I usually would say that the reply is "if I leave my front door unlocked and open, is it legal for you to come into my house and look through my property?"
But, I have to agree with the foundation of what you are saying. He DID break the law.. He "trespassed", he did not commit a crime like "breaking and entering".
I don't know, did he? The social norm of the current time is that we all know it is wrong to enter a house without permission. It is private property and it makes sense. Computer networks have no such social norms, nor does the concept of private property really carry over well into (I hate using this word) cyberspace. In fact the opposite is the norm if anything. It is generally accepted that on the internet, anything published without protection is fair game for viewing (although not necessarily republishing since copyright still applies in a logical way).
To put it another way, do you feel viewing slashdot is trespassing? At a technical level is connecting to port 80 and requesting unprotected information really that much than going to any other port and requesting unprotected information?
was just looking in that guy's house for a nice new TV. It wasn't breaking in because he left the door open.
What a horrible, totally irrelevant, and not remotely applicable analogy.
I suppose you obtained permission from every contributor (read: copyright holder) on slashdot.org before you broke into port 80 and pirated all of this text and graphics to your computer, correct?
I mean, just because there is not a lock on the door, what makes you think you can come in head and read everything......hey wait, did you POST data to this server too? Holy crap! Vandalism! That is just like spray painting on the inside of someone's house that you broke into! You are in for it now.
Despite being batshit insane, he might have a point with this:
"The fact that I logged on and there were no passwords means that there was no security"
There needs to probably be some middle ground legally regarding what is and is not secure. It makes no sense that, say, accessing a windows share drive (or AFS cell if you like real network filesystems) out there on the internet with no passwords, no encryption, no attempt at all at security should be legally considered breaking and entering or whatever non-applicable metaphor the courts have wedged into computer case law. Nor should accessing an unprotected wireless connection be considered this, since many OSes will do that without asking.
One the flip side, we cannot go so far as to say that just because someone can break security, it was not really there... "You honor, if he didn't want me using his wireless connection, he shouldn't have only used WEP and MAC restrictions. I mean seriously, it was trivial to get his WEP key and change my MAC address to one of the allowed ones".
As much as I hate to say this, there needs to be SOME standard of security to apply to something before breaking it can be considered a crime. We run into this with the DMCA where ROT13 is a perfectly legit encryption algorithm in the eyes of the law. Maybe NIST approved cyphers or something like that should be the standard. It is just silly to leave something wide open then act all surprised and litigious when someone checks it out.
And before anyone makes a brain dead "leaving my house open does not give you the right to come in and snoop around" analogy, let's be clear that by virtue of having something published on the internet, you are inviting people to take a look. There is no accurate and meaningful real world analogy for computer network security so keep your unlocked cars, unattended briefcases, and snail mail stories to yourself. There are many services you can log into without a password (think anon FTP, demo systems, or even some telnet/ssh BBSes), so if you don't want people thinking they can log in and look around, try setting a password. Sheesh
That is simply because DRM is a fundamentally flawed concept.
End to end encryption is not, and while it is an arms race, the cryptographers have been in the lead since at least the 70s. And if all else fails, OTP still provides unbreakable encryption (key distribution and management sucks though). DRM's only hope is to pile on more obscurity to hide your key on your machine. Ultimately anything based solely on obscurity will be broken by motivated people.
You are right, there are expcetions for everything. That said, it was still really kinda strange/abnormal/unexpected/unexplained in the context of the movie.
the story was a mentally retarded bastardization of Dune
Can you expand on that at all, because I just do not see it. I suppose you could make the argument that the force is very slightly similar to the weirding way (only the elevated fighting aspect of it) but that is a huge stretch. The only obvious similarities are that both involve a desert planet and space travel.
Seems kind of insulting to Dune to indicate that Star Wars derived ANYTHING from it.
I'm specifically referring to a situation where someone was SO freaked out about the possibility of harm coming to someone that they would do everything, including drop, what like 10 years or so, of strict training, morals, everything and become what they have trained to fear most. Then after doing all that to ensure somoene's safety, try to kill them. You would think Jedi would have some kind of psych evaluation or something...
But further into that degree, it wasn't Anakin/Vader trying to kill her that caused her to lose the will to live, it was his turn to the dark side and the vicious creature he turned into because he wanted to "save her." She realized the monster he had become and this is why she lost her will to live. It goes much, much deeper then you are even putting into it.
Oh no it doesn't, it is a lame plot no matter how much anyone tries to rationalize it.
Anakin is driven to the dark side by a desire to save her (from a bad dream he had for that matter), then he almost kills her. Real believable. Then he wakes up as Vader and is all concerned about her again.
Also Padme was portrayed as a strong woman in the first two. If you think any mother (let alone a strong, independent one) is going to just lose her will to live and abandon her kids because her husband turnes into a bad guy then YOU obviously don't have kids. Alternatively, Padme is a complete and total spinless wuss and it was actually her decoy who was all brave, strong, and acting as her in all scenes in the movies one and two.
One of the best ways to detrmine if someone's *ix experience is limited to Linux, or if they have experience with Solaris, AIX, etc. Also how they use ps is a dead givaway.
Yes, and every time and peeps around the corner it seems to have fewer and fewer promised features. By the time it is finally released it will probably just be WindowsXP with some OS X inspired window dressing, "are you sure" boxes for every operation (someone at MS is convinced that makes things more secure), and of course the real reason for Vista's existance: DRM. Tada! An OS built around a single feature that nobody wants. Although I guess there are some people out there who believe that their computer is capable of doing too much and does not limit them enough.
Yup, any day now. What with this commercial egging them on, and CERT's "sky is falling" report that says they expect Mac viruses and spyware to sharply rise. It will happen, just you all see. Maybe not right now, but soon. Well, eventually. You will know when it does. I know we have been saying this for a while but seriously, just give it time. It has nothing to do with system security, or response to vulnerabilities, or anything like that, it is simply a function of how popular something is. OS X will soon become a cesspool of viruses and spyware, it HAS to happen if they get more popular, popularity is the ONLY reason windows has this problem.
It all comes down to who is making the decision. I have found in research and university settings the people doing the interviewing and making the hiring decisions are well aquatinted with the details and technology involved. Thus, they can effectively interview someone and make an informed decision on how much competence that person may or may not posses.
Contrast to many (not all) businesses, especially large ones, where techno-clueless HR reps or upper level management are handling this duty. They cannot tell the difference between someone who can BS a bunch of buzzwords and someone who actually knows what they are talking about, so certifications are their crutch.
In hiring decisions I have been involved in, MCSE was sometimes viewed negatively. Not because of any anti-MS bias, but because generally people who cheerlead that aspect of their resume seem to have little else to offer.
Unless they had a subponea, we pretty much showed them the door.
I bet that was pre Patriot Act. Today you would be threatened with imprisonment. This is not a good time in history to mess with law enforcement (subpoena or not), especially at the federal level. They effectively can and will do what they want.
Their ship is pretty big, One- fourth the size of the moon, although an object that size in near-Earth orbitmight be expected to cause tidal waves, there are none!
That is a really good point and I had not thought about that. However we do not know the nature of their drive system, I'm assuming not propulsion (which would have leveled the cities simply by hovering over them), so let's pretend some kind of anti-gravity thing which could in turn be used to negate any gravitational pull their mothership would have exerted on earth (or the moon for that matter, probably knocking it out of orbit).
Why are the aliens using hours and minutes, in their doomsdays signal?
They are not, the are simply using a increasingly short interval between their signal transmissions. Jeff Goldblum (exercising his acting skills by being the only character he has ever attempted) figured out that it was a decreasing pattern and extrapolated when it would end. Then he displayed that information using hours and minutes. Note that nowhere did he "translate" the signal or its meaning.
If these creatures can field a spaceship a fourth the size of the moon, why do they bother engaging in aerial dogfights with the U.S. Air Force?
Presumably they wanted Earth and everything on it, minus the pesky ape decedents who tended try to protect stuff and cause problems for the new alien overlords. They could have wiped the planet clean or just nuked it at once, but then they would have lost the resources they were supposedly after (not sure it they just wanted raw materials or technology or what).
And why don't they blow up everything at once?
Well my understanding is that they did blow up every major city they were hovering over at once as soon as their countdown hit zero. However rather than show a bunch of split screens in real time the director choose to show each explosion in sequence.
Or knock out the Internet with a neutron bomb, instead of simply causing snow and static on TV screens?
The purpose of the static was not to knock out communications, it was to synchronize their attack. Perhaps they were after our swiss clock technology since they obviously could not coordinate time on their ships. Maybe they caught a bit of Parker Lewis Can't Lose that we beamed into space and were intrigued when the characters said "synchronize swatches". I can see the discussion now: "Hey, those earthlings know how to keep accurate time, think of what this technology could do for our invading forces? No longer would we be limited to invading planets which have the communications satellites in place we need to coordinate!". No wonder their computer system was so vulnerable.
That said, your complaints about the moving sucking were right on, it was pretty unmatchable. Even Judd Hirsch couldn't save this one.
For my money, Sneakers was probably the best computer geek movie. At least until someone makes Cryptonomicon into a movie (on second thought, as much as I liked that book I think the movie would probably suck)
With TV viewership declining and TV execs scrambling to find a way to retain the remaining viewers and attract more, I cannot think of a better strategy. I can imagine the discussion now..
"Should we try to improve the quality of the programming? No screw that, let's roll out a few dozen more reality shows and then really piss them off by locking their TVs during commercials." Or maybe it is a threat: Amercia better start watching more TV or next we will start selling TVs that bitch slap you every time you get up to head to the kitchen (although there may be an innovative weight loss plan there)
I guess the TVs that add this patented feature will target the same customers who purchase Windows Vista. You know the kind, they feel as though what they currently own has way too many features and capabilities and are eager to pay more for something that includes a lot of technical restrictions on what they can do.
Heck Vista even uses the NTFS encryption layer to allow you to LOCK your Hard Drive to the point MS itself or the FBI couldn't even view the files on it.
I HIGHLY doubt that. Do you really think they want to be accused of enabling terrorists?
(4) ENCRYPTION- The term `encryption' means the protection of data in electronic form in storage or in transit using an encryption algorithm implemented within a validated cryptographic module that has been approved by the National Institute of Standards and Technology or another comparable standards body recognized by the Commission, rendering such data indecipherable in the absence of associated cryptographic keys necessary to enable decryption of such data. Such encryption must include appropriate management and safeguards of such keys to protect the integrity of the encryption.
So at least that rules out ROT13 as a bunch of wise-ass replies here propose. However the safeguards they mention regarding protecting the key (a much larger concern that the specific cryptography used imho) require some kind of auditing. Who is going to be doing that? Or are we just going to take a companies word for it that they are following proper security procedures? If that were the case we would not need this law at all would we?
With email, I can collaborate (which is really just a fancy word for communicate when you think about it) with anyone on earth who has an email address. With a collaboration tool, I may only be able to collaborate with people in my security realm (company, university, etc) who have accounts on the tool. Or people who run IE (if it is an activeX based POS). Or people who are technically competent enough to figure out how to use the tool (as opposed to email, which most people by now have a basic understanding of)
The only other collaboration tool we use at work is mediawiki, which makes a great way for multiple people to edit a document (email kinda sucks at that). However we still using email for everything else and nobody complains except the collaboration tool vendors:)
Yeah, the first versions of Visual Basic ran on DOS and didn't have the GUI builders that later versions did. I'm not quite sure what qualified them as basic of the "visual" variety, it's not like you had to type your code in with your eyes shut in other basics.
VisualBasic 1.0 was most certainly Windows, I belive you are thinking of QuickBasic.
I actually started way back when on QuickBasic and jumped to assembler (this was all on a 286), but that was all hobby stuff. When I began programming professionally it has all been C and Java with a little bit of Perl, COBOL (don't ask), and assembler (s390).
One of these days I really intend to get into Python, I just have not had a good excuse yet
Slashdot Mirror
I usually would say that the reply is "if I leave my front door unlocked and open, is it legal for you to come into my house and look through my property?"
But, I have to agree with the foundation of what you are saying. He DID break the law.. He "trespassed", he did not commit a crime like "breaking and entering".
I don't know, did he? The social norm of the current time is that we all know it is wrong to enter a house without permission. It is private property and it makes sense. Computer networks have no such social norms, nor does the concept of private property really carry over well into (I hate using this word) cyberspace. In fact the opposite is the norm if anything. It is generally accepted that on the internet, anything published without protection is fair game for viewing (although not necessarily republishing since copyright still applies in a logical way).
To put it another way, do you feel viewing slashdot is trespassing? At a technical level is connecting to port 80 and requesting unprotected information really that much than going to any other port and requesting unprotected information?
Finkployd
was just looking in that guy's house for a nice new TV. It wasn't breaking in because he left the door open.
What a horrible, totally irrelevant, and not remotely applicable analogy.
I suppose you obtained permission from every contributor (read: copyright holder) on slashdot.org before you broke into port 80 and pirated all of this text and graphics to your computer, correct?
I mean, just because there is not a lock on the door, what makes you think you can come in head and read everything......hey wait, did you POST data to this server too? Holy crap! Vandalism! That is just like spray painting on the inside of someone's house that you broke into! You are in for it now.
Finkployd
Despite being batshit insane, he might have a point with this:
"The fact that I logged on and there were no passwords means that there was no security"
There needs to probably be some middle ground legally regarding what is and is not secure. It makes no sense that, say, accessing a windows share drive (or AFS cell if you like real network filesystems) out there on the internet with no passwords, no encryption, no attempt at all at security should be legally considered breaking and entering or whatever non-applicable metaphor the courts have wedged into computer case law. Nor should accessing an unprotected wireless connection be considered this, since many OSes will do that without asking.
One the flip side, we cannot go so far as to say that just because someone can break security, it was not really there... "You honor, if he didn't want me using his wireless connection, he shouldn't have only used WEP and MAC restrictions. I mean seriously, it was trivial to get his WEP key and change my MAC address to one of the allowed ones".
As much as I hate to say this, there needs to be SOME standard of security to apply to something before breaking it can be considered a crime. We run into this with the DMCA where ROT13 is a perfectly legit encryption algorithm in the eyes of the law. Maybe NIST approved cyphers or something like that should be the standard. It is just silly to leave something wide open then act all surprised and litigious when someone checks it out.
And before anyone makes a brain dead "leaving my house open does not give you the right to come in and snoop around" analogy, let's be clear that by virtue of having something published on the internet, you are inviting people to take a look. There is no accurate and meaningful real world analogy for computer network security so keep your unlocked cars, unattended briefcases, and snail mail stories to yourself. There are many services you can log into without a password (think anon FTP, demo systems, or even some telnet/ssh BBSes), so if you don't want people thinking they can log in and look around, try setting a password. Sheesh
Finkployd
That is simply because DRM is a fundamentally flawed concept.
End to end encryption is not, and while it is an arms race, the cryptographers have been in the lead since at least the 70s. And if all else fails, OTP still provides unbreakable encryption (key distribution and management sucks though). DRM's only hope is to pile on more obscurity to hide your key on your machine. Ultimately anything based solely on obscurity will be broken by motivated people.
Finkployd
You are right, there are expcetions for everything. That said, it was still really kinda strange/abnormal/unexpected/unexplained in the context of the movie.
Finkployd
the story was a mentally retarded bastardization of Dune
Can you expand on that at all, because I just do not see it. I suppose you could make the argument that the force is very slightly similar to the weirding way (only the elevated fighting aspect of it) but that is a huge stretch. The only obvious similarities are that both involve a desert planet and space travel.
Seems kind of insulting to Dune to indicate that Star Wars derived ANYTHING from it.
Sarcasm noted.
I'm specifically referring to a situation where someone was SO freaked out about the possibility of harm coming to someone that they would do everything, including drop, what like 10 years or so, of strict training, morals, everything and become what they have trained to fear most. Then after doing all that to ensure somoene's safety, try to kill them. You would think Jedi would have some kind of psych evaluation or something...
Finkployd
But further into that degree, it wasn't Anakin/Vader trying to kill her that caused her to lose the will to live, it was his turn to the dark side and the vicious creature he turned into because he wanted to "save her." She realized the monster he had become and this is why she lost her will to live. It goes much, much deeper then you are even putting into it.
Oh no it doesn't, it is a lame plot no matter how much anyone tries to rationalize it.
Anakin is driven to the dark side by a desire to save her (from a bad dream he had for that matter), then he almost kills her. Real believable. Then he wakes up as Vader and is all concerned about her again.
Also Padme was portrayed as a strong woman in the first two. If you think any mother (let alone a strong, independent one) is going to just lose her will to live and abandon her kids because her husband turnes into a bad guy then YOU obviously don't have kids. Alternatively, Padme is a complete and total spinless wuss and it was actually her decoy who was all brave, strong, and acting as her in all scenes in the movies one and two.
Finkployd
If there was ever a strong sign that MS is doing just fine and has a bright future, it is our buddy John predicting their demise.
Kinda depressing really, can't he go back to predicting the death of the net, Apple, and Linux to ensure they keep growing?
Finkployd
Now that fact that I misspelled coincidence while being all pedantic about proper usage of the language...that might be considered ironic.
Finkployd
I just thought it was ironic that at the bottom of this page, when I was reading your post, was the quote:
If you flaunt it, expect to have it trashed.
No Alanis, that is still just coinsidence, not irony.
Finkployd
One of the best ways to detrmine if someone's *ix experience is limited to Linux, or if they have experience with Solaris, AIX, etc. Also how they use ps is a dead givaway.
Finkployd
Vista is peeping around the corner...
Yes, and every time and peeps around the corner it seems to have fewer and fewer promised features. By the time it is finally released it will probably just be WindowsXP with some OS X inspired window dressing, "are you sure" boxes for every operation (someone at MS is convinced that makes things more secure), and of course the real reason for Vista's existance: DRM. Tada! An OS built around a single feature that nobody wants. Although I guess there are some people out there who believe that their computer is capable of doing too much and does not limit them enough.
Finkployd
Yup, any day now. What with this commercial egging them on, and CERT's "sky is falling" report that says they expect Mac viruses and spyware to sharply rise. It will happen, just you all see. Maybe not right now, but soon. Well, eventually. You will know when it does. I know we have been saying this for a while but seriously, just give it time. It has nothing to do with system security, or response to vulnerabilities, or anything like that, it is simply a function of how popular something is. OS X will soon become a cesspool of viruses and spyware, it HAS to happen if they get more popular, popularity is the ONLY reason windows has this problem.
Finkployd
Eh, I never got into the networking end of thing (I was more security architectures and programming) but I understand Cisco certs are respected.
It all comes down to who is making the decision. I have found in research and university settings the people doing the interviewing and making the hiring decisions are well aquatinted with the details and technology involved. Thus, they can effectively interview someone and make an informed decision on how much competence that person may or may not posses.
Contrast to many (not all) businesses, especially large ones, where techno-clueless HR reps or upper level management are handling this duty. They cannot tell the difference between someone who can BS a bunch of buzzwords and someone who actually knows what they are talking about, so certifications are their crutch.
In hiring decisions I have been involved in, MCSE was sometimes viewed negatively. Not because of any anti-MS bias, but because generally people who cheerlead that aspect of their resume seem to have little else to offer.
Finkployd
It might just be the article, but it seems the main concern is the cost of the venture est. 400 - 500 dollars a student.
Penn State has 82k students, I imagine finding 41 million dollars to blow is a pretty serious concern.
Finkployd
Unless they had a subponea, we pretty much showed them the door.
I bet that was pre Patriot Act. Today you would be threatened with imprisonment. This is not a good time in history to mess with law enforcement (subpoena or not), especially at the federal level. They effectively can and will do what they want.
Finkployd
I'll play
Their ship is pretty big, One- fourth the size of the moon, although an object that size in near-Earth orbitmight be expected to cause tidal waves, there are none!
That is a really good point and I had not thought about that. However we do not know the nature of their drive system, I'm assuming not propulsion (which would have leveled the cities simply by hovering over them), so let's pretend some kind of anti-gravity thing which could in turn be used to negate any gravitational pull their mothership would have exerted on earth (or the moon for that matter, probably knocking it out of orbit).
Why are the aliens using hours and minutes, in their doomsdays signal?
They are not, the are simply using a increasingly short interval between their signal transmissions. Jeff Goldblum (exercising his acting skills by being the only character he has ever attempted) figured out that it was a decreasing pattern and extrapolated when it would end. Then he displayed that information using hours and minutes. Note that nowhere did he "translate" the signal or its meaning.
If these creatures can field a spaceship a fourth the size of the moon, why do they bother engaging in aerial dogfights with the U.S. Air Force?
Presumably they wanted Earth and everything on it, minus the pesky ape decedents who tended try to protect stuff and cause problems for the new alien overlords. They could have wiped the planet clean or just nuked it at once, but then they would have lost the resources they were supposedly after (not sure it they just wanted raw materials or technology or what).
And why don't they blow up everything at once?
Well my understanding is that they did blow up every major city they were hovering over at once as soon as their countdown hit zero. However rather than show a bunch of split screens in real time the director choose to show each explosion in sequence.
Or knock out the Internet with a neutron bomb, instead of simply causing snow and static on TV screens?
The purpose of the static was not to knock out communications, it was to synchronize their attack. Perhaps they were after our swiss clock technology since they obviously could not coordinate time on their ships. Maybe they caught a bit of Parker Lewis Can't Lose that we beamed into space and were intrigued when the characters said "synchronize swatches". I can see the discussion now: "Hey, those earthlings know how to keep accurate time, think of what this technology could do for our invading forces? No longer would we be limited to invading planets which have the communications satellites in place we need to coordinate!". No wonder their computer system was so vulnerable.
That said, your complaints about the moving sucking were right on, it was pretty unmatchable. Even Judd Hirsch couldn't save this one.
For my money, Sneakers was probably the best computer geek movie. At least until someone makes Cryptonomicon into a movie (on second thought, as much as I liked that book I think the movie would probably suck)
Finkployd
With TV viewership declining and TV execs scrambling to find a way to retain the remaining viewers and attract more, I cannot think of a better strategy. I can imagine the discussion now..
"Should we try to improve the quality of the programming? No screw that, let's roll out a few dozen more reality shows and then really piss them off by locking their TVs during commercials." Or maybe it is a threat: Amercia better start watching more TV or next we will start selling TVs that bitch slap you every time you get up to head to the kitchen (although there may be an innovative weight loss plan there)
I guess the TVs that add this patented feature will target the same customers who purchase Windows Vista. You know the kind, they feel as though what they currently own has way too many features and capabilities and are eager to pay more for something that includes a lot of technical restrictions on what they can do.
Finkployd
Heck Vista even uses the NTFS encryption layer to allow you to LOCK your Hard Drive to the point MS itself or the FBI couldn't even view the files on it.
I HIGHLY doubt that. Do you really think they want to be accused of enabling terrorists?
Finkployd
(4) ENCRYPTION- The term `encryption' means the protection of data in electronic form in storage or in transit using an encryption algorithm implemented within a validated cryptographic module that has been approved by the National Institute of Standards and Technology or another comparable standards body recognized by the Commission, rendering such data indecipherable in the absence of associated cryptographic keys necessary to enable decryption of such data. Such encryption must include appropriate management and safeguards of such keys to protect the integrity of the encryption.
So at least that rules out ROT13 as a bunch of wise-ass replies here propose. However the safeguards they mention regarding protecting the key (a much larger concern that the specific cryptography used imho) require some kind of auditing. Who is going to be doing that? Or are we just going to take a companies word for it that they are following proper security procedures? If that were the case we would not need this law at all would we?
Finkployd
With email, I can collaborate (which is really just a fancy word for communicate when you think about it) with anyone on earth who has an email address. With a collaboration tool, I may only be able to collaborate with people in my security realm (company, university, etc) who have accounts on the tool. Or people who run IE (if it is an activeX based POS). Or people who are technically competent enough to figure out how to use the tool (as opposed to email, which most people by now have a basic understanding of)
:)
The only other collaboration tool we use at work is mediawiki, which makes a great way for multiple people to edit a document (email kinda sucks at that). However we still using email for everything else and nobody complains except the collaboration tool vendors
Finkployd
get more bad press by sending Chinese to labor camps
I believe you are thinking of Yahoo, Google just censored some search results (still bad, but not as bad as Yahoo)
Finkployd
Yeah, the first versions of Visual Basic ran on DOS and didn't have the GUI builders that later versions did. I'm not quite sure what qualified them as basic of the "visual" variety, it's not like you had to type your code in with your eyes shut in other basics.
VisualBasic 1.0 was most certainly Windows, I belive you are thinking of QuickBasic.
I actually started way back when on QuickBasic and jumped to assembler (this was all on a 286), but that was all hobby stuff. When I began programming professionally it has all been C and Java with a little bit of Perl, COBOL (don't ask), and assembler (s390).
One of these days I really intend to get into Python, I just have not had a good excuse yet
Finkployd