No, I can call it theft anyway. Irrespective of the rather warped views people have, the courts would also call it theft. True, a lot of shareware gets marketed by word of mouth. And?
If you can't afford a program, or don't think it's worth the price *Don't Use It*. Don't steal it instead.
The commercial reality behind shareware is that a pitiful number of people are honest. The commercial idea behind it is that everyone is honest. If the practice were close to the theory, you'd see a lot more quality shareware and a lot less $30 10-minute VB apps.
If you want to give your software away free, fine - you won't see me stopping you. I also give some of the stuff I write away for free. But if I say I want payment for my software, and someone downloads it either with the specific intention of never paying for it, or downloads it and then uses it past the period they're allowed to evaluate it, that person is *stealing*.
There's no assumption from me that everyone who evaluates the software's going to want to buy it. I'm happy if 1% of the people buy. But I know for a fact that of the 99% of people who don't buy, there's a good 50% who are using the software, cracked, anyway. Those people are thieves. Hence my point. They're not any less of a thief because they wouldn't have paid if they couldn't get a crack.
As a shareware author, I can pretty safely assert that most people *are* thieves. I'm sorry that the occasional customer might find the 30 day timeout on my company's software annoying, but if it weren't there, even more people would just keep using the software without ever paying. We fairly often get support requests from people using cracked versions of our software - not directly relevant to the discussion, but an indicator of the kind of depths people will stoop to.
You don't have to be a US citizen to be issued a US patent. The only thing you might need to pay special attention to is the Oath/declaration, though since you clearly comprehend English, this shouldn't be too tricky.
a) they could fail just like those other companies, b) the services they provide (Red Carpet) could simply be found more valuable by the public than those of failed companies, c) they've already departed from the traditional "give away the software" business plan by selling the Exchange connector. I don't know if this was always in the plan, or a sign of trouble ahead d) They could simply implement the exact same plan better than other companies have. As far as I can make out, their cost structure's not exactly crippling - they employ a bunch of coders, but they're not out throwing million-dollar parties, sending free stuff to people, etc.
OK, this is three question marks, but I figure they go together in one answer:
What are your feelings regarding Miguel's stated preferences for future integration of Mono and Gnome? Since you're a major part of Ximian, does it automatically follow that you're in agreement?
How do you resolve the potential conflicts of interest over issues such as this one between your role at Ximian and your position with the Gnome foundation?
Half of cryptography is (and pretty much always has been) politics. d.net is, in my eyes, a political project. Sure, its political point was more trenchant at the time of RC5-56, but the escalating keyrate still makes a good point about the folly of limiting export key length now.
If your enemy is a major government and you don't have a very large budget yourself, you might as well give up now, IMHO. Not because I think they could factor 4096-bit RSA, but because I think they probably can get into your house without you knowing about it and tap your keyboard. The only time an attack like this wouldn't be called for is if the danger (to life, to diplomatic relations, whatever) of their being discovered is worth the money they'd have to spend on a more sophisticated attack.
Fortunately, most people's enemy (at least in the cryptographic sense we're on about here:-) isn't a major government. Unless you're planning on political overthrow of a G7 nation, the NSA doesn't really care what you write in your e-mails. Sure, there's the few Echelon stories about contracts won under dubious circumstances, but the important point is that this information was retrieved from unencrypted communications, via a near-zero-effort search.
I'm personally more than happy that 1024-bit RSA and 128-bit Blowfish (or 168/112 bit TripleDES) in an appropriate combination is enough to protect anything I'm doing against any of the possible enemies my actions are likely to throw up. The day I start trying to forment political revolution in one country or another, I'll look again at my crypto needs:-)
The NSA's the world's largest employer of mathematicians. Obviously, I've no clue what stage they're at, but I'd say it's not that improbable that they already knew about these optimisations and possibly even the next set of optimisations too.
Another handy side-effect is that it may make the cracks themselves more difficult. It doesn't apply to breaking RSA (which is just factoring), but many of the best attacks for symmetric ciphers rely on having known plaintext - a file header, or whatever. Since the plaintext in this case would in fact be (hopefully) random ciphertext, the attacker's got a lot less to work with.
There are disadvantages, of course - you don't know that the two algorithms together are secure, and when considered as a whole, the chances are that they're not more secure. You're relying to a certain extent on the attacker sticking to the rules and considering the supciphers as subciphers, instead of just trying to cryptanalyse the whole mess. The other difficulty is that the more layers you add, the more key material you need - at a certain point, you begin to have trouble getting enough truly random data.
I sell a commercial SSH client and dabble in cryptography as a hobby - so I guess I fall in to the first category. There are plenty of reasons to be interested in cryptography aside from the Ashcroft/FBI-mandated ones, though. My issue with the cancer stuff is that if these companies are going to make billions off some cure (and if they come up with a cure, they sure are), I'm of the opinion that *they* should be the ones putting the billions into the research, not costing my cycles/power. I wouldn't give my facilities away to any other commercial venture for free, why should the situation change because they want to make money off cancer patients?
If the distributed cancer network weren't there, and if it's really performing a genuinely useful job for the companies, you can be sure they'd be investing the $x million required to just buy a supercomputer or three to do it for them. So the only difference I see the cancer project making is that it's saving huge pharmaceutical firms a few million dollars. The world's cryptographers, most of whom are academics (ignoring the NSA-employed ones for a minute) don't have the millions of dollars to throw around if d.net wasn't there - neither do the mathematicians interested in the results of d.net's other project, Optimal Goulomb Rulers. As a result, I see d.net as making more of a difference than the cancer stuff.
All that said, those are my reasons for running d.net - you've got your own reasons, and it's your own choice.
d.net was around a long time before SETI@home - I've personally been running the client since 1997. SETI@home launched on May 13, 1999 (though they were fundraising and doing development for a couple of years before that).
I'm personally strongly interested in cryptography for various reasons, so d.net gets my processor time. I seem to recall various people have concerns about how exactly the cancer project will use the eventual data it collects - i.e. whether the products produced as a result of the project will be commercially exploited - they don't want companies just using this large distributed network to make a fast buck.
They were a rival. Not a particularly viable rival, nor an especially succesful one, but in one of their many incarnations, that was certainly the market they were aiming at.
If it were only hundreds, there'd be a chance your local (largish) computer store could stock them all. My problem is with the fact that between my cordless headphones, my Visor Prism, my VisorPhone, cordless mouse/keyboard, camera, and all of the laptops I use, there's not one single common battery (granted, both the camera and the keyboard use AA, but whereas the keyboard will take any old AA, the camera insists on having Fuji's AAs - it kills anything else in less than two pictures).
What's most interesting to me is not the lack of progress in battery technology - it's not Moore's law, but with NiCad, NiMH, LiIon and so forth, there's clearly progress. What interests me is the lack of standardisation in battery sizes. We've had AA (and AAA, and A, and so forth) forever. Why don't we see more standardisation for things like digital camera batteries, laptop batteries and so forth? I understand that there are a bunch of issues such as form factor and suitability for design, but wouldn't standard sizes and capabilities for batteries help everyone out?
There's the argument that the laptop makers (and so forth) would lose their revenue streams from replacement batteries, but they also wouldn't have to pay a premium on putting the things into the laptops in the first place, if we had newer battery standards which specified the characteristics of a set of 'standard' laptop batteries.
Perhaps I'm over-optimistic, but I'm certainly hoping that commoditisation eventually leads to not having to buy the 'special' AA rechargeables for my camera, or being able to walk into any computer store and get a new XX for my laptop...
Not really. You can dispute the chargeback, but it's then the credit card company's decision as to whether your dispute is succesful. Guess what they decide most of the time?
I imagine this sort of thing gets easier if you're Amazon-sized and in a position to sue them. When you're us-sized, we just get to treat the chargebacks as an additional cost forced on us by the credit card companies and their refusal to make the system more secure...
Not really - feel free to give out your credit card number. Your purchase is insured. If the recipient charges more than you agreed, doesn't deliver, etc., you just dispute the charge and get the money back. If your credit card provider is worth staying with, there'll be no trouble about this.
As an Internet merchant, I get the rough side of the coin - we regularly get people who register our software and turn out to be using stolen cards, or (after we've sent them the unretractible registration details) decide they don't want to pay. The credit card company just charges the money back off us. I'm convinced this is at least in part the reason that credit cards aren't yet more secure - there's basically very little incentive for the credit card companies to reduce the level of fraud, since the fraud doesn't hit them but the merchants.
Irrespective of the rights or wrongs of the proposal, or the relative merits of a democratic monarchy, the royal family's actually an excellent business proposition for the UK. Not only are the costs associated with the royal family astonishingly low (as a percentage of the national budget), but the amount of tourism generated by having all those palaces, and the resulting revenue, easily outweighs the costs.
Furthermore, since the crown estate now pays income tax, there's evidence that even when tourism is ignored, the royal family is actually profitable for the state. See this report for details.
I'm under more NDAs than you can shake a stick at, but there's definitely ongoing interest from this kind of company in producing more functional STBs. Many of them need to provide STBs anyway, so they're obviously interested in providing more functional STBs that can generate additional revenue streams.
Also, the US isn't the only market here. Europe's cable providers mostly aren't in much better shape, but the satellite business mostly still has money...
Further, there's opportunities not too far down the road for FTA (Free To Air) STBs, since several governments are keen on the idea of moving over completely to digital, thereby freeing the juicy analog frequencies for sale to wireless ops.
Amigas never had, and still don't have, protected memory. Several parts of the OS actually depend on this fact. There were a few things that tried to simulate the effect, but none of them were standard.
With a 566MHz Celeron and that amount of RAM (64Mb), they won't reach the price point which would lead to mass-market uptake. There's also way too many connectors, etc., etc.
Having worked on a set-top box project, the prime goal seems to be cost-reduction on a per-unit basis. Various developments are in the pipeline which will enable PVR/MPEG/DVD/DVB boxes to be made at a cost point where cable and sat providers can afford to subsidise them to a zero cost. This is where the market lies for these things, and the first company to succesfully bring such a box to market will be the one who wins the big share of that market.
We've been hearing about STBs for a long time. Projects like these, with or without Amiga software, are the reason we hear a lot and see nothing.
Amiga have been claiming to have deals with STB manufacturers for a long time now. Aside from press releases and cryptic mails from Fleecy Moss, I've never seen anything solid come from any of these.
Pretty much every worthwhile TV produced since about 1994 can do both NTSC and PAL. Even crappy 15" things are doing this now. People don't realise that this is a problem because for most people, it isn't.
I don't contend that the point itself was trolling, but your phrasing could certainly have been way more diplomatic. Throwing stuff about/dev/null and freshmeat into the post turns it, in my mind, from a decent point about a way to make things better for everyone into something that's a decent point made in a deliberately inflammatory way. I guess it depends on your definition of trolling.
Slashdot Mirror
In what way is it not stealing? I borrow your lawnmower for 30 days. After 30 days, I decide to just keep it. Have I stolen your lawnmower?
No, I can call it theft anyway. Irrespective of the rather warped views people have, the courts would also call it theft. True, a lot of shareware gets marketed by word of mouth. And?
If you can't afford a program, or don't think it's worth the price *Don't Use It*. Don't steal it instead.
The commercial reality behind shareware is that a pitiful number of people are honest. The commercial idea behind it is that everyone is honest. If the practice were close to the theory, you'd see a lot more quality shareware and a lot less $30 10-minute VB apps.
If you want to give your software away free, fine - you won't see me stopping you. I also give some of the stuff I write away for free. But if I say I want payment for my software, and someone downloads it either with the specific intention of never paying for it, or downloads it and then uses it past the period they're allowed to evaluate it, that person is *stealing*.
There's no assumption from me that everyone who evaluates the software's going to want to buy it. I'm happy if 1% of the people buy. But I know for a fact that of the 99% of people who don't buy, there's a good 50% who are using the software, cracked, anyway. Those people are thieves. Hence my point. They're not any less of a thief because they wouldn't have paid if they couldn't get a crack.
As a shareware author, I can pretty safely assert that most people *are* thieves. I'm sorry that the occasional customer might find the 30 day timeout on my company's software annoying, but if it weren't there, even more people would just keep using the software without ever paying. We fairly often get support requests from people using cracked versions of our software - not directly relevant to the discussion, but an indicator of the kind of depths people will stoop to.
You don't have to be a US citizen to be issued a US patent. The only thing you might need to pay special attention to is the Oath/declaration, though since you clearly comprehend English, this shouldn't be too tricky.
You're assuming it *is* different :-)
I'm not trolling -
a) they could fail just like those other companies,
b) the services they provide (Red Carpet) could simply be found more valuable by the public than those of failed companies,
c) they've already departed from the traditional "give away the software" business plan by selling the Exchange connector. I don't know if this was always in the plan, or a sign of trouble ahead
d) They could simply implement the exact same plan better than other companies have. As far as I can make out, their cost structure's not exactly crippling - they employ a bunch of coders, but they're not out throwing million-dollar parties, sending free stuff to people, etc.
OK, this is three question marks, but I figure they go together in one answer:
What are your feelings regarding Miguel's stated preferences for future integration of Mono and Gnome? Since you're a major part of Ximian, does it automatically follow that you're in agreement?
How do you resolve the potential conflicts of interest over issues such as this one between your role at Ximian and your position with the Gnome foundation?
Half of cryptography is (and pretty much always has been) politics. d.net is, in my eyes, a political project. Sure, its political point was more trenchant at the time of RC5-56, but the escalating keyrate still makes a good point about the folly of limiting export key length now.
If your enemy is a major government and you don't have a very large budget yourself, you might as well give up now, IMHO. Not because I think they could factor 4096-bit RSA, but because I think they probably can get into your house without you knowing about it and tap your keyboard. The only time an attack like this wouldn't be called for is if the danger (to life, to diplomatic relations, whatever) of their being discovered is worth the money they'd have to spend on a more sophisticated attack.
:-) isn't a major government. Unless you're planning on political overthrow of a G7 nation, the NSA doesn't really care what you write in your e-mails. Sure, there's the few Echelon stories about contracts won under dubious circumstances, but the important point is that this information was retrieved from unencrypted communications, via a near-zero-effort search.
:-)
Fortunately, most people's enemy (at least in the cryptographic sense we're on about here
I'm personally more than happy that 1024-bit RSA and 128-bit Blowfish (or 168/112 bit TripleDES) in an appropriate combination is enough to protect anything I'm doing against any of the possible enemies my actions are likely to throw up. The day I start trying to forment political revolution in one country or another, I'll look again at my crypto needs
The NSA's the world's largest employer of mathematicians. Obviously, I've no clue what stage they're at, but I'd say it's not that improbable that they already knew about these optimisations and possibly even the next set of optimisations too.
Another handy side-effect is that it may make the cracks themselves more difficult. It doesn't apply to breaking RSA (which is just factoring), but many of the best attacks for symmetric ciphers rely on having known plaintext - a file header, or whatever. Since the plaintext in this case would in fact be (hopefully) random ciphertext, the attacker's got a lot less to work with.
There are disadvantages, of course - you don't know that the two algorithms together are secure, and when considered as a whole, the chances are that they're not more secure. You're relying to a certain extent on the attacker sticking to the rules and considering the supciphers as subciphers, instead of just trying to cryptanalyse the whole mess. The other difficulty is that the more layers you add, the more key material you need - at a certain point, you begin to have trouble getting enough truly random data.
I sell a commercial SSH client and dabble in cryptography as a hobby - so I guess I fall in to the first category. There are plenty of reasons to be interested in cryptography aside from the Ashcroft/FBI-mandated ones, though. My issue with the cancer stuff is that if these companies are going to make billions off some cure (and if they come up with a cure, they sure are), I'm of the opinion that *they* should be the ones putting the billions into the research, not costing my cycles/power. I wouldn't give my facilities away to any other commercial venture for free, why should the situation change because they want to make money off cancer patients?
If the distributed cancer network weren't there, and if it's really performing a genuinely useful job for the companies, you can be sure they'd be investing the $x million required to just buy a supercomputer or three to do it for them. So the only difference I see the cancer project making is that it's saving huge pharmaceutical firms a few million dollars. The world's cryptographers, most of whom are academics (ignoring the NSA-employed ones for a minute) don't have the millions of dollars to throw around if d.net wasn't there - neither do the mathematicians interested in the results of d.net's other project, Optimal Goulomb Rulers. As a result, I see d.net as making more of a difference than the cancer stuff.
All that said, those are my reasons for running d.net - you've got your own reasons, and it's your own choice.
You're wrong, so I'll correct you :-)
d.net was around a long time before SETI@home - I've personally been running the client since 1997. SETI@home launched on May 13, 1999 (though they were fundraising and doing development for a couple of years before that).
I'm personally strongly interested in cryptography for various reasons, so d.net gets my processor time. I seem to recall various people have concerns about how exactly the cancer project will use the eventual data it collects - i.e. whether the products produced as a result of the project will be commercially exploited - they don't want companies just using this large distributed network to make a fast buck.
They were a rival. Not a particularly viable rival, nor an especially succesful one, but in one of their many incarnations, that was certainly the market they were aiming at.
If it were only hundreds, there'd be a chance your local (largish) computer store could stock them all. My problem is with the fact that between my cordless headphones, my Visor Prism, my VisorPhone, cordless mouse/keyboard, camera, and all of the laptops I use, there's not one single common battery (granted, both the camera and the keyboard use AA, but whereas the keyboard will take any old AA, the camera insists on having Fuji's AAs - it kills anything else in less than two pictures).
What's most interesting to me is not the lack of progress in battery technology - it's not Moore's law, but with NiCad, NiMH, LiIon and so forth, there's clearly progress. What interests me is the lack of standardisation in battery sizes. We've had AA (and AAA, and A, and so forth) forever. Why don't we see more standardisation for things like digital camera batteries, laptop batteries and so forth? I understand that there are a bunch of issues such as form factor and suitability for design, but wouldn't standard sizes and capabilities for batteries help everyone out?
There's the argument that the laptop makers (and so forth) would lose their revenue streams from replacement batteries, but they also wouldn't have to pay a premium on putting the things into the laptops in the first place, if we had newer battery standards which specified the characteristics of a set of 'standard' laptop batteries.
Perhaps I'm over-optimistic, but I'm certainly hoping that commoditisation eventually leads to not having to buy the 'special' AA rechargeables for my camera, or being able to walk into any computer store and get a new XX for my laptop...
Not really. You can dispute the chargeback, but it's then the credit card company's decision as to whether your dispute is succesful. Guess what they decide most of the time?
I imagine this sort of thing gets easier if you're Amazon-sized and in a position to sue them. When you're us-sized, we just get to treat the chargebacks as an additional cost forced on us by the credit card companies and their refusal to make the system more secure...
Not really - feel free to give out your credit card number. Your purchase is insured. If the recipient charges more than you agreed, doesn't deliver, etc., you just dispute the charge and get the money back. If your credit card provider is worth staying with, there'll be no trouble about this.
As an Internet merchant, I get the rough side of the coin - we regularly get people who register our software and turn out to be using stolen cards, or (after we've sent them the unretractible registration details) decide they don't want to pay. The credit card company just charges the money back off us. I'm convinced this is at least in part the reason that credit cards aren't yet more secure - there's basically very little incentive for the credit card companies to reduce the level of fraud, since the fraud doesn't hit them but the merchants.
Irrespective of the rights or wrongs of the proposal, or the relative merits of a democratic monarchy, the royal family's actually an excellent business proposition for the UK. Not only are the costs associated with the royal family astonishingly low (as a percentage of the national budget), but the amount of tourism generated by having all those palaces, and the resulting revenue, easily outweighs the costs.
Furthermore, since the crown estate now pays income tax, there's evidence that even when tourism is ignored, the royal family is actually profitable for the state. See this report for details.
I'm under more NDAs than you can shake a stick at, but there's definitely ongoing interest from this kind of company in producing more functional STBs. Many of them need to provide STBs anyway, so they're obviously interested in providing more functional STBs that can generate additional revenue streams.
Also, the US isn't the only market here. Europe's cable providers mostly aren't in much better shape, but the satellite business mostly still has money...
Further, there's opportunities not too far down the road for FTA (Free To Air) STBs, since several governments are keen on the idea of moving over completely to digital, thereby freeing the juicy analog frequencies for sale to wireless ops.
Amigas never had, and still don't have, protected memory. Several parts of the OS actually depend on this fact. There were a few things that tried to simulate the effect, but none of them were standard.
With a 566MHz Celeron and that amount of RAM (64Mb), they won't reach the price point which would lead to mass-market uptake. There's also way too many connectors, etc., etc.
Having worked on a set-top box project, the prime goal seems to be cost-reduction on a per-unit basis. Various developments are in the pipeline which will enable PVR/MPEG/DVD/DVB boxes to be made at a cost point where cable and sat providers can afford to subsidise them to a zero cost. This is where the market lies for these things, and the first company to succesfully bring such a box to market will be the one who wins the big share of that market.
We've been hearing about STBs for a long time. Projects like these, with or without Amiga software, are the reason we hear a lot and see nothing.
Amiga have been claiming to have deals with STB manufacturers for a long time now. Aside from press releases and cryptic mails from Fleecy Moss, I've never seen anything solid come from any of these.
Pretty much every worthwhile TV produced since about 1994 can do both NTSC and PAL. Even crappy 15" things are doing this now. People don't realise that this is a problem because for most people, it isn't.
I don't contend that the point itself was trolling, but your phrasing could certainly have been way more diplomatic. Throwing stuff about /dev/null and freshmeat into the post turns it, in my mind, from a decent point about a way to make things better for everyone into something that's a decent point made in a deliberately inflammatory way. I guess it depends on your definition of trolling.
While the guy's clearly trolling, I actually think this is a fine idea. If nothing else, it'd get rid of the crowd of trolls on every kernel story.