"If you're bright and company X won't hire you because you know acronym Y instead of comparable acronym Z, you don't want to work for them anyway." - unfortunately this is the way a majority of companies operate these days and bright people, still being people, have limited time and bills to pay, making it unlikely that they will be able to narrow the field of potential employers down from thousands of companies to just those that actually are really great places to work (rather then merely claiming to be so) and be financially able to wait for a position to open up at one of those companies.
The market requires no law or regulation. If it did there would be no black market, which is the closest thing we have to a free market here in the US (and most other countries for that matter).
"corporations, which after all represent the economic well being of all shareholders, outweight the minor privacy concerns of any individual worker" -- how do you figure the economic well being of shareholders outweighs employees concerns about having to have a chip implanted into their body as a condition of employment?
That would be great so long as all other government regulations where also removed as well, so that we all really had individual freedom. If we have to live with reams and reams of government regulations, why not include one that means folks won't have to choose between RFID injection or being a homeless beggar?
"In a free-market capitalist society" and which society would you be referring too? The US is not a free-market capitalist society and hasn't been for a long time. If the various governments of the US didn't so heavily favor established businesses with regulations and tax breaks, then it would not be necessary to for so many people choose between working for an established business and becoming a homeless street beggar.
If the researcher can do all of that, then why wouldn't they just go start their own company so they can: 1. Come up with ideas that have the potential to help someone with a problem and money to throw at it 2. Explain with the utmost clarity what these ideas are to people with money and a problem, how the ideas might be implemented given the customer's current situation, and estimate the costs, risks, and potential benefits. 3. Implement the idea for the customer.
The FSF has certainly said that, but there seems to be some reasonable debate on if their theory is legally accurate, and to my knowledge their theory has yet to be proven of disproven in court.
Yes, it is a rootkit. It's modifying the kernel space to hide directories from the user. There are better ways of doing such a thing, but a rootkit has the advantage of keeping the files hidden from common methods of hidden-file detection. Something like a virus or trojan would tend to use a kit like this to make sure that it couldn't be found by antivirus software. Such kits also tend to mask the presence of their processes, just to make sure that they REALLY can't be detected.
The article doesn't say anything about modifying kernel space. Windows has a hidden file attribute built right into it, and from the article:
The Sony MicroVault USM-F fingerprint reader software that comes with the USB stick installs a driver that is hiding a directory under "c:\windows\". So, when enumerating files and subdirectories in the Windows directory, the directory and files inside it are not visible through Windows API. If you know the name of the directory, it is e.g. possible to enter the hidden directory using Command Prompt and it is possible to create new hidden files. There are also ways to run files from this directory. Files in this directory are also hidden from some antivirus scanners (as with the Sony BMG DRM case) -- depending on the techniques employed by the antivirus software. It is therefore technically possible for malware to use the hidden directory as a hiding place.
Since the command prompt can be used to enter the directory, create files there, and run files from there, the directory is not hidden from the Windows API, it's merely ommitted by default like any other file or directory marked with the hidden attribute. Windows explorer can have it's options tweaked so that hidden files will be displayed by default.
"And how much do you want to bet they just ruled that it was unconsciable for the person to waive their rights to a CLASS-action lawsuit in place of arbitration, rather than individual arbitration?"
It doesn't appear to be even that much. At the end it says "In sum, we hold that Cingular's class arbitration waiver is
unconscionable under California law", so it only seems to go as far as ruling unconscionable the waiver of class arbitration (and even then only when it is done through an adhesion contract and only where the amounts in dispute are small and numerous customers of the company have such small amounts in dispute). If the contract had been written better it looks like the part waiving class arbitration could have been voided without also voiding the waiver of class action lawsuits, but it wasn't written in such a way.
Have fun writing an ActiveX control in Java. Not that I'm a fan of web pages with ActiveX controls, Java, or Javascript, considering I have all of that stuff blocked by default so the pages don't work right without having to put my machine at increased risk to attack.
Copyright laws include fair use rights. If companies want the protection of copyright laws and should not try to prevent the exercise of fair rights use with DRM. If they instead want to use purely technological means to protect their content, then they shouldn't be making use of copyright laws and government courts while trying to also prevent the exercise of the fair use rights included in those same laws.
From the federal law "uses or attempts to use an audiovisual recording device to transmit or make a copy of a motion picture". She didn't make a copy of the "a motion picture", she made a copy of 20 seconds of a motion picture, which is less then 1% of it. Making a copy of a part of something is not the same thing as copying it in its entirety.
I also noticed this in the federal law:
the licensor of the motion picture or other audiovisual work being exhibited, or the agent or employee of such licensor--
``(1) may detain, in a reasonable manner and for a
reasonable time, any person suspected of a violation of this
section with respect to that motion picture or audiovisual work
for the purpose of questioning or summoning a law enforcement
officer; and
``(2) shall not be held liable in any civil or criminal
action arising out of a detention under paragraph (1).
So now if theater employees can forcibly detain you, injure you in the process, and be immune from both civil and criminal liability if they merely claim they suspected you of violating this section.
I'm not setting foot in a movie theater again so long as this law is on the books.
As you didn't deny working for either, I'll go ahead and assume you are a RIAA and/or MPAA shill trying to silence opposition to your employer's agenda.
"A sad but true statement: Ignorance of the law is no excuse."
Considering that there are know more laws on the books then the average person could ever comprehend and remember at all times, ignorance of the law should be an excuse. When the law is no longer just, should we still follow it?
Should the theater employees be excused for not knowing the copyright laws well enough to know that they include provisions for fair use and that seeing someone one with a camcorder in a theater isn't automatically copyright infringement and doesn't become so until enough of the movie has been filmed that it no longer constitutes fair use?
The worth to us is all that matters. No security system is unbreakable, so we can never assume it won't be broken. What we need to be accurate about is how much it will cost us if it's compromised. Many things don't cost very much when compromised so they have minimal to no security around them at all, but they are frequently insured. Insurance, with an appropriate deductable, can be make use of to mitigate the risk of the cost of damages from a major breach from a sufficiently motivated attacker.
In your example of the murder, the cost of the breach is only that of the investigation into the missing/altered records (if they are actually noticed) since no widgets were actually stolen.
Regarding the original posters issue the cost of the breach is the cost of being out of compliance, which is likely something the companies lawyers would have to estimate.
Anything can be destroyed or altered and as with any security issue this a matter of making the cost of doing so more then anyone is willing to pay.
All you need to determine if data has been tampered with is a currently unbroken cryptographic hash for the data that has been timestamped and signed by a timestamp authority (or more then one depending on how much you want to tampering to cost).
Preventing deletion (i.e. total destruction rather then simply deleting entry from a larger file which is merely tampering) of data is matter of having seperate and secure back-ups and the ability to tell when a file has been deleted. This can be handled with cryptographic hash of all of the current signed timestamps for the files so if one goes missing you can tell immediately and retrieve it from the archive.
Slashdot Mirror
"If you're bright and company X won't hire you because you know acronym Y instead of comparable acronym Z, you don't want to work for them anyway." - unfortunately this is the way a majority of companies operate these days and bright people, still being people, have limited time and bills to pay, making it unlikely that they will be able to narrow the field of potential employers down from thousands of companies to just those that actually are really great places to work (rather then merely claiming to be so) and be financially able to wait for a position to open up at one of those companies.
How are you getting your leads on candidates (recruiter, job sites, postings on your own web site, all of the above)?
The market requires no law or regulation. If it did there would be no black market, which is the closest thing we have to a free market here in the US (and most other countries for that matter).
"corporations, which after all represent the economic well being of all shareholders, outweight the minor privacy concerns of any individual worker" -- how do you figure the economic well being of shareholders outweighs employees concerns about having to have a chip implanted into their body as a condition of employment?
That would be great so long as all other government regulations where also removed as well, so that we all really had individual freedom. If we have to live with reams and reams of government regulations, why not include one that means folks won't have to choose between RFID injection or being a homeless beggar?
"In a free-market capitalist society" and which society would you be referring too? The US is not a free-market capitalist society and hasn't been for a long time. If the various governments of the US didn't so heavily favor established businesses with regulations and tax breaks, then it would not be necessary to for so many people choose between working for an established business and becoming a homeless street beggar.
If the researcher can do all of that, then why wouldn't they just go start their own company so they can:
1. Come up with ideas that have the potential to help someone with a problem and money to throw at it
2. Explain with the utmost clarity what these ideas are to people with money and a problem, how the ideas might be implemented given the customer's current situation, and estimate the costs, risks, and potential benefits.
3. Implement the idea for the customer.
T-Rex is a dinosaur and IBM has been called a dinosaur for many years, but it is still around.
The FSF has certainly said that, but there seems to be some reasonable debate on if their theory is legally accurate, and to my knowledge their theory has yet to be proven of disproven in court.
The article doesn't say anything about modifying kernel space. Windows has a hidden file attribute built right into it, and from the article:
Since the command prompt can be used to enter the directory, create files there, and run files from there, the directory is not hidden from the Windows API, it's merely ommitted by default like any other file or directory marked with the hidden attribute. Windows explorer can have it's options tweaked so that hidden files will be displayed by default.
Bingo. I image my OS drive so I know I can get it back to a known state no matter how badly a crashing app corrupts the registry.
"And how much do you want to bet they just ruled that it was unconsciable for the person to waive their rights to a CLASS-action lawsuit in place of arbitration, rather than individual arbitration?" It doesn't appear to be even that much. At the end it says "In sum, we hold that Cingular's class arbitration waiver is unconscionable under California law", so it only seems to go as far as ruling unconscionable the waiver of class arbitration (and even then only when it is done through an adhesion contract and only where the amounts in dispute are small and numerous customers of the company have such small amounts in dispute). If the contract had been written better it looks like the part waiving class arbitration could have been voided without also voiding the waiver of class action lawsuits, but it wasn't written in such a way.
That's what they get for making their bed with RIAA members, not all artists do so.
Have fun writing an ActiveX control in Java. Not that I'm a fan of web pages with ActiveX controls, Java, or Javascript, considering I have all of that stuff blocked by default so the pages don't work right without having to put my machine at increased risk to attack.
The right be paid for the the utilities use of the land and the right to refuse any given utility from using the land is what was taken.
Do you actually know the current and historical composition of the Earth's atmosphere? Science doesn't say anything, it's people who speak.
"Wow...I don't think I've ever heard anybody with this belief system." It's common among some factions of anarchists.
Copyright laws include fair use rights. If companies want the protection of copyright laws and should not try to prevent the exercise of fair rights use with DRM. If they instead want to use purely technological means to protect their content, then they shouldn't be making use of copyright laws and government courts while trying to also prevent the exercise of the fair use rights included in those same laws.
From the federal law "uses or attempts to use an audiovisual recording device to transmit or make a copy of a motion picture". She didn't make a copy of the "a motion picture", she made a copy of 20 seconds of a motion picture, which is less then 1% of it. Making a copy of a part of something is not the same thing as copying it in its entirety. I also noticed this in the federal law: the licensor of the motion picture or other audiovisual work being exhibited, or the agent or employee of such licensor-- ``(1) may detain, in a reasonable manner and for a reasonable time, any person suspected of a violation of this section with respect to that motion picture or audiovisual work for the purpose of questioning or summoning a law enforcement officer; and ``(2) shall not be held liable in any civil or criminal action arising out of a detention under paragraph (1). So now if theater employees can forcibly detain you, injure you in the process, and be immune from both civil and criminal liability if they merely claim they suspected you of violating this section. I'm not setting foot in a movie theater again so long as this law is on the books.
As you didn't deny working for either, I'll go ahead and assume you are a RIAA and/or MPAA shill trying to silence opposition to your employer's agenda.
Do you work for the RIAA or is it the MPAA?
How on earth could the cops have gotten there twenty seconds after she started filming?
"A sad but true statement: Ignorance of the law is no excuse." Considering that there are know more laws on the books then the average person could ever comprehend and remember at all times, ignorance of the law should be an excuse. When the law is no longer just, should we still follow it? Should the theater employees be excused for not knowing the copyright laws well enough to know that they include provisions for fair use and that seeing someone one with a camcorder in a theater isn't automatically copyright infringement and doesn't become so until enough of the movie has been filmed that it no longer constitutes fair use?
The worth to us is all that matters. No security system is unbreakable, so we can never assume it won't be broken. What we need to be accurate about is how much it will cost us if it's compromised. Many things don't cost very much when compromised so they have minimal to no security around them at all, but they are frequently insured. Insurance, with an appropriate deductable, can be make use of to mitigate the risk of the cost of damages from a major breach from a sufficiently motivated attacker. In your example of the murder, the cost of the breach is only that of the investigation into the missing/altered records (if they are actually noticed) since no widgets were actually stolen. Regarding the original posters issue the cost of the breach is the cost of being out of compliance, which is likely something the companies lawyers would have to estimate.
Anything can be destroyed or altered and as with any security issue this a matter of making the cost of doing so more then anyone is willing to pay.
All you need to determine if data has been tampered with is a currently unbroken cryptographic hash for the data that has been timestamped and signed by a timestamp authority (or more then one depending on how much you want to tampering to cost).
Preventing deletion (i.e. total destruction rather then simply deleting entry from a larger file which is merely tampering) of data is matter of having seperate and secure back-ups and the ability to tell when a file has been deleted. This can be handled with cryptographic hash of all of the current signed timestamps for the files so if one goes missing you can tell immediately and retrieve it from the archive.