This feature is very nice, and I'm glad to see it implemented. Something else that would be nice would be the ability to set user-defined timeouts on cookies from certain domains. Some web sites pretty much require you to accept the cookies for them to work properly. It would be cool if you could set the expiration time for these sites to some short, reasonable length of time like two or three hours. This would allow you to browse around the site, but when you came back to that site the next day, you would be a new "ID". Result: no long term tracking of who you are. It really bugs me the expiration dates that most sites put on their cookies. Here's an example from news.com:
The server www.news.com wishes to set a cookie that will be sent to any server in the domain.news.com The name and value of the cookie are: s_cur_1_0=0101sisi09537483561aecd3Jx4+POyJakrM2d xqik1qehn5zVyp56a4Ln5crU5M7Rxq2pm5yWp6eppW 0=
This cookie will persist until Wed Dec 30 17:00:03 2037
Do you wish to allow the cookie to be set?
What the fuck? 2037? There is no rational reason to expect that this cookie would be useful in any way whatsoever in 2037. If more sites (any sites??) used rational expiration dates I might have more respect for cookies. As it is, I only accept them when there is a direct benefit to me personally.
This sometimes happens on Slashdot because Slashdot sometimes sends Doubleclick ads. I think it's just the ones for various IBM services. However, I have to say that I'm a bit bothered by it. As a rule, I have Netscape ask whenever someone sends me a cookie, so it is very visible to me when a site uses them. Usually, Slashdot is an easy site to read, since I almost never get sent a cookie (which forces me to click the "Cancel" button) except when logging in (which I don't mind at all.) In the past month, I've gotten several cookies from Doubleclick when loading Slashdot, though. Like I said, it seems to be ads for IBM when I do get them. I don't think I've gotten one in the last couple of weeks though, so maybe it's been stopped.
So, you're down on MP3's because some people are pirates? I have a better idea, why don't you "turn against" the people who are pirating the music? Although you may have a hard time believing it, many people make very good legitimate use of MP3s. Saying that you are down on MP3's because of pirates is like saying that you are down on computers because of script-kiddies, or that you're down on TV's because of "Who Want's To Marry a Millionare". It just doesn't make any sense. Well, maybe being down on TV does. But you get my point;-)>
What's happened is that you have bought the RIAA propaganda that is trying to equate MP3's with piracy, when in fact there is no such equality. Don't blame the tool for the use that some people make of it.
I just recently bought a house, and hence got my first mortgage. Ever since, I have been deluged by both junk mail and telemarketers. I get mail either offering some sort of loan or home fix-up crap literally every single day. I get I don't know how many phone calls every week. Quite a few of them call during the day when I'm out, but I probably end up answering four or five calls from them a week.
I had figured that the company I got the mortgage from must have sold my name, but now I'm suspecting that it was TransUnion. Of course, due to the crappy state of privacy laws here in the US, I'll never know for sure. Oh well. I've got a friend who literally never answers the phone. He has his machine set to pick up after one ring, and you have to talk to the machine to get him to pick up. I used to think that he was just neurotic or something, but I'm giving serious thought to doing the same thing myself to avoid the telemarketers.
Slightly off-topic, but does anyone know of any good answering machine software for Linux? I would really like to be able to have an answering machine that acts normally if someone calls with valid caller-id info, and basically rejects anyone whose number doesn't come thru on caller id. Contrary to popular belief, the primary beneficiary of blocked caller id is telemarketers, not individuals. If the phone numbers of these companies actually came thru, we could just call them back and offer to sell them stuff, drastically increasing their costs. Or at least block the numbers out. Oh well.
I'm a little confused. If consumers have no right to duplicate a video, then dual-deck VCR's have no legitimate use, correct? Moreover, why is it that I am allowed to make a copy of an entire video program that is distributed via broadcast? This would certainly count as "the right to make an archival or alternate-format copy of a video work". I am also allowed to make an archival copy of any software I buy, in addition to making "alternate format" copies.
I am 99% certain that these are all cases which have been explicitely allowed by the courts. It may be that, due to their private and non-commercial nature, they are considered outside the scope of what copyright prevents. The examples that you give are all times when fair-use allows re-distribution of a copyrighted work (either commercial or non-commercial.)
Now, the DMCA is truly an evil beast. It allows the copyright holders to place any type of lame, ineffective, or imaginary system of "access control" in place and then harass any customer who dares to try and enjoy any of the fair use rights that the courts have recognized as being part of societies half of the copyright balance. It gives the copyright holder all of the benefits of copyright, while outlawing virtually all of societies half of the bargain. Truely amazing.
However, the DMCA also requires the copyright office to determine if any classes of copyrighted work should be exempted. They are accepting written comments right now about what things should be exempted. Please go take a look at this to get more information. Please read over the comments they have already received in order to get an idea of how to (and how not to) write your letter.
Remember, this is not about DeCSS per-se. It is to determine which types of copyrighted work will not be protected by the DMCA. It should be easy for us to make the argument that any work whose access control system prohibits the fair-use and private copy allowences that the courts have recognized should not be protected. The deadline for comments is Thursday. Check it out, and please try and find the time to write a well thought out comment. This is an excellent opportunity for us to make our voice heard!
It would clearly be illegal to use a software descrambler to view content that you had not paid for. However, suppose that I've paid my subscription fees to the cable company for the content? Is it then illegal for me to use a software descrambler? I can imagine an almost infinite variety of fair-use possibilities for software like this.
Here is one example for possible uses. I could have a Linux box at home that acts as a VCR, saving selected TV shows as MPEG streams. I then transfer them to my laptop so that I can watch them on the plane or during a daily train commute. Since some of the things I want to watch are scrambled, it's necessary to use the software descrambler. Is this illegal? Does it benefit anybody for this to be illegal? Certainly not the consumer.
Similar examples are possible to think up with DVD. Suppose I buy one of the new ultra-light laptops which don't have DVD drives. It seems perfectly legitimate that I should be able to copy the contents of a DVD that I own onto the harddrive of a laptop, allowing me to watch my legally purchased movie on the plane or whatever. This is quite feasable. Sony, for example, makes a laptop with a 12GB hard drive and a 500MHz processor, but no DVD or floppy drive. However, the MPAA seems to think that this is a crime.
Here another example from the not-so-distant future. Suppose I buy a DVD-Audio disc since I now have a DVD-Audio player in my house. I also have a CD-R. It would be perfectly legitimate for me to rip the MPEG stream off of the DVD-Audio disc and convert it to a redbook format and burn a CD to play in the car. This is clearly an example of fair use. After all, I'm allowed copy a CD so that I can keep a copy in the car. Why shouldn't I be allowed to copy a DVD-Audio disc?
The reality is that copyright is a misnomer. It is not about copying, it's about distribution. It is also not a right, it's a temporary privledge granted by the government. It is also not absolute. There are many things which we are allowed to to with copyrighted material under fair use provisions. One example is to tape things using a VCR. Using a VCR to shift our viewing of a program temporally is a recognized fair-use. That doesn't mean I have the right to re-distribute what I've taped. But, I can use it myself. Another example is copying a music recording for personal use. It is a recognized fair-use for me to make a copy of a tape, CD, or LP to keep in my car. I don't have to buy a second copy, I'm allowed to make one.
The question isn't really whether or not the MPAA or whomever is allowed to use boneheaded techniques to control access. The question is whether or not it should be illegal for use to bypass said boneheaded measures in order to enable a legitimate fair use of content that we have legally purchased.
The best part is, with these chips you won't even need the null cable. Just use a regular patch cable, and the chip will fix the "wiring mistake". Kind of cool. Now, if only the auto-negotiate doesn't suck...
The six CD's is what sold me on SuSE. I run Linux primarily on my laptop, so I can't count on having a network connection. Having a couple of gigs of utilities lying around in my laptop bag really comes in handy sometimes. It's amazing some of the stuff you find in a SuSE distro.
Actually, I've thought a little bit about this, and I think I 've got an idea that might be a little more fun.
Of course, you should be able to specify the domains that you always accept cookies from, and the domains that you never accept cookies from. But, what could be an entertaining third option would be to send a fake cookie to the domain. I'm thinking of some simple configuration where you could set a fixed prefix, and have it add the right number of numbers and/or letters onto the end of it. Lot's of sites just use something simple like: "ID=nnnnnnnnnn". So, you just make up a random number each time you send them a cookie. End result? Their database starts filling up with random junk, and/or their error logs start growing with strange errors. If enough people were doing this, it could become a real headache for the cookie monsters.
Another interesting possibility, which is more involved, is some sort of anonymous cookie exchange. When your browser got a new cookie, it could automatically upload it to the cookie exchange server. The server would then send you a whole list of other matching cookies to use randomly. This would prevent the cookie sites from using large cookies with CRC's or MAC's to detect spoofed cookies. Since they would all be real, legit cookies, they would all be accepted by the tracking site. End result? Lots of random records with little to no marketing value.
I doubt that Netscape or IE would ever decide to pick up such a feature, but that's the great thing about Mozilla. They don't have to.
The size of the VLIW words (molecules in Transmeta speak) is not the issue. It's the word size that operations are performed on. When a processor is described as being 16, 32, or 64 bit, this generally referrs to the size of the integer/arithmetic units and registers. The fact that the Crusoe can issue four 32-bit commands in a single instruction does not make it a 128-bit processor.
To be honest, I can't find an exact reference to the size of the functional units, but given that they are designed to be x86 compatable, it's a good guess that they are 32-bit units. On the other hand, Itanium will certainly have 64-bit functional units, and being VLIW (EPIC in Intel-speak) will probably issue 2 or 4 instructions at a time. That will not make it a 128 or 256 bit processor, however.
It's interesting to speculate on how the Crusoe will affect the Itanium, since in many ways they are very similar products. My understanding of Itanium is that it's a 64-bit VLIW processor that will have some capability for emulating x86 instructions. Sounds a lot like Crusoe. Sure, one is 64-bit and the other is 32-bit, but that could change. Transmeta could easily replace Crusoe's functional units with 64-bit versions and the users would never even know.
More interesting is going to be watching what happens with the patents that Transmeta has on low-level emulation. Is Intel going to be able to keep Itanium from sucking on x86 code without getting a license from Transmeta?
It's a good thing that Bill is still chairman. Otherwise, the "Chairman Gates" / "Chairman Mao" innuendo wouldn't work any more. Chairman Ballmer just doesn't have the same ring to it.
Re-read the article carefully. The patents are held by Secure Computing, who is doing the work. The NSA is merely buying a product that includes patented technology. No more, no less.
I agree 100% that the idea of any human action destroying all life on the planet is pretty far-fetched. However, that doesn't mean that we can't do things that would make life much harder or even impossible for humans. I think it's pretty much a straw man argument to worry about all life being destroyed. It's just not going to happen. But we can make human existence pretty crappy.
Take for example the Black Plague. It didn't even start to jeprodize life as a whole, but it made life for humans pretty crappy. Another example would be global warming. It doesn't have a chance of wiping out all life, but if all our coastal cities flood and all or our aerable farmland turns into deserts, the impact in terms of human sufferering will be tremendous.
If you can't think of any reason why they would want to keep individual data, you're not very imaginative. Hmmm, perhaps to compute top 10 CD lists by various demographics. To be able to perform this retroactively when they have a new demographic they want to check. So that they can track the effectiveness of advertising specific albums to specific groups. Having all the specific data is lots more useful than just having some aggregate numbers. It lets you run whatever analysis pops into mind on the data. Ever hear of data-mining? It's just the process of analyzing the huge amounts of random data the companies keep looking for whatever patterns or facts are interesting.
As for how big that database would be, let's make a rough guestimate to see if it's feasable. Let's say that for each CD, we need to save it's 4 byte CDDB ID and a 4 byte counter for how often it's been played by a person. Let's also guess that the personal information is 1KB in size. Let's also assume that our database takes up twice as much room as the raw data it contains. If you are keeping track of 1,000,000 users who each have 1,000 CDs they listen to, your database will be: 1 million 1K personal entries for 2 GB disk space. 1 thousand 8 byte entries for each of those million users, for another 16 GB of drive space. Let's see, an 18 GB drive is worth what, about $200? Do you think RealNetworks has room in their budget for a $200 dollar hard drive?
I think we all need to keep in mind that we already live in an era where it is quite affordable and feasable to keep significant amounts of data about everyone. There was a time when this wasn't feasable, but it is gone now. There is every reason to believe that companies will keep as much data as they can, simply because it's cheap and it could come in useful someday. Why not keep it?
There are many problems with this approach. But, the most important one is that it's trivial for DoS attacks to get around. Suppose that everyone spends big bucks to upgrade their routers to the new, fancy, packet-checking versions. Now, all of the old flood-ping DoS programs stop working. Great. Everything is wonderful. Except, the crackers add a single line of code to the DoS programs which tweaks each packet so that they are all different. All of that work that was invested in the new routers is now completely wasted. The winner: Cisco. The Losers: everybody else.
The linked article never mentions a serial number ala Pentium III. Never. Not once. What it does say is that the IBM PC's will include a chip which performs some public-key encryption routines. Specifically, it will perform digital signatures. Now, how exactly is that an invasion of your privacy?
I'm amazed at how many posters on this thread are running on the "it's another CPU ID" gripe when that has no basis in reality. Besides, these PC's will probably ship with P-III's, and why reinvent the wheel;-)>
To quote from the C|Net story about this: ------quote on-------- Big Blue, taking a lesson from Intel's blunder, worked with privacy groups, such as the Center for Democracy and Technology, on implementing the security chip.
"We found we could create a solution that does not create additional privacy concern, but built on a good security base and lets the user be the ultimate decision-maker," said Hester. ------quote off-----------
While it's true that the devil is in the details, and we don't know a lot about how this will be implemented, I have a hard time seeing how this a bad thing. Unlike the PIII ID feature, which provides no security at all for the user, this has the potential to provide a lot of security for the user. The reality is that encryption based digital signature techniques, which this chip will help enable, are the only way to protect people from identity theft online.
The big question is how avaiable is the documentation going to be. If it will be possible to write linux drivers and (say for example) allow GPG to perform RSA using licensed hardware, that seems like it could be a good thing. Depending on what the API looks like for this thing, it may be possible to turn around the "strong" signature capability and turn it into a "strong" encryption engine. Now that would be cool...
Having a unique email address for different web sites is a wonderful thing. I have to admit that I really haven't gotten much spam, though. Well, my mp3.com address gets crap from mp3.com, and the address I gave to NSI get crap several times a week, but I think that one is people mining "whois". Oh, and I've gotten one spam from my Usenet address. Wheee!
I don't think it's correct to say that there is an inverse relationship between freedom and safety. There are times when increased freedom results in increased safety. There are also times when an individual has both their freedom and safety reduced at the same time.
Take for example somebody who is locked into a really bad prison. Their freedom has been taken away, and at the same time the prison may be a very violent and dangerous place. They have lost both freedom and safety. Conversly, when they are later released from prison, they may live in a much safer place and hence have increased both freedom and safety.
Going back to the earlier example of the "safe" compound and the "dangerous" wilderness it is easy to show that freedom has nothing to do with it. If you are in the compound because you choose to be of your own free will, then you enjoy some level of freedom. Just because I choose to live in a safe place instead of a dangerous place doesn't mean that I am less free. It just means that I am prudent.
On the other hand, if I live in the "safe" place because I am a slave and my owner doesn't want to risk his investment by letting me wander around where it's dangerous, I'm not free at all. Or, maybe my owner thinks he can get the most out of his investment by forcing me to fight lions in the colloseum. Either way, my "safety" isn't related to my "freedom".
This is a very good point, and could be easy used to show people the evils of this proposal. It is giving police the authority to break into your house and fiddle with your computer without your knowledge. Now, how are they supposed to do this if you have a good lock and/or alarm on your house? Should we be looking out for some future law which will require us to buy locks which open to some police master key? Perhaps we should register our alarm PIN's with the police too. I suppose the next logical step would be to make everybody show up for a 10 minute hate once a day so that the police would know when they could safely break in without getting caught.
We have often used the comparison that key escrow is like the police keeping a copy of your house keys. It appears that some people in government decided that this would be a good idea.
I'm afraid your mistaken. Quoted from a PDF file on www.sdmi.org:
Hock Leow, Vice President, Multimedia Division, Creative Labs, Inc. "The ultimate goal of SDMI is to provide consumers with wide selection and convenience in digitally distributed music. This is an evolutionary process that Creative Labs supports and we believe consumers will find value in SDMI-compliant products when there is a wide availability of SDMI content."
Although the addition of the radio to the Nomad is a nice feature. I may get one once it holds more than one CD;-)>
It seems that SDMI has been kind enough to put the current specification onto the web. You can find it at http://www.sdmi.org if you are interested. I took a look around, and I don't think that the so-called "phase 1" SDMI is anything to worry about.
From what I can gather, phase 1 devices (which are expected this fall) will pretty much just be able to recognize SDMI marked content, and respect whatever rules are encoded into that song. The devices will play any non-SDMI content without any complaints. In fact, the only screening that the player will do on the content seems to be a check for the "upgrade to phase 2" trigger. Once phase 2 is developed, the studios will begin putting this trigger into their SDMI songs. Those songs won't play until you upgrade. However, if you don't bother listening to SDMI songs, you shouldn't ever get the trigger. There is no indication that your player will break if you don't upgrade, you just won't be able to play phase 2 songs.
The so-called phase 2 is where they will actually try and get fancy with the protection. This version will try and screen all content to see if it is protected. They are hoping to have some sort of watermarking technique which they can use to mark CD's. These "phase 2" CD's, in theory, would produce MP3's which would still have the watermark. But, of course, if your player is phase 1 it won't know how to check for these watermarks, so your MP3's will work just fine.
The main possible problem I see is that most of this logic is contained in software that runs on your PC. That software then talks to the "Portable Device", or PD, over a "Secure Authenticated Channel". I think we can all image what would be involved in trying to write GPL software that would talk to one of these things over the SDMI interface. However, the spec does explicitly mention that PD's may have "unprotected" interfaces, with the caveat that all content from the "unprotected digital input" is "screened". I assume that this means that the PD has to check for the "upgrade" trigger. It's not clear whether or not the manufacturer would have to include two separate physical port, or if it would be OK to just have one port that would have some obscure protocol for putting it into "secure" mode. If the latter, I would guess that the SDMI Rio's will continue to work just fine with the current Linux software. Oh, except that you won't be able to copy songs out of the Rio. The Spec is very clear about that point. To be honest, I'm suprised Diamond included that in the first place.
It's my opinion that we may not ever see phase 2. I have strong doubts about anybody's ability to develop a watermarking technique for audio which can't be removed. Not to mention whether or not the current portables will be able to implement such a technique. Even then, there is a good chance that the consumer will soundly reject the whole thing before it even gets close to phase 2. Oh well, I guess we'll see.
Using a tunnel like this will NOT, I repeat, will NOT tell you whether or not your ISP is throttling back your traffic. The route that traffic takes from point A to point B may have nothing in common with the route from point C to point B. In other words, you may have the following situation:
route from A -> B sucks route from C -> B is good route from A -> C is good.
This is probably more common than people think. There are a handful of places on the Internet backbone which tend to get really clogged up. If your traffic happens to be going thru one of those points, your connection will suck. By using a tunnel to somewhere else, you may be avoiding that bottleneck and your connection will improve.
I actually ran into exactly this scenario last night. I am a USWest.net customer, and was connecting to a host on QWest. The connection was horrible, and a traceroute showed a long tortuous path thru a half a dozen providers (Hopefully now that QWest owns USWest they will begin peering;-). Just for kicks, I connected to work, which is a nice clean route thru USWest, BBN, and C&W. At work, we have a QWest connection in addition to a C&W connection, so from work to any QWest host was a clean route. So, by "tunneling" thru my workplace, I was able to get much better connectivity than by going directly.
If you actually wanted determine whether or not your ISP was throttling traffic, you would have to take direct measurements. I'm not sure what the best way to do this would be, as it would depend on exactly how the ISP implemented it. Some software along the lines of traceroute or mtr might be modified pretty easily to take some measurements. Another possible approach would be to use forged TCP packets. Say you have host A using the ISP you think is throttling. You have access to another host B at a different ISP. A program on host B sends forged TCP packets that appear to be from various web sites to host A. On host A, you have a program which tallies up the received forged packets. Since all the packets are taking the same route, the packet loss rate should be the same no matter what the source address is. If the ISP is throttling, it should be pretty obvious. The one problem with this approach is that the ISP host B is connected to should be dropping the forged packets. Not that it isn't easy to find an ignorant or irresponsible ISP that will let you source forged packets...
While it's true that the "underground" as you put it is alive and well, I think you are greatly overestimating it's size. In order to reap the benefits of these private FTP sites, you have to make a significant investment of time and effort in order to be accepted and gain access. The vast majority of people are not going to bother making that investment (even if they could figure out how.) While you say "millions more downloading it from private ftp sites", I would guess that the actual number is probably more like thousands.
What the studios, Lucas, RIAA, etc, are worried about are easy to find pirate sites. If somebody has a high speed FTP site, and gets a link up on Yahoo so that anybody who searches for "Phantom Menace" gets back a working link that says "download your own copy here", Lucas is going to have a problem. So, he hires a few lawyers whose job is to make all the pirates keep their heads down so that 99% of the population can't find the goods. Trying to catch that last hard-core 1% just isn't worth the effort on their part (especially considering the fact that they aren't likely to be successful anyway.)
If the pirate underground was really home to millions of people trading goods, the entire commercial software industry would have collapsed years ago. The reality is it is not easy to find out exactly where to go to find reliable sources of warez. And once you do find out, it's still a pain in the ass to actually find what you want and get a copy. And then it's often of dubious quality. All the studios have to do is make sure it stays this way. As long as the underground is actually underground, they don't have anything to worry about. If it manages to become highly-visible and reliable, then they are screwed.
I'm not so sure that you can be so quick to call this a bad idea. On the radio side, I don't think that the FCC would be proposing these rule changes if they thought there was a significant risk that it would reduce the FM band to nothing but static and interference. I could be wrong, but I would guess that the FCC has access to experts in the radio field to advise them on the technical aspects of a change like this.
On the Internet side, while it may be true that your typical slashdot reader will have a megabit connection in a few years, I don't think the general population will have one. Also, I find it extremely unlikely that I will have one in my car. Given that a large amount of the population gets their daily news via radio in their car, I think more competition here can only be a good thing. I'm lucky, and in my home town we have an excellent community radio station. However, most communitites are not so lucky. Perhaps this rule change would help rectify that.
Slashdot Mirror
This feature is very nice, and I'm glad to see it implemented. Something else that would be nice would be the ability to set user-defined timeouts on cookies from certain domains. Some web sites pretty much require you to accept the cookies for them to work properly. It would be cool if you could set the expiration time for these sites to some short, reasonable length of time like two or three hours. This would allow you to browse around the site, but when you came back to that site the next day, you would be a new "ID". Result: no long term tracking of who you are. It really bugs me the expiration dates that most sites put on their cookies. Here's an example from news.com:
.news.com d xqik1qehn5zVyp56a4Ln5crU5M7Rxq2pm5yWp6eppW 0=
The server www.news.com
wishes to set a cookie that will be sent
to any server in the domain
The name and value of the cookie are:
s_cur_1_0=0101sisi09537483561aecd3Jx4+POyJakrM2
This cookie will persist until Wed Dec 30 17:00:03 2037
Do you wish to allow the cookie to be set?
What the fuck? 2037? There is no rational reason to expect that this cookie would be useful in any way whatsoever in 2037. If more sites (any sites??) used rational expiration dates I might have more respect for cookies. As it is, I only accept them when there is a direct benefit to me personally.
This sometimes happens on Slashdot because Slashdot sometimes sends Doubleclick ads. I think it's just the ones for various IBM services. However, I have to say that I'm a bit bothered by it. As a rule, I have Netscape ask whenever someone sends me a cookie, so it is very visible to me when a site uses them. Usually, Slashdot is an easy site to read, since I almost never get sent a cookie (which forces me to click the "Cancel" button) except when logging in (which I don't mind at all.) In the past month, I've gotten several cookies from Doubleclick when loading Slashdot, though. Like I said, it seems to be ads for IBM when I do get them. I don't think I've gotten one in the last couple of weeks though, so maybe it's been stopped.
So, you're down on MP3's because some people are pirates? I have a better idea, why don't you "turn against" the people who are pirating the music? Although you may have a hard time believing it, many people make very good legitimate use of MP3s. Saying that you are down on MP3's because of pirates is like saying that you are down on computers because of script-kiddies, or that you're down on TV's because of "Who Want's To Marry a Millionare". It just doesn't make any sense. Well, maybe being down on TV does. But you get my point ;-)>
What's happened is that you have bought the RIAA propaganda that is trying to equate MP3's with piracy, when in fact there is no such equality. Don't blame the tool for the use that some people make of it.
I just recently bought a house, and hence got my first mortgage. Ever since, I have been deluged by both junk mail and telemarketers. I get mail either offering some sort of loan or home fix-up crap literally every single day. I get I don't know how many phone calls every week. Quite a few of them call during the day when I'm out, but I probably end up answering four or five calls from them a week.
I had figured that the company I got the mortgage from must have sold my name, but now I'm suspecting that it was TransUnion. Of course, due to the crappy state of privacy laws here in the US, I'll never know for sure. Oh well. I've got a friend who literally never answers the phone. He has his machine set to pick up after one ring, and you have to talk to the machine to get him to pick up. I used to think that he was just neurotic or something, but I'm giving serious thought to doing the same thing myself to avoid the telemarketers.
Slightly off-topic, but does anyone know of any good answering machine software for Linux? I would really like to be able to have an answering machine that acts normally if someone calls with valid caller-id info, and basically rejects anyone whose number doesn't come thru on caller id. Contrary to popular belief, the primary beneficiary of blocked caller id is telemarketers, not individuals. If the phone numbers of these companies actually came thru, we could just call them back and offer to sell them stuff, drastically increasing their costs. Or at least block the numbers out. Oh well.
I am 99% certain that these are all cases which have been explicitely allowed by the courts. It may be that, due to their private and non-commercial nature, they are considered outside the scope of what copyright prevents. The examples that you give are all times when fair-use allows re-distribution of a copyrighted work (either commercial or non-commercial.)
Now, the DMCA is truly an evil beast. It allows the copyright holders to place any type of lame, ineffective, or imaginary system of "access control" in place and then harass any customer who dares to try and enjoy any of the fair use rights that the courts have recognized as being part of societies half of the copyright balance. It gives the copyright holder all of the benefits of copyright, while outlawing virtually all of societies half of the bargain. Truely amazing.
However, the DMCA also requires the copyright office to determine if any classes of copyrighted work should be exempted. They are accepting written comments right now about what things should be exempted. Please go take a look at this to get more information. Please read over the comments they have already received in order to get an idea of how to (and how not to) write your letter.
Remember, this is not about DeCSS per-se. It is to determine which types of copyrighted work will not be protected by the DMCA. It should be easy for us to make the argument that any work whose access control system prohibits the fair-use and private copy allowences that the courts have recognized should not be protected. The deadline for comments is Thursday. Check it out, and please try and find the time to write a well thought out comment. This is an excellent opportunity for us to make our voice heard!
It would clearly be illegal to use a software descrambler to view content that you had not paid for. However, suppose that I've paid my subscription fees to the cable company for the content? Is it then illegal for me to use a software descrambler? I can imagine an almost infinite variety of fair-use possibilities for software like this.
Here is one example for possible uses. I could have a Linux box at home that acts as a VCR, saving selected TV shows as MPEG streams. I then transfer them to my laptop so that I can watch them on the plane or during a daily train commute. Since some of the things I want to watch are scrambled, it's necessary to use the software descrambler. Is this illegal? Does it benefit anybody for this to be illegal? Certainly not the consumer.
Similar examples are possible to think up with DVD. Suppose I buy one of the new ultra-light laptops which don't have DVD drives. It seems perfectly legitimate that I should be able to copy the contents of a DVD that I own onto the harddrive of a laptop, allowing me to watch my legally purchased movie on the plane or whatever. This is quite feasable. Sony, for example, makes a laptop with a 12GB hard drive and a 500MHz processor, but no DVD or floppy drive. However, the MPAA seems to think that this is a crime.
Here another example from the not-so-distant future. Suppose I buy a DVD-Audio disc since I now have a DVD-Audio player in my house. I also have a CD-R. It would be perfectly legitimate for me to rip the MPEG stream off of the DVD-Audio disc and convert it to a redbook format and burn a CD to play in the car. This is clearly an example of fair use. After all, I'm allowed copy a CD so that I can keep a copy in the car. Why shouldn't I be allowed to copy a DVD-Audio disc?
The reality is that copyright is a misnomer. It is not about copying, it's about distribution. It is also not a right, it's a temporary privledge granted by the government. It is also not absolute. There are many things which we are allowed to to with copyrighted material under fair use provisions. One example is to tape things using a VCR. Using a VCR to shift our viewing of a program temporally is a recognized fair-use. That doesn't mean I have the right to re-distribute what I've taped. But, I can use it myself. Another example is copying a music recording for personal use. It is a recognized fair-use for me to make a copy of a tape, CD, or LP to keep in my car. I don't have to buy a second copy, I'm allowed to make one.
The question isn't really whether or not the MPAA or whomever is allowed to use boneheaded techniques to control access. The question is whether or not it should be illegal for use to bypass said boneheaded measures in order to enable a legitimate fair use of content that we have legally purchased.
The best part is, with these chips you won't even need the null cable. Just use a regular patch cable, and the chip will fix the "wiring mistake". Kind of cool. Now, if only the auto-negotiate doesn't suck...
The six CD's is what sold me on SuSE. I run Linux primarily on my laptop, so I can't count on having a network connection. Having a couple of gigs of utilities lying around in my laptop bag really comes in handy sometimes. It's amazing some of the stuff you find in a SuSE distro.
Actually, I've thought a little bit about this, and I think I 've got an idea that might be a little more fun.
Of course, you should be able to specify the domains that you always accept cookies from, and the domains that you never accept cookies from. But, what could be an entertaining third option would be to send a fake cookie to the domain. I'm thinking of some simple configuration where you could set a fixed prefix, and have it add the right number of numbers and/or letters onto the end of it. Lot's of sites just use something simple like:
"ID=nnnnnnnnnn". So, you just make up a random number each time you send them a cookie. End result? Their database starts filling up with random junk, and/or their error logs start growing with strange errors. If enough people were doing this, it could become a real headache for the cookie monsters.
Another interesting possibility, which is more involved, is some sort of anonymous cookie exchange. When your browser got a new cookie, it could automatically upload it to the cookie exchange server. The server would then send you a whole list of other matching cookies to use randomly. This would prevent the cookie sites from using large cookies with CRC's or MAC's to detect spoofed cookies. Since they would all be real, legit cookies, they would all be accepted by the tracking site. End result? Lots of random records with little to no marketing value.
I doubt that Netscape or IE would ever decide to pick up such a feature, but that's the great thing about Mozilla. They don't have to.
The size of the VLIW words (molecules in Transmeta speak) is not the issue. It's the word size that operations are performed on. When a processor is described as being 16, 32, or 64 bit, this generally referrs to the size of the integer/arithmetic units and registers. The fact that the Crusoe can issue four 32-bit commands in a single instruction does not make it a 128-bit processor.
To be honest, I can't find an exact reference to the size of the functional units, but given that they are designed to be x86 compatable, it's a good guess that they are 32-bit units. On the other hand, Itanium will certainly have 64-bit functional units, and being VLIW (EPIC in Intel-speak) will probably issue 2 or 4 instructions at a time. That will not make it a 128 or 256 bit processor, however.
It's interesting to speculate on how the Crusoe will affect the Itanium, since in many ways they are very similar products. My understanding of Itanium is that it's a 64-bit VLIW processor that will have some capability for emulating x86 instructions. Sounds a lot like Crusoe. Sure, one is 64-bit and the other is 32-bit, but that could change. Transmeta could easily replace Crusoe's functional units with 64-bit versions and the users would never even know.
More interesting is going to be watching what happens with the patents that Transmeta has on low-level emulation. Is Intel going to be able to keep Itanium from sucking on x86 code without getting a license from Transmeta?
It's a good thing that Bill is still chairman. Otherwise, the "Chairman Gates" / "Chairman Mao" innuendo wouldn't work any more. Chairman Ballmer just doesn't have the same ring to it.
Re-read the article carefully. The patents are held by Secure Computing, who is doing the work. The NSA is merely buying a product that includes patented technology. No more, no less.
I agree 100% that the idea of any human action destroying all life on the planet is pretty far-fetched. However, that doesn't mean that we can't do things that would make life much harder or even impossible for humans. I think it's pretty much a straw man argument to worry about all life being destroyed. It's just not going to happen. But we can make human existence pretty crappy.
Take for example the Black Plague. It didn't even start to jeprodize life as a whole, but it made life for humans pretty crappy. Another example would be global warming. It doesn't have a chance of wiping out all life, but if all our coastal cities flood and all or our aerable farmland turns into deserts, the impact in terms of human sufferering will be tremendous.
If you can't think of any reason why they would want to keep individual data, you're not very imaginative. Hmmm, perhaps to compute top 10 CD lists by various demographics. To be able to perform this retroactively when they have a new demographic they want to check. So that they can track the effectiveness of advertising specific albums to specific groups. Having all the specific data is lots more useful than just having some aggregate numbers. It lets you run whatever analysis pops into mind on the data. Ever hear of data-mining? It's just the process of analyzing the huge amounts of random data the companies keep looking for whatever patterns or facts are interesting.
As for how big that database would be, let's make a rough guestimate to see if it's feasable. Let's say that for each CD, we need to save it's 4 byte CDDB ID and a 4 byte counter for how often it's been played by a person. Let's also guess that the personal information is 1KB in size. Let's also assume that our database takes up twice as much room as the raw data it contains. If you are keeping track of 1,000,000 users who each have 1,000 CDs they listen to, your database will be:
1 million 1K personal entries for 2 GB disk space.
1 thousand 8 byte entries for each of those million users, for another 16 GB of drive space.
Let's see, an 18 GB drive is worth what, about $200? Do you think RealNetworks has room in their budget for a $200 dollar hard drive?
I think we all need to keep in mind that we already live in an era where it is quite affordable and feasable to keep significant amounts of data about everyone. There was a time when this wasn't feasable, but it is gone now. There is every reason to believe that companies will keep as much data as they can, simply because it's cheap and it could come in useful someday. Why not keep it?
There are many problems with this approach. But, the most important one is that it's trivial for DoS attacks to get around. Suppose that everyone spends big bucks to upgrade their routers to the new, fancy, packet-checking versions. Now, all of the old flood-ping DoS programs stop working. Great. Everything is wonderful. Except, the crackers add a single line of code to the DoS programs which tweaks each packet so that they are all different. All of that work that was invested in the new routers is now completely wasted. The winner: Cisco. The Losers: everybody else.
The linked article never mentions a serial number ala Pentium III. Never. Not once. What it does say is that the IBM PC's will include a chip which performs some public-key encryption routines. Specifically, it will perform digital signatures. Now, how exactly is that an invasion of your privacy?
;-)>
I'm amazed at how many posters on this thread are running on the "it's another CPU ID" gripe when that has no basis in reality. Besides, these PC's will probably ship with P-III's, and why reinvent the wheel
To quote from the C|Net story about this:
------quote on--------
Big Blue, taking a lesson from Intel's blunder, worked with privacy groups, such as the Center for Democracy and Technology, on implementing the security chip.
"We found we could create a solution that does not create additional privacy concern, but built on a good security base and lets the user be the ultimate decision-maker," said Hester.
------quote off-----------
While it's true that the devil is in the details, and we don't know a lot about how this will be implemented, I have a hard time seeing how this a bad thing. Unlike the PIII ID feature, which provides no security at all for the user, this has the potential to provide a lot of security for the user. The reality is that encryption based digital signature techniques, which this chip will help enable, are the only way to protect people from identity theft online.
The big question is how avaiable is the documentation going to be. If it will be possible to write linux drivers and (say for example) allow GPG to perform RSA using licensed hardware, that seems like it could be a good thing. Depending on what the API looks like for this thing, it may be possible to turn around the "strong" signature capability and turn it into a "strong" encryption engine. Now that would be cool...
Having a unique email address for different web sites is a wonderful thing. I have to admit that I really haven't gotten much spam, though. Well, my mp3.com address gets crap from mp3.com, and the address I gave to NSI get crap several times a week, but I think that one is people mining "whois". Oh, and I've gotten one spam from my Usenet address. Wheee!
I don't think it's correct to say that there is an inverse relationship between freedom and safety. There are times when increased freedom results in increased safety. There are also times when an individual has both their freedom and safety reduced at the same time.
Take for example somebody who is locked into a really bad prison. Their freedom has been taken away, and at the same time the prison may be a very violent and dangerous place. They have lost both freedom and safety. Conversly, when they are later released from prison, they may live in a much safer place and hence have increased both freedom and safety.
Going back to the earlier example of the "safe" compound and the "dangerous" wilderness it is easy to show that freedom has nothing to do with it. If you are in the compound because you choose to be of your own free will, then you enjoy some level of freedom. Just because I choose to live in a safe place instead of a dangerous place doesn't mean that I am less free. It just means that I am prudent.
On the other hand, if I live in the "safe" place because I am a slave and my owner doesn't want to risk his investment by letting me wander around where it's dangerous, I'm not free at all. Or, maybe my owner thinks he can get the most out of his investment by forcing me to fight lions in the colloseum. Either way, my "safety" isn't related to my "freedom".
This is a very good point, and could be easy used to show people the evils of this proposal. It is giving police the authority to break into your house and fiddle with your computer without your knowledge. Now, how are they supposed to do this if you have a good lock and/or alarm on your house? Should we be looking out for some future law which will require us to buy locks which open to some police master key? Perhaps we should register our alarm PIN's with the police too. I suppose the next logical step would be to make everybody show up for a 10 minute hate once a day so that the police would know when they could safely break in without getting caught.
We have often used the comparison that key escrow is like the police keeping a copy of your house keys. It appears that some people in government decided that this would be a good idea.
I'm afraid your mistaken. Quoted from a PDF file on www.sdmi.org:
;-)>
Hock Leow, Vice President, Multimedia Division, Creative Labs, Inc. "The ultimate goal of SDMI is to provide consumers with wide selection and convenience in digitally distributed music. This is an evolutionary process that Creative Labs supports and we believe consumers will find value in SDMI-compliant products when there is a wide availability of SDMI content."
Although the addition of the radio to the Nomad is a nice feature. I may get one once it holds more than one CD
It seems that SDMI has been kind enough to put the current specification onto the web. You can find it at http://www.sdmi.org if you are interested. I took a look around, and I don't think that the so-called "phase 1" SDMI is anything to worry about.
From what I can gather, phase 1 devices (which are expected this fall) will pretty much just be able to recognize SDMI marked content, and respect whatever rules are encoded into that song. The devices will play any non-SDMI content without any complaints. In fact, the only screening that the player will do on the content seems to be a check for the "upgrade to phase 2" trigger. Once phase 2 is developed, the studios will begin putting this trigger into their SDMI songs. Those songs won't play until you upgrade. However, if you don't bother listening to SDMI songs, you shouldn't ever get the trigger. There is no indication that your player will break if you don't upgrade, you just won't be able to play phase 2 songs.
The so-called phase 2 is where they will actually try and get fancy with the protection. This version will try and screen all content to see if it is protected. They are hoping to have some sort of watermarking technique which they can use to mark CD's. These "phase 2" CD's, in theory, would produce MP3's which would still have the watermark. But, of course, if your player is phase 1 it won't know how to check for these watermarks, so your MP3's will work just fine.
The main possible problem I see is that most of this logic is contained in software that runs on your PC. That software then talks to the "Portable Device", or PD, over a "Secure Authenticated Channel". I think we can all image what would be involved in trying to write GPL software that would talk to one of these things over the SDMI interface. However, the spec does explicitly mention that PD's may have "unprotected" interfaces, with the caveat that all content from the "unprotected digital input" is "screened". I assume that this means that the PD has to check for the "upgrade" trigger. It's not clear whether or not the manufacturer would have to include two separate physical port, or if it would be OK to just have one port that would have some obscure protocol for putting it into "secure" mode. If the latter, I would guess that the SDMI Rio's will continue to work just fine with the current Linux software. Oh, except that you won't be able to copy songs out of the Rio. The Spec is very clear about that point. To be honest, I'm suprised Diamond included that in the first place.
It's my opinion that we may not ever see phase 2. I have strong doubts about anybody's ability to develop a watermarking technique for audio which can't be removed. Not to mention whether or not the current portables will be able to implement such a technique. Even then, there is a good chance that the consumer will soundly reject the whole thing before it even gets close to phase 2. Oh well, I guess we'll see.
Using a tunnel like this will NOT, I repeat, will NOT tell you whether or not your ISP is throttling back your traffic. The route that traffic takes from point A to point B may have nothing in common with the route from point C to point B. In other words, you may have the following situation:
;-). Just for kicks, I connected to work, which is a nice clean route thru USWest, BBN, and C&W. At work, we have a QWest connection in addition to a C&W connection, so from work to any QWest host was a clean route. So, by "tunneling" thru my workplace, I was able to get much better connectivity than by going directly.
route from A -> B sucks
route from C -> B is good
route from A -> C is good.
This is probably more common than people think. There are a handful of places on the Internet backbone which tend to get really clogged up. If your traffic happens to be going thru one of those points, your connection will suck. By using a tunnel to somewhere else, you may be avoiding that bottleneck and your connection will improve.
I actually ran into exactly this scenario last night. I am a USWest.net customer, and was connecting to a host on QWest. The connection was horrible, and a traceroute showed a long tortuous path thru a half a dozen providers (Hopefully now that QWest owns USWest they will begin peering
If you actually wanted determine whether or not your ISP was throttling traffic, you would have to take direct measurements. I'm not sure what the best way to do this would be, as it would depend on exactly how the ISP implemented it. Some software along the lines of traceroute or mtr might be modified pretty easily to take some measurements. Another possible approach would be to use forged TCP packets. Say you have host A using the ISP you think is throttling. You have access to another host B at a different ISP. A program on host B sends forged TCP packets that appear to be from various web sites to host A. On host A, you have a program which tallies up the received forged packets. Since all the packets are taking the same route, the packet loss rate should be the same no matter what the source address is. If the ISP is throttling, it should be pretty obvious. The one problem with this approach is that the ISP host B is connected to should be dropping the forged packets. Not that it isn't easy to find an ignorant or irresponsible ISP that will let you source forged packets...
While it's true that the "underground" as you put it is alive and well, I think you are greatly overestimating it's size. In order to reap the benefits of these private FTP sites, you have to make a significant investment of time and effort in order to be accepted and gain access. The vast majority of people are not going to bother making that investment (even if they could figure out how.) While you say "millions more downloading it from private ftp sites", I would guess that the actual number is probably more like thousands.
What the studios, Lucas, RIAA, etc, are worried about are easy to find pirate sites. If somebody has a high speed FTP site, and gets a link up on Yahoo so that anybody who searches for "Phantom Menace" gets back a working link that says "download your own copy here", Lucas is going to have a problem. So, he hires a few lawyers whose job is to make all the pirates keep their heads down so that 99% of the population can't find the goods. Trying to catch that last hard-core 1% just isn't worth the effort on their part (especially considering the fact that they aren't likely to be successful anyway.)
If the pirate underground was really home to millions of people trading goods, the entire commercial software industry would have collapsed years ago. The reality is it is not easy to find out exactly where to go to find reliable sources of warez. And once you do find out, it's still a pain in the ass to actually find what you want and get a copy. And then it's often of dubious quality. All the studios have to do is make sure it stays this way. As long as the underground is actually underground, they don't have anything to worry about. If it manages to become highly-visible and reliable, then they are screwed.
I'm not so sure that you can be so quick to call this a bad idea. On the radio side, I don't think that the FCC would be proposing these rule changes if they thought there was a significant risk that it would reduce the FM band to nothing but static and interference. I could be wrong, but I would guess that the FCC has access to experts in the radio field to advise them on the technical aspects of a change like this.
On the Internet side, while it may be true that your typical slashdot reader will have a megabit connection in a few years, I don't think the general population will have one. Also, I find it extremely unlikely that I will have one in my car. Given that a large amount of the population gets their daily news via radio in their car, I think more competition here can only be a good thing. I'm lucky, and in my home town we have an excellent community radio station. However, most communitites are not so lucky. Perhaps this rule change would help rectify that.