Clearly, the Mozilla team should be performing full regression testing on every bug they fix against every browser known to man. What if the bug affects NCSA Mosaic?
Hmm, there's something wrong with my sarcasmeter, it seems to be off the scale...
All I could think of when reading this is a M$FT rep saying "Come on, we're Microsoft! You can trust us!" while hiding a +10 Spiked Club of Patent Trolling behind their back....
There would be two major paths I would investigate.
If you're in a Windows environment, look at getting Citrix (or something similar) set up. Centralized files, centralized management, and it works very well. The one major issue is printing, although we use a product called Uniprint at work that is fucking fabulous. We went from 60% of helpdesk calls being "reset print spooler" down to 0% when we rolled out Uniprint. Very impressive stuff. We use Citrix at work primarily for our DB-intensive apps (so we don't return millions of rows over the VPNs, just the end result via the user interface), but we do have it in use for Word, Outlook, Excel, etc, as well.
The other option is WAN acceleration. There are many vendors that have them now (Juniper, Cisco, Packeteer, yadda yadda). They're expensive and I'm not sure how well they work if each office only has a few users (only a couple people may not 'seed' the cache sufficiently to make a major impact), but I've heard they work well for larger offices.
Or if the remote IS the demo (think of those Logitech 'Harmony' remotes).
Presenter: "So here we have this cool multi-device touch-screen remote, and we've programmed it to control this entire home theatre. If we press here, we change the channel..." Audience member: *activates TV-B-Gone* Presenter: "Hmm. Just a minor glitch..."
It could definitely have measurable financial & credibility impact on the presenters.
AnyDVD is commercial software for Windows that decrypts + rips DVDs. There is also an 'HD' version out now that supports HDDVD and BluRay. It can be used to rip commercial DVDs to a DVD-R disc with region-free playback, or simply to an ISO on your hard drive. (http://www.slysoft.com/en/anydvdhd.html)
Handbrake is an open-source DVD-to-MPEG4 converter. (http://handbrake.fr/)
VideoLAN is a media player that can play back the MPEG4 files created with Handbrake. In addition to local plaback, it has the ability to unicast/multicast video & audio across a network. (http://www.videolan.org)
So basically, the idea is, rip the video to make it DRM-free, convert it to a smaller, more efficient format for storage, stream across a network.
It's the "upsell" factor that's attractive to retailers. As I mentioned above, third-party accessories are where the money is (often 50-100% markup). So e.g. if you sell an iPod + a hard case for it, the sale of the case covers your loss on the iPod plus some overall profit. When someone buys an iPod, they often buy the accessories at the same time. They wouldn't buy the iPod online from Apple (or from a different brick-and-mortar store) then head to your store to buy the accessories. For the retailers, the iPod itself is a permanent loss-leader to get customers in to look at the iPod + accessories as a package.
The Wii is the same deal -- third-party controllers, games, etc, are the profit centres, but the Wii console gets the customer into the store in the first place.
I have a friend who was a manager of a computer retail store, including a full line of Apple products. iPods are *exactly* the same situation as Wii consoles are -- retailers make absolutely nothing on them, and either you play by Apple's pricing rules or you get cut off.
I forget exactly how much he said the profit was, but IIRC it was $2-3 on a top-end iPod (which was the 60 or 80GB model at the time). By the time you pay your staff to deal with the customer to explain features, etc, and make the sale, he'd already lost money. If the customer paid by credit card, he lost a lot more.
However, third-party accessories (skins/cases, FM tuners, headphones, etc) had significantly higher markup, and that's where the money is for retailers, just like games are for the Wii.
Not at all. It's a very relaxed work atmosphere. To be honest, I don't know if I'd actually be fired if something like that happened... but I would certainly be offering to tender my resignation.
Our company deals with electronic health records for hundreds of thousands of people. The same systems also store information about our contracts with e.g. government entities. Not even counting regulatory requirements like PIPEDA (Canada's Personal Information Protection and Electronic Documents Act), I can't fathom placing that data in any kind of jeopardy, simply from a professional standpoint. If information ever got stolen somehow, and I could have easily prevented it, what do I say? "Hmm. Well, sucks to be those people.", and carry on working?
The LOPSA/USENIX/SAGE System Administrator's Code of Ethics states: "I will do my best to make decisions consistent with the safety, privacy and well-being of my community and the public, and to disclose promptly factors that might pose unexamined risks or dangers." "I will maintain and protect the confidentiality of any information to which I may have access,..."
If we want systems engineering to be viewed as a true profession, in line with engineers, accountants or lawyers, we need to strive for higher standards than "Well, shit happens. Sorry."
Very good points, actually. At my place of employment, we're a fairly small IT department -- I'm the sole DBA, so by default any policy relating to database operation/security/etc originate with me anyways (although formal policies get approved by the department's director). So, at least in my case, whether it's from lack of policy or breach of policy, it's all on my head anyways.:p
In larger shops, I definitely agree with you. There should be both policies *and* technology in place to prevent violations that could result in damage.
the state docked a government official about a week of future vacation time for not ensuring that the data would be protected
I work as a DBA in a nonprofit healthcare organization. If our backup guys lost a tape, and I hadn't bothered to check off the box in our database backup software that says "Encrypt: 256-bit AES", I would lose my job.
This guy got dinged a whopping 1 week of vacation time. That's not even '1 week suspended without pay'. It's the equivalent of having to stay in detention after school.
I need to move over to the public sector or something.
You're certainly welcome to use it if you wish. I would recommend rolling in some of the points from the other respondent to my post (big_paul76), especially w.r.t. the fact that it's not the business of the government to ensure continuity of business models... wish I had thought of that myself when I was drafting my letter.
I also sent an email (and sent a carbon copy via post... hardcopy gets much more attention from politicians!). I don't live anywhere near Calgary either (Ottawa, in fact), but I definitely felt strongly enough about the issue to write to him.
Below is the text of what I sent:
--
Dear Hon. Jim Prentice:
I regret that I am unable to attend your open-house session tomorrow, 08 Dec 2007, in person; however, I would like to take this opportunity to express my concern over a proposed piece of legislation regarding Canadian copyright, namely the so-called "Canadian DMCA".
I work as an IT professional, however my background is in pure Computer Science. I often spend time performing security research. A Canadian version of the US DMCA legislation greatly concerns me -- one needs to look no further than the 'US v. Elcomsoft & Sklyarov' case to see why.
In this instance, legitimate security research was suppressed, and the researcher arrested at the will of a large corporation. Rather than acknowledge & fix the weaknesses in their product's security, Adobe chose to use the DMCA as a sledgehammer to suppress disclosure of information they did not like.
This has obvious chilling effects -- as an analogue, if a researcher were to find a weakness in the encryption used for e.g. online banking, is it reasonable to arrest the researcher rather than fix the weakness? To my mind, it is infinitely preferable to acknowledge, fix, and continuously improve security through legitimate research. Those with criminal intent will search for these weaknesses in any event -- it is much better to discover and fix the issues in a transparent manner. As the saying goes, "When guns are outlawed, only outlaws will have guns." hold very true here.
Other kinds of DMCA abuse is well-documented and widespread. A few simple Google searches (e.g. "DMCA abuse") very quickly turn up many sources of information. This legislation has been used to suppress reviews or opinions which are negative towards large companies -- technically, these should be handled as a civil lawsuit for slander or libel (if they are, in fact, untrue); however, many large corporations choose to invoke a DMCA takedown notice instead, as it forces the content hoster to take down the material immediately, rather than waiting for a judgement from a court of law. It is important to note that it is *corporations* that send these takedown notices, not the courts. Under this model, 'justice' is a distant wish.
There was some research done in 2005 by the University of South Carolina which showed that 30% of DMCA takedown notices sent by corporations were improper, and even potentially illegal (unfortunately, the document seems to have been taken offline, or moved, but the previous URL was http://lawweb.usc.edu/news/releases/2005/legalFlaws.html). This is a stunningly high figure -- laws are traditionally written to ensure that there is an onus of proof before charges are filed, and that due legal process is followed. The rules of jurisprudence are critical to ensure the equitable operation of any society, but overly broad, overly powerful laws like the US DMCA allow companies with deep legal pockets to run rampant, and allows them to run a private campaign of fear and intimidation.
I wish to point out that I am not pro-piracy, but rather am opposed to legislation (and legislators) funded or supported by corporations. This is the very antithesis of a democracy, and is the current state in the US. Canada is already dangerously close to that abyss, and I do not wish to
Below is the text of what I've sent in (via email and CC: via letter mail) to Jim Prentice. Feel free to copy/modify it to suit your needs/views.
---
Hon. Jim Prentice:
I regret that I am unable to attend your open-house session tomorrow, 08 Dec 2007, in person; however, I would like to take this opportunity to express my concern over a proposed piece of legislation regarding Canadian copyright, namely the so-called "Canadian DMCA".
I work as an IT professional, however my background is in pure Computer Science. I often spend time performing security research. A Canadian version of the US DMCA legislation greatly concerns me -- one needs to look no further than the 'US v. Elcomsoft & Sklyarov' case to see why.
In this instance, legitimate security research was suppressed, and the researcher arrested at the will of a large corporation. Rather than acknowledge & fix the weaknesses in their product's security, Adobe chose to use the DMCA as a sledgehammer to suppress disclosure of information they did not like.
This has obvious chilling effects -- as an analogue, if a researcher were to find a weakness in the encryption used for e.g. online banking, is it reasonable to arrest the researcher rather than fix the weakness? To my mind, it is infinitely preferable to acknowledge, fix, and continuously improve security through legitimate research. Those with criminal intent will search for these weaknesses in any event -- it is much better to discover and fix the issues in a transparent manner. As the saying goes, "When guns are outlawed, only outlaws will have guns."
Other kinds of DMCA abuse is well-documented and widespread. A few simple Google searches (e.g. "DMCA abuse") very quickly turn up many sources of information. This legislation has been used to suppress reviews or opinions which are negative towards large companies -- technically, these should be handled as a civil lawsuit for slander or libel (if they are, in fact, untrue); however, many large corporations choose to invoke a DMCA takedown notice instead, as it forces the content hoster to take down the material immediately, rather than waiting for a judgement from a court of law. It is important to note that it is *corporations* that send these takedown notices, not the courts. Under this model, 'justice' is a distant wish.
There was some research done in 2005 by the University of South Carolina which showed that 30% of DMCA takedown notices sent by corporations were improper, and even potentially illegal (unfortunately, the document seems to have been taken offline, or moved, but the previous URL was http://lawweb.usc.edu/news/releases/2005/legalFlaws.html). This is a stunningly high figure -- laws are traditionally written to ensure that there is an onus of proof before charges are filed, and that due legal process is followed. The rules of jurisprudence are critical to ensure the equitable operation of any society, but overly broad, overly powerful laws like the US DMCA allow companies with deep legal pockets to run rampant, and allows them to run a private campaign of fear and intimidation.
I wish to point out that I am not pro-piracy, but rather am opposed to legislation (and legislators) funded or supported by corporations. This is the very antithesis of a democracy, and is the current state in the US. Canada is already dangerously close to that abyss, and I do not wish to see us fall in completely.
*Original* creators of artistic works certainly desire to be paid for their works; it is for this reason that I attend live concerts, purchase T-s
I've still got a working C64 in my basement, including 2 working 1540 drives, and a working line printer for it. The 'Commodore' branded monitor is a little fuzzy now, but the system itself still works great. There's a Commodore PET down there too, which also still works.
Slashdot Mirror
As a Firefox user, I'd like to apologize to Opera users (both of you) for leaving you exposed.
Next time we'll just let you figure it out on your own.
Clearly, the Mozilla team should be performing full regression testing on every bug they fix against every browser known to man. What if the bug affects NCSA Mosaic?
Hmm, there's something wrong with my sarcasmeter, it seems to be off the scale...
How else are they going to put DRM on it? Bloody lightbulb pirates!
All I could think of when reading this is a M$FT rep saying "Come on, we're Microsoft! You can trust us!" while hiding a +10 Spiked Club of Patent Trolling behind their back....
1995 called, and Geocities wants their webpage design back. :p
It is as if a million Slashdotters cried out, and then microsoft.com was silenced...
Hmmmm? Are you proposing that US troops use bad, home-mix techno to vanquish their enemies (using software 2 major versions out of date, no less!)
There would be two major paths I would investigate.
If you're in a Windows environment, look at getting Citrix (or something similar) set up. Centralized files, centralized management, and it works very well. The one major issue is printing, although we use a product called Uniprint at work that is fucking fabulous. We went from 60% of helpdesk calls being "reset print spooler" down to 0% when we rolled out Uniprint. Very impressive stuff. We use Citrix at work primarily for our DB-intensive apps (so we don't return millions of rows over the VPNs, just the end result via the user interface), but we do have it in use for Word, Outlook, Excel, etc, as well.
The other option is WAN acceleration. There are many vendors that have them now (Juniper, Cisco, Packeteer, yadda yadda). They're expensive and I'm not sure how well they work if each office only has a few users (only a couple people may not 'seed' the cache sufficiently to make a major impact), but I've heard they work well for larger offices.
Or if the remote IS the demo (think of those Logitech 'Harmony' remotes).
Presenter: "So here we have this cool multi-device touch-screen remote, and we've programmed it to control this entire home theatre. If we press here, we change the channel..."
Audience member: *activates TV-B-Gone*
Presenter: "Hmm. Just a minor glitch..."
It could definitely have measurable financial & credibility impact on the presenters.
AnyDVD is commercial software for Windows that decrypts + rips DVDs. There is also an 'HD' version out now that supports HDDVD and BluRay. It can be used to rip commercial DVDs to a DVD-R disc with region-free playback, or simply to an ISO on your hard drive. (http://www.slysoft.com/en/anydvdhd.html)
Handbrake is an open-source DVD-to-MPEG4 converter. (http://handbrake.fr/)
VideoLAN is a media player that can play back the MPEG4 files created with Handbrake. In addition to local plaback, it has the ability to unicast/multicast video & audio across a network. (http://www.videolan.org)
So basically, the idea is, rip the video to make it DRM-free, convert it to a smaller, more efficient format for storage, stream across a network.
It's the "upsell" factor that's attractive to retailers. As I mentioned above, third-party accessories are where the money is (often 50-100% markup). So e.g. if you sell an iPod + a hard case for it, the sale of the case covers your loss on the iPod plus some overall profit. When someone buys an iPod, they often buy the accessories at the same time. They wouldn't buy the iPod online from Apple (or from a different brick-and-mortar store) then head to your store to buy the accessories. For the retailers, the iPod itself is a permanent loss-leader to get customers in to look at the iPod + accessories as a package.
The Wii is the same deal -- third-party controllers, games, etc, are the profit centres, but the Wii console gets the customer into the store in the first place.
I have a friend who was a manager of a computer retail store, including a full line of Apple products. iPods are *exactly* the same situation as Wii consoles are -- retailers make absolutely nothing on them, and either you play by Apple's pricing rules or you get cut off.
I forget exactly how much he said the profit was, but IIRC it was $2-3 on a top-end iPod (which was the 60 or 80GB model at the time). By the time you pay your staff to deal with the customer to explain features, etc, and make the sale, he'd already lost money. If the customer paid by credit card, he lost a lot more.
However, third-party accessories (skins/cases, FM tuners, headphones, etc) had significantly higher markup, and that's where the money is for retailers, just like games are for the Wii.
I didn't think Civ was THAT bad...
I, for one, refuse to trust my mail to any creature that can be this devious.
Not at all. It's a very relaxed work atmosphere. To be honest, I don't know if I'd actually be fired if something like that happened... but I would certainly be offering to tender my resignation.
..."
Our company deals with electronic health records for hundreds of thousands of people. The same systems also store information about our contracts with e.g. government entities. Not even counting regulatory requirements like PIPEDA (Canada's Personal Information Protection and Electronic Documents Act), I can't fathom placing that data in any kind of jeopardy, simply from a professional standpoint. If information ever got stolen somehow, and I could have easily prevented it, what do I say? "Hmm. Well, sucks to be those people.", and carry on working?
The LOPSA/USENIX/SAGE System Administrator's Code of Ethics states:
"I will do my best to make decisions consistent with the safety, privacy and well-being of my community and the public, and to disclose promptly factors that might pose unexamined risks or dangers."
"I will maintain and protect the confidentiality of any information to which I may have access,
If we want systems engineering to be viewed as a true profession, in line with engineers, accountants or lawyers, we need to strive for higher standards than "Well, shit happens. Sorry."
Very good points, actually. At my place of employment, we're a fairly small IT department -- I'm the sole DBA, so by default any policy relating to database operation/security/etc originate with me anyways (although formal policies get approved by the department's director). So, at least in my case, whether it's from lack of policy or breach of policy, it's all on my head anyways. :p
In larger shops, I definitely agree with you. There should be both policies *and* technology in place to prevent violations that could result in damage.
the state docked a government official about a week of future vacation time for not ensuring that the data would be protected
I work as a DBA in a nonprofit healthcare organization. If our backup guys lost a tape, and I hadn't bothered to check off the box in our database backup software that says "Encrypt: 256-bit AES", I would lose my job.
This guy got dinged a whopping 1 week of vacation time. That's not even '1 week suspended without pay'. It's the equivalent of having to stay in detention after school.
I need to move over to the public sector or something.
You're certainly welcome to use it if you wish. I would recommend rolling in some of the points from the other respondent to my post (big_paul76), especially w.r.t. the fact that it's not the business of the government to ensure continuity of business models... wish I had thought of that myself when I was drafting my letter.
I also sent an email (and sent a carbon copy via post ... hardcopy gets much more attention from politicians!). I don't live anywhere near Calgary either (Ottawa, in fact), but I definitely felt strongly enough about the issue to write to him.
Below is the text of what I sent:
--
Dear Hon. Jim Prentice:
I regret that I am unable to attend your open-house session tomorrow, 08 Dec 2007, in person; however, I would like to take this opportunity to express my concern over a proposed piece of legislation regarding Canadian copyright, namely the so-called "Canadian DMCA".
I work as an IT professional, however my background is in pure Computer Science. I often spend time performing security research. A Canadian version of the US DMCA legislation greatly concerns me -- one needs to look no further than the 'US v. Elcomsoft & Sklyarov' case to see why.
References: http://w2.eff.org/IP/DMCA/US_v_Elcomsoft/us_v_sklyarov_faq.html
http://en.wikipedia.org/wiki/Dmitry_Sklyarov
In this instance, legitimate security research was suppressed, and the researcher arrested at the will of a large corporation. Rather than acknowledge & fix the weaknesses in their product's security, Adobe chose to use the DMCA as a sledgehammer to suppress disclosure of information they did not like.
This has obvious chilling effects -- as an analogue, if a researcher were to find a weakness in the encryption used for e.g. online banking, is it reasonable to arrest the researcher rather than fix the weakness? To my mind, it is infinitely preferable to acknowledge, fix, and continuously improve security through legitimate research. Those with criminal intent will search for these weaknesses in any event -- it is much better to discover and fix the issues in a transparent manner. As the saying goes, "When guns are outlawed, only outlaws will have guns." hold very true here.
Other kinds of DMCA abuse is well-documented and widespread. A few simple Google searches (e.g. "DMCA abuse") very quickly turn up many sources of information. This legislation has been used to suppress reviews or opinions which are negative towards large companies -- technically, these should be handled as a civil lawsuit for slander or libel (if they are, in fact, untrue); however, many large corporations choose to invoke a DMCA takedown notice instead, as it forces the content hoster to take down the material immediately, rather than waiting for a judgement from a court of law. It is important to note that it is *corporations* that send these takedown notices, not the courts. Under this model, 'justice' is a distant wish.
There was some research done in 2005 by the University of South Carolina which showed that 30% of DMCA takedown notices sent by corporations were improper, and even potentially illegal (unfortunately, the document seems to have been taken offline, or moved, but the previous URL was http://lawweb.usc.edu/news/releases/2005/legalFlaws.html). This is a stunningly high figure -- laws are traditionally written to ensure that there is an onus of proof before charges are filed, and that due legal process is followed. The rules of jurisprudence are critical to ensure the equitable operation of any society, but overly broad, overly powerful laws like the US DMCA allow companies with deep legal pockets to run rampant, and allows them to run a private campaign of fear and intimidation.
I wish to point out that I am not pro-piracy, but rather am opposed to legislation (and legislators) funded or supported by corporations. This is the very antithesis of a democracy, and is the current state in the US. Canada is already dangerously close to that abyss, and I do not wish to
Below is the text of what I've sent in (via email and CC: via letter mail) to Jim Prentice. Feel free to copy/modify it to suit your needs/views.
---
Hon. Jim Prentice:
I regret that I am unable to attend your open-house session tomorrow, 08 Dec 2007, in person; however, I would like to take this opportunity to express my concern over a proposed piece of legislation regarding Canadian copyright, namely the so-called "Canadian DMCA".
I work as an IT professional, however my background is in pure Computer Science. I often spend time performing security research. A Canadian version of the US DMCA legislation greatly concerns me -- one needs to look no further than the 'US v. Elcomsoft & Sklyarov' case to see why.
References: http://w2.eff.org/IP/DMCA/US_v_Elcomsoft/us_v_sklyarov_faq.html
http://en.wikipedia.org/wiki/Dmitry_Sklyarov
In this instance, legitimate security research was suppressed, and the researcher arrested at the will of a large corporation. Rather than acknowledge & fix the weaknesses in their product's security, Adobe chose to use the DMCA as a sledgehammer to suppress disclosure of information they did not like.
This has obvious chilling effects -- as an analogue, if a researcher were to find a weakness in the encryption used for e.g. online banking, is it reasonable to arrest the researcher rather than fix the weakness? To my mind, it is infinitely preferable to acknowledge, fix, and continuously improve security through legitimate research. Those with criminal intent will search for these weaknesses in any event -- it is much better to discover and fix the issues in a transparent manner. As the saying goes, "When guns are outlawed, only outlaws will have guns."
Other kinds of DMCA abuse is well-documented and widespread. A few simple Google searches (e.g. "DMCA abuse") very quickly turn up many sources of information. This legislation has been used to suppress reviews or opinions which are negative towards large companies -- technically, these should be handled as a civil lawsuit for slander or libel (if they are, in fact, untrue); however, many large corporations choose to invoke a DMCA takedown notice instead, as it forces the content hoster to take down the material immediately, rather than waiting for a judgement from a court of law. It is important to note that it is *corporations* that send these takedown notices, not the courts. Under this model, 'justice' is a distant wish.
There was some research done in 2005 by the University of South Carolina which showed that 30% of DMCA takedown notices sent by corporations were improper, and even potentially illegal (unfortunately, the document seems to have been taken offline, or moved, but the previous URL was http://lawweb.usc.edu/news/releases/2005/legalFlaws.html). This is a stunningly high figure -- laws are traditionally written to ensure that there is an onus of proof before charges are filed, and that due legal process is followed. The rules of jurisprudence are critical to ensure the equitable operation of any society, but overly broad, overly powerful laws like the US DMCA allow companies with deep legal pockets to run rampant, and allows them to run a private campaign of fear and intimidation.
I wish to point out that I am not pro-piracy, but rather am opposed to legislation (and legislators) funded or supported by corporations. This is the very antithesis of a democracy, and is the current state in the US. Canada is already dangerously close to that abyss, and I do not wish to see us fall in completely.
*Original* creators of artistic works certainly desire to be paid for their works; it is for this reason that I attend live concerts, purchase T-s
Honestly, I don't do much with it anymore. It mainly sits there as a 'trophy' to times past. :p
Every now and then I get the urge to hack away on it, of course, but it mostly sits idle nowadays.
I've still got a working C64 in my basement, including 2 working 1540 drives, and a working line printer for it. The 'Commodore' branded monitor is a little fuzzy now, but the system itself still works great. There's a Commodore PET down there too, which also still works.
Congratulations, you win a cookie.
"Our fundamental strategy will not change" -> We're still going to fuck you over.
"We'll just find sneakier ways to punish you instead" -> Taking the lube away.
It's worth re-emphasizing that our fundamental strategy has not changed.
i.e. We're still gonna bend you over. The big guy named Bubba is still employed with us, but now we've taken away his lube.
You mean like this?