Who has data that needs to be so secure that their competitors spending 10 million dollars and a year of their time to do it is a problem? My only thoughts were of governemnt/military/big corps, but couldn't all of them use longer keys?
If the NSA really want what you've got, remember they've got the root password to the Constitution. Fancy spending the rest of your life in Guantanamo Bay? No? Then hand over your passphrase like a good Citizen. 2003 encryption is no match for centuries-old intimidation. I can't see that changing anytime soon.
If I have something that's worth $10 million and a year to crack, well, I should probably be encrypting it with a 2048 bit key.
If a piece of information is worth >$10M, then whoever wants it is wasting their time trying to crack it. There are plenty of much cheaper ways. The nice clean technological solution is to bug the owner's keyboard and screen and wait for them to decrypt it themselves, then steal it afterwards. The nasty way is to hire some Mafia or ex-CIA to kidnap the owner's daughter and ransom the information. A fast cracking machine is of mere academic interest, and will remain so until you can do the longest key in common use in a matter of hours.
A $10,000,000 machine dedicated to breaking into a single encrypted communication for a full year will be able to break it! This makes encryption completely worthless!
Uhh, dude, it's not so long ago that $10M bought you about as much CPU power as you get in a $10 pocket calculator today. Fortunately, for each additional bit, it gets twice as had to crack. Eventually 8192-bit will be the standard for a while, then we'll take it from there.
You're modded as funny, but what you said is insightful. The whole point of moving to ever higher levels of abstraction - from ASM to C to C++ (or CXX as we called it on VMS) to Java to <whatever comes next> is that you can do more work with fewer lines of code. The fact that programs aren't getting any longer is utterly irrelevant to any experienced software engineer.
I don't think programs will get longer, since why would anyone adopt a language that makes their job harder? I bitch about Java's shortcoming's constantly, but given the choice between Xt and Swing, I know where my bread's buttered. Or sockets programming in C versus the java.net classes. I'll even take JDBC over old-skool CTLib.
We have plenty of apps these days that in total are well over 10M lines, but you never have to worry about that because they're layered on top of each other. Someone else worries about the code of the OS, the code of the RDBMS engine, the code of GUI toolkit and so on.
In short, pay close attention when someone from Sun tries to tell you anything about software development - he's got some hardware to sell you, and you'll need it if you follow his advice!
No reason? Really? What about distributed servers taking to a central database? Desktop software that queries a remote database? Remote administration of a remote database?
You are filtering it out on your firewalls, aren't you?/sbin/iptables -I FORWARD -p udp --dport 1434 -j DROP
I bloody hope no-one is specifically blocking this port. That's not how firewalls are supposed to be used. First you block everything then only open the specific ports you need. In most cases, these are 80 and 22 and maybe 25. There's no reason a database server's protocol port should ever be exposed to the public Internet!
As far as venture capitalists, their failure rates are not a justification for ripping off inventors. They merely indicate their inability to pick out good business propositions.
You don't understand the way the finance business works. If your business idea is a sure thing, you can just get a loan from the bank to fund your startup. Venture capitalists are about high-risk: the very cutting edge technology that might not even be possible, or might be too far ahead of what the market needs. One of my college professors was a VC, and he said that if 9/10 of a VC's investment don't fail, it's a sign he isn't taking enough risk.
In short, if they can't get their failure rate to around 1% that's no reason to charge inventors for their own ineptness.
1% failure rate is what you'd expect from the loans department of a commercial bank, and even they would be lucky to get it that low. That's why VC funds are only open to experienced investors - you won't find them taking money from widows and pensioners!
Drug companies are another story entirely. There, markup covers R&D costs. I firmly believe that since R&D is THE reason for existence, it should be sponsored by the entire society. In other words, let NIH fund all drug development and worry about drug success rates.
*LOL* Everyone needs food, so why doesn't the government own all the farms? Everyone needs clothes and saucepans so why doesn't the government own all the factories? You want to see a society run like that, look no further than North Korea.
Competition between private companies has been proven time and time again to be the most effective way to develop any technology. For a while, government/military tech was ahead but now, the military buy their gear off-the-shelf from civilian suppliers. You can easily find stories about NASA's procurement process: by the time the bureaucrats have shuffled the paperwork around, it costs them $600 just to buy a hammer!
I note with interest that Caldera, Red Hat, Slackware, Debian, BSDI, and other Linux and BSD companies are not on this list. Why? Am I missing something obvious?
To come back on the main toppic according to EFF and Robin Gross it seems that US is at present the most restricting country when it comes to IP and Digital expression (please consult the yro section for further details) as Digital expression is bound to develop in the coming years that's where the focus on free speech should go, be it in the US, the EU or the rest of the world.
On the other hand, the US is the country with the environment which most encourages the development of new intellectual property. The thing most people fail to understand is that just because information can cheaply be reproduced, it does not follow that it was cheap to create. Whether you're talking a few million dollars to write a piece of software, or a few hundreds of millions to develop a new drug, it's the same: in the US, people can spend money to create knowledge, because the US will protect their opportunity to earn a return on their investment.
I just wanted to say something about your sig... I don't know the context, so maybe I am misunderstanding it. It also grieves me to say it because I think the general public is clueless and I don't trust the opinions of other people until they have proven themselves, but public opinion should be the basis of law.
Public opinion, especially in the short term, is not a good basis for running a society. The Romans knew thisThat's (in theory at least) why there is a Constitution: no matter how expedient it might be, you can't vote to revoke a right given in the Constitution, those things aren't up for debate. Would revoking the "right to silence" make the War On Terrorism easier? Yes, probably, but in the grand scheme of things, it's too high a price to pay. The flaw at the heart of democracy is that you are free to vote in someone who then revokes the right to vote (this has happened many times in history, particularly in Latin America). Or, 51% of the population are able to vote to enslave the other 49%. Public opinion on September 12th would have had nukes raining on Kabul, but fortunately wiser heads prevailed.
Even in non-democratic societies, the problem exists. The Taliban came to power on a wave of popular support - the people loved them because they fought the Sovients but by the time they were in power it was too late.
Maybe us western countries have had strong IP for a while, but what about the majority of the world that is having western ideoligies 'forced' upon it. China, India, Africa, the middle east etc
It's nothing to do with force. If anything, it's force going the other way, from the third world back to the West. A drug company spends hundreds of millions on research to create a new drug. The cost of a drug isn't in the manufacturing, it's in the research, the trials, the FDA approval and so on. Then some third world company, hwo haven't spent a penny on research, take the drug and start mass producing it. This is a direct attack on the creators, and Western governments let them get away with it.
You can bet that if any of these countries starts doing their own science and discovering their own drugs, they'll start wanting IP laws of their own.
2. A simple cheatsheet listing the kernel options needed to support the hardware.
You forgot:
3. A form to sign saying that I will never, ever call Dell for software or OS support.
That might work for you, but one of Dell's major selling points is their after-sales support. That's why people buy Dells rather than noname boxes: they've hit a sweet spot of price and support.
The producer is not a cost in the same way fancy caterers are, rather the money spent on the producer is an investment. For example, you can pretty much guarantee that if Timbaland or the Neptunes or Dre produce, then the CD is going to do well. The producer can make or break an album, the same is not true for many of the other people (costs) involved.
So not counting promos, it is $2-$3 per CD for small to medium size runs. That's exactly the range everyone else in this thread is giving, meaning the markup on a typical $20 CD is around 10X, or 1000%. I wonder what other industry has such enormous profit margins.
Yes, but what if, out of every 10 bands signed, only 1 becomes successful? Now where is the profit? In fact, they're only just breaking even. Same is true in the pharma industry: the markup on a drug looks huge, until you realize that it's got to cover the cost of developing 10 drugs that never made it to the market. Or finance: the profits made by venture capitalists look huge until you realize most of the companies they invest in never make it to IPO.
Yes, CDs are too expensive, but you gotta look at the big picture.
29 dead. (In other words, about 1% of the September 11th attacks.)
Yeah, but every few weeks for 30 years. Mostly paid for out of the pockets of New Yorkers, via an organization called NORAID. The money the IRA didn't get from Americans, they got from Columbian drug smugglers in return for providing training in the fine art of terrorism.
I'm not saying that any individual victims of al-Queda "deserved it". But Karma is a bitch.
So where do people throw their trash? On the ground??
Unfortunately many people do, but at the larger railway stations there are cleaners pushing carts with transparent plastic bags hanging from frames. You wait for one to pass, or catch them up, and drop your sandwich wrapper or whatever into their bag. I did that at Liverpool Street this lunchtime.
Mod me up for being redundant if you will, but if the recording industry can sell music CDs here in Asia for $9 and still make a profit, why can't they do the same in the US?
OK, you can't compare dollar for dollar in different markets. What is the average rent in a mall, in USD, in Malaysia compared to Manhattan? What are the average wages in those two locations? Electricity, taxes, price of a cup of coffee, it all factors in. Because you aren't paying US$9 for a CD, you're paying whatever your local currency is.
I fully agree that CDs are way overpriced (esp. in the UK) but the argument that products and services are cheaper in hard currencies if you buy them in soft currencies is irrelevant.
Surely, any place that's a likely target for terrorists has more security in place than cylinder locks? Like keycard access systems, or Marine guards with machine guns? This is more a criminal than a terrorist problem.
You might think so, but consider this example. There are no litter bins in British railway stations, and very few in the centre of London, like the Square Mile. This is because IRA terrorists would leave explosive in them, in order to kill or main as many noncombatants as possible. I think that clearly illustrates that a terrorist can turn the most ordinary, everyday objects into weapons. Maybe there's nothing important in the janitor's closet, but the lock is still there for a reason.
If the technique has been known to locksmiths, what makes the author think lockpickers haven't known about it, too?
True, but there's a difference between gaining a skill yourself and having step by step instructions. For example, any Chemistry graduate could make explosives from scratch, working from basic principles. However, anyone with step by step instructions could make it from everyday items, and those are the ones to worry about.
China is a scientific nation, you can't move at most scientific conferences without bumping into a large contingent who are either directly from China or who are researching in Western Unis.
Yes, but why, if China is so scientific, do they have to come to the West to actually do their research?
I'm not down on the Chinese people, but China as a nation has historically not been a great place to innovate from. Could be down to Communism, could be Confucian tradition, could be simply the sheer size of China made collaboration difficult.
How many people from _your_ alma mater have been published in Nature ?
A search for UCL gives 112 matches on that site. Off the top of my head, UCL ranks second in the world (behind Harvard) for volume of research publications in all fields. You were saying?
So if this is the case, you can buy up every public share of the company, but you still don't control it.
And if you do own it, you're also liable for its debts. That's why some companies are so cheap. Barings Bank was sold for 1 British Pound to ING for this very reason.
what do all those Chinese science guys know, how long have they been doing science? Wha d'yu mean they invented printing 2,000 years before the west... and gunpowder
That's a pretty spurious argument if your intention is to bolster China's reputation as a scientific nation. Yes, they did invent a few things thousands of years ago, but where did the Industrial Revolution actually happen? China didn't industrialize 'til centuries later.
They may have been "doing science" longer than most other nations, but that only means their progress/year lags far far behind the true scientific nations.
Slashdot Mirror
Who has data that needs to be so secure that their competitors spending 10 million dollars and a year of their time to do it is a problem? My only thoughts were of governemnt/military/big corps, but couldn't all of them use longer keys?
If the NSA really want what you've got, remember they've got the root password to the Constitution. Fancy spending the rest of your life in Guantanamo Bay? No? Then hand over your passphrase like a good Citizen. 2003 encryption is no match for centuries-old intimidation. I can't see that changing anytime soon.
If I have something that's worth $10 million and a year to crack, well, I should probably be encrypting it with a 2048 bit key.
If a piece of information is worth >$10M, then whoever wants it is wasting their time trying to crack it. There are plenty of much cheaper ways. The nice clean technological solution is to bug the owner's keyboard and screen and wait for them to decrypt it themselves, then steal it afterwards. The nasty way is to hire some Mafia or ex-CIA to kidnap the owner's daughter and ransom the information. A fast cracking machine is of mere academic interest, and will remain so until you can do the longest key in common use in a matter of hours.
A $10,000,000 machine dedicated to breaking into a single encrypted communication for a full year will be able to break it! This makes encryption completely worthless!
Uhh, dude, it's not so long ago that $10M bought you about as much CPU power as you get in a $10 pocket calculator today. Fortunately, for each additional bit, it gets twice as had to crack. Eventually 8192-bit will be the standard for a while, then we'll take it from there.
Is this guy then, proposing that we learn a new way to program because our systems aren't monolithic enough
Well, duh. How else are Sun going to sell all that 64-bit gear they make? Bigger and more monolithic the better!
Oh, wait, the network is the computer. Maybe the best solution is to have smaller programs and standard protocols after all.
Thank God.
You're modded as funny, but what you said is insightful. The whole point of moving to ever higher levels of abstraction - from ASM to C to C++ (or CXX as we called it on VMS) to Java to <whatever comes next> is that you can do more work with fewer lines of code. The fact that programs aren't getting any longer is utterly irrelevant to any experienced software engineer.
I don't think programs will get longer, since why would anyone adopt a language that makes their job harder? I bitch about Java's shortcoming's constantly, but given the choice between Xt and Swing, I know where my bread's buttered. Or sockets programming in C versus the java.net classes. I'll even take JDBC over old-skool CTLib.
We have plenty of apps these days that in total are well over 10M lines, but you never have to worry about that because they're layered on top of each other. Someone else worries about the code of the OS, the code of the RDBMS engine, the code of GUI toolkit and so on.
In short, pay close attention when someone from Sun tries to tell you anything about software development - he's got some hardware to sell you, and you'll need it if you follow his advice!
No reason? Really? What about distributed servers taking to a central database? Desktop software that queries a remote database? Remote administration of a remote database?
That's what VPNs are for, my friend.
If you're providing network services to others, they probably don't want to beg you everytime they need to open a port.
That is an excellent point. Moderators, mod parent up please.
You are filtering it out on your firewalls, aren't you? /sbin/iptables -I FORWARD -p udp --dport 1434 -j DROP
I bloody hope no-one is specifically blocking this port. That's not how firewalls are supposed to be used. First you block everything then only open the specific ports you need. In most cases, these are 80 and 22 and maybe 25. There's no reason a database server's protocol port should ever be exposed to the public Internet!
Microsoft released a patch for this 24th July, 2002.
As far as venture capitalists, their failure rates are not a justification for ripping off inventors. They merely indicate their inability to pick out good business propositions.
You don't understand the way the finance business works. If your business idea is a sure thing, you can just get a loan from the bank to fund your startup. Venture capitalists are about high-risk: the very cutting edge technology that might not even be possible, or might be too far ahead of what the market needs. One of my college professors was a VC, and he said that if 9/10 of a VC's investment don't fail, it's a sign he isn't taking enough risk.
In short, if they can't get their failure rate to around 1% that's no reason to charge inventors for their own ineptness.
1% failure rate is what you'd expect from the loans department of a commercial bank, and even they would be lucky to get it that low. That's why VC funds are only open to experienced investors - you won't find them taking money from widows and pensioners!
Drug companies are another story entirely. There, markup covers R&D costs. I firmly believe that since R&D is THE reason for existence, it should be sponsored by the entire society. In other words, let NIH fund all drug development and worry about drug success rates.
*LOL* Everyone needs food, so why doesn't the government own all the farms? Everyone needs clothes and saucepans so why doesn't the government own all the factories? You want to see a society run like that, look no further than North Korea.
Competition between private companies has been proven time and time again to be the most effective way to develop any technology. For a while, government/military tech was ahead but now, the military buy their gear off-the-shelf from civilian suppliers. You can easily find stories about NASA's procurement process: by the time the bureaucrats have shuffled the paperwork around, it costs them $600 just to buy a hammer!
I note with interest that Caldera, Red Hat,
Slackware, Debian, BSDI, and other Linux and
BSD companies are not on this list. Why? Am
I missing something obvious?
Yes: those companies have no money.
To come back on the main toppic according to EFF and Robin Gross it seems that US is at present the most restricting country when it comes to IP and Digital expression (please consult the yro section for further details) as Digital expression is bound to develop in the coming years that's where the focus on free speech should go, be it in the US, the EU or the rest of the world.
On the other hand, the US is the country with the environment which most encourages the development of new intellectual property. The thing most people fail to understand is that just because information can cheaply be reproduced, it does not follow that it was cheap to create. Whether you're talking a few million dollars to write a piece of software, or a few hundreds of millions to develop a new drug, it's the same: in the US, people can spend money to create knowledge, because the US will protect their opportunity to earn a return on their investment.
I just wanted to say something about your sig... I don't know the context, so maybe I am misunderstanding it. It also grieves me to say it because I think the general public is clueless and I don't trust the opinions of other people until they have proven themselves, but public opinion should be the basis of law.
Public opinion, especially in the short term, is not a good basis for running a society. The Romans knew thisThat's (in theory at least) why there is a Constitution: no matter how expedient it might be, you can't vote to revoke a right given in the Constitution, those things aren't up for debate. Would revoking the "right to silence" make the War On Terrorism easier? Yes, probably, but in the grand scheme of things, it's too high a price to pay. The flaw at the heart of democracy is that you are free to vote in someone who then revokes the right to vote (this has happened many times in history, particularly in Latin America). Or, 51% of the population are able to vote to enslave the other 49%. Public opinion on September 12th would have had nukes raining on Kabul, but fortunately wiser heads prevailed.
Even in non-democratic societies, the problem exists. The Taliban came to power on a wave of popular support - the people loved them because they fought the Sovients but by the time they were in power it was too late.
If they show up I might get involved. If something like EFF exists in France, it certainly lacks publicity
Neither the French nor German governments are particulary interested in free speech. The fact that the US is would only discourage them from it.
Maybe us western countries have had strong IP for a while, but what about the majority of the world that is having western ideoligies 'forced' upon it. China, India, Africa, the middle east etc
It's nothing to do with force. If anything, it's force going the other way, from the third world back to the West. A drug company spends hundreds of millions on research to create a new drug. The cost of a drug isn't in the manufacturing, it's in the research, the trials, the FDA approval and so on. Then some third world company, hwo haven't spent a penny on research, take the drug and start mass producing it. This is a direct attack on the creators, and Western governments let them get away with it.
You can bet that if any of these countries starts doing their own science and discovering their own drugs, they'll start wanting IP laws of their own.
1. No Windows tax
2. A simple cheatsheet listing the kernel options needed to support the hardware.
You forgot:
3. A form to sign saying that I will never, ever call Dell for software or OS support.
That might work for you, but one of Dell's major selling points is their after-sales support. That's why people buy Dells rather than noname boxes: they've hit a sweet spot of price and support.
Its not the recording, its the producer.
The producer is not a cost in the same way fancy caterers are, rather the money spent on the producer is an investment. For example, you can pretty much guarantee that if Timbaland or the Neptunes or Dre produce, then the CD is going to do well. The producer can make or break an album, the same is not true for many of the other people (costs) involved.
So not counting promos, it is $2-$3 per CD for small to medium size runs. That's exactly the range everyone else in this thread is giving, meaning the markup on a typical $20 CD is around 10X, or 1000%. I wonder what other industry has such enormous profit margins.
Yes, but what if, out of every 10 bands signed, only 1 becomes successful? Now where is the profit? In fact, they're only just breaking even. Same is true in the pharma industry: the markup on a drug looks huge, until you realize that it's got to cover the cost of developing 10 drugs that never made it to the market. Or finance: the profits made by venture capitalists look huge until you realize most of the companies they invest in never make it to IPO.
Yes, CDs are too expensive, but you gotta look at the big picture.
29 dead. (In other words, about 1% of the September 11th attacks.)
Yeah, but every few weeks for 30 years. Mostly paid for out of the pockets of New Yorkers, via an organization called NORAID. The money the IRA didn't get from Americans, they got from Columbian drug smugglers in return for providing training in the fine art of terrorism.
I'm not saying that any individual victims of al-Queda "deserved it". But Karma is a bitch.
So where do people throw their trash? On the ground??
Unfortunately many people do, but at the larger railway stations there are cleaners pushing carts with transparent plastic bags hanging from frames. You wait for one to pass, or catch them up, and drop your sandwich wrapper or whatever into their bag. I did that at Liverpool Street this lunchtime.
Mod me up for being redundant if you will, but if the recording industry can sell music CDs here in Asia for $9 and still make a profit, why can't they do the same in the US?
OK, you can't compare dollar for dollar in different markets. What is the average rent in a mall, in USD, in Malaysia compared to Manhattan? What are the average wages in those two locations? Electricity, taxes, price of a cup of coffee, it all factors in. Because you aren't paying US$9 for a CD, you're paying whatever your local currency is.
I fully agree that CDs are way overpriced (esp. in the UK) but the argument that products and services are cheaper in hard currencies if you buy them in soft currencies is irrelevant.
Surely, any place that's a likely target for terrorists has more security in place than cylinder locks? Like keycard access systems, or Marine guards with machine guns? This is more a criminal than a terrorist problem.
You might think so, but consider this example. There are no litter bins in British railway stations, and very few in the centre of London, like the Square Mile. This is because IRA terrorists would leave explosive in them, in order to kill or main as many noncombatants as possible. I think that clearly illustrates that a terrorist can turn the most ordinary, everyday objects into weapons. Maybe there's nothing important in the janitor's closet, but the lock is still there for a reason.
If the technique has been known to locksmiths, what makes the author think lockpickers haven't known about it, too?
True, but there's a difference between gaining a skill yourself and having step by step instructions. For example, any Chemistry graduate could make explosives from scratch, working from basic principles. However, anyone with step by step instructions could make it from everyday items, and those are the ones to worry about.
China is a scientific nation, you can't move at most scientific conferences without bumping into a large contingent who are either directly from China or who are researching in Western Unis.
Yes, but why, if China is so scientific, do they have to come to the West to actually do their research?
I'm not down on the Chinese people, but China as a nation has historically not been a great place to innovate from. Could be down to Communism, could be Confucian tradition, could be simply the sheer size of China made collaboration difficult.
How many people from _your_ alma mater have been published in Nature ?
A search for UCL gives 112 matches on that site. Off the top of my head, UCL ranks second in the world (behind Harvard) for volume of research publications in all fields. You were saying?
So if this is the case, you can buy up every public share of the company, but you still don't control it.
And if you do own it, you're also liable for its debts. That's why some companies are so cheap. Barings Bank was sold for 1 British Pound to ING for this very reason.
what do all those Chinese science guys know, how long have they been doing science? Wha d'yu mean they invented printing 2,000 years before the west... and gunpowder
That's a pretty spurious argument if your intention is to bolster China's reputation as a scientific nation. Yes, they did invent a few things thousands of years ago, but where did the Industrial Revolution actually happen? China didn't industrialize 'til centuries later.
They may have been "doing science" longer than most other nations, but that only means their progress/year lags far far behind the true scientific nations.