6a. It's hard for a university to tell faculty what to do. If a faculty PI backs you releasing code, you should be OK. University's are especially reluctant to contradict faculty who bring in grant money. There might be some small (usually, infinitesimal) chance of making money from your software. That works out on the average less than once in the lifetime of a randomly chosen university. There is a definite rake-off from the grant. For every dollar spent at the behest of the PI, the university collects an additional $.idcr from the grant, where idcr is the "indirect cost rate". "Indirect cost" is often called, incorrectly, "overhead". Theoretically, it covers the fair share of general costs, including administration, physical plant,..., attributable to the project. It used to be determined by a big negotiation between each university and its main funding agency, using all sorts of bean counts. Now, it's mostly just fiat from the government, take it or leave it. For a university, the rate is generally below 50% last time I checked (which means they get less than 1/3 of the total grant as "indirect cost", since this is the indirect cost rakeoff as a percentage of the direct cost, not of the total). For commercial labs, it was generally above 100%, because they have to make a profit. So do the universities, but they have to use a different legal word, since they are "nonprofit organizations." As far as I can tell, no university actually knows how federal funding affects its balance sheet. They seem to operate on faith that, while indirect cost rates are too low to yield a profit, and only reduce a loss, the payback through increased prestige produces a net win.
7. Universities have a good starting point for claiming ownership of all sorts of stuff produced by faculty, other employees, anything coming from a research grant. There's often a knee-jerk reaction to claim it because they can. They more often lose money that way than make it. I helped my university agree to theoretical profit-sharing on an absolutely brilliant idea from a colleague, which allowed a dazzlingly fast solution of hidden-surface problems in computer graphics. We spend some 10s of thousands patenting, and I'm pretty sure that nobody has licensed the patent in its lifetime. The right faculty member may be able to remind people that they have more to gain from keeping the grant in good shape, making investigators happy, taking credit for supporting development of something, than from trying to control it.
Years ago, I helped write part of the copyright/patent policy (I try to avoid the phrase "Intellectual Property," which as far as I know is not recognized in law) for my university, served on the faculty committee making recommendations for disputes, and guided one colleague through a patent owned by the university. You can easily figure out which university I'm at, but it's not really relevant, this was years ago, I think they threw out the part that I wrote (and I don't care),... Nonetheless, I can make some observations that might help you figure things out.
1. The status of work at a university is very weird, and it's hard to find two people who understand it the same way. The law's concept of work for hire seems clear, but universities accept the notion that they haven't hired all of your work, not even all that you perform during normal working hours (which are never normal at the U). I heard very high administrators say that faculty are faculty all the time, 24x365.25. But we also pretend that our salary only covers 9 months, and we are allowed to take summer jobs in which we make contracts providing our work to other institutions. Point: it's totally unclear.
2. Almost all work under a US government grant is done as a university employee. The feds grant the money to the university. Under the terms of the grant, a principal investigator (PI) has wide authority to tell the university how to spend the money (and almost no accountability for doing it wrong---universities get dinged for statistical estimates of the amount of mistakes made by PIs). Anyone working on the grant is a university employee, paid from "restricted funds."
3. The feds have never to my knowledge claimed ownership of work performed under research grants. In the past, they have explicitly encouraged universities and other corporations to own and exploit patents and copyrights obtained with grant funds. There is a trend toward requiring open sharing of some grant results, but I haven't studied this. It may only apply to data so far, and it probably varies between funding agencies.
4. Universities have good grounds for claiming that work done with their money (a very ambiguous category, as I mentioned in #1) is work for hire, patents and copyrights due to them. They routinely give back the copyrights to creators, on the excuse that these copyrights have to do with publication of research. That's often true, but it is also applied to rather cynically produced textbooks, that appear to be written mainly for plunder (which very few of them actually capture).
5. Universities have a mission to publish research, and they get financially valuable prestige from research associated with them. They tend to avoid obstacles on research publication. I recommend associating software as closely as possible with research articles and reports. Maybe the source code is an appendix. Maybe the journal won't print it, but they'll give the URL reference. Years ago, I think I established a policy that my U would never stand in the way of software being released to the public (GPL, BSD, implicit full license---incorrectly referred to as "public domain"). I don't think this policy was ever violated, I don't think it ever will be, but a lot of people don't have confidence in it.
6. Toothpaste comes out of tubes more easily than it goes back in. Anything posted on SourceForge, released with an explicit statement of GPL or other irrevocable open license, is unlikely to be closed down successfully in the future, especially by an organization as clumsy and partly benign as a university.
Gotta go to class. I'll add observations as a self-reply later. I'm not very interested in arguing any of this---just sharing my experience.
> Will change mean that slavery is now something > that can finally be put to bed 145 years after > it ended?
Slavery became unconstitutional in the USA in 1865 (http://en.wikipedia.org/wiki/Thirteenth_Amendment_to_the_United_States_Constitution). Hereditary chattel slavery was pretty well abolished in the USA at that time.
Government-supported slavery of a very brutal sort, involving tens of thousands of people, almost all of them black men, in chains doing hard and often fatal work, particularly in coal mines, continued until the 1940s, after the Japanese attack on Pearl Harbor. At that point the federal government, which had deliberately ignored the practice for decades, decided that the Germans and Japanese would use it in propaganda, and therefore it must end. Check out Slavery by Another Name (http://www.slaverybyanothername.com/), by Douglas Blackmon, Atlanta Bureau Chief of the Wall Street Journal.
One-time pad ciphertext does appear to be random. Shannon proved that it has perfect secrecy.
</quote>
Right. But Smith/Yard make a stronger claim than randomness. They claim that the content of each channel does not depend on the message at all. Once the one-time pad is determined, the encoded message is determined completely by the plaintext. By encoding the plaintext into a quantum entanglement prior to the creation of either random channel, they are able to tell a story in which each channel's contents appear to be, not only random, but not functionally determined from the plaintext.
I think that Khashishi has got the essence of the 0+0>0 thing here. I haven't completely penetrated the noise in the Smith/Yard ArXiv article yet, but I'd bet my money that it boils down to this:
Take two channels in each of which all bits are completely random, and independent of the information that you wish to send. Let each bit of your information determine the correllation or anticorrellation of corresponding bits in the two channels, by introducing a quantum constraint between them before their actual random values are determined. Then, as in Khashishi's description, the xor of the two random channels is the message.
The only difference I detect in Smith/Yard vs. Khashishi is that they use quantum trickery to make the whole thing look symmetric. Neither of the random channels predates the other. Each one, evaluated singly, appears to be completely independent of the encoded message. In Khashishi's description, the time sequence in the construction of the two random sequences makes one of them seem a priori random, and the other to be a one-time pad encoding of the message, while in the Smith/Yard article you can't tell which is which.
It seems more like a meretricious way of telling a causal story about a well-known phenomenon than something truly "essentially quantum."
And, don't rely on the Slashdot title: "Supreme Court Holds Right to Bear Arms Applies to Individuals."
Both the majority and the dissenters agreed that the 2d amendment reserves a right to individuals. They disagreed regarding the scope of that right ("... to keep and bear arms..."), and the legislatures' powers to regulate (not to prohibit entirely) its exercise ("A well regulated militia...").
The 2d amendment is one of those sentences that appears clear at first glance, then one wonders what are "arms," what it means to "bear" them,... Other law in force around the same time appears to regard restrictions on the individual storage and use of small firearms to be perfectly consistent with state constitutional provisions that were stronger than the 2d amendment.
My hunch, completely uninformed by serious historical research, is that the language came out a bit fuzzy because the Framers didn't agree among themselves, and chose language that each could suppose to be consistent with his own views.
Actually, on page 46 of his opinion, the 113th page of the PDF file, Stevens wrote:
"The Court would have us believe that over 200 years ago, the Framers made a choice to limit the tools available to elected officials wishing to regulate civilian uses of weapons, and to authorize this Court to use the common-law process of case-by-case judicial lawmaking to define the contours of acceptable gun control policy."
The majority and the dissenters had agreed that the 2d amendment allowed the government to provide the regulation mention in the preamble ("A well-regulated milita..."). The majority inferred specific limitations on that regulation, not from the language of the constitution, but from various earlier sources, including similar clauses in state constitutions which the Framers of the 2d amendment specifically read and decided not to copy, and ancient English customs.
A reading of Justice Stevens' whole dissent makes it pretty clear that he objects to the substitution of modern case law, based on precedents that were not included in the language of the 2d amendment, for the judgment of legislatures regarding the proper regulation of the keeping and bearing of arms.
From page 4 of Breyer's dissent (117th page in the PDF file):
"colonial history itself offers important examples of the kinds of gun regulation that citizens would then have thought compatible with the 'right to keep and bear arms,' whether embodied in Federal or State Constitutions, or the background common law. And those examples include substantial regulation of firearms in urban areas, including regulations that imposed obstacles to the use of firearms for the protection of the home."
The majority relied on law and convention prior to the 2d amendment (in fact, way back into English history) for the notion that the right to "keep and bear arms" is a right to use arms in self defense. Nothing in the 2d ammendment expresses such a purpose explicitly---if there it is implicit in the interpretation of "to keep and bear arms." So, Breyer points out that essentially the same constituency that established the constitution and the first 10 ammendments (ratified in 1791), had passed regulations affecting the use of weapons in self defense under constitutional provisions of their times, which were stronger than the 2d amendment. Some of these constitutional provisions were the unwritten English provisions that the majority insisted supported such a right. Others were the existing state constitutions:
"Pennsylvania, like Massachusetts, had at the time one of the self-defense-guaranteeing state constitutional provisions on which the majority relies." (p. 7 of Breyer, 120th page of the PDF file)
In other words, according to Breyer, the majority relied on law preceding the 2d amendment to infer interpretations that should be applied to that amendment, yet ignored evidence that contemporary jurisprudence had not interpreted those laws in the way relied on by the majority:
"Massachusetts residents must have believed this kind of law compatible with the provision in the Massachusetts Constitution that granted 'the people... a right to keep and to bear arms for the common defence'---a provision that the majority says was interpreted as 'secur[ing] an individual right to bear arms for defensive purposes.' " (p. 6 of Breyer, 119th page of the PDF file)
"A CA gets compromised in the way you're discussing, and there's economic hell to pay."
I hope that we won't post this assertion too many more times before someone provides at least one example where a CA has paid some "economic hell," or at least a plausible scenario regarding the mechanism by which this "econonomic hell" is paid. I have seen no evidence whatsoever that a failure of a CA will lead to large scale refusal to accept its certificates.
The guy who shows up in the truck (to borrow from the analogy) will have his cert, which is signed by the bank, which is signed by a CA, which is signed by a root CA. All of the people in that chain assume liability.
I have seen the assertion that CAs "assume liability" many times, but I have never seen a demonstration that they actually do. Neither a case where a CA provided relief to someone who relied on a certificate, nor the language in which a CA expresses the assumption of liability. I would very much like to see someone post an authoritative description of the actual assumption of liability by an actual CA (followed by an analysis from a competent lawyer).
I have no proof that CAs, such as Verisign, fail to back up their certificates, but all of my experience in related areas makes me assume that they do not. I have very explicit experience with agencies that provide credit reports, and I know definitely that they take no responsibility for the correctness of the reports. I think that the right default assumption for CAs is that they similarly dodge responsibility, until someone presents the evidence that they bear it.
Your post is nearly unique in being short, to the point, totally on target, free of extraneous noise.
I wanted to contact you individually, but didn't see how to do it through your slashdot ID, hence this posted reply.
It appears to me (and to a number of other people who have a bit of reputation in security, which I don't), that self-signed records should be the starting point for "identity" on the network.
"For most purposes it's sufficient to know I'm talking to the same guy I was last time."
You have expressed probably the most important observation in the whole area. Furthermore, without the ability to know that all messages in a conversation come from the same agent, you can't accomplish anything else. And self signature is much easier than chain o' trust. Ergo, identity on the network should be founded on a system of self-signed records, with add-on services as they prove worth the trouble. (Roughly as delivery is founded on best-effort IP, with TCP,..., HTTP as add-ons.)
I was working on this point some years ago, when I got permanently sick. I am unable to finish a publication without a co-author. On the outside chance that you want to do it, please write.
I think that the essential service is a free (OK, maybe just very cheap, but I bet it turns out free) server for self-signed associations of public keys with addresses (presumably, mostly IP numbers). The sponsor of the server should verify nothing about those who post records, and should ostentatiously deny all responsibility for their identities.
Almost all of the functionality is already provided by DNS implementations, where the domain names contain hashes of public keys. Google could provide the service next week (yes, I've contacted my buddies at Google, but they haven't bit on the hook).
To preview my ideas, you can check out
1. Pages 187-215 in the lecture slides with notes for a course that I cooked up a few years ago:
3. A published article: "A Proposal to Separate Handles from Names on the Internet." Communications of the Association for Computing Machinery, 48(12):78-83, December 2005. Slightly longer version:
2-4 describe the application of the same service to provide non-mnemonic free domain names/handles that won't be fought over in court and stolen. During the long wait for the article to appear in CACM, I realized that I should think of it first as Public-Key Infrastructure, with the handle function as a side benefit.
A quick look at the SFLC's article (http://www.softwarefreedom.org/resources/2008/osp-gpl.html) makes this quite clear. OSP provides an irrevocable license to use a specification as it is written today. It makes no commitment whatsoever to license updates. A little bit more reading reveals that the irrevocably licensed uses of the current specification are also very limited.
So, it makes perfect sense, as stated by SFLC, that the license is irrevocable, but has no irrevocable value, since Microsoft has discretion to destroy the value of the licensed behavior. To quote directly:
While technically an irrevocable promise, in practice the OSP is good only for today.
This makes perfectly good sense. The promise is irrevocable. But it's "good"ness may easily be destroyed, by destroying the value of the promised license.
Caveat: I am reporting what I read in the SFLC's article. I have not checked their facts independently.
8. Single data entry. Sometimes this happens without thinking, but if you blow it badly, it creates havoc. Each piece of information required from the user should be entered precisely once in precisely one context (per interaction---the context can be different depending on what else the user has done, but it shouldn't vary according to accidents of the program execution). Every sufficiently complex system starts to drift away from this principle, so that a single change requires a user to hunt down several different entries of that change, which nobody can do consistently correctly. Then, it is outrageously hard to find the particular wrong entry that's causing a particular problem.
Of course, this doesn't rule out independent re-entry for the purpose of consistency checking, such as the re-entry of a password. But that sort of re-entry needs to be followed immediately by a consistency check and correction.
Any Browser Campaign: http://www.anybrowser.org/campaign/ (even if your application isn't on the Web, the principles are similar, particularly for accessibility).
Study the Model/Controller/View pattern from the software pattern community. Sorry I don't have a specific pointer. Keep in mind that the 3-part pattern is probably a mistake for most purposes: Controller and View usually have to be combined, because the boundary changes between levels of abstraction. This pattern doesn't have to do with how the interface looks to the user, rather it has to do with structuring software so that you have a prayer of controlling the user interface part of the design. Many projects accomplish this pattern (without necessarily knowing about the pattern idea) by organizing work into a function library and a user interface exercising that library.
A key principle (not sure where it's documented) is orthogonality. At some level of design (definitely at the library level), it's very important to identify the fundamental operations that make sense conceptually (in the previous item, these are the natural operations of the Model). "Orthogonality" just means that each fundamentel operation should be essentially independent of the others. Next, make sure that you never lose access to these fundamental operations. Now, you can design combinations of operations to satisfy the most common user needs, without leaving frustrating gaps where a user with a slightly unusual need cannot perform the right operations, because they are only available in unwanted combinations.
Whenever you provide a level of operation that you think makes things simple for the user, try to leave some way to get a transparent view of the technical level below it, in case your notion of "simple" isn't always quite the right one. E.g., Apple screwed this principle up very badly in Garage Band, which hides the individual sound files totally from any user who relies on the Mac's views of the file system. Only through a Unix terminal interface does one discover that the "project" is a directory, with lots of files in it. An early version had a bug, in which the "Save As" button did not actually save a file. There was no way to discover this until it was too late (and I lost one of my best audition recordings to this bug, and resolved never to touch Garage Band again).
Which reminds me of one of the best ways to learn good interface structure: observe lots of bad examples. They are plentiful. The downside is you can spend infinite time on this survey.
By the early '90s, people were routinely giving source code to their customers, rather than trusting "code escrow" services.
By the early '60s, people were routinely giving source code to their customers.
Mr. Stallman explains in his historical writings and speeches how he first saw free software ethics in action in the early behavior of both academic and commercial software developers. When vendors moved, in a very large way, away from free source, he recognized the danger, and opposed the trend with his proselytizing for free software. The whole context in which you worked in the early 90's was shaped by that.
You don't mention what sort of software you provide to your customers. Unless it includes an operating system kernel, then they depend either on binary-only code from MS or Apple, or on free code that depends one way or another on Mr. Stallman's free software movement (yes, even if it's not licensed under GPL).
I started studying computing in 1969, and devoted my career to it. I contributed to the world as much as I could figure out and accomplish. Mr. Stallman's contributions are so many orders of magnitude greater than mine, I am filled with awe. All of my software development, research, or teaching today depends on things that he supported in various ways. I have no interest in carping about his personal affect, nor the things that he didn't do in addition to all that he did, nor the things that could conceivably have been done better if someone else who didn't do them had done them. Nor in the supposition that those ignorant of his work were therefore not aided by it.
Thanks very much. The "fractal" round that you found is different from the 3, 4, and 5 that I had already, so I grabbed it eagerly.
The contest explanation says that it concluded in April 2004. They don't seem to be going on any clear annual schedule. Since round 3 was at the end of 2004, I think this is probably SCC2.
Well, I was troubled when I ran povray on the winning program, and got only a still picture. After some muddling around, I noticed that the contest rules specified an "ini.txt" file, to wit:
I love this stuff, and want to look at all of it. I found SCC3 at http://ozviz.wasp.uwa.edu.au/~pbourke/exhibition/scc3/final/ but I can't find contests number 1, 2, nor 4. I tried the Wayback machine, with no luck. Maybe I didn't search right. Anybody know where to find 'em?
Slashdot Mirror
6a. It's hard for a university to tell faculty what to do. If a faculty PI backs you releasing code, you should be OK. University's are especially reluctant to contradict faculty who bring in grant money. There might be some small (usually, infinitesimal) chance of making money from your software. That works out on the average less than once in the lifetime of a randomly chosen university. There is a definite rake-off from the grant. For every dollar spent at the behest of the PI, the university collects an additional $.idcr from the grant, where idcr is the "indirect cost rate". "Indirect cost" is often called, incorrectly, "overhead". Theoretically, it covers the fair share of general costs, including administration, physical plant, ..., attributable to the project. It used to be determined by a big negotiation between each university and its main funding agency, using all sorts of bean counts. Now, it's mostly just fiat from the government, take it or leave it. For a university, the rate is generally below 50% last time I checked (which means they get less than 1/3 of the total grant as "indirect cost", since this is the indirect cost rakeoff as a percentage of the direct cost, not of the total). For commercial labs, it was generally above 100%, because they have to make a profit. So do the universities, but they have to use a different legal word, since they are "nonprofit organizations." As far as I can tell, no university actually knows how federal funding affects its balance sheet. They seem to operate on faith that, while indirect cost rates are too low to yield a profit, and only reduce a loss, the payback through increased prestige produces a net win.
7. Universities have a good starting point for claiming ownership of all sorts of stuff produced by faculty, other employees, anything coming from a research grant. There's often a knee-jerk reaction to claim it because they can. They more often lose money that way than make it. I helped my university agree to theoretical profit-sharing on an absolutely brilliant idea from a colleague, which allowed a dazzlingly fast solution of hidden-surface problems in computer graphics. We spend some 10s of thousands patenting, and I'm pretty sure that nobody has licensed the patent in its lifetime. The right faculty member may be able to remind people that they have more to gain from keeping the grant in good shape, making investigators happy, taking credit for supporting development of something, than from trying to control it.
Good luck,
Years ago, I helped write part of the copyright/patent policy (I try to avoid the phrase "Intellectual Property," which as far as I know is not recognized in law) for my university, served on the faculty committee making recommendations for disputes, and guided one colleague through a patent owned by the university. You can easily figure out which university I'm at, but it's not really relevant, this was years ago, I think they threw out the part that I wrote (and I don't care), ... Nonetheless, I can make some observations that might help you figure things out.
1. The status of work at a university is very weird, and it's hard to find two people who understand it the same way. The law's concept of work for hire seems clear, but universities accept the notion that they haven't hired all of your work, not even all that you perform during normal working hours (which are never normal at the U). I heard very high administrators say that faculty are faculty all the time, 24x365.25. But we also pretend that our salary only covers 9 months, and we are allowed to take summer jobs in which we make contracts providing our work to other institutions. Point: it's totally unclear.
2. Almost all work under a US government grant is done as a university employee. The feds grant the money to the university. Under the terms of the grant, a principal investigator (PI) has wide authority to tell the university how to spend the money (and almost no accountability for doing it wrong---universities get dinged for statistical estimates of the amount of mistakes made by PIs). Anyone working on the grant is a university employee, paid from "restricted funds."
3. The feds have never to my knowledge claimed ownership of work performed under research grants. In the past, they have explicitly encouraged universities and other corporations to own and exploit patents and copyrights obtained with grant funds. There is a trend toward requiring open sharing of some grant results, but I haven't studied this. It may only apply to data so far, and it probably varies between funding agencies.
4. Universities have good grounds for claiming that work done with their money (a very ambiguous category, as I mentioned in #1) is work for hire, patents and copyrights due to them. They routinely give back the copyrights to creators, on the excuse that these copyrights have to do with publication of research. That's often true, but it is also applied to rather cynically produced textbooks, that appear to be written mainly for plunder (which very few of them actually capture).
5. Universities have a mission to publish research, and they get financially valuable prestige from research associated with them. They tend to avoid obstacles on research publication. I recommend associating software as closely as possible with research articles and reports. Maybe the source code is an appendix. Maybe the journal won't print it, but they'll give the URL reference. Years ago, I think I established a policy that my U would never stand in the way of software being released to the public (GPL, BSD, implicit full license---incorrectly referred to as "public domain"). I don't think this policy was ever violated, I don't think it ever will be, but a lot of people don't have confidence in it.
6. Toothpaste comes out of tubes more easily than it goes back in. Anything posted on SourceForge, released with an explicit statement of GPL or other irrevocable open license, is unlikely to be closed down successfully in the future, especially by an organization as clumsy and partly benign as a university.
Gotta go to class. I'll add observations as a self-reply later. I'm not very interested in arguing any of this---just sharing my experience.
through shear luck
I think you mean, "sheer luck."
> Will change mean that slavery is now something
> that can finally be put to bed 145 years after
> it ended?
Slavery became unconstitutional in the USA in 1865 (http://en.wikipedia.org/wiki/Thirteenth_Amendment_to_the_United_States_Constitution).
Hereditary chattel slavery was pretty well abolished in the USA at that time.
Government-supported slavery of a very brutal sort, involving tens of thousands of people, almost all of them black men, in chains doing hard and often fatal work, particularly in coal mines, continued until the 1940s, after the Japanese attack on Pearl Harbor. At that point the federal government, which had deliberately ignored the practice for decades, decided that the Germans and Japanese would use it in propaganda, and therefore it must end. Check out Slavery by Another Name (http://www.slaverybyanothername.com/), by Douglas Blackmon, Atlanta Bureau Chief of the Wall Street Journal.
> Now we just need cigarettes that cure baldness.
Now, cut it out! God made a few good heads. He had to cover the rest with hair.
I'm quite annoyed with paniq for scooping me with this post.
God made some perfect heads. The rest he covered with hair.
I'm sitting here typing on my Lenovo with pre-installed Linux that I bought from Los Alamos Computers (http://laclinux.com/en/Start).
One-time pad ciphertext does appear to be random. Shannon proved that it has perfect secrecy.
</quote>
Right. But Smith/Yard make a stronger claim than randomness. They claim that the content of each channel does not depend on the message at all. Once the one-time pad is determined, the encoded message is determined completely by the plaintext. By encoding the plaintext into a quantum entanglement prior to the creation of either random channel, they are able to tell a story in which each channel's contents appear to be, not only random, but not functionally determined from the plaintext.
I think that Khashishi has got the essence of the 0+0>0 thing here. I haven't completely penetrated the noise in the Smith/Yard ArXiv article yet, but I'd bet my money that it boils down to this:
Take two channels in each of which all bits are completely random, and independent of the information that you wish to send. Let each bit of your information determine the correllation or anticorrellation of corresponding bits in the two channels, by introducing a quantum constraint between them before their actual random values are determined. Then, as in Khashishi's description, the xor of the two random channels is the message.
The only difference I detect in Smith/Yard vs. Khashishi is that they use quantum trickery to make the whole thing look symmetric. Neither of the random channels predates the other. Each one, evaluated singly, appears to be completely independent of the encoded message. In Khashishi's description, the time sequence in the construction of the two random sequences makes one of them seem a priori random, and the other to be a one-time pad encoding of the message, while in the Smith/Yard article you can't tell which is which.
It seems more like a meretricious way of telling a causal story about a well-known phenomenon than something truly "essentially quantum."
And, don't rely on the Slashdot title: "Supreme Court Holds Right to Bear Arms Applies to Individuals."
..."), and the legislatures' powers to regulate (not to prohibit entirely) its exercise ("A well regulated militia ...").
... Other law in force around the same time appears to regard restrictions on the individual storage and use of small firearms to be perfectly consistent with state constitutional provisions that were stronger than the 2d amendment.
Both the majority and the dissenters agreed that the 2d amendment reserves a right to individuals. They disagreed regarding the scope of that right ("... to keep and bear arms
The 2d amendment is one of those sentences that appears clear at first glance, then one wonders what are "arms," what it means to "bear" them,
My hunch, completely uninformed by serious historical research, is that the language came out a bit fuzzy because the Framers didn't agree among themselves, and chose language that each could suppose to be consistent with his own views.
Actually, on page 46 of his opinion, the 113th page of the PDF file, Stevens wrote:
..."). The majority inferred specific limitations on that regulation, not from the language of the constitution, but from various earlier sources, including similar clauses in state constitutions which the Framers of the 2d amendment specifically read and decided not to copy, and ancient English customs.
"The Court would have us believe that over 200 years ago, the Framers made a choice to limit the tools available to elected officials wishing to regulate civilian uses of weapons, and to authorize this Court to use the common-law process of case-by-case judicial lawmaking to define the contours of acceptable gun control policy."
The majority and the dissenters had agreed that the 2d amendment allowed the government to provide the regulation mention in the preamble ("A well-regulated milita
A reading of Justice Stevens' whole dissent makes it pretty clear that he objects to the substitution of modern case law, based on precedents that were not included in the language of the 2d amendment, for the judgment of legislatures regarding the proper regulation of the keeping and bearing of arms.
Where does this "discredit[ing]" appear?
From page 4 of Breyer's dissent (117th page in the PDF file):
... a right to keep and to bear arms for the common defence'---a provision that the majority says was interpreted as 'secur[ing] an individual right to bear arms for defensive purposes.' " (p. 6 of Breyer, 119th page of the PDF file)
"colonial history itself offers important examples of the kinds of gun regulation that citizens would then have thought compatible with the 'right to keep and bear arms,' whether embodied in Federal or State Constitutions, or the background common law. And those examples include substantial regulation of firearms in urban areas, including regulations that imposed obstacles to the use of firearms for the protection of the home."
The majority relied on law and convention prior to the 2d amendment (in fact, way back into English history) for the notion that the right to "keep and bear arms" is a right to use arms in self defense. Nothing in the 2d ammendment expresses such a purpose explicitly---if there it is implicit in the interpretation of "to keep and bear arms." So, Breyer points out that essentially the same constituency that established the constitution and the first 10 ammendments (ratified in 1791), had passed regulations affecting the use of weapons in self defense under constitutional provisions of their times, which were stronger than the 2d amendment. Some of these constitutional provisions were the unwritten English provisions that the majority insisted supported such a right. Others were the existing state constitutions:
"Pennsylvania, like Massachusetts, had at the time one of the self-defense-guaranteeing state constitutional provisions on which the majority relies." (p. 7 of Breyer, 120th page of the PDF file)
In other words, according to Breyer, the majority relied on law preceding the 2d amendment to infer interpretations that should be applied to that amendment, yet ignored evidence that contemporary jurisprudence had not interpreted those laws in the way relied on by the majority:
"Massachusetts residents must have believed this kind of law compatible with the provision in the Massachusetts Constitution that granted 'the people
"A CA gets compromised in the way you're discussing, and there's economic hell to pay." I hope that we won't post this assertion too many more times before someone provides at least one example where a CA has paid some "economic hell," or at least a plausible scenario regarding the mechanism by which this "econonomic hell" is paid. I have seen no evidence whatsoever that a failure of a CA will lead to large scale refusal to accept its certificates.
I have seen the assertion that CAs "assume liability" many times, but I have never seen a demonstration that they actually do. Neither a case where a CA provided relief to someone who relied on a certificate, nor the language in which a CA expresses the assumption of liability. I would very much like to see someone post an authoritative description of the actual assumption of liability by an actual CA (followed by an analysis from a competent lawyer).
I have no proof that CAs, such as Verisign, fail to back up their certificates, but all of my experience in related areas makes me assume that they do not. I have very explicit experience with agencies that provide credit reports, and I know definitely that they take no responsibility for the correctness of the reports. I think that the right default assumption for CAs is that they similarly dodge responsibility, until someone presents the evidence that they bear it.
Mike O'Donnell
Dear Mr. Znork,
Your post is nearly unique in being short, to the point, totally on target, free of extraneous noise.
I wanted to contact you individually, but didn't see how to do it through your slashdot ID, hence this posted reply.
It appears to me (and to a number of other people who have a bit of reputation in security, which I don't), that self-signed records should be the starting point for "identity" on the network.
"For most purposes it's sufficient to know I'm talking to the same guy I was last time."
You have expressed probably the most important observation in the whole area. Furthermore, without the ability to know that all messages in a conversation come from the same agent, you can't accomplish anything else. And self signature is much easier than chain o' trust. Ergo, identity on the network should be founded on a system of self-signed records, with add-on services as they prove worth the trouble. (Roughly as delivery is founded on best-effort IP, with TCP, ..., HTTP as add-ons.)
I was working on this point some years ago, when I got permanently sick. I am unable to finish a publication without a co-author. On the outside chance that you want to do it, please write.
I think that the essential service is a free (OK, maybe just very cheap, but I bet it turns out free) server for self-signed associations of public keys with addresses (presumably, mostly IP numbers). The sponsor of the server should verify nothing about those who post records, and should ostentatiously deny all responsibility for their identities.
Almost all of the functionality is already provided by DNS implementations, where the domain names contain hashes of public keys. Google could provide the service next week (yes, I've contacted my buddies at Google, but they haven't bit on the hook).
To preview my ideas, you can check out
1. Pages 187-215 in the lecture slides with notes for a course that I cooked up a few years ago:
http://people.cs.uchicago.edu/~odonnell/Teacher/Courses/Strategic_Internet/Slides/
(That's at the end, up to but not including the last two pages in case your viewer numbers differently from mine.)
2. a horribly messed up page in progress:
http://people.cs.uchicago.edu/~odonnell/Citizen/Network_Identifiers/
3. A published article: "A Proposal to Separate Handles from Names on the Internet." Communications of the Association for Computing Machinery, 48(12):78-83, December 2005. Slightly longer version:
http://xxx.lanl.gov/abs/cs.NI/0302017
4. An Internet Draft:
http://xxx.lanl.gov/abs/cs.NI/0301011
2-4 describe the application of the same service to provide non-mnemonic free domain names/handles that won't be fought over in court and stolen. During the long wait for the article to appear in CACM, I realized that I should think of it first as Public-Key Infrastructure, with the handle function as a side benefit.
Cheerio,
Mike O'Donnell
michael_odonnell at acm.org
So, it makes perfect sense, as stated by SFLC, that the license is irrevocable, but has no irrevocable value, since Microsoft has discretion to destroy the value of the licensed behavior. To quote directly:
This makes perfectly good sense. The promise is irrevocable. But it's "good"ness may easily be destroyed, by destroying the value of the promised license.
Caveat: I am reporting what I read in the SFLC's article. I have not checked their facts independently.
I had the components in the wrong order:
http://en.wikipedia.org/wiki/Model-view-controller
I'm pretty sure that someone wrote an article on the need to combine view and controller. I may be able to look in up on Monday.
8. Single data entry. Sometimes this happens without thinking, but if you blow it badly, it creates havoc. Each piece of information required from the user should be entered precisely once in precisely one context (per interaction---the context can be different depending on what else the user has done, but it shouldn't vary according to accidents of the program execution). Every sufficiently complex system starts to drift away from this principle, so that a single change requires a user to hunt down several different entries of that change, which nobody can do consistently correctly. Then, it is outrageously hard to find the particular wrong entry that's causing a particular problem.
Of course, this doesn't rule out independent re-entry for the purpose of consistency checking, such as the re-entry of a password. But that sort of re-entry needs to be followed immediately by a consistency check and correction.
Have fun!
By the early '60s, people were routinely giving source code to their customers.
Mr. Stallman explains in his historical writings and speeches how he first saw free software ethics in action in the early behavior of both academic and commercial software developers. When vendors moved, in a very large way, away from free source, he recognized the danger, and opposed the trend with his proselytizing for free software. The whole context in which you worked in the early 90's was shaped by that.
You don't mention what sort of software you provide to your customers. Unless it includes an operating system kernel, then they depend either on binary-only code from MS or Apple, or on free code that depends one way or another on Mr. Stallman's free software movement (yes, even if it's not licensed under GPL).
I started studying computing in 1969, and devoted my career to it. I contributed to the world as much as I could figure out and accomplish. Mr. Stallman's contributions are so many orders of magnitude greater than mine, I am filled with awe. All of my software development, research, or teaching today depends on things that he supported in various ways. I have no interest in carping about his personal affect, nor the things that he didn't do in addition to all that he did, nor the things that could conceivably have been done better if someone else who didn't do them had done them. Nor in the supposition that those ignorant of his work were therefore not aided by it.
Thanks very much. The "fractal" round that you found is different from the 3, 4, and 5 that I had already, so I grabbed it eagerly.
The contest explanation says that it concluded in April 2004. They don't seem to be going on any clear annual schedule. Since round 3 was at the end of 2004, I think this is probably SCC2.
http://local.wasp.uwa.edu.au/~pbourke/exhibition/scc4/final/
But still can't find 1 & 2.
I love this stuff, and want to look at all of it. I found SCC3 at http://ozviz.wasp.uwa.edu.au/~pbourke/exhibition/scc3/final/
but I can't find contests number 1, 2, nor 4. I tried the Wayback machine, with no luck. Maybe I didn't search right. Anybody know where to find 'em?