True, the bookstores contribute something useful. My point was that I'm not convinced that the chain of distributors between the publishers and the bookstores was contributing much of consequence (or at least not significantly more than a random fulfillment house contributes). It seems like it was more a matter of momentum than anything else. Print-on-demand will likely lessen their importance further in the coming years.
First, I'm not saying that the problem is like DRM from a crypto perspective. In fact, I thought I made that pretty clear when I said that at least the automakers aren't trying to keep the shared secret from their customers. The point was that any weak crypto has the same inherent flaws as DRM (for different reasons)---that once broken by one person, it is broken for everyone.
In this specific case, though it is even more like DRM in that the flaw is not the crypto itself. It could be perfect and the system would still be exploitable because all the attackers are doing is providing a radio relay to the actual dongle. In effect, the only way to prevent the bad guys from stealing the car would also prevent the actual owner from driving the car. The same process by which the good guys can drive it can also be used by the bad guys to steal it.
There are exactly two solutions that are workable. One is a physical contact solution. The other is putting the button to start the engine on the device itself instead of on the console of the car. Any mechanism in which a passive (or active but not human-controlled) device is used to grant entry or use is exploitable in this way. At the speed of light, it's really, really hard to prevent this.
Keyboards enter raw data very very quickly. However not everything needs quick data/ large quantities of data to be entered for those Keyboards will stick around.
Exactly. They might as well have asked if the invention of the subcompact hybrid car will kill the city bus. Sure, ostensibly they both serve the same purpose, and the subcompact hybrid is much easier for people to drive. It cannot, however, carry fifty or sixty passengers in a single trip, so when they have to evacuate your city, you'd better hope they're ferrying people with the bus and not the Honda Fit.
Want to know what might kill the keyboard someday? Perfect speech recognition. On the average, that should be able to transcribe data about twice as fast as a fairly good typist. We're still a long way from that, though.
Exactly. It's basically the DRM problem all over again. Companies spend money to build DRM under the assumption that 99.99% of people won't have the ability to crack it, forgetting that it only takes one to put it on Bittorrent, at which point it doesn't matter that the other thousand folks couldn't crack it. The only difference is that at least with car alarms, you aren't trying to keep your actual customers from getting the key data from their dongles. (Well, knowing the automakers, they probably are, if only to prevent third-party replacement key manufacturing, but at least it isn't a significant part of their business model.)
A lot of car theft is highly organized already. I mean, it's not like you can sell those stolen cars on the street, and operating a chop shop takes money, space, equipment, etc. So if there are weaknesses in the security, the question is not whether they will be exploited, but when.
What do you mean you might not use it? Really? I think every geek dreams about being able to simultaneously set off ten thousand car alarms. It was awesome enough just being in a marching band and setting off five or six along the parade routes.
Even fifty percent is pretty good. I recall a book publisher telling me once that small publishers were lucky to get 35% of the cover price after channel costs were taken into account. It's shocking how much of the U.S. economy comes from adding negligible value and tacking on a huge profit.
That's not even the problem. Check the percentage of people that actually know anything of what we're supposed to learn about History in school. Go ask questions like how did the I and II World War started, who was Benjamin Franklin, Stalin, Cristopher Columbus...
I think you're being a little unfair. The human brain only has so much space. Sure, one could understand every detail of our history, but that person probably won't also know every detail of mathematics or physics. Folks complain about people not understanding science all the time. No human being is going to be good at everything. Particularly in political leaders, far more important than knowledge is awareness of one's own limitations. It's not important what you know. What's important is knowing that you don't know and knowing how to research it to find out.
The problem is that most folks in Congress don't know and don't want to know. Instead of bringing in experts to explain complex subjects, they let lobbyists tell them what to do because it is easier. The crap they spew sounds ignorant not because they don't understand things, but because they willfully delegate understanding to other people. In short, they're mostly irresponsible across both sides of the aisle, and it is only getting worse.
The right thing to do would be to have Congress consist of proportional representation not just geographically but also in terms of their backgrounds (contrasted with our current Congress, almost half of whom are lawyers). The people in there should be smart enough to know when to defer to the opinions of other Congresspeople who have a better understanding of a specific issue. Unfortunately, instead of such reasonable people, we tend to get people who stubbornly refuse to cooperate, refuse to work with the other political party, and generally drag the country down with them.
Yes, I'm well aware of that. The point was that my normal routines involve pretty much all the classic "evidence" of someone about to commit a crime despite no actual intent on my part to do so.
You know, I'd hate to think what the police would think if they dug into my browsing history. As somebody who is currently writing a trilogy of sci-fi novels that involve the military (the Earth military), in the past couple of months, I've searched for:
Information about famous plane crashes
Various law enforcement techniques
Thermal imaging cameras
Cyanide gas diffusion rates (to find out how much gas someone would have to use to kill someone in a small room)
How to use detcord to blow a door off its hinges (to found out how one would do this when breaching a building)
The advantages and disadvantages of various types of automatic and semiautomatic firearms
Firefighter operations mode on an elevator (to take absolute control of one)
Nuclear fusion and theoretical yield (propulsion)
Physiological effects of a vacuum on the human body
VoIP adapters and remote phone line access
In short, my searches would make me look like the sort of person who you'd expect to find holed up in a compound in flyover country, which is downright hilarious since I've never even owned a gun.
The point is that the evidence described in this story, although it sounds bad, is circumstantial, and could possibly occur innocently. More imprtantly, the Slashdot summary doesn't tell the whole story. There was other evidence in addition to this. Although the browser history might have contributed to a conviction, it was not the sole reason for the conviction.
That's because Perl doesn't have garbage collection. It has a half-assed approximation at implicit reference counting, which is pretty much the worst possible scheme you could construct. It doesn't hang because with the exception of simple data types, it rarely actually releases much of anything unless you go to a lot of trouble to force it to do so. Complex data structure? No problem. Just be sure to mark exactly the right subset out of all of those thousands of cross-references as "soft" so that it actually gets released at the right time and doesn't get released early. Otherwise you either leak memory like a sieve or get incorrect behavior. Alternatively, you can write manual destructor code that zeroes them all. Either way, Perl's so-called "garbage collector" is the essence of hell.
Having written code that deals with lots of large objects in Perl, let me just say that I'll take the memory management scheme of pretty much any modern programming language over Perl any day of the week and twice on Sunday, where "modern" is defined so broadly that it even includes ANSI C or Pascal. Even Java. And I really don't like Java.
The problem with using the GPU is that every context switch requires a complete reinitialization of the GL context, even on a PC, alt tabbing into and from fullscreen games takes ages - it's fine when specific applications which requires the speed use it directly, but it's not when going from one activity to another gives you a loading screen.
Odd, I've never noticed such problems in Mac OS X, even though every window in the OS is composited by the GPU. Maybe it's not so much that GL is inherently flawed so much as that the Windows implementation was hobbled by Microsoft so that game developers would use DirectX instead.
Actually, it is. Garbage collector stalls have been a problem that has consistently plagued Java for as long as it has existed. Those of us who have been around long enough still remember Java apps hanging for tens of seconds at a time while the garbage collector ran. These days, the user would force quit long before the app came back to life if an app were to hang that long. It isn't nearly as bad these days, of course, but on a slow CPU, it can still be a problem. That is why Apple wisely chose to use explicit memory management instead of garbage collection when designing iOS. Garbage collection means choosing rapid application development over performance, which can be an acceptable tradeoff on the desktop, but is rarely an acceptable tradeoff on a small mobile device with limited CPU performance.
A shoddy workman blames his tools.
You're right. A good workman, upon determining that the tools are bad, throws them out, gets better tools, and then goes back and fixes whatever he/she screwed up with the old ones.
If BT implements this and doesn't intentionally throttle other services,
You can stop right there. If BT's pipes were not already massively oversold to the point of pure comedy, they would not be trying to move companies like YouTube to caching servers in the first place. Therefore, the current state of affairs is essentially that they are massively throttling everyone's services. In short, if they implement this, they'd be violating the principles of net neutrality from day one.
That's the problem. As soon as they implement this, assuming YouTube buys in (or is granted free access as a "special" customer), much of the public will stop screaming about the inadequate bandwidth, but it will still be a problem, which means that from then on, any service that wants to compete with YouTube will be forced to pay their protection fee or will not be able to serve content adequately to BT customers. In effect, it is just masking the problem so that customers don't scream without fixing the real problem---that BT's pipes are way too small.
True, that patent trolls aren't thwarted by mutually assured destruction. That wasn't the question. The question was what would keep this patent pool from devolving into that, and the answer is that the pool would be managed by its members, who would have no interest in losing their patents due to frivolous action against someone else.
Who will fund this? It costs money to review and file patents, maintain and defend a portfolio, and actually litigate.
Well, the idea was that the site would raise money through donations and advertising while covering legal issues that pertain to open source, and that some portion of those donations would cover that. You could also solicit open-source-friendly corporations to pledge money in the event of an actual legal defense.
Who gets protected? Patent lawsuits occur against companies as a whole, not specific projects. To what degree of open-source friendliness / compliance does an entity have to operate in order to not be on the receiving side of this?
When you're talking about open source, it's usually individuals acting rather than companies, which makes things even more complicated. However, the answer would have to be that any open source developer who is either a member of the consortium or is a member of a project that is a member of the consortium would be defended against lawsuits, and the full weight of the consortium's patent portfolio would be used in a countersuit. I would also say that companies should be on the receiving end of lawsuits only in retaliation for actions by those companies against any individual or group member of the consortium.
Who will manage it? Obviously, some coalition of trustworthy individuals is needed both to ensure internal integrity as well as to entice developers to sign over their intellectual property.
I would probably start with the creation of an appropriate constitution/set of bylaws that govern how the executive board operates, that govern how those bylaws can be changed, general policies, voting procedures, etc. Then, I would probably have a democratic election of an executive board consisting of... say nine members to handle much of the day-to-day operations.
What's to stop unfriendly companies from sneaking into the coalition? Because this is exactly what I'd try to do if this project ever gained momentum.
Nothing. They would, however, have to follow the same rules as everyone else. They would have to agree not to sue any coalition member in order to gain access to the coalition's patents, and they would have to cross-license all patents that they own to any member of the coalition.
What would provoke such a consortium into attacking an entity? Seems like defensively, any company that patent-trolls, especially against open-source, is candidate, but there's the question of whether or no to be proactive, and how proactive to be.
I would argue that proactive enforcement is probably not in the best interests of the organization, and particularly not a good idea in the short term. Defensive use (counter-suits in the event of a third party suing a member, saber rattling in the case of a third party threatening to sue a member, etc.) should be the sole purpose of such an organization. As soon as you cross the line into suing companies that aren't suing you, you lose the moral high ground.:-)
Would licenses to use the patents be GPL-style or BSD-style?
That's tricky. I would start with a standard patent grant wherein any member of the consortium is granted the right to exploit the patent, and wherein anyone who obtains a copy of covered software is granted the right to use and redistribute the software so long as it remains open source. Beyond that, the board should be allowed to negotiate cross-licensing deals, and all patent agreements should contain a mutually assured destruction clause wherein if a company or individual sues any member of the consortium, that company or individual loses any rights to continue distributing the patented technology.
Also, as a policy, the consortium should disclaim outright any claims of in
and what is going to stop them from being used offensively? a sweet promise made?
The principle of mutually assured destruction, basically. Same reason that such a patent pool would make companies less likely to sue random open source projects that are members of the consortium.
That and it should ideally be constructed in such a way that any offensive use would require a vote by its members, and most members would probably not choose to do so except in very limited circumstances.
First, nobody mentioned Foxconn until you brought it up. Second, what you're failing to point out is that
Foxconn is one of the better Chinese employers. There are a lot of employers that are a whole lot worse.
Suicide is just one of the many causes of death directly attributable to abusive corporate practices in China. Start with the alarming cancer rate and go from there.
When the #1 cause of death in your major cities is lung cancer (and the #2 cause of death nationwide), you have a very real problem. It may not be slavery, but it is eerily reminiscent of other early industrial societies. You'd think that we, as a planet, would have learned better by now, but apparently not.
No, seriously. Groklaw should become a patent consortium run by open source software folks. It should use its resources to fund patent applications by open source projects and should hold those patents collectively so that they can be used defensively if any of the member projects are attacked by software patents.
I would argue that a 4 GB plan should provide 4 GB for a given fee, whether it gets used up over one month or one year. And when that is used up, they should bill you for another 4 GB. And if a download drops midway and has to be restarted from the beginning (or if a page fails to load and requires reloading everything), the phone company should have to eat that cost.
My attitude is that I'm paying a monthly fee that provides up to 5 GB per month and I'm only using a fraction of that, I'm wasting money. Thus, I might as well find a way to max it out every month.
The flip side of this is that if customers were routinely forced to pay rates based on usage, it would significantly drive down demand on smart phones, and the carriers make a hefty profit on those, hence they aren't likely to do that any time soon. In effect, the carriers want to eat their cake and still have it. It is in their best interest to entice people with unlimited service, then say, "Oh, but we didn't really mean it." They want people to buy the expensive smart phones so that they can make a huge profit on them, but then they want people to use them like they would use ordinary phones. The real world doesn't work that way, and this is starting to become painfully obvious to the telcos.
Like paying people to rob hundreds of houses for a cut of the profits. :-)
The more serious problem with it is the effect on ham radio. BPL is noisy, and power lines are A. unshielded and B. mostly overhead.
True, the bookstores contribute something useful. My point was that I'm not convinced that the chain of distributors between the publishers and the bookstores was contributing much of consequence (or at least not significantly more than a random fulfillment house contributes). It seems like it was more a matter of momentum than anything else. Print-on-demand will likely lessen their importance further in the coming years.
First, I'm not saying that the problem is like DRM from a crypto perspective. In fact, I thought I made that pretty clear when I said that at least the automakers aren't trying to keep the shared secret from their customers. The point was that any weak crypto has the same inherent flaws as DRM (for different reasons)---that once broken by one person, it is broken for everyone.
In this specific case, though it is even more like DRM in that the flaw is not the crypto itself. It could be perfect and the system would still be exploitable because all the attackers are doing is providing a radio relay to the actual dongle. In effect, the only way to prevent the bad guys from stealing the car would also prevent the actual owner from driving the car. The same process by which the good guys can drive it can also be used by the bad guys to steal it.
There are exactly two solutions that are workable. One is a physical contact solution. The other is putting the button to start the engine on the device itself instead of on the console of the car. Any mechanism in which a passive (or active but not human-controlled) device is used to grant entry or use is exploitable in this way. At the speed of light, it's really, really hard to prevent this.
Or "problems to be dealt with".
Exactly. They might as well have asked if the invention of the subcompact hybrid car will kill the city bus. Sure, ostensibly they both serve the same purpose, and the subcompact hybrid is much easier for people to drive. It cannot, however, carry fifty or sixty passengers in a single trip, so when they have to evacuate your city, you'd better hope they're ferrying people with the bus and not the Honda Fit.
Want to know what might kill the keyboard someday? Perfect speech recognition. On the average, that should be able to transcribe data about twice as fast as a fairly good typist. We're still a long way from that, though.
Yeah, and I might not post this.
Exactly. It's basically the DRM problem all over again. Companies spend money to build DRM under the assumption that 99.99% of people won't have the ability to crack it, forgetting that it only takes one to put it on Bittorrent, at which point it doesn't matter that the other thousand folks couldn't crack it. The only difference is that at least with car alarms, you aren't trying to keep your actual customers from getting the key data from their dongles. (Well, knowing the automakers, they probably are, if only to prevent third-party replacement key manufacturing, but at least it isn't a significant part of their business model.)
A lot of car theft is highly organized already. I mean, it's not like you can sell those stolen cars on the street, and operating a chop shop takes money, space, equipment, etc. So if there are weaknesses in the security, the question is not whether they will be exploited, but when.
What do you mean you might not use it? Really? I think every geek dreams about being able to simultaneously set off ten thousand car alarms. It was awesome enough just being in a marching band and setting off five or six along the parade routes.
Even fifty percent is pretty good. I recall a book publisher telling me once that small publishers were lucky to get 35% of the cover price after channel costs were taken into account. It's shocking how much of the U.S. economy comes from adding negligible value and tacking on a huge profit.
I think you're being a little unfair. The human brain only has so much space. Sure, one could understand every detail of our history, but that person probably won't also know every detail of mathematics or physics. Folks complain about people not understanding science all the time. No human being is going to be good at everything. Particularly in political leaders, far more important than knowledge is awareness of one's own limitations. It's not important what you know. What's important is knowing that you don't know and knowing how to research it to find out.
The problem is that most folks in Congress don't know and don't want to know. Instead of bringing in experts to explain complex subjects, they let lobbyists tell them what to do because it is easier. The crap they spew sounds ignorant not because they don't understand things, but because they willfully delegate understanding to other people. In short, they're mostly irresponsible across both sides of the aisle, and it is only getting worse.
The right thing to do would be to have Congress consist of proportional representation not just geographically but also in terms of their backgrounds (contrasted with our current Congress, almost half of whom are lawyers). The people in there should be smart enough to know when to defer to the opinions of other Congresspeople who have a better understanding of a specific issue. Unfortunately, instead of such reasonable people, we tend to get people who stubbornly refuse to cooperate, refuse to work with the other political party, and generally drag the country down with them.
Yes, I'm well aware of that. The point was that my normal routines involve pretty much all the classic "evidence" of someone about to commit a crime despite no actual intent on my part to do so.
I also delete my browsing history periodically....
Err... importantly. Stupid typos.
You know, I'd hate to think what the police would think if they dug into my browsing history. As somebody who is currently writing a trilogy of sci-fi novels that involve the military (the Earth military), in the past couple of months, I've searched for:
In short, my searches would make me look like the sort of person who you'd expect to find holed up in a compound in flyover country, which is downright hilarious since I've never even owned a gun.
The point is that the evidence described in this story, although it sounds bad, is circumstantial, and could possibly occur innocently. More imprtantly, the Slashdot summary doesn't tell the whole story. There was other evidence in addition to this. Although the browser history might have contributed to a conviction, it was not the sole reason for the conviction.
That's because Perl doesn't have garbage collection. It has a half-assed approximation at implicit reference counting, which is pretty much the worst possible scheme you could construct. It doesn't hang because with the exception of simple data types, it rarely actually releases much of anything unless you go to a lot of trouble to force it to do so. Complex data structure? No problem. Just be sure to mark exactly the right subset out of all of those thousands of cross-references as "soft" so that it actually gets released at the right time and doesn't get released early. Otherwise you either leak memory like a sieve or get incorrect behavior. Alternatively, you can write manual destructor code that zeroes them all. Either way, Perl's so-called "garbage collector" is the essence of hell.
Having written code that deals with lots of large objects in Perl, let me just say that I'll take the memory management scheme of pretty much any modern programming language over Perl any day of the week and twice on Sunday, where "modern" is defined so broadly that it even includes ANSI C or Pascal. Even Java. And I really don't like Java.
Odd, I've never noticed such problems in Mac OS X, even though every window in the OS is composited by the GPU. Maybe it's not so much that GL is inherently flawed so much as that the Windows implementation was hobbled by Microsoft so that game developers would use DirectX instead.
Actually, it is. Garbage collector stalls have been a problem that has consistently plagued Java for as long as it has existed. Those of us who have been around long enough still remember Java apps hanging for tens of seconds at a time while the garbage collector ran. These days, the user would force quit long before the app came back to life if an app were to hang that long. It isn't nearly as bad these days, of course, but on a slow CPU, it can still be a problem. That is why Apple wisely chose to use explicit memory management instead of garbage collection when designing iOS. Garbage collection means choosing rapid application development over performance, which can be an acceptable tradeoff on the desktop, but is rarely an acceptable tradeoff on a small mobile device with limited CPU performance.
You're right. A good workman, upon determining that the tools are bad, throws them out, gets better tools, and then goes back and fixes whatever he/she screwed up with the old ones.
You can stop right there. If BT's pipes were not already massively oversold to the point of pure comedy, they would not be trying to move companies like YouTube to caching servers in the first place. Therefore, the current state of affairs is essentially that they are massively throttling everyone's services. In short, if they implement this, they'd be violating the principles of net neutrality from day one.
That's the problem. As soon as they implement this, assuming YouTube buys in (or is granted free access as a "special" customer), much of the public will stop screaming about the inadequate bandwidth, but it will still be a problem, which means that from then on, any service that wants to compete with YouTube will be forced to pay their protection fee or will not be able to serve content adequately to BT customers. In effect, it is just masking the problem so that customers don't scream without fixing the real problem---that BT's pipes are way too small.
Sort of, but that seems to be a lot more narrowly focused on Linux.
True, that patent trolls aren't thwarted by mutually assured destruction. That wasn't the question. The question was what would keep this patent pool from devolving into that, and the answer is that the pool would be managed by its members, who would have no interest in losing their patents due to frivolous action against someone else.
I'll give my thoughts on this.
Well, the idea was that the site would raise money through donations and advertising while covering legal issues that pertain to open source, and that some portion of those donations would cover that. You could also solicit open-source-friendly corporations to pledge money in the event of an actual legal defense.
When you're talking about open source, it's usually individuals acting rather than companies, which makes things even more complicated. However, the answer would have to be that any open source developer who is either a member of the consortium or is a member of a project that is a member of the consortium would be defended against lawsuits, and the full weight of the consortium's patent portfolio would be used in a countersuit. I would also say that companies should be on the receiving end of lawsuits only in retaliation for actions by those companies against any individual or group member of the consortium.
I would probably start with the creation of an appropriate constitution/set of bylaws that govern how the executive board operates, that govern how those bylaws can be changed, general policies, voting procedures, etc. Then, I would probably have a democratic election of an executive board consisting of... say nine members to handle much of the day-to-day operations.
Nothing. They would, however, have to follow the same rules as everyone else. They would have to agree not to sue any coalition member in order to gain access to the coalition's patents, and they would have to cross-license all patents that they own to any member of the coalition.
I would argue that proactive enforcement is probably not in the best interests of the organization, and particularly not a good idea in the short term. Defensive use (counter-suits in the event of a third party suing a member, saber rattling in the case of a third party threatening to sue a member, etc.) should be the sole purpose of such an organization. As soon as you cross the line into suing companies that aren't suing you, you lose the moral high ground. :-)
That's tricky. I would start with a standard patent grant wherein any member of the consortium is granted the right to exploit the patent, and wherein anyone who obtains a copy of covered software is granted the right to use and redistribute the software so long as it remains open source. Beyond that, the board should be allowed to negotiate cross-licensing deals, and all patent agreements should contain a mutually assured destruction clause wherein if a company or individual sues any member of the consortium, that company or individual loses any rights to continue distributing the patented technology.
Also, as a policy, the consortium should disclaim outright any claims of in
The principle of mutually assured destruction, basically. Same reason that such a patent pool would make companies less likely to sue random open source projects that are members of the consortium.
That and it should ideally be constructed in such a way that any offensive use would require a vote by its members, and most members would probably not choose to do so except in very limited circumstances.
First, nobody mentioned Foxconn until you brought it up. Second, what you're failing to point out is that
When the #1 cause of death in your major cities is lung cancer (and the #2 cause of death nationwide), you have a very real problem. It may not be slavery, but it is eerily reminiscent of other early industrial societies. You'd think that we, as a planet, would have learned better by now, but apparently not.
No, seriously. Groklaw should become a patent consortium run by open source software folks. It should use its resources to fund patent applications by open source projects and should hold those patents collectively so that they can be used defensively if any of the member projects are attacked by software patents.
I would argue that a 4 GB plan should provide 4 GB for a given fee, whether it gets used up over one month or one year. And when that is used up, they should bill you for another 4 GB. And if a download drops midway and has to be restarted from the beginning (or if a page fails to load and requires reloading everything), the phone company should have to eat that cost.
My attitude is that I'm paying a monthly fee that provides up to 5 GB per month and I'm only using a fraction of that, I'm wasting money. Thus, I might as well find a way to max it out every month.
The flip side of this is that if customers were routinely forced to pay rates based on usage, it would significantly drive down demand on smart phones, and the carriers make a hefty profit on those, hence they aren't likely to do that any time soon. In effect, the carriers want to eat their cake and still have it. It is in their best interest to entice people with unlimited service, then say, "Oh, but we didn't really mean it." They want people to buy the expensive smart phones so that they can make a huge profit on them, but then they want people to use them like they would use ordinary phones. The real world doesn't work that way, and this is starting to become painfully obvious to the telcos.