The endpoints should be using protocols based on the assumption that whatever services are used in between have problems. Governments, Scientologists, mafia, teh terrrists, and anyone else who wants to spy on people, can ban/pressure fooberry and gugmail but they can't effectively do much about OpenPGP.
Who in their worst nightmares would could have thought that anyone could stoop to do what he did?
While I can understand some naivity, it's not like computer kiddie porn is the first witch hunt.
Whether criminalizing kiddie porn is a good idea or a bad one (I can understand the viewpoint of the porn enabling the crimes / creating the demand), when you have thoughtcrimes on the books, everyone really should be expecting that sometimes innocent people will be harmed. I think that when someone says they can't believe it would happen, they probably really mean that they think it'll probably never happen to them. Probably.
When I rented a car in Oregon, learning that I wasn't allowed to fill it, was a totally weird experience. And when the guy told me "You can't, state law," seriously, I thought he was pulling this tourist's leg. It had to be a scam. It just had to.
It wasn't.
I wonder if Oregonians feel that same strangeness when they pull up at a non-OR gas station and nobody comes out to "help" them.
The problem with "share this" is that putting such a thing on your site pretty much demonstrates.. totally undefined intent. You're requesting people (no wait.. not people) to spread a link, but have little idea what they'll do with it.
Furthermore, you're requesting that they spread it in a rather mechanical and robotic fashion. The whole value of the share-this button is the implied automation, that you don't want to rely on humans to take the initiative to go to some other site and talk about your webpage. You want them to just click something, and the less thinking they do, the better.
If I email a link to you, the most common way for you to handle that is either not follow the link, or (as a human) follow the link and read the page, and in so doing, you will (possibly) become informed of what the copyright holder authorizes, when you see a copyright notice or license, or even a tone (e.g. if the page is a rant about how copyright needs to be repealed, it's reasonable to assume certain things about the author's intent) .
But when I send a link as a parameter in an URL to another web service or as a field in some XML request, I'm requesting a computer to do something with a link, and we all know that computers don't understand issues like copyright and licensing, so the computer is going to make some sort of default assumption about what it's allowed to do.
What is a reasonable default assumption? It turns out that there is no consensus on this. The copyright-centric view is that you're not allowed to do something unless you are told it's ok to do that, or if copyright law allows it (perhaps via fair use). The "old internet" view is that merely by servicing the request, the server intends for the information to be widely spread (i.e. you don't expect any SMTP server to have a policy of: "I refuse to deliver this email unless I find something in it that suggests the sender grants permission for it to be forwarded" -- that would be ludicrous).
At some point, a judge is going to make a decision about what's a reasonable assumption. And he's going to be wrong (whichever way he goes) in many peoples' eyes, because this decision must be arbitrary. The very question of what is "reasonable" is a bullshit question, because reason can't help you here. It's a matter of desires and values and assumptions, not reason and logic.
I believe that would be like whiting out sections of the contract after it was signed and carefully inserting your own text in the handwriting of the other party. IE, no way would that pass legal muster.
He's suggesting amending the contract before it is signed. Of course, we don't know that the other party will accept the amended contract, but if they decide not to, they're free to come to his house and take back the software for a full refund. (After all, why would the cost of a failed negotiation be at the buyer's expense?)
but you know as well as I do that marketing drones like to stretch the meaning of words..
If they're saying it to potential customers (and not even saying anything contrary to it, either on the packaging or even after the sale like the software guys' fraud), then they're not stretching the meaning; they're defining what it is that they offer. They can't even say it's a mistake (like a typo in a grocery store ad), as it has been going on for many years.
Then, at a minimum, end users are sometimes not prohibited from breaking HDCP. Whether that's enough to legalize trafficking in a device, no one but a judge can say. But it's something.
Ad: "Own it now, on DVD and BluRay." Own is their word; I didn't put it in their mouth.
Also, unlike some proprietary software, such movies don't even come with a revealed-after-the-sale license that retroactively tries to change whether or not title was transferred at the point of sale.
Does anyone have any citations from the movie companies, where they claim they license rather than sell? I can see why they might want to switch to that business model, but AFAIK they haven't claimed to have done it. Correction welcome.
If you're going to go all Conspiracy Theory on this, then the key was released by the TV delivery companies.
Why subscribe to a TV service that you can't timeshift, especially if you got used to being able to do that back in the analog days? Users with sense (whether it's common sense, or a sense of entitlement to be able to record and then playback at a more convenient time) are probably dropping subscriptions in favor of either pirating content or just doing without.
By releasing the keys, it becomes feasible for people to have cable/satellite capture cards; that is, these services become pairable with PVRs, resulting in excellent value for the consumer. $50/month for unshiftable TV isn't a good value, but $50/month for shiftable TV is. (At least in my case, Comcast knows this; I was a happy customer who shoved money down their throats every month back when their service was usable, and ceased to be a customer when their service became crippled. If this applies in my case, how many millions more people?)
HDCP capture devices will move the market equilibrium from piracy or abstinence being the best answers, in the direction of subscribing being a good answer. Why bother to bittorrent the Daily Show (whether you're annoyed by occasional "scene" unreliability, or afraid of legal risks) when your PVR can automatically record it, like how things worked ten years ago?
No, I don't really think they're the ones who did this, but the financial motive is certainly there. You have to remember: DRM is only a way to tell customers to fuck off and stop paying. DRM is a way to reduce revenue without any gains to counterbalance that, so anyone in the content business is going to want DRM to be defeated, if maximizing profits is their top priority.
We like to think of the content companies as being coldly-calculating greedy money-grubbers, but remember that Jack Valenti was opposed to consumers having video tape machines and tried to use government force to prevent those consumers from doing billions of dollars worth of business with his own people. They might be greedy but they don't think greedy.
Unlike DRM which is present within media upon its receipt, HDCP does not exist on a BluRay or cable/satellite TV transmission. HDCP is something that is added by the user's machine. DMCA says:
a technological measure “effectively controls access to a work” if the measure, in the ordinary course of its operation, requires the application of information, or a process or a treatment, with the authority of the copyright owner, to gain access to the work.
And since we're talking about a process/treatment that occurs after access, it's not something that is needed to gain access.
Just an idea. (Probably won't work.)
Another tack here, is: how easily can you tell your equipment to use HDCP even when it's not playing DRMed media? Can you have your computer use a HDCP connection to its monitor all the time even when you're surfing Slashdot, typing your great novel, etc. Is this something that is happening all the time, anyway? (I just don't know.) If so -- if non-DRM-colluders can enable HDCP -- then 99.999999% of the time that someone uses a HDCP cracker, they would not be doing to circumvent a technological measure that controls access to a work without the authority of the copyright holder, since the user is the copyright holder. Likewise, the intended market and primary use of such a device, would not be to remove HDCP without the authority of the copyright holder. It would be legal to use and traffick.
(This is why there can never be a real standard for DRM, because you have to prevent non-colluding parties from being allowed to apply that DRM, lest they authorize access.) Cracking HDCP and distributing cracks, is only prohibited if HDCP is normally only used when a copyright holder demands it.
That's/bin/ls in most (all?) distros./bin isn't normally user-writable.
Is file execution turned off in all user-writable directories on the various Linux-based OSes these days?
I don't know, but mounting/home with noexec by default wouldn't be very wacked. I have most of my filesystems mounted noexec (hmm.. though/home isn't one of them, I'll admit). Most users don't need executables under/home, though some do.
If everyone switched away from windows then people would simply write malware for whatever arbitrary OS became the new popular alternative...
Sure, they could write the malware, but they would also have to walk users through apt-get installing it. "Ok, add this line to your/etc/apt/sources.list and then save. You remembered to type sudo before you started your editor, right? Good, you're one step closer to GETTING YOUR FREE IPAD!"
And whichever one is the software cannot be used because the EULA hasn't been agreed to. You can use the box, but not the software.
Ok, let's ignore (for the moment) that Congress has passed a law saying it is not a violation of copyright law for the user to do whatever is necessary to use the software. That aside, whether the user is allowed to use the software they bought or not: did title change hands at the cash register? Because that is what Autodesk (and Blizzard) claims didn't happen.
If the EULA states that the publisher retains title, then that is TIME TRAVEL.
The publisher sells it to a distributor who now owns it, who sells it to the retailer who now owns it instead. You buy it, give it to your friend for his birthday, and now he owns it. And then this is where EULA defenders get mystical. Your friend reads the EULA and agrees to it, and it states the publisher retains title. Retains? How can the publisher retain something they don't have? Prior to the agreement, your friend had title; he's the only person who is capable of retaining it. If the publisher retains it, then did something retroactively happen to the title which the distributor and retailer and guy-who-took-it-off-the-shelf-and-paid-for-it had in the past?
Perhaps the license says "retain" (that's the word the judge used in the decision) but they really meant "revert" -- that the end user is selling it back to the publisher. I would have to ask, "selling it for what?" That brings up all kinds of weirdnesses like lack of consideration, and also I then have to stop ignoring the fact that copyright law does allow people to use software without securing any special permission.
The problem is that [censored] matters. For example, if [censored] = movie DVD, even though you own the movie DVD, you do NOT have the right to stick it in a DVD player and display the movie in a public place.
That is prohibited by copyright law. The fact that Congress has passed laws restricting what people are allowed to do with the things that they own (whether it's no public performances, or "it is a violation of federal law to use this drain cleaner contrary to the directions") is irrelevant as to whether or not title changed hands at the cash register.
What if you never walk into a store and never buy something off the shelf, but you download the software instead? What if they make you click the EULA before you download the software. Would it be more legitimate to claim you're only buying a license in this case?
Absolutely! That is a completely different type of transaction, where the contract is a condition of the sale.
The problem is, you are not actually buying something. You are acquiring a license to use.
Let's look at two scenarios. In one case, a person is buying a loaf of bread. In another case, a person is buying software. I'm not going to tell you which is which.
Scenario 1: person walks into store, takes [censored] off the shelf, carries it to cash register, pays $n dollars cash, does not sign or click anything, cashier places [censored] into a bag, and customer walks out of the store, carrying the bag.
Scenario 2: person walks into store, takes [censored] off the shelf, carries it to cash register, pays $n dollars cash, does not sign or click anything, cashier places [censored] into a bag, and customer walks out of the store, carrying the bag.
In which of these scenarios did a person acquire a license to use something, and in which did they become the new owner of a physical object?
So far, I'm not certain if that's segmented, or sane.
Segmentation got a bad rap. If it weren't for 8086's 64K segment limit and how excruciatingly long people had to keep using it long after much more modern processors had come along, I think most programmers would have a different attitude.
Yeah, back in the day, I too welcomed the flat model. But then after that, the Internet got popular and suddenly security got important, and guess what? Segmentation could help a lot with that. Overrun (or underrun) an array by even a single byte, and an exception fires. Even on reads, so you'll find some kinds of stupid bugs faster.
And that (what you just described) is the competition. Everyone ought to be fighting over your $70-$80 per month instead of saying, "We don't want your filthy money." If Google and Apple are gunning for "the big TV Networks" then that's pretty sad, because it means their products are already obsolete even before they've come out.
Other people have already filed the bug report. The only message you see is something like "ureadahead-other exited with status -4" and nothing else gets logged (when you later rescue the system and can actually look at log files) and all I've found in the Ubuntu forums is a ureadahead developer saying the -4 message isn't a bug (and that boot process should continue as normal) and a bunch of other people whining that their system doesn't boot and the ureadahead message is the last thing they see before the computer just stops.
And FWIW the problem doesn't happen as long as everything is successfully mountable, which is what 99.99% of people experience all the time anyway. But yeah, Ubuntu seems to be blowing the reports off, and since there aren't any more diagnostic messages when it happens, I can understand that. But that doesn't make me trust ureadahead very much so I'd rather have a system without it.
Er, what's a "needless filesystem?" I do go a little "Gentoo ricerboy" when it comes to my hierarchy ("this directory is reiser on RAID0, but this needs to be JFS on 2-disk RAID1 and I'm really paranoid about this so it's ext3 on 4-drive RAID1") but it's all stuff I want and I'm used to being able to do this kind of thing (and FWIW, Ubuntu mostly handles it well too, just as long as they all successfully mount).
Ubuntu 10.04 has got to be the most fragile Linux I've used in ten years. Are there any filesystems that can't be mounted? Then NO BOOT FOR YOU!
I'll admit I like how fast it boots when ureadahead works, but I'm willing to wait an extra minute for the boot to finish, if that means I actually do get to boot instead of having to boot from a rescue CD and comment-out or "noauto" the problem filesystem in fstab.
They could use oauth (like Twitter does, as I quickly discovered yesterday when basic authentication suddenly stopped working (to be fair, this was announced far in advance and I just hadn't been following along)), so that users can permit spambots to do their thing, without giving the bots full login credentials.
It's good to be concerned about bugs. The question is: do forks add bugs or remove them? If you start asking which code has been audited and which hasn't, you're going to realize the same question is going to apply to every single phone's firmware. You don't know about Froyo's quality, but then unless you work at Google or Apple, you don't know anything about Android or IOS quality either.
It was a good business for the execs who had the stock for a while and then dumped it at the end of the pump phase. It just wasn't good business for the less-inside stockholders, who didn't know they had been lied to about the merits of the case.
control over the keys does not matter when you are being COMPELLED to give keys to authorities.
Scenario 1: you don't have control of the keys. Eavesdroppers read your email and you never know.
Scenario 2: you have control of the keys, someone says, "let me read your email or else," and you weigh the "or else" and decide to give in.
You don't see a difference? Control doesn't matter?! Scenario 1 can be used against a whole population, with the people who mention unhealthy things in their emails never knowing why their insurance premiums went up, people who RSVP to parties never knowing why their houses got burgled, people who talk about politics never knowing why their names got accidentally dropped from voter registration databases, etc. Even with gag orders, Scenario 2 can only be used against a few people before word gets out.
Slashdot Mirror
The endpoints should be using protocols based on the assumption that whatever services are used in between have problems. Governments, Scientologists, mafia, teh terrrists, and anyone else who wants to spy on people, can ban/pressure fooberry and gugmail but they can't effectively do much about OpenPGP.
While I can understand some naivity, it's not like computer kiddie porn is the first witch hunt.
Whether criminalizing kiddie porn is a good idea or a bad one (I can understand the viewpoint of the porn enabling the crimes / creating the demand), when you have thoughtcrimes on the books, everyone really should be expecting that sometimes innocent people will be harmed. I think that when someone says they can't believe it would happen, they probably really mean that they think it'll probably never happen to them. Probably.
Who will click my cow?! HELP!!
When I rented a car in Oregon, learning that I wasn't allowed to fill it, was a totally weird experience. And when the guy told me "You can't, state law," seriously, I thought he was pulling this tourist's leg. It had to be a scam. It just had to.
It wasn't.
I wonder if Oregonians feel that same strangeness when they pull up at a non-OR gas station and nobody comes out to "help" them.
The problem with "share this" is that putting such a thing on your site pretty much demonstrates .. totally undefined intent. You're requesting people (no wait .. not people) to spread a link, but have little idea what they'll do with it.
Furthermore, you're requesting that they spread it in a rather mechanical and robotic fashion. The whole value of the share-this button is the implied automation, that you don't want to rely on humans to take the initiative to go to some other site and talk about your webpage. You want them to just click something, and the less thinking they do, the better.
If I email a link to you, the most common way for you to handle that is either not follow the link, or (as a human) follow the link and read the page, and in so doing, you will (possibly) become informed of what the copyright holder authorizes, when you see a copyright notice or license, or even a tone (e.g. if the page is a rant about how copyright needs to be repealed, it's reasonable to assume certain things about the author's intent) .
But when I send a link as a parameter in an URL to another web service or as a field in some XML request, I'm requesting a computer to do something with a link, and we all know that computers don't understand issues like copyright and licensing, so the computer is going to make some sort of default assumption about what it's allowed to do.
What is a reasonable default assumption? It turns out that there is no consensus on this. The copyright-centric view is that you're not allowed to do something unless you are told it's ok to do that, or if copyright law allows it (perhaps via fair use). The "old internet" view is that merely by servicing the request, the server intends for the information to be widely spread (i.e. you don't expect any SMTP server to have a policy of: "I refuse to deliver this email unless I find something in it that suggests the sender grants permission for it to be forwarded" -- that would be ludicrous).
At some point, a judge is going to make a decision about what's a reasonable assumption. And he's going to be wrong (whichever way he goes) in many peoples' eyes, because this decision must be arbitrary. The very question of what is "reasonable" is a bullshit question, because reason can't help you here. It's a matter of desires and values and assumptions, not reason and logic.
He's suggesting amending the contract before it is signed. Of course, we don't know that the other party will accept the amended contract, but if they decide not to, they're free to come to his house and take back the software for a full refund. (After all, why would the cost of a failed negotiation be at the buyer's expense?)
If they're saying it to potential customers (and not even saying anything contrary to it, either on the packaging or even after the sale like the software guys' fraud), then they're not stretching the meaning; they're defining what it is that they offer. They can't even say it's a mistake (like a typo in a grocery store ad), as it has been going on for many years.
Then, at a minimum, end users are sometimes not prohibited from breaking HDCP. Whether that's enough to legalize trafficking in a device, no one but a judge can say. But it's something.
Ad: "Own it now, on DVD and BluRay." Own is their word; I didn't put it in their mouth.
Also, unlike some proprietary software, such movies don't even come with a revealed-after-the-sale license that retroactively tries to change whether or not title was transferred at the point of sale.
Does anyone have any citations from the movie companies, where they claim they license rather than sell? I can see why they might want to switch to that business model, but AFAIK they haven't claimed to have done it. Correction welcome.
If you're going to go all Conspiracy Theory on this, then the key was released by the TV delivery companies.
Why subscribe to a TV service that you can't timeshift, especially if you got used to being able to do that back in the analog days? Users with sense (whether it's common sense, or a sense of entitlement to be able to record and then playback at a more convenient time) are probably dropping subscriptions in favor of either pirating content or just doing without.
By releasing the keys, it becomes feasible for people to have cable/satellite capture cards; that is, these services become pairable with PVRs, resulting in excellent value for the consumer. $50/month for unshiftable TV isn't a good value, but $50/month for shiftable TV is. (At least in my case, Comcast knows this; I was a happy customer who shoved money down their throats every month back when their service was usable, and ceased to be a customer when their service became crippled. If this applies in my case, how many millions more people?)
HDCP capture devices will move the market equilibrium from piracy or abstinence being the best answers, in the direction of subscribing being a good answer. Why bother to bittorrent the Daily Show (whether you're annoyed by occasional "scene" unreliability, or afraid of legal risks) when your PVR can automatically record it, like how things worked ten years ago?
No, I don't really think they're the ones who did this, but the financial motive is certainly there. You have to remember: DRM is only a way to tell customers to fuck off and stop paying. DRM is a way to reduce revenue without any gains to counterbalance that, so anyone in the content business is going to want DRM to be defeated, if maximizing profits is their top priority.
We like to think of the content companies as being coldly-calculating greedy money-grubbers, but remember that Jack Valenti was opposed to consumers having video tape machines and tried to use government force to prevent those consumers from doing billions of dollars worth of business with his own people. They might be greedy but they don't think greedy.
Unlike DRM which is present within media upon its receipt, HDCP does not exist on a BluRay or cable/satellite TV transmission. HDCP is something that is added by the user's machine. DMCA says:
And since we're talking about a process/treatment that occurs after access, it's not something that is needed to gain access.
Just an idea. (Probably won't work.)
Another tack here, is: how easily can you tell your equipment to use HDCP even when it's not playing DRMed media? Can you have your computer use a HDCP connection to its monitor all the time even when you're surfing Slashdot, typing your great novel, etc. Is this something that is happening all the time, anyway? (I just don't know.) If so -- if non-DRM-colluders can enable HDCP -- then 99.999999% of the time that someone uses a HDCP cracker, they would not be doing to circumvent a technological measure that controls access to a work without the authority of the copyright holder, since the user is the copyright holder. Likewise, the intended market and primary use of such a device, would not be to remove HDCP without the authority of the copyright holder. It would be legal to use and traffick.
(This is why there can never be a real standard for DRM, because you have to prevent non-colluding parties from being allowed to apply that DRM, lest they authorize access.) Cracking HDCP and distributing cracks, is only prohibited if HDCP is normally only used when a copyright holder demands it.
That's /bin/ls in most (all?) distros. /bin isn't normally user-writable.
I don't know, but mounting /home with noexec by default wouldn't be very wacked. I have most of my filesystems mounted noexec (hmm.. though /home isn't one of them, I'll admit). Most users don't need executables under /home, though some do.
Sure, they could write the malware, but they would also have to walk users through apt-get installing it. "Ok, add this line to your /etc/apt/sources.list and then save. You remembered to type sudo before you started your editor, right? Good, you're one step closer to GETTING YOUR FREE IPAD!"
Ok, let's ignore (for the moment) that Congress has passed a law saying it is not a violation of copyright law for the user to do whatever is necessary to use the software. That aside, whether the user is allowed to use the software they bought or not: did title change hands at the cash register? Because that is what Autodesk (and Blizzard) claims didn't happen.
If the EULA states that the publisher retains title, then that is TIME TRAVEL.
The publisher sells it to a distributor who now owns it, who sells it to the retailer who now owns it instead. You buy it, give it to your friend for his birthday, and now he owns it. And then this is where EULA defenders get mystical. Your friend reads the EULA and agrees to it, and it states the publisher retains title. Retains? How can the publisher retain something they don't have? Prior to the agreement, your friend had title; he's the only person who is capable of retaining it. If the publisher retains it, then did something retroactively happen to the title which the distributor and retailer and guy-who-took-it-off-the-shelf-and-paid-for-it had in the past?
Perhaps the license says "retain" (that's the word the judge used in the decision) but they really meant "revert" -- that the end user is selling it back to the publisher. I would have to ask, "selling it for what?" That brings up all kinds of weirdnesses like lack of consideration, and also I then have to stop ignoring the fact that copyright law does allow people to use software without securing any special permission.
That is prohibited by copyright law. The fact that Congress has passed laws restricting what people are allowed to do with the things that they own (whether it's no public performances, or "it is a violation of federal law to use this drain cleaner contrary to the directions") is irrelevant as to whether or not title changed hands at the cash register.
Absolutely! That is a completely different type of transaction, where the contract is a condition of the sale.
Let's look at two scenarios. In one case, a person is buying a loaf of bread. In another case, a person is buying software. I'm not going to tell you which is which.
Scenario 1: person walks into store, takes [censored] off the shelf, carries it to cash register, pays $n dollars cash, does not sign or click anything, cashier places [censored] into a bag, and customer walks out of the store, carrying the bag.
Scenario 2: person walks into store, takes [censored] off the shelf, carries it to cash register, pays $n dollars cash, does not sign or click anything, cashier places [censored] into a bag, and customer walks out of the store, carrying the bag.
In which of these scenarios did a person acquire a license to use something, and in which did they become the new owner of a physical object?
Segmentation got a bad rap. If it weren't for 8086's 64K segment limit and how excruciatingly long people had to keep using it long after much more modern processors had come along, I think most programmers would have a different attitude.
Yeah, back in the day, I too welcomed the flat model. But then after that, the Internet got popular and suddenly security got important, and guess what? Segmentation could help a lot with that. Overrun (or underrun) an array by even a single byte, and an exception fires. Even on reads, so you'll find some kinds of stupid bugs faster.
And that (what you just described) is the competition. Everyone ought to be fighting over your $70-$80 per month instead of saying, "We don't want your filthy money." If Google and Apple are gunning for "the big TV Networks" then that's pretty sad, because it means their products are already obsolete even before they've come out.
Other people have already filed the bug report. The only message you see is something like "ureadahead-other exited with status -4" and nothing else gets logged (when you later rescue the system and can actually look at log files) and all I've found in the Ubuntu forums is a ureadahead developer saying the -4 message isn't a bug (and that boot process should continue as normal) and a bunch of other people whining that their system doesn't boot and the ureadahead message is the last thing they see before the computer just stops.
And FWIW the problem doesn't happen as long as everything is successfully mountable, which is what 99.99% of people experience all the time anyway. But yeah, Ubuntu seems to be blowing the reports off, and since there aren't any more diagnostic messages when it happens, I can understand that. But that doesn't make me trust ureadahead very much so I'd rather have a system without it.
Er, what's a "needless filesystem?" I do go a little "Gentoo ricerboy" when it comes to my hierarchy ("this directory is reiser on RAID0, but this needs to be JFS on 2-disk RAID1 and I'm really paranoid about this so it's ext3 on 4-drive RAID1") but it's all stuff I want and I'm used to being able to do this kind of thing (and FWIW, Ubuntu mostly handles it well too, just as long as they all successfully mount).
Ubuntu 10.04 has got to be the most fragile Linux I've used in ten years. Are there any filesystems that can't be mounted? Then NO BOOT FOR YOU!
I'll admit I like how fast it boots when ureadahead works, but I'm willing to wait an extra minute for the boot to finish, if that means I actually do get to boot instead of having to boot from a rescue CD and comment-out or "noauto" the problem filesystem in fstab.
They could use oauth (like Twitter does, as I quickly discovered yesterday when basic authentication suddenly stopped working (to be fair, this was announced far in advance and I just hadn't been following along)), so that users can permit spambots to do their thing, without giving the bots full login credentials.
It's good to be concerned about bugs. The question is: do forks add bugs or remove them? If you start asking which code has been audited and which hasn't, you're going to realize the same question is going to apply to every single phone's firmware. You don't know about Froyo's quality, but then unless you work at Google or Apple, you don't know anything about Android or IOS quality either.
It was a good business for the execs who had the stock for a while and then dumped it at the end of the pump phase. It just wasn't good business for the less-inside stockholders, who didn't know they had been lied to about the merits of the case.
Scenario 1: you don't have control of the keys. Eavesdroppers read your email and you never know.
Scenario 2: you have control of the keys, someone says, "let me read your email or else," and you weigh the "or else" and decide to give in.
You don't see a difference? Control doesn't matter?! Scenario 1 can be used against a whole population, with the people who mention unhealthy things in their emails never knowing why their insurance premiums went up, people who RSVP to parties never knowing why their houses got burgled, people who talk about politics never knowing why their names got accidentally dropped from voter registration databases, etc. Even with gag orders, Scenario 2 can only be used against a few people before word gets out.