With the tits and everything, it is doubtful they will send a virus that is even executable on whatever processor is in there. We're safe for now.
You've forgotten about Java - write once (on alien mothership), run everywhere (once the worm hits our Net).;-)
James.
Re:How did he find out and how can you believe the
on
GPL Violation - NVIDIA
·
· Score: 1
That being said, of course, they could always write a function which calls a separate trivial library which contains the code in question, and release the trivial library and it's source code. I reckon that's one way to satisfy (around?) the letter of the GPL.
Nope - ISTR that's the LGPL. (glibc, for example, allows commercial programs to link to it, subject to certain conditions.) GPLed code can't be used in this way.
This is a bit of a problem for the Apache project ATM - there's an authentication module someone's written for Apache to allow it to check passwords against a Samba or NT server. Unfortunately, it uses code from Samba (GPL) - so it can't be incorporated into Apache:-(
The RFCs you want are probably 1945 (HTTP 1.0) and 2068 (HTTP 1.1); you can get these from the RFC Editor pages.
In a nutshell, however, you want to: [jas88@dax rfc]$ telnet slashdot.org 80 Trying 209.207.224.41... Connected to slashdot.org. Escape character is '^]'. HEAD / HTTP/1.0
HTTP/1.1 200 OK Date: Sun, 30 Apr 2000 19:05:11 GMT Server: Apache/1.3.6 (Unix) mod_perl/1.21 Connection: close Content-Type: text/html
Connection closed by foreign host.
Or similar. You can put GET instead of HEAD to get the actual page contents, but the raw HTML probably isn't much use. It works on hosts other than/., too:-)
Really? They don't seem to think so - it was formed as a Directorate of Military Intelligence in January 1916, titled "MI5". Officially, it's usually referred to as "the Security Service", but is commonly known as MI5 - even to the extent of having that for their domain name.
There are a few other interesting gems on that site: for example, MI5 does not have the power to detain or arrest people. (See "Myths and Misunderstandings"... "Executive Powers".)
Third, you can forget about going to court and complaining that the legislation is unconstitutional or otherwise beyond the power of parliament - this is a concept foreign to the UK constitutional arrangement. The parliament has power to pass any law. The only check on this might be an appeal to the European Court of Human Rights. If you are not from a Council of Europe country I don't think you have standing before that court and, even then, the court does not have a record of intervening in areas of "National Security".
It goes further than that: most (possibly all) Articles of the European Convention on Human Rights contain a clause which specifies a total exception for matters of national security. Contrary to common belief, we do have guaranteed rights to freedom of expression - except where that would conflict with the interests of national security.
"It's like a bar that lets people sell drugs in their establishment. By turning their head and acting like nothing's going on, they become liable for the actions of their patrons."
Actually, they don't. If people are selling drugs in my establishment, I have no more responsibility to stop them than any other witness.
Under UK law, you do have a responsibility to stop them. Otherwise, you'll end up spending a couple of years in free accomodation with a lock on the outside of the door - as happened to "the Cambridge Two" a few months ago...
Isn't it only a problem if the encryption scheme is clamed to be a _copy_ protection scheme?
No. That's one of the key flaws in the DMCA: it does NOT protect COPY-control systems, but ACCESS-control systems. Like, for example, DVD's CSS. Yes, we all know it isn't a working COPY prevention system - that doesn't matter. It IS an ACCESS control system (to stop you playing DVDs on non-cartel approved players).
What I want to know is, WTF are these guys (the censorware clowns, I mean) playing at? If I were doing it, I'd just ship a load of MD5 hashes of the blocked URLs. That way, you CANNOT "decrypt" the list - it's not an encrypted list to begin with! (Brute forcing the hashes would take quite a while...)
Does the UK government pay for the internet access though (they might, but I'm not sure)? There is free internet access in the US too (through NetZero and the like) but its not paid by the government, so it still counts as competition in the private sector.
No. In the case of "free" ISPs like Freeserve, it is paid for by the user, through their phone bill (Freeserve gets up to about £1.80 [$2.70] per hour from you this way for the "free" service). This is the model used by almost all the UK's "free" ISPs; a handful, such as Screaming.net, use a cross-subsidy from other services (they are also a telephone company, and subsidise the ISP from call charges).
Finally, we are beginning to see flat-rate Net access; Claranet now provide flat-rate access at weekends and evenings for £50 ($75) per month. We do have one truly free ISP - X-stream - using 0800 numbers funded by an advertising bar, but getting connected to their one and only modem can take quite a while...
(1) Free internet access is nothing new, it exists in other countries (UK, etc) Well, sort of.... Presumably you are referring to X-stream's 0800 service? Or Callnet's loss leader?
The UK has plenty of (over 200!) "free" ISPs, funded by the call charge. These are not really "free" at all, but "pay as you go" - you are paying them anything up to about £1.80 ($2.70) per hour for this "free" service.
The problem is that we don't have flat-rate ISPs yet, except BT Internet (weekends and evenings only), or Claranet (also weekends and evenings only, priced at £50 [$75] per month).
Because there wasn't any way for the broadcaster to know who picked up the signal, they couldn't charge the owners of the receivers to watch the signal. Except in the UK, where the government owned the TV station (the BBC) and so could pass a law requiring everyone owning a TV to pay for a "license", to fund the BBC. The license still exists today, at about $165 per year...
I know as well as anyone here that CSS is useless for preventing piracy in the sense of making bootleg DVDs. I was simply pointing out that DeCSS can be, and has been, used for piracy of the MPEG content.
As I said, I know of one person here who HAS pirated DVD content over the Internet. I don't mean he had a DVD burner somewhere else, he simply ripped the MPEG content with DeCSS, then sent the resulting (v. large) file over our OC-3 connection. Funnily enough, he DID get caught...
Anyway, it isn't DeCSS we should worry about, but css-auth and css-cat. DeCSS is of no use for playing DVDs under Linux - that's what css-* are for.
The really sad thing here is that encryption CANNOT be used to make an anti-piracy system - but explaining/proving that is extremely difficult. I suspect that "the movie industry" went to some technical company who sold them an "anti-piracy" system (CSS) claiming that it would prevent piracy provided the keys and algorithm were kept secret.
Now, you and I both know perfectly well that this is technically impossible - but they don't (which is why they got someone else to devise the CSS in the first place). Just like all those sites which installed Windows Not Tested as a mission critical server, then discover they are having major problems - but their technical guys won't admit NT is a poor solution, because they are the ones who chose it. Instead, they go looking for scapegoats - hardware, other applications, "hackers", the weather etc.
In short, though, DeCSS can be used for piracy, and has been. So can we just shut up about how this Windows program "is only useful for playing DVDs under Linux" please?
I meant the purpose for which it is currently USED and DISTRIBUTED by many - namely as a DVD ripper. I have already read most of the material (including the source code...) - my point remains: DeCSS CAN BE(and indeed IS) used for copying DVD content.
Has anyone ever successfully used DeCSS to copy a DVD movie to another PC and then play it back?
Yes. He took a DVD, used DeCSS to rip the unencrypted MPEG data, then sent that across an OC-3 Internet connection about two weeks ago.
This would appear, IMHO, to be DeCSS's primary use (after all, there ARE other WINDOWS DVD players).
Personally, I think we should ADMIT that DeCSS is indeed a tool which can be used for pirating DVD content over the Internet (given a fast enough connection, which most of us do not have yet) and quietly drop it. Instead, the battle should be fought over css-auth and css-cat which ARE tools for playing DVDs under Linux/*BSD.
The monopoly IS the DVDCCA (and licensees thereof)!
Did Netscape try asking Microsoft to bundle Netscape with Windows instead of IE? Did Digital Research try asking Microsoft not to put code in Windows 3.0 to stop it working on DR DOS? Did they NEED to do so for Microsoft's actions to be unlawful? No.
This is precisely the same issue. Buying a DVD movie should not prevent me from playing that DVD on ANY player I wish - any more than buying a copy of Windows should prevent me from using WordPerfect Office, or Lotus SmartSuite.
In essence, the whole point is that licenses from the MPAA/DVDCCA must not be required in order to play DVDs - this would be like Microsoft forcing application vendors to license and use Office code if they want their software to work with Windows. That is illegal (under anti-trust laws) - so, IMO, are the MPAA/DVDCCA's actions here.
What the MPAA/DVDCCA are really trying to do here is leverage their monopoly/market power over content to gain a monopoly over DVD players by technological and legal means.
Does this sound familiar, in any way? Substitute "Operating Systems" for "content", and "WWW browsers" or "applications" for "DVD players", and we have a rerun of Microsoft's actions over IE...
When Microsoft did it, the court held that it was illegal, and stopped Microsoft doing it (albeit too late, really...) - hopefully, the same will happen over DVD and all the restrictive trade practices associated with it (region coding, to enforce discriminatory pricing regimes, which I am told is illegal; preventing the use of competitor's products in conjunction with lawfully obtained material, almost certainly a violation of anti-trust laws...)
One problem: DeCSS is NOT an interoperability tool. css-auth is an interoperability tool for Linux, to enable Linux users to play DVDs.
DeCSS? Well, it runs on Windows, and most of the sites I saw carrying it also contained instructions on how to convert DVDs to VCD format and burn them on CDr. In my book, that's not interoperability....
On the other hand, it would appear that that IS covered by "fair use".
Talking about the legal team, though, my impression is that the defence here has been very haphazard - raising points but not proving them, trying to apply inappropriate laws and precedents...
Ideally, what is needed is for Congress to clarify the DMCA - put in explicit exemptions for tools intended to permit fair use. Better still, prohibit the sale of systems which impede fair use - as well as systems allowing regional market divisions (already illegal, I am told!)
Work is already underway on merging the two trees back together, as Corel have done periodically in the past. (Previously, they just submitted patches to sync the two, rather than opening their own tree.)
The two trees were last resynced in Wine-991212 (i.e. a little under two months ago).
If you are interested in what's changed, you can try here. That gives some idea of the difference (the statistics quoted are for a diff -u between the current Corel tree and Wine-991212). Essentially, it is a 32 000 line patch, totalling just over 1Mb and affecting 251 files, so it should keep us busy for an afternoon or two:-)
Ideally, I'd like to see a command-line version (is there one??) I have tried others - mpg123, for example, but had problems with half my MP3 collection due to funny sample rates etc.:-(
Does anyone have any suggestions? That decoder routine swallows 25% of the CPU in the previous version! Would I be better converting them to compressed WAV-type files for playback, given that I have plenty of disk space?
EU law has the Decompilation Directive, which expressly permits reverse-engineering for interoperability purposes (e.g. figuring out a file format so I could write an application which could use that format - like, say, a digital video compression format, so I could write a player for said format...) - with the proviso that this only applies to undocumented/poorly documented formats. So I could reverse-engineer Word to examine.DOC file structures, but not the Linux kernel to figure out ELF binaries.
There are restrictions on what you can then do with the information obtained - I'm not sure if you are allowed to make the resulting application open source, since this would amount to publicly documenting the file format. You could certainly write and publish a closed source binary which decrypted CSS content (without encrypting the binary or anything dumb like that - just the absence of source is enough) and link that into an open source player...
The local calls aren't `free' - they're just charged at a flat rate (either per call or per month). This actually reflects the costs MORE accurately than per-minute charging - the expensive bit is setting up the call in the first place. A modern exchange can handle all the lines being in use at once quite happily - but can only handle an average of one call per line per hour. If anything, it should be voice calls which are surcharged - they put a heavier strain on the contended parts of the network!
Incidentally, the UK's `free' ISPs get almost 70% of the call charge - you pay `Free'Serve nearly £2 per hour for daytime use! (About $3.)
Ultimately, any sort of per-minute charging would cripple Internet usage, as the UK's abject failure in that area demonstrates. A simple per-megabit tax on leased lines, OTOH, would be much fairer, without kneecapping e-commerce in the US the way BT's charges have kneecapped the UK.
Slashdot Mirror
With the tits and everything, it is doubtful they will send a virus that is even executable on whatever processor is in there. We're safe for now.
;-)
You've forgotten about Java - write once (on alien mothership), run everywhere (once the worm hits our Net).
James.
That being said, of course, they could always write a function which calls a separate trivial library which contains the code in question, and release the trivial library and it's source code. I reckon that's one way to satisfy (around?) the letter of the GPL.
:-(
Nope - ISTR that's the LGPL. (glibc, for example, allows commercial programs to link to it, subject to certain conditions.) GPLed code can't be used in this way.
This is a bit of a problem for the Apache project ATM - there's an authentication module someone's written for Apache to allow it to check passwords against a Samba or NT server. Unfortunately, it uses code from Samba (GPL) - so it can't be incorporated into Apache
In a nutshell, however, you want to:
/., too :-)
.sig? No thanks. Smoking's bad for you.
[jas88@dax rfc]$ telnet slashdot.org 80
Trying 209.207.224.41...
Connected to slashdot.org.
Escape character is '^]'.
HEAD / HTTP/1.0
HTTP/1.1 200 OK
Date: Sun, 30 Apr 2000 19:05:11 GMT
Server: Apache/1.3.6 (Unix) mod_perl/1.21
Connection: close
Content-Type: text/html
Connection closed by foreign host.
Or similar. You can put GET instead of HEAD to get the actual page contents, but the raw HTML probably isn't much use. It works on hosts other than
James.
--
Really? They don't seem to think so - it was formed as a Directorate of Military Intelligence in January 1916, titled "MI5". Officially, it's usually referred to as "the Security Service", but is commonly known as MI5 - even to the extent of having that for their domain name.
There are a few other interesting gems on that site: for example, MI5 does not have the power to detain or arrest people. (See "Myths and Misunderstandings" ... "Executive Powers".)
It goes further than that: most (possibly all) Articles of the European Convention on Human Rights contain a clause which specifies a total exception for matters of national security. Contrary to common belief, we do have guaranteed rights to freedom of expression - except where that would conflict with the interests of national security.
Actually, they don't. If people are selling drugs in my establishment, I have no more responsibility to stop them than any other witness.
Under UK law, you do have a responsibility to stop them. Otherwise, you'll end up spending a couple of years in free accomodation with a lock on the outside of the door - as happened to "the Cambridge Two" a few months ago...
No. That's one of the key flaws in the DMCA: it does NOT protect COPY-control systems, but ACCESS-control systems. Like, for example, DVD's CSS. Yes, we all know it isn't a working COPY prevention system - that doesn't matter. It IS an ACCESS control system (to stop you playing DVDs on non-cartel approved players).
What I want to know is, WTF are these guys (the censorware clowns, I mean) playing at? If I were doing it, I'd just ship a load of MD5 hashes of the blocked URLs. That way, you CANNOT "decrypt" the list - it's not an encrypted list to begin with! (Brute forcing the hashes would take quite a while...)
No. In the case of "free" ISPs like Freeserve, it is paid for by the user, through their phone bill (Freeserve gets up to about £1.80 [$2.70] per hour from you this way for the "free" service). This is the model used by almost all the UK's "free" ISPs; a handful, such as Screaming.net, use a cross-subsidy from other services (they are also a telephone company, and subsidise the ISP from call charges).
Finally, we are beginning to see flat-rate Net access; Claranet now provide flat-rate access at weekends and evenings for £50 ($75) per month. We do have one truly free ISP - X-stream - using 0800 numbers funded by an advertising bar, but getting connected to their one and only modem can take quite a while...
Well, sort of.... Presumably you are referring to X-stream's 0800 service? Or Callnet's loss leader?
The UK has plenty of (over 200!) "free" ISPs, funded by the call charge. These are not really "free" at all, but "pay as you go" - you are paying them anything up to about £1.80 ($2.70) per hour for this "free" service.
The problem is that we don't have flat-rate ISPs yet, except BT Internet (weekends and evenings only), or Claranet (also weekends and evenings only, priced at £50 [$75] per month).
As Excite@Home just discovered here...
The funniest aspect being that not only did the "filtered" search engine return XXX links - the banner ads were for porn as well!
Because there wasn't any way for the broadcaster to know who picked up the signal, they couldn't charge the owners of the receivers to watch the signal.
Except in the UK, where the government owned the TV station (the BBC) and so could pass a law requiring everyone owning a TV to pay for a "license", to fund the BBC. The license still exists today, at about $165 per year...
As I said, I know of one person here who HAS pirated DVD content over the Internet. I don't mean he had a DVD burner somewhere else, he simply ripped the MPEG content with DeCSS, then sent the resulting (v. large) file over our OC-3 connection. Funnily enough, he DID get caught...
Anyway, it isn't DeCSS we should worry about, but css-auth and css-cat. DeCSS is of no use for playing DVDs under Linux - that's what css-* are for.
The really sad thing here is that encryption CANNOT be used to make an anti-piracy system - but explaining/proving that is extremely difficult. I suspect that "the movie industry" went to some technical company who sold them an "anti-piracy" system (CSS) claiming that it would prevent piracy provided the keys and algorithm were kept secret.
Now, you and I both know perfectly well that this is technically impossible - but they don't (which is why they got someone else to devise the CSS in the first place). Just like all those sites which installed Windows Not Tested as a mission critical server, then discover they are having major problems - but their technical guys won't admit NT is a poor solution, because they are the ones who chose it. Instead, they go looking for scapegoats - hardware, other applications, "hackers", the weather etc.
In short, though, DeCSS can be used for piracy, and has been. So can we just shut up about how this Windows program "is only useful for playing DVDs under Linux" please?
I meant the purpose for which it is currently USED and DISTRIBUTED by many - namely as a DVD ripper. I have already read most of the material (including the source code...) - my point remains: DeCSS CAN BE(and indeed IS) used for copying DVD content.
Yes. He took a DVD, used DeCSS to rip the unencrypted MPEG data, then sent that across an OC-3 Internet connection about two weeks ago.
This would appear, IMHO, to be DeCSS's primary use (after all, there ARE other WINDOWS DVD players).
Personally, I think we should ADMIT that DeCSS is indeed a tool which can be used for pirating DVD content over the Internet (given a fast enough connection, which most of us do not have yet) and quietly drop it. Instead, the battle should be fought over css-auth and css-cat which ARE tools for playing DVDs under Linux/*BSD.
Typically, that's a proxy server port (i.e. Squid etc.) Sounds like they're searching for an open proxy...
Off-hand, I can't think of any reason .jp dialups would want to find open proxies any more than other addresses - can anyone here?
Did Netscape try asking Microsoft to bundle Netscape with Windows instead of IE? Did Digital Research try asking Microsoft not to put code in Windows 3.0 to stop it working on DR DOS? Did they NEED to do so for Microsoft's actions to be unlawful? No.
This is precisely the same issue. Buying a DVD movie should not prevent me from playing that DVD on ANY player I wish - any more than buying a copy of Windows should prevent me from using WordPerfect Office, or Lotus SmartSuite.
In essence, the whole point is that licenses from the MPAA/DVDCCA must not be required in order to play DVDs - this would be like Microsoft forcing application vendors to license and use Office code if they want their software to work with Windows. That is illegal (under anti-trust laws) - so, IMO, are the MPAA/DVDCCA's actions here.
Does this sound familiar, in any way? Substitute "Operating Systems" for "content", and "WWW browsers" or "applications" for "DVD players", and we have a rerun of Microsoft's actions over IE...
When Microsoft did it, the court held that it was illegal, and stopped Microsoft doing it (albeit too late, really...) - hopefully, the same will happen over DVD and all the restrictive trade practices associated with it (region coding, to enforce discriminatory pricing regimes, which I am told is illegal; preventing the use of competitor's products in conjunction with lawfully obtained material, almost certainly a violation of anti-trust laws...)
DeCSS? Well, it runs on Windows, and most of the sites I saw carrying it also contained instructions on how to convert DVDs to VCD format and burn them on CDr. In my book, that's not interoperability....
On the other hand, it would appear that that IS covered by "fair use".
Talking about the legal team, though, my impression is that the defence here has been very haphazard - raising points but not proving them, trying to apply inappropriate laws and precedents...
Ideally, what is needed is for Congress to clarify the DMCA - put in explicit exemptions for tools intended to permit fair use. Better still, prohibit the sale of systems which impede fair use - as well as systems allowing regional market divisions (already illegal, I am told!)
The two trees were last resynced in Wine-991212 (i.e. a little under two months ago).
If you are interested in what's changed, you can try here. That gives some idea of the difference (the statistics quoted are for a diff -u between the current Corel tree and Wine-991212). Essentially, it is a 32 000 line patch, totalling just over 1Mb and affecting 251 files, so it should keep us busy for an afternoon or two :-)
You can get the IP config info out of NT by using... the IPCONFIG command! :-) (Just to be difficult, 95/98 uses winipcfg instead...)
Does anyone have any suggestions? That decoder routine swallows 25% of the CPU in the previous version! Would I be better converting them to compressed WAV-type files for playback, given that I have plenty of disk space?
There are restrictions on what you can then do with the information obtained - I'm not sure if you are allowed to make the resulting application open source, since this would amount to publicly documenting the file format. You could certainly write and publish a closed source binary which decrypted CSS content (without encrypting the binary or anything dumb like that - just the absence of source is enough) and link that into an open source player...
The local calls aren't `free' - they're just charged at a flat rate (either per call or per month). This actually reflects the costs MORE accurately than per-minute charging - the expensive bit is setting up the call in the first place. A modern exchange can handle all the lines being in use at once quite happily - but can only handle an average of one call per line per hour. If anything, it should be voice calls which are surcharged - they put a heavier strain on the contended parts of the network!
Incidentally, the UK's `free' ISPs get almost 70% of the call charge - you pay `Free'Serve nearly £2 per hour for daytime use! (About $3.)
Ultimately, any sort of per-minute charging would cripple Internet usage, as the UK's abject failure in that area demonstrates. A simple per-megabit tax on leased lines, OTOH, would be much fairer, without kneecapping e-commerce in the US the way BT's charges have kneecapped the UK.