My point is that I'm sure lots of people find this practice unfair... Which it isn't, if you believe in the value of a free market economy. That's all...
I don't know why this notion is so unappealing to some people (and I agree that it is, and that Coke will probably not get away with it here). I mean, this is what we Americans believe we stand for... Pure, unadulterated capitalism.
Just goes to show you that what we call a free market economy is anything but.
Okay, so what if I post frequently on all the Perl newsgroups and constantly refer to "Learning Perl" as "Perl for Dummies"? This is legitimate trademark dilution. IDG would have every right to ask me to stop, and if I didn't they would certainly sue me.
Furthermore, they SHOULD sue me. If I get everyone referring to "Learning Perl" as "Perl for Dummies", brand recognition is damaged and IDG has wasted quite a few marketing dollars. There's a reason why companies spend huge sums of money on advertising just to get us to remember things like names and logos.
The first amendment has nothing to do with it. Plenty of kinds of speech are not protected by the first amendment. If you don't believe me, go into an airport and yell "I'VE GOT A BOMB!" Then, when they arrest you, argue that you were just exercising your first amendment rights and see if they let you go.
By the way, in case you think otherwise companies care deeply about what is said on newsgroups, as well they should.
Not really. Have you noticed that lots of frisbees don't say "Frisbee" on them? This is because Frisbee is a registered trademark. Yet people call all flying discs frisbees (you'll notice that the phrase "flying discs" sounds stupid, which just proves my point), and the name Frisbee is no longer capable of causing brand association.
Any effort Wham-O put into marketing the Frisbee is lost. Now they probably don't sell many, since so many other companies sell competing products and nobody differentiates them based on brand.
First of all, we're talking about trademark law. Trademarks and copyrights are very different things.
Second, claiming first amendment protection will get you nowhere in a trademark infringement suit. If it did trademarks would be totally unenforceable.
I have no problem with buying a preconfigured system from Dell. I usually appreciate the fact that they've worked out some of the odder hardware incompatibilities.
But I'd REALLY like to see the companies that sell bottom of the line machines provide the option of buying without an OS installed... My company buys these machines, and when we get a new one the process is:
1) Reinstall bits of the hardware (e.g. CPU) CORRECTLY. 2) Repartition the hard disk in a rational manner. 3) Install your OS of choice and take the time to make sure it ACTUALLY WORKS.
Even if you want to run Windoze, you're usually better off doing it yourself than trusting some of these losers.
From a bulletin I received on Tuesday the 26th from the EFF:
With the stated goal of preventing trademark infringement and dilution in the Internet domain name space, the misguided "Trademark Cyberpiracy Prevention Act" the would make domain name holders legally liable in civil actions brought by trademark holders sharing the same name or one that is "confusingly similar."
This bill undermines fair use and First Amendment freedoms in granting all trademark holders new rights greatly in excess of those already granted by existing trademark law. TCPA's provisions would enable bad-acting trademark holders to sue satirists and critics into silence.
The legislation is an assault on anonymous speech; it effectively forces domain name holders to give up their privacy or have an increased likelihood of liability (and for no real reason, since there isn't any connection between anonymous use of the Internet and trademark violations).
The bill will have a chilling effect on free expression because it effectively encourages registrars to reject the registration of any domain name that they believe has a remote possibility of being infringing.
The TCPA bill also sets up a system whereby US-based companies would be able to take away domain names - without notice - from foreign companies and individuals who can't afford to travel to the US to defend themselves (assuming they even know about the action against them at all.)
Attacked domain name holders would have to file their own lawsuits to prove their innocence, and do not even have affirmative defenses to assert when sued, only factors for optional court consideration. Domain name holders must not be treated guilty until proven innocent.
Months' worth of international cooperation could be undermined in the Internet Corporation for Assigned Names and Numbers (ICANN), working to come to a balanced consensus on intellectual property, domain names and individual rights. Congress should not be second-guessing the Commerce Dept. (which is overseeing transition to the new administration of the Domain Naming System), nor suddenly wading into a highly contentious area of global technology policy.
Yeah, 11 sites, none of them prominent, which all show up as NT. He (or they) probably ran the same script on all of them and exploited the same hole. How does this imply that he knows what he's doing?
Sounds like it lost physical link and died
on
PalmOS 3.3 Released
·
· Score: 2
That sounds like the message I've seen when the physical connection is bad and a data transfer fails unexpectedly.
I'm not surprised it died if it lost its connection while updating the flash. This is always dangerous, especially if done remotely (e.g. over the cradle link). I assume they had to do it this way - if they could have transferred the whole firmware image to local memory and flashed from there it would have been much safer... Maybe the image is too large.
Re:Have they fixed the date problem yet?
on
PalmOS 3.3 Released
·
· Score: 1
I haven't seen this problem with my Palm V. Maybe I have a more recent version of the firmware... If this is the case you can probably expect 3.3 to fix your problem. (In other words, I'd try the upgrade if I were you)
Surely this hasn't been happening to my Palm V without my notice... I do use it for something other than games occasionally...;-)
I've upgraded my Palm V and now it doesn't know how to turn itself off (by physical button or the power off icon in LauncherIII) while the Hackmaster PalmVFix is active.
If you see this problem turn off this hack and you should be back to normal. (Maybe HackMaster needs to be updated?)
Linux is certainly NOT Unix. What do you think GNU stands for? Linux was created because people wanted an alternative to Unix. (What Unix actually IS today is somewhat muddy - I believe the only legitimate descendant of Unix is BSD, but I could be wrong).
The author of the posted article is correct and brings up a valid point. While Linux is gaining market share it is gaining it partially at the expense of true Unix OSes. This is true in my experience - lots of people who are already using Unix at their workstations are switching to Linux for various reasons. Fewer people are switching from Windoze (so far - not to say it won't happen).
It seems to me the approach is to dump the nuances of individual languages. The website describes a process whereby you type a message and watch a realtime native->universal->native translation. If it the result doesn't match the input you've used something that doesn't translate and you need to replace it with something that does.
It's far from a true universal translation system, but I think it could be very useful in conveying simple information. I wouldn't attempt to distribute poetry this way but for lots of documents it would probably be understandable.
"Electricity is both inexpensive and environmentally safe"
Is it really more environmentally sound than burning rocket fuel? Isn't a lot of electricity still produced by burning coal? Seems to me we're far from having "environmentally safe" electricity.
I don't debate the value of the technique - any reduction in weight is incredibly helpful during such a launch. I just don't like the fact that this guy's claiming environmental superiority. Sure, there's less pollution at the launch site, but there's still pollution at the plant...
The fact that the spiffy little lock icon isn't locked doesn't mean the submission is insecure. It means the FORM ITSELF was downloaded in the clear.
Look at the source. The form submits to an https address. Which means the data you enter is encrypted via SSL when it is sent.
I'm not sure why so many people use forms that submit securely but are not retrieved securely. If it can confuse slashdotters (as it has more than once) it's bound to confuse the average moron...
Of course, you're right about the password. The problem is that if they did it correctly (using actual keypairs and certificates) it would take too long and your keys wouldn't automatically be usable from any browser as they are now. As is you can use your Passport account from anywhere - set top box, Palm VII, cafe terminal, whatever.
Consumers don't want security. They want convenience and the ILLUSION of security.
According to this comment, which should really be moderated UP...
The credit card numbers stay on Microsoft's server. Store gets a charge authorization from Passport via secure challenge/response and BILLS MICROSOFT. Microsoft then bills you, having never given your credit card number to ANYBODY, even encrypted.
It's a great idea. But I'll never use it - as I've said before, I trust the protocol entirely, I just don't trust Microsoft to keep a server full of credit card numbers away from the script kiddies.
The poster said there's a cryptographic challenge/response. This means that through the magic of public key cryptography one party can authenticate itself to the other in a non-spoofable way. It doesn't matter if you see the transaction - you can't fake one yourself or replay it to cause a second transaction to go through. It's not just another number - it's a secure communication.
Microsoft is smart enough to get the basic protocol right. I have no doubt that they've thought this part through. What worries me is that hordes of script kiddies will scrutinize this newly created gold mine and eventually find something to exploit (as with Hotmail).
It would also be nice if you could guess a business' phone number from its name. This is obviously impractical - there are way too many businesses with phones for this to work.
Similarly, it may not be long before there are way too many businesses with web pages for their names to be guessable. It works now to some degree but there are already problems. I wanted some information on Pioneer DVD players the other day, so I went to www.pioneer.com and got a website for a business with no relation to Pioneer electronics but with just as much right to the domain name. Many domain names are guessable only because a large corporation took ownership of the domain from a legitimate owner by blatant extortion.
In my opinion people are going to have to give up the idea of guessable URLs very soon.
The point of this site is to share and discuss news. Obviously the posters should attempt to avoid things that their viewers are likely to have seen already.
However, the number of "old news" comments in this discussion is unreal. ONE or TWO would suffice. It seems in this case people get some sort of pathetic ego boost from stating that yes, they too saw the item in question somewhere else first.
If you've already seen an article, read something else. Don't tell us you've already seen it. The rest of us probably don't care.
I too have NT on hda1 and I get exactly the same behavior. Installer can't mount hda1, hangs.
If anyone figures out this problem (LOTS of other people must have it...) or sees a RedHat fix I'd appreciate a post here. I can't believe they didn't try to upgrade a dual boot system...:-(
(Sorry, I hate "me too" posts, but I figure somebody here will have an answer...)
I saw this on Freshmeat and found it very interesting.
As a pseudo-newbie I'd really appreciate it if somebody who installs this on a Red Hat system provides a report... How to do it, how difficult it is, how useful it is, etc...
I assume SOMEBODY's going to rush right out and set this up...:-)
There's a serious security issue here but I don't think it's the one you're describing.
The chip obviously needs to have access to your private keys. This means we have no proof that it isn't burning every private key it sees into flash memory for future recovery. You might be better off using an open source crypto implementation you can investigate with a processor that doesn't really know which bits of data are keys (your CPU).
However, the problem of unique chip identification seems to me to be a non-issue... What makes you think the chip will use factory hardcoded keys? Don't you think it's more likely that it will use user supplied keys issued by public certificate authorities like everything else does (except PGP, which doesn't use CAs but still doesn't use hardcoded keys)?
Slashdot Mirror
lowry, tuttle, buttle, layton, lint
I love it. Users will of course confuse Tuttle and Buttle... Oh, the irony.
Sure. The welfare system, graduated income tax, farm subsidies, defense contracts, import tariffs...
:-)
My point is that I'm sure lots of people find this practice unfair... Which it isn't, if you believe in the value of a free market economy. That's all...
I don't know why this notion is so unappealing to some people (and I agree that it is, and that Coke will probably not get away with it here). I mean, this is what we Americans believe we stand for... Pure, unadulterated capitalism.
Just goes to show you that what we call a free market economy is anything but.
Okay, so what if I post frequently on all the Perl newsgroups and constantly refer to "Learning Perl" as "Perl for Dummies"? This is legitimate trademark dilution. IDG would have every right to ask me to stop, and if I didn't they would certainly sue me.
Furthermore, they SHOULD sue me. If I get everyone referring to "Learning Perl" as "Perl for Dummies", brand recognition is damaged and IDG has wasted quite a few marketing dollars. There's a reason why companies spend huge sums of money on advertising just to get us to remember things like names and logos.
The first amendment has nothing to do with it. Plenty of kinds of speech are not protected by the first amendment. If you don't believe me, go into an airport and yell "I'VE GOT A BOMB!" Then, when they arrest you, argue that you were just exercising your first amendment rights and see if they let you go.
By the way, in case you think otherwise companies care deeply about what is said on newsgroups, as well they should.
Not really. Have you noticed that lots of frisbees don't say "Frisbee" on them? This is because Frisbee is a registered trademark. Yet people call all flying discs frisbees (you'll notice that the phrase "flying discs" sounds stupid, which just proves my point), and the name Frisbee is no longer capable of causing brand association.
Any effort Wham-O put into marketing the Frisbee is lost. Now they probably don't sell many, since so many other companies sell competing products and nobody differentiates them based on brand.
First of all, we're talking about trademark law. Trademarks and copyrights are very different things.
Second, claiming first amendment protection will get you nowhere in a trademark infringement suit. If it did trademarks would be totally unenforceable.
I have no problem with buying a preconfigured system from Dell. I usually appreciate the fact that they've worked out some of the odder hardware incompatibilities.
But I'd REALLY like to see the companies that sell bottom of the line machines provide the option of buying without an OS installed... My company buys these machines, and when we get a new one the process is:
1) Reinstall bits of the hardware (e.g. CPU) CORRECTLY.
2) Repartition the hard disk in a rational manner.
3) Install your OS of choice and take the time to make sure it ACTUALLY WORKS.
Even if you want to run Windoze, you're usually better off doing it yourself than trusting some of these losers.
From a bulletin I received on Tuesday the 26th from the EFF:
With the stated goal of preventing trademark infringement and dilution
in the Internet domain name space, the misguided "Trademark
Cyberpiracy Prevention Act" the would make domain name holders legally
liable in civil actions brought by trademark holders sharing the same
name or one that is "confusingly similar."
This bill undermines fair use and First Amendment freedoms in granting
all trademark holders new rights greatly in excess of those already
granted by existing trademark law. TCPA's provisions would enable
bad-acting trademark holders to sue satirists and critics into
silence.
The legislation is an assault on anonymous speech; it effectively
forces domain name holders to give up their privacy or have an
increased likelihood of liability (and for no real reason, since there
isn't any connection between anonymous use of the Internet and
trademark violations).
The bill will have a chilling effect on free expression because it
effectively encourages registrars to reject the registration of any
domain name that they believe has a remote possibility of being
infringing.
The TCPA bill also sets up a system whereby US-based companies would
be able to take away domain names - without notice - from foreign
companies and individuals who can't afford to travel to the US to
defend themselves (assuming they even know about the action against
them at all.)
Attacked domain name holders would have to file their own lawsuits to
prove their innocence, and do not even have affirmative defenses to
assert when sued, only factors for optional court consideration.
Domain name holders must not be treated guilty until proven innocent.
Months' worth of international cooperation could be undermined in the
Internet Corporation for Assigned Names and Numbers (ICANN), working
to come to a balanced consensus on intellectual property, domain names
and individual rights. Congress should not be second-guessing the
Commerce Dept. (which is overseeing transition to the new
administration of the Domain Naming System), nor suddenly wading into
a highly contentious area of global technology policy.
Yeah, 11 sites, none of them prominent, which all show up as NT. He (or they) probably ran the same script on all of them and exploited the same hole. How does this imply that he knows what he's doing?
That sounds like the message I've seen when the physical connection is bad and a data transfer fails unexpectedly.
I'm not surprised it died if it lost its connection while updating the flash. This is always dangerous, especially if done remotely (e.g. over the cradle link). I assume they had to do it this way - if they could have transferred the whole firmware image to local memory and flashed from there it would have been much safer... Maybe the image is too large.
I haven't seen this problem with my Palm V. Maybe I have a more recent version of the firmware... If this is the case you can probably expect 3.3 to fix your problem. (In other words, I'd try the upgrade if I were you)
;-)
Surely this hasn't been happening to my Palm V without my notice... I do use it for something other than games occasionally...
I've upgraded my Palm V and now it doesn't know how to turn itself off (by physical button or the power off icon in LauncherIII) while the Hackmaster PalmVFix is active.
If you see this problem turn off this hack and you should be back to normal. (Maybe HackMaster needs to be updated?)
Linux is certainly NOT Unix. What do you think GNU stands for? Linux was created because people wanted an alternative to Unix. (What Unix actually IS today is somewhat muddy - I believe the only legitimate descendant of Unix is BSD, but I could be wrong).
The author of the posted article is correct and brings up a valid point. While Linux is gaining market share it is gaining it partially at the expense of true Unix OSes. This is true in my experience - lots of people who are already using Unix at their workstations are switching to Linux for various reasons. Fewer people are switching from Windoze (so far - not to say it won't happen).
It seems to me the approach is to dump the nuances of individual languages. The website describes a process whereby you type a message and watch a realtime native->universal->native translation. If it the result doesn't match the input you've used something that doesn't translate and you need to replace it with something that does.
It's far from a true universal translation system, but I think it could be very useful in conveying simple information. I wouldn't attempt to distribute poetry this way but for lots of documents it would probably be understandable.
"Electricity is both inexpensive and environmentally safe"
Is it really more environmentally sound than burning rocket fuel? Isn't a lot of electricity still produced by burning coal? Seems to me we're far from having "environmentally safe" electricity.
I don't debate the value of the technique - any reduction in weight is incredibly helpful during such a launch. I just don't like the fact that this guy's claiming environmental superiority. Sure, there's less pollution at the launch site, but there's still pollution at the plant...
The fact that the spiffy little lock icon isn't locked doesn't mean the submission is insecure. It means the FORM ITSELF was downloaded in the clear.
Look at the source. The form submits to an https address. Which means the data you enter is encrypted via SSL when it is sent.
I'm not sure why so many people use forms that submit securely but are not retrieved securely. If it can confuse slashdotters (as it has more than once) it's bound to confuse the average moron...
Of course, you're right about the password. The problem is that if they did it correctly (using actual keypairs and certificates) it would take too long and your keys wouldn't automatically be usable from any browser as they are now. As is you can use your Passport account from anywhere - set top box, Palm VII, cafe terminal, whatever.
Consumers don't want security. They want convenience and the ILLUSION of security.
Disclaimer: This is all hearsay.
According to this comment, which should really be moderated UP...
The credit card numbers stay on Microsoft's server. Store gets a charge authorization from Passport via secure challenge/response and BILLS MICROSOFT. Microsoft then bills you, having never given your credit card number to ANYBODY, even encrypted.
It's a great idea. But I'll never use it - as I've said before, I trust the protocol entirely, I just don't trust Microsoft to keep a server full of credit card numbers away from the script kiddies.
See my other comment in this thread.
The poster said there's a cryptographic challenge/response. This means that through the magic of public key cryptography one party can authenticate itself to the other in a non-spoofable way. It doesn't matter if you see the transaction - you can't fake one yourself or replay it to cause a second transaction to go through. It's not just another number - it's a secure communication.
Microsoft is smart enough to get the basic protocol right. I have no doubt that they've thought this part through. What worries me is that hordes of script kiddies will scrutinize this newly created gold mine and eventually find something to exploit (as with Hotmail).
It would also be nice if you could guess a business' phone number from its name. This is obviously impractical - there are way too many businesses with phones for this to work.
Similarly, it may not be long before there are way too many businesses with web pages for their names to be guessable. It works now to some degree but there are already problems. I wanted some information on Pioneer DVD players the other day, so I went to www.pioneer.com and got a website for a business with no relation to Pioneer electronics but with just as much right to the domain name. Many domain names are guessable only because a large corporation took ownership of the domain from a legitimate owner by blatant extortion.
In my opinion people are going to have to give up the idea of guessable URLs very soon.
The point of this site is to share and discuss news. Obviously the posters should attempt to avoid things that their viewers are likely to have seen already.
However, the number of "old news" comments in this discussion is unreal. ONE or TWO would suffice. It seems in this case people get some sort of pathetic ego boost from stating that yes, they too saw the item in question somewhere else first.
If you've already seen an article, read something else. Don't tell us you've already seen it. The rest of us probably don't care.
I too have NT on hda1 and I get exactly the same behavior. Installer can't mount hda1, hangs.
:-(
If anyone figures out this problem (LOTS of other people must have it...) or sees a RedHat fix I'd appreciate a post here. I can't believe they didn't try to upgrade a dual boot system...
(Sorry, I hate "me too" posts, but I figure somebody here will have an answer...)
I saw this on Freshmeat and found it very interesting.
As a pseudo-newbie I'd really appreciate it if somebody who installs this on a Red Hat system provides a report... How to do it, how difficult it is, how useful it is, etc...
I assume SOMEBODY's going to rush right out and set this up...
There's a serious security issue here but I don't think it's the one you're describing.
The chip obviously needs to have access to your private keys. This means we have no proof that it isn't burning every private key it sees into flash memory for future recovery. You might be better off using an open source crypto implementation you can investigate with a processor that doesn't really know which bits of data are keys (your CPU).
However, the problem of unique chip identification seems to me to be a non-issue... What makes you think the chip will use factory hardcoded keys? Don't you think it's more likely that it will use user supplied keys issued by public certificate authorities like everything else does (except PGP, which doesn't use CAs but still doesn't use hardcoded keys)?