to me it means taking an array (or better, list) and returning an array (or list) with the sorted result. If I'm allowed to arrange the results anyhow I like, then I can do all sorts of crazy things... sort in constant time by using some lazy data structure (that actually does the sorting when I ask it to enumerate elements) or "sorting" in zero time by "writing" (discarding) the elements into write-only memory. It's important that all the sorting algorithms have the same interface (ie, meet the same specification), otherwise, how can we compare them? Maybe instead I should have said, "this is not a complete sorting algorithm."
I notice some ghosting when I play Quake 3 on my LCD (Viewsonic VP191 or something), but it's still a generally much nicer experience than my CRT was. I would say another big problem with gaming is that you usually need to use an LCD at its native resolution in order for it to look good, and that can be a problem if you want to run at a lower resolution to handle fancier games.
There are many implementations of quicksort-like sorts, but when done well, quicksort is pretty damn fast. For instance, if you're measuring against a version that doesn't special case arrays of size 3, 4, and maybe even bigger, then it will run many times slower than a tuned version. You won't be able to beat quicksort (with proper pivot-picking) asymptotically, so there won't be any ground-breaking result here, but it's probably possible to beat its constant factors (which may be practically useful)... and there are probably many people here who'd be willing to look at the algorithm if you posted it.
> The easy way to show that faster sorts exist is to demonstrate absurd limit case of a tradeoff of space for speed. Consider > you have an unlimited amount of memory available for your sort results, and that you are sorting a finite number of keys N > for which a mapping M(n) exists to the positive integers. Then, since there can be at most N duplicates of any given key, > scanning the data once and placing each key n(i) in memory address N*M(n(i))+i sorts all the data. This is O(N), and pretty > much optimal.
This isn't in O(N) unless your mapping meets certain criteria. Though your data will be "sorted", they will be spaced out in memory with large gaps between them -- gaps that you'd need to traverse to actually collect the result. In this case your algorithm is in O( N*(max(M(n(i)))-min(M(n(i)))) ). This is pretty good when the mapping is a small range (say, playing cards), but poor when the mapping could be large (say, strings).
In the abstract, it's not possible to sort data that only have a binary comparison operator (say, the real numbers) with fewer than n*log n comparisons.
> You need some sort of firewall that doesn't respond to SYN requests on closed ports.
That won't help either -- to the zombie scanner, your closed ports that don't respond and your closed ports that respond with a Reset will look exactly the same. Not responding to SYNs on closed ports probably doesn't do you much good in general unless you don't have any ports listening (then you will be invisible) or if you just want to be annoying to a port scanner (it will have to wait for timeouts for SYN/ACK).
Uh, the article you point us to says that Linux 2.4 is not vulnerable to this because it uses peer-specific IPID values. (It also zeros the IPID field when DF=1). Is that not true?
Well, I had been listening to Gulf Stream (and also their split 7" with Built To Spill, which is how I found out about them) along with watching the show.. I just hadn't known that the two were related.;)
I don't think this is true. What the classic Mac OSes called virtual memory wasn't really virtual memory like what I'm talking about. Yes, they had a menu item where you could make disk space into "virtual memory" (I'm not sure what this did, really), but processes still had one unified address space. (Why else did we have to set the amount of memory we wanted to allocate to each program?) It's not like they were using the MMU of the processor and actually doing virtual memory, but just had the protections turned off -- they were doing a software simulation of some aspects of VM (like they simulated multitasking, for instance). It wasn't really VM.
Yes, I live in the US. Do you have any examples? I'm claiming that this scenario would surely require more than just a misunderstanding of technology, but also a serious misunderstanding of the DMCA.
In any case, the fact that technology is misunderstood in the courts is all the more reason to avoid being alarmist and confusing in how we (as people who DO understand technology) portray the DMCA. Do you think it helps anyone's understanding of technology for Cox to be claiming that sercurity holes have something to do technological measures for controlling access to copyrighted works?
I don't really see what's immoral about this. Presumably you're talking about a local e-mail that the CEO did in fact send and that the employee didn't yet read. Why is it wrong to delete it? If he had, in the heat of the moment, placed a whoopee cushion on some employee's seat, and then changed his mind later, would it be immoral to take that off his seat?
He wasn't asking you to read anyone else's mail, nor falsify information.. he just wanted to retract communication that he sent! What's the big deal?
I think you'll probably find some interesting things about the "theory of programming" in theory-oriented programming language texts and papers. Benjamin Pierce has a good new book, for instance:
I did read the ruling. I have been following these cases closely, partly just out of general interest and partly because of my own legal troubles (here) with the DMCA.
Where do you read that providing "useful" information on how to circumvent technological measures was found to be illegal? It's possible that a judge could find this to be contributory infringement (under a different section of copyright code) but not the DMCA. It's just not in there.
> Sure, he was prosecuted for trafficking in a circumvention device. > And, I suppose 2600 was prosecuted for illegally copying DVDs, right?
2600 was prosecuted for trafficking in a circumvention device, as well. (??)
You have a misunderstanding of the DMCA and the cases you mention (Sklyarov, DeCSS). In particular, the idea of whether something is "useful" for gaining access to a copyrighted work is irrelevant as far as the DMCA is concerned. The only thing banned is devices primarily designed for circumvention.
The DeCSS code was enjoined because, though it was held that code is indeed speech, it was not PROTECTED speech because it was also a "device" whose primary purpose was to circumvent CSS. I don't agree with this ruling, but that was what happened. It had nothing to do with how "useful" the source code was compared to the english descriptions.
Sklyarov was not indicted for giving a lecture about how eBook "encryption" worked, he was charged with trafficking in a circumvention device for profit. (A criminal offense under the DMCA!)
There is no way that a vague english description of a security flaw in a changelog constitutes a device, much less a device whose primary purpose is to circumvent a technological measure used to protect a copyrighted work. Where's the technological measure? (Read the definition in the DMCA) Where's the copyrighted work? How is a paragraph of english a device??
If we can find a way to educate people about what the DMCA really bans and why DeCSS and Sklyarov's software were found to be illegal, that's great. If we can find a way to be an annoyance to those who bought and use the DMCA, that's ok too. But this stunt is just immature, and only an annoyance to people who already agree with Cox (ie, linux users). In my opinion, all of his posturing is just lowering the level of discussion (and understanding) and will ultimately hurt our cause.
First, both of your situations are hypothetical. Neither is actually the case.
Second, we need to talk about "circumvention devices", not circumvention. Of course a description of a bug is not actual circumvention. In fact, it's not a circumvention device either. No court has ever banned a textual description of how to circumvent technological measures, nor (I hope) will they ever. Such descriptions are protected by the constitution, unless they are also simultaneously executable (in the sense of DeCSS source -- too bad). Don't forget, also, that the primary purpose of the "device" must be to circumvent, so a patch that fixes a security hole certainly wouldn't qualify, even if (and I stress if, since usually exploiting a bug is much harder than finding it) the patch contained enough information to develop an exploit.
In the case that we were talking about a bug in DRM technology like Palladium, there might be more to worry about (I contend that a description of what a security patch fixes would obviously be in the clear, nonetheless). However, there's no technological measure involved in this case, no device, no copyrighted material (??) and therefore, no DMCA.
If it was presented to a judge that Mr. Joe Nobody wrote a changelog entry defining file xyzzy.c that has hole 'a' in it which causes this issue... and Mr. Jack Cracka makes a program based on that info, and Master Script Kiddie then uses that program to take down a server for some company, it could be construed that Mr. Nobody's original document allowed for circumvention of system security and therefore was in violation of the DMCA. See?
No, I don't see. You should really read the DMCA (http://www4.law.cornell.edu/uscode/17/1201.html)! It doesn't outlaw hacking, or taking down servers (computer crime laws do, though) nor does it outlaw providing information to someone about how to hack. The only thing it outlaws is circumvention of protection measures that control access to a copyrighted work, and the trafficking in devices primarily designed for such circumvention. Read the definition of technological measure, circumvention, and circumvention device in 17 USC 1201, and then tell me how taking down someone's server could possibly be such a violation. Even if by some stretch you can fit that into the law, certainly it is even more of a stretch to imagine that the changelog is a "device" that is "primarily designed" for circumvention.
Without proper understanding... a trial can go to hell quickly, without proper cause.
Yes, indeed!
But mistrials aside, I don't see how this issue could ever be a realistic DMCA case.
> To the retard politicians, they aren't gonna get it unless people start to complain about how they can't get security fixes > because they violate the DMCA. Only when it starts to hurt a huge number of people or a bunch of biger businesses will they > care. It takes extreme (sarcastic) measures like this to get normal people, who don't pay attention to this stuff, to care.
Sure, but this is really senseless when the DMCA doesn't have anything to say about security releases. It's like if someone at a fast food restaurant refuses to serve you french fries until marijuana is legalized. Sure, maybe this will upset a bunch of people, but will it really convince politicians to legalize marijuana?
The case you mention was about a professor (Felten) intending to publish a report on an SDMI watermarking technology in which he essentially breaks the system. (This of course was in response to the SDMI challenge!) He received threats, some of which were about the DMCA, from the RIAA, SDMI, and some other company. They never carried through to sue him (eventually they stated that they had never intended to), and in any case probably would have not gotten very far in court because his paper could hardly be considered a "circumvention device". (Not to mention that the DMCA has some exceptional clauses for security researchers.) Nonetheless, it would be fair to say that the DMCA was used as a weapon to try to chill his free speech rights, and it was somewhat effective.
However, even assuming that this had some possibility of being illegal, it's still in a totally different league from a redhat security advisory: it was highly technical (essentially containing instructions on how to defeat the protection), and actually concerned protection measures for copyrighted content. The kernel changelog was neither technical nor did it have to do with protection measures nor was it related to copyrighted content.
This is really stupid and childish. I'll be the first to condemn the DMCA (after my own legal troubles with it), but this is not the way to go about it.
Someone correct me if I'm wrong (I'm not a lawyer though I have studied the DMCA and lawsuits based on it carefully), but the DMCA absolutely does not ban security information. The only related things that it addresses are circumvention (of protection technology in order to access a copyrighted work) and trafficking in circumvention devices. Security information (especially in the form of a vague changelog) is absolutely not either of those. By no stretch of the imagination can I figure out how it's supposed to be a violation of the DMCA.
What's really going on here? Someone (Alan Cox) is trying to make a point about the control that the DMCA gives to copyright holders. He's placed a piece of his copyrighted information that some people want (text of the kernel changelog) behind a click-through license that says you can't access it if you're from the USA. In my opinion this has fuck-all to do with the DMCA (because there is no "technological measure" to circumvent -- please read the definition of technological measure in the DMCA if you disagree with me), just click-through licenses, but, whatever. Then Red Hat decides, well, we can't copy that information because the copyright holder has told us we can't. Assuming that such click-through licenses are legal in the first place, of course, RH would be entirely within its rights for a non-US-citizen to license the document and then summarize it for Red Hat. Either they are too lazy for this, don't understand the issues involved, or are perpetuating this same bizarre notion that the DMCA makes every single thing you'd want to do illegal.
The DMCA only has to do with copyright, and only as far as circumventing technological measures that protect copyrighted material. The court enjoined DeCSS because it found it to be a circumvention device (they did NOT enjoin english descriptions of the algorithm, and especially not security notices about CSS being weak!). I don't agree with the decision, but at least it makes sense in terms of the law. (I also don't agree with the law!!)
The important point I'm trying to make is that to fight dumb laws like the DMCA, we need to understand what they really say and what the actual implications are. There's a tendency for hackers to use logical deduction ("If DeCSS is illegal because it can be used to break DVDs, then hammers must be illegal because they can be used to smash open store windows!") in order to decide the implications of a law. THIS IS NOT HOW COURTS WORK! Law is much more squishy than that. Making these sorts of alarmist claims, as if the DMCA outlaws everything that we'd ever want to do, hurts our cause by spreading misinformation. Instead, we should be educating people about what the DMCA actually addresses (ie, "Did you know it would be illegal for you to create MP3s from SACDs that you bought?" or "Did you know that it's illegal to buy mod chips for your Playstation so that you can play imported games that you also legally purchased?" or "Did you know that it's illegal to use your screen-reader software with the eBook that you legally bought?"). That's how we can convince people that the law is wrong.
Windows 95 absolutely does have virtual memory. (Are you thinking of Mac OS 9??) It's true that it crashed a lot, and that's because the protections afforded by a real OS were not in '95 (it was easy to turn off virtual memory protections and trample on the address space of another process). But each process definitely had its own virtual address space, and most of the things that a real OS does (page table, TLB, paging to disk, etc.) were in 95. I don't know what this business is about not having to page out all the memory -- I never saw the 95 source code but it probably does what any other real OS does: set the page table to the one of the process and flush the TLB.
It's a totally trivial back-of-the-envelope calculation to deduce how many cycles it takes to find the key for an encrypted message by brute force (the way that distributed.net does it). Why do we need to corroborate that statistic via one very expensive sample?
The government does not need a lesson on the value of strong encryption: these figures are easy to work out, and in any case the NSA already has supercomputers that they use (presumably) to do the same thing. (Except, they likely have better technology than brute force for some ciphers...)
Distributed.net is not about "breaking" encryption. The ONLY thing we learn from it is the encryption key. The key was generated by the contest organizers, and if they wanted, they could have just saved it and we'd be one bajillion cycles richer.
I think it's much more interesting to put my cycles towards something where the answer isn't known! The various folding@home, aids@home, etc. efforts are tantalizing, though it's not clear that they will ever have actual results. Personally, I'm using GIMPS (primenet), which searches for very large prime numbers. (If you want to float your encryption boat, you could recall that asymmetric encryption often uses large prime numbers, though these primes would be totally useless for that.) This is the distributed computing program I know of that has had the most tangible results: three of the world's largest known primes were found by it. (It's also one of the oldest... I joined about 7 years ago.)
This is true for Fight AIDS @ home, but not (as far as I know) for GIMPS. I've been running GIMPS for about 7 years now and have never seen it do any non-mersenne work. I also don't see anything about that on the GIMPS home page.
Unlike distributed.net, they're computing something new (distributed.net searches for decryption keys to a message whose contents is known!), and unlike SETI@home, they've had actual results: three of the largest prime numbers known to man were found through Primenet.
Slashdot Mirror
> Collection is not actually part of the sorting problem.
... sort in constant time by using some lazy data structure (that actually does the sorting when I ask it to enumerate elements) or "sorting" in zero time by "writing" (discarding) the elements into write-only memory. It's important that all the sorting algorithms have the same interface (ie, meet the same specification), otherwise, how can we compare them? Maybe instead I should have said, "this is not a complete sorting algorithm."
Well, you can define the sorting problem however you like, but to me it means taking an array (or better, list) and returning an array (or list) with the sorted result. If I'm allowed to arrange the results anyhow I like, then I can do all sorts of crazy things
Yes, I am the fonts guy. Thanks!
I notice some ghosting when I play Quake 3 on my LCD (Viewsonic VP191 or something), but it's still a generally much nicer experience than my CRT was. I would say another big problem with gaming is that you usually need to use an LCD at its native resolution in order for it to look good, and that can be a problem if you want to run at a lower resolution to handle fancier games.
Post your algorithm, then!
There are many implementations of quicksort-like sorts, but when done well, quicksort is pretty damn fast. For instance, if you're measuring against a version that doesn't special case arrays of size 3, 4, and maybe even bigger, then it will run many times slower than a tuned version. You won't be able to beat quicksort (with proper pivot-picking) asymptotically, so there won't be any ground-breaking result here, but it's probably possible to beat its constant factors (which may be practically useful)... and there are probably many people here who'd be willing to look at the algorithm if you posted it.
> The easy way to show that faster sorts exist is to demonstrate absurd limit case of a tradeoff of space for speed. Consider
> you have an unlimited amount of memory available for your sort results, and that you are sorting a finite number of keys N
> for which a mapping M(n) exists to the positive integers. Then, since there can be at most N duplicates of any given key,
> scanning the data once and placing each key n(i) in memory address N*M(n(i))+i sorts all the data. This is O(N), and pretty
> much optimal.
This isn't in O(N) unless your mapping meets certain criteria. Though your data will be "sorted", they will be spaced out in memory with large gaps between them -- gaps that you'd need to traverse to actually collect the result. In this case your algorithm is in O( N*(max(M(n(i)))-min(M(n(i)))) ). This is pretty good when the mapping is a small range (say, playing cards), but poor when the mapping could be large (say, strings).
In the abstract, it's not possible to sort data that only have a binary comparison operator (say, the real numbers) with fewer than n*log n comparisons.
> You need some sort of firewall that doesn't respond to SYN requests on closed ports.
That won't help either -- to the zombie scanner, your closed ports that don't respond and your closed ports that respond with a Reset will look exactly the same. Not responding to SYNs on closed ports probably doesn't do you much good in general unless you don't have any ports listening (then you will be invisible) or if you just want to be annoying to a port scanner (it will have to wait for timeouts for SYN/ACK).
Uh, the article you point us to says that Linux 2.4 is not vulnerable to this because it uses peer-specific IPID values. (It also zeros the IPID field when DF=1). Is that not true?
Well, I had been listening to Gulf Stream (and also their split 7" with Built To Spill, which is how I found out about them) along with watching the show.. I just hadn't known that the two were related. ;)
Yes, more MR please!
That was a weird discovery when I realized she's in that band after watching JYW for so long..!
I don't think this is true. What the classic Mac OSes called virtual memory wasn't really virtual memory like what I'm talking about. Yes, they had a menu item where you could make disk space into "virtual memory" (I'm not sure what this did, really), but processes still had one unified address space. (Why else did we have to set the amount of memory we wanted to allocate to each program?) It's not like they were using the MMU of the processor and actually doing virtual memory, but just had the protections turned off -- they were doing a software simulation of some aspects of VM (like they simulated multitasking, for instance). It wasn't really VM.
I got, when my Win32 program was leaking brushes/pens:
A Required Resource Was Not
Yes, I live in the US. Do you have any examples?
I'm claiming that this scenario would surely require more than just a misunderstanding of technology, but also a serious misunderstanding of the DMCA.
In any case, the fact that technology is misunderstood in the courts is all the more reason to avoid being alarmist and confusing in how we (as people who DO understand technology) portray the DMCA. Do you think it helps anyone's understanding of technology for Cox to be claiming that sercurity holes have something to do technological measures for controlling access to copyrighted works?
I don't really see what's immoral about this. Presumably you're talking about a local e-mail that the CEO did in fact send and that the employee didn't yet read. Why is it wrong to delete it? If he had, in the heat of the moment, placed a whoopee cushion on some employee's seat, and then changed his mind later, would it be immoral to take that off his seat?
He wasn't asking you to read anyone else's mail, nor falsify information.. he just wanted to retract communication that he sent! What's the big deal?
I think you'll probably find some interesting things about the "theory of programming" in theory-oriented programming language texts and papers. Benjamin Pierce has a good new book, for instance:
l
http://www.cis.upenn.edu/~bcpierce/tapl/index.htm
(This doesn't cover computability and complexity, etc., rather, it really is about the act of *programming*.)
I did read the ruling. I have been following these cases closely, partly just out of general interest and partly because of my own legal troubles (here) with the DMCA.
Where do you read that providing "useful" information on how to circumvent technological measures was found to be illegal? It's possible that a judge could find this to be contributory infringement (under a different section of copyright code) but not the DMCA. It's just not in there.
> Sure, he was prosecuted for trafficking in a circumvention device.
> And, I suppose 2600 was prosecuted for illegally copying DVDs, right?
2600 was prosecuted for trafficking in a circumvention device, as well. (??)
You have a misunderstanding of the DMCA and the cases you mention (Sklyarov, DeCSS). In particular, the idea of whether something is "useful" for gaining access to a copyrighted work is irrelevant as far as the DMCA is concerned. The only thing banned is devices primarily designed for circumvention.
The DeCSS code was enjoined because, though it was held that code is indeed speech, it was not PROTECTED speech because it was also a "device" whose primary purpose was to circumvent CSS. I don't agree with this ruling, but that was what happened. It had nothing to do with how "useful" the source code was compared to the english descriptions.
Sklyarov was not indicted for giving a lecture about how eBook "encryption" worked, he was charged with trafficking in a circumvention device for profit. (A criminal offense under the DMCA!)
There is no way that a vague english description of a security flaw in a changelog constitutes a device, much less a device whose primary purpose is to circumvent a technological measure used to protect a copyrighted work. Where's the technological measure? (Read the definition in the DMCA) Where's the copyrighted work? How is a paragraph of english a device??
If we can find a way to educate people about what the DMCA really bans and why DeCSS and Sklyarov's software were found to be illegal, that's great. If we can find a way to be an annoyance to those who bought and use the DMCA, that's ok too. But this stunt is just immature, and only an annoyance to people who already agree with Cox (ie, linux users). In my opinion, all of his posturing is just lowering the level of discussion (and understanding) and will ultimately hurt our cause.
First, both of your situations are hypothetical. Neither is actually the case.
Second, we need to talk about "circumvention devices", not circumvention. Of course a description of a bug is not actual circumvention. In fact, it's not a circumvention device either. No court has ever banned a textual description of how to circumvent technological measures, nor (I hope) will they ever. Such descriptions are protected by the constitution, unless they are also simultaneously executable (in the sense of DeCSS source -- too bad). Don't forget, also, that the primary purpose of the "device" must be to circumvent, so a patch that fixes a security hole certainly wouldn't qualify, even if (and I stress if, since usually exploiting a bug is much harder than finding it) the patch contained enough information to develop an exploit.
In the case that we were talking about a bug in DRM technology like Palladium, there might be more to worry about (I contend that a description of what a security patch fixes would obviously be in the clear, nonetheless). However, there's no technological measure involved in this case, no device, no copyrighted material (??) and therefore, no DMCA.
If it was presented to a judge that Mr. Joe Nobody wrote a changelog entry defining file xyzzy.c that has hole 'a' in it which causes this issue... and Mr. Jack Cracka makes a program based on that info, and Master Script Kiddie then uses that program to take down a server for some company, it could be construed that Mr. Nobody's original document allowed for circumvention of system security and therefore was in violation of the DMCA. See?
! It doesn't outlaw hacking, or taking down servers (computer crime laws do, though) nor does it outlaw providing information to someone about how to hack. The only thing it outlaws is circumvention of protection measures that control access to a copyrighted work, and the trafficking in devices primarily designed for such circumvention. Read the definition of technological measure, circumvention, and circumvention device in 17 USC 1201, and then tell me how taking down someone's server could possibly be such a violation. Even if by some stretch you can fit that into the law, certainly it is even more of a stretch to imagine that the changelog is a "device" that is "primarily designed" for circumvention.
... a trial can go to hell quickly, without proper cause.
No, I don't see. You should really read the DMCA (http://www4.law.cornell.edu/uscode/17/1201.html)
Without proper understanding
Yes, indeed!
But mistrials aside, I don't see how this issue could ever be a realistic DMCA case.
> To the retard politicians, they aren't gonna get it unless people start to complain about how they can't get security fixes
> because they violate the DMCA. Only when it starts to hurt a huge number of people or a bunch of biger businesses will they
> care. It takes extreme (sarcastic) measures like this to get normal people, who don't pay attention to this stuff, to care.
Sure, but this is really senseless when the DMCA doesn't have anything to say about security releases. It's like if someone at a fast food restaurant refuses to serve you french fries until marijuana is legalized. Sure, maybe this will upset a bunch of people, but will it really convince politicians to legalize marijuana?
The case you mention was about a professor (Felten) intending to publish a report on an SDMI watermarking technology in which he essentially breaks the system. (This of course was in response to the SDMI challenge!) He received threats, some of which were about the DMCA, from the RIAA, SDMI, and some other company. They never carried through to sue him (eventually they stated that they had never intended to), and in any case probably would have not gotten very far in court because his paper could hardly be considered a "circumvention device". (Not to mention that the DMCA has some exceptional clauses for security researchers.) Nonetheless, it would be fair to say that the DMCA was used as a weapon to try to chill his free speech rights, and it was somewhat effective.
However, even assuming that this had some possibility of being illegal, it's still in a totally different league from a redhat security advisory: it was highly technical (essentially containing instructions on how to defeat the protection), and actually concerned protection measures for copyrighted content. The kernel changelog was neither technical nor did it have to do with protection measures nor was it related to copyrighted content.
I posted late, but I hope my comment won't get lost in all of the noise...
This is really stupid and childish. I'll be the first to condemn the DMCA (after my own legal troubles with it), but this is not the way to go about it.
Someone correct me if I'm wrong (I'm not a lawyer though I have studied the DMCA and lawsuits based on it carefully), but the DMCA absolutely does not ban security information. The only related things that it addresses are circumvention (of protection technology in order to access a copyrighted work) and trafficking in circumvention devices. Security information (especially in the form of a vague changelog) is absolutely not either of those. By no stretch of the imagination can I figure out how it's supposed to be a violation of the DMCA.
What's really going on here? Someone (Alan Cox) is trying to make a point about the control that the DMCA gives to copyright holders. He's placed a piece of his copyrighted information that some people want (text of the kernel changelog) behind a click-through license that says you can't access it if you're from the USA. In my opinion this has fuck-all to do with the DMCA (because there is no "technological measure" to circumvent -- please read the definition of technological measure in the DMCA if you disagree with me), just click-through licenses, but, whatever. Then Red Hat decides, well, we can't copy that information because the copyright holder has told us we can't. Assuming that such click-through licenses are legal in the first place, of course, RH would be entirely within its rights for a non-US-citizen to license the document and then summarize it for Red Hat. Either they are too lazy for this, don't understand the issues involved, or are perpetuating this same bizarre notion that the DMCA makes every single thing you'd want to do illegal.
The DMCA only has to do with copyright, and only as far as circumventing technological measures that protect copyrighted material. The court enjoined DeCSS because it found it to be a circumvention device (they did NOT enjoin english descriptions of the algorithm, and especially not security notices about CSS being weak!). I don't agree with the decision, but at least it makes sense in terms of the law. (I also don't agree with the law!!)
The important point I'm trying to make is that to fight dumb laws like the DMCA, we need to understand what they really say and what the actual implications are. There's a tendency for hackers to use logical deduction ("If DeCSS is illegal because it can be used to break DVDs, then hammers must be illegal because they can be used to smash open store windows!") in order to decide the implications of a law. THIS IS NOT HOW COURTS WORK! Law is much more squishy than that. Making these sorts of alarmist claims, as if the DMCA outlaws everything that we'd ever want to do, hurts our cause by spreading misinformation. Instead, we should be educating people about what the DMCA actually addresses (ie, "Did you know it would be illegal for you to create MP3s from SACDs that you bought?" or "Did you know that it's illegal to buy mod chips for your Playstation so that you can play imported games that you also legally purchased?" or "Did you know that it's illegal to use your screen-reader software with the eBook that you legally bought?"). That's how we can convince people that the law is wrong.
Windows 95 absolutely does have virtual memory. (Are you thinking of Mac OS 9??) It's true that it crashed a lot, and that's because the protections afforded by a real OS were not in '95 (it was easy to turn off virtual memory protections and trample on the address space of another process). But each process definitely had its own virtual address space, and most of the things that a real OS does (page table, TLB, paging to disk, etc.) were in 95. I don't know what this business is about not having to page out all the memory -- I never saw the 95 source code but it probably does what any other real OS does: set the page table to the one of the process and flush the TLB.
It's a totally trivial back-of-the-envelope calculation to deduce how many cycles it takes to find the key for an encrypted message by brute force (the way that distributed.net does it). Why do we need to corroborate that statistic via one very expensive sample?
The government does not need a lesson on the value of strong encryption: these figures are easy to work out, and in any case the NSA already has supercomputers that they use (presumably) to do the same thing. (Except, they likely have better technology than brute force for some ciphers...)
Distributed.net is not about "breaking" encryption. The ONLY thing we learn from it is the encryption key. The key was generated by the contest organizers, and if they wanted, they could have just saved it and we'd be one bajillion cycles richer.
I think it's much more interesting to put my cycles towards something where the answer isn't known! The various folding@home, aids@home, etc. efforts are tantalizing, though it's not clear that they will ever have actual results. Personally, I'm using GIMPS (primenet), which searches for very large prime numbers. (If you want to float your encryption boat, you could recall that asymmetric encryption often uses large prime numbers, though these primes would be totally useless for that.) This is the distributed computing program I know of that has had the most tangible results: three of the world's largest known primes were found by it. (It's also one of the oldest... I joined about 7 years ago.)
GIMPS is here: http://entropia.com/ips/
This is true for Fight AIDS @ home, but not (as far as I know) for GIMPS. I've been running GIMPS for about 7 years now and have never seen it do any non-mersenne work. I also don't see anything about that on the GIMPS home page.
Primenet/GIMPS.
http://www.entropia.com/ips/
They search for very large mersenne primes.
Unlike distributed.net, they're computing something new (distributed.net searches for decryption keys to a message whose contents is known!), and unlike SETI@home, they've had actual results: three of the largest prime numbers known to man were found through Primenet.
By "Anonymous Coward", you mean, the guy who is selling the thing on eBay? ;)
I thought I had filtered out the advertisements on slashdot...