What exactly is the issue here? Maybe I misread TFS and the linked articles, but as I understand the chief complaint - apart from Google's delay in reporting to OpenSSL - is that some large commercial entities did not receive a notification before public disclosure. I did not dig all too deep into the whole issue, but as far as I can tell OpenSSL issued their advisory in lieu with a patched version. What more do they expect? And why should "Cisco[,] Juniper[,] Amazon Web Services, Twitter, Yahoo, Tumblr and GoDaddy" get a heads-up on the public disclosure? I did not get a heads-up either. Neither did the dozens or so websites not named above that I use. Neither did the governmental agency I serve with. Nor the bank whose online-banking portal I use. Are we all second-class citizens? Does our security matter less simply because we provide services to fewer people, or bring lower or no value to the exchange?
A bug was reported, a fix was issued, recommendations for threat mitigation were published. There will need to be consequences for the FLOSS development model to reduce the risk for future issues of the sort, but beyond that I do not quite understand the fuss. Can someone enlighten me please?
Supporting consumer grade software that is sold for ~$100 a time indefinitely, including providing full internal technical details to arbitrary additional parties, is a "pretty easy barrier"?
It is the other way around: Once a company deems a product uneconomical - subject to mandatory or voluntary warranty that is priced into the product anyways - to support they could simply release their internal documentation, source code, diagrams etc. to the public and be free of any further liability regarding bugs, future incompatibilities etc. That would be a fair compromise considering that IT is one of the very few industries that get away with delivering faulty, unstable and insecure products as the accepted norm. If houses or clothes or refrigerators were produced like software...
...thereby making their money about as valuable as toilet paper with everyone else wanting to get rid of it ASAP. Which is pretty much the scenario they were facing to begin with.
This is a decision by a regional court. They universally suck at rulings regarding any technology invented after 1900. A state court recently held a domain registrar responsible for copyright infringement. And nevermind the treasure trove of truly grotesque copyright-related rulings coming out of the city-state of Hamburg - they are legendary here in Germany, similar to patent cases in Texas.
This is bound to be appealed, and our higher courts usually fare better when it comes to dealing with Das Internet.
Considering that they are doing their best to kill fixed lines and go all IP I do not see that happening. They might very well be tempted to somehow degrade experience for any VoIP service but their own, but then we are back at the Netflix situation.
But I am sure you could fix all that, end world hunger and save the whales with a custom hosts file...
The subtle point of the Initiative that seems to be lost on you is that there exists a whole spectrum of possible implementations of copyright law in between the quasi-Hitlerian approach taken by Hollywood and the rest of the high-volume industry and the free-for-all approach envisioned by fourteen year olds in the comment section on TPB. Making sure artists are compensated for their work is one thing. Very few people seriously argue against that. But allowing the monopolisation of culture for the lifetime of several generations? Bankrupting or imprisoning people for sharing a few songs or films? We treat arsonists, drunk drivers and drug dealers less harshly than the punishments some of the high-profile filesharing cases resulted in.
Good catch. I added the quoted parenthesis as an afterthought after writing the sentence and apparently did not pay as much attention during proof-reading as I should have. I probably should lay off posting after the third beer.:-)
The whole notion is dumb. It's hit the peak now, it's downhill from here. [...]
Then you get people comparing home 3D printing to word processing, as if they still don't get that you can't compare information processing to handling matter. It's not the same, and never will be.
I kindly disagree. Today's machines indeed are only really useful for a limited audience, but once the complexity of use - both in software and hardware - decreases sufficiently their usefulness will expand to fields not even thought of today. I am looking forward to using the 3D equivalent of facsimiles of historical material in history classes. Just consider the possibilities: Instead of showing a picture of a Stone Age arrowhead or a Pope's seal - or, looking at other subjects, molecules, DNA, bacteria, organs... - I could pass around a life-size replica. Not just one taken from the limited collection my school has seen fit to purchase, but one chosen specifically to fit into my topic.
Similarly we are currently evaluating different 3D printing options for the volunteer emergency service I am a member of for producing scaled models of damaged buildings, vehicle wrecks etc. for strategic training. It would open up scenarios currently infeasable to simulate with our hand-built models.
It still is a long way off. But so were ubiquous cheap colour print-outs just 20 years ago.
Or maybe god is not evil, but he's doing whatever he's doing to prevent even greater suffering. Maybe man's believe in god (tenuous as it is) is the only thing keeping unspeakable evil from reining down on earth and whatever cruel acts we see in god are actually part of his efforts to save us from the greater evil.
Looking at the atrocities committed in the name of religion, I for one would rather take my chances with that other evil.
The issue is not that they can tell which phone number you use, obviously. As I see it there are three problems with this kind of tracking technology:
Firstly they could potentially track you across devices based on your behaviour. Think "disposable" phones. Sure, here in the Western world those are mostly used by criminals, so being able to track them may appear to be a good thing. But such technology usually ends up in the hands of repressive regimes.
Secondly, mass surveillance is not just about you as an individual. By looking at where you go when and how long you stay there and correlating this with who else goes there at the same time one can make deductions about social networks within society without ever looking at one person up close. We already have a rampant practice of police doing what is in German called "Funkzellenabfrage": they request the names of every person logged into one specific radio cell at a given time. Essentially hundreds or thousands of people are made into suspects based on one point of data and consequently investigated, often to the point of harassment.
And, even more importantly, algorithms can tell when you deviate from your regular pattern. This is the Next Big Thing in the security theatre. And I for one do enough "random" stuff to be worried that I may in the future find myself singled out by law enforcement based on what some computer says. Geo-caching alone should make my movements stand out quite a bit from the general population. Just look at the abundance of issues with existing "dumb" solutions like the US no-fly list or the European anti-terror watch lists.
[...] I seriously hope that the organizers simply would have told these guys in a sincere and compassionate way "you're in public, and your behaviour reflects on the community. This is a family-friendly event and a common problem but we need to change the geek culture. Your sexual innuendos are not in keeping with the environment we're trying to foster at this event and they contradict the code of conduct. Please stop yourselves, and stop your friends. Spread the word.
Leaving aside the, frankly, rather stupid stereotype you keep playing* there: This is precisely what went down. The woman reported them to staff, they were taken aside, they apologised. But oh, Missus Mighty Righteous could not leave it at that. No, she had to go nuclear on the two of them.
This has nothing to do with sexism, we agree on that. This is one person being an asshole.
* I do not know what the proper terminology for that is, but it is not all that different from sexism. Or racism, for that matter. "The geeks" are about as sexually inexperienced as "the women" are incapable of programming or "the blacks" are prone to stealing. I consider myself part of "the geek community", and so far I have seen a level of sexism on par with that in politics, business, academia and the Scouts but not exceeding it. It may well be more visible here, just as public name-calling probably is more rampant on FOSS mailing lists than in corporate boardrooms, due to the specific communicative culture and conventions. But that in and of itself does not mean it is worse than elsewhere.
You also get emotional when the OS deliberately breaks things. The Windows installer still overwrites existing boot sectors without asking for confirmation. The people who sign off on something like this should be publicly burned at the stake.
too bad there is no oppposing party or philosophy to expose them
Whenever opposing parties try to do anything about it the churches and the conservatives both play the "They hate Christians! They want to destroy the church!" card. There currently is quite a controversy around certain religious figures publicly complaining about an anti-Christian campaign and even pogrom-like persecution when in fact it is the institution and not the faith that is attacked, and rightly so, for their role in the ongoing child molestation scandal.
Few people are aware of this system. They believe that the churches actually pay for those institutions. The ones in the position to educate the people about the truth are those who benefit from keeping the status quo: conservative politicians.
Here in Germany the Catholic and Protestant Churches run many hospitals, kindergartens and other welfare services which are funded not by the churches but entirely by the public, yet they impose rules on their employees based on their respective faith, ie. people have lost their jobs for getting a divorce, remarrying, outing themselves as homosexuals etc. The churches make a shitload of money through this system, and because they can publicly claim that they run soandso many percent of welfare services they get to influence public policy and politics. This all works so well because as religious organisations the churches get preferred treatment with regard to taxation, exemption from labour regulations and union rates etc. so they can undercut the private-sector competition. And since they are so good at it there are areas where the churches have a quasi-monopoly in welfare services, leaving workers dependent on them. And as long as the Conservatives are in office this will not change, since the churches offer them, well, let us call it PR support in exchange for keeping their special status intact.
So many people in social industries essentially are forced to live by religious rules without actually being a member of those religions just to be able to get a job. And we all get to pay for it.
Firstly, the money is there already. It just would have to be redistributed. The net profits of certain industries could feed the world single-handedly. Requiring them to provide a modest contribution should not be overly draconian. We are talking about basic support - food, clothes, a roof over the head, healthcare etc. - not palaces for everyone.
Secondly, every cent spent on such measures pays back in savings elsewhere: Medical bills go down, crime goes down, education goes up, consumption goes up. Hell, even traffic accidents go down. It would be a smart investment.
Like Wine? Or ReactOS? Or replacements for individual components, like Samba or Mono? Microsoft needs competition within its ecosystem, if only to fend off antitrust investigations. Just not from an entity actually powerful enough to compete over paying customers. Like, say, Google.
Following power lines on Google Maps? OpenStreetMap, my friend. Some people have already gone to ridiculous levels of detail in mapping things that formerly would have gotten you a quick visit from your friendly domestic intelligence service. With many countries opening up their data this is only going to get worse, or better, depending on your point of view. And it is all - how fitting for the topic discussed in TFA - readily available on the Internet.
Slashdot Mirror
What exactly is the issue here? Maybe I misread TFS and the linked articles, but as I understand the chief complaint - apart from Google's delay in reporting to OpenSSL - is that some large commercial entities did not receive a notification before public disclosure. I did not dig all too deep into the whole issue, but as far as I can tell OpenSSL issued their advisory in lieu with a patched version. What more do they expect? And why should "Cisco[,] Juniper[,] Amazon Web Services, Twitter, Yahoo, Tumblr and GoDaddy" get a heads-up on the public disclosure? I did not get a heads-up either. Neither did the dozens or so websites not named above that I use. Neither did the governmental agency I serve with. Nor the bank whose online-banking portal I use. Are we all second-class citizens? Does our security matter less simply because we provide services to fewer people, or bring lower or no value to the exchange?
A bug was reported, a fix was issued, recommendations for threat mitigation were published. There will need to be consequences for the FLOSS development model to reduce the risk for future issues of the sort, but beyond that I do not quite understand the fuss. Can someone enlighten me please?
Supporting consumer grade software that is sold for ~$100 a time indefinitely, including providing full internal technical details to arbitrary additional parties, is a "pretty easy barrier"?
It is the other way around: Once a company deems a product uneconomical - subject to mandatory or voluntary warranty that is priced into the product anyways - to support they could simply release their internal documentation, source code, diagrams etc. to the public and be free of any further liability regarding bugs, future incompatibilities etc. That would be a fair compromise considering that IT is one of the very few industries that get away with delivering faulty, unstable and insecure products as the accepted norm. If houses or clothes or refrigerators were produced like software...
...thereby making their money about as valuable as toilet paper with everyone else wanting to get rid of it ASAP. Which is pretty much the scenario they were facing to begin with.
This is a decision by a regional court. They universally suck at rulings regarding any technology invented after 1900. A state court recently held a domain registrar responsible for copyright infringement. And nevermind the treasure trove of truly grotesque copyright-related rulings coming out of the city-state of Hamburg - they are legendary here in Germany, similar to patent cases in Texas.
This is bound to be appealed, and our higher courts usually fare better when it comes to dealing with Das Internet.
Considering that they are doing their best to kill fixed lines and go all IP I do not see that happening. They might very well be tempted to somehow degrade experience for any VoIP service but their own, but then we are back at the Netflix situation.
But I am sure you could fix all that, end world hunger and save the whales with a custom hosts file...
The subtle point of the Initiative that seems to be lost on you is that there exists a whole spectrum of possible implementations of copyright law in between the quasi-Hitlerian approach taken by Hollywood and the rest of the high-volume industry and the free-for-all approach envisioned by fourteen year olds in the comment section on TPB. Making sure artists are compensated for their work is one thing. Very few people seriously argue against that. But allowing the monopolisation of culture for the lifetime of several generations? Bankrupting or imprisoning people for sharing a few songs or films? We treat arsonists, drunk drivers and drug dealers less harshly than the punishments some of the high-profile filesharing cases resulted in.
Good catch. I added the quoted parenthesis as an afterthought after writing the sentence and apparently did not pay as much attention during proof-reading as I should have. I probably should lay off posting after the third beer. :-)
The whole notion is dumb. It's hit the peak now, it's downhill from here. [...] Then you get people comparing home 3D printing to word processing, as if they still don't get that you can't compare information processing to handling matter. It's not the same, and never will be.
I kindly disagree. Today's machines indeed are only really useful for a limited audience, but once the complexity of use - both in software and hardware - decreases sufficiently their usefulness will expand to fields not even thought of today. I am looking forward to using the 3D equivalent of facsimiles of historical material in history classes. Just consider the possibilities: Instead of showing a picture of a Stone Age arrowhead or a Pope's seal - or, looking at other subjects, molecules, DNA, bacteria, organs... - I could pass around a life-size replica. Not just one taken from the limited collection my school has seen fit to purchase, but one chosen specifically to fit into my topic.
Similarly we are currently evaluating different 3D printing options for the volunteer emergency service I am a member of for producing scaled models of damaged buildings, vehicle wrecks etc. for strategic training. It would open up scenarios currently infeasable to simulate with our hand-built models.
It still is a long way off. But so were ubiquous cheap colour print-outs just 20 years ago.
Why should a company located in the USA obey german law? [...]
"With over 70 offices in more than 40 countries, chances are we’ve got opportunities near you."
Offices in Germany == subject to German law.
Or maybe god is not evil, but he's doing whatever he's doing to prevent even greater suffering. Maybe man's believe in god (tenuous as it is) is the only thing keeping unspeakable evil from reining down on earth and whatever cruel acts we see in god are actually part of his efforts to save us from the greater evil.
Looking at the atrocities committed in the name of religion, I for one would rather take my chances with that other evil.
[...] what's the significance of that?
And why the hell is Richard Attenborough suddenly buying up Central American islands?
The issue is not that they can tell which phone number you use, obviously. As I see it there are three problems with this kind of tracking technology:
Firstly they could potentially track you across devices based on your behaviour. Think "disposable" phones. Sure, here in the Western world those are mostly used by criminals, so being able to track them may appear to be a good thing. But such technology usually ends up in the hands of repressive regimes.
Secondly, mass surveillance is not just about you as an individual. By looking at where you go when and how long you stay there and correlating this with who else goes there at the same time one can make deductions about social networks within society without ever looking at one person up close. We already have a rampant practice of police doing what is in German called "Funkzellenabfrage": they request the names of every person logged into one specific radio cell at a given time. Essentially hundreds or thousands of people are made into suspects based on one point of data and consequently investigated, often to the point of harassment.
And, even more importantly, algorithms can tell when you deviate from your regular pattern. This is the Next Big Thing in the security theatre. And I for one do enough "random" stuff to be worried that I may in the future find myself singled out by law enforcement based on what some computer says. Geo-caching alone should make my movements stand out quite a bit from the general population. Just look at the abundance of issues with existing "dumb" solutions like the US no-fly list or the European anti-terror watch lists.
Feminism is not sexism at its finest - it's the logical and expected reaction of rational people who despise sexism against anyone. [...]
You should really look up "feminism" in a dictionary. You will find that it does not mean what you think it does.
[...] I seriously hope that the organizers simply would have told these guys in a sincere and compassionate way "you're in public, and your behaviour reflects on the community. This is a family-friendly event and a common problem but we need to change the geek culture. Your sexual innuendos are not in keeping with the environment we're trying to foster at this event and they contradict the code of conduct. Please stop yourselves, and stop your friends. Spread the word.
Leaving aside the, frankly, rather stupid stereotype you keep playing* there: This is precisely what went down. The woman reported them to staff, they were taken aside, they apologised. But oh, Missus Mighty Righteous could not leave it at that. No, she had to go nuclear on the two of them.
This has nothing to do with sexism, we agree on that. This is one person being an asshole.
* I do not know what the proper terminology for that is, but it is not all that different from sexism. Or racism, for that matter. "The geeks" are about as sexually inexperienced as "the women" are incapable of programming or "the blacks" are prone to stealing. I consider myself part of "the geek community", and so far I have seen a level of sexism on par with that in politics, business, academia and the Scouts but not exceeding it. It may well be more visible here, just as public name-calling probably is more rampant on FOSS mailing lists than in corporate boardrooms, due to the specific communicative culture and conventions. But that in and of itself does not mean it is worse than elsewhere.
[...] rather the fact that it started by definition it was made up. [...]
And that sets Jediism apart from other religions because...?
You also get emotional when the OS deliberately breaks things. The Windows installer still overwrites existing boot sectors without asking for confirmation. The people who sign off on something like this should be publicly burned at the stake.
too bad there is no oppposing party or philosophy to expose them
Whenever opposing parties try to do anything about it the churches and the conservatives both play the "They hate Christians! They want to destroy the church!" card. There currently is quite a controversy around certain religious figures publicly complaining about an anti-Christian campaign and even pogrom-like persecution when in fact it is the institution and not the faith that is attacked, and rightly so, for their role in the ongoing child molestation scandal.
Few people are aware of this system. They believe that the churches actually pay for those institutions. The ones in the position to educate the people about the truth are those who benefit from keeping the status quo: conservative politicians.
Here in Germany the Catholic and Protestant Churches run many hospitals, kindergartens and other welfare services which are funded not by the churches but entirely by the public, yet they impose rules on their employees based on their respective faith, ie. people have lost their jobs for getting a divorce, remarrying, outing themselves as homosexuals etc. The churches make a shitload of money through this system, and because they can publicly claim that they run soandso many percent of welfare services they get to influence public policy and politics. This all works so well because as religious organisations the churches get preferred treatment with regard to taxation, exemption from labour regulations and union rates etc. so they can undercut the private-sector competition. And since they are so good at it there are areas where the churches have a quasi-monopoly in welfare services, leaving workers dependent on them. And as long as the Conservatives are in office this will not change, since the churches offer them, well, let us call it PR support in exchange for keeping their special status intact.
So many people in social industries essentially are forced to live by religious rules without actually being a member of those religions just to be able to get a job. And we all get to pay for it.
So essentially it mimics a drunk person? I have a suspicion I know how the idea for this research project first came up.
I am not familiar with Van Jones - or neomarxism, for that matter - but is that meant as criticism? If yes: What would you propose?
Bloody hell! Hitler was on to something there!
Firstly, the money is there already. It just would have to be redistributed. The net profits of certain industries could feed the world single-handedly. Requiring them to provide a modest contribution should not be overly draconian. We are talking about basic support - food, clothes, a roof over the head, healthcare etc. - not palaces for everyone.
Secondly, every cent spent on such measures pays back in savings elsewhere: Medical bills go down, crime goes down, education goes up, consumption goes up. Hell, even traffic accidents go down. It would be a smart investment.
Like Wine? Or ReactOS? Or replacements for individual components, like Samba or Mono? Microsoft needs competition within its ecosystem, if only to fend off antitrust investigations. Just not from an entity actually powerful enough to compete over paying customers. Like, say, Google.
Following power lines on Google Maps? OpenStreetMap, my friend. Some people have already gone to ridiculous levels of detail in mapping things that formerly would have gotten you a quick visit from your friendly domestic intelligence service. With many countries opening up their data this is only going to get worse, or better, depending on your point of view. And it is all - how fitting for the topic discussed in TFA - readily available on the Internet.