it's a untraceable way to download music (no way for the RIAA to track users or sue).
How is it untraceable? As I understand it (and I could be wrong), when one listens to streamed music over the web (as opposed to music broadcast over the air waves), one must make a specific recordable connection with the source of the music. Your IP number will be recorded somewhere.
Perhaps what is meant is that while there will be a record that you were listening, there will be no proof that you were recording. Indeed, contrary to downloading a MP3, the presumption will be that you "only" listening and nothing (useable) remained on your hard drive.
Of course if enough people do this, that presumption will be reversed. Imagine a world where 95% of the people have and use software that will, with one click, correctly snip, save, and index every song streamed to their computers. When this happens, the RIAA will make a case that streaming a song is for all practical purposes the same as uploading an MP3 of the same song, and thus subject to the same copyright considerations.
And, depending on how you read the law, it's 100% legal.
Really? How? What interpretation of the law supports this? Any precedents? Your "right" to "back-up" that which you never owned rights to in the first place?
People have always recorded music off of the radio, and always will. However, that never made it "legal"; only cost-ineffective to police or prohibit. The one click recording of perfect digital data will be perceived as something different.
The makers of this software have probably just increased the likelihood of point to point DRM.
First Draft of the Prime Directive?
on
Our Man In Black
·
· Score: 4, Informative
As suggested by NASA's Michael Meyer, there is an ethical component to decisions we make as we move outward from our planet to explore other worlds. As such, NASA's Planetary Protection Advisory Committee has a bioethicist on it. The first cases of interaction between life from two worlds could happen as we explore Mars, or perhaps Europa. This will likely be limited to simple lifeforms. At some point we'll have to deal with more complex issues.
As indicated, dealing with simple life forms does not present many of the issues addressed in the Prime Directive:
As the right of each sentient species to live in accordance with its normal cultural evolution is considered sacred, no Star Fleet personnel may interfere with the healthy development of alien life and culture. Such interference includes the introduction of superior knowledge, strength, or technology to a world whose society is incapable of handling such advantages wisely. Star Fleet personnel may not violate this Prime Directive, even to save their lives and/or their ship unless they are acting to right an earlier violation or an accidental contamination of said culture. This directive takes precedence over any and all other considerations, and carries with it the highest moral obligation.
To be fair, there are important differences between Google and Akamai, differences that assure that Google won't be breaking into Akamai's business anytime soon, nor Akamai moving into Google's. Both companies have developed infrastructure for running massively parallel systems, but the applications that they are running on top of those systems are different. Google's primary application is a search engine. Akamai, by contrast, has developed a system for delivering Web pages, streaming media, and a variety of other standard Internet protocols.
Two businesses in completely different lines of work don't usually make good merger partners. They're neither competitors nor in a supplier/customer relationship.
In any other industry, this might be true. I'm not sure it is true here.
Perhaps I'm being simplistic, but wouldn't it make some economic sense to be in the business of searching and indexing the very same web pages that you are already hosting? Wouldn't there be some cost savings? Some, gulp, synergies? Savings on hardware? Bandwidth? Optimizing your web hosting to make search more efficient or productive?
Note that I did say "one future security hole". While the crypto we have know, with "a sufficiently large key", they *will* become trivial to break in the future. If (when) quantum computing becomes available to anyone with a decent bank roll then we'll need quantum crypto to remain secure. I don't think waiting until that time is a good idea. Getting a head start is.
Very good point. FWIW, I actually thought of this (really;)... after I posted. You are right, one cannot afford to wait.
But I also think I raised a valid point. One cannot do everything -- or at least everything well. Choices have to be made. Investment in quantum crptography may be a good choice, and perhaps a better one than investing in more training, education, etc. re: social attacks. However, I still suspect that one (not the only, perhaps not the most important, but one) reason for the investment in QC is that it is interesting. Spending money on paper shreders and training employees to use them, etc., is less than fascinating.
Should deadbolts not have been developed because most people break in through windows?
Should we spend limited resources to improve deadbolts that are currently, and are expected to remain, unbreakable, when there are not sufficient resources to improve and adequately secure windows?
Should we stop working on vaccines to deadly viruses just because most people die of heart disease or cancer?
Should we continue to work on vaccines to deadly viruses if: (a) ten times as many people die of heart disease; and (b) spending the money on heart disease could reasonably be expected to save and improve the lives of at least five times as many people?
It's called progress. People work on improving their own peice of the puzzle and the whole system improves as a whole by the sum of the efforts.
It is called cost-benefit analysis. Given limited resources, people decide which investments of time, effort and money will provide the greatest returns.
Firstly, the security this sort of thing provides is at a different stage in the process to anything a social attack would work on, so the two concepts are unrelated.
The two different security issues are related in the way almost, if not all, issues are related. Time, money and resources. If you spend them in an effort to address one problem they can't be spent in an effort to address another.
Secondly, even if they were related, you're appear to be suggesting we might as well not bother patching one future security hole because a different one also exists? Thats crazy. We should tackle all security risks, not just one particular one.
Should we really attack all security risks at the same time when we have limited resources? To borrow an analogy from a post below, does it make sense to spend money to make an even better, super duper dead bolt when: (a) nobody has cracked, or is expected to crack, current dead bolts; and (b) there is not enough money to secure the window? I honestly don't know, what current or reasonably expected vulnerability is quantum cryptography designed to remedy? Are current systems too slow, or expected to become too slow in the future? Does it address a real problem?
Lastly, socially engineered attacks are most often people giving up a PIN or forging a signature. That affects one account per attack. If a cracker gets past the sort of stage that Quantum Cryptography protects they have the opportunity to automate and reap every transaction the bank carries out.
If true, this is a good point, but I'm not sure it is true. First, I'm not sure that there is any reasonable expectation that a cracker will get "past the sort of stage that Quantum Cryptography protects." I thought the consensus was that current systems, given a sufficiently large key, were for all practical purposes unbreakable. Secondly, while social engineering attacks may, in fact, "most often" involve "people giving up a PIN or forging a signature," resulting in a single loss, that is not necessarly true in all cases. One can readily imagine an employee being socially engineered into giving system wide acess to an "execute," "repairman," or "consultant."
It may (or may not) be the case that the money would be better and more efficiently spent on training, education, etc. to prevent socially engineering attacks. But that wouldn't be cool.
Isn't there a right to privately leave unmarked packages in an airport?
I'm not sure if you are joking, but if you are not you may want to look at the U.S. Supreme Court decision in California v. Greenwood, 486 U.S. 35 (1988). The Court stated:
The issue here is whether the Fourth Amendment prohibits the warrantless search and seizure of garbage left for collection outside the curtilage of a home. We conclude, in accordance with the vast majority of lower courts that have addressed the issue, that it does not.
I understand that this is not directly on point in that it concerns garbage. However, in this age of terrorism I very much doubt that the Supreme Court is going to hold that the authorities cannot take fingerprints off of a package apparently abandoned at an airport, train station, etc.
...on their own web search technology and become a metasearch engine? From the WebCrawler About Page:
WebCrawler uses innovative metasearch technology to search the Internet's top search engines, including Google, Yahoo, Ask Jeeves, About, Teoma, FindWhat, LookSmart, and many more.
With one single click, WebCrawler searches the best results from the combined pool of the world's leading search engines -- instead of results from only one single search engine.
And WebCrawler makes it easy to refine your search so you can find the most meaningful results right away. No wonder it's a leader in the search industry.
2001 InfoSpace acquires WebCrawler. Excite, now Excite@Home, went belly up. In the bankruptcy, Infospace acquired WebCrawler. Today Infospace runs WebCrawler as a meta-search engine. And they've given Spidey a new name and turned him purple!
Oh, and if it is not being otherwise used, has the code for the WebCrawler spider been open-sourced?:)
No, there is no chance in a properly engineer application for hydrogen to make this house go BOOOM!
Sort of like the Space Shuttle. Twice. Just like Three Mile Island. Certainly Ford Pintos never went BOOOM!
Assuming there is "no chance in a poperly engineered application for hydroden to make this house go BOOOM!," what is the chance that the application will not be properly engineered for economic or other reasons... including hubris?
Let me guess. If it does go "BOOOM" then it was, of course, not properly engineered. In other words, you have stated a tautology.
I'm sure many/.'ers are aware of this, but the fact that the Hindenburg was filled with Hydrogen had very little to do with the disaster.
I'm not sure this is true. While Hydrogen was not the cause of the disaster -- as in the substance that first caught fire -- it is not clear to me that the fact the Hindenburg was filled with Hydrogen didn't make the disaster much worse. Would the disaster have been as bad had the Hindenburg been filled with Helium? Would it have been consumed by fire so quickly? Is there any chance that more people could have survived?
I honestly don't know, but I think the above are legitimate questions.
This kind man responsible for finding this vulnerability is going to present this exploit at the security conference in Vancouver this Thursday. He then predicts "hackers will understand how to begin launching attacks 'within five minutes of walking out of that meeting.'"
Will this be a case where public disclosure and discussion of the vulnerability in fact caues the development of the exploit? Sort of like this case:
It's no record moment; it is (as-ever) a wake up call to the slashdot croud who perpetually fool themselves as to how good linux is. As this article highlights, failing to interact with such basic hardware as a sound card makes it unviable for mom & pop situations! How can you possibly expect people to have to try 9 different distros just for them to get the music working?
I wonder if there is any possiblity that the writer deliberately or accidentally selected distributions that would not work. From the Langa Letter: Linux's Achilles' Heel:
With that caveat in mind, I'll tell you that the "XYZ" software in the above was
Xandros 2.0 Deluxe. But again, none of the Linux distributions I've tried so far on this PC succeeded in getting the sound working. That includes majors, such as two versions of Slackware, two versions of SuSE, plus Debian, Xandros, and Lindows; as well as several specialty distros like Knoppix, Knotix, Morphix, and Gentoo. You can count that as seven major versions and four minors; or as nine distributions; but no matter how you count them, not one of those Linuxes fully worked.
Personally, I'm surprised and disapointed re: Suse. However, I'm also a bit surprised that someone who is seriously trying evaluate Linux and get a sound card to work didn't try either Mandrake or Red Hat.
When can we expect Malware: Fighting Ignorant Users? Not trying to troll, this should be step 1 in the battle.
In addition, what about legal remedies? It appears that many people legally "agree" to the installation of various forms of malware by mindlessly clicking through on licensing agreements. While consumer education is one possible solution, changing the law of contract might provide another solution. Obviously, these solutions are not mutually exclusive.
Many contracts are, by either statute or common law, void as a matter of public policy. This is one possible solution.
Other contracts (e.g., in the areas of consumer credit, mortgages, etc.) have required language or other provisions.
In other areas (e.g., limitations of liability, waiver of implied warranties, and again consumer credit, mortgages, etc.) there are requirements reqarding the use of clear and understandable language, prominent disclosures and even the size of the type face.
To my knowledge, none of the above possible remedies have been enacted re: click through agreements.
Backporting 2.6 features helps everyone because it subjects those features to more testing, meaning that 2.6 will be better as a result.
But is this testing in a different context or enviroment -- i.e., of a patch or feature in 2.4 instead of 2.6 -- useful? More precisely, is such testing as useful as the testing of the patch or feature in the enviroment for which it was designed, i.e., 2.6?
I have to ask whether your library has a fast internet connection and whether the computers have CD burners (that library clients can use)?
Not to disparage your idea by implication, it is excellent. I just thought that the above could help people access software the library does not have on CD. In addition, some Free Software is updated so quickly that a library might have trouble keeping up with regard to receiving and cataloging physical CDs.
Finally, many libraries keep a home page on their computers which lists various reference sites. Perhaps Free Software sites could be added to this list.
Computer scientists at the University of Washington in Seattle developed software to analyse network traffic and identify chunks of data associated with
four known "spyware" programs - Gator, Cydoor, SaveNow and eZula.
They examined the traffic on the university campus and found that 5.1 per cent of all connected machines had one of these four programs running.
(emphasis added) Further, the study "examined the traffic on the university campus."
The move means at a minimum that SCO has more legal wrangling in its future,
but it also raises the possibility that the Royal Bank of Canada, which chipped in $30 million alongside BayStar's investment in October, could follow suit.
RBC is keeping its options open. "We haven't requested a redemption. We're reviewing the situation and will arrive at a decision shortly," said spokesman Paul Wilson.
(emphasis added) Makes one wonder who, if anyone, else owns preferred stock in SCO that is subject to the same or similar provisions.
Slashdot Mirror
How is it untraceable? As I understand it (and I could be wrong), when one listens to streamed music over the web (as opposed to music broadcast over the air waves), one must make a specific recordable connection with the source of the music. Your IP number will be recorded somewhere.
Perhaps what is meant is that while there will be a record that you were listening, there will be no proof that you were recording. Indeed, contrary to downloading a MP3, the presumption will be that you "only" listening and nothing (useable) remained on your hard drive.
Of course if enough people do this, that presumption will be reversed. Imagine a world where 95% of the people have and use software that will, with one click, correctly snip, save, and index every song streamed to their computers. When this happens, the RIAA will make a case that streaming a song is for all practical purposes the same as uploading an MP3 of the same song, and thus subject to the same copyright considerations.
Really? How? What interpretation of the law supports this? Any precedents? Your "right" to "back-up" that which you never owned rights to in the first place?
People have always recorded music off of the radio, and always will. However, that never made it "legal"; only cost-ineffective to police or prohibit. The one click recording of perfect digital data will be perceived as something different.
The makers of this software have probably just increased the likelihood of point to point DRM.
The NASA Requirements for Protecting Life on Other Bodies could be the First Draft of the Prime Directive:
As indicated, dealing with simple life forms does not present many of the issues addressed in the Prime Directive:
In any other industry, this might be true. I'm not sure it is true here.
Perhaps I'm being simplistic, but wouldn't it make some economic sense to be in the business of searching and indexing the very same web pages that you are already hosting? Wouldn't there be some cost savings? Some, gulp, synergies? Savings on hardware? Bandwidth? Optimizing your web hosting to make search more efficient or productive?
Very good point. FWIW, I actually thought of this (really
But I also think I raised a valid point. One cannot do everything -- or at least everything well. Choices have to be made. Investment in quantum crptography may be a good choice, and perhaps a better one than investing in more training, education, etc. re: social attacks. However, I still suspect that one (not the only, perhaps not the most important, but one) reason for the investment in QC is that it is interesting. Spending money on paper shreders and training employees to use them, etc., is less than fascinating.
Should we spend limited resources to improve deadbolts that are currently, and are expected to remain, unbreakable, when there are not sufficient resources to improve and adequately secure windows?
Should we continue to work on vaccines to deadly viruses if: (a) ten times as many people die of heart disease; and (b) spending the money on heart disease could reasonably be expected to save and improve the lives of at least five times as many people?
It is called cost-benefit analysis. Given limited resources, people decide which investments of time, effort and money will provide the greatest returns.
The two different security issues are related in the way almost, if not all, issues are related. Time, money and resources. If you spend them in an effort to address one problem they can't be spent in an effort to address another.
Should we really attack all security risks at the same time when we have limited resources? To borrow an analogy from a post below, does it make sense to spend money to make an even better, super duper dead bolt when: (a) nobody has cracked, or is expected to crack, current dead bolts; and (b) there is not enough money to secure the window? I honestly don't know, what current or reasonably expected vulnerability is quantum cryptography designed to remedy? Are current systems too slow, or expected to become too slow in the future? Does it address a real problem?
If true, this is a good point, but I'm not sure it is true. First, I'm not sure that there is any reasonable expectation that a cracker will get "past the sort of stage that Quantum Cryptography protects." I thought the consensus was that current systems, given a sufficiently large key, were for all practical purposes unbreakable. Secondly, while social engineering attacks may, in fact, "most often" involve "people giving up a PIN or forging a signature," resulting in a single loss, that is not necessarly true in all cases. One can readily imagine an employee being socially engineered into giving system wide acess to an "execute," "repairman," or "consultant."
It may (or may not) be the case that the money would be better and more efficiently spent on training, education, etc. to prevent socially engineering attacks. But that wouldn't be cool.
I'm not sure if you are joking, but if you are not you may want to look at the U.S. Supreme Court decision in California v. Greenwood, 486 U.S. 35 (1988). The Court stated:
I understand that this is not directly on point in that it concerns garbage. However, in this age of terrorism I very much doubt that the Supreme Court is going to hold that the authorities cannot take fingerprints off of a package apparently abandoned at an airport, train station, etc.
Was it 2001? The History states:
Oh, and if it is not being otherwise used, has the code for the WebCrawler spider been open-sourced?
Many of the reasons were previously discussed in the previous Slashdot story, "NASA Gravity Probe Set for Launch."
That is, inertia in big science funding?
In 1995, the GP-B was described as the "only experiment ever devised to test [the existence of frame-dragging]."
However, in 1997 NASA announced that it had successfully tested frame dragging. See also here.
Sort of like the Space Shuttle. Twice. Just like Three Mile Island. Certainly Ford Pintos never went BOOOM!
Assuming there is "no chance in a poperly engineered application for hydroden to make this house go BOOOM!," what is the chance that the application will not be properly engineered for economic or other reasons... including hubris?
Let me guess. If it does go "BOOOM" then it was, of course, not properly engineered. In other words, you have stated a tautology.
The Device Profile states, "The stations run a Linux distribution that 8D developed in-house." Where is the source code? I searched:
8D
http://www.8d.com/
But couldn't find anything. How can we efficiently build on 8D's work to build a better, competitive parking meter without the code?
You can find the decision by the United States Court of Appeal for the Ninth Circuit at:
Kremen, et al. v. Online Classifieds Inc., et al. (pdf warning)
To get the html version, paste this url:
http://www.ca9.uscourts.gov/ca9/newopinions.nsf
into the Adobe PDF Conversion Page.
I'm not sure this is true. While Hydrogen was not the cause of the disaster -- as in the substance that first caught fire -- it is not clear to me that the fact the Hindenburg was filled with Hydrogen didn't make the disaster much worse. Would the disaster have been as bad had the Hindenburg been filled with Helium? Would it have been consumed by fire so quickly? Is there any chance that more people could have survived?
I honestly don't know, but I think the above are legitimate questions.
Will this be a case where public disclosure and discussion of the vulnerability in fact caues the development of the exploit? Sort of like this case:
Will some people again ask whether we should, "Slow Down the Security Patch Cycle?"
Your employer moves the data center to India.
I wonder if there is any possiblity that the writer deliberately or accidentally selected distributions that would not work. From the Langa Letter: Linux's Achilles' Heel
Personally, I'm surprised and disapointed re: Suse. However, I'm also a bit surprised that someone who is seriously trying evaluate Linux and get a sound card to work didn't try either Mandrake or Red Hat.
Wonkette has provided ammunition to her current and future enemies. In order for a public figure or a public official to win a suit for libel, the plaintiff must prove either that the alleged statement was published "with knowledge that the [information] was false" or that it was published "with reckless disregard of whether it was false or not." Wonkette has just provided all future plaintiffs with evidence that she publishes statements with reckless disregard of whether they are true or false.
In addition, what about legal remedies? It appears that many people legally "agree" to the installation of various forms of malware by mindlessly clicking through on licensing agreements. While consumer education is one possible solution, changing the law of contract might provide another solution. Obviously, these solutions are not mutually exclusive.
Many contracts are, by either statute or common law, void as a matter of public policy. This is one possible solution.
Other contracts (e.g., in the areas of consumer credit, mortgages, etc.) have required language or other provisions.
In other areas (e.g., limitations of liability, waiver of implied warranties, and again consumer credit, mortgages, etc.) there are requirements reqarding the use of clear and understandable language, prominent disclosures and even the size of the type face.
To my knowledge, none of the above possible remedies have been enacted re: click through agreements.
But is this testing in a different context or enviroment -- i.e., of a patch or feature in 2.4 instead of 2.6 -- useful? More precisely, is such testing as useful as the testing of the patch or feature in the enviroment for which it was designed, i.e., 2.6?
I have to ask whether your library has a fast internet connection and whether the computers have CD burners (that library clients can use)?
Not to disparage your idea by implication, it is excellent. I just thought that the above could help people access software the library does not have on CD. In addition, some Free Software is updated so quickly that a library might have trouble keeping up with regard to receiving and cataloging physical CDs.
Finally, many libraries keep a home page on their computers which lists various reference sites. Perhaps Free Software sites could be added to this list.
Anyone here speak Amharic? (See also Wikipedia: Amharic language.)
From the travel report:
From the Links to African Projects Page:
And the Ge'ez ftp server:
ftp://ftp.ethiopic.org/
"Lurking "spyware" may be a security weak spot," the New Scientist article mentioned in the prior Slashdot post, reported on an effort to locate only four specific spyware programs:
(emphasis added) Further, the study "examined the traffic on the university campus."
In contrast, the Earthlink effort searched for Adaware software, Adware cookies, System monitors, and Trojan horses . In addition, the Earthlink effort presumably searched the computers connected to its network, a different population.
The SCO - Baystar Exchange Agreement [PDF warning].
According to the ZD Net article BayStar seeks to retrieve investment in SCO:
(emphasis added) Makes one wonder who, if anyone, else owns preferred stock in SCO that is subject to the same or similar provisions.