According to the update at CNet, Microsoft specifically stated that they are watching for Opera versions because they aren't fully compliant with XHTML 1.0, and want the user to use only compliant XHTML browsers to view MSN. (Microsoft's claims)
I'd assume that Moz and most of the other browsers black-listed are the same way.
Surprisingly, a lot of negative press
on
Windows XP Has Arrived
·
· Score: 4, Insightful
Sure, I'm going out tonight to buy XP, but only because my gaming machine is 98, and I'd like a bit more stability in it.
But I've been listening to reports and reading articles, and while the industry seems hyped up about it, most pundents (that are not typical MS fanboys) appear to be believe that for most businesses, already in the Win2000 migration, XP is not a good choice, and for those on home machines, you have to have some oomph in your box to be able to take advantage of it.
Most of these critics think that the stability is a great point, but other aspects, including look, integration of WMP and other programs, and the *amount* of blatent advertizing for MS on the default install is put-offs for them. They definitely feel that the engine behind XP is worthwhile being built on 2000, but they could do without all the glitz.
And many people expect very slow sales of XP. There's no lines-around-the-corner as with 95, but they do expect a modest amount of sales today. But they don't believe that XP is going to be a big economic burst into the market as Microsoft tried to make it out as; again, since most seats of the OS are sold to business, and most appear to be sticking to 2000 until necessary, there's going to be very few sales from that market.
The short story from what I've read: it's great that MS finally has a NT-based, stable OS for the home user, as it's been 5 years that it's been needed, but it appears to carry a lot of extra weight that is unnecessary and possible questionable in light of several legal cases.
No one is telling sites that might not be meeting 'high ethical standards' to go away, nor is the group pushing that filtering MUST be made available in the browser or that everyone had to install a filter.
Instead, they want a way to rate sites (as rated by the site owner, not a third party) such that those that would *LIKE* to install filters have a more informed choice as to what the filters will block, instead of relying on closed filter lists made up by another company. And as I have read it, there will be both exclusionary filters (don't visit sites that have certain ratings), as well as inclusionary filters (visit sites that ONLY have certain ratings), and that these filters can be piggy-backed onto each other to give those that would want to use filters a selection to choose from.
But since *you* don't feel like using filters, then you'll still be able to go to any site you want, and they will still be able to deliver the content they have to you.
So where is the censorship???
Will libraries (already very opposed to closed-list filters) accept this? Maybe; but certainly making sure that their cliental understand filters are not perfect and that because it is self-rated, some sites might slip through. But this will give libraries better options to have filtered computers in the kids section, and unfiltered ones for adults to use.
In addition, the ratings are more detailed that than of TV (which in turn are more detailed than that of movies). Is a reference on a page to sexual reproduction in the context of health, or in the context of erotica? That will be covered by the ratings, so that those pages that felt they were unfairly on filters blacklists before know that they can specify their content more exactly.
There is no censorship here. Given that nearly every part of this plan is volentary with no force of law behind it, I cannot see any connection.
Even if you are shopping, the results may certainly be.. um interesting.
A professor gave a talk last year regarding a new spectroscopic method using lasers; however, because of the interaction with the laser and the powdered sample, they wanted to design some method of shaking the powder on the sample tray as to keep 'fresh' sample under the laser at all times. Since they had to build this from scratch, he sent his grad students to the net to search for places that would sell this type of equipment.
Needless to say, the students had a, uh, rather interesting time searching the web for 'vibrator' vendors.
At least it seems to be apparent that, RAND or otherwise, these companies on the w3c board are coming forward and saying "Hey, we want to propose a standard spec XYZ, though we strongly believe that any implementation of it will be covered by our patent". In otherwords, these bodies don't appear to be submarining patents ala Rambus. They'd like to have RAND if they could, but in several cases, they appear to realize that a standard with their name on it is better publicity than a patent.
And as Bruce Perens has pointed out, HP (a major
patent holder for this particular spec) has already backed off on RAND, so it's not likely that this spec will be inaccessable due to patent licensing.
"Unfrozen caveman lawyer not used to this thing called 'playing hard to get'. Me used club on potential mate, but your strange laws of today don't allow that. Me tried it once and took me 2 years to clear name."
</joke>
That's why I said I'm considering it; I'm definitely not going to be camping outside Best Buy for a copy on the 25th, but I'll wait a few weeks for what the power users have to say. Given that XP is more 2000 than it is ME, I would expect that stability from 2000 that has been reported 'in the wild' (people on Usenet, here, grassroots websites) will carry over, and beta testers seem to suggest this, but I'm not holding my breath about it.
Renting whatever is always a lose-win situation for the customer and the renter, respectively, particularly in the long run (more than 3-5 years)
Apartment renting: Typically, if you frequently move large distances, renting is ok, but if you are fixed at a certain location in the country, you can usually get house payments + utilities + properties taxes well under the monthly rent for property in the same area. In addition, you lose the ability to play with equity on your home, which can be a valuable source of funding for emergancies
Car Leasing: Again, a loser for the rentee: while the monthly lease payments might be lower than for a new car, you have more liability for your car if it's in an accident, and typically more for insurance in some areas. And again, you lose the money that you can get from a reselling of the car in the future.
Software renting: Particularly in the case of Microsoft, you must continue to rent the software in order to continue being 'compatiable' with everyone else, so while the cost to rent software might be less than purchasing it on a 2-3 year time scale, you must consider the 5-10 year time scale for mission critical software in order to keep up.
The overall problem with renting software is that renting is just one step away from pay-per-play, which Microsoft has subtly indicated that they wouldn't mind that, and in the opposite direction of the principle of first sale. Just like we are discussing how slowly eroding civil librities is more likely to be accepted by citizens than a swift removal of them, removing the buyer's rights from software by going to seat-licenses, then renting, then pay-per-use will be more of an accepted transition if it is done slowly.
In addition, while I am a linux user, I want my games, and I want them at the same time as most of the rest of the world enjoys them as opposed to months later. While the catch-22 syndrome of linux games has been discussed before, I don't think that will be resolved until the linux desktop is more fully realized. Thus, until that happens, I will continue to have a Windows box to play games on as well as most of my web browsing with a non-MS browser. However, while for the immediate future, I expect Win98 to be sufficient, with all modern hardware and games continue to provide support for it, once MS decides that the latest version of DirectX will only run under XP or higher, I will need to consider upgrading (I'm considering it right now, given the know improvements in stability between XP and 98). I know XP will remain a single-cost purchase, but what happens when the next step comes along? I would suspect that most causal computer users are in the same boat as me in their feelings to software renting vs purchasing.
"This whole thing is driven by the fact that Microsoft has hundreds of millions of Windows users out there, but Microsoft doesn't have a direct monthly billing
relationship with those users," said Matt Rosoff, an analyst at Directions on Microsoft.
(My emphasis).
That word, right there, scares the bejeebies out of me.
I'm not a big MS supporter, but there are good points raised here. MS does not appear to want to stop the security community from releasing bugs and exploits, but only the fact that many of these include example code that can be used to take advantage of the exploit. Since most of the security experts tend to release the news of the exploit to vendors, security lists, and the general public at the same time, there's no control on this code.
For the closed-source world, I believe that it is better that if you discover an exploit, to send full details to the vendor ASAP, and to release a general statement of a potental vunerability in the software to the general public, but with just info for the end-user to determine severity and criticalness of the bug. If the vendor is unresponsive in releasing a bug fix, then in a few weeks or a month, then release full details such that others in the security community can possibly find a work around. Do note that MS is rather quick to issue patches to fix new security problems, so timeliness isn't an issue here. I don't think this is unreasonable, and still doesn't chill the ability of security professionals to assess software problems. And in addition, with not only the potental for cyber-terrorism to exist today, but with increasing numbers of script-kiddie-like people that simply want to create havoc, it's very important that closed-source software have some time to patch before full information is released.
Of course, with open-source software, most security bugs are found at the same time as a code audit, and thus the bug reports typically consist of full exploit information. But since most good admins on these types of systems are actively aware of security problems, they'll get the patches installed within days of the report, and any damage resulting from the exploit is quickly minimized. Mind you, not everyone that runs open-source software is a good sysadmin, and thus exploits will STILL be used, but this is much less of a problem with the open-source community as it is with closed-source software (such as how many boxens were continued to be infected by Code Red and NIMBA after the original patch was out several months prior).
Regardless, Microsoft still needs to remember that the security community is doing them a big favor by locating and isolating these problems. MS must have some QA and QC, but some of the more harmful exploits have been rather subtle problems (notable buffer overflows).
RIAA already claims that they have the right to hack your box if there is sufficient evidence (for them) that you are engaging in illegal distribution of their copyrighted material. Any 'incidental' damage to your computer outside of their copyrighted material was just side effects and not their fault, according to how their read the law.
The rub here is that in the recently passed USA bill, any act of hacking that incures more than $5k of damages could be concidered as a terrorist act, and thus, if RIAA were to accidently wipe your hard drive with their hacking attempts, that could be a terrorist act.
So RIAA was trying to get language added to the USA bill that would protect hacking done by copyright owners from being considered a terrorist threat, allowing them to continuing following the law as they believe they can already.
Apparently, if they've done this, no one has sued them, traced them, or otherwise indicated that their mp3's have suddenly disappeared. As it stands, I think it's a rather questionable application of the law and I wonder if further legal investigation of it should be done.
It's just that Ma-Bell is doing it's best impersonation of T1000 from Terminator 2 and recollecting the bits of itself before it regains it's monopoly on phone lines.
It's the fact that that last mile at all parts is *physically* controlled by some facet of the baby bells, none which are struggling in terms of cash flow, which is making DSL seem like a loser. Because they control both the physical access at the CO and at the user's home, every CLEC has to sit and wait for the ILEC to go out and do something; only recently have the ILECs (at least for Ameritech here in the midwest) have been hand-slapped for being 'intentionally' slow in responding to voice-line installs and problems for residental customers, but all that was was a hand-slap in terms of fines in the millions; DSL is hidden behind this issue. If the CLECs didn't have to deal with the ILEC in any way, I would fully expect most CLEC to be able to offer installes within 5 business days, as opposed to the 4-6 week standard now.
However, fortunately, we have Verizon and PacBell at the end of lawsuits from DSL ISPs for being intentally slow, as well as the FCC watching out for the decline of CLECs (the extention on Rhythms' shutdown, for example). However, I still believe that the ownership of the last mile , from CO to the network interface, should not be in the hands of anyone that is providing the service along those lines; either the phone company can sell it off to a different group (possibly owned by the city/town as with mayn other utility services), or it can split off from that. As long as both the ILECs, CLECs, and standard phone ccompanies have to play the same pricing game, there would be much more competition in the DSL market.
I doubt it will be dead, but it probably will end up as being two major CLECs (Covad and Worldcom) along with several ISPs that use ILECs for the last mile. The only probably now is that artificial bandwidth limits are coming into play particularly with those that use ADSL. Certainly speeds are much better than dialup, but given the projected rate of growth of multimedia on the web, more speed is going to be needed for the 'average Joe' and these artificial caps appear to be fixed at the current time.
Actually, in light of the slashdot article, I'd argue that in this particular case, they are listening to the majority of their constituents in that they (the people represented) want tougher measures as to prevent further terrorism acts in the future. Because we are a representative democracy, the majority should take precidence. Of course, we are talking about the here and now opinions; in five years if these powers are no longer needed to fight terrorism at the same scale and are instead used for non-terrorism-related domestic law enforcement, then the people may B&M that they don't want them.
A better argument would be the DMCA or SSSCA; a bill that really supports maybe on the order of 100's of "people" (given that corporations are considered 'persons' under the law) that would benefit compared to the thousands or millions of constituents that would recieve no benefit and most likely 'penalties' from higher costs, etc, when these bills may pass. At this point, I would question how representation is really supposed to work.
(And yes, I've tried submitting the passage story too, denied.)
All that's happened here is that the DoJ, in a brief to the court, stated that they believe there's no case, and that it should be dropped.
Until a judge says that, however, there is still a case. The judge may concern the DoJ's brief and drop the case, or may decide that there is very much merit to the 'bullying' that the case involves, and allows it to go forward.
IMO, a reasonable judge would see that there's enough questionable activities, either by DMCA or by RIAA, that allowing facts to be heard and arguements made would be more beneficial to defining the law better(*) than to allow it to go uncontested.
(*) 'defining the law' may be as to set a precident on when or where DMCA is applicable, or to possible call into question it's constitutionality. In other words, just because the judge takes the case does not necessarily mean a favorable outcome for the/.-mentality.
Actually, apart from lacking a length of time, this is a great answer. Nearly every form of entertainment that is put out today is a work-for-hire, in that the publisher (whether MPAA, RIAA, print, etc) pays the creator of the work a fee and royalities, but then maintains the copyright on the work and earns all other moneys from it beyond this. At this point, the copyright that the publisher is holding is at odds with the Founding Fathers' idea for copyright in that it grants a limited monopoly to encourage creators to create more; since the artist has already 'sold' the work out, he gains nothing more with the perpetual copyright and therefore has no encouragement, unless of course the publisher hires him again for more work.
If we cut down that copyright from 95 years for a corporately-owned copyright to, say, 20 years, it would have two effects; first, as pointed out, things would move MUCH faster into the public domain. But secondly, if a privately-owned copyright lasted significantly longer (say, 35 years, or life+10 years) than the corporately owned copyright, this might encourage more artists to use the indy system (which typically does not do works-for-hire) to publish their works in order to reap more benefit to themselves.
Of course, that's using PSI::ESP, so I may be reading too much into his response.
As a couple of comments below indicate, there might be some misconception on what I said. I do know there are several excellent 'Letters' journals (Tet Letters, Catalysis Letters, etc), so I definitely don't think that any 'Letters' journals are junk; however, I have seen a number of *isolated* examples in these fast-track journals of poor articles in the sense of science, presentation, or otherwise, that would have not been found in slow-track, 3-peer review journals on the high reputation end of the spectrum. And furthermore, it tends to be in the not-as-highly-reputated Letters journals that I'll find these, as opposed to something like Tet Letters. It's probably because in these higher reputed fast-track journals, there is still a short bit of peer review time to catch problematic articles before publication as to maintain their high standards.
Basically, fast-tracking does help speed up the process, but there still needs to be a minimal peer-review, even if it's just the journal/site/whatever editor commenting back to the authors as to avoid printing a poor article and hurting it's reputation.
Peer-review is very much necessary for research papers; there is a lot of 'junk' science that makes it way through the process and thus contributes little to the field at large (Any journal with 'Letters' in the title typically is little or no peer review since the articles there are for fast-track publication -- this is typically where you'll see junk).
I had an idea a few years ago, but no way to develop it further, was to create a large on-line research journal site with community moderation akin to Slashdot. That is, you would create your article (PDF format), post it to the site, and then allow anyone else to look at it. Others can then post commentary on it and given an overall rating to the article (However, these would not be anonymous; any comments you posted or rating given would be promenently displayed as to avoid abuse). In addition, there could be a time where you would post the article but only limited users of the site would be able to view or comment on it, thus leading to the initial peer-review of the article, allowing you to make changes and improvements in the paper based on these comments.
Obviously , there's a lot of mechanism details that would have been worked out, but I feel that a concerted effort to do this would improve the research in the academic community. Not only do you gain free distribution of the work to the mass public (or at least some minimal fee for running the site), the authors would retain their copyright on the article (as it is , most journal gain copyright for publishing it). Downside, of course, is a chicken-and-egg problem; you won't have promenent researchers using the resource until it had some reputation, and the resource wouldn't have reputation until promenent researchers would use it.
As you've got below, you can see this, but all of Salon's News and Politics coverages, as well as additional select articles, are only available as part of their pay membership. I read a while that they determined that despite all the ad-playing around that they did that they could yet turn a profit, and particularly in light of the Sept 11 events, they knew that people would be willing to pay for news and politics coverage at a time like this (since this is one of their specialities).
It's not like that news isn't covereage elsewhere, but many people (not myself, however) do value Salon's coverage over, say, CNN's.
Actually, while this solution is great for free software, it hurts the small-time shareware/small-business software company more in that they would still be hurt by large licensing fees. While I do believe free software is a good thing to have as an option, I also strongly believe that much of computing would not be where it is today thanks to shareware programmers.
A better solution would be that if RAND was to be used that the only licensing that can be done is a significantly small fraction ( < 1% ) of the total sales from the product, with maybe a maximum cap for things on the order of Photoshop. That is, for 0.5% 'licensing fee', your GPL software makes $0.00 profit, so that the licensing would be 0%. Your shareware author sells his program for $25 would pay $0.12 per copy, and your major web-publishing package at $200 would be $1/copy. Obviously, there's questions about resells (Redhat in the case of GPL/Linux programs, for example), but this solution is, IMO, still in the spirit of RAND without threatening the free and open nature of the web.
Please note: at this time, only one congressperson (Hollings) wants to pass SSSCA; it's yet to be even introduced into the committee, much less both houses of the floor.
Mind you, the bill IS worrisome, so if you haven't already contacted your reps about it, now's the time (and again if/when the bill does get introduced).
Also, too many people are not reading into the bill enough; there is a grandfather clause that does state that 'unsecure' hardware and software before the end 12month discussion period mandated by the proposed bill would be legal; sure, this kills the development of linux, so it's still scary, but preexisting linux boxes on the net could not be taken down by this.
As pointed out in this CNET article, while forcing the maximum secure version and forcing uses to install all patches is a good step in the right direction, the fact that IIS has been patched so many times implies that to really improve the security of it, it needs to be rewritten from scratch, particularly since it is a closed source application and thus does not have the same QA that open source software might have.
To get liquid H2 in the first place, you either need to lower the temperature to around 14K (-259 deg C) or up the pressure to 15-20 atmospheres. The latter is much easier to do; then for transport on the ground or the like, you can use a high-pressure refridgeration system to keep it liquid. However, when you put into storage particularly on a plane, you must keep it under high pressure to maintain the liquid form. This is how liquid N2 cylinders work; there's no contained-cooling system, just that they are typically near 10 to 20 atmospheres of pressure with a small amount of gaseous N2 in equilibrium with the liquid in the tank; the heat transfer through the tank from ambient conditions is still sufficient that you need to vent N2 at a small rate to prevent tank rupture.
So even if it is a liquid H2-powered plane, you still must consider the effects of high pressure.
The problem with hydrogen is not so much the flammability (though that is an issue for automotive fuel cells), but the pressurization of the gas in order to have enough to fuel flight.
In a topic a while back, the idea that if you took a compressed cylinder of H2 to a field, and shot at it with a bullet, it would be unlikely that you'd cause the cylinder to explode; however, because of the rate at which that gas will escape, the cylinder will suddenly have a huge amount of kinetic energy in a random direction. If you ever saw the crap flick 'Chain Reaction', at one point Keanu axes off the top of a cylinder, using the reverse force to push a multi-ton slab of concrete away from his escape route. While that does approximate real life, typically a damaged cylinder can break through brick walls and do tremendous amounts of physical damage before it's exhausted. And this is the stuff that's common in most academic settings.
Imagine the amount of H2 gas you'd need to power a 747 from NY to LA. Sure, you can compress it to maintain the same volume, but the higher the amount of compression, the thicker you'd need to make the fuel storage, which means more mass to fly, which means more fuel in order to accelerate that mass. If you go too thin, then a small amount of wear can lead to gas vent; I very much doubt that a pilot would be able to steer a plane effectively if it was venting a large amount of expanding gas.
Slashdot Mirror
I'd assume that Moz and most of the other browsers black-listed are the same way.
But I've been listening to reports and reading articles, and while the industry seems hyped up about it, most pundents (that are not typical MS fanboys) appear to be believe that for most businesses, already in the Win2000 migration, XP is not a good choice, and for those on home machines, you have to have some oomph in your box to be able to take advantage of it.
Most of these critics think that the stability is a great point, but other aspects, including look, integration of WMP and other programs, and the *amount* of blatent advertizing for MS on the default install is put-offs for them. They definitely feel that the engine behind XP is worthwhile being built on 2000, but they could do without all the glitz.
And many people expect very slow sales of XP. There's no lines-around-the-corner as with 95, but they do expect a modest amount of sales today. But they don't believe that XP is going to be a big economic burst into the market as Microsoft tried to make it out as; again, since most seats of the OS are sold to business, and most appear to be sticking to 2000 until necessary, there's going to be very few sales from that market.
The short story from what I've read: it's great that MS finally has a NT-based, stable OS for the home user, as it's been 5 years that it's been needed, but it appears to carry a lot of extra weight that is unnecessary and possible questionable in light of several legal cases.
No one is telling sites that might not be meeting 'high ethical standards' to go away, nor is the group pushing that filtering MUST be made available in the browser or that everyone had to install a filter.
Instead, they want a way to rate sites (as rated by the site owner, not a third party) such that those that would *LIKE* to install filters have a more informed choice as to what the filters will block, instead of relying on closed filter lists made up by another company. And as I have read it, there will be both exclusionary filters (don't visit sites that have certain ratings), as well as inclusionary filters (visit sites that ONLY have certain ratings), and that these filters can be piggy-backed onto each other to give those that would want to use filters a selection to choose from.
But since *you* don't feel like using filters, then you'll still be able to go to any site you want, and they will still be able to deliver the content they have to you.
So where is the censorship???
Will libraries (already very opposed to closed-list filters) accept this? Maybe; but certainly making sure that their cliental understand filters are not perfect and that because it is self-rated, some sites might slip through. But this will give libraries better options to have filtered computers in the kids section, and unfiltered ones for adults to use.
In addition, the ratings are more detailed that than of TV (which in turn are more detailed than that of movies). Is a reference on a page to sexual reproduction in the context of health, or in the context of erotica? That will be covered by the ratings, so that those pages that felt they were unfairly on filters blacklists before know that they can specify their content more exactly.
There is no censorship here. Given that nearly every part of this plan is volentary with no force of law behind it, I cannot see any connection.
A professor gave a talk last year regarding a new spectroscopic method using lasers; however, because of the interaction with the laser and the powdered sample, they wanted to design some method of shaking the powder on the sample tray as to keep 'fresh' sample under the laser at all times. Since they had to build this from scratch, he sent his grad students to the net to search for places that would sell this type of equipment.
Needless to say, the students had a, uh, rather interesting time searching the web for 'vibrator' vendors.
And as Bruce Perens has pointed out, HP (a major patent holder for this particular spec) has already backed off on RAND, so it's not likely that this spec will be inaccessable due to patent licensing.
</joke>
Any bets on when Apple will discontinue this project? :-)
That's why I said I'm considering it; I'm definitely not going to be camping outside Best Buy for a copy on the 25th, but I'll wait a few weeks for what the power users have to say. Given that XP is more 2000 than it is ME, I would expect that stability from 2000 that has been reported 'in the wild' (people on Usenet, here, grassroots websites) will carry over, and beta testers seem to suggest this, but I'm not holding my breath about it.
- Apartment renting: Typically, if you frequently move large distances, renting is ok, but if you are fixed at a certain location in the country, you can usually get house payments + utilities + properties taxes well under the monthly rent for property in the same area. In addition, you lose the ability to play with equity on your home, which can be a valuable source of funding for emergancies
- Car Leasing: Again, a loser for the rentee: while the monthly lease payments might be lower than for a new car, you have more liability for your car if it's in an accident, and typically more for insurance in some areas. And again, you lose the money that you can get from a reselling of the car in the future.
- Software renting: Particularly in the case of Microsoft, you must continue to rent the software in order to continue being 'compatiable' with everyone else, so while the cost to rent software might be less than purchasing it on a 2-3 year time scale, you must consider the 5-10 year time scale for mission critical software in order to keep up.
The overall problem with renting software is that renting is just one step away from pay-per-play, which Microsoft has subtly indicated that they wouldn't mind that, and in the opposite direction of the principle of first sale. Just like we are discussing how slowly eroding civil librities is more likely to be accepted by citizens than a swift removal of them, removing the buyer's rights from software by going to seat-licenses, then renting, then pay-per-use will be more of an accepted transition if it is done slowly.In addition, while I am a linux user, I want my games, and I want them at the same time as most of the rest of the world enjoys them as opposed to months later. While the catch-22 syndrome of linux games has been discussed before, I don't think that will be resolved until the linux desktop is more fully realized. Thus, until that happens, I will continue to have a Windows box to play games on as well as most of my web browsing with a non-MS browser. However, while for the immediate future, I expect Win98 to be sufficient, with all modern hardware and games continue to provide support for it, once MS decides that the latest version of DirectX will only run under XP or higher, I will need to consider upgrading (I'm considering it right now, given the know improvements in stability between XP and 98). I know XP will remain a single-cost purchase, but what happens when the next step comes along? I would suspect that most causal computer users are in the same boat as me in their feelings to software renting vs purchasing.
That word, right there, scares the bejeebies out of me.
For the closed-source world, I believe that it is better that if you discover an exploit, to send full details to the vendor ASAP, and to release a general statement of a potental vunerability in the software to the general public, but with just info for the end-user to determine severity and criticalness of the bug. If the vendor is unresponsive in releasing a bug fix, then in a few weeks or a month, then release full details such that others in the security community can possibly find a work around. Do note that MS is rather quick to issue patches to fix new security problems, so timeliness isn't an issue here. I don't think this is unreasonable, and still doesn't chill the ability of security professionals to assess software problems. And in addition, with not only the potental for cyber-terrorism to exist today, but with increasing numbers of script-kiddie-like people that simply want to create havoc, it's very important that closed-source software have some time to patch before full information is released.
Of course, with open-source software, most security bugs are found at the same time as a code audit, and thus the bug reports typically consist of full exploit information. But since most good admins on these types of systems are actively aware of security problems, they'll get the patches installed within days of the report, and any damage resulting from the exploit is quickly minimized. Mind you, not everyone that runs open-source software is a good sysadmin, and thus exploits will STILL be used, but this is much less of a problem with the open-source community as it is with closed-source software (such as how many boxens were continued to be infected by Code Red and NIMBA after the original patch was out several months prior).
Regardless, Microsoft still needs to remember that the security community is doing them a big favor by locating and isolating these problems. MS must have some QA and QC, but some of the more harmful exploits have been rather subtle problems (notable buffer overflows).
RIAA already claims that they have the right to hack your box if there is sufficient evidence (for them) that you are engaging in illegal distribution of their copyrighted material. Any 'incidental' damage to your computer outside of their copyrighted material was just side effects and not their fault, according to how their read the law.
The rub here is that in the recently passed USA bill, any act of hacking that incures more than $5k of damages could be concidered as a terrorist act, and thus, if RIAA were to accidently wipe your hard drive with their hacking attempts, that could be a terrorist act.
So RIAA was trying to get language added to the USA bill that would protect hacking done by copyright owners from being considered a terrorist threat, allowing them to continuing following the law as they believe they can already.
Apparently, if they've done this, no one has sued them, traced them, or otherwise indicated that their mp3's have suddenly disappeared. As it stands, I think it's a rather questionable application of the law and I wonder if further legal investigation of it should be done.
It's the fact that that last mile at all parts is *physically* controlled by some facet of the baby bells, none which are struggling in terms of cash flow, which is making DSL seem like a loser. Because they control both the physical access at the CO and at the user's home, every CLEC has to sit and wait for the ILEC to go out and do something; only recently have the ILECs (at least for Ameritech here in the midwest) have been hand-slapped for being 'intentionally' slow in responding to voice-line installs and problems for residental customers, but all that was was a hand-slap in terms of fines in the millions; DSL is hidden behind this issue. If the CLECs didn't have to deal with the ILEC in any way, I would fully expect most CLEC to be able to offer installes within 5 business days, as opposed to the 4-6 week standard now.
However, fortunately, we have Verizon and PacBell at the end of lawsuits from DSL ISPs for being intentally slow, as well as the FCC watching out for the decline of CLECs (the extention on Rhythms' shutdown, for example). However, I still believe that the ownership of the last mile , from CO to the network interface, should not be in the hands of anyone that is providing the service along those lines; either the phone company can sell it off to a different group (possibly owned by the city/town as with mayn other utility services), or it can split off from that. As long as both the ILECs, CLECs, and standard phone ccompanies have to play the same pricing game, there would be much more competition in the DSL market.
I doubt it will be dead, but it probably will end up as being two major CLECs (Covad and Worldcom) along with several ISPs that use ILECs for the last mile. The only probably now is that artificial bandwidth limits are coming into play particularly with those that use ADSL. Certainly speeds are much better than dialup, but given the projected rate of growth of multimedia on the web, more speed is going to be needed for the 'average Joe' and these artificial caps appear to be fixed at the current time.
A better argument would be the DMCA or SSSCA; a bill that really supports maybe on the order of 100's of "people" (given that corporations are considered 'persons' under the law) that would benefit compared to the thousands or millions of constituents that would recieve no benefit and most likely 'penalties' from higher costs, etc, when these bills may pass. At this point, I would question how representation is really supposed to work.
(And yes, I've tried submitting the passage story too, denied.)
Until a judge says that, however, there is still a case. The judge may concern the DoJ's brief and drop the case, or may decide that there is very much merit to the 'bullying' that the case involves, and allows it to go forward.
IMO, a reasonable judge would see that there's enough questionable activities, either by DMCA or by RIAA, that allowing facts to be heard and arguements made would be more beneficial to defining the law better(*) than to allow it to go uncontested.
(*) 'defining the law' may be as to set a precident on when or where DMCA is applicable, or to possible call into question it's constitutionality. In other words, just because the judge takes the case does not necessarily mean a favorable outcome for the /.-mentality.
Or is that a DMCA violation? :-)
If we cut down that copyright from 95 years for a corporately-owned copyright to, say, 20 years, it would have two effects; first, as pointed out, things would move MUCH faster into the public domain. But secondly, if a privately-owned copyright lasted significantly longer (say, 35 years, or life+10 years) than the corporately owned copyright, this might encourage more artists to use the indy system (which typically does not do works-for-hire) to publish their works in order to reap more benefit to themselves.
Of course, that's using PSI::ESP, so I may be reading too much into his response.
Basically, fast-tracking does help speed up the process, but there still needs to be a minimal peer-review, even if it's just the journal/site/whatever editor commenting back to the authors as to avoid printing a poor article and hurting it's reputation.
I had an idea a few years ago, but no way to develop it further, was to create a large on-line research journal site with community moderation akin to Slashdot. That is, you would create your article (PDF format), post it to the site, and then allow anyone else to look at it. Others can then post commentary on it and given an overall rating to the article (However, these would not be anonymous; any comments you posted or rating given would be promenently displayed as to avoid abuse). In addition, there could be a time where you would post the article but only limited users of the site would be able to view or comment on it, thus leading to the initial peer-review of the article, allowing you to make changes and improvements in the paper based on these comments.
Obviously , there's a lot of mechanism details that would have been worked out, but I feel that a concerted effort to do this would improve the research in the academic community. Not only do you gain free distribution of the work to the mass public (or at least some minimal fee for running the site), the authors would retain their copyright on the article (as it is , most journal gain copyright for publishing it). Downside, of course, is a chicken-and-egg problem; you won't have promenent researchers using the resource until it had some reputation, and the resource wouldn't have reputation until promenent researchers would use it.
It's not like that news isn't covereage elsewhere, but many people (not myself, however) do value Salon's coverage over, say, CNN's.
A better solution would be that if RAND was to be used that the only licensing that can be done is a significantly small fraction ( < 1% ) of the total sales from the product, with maybe a maximum cap for things on the order of Photoshop. That is, for 0.5% 'licensing fee', your GPL software makes $0.00 profit, so that the licensing would be 0%. Your shareware author sells his program for $25 would pay $0.12 per copy, and your major web-publishing package at $200 would be $1/copy. Obviously, there's questions about resells (Redhat in the case of GPL/Linux programs, for example), but this solution is, IMO, still in the spirit of RAND without threatening the free and open nature of the web.
Also, too many people are not reading into the bill enough; there is a grandfather clause that does state that 'unsecure' hardware and software before the end 12month discussion period mandated by the proposed bill would be legal; sure, this kills the development of linux, so it's still scary, but preexisting linux boxes on the net could not be taken down by this.
As pointed out in this CNET article, while forcing the maximum secure version and forcing uses to install all patches is a good step in the right direction, the fact that IIS has been patched so many times implies that to really improve the security of it, it needs to be rewritten from scratch, particularly since it is a closed source application and thus does not have the same QA that open source software might have.
So even if it is a liquid H2-powered plane, you still must consider the effects of high pressure.
In a topic a while back, the idea that if you took a compressed cylinder of H2 to a field, and shot at it with a bullet, it would be unlikely that you'd cause the cylinder to explode; however, because of the rate at which that gas will escape, the cylinder will suddenly have a huge amount of kinetic energy in a random direction. If you ever saw the crap flick 'Chain Reaction', at one point Keanu axes off the top of a cylinder, using the reverse force to push a multi-ton slab of concrete away from his escape route. While that does approximate real life, typically a damaged cylinder can break through brick walls and do tremendous amounts of physical damage before it's exhausted. And this is the stuff that's common in most academic settings.
Imagine the amount of H2 gas you'd need to power a 747 from NY to LA. Sure, you can compress it to maintain the same volume, but the higher the amount of compression, the thicker you'd need to make the fuel storage, which means more mass to fly, which means more fuel in order to accelerate that mass. If you go too thin, then a small amount of wear can lead to gas vent; I very much doubt that a pilot would be able to steer a plane effectively if it was venting a large amount of expanding gas.