In fact Obama's administration makes political appointees sign a legal pledge to exactly that effect. I know, I had to sign one. The problem is that FCC commissioners work for Congress not the President and Congress doesn't make them sign such a pledge. Most of the US Federal gov't right now is fairly clean on this issue, as far as I can see. It's going to limit my future job opportunities but who cares, it's worth it.
Not to be a wet blanket but I do not think that FCC has anywhere near the legal authority to do those things. Congress might have the legal basis, though recent Supreme Court rulings such as Citizens United suggest that they don't have the ability to regulate these things either.
Do you define stealing as playing on devices other than those for which it was intended? Transforming it (size, format, bitrate, etc)? Streaming it? Mixing it? If so, then I agree that stealing is the only useful thing hacking DRM is good for.
If you define stealing as giving the content to others who haven't paid for it, then no, I disagree, there are other things to do with un-DRM'ed content than just stealing it.
And I agree, iPhones are hackable today - you can root them and do mostly whatever you like at that point. And no, I don't think companies should support hacked devices (except ideally with help getting them back to factory states where possible).
The original question was why would there be a greater demand for iOS hackability than for hackability on the microprocessors on a microwave. The criteria (utility) I laid out for figuring out why iOS hackability is more important still holds.
There are a few folks who hardhack on microwaves but there are a lot more who root and hack on iOS. This is because it's more useful to hack on iOS -- more applications. More generally if you want to know when something is desirable to hack on, consider the applications.
I think there are a couple of issues to break this down:
1) How useful would the device be if I could hack on it? 2) How hackable is the device?
I want to be able to hack my microwave, but it wouldn't be that much more useful if I could. I regret that companies don't make hackable microwaves but it's not a big deal.
My router is very useful (more useful) b/c I can hack on it. And I buy hackable routers b/c of this capability, whether the manufacturer explicitly knows they offer that feature or not.
An iPhone is super useful if you can hack on it (that includes install apps from anyone else). And even more useful if their DRM formats were hackable. (But Apple can't -due to third party agreements- and/or doesn't want these things to be hackable, which is their choice, just like the microwave vendor).
But that's why it's more important for iOS devices to be hackable than microwaves: they'd be more useful if they were..
Big companies and little guys (the other 500M on FB) are outsourcing a lot to third parties in terms of their brand, their communication, their data, their users..
And while we're at it, it doesn't seem like Sony ceding its community comms to Facebook is a problem. Sony managing it's Playstation network security was its problem (totally in-housed as far as I can tell).
My point is just that generalizations about insource/outsource paid/free are overly broad in terms of figuring out the right course of action in IT today.
She's more than a researcher at Microsoft -- she's what you might call a pundit for the intertubes (aka a public intellectual). She wields a lot of influence with a lot of organizations.. So in terms of picking a fight with someone online, I'd say she's just probably somewhere near PJ at Groklaw in terms of Bad Idea (tm).
Good points - and just to add to your line of thinking, even if you use a secure TrueCrypt volume that is mounted with a unique password *after* you boot into your OS, that volume is still vulnerable when your computer is rooted b/c the key presses of the decryption password are passing through your rooted kernel (whatever OS you're running - doesn't matter) - basically keyloggers running with admin/root privileges make just about any security measure weak. Not sure if hardware keys/cards these days make this problem any better, but once your computer is rooted, you're in trouble security-wise.
If your computer is rooted, you might as well assume (for purposes of your security) that every key stroke and mouse event is being tracked and the "good stuff" is being extracted from that data stream for purposes of decrypting your encrypted files and vaults, etc.
I'm not sure the Syrians would agree with you at the moment. Libyans neither for that matter. The people can *try* to make the gov't accountable but it's not always possible.
I couldn't determine in the original study whether they accounted for redirectors or not. If they didn't I'm very surprised twitter showed up at all statistically, which makes me suspect that they did. Did you see something in their methodology that suggests or states that they did not account for URL shorteners when dealing with traffic from twitter or FB? If they didn't account for URL shorteners then as you suggest the study is worthless and will create FUD only. Thanks for any references on methodology. I know some folks at Pew so I will make a little noise over there if you (or others) can give me a leg to stand on.
I wouldn't call FB a wasteland, I would call it an async cocktail party. Not many people want to be bummed out by the guy with all the global warming crisis news at the cocktail party. It's just not the right venue -- people go to FB for a very specific, personal purpose, which in many cases (I think) bears a lot of similarity to the kind of communication that occurs at cocktail parties (bumping into people who you haven't seen in awhile, 1 and 2 degree of separation conversations, and lots of random tidbits from a whole bunch of people).
Note: If you don't like the word cocktail party, call it "kegger" or "house party" or whatever your demographic uses for same social function.
What explains their positively massive referral rate, if their page views are grossly inflated? Seems like they must have some real, solid traffic to be driving referrals at the volumes Pew found.
And we spend $1T on education in the US compared to $530B on Defense. It's just that education is spent in a distributed way (states, counties, districts, colleges) and Defense is largely centralized, so most people miss this fact.. (http://nces.ed.gov/fastfacts/display.asp?id=66)
Several reports I've read suggest that there were two back up helicopters nearby and when they crashed this one they called in a backup, so it was three helo's in, and two out, in effect.
trial is still worth holding, or if the case is now moot.
Not to be too pedantic but I can't help myself: the question is actually whether the case is no longer moot. Moot means debatable. http://dictionary.reference.com/browse/moot
I'm not saying that they programmed using crazy network design, I'm saying that all the really great programmers I've met (say my top 3 all-time) were very skilled in networking and in hardware. They understand bus speeds, protocols and tiered caching, and could build high performance hardware if called upon. They also understood physical signaling and packet architecture, to the point where IT network guys would often stroll over for a chat to get advice when they were designing new network layouts. They absolutely didn't *need* these skills in terms of applying them in their day to day work, but they for whatever reason had them, and I suspect it made them better programmers. Maybe my experience is anomalous.
While I agree that a lot of tablet gestures are probably not ergonomic, I would hesitate to make a generalization that small gestures are always more ergonomic than large ones. Our bodies are made to undertake certain kinds of large and small movements. Some small movements can cause tendon and other soft tissue problems, especially those related to improper mousing and keyboarding. In same cases larger gestures can cause fewer problems.
It encourages you to make larger gestures using your middle and upper arm instead of mousing only with your wrist. My experience with it has been very good, though it takes some getting used to. I often switch back and forth between this and a regular mouse depending on what I'm doing..
Yeah double ditto. What I'm trying to figure out is how a star programmer can't know anything about networking? Every great programmer I've ever met knew a ton about hardware and networking, all the while being deadly with software. I personally think it would be very hard to be great programmer without understanding the bricks you're standing on, in significant detail.
Well said. Trusting a cloud provider to give you your only encryption seems nuts. I use SpiderOak for cloud services, so I encrypt it once in pwsafe and then they encrypt it again when it goes up.
I'd way rather have one very long (say 20 chars), fairly random password memorized and use that to encrypt the rest of my passwords, than use a system like yours. Predictability is a big vulnerability. If someone can guess 7 out of 12 chars of your password, that means a brute force is relatively trivial to accomplish. If two sites you use get cracked, and they happen to store your p/w in cleartext (some places still do I'm sure), then the crackers will have a nice pattern to work from. At least that's my opinion..
I use passwordsafe in Ubuntu via Wine and it works just fine. The only thing that doesn't work is autotyping, which is sad but not that bad. Performance is fine.
I sync my Ubuntu and Windows machines via SpiderOak, so that when I make changes to pwsafe on one machine, the changes show up on the other machine when I log in there. Whole system works pretty well, and since SpiderOak uses zero prior knowledge encryption, it would be fairly hard for someone to hack the cloud version of my pwsafe database as well.
I re-read parent and he still sounds serious to me about the idea that the nut jobs on the left would claim McCain wasn't born in the US. I don't see any indication he was joking -- maybe we'll have to wonder until he responds himself.
Slashdot Mirror
In fact Obama's administration makes political appointees sign a legal pledge to exactly that effect. I know, I had to sign one. The problem is that FCC commissioners work for Congress not the President and Congress doesn't make them sign such a pledge. Most of the US Federal gov't right now is fairly clean on this issue, as far as I can see. It's going to limit my future job opportunities but who cares, it's worth it.
Not to be a wet blanket but I do not think that FCC has anywhere near the legal authority to do those things. Congress might have the legal basis, though recent Supreme Court rulings such as Citizens United suggest that they don't have the ability to regulate these things either.
Do you define stealing as playing on devices other than those for which it was intended? Transforming it (size, format, bitrate, etc)? Streaming it? Mixing it? If so, then I agree that stealing is the only useful thing hacking DRM is good for.
If you define stealing as giving the content to others who haven't paid for it, then no, I disagree, there are other things to do with un-DRM'ed content than just stealing it.
And I agree, iPhones are hackable today - you can root them and do mostly whatever you like at that point. And no, I don't think companies should support hacked devices (except ideally with help getting them back to factory states where possible).
The original question was why would there be a greater demand for iOS hackability than for hackability on the microprocessors on a microwave. The criteria (utility) I laid out for figuring out why iOS hackability is more important still holds.
There are a few folks who hardhack on microwaves but there are a lot more who root and hack on iOS. This is because it's more useful to hack on iOS -- more applications. More generally if you want to know when something is desirable to hack on, consider the applications.
I think there are a couple of issues to break this down:
1) How useful would the device be if I could hack on it?
2) How hackable is the device?
I want to be able to hack my microwave, but it wouldn't be that much more useful if I could. I regret that companies don't make hackable microwaves but it's not a big deal.
My router is very useful (more useful) b/c I can hack on it. And I buy hackable routers b/c of this capability, whether the manufacturer explicitly knows they offer that feature or not.
An iPhone is super useful if you can hack on it (that includes install apps from anyone else). And even more useful if their DRM formats were hackable. (But Apple can't -due to third party agreements- and/or doesn't want these things to be hackable, which is their choice, just like the microwave vendor).
But that's why it's more important for iOS devices to be hackable than microwaves: they'd be more useful if they were..
Get off my lawn.
https://www.facebook.com/toyota
https://www.facebook.com/Sony
Big companies and little guys (the other 500M on FB) are outsourcing a lot to third parties in terms of their brand, their communication, their data, their users..
And while we're at it, it doesn't seem like Sony ceding its community comms to Facebook is a problem. Sony managing it's Playstation network security was its problem (totally in-housed as far as I can tell).
My point is just that generalizations about insource/outsource paid/free are overly broad in terms of figuring out the right course of action in IT today.
She's more than a researcher at Microsoft -- she's what you might call a pundit for the intertubes (aka a public intellectual). She wields a lot of influence with a lot of organizations.. So in terms of picking a fight with someone online, I'd say she's just probably somewhere near PJ at Groklaw in terms of Bad Idea (tm).
Good points - and just to add to your line of thinking, even if you use a secure TrueCrypt volume that is mounted with a unique password *after* you boot into your OS, that volume is still vulnerable when your computer is rooted b/c the key presses of the decryption password are passing through your rooted kernel (whatever OS you're running - doesn't matter) - basically keyloggers running with admin/root privileges make just about any security measure weak. Not sure if hardware keys/cards these days make this problem any better, but once your computer is rooted, you're in trouble security-wise.
If your computer is rooted, you might as well assume (for purposes of your security) that every key stroke and mouse event is being tracked and the "good stuff" is being extracted from that data stream for purposes of decrypting your encrypted files and vaults, etc.
I'm not sure the Syrians would agree with you at the moment. Libyans neither for that matter. The people can *try* to make the gov't accountable but it's not always possible.
I couldn't determine in the original study whether they accounted for redirectors or not. If they didn't I'm very surprised twitter showed up at all statistically, which makes me suspect that they did. Did you see something in their methodology that suggests or states that they did not account for URL shorteners when dealing with traffic from twitter or FB? If they didn't account for URL shorteners then as you suggest the study is worthless and will create FUD only. Thanks for any references on methodology. I know some folks at Pew so I will make a little noise over there if you (or others) can give me a leg to stand on.
I wouldn't call FB a wasteland, I would call it an async cocktail party. Not many people want to be bummed out by the guy with all the global warming crisis news at the cocktail party. It's just not the right venue -- people go to FB for a very specific, personal purpose, which in many cases (I think) bears a lot of similarity to the kind of communication that occurs at cocktail parties (bumping into people who you haven't seen in awhile, 1 and 2 degree of separation conversations, and lots of random tidbits from a whole bunch of people).
Note: If you don't like the word cocktail party, call it "kegger" or "house party" or whatever your demographic uses for same social function.
What explains their positively massive referral rate, if their page views are grossly inflated? Seems like they must have some real, solid traffic to be driving referrals at the volumes Pew found.
And we spend $1T on education in the US compared to $530B on Defense. It's just that education is spent in a distributed way (states, counties, districts, colleges) and Defense is largely centralized, so most people miss this fact.. (http://nces.ed.gov/fastfacts/display.asp?id=66)
Several reports I've read suggest that there were two back up helicopters nearby and when they crashed this one they called in a backup, so it was three helo's in, and two out, in effect.
trial is still worth holding, or if the case is now moot.
Not to be too pedantic but I can't help myself: the question is actually whether the case is no longer moot. Moot means debatable. http://dictionary.reference.com/browse/moot
Don't be an idiot. From the start this was framed as a question, with anecdotes to provide context as to why I was asking the question.
I'm not saying that they programmed using crazy network design, I'm saying that all the really great programmers I've met (say my top 3 all-time) were very skilled in networking and in hardware. They understand bus speeds, protocols and tiered caching, and could build high performance hardware if called upon. They also understood physical signaling and packet architecture, to the point where IT network guys would often stroll over for a chat to get advice when they were designing new network layouts. They absolutely didn't *need* these skills in terms of applying them in their day to day work, but they for whatever reason had them, and I suspect it made them better programmers. Maybe my experience is anomalous.
In all seriousness, could you name one? I'm curious. I've never seen one that was more than a toy. Thanks!
While I agree that a lot of tablet gestures are probably not ergonomic, I would hesitate to make a generalization that small gestures are always more ergonomic than large ones. Our bodies are made to undertake certain kinds of large and small movements. Some small movements can cause tendon and other soft tissue problems, especially those related to improper mousing and keyboarding. In same cases larger gestures can cause fewer problems.
Take this 3M ergo mouse: http://solutions.3m.com/wps/portal/3M/en_US/ergonomics/home/products/ergonomicmouse/
It encourages you to make larger gestures using your middle and upper arm instead of mousing only with your wrist. My experience with it has been very good, though it takes some getting used to. I often switch back and forth between this and a regular mouse depending on what I'm doing..
Yeah double ditto. What I'm trying to figure out is how a star programmer can't know anything about networking? Every great programmer I've ever met knew a ton about hardware and networking, all the while being deadly with software. I personally think it would be very hard to be great programmer without understanding the bricks you're standing on, in significant detail.
Well said. Trusting a cloud provider to give you your only encryption seems nuts. I use SpiderOak for cloud services, so I encrypt it once in pwsafe and then they encrypt it again when it goes up.
I'd way rather have one very long (say 20 chars), fairly random password memorized and use that to encrypt the rest of my passwords, than use a system like yours. Predictability is a big vulnerability. If someone can guess 7 out of 12 chars of your password, that means a brute force is relatively trivial to accomplish. If two sites you use get cracked, and they happen to store your p/w in cleartext (some places still do I'm sure), then the crackers will have a nice pattern to work from. At least that's my opinion..
I use passwordsafe in Ubuntu via Wine and it works just fine. The only thing that doesn't work is autotyping, which is sad but not that bad. Performance is fine.
I sync my Ubuntu and Windows machines via SpiderOak, so that when I make changes to pwsafe on one machine, the changes show up on the other machine when I log in there. Whole system works pretty well, and since SpiderOak uses zero prior knowledge encryption, it would be fairly hard for someone to hack the cloud version of my pwsafe database as well.
I re-read parent and he still sounds serious to me about the idea that the nut jobs on the left would claim McCain wasn't born in the US. I don't see any indication he was joking -- maybe we'll have to wonder until he responds himself.