The BIOS is definitely disabled. With the updated BIOS (3/23/00) and an epoxied chip, my i-opener recognizes both the Sandisk and the external HD, but then displays "DISK BOOT FAILURE" and doesn't proceed. I didn't have any clipped IDE pins to deal with, though.
The connectivity of the os/390 is superb. All you have to do is type gosysa to connect to system a or gosysb to connect to sysb.
Is this like remsh sysa / remsh sysb? What sort of connectivity are we talking about here? Because this doesn't sound much different from the Unix model. I can alias 'go' to remsh or telnet and do the same thing.
Try doing this on a unix box without a terminal. There are many mainfgrame terminal software packages out there but none for unix besides telnet which lacks quite behind.
Granted, on a Unix box without a terminal, you aren't going to be able to type anything. However, I don't see this as a disadvantage since a mainframe without a keyboard is going to have the same problem. So I don't see a real difference. What is it that telnet (or rsh, if you happen to be on a known trusted network) don't do?
I understand that there are significant differences between mainframe hardware and software versus a Unix box. I just don't think you've illustrated particularly relevant differences.
You also do not have to worry about users gaining root access wiht mainframe operating systems.
You could say the same about a Mac, though. Are mainframes not remotely administerable?
I recognise that this is security through obscurity, but considering the IQ of your average script kiddie is equivalent to that of a cabbage, it could well work.
But it isn't the script kiddies who figured out how to DDOS you in the first place. The definition of a script kiddie is someone who isn't smart enough to find the security hole, but is smart enough to run the hack that someone else has created for them. Eventually your new protocol will get cracked by somebody, and once they write a tool to let the kiddies DOS you by pointing and clicking, you'll be in just as much trouble as IRCnet is now.
I heard the same report. The program was called MyZack (or something that sounds the same - this was radio, so I couldn't tell), and the guy explaining it was none other than Richard M. Smith. He's the privacy guru from Phar Lap who (among other things) exposed the Microsoft Word document IDs and the RealJukebox user information collecting.
IIRC, Xing didn't encrypt its player keys, though, which I think was another part of the deal for manufacturers of software DVD players. They may be contractually responsible for that, in which case they might get their CSS license revoked.
Does the expectation of improved code from others constitute sufficient consideration? Granted, it's not a sure thing, but I think you could argue that in the majority of cases GPLing your source code is likely to lead to an increase in value and utility of the code as you receive bug fixes, suggestions, etc. Is the whole "consideration" thing a specific law, or just a general legal precedent?
I walk into a bank, and rob it at gunpoint. Before I leave, I give the bank teller a nice not explaining that I disclaim all reprecussions for my actions. Will any court buy that? Now please try to explain how that case is in any way similar to the MSFT one above.
Well, the similarity is that in both cases you are disclaiming responsibility for your actions. I'm afraid I can't draw a closer parallel, but on the other hand the software licensing that I was complaining about was not of the "not suitable for military and/or real-time control, etc." variety.
I think you missed my original point, which was that just writing a disclaimer doesn't necessarily make it disclaimable, especially if it is a "click-wrap" license. That is the real comparison here - just as illegal software distribution (not that I'm saying that cphack is) isn't made legal solely by stating that in the license, so it is that Microsoft's disclaimers of liability may not be entirely true either.
Only within the bounds of the law.
I don't think that is the case. Often software comes with a license which absolves the supplier of any liability for any actions taken by the software, which is a lack of liability that the producers of any other product do not share. These licenses are within the bounds of the law only by default; they just haven't been thrown out in court yet because no one has pursued a suit. The amount of liability disclaimed by a standard commercial software license is unusual and probably shares the legal status of the aforementioned cphack disclaimer - namely, neither would be nearly as enforceable as their authors might wish.
Wow. That's some incredible logic you got going. Did you ever consider that one of them might be legal and the other not? Like I said earlier, the GPL is akin to terrorist demands. It's nice to let them rant and whine, but they get nothing in the end. Now who has a valid case? The terrorists? Or the people trying to prevent destruction and lost lives? Your call.
Yes, it is possible that any combination of the two licenses' legality might occur. However, the point I was trying to draw was that one over-the-top blue-sky license has about the same legal value as another - close to zero.
I don't follow you on the whole terrorist thing, sorry.
Suppose, now, that the cphack authors had included an extra clause in the license. And suppose this extra clause said that no matter what, they couldn't be held liable for writing it. Do you think such a thing would stand up in court?
Have you looked at a commercial software license recently? They all disclaim as much liability as they can! Granted, usually those don't go to court either, but I'm not sure that there's a legal difference between the two disclaimers. Either they are both invalid (in which case commercial software companies are in for a shock) or else they are both valid.
As far as I'm concerned, the defendants were within the letter of the law, and Mattel should get some better lawyers. The confusion here is about copyright versus licensing. The original authors had full copyright to the original code, and they handed over all of the copyright (all rights and interests, etc.) that they possessed to Mattel.
However, they had previously granted a perpetual license to all distributers and redistributers of the code for distribution and use which cannot be terminated. Mattel didn't realize that at the time (or thought no one else would). So while the defendants weren't lying and complied with the agreement they made, that doesn't affect the fact that GPL'd versions of the code cannot be stopped by Mattel.
You can GPL something without signing away any rights. Those who have the code have no copyright on the original code, they simply have a license to view, modify, and distribute the modified and even the original code under the terms of the GPL. They would have copyright on any improvements they made, of cours. So while Mattel may now have the rights to the code (and could thus issue it under a different license) the GPL'd version of the code is out there for good and that license cannot be terminated (barring later court decisions to the contrary, etc.)
The only question that I have is whether it is GPL'd "enough" - as far as I have heard, the customary copy of the GPL didn't come with the software, and there was only a one-line notice that it was GPL'd. Is that really enough to ensure protection?
True, so I suppose internet names could easily be written in any latin-encoded language. However, english has one other advantage over the other languages which evolved from latin (the romance languages) in that it doesn't have as many inflection signs over vowels, circonflexes, etc. So you don't need as many different kinds characters to write something that is grammatically correct in english as you do in french, for example.
The problem with Iridium is not the amount of spectrum used. The problem is that the spectrum used is right next door to some frequencies which carry important spectral lines that are used for radio astronomy. This wasn't a problem during the design stages of Iridium, but after they got the birds up there it was discovered that the Iridium signals were bleeding over outside of their assigned frequencies. This made radio astronomy observation much more difficult at those frequencies.
So the issue is not necessarily the amount of spectrum used, but whether the users of it are "good neighbors". In the case of Iridium, they weren't, and so eventually a compromise was hammered out with the radio astronomy community to turn down the satellites' power for a certain amount of time each day.
Well, for one thing, I wanted to actually look at the device before ordering one, so I went over to CC after work to check it out, and it was easier to just order it there. I expected that it would be back-ordered from Netpliance too, but I'm glad that you were able to get one quickly.
Also, by ordering through CC I've avoided (I hope) dealing with the Netpliance 'net service.
The company that manufactures, and therefore OWNS the i-Openeners, is not offering a simple 'cash for goods' kind of sale contract. The terms (you pay $99 == you get iOpenener hardware) are NOT acceptable to them; since they do not agree to that contract, if you walk away with a box in your hand without agreeing to those terms, you are a thief, and have stolen property which the iOpener company did not agree to tranfer to you. The terms they ARE offering are (you pay $99 now, + $x/month for at least N months == you get iOpener hardware + you get N months of service that you can choose to use or ignore.) Take it or leave it, but don't think you get to re-write the entire human history of contract law because you don't want to think of yourself as a criminal.
The terms "you pay $99 == you get iOpenener hardware" were perfectly agreeable to Circuit City last week. Perhaps Netpliance should get their resellers to enforce an agreement that they would be more happy with, but that's between CC and Netpliance (does this remind anyone of the Windows Refund Day MS vs. OEMs situation?). I don't see how a contract can be legal if it is not known and agreed to by both parties, and I've never signed anything that mentioned any months of service, let alone a minimum N required months of service. I'm not arguing that that wouldn't have been a better deal for Circuit City/Netpliance to make with me (from their perspective, at least), but for whatever reason they didn't make such a contract with me and I don't feel obligated to hold myself to the terms of any agreement they are coming up with now or in the future. The only even remotely contractual language on my sales receipt is:
The cardholder agrees to the credit card amount shown hereon and agrees to perform the obligations set forth in the cardholders agreement with the issuer.
which is the standard credit card receipt language. So, to sum up:
Netpliance/CC are not required to sell me an i-opener
CC offered terms of "$99 for one i-opener piece of hardware"
I accepted those terms and provided CC with $99
I expect one i-opener hardware from CC sometime soon
No, I am not stealing anything.
As far as I understand contract law, I can't be required to abide by a contract which I did not agree to even if the other parties assumed that I would, especially since I have given no indication by word or by deed that I would do so. It would be a rewriting of contract law for CC/Netpliance to change the terms now; my actions in buying and owning an i-opener are perfectly legal under contract law.
Hmmm... I guess my best bet is to find out the last date on which known hackable i-openers were shipped, and check mine against that. Or I could just gamble my $99 that I can get it to work, and give up on any warranty expectations.
I've seen the screen at Circuit City, and it's not one of the newest active flat-screen monitors. It's more like an older laptop LCD display - you have to be more-or-less directly in front of the screen to read it, and the video is blurry if you move the mouse around quickly, scroll quickly, etc. The display is definitely not as good as the display you would get if you bought a new laptop today, for example. I don't think the screen is any relative of the nice $1500 flat-panel displays (which I am really interested in too, since my 19" HP monitor takes up ~6 square feet of desktop!).
I don't see how they could have modified the hardware so quickly to do this. Some discussion on i-opener-linux.net (where I saw this story last night) considered whether this was possible or not, and the upshot was that maybe the BIOS could have been modified, but there hasn't been time for a hardware modification. And BIOS that has been changed once can certainly be changed again (although this might be difficult w/o a floppy drive). The terms-of-service argument doesn't bother me at all, since I didn't agree to any at Circuit City, and I don't plan to even boot the thing until after adding a Linux drive and so forth. You only see the warning linked from the story above if you buy an i-opener from Netpliance's site.
I ordered my i-opener on 3/16, so I'm not sure if this announcement will apply to it or not. I haven't received it yet, but on the other hand it may have been shipped from Netpliance before 3/20, and just not received by Circuit City yet. If the worst case is true and it's unhackable, my CC receipt allows for 14-day returns (with 15% restocking fee).
It is strange how Netpliance has bounced back and forth on the mod issue - sometimes they seem to be really cool about it, but then they go and do something like this. I hope the open, "friendly" personality eventually comes through, because I'd be happy to recommend one of these to a relative who wanted a simple web browsing appliance, and I'd even consider buying a more-expensive i-opener-type device which was specifically designed for modification. Meaning more and more accessible serial/parallel/USB ports, VGA output, a slightly larger case to allow more room for onboard drives, etc., official developer's information such as pinouts, etc.
Well, the name has been around for longer than that, since it's often used to refer to the Jewish homeland. I'm not sure when it was first used for that, but I'm pretty sure it was before the 1970s. I'm not actually Jewish, though, so my interpretation of the meaning of this may be a little imprecise.
Speaking of PC Anywhere, I got the funniest thing in the mail the other day. It was a typical "Free ISP for newbies" CD, with a long list of included software (mostly demos) on the back. The first item on the list, in bold type, was... PC Anywhere. It struck me that distributing such a widely-known vulnerability to the typical audience of this sort of CD is, well, a little reckless.
Hmmm... I guess it was funnier at the time. Oh well.
The BIOS is definitely disabled. With the updated BIOS (3/23/00) and an epoxied chip, my i-opener recognizes both the Sandisk and the external HD, but then displays "DISK BOOT FAILURE" and doesn't proceed. I didn't have any clipped IDE pins to deal with, though.
Back to grinding off epoxy...
It appears that dmg is a subtle troll. Congratulations, you seem to be the first person to notice :)
I'm confused...
Is this like remsh sysa / remsh sysb? What sort of connectivity are we talking about here? Because this doesn't sound much different from the Unix model. I can alias 'go' to remsh or telnet and do the same thing.
Granted, on a Unix box without a terminal, you aren't going to be able to type anything. However, I don't see this as a disadvantage since a mainframe without a keyboard is going to have the same problem. So I don't see a real difference. What is it that telnet (or rsh, if you happen to be on a known trusted network) don't do?
I understand that there are significant differences between mainframe hardware and software versus a Unix box. I just don't think you've illustrated particularly relevant differences.
You could say the same about a Mac, though. Are mainframes not remotely administerable?
The Geets were Beowulf's people, right? ;^)
Hmmm.... a Beowulf cluster of Linux boxes, each running in a VM on an S/390?
But it isn't the script kiddies who figured out how to DDOS you in the first place. The definition of a script kiddie is someone who isn't smart enough to find the security hole, but is smart enough to run the hack that someone else has created for them. Eventually your new protocol will get cracked by somebody, and once they write a tool to let the kiddies DOS you by pointing and clicking, you'll be in just as much trouble as IRCnet is now.
I heard the same report. The program was called MyZack (or something that sounds the same - this was radio, so I couldn't tell), and the guy explaining it was none other than Richard M. Smith. He's the privacy guru from Phar Lap who (among other things) exposed the Microsoft Word document IDs and the RealJukebox user information collecting.
IIRC, Xing didn't encrypt its player keys, though, which I think was another part of the deal for manufacturers of software DVD players. They may be contractually responsible for that, in which case they might get their CSS license revoked.
Does the expectation of improved code from others constitute sufficient consideration? Granted, it's not a sure thing, but I think you could argue that in the majority of cases GPLing your source code is likely to lead to an increase in value and utility of the code as you receive bug fixes, suggestions, etc. Is the whole "consideration" thing a specific law, or just a general legal precedent?
Well, the similarity is that in both cases you are disclaiming responsibility for your actions. I'm afraid I can't draw a closer parallel, but on the other hand the software licensing that I was complaining about was not of the "not suitable for military and/or real-time control, etc." variety.
I think you missed my original point, which was that just writing a disclaimer doesn't necessarily make it disclaimable, especially if it is a "click-wrap" license. That is the real comparison here - just as illegal software distribution (not that I'm saying that cphack is) isn't made legal solely by stating that in the license, so it is that Microsoft's disclaimers of liability may not be entirely true either.
I don't think that is the case. Often software comes with a license which absolves the supplier of any liability for any actions taken by the software, which is a lack of liability that the producers of any other product do not share. These licenses are within the bounds of the law only by default; they just haven't been thrown out in court yet because no one has pursued a suit. The amount of liability disclaimed by a standard commercial software license is unusual and probably shares the legal status of the aforementioned cphack disclaimer - namely, neither would be nearly as enforceable as their authors might wish.
Yes, it is possible that any combination of the two licenses' legality might occur. However, the point I was trying to draw was that one over-the-top blue-sky license has about the same legal value as another - close to zero.
I don't follow you on the whole terrorist thing, sorry.
Have you looked at a commercial software license recently? They all disclaim as much liability as they can! Granted, usually those don't go to court either, but I'm not sure that there's a legal difference between the two disclaimers. Either they are both invalid (in which case commercial software companies are in for a shock) or else they are both valid.
As far as I'm concerned, the defendants were within the letter of the law, and Mattel should get some better lawyers. The confusion here is about copyright versus licensing. The original authors had full copyright to the original code, and they handed over all of the copyright (all rights and interests, etc.) that they possessed to Mattel.
However, they had previously granted a perpetual license to all distributers and redistributers of the code for distribution and use which cannot be terminated. Mattel didn't realize that at the time (or thought no one else would). So while the defendants weren't lying and complied with the agreement they made, that doesn't affect the fact that GPL'd versions of the code cannot be stopped by Mattel.
You can GPL something without signing away any rights. Those who have the code have no copyright on the original code, they simply have a license to view, modify, and distribute the modified and even the original code under the terms of the GPL. They would have copyright on any improvements they made, of cours. So while Mattel may now have the rights to the code (and could thus issue it under a different license) the GPL'd version of the code is out there for good and that license cannot be terminated (barring later court decisions to the contrary, etc.)
The only question that I have is whether it is GPL'd "enough" - as far as I have heard, the customary copy of the GPL didn't come with the software, and there was only a one-line notice that it was GPL'd. Is that really enough to ensure protection?
True, so I suppose internet names could easily be written in any latin-encoded language. However, english has one other advantage over the other languages which evolved from latin (the romance languages) in that it doesn't have as many inflection signs over vowels, circonflexes, etc. So you don't need as many different kinds characters to write something that is grammatically correct in english as you do in french, for example.
The problem with Iridium is not the amount of spectrum used. The problem is that the spectrum used is right next door to some frequencies which carry important spectral lines that are used for radio astronomy. This wasn't a problem during the design stages of Iridium, but after they got the birds up there it was discovered that the Iridium signals were bleeding over outside of their assigned frequencies. This made radio astronomy observation much more difficult at those frequencies.
So the issue is not necessarily the amount of spectrum used, but whether the users of it are "good neighbors". In the case of Iridium, they weren't, and so eventually a compromise was hammered out with the radio astronomy community to turn down the satellites' power for a certain amount of time each day.
"Embiggens? We never had words like that in Shelbyville".
"I don't know why not, it's a perfectly cromulent word."
Well, for one thing, I wanted to actually look at the device before ordering one, so I went over to CC after work to check it out, and it was easier to just order it there. I expected that it would be back-ordered from Netpliance too, but I'm glad that you were able to get one quickly.
Also, by ordering through CC I've avoided (I hope) dealing with the Netpliance 'net service.
Actually, there's a checkbox for "No Score +1 Bonus" right above the Submit button. Watch, I'll do it right now...
The terms "you pay $99 == you get iOpenener hardware" were perfectly agreeable to Circuit City last week. Perhaps Netpliance should get their resellers to enforce an agreement that they would be more happy with, but that's between CC and Netpliance (does this remind anyone of the Windows Refund Day MS vs. OEMs situation?). I don't see how a contract can be legal if it is not known and agreed to by both parties, and I've never signed anything that mentioned any months of service, let alone a minimum N required months of service. I'm not arguing that that wouldn't have been a better deal for Circuit City/Netpliance to make with me (from their perspective, at least), but for whatever reason they didn't make such a contract with me and I don't feel obligated to hold myself to the terms of any agreement they are coming up with now or in the future. The only even remotely contractual language on my sales receipt is:
which is the standard credit card receipt language. So, to sum up:
As far as I understand contract law, I can't be required to abide by a contract which I did not agree to even if the other parties assumed that I would, especially since I have given no indication by word or by deed that I would do so. It would be a rewriting of contract law for CC/Netpliance to change the terms now; my actions in buying and owning an i-opener are perfectly legal under contract law.
Hmmm... I guess my best bet is to find out the last date on which known hackable i-openers were shipped, and check mine against that. Or I could just gamble my $99 that I can get it to work, and give up on any warranty expectations.
I've seen the screen at Circuit City, and it's not one of the newest active flat-screen monitors. It's more like an older laptop LCD display - you have to be more-or-less directly in front of the screen to read it, and the video is blurry if you move the mouse around quickly, scroll quickly, etc. The display is definitely not as good as the display you would get if you bought a new laptop today, for example. I don't think the screen is any relative of the nice $1500 flat-panel displays (which I am really interested in too, since my 19" HP monitor takes up ~6 square feet of desktop!).
There's also no contract if you buy it at Circuit City. They couldn't care less what you do with it once it leaves their store.
I don't see how they could have modified the hardware so quickly to do this. Some discussion on i-opener-linux.net (where I saw this story last night) considered whether this was possible or not, and the upshot was that maybe the BIOS could have been modified, but there hasn't been time for a hardware modification. And BIOS that has been changed once can certainly be changed again (although this might be difficult w/o a floppy drive). The terms-of-service argument doesn't bother me at all, since I didn't agree to any at Circuit City, and I don't plan to even boot the thing until after adding a Linux drive and so forth. You only see the warning linked from the story above if you buy an i-opener from Netpliance's site.
I ordered my i-opener on 3/16, so I'm not sure if this announcement will apply to it or not. I haven't received it yet, but on the other hand it may have been shipped from Netpliance before 3/20, and just not received by Circuit City yet. If the worst case is true and it's unhackable, my CC receipt allows for 14-day returns (with 15% restocking fee).
It is strange how Netpliance has bounced back and forth on the mod issue - sometimes they seem to be really cool about it, but then they go and do something like this. I hope the open, "friendly" personality eventually comes through, because I'd be happy to recommend one of these to a relative who wanted a simple web browsing appliance, and I'd even consider buying a more-expensive i-opener-type device which was specifically designed for modification. Meaning more and more accessible serial/parallel/USB ports, VGA output, a slightly larger case to allow more room for onboard drives, etc., official developer's information such as pinouts, etc.
Well, the name has been around for longer than that, since it's often used to refer to the Jewish homeland. I'm not sure when it was first used for that, but I'm pretty sure it was before the 1970s. I'm not actually Jewish, though, so my interpretation of the meaning of this may be a little imprecise.
Speaking of PC Anywhere, I got the funniest thing in the mail the other day. It was a typical "Free ISP for newbies" CD, with a long list of included software (mostly demos) on the back. The first item on the list, in bold type, was... PC Anywhere. It struck me that distributing such a widely-known vulnerability to the typical audience of this sort of CD is, well, a little reckless.
Hmmm... I guess it was funnier at the time. Oh well.
Oh. OK, that makes more sense.