Glad to see we agree on something.;) I still disagree with you to some degree though, in that there are significant technical barriers. Although the distinction between the "technical" and the "psychological" lines do blur, they are still dependant on technical problems to some degree. For example, it may be technically possible to create a highly secure network, but that highly secure network is nothing if it throws up too many obstacles for its would-be users. You can encrypt, cloak, alter, etc. the decentralized "network" all you want, but as long as it is a sufficiently open decentralized/serverless network (e.g., beyond just a group of close knit friends, or jaurez pups), it will be possible to identify who is on the network.
Allow me to rephrase this problem briefly. Almost anyone who knows computers well, knows it is very very difficult (if not impossible) to create a secure, yet accessible, network. Thus, when the threat of hackers emerges, they'll generally place their bets on the hackers (in terms of being able to penetrate it that is, not necessarily not get bent over by Bubba). Yet in this situation, the slashdot community fails to see the parallel.
The hackers are trying to create an unbreakable network with software alone, and not only a "network" but also a user interface, support, you name it. They are trying to create a network within the network known as the internet. A decentralized one. One that is very difficult even if the underlying network (the admins, RIAA, and company) doesn't try to throw up barriers. Add to this equation hackers, the admins and RIAA are for all intents and purposes the hackers. But they own the networks. They own the content. They can reroute. They can firewall. They can packet sniff till their hearts content. They can sue the ever living day lights out of any central server. They can even turn off the network if need be. They even make the rules (well some of them). "Real" hackers do not have this benefit even. The "real" hackers even have to worry about issues such as "support". Even though many admins are complete idiots, there are more smart professional computer people than there are smart hackers. They can afford to put people on this task full time, and all these new admins/hackers need to do, is make things sufficiently difficult (social in a sense) for the average user, enough so that he or she would find it more economical to just go out and buy it.
Small little subnetworks may pop up. In fact, they'll likely continue to remain (small little warez groups that just trade amongst themselves will likely find this the biggest boon). But you'll simply never have anything on napster's (I think they need to be even bigger to truely make RIAA scared) scale and convenience, it simply offers too large of a target.
In any case, you needn't agree with me, but I certainly know who my money is on (that is, if this starts truely hurting RIAA). Nice talking to you.
Disclaimer: I don't have much time right now, but let me make a couple quick points.
Yes, I agree the "net effect" is essentially how the law works today. Despite its imperfections though, there really isn't a better standard. Think about it for a minute, EVERY law imposes its will on the individual to some degree. That means that every law must weigh the benefits versus the costs. If you irrationally clamor for never intruding on individual rights, you'll simply never see a meaningfull law (e.g., anything which says anything is illegal).
However, law is an essential part of any modern society. Modern society simply can't operate efficiently, or even survive, without it, despite the claims of libertarians who essentially claim otherwise. Anyone who has a decent grasp on history should understand this. I think this is very clear in the case of personal weapons of mass destruction (e.g., nukes, chemical weapons, etc.) Thus, since we are left with the determination that some laws need to be promulgated, we need a standard for creating them. And no matter what that standard is (no, saying "individual rights" must always be protected is not acceptable--because its meaningless), it is up to humans. Because humans determine the "weight", the "measuring", etc., you will see laws you disagree with. You will see mistakes. You can't legislate away human fallability. You can't setup a system where laws can be created, but mistakes in law cannot be made.
The bottom line is that I'm not apologizing for it. I'm stating its a fact of life. I fully and soberly realize that I must give up some personal liberties in order for a better world for everyone, including me. I can't drive 100mph through school zones. I can't break contracts. I can't burn crosses on people's lawns. I certainly can't own a nuke. I basically can't do whatever I might will (legally). And you know what? I wouldn't have it any other way. [This is not to say I agree with all laws, or that there should be no barriers or limitations...]
I trust that most people will walk on the good side of that line. Therefore, I oppose all censorship
For something like rifles you may be able to accept it, but "most" is not good enough here. Ok, let us suppose that only one person in a million is looney enough to want to kill millions of people in a given year (never mind accidents). Unlike with rifles though, that one person can kill EVERYONE in the city. Hmmm, you want to live in such a city? Your position is ludicrous. You are either highly naive, or you're bullshitting me, or both. Normally I don't like getting personal, but come on, it's just a ludicrous position...
I too can't see any reason why someone would need to possess their own nuclear device, but is that ownership not protected by the 2nd Amendment?
The second ammendment reads: "A well regulated Militia, being necessary to the security of a free State, the right of the people to keep and bear arms, shall not be infringed"
a) Personal Nukes ain't a well regulated militia, nor are they a component of one. b) Clearly the intent here is the "security" of the people. Nuclear bombs don't secure it. In fact, giving the people bombs is a bigger threat to their security than any foreign power today.
This argument is getting academic, but I do have a couple points before I bolt.
a) GNUtella is overrated. Have you actually USED it yourself to acquire things you are looking for? I have, it's more trouble than it's worth for me. While my standards may be higher than most, I can tell you it's not going to hold up for most college kids.
b) It sucks now, and it has yet to face any real barriers.
c) My script would absolutely work against GNUtella.
d) Your idea is just theoretical. At the very least it is one extra level of complexity to something which hardly works now. So long as trading is point to point, I doubt its resistance to "attacks" operating within the system, like mine. You fail to remember that this is RIAA, they represent the IP owners, they own the damn music. They can trade as many mp3s as they damn well please to gain "trust."
e) There is a world of difference between building networks and punching holes in them. Ironically, the situations are reversed this time. The hax0rs are trying to create a network which can't be broken, and the admins are trying to break it. The difference is that the admins (and RIAA and company) hold all the keys, they are on the side of the law, and dare I say it on this forum, they are on the side of right.
In any case, you're too entrenched in this to listen to reason. Although I may not have hard "proof", I'm not the one claiming the walls are about to fall. There is simply too much at stake here. There resistance you have seen to napster and company thus far is NOTHING, RIAA has yet to feel a significant pinch from this kind of piracy, but when and if they do, you can be sure heads will start rolling. In any case, time will tell.
I admit it's a tough line to walk. As I stated earlier, how do you weigh the outcomes? Nonetheless, these types of decisions are made all the time of necesity, whether or not you realize it.
I've read the Anarchist's cookbook, but I can't claim I have all the statistics. I can't say with any real certainty if many (or any) lives have been lost as a result, but I certainly don't see any legimate need for it. It's just a little too much of a grey area to waste time on on this forum...
I brought up the H-bomb, because I, like most other reasonable people, would absolutely ban individual posession of nuclear bombs if given the choice. If you accept this, then you admit of an exception to the original comment, which was my primary intention.
It is not "my" use. The previous comment before me indicated that only the "use" of a thing should be illegal, never the thing itself. He said:
"I would like to see code be treated similar to various other tools, where use determines whether it's legal or not. Having a car is, for instance, legal. Killing someone with it isn't.
You said:
Yes, you should be able to build it. If, in the process, you kill others, or cause other damage, then you will need to answer for the consequences of your actions.
I could take this view if you could build a bomb in a vacuum, such that nothing you do affects anyone else. But this is not the case. The government punishing wackos after they destroyed a million+ lives is not going to be an effective means of deterrence. The benefits we recieve from allowing individuals (e.g., a few geeks may get some satisfaction) to own such destructive devices are far far outweighed by the risks and the costs on society. In other words, the net effect is drastically negative.
The test that you suggest, "what is the net effect on society", sounds absolutely horrific to me. One of the principles that the U.S. was founded upon was that individuals have rights. [1] Related to this is the notion that individuals do not exist to serve the whole, but, rather, that the government is established to secure the rights of individuals. The day that we are governed solely by the "net effect on society", without regard to individual rights, is the day that we need a fresh revolution.
My "net effect" and and "individual rights" are not necessarily incompatible, in fact, they are normally one in the same. What the masses (or the "government") may want in the short run, is not necessarily a positive net effect, even if it outweighs the objections to it (in terms of severity x number of objections). In other words, the "net effect" takes individual rights into heavy consideration. It is important to note though, that amongst our "rights" is the right to live. If the mere act of punishing pyschos is insufficient to protect the sudden and drastic loss of millions of lives, then it is prudent to deny all the H-bomb, even those who intend no evil.
To clarify, I would never argue that because 90% (or any other number) of the US (e.g., Christians) feel the Jewish religion is offensive, all Jewish people must worship in private. This would set a bad precendent, and put everyone's rights at risk, and thus would be a negative net effect. The same argument simply can not be made with any real credibility for the existence of the H-bomb in society.
For your information even pure speech is not an absolute right in the US. You can you held responsible for libel. Commercial speech is regulated all the time. You can't yell fire in a crowded theater. You can't phone in bomb threats. etc. etc. etc. These all exist for good reasons. I'd rather they exist than not, no matter who I am, or what my: race, religion, creed, size, etc. are
Are you honestly going to tell me that you would want a situation where every nut in every city has the power to kill millions of people? It is is fine and good to say that you'll lock them up if they use it (assuming they even care or are still alive), but that does not somehow cancel out the effects on society, it would not stop these nuts from killing. I'm not necessarily for censorship, but I can concieve of many cases where it is appropriate. In these cases, I would refer you to the net effect test. I do, for your information, argue through net effect for allowance (but that does not mean I morally support every instance of actually publishing) of the publication of exploits.
PS: A properly designed H-bomb (e.g., fusion) could completely flatten any large metro area in the US. Perhaps you are thinking about the Atom bomb (e.g., fission)? In either case, the argument is academic. If properly placed, either would take millions of lives. It's hard to argue whatever benefits are obtained through allowing it over the potential (and I would argue inevitable, if weapons grade fissionable materials were available) catastrophe.
The comment which I was replying to said: 'I would like to see code be treated similar to various other tools, where use determines whether it's legal or not'
Need I say more? He drew an analogy to physical things. I think it IS appropriate, but his conclusions are wrong. I attacked him for it.
"as I'm aware, there is no analogous program with the destructive potential of an H-bomb."
Perhaps not, but the analogy is still an appropriate one for demonstration. In the case of an H-bomb, few will disagree that the net effect is negative, and cannot be ignored. Thus, if you admit of such an exception, where you analyze the net effect, not the use in and of itself, you must also be willing to consider the net effect of other things (atleast if you wish to remain consistent).
For instance, what if I were to publish how to create a lethal biological virus, such that any person could create it in their spare time? Would you still consider this free speech? Is the fact that my personal "use" is positive, sufficient? This is strictly information, just like your "code", my "use" is positive. I've met all the apparent criterion of the slashdot jrs. But few are still going to hold the same argument.
The author of the previous post was talking about "uses", not strictly source code as speech. I was appropriately addressing the "use" argument. Furthermore, even if the subject were strictly source code, there is a world of difference between an abstract and poorly authored recipe for destructive devices [Note: I think the Anarchist's Cookbook has a mostly negative effect, and banning it would _probably_ have a positive net effect (I don't see any convincing reason for it based on "free speech" offhand)] and source code. Source code IS essentially a device (especially with interpreted languages, e.g., perl, java), where, just like the H-bomb, it is just a matter of using it--there are few barriers to entry--a significant issue in analyzing the effects.
That being said, to illustrate, in the case of publishing the source to exploits, I would actually argue for it based on its "net effect." Although some may argue that publishing exploits hurts society by allowing script kiddies to flourish, it is too superficial and short sited in my opinion. I believe the stronger society/economy, is one where the computer systems and software is relatively hardened to attack. Banning the publication of exploits would have the effect of keeping the knowledge of security problems out of the hands of system admins and "security experts" (thus removing significant pressure on the software vendors to produce patches and more secure software), while not stopping the more criminally determined individuals. It could ultimately cause catastrophic damages if, say, organized crime (as opposed to script kiddies) creates and executes their own exploits en masse against a slew of soft targets. Better many small disorganized attack now, than one or two huge attacks in the future.
I build an H-bomb, because I like to look at it. My use may be purely for aesthetic and "educational" uses, but that does not mean society should allow this. The better test is, what is the net effect on society? If it is overall positive, then it should be allowed. If it is negative, then it should not.
The tough part, with all of these things, is how do you weigh the outcomes. For instance, lets look at guns. If we assume that guns provide real and substancial enjoyment for millions of people in our country, might we be able to argue that 10 or 20 deaths a year is an acceptable trade off? Is a zero fatality rate realistic? After all, cars, alchohol, tobacco, etc. take far many more "innocent" lives each year, yet we allow them. Many of you may attack one or two, but not all (e.g., cars).
While I grant you that the legal system may not always make sense and/or is too complex, much of it is of necessity. In other words, it is an oversimplification to say, that because a things proposed use is "harmless", or even positive, it should be allowed. Other factors must be considered.
You do not really seem to under stand what I'm saing. I do not care about the specifics of the "tit for tat" between universities/RIAA and students. I'm arguing that the "threat model" favors the students, i.e. it coses the school a lot of money and the school reacts slow, but it costs the students very little (a few kids getting in trouble) and the students react very fast (just look at how old Gnutella is realitive to the collages attacking Napster).
It does not cost schools all that much money to change firewall rules and the like. With my previously mentioned perl script, which logs into the "distribution network" (whatever it may happen to be at the time), and reports the students at each offending institution, for any action the school wishes (e.g., automated network disconnect/firewall for offending student for a day), the costs are negligible. I could write it once for every instutition in a few minutes, and there is no forseeable way students can avoid this.
This is an importent consideration, but as the arms race progresses the reaction time of students will decrease. Also, it did not take Napster long to get it's current network.
To get to the point where more than just geeks and a handfull of others used this, was atleast a couple weeks. Furthermore, they've had the advantage of being the first and being highly centralized, whereas programs such as GNUtella lack this.
Example: I could write a Gnutella clone whose network engin was Java driven, thus allowing students to *automatically* upgrade their stealth and participate in new networks with fundamentally better topologies. These Java modules could do all sorts of crazy thing. Now no one will write this system unless the RIAA makes us, but once writen it would kill the RIAA's chances of a technological prevention like you have been discussing.
And that java code must come from somewhere, each popular java code server could be firewalled or shutdown before students begin to use it. (e.g., you may get it on AOL, but AOL likely won't allow it for long). Also, none of this prevents my perl script from reporting you...I think it is unwise to underestimate the persuasive powers of INSTANT punishment. It is far more effective than only catching 1 in 100 (or even 10) warez pups, and punishing them after 2 years of trading, for rather serious penalties. If virtually every time a student connects to a GNUtella network he losses his network privilages almost instantly for another 2 days, he is probably not going to keep it up. [Especially since those who use napster and company tend to use the internet heaviest otherwise too]
BTW> The schools are not necissarily exposing themselves to legal action by ignoring piracy. The IANAL's here seems to think that the school get common carrier protection when they do nothing, but might loose common carrier protection when they "proactivly" remove the information. I think they are stil lrequired to remove any illegal information people point out, but activly looking for copyright infringment may mean they are also required to look for child porn, defimation, national security information, etc.
Internet service provider operations DO NOT enjoy common carrier protection. Because they're not required to provide anyone access (internet is viewed is a privilege still, and further, the law hardly recognizes internet privacy), they are not in the same boat as phone companies. Period. If anything they're closer to a distributor (e.g., Cubby vs Compuserve), because they do exercise some control in other areas (the existence of an AUP speaks volumes). But nothing is cut and dry here. The phone companies enjoy a long and well established legal precedent, ISPs enjoy no such protection.
The university's position is precarious, and because of that the liability risks cannot be ignored. The remaining portions of the CDA (USC 230(b))hold that "No provider or user of an interactive computer service shall be treated as the publisher or speaker of any information by another information content provider". This is, in fact, what many people confuse with common carrier protection. Yet this law has primarily only been applied to libel cases, and really can't hold up here. Especially if they profit from each abuse by charging for b/w usage (e.g., vicarious liability)...
Furthermore, RIAA could actively inform these schools on a real time basis of who is offending what. Which would allow RIAA to say they institutions were not ignorant (completely knocking out the possibility of proving ignorance---which is necessary for a vicarious liability defense).
Regardless, common carrier protection would probable prevent the RIAA from forcing schools to spend money looking for Gnutella.. just as it prevents the RIAA from suing the phone companies over mp3s on DSL machines.
Again, they're not common carriers. Further, who says RIAA needs to "force" them? The schools are having their lines saturated because students pay a flat rate. So unless ALL students are either willing to pay more (or if they can find alternative sources of financing), they need to charge in a per byte basis. None of these options are all that appealing in the short run. Thus, this leaves them with cutting down on the warez/mp3 trade--which is why they'd cooperate with RIAA. In addition, who says RIAA can't incentivize the schools to enforce, or simply pay for their additional "enforcement" costs above and beyond what the schools would do to protect their bandwidth?
In closing, I think GNUtella is overhyped anyways. I was skeptical when I first heard of it, its design is quite impractical for anything sizable. Even the original creator at nullsoft thought it couldn't scale past 250 (approx.) users. Having used it, I can tell you empirically that the way it is implimented and/or "networked" now, it aint much better. One might be able to see, say, 2000 hosts on a good day, but the message propogation and the searches are poor. It's generally a pain in the ass to use, and I think less technical users are going to find it very difficult. Add to adaptive firewalls, decent enforcement, logging, and other such issues to the mix, and there is plenty of reason to doubt this being a significant threat to RIAA's interests. In other words, a small group of people may still spend a lot of time at this, but the vast majority of people will find it easier and more economical to get go out to the store and buy whatever they're looking for. 0 piracy isn't necessarily the objective. So long as RIAA (and other interests in line with them) can raise the bar high enough, they're quite safe.
This hurts the schools CS program.. and runs countrary to the academic mission of the school
I simply disagree with this. This kind of network access is a luxary, and if properly controlled need not restrict legimate usage. I've yet to see an academic mission which indicates anything to this effect, and I do know of many schools which do already impliment filters.
The whole point is that most students do not need to get arround the protections. It only takes one guy to write a user friendly interface like Gnutella.. and this one student has the open source Gnutella clones as a starting point. Hell, you could even write a user friendly interface to downloading the latest user friendly solutions to the blocking.
It may only take one guy (or a couple) to write such a program. But in order for any of these programs to offer a realistic alternative to napster, they require more than just software. Remember that napster is more than just software and a server, it is good because the barriers to entry (for newbies) are low and because it already has a certain "velocity". In other words, napster reached a certain threshhold awhile ago where it had enough to offer that it became highly attractive. But this process is not overnight. Thus, if the administrators are constantly breaking a functional distribution "network", it can squash that gestational period, thus killing the repopulation of another network.
For example, if I were to find a way to make gnutella impossible to access (and this is not entirely theoretical mind you) today. How would Joe Schmoe at my university know what to use? Even if someone else writes software to circumvent my "patch" instantly (which is doubtable), that lower users still need a way to find out (or rather become convinced as to its ease of use) about it. Not only that but they'll likely need to re-educate themselves in its use. In addition, the early people who try it may become discouraged at its lack of selection. Add to this bugs and various DoS attacks coming about...and the view of organized anarchy becomes that much harder to swallow.
The current systems are vulnerable to this attack, but the legal effort to stop the students is currently prohibitive. Also, the PR results for schools are very serious.
Actually, legally this is one area where schools are almost entirely insulated. They are, in fact, at more risk by knowingly allowing and facilating the illicit acts. [Particularly if they attempt to "profit" from it as you mentioned. Can you say Vicarious liability?]. Schools have no obligation to provide you with network access. It is a privilege quite simply, which I can tell you from experience most schools treat accordingly. They can revoke it any time they please, for essentially any reason they want [particularly if you're violating their terms of use, which napster and company violate hardcore]
In regards to PR, I think it is overblown. The network "community" of college kids is not yet significant enough to really bring any pressure to bear, especially when the schools means to end piracy is done in an incrimental and direct fashion (such as I alluded to).
Plus, It is probable possible to design a "localized" network which requires the music industry to have a O(network size) connections to the network for serious monitoring. This would make monitoring the network prohibitivly expencive.
Actually, automated (user friendly) authentication system ("Yeah, I got good shit from this guy") would do a btter job at preventing network monitoring then localizing the network topology, but the network topology question is a sexy math problem.
No clue what you're referring to here.
Why would a school commit to this arms race when they can just bill the kids for the extra network usage?
Because they expose themselves liability in doing so, and because students are generally NOT paying for even a fraction of their usage. There would probably be more objections over a 10x increase in network fees, if they even exist (such as would be commensurate with the jumps these mp3 networks mean). Nothing gets college kids more rilled up than $$$$$$$$$$
That being said, I do agree that schools would be ultimately better off in the long run just charging students incrimentally, but not for the same reason. If each additional megabyte [over say, however many megabytes a legitimate web surfer is apt to use] you download or upload costs you something, you're going to be a lot more conservative of the bandwidth. This, I believe, would have the effect of reducing warez servers and the like to negligible levels.
The mere fact that it gnutella downloads may utilize the HTTP protocol does not make them indecipherable from more legitimate connections. Furthermore, even if they can't decipher gnutella from "legitimate" connections, they can filter all incoming HTTP connections to student machines. Only a select few students run servers, fewer really "need" or desire to, and they could always ennumerate those few incoming connections. This would save their upstream connections at the very least. If every university were to do this (no uploads), this would have a dramatic effect on the number of available/operational file servers for download, thus reducing downloads too.
There will *always* be a newer cooler Gnutella with avoids detection. It dose not matter what the students sign, once they start getting away with it the school will need to make examples out of a lot of people to stop it.
Although there might always be a way to get around, that does not mean that most students will have an effective way to get around most of the time that is within their means. In other words, if the universities take a real interest in stemming the trade of mp3s and other elicit files, they could adapt (block) to these new variations faster than most students can or will employ them. Likewise, there are network effects here. The fewer student servers (e.g., no more newbie students, only geeks), the fewer available downloads, the less desirable the "network"/software is, the smaller it gets. This is especially true with gnutella where that initial connection, for each respective client/server, is important.
Furthermore, although I have yet to read the entire protocol, rather than trying to constantly find a signature of the latest and greatest software, I see no reason why the music industry, a university, or a coalition of them, can't write a script in perl (or whatever) to search WITHIN the entire database all day long, and just create a list every day of hosts (read: students) who serve files. [I would think most universities will have a plenty sufficient reason if the pipes are saturated strictly as the result of piracy] Any offending hosts within the defined network(s) would simply get their network connections "cut" or firewalled out for a day or two, or worse... For a less draconian measure, they could attempt to do it in "real time" (really just shorter intervals). I could easily write such a script in perl to scan, find offending hosts, telnet into router (scripted), add firewall rule for offending host, logout. It would curb the "velocity" of student expectations of pirating quite effectively without having to resort to scare tactic.
This is not necessarily such a bad deal for the potential customers. If the customer is a newbie who doesn't already have an internet account, and he wants one that he can be confident will work with his DC with the minimum of hassle, this deal is not so bad. When you assume that the average newbie would consider getting an ISP such as AOL, RCN, or what have you, you're probably talking about 20 dollars a month anyways. Assuming the user does get ISP service
So to make a fair comparison without taking into consideration the timing of cash flows, it would be approximately 680 (for an outright purcahse + ISP service) compared to 528 (for sega's ISP deal). Furthermore, when you consider the timing of cash flows (which is more realistic), sega's deal is even more favorable. Assuming that DC owner could make do about 1% interest a month on the following cash flows:
This gives us a net present value of about: 625 on the dreamcast had you purchased it and bought service from a third party provider, and 467 had you just bought sega's ISP deal. Of course, changing the ISPs rate and the interest rate will give you different results. None the less, the computation is not exactly clearly against sega's deal. If the user is already subscribed to something like AOL, choosing this deal may, in fact, be beneficial to them...
The bottom line is that you can't just punch in these numbers and get "the answer" for everyone. The value this deal proposes is highly dependant on where the user is coming from.
Ok, so I'm a bit rusty since I studied this stuff, and goofed a bit. The pertinent language states that "No provider or user of an interactive computer service shall be treated as the publisher or speaker of any information provided by another information provider". (47 U.S.C. 230) This, of course, has the effect of providing ISPs with relative immunity from liabel suits. And it has been used many times in this context, far more than just the Zeran case.
Nonetheless, the area where I was wrong (the degree of specificity to liabel) has little bearing on this matter. Yahoo is not merely a carrier of information in this context (thus 47 U.S.C. 230 should not apply). They recieve a direct financial benefit (e.g., they profit from every additional sale of pirated goods) from the infringing conduct (their role may infact exceed that). And further, they have the right and the ability to stop that conduct. This is sufficient for the test of vicarious liability. Although it is not even necessary to prove that the party had knowledge (though if that party can prove they had no knowledge, they may be excused), it can be proven by the plaintiff that they did have knowledge.
The bottom line: The CDA most likely won't stand up here (if they even decide to try to use it). Although I can not tell you exactly how the rest will turn out, Yahoo is not exactly in the clear here.
and this only protects them from liability in libel cases. Although the bulk of the original CDA was struck down on Constitutional grounds, those parts remained. Expecting service providers to monitor speech would have a chilling effect on free speech, because it is an impossible demand, and would force ISPs to walk a very fine line. In other words, ISPs are essentially granted strong immunity from libel suits, so long as they don't play an active role in promoting or creating it. The issue with censoring comes into play, in that by doing any censoring they expose themselves to liability in that they're providing some assurances as to the information provided.
Contrast this with Yahoo being informed in a provable manner by the owner of the intellectual property that it is, in fact, pirated. They're entirely different. Nor do I think it is an unreasonable demand that Yahoo does some auditing of their auctions, there are precedents for this.
In the first place; to begin with. Usage Note: There is ample reputable precedent for using both first and firstly to begin an enumeration: Our objectives are, first (or firstly), to recover from last year's slump. Whichever is chosen, however, consistency is best served if any succeeding items are introduced by a parallel form, as in first . . . second . . . third or firstly . . . secondly . . . thirdly.
a) My usage is far from incorrect, though in more formal writings i'll frequently use other forms. b) Slashdot is a casual discussion forum; colloquial language is generally fine, so long as the writing remains coherant.
Nonetheless, I generally agree that the bulk of slashdot writing is piss-poor, even for this forum.
I do some OLE automation and VBA as well, and I appreciate this functionality. I certainly don't blame other IT people for taking advantage of this. If the functionality exists, and can be exploited in a way that possitively affects employee efficiency, then they should use it. However, most user workstations really don't need to take advantage of such scripting. In other words, most companies, if given the choice, knowing full well the vulnerabilities and problems it exposes them to, would choose non-macrod versions (atleast this is my experience).
Also, I think Microsoft could do a hell of a lot to improve security on the features they do provide.
Irrelevent question. Since it's near impossable to know ALL the hackers (# can change at any time), and their respective itches. It would be an impossible question to answer. Pro or Con.
It might be impossible to answer with absolute certainty, but nothing in this world is absolute. Would you say it's similarly impossible to know with any real certainty that a group of, say, medschool grads from Harvard are going to engineer a chip that can compete head to head against the latest offerings from Intel (et. al)? This of course, is just a random example, but you should get my point. You can accept perhaps one or two of them having the desire, but the odds of a whole community of them getting together to create something quite complex, and outside of their range of experience, for a long duration, are very slim.
The position that any Open Source, and most importantly "free", RDBMS could NOT hold a candle to Oracle (amongst others) where the needs of "enterprise" as concerned is reasonable. The development of Linux is (was), in many ways, the antithesis of what it takes to develop an equivalent to Oracle. Think about it:
Firstly, kernel's are not all that complicated.
Secondly, Linux's kernel is about as simple you can get.
Thirdly, Linux, thus far, has had the advantage of being behind the curve in development. It has had the benefit of essentially just being able to copy features, design, and even some code. While the code may be from scratch, virtually nothing else is. In other words, Linux's code was built with 20/20 hindsight. Furthermore, it's done nothing particularly spectacular with that opportunity.
Fourthly, the motive and feedback in developing an enterprise class RDBMS are vastly different. In developing Linux, there is something quite tangible, such that most "geeks" can get relatively instant gratification. Do geeks really personally need such a database (of course not, not even their hardware approaches this)? Contrast this with an RDBMS, if "they" make the system %.001 more reliable, by whatever measure, under heavy loads, how can they appreciate that? (never mind testing it) These things are about numbers. A company that does 1 million a day in sales with a broken database can't afford that %.001, but a geek screwing around developing a database in his spare time for his uses is not likely to experience such a problem. And even if he is, does that %.001 really mean anything to him? He can just reboot. Sure, you can say "given enough eyes all bugs become shallow", but ask yourself: Whose eyes, and how do these bugs become apparent? A minor bug in Linux, and a couple geeks have to reboot their PC (which presumably prompts them to patch it). Which company is going to volunteer to expose itself to such a bug---possibly millions of dollars in lost revenues (amongst other concerns). The scale of the two uses changes the nature greatly (likewise, empirically, Linux demonstrates such leanings--towards areas which most geeks appreciate, but not necessarily enterprise)
Fifthly, the development process itself is vastly different. Because Unix, and particularly Linux, is quite modularized, it can be developed is a ragtag fashion. This is not true with an RDBMS. They're are very complex and interconnected.
Sixthly, support is a major issue. Despite all that hype amongst the linux community about "support" it is absolutely undemonstrated. And when you consider issues such as proper documentation....
Seventh, given some of the risks i've mentioned, what company is going to prefer to try to save 10k in software fees for the increased risk. The expected value in this case could very well be negative.
...I can think of more, but that is plenty of doubt right there. Think critically, not dogmatically.
When Microsoft talks about Winodws being innovative, they're talking about more than the kernel - they're talking about IIS, Terminal Services, the GUI, Management interface, SMS, and a whole heap more.
The difference, of course, is Microsoft presumably caused those innovations to come about. The fact of the matter, though, is most of Microsoft's self-acclaimed 'innovations' are not the result of their hardwork or technical genius, but rather: trivial restating of existing technology, stolen technology from other companies, "acquired" technology (where some is bought on the up and up, while others are far from clean), and many other less such reasons. Put simply, it's a huge stretch to say MS innovates on the aggregate (though there are one or two "real" ones for every hundred "fake")
Likewise, the existence or creation of Linux didn't even bring about or enable the existence of the vast majority of your "innovations". Nor, for that matter, did the Linux community collectively play an role in the development of these "innovations". In other words, put simply, if Linux were never "born", 99% of these would still exist the way they do now. There is nothing all that spectacular about Linux relative to its much earlier cousins that would enable this innovation you speak of (even theoretically, as opposed to empirically).
Though the argument could clearly be reversed with great sucess for MS, I agree entirely that MS has in fact held back innovation on the aggregate. That being said, even though net effect is bad, they do have a few (very small number) "innovations" which they've caused to come about, despite their presence in the industry. My position is that those few real innovations MS can claim might, in fact, be more than the real innovations Linux can take credit for...which is not entirely suprising given the comparative size of the two "organizations" (using this term very loosly).
I agree and disagree with much of what you said, however there is one thing that I'd like to point out. Linux can be configured with security setup in such a way that viruses can't do damage, and perhaps most importantly, the (l)users can't do great damage. In other words, it is possible to setup a relatively secure linux workstation, such that the users or viruses actions are essentially irrelevant (granted, the user or "virus" might destroy that particular user's files, but there's always trivial backup onto non-user fs, and...that's another story). These workstations (assuming decent "office" applications ever emerge for Linux--and no, I don't believe Macros need to be turned on, or even exist, for the vast majority of users) could be setup in schools, offices, and other such organizations. I believe many viruses propogate within and from these places, by knocking that angle out of existence (atleast for the trivial virus), viruses will find it much harder to reproduce. Furthermore, Linux distributions (though most have shown utter carelessness thus far where security is concerned)could be configured in such a way that they're quite secure by default. If anything Mom and Pop may be less at risk, than the psuedo-educated computer user, who thinks he knows what he is doing, but in fact, opens up his system in a variety of ways by doing things manually (beyond the scope of the distributions' install).
I do think a proper multiuser OS, such as Linux, could substancially reduce costs both in IT, and most importantly, in employee downtime (e.g., less stupid rebooting, fewer user fuckups, etc.). As these applications get more and more complicated, the more necessary it will be to safeguard the user from himself (or other users from each other). Since MS doesn't seem to appreciate this, this a significant Linux advantage in a workstation setting (what is needed of course, as already mentioned, is decent applications. Not to mention possibly an improved UI, improved X, etc.).
Most of your examples are either: a) Not true technological innovations (e.g., more incidental) b) Not Linux Innovations (e.g., linux just adopted) a) Simply not part of Linux. (e.g., Apache)
The Linux innovation is bringing a rock-solid OS onto commodity hardare at an affordable price.
Ok, calling this innovation is a bit of a stretch, since it was more incidental than anything else. But in either case, Linux was not the first. You may be too new to Unix to recognize this, but there were other free operating systems around for x86 well before Linux.(e.g., fbsd)
Linux is the portable OS of all time, and can scale from a PalmPilot to an AS400. No other operating system can do that.
There is disagreement over this fact, BSDs have been ported to a number of other platforms as well. The only difference is that Linux has a thousand more geek/fans who try to do such things, though how this helps most consumers is beyond me. I've been running Linux for about 5 years now, and the only other platform i'd consider running on is Alpha.
Open source technologies [which, if yo were MS, you'd call aprt of the OS] are also innovative. AT&Ts VNC provides remote administration capabilities multi platform with full interaction and at better performance than most commercial products.
VNC != Linux. VNC was developed by a commercial company, which was later open sourced. Also, VNC was far from the first graphical remote administration tool, about the only pertinent difference that I can think of is that it is client-stateless (which, incidently, isnt' new to PC, only for Unix)
Linux has had many MS inovations, such as Dynamic DNS, Kerberos, Filesystem Encryption, etc. for many years before Microsoft has.
...many of which are not a core part of Linux. All of which Linux did not invent, or employ in particularly innovative ways.
Linux has been 32 bit on Intel since it's birth.
So what? No matter what platform you develop for, that platform is going to be your "first" platform--that is not innovation. Also, MS can make the same claims with all of their major OSs.
It was also the first IA64 bit OS.
This is hardly significant. IA64 is not exactly available yet. Being the "first" in this case is hardly significant because it's not the result of some technological hurdle, rather it's a race (if others really care) in which linux just happened to complete a few minutes before (e.g., Linux early finish hasn't lead the way for others by any means). I'm sure Linux's early finish is mostly due to the kernel's relatively miniscule size, though, what about all the other things which people demand in an OS. They'd hardly thank MS if they just ported their kernel, but nothing else. Furthermore, is being the "first" to port to a processor that is not yet available truely important? The question should be, who has the most effective OS (complete solution, as opposed to just kernel) when IA64 becomes widely available.
Linux is the first OS with publicly available source distributed udner a license where, so that one can, for example, remove every feature of my database server that's unnecessary and tune my machien so its completely dedicated to pumping out transactions as fast as it possibly can.
No, it was not. BSDs come to mind, amongst others. Speaking of databases, why is it that Linux doesn't have a single high quality open source/free database that can support transactions, procedural language, triggers, and the like? Hint: MySQL doesn't meet this criteria, despite it's other nice features for certain application.
I highly doubt that Linux routers will make a noticable impact in Cisco's success. First off, in the vast majority of cases, routers are best left to embedded systems--there is no compelling reason to run a full blown operating systems, when all you need is a NOS. Secondly, in the few cases in which embedded solutions aren't appropriate, Cisco probably never had their attention anyways. Thirdly, "linux routers" have been around for a couple years now, there is no likely reason for anything to change from Cisco's hand to Linux routers'.
That being said, Cisco is overvalued. Although Cisco will likely continue to grow and retain their market share, they're unlikely to grow at a rate that can justify a market capitalization of 500 billion.
I know your comment was most likely mostly facetious, but...
"miraculous rise of true technological advances over Microsoft, like Linux"
Not that I'm a fan of MS, but I would hardly say call linux a "technological advance", let alone a miraculous one. While I know MS has done damn little in the way of real innovation, I bet you MS has done more to innovate than Linux (how many significant advances can you actually name that have come out of linux? as opposed to >5 year old technology for other unices and operating systems) has. That being said, for the purposes it serves, Linux more than makes up for it with decent design, relative lack of bugs, etc.
Slashdot Mirror
Glad to see we agree on something. ;) I still disagree with you to some degree though, in that there are significant technical barriers. Although the distinction between the "technical" and the "psychological" lines do blur, they are still dependant on technical problems to some degree. For example, it may be technically possible to create a highly secure network, but that highly secure network is nothing if it throws up too many obstacles for its would-be users. You can encrypt, cloak, alter, etc. the decentralized "network" all you want, but as long as it is a sufficiently open decentralized/serverless network (e.g., beyond just a group of close knit friends, or jaurez pups), it will be possible to identify who is on the network.
Allow me to rephrase this problem briefly. Almost anyone who knows computers well, knows it is very very difficult (if not impossible) to create a secure, yet accessible, network. Thus, when the threat of hackers emerges, they'll generally place their bets on the hackers (in terms of being able to penetrate it that is, not necessarily not get bent over by Bubba). Yet in this situation, the slashdot community fails to see the parallel.
The hackers are trying to create an unbreakable network with software alone, and not only a "network" but also a user interface, support, you name it. They are trying to create a network within the network known as the internet. A decentralized one. One that is very difficult even if the underlying network (the admins, RIAA, and company) doesn't try to throw up barriers. Add to this equation hackers, the admins and RIAA are for all intents and purposes the hackers. But they own the networks. They own the content. They can reroute. They can firewall. They can packet sniff till their hearts content. They can sue the ever living day lights out of any central server. They can even turn off the network if need be. They even make the rules (well some of them). "Real" hackers do not have this benefit even. The "real" hackers even have to worry about issues such as "support". Even though many admins are complete idiots, there are more smart professional computer people than there are smart hackers. They can afford to put people on this task full time, and all these new admins/hackers need to do, is make things sufficiently difficult (social in a sense) for the average user, enough so that he or she would find it more economical to just go out and buy it.
Small little subnetworks may pop up. In fact, they'll likely continue to remain (small little warez groups that just trade amongst themselves will likely find this the biggest boon). But you'll simply never have anything on napster's (I think they need to be even bigger to truely make RIAA scared) scale and convenience, it simply offers too large of a target.
In any case, you needn't agree with me, but I certainly know who my money is on (that is, if this starts truely hurting RIAA). Nice talking to you.
Disclaimer: I don't have much time right now, but let me make a couple quick points.
Yes, I agree the "net effect" is essentially how the law works today. Despite its imperfections though, there really isn't a better standard. Think about it for a minute, EVERY law imposes its will on the individual to some degree. That means that every law must weigh the benefits versus the costs. If you irrationally clamor for never intruding on individual rights, you'll simply never see a meaningfull law (e.g., anything which says anything is illegal).
However, law is an essential part of any modern society. Modern society simply can't operate efficiently, or even survive, without it, despite the claims of libertarians who essentially claim otherwise. Anyone who has a decent grasp on history should understand this. I think this is very clear in the case of personal weapons of mass destruction (e.g., nukes, chemical weapons, etc.) Thus, since we are left with the determination that some laws need to be promulgated, we need a standard for creating them. And no matter what that standard is (no, saying "individual rights" must always be protected is not acceptable--because its meaningless), it is up to humans. Because humans determine the "weight", the "measuring", etc., you will see laws you disagree with. You will see mistakes. You can't legislate away human fallability. You can't setup a system where laws can be created, but mistakes in law cannot be made.
The bottom line is that I'm not apologizing for it. I'm stating its a fact of life. I fully and soberly realize that I must give up some personal liberties in order for a better world for everyone, including me. I can't drive 100mph through school zones. I can't break contracts. I can't burn crosses on people's lawns. I certainly can't own a nuke. I basically can't do whatever I might will (legally). And you know what? I wouldn't have it any other way. [This is not to say I agree with all laws, or that there should be no barriers or limitations...]
For something like rifles you may be able to accept it, but "most" is not good enough here. Ok, let us suppose that only one person in a million is looney enough to want to kill millions of people in a given year (never mind accidents). Unlike with rifles though, that one person can kill EVERYONE in the city. Hmmm, you want to live in such a city? Your position is ludicrous. You are either highly naive, or you're bullshitting me, or both. Normally I don't like getting personal, but come on, it's just a ludicrous position...
The second ammendment reads: "A well regulated Militia, being necessary to the security of a free State, the right of the people to keep and bear arms, shall not be infringed"
a) Personal Nukes ain't a well regulated militia, nor are they a component of one.
b) Clearly the intent here is the "security" of the people. Nuclear bombs don't secure it. In fact, giving the people bombs is a bigger threat to their security than any foreign power today.
anyhow, i'm tired and getting cranky, good night.
This argument is getting academic, but I do have a couple points before I bolt.
a) GNUtella is overrated. Have you actually USED it yourself to acquire things you are looking for? I have, it's more trouble than it's worth for me. While my standards may be higher than most, I can tell you it's not going to hold up for most college kids.
b) It sucks now, and it has yet to face any real barriers.
c) My script would absolutely work against GNUtella.
d) Your idea is just theoretical. At the very least it is one extra level of complexity to something which hardly works now. So long as trading is point to point, I doubt its resistance to "attacks" operating within the system, like mine. You fail to remember that this is RIAA, they represent the IP owners, they own the damn music. They can trade as many mp3s as they damn well please to gain "trust."
e) There is a world of difference between building networks and punching holes in them. Ironically, the situations are reversed this time. The hax0rs are trying to create a network which can't be broken, and the admins are trying to break it. The difference is that the admins (and RIAA and company) hold all the keys, they are on the side of the law, and dare I say it on this forum, they are on the side of right.
In any case, you're too entrenched in this to listen to reason. Although I may not have hard "proof", I'm not the one claiming the walls are about to fall. There is simply too much at stake here. There resistance you have seen to napster and company thus far is NOTHING, RIAA has yet to feel a significant pinch from this kind of piracy, but when and if they do, you can be sure heads will start rolling. In any case, time will tell.
I admit it's a tough line to walk. As I stated earlier, how do you weigh the outcomes? Nonetheless, these types of decisions are made all the time of necesity, whether or not you realize it.
I've read the Anarchist's cookbook, but I can't claim I have all the statistics. I can't say with any real certainty if many (or any) lives have been lost as a result, but I certainly don't see any legimate need for it. It's just a little too much of a grey area to waste time on on this forum...
I brought up the H-bomb, because I, like most other reasonable people, would absolutely ban individual posession of nuclear bombs if given the choice. If you accept this, then you admit of an exception to the original comment, which was my primary intention.
You said:
I could take this view if you could build a bomb in a vacuum, such that nothing you do affects anyone else. But this is not the case. The government punishing wackos after they destroyed a million+ lives is not going to be an effective means of deterrence. The benefits we recieve from allowing individuals (e.g., a few geeks may get some satisfaction) to own such destructive devices are far far outweighed by the risks and the costs on society. In other words, the net effect is drastically negative.
My "net effect" and and "individual rights" are not necessarily incompatible, in fact, they are normally one in the same. What the masses (or the "government") may want in the short run, is not necessarily a positive net effect, even if it outweighs the objections to it (in terms of severity x number of objections). In other words, the "net effect" takes individual rights into heavy consideration. It is important to note though, that amongst our "rights" is the right to live. If the mere act of punishing pyschos is insufficient to protect the sudden and drastic loss of millions of lives, then it is prudent to deny all the H-bomb, even those who intend no evil.
To clarify, I would never argue that because 90% (or any other number) of the US (e.g., Christians) feel the Jewish religion is offensive, all Jewish people must worship in private. This would set a bad precendent, and put everyone's rights at risk, and thus would be a negative net effect. The same argument simply can not be made with any real credibility for the existence of the H-bomb in society.
For your information even pure speech is not an absolute right in the US. You can you held responsible for libel. Commercial speech is regulated all the time. You can't yell fire in a crowded theater. You can't phone in bomb threats. etc. etc. etc. These all exist for good reasons. I'd rather they exist than not, no matter who I am, or what my: race, religion, creed, size, etc. are
Are you honestly going to tell me that you would want a situation where every nut in every city has the power to kill millions of people? It is is fine and good to say that you'll lock them up if they use it (assuming they even care or are still alive), but that does not somehow cancel out the effects on society, it would not stop these nuts from killing. I'm not necessarily for censorship, but I can concieve of many cases where it is appropriate. In these cases, I would refer you to the net effect test. I do, for your information, argue through net effect for allowance (but that does not mean I morally support every instance of actually publishing) of the publication of exploits.
PS: A properly designed H-bomb (e.g., fusion) could completely flatten any large metro area in the US. Perhaps you are thinking about the Atom bomb (e.g., fission)? In either case, the argument is academic. If properly placed, either would take millions of lives. It's hard to argue whatever benefits are obtained through allowing it over the potential (and I would argue inevitable, if weapons grade fissionable materials were available) catastrophe.
Need I say more? He drew an analogy to physical things. I think it IS appropriate, but his conclusions are wrong. I attacked him for it.
Perhaps not, but the analogy is still an appropriate one for demonstration. In the case of an H-bomb, few will disagree that the net effect is negative, and cannot be ignored. Thus, if you admit of such an exception, where you analyze the net effect, not the use in and of itself, you must also be willing to consider the net effect of other things (atleast if you wish to remain consistent).
For instance, what if I were to publish how to create a lethal biological virus, such that any person could create it in their spare time? Would you still consider this free speech? Is the fact that my personal "use" is positive, sufficient? This is strictly information, just like your "code", my "use" is positive. I've met all the apparent criterion of the slashdot jrs. But few are still going to hold the same argument.
The author of the previous post was talking about "uses", not strictly source code as speech. I was appropriately addressing the "use" argument. Furthermore, even if the subject were strictly source code, there is a world of difference between an abstract and poorly authored recipe for destructive devices [Note: I think the Anarchist's Cookbook has a mostly negative effect, and banning it would _probably_ have a positive net effect (I don't see any convincing reason for it based on "free speech" offhand)] and source code. Source code IS essentially a device (especially with interpreted languages, e.g., perl, java), where, just like the H-bomb, it is just a matter of using it--there are few barriers to entry--a significant issue in analyzing the effects.
That being said, to illustrate, in the case of publishing the source to exploits, I would actually argue for it based on its "net effect." Although some may argue that publishing exploits hurts society by allowing script kiddies to flourish, it is too superficial and short sited in my opinion. I believe the stronger society/economy, is one where the computer systems and software is relatively hardened to attack. Banning the publication of exploits would have the effect of keeping the knowledge of security problems out of the hands of system admins and "security experts" (thus removing significant pressure on the software vendors to produce patches and more secure software), while not stopping the more criminally determined individuals. It could ultimately cause catastrophic damages if, say, organized crime (as opposed to script kiddies) creates and executes their own exploits en masse against a slew of soft targets. Better many small disorganized attack now, than one or two huge attacks in the future.
I build an H-bomb, because I like to look at it. My use may be purely for aesthetic and "educational" uses, but that does not mean society should allow this. The better test is, what is the net effect on society? If it is overall positive, then it should be allowed. If it is negative, then it should not.
The tough part, with all of these things, is how do you weigh the outcomes. For instance, lets look at guns. If we assume that guns provide real and substancial enjoyment for millions of people in our country, might we be able to argue that 10 or 20 deaths a year is an acceptable trade off? Is a zero fatality rate realistic? After all, cars, alchohol, tobacco, etc. take far many more "innocent" lives each year, yet we allow them. Many of you may attack one or two, but not all (e.g., cars).
While I grant you that the legal system may not always make sense and/or is too complex, much of it is of necessity. In other words, it is an oversimplification to say, that because a things proposed use is "harmless", or even positive, it should be allowed. Other factors must be considered.
It does not cost schools all that much money to change firewall rules and the like. With my previously mentioned perl script, which logs into the "distribution network" (whatever it may happen to be at the time), and reports the students at each offending institution, for any action the school wishes (e.g., automated network disconnect/firewall for offending student for a day), the costs are negligible. I could write it once for every instutition in a few minutes, and there is no forseeable way students can avoid this.
To get to the point where more than just geeks and a handfull of others used this, was atleast a couple weeks. Furthermore, they've had the advantage of being the first and being highly centralized, whereas programs such as GNUtella lack this.
And that java code must come from somewhere, each popular java code server could be firewalled or shutdown before students begin to use it. (e.g., you may get it on AOL, but AOL likely won't allow it for long). Also, none of this prevents my perl script from reporting you...I think it is unwise to underestimate the persuasive powers of INSTANT punishment. It is far more effective than only catching 1 in 100 (or even 10) warez pups, and punishing them after 2 years of trading, for rather serious penalties. If virtually every time a student connects to a GNUtella network he losses his network privilages almost instantly for another 2 days, he is probably not going to keep it up. [Especially since those who use napster and company tend to use the internet heaviest otherwise too]
Internet service provider operations DO NOT enjoy common carrier protection. Because they're not required to provide anyone access (internet is viewed is a privilege still, and further, the law hardly recognizes internet privacy), they are not in the same boat as phone companies. Period. If anything they're closer to a distributor (e.g., Cubby vs Compuserve), because they do exercise some control in other areas (the existence of an AUP speaks volumes). But nothing is cut and dry here. The phone companies enjoy a long and well established legal precedent, ISPs enjoy no such protection.
The university's position is precarious, and because of that the liability risks cannot be ignored. The remaining portions of the CDA (USC 230(b))hold that "No provider or user of an interactive computer service shall be treated as the publisher or speaker of any information by another information content provider". This is, in fact, what many people confuse with common carrier protection. Yet this law has primarily only been applied to libel cases, and really can't hold up here. Especially if they profit from each abuse by charging for b/w usage (e.g., vicarious liability)...
Furthermore, RIAA could actively inform these schools on a real time basis of who is offending what. Which would allow RIAA to say they institutions were not ignorant (completely knocking out the possibility of proving ignorance---which is necessary for a vicarious liability defense).
Again, they're not common carriers. Further, who says RIAA needs to "force" them? The schools are having their lines saturated because students pay a flat rate. So unless ALL students are either willing to pay more (or if they can find alternative sources of financing), they need to charge in a per byte basis. None of these options are all that appealing in the short run. Thus, this leaves them with cutting down on the warez/mp3 trade--which is why they'd cooperate with RIAA. In addition, who says RIAA can't incentivize the schools to enforce, or simply pay for their additional "enforcement" costs above and beyond what the schools would do to protect their bandwidth?
In closing, I think GNUtella is overhyped anyways. I was skeptical when I first heard of it, its design is quite impractical for anything sizable. Even the original creator at nullsoft thought it couldn't scale past 250 (approx.) users. Having used it, I can tell you empirically that the way it is implimented and/or "networked" now, it aint much better. One might be able to see, say, 2000 hosts on a good day, but the message propogation and the searches are poor. It's generally a pain in the ass to use, and I think less technical users are going to find it very difficult. Add to adaptive firewalls, decent enforcement, logging, and other such issues to the mix, and there is plenty of reason to doubt this being a significant threat to RIAA's interests. In other words, a small group of people may still spend a lot of time at this, but the vast majority of people will find it easier and more economical to get go out to the store and buy whatever they're looking for. 0 piracy isn't necessarily the objective. So long as RIAA (and other interests in line with them) can raise the bar high enough, they're quite safe.
I simply disagree with this. This kind of network access is a luxary, and if properly controlled need not restrict legimate usage. I've yet to see an academic mission which indicates anything to this effect, and I do know of many schools which do already impliment filters.
It may only take one guy (or a couple) to write such a program. But in order for any of these programs to offer a realistic alternative to napster, they require more than just software. Remember that napster is more than just software and a server, it is good because the barriers to entry (for newbies) are low and because it already has a certain "velocity". In other words, napster reached a certain threshhold awhile ago where it had enough to offer that it became highly attractive. But this process is not overnight. Thus, if the administrators are constantly breaking a functional distribution "network", it can squash that gestational period, thus killing the repopulation of another network.
For example, if I were to find a way to make gnutella impossible to access (and this is not entirely theoretical mind you) today. How would Joe Schmoe at my university know what to use? Even if someone else writes software to circumvent my "patch" instantly (which is doubtable), that lower users still need a way to find out (or rather become convinced as to its ease of use) about it. Not only that but they'll likely need to re-educate themselves in its use. In addition, the early people who try it may become discouraged at its lack of selection. Add to this bugs and various DoS attacks coming about...and the view of organized anarchy becomes that much harder to swallow.
Actually, legally this is one area where schools are almost entirely insulated. They are, in fact, at more risk by knowingly allowing and facilating the illicit acts. [Particularly if they attempt to "profit" from it as you mentioned. Can you say Vicarious liability?]. Schools have no obligation to provide you with network access. It is a privilege quite simply, which I can tell you from experience most schools treat accordingly. They can revoke it any time they please, for essentially any reason they want [particularly if you're violating their terms of use, which napster and company violate hardcore]
In regards to PR, I think it is overblown. The network "community" of college kids is not yet significant enough to really bring any pressure to bear, especially when the schools means to end piracy is done in an incrimental and direct fashion (such as I alluded to).
No clue what you're referring to here.
Because they expose themselves liability in doing so, and because students are generally NOT paying for even a fraction of their usage. There would probably be more objections over a 10x increase in network fees, if they even exist (such as would be commensurate with the jumps these mp3 networks mean). Nothing gets college kids more rilled up than $$$$$$$$$$
That being said, I do agree that schools would be ultimately better off in the long run just charging students incrimentally, but not for the same reason. If each additional megabyte [over say, however many megabytes a legitimate web surfer is apt to use] you download or upload costs you something, you're going to be a lot more conservative of the bandwidth. This, I believe, would have the effect of reducing warez servers and the like to negligible levels.
The mere fact that it gnutella downloads may utilize the HTTP protocol does not make them indecipherable from more legitimate connections. Furthermore, even if they can't decipher gnutella from "legitimate" connections, they can filter all incoming HTTP connections to student machines. Only a select few students run servers, fewer really "need" or desire to, and they could always ennumerate those few incoming connections. This would save their upstream connections at the very least. If every university were to do this (no uploads), this would have a dramatic effect on the number of available/operational file servers for download, thus reducing downloads too.
Although there might always be a way to get around, that does not mean that most students will have an effective way to get around most of the time that is within their means. In other words, if the universities take a real interest in stemming the trade of mp3s and other elicit files, they could adapt (block) to these new variations faster than most students can or will employ them. Likewise, there are network effects here. The fewer student servers (e.g., no more newbie students, only geeks), the fewer available downloads, the less desirable the "network"/software is, the smaller it gets. This is especially true with gnutella where that initial connection, for each respective client/server, is important.
Furthermore, although I have yet to read the entire protocol, rather than trying to constantly find a signature of the latest and greatest software, I see no reason why the music industry, a university, or a coalition of them, can't write a script in perl (or whatever) to search WITHIN the entire database all day long, and just create a list every day of hosts (read: students) who serve files. [I would think most universities will have a plenty sufficient reason if the pipes are saturated strictly as the result of piracy] Any offending hosts within the defined network(s) would simply get their network connections "cut" or firewalled out for a day or two, or worse... For a less draconian measure, they could attempt to do it in "real time" (really just shorter intervals). I could easily write such a script in perl to scan, find offending hosts, telnet into router (scripted), add firewall rule for offending host, logout. It would curb the "velocity" of student expectations of pirating quite effectively without having to resort to scare tactic.
This is not necessarily such a bad deal for the potential customers. If the customer is a newbie who doesn't already have an internet account, and he wants one that he can be confident will work with his DC with the minimum of hassle, this deal is not so bad. When you assume that the average newbie would consider getting an ISP such as AOL, RCN, or what have you, you're probably talking about 20 dollars a month anyways. Assuming the user does get ISP service
... 24
So to make a fair comparison without taking into consideration the timing of cash flows, it would be approximately 680 (for an outright purcahse + ISP service) compared to 528 (for sega's ISP deal). Furthermore, when you consider the timing of cash flows (which is more realistic), sega's deal is even more favorable. Assuming that DC owner could make do about 1% interest a month on the following cash flows:
0 --- 1 -- 2 -- 3 -- 4 -- 5
200 - 20 - 20 - 20 - 20 - 20 - 20
0 ---- 22 - 22 - 22 - 22 - 22 - 22
This gives us a net present value of about: 625 on the dreamcast had you purchased it and bought service from a third party provider, and 467 had you just bought sega's ISP deal. Of course, changing the ISPs rate and the interest rate will give you different results. None the less, the computation is not exactly clearly against sega's deal. If the user is already subscribed to something like AOL, choosing this deal may, in fact, be beneficial to them...
The bottom line is that you can't just punch in these numbers and get "the answer" for everyone. The value this deal proposes is highly dependant on where the user is coming from.
Ok, so I'm a bit rusty since I studied this stuff, and goofed a bit. The pertinent language states that "No provider or user of an interactive computer service shall be treated as the publisher or speaker of any information provided by another information provider". (47 U.S.C. 230) This, of course, has the effect of providing ISPs with relative immunity from liabel suits. And it has been used many times in this context, far more than just the Zeran case.
Nonetheless, the area where I was wrong (the degree of specificity to liabel) has little bearing on this matter. Yahoo is not merely a carrier of information in this context (thus 47 U.S.C. 230 should not apply). They recieve a direct financial benefit (e.g., they profit from every additional sale of pirated goods) from the infringing conduct (their role may infact exceed that). And further, they have the right and the ability to stop that conduct. This is sufficient for the test of vicarious liability. Although it is not even necessary to prove that the party had knowledge (though if that party can prove they had no knowledge, they may be excused), it can be proven by the plaintiff that they did have knowledge.
The bottom line: The CDA most likely won't stand up here (if they even decide to try to use it). Although I can not tell you exactly how the rest will turn out, Yahoo is not exactly in the clear here.
and this only protects them from liability in libel cases. Although the bulk of the original CDA was struck down on Constitutional grounds, those parts remained. Expecting service providers to monitor speech would have a chilling effect on free speech, because it is an impossible demand, and would force ISPs to walk a very fine line. In other words, ISPs are essentially granted strong immunity from libel suits, so long as they don't play an active role in promoting or creating it. The issue with censoring comes into play, in that by doing any censoring they expose themselves to liability in that they're providing some assurances as to the information provided.
Contrast this with Yahoo being informed in a provable manner by the owner of the intellectual property that it is, in fact, pirated. They're entirely different. Nor do I think it is an unreasonable demand that Yahoo does some auditing of their auctions, there are precedents for this.
a) My usage is far from incorrect, though in more formal writings i'll frequently use other forms.
b) Slashdot is a casual discussion forum; colloquial language is generally fine, so long as the writing remains coherant.
Nonetheless, I generally agree that the bulk of slashdot writing is piss-poor, even for this forum.
...gotta run
I do some OLE automation and VBA as well, and I appreciate this functionality. I certainly don't blame other IT people for taking advantage of this. If the functionality exists, and can be exploited in a way that possitively affects employee efficiency, then they should use it. However, most user workstations really don't need to take advantage of such scripting. In other words, most companies, if given the choice, knowing full well the vulnerabilities and problems it exposes them to, would choose non-macrod versions (atleast this is my experience).
Also, I think Microsoft could do a hell of a lot to improve security on the features they do provide.
It might be impossible to answer with absolute certainty, but nothing in this world is absolute. Would you say it's similarly impossible to know with any real certainty that a group of, say, medschool grads from Harvard are going to engineer a chip that can compete head to head against the latest offerings from Intel (et. al)? This of course, is just a random example, but you should get my point. You can accept perhaps one or two of them having the desire, but the odds of a whole community of them getting together to create something quite complex, and outside of their range of experience, for a long duration, are very slim.
That being said, I agree with your later point.
The position that any Open Source, and most importantly "free", RDBMS could NOT hold a candle to Oracle (amongst others) where the needs of "enterprise" as concerned is reasonable. The development of Linux is (was), in many ways, the antithesis of what it takes to develop an equivalent to Oracle. Think about it:
Firstly, kernel's are not all that complicated.
Secondly, Linux's kernel is about as simple you can get.
Thirdly, Linux, thus far, has had the advantage of being behind the curve in development. It has had the benefit of essentially just being able to copy features, design, and even some code. While the code may be from scratch, virtually nothing else is. In other words, Linux's code was built with 20/20 hindsight. Furthermore, it's done nothing particularly spectacular with that opportunity.
Fourthly, the motive and feedback in developing an enterprise class RDBMS are vastly different. In developing Linux, there is something quite tangible, such that most "geeks" can get relatively instant gratification. Do geeks really personally need such a database (of course not, not even their hardware approaches this)? Contrast this with an RDBMS, if "they" make the system %.001 more reliable, by whatever measure, under heavy loads, how can they appreciate that? (never mind testing it) These things are about numbers. A company that does 1 million a day in sales with a broken database can't afford that %.001, but a geek screwing around developing a database in his spare time for his uses is not likely to experience such a problem. And even if he is, does that %.001 really mean anything to him? He can just reboot. Sure, you can say "given enough eyes all bugs become shallow", but ask yourself: Whose eyes, and how do these bugs become apparent? A minor bug in Linux, and a couple geeks have to reboot their PC (which presumably prompts them to patch it). Which company is going to volunteer to expose itself to such a bug---possibly millions of dollars in lost revenues (amongst other concerns). The scale of the two uses changes the nature greatly (likewise, empirically, Linux demonstrates such leanings--towards areas which most geeks appreciate, but not necessarily enterprise)
Fifthly, the development process itself is vastly different. Because Unix, and particularly Linux, is quite modularized, it can be developed is a ragtag fashion. This is not true with an RDBMS. They're are very complex and interconnected.
Sixthly, support is a major issue. Despite all that hype amongst the linux community about "support" it is absolutely undemonstrated. And when you consider issues such as proper documentation....
Seventh, given some of the risks i've mentioned, what company is going to prefer to try to save 10k in software fees for the increased risk. The expected value in this case could very well be negative.
...I can think of more, but that is plenty of doubt right there. Think critically, not dogmatically.
The difference, of course, is Microsoft presumably caused those innovations to come about. The fact of the matter, though, is most of Microsoft's self-acclaimed 'innovations' are not the result of their hardwork or technical genius, but rather: trivial restating of existing technology, stolen technology from other companies, "acquired" technology (where some is bought on the up and up, while others are far from clean), and many other less such reasons. Put simply, it's a huge stretch to say MS innovates on the aggregate (though there are one or two "real" ones for every hundred "fake")
Likewise, the existence or creation of Linux didn't even bring about or enable the existence of the vast majority of your "innovations". Nor, for that matter, did the Linux community collectively play an role in the development of these "innovations". In other words, put simply, if Linux were never "born", 99% of these would still exist the way they do now. There is nothing all that spectacular about Linux relative to its much earlier cousins that would enable this innovation you speak of (even theoretically, as opposed to empirically).
Though the argument could clearly be reversed with great sucess for MS, I agree entirely that MS has in fact held back innovation on the aggregate. That being said, even though net effect is bad, they do have a few (very small number) "innovations" which they've caused to come about, despite their presence in the industry. My position is that those few real innovations MS can claim might, in fact, be more than the real innovations Linux can take credit for...which is not entirely suprising given the comparative size of the two "organizations" (using this term very loosly).
I agree and disagree with much of what you said, however there is one thing that I'd like to point out. Linux can be configured with security setup in such a way that viruses can't do damage, and perhaps most importantly, the (l)users can't do great damage. In other words, it is possible to setup a relatively secure linux workstation, such that the users or viruses actions are essentially irrelevant (granted, the user or "virus" might destroy that particular user's files, but there's always trivial backup onto non-user fs, and...that's another story). These workstations (assuming decent "office" applications ever emerge for Linux--and no, I don't believe Macros need to be turned on, or even exist, for the vast majority of users) could be setup in schools, offices, and other such organizations. I believe many viruses propogate within and from these places, by knocking that angle out of existence (atleast for the trivial virus), viruses will find it much harder to reproduce. Furthermore, Linux distributions (though most have shown utter carelessness thus far where security is concerned)could be configured in such a way that they're quite secure by default. If anything Mom and Pop may be less at risk, than the psuedo-educated computer user, who thinks he knows what he is doing, but in fact, opens up his system in a variety of ways by doing things manually (beyond the scope of the distributions' install).
I do think a proper multiuser OS, such as Linux, could substancially reduce costs both in IT, and most importantly, in employee downtime (e.g., less stupid rebooting, fewer user fuckups, etc.). As these applications get more and more complicated, the more necessary it will be to safeguard the user from himself (or other users from each other). Since MS doesn't seem to appreciate this, this a significant Linux advantage in a workstation setting (what is needed of course, as already mentioned, is decent applications. Not to mention possibly an improved UI, improved X, etc.).
Most of your examples are either:
a) Not true technological innovations (e.g., more incidental)
b) Not Linux Innovations (e.g., linux just adopted)
a) Simply not part of Linux. (e.g., Apache)
Ok, calling this innovation is a bit of a stretch, since it was more incidental than anything else. But in either case, Linux was not the first. You may be too new to Unix to recognize this, but there were other free operating systems around for x86 well before Linux.(e.g., fbsd)
There is disagreement over this fact, BSDs have been ported to a number of other platforms as well. The only difference is that Linux has a thousand more geek/fans who try to do such things, though how this helps most consumers is beyond me. I've been running Linux for about 5 years now, and the only other platform i'd consider running on is Alpha.
VNC != Linux. VNC was developed by a commercial company, which was later open sourced. Also, VNC was far from the first graphical remote administration tool, about the only pertinent difference that I can think of is that it is client-stateless (which, incidently, isnt' new to PC, only for Unix)
...many of which are not a core part of Linux. All of which Linux did not invent, or employ in particularly innovative ways.
So what? No matter what platform you develop for, that platform is going to be your "first" platform--that is not innovation. Also, MS can make the same claims with all of their major OSs.
This is hardly significant. IA64 is not exactly available yet. Being the "first" in this case is hardly significant because it's not the result of some technological hurdle, rather it's a race (if others really care) in which linux just happened to complete a few minutes before (e.g., Linux early finish hasn't lead the way for others by any means). I'm sure Linux's early finish is mostly due to the kernel's relatively miniscule size, though, what about all the other things which people demand in an OS. They'd hardly thank MS if they just ported their kernel, but nothing else. Furthermore, is being the "first" to port to a processor that is not yet available truely important? The question should be, who has the most effective OS (complete solution, as opposed to just kernel) when IA64 becomes widely available.
No, it was not. BSDs come to mind, amongst others. Speaking of databases, why is it that Linux doesn't have a single high quality open source/free database that can support transactions, procedural language, triggers, and the like? Hint: MySQL doesn't meet this criteria, despite it's other nice features for certain application.
I highly doubt that Linux routers will make a noticable impact in Cisco's success. First off, in the vast majority of cases, routers are best left to embedded systems--there is no compelling reason to run a full blown operating systems, when all you need is a NOS. Secondly, in the few cases in which embedded solutions aren't appropriate, Cisco probably never had their attention anyways. Thirdly, "linux routers" have been around for a couple years now, there is no likely reason for anything to change from Cisco's hand to Linux routers'.
That being said, Cisco is overvalued. Although Cisco will likely continue to grow and retain their market share, they're unlikely to grow at a rate that can justify a market capitalization of 500 billion.
Not that I'm a fan of MS, but I would hardly say call linux a "technological advance", let alone a miraculous one. While I know MS has done damn little in the way of real innovation, I bet you MS has done more to innovate than Linux (how many significant advances can you actually name that have come out of linux? as opposed to >5 year old technology for other unices and operating systems) has. That being said, for the purposes it serves, Linux more than makes up for it with decent design, relative lack of bugs, etc.