... and the impact on those that buy the stuff? Pretty minimal I'd say,
if they aren't planning to share it.
Perhaps it is a bit better than DRM in the sense that you won't
eventually lose it as you move to other computers in the future. The
problem is that (assuming it can be traced back to you) it creates a
legal liability, and you will always have to paranoid about not
letting it "escape". Maybe you don't intentionally "plan" to share it,
but there are many ways that could happen. Maybe your kid puts it on
his MP3 player, then gives a copy to a friend who likes it, who in turn
puts it on P2P. You have to mistrust everyone. You can't just leave
your MP3 player lying around, or have an extra copy on another computer
for convenience, etc.
You have to treat it like you would your personal
data with SS# etc., but unlike that data, which you keep in one place,
encrypted, you want your music to be conveniently available and
portable. The risk is too great, and it just isn't worth it to me to
have yet another thing in life to worry about.
I'll stick to ripping
my MP3s from CDs I purchased, that can't be traced back to me if they
accidentally "escape". I'll only buy watermarked music if I know how to
remove the watermark (assuming it's not illegal per DMCA to do so).
A search for "whitewashed" in the Wikipedia Talk pages yields 2253 hits.
I suppose that might be one rough indicator of whitewashing problems
(that have been found and/or claimed).
It might also provide a starting point or additional filter
for anyone looking for spin jobs for the Wired contest.
Then why the unseemly haste, committee stacking, and other nefarious practices to get adopted as an ISO standard?
So they can convince governments, etc. that it really is a
"standard", in order to defeat or at least put a monkey wrench into
the adoption of ODF as a mandated standard that is currently being
proposed by various government bodies.
Why the attacks on ODF adoption? If Microsoft had any intention of being interoperable, they'd have supported ODF from the start..
ODF can be (and is) easily supported by
multiple products by multiple vendors. OOXML can be fully supported only
by Microsoft, because for various items, the "standard" effectively just says
it should work the way Office 95 etc. works without giving details. The OOXML "standard"
as a whole is essentially just a bloated, 6000-page (!)
(partial!) documentation of the way Office already
works, so Microsoft has no additional work to do, whereas any potential competitor
is faced with an essentially hopeless task.
Something in this thread sounds wrong to my ears. I don't know what
it is, but it sounds wrong. Anyone else got this feeling?
I
agree the gp sounds like a troll. "cleans a local diner's grease pit
every night for a free dinner"? Get a job, bro. Certainly he can fit a
4-hr/day part-time McDonalds job into his busy practice schedule.
This tale of woe is vaguely reminiscent of the
Christian CD store troll that keeps popping up, although the
gp did not post anonymously like the latter.
Someone else pointed out the brother's band (if their
detective work was correct) offers a torrent of all their music, so the
complaint about piracy is a fabrication. I suppose the gp,
not being anonymous, can reply to this accusation.
In the U.S, fonts are not copyrightable (although there is a movement to change that). Only the
"hints" and associated software behind them can be copyrighted. However,
for a fixed point size, anyone can copy a font, pixel for pixel, without
infringing copyright. Since web pages typically use a small number of
standard point sizes, there is no reason why a set of fixed point sized
fonts can't be created by copying them exactly from the screen displays
of Microsoft's or Apples's or anyone's proprietary fonts, for use on Linux.
It puzzles me as to why this hasn't been done.
So if anyone uses this for greeting cards, it's going to be 1% DNA
source material and 99% pre-conceived structure.
Almost all music generated from "natural" sources is like that,
for example, the music generated by the digits of pi. If you
take the digits of pi and convert them to a sequence of 10 pure
MIDI tones, it would be very boring
without the embellishment with elaborate orchestration.
There is at least one "natural" source, however, that bears
some passing resemblance to "real" music: the patterns that occur
in the proof trees of formal logic proofs. From the
Metamath
music page:
The music generated from these mathematical proofs stands in sharp
contrast to certain other experimental music based on such mathematics
as the digits of ? (pi). Unlike a proof's tree structure, which is
inherently suggestive of a musical score, the digits of ? have no
obvious pattern. To make it interesting, a human composer will often
add a non-mathematical creative element such as an underlying beat with
pre-selected chords and instrumentation. What one hears, then, might be
based as much on the originality of the composer as on the essential
nature of ?: the same algorithm applied to the digits of say e (Euler's
constant), or even a series of random digits, would typically sound
about the same after the first few notes. The music here, on the other
hand, is a raw and unadorned representation of the mathematics itself,
involving few human preconceptions beyond a basic mapping needed to
accommodate the Western tonal scale.
It is an extreme in the other direction: 99% source material and
1% pre-conceived structure (of which there is essentially none,
just a blind mapping to MIDI tones).
(BTW
the author not only has not patented it but has explicitly
released it to public domain.)
Paragraph 2: Copyright infringement supports terrorists. Therefore we must extend copyright??
A far better idea would be to temporarily suspend copyright, so that the terrorists
can't profit from infringement. Later we'll reinstate it, just as soon as the
terrorist problem is solved.
I love this quote "Investors wanted less spending, more growth"....
Hmm, ain't happening. I better punish Google stock for it.
At Google's stratosperical stock price, anyone buying it is going to
have certain expectations of the company, whether realistic or not.
When those expectations turn out to be unrealistic, the stock price
tends to be adjusted down accordingly. This is not "punishing" the
stock, it is repricing it to a point more in line with what it should
be. Remember the absurd valuations during the dot-com boom? E.g.
Akamai went from $345/share in 2000 to $0.56/share in 2003 (and is now
around $50 and IMO overpriced again, although not nearly as badly).
Google is not that bad, of course, but it is still way too lofty to
interest me personally as an investment at this point. If it
can't keep up its exponential growth - and nothing can forever - its stock price will eventually reflect that, just like the stock price of MSFT in the last
few years.
1. Violate LGPL.
2. Leak this fact.
3. Someone will post story to/. in outrage, making zillions of people
who had never heard of your company aware that it exists.
4. Correct LGPL violation (release modified LGPL'ed source or whatever)
5. Profit!!
Thanks for the info, I didn't know that. It seems they are saying that
selling the character would violate their copyright ("Blizzard owns, has
licensed, or otherwise has rights to all of the content that appears in
the Program"). However, this seems to go against the first-sale
doctrine. I guess it would boil down to whether the "Terms of Use"
constitute a legal contract that trumps the buyer's rights under
copyright law. Or something like that.
Anyway, perhaps I should give my son a "timeout" for doing something
shady. Too bad he's grown bigger than me.
I am not into WoW and barely know what it is, but my son has is trying
to sell his character and has gotten several offers of $200-$400. But
selling them has so far proved impossible due to fraud. Since he is
underage, he has been using my PayPal account, so I know what's going on
there. So far, he has been scammed no less that FOUR times trying to sell his WoW
account - each time the payment was reversed after several days by
PayPal because the payment was "unauthorized". Most recently, he
thought the problem could be solved by selling only to a PayPal
"verified" account; the money actually went through and I successfully
initiated a transfer to my checking account. No go - a couple of days
later, the transfer was reversed by PayPal because the transaction was
"unauthorized".
Each time he has given the WoW character to the buyer when the payment
came through, and each time he was able to get the character back via Blizzard.
But they must be getting tired of this, and I don't know how long they
will keep giving him back his "stolen" WoW account.
I told him to wait for a week (or two?) until the money has finally cleared
before giving the WoW account to the buyer. He says no buyer would go along
with this - how do they know he's not just scamming them?
Overall, this has been a unpleasant experience. I have no idea if
these fraudulent transactions are threatening cancellation of my PayPal
account, hurting my credit rating, or whatever. Another mysterious
thing - someone (unrelated to any purchase) deposited $0.01 into my
PayPal account.
Each one of these buyers, when contacted via email, simply didn't answer.
If their accounts had been stolen - say via all those PayPal phishing
emails - as PayPal suggests, one would think they would at least have the
courtesy to reply that "yes, my account was stolen, and I didn't authorized
that transaction" - but no, silence. Weird.
So, I have no idea how he can sell his WoW character reliably. As an outsider,
to me the WoW
community looks like a den of thieves and scammers. How do other people sell
their characters? How does the seller insure the buyer won't reverse the
payment?
How does the buyer prevent the seller from taking it back, claiming it "stolen"?
This is not correct. You can have your own private certificate server on the same
server as Apache is on, and a man-in-the-middle attack will not work. The only problem is that
it is a nuisance for the user to click through the "Accept this certificate" screen,
but the user only has to do it once.
How do you think SSH works? There is no third-party certificate server, and
man-in-the-middle certainly can't defeat it.
To install a private certificate server under Apache is trivial; see for
example my post.
(On Windows, it is a little more complex, as that post indicates.)
The purpose of the third-party certificate is to provide some degree of trust that you are
going to the web site you think you are, so that you can have some confidence
that you aren't submitting your credit card number to an imposter. If all you are interested in is encryption and the prevention
of man-in-the-middle interception, SSL with a private certificate server will work fine.
The encryption is accomplished via public key cryptography, which allows you to
exchange the private key used for the encrypted session. A third party is not
required for public key cryptography to work.
You are right that standard QM prohibits FTL. However, Cramer is looking
for a small nonlinearity - possibly at high energies - that
standard QM doesn't account for and may provide a superluminal
"loophole". From his article,
Quantum Nonlocality and the Possibility of Superluminal Effects:
This prohibition against superluminal communication, as stated above, is
a part of standard quantum mechanics. However, this prohibition is
broken if quantum mechanics is allowed to be slightly "non-linear", a
technical term meaning that when quantum waves are superimposed they may
generate a small cross-term not present in the standard formalism.
Steven Weinberg, Nobel laureate for his theoretical work in unifying the
electromagnetic and weak interactions, investigated a theory which
introduces small non-linear corrections to standard quantum mechanics
[13]. The onset of non-linear behavior is seen in other areas of
physics, e.g., laser light in certain media, and, he suggested, might
also be present but unnoticed in quantum mechanics. Weinberg's
non-linear QM subtly alters certain properties of the standard theory,
producing new physical effects that can be detected through precise
measurements.
The key would be stored on multiple backup tapes and systems so they'd
still need to go back to all of them to delete the key. Being smaller
and more important there'd likely be a lot more copies of the key
floating about. So your point being?
No, you haven't understood what I have said. The keys take only
a small amount of storage, say 1024 bits per user,
and they would be stored in a small number of
well-defined (and well-secured) places. The keys are always current -
you don't make rolling tape backups of them. When you delete a key, it
would be immediately erased in all of these well-defined places. The
exact method of doing this would be determined and written into a
security policy/procedures appropriate for the particular organization's size and
needs.
Also so google stores the user's key, which is likely their password?
Christ, only really bad web services store the actual password instead
of a hashed copy of some kind.
The user's key has absolutely nothing to do with the user's password.
The user may not even be aware that there is a key. This key is on top
of all other normal security measures in already in place, and its only
purpose is to prevent retrieval of backed up data for that user once the
key is destroyed. The key is irrelevant to the user other than the
user's being assured that the organization has a method to ensure data
deletion when requested. Of course, the keys must be very highly
secured. The paranoid could keep two, or multiple, separate data sets
that must be xor'ed to obtain the actual key sets. Remember, these keys
are only needed for backup recovery, presumably a relatively rare event.
But let's suppose they are stolen - then the security situation would be
no worse than it is now, without this scheme. And even if they are
stolen, the data already "deleted" is still safe since their keys no longer
exist, and the concern would then be to protect the "undeleted" data on
the backup tapes, say by regenerating those tapes with a new set of
keys. This would be a pain, but such a theft would be a major security
event anyway.
Then there is the likely performance hit of this encryption system on
accessing data. Then if the user ever changes his password aka key then
google has to recopy his data to every single backups system as the old
one no longer functions. Furthermore since this wouldn't be per
file/email basis the gains would be minimal as users rarely delete their
whole accounts but often delete individual emails.
This has nothing to do with current on-line data. Whatever methods
in place for that remain unchanged. It has
everything to do with being able to selectively "delete" backed up data
instantly, without having to physically search through possibly
thousands of backup tapes and selectively delete portions of them, if
it were even possible to do so.
Guy loses key. Guy had important data on gmail account. Guy sues google. Replace guy with class action lawsuit by dozens of small businesses using gmail.
No, google keeps key. (The guy doesn't even have to know that google has
a key - the key is part of their internal backup operations.) When guy tells google to
delete his info, maybe after a couple of "are you really sure???" confirmations or
even a back-and-forth email confirmation, then google erases its key, automatically
and instantly "erasing" the guy's info on all of its backup tapes and redundant stores.
Whether google would actually erase the key - as opposed to just denying
its further use by the guy, so he thinks his info is deleted when it really
isn't - is another issue. The point is that
it is _technically_ possible to "erase" information on backup tapes
and redundant distributed storage, and instantly to boot, without physically going back to those
tapes, contrary to some of the claims in this thread.
That google (apparently) doesn't do this is a reflection of the
priority they give to the associated privacy issues. Certainly with all of their
PhDs floating around they are quite capable of doing it - it's a pretty
obvious idea. My company has been doing for years, down to the file level
in some cases
(so that individual files can be effectively "deleted" without "deleting" the whole tape,
for example sensitive employee data whose retention time has expired).
I, for one, would like to see our new Google overlords challenged on its
restrictions of public domain works.
As absurd as interpretations of
copyright law have become, it is hard for me to believe that an
automated machine scan of a public domain book, involving no human
effort other than placing the book in the machine and certainly no human
creativity, acquires a new copyright of its own. IANAL but I recall
reading somewhere that (1) simple compilations of uncopyrighted data,
such as a phone book, cannot be copyrighted, and (2) faithful scans of
public domain images such as of old paintings, that involve no
creativity, cannot be copyrighted.
Even in terms of the amount of labor
involved, the library itself has put far more work over the years
(possibly over a hundred years) into the cataloguing, preservation, and
storage of these books, and yet Google reaps the benefit with the small
additional act of placing the book in a scanning machine. Some of these
fragile, very old books may even end up damaged as a result, so that
they may end up in the restricted archive section that
the public will have even less access to, that you'll be allowed to
look at under controlled conditions but not copy for fear of further
damage.
Why shouldn't
the library (and the public that ultimately has provided the support
dollars for it) also benefit? This seems like a very one-sided deal,
with Google reaping all of the benefit with very little work and providing nothing (or very
little, meaning Google-controlled access) in return.
Minimal life forms have been discovered/done since 1997, at least. One
has 54 base pairs. While (like a virus) they need a host, they can
reproduce, if one accepts this as a minimal definition of "life". Not sure
how this relates to what is being patented, though.
Reference:
Eigen and Oehlenschlager, 30 years later - a new approach to Sol
Spiegelman's and Leslie Orgel's in vitro evolutionary studies:
dedicated to Leslie Orgel on the occasion of his 70th birthday, M. Eigen
and F. Oehlenschlager, Orig. Life Evol. Biosph. 5-6 (1997), 437-457.
http://math.ucr.edu/home/baez/subcellular.html#EO Spiegelman's monster
For workstation backups I think a Google like system sounds ideal.
I disagree - it would be horrible and
completely useless for that purpose. For restoring a
workstation backup, you want to know that
your data is consistent, complete, and up-to-date. With a google-like system
you'd get random snapshots of the data stored at different times,
and if you try again you'll get a different set of random snapshots.
Good luck getting pieces of different versions of your app to
play together. Google doesn't have a good handle on being able to make their
searches repeatable and reliable (in the sense of consistency). I don't
know if it is a practical problem due to the amount of data and and users
they serve, but their algorithm is unsuitable for workstation backups.
I doubt very seriously that Google uses its search-engine setup for
their internal workstation backups.
Google has found that SATA drives don't fail noticeably more often
than SAS/SCSI drives, but even if they did, having several hot spares
means it doesn't matter that much.
While I'm not saying that SATA drives can't, in principle, be adapted for
redundancy and reliability, I don't think Google is a good model
for NAS/SAN solutions.
Google is in a different category from something like a corporate
financial database or workstation backups, and I don't think it makes
sense to compare them. Google's information is loosey-goosey and
approximate. If some of its servers go down, no big deal, the others
will catch up, and with sufficient redundancy it's likely no one will
notice. It would probably be indistinguishable from the inconsistency
it has already, where two searches for the same thing often end up with
different results depending on which servers it happens to hit and how
up-to-date they are. (I find this latter behavior annoying, sometimes
missing the search results I want that I'll find on a second try,
but that's for another discussion.)
This just won't do for, say, customer financial records or a medical
database. You can't
have some of the information missing, inconsistent, or not up-to-date.
I would bet that Google itself does not use its
redundant "cheap server" farm setup for its corporate
and customer financial records.
Nobody is entitled to someone else's hard work for free.
Right, no one is entitled to force an information producer to hand
over his or her work for free. However, what two other individuals do
privately between themselves, including exchanging information, is
nobody's business but their own, unless we abandon the concept of a
right to privacy.
I RTFA, and I don't see an itemized list of the FOSS packages which they
claim infringe, and the relevant patent numbers that are apparently
infringed-upon. Until I see an itemized list, I can't properly audit my
collection of FOSS to replace or rewrite those referenced packages.
You aren't going to see the list, at least not anytime soon. From TFA:
"[Microsoft General Counsel Brad Smith and licensing chief] Gutierrez
refuses to identify specific patents or explain how they're being
infringed, lest FOSS advocates start filing challenges to them."
Re:Things like this are easy to fix.
on
Google's Evil NDA
·
· Score: 1
This might work for companies that need you. But
the problem is that Google
seems to be the "hot" company everyone wants to work for, with far more
applicants than there are jobs available, so you probably have little or
no negotiating leverage with them. Unless you are really needed
by them, even above the crème de la crème that they pick routinely out of
their applicants. Most people are thrilled to be chosen at all.
Computer game companies used to be the hot ones to work for - maybe
they still are, don't know - and
the companies definitely took advantage of it, until an "EA widow"'s
complaint eventually led to suits for overtime pay. (And frankly I don't blame
them, when the developers, working their butts off, who are the ones
making the company's success possible, earn 50 times less than top
management with their multi-million dollar salaries and bonuses.)
(It is curious, though, that I've gotten a Google email inviting me to
apply for a job in Ireland or somewhere, when my name is on no job search
site nor have I ever indicated that I'm looking. And I've heard of
other people receiving such emails. I didn't bother, since
personally I don't think I'd want to work for Google, but they seem to
be spamming as many developer names as they can find, to increase the
pool to select from I guess.)
Only 8 years ago? In 1969 - 38 years ago - there was a soft-porn movie
called "The Stewardesses" that used polarized glasses, full color. The
rollercoaster ride was impressive, the pool table cue jabbed out over
the audience, and yes, there were naked 3D women. I don't know why the
article keeps harping on about how this "new" technology represents
amazing progress from red and green glasses - that hasn't existed since
it was a short fad in black-and-white B movies in the 50's. It is like
saying that DVD-audio is the next step after 78 RPM records. One thing
it possibly has going for it is that it uses circular polarization,
apparently meaning that you don't lose the effect if you tilt your head,
but I don't recall that as being a problem when I saw The Stewardesses
(sometime in the 70s). Technically I recall it as being as impressive,
or at least nearly as impressive, as the Disney stuff you mention (which
I also saw).
Slashdot Mirror
Perhaps it is a bit better than DRM in the sense that you won't eventually lose it as you move to other computers in the future. The problem is that (assuming it can be traced back to you) it creates a legal liability, and you will always have to paranoid about not letting it "escape". Maybe you don't intentionally "plan" to share it, but there are many ways that could happen. Maybe your kid puts it on his MP3 player, then gives a copy to a friend who likes it, who in turn puts it on P2P. You have to mistrust everyone. You can't just leave your MP3 player lying around, or have an extra copy on another computer for convenience, etc.
You have to treat it like you would your personal data with SS# etc., but unlike that data, which you keep in one place, encrypted, you want your music to be conveniently available and portable. The risk is too great, and it just isn't worth it to me to have yet another thing in life to worry about.
I'll stick to ripping my MP3s from CDs I purchased, that can't be traced back to me if they accidentally "escape". I'll only buy watermarked music if I know how to remove the watermark (assuming it's not illegal per DMCA to do so).
A search for "whitewashed" in the Wikipedia Talk pages yields 2253 hits. I suppose that might be one rough indicator of whitewashing problems (that have been found and/or claimed). It might also provide a starting point or additional filter for anyone looking for spin jobs for the Wired contest.
So they can convince governments, etc. that it really is a "standard", in order to defeat or at least put a monkey wrench into the adoption of ODF as a mandated standard that is currently being proposed by various government bodies.
Why the attacks on ODF adoption? If Microsoft had any intention of being interoperable, they'd have supported ODF from the start..
ODF can be (and is) easily supported by multiple products by multiple vendors. OOXML can be fully supported only by Microsoft, because for various items, the "standard" effectively just says it should work the way Office 95 etc. works without giving details. The OOXML "standard" as a whole is essentially just a bloated, 6000-page (!) (partial!) documentation of the way Office already works, so Microsoft has no additional work to do, whereas any potential competitor is faced with an essentially hopeless task.
I agree the gp sounds like a troll. "cleans a local diner's grease pit every night for a free dinner"? Get a job, bro. Certainly he can fit a 4-hr/day part-time McDonalds job into his busy practice schedule.
This tale of woe is vaguely reminiscent of the Christian CD store troll that keeps popping up, although the gp did not post anonymously like the latter. Someone else pointed out the brother's band (if their detective work was correct) offers a torrent of all their music, so the complaint about piracy is a fabrication. I suppose the gp, not being anonymous, can reply to this accusation.
In the U.S, fonts are not copyrightable (although there is a movement to change that). Only the "hints" and associated software behind them can be copyrighted. However, for a fixed point size, anyone can copy a font, pixel for pixel, without infringing copyright. Since web pages typically use a small number of standard point sizes, there is no reason why a set of fixed point sized fonts can't be created by copying them exactly from the screen displays of Microsoft's or Apples's or anyone's proprietary fonts, for use on Linux. It puzzles me as to why this hasn't been done.
Almost all music generated from "natural" sources is like that, for example, the music generated by the digits of pi. If you take the digits of pi and convert them to a sequence of 10 pure MIDI tones, it would be very boring without the embellishment with elaborate orchestration.
There is at least one "natural" source, however, that bears some passing resemblance to "real" music: the patterns that occur in the proof trees of formal logic proofs. From the Metamath music page:
It is an extreme in the other direction: 99% source material and 1% pre-conceived structure (of which there is essentially none, just a blind mapping to MIDI tones). (BTW the author not only has not patented it but has explicitly released it to public domain.)A far better idea would be to temporarily suspend copyright, so that the terrorists can't profit from infringement. Later we'll reinstate it, just as soon as the terrorist problem is solved.
At Google's stratosperical stock price, anyone buying it is going to have certain expectations of the company, whether realistic or not. When those expectations turn out to be unrealistic, the stock price tends to be adjusted down accordingly. This is not "punishing" the stock, it is repricing it to a point more in line with what it should be. Remember the absurd valuations during the dot-com boom? E.g. Akamai went from $345/share in 2000 to $0.56/share in 2003 (and is now around $50 and IMO overpriced again, although not nearly as badly). Google is not that bad, of course, but it is still way too lofty to interest me personally as an investment at this point. If it can't keep up its exponential growth - and nothing can forever - its stock price will eventually reflect that, just like the stock price of MSFT in the last few years.
Well, have fun debugging the script:
Click 112, 223
...
Click 342, 334
Click 243, 186
Just hope that on another computer, different desktop theme, or phase of the moon, the windows don't decide to be in slightly different places.
1. Violate LGPL. /. in outrage, making zillions of people
who had never heard of your company aware that it exists.
2. Leak this fact.
3. Someone will post story to
4. Correct LGPL violation (release modified LGPL'ed source or whatever)
5. Profit!!
Note there is no missing ??? step. Brilliant!
Anyway, perhaps I should give my son a "timeout" for doing something shady. Too bad he's grown bigger than me.
Each time he has given the WoW character to the buyer when the payment came through, and each time he was able to get the character back via Blizzard. But they must be getting tired of this, and I don't know how long they will keep giving him back his "stolen" WoW account.
I told him to wait for a week (or two?) until the money has finally cleared before giving the WoW account to the buyer. He says no buyer would go along with this - how do they know he's not just scamming them?
Overall, this has been a unpleasant experience. I have no idea if these fraudulent transactions are threatening cancellation of my PayPal account, hurting my credit rating, or whatever. Another mysterious thing - someone (unrelated to any purchase) deposited $0.01 into my PayPal account.
Each one of these buyers, when contacted via email, simply didn't answer. If their accounts had been stolen - say via all those PayPal phishing emails - as PayPal suggests, one would think they would at least have the courtesy to reply that "yes, my account was stolen, and I didn't authorized that transaction" - but no, silence. Weird.
So, I have no idea how he can sell his WoW character reliably. As an outsider, to me the WoW community looks like a den of thieves and scammers. How do other people sell their characters? How does the seller insure the buyer won't reverse the payment? How does the buyer prevent the seller from taking it back, claiming it "stolen"?
How do you think SSH works? There is no third-party certificate server, and man-in-the-middle certainly can't defeat it.
To install a private certificate server under Apache is trivial; see for example my post. (On Windows, it is a little more complex, as that post indicates.)
The purpose of the third-party certificate is to provide some degree of trust that you are going to the web site you think you are, so that you can have some confidence that you aren't submitting your credit card number to an imposter. If all you are interested in is encryption and the prevention of man-in-the-middle interception, SSL with a private certificate server will work fine. The encryption is accomplished via public key cryptography, which allows you to exchange the private key used for the encrypted session. A third party is not required for public key cryptography to work.
No, you haven't understood what I have said. The keys take only a small amount of storage, say 1024 bits per user, and they would be stored in a small number of well-defined (and well-secured) places. The keys are always current - you don't make rolling tape backups of them. When you delete a key, it would be immediately erased in all of these well-defined places. The exact method of doing this would be determined and written into a security policy/procedures appropriate for the particular organization's size and needs.
Also so google stores the user's key, which is likely their password? Christ, only really bad web services store the actual password instead of a hashed copy of some kind.
The user's key has absolutely nothing to do with the user's password. The user may not even be aware that there is a key. This key is on top of all other normal security measures in already in place, and its only purpose is to prevent retrieval of backed up data for that user once the key is destroyed. The key is irrelevant to the user other than the user's being assured that the organization has a method to ensure data deletion when requested. Of course, the keys must be very highly secured. The paranoid could keep two, or multiple, separate data sets that must be xor'ed to obtain the actual key sets. Remember, these keys are only needed for backup recovery, presumably a relatively rare event. But let's suppose they are stolen - then the security situation would be no worse than it is now, without this scheme. And even if they are stolen, the data already "deleted" is still safe since their keys no longer exist, and the concern would then be to protect the "undeleted" data on the backup tapes, say by regenerating those tapes with a new set of keys. This would be a pain, but such a theft would be a major security event anyway.
Then there is the likely performance hit of this encryption system on accessing data. Then if the user ever changes his password aka key then google has to recopy his data to every single backups system as the old one no longer functions. Furthermore since this wouldn't be per file/email basis the gains would be minimal as users rarely delete their whole accounts but often delete individual emails.
This has nothing to do with current on-line data. Whatever methods in place for that remain unchanged. It has everything to do with being able to selectively "delete" backed up data instantly, without having to physically search through possibly thousands of backup tapes and selectively delete portions of them, if it were even possible to do so.
No, google keeps key. (The guy doesn't even have to know that google has a key - the key is part of their internal backup operations.) When guy tells google to delete his info, maybe after a couple of "are you really sure???" confirmations or even a back-and-forth email confirmation, then google erases its key, automatically and instantly "erasing" the guy's info on all of its backup tapes and redundant stores.
Whether google would actually erase the key - as opposed to just denying its further use by the guy, so he thinks his info is deleted when it really isn't - is another issue. The point is that it is _technically_ possible to "erase" information on backup tapes and redundant distributed storage, and instantly to boot, without physically going back to those tapes, contrary to some of the claims in this thread.
That google (apparently) doesn't do this is a reflection of the priority they give to the associated privacy issues. Certainly with all of their PhDs floating around they are quite capable of doing it - it's a pretty obvious idea. My company has been doing for years, down to the file level in some cases (so that individual files can be effectively "deleted" without "deleting" the whole tape, for example sensitive employee data whose retention time has expired).
As absurd as interpretations of copyright law have become, it is hard for me to believe that an automated machine scan of a public domain book, involving no human effort other than placing the book in the machine and certainly no human creativity, acquires a new copyright of its own. IANAL but I recall reading somewhere that (1) simple compilations of uncopyrighted data, such as a phone book, cannot be copyrighted, and (2) faithful scans of public domain images such as of old paintings, that involve no creativity, cannot be copyrighted.
Even in terms of the amount of labor involved, the library itself has put far more work over the years (possibly over a hundred years) into the cataloguing, preservation, and storage of these books, and yet Google reaps the benefit with the small additional act of placing the book in a scanning machine. Some of these fragile, very old books may even end up damaged as a result, so that they may end up in the restricted archive section that the public will have even less access to, that you'll be allowed to look at under controlled conditions but not copy for fear of further damage.
Why shouldn't the library (and the public that ultimately has provided the support dollars for it) also benefit? This seems like a very one-sided deal, with Google reaping all of the benefit with very little work and providing nothing (or very little, meaning Google-controlled access) in return.
Reference:
Eigen and Oehlenschlager, 30 years later - a new approach to Sol Spiegelman's and Leslie Orgel's in vitro evolutionary studies: dedicated to Leslie Orgel on the occasion of his 70th birthday, M. Eigen and F. Oehlenschlager, Orig. Life Evol. Biosph. 5-6 (1997), 437-457. http://math.ucr.edu/home/baez/subcellular.html#EO Spiegelman's monster
I disagree - it would be horrible and completely useless for that purpose. For restoring a workstation backup, you want to know that your data is consistent, complete, and up-to-date. With a google-like system you'd get random snapshots of the data stored at different times, and if you try again you'll get a different set of random snapshots. Good luck getting pieces of different versions of your app to play together. Google doesn't have a good handle on being able to make their searches repeatable and reliable (in the sense of consistency). I don't know if it is a practical problem due to the amount of data and and users they serve, but their algorithm is unsuitable for workstation backups.
I doubt very seriously that Google uses its search-engine setup for their internal workstation backups.
While I'm not saying that SATA drives can't, in principle, be adapted for redundancy and reliability, I don't think Google is a good model for NAS/SAN solutions.
Google is in a different category from something like a corporate financial database or workstation backups, and I don't think it makes sense to compare them. Google's information is loosey-goosey and approximate. If some of its servers go down, no big deal, the others will catch up, and with sufficient redundancy it's likely no one will notice. It would probably be indistinguishable from the inconsistency it has already, where two searches for the same thing often end up with different results depending on which servers it happens to hit and how up-to-date they are. (I find this latter behavior annoying, sometimes missing the search results I want that I'll find on a second try, but that's for another discussion.)
This just won't do for, say, customer financial records or a medical database. You can't have some of the information missing, inconsistent, or not up-to-date. I would bet that Google itself does not use its redundant "cheap server" farm setup for its corporate and customer financial records.
Right, no one is entitled to force an information producer to hand over his or her work for free. However, what two other individuals do privately between themselves, including exchanging information, is nobody's business but their own, unless we abandon the concept of a right to privacy.
Oops - change "[Microsoft General Counsel Brad Smith and licensing chief]" to "[Microsoft licensing chief]"
You aren't going to see the list, at least not anytime soon. From TFA: "[Microsoft General Counsel Brad Smith and licensing chief] Gutierrez refuses to identify specific patents or explain how they're being infringed, lest FOSS advocates start filing challenges to them."
Computer game companies used to be the hot ones to work for - maybe they still are, don't know - and the companies definitely took advantage of it, until an "EA widow"'s complaint eventually led to suits for overtime pay. (And frankly I don't blame them, when the developers, working their butts off, who are the ones making the company's success possible, earn 50 times less than top management with their multi-million dollar salaries and bonuses.)
(It is curious, though, that I've gotten a Google email inviting me to apply for a job in Ireland or somewhere, when my name is on no job search site nor have I ever indicated that I'm looking. And I've heard of other people receiving such emails. I didn't bother, since personally I don't think I'd want to work for Google, but they seem to be spamming as many developer names as they can find, to increase the pool to select from I guess.)
Only 8 years ago? In 1969 - 38 years ago - there was a soft-porn movie called "The Stewardesses" that used polarized glasses, full color. The rollercoaster ride was impressive, the pool table cue jabbed out over the audience, and yes, there were naked 3D women. I don't know why the article keeps harping on about how this "new" technology represents amazing progress from red and green glasses - that hasn't existed since it was a short fad in black-and-white B movies in the 50's. It is like saying that DVD-audio is the next step after 78 RPM records. One thing it possibly has going for it is that it uses circular polarization, apparently meaning that you don't lose the effect if you tilt your head, but I don't recall that as being a problem when I saw The Stewardesses (sometime in the 70s). Technically I recall it as being as impressive, or at least nearly as impressive, as the Disney stuff you mention (which I also saw).