This is the solution Amazon will give you if you contact them about it. (The reasons this situation arose are, of course, historical. It's the sort of thing that can happen if you want to improve the way you store passwords, but don't want to prevent existing customers from logging in.)
This issue only affects people who have not changed their account password for something like five years.
They certainly don't know whether or not it's used to host material leaked from govt sources legitimately into the public domain or who and who isn't a journalist.
They don't, unless that customer trumpets their use of the service in that manner to the world...
That being said, the decision to remove OtherOS was hardly arbitrary - it originated from Geohot's actions, which catapulted Sony into (an unfortunately rash) action.
As I understand it, OtherOS had already been disabled in slim PS3s (though the firmware still contained the code), and that's what Geohot was attempting to reenable. Sony's reaction was to remove OtherOS from existing fat PS3s. I may be remembering it wrong, though.
In other words, Sony decided to remove OtherOS from slim PS3 models (that is, they shipped without the option), despite the fact that the hardware can handle it without issues, a decision which certainly appears arbitrary. It looks to me like they no longer wanted to sell consoles with OtherOS enabled, and they took the first opportunity they could to disable it in the older PS3s as well (perhaps so they wouldn't have to maintain multiple sets of firmware). I would suggest that Geohot's difficult-to-execute hack was simply a convenient scapegoat for a decision Sony had already wanted to make (for whatever reason).
That's all speculation, of course.
However, Geohot releasing the root key to the ENTIRE WORLD does NOT constitute just "trying to get the functionality back".
All *fail0verflow* did was try to get the functionality back, and Sony named them in the motion as well, so we're sort of stuck defending both them and Geohot since Sony named them together. (I do agree that the relative size of each party has nothing to do with who is right and who is wrong.)
Whether or not Geohot was wrong to publish the key, one thing is certain: the bulk of Sony's claims in the motion are ridiculous, and that reflects poorly on them.
They wouldn't have even disabled OtherOS in the first place if he hadn't made such a big deal about how he was going to crack the PS3!
You mean they wouldn't have disabled OtherOS on the fat PS3s if he hadn't said he intended to enable OtherOS on the slim PS3s (which he wanted since slim PS3s are capable of it and the decision to remove the menu option was arbitrary and pointless)? Yeah, geohot is totally the bad guy here. *eyeroll*
In the motion for TRO against geohot and fail0verflow, Sony states in a footnote that they have filed (or intend to file, I forget the exact words used) a separate suit against them for damages and attorney fees.
Yes there is. See 1201 (f) (1), for example; circumvention for the purpose of software interoperability is explicitly permitted. Circumventing measures on the device in order to run Linux on that device falls quite neatly under this exception.
I bought my PS3 used, and have never updated the firmware or connected to PSN; I don't remember ever seeing or agreeing to an EULA. (Sony would probably argue that the previous owner agreed to it and that that agreement magically transferred to me when I bought the device from him, but that argument would be relatively easy to counter.)
If I now perform exactly the same hack Geohot and fail0verflow have performed, those EULA and PSN ToS provisions cannot conceivably apply to me, and therefore the bulk of Sony's claims would not be applicable. I don't know whether they can show that Geohot agreed to either the EULA or the PSN ToS, but I would hope that because those are so trivially avoided, they will not be given much weight.
At any rate, the PSN's ToS does not, or at least should not (I haven't read it, as I mentioned), give Sony the right to sue users for violating the ToS; as I understand it, the worst possible consequence of violating the ToS would be getting banned from connecting to PSN. Can anyone clarify?
The complaint also says that because Geohot has a Paypal account (and accepts donations through it), and Paypal is headquartered in California, he has a financial interest in California, and therefore he can be sued there. It's the sort of convoluted not-quite-logic that one should expect from lawyers, I guess...
I haven't seen any comment from Geohot saying he wanted Sony to hire him. What he said was that if any of the console makers want their next console to be secure, they should get in touch with him, and that he thinks it would be interesting to "be on the other side". None of those things are a request for a job -- a job is only *one* of the ways Sony could use to "get in touch" with Geohot about the security of their next console. The first time I read the comment, I read it as sarcasm; the second time I read the comment, I read it as an offer to help. It is not necessary for him to be on Sony's payroll before you can say he is on their side.
But even if he *was* implying that he wanted a job, it's not remotely illegal to ask a company for a job, regardless of whether he had just hacked one of their toys. Their accusations of extortion are absurd. There is no threat in his comment -- he did not say "If you don't hire me, I will destroy your next console's security", for example. Instead he said, "I can help you improve your next console's security, if you want." There is a world of difference between what he actually said and what Sony claims he meant.
1201 (f) (1) hasn't been removed, as far as I'm aware, and it's one of the exception clauses that geohot could use in his defense. It explicitly permits circumvention necessary to obtain software interoperability (in this case, installing Linux).
They didn't remove emulation from PS3s that already supported it, did they? I guess the emulation was done in software after the first generation of PS3s, so there's really no technical reason to take it out for later generations...
I'm trying to figure out why anyone would actually try to patent numbers that are supposedly most effective (for the purposes of encryption, anyway) when they are kept secret. Surely if you patent two numbers, that implies you're using them for something? Maybe it's just a giant misdirection effort... but that seems pointless when the set of primes is infinite.
As far as I can tell, that boot-time phone-home session occurs as part of the *GameOS* boot sequence. When they get dual-booting working, what are they going to do? Try to scan the hard drive and see if Linux is installed? Problem is, any information reported by GameOS when it starts is suspect, because to get dual-booting working they're likely going to need to customize the GameOS firmware, and if they're customizing the firmware, there's nothing to stop them from having the firmware report "safe" data back to Sony (assuming they don't disable the phone-home sequence entirely).
While I think it is possible that Sony could ban some jailbreakers in the short run, I do not think they will be able to do this in the long run.
Imagine that the PS3 had been constructed by YOU, yourself, for the express purposes for which Sony has released this console.
That's where your mental exercise falls apart. By advertising OtherOS as a feature of the device, OtherOS was one of the "express purposes" for which Sony had released the console. OtherOS was a contributing factor to many people's decision to purchase a PS3, including my own.
If any entity -- whether a multinational corporation or a guy in his garage -- advertises a feature and then later arbitrarily removes the feature from already-purchased products, then that entity is definitely *not* entitled to sue its customers when they try to get that functionality back.
This has nothing to do with Sony's size and everything to do with Sony's incompetent management.
I think the interoperability exception, specifically 1201 (f) (1), explicitly permits the circumvention that geohot and fail0verflow have done. (But I'm not a lawyer, that's just how I understand the clause.)
Given that there *are* fair use and interoperability exceptions to the anti-circumvention clause, it is clear that the reason for performing the circumvention is indeed relevant. If you are cracking the system specifically so you can go and pirate Sony's entire game library, you cannot reasonably claim you are circumventing the system's TPMs for the purposes of interoperability; on the other hand, circumventing the system's TPMs in order to restore previously-available and arbitrarily removed functionality to the device (i.e. OtherOS) is quite clearly an issue of interoperability.
The problem isn't that they can't update the firmware, but that they can't replace defective or dying units with new units. They can buy used units somewhere, but that's not an ideal long-term solution.
My guess is that they'll use the cluster until enough units have died that they can't do whatever they need the cluster to do, then wipe the remaining drives and auction off the remaining PS3s.
When you first get a Comcast account, before you've registered your modem's MAC address with them, they give you an IP address but the DNS server they give you always points you at their registration server. Trouble is, the database that the DNS server reads out of can sometimes get out of sync with what modems are actually registered, and there's nothing Comcast's first- or second-level techs can do about it other than to tell you how to set your DNS servers manually to something else (they'll give you the IPs of the regional Comcast DNS servers). (This happened to my dad when he signed up.)
So... you'll forgive me if I'm wary of using the DNS servers my ISP gives me.
Companies can decide their terms of service are being violated at any time, they don't have to wait for a US court to decide the company's terms of service have been violated.
Suppose I watch you steal a candy bar. You have broken the law, whether or not a court convicts you of it. To claim otherwise is absurd.
If Wikileaks wants to challenge Amazon's assertion that they've violated US law, I don't personally have a problem with them trying. Somehow I don't see them even trying, though, let alone succeeding.
I only used the word "evil" to distinguish malicious, speech-suppressing censorship from activities which are technically censorship, but which are not malicious and do not suppress the freedom of speech. Clearly Amazon is engaging in the latter, not the former, and there is nothing wrong with that.
Unfortunately amazon has such relevance in today culture that the effect of their censorship is just nominally different from a violation of first amendment from the US government.
The first amendment does not mandate that private companies be forced to sell particular books. In fact, you could argue that the first amendment explicitly lets them not sell particular books!
At any rate, I was not saying that Amazon is trying to remove any book that happens to mention rape. I was saying that from what it looks like with this incident, they're trying to keep their store image clean by removing books with titles referring to rape. This is wholly different from censoring any mention of gay sexual violence with the intent to prevent any customers from ever reading any book that might refer to that subject.
But by using such a broad brush that is censorship, Amazon is basically answering them , "because I say so", which summed with the point I've made before, creates an ugly, ugly precedent.
It is hardly an "ugly, ugly precedent" for a company to be allowed to decide what products it sells, regardless of whether some subset of their customers want to buy those products. Do you think Amazon should be forced to make available every single book that is conceivably available on the market? Where do you draw the line? Why is that line any better than letting them draw the line based on earning a profit, which is their responsibility to their shareholders?
Don't confuse what Amazon is doing with the issue of freedom of the press. Amazon is not demanding that these books not be printed. Amazon is not demanding that these books not be sold elsewhere. Amazon has simply decided that they do not want to sell the books. This is no different than if a national brick-and-mortar bookstore decided they did not want to carry gay rape fantasy novels in its stores; certainly nobody would be complaining about censorship if that happened.
I would argue that a far uglier precedent would be to force Amazon to sell books they do not want to sell. It's a very short step from there to forcing publishers to publish books they do not want to publish, and you can probably see why that would be a bad thing.
You may not agree with Amazon's moral decisions on which products they sell, but it is absurd to claim they should not be allowed to make those decisions.
Slashdot Mirror
I didn't say it's ok to do ;) Besides, they fixed it. If you reset your password, the issue goes away. I don't really see what more you want.
This is the solution Amazon will give you if you contact them about it. (The reasons this situation arose are, of course, historical. It's the sort of thing that can happen if you want to improve the way you store passwords, but don't want to prevent existing customers from logging in.)
This issue only affects people who have not changed their account password for something like five years.
I'm seeing the same thing in Chrome on Win7...
They certainly don't know whether or not it's used to host material leaked from govt sources legitimately into the public domain or who and who isn't a journalist.
They don't, unless that customer trumpets their use of the service in that manner to the world...
That being said, the decision to remove OtherOS was hardly arbitrary - it originated from Geohot's actions, which catapulted Sony into (an unfortunately rash) action.
As I understand it, OtherOS had already been disabled in slim PS3s (though the firmware still contained the code), and that's what Geohot was attempting to reenable. Sony's reaction was to remove OtherOS from existing fat PS3s. I may be remembering it wrong, though.
In other words, Sony decided to remove OtherOS from slim PS3 models (that is, they shipped without the option), despite the fact that the hardware can handle it without issues, a decision which certainly appears arbitrary. It looks to me like they no longer wanted to sell consoles with OtherOS enabled, and they took the first opportunity they could to disable it in the older PS3s as well (perhaps so they wouldn't have to maintain multiple sets of firmware). I would suggest that Geohot's difficult-to-execute hack was simply a convenient scapegoat for a decision Sony had already wanted to make (for whatever reason).
That's all speculation, of course.
However, Geohot releasing the root key to the ENTIRE WORLD does NOT constitute just "trying to get the functionality back".
All *fail0verflow* did was try to get the functionality back, and Sony named them in the motion as well, so we're sort of stuck defending both them and Geohot since Sony named them together. (I do agree that the relative size of each party has nothing to do with who is right and who is wrong.)
Whether or not Geohot was wrong to publish the key, one thing is certain: the bulk of Sony's claims in the motion are ridiculous, and that reflects poorly on them.
They wouldn't have even disabled OtherOS in the first place if he hadn't made such a big deal about how he was going to crack the PS3!
You mean they wouldn't have disabled OtherOS on the fat PS3s if he hadn't said he intended to enable OtherOS on the slim PS3s (which he wanted since slim PS3s are capable of it and the decision to remove the menu option was arbitrary and pointless)? Yeah, geohot is totally the bad guy here. *eyeroll*
In the motion for TRO against geohot and fail0verflow, Sony states in a footnote that they have filed (or intend to file, I forget the exact words used) a separate suit against them for damages and attorney fees.
Sony filed a separate suit for damages and attorney fees.
Yes there is. See 1201 (f) (1), for example; circumvention for the purpose of software interoperability is explicitly permitted. Circumventing measures on the device in order to run Linux on that device falls quite neatly under this exception.
Blizzard can show that the EULA was agreed to by those users. Can Sony show Geohot agreed to the EULA? They didn't say either way, in their motion.
I bought my PS3 used, and have never updated the firmware or connected to PSN; I don't remember ever seeing or agreeing to an EULA. (Sony would probably argue that the previous owner agreed to it and that that agreement magically transferred to me when I bought the device from him, but that argument would be relatively easy to counter.)
If I now perform exactly the same hack Geohot and fail0verflow have performed, those EULA and PSN ToS provisions cannot conceivably apply to me, and therefore the bulk of Sony's claims would not be applicable. I don't know whether they can show that Geohot agreed to either the EULA or the PSN ToS, but I would hope that because those are so trivially avoided, they will not be given much weight.
At any rate, the PSN's ToS does not, or at least should not (I haven't read it, as I mentioned), give Sony the right to sue users for violating the ToS; as I understand it, the worst possible consequence of violating the ToS would be getting banned from connecting to PSN. Can anyone clarify?
The complaint also says that because Geohot has a Paypal account (and accepts donations through it), and Paypal is headquartered in California, he has a financial interest in California, and therefore he can be sued there. It's the sort of convoluted not-quite-logic that one should expect from lawyers, I guess...
I haven't seen any comment from Geohot saying he wanted Sony to hire him. What he said was that if any of the console makers want their next console to be secure, they should get in touch with him, and that he thinks it would be interesting to "be on the other side". None of those things are a request for a job -- a job is only *one* of the ways Sony could use to "get in touch" with Geohot about the security of their next console. The first time I read the comment, I read it as sarcasm; the second time I read the comment, I read it as an offer to help. It is not necessary for him to be on Sony's payroll before you can say he is on their side.
But even if he *was* implying that he wanted a job, it's not remotely illegal to ask a company for a job, regardless of whether he had just hacked one of their toys. Their accusations of extortion are absurd. There is no threat in his comment -- he did not say "If you don't hire me, I will destroy your next console's security", for example. Instead he said, "I can help you improve your next console's security, if you want." There is a world of difference between what he actually said and what Sony claims he meant.
Same here. I've also never connected to PSN or updated the firmware, so I've never accepted those ToS either.
1201 (f) (1) hasn't been removed, as far as I'm aware, and it's one of the exception clauses that geohot could use in his defense. It explicitly permits circumvention necessary to obtain software interoperability (in this case, installing Linux).
They didn't remove emulation from PS3s that already supported it, did they? I guess the emulation was done in software after the first generation of PS3s, so there's really no technical reason to take it out for later generations...
I'm trying to figure out why anyone would actually try to patent numbers that are supposedly most effective (for the purposes of encryption, anyway) when they are kept secret. Surely if you patent two numbers, that implies you're using them for something? Maybe it's just a giant misdirection effort... but that seems pointless when the set of primes is infinite.
As far as I can tell, that boot-time phone-home session occurs as part of the *GameOS* boot sequence. When they get dual-booting working, what are they going to do? Try to scan the hard drive and see if Linux is installed? Problem is, any information reported by GameOS when it starts is suspect, because to get dual-booting working they're likely going to need to customize the GameOS firmware, and if they're customizing the firmware, there's nothing to stop them from having the firmware report "safe" data back to Sony (assuming they don't disable the phone-home sequence entirely).
While I think it is possible that Sony could ban some jailbreakers in the short run, I do not think they will be able to do this in the long run.
Imagine that the PS3 had been constructed by YOU, yourself, for the express purposes for which Sony has released this console.
That's where your mental exercise falls apart. By advertising OtherOS as a feature of the device, OtherOS was one of the "express purposes" for which Sony had released the console. OtherOS was a contributing factor to many people's decision to purchase a PS3, including my own.
If any entity -- whether a multinational corporation or a guy in his garage -- advertises a feature and then later arbitrarily removes the feature from already-purchased products, then that entity is definitely *not* entitled to sue its customers when they try to get that functionality back.
This has nothing to do with Sony's size and everything to do with Sony's incompetent management.
I think the interoperability exception, specifically 1201 (f) (1), explicitly permits the circumvention that geohot and fail0verflow have done. (But I'm not a lawyer, that's just how I understand the clause.)
Given that there *are* fair use and interoperability exceptions to the anti-circumvention clause, it is clear that the reason for performing the circumvention is indeed relevant. If you are cracking the system specifically so you can go and pirate Sony's entire game library, you cannot reasonably claim you are circumventing the system's TPMs for the purposes of interoperability; on the other hand, circumventing the system's TPMs in order to restore previously-available and arbitrarily removed functionality to the device (i.e. OtherOS) is quite clearly an issue of interoperability.
The problem isn't that they can't update the firmware, but that they can't replace defective or dying units with new units. They can buy used units somewhere, but that's not an ideal long-term solution.
My guess is that they'll use the cluster until enough units have died that they can't do whatever they need the cluster to do, then wipe the remaining drives and auction off the remaining PS3s.
Quicktime has been around a lot longer than iTunes (but it was never less of a resource hog as far as I remember).
http://en.wikipedia.org/wiki/Quicktime#QuickTime_1.x
Use your own ISP for DNS.
When you first get a Comcast account, before you've registered your modem's MAC address with them, they give you an IP address but the DNS server they give you always points you at their registration server. Trouble is, the database that the DNS server reads out of can sometimes get out of sync with what modems are actually registered, and there's nothing Comcast's first- or second-level techs can do about it other than to tell you how to set your DNS servers manually to something else (they'll give you the IPs of the regional Comcast DNS servers). (This happened to my dad when he signed up.)
So... you'll forgive me if I'm wary of using the DNS servers my ISP gives me.
Companies can decide their terms of service are being violated at any time, they don't have to wait for a US court to decide the company's terms of service have been violated.
Suppose I watch you steal a candy bar. You have broken the law, whether or not a court convicts you of it. To claim otherwise is absurd.
If Wikileaks wants to challenge Amazon's assertion that they've violated US law, I don't personally have a problem with them trying. Somehow I don't see them even trying, though, let alone succeeding.
I only used the word "evil" to distinguish malicious, speech-suppressing censorship from activities which are technically censorship, but which are not malicious and do not suppress the freedom of speech. Clearly Amazon is engaging in the latter, not the former, and there is nothing wrong with that.
Unfortunately amazon has such relevance in today culture that the effect of their censorship is just nominally different from a violation of first amendment from the US government.
The first amendment does not mandate that private companies be forced to sell particular books. In fact, you could argue that the first amendment explicitly lets them not sell particular books!
At any rate, I was not saying that Amazon is trying to remove any book that happens to mention rape. I was saying that from what it looks like with this incident, they're trying to keep their store image clean by removing books with titles referring to rape. This is wholly different from censoring any mention of gay sexual violence with the intent to prevent any customers from ever reading any book that might refer to that subject.
But by using such a broad brush that is censorship, Amazon is basically answering them , "because I say so", which summed with the point I've made before, creates an ugly, ugly precedent.
It is hardly an "ugly, ugly precedent" for a company to be allowed to decide what products it sells, regardless of whether some subset of their customers want to buy those products. Do you think Amazon should be forced to make available every single book that is conceivably available on the market? Where do you draw the line? Why is that line any better than letting them draw the line based on earning a profit, which is their responsibility to their shareholders?
Don't confuse what Amazon is doing with the issue of freedom of the press. Amazon is not demanding that these books not be printed. Amazon is not demanding that these books not be sold elsewhere. Amazon has simply decided that they do not want to sell the books. This is no different than if a national brick-and-mortar bookstore decided they did not want to carry gay rape fantasy novels in its stores; certainly nobody would be complaining about censorship if that happened.
I would argue that a far uglier precedent would be to force Amazon to sell books they do not want to sell. It's a very short step from there to forcing publishers to publish books they do not want to publish, and you can probably see why that would be a bad thing.
You may not agree with Amazon's moral decisions on which products they sell, but it is absurd to claim they should not be allowed to make those decisions.