You can't ever go overboard with exclamation marks when talking about the "AOL for Dummies" types... I've really seen posts to webboards that look like that. [I must find better sources for information]
Damn this xterm and it's improperly mapped keyboard. I can't do an exclamation mark on it.;)
Part of that bottom line is how much bitching there is from the customer.
As this hard drive will cause more inconvenience to the customer, there will be more people "below the line" of intelligence required to understand how CPRM affects them.
These people will download something and try to copy it to a disk for a friend. It'll fail. They will get some backup software and lose all their protected downloads. Then they'll post:
"HELPP ME11 MY comput3er is NBROKEN I lose files "
to a bunch of website forums. They'll then learn why they can't copy their stuff and will BITCH and WHINE to CompUSA (or wherever) until they get their money back.
When these constant returns start eating into their profits, they'll do something. Just like FutureShop 'round here advertises the Apex DVD as a "CD-R MP3 playing machine!". I'll bet it was because of people like me that _expected_ a DVD player that can play Audio CDs to be able to play CD-Rs. I ended up returning the models that didn't. Told 'em why too (actually the sales guy even said they play CD-Rs, so it isn't all my fault).
Or so I hope that's how things will work...:-)
[BTW: Has anyone else noticed slashdot restricting their freedom of speech lately? I've not often (actually, IMHO never) posted spam here, but keep hitting the lameness filter for lame reasons. You wouldn't beleive the MAJOR PAIN IN THE ASS it was to get those exclamations to appear Ho hum.]
What we who disagree should do is EXACTLY what the crew at MAPS does when they disagree with the opinions of other ISPs.
a) Phone, bitch, email, whine, etc... to try to get MAPS to take sites off the list that don't belong there. Be as vigilant as MAPS is about putting people on there.
b) If MAPS refuses to take the site off the list, add the blocked site to a reverse-blacklist. ISPs can sign up for your reverse-blacklist that will list IPs that are wrongly accused of spamming and don't deserve blocking.
c) Tell MAPS that unless they decide to contact you prior to them adding anyone to their blacklist so you can check if their site belongs on it, that you will blacklist _them_ (not in the reverse-blacklist, but in a real one).
It's only fair. Like you say, we've got an opinion, and we should share it on a list.
I once thought MAPS was good, but this situation seems way over the top. Blacklisting never worked properly against bad users in the BBS days, and it doesn't look like it is working properly now.
Yeah, but what if they just use say, for instance, lynx for downloading the page. Convert it to plain text, and strip the "crap". At that point, some pretty major site renovations would have to happen to ruin the page.
But this is Microsoft, so yeah, those major renovations will happen someday.
>And if we didn't spend so much money destroying the environment,
The environment has been known to often destroy itself. The ice age, meteors, floods, forest fires, volcanoes, tides, earthquakes, tsunamis, tornadoes, hurricanes, ice storms, etc...
While we don't need to help it, a significant amount of money is spent on fixing what mother nature herself destroys. How many Billions of dollars did it cost to fix up the destruction caused by the floods and ice storms of last year? I think the Exxon Valdese [sp] oil spill cost less to clean up (I'd have to look up the figures).
Just my 2 cents... (please don't take it personally)
>They can surrepititiously add/remove information from any bulletin at any time, and not tell anybody
Here's an idea:
Why not provide an md5sum of the webpage contents? That wouldn't be illegal (no way that an md5sum is a copy of the material), and would quickly show foul play Microsoft. If they took one each week they would be able to tell how often and when the info is changed.
If you have the time to unblock sites, then why not just pop by your kid's door every once and a while to check that things are OK and save the $$$ on the software?
I don't have kids so I don't have an answer. I didn't grow up with censorware (it didn't even exist then, except for movie ratings) and I think I'm normal [what a useless diagnosis, I know]. It'd be nice to hear someone's reasoning for choosing the cesorware approach -- I've heard enough opinions for the other side of the debate.
That is something I didn't think of. But I wonder if there were any past cases where the FBI did impersonate someone to gather evidence. ie: Send an FBI agent into a drug house, pretending to be a dealer, to see how much and if that dealer normally got their stash from there.
If so, then similar identity stealing action has been taken before. I'd not like it either, though, if the FBI were trying to get ahold of my identity. But, being that this person is a suspected criminal, and that a third party (the judge) gets to decide whether or not the search warrant should be accepted, I sleep pretty well at night knowing the FBI isn't going to be raiding my identity.
>possessing the passphrase makes it tainted evidence.
This is a distinct possibility, and I would think the FBI would catch this angle too. They're probably days away from arresting him, and don't need any more evidence than what they (think) they already have.
Totally agreed. The FBI clearly explains they want the warrant to get the guy's password, not so they can read his love notes. This is no different than the FBI drilling the lock to a safety deposit box with a search warrant, if you ask me.
Which brings me to my next point:
>Which is more important.....or protecting yourself from having some FBI bureaucrat reading over your shopping list?
That is wrong, IMHO. For the same reasons it is wrong for an FBI agent to abuse his power to check out the family jewels in my safety deposit box for his amusement. Search warrants aren't to spy on items that make no litigious sense (and a shopping list is not good evidence unless it includes copious amounts of fertilizer and gasoline). They are to gather evidence against serious criminals.
I think there's a fine [undefined] line between protection and spying. Breaking the law defines that line.
Sorry, I guess I missed that (it isn't hard when there's up to 256 partitions to look through). I suppose that has something to do with the fact that I don't use NetBSD (and neither does anyone else I know, they all prefer FreeBSD). Hell, I'll even admit to not knowing the difference between NetBSD and the others.
I'll also admit to not caring what the differences are. But then again, I don't program BIOSes for a living.:-)
This just appeared as a talkback to the BSD report on the story:
I did it
Walter Belork - November 29, 2000 20:03:27
I'm the engineer responsible for the fact that NetBSD will cause a Thinkpad to be totally locked up, unable to boot from any device. The truth of the matter is that Microsoft specifically requested that feature. My own feeling is that they are worried about NetBSD because it is technically superior to Windows 2000, the only OS that they currently regard in that manner. Microsoft gave IBM considerable flexibility in the implementation of the "incompatibility" and I was the actual person who determined to go the most direct route: install NetBSD and the machine won't boot. It's not covered by the warranty either.
Wow... I was about to flame the programmer for being such a fool as to not test for this. But it turns out he is just a jerk (if the above post was true). Engineers are supposed to be responsible, helping, people. This one seems to be a maverick, doing whatever gets him paid. Ugly.
Of course, the post could have been an imposter. We'll see...
Someone moderate up that A/C... I would if I could (but of course I can't).
That is a valid flaw in my reasoning. Fortunately, DDOS is not extermely easy (or else you'd see most of the net down weekly) right now. Unfortunately, with the vast proliferation of vapid sysadmins and closed source NOSs I think DDOS is going to become a major problem for ALL kinds of services on the 'net (not just the loss of service, but the permanent vandalism or destruction of service that can happen with faulty database information).
Sorry, its late and I can't come up with a decent solution to this problem today. Maybe later...:-)
>Is there anyway to make sure that this will not happen?
Well, since the faked logs are unlikely to be widespread (or even if they are, the "reverse attacked" IPs are all going to be different) you could simply have a maximum attack count per host. Say, if a host is reported by someone more than twice per day, no more attacks are counted against that machine from the other machine for that week.
While script kiddies are losers that want to ruin these datasets, they all have different people they'd like to see kicked (usually some kid at school, or their next door neighbour). Unless they all ganged up together (and, by definition of being a loner/cowboy cracker that virtually never happens) and attacked one person, there'd be no problem.
You could also set the DB up to auto-ignore entries from a host if they go over "magic" trigger levels. Say a host reports 100 attacks from random IPs a second for the past 24 hours. No way that would happen. Plonk them onto the month long blacklist-blacklist.
A nice idea would be a complaints procedure whereby a user who is repeatedly listed as running scanners could request dsheild to investigate. Maybe if only certain IPs (over similar physical localities) _ever_ reported any cracking attemps they'd consider putting the IP on some form of a "limited ban" list.
They could also implement some form of peer evaluation system where certain "good" or "longtime" users get "points" to boost or lower values on the list... Sorta like slashdot moderation. [Perhaps this isn't such a hot idea after all.]
Not only that, but IMHO it is truly impossible that multiple script kiddies across multiple subnets across the world are going to lie about the same IP. If slashdot.org's reporting is correct (that would be a near first), that is what dsheild wants to do. List users who abuse big subnets.
I'd see what dsheild actually says, but I can't even get past the 502 on their front page. Uggghh...
I think intel asked Tom not to re-distribute it, not required him to sign agreements to not do so, or anything similar to that.
Here's a direct quote:
"As agreed on the phone please don't distribute this version of flask to anybody else. We still haven't got hold on the author of Flask and we don't want to distribute this version without permission."
It's a little fuzzy, but it seems to me that Tom only agreed, but not necessarialy feels legally bound. I guess it all depends on what was said on the phone. I'd like to think intel only said "we don't like the code as it stands right now, so please understand that we wouldn't like to see it distributed", and that Tom said "OK.".
>What they are worried about is their hardware and their connection.
Totally agreed, but (like I've just discussed in a post above) the company is going to have to prove that.
It'd be interesting to see if they can. I bet they don't keep records as detailed as "MP3 Bandwidth usage" due to the difficulting in making something like that happen.
It shouldn't be a problem for the company anyways, because with an attitude like theirs the RIAA is gonna love 'em anyways (even if their motive is different).
And while all the courts (currently) and I would agree, once the RIAA gets involved, what should be law goes out the window.
I wouldn't be too surprised if the RIAA (or some other big company) wasn't able to "convince" a judge that the "major purpose" of MP3 is to distribute copyrighted material illegally, and therefore MP3s should be vicariously searched out and destroyed with maximum diligence, if possible.
There's a lot of "evidence" out there to suggest that fact (napster being the biggie).
Wasn't it "evidence" like that, that was used to make DAT into the useless piece of SDMI crap it is today? We all know that copying stuff illegally is not the major use of DAT, but the gov't was convinved eoungh to tax it specially when the RIAA came bitching.
(I'm using the quotes not for force, but because of of the irony of the words not applying to the situation unless the RIAA is there).
I wouldn't want to fight the RIAA on any terms, even if I were right (both ethically and legally). Would be making for a very BAD day.;-)
>Hope that helps clarify
It did actually. Thanks. I never looked at that point before.
I suppose the ISP would just have to document their reasons for deleting the files, that way they can prove to the judge they weren't deleting them for legal reasons, but for bandwidth conservation. But what are the chances of that? Most companies are pretty lazy in this regard.
I wonder how much more difficult it would be to prove they were only deleting for bandwidth reasons without some solid documentation (signed memos, graphs indicating MP3 bandwidth use, etc...).
All the above isn't that big a deal anyways, because it hinges on the RIAA turning against a company which appears to have unwittingly taken their side. They aren't that stupid.
Yeah, and I agree, that was likely their reasoning (that and they probably _think_ they are less liable for the content now that they are "proactive").
But does the law agree; That is the real question. I'd agree against the law on a lot of topics. It might even mean I'm right. But there's right and there's Right (hint hint wink wink nudge nudge).
Since working within the confines of the law is always the best defence, and (oh man another cliche) a good defence can be a good offence, deleting those MP3s could be a bad idea for that company in the future.
As far as doing it carte blanche, well, no problem as far as the user was concerned, he signed away the right to MP3 distribution on the server. But you can never sign away negligence since that's a law.
If the RIAA wanted to be complete jerks, they likely could search out some MP3s that didn't get deleted (for whatever reason, perhaps they were "obfusticated"), and attempt to sue the company for neglecting to delete ALL illegal music on their server. Since HalfPrice "admits" there's illegal content availiable on their server by having to search and destroy it, then anything they do that accidentally allows the MP3s through is their fault.
Lucky for HalfPrice, the RIAA is probably on their side.
Again, I'm Not a Lawyer, so don't even think of this as legal advice. Please.:-)
If you have any other reason to doubt me, please tell me... but I am quite sure that only the rights of the end user can be signed away. Not those of the public at large (or the RIAA).
I'd really appreciate it if someone with legal experience would clear this up anyways, perhaps I'm confused as to how negligence laws can be abused.
>Your ISP has the right to anything they want to to the files you store on their server. They can delete them, read them, modify them, or leave them alone. You, as a customer, have exactly one right. You can take your money elsewhere.
IANAL (so this ain't advice), but you have way more rights than that.
- Deletion is destruction of private property (imagine a storage company not wanting your propane containers being stored, and instead of moving them away and sending you the bill, they put the container through a crusher). This is probably a misdemeanor.
- Modification is likely going to be a copyright violation (unless your work is "open" whatever). This is a federal offense. Modification is also vandalism, a misdemeanor.
- Making the files unavailiable without contacting you at all (or at least attempting to do so) could also leave them open to other legal challenges, perhaps "loss of income" or other strange ideas...
Get a real lawyer and see what they say. Unless the company tells you in their contract (like this company did) that they will delete/modify certain files immediately and without notice, then the company is probably liable for some of the above.
I once read in a sysadmin book some really good advice (which I'll paraphrase to the best of my poor memory):
Ignorance _is_ a defence:
- Never, EVER, root through a user's files without reasonable suspicion. If you do so (looking for copyright violations, etc...) you open yourself up to some major legal troubles. Basically, if you get bored and check for MP3s (doesn't matter what you say, matters what the courts think... they'll decide it's because you are looking for copyright violations) you are liable to ensure there are no other copyright violations, since you have proven you can do this and are willing to do this.
Sorry, I'm a little confusing there. Maybe this might clear it up a little:
For example, say you are a security guard. One day someone is stabbed with a dagger at your company. Would you be blamed for it? No. How could you ever tell that someone had brought something like a dagger into work with them? You don't look for that. You were ignorant.:-)
Imagine if you had been looking through personal items at work for weapons. Would you be blamed for not finding the dagger? Probably. It slipped through your checks and balances. You are at fault for not finding it. Your activities as a security guard were negligent.
So, when someone REALLY has copyright (but illegally distributed) MP3 files on their site at Half Price Hosting, will Half Price Hosting be at fault for not finding them first? They were looking for them.
It is better not to open yourself up to legal trouble like this. Simply let the person who is breaking the law deal with their own troubles. If word gets back to you from one of the involved parties _then_ take the appropriate action: suspend the account pending investigation (by a professional, such as a PI or Police Officer -- not the sysadmin).
Just my 2 cents, and IANAL, so I'm probably wrong. If you do something stupid because of my advice, it serves ya right for listening to someone ranting on the fly at a coffee shop style news house.
Maybe the CRTC idea has something to do with the fact that Bell covered about 30%-50% (maybe less) of Ontario with ADSL and has now, for all intents and purposes, given up? See the bottom of that page for proof. There were about 10 - 20 cities listed there, now Bell only plans to upgrade 3 in the upcoming _months_. A major slowdown that the Bell HSE people don't want to explain to me.
Yeah I'm sore. Hell yeah I want that legislation. I live within near walking distance of a Canadian METROPOLIS (Kitchener-Waterloo) and have no high speed internet. I know people living inside that metropolis that have no access to high speed internet. And, for the final count, the 519 exchange covering that area is supposedly on Bell's "low service" list.
I hate Bell with a passion. Thankfully the CRTC has allowed CLECs. Maybe when Bell gets real competition from other companies laying copper lines we'll see people living in the country no longer being treated like second-class citizens. Maybe I'll get a modem connection that lasts a couple of hours.
After speaking with neighbours, I have yet to recall a single comment that doesn't vilify Bell. A local exchange area you can walk outside of, but can drive for over half an hour through (don't ask me why... I just know how far away the furthest point is). When you live in the city in Canada you get treated like royalty. Make the mistake of moving to the country and you become the sticky crud underneath Bell's shoes.
I for one am tired of being scraped off. When this legislation passes I'll be the first whiny person on the phone TELLING Bell to do what I want OR ELSE. It'll feel so good. Even better than when I got my first BBS account.
You can't ever go overboard with exclamation marks when talking about the "AOL for Dummies" types... I've really seen posts to webboards that look like that. [I must find better sources for information]
;)
Damn this xterm and it's improperly mapped keyboard. I can't do an exclamation mark on it.
Part of that bottom line is how much bitching there is from the customer.
As this hard drive will cause more inconvenience to the customer, there will be more people "below the line" of intelligence required to understand how CPRM affects them.
These people will download something and try to copy it to a disk for a friend. It'll fail. They will get some backup software and lose all their protected downloads. Then they'll post:
to a bunch of website forums. They'll then learn why they can't copy their stuff and will BITCH and WHINE to CompUSA (or wherever) until they get their money back.
When these constant returns start eating into their profits, they'll do something. Just like FutureShop 'round here advertises the Apex DVD as a "CD-R MP3 playing machine!". I'll bet it was because of people like me that _expected_ a DVD player that can play Audio CDs to be able to play CD-Rs. I ended up returning the models that didn't. Told 'em why too (actually the sales guy even said they play CD-Rs, so it isn't all my fault).
Or so I hope that's how things will work... :-)
[BTW: Has anyone else noticed slashdot restricting their freedom of speech lately? I've not often (actually, IMHO never) posted spam here, but keep hitting the lameness filter for lame reasons. You wouldn't beleive the MAJOR PAIN IN THE ASS it was to get those exclamations to appear Ho hum.]
>but you'll have to alias ls to ls -color=0, else the console is useless.
/etc/profile? It fixed the same problem on my B/W VGA monitor. Now all colour stuff works perfectly (in black and white). With shades, too. :-)
Might I suggest you try adding:
export TERM="linux-m"
To your
If the linux-m definition doesn't come with your termcap, it is part of the slackware distro.
>Now, give me *one* good reason for using a program that "harvests" thousands of email addresses of people I never knew?
Add your friends to the list, and you now have most of the valid email addresses on the internet.
Now just refuse email from addresses not on the list, and presto-changeo, you've got an anti-spam tool.
There's one. I bet I could come up with another if I was pressured into it.
>and we can all choose to follow it or not.
What we who disagree should do is EXACTLY what the crew at MAPS does when they disagree with the opinions of other ISPs.
a) Phone, bitch, email, whine, etc... to try to get MAPS to take sites off the list that don't belong there. Be as vigilant as MAPS is about putting people on there.
b) If MAPS refuses to take the site off the list, add the blocked site to a reverse-blacklist. ISPs can sign up for your reverse-blacklist that will list IPs that are wrongly accused of spamming and don't deserve blocking.
c) Tell MAPS that unless they decide to contact you prior to them adding anyone to their blacklist so you can check if their site belongs on it, that you will blacklist _them_ (not in the reverse-blacklist, but in a real one).
It's only fair. Like you say, we've got an opinion, and we should share it on a list.
I once thought MAPS was good, but this situation seems way over the top. Blacklisting never worked properly against bad users in the BBS days, and it doesn't look like it is working properly now.
Just my 2 cents.
Yeah, but what if they just use say, for instance, lynx for downloading the page. Convert it to plain text, and strip the "crap". At that point, some pretty major site renovations would have to happen to ruin the page.
:-/
But this is Microsoft, so yeah, those major renovations will happen someday.
What can ya do...
>And if we didn't spend so much money destroying the environment,
The environment has been known to often destroy itself. The ice age, meteors, floods, forest fires, volcanoes, tides, earthquakes, tsunamis, tornadoes, hurricanes, ice storms, etc...
While we don't need to help it, a significant amount of money is spent on fixing what mother nature herself destroys. How many Billions of dollars did it cost to fix up the destruction caused by the floods and ice storms of last year? I think the Exxon Valdese [sp] oil spill cost less to clean up (I'd have to look up the figures).
Just my 2 cents... (please don't take it personally)
>They can surrepititiously add/remove information from any bulletin at any time, and not tell anybody
Here's an idea:
Why not provide an md5sum of the webpage contents? That wouldn't be illegal (no way that an md5sum is a copy of the material), and would quickly show foul play Microsoft. If they took one each week they would be able to tell how often and when the info is changed.
If you have the time to unblock sites, then why not just pop by your kid's door every once and a while to check that things are OK and save the $$$ on the software?
I don't have kids so I don't have an answer. I didn't grow up with censorware (it didn't even exist then, except for movie ratings) and I think I'm normal [what a useless diagnosis, I know]. It'd be nice to hear someone's reasoning for choosing the cesorware approach -- I've heard enough opinions for the other side of the debate.
> I know this would require a huge restructuring of the telephone system
:-)
>plus we'd have to all buy new phones with more buttons
There are actually 16 phone tones. 0-9#*abcd
No joke. And some phones missing abcd can make the abcd tones using combinations of numbers.
So technically no telephone system restructuring is necessary at all.
>FBI... ...they can impersonate him.
;-)
That is something I didn't think of. But I wonder if there were any past cases where the FBI did impersonate someone to gather evidence. ie: Send an FBI agent into a drug house, pretending to be a dealer, to see how much and if that dealer normally got their stash from there.
If so, then similar identity stealing action has been taken before. I'd not like it either, though, if the FBI were trying to get ahold of my identity. But, being that this person is a suspected criminal, and that a third party (the judge) gets to decide whether or not the search warrant should be accepted, I sleep pretty well at night knowing the FBI isn't going to be raiding my identity.
>possessing the passphrase makes it tainted evidence.
This is a distinct possibility, and I would think the FBI would catch this angle too. They're probably days away from arresting him, and don't need any more evidence than what they (think) they already have.
We'll see how this turns out. News at 11.
>Calm Down!
...or protecting yourself from having some FBI bureaucrat reading over your shopping list?
Totally agreed. The FBI clearly explains they want the warrant to get the guy's password, not so they can read his love notes. This is no different than the FBI drilling the lock to a safety deposit box with a search warrant, if you ask me.
Which brings me to my next point:
>Which is more important..
That is wrong, IMHO. For the same reasons it is wrong for an FBI agent to abuse his power to check out the family jewels in my safety deposit box for his amusement. Search warrants aren't to spy on items that make no litigious sense (and a shopping list is not good evidence unless it includes copious amounts of fertilizer and gasoline). They are to gather evidence against serious criminals.
I think there's a fine [undefined] line between protection and spying. Breaking the law defines that line.
Just my 2 cents.
Try here.
>Sheesh.
:-)
Sorry, I guess I missed that (it isn't hard when there's up to 256 partitions to look through). I suppose that has something to do with the fact that I don't use NetBSD (and neither does anyone else I know, they all prefer FreeBSD). Hell, I'll even admit to not knowing the difference between NetBSD and the others.
I'll also admit to not caring what the differences are. But then again, I don't program BIOSes for a living.
This just appeared as a talkback to the BSD report on the story:
Wow... I was about to flame the programmer for being such a fool as to not test for this. But it turns out he is just a jerk (if the above post was true). Engineers are supposed to be responsible, helping, people. This one seems to be a maverick, doing whatever gets him paid. Ugly. Of course, the post could have been an imposter. We'll see...
Someone moderate up that A/C... I would if I could (but of course I can't).
:-)
That is a valid flaw in my reasoning. Fortunately, DDOS is not extermely easy (or else you'd see most of the net down weekly) right now. Unfortunately, with the vast proliferation of vapid sysadmins and closed source NOSs I think DDOS is going to become a major problem for ALL kinds of services on the 'net (not just the loss of service, but the permanent vandalism or destruction of service that can happen with faulty database information).
Sorry, its late and I can't come up with a decent solution to this problem today. Maybe later...
>Is there anyway to make sure that this will not happen?
Well, since the faked logs are unlikely to be widespread (or even if they are, the "reverse attacked" IPs are all going to be different) you could simply have a maximum attack count per host. Say, if a host is reported by someone more than twice per day, no more attacks are counted against that machine from the other machine for that week.
While script kiddies are losers that want to ruin these datasets, they all have different people they'd like to see kicked (usually some kid at school, or their next door neighbour). Unless they all ganged up together (and, by definition of being a loner/cowboy cracker that virtually never happens) and attacked one person, there'd be no problem.
You could also set the DB up to auto-ignore entries from a host if they go over "magic" trigger levels. Say a host reports 100 attacks from random IPs a second for the past 24 hours. No way that would happen. Plonk them onto the month long blacklist-blacklist.
A nice idea would be a complaints procedure whereby a user who is repeatedly listed as running scanners could request dsheild to investigate. Maybe if only certain IPs (over similar physical localities) _ever_ reported any cracking attemps they'd consider putting the IP on some form of a "limited ban" list.
They could also implement some form of peer evaluation system where certain "good" or "longtime" users get "points" to boost or lower values on the list... Sorta like slashdot moderation. [Perhaps this isn't such a hot idea after all.]
Not only that, but IMHO it is truly impossible that multiple script kiddies across multiple subnets across the world are going to lie about the same IP. If slashdot.org's reporting is correct (that would be a near first), that is what dsheild wants to do. List users who abuse big subnets.
I'd see what dsheild actually says, but I can't even get past the 502 on their front page. Uggghh...
[Glove Slap]
I demand satisfaction.
I think intel asked Tom not to re-distribute it, not required him to sign agreements to not do so, or anything similar to that.
Here's a direct quote:
"As agreed on the phone please don't distribute this version of flask to anybody else. We still haven't got hold on the author of Flask and we don't want to distribute this version without permission."
It's a little fuzzy, but it seems to me that Tom only agreed, but not necessarialy feels legally bound. I guess it all depends on what was said on the phone. I'd like to think intel only said "we don't like the code as it stands right now, so please understand that we wouldn't like to see it distributed", and that Tom said "OK.".
>What they are worried about is their hardware and their connection.
Totally agreed, but (like I've just discussed in a post above) the company is going to have to prove that.
It'd be interesting to see if they can. I bet they don't keep records as detailed as "MP3 Bandwidth usage" due to the difficulting in making something like that happen.
It shouldn't be a problem for the company anyways, because with an attitude like theirs the RIAA is gonna love 'em anyways (even if their motive is different).
While I agree with you, the key (as you say) is:
;-)
>MP3 files themselves are NOT illegal
And while all the courts (currently) and I would agree, once the RIAA gets involved, what should be law goes out the window.
I wouldn't be too surprised if the RIAA (or some other big company) wasn't able to "convince" a judge that the "major purpose" of MP3 is to distribute copyrighted material illegally, and therefore MP3s should be vicariously searched out and destroyed with maximum diligence, if possible.
There's a lot of "evidence" out there to suggest that fact (napster being the biggie).
Wasn't it "evidence" like that, that was used to make DAT into the useless piece of SDMI crap it is today? We all know that copying stuff illegally is not the major use of DAT, but the gov't was convinved eoungh to tax it specially when the RIAA came bitching.
(I'm using the quotes not for force, but because of of the irony of the words not applying to the situation unless the RIAA is there).
I wouldn't want to fight the RIAA on any terms, even if I were right (both ethically and legally). Would be making for a very BAD day.
>Hope that helps clarify
It did actually. Thanks. I never looked at that point before.
I suppose the ISP would just have to document their reasons for deleting the files, that way they can prove to the judge they weren't deleting them for legal reasons, but for bandwidth conservation. But what are the chances of that? Most companies are pretty lazy in this regard.
I wonder how much more difficult it would be to prove they were only deleting for bandwidth reasons without some solid documentation (signed memos, graphs indicating MP3 bandwidth use, etc...).
All the above isn't that big a deal anyways, because it hinges on the RIAA turning against a company which appears to have unwittingly taken their side. They aren't that stupid.
Yeah, and I agree, that was likely their reasoning (that and they probably _think_ they are less liable for the content now that they are "proactive").
:-)
But does the law agree; That is the real question. I'd agree against the law on a lot of topics. It might even mean I'm right. But there's right and there's Right (hint hint wink wink nudge nudge).
Since working within the confines of the law is always the best defence, and (oh man another cliche) a good defence can be a good offence, deleting those MP3s could be a bad idea for that company in the future.
As far as doing it carte blanche, well, no problem as far as the user was concerned, he signed away the right to MP3 distribution on the server. But you can never sign away negligence since that's a law.
If the RIAA wanted to be complete jerks, they likely could search out some MP3s that didn't get deleted (for whatever reason, perhaps they were "obfusticated"), and attempt to sue the company for neglecting to delete ALL illegal music on their server. Since HalfPrice "admits" there's illegal content availiable on their server by having to search and destroy it, then anything they do that accidentally allows the MP3s through is their fault.
Lucky for HalfPrice, the RIAA is probably on their side.
Again, I'm Not a Lawyer, so don't even think of this as legal advice. Please.
If you have any other reason to doubt me, please tell me... but I am quite sure that only the rights of the end user can be signed away. Not those of the public at large (or the RIAA).
I'd really appreciate it if someone with legal experience would clear this up anyways, perhaps I'm confused as to how negligence laws can be abused.
>Your ISP has the right to anything they want to to the files you store on their server. They can delete them, read them, modify them, or leave them alone. You, as a customer, have exactly one right. You can take your money elsewhere.
IANAL (so this ain't advice), but you have way more rights than that.
- Deletion is destruction of private property (imagine a storage company not wanting your propane containers being stored, and instead of moving them away and sending you the bill, they put the container through a crusher). This is probably a misdemeanor.
- Modification is likely going to be a copyright violation (unless your work is "open" whatever). This is a federal offense. Modification is also vandalism, a misdemeanor.
- Making the files unavailiable without contacting you at all (or at least attempting to do so) could also leave them open to other legal challenges, perhaps "loss of income" or other strange ideas...
Get a real lawyer and see what they say. Unless the company tells you in their contract (like this company did) that they will delete/modify certain files immediately and without notice, then the company is probably liable for some of the above.
I once read in a sysadmin book some really good advice (which I'll paraphrase to the best of my poor memory):
:-)
Ignorance _is_ a defence:
- Never, EVER, root through a user's files without reasonable suspicion. If you do so (looking for copyright violations, etc...) you open yourself up to some major legal troubles. Basically, if you get bored and check for MP3s (doesn't matter what you say, matters what the courts think... they'll decide it's because you are looking for copyright violations) you are liable to ensure there are no other copyright violations, since you have proven you can do this and are willing to do this.
Sorry, I'm a little confusing there. Maybe this might clear it up a little:
For example, say you are a security guard. One day someone is stabbed with a dagger at your company. Would you be blamed for it? No. How could you ever tell that someone had brought something like a dagger into work with them? You don't look for that. You were ignorant.
Imagine if you had been looking through personal items at work for weapons. Would you be blamed for not finding the dagger? Probably. It slipped through your checks and balances. You are at fault for not finding it. Your activities as a security guard were negligent.
So, when someone REALLY has copyright (but illegally distributed) MP3 files on their site at Half Price Hosting, will Half Price Hosting be at fault for not finding them first? They were looking for them.
It is better not to open yourself up to legal trouble like this. Simply let the person who is breaking the law deal with their own troubles. If word gets back to you from one of the involved parties _then_ take the appropriate action: suspend the account pending investigation (by a professional, such as a PI or Police Officer -- not the sysadmin).
Just my 2 cents, and IANAL, so I'm probably wrong. If you do something stupid because of my advice, it serves ya right for listening to someone ranting on the fly at a coffee shop style news house.
[Rant]
Check this out.
Maybe the CRTC idea has something to do with the fact that Bell covered about 30%-50% (maybe less) of Ontario with ADSL and has now, for all intents and purposes, given up? See the bottom of that page for proof. There were about 10 - 20 cities listed there, now Bell only plans to upgrade 3 in the upcoming _months_. A major slowdown that the Bell HSE people don't want to explain to me.
Yeah I'm sore. Hell yeah I want that legislation. I live within near walking distance of a Canadian METROPOLIS (Kitchener-Waterloo) and have no high speed internet. I know people living inside that metropolis that have no access to high speed internet. And, for the final count, the 519 exchange covering that area is supposedly on Bell's "low service" list.
I hate Bell with a passion. Thankfully the CRTC has allowed CLECs. Maybe when Bell gets real competition from other companies laying copper lines we'll see people living in the country no longer being treated like second-class citizens. Maybe I'll get a modem connection that lasts a couple of hours.
After speaking with neighbours, I have yet to recall a single comment that doesn't vilify Bell. A local exchange area you can walk outside of, but can drive for over half an hour through (don't ask me why... I just know how far away the furthest point is). When you live in the city in Canada you get treated like royalty. Make the mistake of moving to the country and you become the sticky crud underneath Bell's shoes.
I for one am tired of being scraped off. When this legislation passes I'll be the first whiny person on the phone TELLING Bell to do what I want OR ELSE. It'll feel so good. Even better than when I got my first BBS account.
[/Rant.]