Unless you can prove Qualcomm maliciously and purposefully filed an false DMCA claim you aren't getting jack.
Not really. If you can prove that Qualcomm's false DMCA claim caused you harm (financially, psicologically, etc), you're getting jack and his wife. Public perception frowns upon "big companies abusing the little guy", so I'd expect this to not even go to court and to be settled with a non-disclosure clause, as it is common practice.
Seems like a huge risk for a very modest reward, if you win you are only out the years it took to litigate the matter but if you lose you could wind up liable for damages for infriging copyright on your own code (now Qualcomm's code).
Imagine this - you go to court to prove the code is yours, and its an actual part of Qualcomm's product line, to such an extent they thought they owned it. They caused you harm *while* benefiting from your unpaid work. An you think they would stand a chance in an appeal/counter suit? Now imagine its your pet project, and you subtly change the license to forbit explicit usage from Qualcomm from the get-go, while the process carries on? Then its possible for you to actually slap them with a DMCA claim of your own, and even *gasp*, prove it in court.
The actual news seems like Qualcomm hired some IP firm that doesn't know shit about code and found automatically some "infringing" files. If this is the case, they will do everything to avoid going to court, regardless of the number of lawyers on staff, while silently settling the case with the IP company. And this shit keeps happening because no one bothers into taking it to court.
You are right, I wasn't aware of that. But it doesn't change the argument - it does not constitute a commercial contract (you're not paying for services or goods). And it is responsability of the receiver (or more commonly, his employer) to actually comply with the tax law. Even in the US, receiving a tip is not illegal. Not declaring it in your IRS may be, but - by itself - is perfectly legal as an act.
You were stating, that a legal difference exists between payment and a mere "tip". I doubt it strongly...
It is the difference between an exchange and a donation. In the country where I reside, tips are "tax free" (and exempt from declaration) upto 75 Eur. This includes the money your grandmother gives you. If it is over 75Eur, it is considered income and it is taxed appropriately. Oddly enough, giving 2 times 75Eur to the same person still is tax-free.
Unfortunately — and this is a giant loophole in the American (and, possibly, British) legal system — the accused's property is not at all as protected as his person.
It depends on the relevancy for the case. And seizing of property usually requires a court order - both in US and UK - and I will tackle the civil forfeiture next.
The government can confiscate property immediately [foxnews.com] — without bothering with the Judiciary. They can't lock you up, but they can confiscate your car, cash (we suspect it is drug money, so we take it away), and even freeze bank accounts...
Well, yes and no. They could do it anyway, if a judge signs. In my country, if you commit tax fraud, this is done automatically - via a judge. The scope of civil forfeiture is quite limited, and I'd assume they must really have strong clues to use it (http://www.law.cornell.edu/uscode/text/18/981), because regardless of what happens, authorities are liable for every damage caused by unfunded accusations/wrongful/abusive confiscations, as most countries have something related to the presumption of innocence in their constitution.
In the article I linked to, the couple's family car was confiscated on the spot — on the Executive official say-so. That alone would severely impede the accused's ability to defend himself, would not it? Simply showing up in court suddenly becomes very difficult...
2 Suggestions - stop reading fox news as actual facts, It would not impede anything. I don't own a car. The notion that people need cars to survive is stupid.
And, for each example you may find, you have hundreds that were exactly the opposite - the "bad" guys were at fault. If you have a - lets assume - 3% - error rate on a major american city, that is a huge success rate. You should see it in perspective, not the isolated cases that are the anomalies.
The FG reference is quite ingenious, but wrong. You should check http://en.wikipedia.org/wiki/C... to have an idea of the paperwork necessary to legally produce porn.
I'm not saying authorities never fail. I'm saying it is not breaking the law, as whoever is involved in this will find out sooner or later in court. But I'd be surprised if the news is acurrate (most news aren't).
Now imagine the same couple being merely friends and the cop observing the money (a mere tip, not a payment — though I suspect, the distinction you are making is without difference) changing hands... They'd never convince anyone...
Well, they would not need to. The onus of intent or proof lies within the accuser. Even if they got fined/identified/whatever, in the end its up to the authorities to make proof that it was, in fact, an illegal transaction.
Yes, he would be breaking the law. And you, probably, would be breaking it too.
He would not. The friend would not engage on the activity motivated by monetary compensation, and the $20 isn't payment, its a tip. And this is legal in most countries. You are liable for services you've been paid for, not tipped for. As an extreme example, there is a huge difference between a commercial agreement regarding sexual intercourse (soliciting, as you're *bidding* for the service) and giving a tip - either in money or goods. The first one is a prostitute, the second one is a fuckfriend/girlfriend.
I still support some Delphi 7.0 applications I built decade ago. Yeah, a decade ago, Delphi 7.0 was *already* "obsolete". They still work today, they still produce actual meaningful results. Try using a VB6 application (or a C++ application) from the same period on a modern windows system. You'd be surprised how well designed Delphi is. And Embarcadero really did everything they could to make sure the product would die.
Building a secure OS isn't "that difficult" (as in, its quite feasible). Building a secure OS that runs software people want to run and need for work and can communicate with insecure computers (aka the internet) is a complete different story:) Everything that is 3rd party is potentially tainted, and that includes usually the compiler and the build toolchain. Some projects like OpenBSD integrate some 3rd party software into their own codebase, and do an audit to make sure no major holes are present. But unless you're using it as a firewall or to serve some static files, sooner or later you'll need 3rd party software from external sources. And if even in your codebase some "easter eggs" are difficult to detect (look at OpenSSL, the heartbleed vuln went unnoticed for what? 2 years?), it is almost impossible for external programs.
Until you access that specific secret non-documented register that is available after some fancy port-knocking (bit-knocking) that will leave an internal gate to 1 instead of 0... Given that most chips do have extra circuitry for internal testing, this would be almost trivial to implement and very very difficult to detect.
This stupid method of distributing binary packages from a central repository also smells like something governments would like.
And if you really think about it, signed repositories only protect you against tampering with the actual packages, not the source. I'd guess it would be quite feasible to gain access one of the most well-known-less-cared-about libraries (or their servers) and add some easteregg to the code (think stuff like libjpg, libpng, zip handling, etc), and the fancy signed package would be silently built and installed downstream.
Actual KW saved by not running directly on metal, and squeezing every possible resource out of a highly efficient and redundant server.
On the other hand, many "cloud" services are actually grid services that run on many, redundant, small servers, in contrast to the blade center HP and IBM tries to shove down your throat. One example is GMail and the assorted google services. So, while I understand your point about virtualization, cloud and virtualization are two very different and very distinct things.
It means asset depreciation is much lower, so server churn is much lower (less carbon, less waste less garbage)
It depends how you measure it. In a pure cpu-power-per-watt, 1U servers are way cheaper than an equivalent blade solution, easier to service, and will run cooler. They do take more space, but asset depreciation on a 50K blade cage vs 30K of 1U servers is bigger in the blades.
every watt is consumed rather than dissipated as heat
Well, its not, and this is one of the biggest fallacies of virtualization. It wildly varies according to the workload and your configuration. For small workloads, you may even spend more in hardware to provide proper virtualization than you had to pay for a metal solution. You do gain flexibility, and yes, when well done, you may take more advantage of your hardware, but this is not a novel concept. When possible, solutions like linux containers, solaris zones and freebsd jails allows at least some level of flexibility with a smaller execution footprint.
And regarding usage... well, most cpu's even implement an instruction that internally halts the cpu if not in use. Cpu consumption varies according to the workload, and most of the specs mention max consumption, not average consumption. It may even happen that your beefier setup actually spends more power per vm than single dedicated servers.
It means common parts for all servers which leads to less manufacturing waste.
Yes, but is it cheaper? As an example, almost all industrial processes wastes copious amounts of water, when often more sofisticated and reusable replacements are available. But water is cheaper. Its a bit like saying "this aluminium package is 20% smaller, so we can stop using cardboard packaging because it generates less waste". I would like to see proper metrics on that, not sure if it is that obvious.
Who knows how many others have died without us knowing.
You could say the same about the US. In fact, you could assume that, for every Snowden, you have 10 guys in guantanamo with the same info. Or in a secret detention camp somewhere around the world. Russia doesn't really care about international propaganda, USA does - thats why you have a different perception of both countries. I'd assume Russia is nearby; When it was the last time Russia invaded a country on the other side of the world?
Russian and Chinese dissidents often end up in jail or dead. In China, the government censors everything.
Except the ones that run away. Starts sounding familiar, right?
Those were some stupid politicians talking. Was there ever an actual charge? A warrant? No.
Are you fucking kidding me? American companies seizing assets from foreigners (paypal, mastercard, etc); Widespread political pressure to send the guy to the US; The fact that the USA is the only democratic country with concentration camps that is not sanctioned by the UN at any level; USA cannot issue an international warrant for his capture without being laughed at; That didn't stop them. At all.
So you say, but look in the mirror. Could you have a Tea Party in China, one that had successful elections against establishment Republicans?
Sure. You have right-wing batshit crazy people everywhere you can get a wealthy median-class lifestyle. Some of them even get elected.
Where is the debate between even two parties in China?
Where is the debate between two parties in the US? The illusion of choice is not the same as choice. And since lobbyists control both sides, its more about keeping apearences than "the people". Your democratic system is a knotch above a middle-eastern country.
Say what you want about Democrats and Republicans being a "single" party, but they do differ on a lot of issues.
No they don't. One defends wealthy people and interest groups by catering to a more conservative agenda, and the other one goes a more liberal approach. There is no actual difference. Want proof? Move to another country and see the difference.
A Chinese and Russian "Snowden" would have quickly disappeared with nobody knowing or caring.
Or not. That's why you have both chinese and russian dissidents. And USA is the country that went after Assange as a 'traitor', regardless of his nationality. From the other side of the pond, USA does look like a police state straight out of 1984 - not only because of the huge levels of incompetence while monitoring people, but also because of what you just said. The level of brainwash that takes for someone to say "my democratic system is better" when its not actually democratic NOR pluralist is an indoctrinator's dream come true. Have a good look at the Roman empire, and why it has fallen. History has a tendency to repeat itself.
Most of those security consultants you talk about don't even know what OpenSSL is. They know its the certificates thinggy that its used by several packages, that's it.
Plus even if you could get 20% profit margin out of a product worth 5% of the tablet instead of making 10% out of 100% of the product, what is better ?
I do get your point, but you're assuming they are able to captivate the relevant market share. If the difference is having 3% of the total market selling product, or supplying 60% of the total OEM parts, while simplifying both and time to market, plus deterring competition from investing on this area by providing availability of the parts, the argument falls apart. Using your math, the turnover for the whole car only makes sense if the battery approach would captivate less than 10x their total market of vehicles (eg. for 3% total market for cars vs 31% of total market for parts, parts are more profitable in absolute values). And batteries are not like semiconductors, they have way bigger profit margins than the car as a whole.
Nope. The words in your password are common words, probably on a short list of around 3000 words. Essentially, you have a 3 "character" password where each character is chosen from a set of 3000 possibilities
You only know that after you know the password. a brute-force attack (even a dictionary-based one) would try at least an order of magnitude more combinations.
I actually memorize passwords both more "random" and biger thant that one. I don't need to memorize fifty. I need to memorize 5 separate hashes, and then use them as A, B, C, D, E, F, AB, AC,... ABC, ACD, etc according to the relevancy of the password. Memorizing 50 hashes is stupid, but since I know probably more than 100 metal lyrics, I could also pull it off (ever tried a 200 character password?). And if I'm something, is lazy.
I was referencing this specific slide http://www.openbsd.org/papers/...
They clearly state their portability goal is mostly POSIX-compatible, but after a second read it is not obvious it its being used as a base reference, as you point out.
They need to matter in order to obtain funding, unless we decide to pay for the product.
Tell me about other browsers specifically providing DRM support. IE? Great example. I stopped using FF when they started with the rolling releases nonsense. And most FF users DO PAY to use the browser, via search traffic. After the rolling releases, they started the piss-poor attempt of cloning the chrome interface - without easy fallback. Maybe they should focus on implementing stuff that the users want (are the memory leaks gone? are the devtools integrated and working, or do I still have to install firebug?) instead of what *THEY* want. This is a project that has derailed many years ago, and it is managed as a cash cow. Sooner or later, the cow will die.
Slashdot Mirror
They are still liable for the damages caused by their good faith claim. As anyone that is wrongfully accused of a crime.
Unless you can prove Qualcomm maliciously and purposefully filed an false DMCA claim you aren't getting jack.
Not really. If you can prove that Qualcomm's false DMCA claim caused you harm (financially, psicologically, etc), you're getting jack and his wife. Public perception frowns upon "big companies abusing the little guy", so I'd expect this to not even go to court and to be settled with a non-disclosure clause, as it is common practice.
Seems like a huge risk for a very modest reward, if you win you are only out the years it took to litigate the matter but if you lose you could wind up liable for damages for infriging copyright on your own code (now Qualcomm's code).
Imagine this - you go to court to prove the code is yours, and its an actual part of Qualcomm's product line, to such an extent they thought they owned it. They caused you harm *while* benefiting from your unpaid work. An you think they would stand a chance in an appeal/counter suit? Now imagine its your pet project, and you subtly change the license to forbit explicit usage from Qualcomm from the get-go, while the process carries on? Then its possible for you to actually slap them with a DMCA claim of your own, and even *gasp*, prove it in court.
The actual news seems like Qualcomm hired some IP firm that doesn't know shit about code and found automatically some "infringing" files. If this is the case, they will do everything to avoid going to court, regardless of the number of lawyers on staff, while silently settling the case with the IP company. And this shit keeps happening because no one bothers into taking it to court.
My favourite banjo song: https://www.youtube.com/watch?...
In fact, in the USA, ALL tips are taxable income
You are right, I wasn't aware of that. But it doesn't change the argument - it does not constitute a commercial contract (you're not paying for services or goods). And it is responsability of the receiver (or more commonly, his employer) to actually comply with the tax law. Even in the US, receiving a tip is not illegal. Not declaring it in your IRS may be, but - by itself - is perfectly legal as an act.
You were stating, that a legal difference exists between payment and a mere "tip". I doubt it strongly...
It is the difference between an exchange and a donation. In the country where I reside, tips are "tax free" (and exempt from declaration) upto 75 Eur. This includes the money your grandmother gives you. If it is over 75Eur, it is considered income and it is taxed appropriately. Oddly enough, giving 2 times 75Eur to the same person still is tax-free.
Unfortunately — and this is a giant loophole in the American (and, possibly, British) legal system — the accused's property is not at all as protected as his person.
It depends on the relevancy for the case. And seizing of property usually requires a court order - both in US and UK - and I will tackle the civil forfeiture next.
The government can confiscate property immediately [foxnews.com] — without bothering with the Judiciary. They can't lock you up, but they can confiscate your car, cash (we suspect it is drug money, so we take it away), and even freeze bank accounts...
Well, yes and no. They could do it anyway, if a judge signs. In my country, if you commit tax fraud, this is done automatically - via a judge. The scope of civil forfeiture is quite limited, and I'd assume they must really have strong clues to use it (http://www.law.cornell.edu/uscode/text/18/981), because regardless of what happens, authorities are liable for every damage caused by unfunded accusations/wrongful/abusive confiscations, as most countries have something related to the presumption of innocence in their constitution.
In the article I linked to, the couple's family car was confiscated on the spot — on the Executive official say-so. That alone would severely impede the accused's ability to defend himself, would not it? Simply showing up in court suddenly becomes very difficult...
2 Suggestions - stop reading fox news as actual facts, It would not impede anything. I don't own a car. The notion that people need cars to survive is stupid.
And, for each example you may find, you have hundreds that were exactly the opposite - the "bad" guys were at fault. If you have a - lets assume - 3% - error rate on a major american city, that is a huge success rate. You should see it in perspective, not the isolated cases that are the anomalies.
The FG reference is quite ingenious, but wrong. You should check http://en.wikipedia.org/wiki/C... to have an idea of the paperwork necessary to legally produce porn.
Now imagine the same couple being merely friends and the cop observing the money (a mere tip, not a payment — though I suspect, the distinction you are making is without difference) changing hands... They'd never convince anyone...
Well, they would not need to. The onus of intent or proof lies within the accuser. Even if they got fined/identified/whatever, in the end its up to the authorities to make proof that it was, in fact, an illegal transaction.
Yes, he would be breaking the law. And you, probably, would be breaking it too.
He would not. The friend would not engage on the activity motivated by monetary compensation, and the $20 isn't payment, its a tip. And this is legal in most countries. You are liable for services you've been paid for, not tipped for. As an extreme example, there is a huge difference between a commercial agreement regarding sexual intercourse (soliciting, as you're *bidding* for the service) and giving a tip - either in money or goods. The first one is a prostitute, the second one is a fuckfriend/girlfriend.
I still support some Delphi 7.0 applications I built decade ago. Yeah, a decade ago, Delphi 7.0 was *already* "obsolete". They still work today, they still produce actual meaningful results. Try using a VB6 application (or a C++ application) from the same period on a modern windows system. You'd be surprised how well designed Delphi is. And Embarcadero really did everything they could to make sure the product would die.
Building a secure OS isn't "that difficult" (as in, its quite feasible). Building a secure OS that runs software people want to run and need for work and can communicate with insecure computers (aka the internet) is a complete different story :) Everything that is 3rd party is potentially tainted, and that includes usually the compiler and the build toolchain. Some projects like OpenBSD integrate some 3rd party software into their own codebase, and do an audit to make sure no major holes are present. But unless you're using it as a firewall or to serve some static files, sooner or later you'll need 3rd party software from external sources. And if even in your codebase some "easter eggs" are difficult to detect (look at OpenSSL, the heartbleed vuln went unnoticed for what? 2 years?), it is almost impossible for external programs.
Until you access that specific secret non-documented register that is available after some fancy port-knocking (bit-knocking) that will leave an internal gate to 1 instead of 0... Given that most chips do have extra circuitry for internal testing, this would be almost trivial to implement and very very difficult to detect.
This stupid method of distributing binary packages from a central repository also smells like something governments would like.
And if you really think about it, signed repositories only protect you against tampering with the actual packages, not the source. I'd guess it would be quite feasible to gain access one of the most well-known-less-cared-about libraries (or their servers) and add some easteregg to the code (think stuff like libjpg, libpng, zip handling, etc), and the fancy signed package would be silently built and installed downstream.
With only binaries to analyze it is certainly possible that a NSA backdoor could go undetected in bitlocker.
The sad truth is that even the source code isn't enough to guarantee that no backdoor exists, if its done in a competent fashion.
Oblig. XKCD http://xkcd.com/538/
Actual KW saved by not running directly on metal, and squeezing every possible resource out of a highly efficient and redundant server.
On the other hand, many "cloud" services are actually grid services that run on many, redundant, small servers, in contrast to the blade center HP and IBM tries to shove down your throat. One example is GMail and the assorted google services. So, while I understand your point about virtualization, cloud and virtualization are two very different and very distinct things.
It means asset depreciation is much lower, so server churn is much lower (less carbon, less waste less garbage)
It depends how you measure it. In a pure cpu-power-per-watt, 1U servers are way cheaper than an equivalent blade solution, easier to service, and will run cooler. They do take more space, but asset depreciation on a 50K blade cage vs 30K of 1U servers is bigger in the blades.
every watt is consumed rather than dissipated as heat
Well, its not, and this is one of the biggest fallacies of virtualization. It wildly varies according to the workload and your configuration. For small workloads, you may even spend more in hardware to provide proper virtualization than you had to pay for a metal solution. You do gain flexibility, and yes, when well done, you may take more advantage of your hardware, but this is not a novel concept. When possible, solutions like linux containers, solaris zones and freebsd jails allows at least some level of flexibility with a smaller execution footprint.
And regarding usage... well, most cpu's even implement an instruction that internally halts the cpu if not in use. Cpu consumption varies according to the workload, and most of the specs mention max consumption, not average consumption. It may even happen that your beefier setup actually spends more power per vm than single dedicated servers.
It means common parts for all servers which leads to less manufacturing waste.
Yes, but is it cheaper? As an example, almost all industrial processes wastes copious amounts of water, when often more sofisticated and reusable replacements are available. But water is cheaper. Its a bit like saying "this aluminium package is 20% smaller, so we can stop using cardboard packaging because it generates less waste". I would like to see proper metrics on that, not sure if it is that obvious.
Who knows how many others have died without us knowing.
You could say the same about the US. In fact, you could assume that, for every Snowden, you have 10 guys in guantanamo with the same info. Or in a secret detention camp somewhere around the world. Russia doesn't really care about international propaganda, USA does - thats why you have a different perception of both countries. I'd assume Russia is nearby; When it was the last time Russia invaded a country on the other side of the world?
Russian and Chinese dissidents often end up in jail or dead. In China, the government censors everything.
Except the ones that run away. Starts sounding familiar, right?
Those were some stupid politicians talking. Was there ever an actual charge? A warrant? No.
Are you fucking kidding me? American companies seizing assets from foreigners (paypal, mastercard, etc); Widespread political pressure to send the guy to the US; The fact that the USA is the only democratic country with concentration camps that is not sanctioned by the UN at any level; USA cannot issue an international warrant for his capture without being laughed at; That didn't stop them. At all.
So you say, but look in the mirror. Could you have a Tea Party in China, one that had successful elections against establishment Republicans?
Sure. You have right-wing batshit crazy people everywhere you can get a wealthy median-class lifestyle. Some of them even get elected.
Where is the debate between even two parties in China?
Where is the debate between two parties in the US? The illusion of choice is not the same as choice. And since lobbyists control both sides, its more about keeping apearences than "the people". Your democratic system is a knotch above a middle-eastern country.
Say what you want about Democrats and Republicans being a "single" party, but they do differ on a lot of issues.
No they don't. One defends wealthy people and interest groups by catering to a more conservative agenda, and the other one goes a more liberal approach. There is no actual difference. Want proof? Move to another country and see the difference.
A Chinese and Russian "Snowden" would have quickly disappeared with nobody knowing or caring.
Or not. That's why you have both chinese and russian dissidents. And USA is the country that went after Assange as a 'traitor', regardless of his nationality. From the other side of the pond, USA does look like a police state straight out of 1984 - not only because of the huge levels of incompetence while monitoring people, but also because of what you just said. The level of brainwash that takes for someone to say "my democratic system is better" when its not actually democratic NOR pluralist is an indoctrinator's dream come true. Have a good look at the Roman empire, and why it has fallen. History has a tendency to repeat itself.
Is that intended as the original poem, or the Iron Maiden version? :D
Most of those security consultants you talk about don't even know what OpenSSL is. They know its the certificates thinggy that its used by several packages, that's it.
Plus even if you could get 20% profit margin out of a product worth 5% of the tablet instead of making 10% out of 100% of the product, what is better ?
I do get your point, but you're assuming they are able to captivate the relevant market share. If the difference is having 3% of the total market selling product, or supplying 60% of the total OEM parts, while simplifying both and time to market, plus deterring competition from investing on this area by providing availability of the parts, the argument falls apart. Using your math, the turnover for the whole car only makes sense if the battery approach would captivate less than 10x their total market of vehicles (eg. for 3% total market for cars vs 31% of total market for parts, parts are more profitable in absolute values). And batteries are not like semiconductors, they have way bigger profit margins than the car as a whole.
Nope. The words in your password are common words, probably on a short list of around 3000 words. Essentially, you have a 3 "character" password where each character is chosen from a set of 3000 possibilities
You only know that after you know the password. a brute-force attack (even a dictionary-based one) would try at least an order of magnitude more combinations.
I actually memorize passwords both more "random" and biger thant that one. I don't need to memorize fifty. I need to memorize 5 separate hashes, and then use them as A, B, C, D, E, F, AB, AC, ... ABC, ACD, etc according to the relevancy of the password. Memorizing 50 hashes is stupid, but since I know probably more than 100 metal lyrics, I could also pull it off (ever tried a 200 character password?). And if I'm something, is lazy.
I was referencing this specific slide http://www.openbsd.org/papers/... They clearly state their portability goal is mostly POSIX-compatible, but after a second read it is not obvious it its being used as a base reference, as you point out.
They need to matter in order to obtain funding, unless we decide to pay for the product.
Tell me about other browsers specifically providing DRM support. IE? Great example. I stopped using FF when they started with the rolling releases nonsense. And most FF users DO PAY to use the browser, via search traffic. After the rolling releases, they started the piss-poor attempt of cloning the chrome interface - without easy fallback. Maybe they should focus on implementing stuff that the users want (are the memory leaks gone? are the devtools integrated and working, or do I still have to install firebug?) instead of what *THEY* want. This is a project that has derailed many years ago, and it is managed as a cash cow. Sooner or later, the cow will die.