It makes no sense to spend more time agonizing over some potential policies of guys who will never be elected while ignoring the government and representatives currently making the decisions.
After you've elected your representatives, what they do is out of your hands; the only way you can change their behavior is to elect someone different next time. Therefore, agonizing over who to elect next time is, in fact, the only thing that makes sense if you live in a representative democracy. Worrying about day-to-day policies is pointless once you've made up your mind that you already don't like the current guys.
On another note, I am Canadian. To me, it does not make sense that an election should last 4 years and require the kind of funding only mega-corporations can provide.
If you're trying to imply that the Canadian political system is somehow immune to such excesses, you're wrong. The reason companies spend a boatload of money on US elections is because US elections matter a great deal to their bottom line; on the other hand, who governs Canada simply doesn't matter much to corporations or anybody outside Canada.
MSOOXML should become a standard IFF it is freely implementable by third parties without paying copyright, trademark or patent fees.
While I personally prefer such standards, not all standards have that form. And, on balance, I prefer having ISO standardize bad, patent-encumbered formats to having such formats be entirely undocumented; sooner or later those patents expire, after all.
ISO's purpose is to make sure that technically, the standard is implementable by third parties (it doesn't need to be good technology, it merely needs to be well-specified technology). And it needs to make sure that the licensing issues are clear up-front; so, if OOXML is patent encumbered, then people need to know about it ahead of time. If Microsoft is planning on playing games with OOXML "standards compliance" like Sun has been trying to with the Java compatibility toolkits, that needs to be known ahead of time.
the evidence, viewed in the light most favorable to the party opposing the motion [i.e., SCO, in this situation], shows there are no genuine issues of material fact.
Yes, and the fact is that SCO couldn't produce a single shred of evidence that their copyright had been infringed. That's the part that matters, and it makes the question of who held the copyright immaterial.
With Windows Vista, I find myself frequently thinking: hmmm... this looks a little like a network configuration dialog box... no, wait... it's the network status box... no, actually it looks more like... etc.
While I think OOXML is a bad standard and we don't need it, that's not a good policy for a standards body. If Microsoft is willing to go through the process, OOXML should become an ISO standard, even though it sucks.
They also support DRM'ed books, but they are very different devices: open, programmable, extensible, and they support open formats right on the device.
E-books have the potential of making books much more widely and cheaply accessible, if they don't get hijacked by companies like Amazon.
The issue is not whether two secure hash functions are better than one, the issue is whether two different, possibly insecure hash functions are better than one. And they are, because the probability that two independent hash functions become compromised at the same time is much smaller than a single function getting compromised.
OK so why is this good but the Microsoft format is bad?
Because this format is technically pretty good, while Microsoft's format is technically bad.
Fact is that some proprietary formats become defacto standards
Microsoft's format wasn't rejected because it was from Microsoft, it was rejected because it was bad and needed work. If (and only if) Microsoft is willing to put in the work and make changes to the format, then OOXML can become an ISO standard as well.
I must've missed the memo that declared "evangelism" as the new corporate-sponsored FUD. But boy, it does feel wholesome.
Where in the article do you see "evangelism"? Weir is stating a bunch of relevant facts and providing a bunch of useful pointers. What is wrong with that?
allows a local government to seek the ID of this person, since seeking someone's ID is not prohibited, then it is reserved to the states (or in this case, a local government
That's incorrect. State legislatures have powers, but only subject to state constitutions. Local and state governments have powers, but only as given to them by state legislatures. The NJ state constitution parallels the US Constitution in enumerating specific powers for state government and leaving the rest to the people.
Also, note that the local government isn't trying to unmask the blogger; they realize they don't have that power. They're just on a legal fishing expedition as part of another lawsuit.
ou miss the point. that is happening is that the councilors he is attacking online want to sue him personally for lible
No, that is not what is happening. If that were the case, the councilors would file a lawsuit for libel and then subpoena the blogger as part of the libel suit.
What they are actually doing is trying to unmask the blogger as part of a malpractice lawsuit by the town against a lawyer; blogging or libel have no bearing on that.
What freedoms are lost? I've scoured the Constitution and Right to Anonymity is not listed there.
Sure it is. It's listed right here:
Amendment IX
The enumeration in the Constitution, of certain rights, shall not be construed to deny or disparage others retained by the people.
Amendment X
The powers not delegated to the United States by the Constitution, nor prohibited by it to the states, are reserved to the states respectively, or to the people.
Because some people wanted to make extra certain that some specific rights are explicitly enumerated. Other people were of the opinion that this wasn't necessary and would just muddy the waters (as it did with you). As a compromise, they added the Bill of Rights, but added these disclaimers at the end:
Amendment IX
The enumeration in the Constitution, of certain rights, shall not be construed to deny or disparage others retained by the people.
Amendment X
The powers not delegated to the United States by the Constitution, nor prohibited by it to the states, are reserved to the states respectively, or to the people.
It's not a "complete scan", it's testing for a large number of known variations.
Meaning? Meaning that this is not the last scan you'll ever do; you'll probably need to do this again in a few years when people will be testing for even more variations, or when you can simply get your complete sequence for $1000.
What's it good for? If they find a specific, serious genetic defect, it may help you medically, but if you had one of those, you'd probably already know about as an adult. Otherwise, it's medically not all that useful.
It probably is still a fun thing to do. It can tell you about your ancestry, and it may get you thinking about nature vs. nurture. Who knew that you had the super athlete gene, but wasted it sitting in front of a computer?:-)
They "might", but, in fact, they don't. If you compare the Windows international, X11 international, OLPC, and Lancor keyboards, you'll quickly discover that OLPC is a regular international keyboard like they have been in use for a couple of decades.
USENET used to be similar to IRC, in that it was used for casual, short-lived conversations, with expiration times for articles ranging from days to a few weeks. Post-1977, those articles should be automatically copyrighted and companies should not have a right to repurpose them from their originally intended usage. Well, that didn't stop companies like DejaNews from putting everything up on-line and making it searchable. Now, this company is doing the same thing for IRC.
I'm actually all for the principle that if you put it on the web or in a chat or on the public airwaves, people should be able to copy it, archive it, and redistribute it. However, such a principle needs to be formulated and enforced uniformly; it simply isn't right for some groups to get away with ignoring copyright and others to get charged with copyright infringement.
Why would you need MD5 forgeries for that? A package maintainer can simply gain trust with a sequence of good binary releases and then, at some point, release a correctly signed bad binary corresponding to a small source code change.
The particular scenario they describe is irrelevant; MD5 checksums aren't intended to protect against that. If the attacker can manipulate the original file, he can usually simply alter it to become malicious itself.
The case that matters is producing a program with the same checksum as a given program, without the ability to manipulate the correct program beforehand. That's still hard.
Nevertheless, code signing mechanisms in general should probably be prepared for flaws in hash functions. It might be best always to use two hash functions and to have some strategy of migrating. That way, if one hash function gets compromised, there is still another one in place and can be used until the original one has been replaced.
My cell phone shipped with a QR barcode reader application. Some magazines and newspapers have started printing them. There is an open source community at http://semacode.org/
This stuff is already being used. For the time being, it's more of a novelty, though: typing in a phone number or URL is still faster and more reliable.
Slashdot Mirror
It makes no sense to spend more time agonizing over some potential policies of guys who will never be elected while ignoring the government and representatives currently making the decisions.
After you've elected your representatives, what they do is out of your hands; the only way you can change their behavior is to elect someone different next time. Therefore, agonizing over who to elect next time is, in fact, the only thing that makes sense if you live in a representative democracy. Worrying about day-to-day policies is pointless once you've made up your mind that you already don't like the current guys.
On another note, I am Canadian. To me, it does not make sense that an election should last 4 years and require the kind of funding only mega-corporations can provide.
If you're trying to imply that the Canadian political system is somehow immune to such excesses, you're wrong. The reason companies spend a boatload of money on US elections is because US elections matter a great deal to their bottom line; on the other hand, who governs Canada simply doesn't matter much to corporations or anybody outside Canada.
If OOXML doesn't become an ISO standard, why would ISO bother publishing errata for an ECMA standard?
MSOOXML should become a standard IFF it is freely implementable by third parties without paying copyright, trademark or patent fees.
While I personally prefer such standards, not all standards have that form. And, on balance, I prefer having ISO standardize bad, patent-encumbered formats to having such formats be entirely undocumented; sooner or later those patents expire, after all.
ISO's purpose is to make sure that technically, the standard is implementable by third parties (it doesn't need to be good technology, it merely needs to be well-specified technology). And it needs to make sure that the licensing issues are clear up-front; so, if OOXML is patent encumbered, then people need to know about it ahead of time. If Microsoft is planning on playing games with OOXML "standards compliance" like Sun has been trying to with the Java compatibility toolkits, that needs to be known ahead of time.
the evidence, viewed in the light most favorable to the party opposing the motion [i.e., SCO, in this situation], shows there are no genuine issues of material fact.
Yes, and the fact is that SCO couldn't produce a single shred of evidence that their copyright had been infringed. That's the part that matters, and it makes the question of who held the copyright immaterial.
eventually media purchases will be tied to a single device, using digital hardware IDs
Yeah, it's called iTunes and iPod.
With Windows Vista, I find myself frequently thinking: hmmm... this looks a little like a network configuration dialog box... no, wait... it's the network status box... no, actually it looks more like... etc.
While I think OOXML is a bad standard and we don't need it, that's not a good policy for a standards body. If Microsoft is willing to go through the process, OOXML should become an ISO standard, even though it sucks.
Yes, Kindle is evil, with its DRM, Amazon store tie-ins, and constant connection to Amazon.
But there are good e-book readers:
http://www.irextechnologies.com/products/iliad
http://www.bookeen.com/
They also support DRM'ed books, but they are very different devices: open, programmable, extensible, and they support open formats right on the device.
E-books have the potential of making books much more widely and cheaply accessible, if they don't get hijacked by companies like Amazon.
oh yes, i love to type URL's like http://mobile.slashdot.org/article.pl?sid=07/12/02/0644236 on my phone... :)
Actually, it would look like:
* go to shorturl.mobi via a bookmark
* type in 6-8 digits
The issue is not whether two secure hash functions are better than one, the issue is whether two different, possibly insecure hash functions are better than one. And they are, because the probability that two independent hash functions become compromised at the same time is much smaller than a single function getting compromised.
Let me explain.
If Apple loses, a company that has been litigious and threatening gets a taste of their own medicine.
If Apple wins, a patent troll has been beaten.
Either outcome seems pretty good to me.
OK so why is this good but the Microsoft format is bad?
Because this format is technically pretty good, while Microsoft's format is technically bad.
Fact is that some proprietary formats become defacto standards
Microsoft's format wasn't rejected because it was from Microsoft, it was rejected because it was bad and needed work. If (and only if) Microsoft is willing to put in the work and make changes to the format, then OOXML can become an ISO standard as well.
Given Apple's litigious history, it will be fun to see how this shakes out. Hand me the popcorn, please. No matter who loses, we all win.
Let me guess - you've never actually read his blog until today. Right?
No, I haven't. How is that relevant? His posting was factual and to the point; what's the problem with that?
I must've missed the memo that declared "evangelism" as the new corporate-sponsored FUD. But boy, it does feel wholesome.
Where in the article do you see "evangelism"? Weir is stating a bunch of relevant facts and providing a bunch of useful pointers. What is wrong with that?
allows a local government to seek the ID of this person, since seeking someone's ID is not prohibited, then it is reserved to the states (or in this case, a local government
That's incorrect. State legislatures have powers, but only subject to state constitutions. Local and state governments have powers, but only as given to them by state legislatures. The NJ state constitution parallels the US Constitution in enumerating specific powers for state government and leaving the rest to the people.
Also, note that the local government isn't trying to unmask the blogger; they realize they don't have that power. They're just on a legal fishing expedition as part of another lawsuit.
ou miss the point. that is happening is that the councilors he is attacking online want to sue him personally for lible
No, that is not what is happening. If that were the case, the councilors would file a lawsuit for libel and then subpoena the blogger as part of the libel suit.
What they are actually doing is trying to unmask the blogger as part of a malpractice lawsuit by the town against a lawyer; blogging or libel have no bearing on that.
Sure it is. It's listed right here:
Because some people wanted to make extra certain that some specific rights are explicitly enumerated. Other people were of the opinion that this wasn't necessary and would just muddy the waters (as it did with you). As a compromise, they added the Bill of Rights, but added these disclaimers at the end:
Clear enough?
It's not a "complete scan", it's testing for a large number of known variations.
:-)
Meaning? Meaning that this is not the last scan you'll ever do; you'll probably need to do this again in a few years when people will be testing for even more variations, or when you can simply get your complete sequence for $1000.
What's it good for? If they find a specific, serious genetic defect, it may help you medically, but if you had one of those, you'd probably already know about as an adult. Otherwise, it's medically not all that useful.
It probably is still a fun thing to do. It can tell you about your ancestry, and it may get you thinking about nature vs. nurture. Who knew that you had the super athlete gene, but wasted it sitting in front of a computer?
They might actually have a point.
They "might", but, in fact, they don't. If you compare the Windows international, X11 international, OLPC, and Lancor keyboards, you'll quickly discover that OLPC is a regular international keyboard like they have been in use for a couple of decades.
Look up my previous post with URLs.
USENET used to be similar to IRC, in that it was used for casual, short-lived conversations, with expiration times for articles ranging from days to a few weeks. Post-1977, those articles should be automatically copyrighted and companies should not have a right to repurpose them from their originally intended usage. Well, that didn't stop companies like DejaNews from putting everything up on-line and making it searchable. Now, this company is doing the same thing for IRC.
I'm actually all for the principle that if you put it on the web or in a chat or on the public airwaves, people should be able to copy it, archive it, and redistribute it. However, such a principle needs to be formulated and enforced uniformly; it simply isn't right for some groups to get away with ignoring copyright and others to get charged with copyright infringement.
Why would you need MD5 forgeries for that? A package maintainer can simply gain trust with a sequence of good binary releases and then, at some point, release a correctly signed bad binary corresponding to a small source code change.
The particular scenario they describe is irrelevant; MD5 checksums aren't intended to protect against that. If the attacker can manipulate the original file, he can usually simply alter it to become malicious itself.
The case that matters is producing a program with the same checksum as a given program, without the ability to manipulate the correct program beforehand. That's still hard.
Nevertheless, code signing mechanisms in general should probably be prepared for flaws in hash functions. It might be best always to use two hash functions and to have some strategy of migrating. That way, if one hash function gets compromised, there is still another one in place and can be used until the original one has been replaced.
My cell phone shipped with a QR barcode reader application. Some magazines and newspapers have started printing them. There is an open source community at http://semacode.org/
This stuff is already being used. For the time being, it's more of a novelty, though: typing in a phone number or URL is still faster and more reliable.