Hiring a PR firm to slam them over scraping FB's content would seem to indicate FB doesn't really want their content scraped,
which could translate into justification not to index them.
It's not like FB needs a listing in the Google index for people to find FB anymore, anyways.
They obviously don't like Google much. So unless Mark Zuckerberg writes a personal letter of apology to Google, delisting seems proper.
Unless it's to Google's benefit to have FB indexed, they should consider delisting FB:)
I suppose we could organize a tweet-off where we flooded twitter with variations on his name, so it was clear who we were talking about, but it wouldn't be caught in their trending filter.
Maybe tweet about Twitter censoring items in 'trending tweets' list <G>
To pass this information on to as many people as possible.
Human rights and freedom of speech are not abstract concepts that apply
only to lawmakers.
All government bodies must be constrained by the rights of the people, including courts.
A court "ordering" the public to not publish a fact is contrary to the basic idea of freedom.
Everyone should fight this threat to freedom, tooth and nail.
But actually trying to claim copyright on something you yourself copied?
Good artists copy, great tattoo artists from rural Missisoupy claim copyright.
Derivative works of public domain things are subject to copyright.
For example, a copy of tribal art; rendered on a new form (such as a Tattoo); or with new creative elements,
creates a new copyrightable work.
Depending on the Indian tribe's copyright laws, and if the tribe has a copyright agreement with the US government,
those rights might be enforceable in the US.
Even with the ridiculous extensions in copyright law constantly being passed anything owned "for millennia" is in the public domain by now.
There are some things, that are allowed to have copyright, even though the rights would have long expired under the normal rules.
As a result, the mere age of the work, or count of thousands of years since its creation alone cannot be used to decide if it's subject to copyright or not.
1. Program flaws into your own software. Hiding them is a lot easier with closed-source, by the way.
Not necessarily. That depends on the complexity of the vulnerability; who you're hiding from, and why/what people are looking for.
The source code just makes certain obvious bugs easier to find.
There are more people who can read high-level source code than there are assembly hackers.
It's very easy to effectively hide flaws in plain sight, if you know what you are doing; closed source or not.
Auditing source code is harder than utilizing techniques such as fuzzing.
There are some exploits discovered through source code analysis, but most vulnerabilities are discovered
surreptitiously, by testing unusual conditions and finding that, the program crashes, or fails, on a certain input, for example.
The failure can then be explored, the binary can be dissassembled, to determine exploitability of the found bug.
They might offer more but what do you do if they don't pay up, or come to take it back just because they claim your exploit didn't work (PEBKAC?), or because they feel like it?
I suspect,
this is where Bitcoin comes in.
Or a 'trusted' escrow.
Or a deal like 'half the $$$ up front' and 'half when the customer approves'
Or.... proof of concept up front; delivery of final product after $$$ irreversibly paid.
No. gold has value because we make things from it. It's a metal with unique properties, not just beauty. Semiconductors depend on gold. Our civilization (as we know it today) depends on semicondcutors.
No. Semiconductors are a modern use that was found for gold.
Gold had a high value, long before there was such a thing as a semiconductor,
or before it was used for any non-decorative purposes (such as dental fillings).
Gold's demand for use in semiconductors does not begin to explain the high value that has been assigned to it.
Silver has a hell of a lot more industrial demand than Gold does, and has uses in everything
from photographic films, medical/antimicrobial applications, optical mirrors, construction, catalyst in lots of industrial chemical processes, and much greater demand for real uses, and its 'value' in currency is microscopic, compared to Gold's.
If you run a red light and get smashed into, are you going to expect Ford to cover the costs of it? No, most rational people wouldn't that why there's insurance.
How about, if someone came to your house and said they're concerned your bank account
might be infected, and he offers to "re-secure your account" with a free security scan; so, at his request,
you hand him your ATM card to swipe for a security scan, and PIN number. Do you think the bank is going to restore your $0 account balance to its original amount, for you? You think the insurance company is going to help you?
Is supporting/fixing your issue the bank's problem, even though someone else did it to you, and you facilitated it in a negligent way the bank cannot prevent? Nope. End user has to be prepared to pay (or buy suitable protection/agreement that specifically covers that type of situation).
Similar deal with MacOS... some random stranger says they think you might be compromised, and convince you to type in your PIN# (Admin user password).
If some stranger arrives at your house one day, and asks to borrow your car,
so you go to the keybox, get the key, and he gives you a paper to sign saying
"He can do whatever the hell he wants with your car"
Do you think the insurance company will help you, when he takes off, and
uses your signed paper as an authorization to sell it to some dealer?
Too many layers of abstraction creates problems when you need to repair bugs or troubleshoot issues.
Because the abstractions hide what's really going on, the more abstractions you add, the less you know,
and too many layers ultimately makes the computer more opaque to both developer and user.
And ultimately results in a buggy mess, when you get bugs and it takes years to trace due to the massive number of wrappers you may have to pass through to ultimately figure out where the bug might be.
If you truly believe your application gains anything by eliminating a decoupling library/layer, you have missed the point of the past few DECADES of object-oriented programming.
If you truly believe object-oriented programming is achieving a holy grail, by inserting excessive unnecessary decoupling layers, you may be mistaken.
Perhaps you missed a few decades of Aspect-Oriented programming, and have long forgotten about the pragmatic need for certain cross-cutting concerns.
It looks to me like there is a small, but not insignificant, and growing community of people who will gladly accept BTC as payment for goods and services.
On the flip side, there is a large, but not insurmountable, and shrinking community of people who will gladly accept USD and/or EURs as payment for goods and services.
Well, I'd like the opposite. Give me an open API that allows me to enter my account credentials into any/multiple capable devices so that I can use whatever mobile hardware I want on my plan, including a stationary antenna connected to my computer.
There are two problems with that:
(1) It would mean your credentials could be cloned.
SIM cards are hardware crypto devices, and can contain a PIN number to activate the device.
One of the reason SIM cards were designed is to prevent cloning or theft of the SIM card data by someone other than the subscriber.
If you want to use other devices, you just move the SIM card to the other device.
For example, you move the SIM card from your USB mobile broadband modem to the antenna attached to your computer.
(2) Allowing the user access to credentials as 'data' would create a problem, of a possibility of theft of service and unfair extra usage of limited wireless sessions through multiple simultaneous use of the same credentials on multiple devices; for example, an antenna on your computer, at the same time as you're talking on a cell phone; a computer and an iPad at the same time, etc.
(3) Since the SIM card is a hardware token, possession is a sufficiently secure form of identity to secure transactions and sensitive information. Software-based/stored credentials are easily accidentally lost in various situations; for example, selling your old phone, but forgetting to purge its credentials.
You won't "forget" to remove the old SIM card, because you need it to activate the new device.
Really? Any time I've needed a new SIM for a phone (and even when I haven't) my carrier has always just given me one. A friend upgraded to an iPhone 4 the other day and just popped into one of his providers stores and was simply given a new SIM.
That's very interesting.... I wonder if that means Ma-Bell reversed the policy, of charging an approximate $50 fee if you ever need a new SIM.
Or maybe that's just a penalty for people whose SIMs stopped working
but this is one race to the bottom I'm pleased with.
More SIM card designs = more times you will
have to replace your SIM card = more money spent.
Smaller SIM cards are also easier to lose, hard to keep a handle on,
when you use your SIM with multiple phones
Personally, I think the existence of a separate SIM card tech is a bug.
SIM cards should be replaced with SD and MMC memory technology,
with a standard format, subscriber data protected by the DRM feature of the cards,
and digitally signed with the subscriber block and SD card serial number.
Instead of sending individual streams over the internet to every customer, they could develop some kind of protocol which could be used to broadcast all the streams to everyone at the same time.
Just what we need... a new MBONE
The problem with multicast traffic is... there's no easy way to bill for it, so it generally doesn't happen across service providers.
To make sure they don't clog the existing internet lines, they should lay down their own lines. Then they have full control over the infrastructure too.
Sounds expensive.
Broadcasting so many different streams probably doesn't work, so Netflix could instead start showing specific programs at certain times and people would tune in at those times to watch their favorite shows.
In what way is that concept better than Cable TV, again?
Just guessing, but it's probably a busybox shell. I doubt he wants to send a ton of separate "binaries" over the pipe when one monolithic one works best.
So this is slightly more complicated than a cross-browser buffer overflow exploit
combined with system("/bin/bash"); or a Cygwin shell binary....?
There is no company to give the order too. Its peer to peer to avoid a central point of attack.
Then they might give an order to the software developer, requiring that they produce an update of the code to provide identification of participants,
and shutdown the old version, and send DHS out on a RIAA-style rampage against non-compliant bitcoin peers.
Like it or not... there are people to give the orders too, especially if legislators get involved.
The bar is just slightly harder.
In other words, a second strong password. A question like my mother's maiden name or the name of my first pet will yield fairly predictable results, hence a brute-force attack is likely to work.
Yes, an answer could be guessed for a question like that. Being strong, and an employee having access to it, are two different topics, however.
It can be weak without an employee having access to it (to the extent an employee cannot gain access to the paired key and make a brute-force guessing attempt).
There is no possible cryptosystem that can allow server-side key management and allow the resetting of passwords, without allowing any server-side employee to access the key.
Sure there is... allow reset of the password through answering a secret question.
The secret answer is used to compute a hash which can be used along with a system
key to decrypt an "account recovery key", which the user chooses to store the primary key
encrypted so that the account recovery key can decrypt the backup.
Remove Facebook from Google's index completely.
Hiring a PR firm to slam them over scraping FB's content would seem to indicate FB doesn't really want their content scraped, which could translate into justification not to index them.
It's not like FB needs a listing in the Google index for people to find FB anymore, anyways.
They obviously don't like Google much. So unless Mark Zuckerberg writes a personal letter of apology to Google, delisting seems proper.
Unless it's to Google's benefit to have FB indexed, they should consider delisting FB :)
I suppose we could organize a tweet-off where we flooded twitter with variations on his name, so it was clear who we were talking about, but it wouldn't be caught in their trending filter.
Maybe tweet about Twitter censoring items in 'trending tweets' list <G>
To pass this information on to as many people as possible.
Human rights and freedom of speech are not abstract concepts that apply only to lawmakers.
All government bodies must be constrained by the rights of the people, including courts.
A court "ordering" the public to not publish a fact is contrary to the basic idea of freedom. Everyone should fight this threat to freedom, tooth and nail.
But actually trying to claim copyright on something you yourself copied?
Good artists copy, great tattoo artists from rural Missisoupy claim copyright.
Derivative works of public domain things are subject to copyright. For example, a copy of tribal art; rendered on a new form (such as a Tattoo); or with new creative elements, creates a new copyrightable work.
Depending on the Indian tribe's copyright laws, and if the tribe has a copyright agreement with the US government, those rights might be enforceable in the US.
Even with the ridiculous extensions in copyright law constantly being passed anything owned "for millennia" is in the public domain by now.
There are some things, that are allowed to have copyright, even though the rights would have long expired under the normal rules.
As a result, the mere age of the work, or count of thousands of years since its creation alone cannot be used to decide if it's subject to copyright or not.
1. Program flaws into your own software. Hiding them is a lot easier with closed-source, by the way.
Not necessarily. That depends on the complexity of the vulnerability; who you're hiding from, and why/what people are looking for. The source code just makes certain obvious bugs easier to find.
There are more people who can read high-level source code than there are assembly hackers.
It's very easy to effectively hide flaws in plain sight, if you know what you are doing; closed source or not. Auditing source code is harder than utilizing techniques such as fuzzing.
There are some exploits discovered through source code analysis, but most vulnerabilities are discovered surreptitiously, by testing unusual conditions and finding that, the program crashes, or fails, on a certain input, for example.
The failure can then be explored, the binary can be dissassembled, to determine exploitability of the found bug.
They might offer more but what do you do if they don't pay up, or come to take it back just because they claim your exploit didn't work (PEBKAC?), or because they feel like it?
I suspect, this is where Bitcoin comes in.
Or a 'trusted' escrow.
Or a deal like 'half the $$$ up front' and 'half when the customer approves'
Or.... proof of concept up front; delivery of final product after $$$ irreversibly paid.
No. gold has value because we make things from it. It's a metal with unique properties, not just beauty. Semiconductors depend on gold. Our civilization (as we know it today) depends on semicondcutors.
No. Semiconductors are a modern use that was found for gold.
Gold had a high value, long before there was such a thing as a semiconductor, or before it was used for any non-decorative purposes (such as dental fillings).
Gold's demand for use in semiconductors does not begin to explain the high value that has been assigned to it.
Silver has a hell of a lot more industrial demand than Gold does, and has uses in everything from photographic films, medical/antimicrobial applications, optical mirrors, construction, catalyst in lots of industrial chemical processes, and much greater demand for real uses, and its 'value' in currency is microscopic, compared to Gold's.
If you run a red light and get smashed into, are you going to expect Ford to cover the costs of it? No, most rational people wouldn't that why there's insurance.
How about, if someone came to your house and said they're concerned your bank account might be infected, and he offers to "re-secure your account" with a free security scan; so, at his request, you hand him your ATM card to swipe for a security scan, and PIN number. Do you think the bank is going to restore your $0 account balance to its original amount, for you? You think the insurance company is going to help you?
Is supporting/fixing your issue the bank's problem, even though someone else did it to you, and you facilitated it in a negligent way the bank cannot prevent? Nope. End user has to be prepared to pay (or buy suitable protection/agreement that specifically covers that type of situation).
Similar deal with MacOS... some random stranger says they think you might be compromised, and convince you to type in your PIN# (Admin user password).
If some stranger arrives at your house one day, and asks to borrow your car, so you go to the keybox, get the key, and he gives you a paper to sign saying "He can do whatever the hell he wants with your car"
Do you think the insurance company will help you, when he takes off, and uses your signed paper as an authorization to sell it to some dealer?
Too many layers of abstraction creates problems when you need to repair bugs or troubleshoot issues.
Because the abstractions hide what's really going on, the more abstractions you add, the less you know, and too many layers ultimately makes the computer more opaque to both developer and user.
And ultimately results in a buggy mess, when you get bugs and it takes years to trace due to the massive number of wrappers you may have to pass through to ultimately figure out where the bug might be.
If you truly believe your application gains anything by eliminating a decoupling library/layer, you have missed the point of the past few DECADES of object-oriented programming.
If you truly believe object-oriented programming is achieving a holy grail, by inserting excessive unnecessary decoupling layers, you may be mistaken.
Perhaps you missed a few decades of Aspect-Oriented programming, and have long forgotten about the pragmatic need for certain cross-cutting concerns.
Well, fix it, dear AC.
As a BSD user; I strongly suggest that Gnome become BSD-only.
KDE seems more appropriate to the part of the Linux market that wants the OS to be a Windows clone, anyways.
Is this before or after the site's cut/fee from the browser-generated bittokens ? :)
It looks to me like there is a small, but not insignificant, and growing community of people who will gladly accept BTC as payment for goods and services.
On the flip side, there is a large, but not insurmountable, and shrinking community of people who will gladly accept USD and/or EURs as payment for goods and services.
Well, I'd like the opposite. Give me an open API that allows me to enter my account credentials into any/multiple capable devices so that I can use whatever mobile hardware I want on my plan, including a stationary antenna connected to my computer.
There are two problems with that:
(1) It would mean your credentials could be cloned. SIM cards are hardware crypto devices, and can contain a PIN number to activate the device. One of the reason SIM cards were designed is to prevent cloning or theft of the SIM card data by someone other than the subscriber.
If you want to use other devices, you just move the SIM card to the other device. For example, you move the SIM card from your USB mobile broadband modem to the antenna attached to your computer.
(2) Allowing the user access to credentials as 'data' would create a problem, of a possibility of theft of service and unfair extra usage of limited wireless sessions through multiple simultaneous use of the same credentials on multiple devices; for example, an antenna on your computer, at the same time as you're talking on a cell phone; a computer and an iPad at the same time, etc.
(3) Since the SIM card is a hardware token, possession is a sufficiently secure form of identity to secure transactions and sensitive information. Software-based/stored credentials are easily accidentally lost in various situations; for example, selling your old phone, but forgetting to purge its credentials.
You won't "forget" to remove the old SIM card, because you need it to activate the new device.
What exactly gives a Bitcoin its value? At least with a dollar, I can pay my taxes and not be imprisoned.
What gives a yellow chunk of gold its value?
Humans.
Really? Any time I've needed a new SIM for a phone (and even when I haven't) my carrier has always just given me one. A friend upgraded to an iPhone 4 the other day and just popped into one of his providers stores and was simply given a new SIM.
That's very interesting.... I wonder if that means Ma-Bell reversed the policy, of charging an approximate $50 fee if you ever need a new SIM. Or maybe that's just a penalty for people whose SIMs stopped working
but this is one race to the bottom I'm pleased with.
More SIM card designs = more times you will have to replace your SIM card = more money spent.
Smaller SIM cards are also easier to lose, hard to keep a handle on, when you use your SIM with multiple phones
Personally, I think the existence of a separate SIM card tech is a bug. SIM cards should be replaced with SD and MMC memory technology, with a standard format, subscriber data protected by the DRM feature of the cards, and digitally signed with the subscriber block and SD card serial number.
Instead of sending individual streams over the internet to every customer, they could develop some kind of protocol which could be used to broadcast all the streams to everyone at the same time.
Just what we need... a new MBONE
The problem with multicast traffic is... there's no easy way to bill for it, so it generally doesn't happen across service providers.
To make sure they don't clog the existing internet lines, they should lay down their own lines. Then they have full control over the infrastructure too.
Sounds expensive.
Broadcasting so many different streams probably doesn't work, so Netflix could instead start showing specific programs at certain times and people would tune in at those times to watch their favorite shows.
In what way is that concept better than Cable TV, again?
Just guessing, but it's probably a busybox shell. I doubt he wants to send a ton of separate "binaries" over the pipe when one monolithic one works best.
So this is slightly more complicated than a cross-browser buffer overflow exploit combined with system("/bin/bash"); or a Cygwin shell binary....?
There is no company to give the order too. Its peer to peer to avoid a central point of attack.
Then they might give an order to the software developer, requiring that they produce an update of the code to provide identification of participants, and shutdown the old version, and send DHS out on a RIAA-style rampage against non-compliant bitcoin peers.
Like it or not... there are people to give the orders too, especially if legislators get involved. The bar is just slightly harder.
In other words, a second strong password. A question like my mother's maiden name or the name of my first pet will yield fairly predictable results, hence a brute-force attack is likely to work.
Yes, an answer could be guessed for a question like that. Being strong, and an employee having access to it, are two different topics, however. It can be weak without an employee having access to it (to the extent an employee cannot gain access to the paired key and make a brute-force guessing attempt).
There is no possible cryptosystem that can allow server-side key management and allow the resetting of passwords, without allowing any server-side employee to access the key.
Sure there is... allow reset of the password through answering a secret question. The secret answer is used to compute a hash which can be used along with a system key to decrypt an "account recovery key", which the user chooses to store the primary key encrypted so that the account recovery key can decrypt the backup.
They are tracable to a hash of a signature. I don't think these hashes are easily traceable to a person.
They will be, once the company receives an order from a court to trace them.