Organized religion has also given hope to the hopeless, fed and clothed people who had nothing, and given (some) people a reason to be decent to each other. Maybe it's all a wash when you factor in things like the Crusades and the Spanish Inquisition, but don't just mention the bad without even a passing reference to the good that religion has done.
workers get payed for the hours they work, unless it's more than 24 per day....
That must be a neat trick.
In America, the overtime pay rate is more than the normal pay rate. It's not uncommon for you to get 1.5x your normal wage for overtime work, calculated (usually) by the week. So if you work 50 hours a week at $10/hr, you'll get: 40*$10 + 10*$15 for the week. Even if you only work 30 hours the next week, they have to pay overtime for the week that you worked more. They don't want to do that, so they probably won't allow it. There's the loss of flexibility.
Exactly. The RIAA know that they won't get everyone. Only a fool would think that they could. These are just scare-tactics. Sue enough people that everyone else is too scared to share files.
This is why they can afford to be loose with the facts and pick-and-choose which cases they actually pursue.
The market will probably sort this out. Unfortunately, until it does, lots of people will remain uninsured or lose their insurance, and that's the biggest incentive to socialize health care.
Once enough people can't afford health care premiums (due to their records) or the insurers stop insuring people who aren't in good health, the insurers will start dying out. Maybe the government will bail them out for a while, but ultimately, they're shooting themselves in the foot by making health coverage so hard to come by that no one can afford it. Instead of earning more money, they'll either put themselves out of business or start taking risks on clients with less than stellar health.
Kinda makes sense. So I guess that to make the change, they'd have to go through the code and store the old wage before setting the new wage for each of the 200,000 employees. Presumably, they can't automate it (why else would it take 6 months?) Then they'd have to go back and revert it for each employee once they were done, and in addition, calculate the back pay (explaining the extra time required.) Calculating the back pay for each employee probably isn't something that the system was designed to handle, so they get to do it by hand.
What a mess. I wonder how much of a pain it is to give raises, or to hire/fire someone under this system.
Pretty soon they'll be able to hold me for not having a laptop for them to search. They'll think I'm hiding something. That's like being told I should carry some cash on me so the mugger has something to walk away with, otherwise he'll get pissed and just shoot me. Every border crossing is turning into a mugging.
Wow. First to see that in a post that isn't clearly a troll, and then to see it modded +5? Slashdot's really turning into Digg.
Frankly, your post is one of the most absurd ones I've ever seen on Slashdot.
I got a RapidSSL certificate, and they would allow domain ownership to be verified by any email listed in the whois record or any of about 10 "predefined" email addresses @domainname in question, including root, admin, postmaster, webmaster, and several others.
But this isn't "basically anyone". It's much broader than I'd like, to be sure, but it wouldn't let me get a cert for a Google domain (for example.)
The only legitimate person to contact is the "administrative contact" in the whois record. Neither the technical contact nor whoever happens to get email sent to webmaster@example.com should be able to get a certificate on their own. Furthermore, the email itself in insecure and any number of people along the way are in a position to intercept the validation email. Since it is a completely automated system, it also vulnerable to trojans, even if the infected computer is on an otherwise "insecure" part of the network network.
All true, but now you're talking about much more complicated attacks, even farther from something that "just about anyone" could do. Security is imperfect. We do the best we can, and we try to be aware of the issues.
But that is beside the point, really. Domain ownership is not a particularly useful thing to prove. Anyone can register a domain. For instance, Bank of America owns bankofamerica.com bankamerica.com and probably several others to reduce the dangers of typo squatting, but they can't anticipate every possible legitimate appearing name much less hard to notice typos.
Again, we're now talking about different things. You seemed quite happy with domain verification when it's done right. Now you're sort of indicating that verification using a CA is entirely pointless.
You can't anticipate every typosquatter, and you can't stop someone from using the https://maliciousdomain.com/ at all. That doesn't mean that we throw the baby out with the bathwater.
As I see it, the point of verified server SSL certificates is to ensure that the endpoint I'm talking with is who they say they are. Due diligence on my part is required to ensure that the domain I'm talking to matches the company I think that I'm talking to. Just because that due diligence isn't automated doesn't mean that the rest of the chain of trust is pointless.
I don't think that creative people have an inherent right to earn money from their work, but I think they have a right to charge money for their work, and I think that to a certain degree, they should be able to prevent people from acquiring copies of their work without paying for it.
But I think that copyright is far too abused to continue in its current form. Take us back to 28 years, get rid of criminal penalties for all but the most egregious offenses, and outlaw DRM. I'd be pretty happy with that situation.
Of course, if we did that, we'd just see movie and music studios jumping ship to more copyright-friendly countries. And since we have treaties in place to respect and enforce the copyrights of other countries, we'd be in no better position than we are now.
Musicians, on the other hand, are a dime a dozen. The world is full of skilled musicians. It's even full of skilled musicians who can put on a good show, though stagecraft is rarer than people think.
But specific musicians and specific songs are not a dime a dozen. As you, yourself, point out:
The real skill on that side is in getting people to all want one particular song. The record companies used to be pretty good at that, through a combination of skilled production, skilled marketing, and collusion with radio stations. Nobody listens to the radio any more, and skilled production comes free with an iMac.
If all people wanted was "good music", the market would sort itself out. In fact, there are musicians doing just this--Jonathon Coulton is a great example from the geek world.
But people don't want "good music", they want popular music. They want the music that they hear on the radio (yes, people still listen to the radio), the music that they hear at the club, the music that's featured in the movies and TV shows that they watch, etc. They get attached to specific artists and buy anything new released by him. And there's a monopoly on that music, so the artist (or the record company, if they signed with one) gets to set the price.
There's no monopoly on good music. If you want good music, you can legally acquire it for free. But if you want a specific song, you may not be so lucky.
Yes, it does. The problem you are seeing is that the person who generated the certificate could be anybody. But the same is true for the cheap CAs--they will sign a certificate of basically anyone who asks.
I've seen this over and over, with nothing to back it up. Which CAs will do this? I'd like to know so that I can test them, and if it's true, remove their certs from my browser.
My experience with a cheap cert went as follows (Godaddy, within the past 6 months): 1) Sign up for cert for a domain I don't control. 2) Godaddy says that they mailed the domain contact for that domain. I mail that contact and ask that they approve the request. 3) Contact screws up the approval. Godaddy rejects my request. I resubmit. 4) Contact approves the request. 5) I get my cert and apply it to the machine I co-manage with the domain owner.
If I had wanted to, I could have hijacked the contact's e-mail--but that's only because I have root on the box that gets those messages. Godaddy did some minimal checking to ensure that someone related to the domain was involved in the process. Are there flaws? Yes. Could someone manage to hijack the process? Sure, but it wouldn't be as easy as some people make it out to be.
Exactly. Now, Microsoft can say, "You may only install Windows on this computer if you never install OpenOffice on this computer." If you install OpenOffice, your Windows license becomes invalid. Tough luck.
Well, you can grab the latest Bind for free, too. In fact, you can upgrade much of the OS X userland for free. Can you do that with Microsoft? Looks like it's all quite the mishmash.
A friend of mine once tried to bring an unlocked phone onto a carrier. He was brand new to the service. They insisted that he sign a two-year contract with the same early termination fee. It was absurd.
Also, because the contract is in legalese that no normal person can understand, if you didn't hire a lawyer to review your cell phone contract, SHAME ON YOU!
That's really why the TCO of proprietary software is so high. You have no idea how much I spent on legal fees back when I didn't use solely Free (as in speech) software. Software installation gets expensive when I have to buy two copies and send one copy to my lawyer:(
You can't put something illegal into a contract. You can't make the penalty for breaking the contract that one of the parties commit a crime. And you can't go against state or federal law in a contract.
The point is that the judge found that this was a violation of California law. If the penalty had been, "You must perform one murder on behalf of Sprint," would you still think that it's ok because it's in the contract? That's an extreme example, but the point is the same. If the contract violates law, it violates law. If you disagree with that, perhaps you should blame the law instead of the judge.
They seem to be saying that the early termination fee is anticompetitive rather than recuperative. The US (and California) likes to pretend to support competition, so when something high-profile like this comes up, they step up.
Generally speaking, contracts have to be somewhat fair. Canceling a month before my two year contract is up and getting hit with the same $200 cancellation fee as if I'd canceled 32 days in is absurd. The point of the cancellation fee is because the phones are subsidized. If they've been getting payments for me all along, they've been recovering the subsidy over time.
The biggest problem, to me, is that if my phone breaks (and they're all pretty much cheap, crappy pieces of crap) I'm stuck in my contract/and/ I have to pay $150 for a new phone. Or I can extend the contract and pay the subsidized amount, if I'm "lucky."
And don't even get me started on the rest of the practices in the industry. Hidden "recovery" fees, charges for incoming SMS and calls (yeah, in the US, we pay even if we didn't want to be called)... it's all a bunch of crap. Sometimes I wish I wasn't required to have a cell phone for my job.
In the long run, I suspect that the value will return to their house, but people who think about that are generally not the ones who get themselves into mortgage troubles.
Yes, but mostly due to inflation.
And hey, here's a wacky notion--the reason to pay the mortgage is because you fucking agreed to do so. This is one of the many reasons that you shouldn't be allowed to gamble with credit. When you lose, you really don't want to pay off the debt.
Slashdot Mirror
Sure, but from the sound of it, they don't get paid for that hour.
Organized religion has also given hope to the hopeless, fed and clothed people who had nothing, and given (some) people a reason to be decent to each other. Maybe it's all a wash when you factor in things like the Crusades and the Spanish Inquisition, but don't just mention the bad without even a passing reference to the good that religion has done.
Except that not all religious people believe that the Earth was literally created in 7 days 6000 years ago.
Irrelevant, because some people do.
Of course, these people also tend to believe one of these things:
And that removes the problem of God "lying."
Why make anyone at all? Why do anything? Why? It's the ultimate question of existence.
workers get payed for the hours they work, unless it's more than 24 per day....
That must be a neat trick.
In America, the overtime pay rate is more than the normal pay rate. It's not uncommon for you to get 1.5x your normal wage for overtime work, calculated (usually) by the week. So if you work 50 hours a week at $10/hr, you'll get:
40*$10 + 10*$15 for the week. Even if you only work 30 hours the next week, they have to pay overtime for the week that you worked more. They don't want to do that, so they probably won't allow it. There's the loss of flexibility.
MAC addresses only have significance within the context of a network segment. This is a pretty pointless idea.
Exactly. The RIAA know that they won't get everyone. Only a fool would think that they could. These are just scare-tactics. Sue enough people that everyone else is too scared to share files.
This is why they can afford to be loose with the facts and pick-and-choose which cases they actually pursue.
The market will probably sort this out. Unfortunately, until it does, lots of people will remain uninsured or lose their insurance, and that's the biggest incentive to socialize health care.
Once enough people can't afford health care premiums (due to their records) or the insurers stop insuring people who aren't in good health, the insurers will start dying out. Maybe the government will bail them out for a while, but ultimately, they're shooting themselves in the foot by making health coverage so hard to come by that no one can afford it. Instead of earning more money, they'll either put themselves out of business or start taking risks on clients with less than stellar health.
Kinda makes sense. So I guess that to make the change, they'd have to go through the code and store the old wage before setting the new wage for each of the 200,000 employees. Presumably, they can't automate it (why else would it take 6 months?) Then they'd have to go back and revert it for each employee once they were done, and in addition, calculate the back pay (explaining the extra time required.) Calculating the back pay for each employee probably isn't something that the system was designed to handle, so they get to do it by hand.
What a mess. I wonder how much of a pain it is to give raises, or to hire/fire someone under this system.
If only I had mod points, and hadn't already posted in this story :) That made my day!
Pretty soon they'll be able to hold me for not having a laptop for them to search. They'll think I'm hiding something. That's like being told I should carry some cash on me so the mugger has something to walk away with, otherwise he'll get pissed and just shoot me. Every border crossing is turning into a mugging.
Wow. First to see that in a post that isn't clearly a troll, and then to see it modded +5? Slashdot's really turning into Digg.
Frankly, your post is one of the most absurd ones I've ever seen on Slashdot.
I got a RapidSSL certificate, and they would allow domain ownership to be verified by any email listed in the whois record or any of about 10 "predefined" email addresses @domainname in question, including root, admin, postmaster, webmaster, and several others.
But this isn't "basically anyone". It's much broader than I'd like, to be sure, but it wouldn't let me get a cert for a Google domain (for example.)
The only legitimate person to contact is the "administrative contact" in the whois record. Neither the technical contact nor whoever happens to get email sent to webmaster@example.com should be able to get a certificate on their own. Furthermore, the email itself in insecure and any number of people along the way are in a position to intercept the validation email. Since it is a completely automated system, it also vulnerable to trojans, even if the infected computer is on an otherwise "insecure" part of the network network.
All true, but now you're talking about much more complicated attacks, even farther from something that "just about anyone" could do. Security is imperfect. We do the best we can, and we try to be aware of the issues.
But that is beside the point, really. Domain ownership is not a particularly useful thing to prove. Anyone can register a domain. For instance, Bank of America owns bankofamerica.com bankamerica.com and probably several others to reduce the dangers of typo squatting, but they can't anticipate every possible legitimate appearing name much less hard to notice typos.
Again, we're now talking about different things. You seemed quite happy with domain verification when it's done right. Now you're sort of indicating that verification using a CA is entirely pointless.
You can't anticipate every typosquatter, and you can't stop someone from using the https://maliciousdomain.com/ at all. That doesn't mean that we throw the baby out with the bathwater.
As I see it, the point of verified server SSL certificates is to ensure that the endpoint I'm talking with is who they say they are. Due diligence on my part is required to ensure that the domain I'm talking to matches the company I think that I'm talking to. Just because that due diligence isn't automated doesn't mean that the rest of the chain of trust is pointless.
I don't think that creative people have an inherent right to earn money from their work, but I think they have a right to charge money for their work, and I think that to a certain degree, they should be able to prevent people from acquiring copies of their work without paying for it.
But I think that copyright is far too abused to continue in its current form. Take us back to 28 years, get rid of criminal penalties for all but the most egregious offenses, and outlaw DRM. I'd be pretty happy with that situation.
Of course, if we did that, we'd just see movie and music studios jumping ship to more copyright-friendly countries. And since we have treaties in place to respect and enforce the copyrights of other countries, we'd be in no better position than we are now.
Musicians, on the other hand, are a dime a dozen. The world is full of skilled musicians. It's even full of skilled musicians who can put on a good show, though stagecraft is rarer than people think.
But specific musicians and specific songs are not a dime a dozen. As you, yourself, point out:
The real skill on that side is in getting people to all want one particular song. The record companies used to be pretty good at that, through a combination of skilled production, skilled marketing, and collusion with radio stations. Nobody listens to the radio any more, and skilled production comes free with an iMac.
If all people wanted was "good music", the market would sort itself out. In fact, there are musicians doing just this--Jonathon Coulton is a great example from the geek world.
But people don't want "good music", they want popular music. They want the music that they hear on the radio (yes, people still listen to the radio), the music that they hear at the club, the music that's featured in the movies and TV shows that they watch, etc. They get attached to specific artists and buy anything new released by him. And there's a monopoly on that music, so the artist (or the record company, if they signed with one) gets to set the price.
There's no monopoly on good music. If you want good music, you can legally acquire it for free. But if you want a specific song, you may not be so lucky.
Yes, it does. The problem you are seeing is that the person who generated the certificate could be anybody. But the same is true for the cheap CAs--they will sign a certificate of basically anyone who asks.
I've seen this over and over, with nothing to back it up. Which CAs will do this? I'd like to know so that I can test them, and if it's true, remove their certs from my browser.
My experience with a cheap cert went as follows (Godaddy, within the past 6 months):
1) Sign up for cert for a domain I don't control.
2) Godaddy says that they mailed the domain contact for that domain. I mail that contact and ask that they approve the request.
3) Contact screws up the approval. Godaddy rejects my request. I resubmit.
4) Contact approves the request.
5) I get my cert and apply it to the machine I co-manage with the domain owner.
If I had wanted to, I could have hijacked the contact's e-mail--but that's only because I have root on the box that gets those messages. Godaddy did some minimal checking to ensure that someone related to the domain was involved in the process. Are there flaws? Yes. Could someone manage to hijack the process? Sure, but it wouldn't be as easy as some people make it out to be.
I wish there was an "incomprehensible grammar" mod....
Exactly. Now, Microsoft can say, "You may only install Windows on this computer if you never install OpenOffice on this computer." If you install OpenOffice, your Windows license becomes invalid. Tough luck.
Well, you can grab the latest Bind for free, too. In fact, you can upgrade much of the OS X userland for free. Can you do that with Microsoft?
Looks like it's all quite the mishmash.
It's not.
A friend of mine once tried to bring an unlocked phone onto a carrier. He was brand new to the service. They insisted that he sign a two-year contract with the same early termination fee. It was absurd.
Also, because the contract is in legalese that no normal person can understand, if you didn't hire a lawyer to review your cell phone contract, SHAME ON YOU!
That's really why the TCO of proprietary software is so high. You have no idea how much I spent on legal fees back when I didn't use solely Free (as in speech) software. Software installation gets expensive when I have to buy two copies and send one copy to my lawyer :(
You can't put something illegal into a contract. You can't make the penalty for breaking the contract that one of the parties commit a crime. And you can't go against state or federal law in a contract.
The point is that the judge found that this was a violation of California law. If the penalty had been, "You must perform one murder on behalf of Sprint," would you still think that it's ok because it's in the contract? That's an extreme example, but the point is the same. If the contract violates law, it violates law. If you disagree with that, perhaps you should blame the law instead of the judge.
They seem to be saying that the early termination fee is anticompetitive rather than recuperative. The US (and California) likes to pretend to support competition, so when something high-profile like this comes up, they step up.
So let the company have the phone back, less any charges for wear (they can't sell it new again.) That's a better solution, anyway, in my opinion.
Generally speaking, contracts have to be somewhat fair. Canceling a month before my two year contract is up and getting hit with the same $200 cancellation fee as if I'd canceled 32 days in is absurd. The point of the cancellation fee is because the phones are subsidized. If they've been getting payments for me all along, they've been recovering the subsidy over time.
The biggest problem, to me, is that if my phone breaks (and they're all pretty much cheap, crappy pieces of crap) I'm stuck in my contract /and/ I have to pay $150 for a new phone. Or I can extend the contract and pay the subsidized amount, if I'm "lucky."
And don't even get me started on the rest of the practices in the industry. Hidden "recovery" fees, charges for incoming SMS and calls (yeah, in the US, we pay even if we didn't want to be called)... it's all a bunch of crap. Sometimes I wish I wasn't required to have a cell phone for my job.
In the long run, I suspect that the value will return to their house, but people who think about that are generally not the ones who get themselves into mortgage troubles.
Yes, but mostly due to inflation.
And hey, here's a wacky notion--the reason to pay the mortgage is because you fucking agreed to do so. This is one of the many reasons that you shouldn't be allowed to gamble with credit. When you lose, you really don't want to pay off the debt.