Exactly. You summed it up very nicely.
Since they charge per click-thru, posting an ad with low click-thru but a lot of impressions is an (albeit clever) abuse/hack of their system.
It's not about censorship at all, just about money. And it's further proof that the Google folks are really smart, because they have foreseen this kind of hack and already implemented prevention measures.
So maybe google wants to make sure that the ads are relevant because it doesn't want to accept the risk that its ads will considered worthless, thus dropping the price they can charge for them.
And maybe it's even simpler. They charge per click-thru. Higher click-thru == more money. Of course they have an interest to keep the click-thru rate high.
I would say that the conclusion "higher click-thru rate" == higher search relevance is debatable (if not false), so it's not necessarily an incentive for Google. But the money certainly is and they can place only so many ads on a page (only the first results page really counts). It makes a lot of sense to just keep the ads that generate a minimum of cash.
It would be interesting to know wether they apply their dictionary while indexing. In that case, your search term "QuantaBot" would never yield any search results.
Have you tried creating a web page with the term "QuantaBot" in title and/or body and then submitting it to Google? If it doesn't show up a week later in the search results that would prove they classify the term as a typo while indexing, which would be a fundamentally flawed approach IMHO, since it would limit search terms to their dictionary.
Furthermore it would be interesting to know what happens when the term only shows up once on your page (more likely to be a typo), versus several times and in title/keywords META tag (evidently a new word and no typo). Would they dynamically extend their dictionary with new words (e.g. if it shows up on several different pages, it's considered a true new word and gets added)?
Hey Taco, how about an interview with one of the Google lead tech developers, to answer all those geek questions, hmm?
True, but it's GUI sucks and it doesn't support playlists or ID3 tags. I have yet to see a test of the sound output quality. If you want a cheap portable HD with MP3 player on the side, go for the Archos.
If you want a really nice MP3 player, I suggest the Nomad or iPod.
Disclaimer: I'm not trying to flamebait or troll. A friend of mine has the Archos and likes it, but I think it has some serious drawbacks.
Sigh. Did the submitter even bother to read the whole PDF?
...claim that even intercepting and decrypting WEP-encrypted traffic is perfectly legal...
No they don't claim that. As stated in section 5.4 of the PDF, german law says that if you break "special safety measures against unauthorized access" you are certainly violating the law. Now wether WEP encryption is strong enough to be considered a valid safety measure in terms of this law is yet to be determined in a court case.
But that is not what the PDF is mainly about anyway. As it goes on in the following sections, it just claims that merely intercepting the WEP-encrypted data is definitely not a crime, at least as long as you're not decrypting it. So, simply sniffing/netstumling is legal. Decrypting WEP-encrypted data and further meddling in a thus cracked WLAN is most likely illegal (has yet to be determined by a german court).
Sniffing unencrypted (WEP disabled) WLAN is not illegal, since there is no "special safety measure to prevent unauthorized access" as stated in the law.
Still an interesting read, but not nearly as mindboggling as suggested in the/. story.
How will tit-for-tat leech resistance work if someone has an Asynchronous DSL connection? If my download bandwith is 768 kbps but my upload bandwidth is technically limited to 128 kbps (as is common with many DSL offers for private home users), will the leech resistance feature think I'm guilty?
While all you say may be true and the reporting of how the hack has occured may be wildly exaggerated (electron microscopes, etc.), some facts remain:
The cracked cards will ruin Canal+'s business (or have already done so).
Murdochs media empire certainly gains a very strong strategic advantage by a ruined competition.
Thus, Murdochs media empire does have a strong incentive.
Even if it didn't take place as they claim, this would certainly be a working strategy: crack your competitions technology, release it anonymously on the net in an easy-to-use form and let the script-kiddies do the rest. I guess we'll be seeing more of that tech/cyberwar in the future.
"Compulsory ID cards only make sense if it's requirement to always carry them..." I beg to differ.
Compulsory only means that every citizen has to have one, so that he can identify himself when needed (either if required by law or if he chooses). It doesn't necessarily mean that it's compulsory to carry the card at all times, neither does it mean that police must be allowed to stop and ask to see it without good reason.
There are dozens of situations where it makes perfect sense to have a reliable standardized ID, to be able to identify yourself.
As an example: the US authorities do not even have the slightest clue about the status of people living in their country. I used to live in the US for a year when I was 17 years old. I had a SSN and I got a drivers license there. When I turned 18, I got a letter from the draft office asking me to register with them. I don't exactly know how they got my name and birthdate, but I assume via the drivers license or SSN registration. Fact is, I never was a US citizen. At the time I got the letter I had already left the US (it was forwarded). The US draft office knew nothing about this. It required several letters to convince them that their registration process didn't even apply to me (as a non-US citizen). The only thing that did was my (non-US) ID.
Exactly. To quote from the text: "The attacker gains access to all data going through the device, including plaintext in the case of encryption systems." This is obviously bullshit, since the LED is equal to the signal on the cable, in other words OSI layer 1. The method is equal to a wiretap the phone line or coax cable. Encryption such as SSH and SSL happens at higher OSI layers and therefore this method does definitely not offer access to clear text data.
In addition it does not explain how it would be possible to decode data that is being sent by a multiplexing device, as the LED only shows that data is being sent. A modern modem (e.g. DSL) does however spread several data bits over different frequencies and thus it's impossible to decode them all from the LED light, since that does not reflect the full frequency spectrum of the cable. They claim "We have successfully recovered error-free data at speeds up to 56 kb=s; the physical principles involved ought to continue to work up to about 10 Mbits/s.", but I seriously doubt it would scale up to DSL modems.
However, the fun starts when companies become multi-national. I find it quite amusing to watch how the FTC and it's other national counterparts struggle when they try to apply their national viewpoint logic to international mergers.
NSA liaison officer 1: Dude, so is Daimler-Chrysler still an american company now, or what? They're asking for some info on those frenchies.
NSA liaison officer 2: Aehm, dunno man. But I thought the germans are the bad guys. Oh wait no, that was back in WW2. I think now they're our friends.
The DMCA is a national law in the US. Move the bnetd project to a server in a country with no DMCA (currently most of the countries worldwide).
Case closed. Yeah, maybe it would still be illegal for you US americans to download and use the stuff, but the -case- would be closed.
And IMHO a better solution than trying to argue for the DMCA not applying to bnetd, as circumventing jurisdiction will hopefully make them understand how futile their stupid efforts are (though I fear it won't).
This is not about a system wide conf file for all users. It may be about a single conf file for each user (in their respective $HOME). Of course that would make perfect sense.
And it's not about how the environment variable is called either. Of course I can look that up in the program manual. It's about the fact that the variable is not standardized across different programs (which I was trying to illustrate by giving it different names).
So one program may call it $HTTP_PROXY, while another may call it something else. And one program may expect it's value to be a URL, while another may want to cover more info, e.g. avoid the proxy for certain domains.
The point is that such config info is not standardized across several different apps, so you may end up changing several different config files for one setting. That's the problem.
Sorry. I had no intention to widen the page. Blame me for not checking the Preview properly.
This clearly seems to be a bug though, as text with spaces should wrap around.
So, instead of marking me as a foe, maybe file a bug report? Or at least a feature request for the checks in comments.pl
:-)
I beg to differ. While I like Unix, I would not call this "great":
ls -a $HOME .Xdefaults.Xmodmap.Xresources.addressbook.addressbook.lu.bash_history.bashrc.dayplan.dayplan.priv.dvipsrc.emacs.exrc.gimprc.grok.holiday.hotjava.jazz.kde.kermrc.lyxrc.muttrc.nc_keys.pgp.pinerc.profile.seyon.signature.ssh.stonxrc.susephone.tex.uitrc.console.uitrc.vt100.uitrc.vt102.uitrc.xterm.urlview.vimrc.xcoralrc.xfm.xim.xinitrc.xserverrc.secure.xsession.xtalkrc
You get the idea...
Sure, wget has a command line option for my http proxy. But why isn't there a system-wide default that it uses?
Wait there is! But is it $HTTP-PROXY? Or $HTTPPROXY? Or $PROXY?
What's my default printers name? Yeah right it's probably $PRINTER, but then again, maybe not.
Sorry man, but I don't call that good. I call it ugly. Using an Apple, now that is pretty, and for a reason. Thinking about merging pretty (Apple) and powerful (Unix) sounds truly appealing to me.
The article was talking about user configuration as much as server configuration. I could live with seperate conf files for servers, but for user conf files it's just plain ugly.
I like the idea, such a tool would certainly be nice. Unfortunately the article only focuses on the Syntax part, the file format and access. I would think that is rather easy, use some kind of XML and you're already halfway there.
The part that makes such a system really useful however, is a standard agreement of which information is stored and what it means.
This is where the Windows Registry falls down. And Unix is even worse, because all it has is some common soft-of-agreed-upon shell variables, like $EDITOR etc.
Apple is able to do this better because they set the standards for the OS (even more than MS). The can have one central "registry" for something like default associations of MIME-types with particular applications and define an API so every application can use it and a user doesn't have to change his settings in his browser AND his mail client AND his ftp client, etc.
Given the diversity of the unix crowd, the latter seems difficult to me. Maybe they can include it as part of LSB for a start?
I agree with you that educucational empowerment of the individual is generally a Good Thing (TM).
But -
As for the "damage" you say might be done -- damage of what sort? Even if this is a "pure PR exercise", where's the damage?
A very simple implication: technological superiority == cultural superiority
If a third worlder sees this techno-gadget and realizes loads of cash are being spent on letting him play with it, rather than spending it on feeding his hometown, what's the implication?
Whatever's going on there must be mighty important, therefore worth it, therefore somehow superior.
The baby milk formula is actually an excellent example. You say ...determines that the risk is worth taking...
Well then please explain to me how an uneducated third world mother with no medical background can determine wether that baby milk formula is any good for her child? She can't, as millions of examples have proven.
Furthermore, getting back to my first point, she especially can't determine that, if loads of (multinational-company-sponsored) people in white doctor-like lab coats run around and tell her to use it, because it would be better for her child. Because she perceives these people as figures of authority. Why? Because the very same people (first worlders) come to her country with all these superior gadgets, cars, you-name-it.
The conclusion drawn? They must be superior, consequently the culture/society that produces such a technological superiority must be better/superior.
They are willing to throw their own culture overboard, that is the damage done.
Have you ever been to Nepal for example? I have. These people are truly happy, you can see it in their faces. Yet when I tell them that I come from Germany, their faces are awestruck and they say "Wow, what a great country.". Well what they don't know for example is that we have about 15.000 people a year committing suicide in this country, because of their genuine unhappiness. AFAIK suicide is practically unknown in Nepal.
Still think our culture is superior? I'm not so sure. But this is getting off-topic...
According to the heise newsticker, MS has agreed to offer the source to the federal parliament (Bundestag) for inspection. How would they be qualified?
Specifically the source was not offered to the Ministry for Security in Information Technology (Bundesamt für Sicherheit in der Informationstechnik), who specialise in this kind of stuff (security audits of software).
So MS's offer is completely useless, a mere publicity stunt.
Traffic copters seem like an old-fashioned crude solution, wether they are flown by humans or automated drones.
Wireless P2P networks like this and this, will do that traffic + navigation stuff so much better.
To be honest I can see that MIT copter useful in military scenarios, or for smuggling drugs maybe, but not for controlling traffic...
Read The Lost Honor of Katharina Blum, by Heinrich Boll. A classic. It's almost obligatory literature in german highschools (or used to when I went to school). Makes sure you learn from the past (it's not about Nazis, but about terrorists, Germany had quite some terrorism in the 60s and 70s too).
Any open standard does not have to be reverse-engineered. The DMCA is no use for them.
Any proprietary encryption, no matter how weak, provides them with a powerful legal protection when combined with the DMCA. Because sure, you can crack it, go ahead. But then they can sue you.
So yes, as absurd as it may sound: a proprietary standard provides them with (legal) security by definition.
Yup now I understand what the guy meant with this statement: "By definition a standard drm is less secure than a proprietary one," says Gregg Makuch, senior product manager for mobile product and services at Seattle-based Realnetworks.
He wasn't talking about technological security. He was talking about legal security. An open standard doesn't need to be reverse-engineered, the DMCA won't help. Any proprietary DRM mechanism provides security even if it's simple to crack, because they can use the DMCA to sue everyone into oblivion who dares to crack it.
At first I though this manager was just plain dumb (like most of them are when it comes to security), now I'm not so sure after all.
Even better, they should use Google to figure out what to cache in the first place.
The way it works right now, it's more like a mindnumbingly dumb brute-force cache (like I found some of my own irrelevent web pages from years ago).
While there may be arguments in favour of saving everything and storage may be cheap, while not use Google's ratings to save more relevant/interesting info and ignore the crap...
Slashdot Mirror
Exactly. You summed it up very nicely.
Since they charge per click-thru, posting an ad with low click-thru but a lot of impressions is an (albeit clever) abuse/hack of their system.
It's not about censorship at all, just about money. And it's further proof that the Google folks are really smart, because they have foreseen this kind of hack and already implemented prevention measures.
And maybe it's even simpler. They charge per click-thru. Higher click-thru == more money. Of course they have an interest to keep the click-thru rate high.
I would say that the conclusion "higher click-thru rate" == higher search relevance is debatable (if not false), so it's not necessarily an incentive for Google. But the money certainly is and they can place only so many ads on a page (only the first results page really counts). It makes a lot of sense to just keep the ads that generate a minimum of cash.
Have you tried creating a web page with the term "QuantaBot" in title and/or body and then submitting it to Google? If it doesn't show up a week later in the search results that would prove they classify the term as a typo while indexing, which would be a fundamentally flawed approach IMHO, since it would limit search terms to their dictionary.
Furthermore it would be interesting to know what happens when the term only shows up once on your page (more likely to be a typo), versus several times and in title/keywords META tag (evidently a new word and no typo). Would they dynamically extend their dictionary with new words (e.g. if it shows up on several different pages, it's considered a true new word and gets added)?
Hey Taco, how about an interview with one of the Google lead tech developers, to answer all those geek questions, hmm?
True, but it's GUI sucks and it doesn't support playlists or ID3 tags. I have yet to see a test of the sound output quality. If you want a cheap portable HD with MP3 player on the side, go for the Archos.
If you want a really nice MP3 player, I suggest the Nomad or iPod.
Disclaimer: I'm not trying to flamebait or troll. A friend of mine has the Archos and likes it, but I think it has some serious drawbacks.
Sigh. Did the submitter even bother to read the whole PDF?
...claim that even intercepting and decrypting WEP-encrypted traffic is perfectly legal...
/. story.
No they don't claim that. As stated in section 5.4 of the PDF, german law says that if you break "special safety measures against unauthorized access" you are certainly violating the law. Now wether WEP encryption is strong enough to be considered a valid safety measure in terms of this law is yet to be determined in a court case.
But that is not what the PDF is mainly about anyway. As it goes on in the following sections, it just claims that merely intercepting the WEP-encrypted data is definitely not a crime, at least as long as you're not decrypting it. So, simply sniffing/netstumling is legal. Decrypting WEP-encrypted data and further meddling in a thus cracked WLAN is most likely illegal (has yet to be determined by a german court).
Sniffing unencrypted (WEP disabled) WLAN is not illegal, since there is no "special safety measure to prevent unauthorized access" as stated in the law.
Still an interesting read, but not nearly as mindboggling as suggested in the
Don't ask what others can do, see http://slashdot.org/comments.pl?sid=29802&cid=3206 411 for what you can do.
How will tit-for-tat leech resistance work if someone has an Asynchronous DSL connection? If my download bandwith is 768 kbps but my upload bandwidth is technically limited to 128 kbps (as is common with many DSL offers for private home users), will the leech resistance feature think I'm guilty?
- The cracked cards will ruin Canal+'s business (or have already done so).
- Murdochs media empire certainly gains a very strong strategic advantage by a ruined competition.
- Thus, Murdochs media empire does have a strong incentive.
Even if it didn't take place as they claim, this would certainly be a working strategy: crack your competitions technology, release it anonymously on the net in an easy-to-use form and let the script-kiddies do the rest. I guess we'll be seeing more of that tech/cyberwar in the future.Why don't we all try it out with a practical example? Paste the following Google bomb in your weblog:
<a href="http://www.gnu.org">Help, answers and updates for bugs and problems with Microsoft Windows</a>
I beg to differ.
Compulsory only means that every citizen has to have one, so that he can identify himself when needed (either if required by law or if he chooses). It doesn't necessarily mean that it's compulsory to carry the card at all times, neither does it mean that police must be allowed to stop and ask to see it without good reason.
There are dozens of situations where it makes perfect sense to have a reliable standardized ID, to be able to identify yourself.
As an example: the US authorities do not even have the slightest clue about the status of people living in their country. I used to live in the US for a year when I was 17 years old. I had a SSN and I got a drivers license there. When I turned 18, I got a letter from the draft office asking me to register with them. I don't exactly know how they got my name and birthdate, but I assume via the drivers license or SSN registration. Fact is, I never was a US citizen. At the time I got the letter I had already left the US (it was forwarded). The US draft office knew nothing about this. It required several letters to convince them that their registration process didn't even apply to me (as a non-US citizen). The only thing that did was my (non-US) ID.
In addition it does not explain how it would be possible to decode data that is being sent by a multiplexing device, as the LED only shows that data is being sent. A modern modem (e.g. DSL) does however spread several data bits over different frequencies and thus it's impossible to decode them all from the LED light, since that does not reflect the full frequency spectrum of the cable.
They claim "We have successfully recovered error-free data at speeds up to 56 kb=s; the physical principles involved ought to continue to work up to about 10 Mbits/s.", but I seriously doubt it would scale up to DSL modems.
NSA liaison officer 1: Dude, so is Daimler-Chrysler still an american company now, or what? They're asking for some info on those frenchies.
NSA liaison officer 2: Aehm, dunno man. But I thought the germans are the bad guys. Oh wait no, that was back in WW2. I think now they're our friends.
Case closed.
Yeah, maybe it would still be illegal for you US americans to download and use the stuff, but the -case- would be closed.
And IMHO a better solution than trying to argue for the DMCA not applying to bnetd, as circumventing jurisdiction will hopefully make them understand how futile their stupid efforts are (though I fear it won't).
MSIE inserts a NBSP for the whitespace, so it looks like: People using other browsers won't even notice. Since the percentage of MSIE users on
This is not about a system wide conf file for all users. It may be about a single conf file for each user (in their respective $HOME). Of course that would make perfect sense.
And it's not about how the environment variable is called either. Of course I can look that up in the program manual. It's about the fact that the variable is not standardized across different programs (which I was trying to illustrate by giving it different names). So one program may call it $HTTP_PROXY, while another may call it something else. And one program may expect it's value to be a URL, while another may want to cover more info, e.g. avoid the proxy for certain domains.
The point is that such config info is not standardized across several different apps, so you may end up changing several different config files for one setting. That's the problem.
This clearly seems to be a bug though, as text with spaces should wrap around.
So, instead of marking me as a foe, maybe file a bug report? Or at least a feature request for the checks in comments.pl
:-)
ls -a $HOME
.Xdefaults .Xmodmap .Xresources .addressbook .addressbook.lu .bash_history .bashrc .dayplan .dayplan.priv .dvipsrc .emacs .exrc .gimprc .grok .holiday .hotjava .jazz .kde .kermrc .lyxrc .muttrc .nc_keys .pgp .pinerc .profile .seyon .signature .ssh .stonxrc .susephone .tex .uitrc.console .uitrc.vt100 .uitrc.vt102 .uitrc.xterm .urlview .vimrc .xcoralrc .xfm .xim .xinitrc .xserverrc.secure .xsession .xtalkrc
You get the idea...
Sure, wget has a command line option for my http proxy. But why isn't there a system-wide default that it uses?
Wait there is! But is it $HTTP-PROXY? Or $HTTPPROXY? Or $PROXY?
What's my default printers name? Yeah right it's probably $PRINTER, but then again, maybe not.
Sorry man, but I don't call that good. I call it ugly. Using an Apple, now that is pretty, and for a reason. Thinking about merging pretty (Apple) and powerful (Unix) sounds truly appealing to me.
The article was talking about user configuration as much as server configuration. I could live with seperate conf files for servers, but for user conf files it's just plain ugly.
The part that makes such a system really useful however, is a standard agreement of which information is stored and what it means. This is where the Windows Registry falls down. And Unix is even worse, because all it has is some common soft-of-agreed-upon shell variables, like $EDITOR etc.
Apple is able to do this better because they set the standards for the OS (even more than MS). The can have one central "registry" for something like default associations of MIME-types with particular applications and define an API so every application can use it and a user doesn't have to change his settings in his browser AND his mail client AND his ftp client, etc.
Given the diversity of the unix crowd, the latter seems difficult to me. Maybe they can include it as part of LSB for a start?
As for the "damage" you say might be done -- damage of what sort? Even if this is a "pure PR exercise", where's the damage?
A very simple implication: technological superiority == cultural superiority
If a third worlder sees this techno-gadget and realizes loads of cash are being spent on letting him play with it, rather than spending it on feeding his hometown, what's the implication?
Whatever's going on there must be mighty important, therefore worth it, therefore somehow superior.
The baby milk formula is actually an excellent example. You say
...determines that the risk is worth taking...
Well then please explain to me how an uneducated third world mother with no medical background can determine wether that baby milk formula is any good for her child? She can't, as millions of examples have proven.
Furthermore, getting back to my first point, she especially can't determine that, if loads of (multinational-company-sponsored) people in white doctor-like lab coats run around and tell her to use it, because it would be better for her child. Because she perceives these people as figures of authority. Why? Because the very same people (first worlders) come to her country with all these superior gadgets, cars, you-name-it.
The conclusion drawn? They must be superior, consequently the culture/society that produces such a technological superiority must be better/superior.
They are willing to throw their own culture overboard, that is the damage done.
Have you ever been to Nepal for example? I have. These people are truly happy, you can see it in their faces. Yet when I tell them that I come from Germany, their faces are awestruck and they say "Wow, what a great country.". Well what they don't know for example is that we have about 15.000 people a year committing suicide in this country, because of their genuine unhappiness. AFAIK suicide is practically unknown in Nepal.
Still think our culture is superior? I'm not so sure. But this is getting off-topic...
Specifically the source was not offered to the Ministry for Security in Information Technology (Bundesamt für Sicherheit in der Informationstechnik), who specialise in this kind of stuff (security audits of software).
So MS's offer is completely useless, a mere publicity stunt.
Wireless P2P networks like this and this, will do that traffic + navigation stuff so much better.
To be honest I can see that MIT copter useful in military scenarios, or for smuggling drugs maybe, but not for controlling traffic...
Read The Lost Honor of Katharina Blum, by Heinrich Boll. A classic. It's almost obligatory literature in german highschools (or used to when I went to school). Makes sure you learn from the past (it's not about Nazis, but about terrorists, Germany had quite some terrorism in the 60s and 70s too).
Any open standard does not have to be reverse-engineered. The DMCA is no use for them.
Any proprietary encryption, no matter how weak, provides them with a powerful legal protection when combined with the DMCA. Because sure, you can crack it, go ahead. But then they can sue you.
So yes, as absurd as it may sound: a proprietary standard provides them with (legal) security by definition.
Yup now I understand what the guy meant with this statement:
"By definition a standard drm is less secure than a proprietary one," says Gregg Makuch, senior product manager for mobile product and services at Seattle-based Realnetworks.
He wasn't talking about technological security. He was talking about legal security. An open standard doesn't need to be reverse-engineered, the DMCA won't help. Any proprietary DRM mechanism provides security even if it's simple to crack, because they can use the DMCA to sue everyone into oblivion who dares to crack it.
At first I though this manager was just plain dumb (like most of them are when it comes to security), now I'm not so sure after all.
Even better, they should use Google to figure out what to cache in the first place.
The way it works right now, it's more like a mindnumbingly dumb brute-force cache (like I found some of my own irrelevent web pages from years ago).
While there may be arguments in favour of saving everything and storage may be cheap, while not use Google's ratings to save more relevant/interesting info and ignore the crap...