I think the big problem in the past few years is the music companies have forgotten to diversify the variety of music they promote. They've gotten too hooked on the numbers game ClearChannel gives them, and start believing the only truth is in those numbers. While good music is still being made, the diversity that otherwise prevent you from hating those overplayed bands doesn't exist.
They're just victims of their own success. They promote a song to death, until everyone's sick of it, before moving onto another song. The potentially less popular bangs get pushed off, as the 'sure shots' get the promotion.
But I promise you the volume of original content would be nowhere near what we enjoy today.
I don't know if I would come up with that conclusion. I'm sure the commericalization of artwork would be severely limited, though. Having never lived in a world without copyright protection, I have no idea how it would affect artists' work.
One last thing. Copyright law, as it exists on the books today, generally favors creators too heavily.
No, I think the problem is it favors copyright owners too heavily. The owners of a work, and the creator of the work can be two different entities. I think if it favored the creator of the work instead of the owner, there might be somewhat fewer problems. And the most basic problem is the copyright terms just plain last too long. No one can build unauthorized derrivative works because by the time the copyright on the original work expires, the original work has been almost completely forgotten by our society.
Of course the greatest irony of this situation is Disney, who made their fortune from retelling stories in the public domain, and have lobbied world-wide for these tightening of copyright restrictions, and lengthening of the term.
I would disagree. 2.6.0 has not recieved the kind of testing 2.4.23, for example, has. There will be drivers that are subtly broken, and things that just aren't right. Bug fixes to the stable kernels don't always make it to the unstable versions, especially when the driver model changes drastically (and it did in 2.5/2.6). The kernel itself should be fairly stable under almost any load, but it'll take 2.6.2 or so to get the driver issues ironed out.
While I was testing 2.6.0-test1 through -test6 on my laptop, I could never get it to stop hanging after 10-60 minutes of use (stupid 'legacy-free' design makes it really hard to catch panics/oopses). On my desktop machine, I was unable to use it because my Promise ATA [fake]RAID controller isn't properly supported by 2.6.x
Look at it from Blockbuster's point of view. Region encoding is hurting them. People who want to get the latest and greatest movie abroad buy a region 1 or region free DVD player, and then mail order the DVDs they want, instead of renting from the local Blockbuster. If Blockbuster could use the same DVDs world-wide (barring language barriers), they wouldn't be losing these prospective rentals. In Blockbuster's 'mind', they're losing sales because of region encoding.
On the down side, a lot of drivers are out of date compared to 2.4.23, and some drivers are completely missing (ataraid, for example). You shouldn't bother trying 2.6.x if you are using an IDE fakeraid controller for Linux. And like all x.x.0 releases, there are bound to be a few rough edges.
Then how would the card know it's talking to the credit card agency, not a rogue reader? My feeling is they need to authenticate to each other some how, and while the credit card can authenticate to the CC company with a unique code, the reverse is not true. There could be a large number of secrets based on some arbitrary non-confidential criteria (name, issue date, etc), but it still means there has to be a shared secret of some kind.
IBM does have an interest in minimizing the amount of SCO evidence that is claimed to be confidenial. It comes down to press access. If IBM truely believes they will win this case fairly easily, they will want the press there to write about it. IBM can't be held responsible for anything the press writes about the case, unlike SCO's press releases and statements, which have already been used against them in court.
Don't jump to conclusions, either. It's entirely possible this has happened, but we won't have proof of it for another two or three days. There is no 'real-time' monitor for court proceedings, other than appearing in court.
BAD IDEA. It would mean the end of the internet, and back to the bad old days of proprietary "Online Services". Back to only seeing what the service provider wanted you to see, only doing what the service provider wants you to do. Anything else would be too dangerous to offer to customers without a huge pricetag attached.
The '128-bit' of SSL is symetric encryption. However, SSL first exchanges the 128-bit key over a 1024 or higher bit public key algorithim. I'm almost certain they won't have the processing power for public key encryption, so that leave symetrical encryption. And unfortunately, that also means that if someone leaks or steals the credit company's secret code, the encryption completely breaks down.
You know, it's possible that BOTH are correct. An occupying army in a foreign country typically causes damage to the civilian populace if it wants to or not. Civilians die at the hands of the army because soldiers make really poor law enforcement. Army doctors can't replace a proper medical infrastructure. And unless the military relinquishes control back to the Iraqii people, many of those civilians will become frustrated with the prolonged occupation by foreign forces in their own country.
Both sides of this debate like to look at the situation through their very own rose coloured glasses. Accept the few facts that support their position, ignore all the rest. American forces in Iraq are helping the citizens, but they're also hurting them. It's all an unavoidable consequence of occupation.
I was personally opposed to the US invasion of Iraq, but now that US forces are there, they'd better make sure they do a damn good job of getting the Iraq people self-sufficient.
Problem is, they can't control this "radio station of the future". It self-selects which files are most popular. Contrast this to record stores, and radio, who both promote whatever music the music industry pays them to. The RIAA and others make a big deal about payola, while at the same time enjoying the control it gives them over the radio stations. Basically, they want all the control, but none of the financial costs.
Recieving an invoice for something which you haven't purchased is considered mail fraud. It's quite likely that any american that gets such an invoice could get SCO prosecuted. If a 'reasonable person' would consider what SCO sent to people to be an invoice, despite the fact the victim had no contracts or agreements with that company that would permit them to invoice the victim in this way. I believe this is why SCO has not sent out the invoices despite contantly saying they will. Their lawyers probably were probably telling them not to.
"If it's anything (like the August attack), then it would probably be someone from the Linux community, but there's no way of knowing that for 100 percent sure," [Blake Stowell] said.
Yes, I do. I don't know SCO's network is set up, but I do know how I've set up networks. I've always set them up in such a way that if the external DMZed servers are attacked or go down, very little internally is affected. Incoming mail may cease to come in, and outgoing mail may cease to go out, but nothing else changes. If SCO's internal network services was brought down by an attack on a public webserver, it's a clear indication that someone designed their network wrong.
Especially one that claims law enforcement is looking into it. Generally in these cases, you don't want to spook the attacker until the authorities can track him/her down. The press release just gives the attacker forewarning so he/she can start covering up their tracks.
Not exactly. I merely believe that SCO will stoop to any low in order to exploit a situation. I believe SCO's managment are opportunists in the worst sense of the word. I believe that lies are just as valuable to these people as truth is, and they will use whichever suits their purpose best.
I know there are "Open Source people" who could and/or would stoop so low as to mount a DDoS attack on SCO. However, the fact that SCO's site isn't getting DDoSed all the time is a fairly good indicator that this 'undesirable element' is in the minority. There's a few of these kinds of jackasses in any crowd, and I wouldn't be surprised if SCO unknowningly had one or two in their midst.
Maybe because the timing of it all was just too damn convenient. It happened couple days after RBC deciding there's something fishy about the contingency agreement, losing against IBM's motion to compel discovery, their stock prices have been dropping, and everyone's expectations that they will not be able to get anywhere near profitable this quarter without some very creative accounting. Of course little of this made it into the same press that prints SCO's outrageous accusations and 'open letters'.
All this happens, and then SCO suddenly becomes 'victimized by all these EVIL Open Source people', virtually guaranteeing the press won't report on SCO's other misfortune because it's 'unimportant' compared to this. Morover, they get to make Open Source people look like terrorists and bad people, and try to make it look like people should not be using software developed by these 'evil people'.
Okay, I'm willing to accept they were DDoSed. An upstream provider blocking it at the router level makes sense too. But I'm still not willing to accept that SCO isn't lying. What about their Intranet being brought down by this? What about the customer support services being brought down? This could be caused by gross incompetence, an inside job, or complete and utter lies. Choose one, none are flattering to any company, especially one that claims to sell an 'enterprise class' operating system.
Well how about this, someone DoS's you, and your Intranet and support desk goes down? That's pretty damn peculiar. I see three options. Either they're lying, they're incompetent, or it's an inside job. Their ISP is treating the attack like a standard DDoS attack, by blocking it far upstream, and BS comes to the press and tries to be technical and call it a "SYN attack". SCO claims their mail system was knocked down, but their webserver doesn't even act as a mail server (it's mail.ut.caldera.com [216.250.130.2], not www.sco.com [216.250.128.12]). They dont' even have a secondary MX in this case.
SCO's victim story doesn't add up, and it doesn't make sense.
That would be a rather inefficient way to attack someone, but lets assume this is true (BS wasn't clear, he said 'syn flood', then went on to describe a DDoS connection flood attack). A simple flood of spoofed SYN packets would be less effective than a flood of large UDP or ICMP packets simply because legitimate traffic would have a better chance of getting in and out (albeit slowly).
On the other hand, if his description was accurate, and it was indeed a DDoS connection flood, then very little could've survived, except for very big hosting providers with large server farms. This type of attack would also not require vast amounts of bandwidth to exploit, but every machine involved in the attack would be plainly visible (except for maybe the 'master') because it's not generally possible to maintain a spoofed TCP connection these days to any reasonably modern TCP/IP stack.
Honestly, if SCO is going to be attacked like this, they need a different provider (that can handle these attacks). They claim to have been attacked three times so far, and have done nothing to stop it from harming them in the future after the first two?
That story might not have said that, but this one from siliconvalley.internet.com does.
Stowell said there's no way, right now, of knowing who the culprit is behind today's attack and have not found the person behind the first two attacks. Given the method of DoS attacks, which flood the TCP/IP stack with useless traffic from a remote computer, it's going to be difficult to find the source of the attack.
"If it's anything (like the August attack), then it would probably be someone from the Linux community, but there's no way of knowing that for 100 percent sure," he said.
My only question is if they haven't caught the person who did the first two attacks, how can he say that it's "probably [...] someone from the Linux community" like the August attack.
Except, we should accept the fact that, perhaps the intention behind this wasn't to be credible to technical people. What else has happened to SCO recently, you should be asking. "RBC rethinks SCO deal" - RBC, who, along with Baystar, invested $50 million into SCO has begun looking at the contingency fees SCO will pay to their lawyers if SCO is bought out. SCO has postponed their 2003 earnings release and invester conference call to December 22 from December 8, and there's been some speculation that they will not be able to announce a profit this quarter without some 'creative' accounting. SCO lost both of IBM's motion to compel discovery, and have to turn over these 'million lines of code' that IBM has illegally copied into Linux. SCO's stock price has been dropping recently. None of these items really made it into the press in any meaningful way.
Now we get this 'quick fix' press release that gets to paint the Linux community as a bunch of criminals and thugs. They know full well the press won't bother to check facts, and it should be enough to distract from the negative things that have been happening. They get to look like a victim in the press, and they can do so without any proof what so ever.
A synflood would generally only affect the host it's directed at. There would be some extra traffic, but I believe even a 33.6Kbps modem can synflood a single server on a fat pipe (pipe size in this case does not matter). However, this is not what we're seeing. We're seeing their provider filtering www.sco.com's IP address. That's what's peculiar.
Slashdot Mirror
They're just victims of their own success. They promote a song to death, until everyone's sick of it, before moving onto another song. The potentially less popular bangs get pushed off, as the 'sure shots' get the promotion.
Of course the greatest irony of this situation is Disney, who made their fortune from retelling stories in the public domain, and have lobbied world-wide for these tightening of copyright restrictions, and lengthening of the term.
SCO OpenServer is Xenix. SCO UnixWare is SVR4.
While I was testing 2.6.0-test1 through -test6 on my laptop, I could never get it to stop hanging after 10-60 minutes of use (stupid 'legacy-free' design makes it really hard to catch panics/oopses). On my desktop machine, I was unable to use it because my Promise ATA [fake]RAID controller isn't properly supported by 2.6.x
Look at it from Blockbuster's point of view. Region encoding is hurting them. People who want to get the latest and greatest movie abroad buy a region 1 or region free DVD player, and then mail order the DVDs they want, instead of renting from the local Blockbuster. If Blockbuster could use the same DVDs world-wide (barring language barriers), they wouldn't be losing these prospective rentals. In Blockbuster's 'mind', they're losing sales because of region encoding.
On the down side, a lot of drivers are out of date compared to 2.4.23, and some drivers are completely missing (ataraid, for example). You shouldn't bother trying 2.6.x if you are using an IDE fakeraid controller for Linux. And like all x.x.0 releases, there are bound to be a few rough edges.
Then how would the card know it's talking to the credit card agency, not a rogue reader? My feeling is they need to authenticate to each other some how, and while the credit card can authenticate to the CC company with a unique code, the reverse is not true. There could be a large number of secrets based on some arbitrary non-confidential criteria (name, issue date, etc), but it still means there has to be a shared secret of some kind.
IBM does have an interest in minimizing the amount of SCO evidence that is claimed to be confidenial. It comes down to press access. If IBM truely believes they will win this case fairly easily, they will want the press there to write about it. IBM can't be held responsible for anything the press writes about the case, unlike SCO's press releases and statements, which have already been used against them in court.
Don't jump to conclusions, either. It's entirely possible this has happened, but we won't have proof of it for another two or three days. There is no 'real-time' monitor for court proceedings, other than appearing in court.
BAD IDEA. It would mean the end of the internet, and back to the bad old days of proprietary "Online Services". Back to only seeing what the service provider wanted you to see, only doing what the service provider wants you to do. Anything else would be too dangerous to offer to customers without a huge pricetag attached.
The '128-bit' of SSL is symetric encryption. However, SSL first exchanges the 128-bit key over a 1024 or higher bit public key algorithim. I'm almost certain they won't have the processing power for public key encryption, so that leave symetrical encryption. And unfortunately, that also means that if someone leaks or steals the credit company's secret code, the encryption completely breaks down.
Both sides of this debate like to look at the situation through their very own rose coloured glasses. Accept the few facts that support their position, ignore all the rest. American forces in Iraq are helping the citizens, but they're also hurting them. It's all an unavoidable consequence of occupation.
I was personally opposed to the US invasion of Iraq, but now that US forces are there, they'd better make sure they do a damn good job of getting the Iraq people self-sufficient.
Problem is, they can't control this "radio station of the future". It self-selects which files are most popular. Contrast this to record stores, and radio, who both promote whatever music the music industry pays them to. The RIAA and others make a big deal about payola, while at the same time enjoying the control it gives them over the radio stations. Basically, they want all the control, but none of the financial costs.
Recieving an invoice for something which you haven't purchased is considered mail fraud. It's quite likely that any american that gets such an invoice could get SCO prosecuted. If a 'reasonable person' would consider what SCO sent to people to be an invoice, despite the fact the victim had no contracts or agreements with that company that would permit them to invoice the victim in this way. I believe this is why SCO has not sent out the invoices despite contantly saying they will. Their lawyers probably were probably telling them not to.
"If it's anything (like the August attack), then it would probably be someone from the Linux community, but there's no way of knowing that for 100 percent sure," [Blake Stowell] said.
Yes, I do. I don't know SCO's network is set up, but I do know how I've set up networks. I've always set them up in such a way that if the external DMZed servers are attacked or go down, very little internally is affected. Incoming mail may cease to come in, and outgoing mail may cease to go out, but nothing else changes. If SCO's internal network services was brought down by an attack on a public webserver, it's a clear indication that someone designed their network wrong.
Especially one that claims law enforcement is looking into it. Generally in these cases, you don't want to spook the attacker until the authorities can track him/her down. The press release just gives the attacker forewarning so he/she can start covering up their tracks.
I know there are "Open Source people" who could and/or would stoop so low as to mount a DDoS attack on SCO. However, the fact that SCO's site isn't getting DDoSed all the time is a fairly good indicator that this 'undesirable element' is in the minority. There's a few of these kinds of jackasses in any crowd, and I wouldn't be surprised if SCO unknowningly had one or two in their midst.
All this happens, and then SCO suddenly becomes 'victimized by all these EVIL Open Source people', virtually guaranteeing the press won't report on SCO's other misfortune because it's 'unimportant' compared to this. Morover, they get to make Open Source people look like terrorists and bad people, and try to make it look like people should not be using software developed by these 'evil people'.
Okay, I'm willing to accept they were DDoSed. An upstream provider blocking it at the router level makes sense too. But I'm still not willing to accept that SCO isn't lying. What about their Intranet being brought down by this? What about the customer support services being brought down? This could be caused by gross incompetence, an inside job, or complete and utter lies. Choose one, none are flattering to any company, especially one that claims to sell an 'enterprise class' operating system.
SCO's victim story doesn't add up, and it doesn't make sense.
On the other hand, if his description was accurate, and it was indeed a DDoS connection flood, then very little could've survived, except for very big hosting providers with large server farms. This type of attack would also not require vast amounts of bandwidth to exploit, but every machine involved in the attack would be plainly visible (except for maybe the 'master') because it's not generally possible to maintain a spoofed TCP connection these days to any reasonably modern TCP/IP stack.
Honestly, if SCO is going to be attacked like this, they need a different provider (that can handle these attacks). They claim to have been attacked three times so far, and have done nothing to stop it from harming them in the future after the first two?
Now we get this 'quick fix' press release that gets to paint the Linux community as a bunch of criminals and thugs. They know full well the press won't bother to check facts, and it should be enough to distract from the negative things that have been happening. They get to look like a victim in the press, and they can do so without any proof what so ever.
A synflood would generally only affect the host it's directed at. There would be some extra traffic, but I believe even a 33.6Kbps modem can synflood a single server on a fat pipe (pipe size in this case does not matter). However, this is not what we're seeing. We're seeing their provider filtering www.sco.com's IP address. That's what's peculiar.