Remember what I said about upgrades, though. If they control the system, they can remove the ability to get your data out any time they want. Like, say, just before your contract is up and they know you're planning on jumping ship. And even if your contract says they can't do that, you still have to take them to court to enforce it and all the while you don't have access to your data. The only way to protect against this is to be constantly pulling your data over to your own system so you have it even if they cut access at any point, and for that to be useful you have to have the system set up under your control with all the software ready so you can turn it on and start using it.
I'd say it depends. If I have to install cable, it's a lot easier and faster to pull/run the cable bare and put ends on it after it's in place (especially when dealing with racks with lots of corners for the cable to go around). Not to mention that a single end damaged during the pull pretty much blows any and all savings from not having the tech make cables, what with having to either cut the end off and put a new plug on by hand or remove the damaged cable and pull a new one. And of course if I'm doing long runs for trunks or drops I'm probably going to use punch-down blocks and keystone jacks and not worry about crimping ends at all.
Patch cables, yeah, just go buy a bunch in standard lengths and colors. For those it's not worth the time hand-making them.
There honestly isn't much difference between good hand-made cable and commercially-made bought cable. The cable makers get their cable from the same place you would, and it's exactly the same cable. You'll probably actually be buying a slightly higher grade of cable, since you're not trying to shave every penny off to maximize profit margin on the resale. The only difference in the two will be the commercial cable having molded ends while yours will have slip-on or no covers. Yes, underneath that molded end the commercial cable uses a crimp-on connector just like you would. Theirs is just crimped in place by a machine while you'll use a hand tool. The main thing when making your own cables is just practice. The more you make, the faster and easier it gets and the fewer bad cables you'll have to re-do. You also get the advantage of being able to cut the cable to exactly the length you need.
Now, two things. For patch cables, running from wall blocks to desktop and similar free-standing equipment, it's probably easier to buy pre-made cable in standard lengths. You won't be getting any better or worse than making it yourself, but it's more convenient and the molded ends may stand up to user abuse a bit better. And when doing long runs, don't put plugs on the ends. Run your big trunk cables to punch-down blocks, and your drops to keystone jacks in wall boxes. It'll make things a lot easier in the long run.
Because, when the provider controls the software completely, you may not be in a position to be able to cleanly move to a new provider. You may not be able to extract your data from the provider's system, and if you can it may be in a format that can't be used by any other provider. You're likewise at the mercy of your provider when it comes to upgrades. Since they control the systems, you may not know an upgrade's in the works until after you've been upgraded. If that upgrade doesn't mesh with your own business plan and objectives, you end up having to clean up the mess after the fact (which can be expensive and disruptive, think a provider upgrading in a way that involves generating documents in a new MSOffice format that's not supported by the version of Office you run, leaving you with the prospect of doing a complete Office upgrade on short notice with no time to test it for compatibility with your other software).
Because the Surgeon General wouldn't have much to say about something like this. Advice would probably come from the people at the CDC that specialize in influenza. And the President's probably already getting that advice from them already.
It's a flu outbreak. A different strain, but handle it the same way you (ought to) handle any other bout of the flu. Wash your hands. Avoid contact with people who're coughing, sneezing or otherwise showing symptoms of having the flu. If you think you're showing symptoms, see a doctor ASAP for treatment. If you aren't showing symptoms, talk to your doctor about any possible vaccines (if they aren't available now, they probably will be). And if you do come down with it, STAY HOME! Do not, I repeat do not, go to work, go to school, go out in public where you can spread the stuff to others. Infected people staying home, taking care of themselves and minimizing contact with the uninfected until they're recovered is probably the single most effective measure for stopping this stuff from becoming a major outbreak.
Just remember, though: if your company has a button saying "Send me mail" that's set "Yes" by default, requiring me to take action to say no, you fall into #1. If you go assuming I want it without asking and getting an answer from me, you take your lumps.
E-mail from entities I didn't ask to send me e-mail. Note that I don't distinguish between companies sending me "V|@grA" messages when I didn't ask for them and companies sending me "Book a trip via Expedia!" messages when I didn't ask for them. There isn't any difference between them.
E-mail from entities I asked to send me e-mail at one point but don't want to get e-mail from now.
E-mail from entities I've told not to send me e-mail who are continuing to send it to me.
For #2 I just use the unsubscribe function. I've asked for the e-mail, it's up to me to tell them if I don't want it anymore. For #1, I report the e-mail as spam through the regular channels. If it hurts a legitimate company's reputation and makes it harder for them to deliver e-mail, maybe they'll think twice about sending e-mail without asking whether the recipient wants it first. I didn't ask for it, I'm not obliged to put extra effort into being nice to them. For #3, I go out of my way to report it as spam in a way that'll cause the worst possible problems for the originator (once I've confirmed who it really came from, if I'm going to go to the trouble of breaking out the big guns I'm not going to let them go to waste on the wrong target and there's plenty of joe jobs out there). Once it's knowing and willful, the Marquis of Queensbury can go pound sand.
I can think of several ways around the PoC's physical-access requirement. If the boot loader can be modified by malware, then the malware can drop the neccesary code into the boot loader and force a reboot of the machine. If the BIOS is in flash and can be modified, then malware can re-flash the BIOS to include the neccesary code. And I'm remembering an old BIOS soft-boot option that did not clear RAM before rebooting, leaving a way for malware to leave parts of itself in memory across a reboot. I'm not too worried about anything that requires physical access, but this thing looks like it could be extended to not require physical access as long as there's another vector available to bootstrap the infection through.
I'd note that it's not just Windows 7 that's vulnerable to this, any OS is theoretically vulnerable to in-memory patching during the boot process. But OSes other than Windows have far fewer other vectors available to bootstrap the initial infection through, so would be harder to attack this way.
If the code's GPL-licensed, the answer's simple: the user community. As long as the corporate owner continues to serve the users' needs, the users will stick with the "official" version. If the corporate owner (or any other fork maintainer for that matter) starts to send the code in directions that don't serve the users' needs, those users will tend to switch to a fork that does better serve their needs. If there isn't one now, there will be once some enterprising soul realizes there's money to be made giving users what the corporate owner won't. And the terms of the GPL mean the corporate owner can't legally stop this process. If it wasn't a copyright-assignment-required project the corporate owner can't even get out from under the GPL terms going forward.
If you think it won't happen, think back to the GCC/EGCS fork/reunification.
Linux makes it "easy" only in the sense that Linux provides a/proc file interface to modify the MTRR registers, while Windows requires you to write a few lines of assembly code to do the same thing. That means that Linux is only an easier target for those kiddies with no clue what C is or how to program in it. If you actually know C programming and assembly language, direct access to the MTRRs via assembly's probably easier than mucking around parsing and modifying what looks like a text file.
The model sounds ridiculous because it's based on a fallacy: the idea that you can have everything. The reality is you can never have everything. If I've got 1 car to sell and 2 people offering to buy it the model says my potential gain is 2 cars, so if I only sell 1 the other one I didn't sell counts as a loss. The reality is I only have 1 car to sell regardless of how many buyers may be lined up. I can't magically create a second car from nothing so my potential gain is at most 1 car, half what the model says. If I sell the car to the first buyer the second buyer does not represent a lost opportunity because he never represented an opportunity in the first place. At most the only loss represented there is if the second buyer was offering more than the first, and then the loss is at most the difference between the highest offer I got and what I actually sold it for.
This also explains why the economy's currently so FUBAR: the people running it are basing their decisions on models that ignore fundamental aspects of reality that directly impact the accuracy of the model. You do that long enough, it will come back to bite you because reality doesn't have to care about your model.
Actually they place only one restriction on it: if you want to copy, modify and redistribute my software, you may not give recipients any fewer rights to do so themselves than you received from me. Well, perhaps two: and you may not "forget" to tell them they have those rights.
Which, come to think of it, is probably a pretty draconian restriction to a certain group who want to play with everybody else's toys but don't want anybody to play with theirs. It's amusing how many issues today look to me an awful lot like the one bratty kid in the sandbox.
"pending sanctions motion" means the RIAA has made a motion to sanction NYCL. The thing is, almost every lawyer in every case is at some point (probably for most of the trail) subject to a "pending sanctions motion". Either side can enter a motion for just about anything. Sanctions motions are SOP, both sides will file them when the other side does something they don't like. The more important question is whether the judge will grant the motion or reject it.
It's much like lawsuits in general. I could sue you tomorrow for failing to pay me a million dollars and move for summary judgement on the matter as soon as discovery's over. You would then be technically correctly described as "subject to a pending motion for judgement for a million dollars". Of course that'll end as soon as you point out that I haven't produced anything showing you ever agreed to pay me anything and the judge dismisses the case, but it's a correct description up until that point. That's where the RIAA's motion stands right now: on the record, but it's a real hail-mary.
Yes. And I see that book's published through John Hopkins University Press. Which makes copies of it's books available on-line, and it's catalog through Google. Which suggests to me that JHU Press made the book available to Google, at which point any argument about it would be between the author and their publisher, not with Google. If the publisher's making material available in ways their contract with the author doesn't allow, it's not Google's job to enforce the contract for the author.
I'm afraid Google doesn't distribute the works they scan. They store copies of the works, use them for searching, and display at most a sentence or two where they found the match with the search terms along with a link to someone who does sell copies of the work.
OTOH, this case can be cited by other people in the same position to argue that such uses are not infringing. At least in the 4th Circuit, this case will be controlling.
No, it shouldn't be technically hard, but I doubt many tax departments have thought about it. And without an answer in hand, I can see a judge being sympathetic to the argument "They shouldn't be allowed to require us to collect a tax unless they can also tell us how much tax it is we're supposed to collect.".
Is it? Here's a link to the GrokLaw article on the case. A quick check vs. the court filings indicates the article is correct. What I find: Jacobsen developed the software and methods included in it. Katzer took those, filed for patents on them, and tried to bill Jacobsen for using those patents. Jacobsen sued for declaratory judgement that his software wasn't infringing and the patents were invalid, based in part on the fact that Katzer failed to mention Jacobsen's software in his patent application or that the methods Katzer was claiming a patent on had been published more than a year prior to the filing.
Is this really a new risk? If you're distributing software that includes a proprietary closed-source component, and someone upstream in the company that created that component illegally included copyrighted proprietary software in it, wouldn't that expose you to exactly the same risks for exactly the same reasons, and permit you exactly the same defenses? I don't see where open-source makes any difference here, in all cases (open-source and closed-source) where you redistribute someone else's software you have to trust that they haven't committed copyright infringement in what they're providing to you.
Open-source is, if anything, less vulnerable to these risks. So far all the cases I've seen reported have involved the inclusion of non-licensed software (both proprietary and open-source) in closed-source proprietary products. The only allegations going the other way, of inclusion of unlicensed code in an open-source project, were SCO's allegations of the inclusion of SysV code in Linux and IBM shredded those so thoroughly you need a microscope to find the pieces (and in the process made a good argument that it's in fact SCO that's been including Linux code in their products in violation of the license).
I can see this getting fun when Amazon, Newegg etc. ask the state tax departments to provide them with a definitive answer as to what the sales tax rate is for any given address in that state, and the tax department doesn't have an answer ready. Were it me, the next thing would be a request for declaratory judgement that my business didn't have to collect the tax until the tax department could give me that answer.
And no, ZIP-code-level doesn't work. I know places around San Diego where part of a ZIP code's within a city and part isn't, and addresses in the part that's outside the city do not owe city sales tax.
Except that for other common forms of privileged communication, the communication is somewhat secret. The information, although unencrypted, typically passes directly from the source to the intended recipient, without passing through any other hands. If it does pass through other hands, it's typically sealed securely so that the contents can't be seen on casual inspection.
With unencrypted e-mail, though, you're knowingly handing it off to an uninvolved third party in a form where they can see the contents on even casual inspection of the package. It's as if you handed a privileged document to a random passer-by, not even in a sealed envelope or anything to prevent him from reading it. Or as if you held your legal conference at the local McDonald's where everybody in the place could hear the discussion. And that kind of thing is exactly what gets judges to rule that the information's no longer privileged because you knowingly handed it to a nonprivileged party.
Why would they do that, though? If they're going to prosecute you for something, why wouldn't they add any aggravating circumstance they legally can? The law doesn't saw the proxy has to be used intentionally or by design, so why would a prosecutor add that additional requirement to their evaluation when they don't have to? Leaving the aggravating circumstance off doesn't help them, in fact it may hurt them by removing a bit of bargaining leverage they could use to get you to accept a plea-bargain.
My position: if they didn't intend the law to apply that way, they wouldn't have written it that way. They did write it that way. Conclusion: they intend it to apply that way and will apply it that way whenever it benefits them to do so.
What about the proxy you don't know you're using? Like say the caching proxy your ISP uses to minimize the amount of traffic they pass out of their network. You don't configure your browser to use it, you can't avoid it (the redirection's handled on your ISP's routers that you've no control over), you may be completely unaware that it's even being done, yet you'll be considered more sophisticated simply because you aren't the kind of techie who could spot this happening.
We already have. Imagine an endpoint with a simple engine in it for rendering forms. The application can upload a program in a forms description language to the endpoint describing what fields the form has, where they should be displayed on the screen, what types of data each field can contain and some simple rules for validing the field contents. The endpoint then displays the form and lets the user edit fields, applying the validation rules as each field is filled in or changed. When the user's done, they hit a button that sends the form's contents back to the application for validation and processing.
Slashdot Mirror
Remember what I said about upgrades, though. If they control the system, they can remove the ability to get your data out any time they want. Like, say, just before your contract is up and they know you're planning on jumping ship. And even if your contract says they can't do that, you still have to take them to court to enforce it and all the while you don't have access to your data. The only way to protect against this is to be constantly pulling your data over to your own system so you have it even if they cut access at any point, and for that to be useful you have to have the system set up under your control with all the software ready so you can turn it on and start using it.
I'd say it depends. If I have to install cable, it's a lot easier and faster to pull/run the cable bare and put ends on it after it's in place (especially when dealing with racks with lots of corners for the cable to go around). Not to mention that a single end damaged during the pull pretty much blows any and all savings from not having the tech make cables, what with having to either cut the end off and put a new plug on by hand or remove the damaged cable and pull a new one. And of course if I'm doing long runs for trunks or drops I'm probably going to use punch-down blocks and keystone jacks and not worry about crimping ends at all.
Patch cables, yeah, just go buy a bunch in standard lengths and colors. For those it's not worth the time hand-making them.
There honestly isn't much difference between good hand-made cable and commercially-made bought cable. The cable makers get their cable from the same place you would, and it's exactly the same cable. You'll probably actually be buying a slightly higher grade of cable, since you're not trying to shave every penny off to maximize profit margin on the resale. The only difference in the two will be the commercial cable having molded ends while yours will have slip-on or no covers. Yes, underneath that molded end the commercial cable uses a crimp-on connector just like you would. Theirs is just crimped in place by a machine while you'll use a hand tool. The main thing when making your own cables is just practice. The more you make, the faster and easier it gets and the fewer bad cables you'll have to re-do. You also get the advantage of being able to cut the cable to exactly the length you need.
Now, two things. For patch cables, running from wall blocks to desktop and similar free-standing equipment, it's probably easier to buy pre-made cable in standard lengths. You won't be getting any better or worse than making it yourself, but it's more convenient and the molded ends may stand up to user abuse a bit better. And when doing long runs, don't put plugs on the ends. Run your big trunk cables to punch-down blocks, and your drops to keystone jacks in wall boxes. It'll make things a lot easier in the long run.
Because, when the provider controls the software completely, you may not be in a position to be able to cleanly move to a new provider. You may not be able to extract your data from the provider's system, and if you can it may be in a format that can't be used by any other provider. You're likewise at the mercy of your provider when it comes to upgrades. Since they control the systems, you may not know an upgrade's in the works until after you've been upgraded. If that upgrade doesn't mesh with your own business plan and objectives, you end up having to clean up the mess after the fact (which can be expensive and disruptive, think a provider upgrading in a way that involves generating documents in a new MSOffice format that's not supported by the version of Office you run, leaving you with the prospect of doing a complete Office upgrade on short notice with no time to test it for compatibility with your other software).
Because the Surgeon General wouldn't have much to say about something like this. Advice would probably come from the people at the CDC that specialize in influenza. And the President's probably already getting that advice from them already.
It's a flu outbreak. A different strain, but handle it the same way you (ought to) handle any other bout of the flu. Wash your hands. Avoid contact with people who're coughing, sneezing or otherwise showing symptoms of having the flu. If you think you're showing symptoms, see a doctor ASAP for treatment. If you aren't showing symptoms, talk to your doctor about any possible vaccines (if they aren't available now, they probably will be). And if you do come down with it, STAY HOME! Do not, I repeat do not, go to work, go to school, go out in public where you can spread the stuff to others. Infected people staying home, taking care of themselves and minimizing contact with the uninfected until they're recovered is probably the single most effective measure for stopping this stuff from becoming a major outbreak.
Just remember, though: if your company has a button saying "Send me mail" that's set "Yes" by default, requiring me to take action to say no, you fall into #1. If you go assuming I want it without asking and getting an answer from me, you take your lumps.
I divide "spam" e-mail into three categories:
For #2 I just use the unsubscribe function. I've asked for the e-mail, it's up to me to tell them if I don't want it anymore. For #1, I report the e-mail as spam through the regular channels. If it hurts a legitimate company's reputation and makes it harder for them to deliver e-mail, maybe they'll think twice about sending e-mail without asking whether the recipient wants it first. I didn't ask for it, I'm not obliged to put extra effort into being nice to them. For #3, I go out of my way to report it as spam in a way that'll cause the worst possible problems for the originator (once I've confirmed who it really came from, if I'm going to go to the trouble of breaking out the big guns I'm not going to let them go to waste on the wrong target and there's plenty of joe jobs out there). Once it's knowing and willful, the Marquis of Queensbury can go pound sand.
I can think of several ways around the PoC's physical-access requirement. If the boot loader can be modified by malware, then the malware can drop the neccesary code into the boot loader and force a reboot of the machine. If the BIOS is in flash and can be modified, then malware can re-flash the BIOS to include the neccesary code. And I'm remembering an old BIOS soft-boot option that did not clear RAM before rebooting, leaving a way for malware to leave parts of itself in memory across a reboot. I'm not too worried about anything that requires physical access, but this thing looks like it could be extended to not require physical access as long as there's another vector available to bootstrap the infection through.
I'd note that it's not just Windows 7 that's vulnerable to this, any OS is theoretically vulnerable to in-memory patching during the boot process. But OSes other than Windows have far fewer other vectors available to bootstrap the initial infection through, so would be harder to attack this way.
If the code's GPL-licensed, the answer's simple: the user community. As long as the corporate owner continues to serve the users' needs, the users will stick with the "official" version. If the corporate owner (or any other fork maintainer for that matter) starts to send the code in directions that don't serve the users' needs, those users will tend to switch to a fork that does better serve their needs. If there isn't one now, there will be once some enterprising soul realizes there's money to be made giving users what the corporate owner won't. And the terms of the GPL mean the corporate owner can't legally stop this process. If it wasn't a copyright-assignment-required project the corporate owner can't even get out from under the GPL terms going forward.
If you think it won't happen, think back to the GCC/EGCS fork/reunification.
Linux makes it "easy" only in the sense that Linux provides a /proc file interface to modify the MTRR registers, while Windows requires you to write a few lines of assembly code to do the same thing. That means that Linux is only an easier target for those kiddies with no clue what C is or how to program in it. If you actually know C programming and assembly language, direct access to the MTRRs via assembly's probably easier than mucking around parsing and modifying what looks like a text file.
The model sounds ridiculous because it's based on a fallacy: the idea that you can have everything. The reality is you can never have everything. If I've got 1 car to sell and 2 people offering to buy it the model says my potential gain is 2 cars, so if I only sell 1 the other one I didn't sell counts as a loss. The reality is I only have 1 car to sell regardless of how many buyers may be lined up. I can't magically create a second car from nothing so my potential gain is at most 1 car, half what the model says. If I sell the car to the first buyer the second buyer does not represent a lost opportunity because he never represented an opportunity in the first place. At most the only loss represented there is if the second buyer was offering more than the first, and then the loss is at most the difference between the highest offer I got and what I actually sold it for.
This also explains why the economy's currently so FUBAR: the people running it are basing their decisions on models that ignore fundamental aspects of reality that directly impact the accuracy of the model. You do that long enough, it will come back to bite you because reality doesn't have to care about your model.
Actually they place only one restriction on it: if you want to copy, modify and redistribute my software, you may not give recipients any fewer rights to do so themselves than you received from me. Well, perhaps two: and you may not "forget" to tell them they have those rights.
Which, come to think of it, is probably a pretty draconian restriction to a certain group who want to play with everybody else's toys but don't want anybody to play with theirs. It's amusing how many issues today look to me an awful lot like the one bratty kid in the sandbox.
"pending sanctions motion" means the RIAA has made a motion to sanction NYCL. The thing is, almost every lawyer in every case is at some point (probably for most of the trail) subject to a "pending sanctions motion". Either side can enter a motion for just about anything. Sanctions motions are SOP, both sides will file them when the other side does something they don't like. The more important question is whether the judge will grant the motion or reject it.
It's much like lawsuits in general. I could sue you tomorrow for failing to pay me a million dollars and move for summary judgement on the matter as soon as discovery's over. You would then be technically correctly described as "subject to a pending motion for judgement for a million dollars". Of course that'll end as soon as you point out that I haven't produced anything showing you ever agreed to pay me anything and the judge dismisses the case, but it's a correct description up until that point. That's where the RIAA's motion stands right now: on the record, but it's a real hail-mary.
Yes. And I see that book's published through John Hopkins University Press. Which makes copies of it's books available on-line, and it's catalog through Google. Which suggests to me that JHU Press made the book available to Google, at which point any argument about it would be between the author and their publisher, not with Google. If the publisher's making material available in ways their contract with the author doesn't allow, it's not Google's job to enforce the contract for the author.
I'm afraid Google doesn't distribute the works they scan. They store copies of the works, use them for searching, and display at most a sentence or two where they found the match with the search terms along with a link to someone who does sell copies of the work.
OTOH, this case can be cited by other people in the same position to argue that such uses are not infringing. At least in the 4th Circuit, this case will be controlling.
No, it shouldn't be technically hard, but I doubt many tax departments have thought about it. And without an answer in hand, I can see a judge being sympathetic to the argument "They shouldn't be allowed to require us to collect a tax unless they can also tell us how much tax it is we're supposed to collect.".
Is it? Here's a link to the GrokLaw article on the case. A quick check vs. the court filings indicates the article is correct. What I find: Jacobsen developed the software and methods included in it. Katzer took those, filed for patents on them, and tried to bill Jacobsen for using those patents. Jacobsen sued for declaratory judgement that his software wasn't infringing and the patents were invalid, based in part on the fact that Katzer failed to mention Jacobsen's software in his patent application or that the methods Katzer was claiming a patent on had been published more than a year prior to the filing.
And if you want more details, here's the Groklaw article on the Appeals Court's overturning of the district court's decision. It includes the complete text of the Appeals Court's ruling, so you can compare the analysis to what the court actually said and see for yourself that the analysis is on target.
Is this really a new risk? If you're distributing software that includes a proprietary closed-source component, and someone upstream in the company that created that component illegally included copyrighted proprietary software in it, wouldn't that expose you to exactly the same risks for exactly the same reasons, and permit you exactly the same defenses? I don't see where open-source makes any difference here, in all cases (open-source and closed-source) where you redistribute someone else's software you have to trust that they haven't committed copyright infringement in what they're providing to you.
Open-source is, if anything, less vulnerable to these risks. So far all the cases I've seen reported have involved the inclusion of non-licensed software (both proprietary and open-source) in closed-source proprietary products. The only allegations going the other way, of inclusion of unlicensed code in an open-source project, were SCO's allegations of the inclusion of SysV code in Linux and IBM shredded those so thoroughly you need a microscope to find the pieces (and in the process made a good argument that it's in fact SCO that's been including Linux code in their products in violation of the license).
I can see this getting fun when Amazon, Newegg etc. ask the state tax departments to provide them with a definitive answer as to what the sales tax rate is for any given address in that state, and the tax department doesn't have an answer ready. Were it me, the next thing would be a request for declaratory judgement that my business didn't have to collect the tax until the tax department could give me that answer.
And no, ZIP-code-level doesn't work. I know places around San Diego where part of a ZIP code's within a city and part isn't, and addresses in the part that's outside the city do not owe city sales tax.
Except that for other common forms of privileged communication, the communication is somewhat secret. The information, although unencrypted, typically passes directly from the source to the intended recipient, without passing through any other hands. If it does pass through other hands, it's typically sealed securely so that the contents can't be seen on casual inspection.
With unencrypted e-mail, though, you're knowingly handing it off to an uninvolved third party in a form where they can see the contents on even casual inspection of the package. It's as if you handed a privileged document to a random passer-by, not even in a sealed envelope or anything to prevent him from reading it. Or as if you held your legal conference at the local McDonald's where everybody in the place could hear the discussion. And that kind of thing is exactly what gets judges to rule that the information's no longer privileged because you knowingly handed it to a nonprivileged party.
Why would they do that, though? If they're going to prosecute you for something, why wouldn't they add any aggravating circumstance they legally can? The law doesn't saw the proxy has to be used intentionally or by design, so why would a prosecutor add that additional requirement to their evaluation when they don't have to? Leaving the aggravating circumstance off doesn't help them, in fact it may hurt them by removing a bit of bargaining leverage they could use to get you to accept a plea-bargain.
My position: if they didn't intend the law to apply that way, they wouldn't have written it that way. They did write it that way. Conclusion: they intend it to apply that way and will apply it that way whenever it benefits them to do so.
And if you happen to unknowingly be behind a proxy when you commit the heinous crime of publishing proof of a television station's copyright infringement against you? Or happen to be Julie Amero?
What about the proxy you don't know you're using? Like say the caching proxy your ISP uses to minimize the amount of traffic they pass out of their network. You don't configure your browser to use it, you can't avoid it (the redirection's handled on your ISP's routers that you've no control over), you may be completely unaware that it's even being done, yet you'll be considered more sophisticated simply because you aren't the kind of techie who could spot this happening.
We already have. Imagine an endpoint with a simple engine in it for rendering forms. The application can upload a program in a forms description language to the endpoint describing what fields the form has, where they should be displayed on the screen, what types of data each field can contain and some simple rules for validing the field contents. The endpoint then displays the form and lets the user edit fields, applying the validation rules as each field is filled in or changed. When the user's done, they hit a button that sends the form's contents back to the application for validation and processing.
Web browser? No, IBM 3270-family workstation.