You wouldn't believe how many small businesses *fail* to include rudimentary info like that. Sometimes they even have sites that obviously took several man-weeks if not man-months to "design" but for example:
Don't list a email-adress or contact-form anywhere.
Fail to give their phone-numer or adress.
Are a swimming-hall but forget to mention their opening hours (probably the no-1 fact people want to know)
Present some product but fail to mention what it costs, OR how to order it.
Sure. A small site doesn't need large amounts of content. But it does need some. And if that content isn't there then any amount of investment in flashy design is wasted.
Indeed many sites that have overinvested in "pretty" design are completely unusable, so even when the content IS there I go somewhere else.
Re:Info on what exactly SHA-1 is ...
on
SHA-1 Broken
·
· Score: 1
Not at all. It's like you say perfectly obvious that any hash that is shorter than the document (and if it wasn't there'd be little point) will have collisions.
All we require is that it be computationally hard to find such collisions, at best so hard that there is no easier way than simply hashing random strings over and over until you by luck find two that have the same hash.
If sha1 was that good, then it'd have complexity 2^80 or so to find two strings with identical hash. The new paper (claims to -- it's not public yet) have a method with complexity only 2^69 for doing that. This means finding collisons in sha1 is 2048 times easier than we knew.
Re:Info on what exactly SHA-1 is ...
on
SHA-1 Broken
·
· Score: 1
It depends on the details of the attack. It's not yet publically available so obviosly I haven't read it.
In general many attacks allow you to select the first arbitrary number of blocks freely, and then only to append a few blocks of carefully selected gibberish to make the whole experience a collection with a completely different document with different gibberish at the end.
Many file-formats (for example Word documents, jpeg-pictures and mp3-songs) allow the insertion of arbitrary blocks of gibberish without affecting how the file is displayed or played back.
It is a problem if you use GPG to digitally sign a certain word-document, or a certain jpeg as coming from you. And then someone substitutes a completely different jpeg or word-document and the recipient trust you signature and assume it is from you. The recipient would very likely not notice that the word-document has gibberish in a no-op part of the file or that the jpeg has gibberish in a comment-block.
So, short story: Often a document *is* perfectly readable and nothing suspicious is noticed by the receiver, even if the file infact contains one or more blocks of gibberish.
Obviosly if the attack requires that the *entire* file be specially selected gibberish the receiver would probably notice.
This all being said sha1 is still fairly secure for what most people use it for. The attack "only" reduces the complexity of finding two strings with a identical hash from the theoretical max of 2^80 (because sha1 is a 160 bit hash) down to 2^69. That's a reduction by a factor of 2048, so it's clearly a big deal. 2^69 is still enough complexity to give atleast some security.
I'd say it's a "Look for alternatives -- NOW" kind of announcement, not a "Panic -- NOW" kind of announcement.
Re:Info on what exactly SHA-1 is ...
on
SHA-1 Broken
·
· Score: 4, Interesting
Not quite.
For quite a few applications the hash is broken even if I cannot easily find a second string with the same hash as one given. Even if I can "only" at will find two strings with the same hash, that is a pretty serious weakness.
I could, for example, create two documents with the same hash, have you sign one, and then claim you signed the other one. Since the hashes are the same your digital signature will be valid for both.
For other applications, like replacing a signed document with another without being detected you're rigth -- that would only work if one could easily find a document with a given hash.
That does not help. It assumes that visiting a IDN site is something "rare" something you do only occasionally, something you do *not* do daily and certainly never do you trust an IDN site.
It helps not at all if my bank is a Norwegian IDN-site and I get phished with some IDN-site. Both look identical in the adress-bar, both have the idn-yellow-background on the status-bar. How am I supposed to know which one is which.
Oh, and making them red and flashing, that'll go over real well with those of us that do *not* live in englisch-speaking countries (i.e. most of us)
There are lots of legitimate research to be done on hydropower. For example a lot of interesting stuff is being done with waves and tides. But more efficient turbines very clearly isn't it.
The turbines used in a typical modern hydroelectric powerplant already produces at 80-90% efficiency. Sure, you can play for those last 10% or so, but it's a game of diminishing returns. Ever more investments bring ever smaller benefits.
"impact" really mostly means dams. All the rest of most norwegian hydroelectri plants is typically literally inside a mountain. All you see is a dam somewhere (sometimes not even that), a sea with more fluctuating water-level than is natural, and somewhere powerlines coming out of a mountain. Additionally the rivers that used to carry the water gets less water as the water used by the powerplant runs in pipes.
Nuclear is a lot better than oil/coal burning, that much is for sure. Atleast in countrys with enough of a reliable infrastructure that failing safety-mechanisms won't just be disabled to avoid interupting the production. (as in Chernobyl)
That said, hydroelectric is also *very* well-tested mature technology, wind and solar less so.
Norway, for example, have produced like 98% of the electricity needed (including the humongous amounts needed for large aluminium-plants) by hydroelectric since a century. That should count as well-tested I think.
Different areas have different possibilities for different energies. Where there are large amounts of water (i.e. rain) falling in mountains, there'll be large amounts of hydroelectric power to earn with relatively modest negative consequences.
Some places there's a lot of wind, and some places there's a *lot* of area and a lot of sun. Those places I think we should use it. Basically the only thing stopping us is that currently solar and wind is more expensive than burning fossil fuels. hydroelectric on the other hand is a lot *cheaper* than the alternatives on good locations.
On date A, 1 out of 100 Moms play computer games, and 20 out of 100 Slashdot readers play computer games. At date B, 2 out of 100 Moms play computer games. 22 out of 100 Slashdot readers play computer games.
Over this time period, the market segment "Mom who play games" is showing 200% growth. The segment "Slashdotters who play games" only showed 10% growth.
Where'd you learn that math ? Growing from 1 to 2 is 100% growth, not 200%. The formula is: change/old_value * 100
It does not help that using your legally purchased music in your mp3-player may be fair use. The thing is -- cracking the DRM to *access* the work is illegal under the DMCA even when the use itself is legal.
If this new proposed law goes trough in Norway as proposed, it'll then be equally illegal here.
So: Worst case the law in norway, on this field, gets equally perverse as it's already been for years in the USA.
I'm sorry, but you're completely missing the point.
Infact it's worse than that. It seems that a certain type of American will rise this exact argument every time anyone says *anything* in defence of the environment.
It's bullshit.
There's no reason living in a modern house means you have to accept science being manipulated for political ends.
There's even no reason you can't live comfortably *and* environmentally conscious. It's not a black or white situation. I realise that for some people it is very hard to see the world in something more than binary, but the world really ain't like that.
Either you go live in the stone-age, or you loose the rigth to critisize *anything* that hurts the environment really ain't a reasonable position.
Aside from that trees aren't generally being cut down faster than they grow back. Yes this is true for some types of trees, and true for some regions. And that is in some cases a problem. But in no way is it generally true.
In Norway where I come from the amount of standing forest has increased by 80% the last century. Largely because today most power (most as in 98%) is produced by hydroelectric powerplants rather than like earlier by burning wood in inefficient ovens.
Also, the house my father now has is both *enormously* more comfortable, and at the same time uses a lot *less* energy than the house my grandparents live in (built in 1935).
This ain't special.
My Via Epia computer uses something like 40W when running, and still does enormously much *more* than any computer at twice that wattage 5 years ago.
My modern dishwasher uses 1/4th the water and 1/2 the electric power compared to the 10 year old one my father has.
My car has twice the horsepower and much better comfort in comparison to the one my parents had when I was small -- and it still uses less petrol and need less repairs. More of it is recyclable too.
Today many houses where my father live are heated by a heat-pump, taking the heat from the nearby ocean. Thus further reducing heating-costs and energy-needs by about 70% without in any way reducing comfort.
Yes there are examples of situations where the environment and your comfort are in conflict. But there are also tons of examples of situations where it's both possible and realistic to improve the situation for the environment and at the same time improve your comfort.
This "Caring for the environment means you gotta suffer" ranting seems to me to be intended to do nothing more than pacify Americans. I think the more clever of them are seeing trough it though.
Yes. That's an important lesson, that there is a time to follow the rules, and a time to ignore them. Learning when to do what can be hard.
My father experienced something similar when he was in the military. He was posted as a guard at some exersize, and the stated rule was that only people knowing the code-word and presenting valid id should be allowed to enter.
So, it is late and this major shows up. "Stop", my father says, "Name and ID please." The major complies. "Code-word ?"
Offcourse the major didn't know it. He was bringing new instructions for next days exersize. He also was short of temper and started to shout around before proceeding to ignore my father, wanting to climb the gate and enter the camp anyway.
My father yelled "Stop, or I'll shoot." (as per instructions) and stepped on the button for silent alarm, then, three seconds later as the major still wouldn't stop his advance, he shot over the majors head, repeated the order to stop and sounded the loud alarm.
Rurned out the major really *was* bringing the orders for next day. He was also genuinely pissed that my father wouldn't accept this, seeing as he had presented valid id and all. My father was sure he was in real trouble now.
Turned out not to be the case. Instead the commanding officer asked him why he didn't shoot the major. "That, Sir, was the next step on my list." my father replied. Needless to say my father was totally in the clear and instead the major was the one in somewhat deep shit.
In the oposite direction children sometimes die in fires because they do not know that if it's burning, and you can't get out you're freaking *allowed* to break the windows by say throwing a chair trough them.
Without a doubt there are situations (allthough probably more and more seldom) where ligthhouses are beneficial. But the disadvantages of other navigation mentioned in the article pretty much all hit ligthhouses just as much, or even more. For example:
For one thing, GPS can never be 100 percent reliable -- extreme weather conditions like hail or snowfall or even solar winds are known to disrupt service. Ligthhouses, on the other hand are, as we all know, not at all affected by any of these conditions...
Bauermeister fears hobby captains are losing more and more of their skills as a result of modern technologies. If their GPS systems were to malfunction, they could face serious danger. Yeah, and like we all know -- if there's a ligthhouse in the area, no hobby-captain will rely on GPS and they'll all keep their map-reading skills finely honed.
But GPS, a service of the United States military with satellites that circumnavigate the globe, remains the only system available that covers the entire open sea. Yeah -- and ligthhouses cover "the entire open sea" exactly how ?
I know the subscriber paying for all calls, incoming and outgoing, is a bit bizarre to non-US users, but it is definitely better. If I dial a mobile in another country, I have no competitive bargaining power for what I'll be charged, right?
Wrong.
The person calling (and paying) typically has the choise between multiple different providers. He chooses one of them as the "default" and accesses any of the other ones by using a prefix.
So, for example I use 01013 as a default prefix, which means that if I pick up the phone and dial a mobile phone I'll pay what they charge pro minute. Mostly I'll manually dial 01071+number when dialing a mobile phone since they're cheaper on that though.
I don't have to do this manually, there's "least cost routers" available that you install between the phone and the landline that will automatically dial the prefix that is cheapest for the number you want to reach.
I see what you mean now. The misunderstanding is that we appear to be employing different definitions for "file". You say that that you consider a disk-file and a protocol both subclasses of the superclass "file".
When I said file I meant it in the traditional sense: A file is a sequence of bytes, optionally with one or more associated names.
With this definition a protocol is not a file. Because a protocol does not consist only of a collection of bytes. In addition a protocol needs as a minimum information about *who* said what.
Yes, any message can be considered a file. But a protocol is something more than a message -- it's a *sequence* of messages between atleast two different parties. Each message in a protocol frequently cannot really be documented on its own -- the meaning depend on earlier messages. A mp3-file "means" the same regardless of which files was sent before it or after it. It's standalone.
Anyway I'm not trying to argue that my definition of "file" is better than yours. I do think it's more *common* but that's not important. Important is only that you make it clear what you mean when you use a word in a way that migth be misunderstood.
By the way a file-system,/dev/hda1,/etc/hosts, and/tmp/ksocket-ekj/kdeinit-:0 are all files according to either definition. All are sequences of bytes. (sometimes with zero or infinite length, but that's ok.)
Your point about patents is a good one. Indeed an Open License won't protect you against this. Nor can it. The problem is that copyrigth only applies to people who've contributed to the product. So if all of them have agreed to have their contribution distributed under say the GPL, then in the context of copyrigth the work is under GPL.
Patents are different. Me and you can write a program together, and both agree to put it under for example the GPL. This is still no protection at all against the possibility that some company that has never contributed a single character to our code will come and claim (possibly correctly) that our code infringes their patent. Nor is there *anything* we could put in our license to protect us against this possibility.
At best we could put in a perpetual, mutual, world-wide, non-revokable rigth for anyone to royalty-free use any patents *we* have that migth cover stuff in the program. This migth indeed be a good idea, but it'd still protect us not at all against patents held by *others*.
Patents and openness is also really two different things, and I'm not convinced that mixing them together is a good thing for our cause. Yes, for a software-project to be really free we need *both* openness *and* freedom from patents.
Unfortunately there's presently not a single program on the face of the planet that has any guarantees against the latter, nor can there be with the current set of laws. There is however rather a lot of programs that are open.
For example, a anonymous id-card would be very useful. They could sell them in any kiosk. All it does is allow you to identify as the holder of a certain card.
This is useful to build up trustworthy pseudonyms. People don't know who you are (unelss you tell them), but they *do* know that you are the same person who wrote software X. Or that you are the same person who bougth product Y from me one month ago, or even just that you're the same person I chatted with last week.
Additional information could be added to pseudonyms at will by having that information signed by some trusted (non-anonymous) entity.
For example, your bank could offer to digitally sign a statement that "Holder of pseudonym X is more than 18 years old." Or any other statement you could find useful.
Your privacy would be protected because you yourself would choose which info you provide along with your pseudonym. For some services perhaps nothing, for others your age.
I know the unix paradigm of "everything is a file", but there is still a real and significant difference between a letter and a conversation. The significant difference is that in a conversation there is more than one part taking part, and conversation is two-way.
I agree with you that talking to the kernel to have it read files for you is an example of something that requires a protocol. You make a request in a certain way, and you get a response in a certain way.
Yes, you can play with words all you like. But in the real world, when someone says they'd like to see the specification for a file-format, what they actually mean is very probably that they'd like to know the correct interpretation of one certain byte-sequence.
"protocol" and "file" are two different words, for a reason. By insisting that they both (aswell as "API" mean the exact same thing, you contribute nothing but lessening the usefulness of all words.
A word that means everything also means nothing. Distinction is as important as generalisation.
There's a difference between a picture of a person, and a picture where some person is visible and recognizable.
Yes, like often in law the borders are fuzzy, but basically the interesting distinction is if the person him/herself is the motive, or if the motive is something else and the person only happens to be in the picture-frame.
Basically, ask yourself if this picture would still be an interesting motive *without* the person. If the answer is "yes", then that's a reasonably strong indication that the picture can be used without consent of the person. If the answer is "no" you probably need permission.
There's some exceptions to this, for example if you take a picture of Clinton and Monica, you can use it comercially without asking them, even though the picture really is about them, and not about some other motive where they're only accidentally in the frame.
Not really. You can only proove that the digital file was created by someone or something in posession of the same secret key as the one residing inside the camera.
For example, if someone where to hack their camera and somehow extract the secret key (yes they're trying to make this "hard" but "hard" ain't the same as "impossible") then that person could himself sign any file whatsoever as "authentic".
The trust is *only* as deep as the trust in the fact that a) the camera contains the only copy of the secret key b) the digital signature scheme has not been broken and c) the camera operates correctly.
Okay, so it's better than nothing. But a guarantee it's certainly not.
It's a matter of definition I guess. The idea is that you get two different forms of compensation. First you get compensated what you've "lost" in real cash. This typically means something like your salary for the time you where imprisoned minus what you saved by having the state give you food and a bed.
Then there's compensation for the suffering of being imprisoned. i.e. the fact that being in prison is less desireable than being a free person, even if you get the same cash for it.
A person wrongfully imprisoned in the UK gets compensated for this from the state. Yeah, he gets compensated a tiny bit less than he would be if he'd had to buy his own food in jail. If "the compensation is smaller than it'd otherwise be" is what you mean by "pay" then I guess he does pay for being in prison.
But that's a bit like saying if I get paid a bit less from my employer because I have free lunch at work (i.e. the value of the lunch is subtracted from my salary) then I *pay* to work for my employer. The situation really is quite parallell. I get compensation for being at work. This compensation is a bit smaller because I also had a benefit at work (i.e. food). Similarily you get compensated for being wrongfully imprisoned, said compensation gets a bit smaller because you also had benefits in prison (i.e. food)
He doesn't pay for being imprisoned -- on the contrary he *gets* paid for being wrongfully imprisoned. He does however pay for food.
If you are wrongfully jailed you'll get compensation. BUT they'll subtract "housing and food", i.e. the value of the bed and the food in prison from your compensation. Which lead some journalists to report that you're supposed to "pay for jail".
That wouldn't solve the "sits in a basement somewhere" problem where a publisher refuses to publish himself, yet also refuses to let someone *else* publish.
Better would be a sysytem where (for example) every new created work automatically gets 5 years of copyrigth-protection, which can then be renewed for say $100 for another 5 years.
And here's the catch: You can do this infinitely, but each time you renew, the price doubles. So, keeping something under copyrigth for 20 years would cost you 100+200+400 = 700 which any work of comersial value should be able to afford.
Still, the public would be ensured that the works eventually become available, and that in the meantime the copyrigth-holders actually pay for the *priviledge* of having the state enforce their monopoly.
At the 10th renewal (55 years) the cost would be $100.000 which means that many works would no longer be profitable to keep under wraps. At the 20th renewal (105 years) you'd have to put $100 million on the table to keep it locked up for another five years, I doubt that'd be profitable for many works.
This would also solve the "rigth-holder can't be found, and our last copy is deteriating rapidly!" problem.
Slashdot Mirror
Sure. A small site doesn't need large amounts of content. But it does need some. And if that content isn't there then any amount of investment in flashy design is wasted.
Indeed many sites that have overinvested in "pretty" design are completely unusable, so even when the content IS there I go somewhere else.
All we require is that it be computationally hard to find such collisions, at best so hard that there is no easier way than simply hashing random strings over and over until you by luck find two that have the same hash.
If sha1 was that good, then it'd have complexity 2^80 or so to find two strings with identical hash. The new paper (claims to -- it's not public yet) have a method with complexity only 2^69 for doing that. This means finding collisons in sha1 is 2048 times easier than we knew.
In general many attacks allow you to select the first arbitrary number of blocks freely, and then only to append a few blocks of carefully selected gibberish to make the whole experience a collection with a completely different document with different gibberish at the end.
Many file-formats (for example Word documents, jpeg-pictures and mp3-songs) allow the insertion of arbitrary blocks of gibberish without affecting how the file is displayed or played back.
It is a problem if you use GPG to digitally sign a certain word-document, or a certain jpeg as coming from you. And then someone substitutes a completely different jpeg or word-document and the recipient trust you signature and assume it is from you. The recipient would very likely not notice that the word-document has gibberish in a no-op part of the file or that the jpeg has gibberish in a comment-block.
So, short story: Often a document *is* perfectly readable and nothing suspicious is noticed by the receiver, even if the file infact contains one or more blocks of gibberish.
Obviosly if the attack requires that the *entire* file be specially selected gibberish the receiver would probably notice.
This all being said sha1 is still fairly secure for what most people use it for. The attack "only" reduces the complexity of finding two strings with a identical hash from the theoretical max of 2^80 (because sha1 is a 160 bit hash) down to 2^69. That's a reduction by a factor of 2048, so it's clearly a big deal. 2^69 is still enough complexity to give atleast some security.
I'd say it's a "Look for alternatives -- NOW" kind of announcement, not a "Panic -- NOW" kind of announcement.
For quite a few applications the hash is broken even if I cannot easily find a second string with the same hash as one given. Even if I can "only" at will find two strings with the same hash, that is a pretty serious weakness.
I could, for example, create two documents with the same hash, have you sign one, and then claim you signed the other one. Since the hashes are the same your digital signature will be valid for both.
For other applications, like replacing a signed document with another without being detected you're rigth -- that would only work if one could easily find a document with a given hash.
It helps not at all if my bank is a Norwegian IDN-site and I get phished with some IDN-site. Both look identical in the adress-bar, both have the idn-yellow-background on the status-bar. How am I supposed to know which one is which.
Oh, and making them red and flashing, that'll go over real well with those of us that do *not* live in englisch-speaking countries (i.e. most of us)
The turbines used in a typical modern hydroelectric powerplant already produces at 80-90% efficiency. Sure, you can play for those last 10% or so, but it's a game of diminishing returns. Ever more investments bring ever smaller benefits.
"impact" really mostly means dams. All the rest of most norwegian hydroelectri plants is typically literally inside a mountain. All you see is a dam somewhere (sometimes not even that), a sea with more fluctuating water-level than is natural, and somewhere powerlines coming out of a mountain. Additionally the rivers that used to carry the water gets less water as the water used by the powerplant runs in pipes.
That said, hydroelectric is also *very* well-tested mature technology, wind and solar less so.
Norway, for example, have produced like 98% of the electricity needed (including the humongous amounts needed for large aluminium-plants) by hydroelectric since a century. That should count as well-tested I think.
Different areas have different possibilities for different energies. Where there are large amounts of water (i.e. rain) falling in mountains, there'll be large amounts of hydroelectric power to earn with relatively modest negative consequences.
Some places there's a lot of wind, and some places there's a *lot* of area and a lot of sun. Those places I think we should use it. Basically the only thing stopping us is that currently solar and wind is more expensive than burning fossil fuels. hydroelectric on the other hand is a lot *cheaper* than the alternatives on good locations.
Over this time period, the market segment "Mom who play games" is showing 200% growth. The segment "Slashdotters who play games" only showed 10% growth.
Where'd you learn that math ? Growing from 1 to 2 is 100% growth, not 200%. The formula is: change/old_value * 100
If this new proposed law goes trough in Norway as proposed, it'll then be equally illegal here.
So: Worst case the law in norway, on this field, gets equally perverse as it's already been for years in the USA.
Infact it's worse than that. It seems that a certain type of American will rise this exact argument every time anyone says *anything* in defence of the environment.
It's bullshit.
There's no reason living in a modern house means you have to accept science being manipulated for political ends.
There's even no reason you can't live comfortably *and* environmentally conscious. It's not a black or white situation. I realise that for some people it is very hard to see the world in something more than binary, but the world really ain't like that.
Either you go live in the stone-age, or you loose the rigth to critisize *anything* that hurts the environment really ain't a reasonable position.
Aside from that trees aren't generally being cut down faster than they grow back. Yes this is true for some types of trees, and true for some regions. And that is in some cases a problem. But in no way is it generally true.
In Norway where I come from the amount of standing forest has increased by 80% the last century. Largely because today most power (most as in 98%) is produced by hydroelectric powerplants rather than like earlier by burning wood in inefficient ovens.
Also, the house my father now has is both *enormously* more comfortable, and at the same time uses a lot *less* energy than the house my grandparents live in (built in 1935).
This ain't special.
Yes there are examples of situations where the environment and your comfort are in conflict. But there are also tons of examples of situations where it's both possible and realistic to improve the situation for the environment and at the same time improve your comfort.
This "Caring for the environment means you gotta suffer" ranting seems to me to be intended to do nothing more than pacify Americans. I think the more clever of them are seeing trough it though.
My father experienced something similar when he was in the military. He was posted as a guard at some exersize, and the stated rule was that only people knowing the code-word and presenting valid id should be allowed to enter.
So, it is late and this major shows up. "Stop", my father says, "Name and ID please." The major complies. "Code-word ?"
Offcourse the major didn't know it. He was bringing new instructions for next days exersize. He also was short of temper and started to shout around before proceeding to ignore my father, wanting to climb the gate and enter the camp anyway.
My father yelled "Stop, or I'll shoot." (as per instructions) and stepped on the button for silent alarm, then, three seconds later as the major still wouldn't stop his advance, he shot over the majors head, repeated the order to stop and sounded the loud alarm.
Rurned out the major really *was* bringing the orders for next day. He was also genuinely pissed that my father wouldn't accept this, seeing as he had presented valid id and all. My father was sure he was in real trouble now.
Turned out not to be the case. Instead the commanding officer asked him why he didn't shoot the major. "That, Sir, was the next step on my list." my father replied. Needless to say my father was totally in the clear and instead the major was the one in somewhat deep shit.
In the oposite direction children sometimes die in fires because they do not know that if it's burning, and you can't get out you're freaking *allowed* to break the windows by say throwing a chair trough them.
The judge can very well be unbiased about SCO and still state -- about the issue at hand -- that SCO has failed to provide any evidence whatsoever.
Without a doubt there are situations (allthough probably more and more seldom) where ligthhouses are beneficial. But the disadvantages of other navigation mentioned in the article pretty much all hit ligthhouses just as much, or even more. For example:
Wrong.
The person calling (and paying) typically has the choise between multiple different providers. He chooses one of them as the "default" and accesses any of the other ones by using a prefix.
So, for example I use 01013 as a default prefix, which means that if I pick up the phone and dial a mobile phone I'll pay what they charge pro minute. Mostly I'll manually dial 01071+number when dialing a mobile phone since they're cheaper on that though.
I don't have to do this manually, there's "least cost routers" available that you install between the phone and the landline that will automatically dial the prefix that is cheapest for the number you want to reach.
When I said file I meant it in the traditional sense: A file is a sequence of bytes, optionally with one or more associated names.
With this definition a protocol is not a file. Because a protocol does not consist only of a collection of bytes. In addition a protocol needs as a minimum information about *who* said what.
Yes, any message can be considered a file. But a protocol is something more than a message -- it's a *sequence* of messages between atleast two different parties. Each message in a protocol frequently cannot really be documented on its own -- the meaning depend on earlier messages. A mp3-file "means" the same regardless of which files was sent before it or after it. It's standalone.
Anyway I'm not trying to argue that my definition of "file" is better than yours. I do think it's more *common* but that's not important. Important is only that you make it clear what you mean when you use a word in a way that migth be misunderstood.
By the way a file-system, /dev/hda1, /etc/hosts, and /tmp/ksocket-ekj/kdeinit-:0 are all files according to either definition. All are sequences of bytes. (sometimes with zero or infinite length, but that's ok.)
Your point about patents is a good one. Indeed an Open License won't protect you against this. Nor can it. The problem is that copyrigth only applies to people who've contributed to the product. So if all of them have agreed to have their contribution distributed under say the GPL, then in the context of copyrigth the work is under GPL.
Patents are different. Me and you can write a program together, and both agree to put it under for example the GPL. This is still no protection at all against the possibility that some company that has never contributed a single character to our code will come and claim (possibly correctly) that our code infringes their patent. Nor is there *anything* we could put in our license to protect us against this possibility.
At best we could put in a perpetual, mutual, world-wide, non-revokable rigth for anyone to royalty-free use any patents *we* have that migth cover stuff in the program. This migth indeed be a good idea, but it'd still protect us not at all against patents held by *others*.
Patents and openness is also really two different things, and I'm not convinced that mixing them together is a good thing for our cause. Yes, for a software-project to be really free we need *both* openness *and* freedom from patents.
Unfortunately there's presently not a single program on the face of the planet that has any guarantees against the latter, nor can there be with the current set of laws. There is however rather a lot of programs that are open.
For example, a anonymous id-card would be very useful. They could sell them in any kiosk. All it does is allow you to identify as the holder of a certain card.
This is useful to build up trustworthy pseudonyms. People don't know who you are (unelss you tell them), but they *do* know that you are the same person who wrote software X. Or that you are the same person who bougth product Y from me one month ago, or even just that you're the same person I chatted with last week.
Additional information could be added to pseudonyms at will by having that information signed by some trusted (non-anonymous) entity.
For example, your bank could offer to digitally sign a statement that "Holder of pseudonym X is more than 18 years old." Or any other statement you could find useful.
Your privacy would be protected because you yourself would choose which info you provide along with your pseudonym. For some services perhaps nothing, for others your age.
I know the unix paradigm of "everything is a file", but there is still a real and significant difference between a letter and a conversation. The significant difference is that in a conversation there is more than one part taking part, and conversation is two-way.
I agree with you that talking to the kernel to have it read files for you is an example of something that requires a protocol. You make a request in a certain way, and you get a response in a certain way.
Yes, you can play with words all you like. But in the real world, when someone says they'd like to see the specification for a file-format, what they actually mean is very probably that they'd like to know the correct interpretation of one certain byte-sequence.
"protocol" and "file" are two different words, for a reason. By insisting that they both (aswell as "API" mean the exact same thing, you contribute nothing but lessening the usefulness of all words.
A word that means everything also means nothing. Distinction is as important as generalisation.
Software interacts basically one of two different ways.
Either in that one piece of software saves a file, and another piece of software reads that file.
Or in that one piece of software directly talks to another piece of software, using some protocol.
If all file-formats and all protocols where open, a lot would be won.
There's a difference between a picture of a person, and a picture where some person is visible and recognizable.
Yes, like often in law the borders are fuzzy, but basically the interesting distinction is if the person him/herself is the motive, or if the motive is something else and the person only happens to be in the picture-frame.
Basically, ask yourself if this picture would still be an interesting motive *without* the person. If the answer is "yes", then that's a reasonably strong indication that the picture can be used without consent of the person. If the answer is "no" you probably need permission.
There's some exceptions to this, for example if you take a picture of Clinton and Monica, you can use it comercially without asking them, even though the picture really is about them, and not about some other motive where they're only accidentally in the frame.
For example, if someone where to hack their camera and somehow extract the secret key (yes they're trying to make this "hard" but "hard" ain't the same as "impossible") then that person could himself sign any file whatsoever as "authentic".
The trust is *only* as deep as the trust in the fact that a) the camera contains the only copy of the secret key b) the digital signature scheme has not been broken and c) the camera operates correctly.
Okay, so it's better than nothing. But a guarantee it's certainly not.
Then there's compensation for the suffering of being imprisoned. i.e. the fact that being in prison is less desireable than being a free person, even if you get the same cash for it.
A person wrongfully imprisoned in the UK gets compensated for this from the state. Yeah, he gets compensated a tiny bit less than he would be if he'd had to buy his own food in jail. If "the compensation is smaller than it'd otherwise be" is what you mean by "pay" then I guess he does pay for being in prison.
But that's a bit like saying if I get paid a bit less from my employer because I have free lunch at work (i.e. the value of the lunch is subtracted from my salary) then I *pay* to work for my employer. The situation really is quite parallell. I get compensation for being at work. This compensation is a bit smaller because I also had a benefit at work (i.e. food). Similarily you get compensated for being wrongfully imprisoned, said compensation gets a bit smaller because you also had benefits in prison (i.e. food)
He doesn't pay for being imprisoned -- on the contrary he *gets* paid for being wrongfully imprisoned. He does however pay for food.
If you are wrongfully jailed you'll get compensation. BUT they'll subtract "housing and food", i.e. the value of the bed and the food in prison from your compensation. Which lead some journalists to report that you're supposed to "pay for jail".
Better would be a sysytem where (for example) every new created work automatically gets 5 years of copyrigth-protection, which can then be renewed for say $100 for another 5 years.
And here's the catch: You can do this infinitely, but each time you renew, the price doubles. So, keeping something under copyrigth for 20 years would cost you 100+200+400 = 700 which any work of comersial value should be able to afford.
Still, the public would be ensured that the works eventually become available, and that in the meantime the copyrigth-holders actually pay for the *priviledge* of having the state enforce their monopoly.
At the 10th renewal (55 years) the cost would be $100.000 which means that many works would no longer be profitable to keep under wraps. At the 20th renewal (105 years) you'd have to put $100 million on the table to keep it locked up for another five years, I doubt that'd be profitable for many works.
This would also solve the "rigth-holder can't be found, and our last copy is deteriating rapidly!" problem.
This would make it possible to test how various drugs influence human brain-cells.