What company is providing *you* with networking on Sealand? Is it possible that they could be liable under the laws in their own country for traffic coming out of Sealand? It's possible that this could negate any benefit to setting up a Sealand server.
They are very close to the UK; UK law specifically protects UK Public Telecomms Operators carrying foreign traffic from government intervention of various sorts. Only domestic communications are fair game to UK law enforcement. (Of course, GCHQ and the NSA are still free to monitor it all - they aren't going to be interested in your DeCSS source, or those Natalia Portman + Hot Grits photos, though.)
Obviously, offering to store data for other people can be an ethically sticky business. Are there limits to what you are willing to store?
Yes - they have an AUP, which specifically prohibits UCE (spamming), DoS attacks etc., and anything illegal in the country of origin of the server.
A holding company in the US could allow a German company to store, serve and update Nazi material (which is illegal in Germany). Similar situations could allow for storage of child pornography or copyrighted material. How do your rules deal with this?
The AUP deals with this; they specifically prohibit `child pornography'. Question: what do they consider `child' pornography? The US has an age of consent of 18, I'm told - it's 16 in the UK, and 12 (yes, twelve) in Spain.
Firstly: You seem to have forgotten what drives everything. That is money. When you put people before money you don't get invention. And to tell you the truth, it will ALWAYS be money before people, as that is human nature.
Yep - we all know Linus only created his kernel to get rich, selling copies of his binary-only OS...
Secondly: Why can we not get along and RESPECT each other's cultures. The citizens of the United States have a different culture from Europeans. Let us not resort to a flame war over which economic system is better. Remember, love not hate.
I agree - both systems have some merit, and neither is perfect.
Incidentally, anyone arguing in favour of govt. involvement should just look at British Telecom; having been privatised for 16 years now, we still have the same appalling prices and service, it still has 86% of the market. As a result, most people still pay for Net access by the minute - at up to 4p (about 6 cents) per minute. Unmetered access is supposed to be happening - by the end of this year, for about $30-40 per month. ADSL should cover 25% of the country by the end of the year, but costs $60/month. Wonderful.
A government monopoly may look like a good way to kick-start the service - but once it has served its purpose, it can take a very long time to dispose of.
Ummm, how exactly does one supercomputer that costs over a million dollars (US) that performs at the same level as a collection of computers that costs a few 10's of thousands of dollars metamorphose into "better price"?
Simple: various tasks need different amounts of bandwidth between the nodes to perform the calculation. For distributed.net and SETI@home, every data block is completely independent - the nodes don't need to communicate at all, so you just pipe the work units over the Internet.
Most problems don't break up this well, though - individual parts of the problem can interact with their neighbours, meaning individual nodes need to communicate with each other fairly quickly - a Beowulf cluster, for example. Lots of normal PCs on a fairly fast LAN.
Then, you have a handful of BIG number-crunching problems - like this one - where every part of the problem interacts with every other one. Think of it like a Rubik's cube: you can't just work one block at a time, you need to look at the whole object at once. This take serious bandwidth: the top-end SGI Origin 2800s run at something like 160 Gbyte/sec between nodes (in total).
Here in Cambridge, the Department of Applied Mathematics and Theoretical Physics has an SGI Origin 2000 series box with 64 CPUs - homepage here. (There's a photo of Stephen Hawking next to it somewhere on that site - this is his department.)
Basically, there are jobs clusters of PCs just can't handle. If the choice is between a $100k Beowulf cluster that can't do the job, and a $10m supercomputer which can, the latter is much better value.
Sure if you have the money to burn, go custom. But most of the computing projects out there do not require that kind of "big iron" and couldn't even afford it if they did. Besides, most of the time (unless you are in the DoD or NSA or such-like) you only end up with a small slice of that "big iron" which may or may not be roughly equivalent to being able to run your proggies on a computer that is all yours 24/7.
You're right - most projects don't need this kind of hardware. Some projects - including this one - do need it - either they cough up the big $$$, or the job doesn't get done.
Also, it sounds like you're arguing about ASICs vs. CPU's which is not what this is about at all. ASICs obviously are enormously useful (witness their vast dominance in the market), but it has nothing to do with whether or not you buy some custom supercomuter from SGI or build one yourself out of PCs and ethernet cabling for a fraction of the cost.
You can't build yourself a supercomputer out of PCs and Ethernet. You can build a cluster which will do almost all the jobs a supercomputer can - but not all of them. Some jobs need a supercomputer. A few very specialised jobs need even more muscle - like this one. It uses custom silicon, because that's the only way to get enough CPU horsepower.
I don't know. To me this seems a little unfair. You can take someone else's code and sell it and not actually do any work yourself, but on the other hand, isn't that what it's all about?
Sort of. There is nothing to stop anyone taking a copy of the Linux kernel source, compiling it, and selling the resulting binary, with a note saying `the source code is on www.kernel.org/pub/kernel/v2.2/' or whatever. I don't really see anything wrong with that - why should you have to provide your own kernel mirror? If someone's prepared to pay for your pre-compiled kernel, why not let them?
However, you are not allowed to take the kernel, change it, then sell the resulting binary - if you do that, you have to make your (modified) source available - typically by submitting it on linux-kernel and/or putting it on your WWW site.
If a legal Linux DVD player comes along in the middle of the trial, that's all very well and good, but it shouldn't affect the trial, right? There was no player at the time the alleged crime was committed...
It shouldn't matter whether there is an existing player or not. One case is being held under trade secret law: providing the `trade secret' was obtained legally, it is no longer protected. Reverse engineering for compatibility reasons is a guaranteed right in Europe (under the Decompilation Directive), meaning reverse engineering a DVD player to work out how to play DVDs is perfectly legal. Scratch one `trade secret'.
The DMCA case is more difficult; DeCSS can be used to copy DVDs, which could well make it illegal under the DMCA. It's the DMCA which is in the wrong here, not DeCSS, but the law doesn't (yet) take that view...:-(
I don't think the presence or absence of a legal player should have too much bearing on the legal issues involved, in any case....
Indeed - otherwise, the first `legal' player could secure a legally enforcable monopoly, at least on that platform. (Would the DVD CCA resist money and/or pressure from the members to refuse licenses to competing players? I wouldn't bank on it.) DMCA or not, we [should] have an absolute right to reverse-engineer any product in order to create a competiting product of our own.
Actually, I think a specific law to that effect could be good - absolutely prohibit the use of patents, the DMCA, `trade secrets' etc. to block competition.
Java's biggest problem is in memory requirements. Metadata for classes is frequently much larger in size than both bytecodes and allocated objects. This needs to improve if Java is to become a more mainstream language.
If you are just running a single Java applet, this is a huge overhead. However, once you have a couple of Java processes running at once, it's fairly trivial. 8Mb of overhead for 10 processes? That's about 800Kb per process - not a huge amount.
I think the biggest issues so far have just been the usual `chicken & egg' scenario: not enough people use Java for normal apps, so nobody writes Java apps since there's no market.
I must admit, I'm a Java sceptic myself; to begin with, the language was a real pig. The near-instant load-time compilation of Perl knocks Java out of the window; even C is much faster in terms of compile-run-test cycles. However, no doubt that will change in time.
The result that really surprised me, though, was Cygwin32 beating MS VC almost across the board - running on Windows! WTF?!
Then how can a non-Christian decide whether a man has strayed from righteousness or not?
That is not the issue being decided, though - this is a court of law, not of religion. The question being answered by the jury is not `did this person stray from righteousness?', but `did this person break this law?'
The jury is not enforcing God's law, but the law of man. The two are completely distinct.
What the hell does porno have to do with being able to make good decision in court.
If I cannot trust a man to make good decisions (not sin against God and demean his fellow men and women) in private, how can I trust him to make good decisions in a court of law?
How is the viewing of (legal) pornography related to deciding whether someone has broken the law or not? I believe that criminals should be excluded from jury service - but pornographic material is, generally, legal; as such, viewing it should not (and does not) disqualify you from jury duty.
Besides, I'll bet there are quite a few companies that would move encryption development overseas to take advantage of lax laws.
IIRC, Sun already has done: back when I worked as a Solaris admin, we received a new version of Solaris which said on the packaging that the encryption components were from Holland. At that time, MS were still selling crippled versions of NT; Sun just moved development somewhere they weren't affected by these dumb laws.
I do wonder why MS didn't do the same - anyone got any ideas?
Incidentally, I received an updated WWW browser by e-mail a few days ago, including 128 bit SSL support, from a UK company. The attached text indicated that the only restriction was that the software must not be exported to the usual places (Iraq, North Korea etc.) and that this was in line with govt. policy - i.e. the restrictions had already been lifted! Is something wrong here, or is the UK just ahead of the rest of the EU?
We may not agree on whether or not `piracy' is wrong, but one thing most all of us can probably agree on here is that `they' won't be able to put the genie back in the bottle.
So, the question is not `how can we stop these evil people using Napster and make them buy more CDs instead?', but `how should the artists/labels adapt?'
Personally, I can think of two approaches: take a radio-type approach (WWW sites pay the authors for hosting their files), or sell the files for download. If I have a choice between paying $21 for a CD (UK prices) or spending an hour or two sifting through the (often corrupted or incomplete) files on Napster, the Napster option is quite appealing. If, on the other hand, I could download the `authentic' MP3 files directly from the author's homepage for $1 or so, I'd probably go for that.
At that price, it's cheap enough I wouldn't mind, and expensive enough that the artist still gets a similar amount to the figure they'd get if I bought the CD - but without the middleman taking his 95% cut. The `radio sites', meanwhile, could use banner ads, subscriptions, etc. to cover their costs.
Many of us will remember Elite, by Ian Bell and David Braben, for the BBC, Nintendo (NES), C64, Apple II, Amiga, Atari, Z80 and the PC. Well, Ian has seen the light and published them all on the WWW here. (Click `BBC Elites'.) You'll also find what source there is (much of it was done using paper and a hex editor, though!).
Interestingly, someone reverse engineered this game to create their own version. Rather than suing them, complaining etc., he (Ian Bell) compliments them on the achievement, and includes the resulting game on his site.
Finally, he links to a couple of emulators. Makes a refreshing change, dontcha think?
What is wrong with this? Napster users violate copyright law while Napster claims that it wants to be a common carrier (i.e. safe harbor). This means Napster does not want to be held liable for copyright infringements, thus the users must be held liable and sued if necessary. This can only be done if identifying information is collected. What has happened is that Napster wants to eat it's cake and have it too, it cannot on one hand claim to be a common carrier and then on the other have anonymous users. Phone companies and ISPs have identifying characteristics of users (i.e. so that obscene phone callers, or death threat mailers can be found) so why should Napster be any different?
Sorry - that just isn't true. I can walk outside right now and use a payphone, completely anonymously. I can even buy a prepay mobile 'phone, for cash, second hand, completely anonymously. I can then make any calls I want, again with complete anonymity. Why should ISPs be subject to any greater restrictions?
(example of software piracy using Napster) Clearly a solution is needed and PPI's is a rather good one.
The same thing can be done with FTP servers - do you want to introduce mandatory registration of all FTP daemons out there? Napster only provide a search engine, and some free client and server software. Which part of this are you trying to regulate? Do you want to track the owners of search engine entries, or the users of free (as in either) software?
The problem is, US law just doesn't apply on the Net as a whole. You cannot impose these restrictions, however good your justification may be - a new approach is needed. Otherwise, `Napster-II' can just set up somewhere else - China, perhaps, or Russia - and operate without any restrictions at all.
I understand your desire to stop people ripping you off - but if the only way to do so involves unacceptable monitoring or censorship, then the price is too high.
Now, I'm not expert on the law, but I imagine if you want to avoid responsiblity for copyright infringment, that responsiblity must be transferred to someone else. You can't just shrug and say, "yeah, I own the server, but someone else is responsible for those gigs of pirated music, and I'm not telling you who."
Indeed. That would be like, say, putting a 'phone on the street, and letting anyone use it by just putting a few coins in. I can't imagine any responsible telephone company doing something like that - can you?
In reality, you can already use the telephone network completely anonymously (payphones). Now, you can also buy pre-paid mobile phones - buy them for cash in a store, sell them for cash to a stranger in a bar - completely untraceable. Can anyone think of a good reason why this shouldn't apply to Net access? (And no, Metallica, your desire to imprison any fan caught mentioning your name without paying royalties does not count...)
If this applies to Napster users, presumably it would also apply to/. users - no more ACs? If it covers those who simply download from Napster (without uploading anything) would it also bar anonymous reading of WWW sites? Where do you draw the line?
<Picard>They invade our Net - and we fall back. They censor whole sites - and we fall back. The line must be drawn here - this far, no further. No more censorship, no more monitoring.</Picard>;-)
1) Everyone has their own. Geeks like us come along and buy two: A control and a subject. In no time a few people understand exactly how they work and how the data is stored - and with the public and private keys on each one, well there's nothing secret.
Just like if you take two copies of PGP and compare them, you've got my secret key? The secret key is encrypted remember - the card doesn't know it. Only the card in conjunction with your (live) finger knows your secret key. If they've managed to steal your finger without you noticing, you have bigger problems than your ATM balance...
2) Someone steals your scanner which not only has your public key, but your private key as well, and you've lost your copy altogether.
Essentially a DoS attack... Yes, this would mean you'd have to revoke your old key pair and generate a new one. This will always be possible, though, unless you memorise your keypair and have total recall - or everyone stores their keys on a central server, so an administrator can give you another copy of your key. There's probably nothing to stop you having more than one of these cards, though (a bit tricky securely duplicating the keypair, but it could probably be done.)
The `attack' you describe would work perfectly well if this system were based on security through obscurity (CSS, anyone?). It isn't (I hope) - like PGP etc., it just relies on actually being secure. Perhaps we should patent idea that in case Microsoft try it? Nah - they'll just stick to FUD, lies and videotape;-)
Yeah, but the guy being robbed would know about that. He wouldn't know if someone made a rubber mold of his finger in his sleep or copied his fingerprint off a glass. No technology can protect you from a guy with a gun pressed to your gut.
Not entirely true - bullet proof vest?;-)
Seriously, though: for code-based systems (burglar alarms etc.) you can often have a `duress' code. If someone puts a gun to your head and tells you to shut off the alarm, you type that code. The alarm pretends to shut off - in reality, it calls the police, silently.
Better still, you could rotate a couple of code between being `valid' and `duress' - 2378 would genuinely shut the alarm off on Monday, Wednesday, Friday, while 7826 shuts it off on the other days. Enter one of these codes on the wrong day, it acts as a duress code.
It is. It has Microsoft's Kerberos specifications in it. This is what/.'s lawyer suggested as a way to avoid the lawsuit.
Well spotted. However, since it is protected by steganography (it's printed in white on a white background in small print just under the article), it would be a violation of the DMCA for Microsoft (or anyone associated with them) to look at it - since that would constitute circumvention of `effective access controls'.;-)
Internet Explorer has supported this well since version 5.0.
There are a few areas where Netscape dropped the ball over the last few years; fortunately, though, we seem to be catching up at quite a rate.
IE 2 was pretty crappy, NN 2 was just a bit primitive.
IE 3 was really quite usable, for the time. Interestingly, it seems to have been created in a similar way to the approach IBM took with the PC: take a very small, good, dedicated team, and get them to produce something very quickly. It worked in both cases.
By IE 4/NN 4, the tables had turned; IE was in the lead.
Now, though, Mozilla looks set to reverse the roles again: it's certainly not perfect (hint: DO NOT MODERATE ON/. while using it - I did, and it ate my points!) but it's going to be amazing once the bugs are fixed and the performance has been tweaked!
Things like the ad-blocker should be killer features, with a bit of work (I note the/. people have already changed things to make ads come from images.slashdot.org...).
On another point: isn't it the OS's duty to create the anti-aliasing in fonts? It was done in Win9x with a simple checkbox in the Effects preferences and affected all display of fonts.
That depends what you mean by OS. If you have a watertight definition, I know a DoJ who want to meet you:-)
Seriously, it really belongs in the font rendering sytem (well, duh!). That's where XFS (the X Font Server) comes in. Unfortunately, there are various problems in this area (this was discussed on the wine-devel mailing list a year or so ago, IIRC) but I think it can be done with some patches.
Incidentally, I am told the Win95 `font smoothing' isn't true anti-aliasing: all it does is smudge the font slightly!
Of course, the first question that comes to mind is: how is this going to influence the recent legal actions Microsoft pulled against/.
I would imagine it won't. Why would it? All this means is that - hopefully - Microsoft will have to change their implementation to be compliant with the new standard.
The second is, why is the IETF not in control of Kerberos completely, how could it happen that Microsoft made proprietary extension to the protocol?
They left in a `loophole' which basically said `implementation-specific bits can go here'. Microsoft then used that for all their implementation specific details - but didn't document what those details were.
However it is throttled to 8 Mb/s upstream. The vast majority of downstream bandwidth in Cambridge goes to feed personal computers in student rooms.
If Oxford have a more draconian policy on bandwidth allocation to students then they may well not need anything faster than 34 Mb/s. I suspect that a 34 Mb/s connect is vastly cheaper than a 155 Mb/s connect.
And if Oxford had an even more draconian policy, perhaps they could get away with an ISDN line instead!
I'm sure most of us would choose the ISP with the better bandwidth and less restrictive AUP - I know I would. Granted, the university is not purely an ISP - but they do act as one (both dialup and Ethernet/ATM). Cambridge is definitely the better university in this respect; having used both university's systems a fair bit, I know which I prefer. They do both hose the university I used to server-sit for, though:-(
Incidentally, in January of next year, Cambridge is getting upgraded to a symmetric OC-48 (2.5Gbit/sec), as part of the SuperJANET 4 project. Oxford isn't:-)
On the subject of "lawyer fees", it would be fun to send a few law-students into a fight over this with the MPAA (or whomever). Costs the MPAA real money, the university has a chance of training the students "for real", with a very, very small chance of losing the case....
Better still: Get a few of the university's law lecturers to plead the case on the univerity's behalf. When they (inevitably) win - since there was no copy of that DeCSS involved! - they get to claim full lawyer's fees from the MPAA.
Personally, I think ISPs etc. should be subject to the same access charges as long distance operators. However, I don't think this should involve adding per-minute charges to the ISPs - rather, it should involve removing those charges from the LD operators.
At present, long distance operators (inter-exchange carriers - IXCs) pay the local operators (local exchange carriers - LECs) by the minute for using the local lines at each end. That's why you can't get unmetered long distance calls; the IXC is paying your local company a few cents per minute. ISPs, on the other hand, just buy normal local lines - and receive lots of flat-rate local calls on them. IXCs can't do this - they have to pay per minute instead.
Solution: Both ISPs and IXCs should pay a fixed per-line charge, without any time-based ("metered") charges. This way, ISPs can continue offering flat-rate dialup - and IXCs can offer much wider variations in pricing (e.g. $30/month plus 2c/minute, or $0/month plus 10c/minute, etc.)
The situation is grim. In my opinion, all communication between two computers must become legally protected. That is, no sifting or compilation of data about me, without my consent or a warrant from a judge; no monitoring of my communication with other PC users without a warrant or my consent.
I agree. Ideally, I would like to see a right to privacy - any point-to-point communication between my computer and yours may be monitored, recorded, restricted etc. by you and/or by me - but NOT by ANYONE else (ISP, govt., next door neighbour, MPAA). My ISP can block, for example, me trying to break into your machine - acting on your behalf.
Obviously, an employer has a right to know what their machines are being used for. I admit employers and company PCs do not fall under this umbrella.
Why not? Again, only the owner of the machine(s) involved are entitled to monitor or control its use. In this case, the owner is your employer - and as such, they can impose and enforce rules. (No porn on the company PC, no spamming, no personal use on company time, etc.)
just because he sent in a $35 check and got a lot of publicity?
ISTR he paid by Mastercard:-)
On a more serious note, I live in a country where, IIRC, reverse engineering is specifically permitted, regardless of license conditions, provided it is done for interoperability reasons only. So, I could, perfectly legally, reverse engineer the Win2k bug in order to make Samba+MIT Kerberos interoperable with Win2k. The question is, does the possibility I might be using MS's "secret" published documentation make this more difficult? Equally, is this "EULA" even legally valid? I suspect it wouldn't stand up...
One of the other Napster rules, along with "don't pirate stuff", is "no bots". NetPD must be using some sort of automated client software to perform these searches. So, as well as all the Metallica fans, Napster should ban NetPD's IP address range[s].
Interesting, huh? More to the point, because NetPD were violating the rules of Napster, the information was improperly obtained. Doesn't that prevent it being admissable? (Presumably Napster will require some proof of violation. NetPD just handed them proof that NetPD themselves had been violating those rules; what proof do they have that the people on the list were? Possibly not enough...)
More to the point, why do you pick 18 as a relevant age? The age of consent for heterosexual sex in the UK is 16. It's not exactly my field of expertise, but I think 16 and 17 year olds can pose for newspapers etc. (although, being under 18, they can't sign the contract themselves).
In other countries, I suppose it could well be 21. You need to be 16 to have sex or get married, 17 to drive, and 18 to drink, in the UK.
Slashdot Mirror
They are very close to the UK; UK law specifically protects UK Public Telecomms Operators carrying foreign traffic from government intervention of various sorts. Only domestic communications are fair game to UK law enforcement. (Of course, GCHQ and the NSA are still free to monitor it all - they aren't going to be interested in your DeCSS source, or those Natalia Portman + Hot Grits photos, though.)
Yes - they have an AUP, which specifically prohibits UCE (spamming), DoS attacks etc., and anything illegal in the country of origin of the server.
A holding company in the US could allow a German company to store, serve and update Nazi material (which is illegal in Germany). Similar situations could allow for storage of child pornography or copyrighted material. How do your rules deal with this?
The AUP deals with this; they specifically prohibit `child pornography'. Question: what do they consider `child' pornography? The US has an age of consent of 18, I'm told - it's 16 in the UK, and 12 (yes, twelve) in Spain.
Yep - we all know Linus only created his kernel to get rich, selling copies of his binary-only OS...
Secondly: Why can we not get along and RESPECT each other's cultures. The citizens of the United States have a different culture from Europeans. Let us not resort to a flame war over which economic system is better. Remember, love not hate.
I agree - both systems have some merit, and neither is perfect.
Incidentally, anyone arguing in favour of govt. involvement should just look at British Telecom; having been privatised for 16 years now, we still have the same appalling prices and service, it still has 86% of the market. As a result, most people still pay for Net access by the minute - at up to 4p (about 6 cents) per minute. Unmetered access is supposed to be happening - by the end of this year, for about $30-40 per month. ADSL should cover 25% of the country by the end of the year, but costs $60/month. Wonderful.
A government monopoly may look like a good way to kick-start the service - but once it has served its purpose, it can take a very long time to dispose of.
Simple: various tasks need different amounts of bandwidth between the nodes to perform the calculation. For distributed.net and SETI@home, every data block is completely independent - the nodes don't need to communicate at all, so you just pipe the work units over the Internet.
Most problems don't break up this well, though - individual parts of the problem can interact with their neighbours, meaning individual nodes need to communicate with each other fairly quickly - a Beowulf cluster, for example. Lots of normal PCs on a fairly fast LAN.
Then, you have a handful of BIG number-crunching problems - like this one - where every part of the problem interacts with every other one. Think of it like a Rubik's cube: you can't just work one block at a time, you need to look at the whole object at once. This take serious bandwidth: the top-end SGI Origin 2800s run at something like 160 Gbyte/sec between nodes (in total).
Here in Cambridge, the Department of Applied Mathematics and Theoretical Physics has an SGI Origin 2000 series box with 64 CPUs - homepage here. (There's a photo of Stephen Hawking next to it somewhere on that site - this is his department.)
Basically, there are jobs clusters of PCs just can't handle. If the choice is between a $100k Beowulf cluster that can't do the job, and a $10m supercomputer which can, the latter is much better value.
Sure if you have the money to burn, go custom. But most of the computing projects out there do not require that kind of "big iron" and couldn't even afford it if they did. Besides, most of the time (unless you are in the DoD or NSA or such-like) you only end up with a small slice of that "big iron" which may or may not be roughly equivalent to being able to run your proggies on a computer that is all yours 24/7.
You're right - most projects don't need this kind of hardware. Some projects - including this one - do need it - either they cough up the big $$$, or the job doesn't get done.
Also, it sounds like you're arguing about ASICs vs. CPU's which is not what this is about at all. ASICs obviously are enormously useful (witness their vast dominance in the market), but it has nothing to do with whether or not you buy some custom supercomuter from SGI or build one yourself out of PCs and ethernet cabling for a fraction of the cost.
You can't build yourself a supercomputer out of PCs and Ethernet. You can build a cluster which will do almost all the jobs a supercomputer can - but not all of them. Some jobs need a supercomputer. A few very specialised jobs need even more muscle - like this one. It uses custom silicon, because that's the only way to get enough CPU horsepower.
Sort of. There is nothing to stop anyone taking a copy of the Linux kernel source, compiling it, and selling the resulting binary, with a note saying `the source code is on www.kernel.org/pub/kernel/v2.2/' or whatever. I don't really see anything wrong with that - why should you have to provide your own kernel mirror? If someone's prepared to pay for your pre-compiled kernel, why not let them?
However, you are not allowed to take the kernel, change it, then sell the resulting binary - if you do that, you have to make your (modified) source available - typically by submitting it on linux-kernel and/or putting it on your WWW site.
It shouldn't matter whether there is an existing player or not. One case is being held under trade secret law: providing the `trade secret' was obtained legally, it is no longer protected. Reverse engineering for compatibility reasons is a guaranteed right in Europe (under the Decompilation Directive), meaning reverse engineering a DVD player to work out how to play DVDs is perfectly legal. Scratch one `trade secret'.
The DMCA case is more difficult; DeCSS can be used to copy DVDs, which could well make it illegal under the DMCA. It's the DMCA which is in the wrong here, not DeCSS, but the law doesn't (yet) take that view... :-(
I don't think the presence or absence of a legal player should have too much bearing on the legal issues involved, in any case....
Indeed - otherwise, the first `legal' player could secure a legally enforcable monopoly, at least on that platform. (Would the DVD CCA resist money and/or pressure from the members to refuse licenses to competing players? I wouldn't bank on it.) DMCA or not, we [should] have an absolute right to reverse-engineer any product in order to create a competiting product of our own.
Actually, I think a specific law to that effect could be good - absolutely prohibit the use of patents, the DMCA, `trade secrets' etc. to block competition.
If you are just running a single Java applet, this is a huge overhead. However, once you have a couple of Java processes running at once, it's fairly trivial. 8Mb of overhead for 10 processes? That's about 800Kb per process - not a huge amount.
I think the biggest issues so far have just been the usual `chicken & egg' scenario: not enough people use Java for normal apps, so nobody writes Java apps since there's no market.
I must admit, I'm a Java sceptic myself; to begin with, the language was a real pig. The near-instant load-time compilation of Perl knocks Java out of the window; even C is much faster in terms of compile-run-test cycles. However, no doubt that will change in time.
The result that really surprised me, though, was Cygwin32 beating MS VC almost across the board - running on Windows! WTF?!
That is not the issue being decided, though - this is a court of law, not of religion. The question being answered by the jury is not `did this person stray from righteousness?', but `did this person break this law?'
The jury is not enforcing God's law, but the law of man. The two are completely distinct.
If I cannot trust a man to make good decisions (not sin against God and demean his fellow men and women) in private, how can I trust him to make good decisions in a court of law?
How is the viewing of (legal) pornography related to deciding whether someone has broken the law or not? I believe that criminals should be excluded from jury service - but pornographic material is, generally, legal; as such, viewing it should not (and does not) disqualify you from jury duty.
IIRC, Sun already has done: back when I worked as a Solaris admin, we received a new version of Solaris which said on the packaging that the encryption components were from Holland. At that time, MS were still selling crippled versions of NT; Sun just moved development somewhere they weren't affected by these dumb laws.
I do wonder why MS didn't do the same - anyone got any ideas?
Incidentally, I received an updated WWW browser by e-mail a few days ago, including 128 bit SSL support, from a UK company. The attached text indicated that the only restriction was that the software must not be exported to the usual places (Iraq, North Korea etc.) and that this was in line with govt. policy - i.e. the restrictions had already been lifted! Is something wrong here, or is the UK just ahead of the rest of the EU?
So, the question is not `how can we stop these evil people using Napster and make them buy more CDs instead?', but `how should the artists/labels adapt?'
Personally, I can think of two approaches: take a radio-type approach (WWW sites pay the authors for hosting their files), or sell the files for download. If I have a choice between paying $21 for a CD (UK prices) or spending an hour or two sifting through the (often corrupted or incomplete) files on Napster, the Napster option is quite appealing. If, on the other hand, I could download the `authentic' MP3 files directly from the author's homepage for $1 or so, I'd probably go for that.
At that price, it's cheap enough I wouldn't mind, and expensive enough that the artist still gets a similar amount to the figure they'd get if I bought the CD - but without the middleman taking his 95% cut. The `radio sites', meanwhile, could use banner ads, subscriptions, etc. to cover their costs.
Interestingly, someone reverse engineered this game to create their own version. Rather than suing them, complaining etc., he (Ian Bell) compliments them on the achievement, and includes the resulting game on his site.
Finally, he links to a couple of emulators. Makes a refreshing change, dontcha think?
Sorry - that just isn't true. I can walk outside right now and use a payphone, completely anonymously. I can even buy a prepay mobile 'phone, for cash, second hand, completely anonymously. I can then make any calls I want, again with complete anonymity. Why should ISPs be subject to any greater restrictions?
(example of software piracy using Napster) Clearly a solution is needed and PPI's is a rather good one.
The same thing can be done with FTP servers - do you want to introduce mandatory registration of all FTP daemons out there? Napster only provide a search engine, and some free client and server software. Which part of this are you trying to regulate? Do you want to track the owners of search engine entries, or the users of free (as in either) software?
The problem is, US law just doesn't apply on the Net as a whole. You cannot impose these restrictions, however good your justification may be - a new approach is needed. Otherwise, `Napster-II' can just set up somewhere else - China, perhaps, or Russia - and operate without any restrictions at all.
I understand your desire to stop people ripping you off - but if the only way to do so involves unacceptable monitoring or censorship, then the price is too high.
Indeed. That would be like, say, putting a 'phone on the street, and letting anyone use it by just putting a few coins in. I can't imagine any responsible telephone company doing something like that - can you?
In reality, you can already use the telephone network completely anonymously (payphones). Now, you can also buy pre-paid mobile phones - buy them for cash in a store, sell them for cash to a stranger in a bar - completely untraceable. Can anyone think of a good reason why this shouldn't apply to Net access? (And no, Metallica, your desire to imprison any fan caught mentioning your name without paying royalties does not count...)
If this applies to Napster users, presumably it would also apply to /. users - no more ACs? If it covers those who simply download from Napster (without uploading anything) would it also bar anonymous reading of WWW sites? Where do you draw the line?
<Picard>They invade our Net - and we fall back. They censor whole sites - and we fall back. The line must be drawn here - this far, no further. No more censorship, no more monitoring.</Picard> ;-)
1) Everyone has their own. Geeks like us come along and buy two: A control and a subject. In no time a few people understand exactly how they work and how the data is stored - and with the public and private keys on each one, well there's nothing secret.
Just like if you take two copies of PGP and compare them, you've got my secret key? The secret key is encrypted remember - the card doesn't know it. Only the card in conjunction with your (live) finger knows your secret key. If they've managed to steal your finger without you noticing, you have bigger problems than your ATM balance...
2) Someone steals your scanner which not only has your public key, but your private key as well, and you've lost your copy altogether.
Essentially a DoS attack... Yes, this would mean you'd have to revoke your old key pair and generate a new one. This will always be possible, though, unless you memorise your keypair and have total recall - or everyone stores their keys on a central server, so an administrator can give you another copy of your key. There's probably nothing to stop you having more than one of these cards, though (a bit tricky securely duplicating the keypair, but it could probably be done.)
The `attack' you describe would work perfectly well if this system were based on security through obscurity (CSS, anyone?). It isn't (I hope) - like PGP etc., it just relies on actually being secure. Perhaps we should patent idea that in case Microsoft try it? Nah - they'll just stick to FUD, lies and videotape ;-)
Not entirely true - bullet proof vest? ;-)
Seriously, though: for code-based systems (burglar alarms etc.) you can often have a `duress' code. If someone puts a gun to your head and tells you to shut off the alarm, you type that code. The alarm pretends to shut off - in reality, it calls the police, silently.
Better still, you could rotate a couple of code between being `valid' and `duress' - 2378 would genuinely shut the alarm off on Monday, Wednesday, Friday, while 7826 shuts it off on the other days. Enter one of these codes on the wrong day, it acts as a duress code.
Well spotted. However, since it is protected by steganography (it's printed in white on a white background in small print just under the article), it would be a violation of the DMCA for Microsoft (or anyone associated with them) to look at it - since that would constitute circumvention of `effective access controls'. ;-)
There are a few areas where Netscape dropped the ball over the last few years; fortunately, though, we seem to be catching up at quite a rate.
IE 2 was pretty crappy, NN 2 was just a bit primitive.
IE 3 was really quite usable, for the time. Interestingly, it seems to have been created in a similar way to the approach IBM took with the PC: take a very small, good, dedicated team, and get them to produce something very quickly. It worked in both cases.
By IE 4/NN 4, the tables had turned; IE was in the lead.
Now, though, Mozilla looks set to reverse the roles again: it's certainly not perfect (hint: DO NOT MODERATE ON /. while using it - I did, and it ate my points!) but it's going to be amazing once the bugs are fixed and the performance has been tweaked!
Things like the ad-blocker should be killer features, with a bit of work (I note the /. people have already changed things to make ads come from images.slashdot.org...).
On another point: isn't it the OS's duty to create the anti-aliasing in fonts? It was done in Win9x with a simple checkbox in the Effects preferences and affected all display of fonts.
That depends what you mean by OS. If you have a watertight definition, I know a DoJ who want to meet you :-)
Seriously, it really belongs in the font rendering sytem (well, duh!). That's where XFS (the X Font Server) comes in. Unfortunately, there are various problems in this area (this was discussed on the wine-devel mailing list a year or so ago, IIRC) but I think it can be done with some patches.
Incidentally, I am told the Win95 `font smoothing' isn't true anti-aliasing: all it does is smudge the font slightly!
I would imagine it won't. Why would it? All this means is that - hopefully - Microsoft will have to change their implementation to be compliant with the new standard.
The second is, why is the IETF not in control of Kerberos completely, how could it happen that Microsoft made proprietary extension to the protocol?
They left in a `loophole' which basically said `implementation-specific bits can go here'. Microsoft then used that for all their implementation specific details - but didn't document what those details were.
If Oxford have a more draconian policy on bandwidth allocation to students then they may well not need anything faster than 34 Mb/s. I suspect that a 34 Mb/s connect is vastly cheaper than a 155 Mb/s connect.
And if Oxford had an even more draconian policy, perhaps they could get away with an ISDN line instead!
I'm sure most of us would choose the ISP with the better bandwidth and less restrictive AUP - I know I would. Granted, the university is not purely an ISP - but they do act as one (both dialup and Ethernet/ATM). Cambridge is definitely the better university in this respect; having used both university's systems a fair bit, I know which I prefer. They do both hose the university I used to server-sit for, though :-(
Incidentally, in January of next year, Cambridge is getting upgraded to a symmetric OC-48 (2.5Gbit/sec), as part of the SuperJANET 4 project. Oxford isn't :-)
Better still: Get a few of the university's law lecturers to plead the case on the univerity's behalf. When they (inevitably) win - since there was no copy of that DeCSS involved! - they get to claim full lawyer's fees from the MPAA.
At present, long distance operators (inter-exchange carriers - IXCs) pay the local operators (local exchange carriers - LECs) by the minute for using the local lines at each end. That's why you can't get unmetered long distance calls; the IXC is paying your local company a few cents per minute. ISPs, on the other hand, just buy normal local lines - and receive lots of flat-rate local calls on them. IXCs can't do this - they have to pay per minute instead.
Solution: Both ISPs and IXCs should pay a fixed per-line charge, without any time-based ("metered") charges. This way, ISPs can continue offering flat-rate dialup - and IXCs can offer much wider variations in pricing (e.g. $30/month plus 2c/minute, or $0/month plus 10c/minute, etc.)
I agree. Ideally, I would like to see a right to privacy - any point-to-point communication between my computer and yours may be monitored, recorded, restricted etc. by you and/or by me - but NOT by ANYONE else (ISP, govt., next door neighbour, MPAA). My ISP can block, for example, me trying to break into your machine - acting on your behalf.
Obviously, an employer has a right to know what their machines are being used for. I admit employers and company PCs do not fall under this umbrella.
Why not? Again, only the owner of the machine(s) involved are entitled to monitor or control its use. In this case, the owner is your employer - and as such, they can impose and enforce rules. (No porn on the company PC, no spamming, no personal use on company time, etc.)
ISTR he paid by Mastercard :-)
On a more serious note, I live in a country where, IIRC, reverse engineering is specifically permitted, regardless of license conditions, provided it is done for interoperability reasons only. So, I could, perfectly legally, reverse engineer the Win2k bug in order to make Samba+MIT Kerberos interoperable with Win2k. The question is, does the possibility I might be using MS's "secret" published documentation make this more difficult? Equally, is this "EULA" even legally valid? I suspect it wouldn't stand up...
Interesting, huh? More to the point, because NetPD were violating the rules of Napster, the information was improperly obtained. Doesn't that prevent it being admissable? (Presumably Napster will require some proof of violation. NetPD just handed them proof that NetPD themselves had been violating those rules; what proof do they have that the people on the list were? Possibly not enough...)
In other countries, I suppose it could well be 21. You need to be 16 to have sex or get married, 17 to drive, and 18 to drink, in the UK.