Whoa. Are you saying this is applying HDCP to everything it plays?
That would be very interesting, since if I made a video of my own and played it through this device, the television would be descrambling a technological measure which limits access, without my authorization. That's circumvention. This device from Apple, would cause the manufacture and sale of all HDMI compliant TVs to become illegal.
It's like democracy. It sucks but is better than everything else.
And if a user 1) lacks the technophilia to be the right person to do it, and 2) lacks the wisdom to defer to another party of their choosing (e.g. a distribution maintainer), then they are a lost cause anyway. There is no solution that is ever going to make their machine secure.
The neat thing about Free OSes is that there are many ways to approach #2, whereas proprietary OSes these days, insist that you must defer to someone (there is no option #1) and may not choose to whom you will defer.
If you happen to think that The One Party to whom you must defer, is unusually trustworthy and competent, then it seems fine. People who look at track records, though, will question the choice, and eventually it always leads to "of course they make it so that you have to trust them; if the choice were left to the computer's owner, they would never choose that company again."
Maybe it's all ancient history to you, but to me, these are the people who thought ActiveX ought to be in web browsers. These are the people who thought an OS should ship such that, by default, it loads and executes code from a CDROM when you insert it. These are the people who still (AFAIK, maybe I'm starting to get out of date) use file names (extensions) instead of permissions, to determine if a file is executable. These are the people who (again, AFAIK, maybe my prejudice is showing) basically invented the idea of a full-fledged programming language engine being in spreadsheets and word processors, which will load and run the code in a document when you load the document. Etc, etc, etc.
I would say that this one company, more than any other that we've ever heard of, has the least credibility if they ever say uneducated users shouldn't be in charge of security. Even an uneducated user isn't likely to make worse choices than Microsoft has. And now they want to be The One global root CA for all code, even outside their own OS. I would say that'd be the funniest thing ever, but then I heard something even more hilarious: some people are taking their proposal seriously.
encourage things like per-host random keys - with the stupid UEFI checks disabled entirely if required. They are almost certainly going to be *more* secure than depending on some crazy root of trust based on a big company, with key signing authorities that trust anybody with a credit card. Try to teach people about things like that instead. Encourage people to do their own (random) keys, and adding those to their UEFI setups (or not: the whole UEFI thing is more about control than security)
Imagine if someone invented a protocol like ssh, but then suggested that of course, nobody should be able to use it except in situations where a host's key is signed by one of the global CAs, like we do on the web except without the possibility of self-signing or for new CAs to enter the market.
Nobody would call that "secure." They would call it a joke which goes out of its way to be less secure, by deliberately adding an untrustable link. And the fix to such a protocol would be obvious. Well, that's just what Linus did in the above paragraph: he told you how to turn SecureBoot from "just plain stupid" into "decent even if still mostly useless."
If it comes down to doing things with one hand, then even the 3.5" ones will fail with me. Touchscreen in same hand that's holding it, has just too high of an error rate for me. Real buttons can be used that way, but touchscreens fail. (It would help if the designers would use decent-size batteries, questing for something useful rather than extreme thinness. Use a real battery and the device will weigh more, and be more stable when held in one hand! Fuckwit designers, grumble grumble.)
Fortunately, it doesn't really come down to doing things with one hand. To me, it's all about size relative to front trouser pocket. Your milage may vary; we all have different ways of doing things.
BTW, I'm seeing a trend I didn't notice before: people are saying that if a device is too big, then somehow it looks silly when you hold it up to your ear like a phone. I think that's a matter of totally arbitrary taste. I was watching The Prisoner (1967) again a few weeks ago, and they had some enormous phone props, and you know what? They actually looked kind of cool (I'm not saying they would be practical, just that the aesthetics worked out ok). If you think a large phone looks silly, then either the problem is with you, or there's some elusive stylistic aspect to phones, above and beyond size. Personally, I think the problem is in the eye of the beholder, but if I'm wrong about that, then I'm probably right in thinking that someone can make a good-looking large smartphone. It just won't be one of us tech-heads.
The nice thing about prisons, guns and court orders, is that those things never secretly happen to you without your knowledge. Go ahead, try to sneak-and-peek interrogate someone.
All digitally encoded analog data is "lossy." Even CDs are "lossy."
CDs are the benchmark, though. Being less lossy than CDs is essentially unattainable, in the sense that nobody is willing to sell it to you. (Within various constraints which I think would just be a distracting digression, but we can talk about them if you want.) So lossiness is implicitly relative to CDs. And despite some of the weird shit I've seen people talk about here, DRM-free CDs actually are still for sale (and never weren't for sale) so they remain the benchmark. In that sense, FLAC is lossless, because it's no worse than the benchmark.
I can't hear the difference between a CD and a "-q 7" Vorbis file. That doesn't mean no one else who might be listening can't, though, or that I might not ever hear anything on decent equipment (where decent is defined merely as headphones, not something fancy; I do most of my music listening in the car these days, or while buzzed and barbecuing in the back yard).
And it's not so much about avoiding lossy (relative to CDs) as voting-with-my-wallet for something else, since CDs are still for sale. Why would I want to buy a 320kbps MP3 when I can get the CD instead? Take CDs off the market, and then I might get less scornful of lossy, since it'll be the best I can do, just as CDs are currently the best I can do. But that hasn't happened and I'm not even seeing signs that it's started happening yet.
BTW, we're in that situation now, with video. There's no equivalent of CD's "implicitly lossless" to be relative to; just various degrees of lossiness, relative to (and further artifacted by transcoding from) already-lossy sources. And unlike CDs, those sources aren't acceptable for purchase anyway, due to the DRM. So really, the flexibility of accepting lossy media really does exist and I offer video consumption as the perfect living example, of the best version of something, being one that is measurably lower fidelity (sometimes even perceptually lower!) than others. Your argument really does apply there.
I'm just saying it doesn't apply to music. Or at least not for me.
The RIAA companies have done some odious things, but overall they (and their competitors, really the whole music industry) have done a good job of remaining open for business, and being The party who has the best (or tied-for-best) version of recordings (e.g. pirates have nothing better than CDs), compared to the MPAA companies. The RIAA will still be around, accepting our money like professionals, long after the video market has collapsed, due to the MPAA's hard line "just say no to customers and their money" policy.
Regulation is when you point a gun at someone else's face and tell them to do things the way you say, or else. He's talking about altering their own internal decisions. That's not regulation; that's administration.
When you win a battle, celebrate that you moved the front. Don't fret that you didn't win the war yet. It is good to lock a door and make a burglar noisily kick it in, even if he still gets in.
The process changed the place. The reason elections are won by pre-election dealing, is that we have (mostly) succeeded at making it sufficiently hard to win by ballot box hacks. Pre-election deals are relatively expensive compared to ballot box hacks.
Sure, we're looking in the wrong place, but only because it was the right place. It's not stupid to work on this stuff.
You're acting like its an SSL issue that MS decided to consider expired certs invalid in their systems rather than accepting them.
No. I'm saying it's an SSL issue that when The One and Only cert that can possibly exist, expires, there is no backup trust path. When the expiration happens, the number of valid certifications falls from 1 to 0. With a real world trust model, when an expiration happens, the number of valid certifications could fall from, say, 4 to 3.
If you lose your drivers license, your passport should still work. Or it should somewhat still work, successfully persuading some people, maybe even a majority of people, that you're you. And a passport plus a CostCo card plus a note from your mother, ought to work a little better than just a passport alone.
PGP gives you a certificate with no way to verify it with a known source. Everyone picks their own source of verification!
Didn't your irony alarm go off, when you wrote something that dumb, and then said I don't understand how PGP and SSL work?
You're probably one of those morons who think self-signed certs shouldn't trigger warnings too aren't you?
You're probably one of those morons who think a complete lack of any cert or encryption -- plaintext which can be passively snooped, or actively altered, without even bothering to MitM -- shouldn't trigger warnings, aren't you?;-)
The debate about how UIs should present the risks associated with unauthenticated connections, has always been about relative degrees. I don't really have a solid position about whether a self-signed cert should trigger a warning or not; the severity of the risk depends on the situation. I do hold, though, that SSL with a self-signed cert is safER than eschewing SSL altogether. MitM-vulnerable crypto is better than lack of crypto. If a web browser shows a modal warning for https and self-signed certs, and doesn't also show that warning (or something more severe) for http, then it was either written by fools or is micromanaged by clueless PHBs.
Imagine if someone's signature on your PGP identity expired. It might be a bit of a blow, but people would still have other trust pathways toward you. Then you get a new signature from 'em, or someone else.
Certs can fail in so many ways, both false positives (compromised CAs) or false negatives (such as this expiration), and a myriad of subjective failures since different people have different reasons to trust (or not trust) different CAs. The risks aren't even theoretical. Failure really happens, to the extent that it's almost routine and we see a story about it here on Slashdot every month.
And Phil Zimmerman totally solved the problem(!) in, what, 1988? Why are we still using obsolete-the-day-it-came-out single signer systems? So brittle. So unrealistic.
The only reason I can think of, is that it would work too well. MitM attacks would become nearly impossible for even the most powerful governments. Certs would become so competitive and cheap that the CA business would collapse.
The FCC should put the entire radio spectrum up for sale to the highest bidder on a rotating 10-year cycle,
Let me get this straight: every single device which uses radio, should potentially become obsolete, every ten years?
"Yeeah, I bought this access point in 2011. I know, I know, it uses a band which might be owned by the police department starting January 1 2014 but I figured it was still worth the money even if I only get to use it for three years. And besides, remember when my 2005 walkie-talkies supposedly became illegal in 2006 because the FAA won the bid for that piece of spectrum? Nobody ever caught on that I had kept on using them, because it was so infrequent. And face it: it was kind of fun joining in on the pilot-ground conversations every once in a while."
It's not about the contract. When the copyright on the phone's firmware runs out, the prohibition against cracking its DRM will end too. You are allowed to unlock your phone in 2103. So just be patient.
People should examine how DMCA is involved at all, or why an exemption is needed.
Even if you take a hopelessly naive view of the purpose of DMCA's circumvention prohibition, even if you think it's a good idea to use force against everyone in order to address the 0.0001% case where someone accesses a movie for infringing purposes -- this scenario is still abuse of that law, roughly comparable to the Lexmark ink cartridge case.
On an optical disc containing an encrypted movie, the "work" whose access is limited by a technological measure, is the movie.
On a printer ink cartridge, or a mobile phone, the "work" whose access is limited by a technological measure, is... hey, waitaminute! It's some kind of weird normally-not-copyrightable thing. Ink, really? Access to a network?! Even if you put all cynicism aside and read DMCA at face value, are you telling me Congress passed that law, for the purpose of granting vertical monopolies to product-tie terminals to networks?! Even if you get more realistic and say DMCA was to product-tie content with players, that purpose still doesn't apply to the phone situation.
The LoC's decision to not exempt phones, was purely malignant and indefensible. But even so, an exemption isn't enough of a correction. DMCA needs to be fixed so that it at least stops being so broad that it's applicable to the phone situation. Propose that to Congress, Mr. President. (Better yet, just toss the circumvention-prohibition crap altogether; if you do that, then everyone (consumers and also copyright holders) will win. But maybe learning the lessons of the last 15 years, is too much to expect this time around.)
It's really hard to advise, when you have a don't-ask condition.
That aside, I'd recommend you avoid or delay things for as long as possible. You know, the best time to buy electronics is "never" because something new (e.g. Haswell, 4TB drives for today's 3TB price, etc) is always around the corner, to make you feel like a fool a few months later. So only get things you really think you need right away, and the more you put off, the better. You might decide you only need two TVs, for examp-- but, ok, ok, sorry, I won't ask about that!;-)
As for me. If I had money to burn and now was really the time to replace anything I could.. then I'd hire a contractor to somehow magically run some copper (no, it's not easy in this house), so that I wouldn't ever have to use wifi for any inter-room links. Goddamn I hate wifi. The walls are solid and the under-house "crawl" space (as if anyone could actually get on their hands and knees) is so thoroughly infested with black widows that I would never send anyone down there, much less go there myself. Fuck that. Ok. ok, an exterminator and then a contractor.
If I design a tool to, say, track what you eat and how much exercise you do and give you information, and I'm able to design a user interface for my application that is appropriate for desktop, tablet and phone, and the right one shows up at the right time, the issue of how appropriate Unity is as a desktop application launcher is totally irrelevant.
Huh. I guess there are two ways to take what he said.
If the way the toolkit works, is that developers are required to design three UIs for each app, then your point stands. (e.g. in your energy tracking app, you're actually thinking about how it looks different, on different devices.)
I took Shuttleworth's words as suggesting there's some kind of high-level UI or abstract signals of intent or relationships, which the toolkit (not the application programmer) resolves differently for different devices.
(Why do I think that? Because that's what I always try to do (to varying degrees of success); call it projection. Whenever I'm doing something "application-ish" rather than "library-ish," I don't want to ever be thinking about handheld vs desktop vs $NEXT_THING(glasses?). And every time I make an exception, I view that as a weakness, and probably symptomatic of having made a design mistake in the library.)
And if they take that approach (and maybe they're not doing that; I could be all wrong) then all/most/many application UIs which use this toolkit (probably including your energy tracking app), when run on desktops, would come out with a similar look'n'feel to them. Nothing wrong with that! But Unity is an expression by Canonical of how things should be, and Yog-forbid it's the result of an early prototype of the very toolkit in question.
Well, there are two important things that should be in every jalapeno popper recipe, or the recipe is doing more harm than good just by being out there on the web...
Seriously, it does more harm than good, if the directions lack something?
Not all directions are for beginners. Not all directions are only useful to beginners. You can know how to handle jalapenos and still benefit from recipes which use them.
I can't comment on things which are seriously "aimed" at beginners (e.g. "..for Dummies" books, or cookbooks which are litererally marketed as being "for people who don't know how to cook"), but I can tell you this: there is a Shitload of very useful information out there, on topics every bit as wide as all the sphere of human endeavor, which isn't aimed at beginners, and is incredibly useful to non-beginners.
I am hardly a cooking expert, but most of my cookbooks are not "for people who don't know how to cook" and no where on the cover or back page, are any such claims made. And the books can still have immense value.
"good" means "produces good results when followed by someone with no prior knowledge in this area".
Most of us don't define "good" that narrowly. Sometimes we do; sometimes you're right, and that's what we're looking for. Most of the time, no. I routinely look for information about things that I'm not a beginner at. I bet you do, too.
When you are reading a book about all the different sports that you can play with Happy Fun Ball, not every damn sport description has to tell you Do Not Taunt Happy Fun Ball. Sometimes it's ok for the author to make assumptions. You did survive long enough to buy the book...
"Developers will be able to ship a single application binary which itself can respond to the different form factors," Shuttleworth said. "You will be able to write a single application binary that can run on a phone, or a tablet, a PC, or a TV, and it will declare to the system which of those form factors it can support and we will present the appropriate interface for that application on each of those form factors."
The reason people are skeptical about that, is that Ubuntu's default packaging suggests that Canonical thinks Unity might be "an appropriate interface" for the desktop.
Perhaps a good test of Canonical's brand new magic tech, will be to see if they can ship a certain application which does what they describe. The application I have in mind is.. oh.. let's say.. application launcher. Can a version of, or an alternative to, Unity be made, which uses this new toolkit?
And not suck?:-)
Shuttleworth, please don't say that one kind of application is a special case, somehow outside the scope of your toolkit. We're just talking about an interface where users somehow pick something out of a potentially long list of things. Lots of apps are variations of that theme, not just program launchers.
The problem is we have a President who prefers to appear to be a wimpy appeaser of right wing extremists than be an actual liberal.
Are you sure you got your "right wing" and "liberal" labels right? Let's review some simple definitions and connotations.
One point of view, is that the constitution is a "living document" and need not be strictly adhered to. Government's powers and responsibilties are flexible, and change with the times. Tradition is overrated. "Tried and True" strategies can become obsolete. Government leads. The vision shared by the many, outweighs the rights of a few. Be expedient and pragmatic, in the pursuit of performance and progress.
The other point of view, is that constitution is a strict limitation on powers and responsibilities, and if conditions change, the people can damn well pass an amendment. Government power should remain as limited as possible. When in doubt, do things like they've always been done. Some things change, but human nature doesn't change. Our basic relationship with the government, and the social contract itself, doesn't change. Government needs to get out of the way, much less lead. The rights of the few outweigh the desires of the many. Respect the rule of law, even if inconvenient or costly.
Let me ask you: which of the two above PoVs is conservative and which is liberal? (Each actually has its weak and strong points! but I'm not talking about which you agree with, just where you put each one on the spectrum.)
When I think of extra-judicial processes not authorized by the constitution, I think of FDR's Japanese internments. And I damn well know which side of the political spectrum we all put FDR on. But maybe that's just me. Is FDR considered "conservative" now? Am I all wrong about the right/left -ness of Gitmo (and by extension, Republicans vs Democrats on this issue), or are you?:-)
ID needs to stop being a secret. The evidence which made people suspect something like that may have happened, and the corroborating evidence and experiments which confirmed Intelligent Design, need to finally be published. Seriously, people, it's time.
I think what may be going on with ID, which is currently causing it to look completely non-science-like, is that all the evidence is all under a NDA (covering the Designer's trade secrets). With none of it publishable, none of it has ever been published. And for whatever reason (perhaps it's just insanely difficult) nobody has yet ever independently (free of NDA) found this evidence or proposed an experiment to create some.
Maybe that's the real problem with ID: it's a science, but a proprietary-encumbered one, where they can't legally show you the evidence which makes it be a science. You'd think the Missouri legislature would have the power to make the NDA unenforcible in their state. Blow the lid off it, and damn the consequences of the leak!
Why don't they do it? Does the Designer lobby them against it, to keep all the evidence out of the public eye and retain his competitive design advantage? If they're so beholden to this Designer's lobby, then why leak the existence of him at all, or otherwise do things to hint to people that the evidence exists? Labeling ID as a theory practically tells everyone that there must be some evidence somewhere, so people are going to look for it, and that has got to endanger the secret, in itself.
I think the Missouri legislature ought to either go all the way (remove the NDA's power so that ID can Come Out as a real science) or STFU and try to keep the secret. These half-measures are stupid!
How much work are you willing to do to watch that movie for free where you can pay a $10 a month subscription or rent it for $2.00? Is it worth trying different patches made by people of questionable ethics, perhaps having to rebuild you OS every once in a while until you find the good patch.
Arrghh.. Really? People can still totally misunderstand the situation this badly, in 2013?
The people who endure the things that you're talking about, also pay. The fact that they paid for the DRMed media, is why they have DRMed media. Nobody does anything like what you're talking about, to avoid paying.
People who don't pay, don't go through any of that. How much work am I willing to do to watch that movie for free? NONE. The free content is what works on a computer without any patches, rebuilding, soldering, etc; it works under normal conditions with normal hardware and software. That's the smooth, reliable case, and since anyone and everyone can work on it, there are many players competing against each other to be The Best.
The non-free DRMed content, is the stuff where the computer is always abnormal in some regard. Either the computer is actively hostile to its user (i.e. the user just accepts the absurdity of the DRM-compatible players' artificial limitations and their general lack of competitive features), or it's schizophrenic and (possibly) unreliable, due to needing to [appear to] serve two masters (the case you seem to be harping on).
There's not even a grey area worth speaking of. It's not a matter of "some non-payers have to deal with DRM and some customers don't." These are truly all-or-nothing scenarios, where the exceptions are so rare that it's not worth speaking of. Everyone who makes use of pirated media, is free from having to deal with DRM bullshit while they use that media. And similarly, everyone who does struggle with DRM, is always working with a non-pirated copy, which was paid for, unless you're talking about some fringe case of shoplifting or something like that. Don't you understand that?
So it's not a matter of keeping the honest honest. It's a matter of punishing and discouraging the honest for the "crime"(?) of being honest, constantly tempting them with the promise of how much nicer and easier things will be, if they defect.
One possibility is that Germany could be subsidizing their solar competitors less than US does. So even at greater solar cost, solar energy might be more viable in the big picture, due to a free-er market.
If Germany's various mining industries have to pay for their liabilities to others (whereas in US we let it be an externality; if your water got polluted by fracking or dumping part of the top of a coal-filled mountain into a stream, then their action is somehow your expense; or if an industry's price stability needs an expensive military campaign, the taxpayers will bear that rather than the industry or its customers) then those techs' energy can be relatively cheaper to produce. In addition, if users' purchase of those other energy sources is subsidized (i.e. you aren't required to pay to plant a tree to soak up the CO2 that your burn is about to release into everyone else's atmosphere; the taxpayers will bear that expense whether they use fossil or solar) then solar will be comparatively more expensive.
That wouldn't explain why their solar products don't get undercut by China, but it would explain how their solar industry could possibly weather the competition, better than America's solar industry does.
People have been saying that for decades. That's why we all use Ti 99/4a computers; it was the one platform with the greatest number of applications, so it's all that anyone ever bought, so it's the only platform it makes sense to develop form, so it remains the number-of-applications leader, so it's still the only computer any of us ever buys. It's a vicious cycle!
I get what you're saying and it really does make sense. And yet it's always been wrong. For some strange reason, the computer in your pocket isn't a 99/4a, and it also doesn't run MS-DOS, and strangely, it doesn't run PalmOS either. I don't know why; I just know that's how it is. You tell me why, and you'll have spotted the hole in your own argument.
I'm glad you wrote your 'critter (that's more than I usually do). My point is that when you think about who you just wrote to, and how they're going to read your letter, you'll probably not expect results. It'll be something like this:
Dear Congressman,
I have just learned that the president has ordered his Attorney General to prosecute puppy shredders. Puppy shredding is not interstate commerce and the prosecution of it is beyond the constitutional limits of the federal government's allowed power. Please impeach him.
Yes, I realize that you personally voted for the bill that made it a federal crime to shred puppies. I want you to forget that, though, as it is unimportant.
Yes, I realize that you were on TV last week, criticizing the president for his failure to prosecute puppy shredders fast enough.
Yes, I realize that in the last five elections, you have run on the platform that you would make it a federal crime to shred puppies, and your opponent ran on my current position, that the US DoJ should leave puppy shredders alone. Yes, I realize that as a result of your position, you got 99% of the vote and your opponent disappeared into disgrace and obscurity.
Yes, I realize that many people write you all the time, demanding the federal government do something to stop the shredding of puppies, and nobody ever petitions you to leave puppy shredders alone. Today, that changes. I am the first.
The first of many. I promise you, there is a growing movement in this country that puppy shredders should be protected and the shredding of puppies unimpeded. I reluctantly admit that none of us pro-shreddists ever vote (or we vote for anti-shreddists because voting for shredders would be "throwing our vote away" and we're too cowardly to do that), and the anti-shredders have a well-established voting record. Sure, if you adopt our position and do what I say, you will lose your re-election race. I urge you to reconsider anyway. In a century or two, you will agree that history was on our side.
Break your word to the president, doing it openly and publicly in a hilarious over-the-top display of hypocrisy. Impeach him for doing what you constantly demand he do. Because really, if you read the constitution, the power to prohibit puppy shredding is clearly just not in there, anywhere.
P.S. No, I am not yet trying to have you recalled based on your horrible unconstitutional anti-shred vote. I'm waiting to see how well your impeachment process against the president goes. If you succeed, that'll give me hope and I'll go ahead and try to have you dragged through the mud too. If you fail to successfully get the required votes to impeach, or if you don't act upon my petition, then the pro-shred movement probably lacks steam and I'll give up and leave you alone.
That doesn't mean you shouldn't write, because at you mention near the end, you really are correct. And as you allude to in the paragraph before that, in a few centuries, people may hold your letter as an important document of the proto-beginnings of a new phase in US policy.
I just don't think the person you're writing to, is going to join your side.:-) The voting booth is the right tool for this job.
Slashdot Mirror
No problem. We'll just replace "cyber" with "digital" and then it'll sound less stupid.
[replace replace replace] Hmm.. that's odd. How come it's not working?
Whoa. Are you saying this is applying HDCP to everything it plays?
That would be very interesting, since if I made a video of my own and played it through this device, the television would be descrambling a technological measure which limits access, without my authorization. That's circumvention. This device from Apple, would cause the manufacture and sale of all HDMI compliant TVs to become illegal.
It's like democracy. It sucks but is better than everything else.
And if a user 1) lacks the technophilia to be the right person to do it, and 2) lacks the wisdom to defer to another party of their choosing (e.g. a distribution maintainer), then they are a lost cause anyway. There is no solution that is ever going to make their machine secure.
The neat thing about Free OSes is that there are many ways to approach #2, whereas proprietary OSes these days, insist that you must defer to someone (there is no option #1) and may not choose to whom you will defer.
If you happen to think that The One Party to whom you must defer, is unusually trustworthy and competent, then it seems fine. People who look at track records, though, will question the choice, and eventually it always leads to "of course they make it so that you have to trust them; if the choice were left to the computer's owner, they would never choose that company again."
Maybe it's all ancient history to you, but to me, these are the people who thought ActiveX ought to be in web browsers. These are the people who thought an OS should ship such that, by default, it loads and executes code from a CDROM when you insert it. These are the people who still (AFAIK, maybe I'm starting to get out of date) use file names (extensions) instead of permissions, to determine if a file is executable. These are the people who (again, AFAIK, maybe my prejudice is showing) basically invented the idea of a full-fledged programming language engine being in spreadsheets and word processors, which will load and run the code in a document when you load the document. Etc, etc, etc.
I would say that this one company, more than any other that we've ever heard of, has the least credibility if they ever say uneducated users shouldn't be in charge of security. Even an uneducated user isn't likely to make worse choices than Microsoft has. And now they want to be The One global root CA for all code, even outside their own OS. I would say that'd be the funniest thing ever, but then I heard something even more hilarious: some people are taking their proposal seriously.
Somebody gets it:
Imagine if someone invented a protocol like ssh, but then suggested that of course, nobody should be able to use it except in situations where a host's key is signed by one of the global CAs, like we do on the web except without the possibility of self-signing or for new CAs to enter the market.
Nobody would call that "secure." They would call it a joke which goes out of its way to be less secure, by deliberately adding an untrustable link. And the fix to such a protocol would be obvious. Well, that's just what Linus did in the above paragraph: he told you how to turn SecureBoot from "just plain stupid" into "decent even if still mostly useless."
If it comes down to doing things with one hand, then even the 3.5" ones will fail with me. Touchscreen in same hand that's holding it, has just too high of an error rate for me. Real buttons can be used that way, but touchscreens fail. (It would help if the designers would use decent-size batteries, questing for something useful rather than extreme thinness. Use a real battery and the device will weigh more, and be more stable when held in one hand! Fuckwit designers, grumble grumble.)
Fortunately, it doesn't really come down to doing things with one hand. To me, it's all about size relative to front trouser pocket. Your milage may vary; we all have different ways of doing things.
BTW, I'm seeing a trend I didn't notice before: people are saying that if a device is too big, then somehow it looks silly when you hold it up to your ear like a phone. I think that's a matter of totally arbitrary taste. I was watching The Prisoner (1967) again a few weeks ago, and they had some enormous phone props, and you know what? They actually looked kind of cool (I'm not saying they would be practical, just that the aesthetics worked out ok). If you think a large phone looks silly, then either the problem is with you, or there's some elusive stylistic aspect to phones, above and beyond size. Personally, I think the problem is in the eye of the beholder, but if I'm wrong about that, then I'm probably right in thinking that someone can make a good-looking large smartphone. It just won't be one of us tech-heads.
The nice thing about prisons, guns and court orders, is that those things never secretly happen to you without your knowledge. Go ahead, try to sneak-and-peek interrogate someone.
CDs are the benchmark, though. Being less lossy than CDs is essentially unattainable, in the sense that nobody is willing to sell it to you. (Within various constraints which I think would just be a distracting digression, but we can talk about them if you want.) So lossiness is implicitly relative to CDs. And despite some of the weird shit I've seen people talk about here, DRM-free CDs actually are still for sale (and never weren't for sale) so they remain the benchmark. In that sense, FLAC is lossless, because it's no worse than the benchmark.
I can't hear the difference between a CD and a "-q 7" Vorbis file. That doesn't mean no one else who might be listening can't, though, or that I might not ever hear anything on decent equipment (where decent is defined merely as headphones, not something fancy; I do most of my music listening in the car these days, or while buzzed and barbecuing in the back yard).
And it's not so much about avoiding lossy (relative to CDs) as voting-with-my-wallet for something else, since CDs are still for sale. Why would I want to buy a 320kbps MP3 when I can get the CD instead? Take CDs off the market, and then I might get less scornful of lossy, since it'll be the best I can do, just as CDs are currently the best I can do. But that hasn't happened and I'm not even seeing signs that it's started happening yet.
BTW, we're in that situation now, with video. There's no equivalent of CD's "implicitly lossless" to be relative to; just various degrees of lossiness, relative to (and further artifacted by transcoding from) already-lossy sources. And unlike CDs, those sources aren't acceptable for purchase anyway, due to the DRM. So really, the flexibility of accepting lossy media really does exist and I offer video consumption as the perfect living example, of the best version of something, being one that is measurably lower fidelity (sometimes even perceptually lower!) than others. Your argument really does apply there.
I'm just saying it doesn't apply to music. Or at least not for me.
The RIAA companies have done some odious things, but overall they (and their competitors, really the whole music industry) have done a good job of remaining open for business, and being The party who has the best (or tied-for-best) version of recordings (e.g. pirates have nothing better than CDs), compared to the MPAA companies. The RIAA will still be around, accepting our money like professionals, long after the video market has collapsed, due to the MPAA's hard line "just say no to customers and their money" policy.
Regulation is when you point a gun at someone else's face and tell them to do things the way you say, or else. He's talking about altering their own internal decisions. That's not regulation; that's administration.
When you win a battle, celebrate that you moved the front. Don't fret that you didn't win the war yet. It is good to lock a door and make a burglar noisily kick it in, even if he still gets in.
The process changed the place. The reason elections are won by pre-election dealing, is that we have (mostly) succeeded at making it sufficiently hard to win by ballot box hacks. Pre-election deals are relatively expensive compared to ballot box hacks.
Sure, we're looking in the wrong place, but only because it was the right place. It's not stupid to work on this stuff.
No. I'm saying it's an SSL issue that when The One and Only cert that can possibly exist, expires, there is no backup trust path. When the expiration happens, the number of valid certifications falls from 1 to 0. With a real world trust model, when an expiration happens, the number of valid certifications could fall from, say, 4 to 3.
If you lose your drivers license, your passport should still work. Or it should somewhat still work, successfully persuading some people, maybe even a majority of people, that you're you. And a passport plus a CostCo card plus a note from your mother, ought to work a little better than just a passport alone.
Didn't your irony alarm go off, when you wrote something that dumb, and then said I don't understand how PGP and SSL work?
You're probably one of those morons who think a complete lack of any cert or encryption -- plaintext which can be passively snooped, or actively altered, without even bothering to MitM -- shouldn't trigger warnings, aren't you? ;-)
The debate about how UIs should present the risks associated with unauthenticated connections, has always been about relative degrees. I don't really have a solid position about whether a self-signed cert should trigger a warning or not; the severity of the risk depends on the situation. I do hold, though, that SSL with a self-signed cert is safER than eschewing SSL altogether. MitM-vulnerable crypto is better than lack of crypto. If a web browser shows a modal warning for https and self-signed certs, and doesn't also show that warning (or something more severe) for http, then it was either written by fools or is micromanaged by clueless PHBs.
Imagine if someone's signature on your PGP identity expired. It might be a bit of a blow, but people would still have other trust pathways toward you. Then you get a new signature from 'em, or someone else.
Certs can fail in so many ways, both false positives (compromised CAs) or false negatives (such as this expiration), and a myriad of subjective failures since different people have different reasons to trust (or not trust) different CAs. The risks aren't even theoretical. Failure really happens, to the extent that it's almost routine and we see a story about it here on Slashdot every month.
And Phil Zimmerman totally solved the problem(!) in, what, 1988? Why are we still using obsolete-the-day-it-came-out single signer systems? So brittle. So unrealistic.
The only reason I can think of, is that it would work too well. MitM attacks would become nearly impossible for even the most powerful governments. Certs would become so competitive and cheap that the CA business would collapse.
Let me get this straight: every single device which uses radio, should potentially become obsolete, every ten years?
"Yeeah, I bought this access point in 2011. I know, I know, it uses a band which might be owned by the police department starting January 1 2014 but I figured it was still worth the money even if I only get to use it for three years. And besides, remember when my 2005 walkie-talkies supposedly became illegal in 2006 because the FAA won the bid for that piece of spectrum? Nobody ever caught on that I had kept on using them, because it was so infrequent. And face it: it was kind of fun joining in on the pilot-ground conversations every once in a while."
It's not about the contract. When the copyright on the phone's firmware runs out, the prohibition against cracking its DRM will end too. You are allowed to unlock your phone in 2103. So just be patient.
People should examine how DMCA is involved at all, or why an exemption is needed.
Even if you take a hopelessly naive view of the purpose of DMCA's circumvention prohibition, even if you think it's a good idea to use force against everyone in order to address the 0.0001% case where someone accesses a movie for infringing purposes -- this scenario is still abuse of that law, roughly comparable to the Lexmark ink cartridge case.
On an optical disc containing an encrypted movie, the "work" whose access is limited by a technological measure, is the movie.
On a printer ink cartridge, or a mobile phone, the "work" whose access is limited by a technological measure, is ... hey, waitaminute! It's some kind of weird normally-not-copyrightable thing. Ink, really? Access to a network?! Even if you put all cynicism aside and read DMCA at face value, are you telling me Congress passed that law, for the purpose of granting vertical monopolies to product-tie terminals to networks?! Even if you get more realistic and say DMCA was to product-tie content with players, that purpose still doesn't apply to the phone situation.
The LoC's decision to not exempt phones, was purely malignant and indefensible. But even so, an exemption isn't enough of a correction. DMCA needs to be fixed so that it at least stops being so broad that it's applicable to the phone situation. Propose that to Congress, Mr. President. (Better yet, just toss the circumvention-prohibition crap altogether; if you do that, then everyone (consumers and also copyright holders) will win. But maybe learning the lessons of the last 15 years, is too much to expect this time around.)
It's really hard to advise, when you have a don't-ask condition.
That aside, I'd recommend you avoid or delay things for as long as possible. You know, the best time to buy electronics is "never" because something new (e.g. Haswell, 4TB drives for today's 3TB price, etc) is always around the corner, to make you feel like a fool a few months later. So only get things you really think you need right away, and the more you put off, the better. You might decide you only need two TVs, for examp-- but, ok, ok, sorry, I won't ask about that! ;-)
As for me. If I had money to burn and now was really the time to replace anything I could.. then I'd hire a contractor to somehow magically run some copper (no, it's not easy in this house), so that I wouldn't ever have to use wifi for any inter-room links. Goddamn I hate wifi. The walls are solid and the under-house "crawl" space (as if anyone could actually get on their hands and knees) is so thoroughly infested with black widows that I would never send anyone down there, much less go there myself. Fuck that. Ok. ok, an exterminator and then a contractor.
Huh. I guess there are two ways to take what he said.
If the way the toolkit works, is that developers are required to design three UIs for each app, then your point stands. (e.g. in your energy tracking app, you're actually thinking about how it looks different, on different devices.)
I took Shuttleworth's words as suggesting there's some kind of high-level UI or abstract signals of intent or relationships, which the toolkit (not the application programmer) resolves differently for different devices.
(Why do I think that? Because that's what I always try to do (to varying degrees of success); call it projection. Whenever I'm doing something "application-ish" rather than "library-ish," I don't want to ever be thinking about handheld vs desktop vs $NEXT_THING(glasses?). And every time I make an exception, I view that as a weakness, and probably symptomatic of having made a design mistake in the library.)
And if they take that approach (and maybe they're not doing that; I could be all wrong) then all/most/many application UIs which use this toolkit (probably including your energy tracking app), when run on desktops, would come out with a similar look'n'feel to them. Nothing wrong with that! But Unity is an expression by Canonical of how things should be, and Yog-forbid it's the result of an early prototype of the very toolkit in question.
Seriously, it does more harm than good, if the directions lack something?
Not all directions are for beginners. Not all directions are only useful to beginners. You can know how to handle jalapenos and still benefit from recipes which use them.
I can't comment on things which are seriously "aimed" at beginners (e.g. "..for Dummies" books, or cookbooks which are litererally marketed as being "for people who don't know how to cook"), but I can tell you this: there is a Shitload of very useful information out there, on topics every bit as wide as all the sphere of human endeavor, which isn't aimed at beginners, and is incredibly useful to non-beginners.
I am hardly a cooking expert, but most of my cookbooks are not "for people who don't know how to cook" and no where on the cover or back page, are any such claims made. And the books can still have immense value.
Most of us don't define "good" that narrowly. Sometimes we do; sometimes you're right, and that's what we're looking for. Most of the time, no. I routinely look for information about things that I'm not a beginner at. I bet you do, too.
When you are reading a book about all the different sports that you can play with Happy Fun Ball, not every damn sport description has to tell you Do Not Taunt Happy Fun Ball. Sometimes it's ok for the author to make assumptions. You did survive long enough to buy the book...
The reason people are skeptical about that, is that Ubuntu's default packaging suggests that Canonical thinks Unity might be "an appropriate interface" for the desktop.
Perhaps a good test of Canonical's brand new magic tech, will be to see if they can ship a certain application which does what they describe. The application I have in mind is .. oh .. let's say .. application launcher. Can a version of, or an alternative to, Unity be made, which uses this new toolkit?
And not suck? :-)
Shuttleworth, please don't say that one kind of application is a special case, somehow outside the scope of your toolkit. We're just talking about an interface where users somehow pick something out of a potentially long list of things. Lots of apps are variations of that theme, not just program launchers.
Are you sure you got your "right wing" and "liberal" labels right? Let's review some simple definitions and connotations.
One point of view, is that the constitution is a "living document" and need not be strictly adhered to. Government's powers and responsibilties are flexible, and change with the times. Tradition is overrated. "Tried and True" strategies can become obsolete. Government leads. The vision shared by the many, outweighs the rights of a few. Be expedient and pragmatic, in the pursuit of performance and progress.
The other point of view, is that constitution is a strict limitation on powers and responsibilities, and if conditions change, the people can damn well pass an amendment. Government power should remain as limited as possible. When in doubt, do things like they've always been done. Some things change, but human nature doesn't change. Our basic relationship with the government, and the social contract itself, doesn't change. Government needs to get out of the way, much less lead. The rights of the few outweigh the desires of the many. Respect the rule of law, even if inconvenient or costly.
Let me ask you: which of the two above PoVs is conservative and which is liberal? (Each actually has its weak and strong points! but I'm not talking about which you agree with, just where you put each one on the spectrum.)
When I think of extra-judicial processes not authorized by the constitution, I think of FDR's Japanese internments. And I damn well know which side of the political spectrum we all put FDR on. But maybe that's just me. Is FDR considered "conservative" now? Am I all wrong about the right/left -ness of Gitmo (and by extension, Republicans vs Democrats on this issue), or are you? :-)
ID needs to stop being a secret. The evidence which made people suspect something like that may have happened, and the corroborating evidence and experiments which confirmed Intelligent Design, need to finally be published. Seriously, people, it's time.
I think what may be going on with ID, which is currently causing it to look completely non-science-like, is that all the evidence is all under a NDA (covering the Designer's trade secrets). With none of it publishable, none of it has ever been published. And for whatever reason (perhaps it's just insanely difficult) nobody has yet ever independently (free of NDA) found this evidence or proposed an experiment to create some.
Maybe that's the real problem with ID: it's a science, but a proprietary-encumbered one, where they can't legally show you the evidence which makes it be a science. You'd think the Missouri legislature would have the power to make the NDA unenforcible in their state. Blow the lid off it, and damn the consequences of the leak!
Why don't they do it? Does the Designer lobby them against it, to keep all the evidence out of the public eye and retain his competitive design advantage? If they're so beholden to this Designer's lobby, then why leak the existence of him at all, or otherwise do things to hint to people that the evidence exists? Labeling ID as a theory practically tells everyone that there must be some evidence somewhere, so people are going to look for it, and that has got to endanger the secret, in itself.
I think the Missouri legislature ought to either go all the way (remove the NDA's power so that ID can Come Out as a real science) or STFU and try to keep the secret. These half-measures are stupid!
Arrghh.. Really? People can still totally misunderstand the situation this badly, in 2013?
The people who endure the things that you're talking about, also pay. The fact that they paid for the DRMed media, is why they have DRMed media. Nobody does anything like what you're talking about, to avoid paying.
People who don't pay, don't go through any of that. How much work am I willing to do to watch that movie for free? NONE. The free content is what works on a computer without any patches, rebuilding, soldering, etc; it works under normal conditions with normal hardware and software. That's the smooth, reliable case, and since anyone and everyone can work on it, there are many players competing against each other to be The Best.
The non-free DRMed content, is the stuff where the computer is always abnormal in some regard. Either the computer is actively hostile to its user (i.e. the user just accepts the absurdity of the DRM-compatible players' artificial limitations and their general lack of competitive features), or it's schizophrenic and (possibly) unreliable, due to needing to [appear to] serve two masters (the case you seem to be harping on).
There's not even a grey area worth speaking of. It's not a matter of "some non-payers have to deal with DRM and some customers don't." These are truly all-or-nothing scenarios, where the exceptions are so rare that it's not worth speaking of. Everyone who makes use of pirated media, is free from having to deal with DRM bullshit while they use that media. And similarly, everyone who does struggle with DRM, is always working with a non-pirated copy, which was paid for, unless you're talking about some fringe case of shoplifting or something like that. Don't you understand that?
So it's not a matter of keeping the honest honest. It's a matter of punishing and discouraging the honest for the "crime"(?) of being honest, constantly tempting them with the promise of how much nicer and easier things will be, if they defect.
If they're compelled to explain the prices, all they've got to do is lay down a quotation from "The Great Train Robbery." I don't see the problem.
One possibility is that Germany could be subsidizing their solar competitors less than US does. So even at greater solar cost, solar energy might be more viable in the big picture, due to a free-er market.
If Germany's various mining industries have to pay for their liabilities to others (whereas in US we let it be an externality; if your water got polluted by fracking or dumping part of the top of a coal-filled mountain into a stream, then their action is somehow your expense; or if an industry's price stability needs an expensive military campaign, the taxpayers will bear that rather than the industry or its customers) then those techs' energy can be relatively cheaper to produce. In addition, if users' purchase of those other energy sources is subsidized (i.e. you aren't required to pay to plant a tree to soak up the CO2 that your burn is about to release into everyone else's atmosphere; the taxpayers will bear that expense whether they use fossil or solar) then solar will be comparatively more expensive.
That wouldn't explain why their solar products don't get undercut by China, but it would explain how their solar industry could possibly weather the competition, better than America's solar industry does.
People have been saying that for decades. That's why we all use Ti 99/4a computers; it was the one platform with the greatest number of applications, so it's all that anyone ever bought, so it's the only platform it makes sense to develop form, so it remains the number-of-applications leader, so it's still the only computer any of us ever buys. It's a vicious cycle!
I get what you're saying and it really does make sense. And yet it's always been wrong. For some strange reason, the computer in your pocket isn't a 99/4a, and it also doesn't run MS-DOS, and strangely, it doesn't run PalmOS either. I don't know why; I just know that's how it is. You tell me why, and you'll have spotted the hole in your own argument.
I'm glad you wrote your 'critter (that's more than I usually do). My point is that when you think about who you just wrote to, and how they're going to read your letter, you'll probably not expect results. It'll be something like this:
That doesn't mean you shouldn't write, because at you mention near the end, you really are correct. And as you allude to in the paragraph before that, in a few centuries, people may hold your letter as an important document of the proto-beginnings of a new phase in US policy.
I just don't think the person you're writing to, is going to join your side. :-) The voting booth is the right tool for this job.