After reading the order itself, it seems to be a straightforward application of the silly legal theory - established in other copyright cases - that copying a program into RAM counts as copying ("fixating") under copyright law.
A couple of thoughts:
When I make a cell phone call, I would bet that my voice is stored in RAM on the cell phone for some period of time. Does that make it available for discovery?
Wouldn't it be possible to get just about every large corporation in America to oppose this ruling?
In my career as an engineer, I've found that a lot of times my ability to get my job done relies on the help of someone in a low-paying, low-status job, such as sysadmin, technician, secretary, or even security guard. If I treat these people as colleagues, (a) I'm not being an asshole, and (b) I can do my job better. Both of these seem worthy goals.
It's a bit of an apples vs. oranges comparison to put this up against mergesort - mergesort is a comparison-based sort, while Papadopoulos' bitfast is a radix sort and thus O(N*W) where N is the number of elements and W is the width of each element in bits. (hint - try sorting 1000-byte strings with bitfast, and see which is fastest) And no, it doesn't have anything to do with hashing.
However, it's definitely a clever way of implementing radix sort with linked lists, which may make it useful in some cases (e.g. OS internals) where you don't want to allocate space for a big directly-addressable array.
I'd gladly re-join the ACM (I let my membership lapse after I graduated from college) if they offered an electronic-only membership with access to their digital archives for something a little bit less outlandish than $200. Other publishers might sell more PDFs to me if they didn't charge obscene (and insulting) a la carte rates.
This article isn't talking about the IEEE and ACM, which typically charge about $25-$30 a year for a journal subscription, and who don't require authors to sign their lives away. (so even if you don't have a digital library subscription, you can usually find the paper on the author's site or on citeseer.org) The people who are worried are places like Elsevier and Springer - to give an example, the second CS journal I picked at random on Elsevier's website was "Artificial Intelligence", with 18 issues a year for a cost of $2389.00.
It's a great business model if you can get away with it - don't pay anyone involved in doing the work, and charge a lot for the product. But then, making buggy whips used to be a great business, too. Technology made one of these businesses obsolete, and it's about to do it to the other one, too.
One recent addition to our arrangement with them (to provide kernel drivers) involves some very restrictive IP deals that upper management has interpreted to mean we shouldn't even acknowledge certain kinds of bugs in a very specific area.
It strikes me that instructing your employees to lie about product defects (which is basically what you're doing if you forbid them from acknowledging defects you know to exist) is an unfair and deceptive trade practice in a lot of places. And if it's illegal, it's not going to matter that they signed a contract with NVidia that says they have to break the law...
1. Did he check the event log and determine that the machine was not running and connected to the network at the time that MediaScan detected the sharing? Startup/shutdown and network card connect/disconnect are timestamped and logged so that you can retrieve them via the event viewer.
(I assume the drive had not been re-installed since the time in question - the omission of such a relevant detail would be pretty unforgivable)
2. How did he determine from the registry what the IP address was? Did the entries he examined tell him the address at the last time the machine was used, or at other times? (the entries I know of, HKLM/currentcontrolset/services/###/Parameters/Tcp ip, only store the current address)
3. As far as his expert credentials go: He looks like he knows what he is doing in network security and forensics. Based on a scan of his CV, not actually reading the papers, if he has a weak spot it is going to be Windows-specific knowledge. A really good Windows sysadmin might be able to come up with some relevant questions he couldn't answer.
As a Massachusetts citizen, ignoring my free software zealot side, I don't give a damn about ODF vs. Microsoft Office. If Redmond were a town in Massachusetts, I'd be all for putting one of their lackeys on the team. (actually, I'd rather they put someone who knows something, rather than someone who is a public affairs manager) Seeing how many Massachusetts companies compete with Microsoft, however, this seems a lot like naming a North Korean to the Joint Chiefs of Staff.
In fact, it's 40 miles south. (no, that's not 40 miles somewhere out in the middle of nowhere where you'll maybe pass a cow or two and a couple of mile markers - that's 40 miles where you leave the Boston metro area and its suburbs, and enter the Providence RI suburbs. About the same as the distance from Manhattan to Edison, NJ)
Actually, what's weird is that this isn't a suburban soccer-mom school where I would expect something like that. It's an old, small city, and a look at the state stats for the school shows that it has a significant proportion of low income and minorities, as well as relatively low test scores. Plus (unlike most schools in Boston) from the pictures on their website it looks like they have grass to run around on during recess, instead of asphalt.
I wonder if there's something going on here that they're not saying anything about.
BUT...It requires root access and wont work on SELinux. This is a serious how? I mean if you have root access, then the entire system is compromised already.
No, it *will* work on SELinux. If you can install a module, you can bypass SELinux and chroot jails. There's a moral here, although I don't think it's "change register_binfmt()".
SELinux isn't designed to guard against malicious modules, and in general you can't guard against them in Linux without huge changes. In fact, malicious kernel code can just scribble over all the SELinux data structures and give everyone permission to do anything...
rootkit: "a set of software tools intended to conceal running processes, files or system data, thereby helping an intruder to _maintain_ access to a system while avoiding detection." (Wikipedia)
Adding a binfmt handler (as described in this document) is one way in which a rootkit may be installed. This registration has no SELinux checks, and thus any root process with the capability to install a module (CAP_SYS_MODULE) can register a hook to redirect exec calls.
However, I don't think fixing this makes much of a difference, as I can think of half a dozen other ways of adding such a hook from a module. (e.g. hooking the exec handler, which is pretty easy even though the address of the syscall table is no longer exported.) I think the main lesson of this paper - which the author does not seem to appreciate - is that CAP_SYS_MODULE is a free pass to do whatever you want, regardless of any other SELinux capabilities, and that there is no way to change this without *major* changes to the linux architecture.
My bad - it looks like it may be a buffer overrun exploit, not a macro attack. So it's not a problem with the Word design and functionality, but the implementation, of the sort that no one should make and almost everyone does.
So to get my 2 bits in on monoculture:
Buffer exploits - whether the Morris worm or this attack - rely on monoculture. This expolit is in fact an extreme example, only infecting Word 2003. (since it crashes other versions of Word, it looks like the vulnerability is present in those other versions, but the virus writer either didn't or couldn't craft an overrun string that would hijack multiple versions properly.)
Lots of other exploits don't rely on monoculture. But buffer exploit attacks rely on the (almost) exact position of the stack pointer and a variable on that stack; merely recompiling a program with a different optimization level will probably require exploit code to be re-written. At this level, open-source systems like Apache aren't necessarily a monoculture, as long as everyone isn't running the same version of the same distro.
The symantec description doesn't provide enough detail to be sure, but like everyone else I'll assume that this attack is enabled by a Word macro exploit.
Word macros included in.doc files have been around for over a decade now, and the closest thing I've ever seen to a legitimate use of them is to write self-propagating viruses. (in fact, I once received a CD from Microsoft - the original "wolfpack" cluster server beta - that had macro viruses in its.doc files. Gave the virus scanner a fit when it couldn't scrub the files...)
It seems that in all this time *someone* could have taken the effort (granted, a large one even with the libraries out there for dealing with Office file formats) to write a filter to strip macros from Word documents. Then install this filter in all your mail servers, and voila - no more word macro viruses.
Of course the easiest solution would be for MS to remove the ability to include macros in Word documents entirely, and require them to be saved to and read from a separate, executable file type. (e.g. one of the existing VBscript file types, like.vbe or.vbs) But that's been an obvious solution for a decade, and they haven't done it yet, so I wouldn't hold my breath.
To do collaborative work. If two or three people need to agree on an interface, they can either go through a zillion iterations by email, or they can just sit down in front of a whiteboard and argue until they're done with the whole thing. I've seen design discusssions that should have been done in an afternoon take a week or more because someone flat-out refused to have a meeting about it.
Some things just need to be said in front of everyone else. In particular, publicly confessing your planned schedule in front of your colleagues may not be good for your soul, but it's certainly good for ensuring that it gets done.
I'll point out that both of these are stressful activities. They're just easier in the long run than the non-meeting-based alternatives that I know of.
The totally unsanctioned site www.voices-for-change.com - it's not quite clear what "unsanctioned" means here. Clearly they're paying their bills to the ISP and otherwise complying with the terms of service. As to whether they're officially endorsed by the TWU, that seems to have nothing to do with the dispute here. Certainly the TWU hasn't weighed in to condemn the site, and they're the only people who can reasonably make this accusation.
A quick check of the pictures online doesn't show any comments regarding picket line crossers, and I don't see any at a cursory examination. (I wouldn't doubt I'd find some if I looked real hard, though) The public message forums don't have any comments about vandalism or violence; I didn't register to see what the closed forums said. As for "proprietary information" - if this was real - i.e. trade secrets, rather than e.g. the color of the suit the VP was wearing yesterday - they'd pursue legal action and take the website down for good.
A final point to keep in mind is that Telus is also blocking downstream ISPs from accessing this site - Telus customers may have restrictive user agreements which basically say the company can do whatever they want and the user has no recourse, but I doubt that agreements with other ISPs are written that way.
As other posters have mentioned, they've probably done something really dumb, as although there may not be any law in Canada (or the US?) requiring an ISP to be a common carrier, there are lots of legal reasons for them to be very afraid of losing common carrier status.
The Tom's hardware project is a true cheap projector, based on a 15" LCD monitor. The projection panel that these other folks use cost an arm and a leg when it was new, and the supply of cheap used ones on EBay can't be very big.
Some modifications to this would needed for toddlers - my setup is designed to be proof against 5-8 year olds, and to fit on a really shallow desk. Take a small mini-itx case, fasten it to the wall behind the desk, and fasten an LCD display on one of those wall mounts just above it. Use an optical mouse, and one of these horrible (but indestructible) flexible rubber keyboards.
For smaller kids, you'll have to make sure there's nothing they can reach by climbing on the LCD display, but you can probably use a better keyboard as the kid won't be using it.
Of course, if unlike us you have a closet near where you want to put the PC and walls that weren't built in the later 18th century, you could just put whatever PC you want in the closet, and run VGA and USB extension cables through the wall to an outlet in the wall just above the desk.
Here's a cleaned up version of the translation. My French isn't great, but it's better than the fish. (although it's great having a computer do the grunt work...)
A passage covered with black ink in a document recently release by the
White House was reconstituted. The method could be applied to a
considerable number of declassified files.
He "was bored" in front of television, the weekend of Easter, "when
the memo from the CIA to George Bush was released" , remembers David
Naccache, a cryptographer at the French company
Gemplus. "I immediately telephoned Claire Whelan, a student at Dublin City
University, whose thesis I supervise, to propose to her to
attack the blacked-out passages" , he relates. Mission accomplished, or
almost.
The memo in question, sent on August 6, 2001 by the CIA to President
Bush and titled "Bin Laden determined to strike in US", had just been
declassified by the White House, which wanted to prove that the
accuracy of warnings from intelligence services had not been
sufficient to allow the president to prevent the attacks of September
11. But five passages specifying the sources of the collected
information had been covered with black ink.
For the cryptologist David Naccache, these illegible fragments were
red flags. The result of his efforts - "conducted on a purely
private basis" , he specifies, concerned not to implicate his employer in
his initiative - was presented Tuesday May 4 at the
Eurocrypt 2004 conference, which met until May 6 in
Interlaken, Switzerland, the gratin (???) of world cryptography. "The
demonstration was extremely impressive" , judged Jean-Jacques
Quisquater (University of Louvain-la-Neuve), specialist in the field,
who applauds this technique of "reverse engineering censored
documents".
David Naccache and his student indeed succeeded in discovering one of
the censured words. The term "Egyptian" seems the only possible one to
them. They want to fine-tune their method before rendering a verdict
on a longer passage, in order not to discredit(???) it. And they
totally threw in the sponge on a completely isolated word, for
lack of sufficient indices.
The technology employed is not, at first glance, revolutionary. The
two researchers initially straightened the text, deformed at the time
of its digitalization - the slope was only 0.52 degrees. They then used
character recognition software to determine the point size of the
text which determines the number of characters per unit length. A simple
recourse to an English dictionary then makes it possible to draw up a
list of possible words. "1,530 matched" , indicates David
Naccache.
But the article "an" preceding the mystery word, implied that this
one necessarily started with a vowel, which made it possible to reduce
the list to 346 words. In French, an index provided by articles
like "un" or "une", in the same way, would have made it possible to
tighten the search. The selection was also aided by the fact that
the character font, Arial, is "proportional", i.e. the width of
the letters varies. The space occupied by an I differs from that taken
by W, which can give additional indices, compared to the fonts
known as "monospace", like Courier, often used, where all the letters
are the same width.
"Among the remaining words, five or six could fit, but only Egyptian
corresponded to the context" , indicates the cryptologist. This last
stage relies more on human intelligence than the geometry of the
text. To choose among "Ukrainian", "uninvited", "unofficial", "incursive",
"Egyptian", "indebted" and "Ugandan", the two researchers used their
common sense. Uganda and the Ukraine seemed too far away from
the theatre of the operations to be retained, for example.
No doubt the analysis of the CIA memo of the CIA reveals only an
open secret, recognizes David Naccache. But the method automates
the research. (???) In another memo, it revealed that civil helicopters
militarized by the Iraqis had been bought in South Korea. And nothing
prevents the automated application of this technique to an group
of declassified documents, which might one day allow it to uncover "isolated
words, or even groups of two or three words".
AllofMP3 has a license from the artists' association in Russia, not the record labels - i.e. the ASCAP equivalent, not the RIAA equivalent. Under Russian law this is sufficient, according to the website. (I'd give a link, but the server is slashdotted at the moment...)
One of my favorite books on this topic is Jane Jacobs, "Cities and the Wealth of Nations", so if you've read it you won't be surprised that I'll argue that the competitive regions in the US are metropolitan areas, not states. (that little stub of Connecticut down near New York is a great example - its success has everything to do with New York City, and very little to do with anything east of Bridgeport or north of Danbury)
Massachusetts consists (economically) mostly of the Boston metropolitan area, which also includes the south of New Hampshire. Things don't look so rosy business-wise in the western part of the state, but it doesn't affect the average for the state all that much. (as opposed to e.g. California or Texas, where any averages are going to include a lot of farmers and oilmen, kind of bringing down the tech index)
Lots of people on this thread have talked about cost of living and whatnot, but let's face it - if you're starting a new company, you want to locate where you can steal someone else's employees without their needing to move. And if you work for a little startup company, you sure as hell don't want to have to sell your house if they go under or turn weird and you have to jump ship. All of which means, if you want to work for a hot company, your cost of living is going to suck. Such is life - when engineers are expensive, houses tend to be expensive as well.
Which sort of leads into another point - I think that Boston, and Massachusetts in general, is a center of technology just because it is. It's not just because of the universities - there are other places (Amherst/Northampton, for one) with even higher concentrations of college students, who leave as fast as they can after graduation. Boston (or 128/495/whatever) is a good place to start a company because you can find people who started companies, and you can find them because it was a good place to start a company a few years ago.
Many textbooks on computer algorithms - from Knuth's Art of Computer Programming onward - have used programs in a language which can be compiled and executed as one of their methods of describing algorithms.
Perhaps a reductio ad absurdum argument would be better here. If a description of an algorithm in a compile-able computer language is not speech, then is a pseudocode description speech? If not, is the description in stilted English in a patent application speech? In each case the goal is the same - to unambiguously describe a mathematical idea.
My kids (3 and 6) have a fair number of videos. Some of these, especially from Disney, put about 5 minutes of trailers before the feature film, figuring (accurately) that the kids will sit through the trailers instead of fast forwarding. The frustrating thing - for those parents who wish to exercise some control over what their young children see - is that the trailers are often for videos which I wouldn't be willing to get for my kids until they're older.
There's a simple solution for VHS tapes - either splice out the beginning of the tape, or just punch a hole with a paper punch at the end of the trailers, and rewind will stop there. There's no such solution for DVD. It's possible that someone might come out with a DVD player that allows you to program behavior like this, but remember that anyone who produces a DVD player is bound by a contract with the people who put out DVDs, and they can require or prohibit any consumer feature they wish.
There's a lesson here for anyone who hopes to
make money by giving something away. Basically,
they totally forgot that they needed some means
to tie their promotion (the scanner, which cost
them real money to manufacture and distribute)
back to whatever they're making money off of.
Without that they're doing the equivalent of
handling out dollar bills and hoping that
people will use the money to buy their products.
Now that the horse is out, and their CEO is no
doubt in danger of getting offed by their board
for making such a boneheaded mistake, they're
trying to lock the barn door by calling in the
IP lawyers. I wonder how long it will be before
they figure out the obvious solution, which is
to respin the hardware with a simple protection
mechanism and start distributing new hardware
and drivers?
I've always wondered whether or not proprietary competitors would actually keep each other in line when it comes to the GPL. If compiler vendor X, for instance, discovered that vendor Y had incorporated GPL'ed code into their product, would it make sense for vendor X to join forces with the copyright holder to sue vendor Y? It wouldn't help X directly, but would certainly be a blow for Y if they were forced to release their proprietary source under the GPL.
Slashdot Mirror
After reading the order itself, it seems to be a straightforward application of the silly legal theory - established in other copyright cases - that copying a program into RAM counts as copying ("fixating") under copyright law.
A couple of thoughts:
When I make a cell phone call, I would bet that my voice is stored in RAM on the cell phone for some period of time. Does that make it available for discovery?
Wouldn't it be possible to get just about every large corporation in America to oppose this ruling?
In my career as an engineer, I've found that a lot of times my ability to get my job done relies on the help of someone in a low-paying, low-status job, such as sysadmin, technician, secretary, or even security guard. If I treat these people as colleagues, (a) I'm not being an asshole, and (b) I can do my job better. Both of these seem worthy goals.
It's a bit of an apples vs. oranges comparison to put this up against mergesort - mergesort is a comparison-based sort, while Papadopoulos' bitfast is a radix sort and thus O(N*W) where N is the number of elements and W is the width of each element in bits. (hint - try sorting 1000-byte strings with bitfast, and see which is fastest) And no, it doesn't have anything to do with hashing.
However, it's definitely a clever way of implementing radix sort with linked lists, which may make it useful in some cases (e.g. OS internals) where you don't want to allocate space for a big directly-addressable array.
It's a great business model if you can get away with it - don't pay anyone involved in doing the work, and charge a lot for the product. But then, making buggy whips used to be a great business, too. Technology made one of these businesses obsolete, and it's about to do it to the other one, too.
1. Did he check the event log and determine that the machine was not running and connected to the network at the time that MediaScan detected the sharing? Startup/shutdown and network card connect/disconnect are timestamped and logged so that you can retrieve them via the event viewer.
p ip, only store the current address)
(I assume the drive had not been re-installed since the time in question - the omission of such a relevant detail would be pretty unforgivable)
2. How did he determine from the registry what the IP address was? Did the entries he examined tell him the address at the last time the machine was used, or at other times? (the entries I know of, HKLM/currentcontrolset/services/###/Parameters/Tc
3. As far as his expert credentials go: He looks like he knows what he is doing in network security and forensics. Based on a scan of his CV, not actually reading the papers, if he has a weak spot it is going to be Windows-specific knowledge. A really good Windows sysadmin might be able to come up with some relevant questions he couldn't answer.
Seconded.
As a Massachusetts citizen, ignoring my free software zealot side, I don't give a damn about ODF vs. Microsoft Office. If Redmond were a town in Massachusetts, I'd be all for putting one of their lackeys on the team. (actually, I'd rather they put someone who knows something, rather than someone who is a public affairs manager) Seeing how many Massachusetts companies compete with Microsoft, however, this seems a lot like naming a North Korean to the Joint Chiefs of Staff.
In fact, it's 40 miles south. (no, that's not 40 miles somewhere out in the middle of nowhere where you'll maybe pass a cow or two and a couple of mile markers - that's 40 miles where you leave the Boston metro area and its suburbs, and enter the Providence RI suburbs. About the same as the distance from Manhattan to Edison, NJ)
Actually, what's weird is that this isn't a suburban soccer-mom school where I would expect something like that. It's an old, small city, and a look at the state stats for the school shows that it has a significant proportion of low income and minorities, as well as relatively low test scores. Plus (unlike most schools in Boston) from the pictures on their website it looks like they have grass to run around on during recess, instead of asphalt.
I wonder if there's something going on here that they're not saying anything about.
rootkit: "a set of software tools intended to conceal running processes, files or system data, thereby helping an intruder to _maintain_ access to a system while avoiding detection." (Wikipedia)
Adding a binfmt handler (as described in this document) is one way in which a rootkit may be installed. This registration has no SELinux checks, and thus any root process with the capability to install a module (CAP_SYS_MODULE) can register a hook to redirect exec calls.
However, I don't think fixing this makes much of a difference, as I can think of half a dozen other ways of adding such a hook from a module. (e.g. hooking the exec handler, which is pretty easy even though the address of the syscall table is no longer exported.) I think the main lesson of this paper - which the author does not seem to appreciate - is that CAP_SYS_MODULE is a free pass to do whatever you want, regardless of any other SELinux capabilities, and that there is no way to change this without *major* changes to the linux architecture.
My bad - it looks like it may be a buffer overrun exploit, not a macro attack. So it's not a problem with the Word design and functionality, but the implementation, of the sort that no one should make and almost everyone does.
So to get my 2 bits in on monoculture:
Buffer exploits - whether the Morris worm or this attack - rely on monoculture. This expolit is in fact an extreme example, only infecting Word 2003. (since it crashes other versions of Word, it looks like the vulnerability is present in those other versions, but the virus writer either didn't or couldn't craft an overrun string that would hijack multiple versions properly.)
Lots of other exploits don't rely on monoculture. But buffer exploit attacks rely on the (almost) exact position of the stack pointer and a variable on that stack; merely recompiling a program with a different optimization level will probably require exploit code to be re-written. At this level, open-source systems like Apache aren't necessarily a monoculture, as long as everyone isn't running the same version of the same distro.
The symantec description doesn't provide enough detail to be sure, but like everyone else I'll assume that this attack is enabled by a Word macro exploit.
.doc files have been around for over a decade now, and the closest thing I've ever seen to a legitimate use of them is to write self-propagating viruses. (in fact, I once received a CD from Microsoft - the original "wolfpack" cluster server beta - that had macro viruses in its .doc files. Gave the virus scanner a fit when it couldn't scrub the files...)
.vbe or .vbs) But that's been an obvious solution for a decade, and they haven't done it yet, so I wouldn't hold my breath.
Word macros included in
It seems that in all this time *someone* could have taken the effort (granted, a large one even with the libraries out there for dealing with Office file formats) to write a filter to strip macros from Word documents. Then install this filter in all your mail servers, and voila - no more word macro viruses.
Of course the easiest solution would be for MS to remove the ability to include macros in Word documents entirely, and require them to be saved to and read from a separate, executable file type. (e.g. one of the existing VBscript file types, like
-
To do collaborative work. If two or three people need to agree on an interface, they can either go through a zillion iterations by email, or they can just sit down in front of a whiteboard and argue until they're done with the whole thing. I've seen design discusssions that should have been done in an afternoon take a week or more because someone flat-out refused to have a meeting about it.
-
Some things just need to be said in front of everyone else. In particular, publicly confessing your planned schedule in front of your colleagues may not be good for your soul, but it's certainly good for ensuring that it gets done.
I'll point out that both of these are stressful activities. They're just easier in the long run than the non-meeting-based alternatives that I know of.A quick check of the pictures online doesn't show any comments regarding picket line crossers, and I don't see any at a cursory examination. (I wouldn't doubt I'd find some if I looked real hard, though) The public message forums don't have any comments about vandalism or violence; I didn't register to see what the closed forums said. As for "proprietary information" - if this was real - i.e. trade secrets, rather than e.g. the color of the suit the VP was wearing yesterday - they'd pursue legal action and take the website down for good.
A final point to keep in mind is that Telus is also blocking downstream ISPs from accessing this site - Telus customers may have restrictive user agreements which basically say the company can do whatever they want and the user has no recourse, but I doubt that agreements with other ISPs are written that way.
As other posters have mentioned, they've probably done something really dumb, as although there may not be any law in Canada (or the US?) requiring an ISP to be a common carrier, there are lots of legal reasons for them to be very afraid of losing common carrier status.
The Tom's hardware project is a true cheap projector, based on a 15" LCD monitor. The projection panel that these other folks use cost an arm and a leg when it was new, and the supply of cheap used ones on EBay can't be very big.
Some modifications to this would needed for toddlers - my setup is designed to be proof against 5-8 year olds, and to fit on a really shallow desk. Take a small mini-itx case, fasten it to the wall behind the desk, and fasten an LCD display on one of those wall mounts just above it. Use an optical mouse, and one of these horrible (but indestructible) flexible rubber keyboards.
For smaller kids, you'll have to make sure there's nothing they can reach by climbing on the LCD display, but you can probably use a better keyboard as the kid won't be using it.
Of course, if unlike us you have a closet near where you want to put the PC and walls that weren't built in the later 18th century, you could just put whatever PC you want in the closet, and run VGA and USB extension cables through the wall to an outlet in the wall just above the desk.
Here's a nyud.net link to the text version: http://www.groklaw.net.nyud.net:8090/article.php?s tory=20041126130302760
A passage covered with black ink in a document recently release by the White House was reconstituted. The method could be applied to a considerable number of declassified files.
He "was bored" in front of television, the weekend of Easter, "when the memo from the CIA to George Bush was released" , remembers David Naccache, a cryptographer at the French company Gemplus. "I immediately telephoned Claire Whelan, a student at Dublin City University, whose thesis I supervise, to propose to her to attack the blacked-out passages" , he relates. Mission accomplished, or almost.
The memo in question, sent on August 6, 2001 by the CIA to President Bush and titled "Bin Laden determined to strike in US", had just been declassified by the White House, which wanted to prove that the accuracy of warnings from intelligence services had not been sufficient to allow the president to prevent the attacks of September 11. But five passages specifying the sources of the collected information had been covered with black ink.
For the cryptologist David Naccache, these illegible fragments were red flags. The result of his efforts - "conducted on a purely private basis" , he specifies, concerned not to implicate his employer in his initiative - was presented Tuesday May 4 at the Eurocrypt 2004 conference, which met until May 6 in Interlaken, Switzerland, the gratin (???) of world cryptography. "The demonstration was extremely impressive" , judged Jean-Jacques Quisquater (University of Louvain-la-Neuve), specialist in the field, who applauds this technique of "reverse engineering censored documents".
David Naccache and his student indeed succeeded in discovering one of the censured words. The term "Egyptian" seems the only possible one to them. They want to fine-tune their method before rendering a verdict on a longer passage, in order not to discredit(???) it. And they totally threw in the sponge on a completely isolated word, for lack of sufficient indices.
The technology employed is not, at first glance, revolutionary. The two researchers initially straightened the text, deformed at the time of its digitalization - the slope was only 0.52 degrees. They then used character recognition software to determine the point size of the text which determines the number of characters per unit length. A simple recourse to an English dictionary then makes it possible to draw up a list of possible words. "1,530 matched" , indicates David Naccache.
But the article "an" preceding the mystery word, implied that this one necessarily started with a vowel, which made it possible to reduce the list to 346 words. In French, an index provided by articles like "un" or "une", in the same way, would have made it possible to tighten the search. The selection was also aided by the fact that the character font, Arial, is "proportional", i.e. the width of the letters varies. The space occupied by an I differs from that taken by W, which can give additional indices, compared to the fonts known as "monospace", like Courier, often used, where all the letters are the same width.
"Among the remaining words, five or six could fit, but only Egyptian corresponded to the context" , indicates the cryptologist. This last stage relies more on human intelligence than the geometry of the text. To choose among "Ukrainian", "uninvited", "unofficial", "incursive", "Egyptian", "indebted" and "Ugandan", the two researchers used their common sense. Uganda and the Ukraine seemed too far away from the theatre of the operations to be retained, for example.
No doubt the analysis of the CIA memo of the CIA reveals only an open secret, recognizes David Naccache. But the method automates the research. (???) In another memo, it revealed that civil helicopters militarized by the Iraqis had been bought in South Korea. And nothing prevents the automated application of this technique to an group of declassified documents, which might one day allow it to uncover "isolated words, or even groups of two or three words".
AllofMP3 has a license from the artists' association in Russia, not the record labels - i.e. the ASCAP equivalent, not the RIAA equivalent. Under Russian law this is sufficient, according to the website. (I'd give a link, but the server is slashdotted at the moment...)
2000 census sez: Houston 1,953,631, Massachusetts 6,427,801. Just thought you'd like to know...
Massachusetts consists (economically) mostly of the Boston metropolitan area, which also includes the south of New Hampshire. Things don't look so rosy business-wise in the western part of the state, but it doesn't affect the average for the state all that much. (as opposed to e.g. California or Texas, where any averages are going to include a lot of farmers and oilmen, kind of bringing down the tech index)
Lots of people on this thread have talked about cost of living and whatnot, but let's face it - if you're starting a new company, you want to locate where you can steal someone else's employees without their needing to move. And if you work for a little startup company, you sure as hell don't want to have to sell your house if they go under or turn weird and you have to jump ship. All of which means, if you want to work for a hot company, your cost of living is going to suck. Such is life - when engineers are expensive, houses tend to be expensive as well.
Which sort of leads into another point - I think that Boston, and Massachusetts in general, is a center of technology just because it is. It's not just because of the universities - there are other places (Amherst/Northampton, for one) with even higher concentrations of college students, who leave as fast as they can after graduation. Boston (or 128/495/whatever) is a good place to start a company because you can find people who started companies, and you can find them because it was a good place to start a company a few years ago.
Perhaps a reductio ad absurdum argument would be better here. If a description of an algorithm in a compile-able computer language is not speech, then is a pseudocode description speech? If not, is the description in stilted English in a patent application speech? In each case the goal is the same - to unambiguously describe a mathematical idea.
My kids (3 and 6) have a fair number of videos. Some of these, especially from Disney, put about 5 minutes of trailers before the feature film, figuring (accurately) that the kids will sit through the trailers instead of fast forwarding. The frustrating thing - for those parents who wish to exercise some control over what their young children see - is that the trailers are often for videos which I wouldn't be willing to get for my kids until they're older.
There's a simple solution for VHS tapes - either splice out the beginning of the tape, or just punch a hole with a paper punch at the end of the trailers, and rewind will stop there. There's no such solution for DVD. It's possible that someone might come out with a DVD player that allows you to program behavior like this, but remember that anyone who produces a DVD player is bound by a contract with the people who put out DVDs, and they can require or prohibit any consumer feature they wish.
Now that the horse is out, and their CEO is no doubt in danger of getting offed by their board for making such a boneheaded mistake, they're trying to lock the barn door by calling in the IP lawyers. I wonder how long it will be before they figure out the obvious solution, which is to respin the hardware with a simple protection mechanism and start distributing new hardware and drivers?
I've always wondered whether or not proprietary competitors would actually keep each other in line when it comes to the GPL. If compiler vendor X, for instance, discovered that vendor Y had incorporated GPL'ed code into their product, would it make sense for vendor X to join forces with the copyright holder to sue vendor Y? It wouldn't help X directly, but would certainly be a blow for Y if they were forced to release their proprietary source under the GPL.