The people who invested their money in GM did so because they thought GM would give them the best return on that money, not to give $1B in charity to workers who are not needed.
The only way you can afford to do what you are suggesting (long term) is to have an unregulated monopoly, so you can get your customers to pay for your inefficiency and still make a good enough profit for your investors. For instance, IBM did not lay off a single employee for the first 80 years of its existence, through good times and bad. However, once they lost their monopoly prices plummeted, profit went with it, and investors fled in droves. When they had to do their first layoff it was extremely painful not just for the company and employees involved, but for whole towns and all of the people and businesses in them. While it certainly sucks for the employees involved in a layoff in a company making profit, it is far better overall to not carry inefficiencies to the point where you are forced to deal with them.
The same thing happened with steel companies. The unions were successful in making the operation very inefficient, to the benefit of the unions. No layoffs, strict work rules, ridiculous vacation plans (really paid furloughs), etc. Worked great for a while, led to the death of the companies long term.
It is pointless to just look at those decades. Between the Great Depression and WWII, there were 15 years where nobody bought anything. By the end of WWII there was a huge pent-up demand for things. Add in all of the people now wanting to start a family, and you have even more demand for housing, cars, furnishings, clothing, appliances, etc. Now add in the fact that people were coming back from the war with money, and people were willing to give cheap credit, and you have a huge manufacturing boom.
However, a lot of the seeds of a future downturn were sowed during that time. For instance, steelworkers, angry that their wages were frozen by the government during WWII, even though the company made a ton of money, staged a lengthy strike to force the companies to give them their due. While in the short term they were successful, in the long term they failed miserably. The long strike forced customers of the steel companies to get steel from elsewhere (like Asia), and they found that while the quality was not very good, it was incredibly cheap. As time went on, the price of steel manufactured in the US kept going up (due to the contracts that ended the strike), and the Asians got better at making steel. As a result, all of the customers switched to Asian steel, and the US steel companies either ceased to exist altogether, or are only a small fraction of what they used to be.
Lastly, things like environmental laws (which did not exist until the 1970s) have a huge impact. In the US, when an electronics manufacturer pollutes the groundwater, they are made to clean it up, and a huge cost. No so everywhere else in the world.
You would only think that if you don't understand the real, stated purpose of Trusted Computing. Namely, that others trust that you are running unmodified software (think streaming providers). To enable Trusted Computing you need remote attestation. As the name implies, remote attestation happens remotely, not under your control, so can't be hacked around. Remote attestation involves a bunch of encryption (and TPM), so chances of just dummying that up is pretty slim. The remote attestation is what is stating that your software, from firmware on up, is trusted. Leave an untrusted hole in there (like an untrusted boot loader), and the attestation fails.
As to malware: First, there is nothing that says that UEFI can't detect that the bootloader signer has changed, and put up a screen saying 'Last time you booted, you booted 'Windows 8, signed by Microsoft. Now you are booting 'Linux', signed by GPLHost-Thomas - do you want to do that?' Even absent that, malware writers would have to be able to patch a whole bunch of stuff, undetected, before the malware could be effective.
If you hack up your own system to run untrusted, well then the remote attestation fails and you gain pretty much nothing anyway.
You don't have to make up fanciful theories as to the purpose of Secure Boot. The purpose of Secure Boot is to enable Trusted Computing, which doesn't work without Secure Boot. The stated purpose of Trusted Computing is to allow others to trust your software stack. So for instance, the operator of a streaming service can check if you have modified your software to allow copying to disk, and refuse to stream to you if so.
So why is Microsoft pushing for this? So they can go to content providers and say 'use remote attestation, and you can safely serve stuff to people'. All of the Windows tablets, and some portion of Windows desktops are automatically supported, and the rest can be easily enabled. Of course, any platforms which don't have Trusted Computing are locked out from those services, but such is life. Then they can run an ad campaign saying 'with a Windows tablet, you can stream all of the latest movies and songs - can't do that with platform x'.
Preventing loading of an alternate OS doesn't really benefit them much. Providing a reason for people to buy their OS does.
Eh, no. All the $90 will buy you is a key that says 'Microsoft says this code was signed by GPLHost-Thomas'. The fact that Microsoft says the key is valid means that the boot can proceed, but absolutely nothing beyond UEFI, from the boot loader through the kernel, drivers, apps, and on to remote attestation has to trust GPLHost-Thomas at all.
I don't think malware protection is the main driver of trusted computing. The main driver is allowing others to trust you. For instance, before a site streams a movie to you it can request that your PC attest that it is running a trusted software stack, to ensure that you have not modified the system to enable you to capture the stream on disk. Or before you are allowed access to a sensitive database at your work they can insure that your access is only by approved software.
In order for that goal to be met, there must be remote attestation as to the state of your software. If there is any break in the chain, from boot to application, the remote attestation will fail. That is what secure boot gets you.
You have to remember that there are two types of 'trust' involved here. The first part is the user trusting that his machine has not been compromised. The second part is that others trust that the users machine has not been compromised.
The whole thing is a chain of trusts. Any element of that chain can check to see if the chain is unbroken. So yes, you can patch the kernel to remove the 'who loaded me' check, and if you have trusted a boot loader that doesn't verify the kernel before loading it the kernel will load and run. However, the kernel will also attempt to verify things it loads (drivers, apps, etc). And those things can check to see that the chain before them is unbroken. So now you not only have to patch the kernel to remove the 'who loaded me' check, you also have to patch everything else that contains the check. You also have to patch the signature verifications that are done before the kernel loads something else.
If you have installed a (signed) boot loader that does not verify signature of the kernel, you are open to some malware being installed. That is of your own doing.
The second thing that the chain provides is remote attestation that your software is unmodified. Since that is done remotely, you can't just patch it out. So, by using a bootloader that doesn't verify the kernel you can defeat your protection against malware, but doing so does not mean that remote things can be tricked into thinking your software stack is unmodified.
And the incentive for anybody to do that is what, exactly? If Microsoft, Red Hat and SuSE sign their stuff, the vast majority of corporate desktops are covered. If Microsoft, Fedora, and Ubuntu sign their stuff, the vast majority of consumers are covered. All without the users having to do anything. The hardware manufacturers don't have to do anything special either, except maybe install a few keys. You are asking the hardware manufacturers to design and implement a standard just to make things easy for a tiny, tiny set of their customers. Ain't gonna happen.
Nobody said you can't sign with your own keys. However, doing so (and updating UEFI to accept your keys) is not trivial, and is something the vast majority of the users are not going to want to do. If you are trying to convince people to use your distribution (ie Ubuntu) it is up to you to make it easy, whether that means paying Verisign to sign your stuff or convincing hardware manufacturers to load your key for you.
So what do you propose as an alternative - make the manufacturers ship in non-secure mode, and require the vast majority of users who want to run in secure mode to go through the hassle of enabling it?
No. As soon as Windows kernel comes up it uses the TPM to determine who loaded it. If the answer is not someone Microsoft trusts (ie, UEFI), the system is running in 'unsecure' mode.
This is bullshit. Who are these 'rent seekers' who have only one copyrighted work? Well, let's see, who is always accused of copyright abuse. Disney - yep, haven't produced a damn thing since Steam Boat Willie. RIAA - stopped recording new songs in the 1940s. MPAA - stopped making new movies in the 1930s.
Now, there very well may be some people who create something and live off it for the rest of their lives without creating another thing. So what? If someone creates something so wonderful/critical/popular that it still generates income 50 years later why shouldn't they benefit from that? What if that work was the only idea they had? Shortening copyright sure isn't going to make them come up with another idea. What if they didn't really enjoy the process of creating that work, or found it too demanding to do so - how is a shorter copyright going to help that? Do you think that somehow people who create things are incapable of ever doing anything else, so by limiting copyright you will somehow force them to create more? Furthermore, what if they created that work that everyone just has to have solely for the purpose of living off it for the rest of their life? Would the world be better off not having that work at all?
Lastly, they did not stop anyone from writing a similar game. There are loads of games 'similar' to Tetris (PopIt, etc). Of course, those games actually required some innovation, so as to not be direct copies of Tetris. They stopped someone from making the SAME game. The clone game is not innovative in the least, and contributes absolutely nothing to society.
Why not look at things that actually have happened? Let's say you go to an ATM, put in your card and PIN, and ask for $50. Instead of 5 $10 bills coming out, 5 $20 bills come out, but your receipt says only $50 was withdrawn. Do you consider that the machine or the person that filled it has 'authorized' you to have an extra $50? If so, you are very wrong. In fact, if you do not return the extra $50, you can be charged with theft.
You seem to have a very poor understanding of what authorization means. A machine (webserver) can not grant you authorization. A mistake can not grant you authorization. An incompetent sys admin can not grant you authorization. All of them can provide a means for access, none of them can provide authorization.
Who cares how long it takes to write the code? That is a completely meaningless metric. 'The code' is not what is in question here, 'the game' is. So, answer the proper question 'can you create a new, original game that millions of people around the world will want to play'. If you say 'yes', why haven't you done it?
The real question is not 'could you write such a game after seeing someone play it', but 'could you write such a game having never seen it or had it described to you'. Answering 'yes' to the second question shows creativity, something worthy of protection. Answering 'yes' to only to first question shows some trivial programming skills and no creativity, and is worthy of nothing.
Bullshit. The original (and current) intentions of copyright law is to spur innovation by giving people control of their inventions for a period of time. The creators of Tetris did their part - they made the game. Now it is our turn to honor our part of the deal. What you are suggesting is nothing less than welshing on the deal.
The idea that once the game is 'old' it is no longer an innovation is just stupid.
If these bozos would come up with their own, original ideas they would have exactly the same protection as the creators of Tetris. In fact, there are many variations of the basic game that are in fact innovations and not infringements, so apparently the 'original intentions' still work.
Wrong. Copyright's intention is to SPUR innovation. It does that by telling people 'if you invent something, it is yours. We will prevent others from doing the same thing for a period of time'. Yes, you could of course retroactively cancel the copyrights, but then you lose the whole thing that copyrights are supposed to provide.
You can keep repeating that "authorizations are programmed" nonsense, but it doesn't make it true. The "programmed" authorizations should be a reflection of the actual authorization, but they are not in fact the actual authorization. If you know, or should know, that you are not supposed to be in a certain place it does not matter that there is nothing physically stopping you from being there. And if you are trying to extort money from someone by disclosing what you have found on their own website it is a pretty damn good indication that you know you are not authorized to have that information.
Completely false. The web server is merely a technical system that may attempt to verify authorization. Neither the web server nor the people who configured it can 'grant' you authorization. Authorization comes from the owner of the website, and incorrectly configuring a web server does not count as authorization.
Except that most of those are not remakes, they are new scripts using existing characters. As far as these works are concerned, about the only thing protected by copyright that they have re-used are the titles and names of the characters.
It is really funny that you included Snow White as an example of things still under copyright meaning nothing new has to be created. The Snow White you are referring to is NOT a Disney movie (it is Universal). It does NOT use any elements of the still-under-copyright Disney Snow White, but instead uses the original not protected Snow White.
You are assuming that site A and site B are equivalent in every way except for the ability to download videos. In other words, if both sites allowed/disallowed downloads you would decide which to use by flipping a coin. Exactly what site is this other than YouTube?
Even if such an alternate site existed, it must get revenue from somewhere, it costs a whole lot of money to run YouTube. So where is this alternate site getting revenue? If it charges users, then it is no longer equivalent to YouTube. If it is selling ads, it would maybe run in 'download allowed' mode long enough to grab all of YouTube's customers, then once the competition is out of the way it can also switch to the 'no downloads' mode.
What is with all these people that have so completely swallowed the Google Koolaid? Google, just like the 'Big Media morons', is a business, existing to make a profit. The way they make a profit is by selling ads. People downloading content off their site means they are visiting their site less often, which means lower ad revenue. Google may not give a crap if you (or they) impact the revenue of content producers, but they sure as hell care if you impact their revenue. You can expect Google to fight just as hard against impacts to their revenue as the 'Big Media morons' fight for theirs.
Slashdot Mirror
The people who invested their money in GM did so because they thought GM would give them the best return on that money, not to give $1B in charity to workers who are not needed.
The only way you can afford to do what you are suggesting (long term) is to have an unregulated monopoly, so you can get your customers to pay for your inefficiency and still make a good enough profit for your investors. For instance, IBM did not lay off a single employee for the first 80 years of its existence, through good times and bad. However, once they lost their monopoly prices plummeted, profit went with it, and investors fled in droves. When they had to do their first layoff it was extremely painful not just for the company and employees involved, but for whole towns and all of the people and businesses in them. While it certainly sucks for the employees involved in a layoff in a company making profit, it is far better overall to not carry inefficiencies to the point where you are forced to deal with them.
The same thing happened with steel companies. The unions were successful in making the operation very inefficient, to the benefit of the unions. No layoffs, strict work rules, ridiculous vacation plans (really paid furloughs), etc. Worked great for a while, led to the death of the companies long term.
It is pointless to just look at those decades. Between the Great Depression and WWII, there were 15 years where nobody bought anything. By the end of WWII there was a huge pent-up demand for things. Add in all of the people now wanting to start a family, and you have even more demand for housing, cars, furnishings, clothing, appliances, etc. Now add in the fact that people were coming back from the war with money, and people were willing to give cheap credit, and you have a huge manufacturing boom.
However, a lot of the seeds of a future downturn were sowed during that time. For instance, steelworkers, angry that their wages were frozen by the government during WWII, even though the company made a ton of money, staged a lengthy strike to force the companies to give them their due. While in the short term they were successful, in the long term they failed miserably. The long strike forced customers of the steel companies to get steel from elsewhere (like Asia), and they found that while the quality was not very good, it was incredibly cheap. As time went on, the price of steel manufactured in the US kept going up (due to the contracts that ended the strike), and the Asians got better at making steel. As a result, all of the customers switched to Asian steel, and the US steel companies either ceased to exist altogether, or are only a small fraction of what they used to be.
Lastly, things like environmental laws (which did not exist until the 1970s) have a huge impact. In the US, when an electronics manufacturer pollutes the groundwater, they are made to clean it up, and a huge cost. No so everywhere else in the world.
You would only think that if you don't understand the real, stated purpose of Trusted Computing. Namely, that others trust that you are running unmodified software (think streaming providers). To enable Trusted Computing you need remote attestation. As the name implies, remote attestation happens remotely, not under your control, so can't be hacked around. Remote attestation involves a bunch of encryption (and TPM), so chances of just dummying that up is pretty slim. The remote attestation is what is stating that your software, from firmware on up, is trusted. Leave an untrusted hole in there (like an untrusted boot loader), and the attestation fails.
As to malware: First, there is nothing that says that UEFI can't detect that the bootloader signer has changed, and put up a screen saying 'Last time you booted, you booted 'Windows 8, signed by Microsoft. Now you are booting 'Linux', signed by GPLHost-Thomas - do you want to do that?' Even absent that, malware writers would have to be able to patch a whole bunch of stuff, undetected, before the malware could be effective.
If you hack up your own system to run untrusted, well then the remote attestation fails and you gain pretty much nothing anyway.
You don't have to make up fanciful theories as to the purpose of Secure Boot. The purpose of Secure Boot is to enable Trusted Computing, which doesn't work without Secure Boot. The stated purpose of Trusted Computing is to allow others to trust your software stack. So for instance, the operator of a streaming service can check if you have modified your software to allow copying to disk, and refuse to stream to you if so.
So why is Microsoft pushing for this? So they can go to content providers and say 'use remote attestation, and you can safely serve stuff to people'. All of the Windows tablets, and some portion of Windows desktops are automatically supported, and the rest can be easily enabled. Of course, any platforms which don't have Trusted Computing are locked out from those services, but such is life. Then they can run an ad campaign saying 'with a Windows tablet, you can stream all of the latest movies and songs - can't do that with platform x'.
Preventing loading of an alternate OS doesn't really benefit them much. Providing a reason for people to buy their OS does.
Eh, no. All the $90 will buy you is a key that says 'Microsoft says this code was signed by GPLHost-Thomas'. The fact that Microsoft says the key is valid means that the boot can proceed, but absolutely nothing beyond UEFI, from the boot loader through the kernel, drivers, apps, and on to remote attestation has to trust GPLHost-Thomas at all.
I don't think malware protection is the main driver of trusted computing. The main driver is allowing others to trust you. For instance, before a site streams a movie to you it can request that your PC attest that it is running a trusted software stack, to ensure that you have not modified the system to enable you to capture the stream on disk. Or before you are allowed access to a sensitive database at your work they can insure that your access is only by approved software.
In order for that goal to be met, there must be remote attestation as to the state of your software. If there is any break in the chain, from boot to application, the remote attestation will fail. That is what secure boot gets you.
You have to remember that there are two types of 'trust' involved here. The first part is the user trusting that his machine has not been compromised. The second part is that others trust that the users machine has not been compromised.
The whole thing is a chain of trusts. Any element of that chain can check to see if the chain is unbroken. So yes, you can patch the kernel to remove the 'who loaded me' check, and if you have trusted a boot loader that doesn't verify the kernel before loading it the kernel will load and run. However, the kernel will also attempt to verify things it loads (drivers, apps, etc). And those things can check to see that the chain before them is unbroken. So now you not only have to patch the kernel to remove the 'who loaded me' check, you also have to patch everything else that contains the check. You also have to patch the signature verifications that are done before the kernel loads something else.
If you have installed a (signed) boot loader that does not verify signature of the kernel, you are open to some malware being installed. That is of your own doing.
The second thing that the chain provides is remote attestation that your software is unmodified. Since that is done remotely, you can't just patch it out. So, by using a bootloader that doesn't verify the kernel you can defeat your protection against malware, but doing so does not mean that remote things can be tricked into thinking your software stack is unmodified.
And the incentive for anybody to do that is what, exactly? If Microsoft, Red Hat and SuSE sign their stuff, the vast majority of corporate desktops are covered. If Microsoft, Fedora, and Ubuntu sign their stuff, the vast majority of consumers are covered. All without the users having to do anything. The hardware manufacturers don't have to do anything special either, except maybe install a few keys. You are asking the hardware manufacturers to design and implement a standard just to make things easy for a tiny, tiny set of their customers. Ain't gonna happen.
Nobody said you can't sign with your own keys. However, doing so (and updating UEFI to accept your keys) is not trivial, and is something the vast majority of the users are not going to want to do. If you are trying to convince people to use your distribution (ie Ubuntu) it is up to you to make it easy, whether that means paying Verisign to sign your stuff or convincing hardware manufacturers to load your key for you.
So what do you propose as an alternative - make the manufacturers ship in non-secure mode, and require the vast majority of users who want to run in secure mode to go through the hassle of enabling it?
No. As soon as Windows kernel comes up it uses the TPM to determine who loaded it. If the answer is not someone Microsoft trusts (ie, UEFI), the system is running in 'unsecure' mode.
You know who builds subs for the Navy? Electric Boat.
That 'prnewswire' link someone posted is just a press release, and is not the article referenced in the summary.
This is bullshit. Who are these 'rent seekers' who have only one copyrighted work? Well, let's see, who is always accused of copyright abuse. Disney - yep, haven't produced a damn thing since Steam Boat Willie. RIAA - stopped recording new songs in the 1940s. MPAA - stopped making new movies in the 1930s.
Now, there very well may be some people who create something and live off it for the rest of their lives without creating another thing. So what? If someone creates something so wonderful/critical/popular that it still generates income 50 years later why shouldn't they benefit from that? What if that work was the only idea they had? Shortening copyright sure isn't going to make them come up with another idea. What if they didn't really enjoy the process of creating that work, or found it too demanding to do so - how is a shorter copyright going to help that? Do you think that somehow people who create things are incapable of ever doing anything else, so by limiting copyright you will somehow force them to create more? Furthermore, what if they created that work that everyone just has to have solely for the purpose of living off it for the rest of their life? Would the world be better off not having that work at all?
Lastly, they did not stop anyone from writing a similar game. There are loads of games 'similar' to Tetris (PopIt, etc). Of course, those games actually required some innovation, so as to not be direct copies of Tetris. They stopped someone from making the SAME game. The clone game is not innovative in the least, and contributes absolutely nothing to society.
Why not look at things that actually have happened? Let's say you go to an ATM, put in your card and PIN, and ask for $50. Instead of 5 $10 bills coming out, 5 $20 bills come out, but your receipt says only $50 was withdrawn. Do you consider that the machine or the person that filled it has 'authorized' you to have an extra $50? If so, you are very wrong. In fact, if you do not return the extra $50, you can be charged with theft.
You seem to have a very poor understanding of what authorization means. A machine (webserver) can not grant you authorization. A mistake can not grant you authorization. An incompetent sys admin can not grant you authorization. All of them can provide a means for access, none of them can provide authorization.
Who cares how long it takes to write the code? That is a completely meaningless metric. 'The code' is not what is in question here, 'the game' is. So, answer the proper question 'can you create a new, original game that millions of people around the world will want to play'. If you say 'yes', why haven't you done it?
The real question is not 'could you write such a game after seeing someone play it', but 'could you write such a game having never seen it or had it described to you'. Answering 'yes' to the second question shows creativity, something worthy of protection. Answering 'yes' to only to first question shows some trivial programming skills and no creativity, and is worthy of nothing.
Bullshit. The original (and current) intentions of copyright law is to spur innovation by giving people control of their inventions for a period of time. The creators of Tetris did their part - they made the game. Now it is our turn to honor our part of the deal. What you are suggesting is nothing less than welshing on the deal.
The idea that once the game is 'old' it is no longer an innovation is just stupid.
If these bozos would come up with their own, original ideas they would have exactly the same protection as the creators of Tetris. In fact, there are many variations of the basic game that are in fact innovations and not infringements, so apparently the 'original intentions' still work.
Wrong. Copyright's intention is to SPUR innovation. It does that by telling people 'if you invent something, it is yours. We will prevent others from doing the same thing for a period of time'. Yes, you could of course retroactively cancel the copyrights, but then you lose the whole thing that copyrights are supposed to provide.
You can keep repeating that "authorizations are programmed" nonsense, but it doesn't make it true. The "programmed" authorizations should be a reflection of the actual authorization, but they are not in fact the actual authorization. If you know, or should know, that you are not supposed to be in a certain place it does not matter that there is nothing physically stopping you from being there. And if you are trying to extort money from someone by disclosing what you have found on their own website it is a pretty damn good indication that you know you are not authorized to have that information.
Completely false. The web server is merely a technical system that may attempt to verify authorization. Neither the web server nor the people who configured it can 'grant' you authorization. Authorization comes from the owner of the website, and incorrectly configuring a web server does not count as authorization.
Except that most of those are not remakes, they are new scripts using existing characters. As far as these works are concerned, about the only thing protected by copyright that they have re-used are the titles and names of the characters.
It is really funny that you included Snow White as an example of things still under copyright meaning nothing new has to be created. The Snow White you are referring to is NOT a Disney movie (it is Universal). It does NOT use any elements of the still-under-copyright Disney Snow White, but instead uses the original not protected Snow White.
You are assuming that site A and site B are equivalent in every way except for the ability to download videos. In other words, if both sites allowed/disallowed downloads you would decide which to use by flipping a coin. Exactly what site is this other than YouTube?
Even if such an alternate site existed, it must get revenue from somewhere, it costs a whole lot of money to run YouTube. So where is this alternate site getting revenue? If it charges users, then it is no longer equivalent to YouTube. If it is selling ads, it would maybe run in 'download allowed' mode long enough to grab all of YouTube's customers, then once the competition is out of the way it can also switch to the 'no downloads' mode.
Uh, no. Being valuable to you means absolutely nothing, unless that 'value' to you translates into more income for them.
How does it add value, if not in the form of ad revenue? The ad revenue is the only value YouTube has (to Google).
What is with all these people that have so completely swallowed the Google Koolaid? Google, just like the 'Big Media morons', is a business, existing to make a profit. The way they make a profit is by selling ads. People downloading content off their site means they are visiting their site less often, which means lower ad revenue. Google may not give a crap if you (or they) impact the revenue of content producers, but they sure as hell care if you impact their revenue. You can expect Google to fight just as hard against impacts to their revenue as the 'Big Media morons' fight for theirs.