Oxford University (UK) gives only BA degrees, except for a few special subjects. So Computer Science is a BA degree, and my degree is a BA in Maths & Computer Science.
I teach probability at Oxford University, UK, although it's not my first discipline.
You are entirely correct, the argument is flawed. There are foundational problems with it - one can see some of the problems appear if you try to construct a uniform probability distribution on the integers. It is impossible. So there is no prior distribution to work from.
I won't go into the details because I can't be bothered to frame my thoughts properly, but if one of my students wrote this likelihood of extinction argument for a tutorial I would give them a good slap down.
Not to say that we *aren't* all gonna die anyway of course...
It seems to me that any SDMI-type technology really is doomed.
Even with "Secure Digital Path" techniques, ensuring that sound cards disable any form of digital out when playing secure music (and leaving aside the problems of such a system) I would be perfectly happy with the quality of music I would obtain from running a gold-plated top quality shielded cable from the analogue output into an analogue input. Of a suitable decent quality soundcard of course. (Possibly of a different soundcard, in case they decide to disable all recording when playing secure music. I have two computers, though, so no big deal.)
If I can hear it on my headphones, I can record it. And in sufficient quality to keep me happy.
I can only see two possible problems:
1. If the sound is watermarked somehow in a way which survives DAC and ADC, then I might have difficulties. I doubt that this is feasible.
2. If the record industry find a way to deliver the music directly to my brain they can avoid any analogue stage altogether. Presumably they would also then delete the memory of listening to the music from my head, otherwise that would be unauthorised duplication...
All that said, SDMI should be fought for the principles of fair use that it violates.
Sure win2k has not been properly thought out as a platform. Slashdot will gleefully tell us the details. But there's one area that (any modern version of) Windows beats pretty much every other OS - drivers.
When I install win2k, I can use the default drivers. Practically every piece of hardware has drivers on the win2k CD, or easily available for download. (Though some drivers took a while to appear - I had a couple of totally useless printers sitting around for a few months after the move to win2k.)
I don't know much about BSD, and I do know that the driver situation for Linux is better than it used to be (at least we can all use Creative sound cards now) but Microsoft knows very well that the next OS war will be fought over drivers. Note their strategic partnerships with big hardware manufacturers, and the lack of alternative OS drivers for that hardware.
What's the point in a well-designed, secure, powerful, open source, free OS if I can't use it on my hardware?
I opted out of doubleclick a couple of months ago. Today I went back to their opt-out page to find that I'm opted back in. So I opted out again, but who knows for how long? I will have to take other measures.
Of course, I can't provide independently verifiable proof that I did indeed opt out before, or that I was opted in as of this morning. But I know I did.
This pisses me off no end.
-type2
PS: No, my ip address hasn't changed, and anyway that shouldn't be a problem since they are using cookies, right?
The question boils down to this: is using a CC on the net any less safe than buying in person.
I think the answer is yes, although not drastically so. The short reason is that if you can find a loophole in a credit card database, you can steal thousands of numbers in one night, possibly undetected. In the physical world, it takes longer, so you are likely to get less numbers.
More people are fiddling real-world card numbers at the moment, which is why internet card abuse is less of a problem than physical card(/number) theft. This may change.
It is clear that obtaining credit card numbers (and the other required information such as expiry etc) is not the problem. As has been well pointed out, this has been do-able for some time, by a variety of means.
Even as it stands, it's not a disaster if some criminal finds my card number. If he isn't careful when using it, he will get caught. You can't use them to get cash out of ATMs without a PIN (at least, not in this country) so you have to buy something. You can only really buy in person with it - and forge a signature - because otherwise it has to be shipped to an address and you will get caught that way, unless you are a resourceful criminal. I don't think you can just walk away from a dealership with a car, having paid by card.
And even buying something in person has a risk associated, if only shops would be more rigorous in pursuing fraudulent customers via closed circuit camera pictures or whatever.
Certainly the credit card companies are unhappy at the amount of fraud which goes on, and they don't even pursue the low-value transactions. To answer my own question, there must be some problem otherwise they wouldn't be so worried, but I must admit that I don't understand why more people aren't caught. If shops were more willing to identify fraud, the possession of a credit card number would buy you very little without a high risk.
But in any case, the problem isn't that the credit card numbers get out - it is, and always has been, a sort of security through obscurity, and we know what to think of that!
Am I the only person who thinks that this case may very well fail, on sound legal grounds?
There's been a lot of argument about how DeCCS is used to view, not copy, DVDs - and that a bit-by-bit copy can be achieved without it. Other people have already explained that it isn't that clearcut.
IANAL, but if I were the CCA I would present the following argument:
This algorithm is a trade secret. The algorithm was figured out by someone using the Xing decoder. They had clicked a box agreeing not to reverse engineer the algorithm when they installed it.
Hence the algorithm and deCSS source code is a trade secret which was obtained improperly. Therefore according to law, every copy or derivation of it is tainted and must be removed from the public. End of argument.
You must break that chain of reasoning somehow. Your arguments?
1. "He did not click the box to agree to that. We all know that programs can be installed with the EULA agreement stage bypassed, with a little hacking". I say - you must prove that this EULA was in fact bypassed in this case(of course you can't, there is no evidence around). Remember the Intel/AMD case, when AMD had to go to extreme lengths to _prove_ that they had figured out how intel's chips worked without reading the development documentation. Simiarly, the burden of proof is on you in this case. Since there is no evidence, you are stuck.
2. "He was a minor and so could not enter into a binding agreement not to reverse engineer the code". I say - in that case his parents are responsible for his actions. Regardless of who did it, the information was still obtained "improperly" and so deCSS is tainted. After all, it a minor robs a bank then whoever is considered legally responsible the crime was still committed. In this case, the information was obtained improperly.
3. "Those agreements aren't binding in Norway, where the algorithm was figured out". I say - okay, but as far as the US court is concerned he still made that agreement, and so the information was obtained improperly etc... This case is about restraining the transmission of this material in this country.
4. "Freedom of speech..." I say - Sorry, trade secrets supercede freedom of speech, as long as the information was obtained improperly. You may not like this, but it is the law.
5. "We are entitled to Fair Use of our purchases DVDs". I say - I do not disagree. If you can figure out how to play them without using improper means that is okay. Similarly you may make a copy, if you wish, for personal use. But this case only pertains to deCSS and its derivatives, which were improperly obtained. [Whether the CCA may be acting unfairly by not supplying Linux decoders is another issue - an illegal Microsoft/DVDCCA pact would be rather hard to prove].
6. "It would be better for the world if..." This is not a legal argument.
---
Hopefully someone can produce a better argument than the above. I'm not saying that I agree that the above constitutes a moral reading of the problem, but we are dealing with the law and morality and law have little in common. I think that the CCA will win the case, followed by a lot of flames on/., a fair number of flagrant breaches of the decision, some of which will be harshly punished, and finally a deCSS underground.
Slashdot Mirror
Oxford University (UK) gives only BA degrees, except for a few special subjects. So Computer Science is a BA degree, and my degree is a BA in Maths & Computer Science.
Didn't do me any harm.
-type2
I teach probability at Oxford University, UK, although it's not my first discipline.
You are entirely correct, the argument is flawed. There are foundational problems with it - one can see some of the problems appear if you try to construct a uniform probability distribution on the integers. It is impossible. So there is no prior distribution to work from.
I won't go into the details because I can't be bothered to frame my thoughts properly, but if one of my students wrote this likelihood of extinction argument for a tutorial I would give them a good slap down.
Not to say that we *aren't* all gonna die anyway of course...
-type2
It seems to me that any SDMI-type technology really is doomed.
Even with "Secure Digital Path" techniques, ensuring that sound cards disable any form of digital out when playing secure music (and leaving aside the problems of such a system) I would be perfectly happy with the quality of music I would obtain from running a gold-plated top quality shielded cable from the analogue output into an analogue input. Of a suitable decent quality soundcard of course. (Possibly of a different soundcard, in case they decide to disable all recording when playing secure music. I have two computers, though, so no big deal.)
If I can hear it on my headphones, I can record it. And in sufficient quality to keep me happy.
I can only see two possible problems:
1. If the sound is watermarked somehow in a way which survives DAC and ADC, then I might have difficulties. I doubt that this is feasible.
2. If the record industry find a way to deliver the music directly to my brain they can avoid any analogue stage altogether. Presumably they would also then delete the memory of listening to the music from my head, otherwise that would be unauthorised duplication...
All that said, SDMI should be fought for the principles of fair use that it violates.
-type2
Sure win2k has not been properly thought out as a platform. Slashdot will gleefully tell us the details. But there's one area that (any modern version of) Windows beats pretty much every other OS - drivers.
When I install win2k, I can use the default drivers. Practically every piece of hardware has drivers on the win2k CD, or easily available for download. (Though some drivers took a while to appear - I had a couple of totally useless printers sitting around for a few months after the move to win2k.)
I don't know much about BSD, and I do know that the driver situation for Linux is better than it used to be (at least we can all use Creative sound cards now) but Microsoft knows very well that the next OS war will be fought over drivers. Note their strategic partnerships with big hardware manufacturers, and the lack of alternative OS drivers for that hardware.
What's the point in a well-designed, secure, powerful, open source, free OS if I can't use it on my hardware?
-type2
I opted out of doubleclick a couple of months ago. Today I went back to their opt-out page to find that I'm opted back in. So I opted out again, but who knows for how long? I will have to take other measures.
Of course, I can't provide independently verifiable proof that I did indeed opt out before, or that I was opted in as of this morning. But I know I did.
This pisses me off no end.
-type2
PS: No, my ip address hasn't changed, and anyway that shouldn't be a problem since they are using cookies, right?
The question boils down to this: is using a CC on the net any less safe than buying in person.
I think the answer is yes, although not drastically so. The short reason is that if you can find a loophole in a credit card database, you can steal thousands of numbers in one night, possibly undetected. In the physical world, it takes longer, so you are likely to get less numbers.
More people are fiddling real-world card numbers at the moment, which is why internet card abuse is less of a problem than physical card(/number) theft. This may change.
-type2
It is clear that obtaining credit card numbers (and the other required information such as expiry etc) is not the problem. As has been well pointed out, this has been do-able for some time, by a variety of means.
Even as it stands, it's not a disaster if some criminal finds my card number. If he isn't careful when using it, he will get caught. You can't use them to get cash out of ATMs without a PIN (at least, not in this country) so you have to buy something. You can only really buy in person with it - and forge a signature - because otherwise it has to be shipped to an address and you will get caught that way, unless you are a resourceful criminal. I don't think you can just walk away from a dealership with a car, having paid by card.
And even buying something in person has a risk associated, if only shops would be more rigorous in pursuing fraudulent customers via closed circuit camera pictures or whatever.
Certainly the credit card companies are unhappy at the amount of fraud which goes on, and they don't even pursue the low-value transactions. To answer my own question, there must be some problem otherwise they wouldn't be so worried, but I must admit that I don't understand why more people aren't caught. If shops were more willing to identify fraud, the possession of a credit card number would buy you very little without a high risk.
But in any case, the problem isn't that the credit card numbers get out - it is, and always has been, a sort of security through obscurity, and we know what to think of that!
type2
Am I the only person who thinks that this case may very well fail, on sound legal grounds?
/., a fair number of flagrant breaches of the decision, some of which will be harshly punished, and finally a deCSS underground.
There's been a lot of argument about how DeCCS is used to view, not copy, DVDs - and that a bit-by-bit copy can be achieved without it. Other people have already explained that it isn't that clearcut.
IANAL, but if I were the CCA I would present the following argument:
This algorithm is a trade secret. The algorithm was figured out by someone using the Xing decoder. They had clicked a box agreeing not to reverse engineer the algorithm when they installed it.
Hence the algorithm and deCSS source code is a trade secret which was obtained improperly. Therefore according to law, every copy or derivation of it is tainted and must be removed from the public. End of argument.
You must break that chain of reasoning somehow. Your arguments?
1. "He did not click the box to agree to that. We all know that programs can be installed with the EULA agreement stage bypassed, with a little hacking". I say - you must prove that this EULA was in fact bypassed in this case(of course you can't, there is no evidence around). Remember the Intel/AMD case, when AMD had to go to extreme lengths to _prove_ that they had figured out how intel's chips worked without reading the development documentation. Simiarly, the burden of proof is on you in this case. Since there is no evidence, you are stuck.
2. "He was a minor and so could not enter into a binding agreement not to reverse engineer the code". I say - in that case his parents are responsible for his actions. Regardless of who did it, the information was still obtained "improperly" and so deCSS is tainted. After all, it a minor robs a bank then whoever is considered legally responsible the crime was still committed. In this case, the information was obtained improperly.
3. "Those agreements aren't binding in Norway, where the algorithm was figured out". I say - okay, but as far as the US court is concerned he still made that agreement, and so the information was obtained improperly etc... This case is about restraining the transmission of this material in this country.
4. "Freedom of speech..." I say - Sorry, trade secrets supercede freedom of speech, as long as the information was obtained improperly. You may not like this, but it is the law.
5. "We are entitled to Fair Use of our purchases DVDs". I say - I do not disagree. If you can figure out how to play them without using improper means that is okay. Similarly you may make a copy, if you wish, for personal use. But
this case only pertains to deCSS and its derivatives, which were improperly obtained. [Whether the CCA may be acting unfairly by not supplying Linux decoders is another issue - an illegal Microsoft/DVDCCA pact would be rather hard to prove].
6. "It would be better for the world if..." This is not a legal argument.
---
Hopefully someone can produce a better argument than the above. I'm not saying that I agree that the above constitutes a moral reading of the problem, but we are dealing with the law and morality and law have little in common. I think that the CCA will win the case, followed by a lot of flames on
Sorry if I'm pessimistic.
-type2