While what you say is true, maintaining such a strictly library relationship to the packages mentioned I expect is somewhat difficult. And surely he has been very careful not to use ANY code fragments from those libraries in any of his own code. I'm pretty sure anyone who looked through his code carefully would find GPL violations all over the place. But I haven't done so, and therefore cannot say for sure.
I also don't think that the GPL is the only outstanding legal question in the case of Mplayer.
I never thought I'd hear someone champion floppies for their RELIABILITY. I've had so many floppies go bad in my presence it's insane. Ever tried to do a linux install of base system from floppies without a brand-new box of disks, easily 1 in 5 + is toast. Just cause the whole disk has to actually work. (imagine that.) I have completely given up on floppies, the network is the only robust way to move data from place to place. (and maybe a laptop.)
Just the existence of the pantent is cause for outrage. As people have pointed out with reference to GIF, the current disposition of Apple is irrelevant. You say we should not be outraged because Apple is "being nice", but with all the references to what appears to be firm prior art, it seems reasonable to be outraged at Apple for applying for the patent in the first place!
Not that being outraged at a corporation really does any good. Likely the people who made this decision are gone. What if Apple was aware of prior art, but didn't mention it in the patent application, hoping it would slip through anyway? As far as I know that's illegal, but what are you going to do?
It just struck me that they had to pass a CONSTITUTIONAL AMENDMENT in order to make liquor illegal, but for all the illegal drugs today just a law was passed. Seems like a case of reinterpretation of what freedoms are protected under the constitution. I'll have to look into it by seeing when the drug laws were passed and such, but it's an interesting topic.
I'm starting to get very dissapointed in my US history as I learned in High School (I took mostly world history in college). They teach you about when the US got all these great freedoms but they don't teach you about when they were taken away again.
Your argument rests on your definition of "apparently". I would say that being "registered" as international terrorists by other countries is pretty far from apparently law abiding. Our intelligence infrastructure simply dropped the ball on this one. Just the same as if they had driven a sub into the harbor and blown something up and the undersea-defense net (whatever it is) missed spotting it. This was an attack on the state - national security should have figured it out.
I heard somewhere that Ashcroft's office failed to approve like 10 eavesdropping requests related to the 9/11 events in the month prior. Seems like the FBI is just making a lot of hoopla to cover their butts again. Ingenius eh? "Let's propose a bunch of insanely unconstitutional stuff to distract the press from how bad a job we were doing with the laws we already had." Seems to be working.
I admit he should have read before signing and definitely had a lawyer look over the contract and listen to what he thought it meant and tell him if they were divergent. (It's really hard to know how much of the language of any particular contract is loaded, as you say, by case law.)
But... I think CRC coming back and asking for monetary damages from Wolfram AND for him to give back everything they paid him AND they get to keep the rights to the work is really crossing the line. Is it possible to find them in contempt for asking for way more than they're entitled to? That would be cool.
Testing is supposed to address the slowness of potato to update. But potato is stable stable stable. There should now be unstable, testing, and stable, for bleeding edge, cutting edge and "quickly going out of date" to quote the Debian guy.
I think you hit it right on the nose. Many of the problems that cause windows to be unstable are bad 3rd party drivers and even hardware! problems. I think the notion of the stability of unix makes one more critical of hardware and drivers. I always talk about my horrible luck with hardware (I get so much bad stuff) but I think it's just that I insist upon stuff being completely functional. If my box crashes a week after I put new memory in it MUST be the memory. Most Windows people just don't think that way (or can't because they haven't figured out how to make a stable Windows as you have, it's not easy.) I usually make the argument that it's easier to "weed" in linux etc than it is in Windows.
Why are people modding this idiot up?
on
Linux Kernel Bugs
·
· Score: 1
1. This is a local exploit and thus CANNOT in ANY WAY be compared to Code Red or Nimda. Anyone who does so is simply ignorant about exploits and is just trying to downplay how bad the Windows worms demonstrated MS box security generally is right now.
2. Yes anything like this is an inconvenience. You mention all the steps that you need to take to bring a patch into service (testing etc). You compare to Windows where apparently you believe this process isn't necessary. You basically just demonstrated that windows sucks because it's not expected to be as stable as linux, and (according to my impression) the patches are not provided with enough info to bring them into service intelligently.
3. Any admin who keeps his systems up to date regularly would know exactly how to go about deploying this fix. Patches come out almost weekly, you'd probably just have to move your schedule up a bit.
4. You'd have taken this chance to root the machines provided for you and skrew your admin? Let me put this bluntly: you suck.
This is good advice. Everyone should do a little of this yourself, a little listening goes a looong way to cut through all the crap that's out there. But I think I know what you'll find.
First my qualifications, since that's a real issue here: Vandersteen 2Ce speakers + Rotel 2 channel preamp + separate power amp and a Pioneer CD player.
(won't go into connects and speaker cable.) I spent 6 HOURS + on just listening tests in the stereo shop to find this.
Anybody with a real stereo knows there is a tremendous variation in recording quality from one artist to the next. Even different recording from the same artist. I want to add to your advice: be sure to choose recordings of varying quality. If you do that this is what I bet you will find:
1. For bad recordings (bad in the not well done sense, not in the distorted sense), one of the mp3s will be your preference because all the annoyances you hear in the real thing will wash out.
2. You will always be able to find the real thing, except maybe on the medium good recordings where you'll have trouble telling the difference between the 300+ kbps and the real thing, where it becomes a trade off between recording badness or encoding badness. The bad recordings will be the most obvious because you'll hear all the crap (clumsy mix, bad micing, thin sound, etc.)
3. You will find "something else". Years ago, the first time I did a comparison of an mp3 and the plain track with just a $30 pair of headphones, the mp3 was better because I had ripped the plain track on a laptop CDROM and it sucked. (cdparanoia complaining all the way) At this point I realized that anybody not using cdparanoia would be completely screwed for ripping CDs. Any serious listening tests are likely to reveal faults in your audio path.
This opinion stems from my general experience and the following: I listen mostly to cd's but my wife brought home a cd she burned of some Cake tracks downloaded from the 'net. Apparently whoever ripped them did it right, because these 128kbps mp3s sounded better than some of the CDs I've listened to recently. It was really eye opening for me. The bass was clear and well-defined, as compared to some some pop/rock stuff which is still kinda thin and without body.
Just my current take on things, we've only had this stereo for 9 months and I'm still learning things. It's amazing.
Actually the concern is the ~$20 per unit that the LICENSE to use an encoder costs. That's any encoder, not just theirs. And this isn't so much the problem, as is the fact that Fronhofer (I believe that's who) can change this price at any time, on a per customer basis. Say maybe at the urging of the RIAA in order to eradicate all mp3 encoders in favor of SDMI (or whatever).
Open formats are critical to open information exchange, this is exactly why there is such a fight to keep patents out of the w3c standars.
The "resolution" of a CRT is given by (veiw size)/(dot pitch). Any more pixels than that is literally wasted because the screen can't resolve one from another. The Mitsubishi 21" CRT he suggests has a view area of 20.3 inches and a dot pitch of 0.24 mm which works out to
And he suggests running this at 2048 pixels wide? Sure memory is cheap, but bus bandwidth is teeny on PCs. Display what your monitor will do and no more. Also if back off the resolution a bit you could bump it up to 85Hz.
On an LCD a pixel is a pixel, and they're sooooo crisp compared to a CRT. They say the pixels are blocky, the rest of us call that clarity. Awesome clarity compared to a CRT.
I hate crap like this because these guys are supposed to be authorities, but they're spoiled brats whose hardware visions are 5 years out of date. Sure I'd like to use SCSI for everything, but get real. Looked at HD prices lately?
And apparently these guys haven't used a Contour keyboard (don't have a link off hand). I've put my hands on one, and you meld wih these babys, no stretching for keys or shifting your hands around, it's just BAM!
Probably a troll but hey. Blind faith in Redhat is still blind.
I recall them recently putting a non-released (developer only) compiler in one of their distributions. DUH! That was such a headache for the community. Tested != Tested and fixed. Instead of spending hours on fixing (i.e. preparing patches for submission) you would prefer to spend hours bitching (which helps the situation exactly zero), I suppose that's your choice.
You want stable linux? use debian's stable branch. Not all the bells and wistles, but it's rock-solid.
License details are complicated, and certainly the last thing you want to worry with when you're trying to get code working. One would figure, BSD, linux, they're both open source, should be ok, just stick it in and work out the license thing later. And then you never get around to working out the license thing. (Which I assume means contacting the original author and saying "can you make this GPL for us Pleeeese?") I think I may have even done this once because I was unsure of the original program's license (this dual-licensing and related license stuff can really confuse things), I should check.
I admit, though, that removing the copyright all together isn't the smartest temporary solution to the BSD-GPL conflict, but I can see how it might have seemed reasonable at the time (after too much coffee and 24hrs of banging your head against an undocumented interface, as this apparently is.)
This article depresses me because I know that many people will believe his argument and start to do the things he suggests. Only to the detriment of the IT community and it's users.
It seems to me that most people pass through three stages of understanding:
Security through obscurity is bad because everybody says it is and it sounds like it should be.
Using obscurity to supplement security is ok as long as I have real security too. It just makes me less vulnerable to the kiddies.
Doh! I was wrong, obscurity actually is bad for many reasons (discussed below).
It's sad to see that an expert well respected by the community has only reached level 2 in understanding this concept.
Now, why is using obscurity bad? I'll give several reasons.
Obscure security generally goes untested. This means that "real security" which was there wasn't actually as real as you thought. You end up getting bitten when it's important rather than when it's not!
Obscure security breeds insecurity through laziness: "oh I don't have to update that right away, nobody will find it before tomorrow" which turns into next week, which turns into never getting updated.
A secure network is one in which the attacker cannot get in even with full knowledge of the network layout. This is harder to do than using obscuration, but you end up with something that's actually secure!
Good security depends on you understanding your setup. Networks are generally very complicated just to serve their necessary function in the local environment. Adding useless complexity by obscuring simply makes the network more difficult to understand and thereby decreases security.
Related to the previous point: knowing your network's vulnerabilities and being able to accurately analyze any attempted attacks is essential. Obscurity makes it more difficult for the attacker, but it also makes it more difficult for the home team. If you can't track the attacker's path through your spaghetti of accumulated obscurations you can't secure the network against the next similar attack. (note all successful or partially successful attacks are generally a string of smaller attacks on subsystems, which must be strung together to get all the way in.)
All security measures are a tradeoff between usability and security. Obscuration, on the other hand hurts usabality without actually providing any security benefits. Don't think it doesn't matter if you do something in a totally unconventional way: it creates problems for your users because things are non-standard (and may not match documentation!), it hurts your employer in terms of the others that will have to maintain the system, and it hurts the community by complicating issues unnecessarily. Spend you usability trade-offs on real security. I'm sure that will be enough if you're actually secure.
Also, most of us aren't as ingenius as we think we are. In many cases by doing something you think is clever you're more likely to make things worse rather than better through unforseen consequences. I think the phrase is "keep it simple stupid"! Unfortunately this is especially true for people in class 2 above, who by definition haven't reached class 3, where they understand this.
I could probably go on, but I'll stop now. I think these are the most important points. It's really too bad when people without a lot of foresight get in positions of influence.
You don't hear about musicians carefully avoiding listening to the radio, do you?
No, because the bars they play in pay the music copyright tax to the ASCAP. Maybe Microsoft can get the government to do a similar thing for them, and everybody who codes will have to pay a tax to MS! That'll end Free Software for sure.
Well, also for every complicated question there are many answers which are complicated, inelegant and still wrong.
I'd never heard of SecureID, so I decided to look it up. My analysis: a time-based one-time password generator in lots of different packages. I'd use the PIN to protect the one-time password, but this is probably a useability decision since it's hard to make a keychain thingy that you can enter a PIN into.
Also, this "Two-Factor" hype is stupid. SSH with RSA/DSA without an agent is exactly like this, but better as you say yourself.
One *must* have a "two-factor" method in the network world because anything that can be remembered by a human can be guessed by a computer in a reasonable amount of time.
(Of course I assume that only someone with very low security concerns would use an RSA/DSA key with no passphrase.)
My main dissagreement with you is this: If someone were to write an "agent" for SecureID it would be just as much a "single point of failure" as SSH with RSA/DSA. And a pickpocket shoulder-surfer could rip your network wide open.
There is *no way* for a server to confirm if the tools on the other end of the channel being authenticated are being used correctly. This is impossible, and can only be solved by educating the user or descriminating against careless users.
Any security solution must be chosen based on the needs at hand and the likelyhood of the people to actually follow the guidelines. SSH generally provides what is called for -- Flexibility. Unfortunately, depending on how it is used, this can introduce insecurity. Like most unix stuff it is perfectly happy giving you enough rope to hang yourself.
I believe there is no substitute for people having a firm understanding of security, only supplements and tools. Of course I don't work in security and I'm an idealist. Unless educated, people will always do something stupid that you would have never forseen that completely compromises security.
So you don't think I'm being hostile: Your last paragraph is probably right, I would say SecureID is probably the best security option for clueless users. But since I'm sure it's incredibly expensive, it seems like any place that could afford it should have more clueful users! Also you are absolutely correct that convenience is the enemy of security.
Jefferson's point is that you still have the book. Therefore it is not "stolen". It would be stolen if you had only say 3 copies and I broke in and took them. This is completely different from copying, as you have lost your year of time. You have defined these situations as equal, thus missing Jefferson's distiction between property and ideas.
As long as we're talking about doing the "Right thing" here, you're correct that the comment about incompetence should never have hit the front page (male or female). But the reality is IT DID! Roblimo editing out the 4th (unnamed) netop from Kurt's account is pretty slimy. I'm sure it was to cover up Malda's mistake. But the "Right Thing" to do is to come clean. I note that Kurt's accout drops off right before the unnamed netop (the one supposed to be on duty) shows up and the starts up again right after Kurt (in a later post) says she quit and presumably left.
This basically means that the "Blow-by-Blow" has been *LAUNDERED* and is missing important facts. Why was the config so hosed? It's obvious why Kurt was not able to debug it, but shouldn't the unnamed netop have been able to do so, as they were the person on call?
From my understanding of slashdot politics, this all fits. Malda has a big mouth (that's actually almost a prerequisite for starting a site like this) and Roblimo is the politician/diplomat/businessman who by past record will take some editorial liscence to "smooth things out" as he has done here. Lesson: trust Malda, even though he's weird, but be sure to read between the lines with Roblimo becaus he will decieve you.
And just for the record, my judgement is that the name Anne Tomlinson was just made up a troll. But the name doesn't really matter. The fact is there is an netop whose actions are not accounted for in the story.
You are entirely correct. I'd say the recording industry sold away your bands' rights to get their tax on DAT tapes (which your bands don't see any of but the recording industry gets) and to get the lawmakers off their backs. They just did it badly enough that the next digital medium that came along (CD-R) evaded the tax and screwed the big boys right along with the small bands.
Note that I'm clarifying the law.
Not giving copies to friends because you want them to pay the artist could be considered the "right thing" to do. I'm just saying one can't say they don't give copies to friends because it's illegal; it's not. Moral and legal are two different things. If it's a moral decision you can say something like "this band sucks, you can copy their disk, but you should pay for this other band because they're starving". I love buying CDs at small shows because I put that 15 bucks straight into the artist's hand.
The basic trouble is that compensation has been tied to reproduction (and distribution) for so long that figuring out another way to do it will take a while. But finding another way is essential, because legislating people to not do something that is as natural as breathing (copying digital data) will not work. It's going to be a bumpy road. And with the current trend I often wonder if people with photographic memories or some of the musicians I've known who can play nearly any song they've ever heard will need special permits for living.
The law basically reads: No action can be brought under this title alleging infringement of copyright for noncommercial use of a recording device by a consumer.
"this title" is Title 17 - Copyrights. This means that if I use a recording device to, say, copy something, It is directly excluded from being covered by copyright law unless it is for commercial purposes. Giving to a friend earns you no money and no more respect than you already had, and is therefore non-commercial. "No action can be brought" is very strong language and this WAS intended as a blanket clause to protect consumers, including "swapping" tapes. The trouble is, they never predicted a communication medium on the scale of the internet. Believe me, I was completely flabbergasted when I came to terms with exactly what this clause means.
Just so you know, printers need those high resolutions so they can DITHER to get colors other than Cyan, Magenta, Yellow, Black (CMYK) or white. Monitors don't have to dither and can actually display the color value needed with coincident illuminated elements whose brightness can be adjusted. For example, on a printer if you assume that you need an area of about 6x6 =36 pixels to actually get to any color, your effective resolution is: 1200/6=200 dpi. This 6x6 value is actually dependent on the picture you're trying to display, where you are in that picture, and probably your dithering algorithm.
It's useless going past about 300 dpi on a black and white (two-color, no-grayscale) printed page as that is the limit of the human eye's resolution at about 10 inches. The printer needs that extra resolution to dither for grayscale and color. With a monitor, 10 inches is pretty close, back off to 15 inches and you only need 200 dpi. No dithering necessary so that's it, you're done, optimal display. (Actually this is generally overkill because the eye's resolution gets worse for things that aren't just black-on-white, but if the display will be used a lot to just read text like the black on white here on slashdot it's better to be safe.)
It only becomes illegal if I give that cassette to someone else who hasn't purchased the music in some form already.
Nope, they've got you fooled. This is expessly allowed by the Audio Home Recording Act as long as it is "non-commercial", which I take to mean you don't expressly expect either money or other copyrighted material in exchange. Don't believe me, read the relevant section of copyright law (several times to cut through the legal language.)
This strengthens your argument, since they have already succeeded in restricting your exercise of fair use without you even knowing it.
You know it strikes me as perfectly reasonable that something that was novel in 1996 would be obvious to an expert in the field in 2001. (I'm not commenting on the validity of this particular patent.) This means that a patent that is valid at the time of application can be invalid by the time it is approved. Seems like this flaw would be sufficient to destroy the patent system even without clueless patent examiners.
The benefit of the patent is supposed to be monopoly in exchange for publication. But my above intuition seems true even without publication, simply due to the general forward motion and interdependent nature of technology.
For all those wondering "WTF?" The internet seems to be rife with these people spouting nonsense and claiming they are talking about the forefront of physics. I'm a grad student in physics and I hear this sort of stuff in spam all the time (they just spam all the grads in the department.) This post really is nonsense, the anonymous coward post above "Re:Geometry is the key.[but not like this]" is a good summary of what is wrong with this post so I won't repeat.
This is obviously a troll, but this view seems so prevalent that it should be debunked.
Straight from the copyright code, my emphasis added:
Title 17 -- Copyright
Chapter 10 -- Digital Audio recording devices and media
Sec. 1008. Prohibition on certain infringement actions
No action may be brought under this title alleging infringement
of copyright based on the manufacture, importation, or distribution
of a digital audio recording device, a digital audio recording
medium, an analog recording device, or an analog recording medium,
or based on the noncommercial use by a consumer of such a device or
medium for making digital musical recordings or analog musical
recordings.
The problem is of course that "noncommercial use" is subjective. With enough lawyering breathing can be considered commerical. I prefer to be reasonable and include making copies for friends as noncommercial.
Slashdot Mirror
While what you say is true, maintaining such a strictly library relationship to the packages mentioned I expect is somewhat difficult. And surely he has been very careful not to use ANY code fragments from those libraries in any of his own code. I'm pretty sure anyone who looked through his code carefully would find GPL violations all over the place. But I haven't done so, and therefore cannot say for sure.
I also don't think that the GPL is the only outstanding legal question in the case of Mplayer.
I never thought I'd hear someone champion floppies for their RELIABILITY. I've had so many floppies go bad in my presence it's insane. Ever tried to do a linux install of base system from floppies without a brand-new box of disks, easily 1 in 5 + is toast. Just cause the whole disk has to actually work. (imagine that.) I have completely given up on floppies, the network is the only robust way to move data from place to place. (and maybe a laptop.)
Just the existence of the pantent is cause for outrage. As people have pointed out with reference to GIF, the current disposition of Apple is irrelevant. You say we should not be outraged because Apple is "being nice", but with all the references to what appears to be firm prior art, it seems reasonable to be outraged at Apple for applying for the patent in the first place!
Not that being outraged at a corporation really does any good. Likely the people who made this decision are gone. What if Apple was aware of prior art, but didn't mention it in the patent application, hoping it would slip through anyway? As far as I know that's illegal, but what are you going to do?
offtopic but...
It just struck me that they had to pass a CONSTITUTIONAL AMENDMENT in order to make liquor illegal, but for all the illegal drugs today just a law was passed. Seems like a case of reinterpretation of what freedoms are protected under the constitution. I'll have to look into it by seeing when the drug laws were passed and such, but it's an interesting topic.
I'm starting to get very dissapointed in my US history as I learned in High School (I took mostly world history in college). They teach you about when the US got all these great freedoms but they don't teach you about when they were taken away again.
Your argument rests on your definition of "apparently". I would say that being "registered" as international terrorists by other countries is pretty far from apparently law abiding. Our intelligence infrastructure simply dropped the ball on this one. Just the same as if they had driven a sub into the harbor and blown something up and the undersea-defense net (whatever it is) missed spotting it. This was an attack on the state - national security should have figured it out.
I heard somewhere that Ashcroft's office failed to approve like 10 eavesdropping requests related to the 9/11 events in the month prior. Seems like the FBI is just making a lot of hoopla to cover their butts again. Ingenius eh? "Let's propose a bunch of insanely unconstitutional stuff to distract the press from how bad a job we were doing with the laws we already had." Seems to be working.
I admit he should have read before signing and definitely had a lawyer look over the contract and listen to what he thought it meant and tell him if they were divergent. (It's really hard to know how much of the language of any particular contract is loaded, as you say, by case law.)
But... I think CRC coming back and asking for monetary damages from Wolfram AND for him to give back everything they paid him AND they get to keep the rights to the work is really crossing the line. Is it possible to find them in contempt for asking for way more than they're entitled to? That would be cool.
great post.
Testing is supposed to address the slowness of potato to update. But potato is stable stable stable. There should now be unstable, testing, and stable, for bleeding edge, cutting edge and "quickly going out of date" to quote the Debian guy.
I think you hit it right on the nose. Many of the problems that cause windows to be unstable are bad 3rd party drivers and even hardware! problems. I think the notion of the stability of unix makes one more critical of hardware and drivers. I always talk about my horrible luck with hardware (I get so much bad stuff) but I think it's just that I insist upon stuff being completely functional. If my box crashes a week after I put new memory in it MUST be the memory. Most Windows people just don't think that way (or can't because they haven't figured out how to make a stable Windows as you have, it's not easy.) I usually make the argument that it's easier to "weed" in linux etc than it is in Windows.
1. This is a local exploit and thus CANNOT in ANY WAY be compared to Code Red or Nimda. Anyone who does so is simply ignorant about exploits and is just trying to downplay how bad the Windows worms demonstrated MS box security generally is right now.
2. Yes anything like this is an inconvenience. You mention all the steps that you need to take to bring a patch into service (testing etc). You compare to Windows where apparently you believe this process isn't necessary. You basically just demonstrated that windows sucks because it's not expected to be as stable as linux, and (according to my impression) the patches are not provided with enough info to bring them into service intelligently.
3. Any admin who keeps his systems up to date regularly would know exactly how to go about deploying this fix. Patches come out almost weekly, you'd probably just have to move your schedule up a bit.
4. You'd have taken this chance to root the machines provided for you and skrew your admin? Let me put this bluntly: you suck.
This is good advice. Everyone should do a little of this yourself, a little listening goes a looong way to cut through all the crap that's out there. But I think I know what you'll find.
First my qualifications, since that's a real issue here: Vandersteen 2Ce speakers + Rotel 2 channel preamp + separate power amp and a Pioneer CD player.
(won't go into connects and speaker cable.) I spent 6 HOURS + on just listening tests in the stereo shop to find this.
Anybody with a real stereo knows there is a tremendous variation in recording quality from one artist to the next. Even different recording from the same artist. I want to add to your advice: be sure to choose recordings of varying quality. If you do that this is what I bet you will find:
1. For bad recordings (bad in the not well done sense, not in the distorted sense), one of the mp3s will be your preference because all the annoyances you hear in the real thing will wash out.
2. You will always be able to find the real thing, except maybe on the medium good recordings where you'll have trouble telling the difference between the 300+ kbps and the real thing, where it becomes a trade off between recording badness or encoding badness. The bad recordings will be the most obvious because you'll hear all the crap (clumsy mix, bad micing, thin sound, etc.)
3. You will find "something else". Years ago, the first time I did a comparison of an mp3 and the plain track with just a $30 pair of headphones, the mp3 was better because I had ripped the plain track on a laptop CDROM and it sucked. (cdparanoia complaining all the way) At this point I realized that anybody not using cdparanoia would be completely screwed for ripping CDs. Any serious listening tests are likely to reveal faults in your audio path.
This opinion stems from my general experience and the following: I listen mostly to cd's but my wife brought home a cd she burned of some Cake tracks downloaded from the 'net. Apparently whoever ripped them did it right, because these 128kbps mp3s sounded better than some of the CDs I've listened to recently. It was really eye opening for me. The bass was clear and well-defined, as compared to some some pop/rock stuff which is still kinda thin and without body.
Just my current take on things, we've only had this stereo for 9 months and I'm still learning things. It's amazing.
Actually the concern is the ~$20 per unit that the LICENSE to use an encoder costs. That's any encoder, not just theirs. And this isn't so much the problem, as is the fact that Fronhofer (I believe that's who) can change this price at any time, on a per customer basis. Say maybe at the urging of the RIAA in order to eradicate all mp3 encoders in favor of SDMI (or whatever).
Open formats are critical to open information exchange, this is exactly why there is such a fight to keep patents out of the w3c standars.
I expected more from the big wigs.
/pixel) = 1718 pixels wide
The "resolution" of a CRT is given by (veiw size)/(dot pitch). Any more pixels than that is literally wasted because the screen can't resolve one from another. The Mitsubishi 21" CRT he suggests has a view area of 20.3 inches and a dot pitch of 0.24 mm which works out to
20.3 in * 4width/5diag *25.4 mm/in / (0.24 mm
And he suggests running this at 2048 pixels wide? Sure memory is cheap, but bus bandwidth is teeny on PCs. Display what your monitor will do and no more. Also if back off the resolution a bit you could bump it up to 85Hz.
On an LCD a pixel is a pixel, and they're sooooo crisp compared to a CRT. They say the pixels are blocky, the rest of us call that clarity. Awesome clarity compared to a CRT.
I hate crap like this because these guys are supposed to be authorities, but they're spoiled brats whose hardware visions are 5 years out of date. Sure I'd like to use SCSI for everything, but get real. Looked at HD prices lately?
And apparently these guys haven't used a Contour keyboard (don't have a link off hand). I've put my hands on one, and you meld wih these babys, no stretching for keys or shifting your hands around, it's just BAM!
Probably a troll but hey. Blind faith in Redhat is still blind.
I recall them recently putting a non-released (developer only) compiler in one of their distributions. DUH! That was such a headache for the community. Tested != Tested and fixed. Instead of spending hours on fixing (i.e. preparing patches for submission) you would prefer to spend hours bitching (which helps the situation exactly zero), I suppose that's your choice.
You want stable linux? use debian's stable branch. Not all the bells and wistles, but it's rock-solid.
License details are complicated, and certainly the last thing you want to worry with when you're trying to get code working. One would figure, BSD, linux, they're both open source, should be ok, just stick it in and work out the license thing later. And then you never get around to working out the license thing. (Which I assume means contacting the original author and saying "can you make this GPL for us Pleeeese?") I think I may have even done this once because I was unsure of the original program's license (this dual-licensing and related license stuff can really confuse things), I should check.
I admit, though, that removing the copyright all together isn't the smartest temporary solution to the BSD-GPL conflict, but I can see how it might have seemed reasonable at the time (after too much coffee and 24hrs of banging your head against an undocumented interface, as this apparently is.)
It seems to me that most people pass through three stages of understanding:
- Security through obscurity is bad because everybody says it is and it sounds like it should be.
- Using obscurity to supplement security is ok as long as I have real security too. It just makes me less vulnerable to the kiddies.
- Doh! I was wrong, obscurity actually is bad for many reasons (discussed below).
It's sad to see that an expert well respected by the community has only reached level 2 in understanding this concept.Now, why is using obscurity bad? I'll give several reasons.
- Obscure security generally goes untested. This means that "real security" which was there wasn't actually as real as you thought. You end up getting bitten when it's important rather than when it's not!
- Obscure security breeds insecurity through laziness: "oh I don't have to update that right away, nobody will find it before tomorrow" which turns into next week, which turns into never getting updated.
- A secure network is one in which the attacker cannot get in even with full knowledge of the network layout. This is harder to do than using obscuration, but you end up with something that's actually secure!
- Good security depends on you understanding your setup. Networks are generally very complicated just to serve their necessary function in the local environment. Adding useless complexity by obscuring simply makes the network more difficult to understand and thereby decreases security.
- Related to the previous point: knowing your network's vulnerabilities and being able to accurately analyze any attempted attacks is essential. Obscurity makes it more difficult for the attacker, but it also makes it more difficult for the home team. If you can't track the attacker's path through your spaghetti of accumulated obscurations you can't secure the network against the next similar attack. (note all successful or partially successful attacks are generally a string of smaller attacks on subsystems, which must be strung together to get all the way in.)
- All security measures are a tradeoff between usability and security. Obscuration, on the other hand hurts usabality without actually providing any security benefits. Don't think it doesn't matter if you do something in a totally unconventional way: it creates problems for your users because things are non-standard (and may not match documentation!), it hurts your employer in terms of the others that will have to maintain the system, and it hurts the community by complicating issues unnecessarily. Spend you usability trade-offs on real security. I'm sure that will be enough if you're actually secure.
- Also, most of us aren't as ingenius as we think we are. In many cases by doing something you think is clever you're more likely to make things worse rather than better through unforseen consequences. I think the phrase is "keep it simple stupid"! Unfortunately this is especially true for people in class 2 above, who by definition haven't reached class 3, where they understand this.
I could probably go on, but I'll stop now. I think these are the most important points. It's really too bad when people without a lot of foresight get in positions of influence.No, because the bars they play in pay the music copyright tax to the ASCAP. Maybe Microsoft can get the government to do a similar thing for them, and everybody who codes will have to pay a tax to MS! That'll end Free Software for sure.
I'd never heard of SecureID, so I decided to look it up. My analysis: a time-based one-time password generator in lots of different packages. I'd use the PIN to protect the one-time password, but this is probably a useability decision since it's hard to make a keychain thingy that you can enter a PIN into.
Also, this "Two-Factor" hype is stupid. SSH with RSA/DSA without an agent is exactly like this, but better as you say yourself. One *must* have a "two-factor" method in the network world because anything that can be remembered by a human can be guessed by a computer in a reasonable amount of time. (Of course I assume that only someone with very low security concerns would use an RSA/DSA key with no passphrase.)
My main dissagreement with you is this: If someone were to write an "agent" for SecureID it would be just as much a "single point of failure" as SSH with RSA/DSA. And a pickpocket shoulder-surfer could rip your network wide open. There is *no way* for a server to confirm if the tools on the other end of the channel being authenticated are being used correctly. This is impossible, and can only be solved by educating the user or descriminating against careless users.
Any security solution must be chosen based on the needs at hand and the likelyhood of the people to actually follow the guidelines. SSH generally provides what is called for -- Flexibility. Unfortunately, depending on how it is used, this can introduce insecurity. Like most unix stuff it is perfectly happy giving you enough rope to hang yourself.
I believe there is no substitute for people having a firm understanding of security, only supplements and tools. Of course I don't work in security and I'm an idealist. Unless educated, people will always do something stupid that you would have never forseen that completely compromises security.
So you don't think I'm being hostile: Your last paragraph is probably right, I would say SecureID is probably the best security option for clueless users. But since I'm sure it's incredibly expensive, it seems like any place that could afford it should have more clueful users! Also you are absolutely correct that convenience is the enemy of security.
Jefferson's point is that you still have the book. Therefore it is not "stolen". It would be stolen if you had only say 3 copies and I broke in and took them. This is completely different from copying, as you have lost your year of time. You have defined these situations as equal, thus missing Jefferson's distiction between property and ideas.
This basically means that the "Blow-by-Blow" has been *LAUNDERED* and is missing important facts. Why was the config so hosed? It's obvious why Kurt was not able to debug it, but shouldn't the unnamed netop have been able to do so, as they were the person on call?
From my understanding of slashdot politics, this all fits. Malda has a big mouth (that's actually almost a prerequisite for starting a site like this) and Roblimo is the politician/diplomat/businessman who by past record will take some editorial liscence to "smooth things out" as he has done here. Lesson: trust Malda, even though he's weird, but be sure to read between the lines with Roblimo becaus he will decieve you.
And just for the record, my judgement is that the name Anne Tomlinson was just made up a troll. But the name doesn't really matter. The fact is there is an netop whose actions are not accounted for in the story.
Note that I'm clarifying the law. Not giving copies to friends because you want them to pay the artist could be considered the "right thing" to do. I'm just saying one can't say they don't give copies to friends because it's illegal; it's not. Moral and legal are two different things. If it's a moral decision you can say something like "this band sucks, you can copy their disk, but you should pay for this other band because they're starving". I love buying CDs at small shows because I put that 15 bucks straight into the artist's hand.
The basic trouble is that compensation has been tied to reproduction (and distribution) for so long that figuring out another way to do it will take a while. But finding another way is essential, because legislating people to not do something that is as natural as breathing (copying digital data) will not work. It's going to be a bumpy road. And with the current trend I often wonder if people with photographic memories or some of the musicians I've known who can play nearly any song they've ever heard will need special permits for living.
"this title" is Title 17 - Copyrights. This means that if I use a recording device to, say, copy something, It is directly excluded from being covered by copyright law unless it is for commercial purposes. Giving to a friend earns you no money and no more respect than you already had, and is therefore non-commercial. "No action can be brought" is very strong language and this WAS intended as a blanket clause to protect consumers, including "swapping" tapes. The trouble is, they never predicted a communication medium on the scale of the internet. Believe me, I was completely flabbergasted when I came to terms with exactly what this clause means.
It's useless going past about 300 dpi on a black and white (two-color, no-grayscale) printed page as that is the limit of the human eye's resolution at about 10 inches. The printer needs that extra resolution to dither for grayscale and color. With a monitor, 10 inches is pretty close, back off to 15 inches and you only need 200 dpi. No dithering necessary so that's it, you're done, optimal display. (Actually this is generally overkill because the eye's resolution gets worse for things that aren't just black-on-white, but if the display will be used a lot to just read text like the black on white here on slashdot it's better to be safe.)
Just clearing up some misconceptions.
This strengthens your argument, since they have already succeeded in restricting your exercise of fair use without you even knowing it.
You know it strikes me as perfectly reasonable that something that was novel in 1996 would be obvious to an expert in the field in 2001. (I'm not commenting on the validity of this particular patent.) This means that a patent that is valid at the time of application can be invalid by the time it is approved. Seems like this flaw would be sufficient to destroy the patent system even without clueless patent examiners.
The benefit of the patent is supposed to be monopoly in exchange for publication. But my above intuition seems true even without publication, simply due to the general forward motion and interdependent nature of technology.
For all those wondering "WTF?" The internet seems to be rife with these people spouting nonsense and claiming they are talking about the forefront of physics. I'm a grad student in physics and I hear this sort of stuff in spam all the time (they just spam all the grads in the department.) This post really is nonsense, the anonymous coward post above "Re:Geometry is the key.[but not like this]" is a good summary of what is wrong with this post so I won't repeat.
Straight from the copyright code, my emphasis added:
from: the real thingThe problem is of course that "noncommercial use" is subjective. With enough lawyering breathing can be considered commerical. I prefer to be reasonable and include making copies for friends as noncommercial.