Windows, as an architecture, has sufficient ACLs, but has a long-standing chicken-and-egg legacy problem with applications requiring admin access, causing users to run as admin. Microsoft is trying to solve this in Vista with UAC.
If I exploit a browser vulnerability on each box, in Windows, I get access to the whole system and can take over complete control of the machine. If I do the same thing to a linux box, I've only gotten control over that users account. To own the machine, I need to gain root access.
Except on Vista with IE7. By default IE7 runs at an even lower integrity level than a standard user, so a vulnerability couldn't even wipe out the user's files unless it found a *second* exploit which enabled an elevation of privilege attack. Then it might be able to affect the user's files. A *third* level of exploit would be required to compromise the system.
Of course, these security layers sit between the user and the user wanting to watch dancing and singing hamsters. If the user *really* wants to watch the hamsters, all bets are off, especially if they have admin access to their own machine. When it comes to personally owned machine (not machines maintained by an admin for your school), this is something the Linux community still overlooks: Trojan horses.
A task bar height of more than one row will show the date -- just click the top of it then drag it upward. Combined with auto-hide and you have the best of both worlds.
On Vista, the tooltip shows more information. Also, a single-click brings up a nice calendar view that (finally!) doesn't actually attempt to change your date and time as you click around. Minor features, but nice enhancements.
Outside a cubicle, there is no such person. Find me a push over like that with a PhD in any scientific field and I'll give you a nickel. "Superior", that cracks me up. These people use Word only when their computer Inferiors demand it. You don't really want to know what they think of journals.
-
Friends don't help friends install MS junk.
BITS stands for "Background Intelligent Transfer Service" and is simply a way to download files using idle bandwith. It's fully documented in MSDN, see http://msdn2.microsoft.com/en-us/library/aa362708. aspx, and among many things it's used by some browser downloading plugins (similar to DownloadThemAll) that enhance downloading of large files. It's not just used by Windows Update.
Do we need additional articles to state that a malicious program on a compromised machine could use FTP to download additional files? Or HTTP? Or BitTorrent? Or roll their own protocol?
Based on the article, it sounds like the only concern is that because BITS is a service (daemon in the Unix world), it means that firewalls or malware detection tools that attempt to block outgoing requests (which most don't; they block listening ports) may not currently detect this because it's not the malicious.EXE itself that's opening a port; it calls into BITS, which opens the port. However, the app still has to use a public API to instantiate the BITS object, so there's no reason such a program couldn't hook that as well.
Unfortunately the article summary (and headline of the BBC article!) completely misrepresents the issue and blows it way out of proportion. They are not Hijacking Windows Update. They're using a generic well-documented downloading service that also happens to be used by Windows Update simply because it enables WU to download updates without gobbling up all your bandwidth.
Now that the cat is out of the bag, to counter this I am selling 128-bit IDs that I will guarantee to be unique (as in, not already in use) so that you don't risk infringing on somebody else's ID.
I only have a limited supply, so act fast! Yours for only $1 each.
dlenmn, one of the things you overlook is the risk that the distributor is taking. I'm not an expert in this line of business, but I imagine that there are at least two risk factors:
1) If the distributor actually buys the product at the wholesale cost and then resells at the price he thinks he can make, what happens if he can't even sell at the wholesale cost? Does he keep the inventory available forever or can he send it back to the manufacturer for a refund? If the latter, then the "price-fixing" isn't quite as bad. If the former, then the distributor is taking on a very significant amount of risk by stocking the product and potentially getting screwed by the manufacturer's bad pricing scheme.
2) Shelf Cost. For lack of a better word (since I'm not a retail expert), it seems that there's a certain cost for placing items from a manufacturer on display (or in online advertisements, etc.) for consumers. Afterall, that's what a distribution channel is. It's not free, so it's a risk that the distributor is taking regardless of whether the manufacturer refunds the cost of unsold products.
As an aside, this also keep distributors from trying alternative business models. In the grocery industry, for example, it is common to be a "loss leader" on certain products in order to attract customers who are likely to buy other (profitable) items. I'm all for promoting legit alternative business practices, and this goes against that.
Ah, but each service carries some subset of all the music available -- in other words, what has happened is that the monopoly copyright provides is effectively transfered down the chain to music players.
Intuitively, I find that fixing this is the least offensive of the "everything copyable should be freeeee!" movement, but at the same time the difficultly is that the alternative actually restricts the ability for other companies to try alternative business models.
For example, let's say I want to buy a song from Garth Brooks. Curiously, none of the music services I've tried (as far as I can remember) offer his songs for download. Maybe iTunes does; I haven't tried that one. But that's perfectly fine in my view -- he (or his distributor, or whatever) decided he didn't want to distribute his songs under that model. Who am I to force him to?
One of the great things about the music business is that there's a lot of talent out there. This means there's a lot of opportunity to create and try new business models, even if not everybody signs on. Exclusivity can be used to push business models, both to an individual consumer's advantage and disadvantage. But that's OK.
for example, you can't buy anything except an iPod and expect it to work with iTunes. . . Free markets really only work when there are viable alternatives.
Huh? I must have been hallucinating when I walked into Best Buy over the weekend and saw non-iPod MP3 players. I must have also had the same fever when browsing the web learning about services such as Zune and Yahoo! Music, which let you not only purchase non-iTunes music for use with those hypothetical non-iPod players, but also subscribe to services which let you download unlimited music for a monthly fee. Alternative business models - imagine that!
Now, if the government regulated that all music players must be iPods and forced everybody else out of the industry then we would have cause for concern. Until then, use iPod if you like it or you think it makes you look cool, and use whatever else if you like that. But don't complain that you don't have choices, because you do.
Oh, and while you're at it, please favor either subscription services or services where when you buy a song you get the *rights* to play that song in perpetuitity regardless of how technology progresses. Buying the same music over and over is lame. (I have yet to see a business promoting the latter, but if there's more demand...)
They do have an interesting point -- the current system is asymmetric. A large, vertically intergrated retailer -- who sells products that they make -- can set their own "minimum price" that all their stores must follow. However, under the current interpretation of the law, a company that does its sales through independent retailers can't set such a price. Seems sort of silly to favor one group over the other.
Actually, I think this makes sense. If you want control over the price of a product that you manufacture then form your own distribution channel that doesn't rely on others taking risk stocking your product. Alternatively, if you want to take advantage of a broad distribution mechanism controlled by a 3rd party, simply set your wholesale price to something reasonable for both your own interests and those of the distributors. Who cares what price the distributor charges after that?
If the distributor "outsmarted" the manufacturer by understanding the market would bear a price significantly higher than the wholesale price, then the manufacturer learned a lesson and can refine their business practices for the next iteration. That's how business works. If the manufacturer can't sell a product and dumps it at a low price, potentially damaging the brand image for products (like *cough*handbags/purses*cough) that are sold at artificially hyper-inflated prices, then too bad. That's how business works.
It sounds like this handbag company wants the best of both worlds. Maybe they should have tried scalping Playstation 3's on ebay instead. ("Hey, if I sell for a profit, great! If I can't sell for above what I paid, I'll just take it back to the store!")
The only way I think this could possibly be reasonable is that if there were no concept of a wholesale price and the manufacturer relied on the distributor to set the price, and would only get paid a certain percentage of whatever the distributor decided to sell the product for. Then the distributor starts selling cars for five bucks. But this isn't how business works.
What you are forgetting is that the lack of copyright will reduce the incentive for people to create new material.
If YouTube is successful and sets a precedent, I hope you are happy with watching reruns for all the stuff created between ~1900-2007, because everything else will likely be created by India and China, with serious DRM protecting their content.
DNG is an attempt by Adobe to consolidate RAW formats. As a digital photographer I hope they're successful too.
But think of it this way: in a photographer's workflow one does not usually alter the RAW (or DNG) file -- it's the raw sensor data from the camera. In other words, DNG is the digital negative, and HD Photo would be more like the "print", with the cropping and sharpening applied, tweaked level/curves, etc..
It sounds like Adobe is also interested embracing HD Photo and doesn't consider it a competitor to DNG.
If you look at the history people have been changing Licensing section of the Wikipedia article as we speak, but it still sounds to me like what I said is true: GPL software can use the format, but it would be have to be implemented based on the spec and not the reference implementation. I guess we will have to wait and see if it's officially added to the "Open Specification Promise".
It could be the best thing since sliced bread and orgasms but I wouldn't touch it with YOUR ten foot pole if it comes from MS... because they've earned that level of distrust and have already tried to play fast and loose with licensing in the past (take a look at the whole Sender-ID fiasco if you have any doubts).
I'm not aware of the details on this issue, but based on some web searches it sounds like it was fairly quickly resolved in a way that enabled GPL implementations, PLUS it sounds like the HD Photo spec was made to be compatible from the outset.
Regardless, if your sole measuring stick for new technology is whether the company decides to *not only* give it away free, but does so in a way that respects the transitive/viral nature of the GPL, then you're clearly out of touch with reality. Have fun doing low-level tech support and janitorial work all your life! Cheers!
Before slamming the format, please read more about it. Regardless of what you think about Microsoft, I think it has great potential. Some highlights:
High dynamic range
Embedded ICC color profile
Lossy and lossless compression
Ability to decode part of the image without decoding the whole thing (see below)
Ability to crop, downsample (i.e. thumbnails), and rotate without decoding the whole image
Very efficient encoding and decoding, useful not only on the desktop, but also specifically designed for fast encoding and decoding on devices like digital cameras
High quality and small file size. (Around half the file size as JPEG (or) twice the quality. Claimed to be similar to JPEG 2000 without the additional performance and memory impact.)
TIFF-like container
The licence for the format *is* supposedly compatible with the GPL; only the source code for the reference implementation is not.
Because this is a compressed domain operation, the server never had to decode or re-encode the compressed data to create this low resolution "thumbnail" of the larger, high resolution image. The only work involved was to copy a portion of the compressed data and wrap it up in a container to make a new HD Photo file. This very small HD Photo file is sent across the network connection, and then decoded by the HD Photo codec on the client to provide the low resolution view required for the particular display.
When zooming in to the fine details of a high resolution image, the HD Photo codec is able to very quickly extract an arbitrary rectangular region by accessing only the image tiles that overlap that region. Like the mipmaps described above, this is accomplished by simply extracting a small portion of the compressed data and building a new (and very small) HD Photo file to be sent across the network. The client receives and decodes this small file, combining it with the other segments required to display the required view.
IMHO this seems like a well-balanced format that has most of the advantages of a cornucopia of different formats (JPEG, JPEG 2000, RAW, TIFF) without the corresponding disadvantages. If it's not successful, I at least hope something equivalent is!
It's hard to know where to begin and others have commented on many of the problems with this so-called analysis, but I want to take issue with one of the core statements in the article:
A system call is an opportunity to address memory. A hacker investigates each memory access to see if it is vulnerable to a buffer overflow attack. The developer must do QA on each of these entry points. The more system calls, the greater potential for vulnerability, the more effort needed to create secure applications.
Huh? This is perhaps the most oversimplified and outright incorrect statement about what it takes to create secure applications that I have ever seen.
Let's take one very simple counterexample. Let's imagine that in the Apache* scenario, all string operations use the legacy C APIs (strcpy, strcat, sprintf, etc.) and the developers were too lazy to even add the manual error-prone bounds checks, whereas in IIS6, all string operations use Microsoft's strsafe.h replacement APIs (StringCchCopy, StringCchCat, StringCchPrintf, etc.) with extra diligence to make sure they are correct and even protect against integer overflows. Now which application is more secure, regardless of whether one has more lines on a graph?
I'm guessing the author's intent was to talk about attack surface area and how it relates to securing applications, but this is an extremely poor way to do it.
* - For the pedants, I'm not saying this is really the case with Apache.
but I think this sort of thing should be handled on the player itself and *NOT* by the operating system.
The problem is that if the data path isn't secure then type type of DRM is worthless. Unfortunately, the only way to make that path secure (between the playback device and the screen/speakers) is to do it through the OS and the drivers. This is what puts MS in the dilemma (or opportunity, if you will) it's in.
Eventually, at some point, Consumers are going to stand up en mass for their rights.
I certainly hope so. I strongly oppose copyright violation because I believe the people who creates stuff (music, movies, software, books, etc.) deserve to be compensated and have some say over how their work is distributed. But at the same time I have now been burned enough times by DRM that I avoid it as much as possible. Currently I have a ton of songs purchased from MSN Music that I can't play on Vista for some reason, so I'll eventually have to burn them to CD (using my XP partition) and rip them, just so that I can play them on the very same machine I purchased them on.
I'm holding out hope that one day we'll figure out the right way to compensate the people who actually help *create* music/movies/software/etc. in a way that encourages creation and risk taking, is non-restrictive, and doesn't disproportionately reward "second handers" like the current system does. Yeah, I can dream.:)
I can't help but think that you guys are missing the point.
Anyone building hardware and/or software to play back modern media currently has two choices:
1) Implement the restrictions and allow the content to be viewable.
2) Don't allow the content to be viewable at all. (i.e. No HD-DVD or Blu-Ray playback, period.)
Microsoft doesn't create movies or music. Their only interest in implementing these things is so that users have a way of playing content on their operating system. Apple and Linux vendors will also have to bend over for the RIAA and MPAA if they want to be able to support viewing the content. There's a chance that Steve Jobs will bend the universe to his will on this and avoid it, but it's doubtful. Linux users will probably just find ways hack around it, and ignore the fact they're breaking the law (no matter how ill-conceived that law may be; the point is that if Microsoft breaks the same law they would be sued into oblivion. It's simply not an option.).
Blaming Microsoft for this DRM fiasco is lame. If you don't like DRM, focus your blame on those that deserve it and buy your media from sources that don't promote it.
That said, one thing that could be argued is that Microsoft wields enough money/power that they could fight back against the RIAA, MPAA, etc. and block the media industry's attempts to create such lame DRM policies. Personally I don't believe they have this amount of clout, especially with the antitrust thing still hanging over their head.
Shads, for the record I have no respect for companies that:
a) File bullshit patents for common sense or obvious things, with the hope that one will slip by and get granted.
b) File patents with no intent to follow through and build a product that realizes said patent.
and/or
c) File possibly legit patents (creative algorithms and such), but silently sits on them until someone else's independent invention becomes popular, or even the de facto standard, and then surfaces their submarine patent and holds everybody hostage.
Intellectual property is necessary and has a net positive affect, but that doesn't mean it isn't abused.
Yes, they were designing a nail, why would they be looking at screws?
No, they were looking for a practical way to lessen the devastating affects of hurricanes and earthquakes and you completely dismissed their research and development with your "duh, screws" comment.
This is innovation in the same way the Microsoft does "innovation".
Actually, this was my primary reason for responding. Because it's not a teleporter and time machine all-in-one device, you and many others like you don't find it innovative. That's not because it's not innovative, it's because you don't understand what innovation is. You confuse innovation with some sort of absolutely-pure groundbreaking invention, whereas 99% of real innovation consists of incremental (and sometimes subtle) improvements such as this. But even those small improvements are important and often take years of research and development.
I think we all know by now that just because its been patented doesn't mean that its original or non-obvious...
It hasn't been patented; it's patent pending. Maybe it will get rejected. But with most innovations, they're "obvious" once you have 20/20 hindsight, even though it may have taken years of research and development and testing to figure out.
In other words, you're saying that Bostitch's team of researchers spent six years researching and designing a product and accidentally overlooked the screw? And in naming it a "Best of What's New", PopSci also must have also overlooked that very subtle and mostly unknown but perfectly viable alternative: the screw?
And of course, for the patent pending features I'm sure they never thought to go to a hardware store and look at other nails. It's clear that your 20 seconds of thought is superior to their six years of research.
It's so typical of Slashdot readers to waaay underestimate and devalue real research & development and the seemingly minor innovations that come out of it, but fall short of completely revolutionary turn-the-world-upside-down grand-scale innovations -- like building a time machine and teleporter (that's also portable and inexpensive, of course!).
However, looking at your home page, as a researcher it's surprising that you're one of these people.
Your pumpkin argument breaks down: most working musicians play music primarily because they love it, not because they think they will sell records. In most cases, just about the worst thing that can happen to a musician's career is to get suckered into a major label deal...
As you can see by my other posts, I'm highly in favor of artists choosing the distribution model that works best for them. For some artists, giving away CDs or songs on the internet and then charging modest fees to attend performances is a *great* model and they should be free to do so. Again, it comes down to the creators being able to choose how their creation is distributed. I don't think we have any disagreement here.
It should be your problem if you choose to sell a product that is too easy to steal for you to turn a profit, not the taxpayer's.
The problem is that as the people creating software/music/movies/etc. find that people are willfully ignoring their copyright, they're resorting to draconian measures to force the content to be protected. This results in consumer-unfriendly solutions such as:
Product Activation (i.e. Windows XP, Photoshop PS2)
Increasingly "tamper-resistant" game consoles (Xbox 360, PS3, etc.)
So, I guess if you prefer a world where you could *try* to copy stuff without much risk of prosecution but the content providers end up locking everything down so hard that you can no longer even run arbitrary software on your PC, then YAY! you're winning. I prefer to have proper "fair use" rights over the content I buy and the ability to run arbitrary software on the hardware I buy.
Let's imagine another situation: this mass-copied Jane's software is (illegally) used by a scientist to create AIDS cure. What now?
Jane sues said scientist for a percentage of the billions of dollars of profit he will get for selling said cure to (individuals | governments).;-)
More seriously, my situation was realistic and not an edge case hypothetical situation. Usually Jane isn't a single person who works for ten solid years, but more like a conglomeration of five people over two years who take a chance to build a product, and has a good chance of being run out of business because of piracy -- of either their own product or a competitor's product that would normally be 10x the price.
As per my other post, currently the piracy situation in North America is mitigated by people with high enough moral standards to protect copyright, whether it be the GPL or commercial software. But just because the situation still happens to be managable doesn't mean that piracy is OK.
It's hard to come by specific stories, especially individual's failures where they go out of business quickly without a huge commotion on the internet, but a little-known company named "id" which you might have heard of has made statements that corroborate my point such as:
"Piracy is hard," Cloud continued, "It's really - from my opinion, destroying the PC market." Cloud believes there are many good ideas on how to solve the problem, "but when you look out there at the number of games that are getting pirated, it is just devastating."
"There is about seventy-percent of the landmass of the world where you can't sell games in a legitimate market, because pirates will beat you to the shelves with your own game. And that is a serious problem," Hollenshead concluded.
Another little company named Ritual Entertainment has commented that:
Some recent calculations revealed that, last week, gamers with pirated copies of Emergence requesting support outnumbered gamers with legitimate copies of Emergence requesting support by a ratio of nearly five to one. This, understandably, is a source of great frustration for Russell, who is essentially performing two jobs at Ritual and who only has a finite amount of time to spend on each.
But that's ok, right? Like another poster said, since other people pay for software, it means that *you* don't have to. You can be one of the pirates, and the chumps can pay to support the creation of the software.
In another post I spoke about how this has affected my personal incentive, as well as other great software engineers I know. This is a real problem, and the only reason it hasn't collapsed is that people are basically good and have enough morals to know -- at least by the time they're on their own and not living with their parents -- that creating intellectual property takes a ton of time and effort, and therefore has value, and the choice of how the creator wants to distribute it should be respected.
Slashdot Mirror
Windows, as an architecture, has sufficient ACLs, but has a long-standing chicken-and-egg legacy problem with applications requiring admin access, causing users to run as admin. Microsoft is trying to solve this in Vista with UAC.
Except on Vista with IE7. By default IE7 runs at an even lower integrity level than a standard user, so a vulnerability couldn't even wipe out the user's files unless it found a *second* exploit which enabled an elevation of privilege attack. Then it might be able to affect the user's files. A *third* level of exploit would be required to compromise the system.
Of course, these security layers sit between the user and the user wanting to watch dancing and singing hamsters. If the user *really* wants to watch the hamsters, all bets are off, especially if they have admin access to their own machine. When it comes to personally owned machine (not machines maintained by an admin for your school), this is something the Linux community still overlooks: Trojan horses.
On Vista, the tooltip shows more information. Also, a single-click brings up a nice calendar view that (finally!) doesn't actually attempt to change your date and time as you click around. Minor features, but nice enhancements.
Well, it's good to see that you're open minded...
BITS stands for "Background Intelligent Transfer Service" and is simply a way to download files using idle bandwith. It's fully documented in MSDN, see http://msdn2.microsoft.com/en-us/library/aa362708. aspx, and among many things it's used by some browser downloading plugins (similar to DownloadThemAll) that enhance downloading of large files. It's not just used by Windows Update.
Do we need additional articles to state that a malicious program on a compromised machine could use FTP to download additional files? Or HTTP? Or BitTorrent? Or roll their own protocol?
Based on the article, it sounds like the only concern is that because BITS is a service (daemon in the Unix world), it means that firewalls or malware detection tools that attempt to block outgoing requests (which most don't; they block listening ports) may not currently detect this because it's not the malicious .EXE itself that's opening a port; it calls into BITS, which opens the port. However, the app still has to use a public API to instantiate the BITS object, so there's no reason such a program couldn't hook that as well.
Unfortunately the article summary (and headline of the BBC article!) completely misrepresents the issue and blows it way out of proportion. They are not Hijacking Windows Update. They're using a generic well-documented downloading service that also happens to be used by Windows Update simply because it enables WU to download updates without gobbling up all your bandwidth.
Now that the cat is out of the bag, to counter this I am selling 128-bit IDs that I will guarantee to be unique (as in, not already in use) so that you don't risk infringing on somebody else's ID.
I only have a limited supply, so act fast! Yours for only $1 each.
Going with Leafyhost for web hosting.
dlenmn, one of the things you overlook is the risk that the distributor is taking. I'm not an expert in this line of business, but I imagine that there are at least two risk factors:
1) If the distributor actually buys the product at the wholesale cost and then resells at the price he thinks he can make, what happens if he can't even sell at the wholesale cost? Does he keep the inventory available forever or can he send it back to the manufacturer for a refund? If the latter, then the "price-fixing" isn't quite as bad. If the former, then the distributor is taking on a very significant amount of risk by stocking the product and potentially getting screwed by the manufacturer's bad pricing scheme.
2) Shelf Cost. For lack of a better word (since I'm not a retail expert), it seems that there's a certain cost for placing items from a manufacturer on display (or in online advertisements, etc.) for consumers. Afterall, that's what a distribution channel is. It's not free, so it's a risk that the distributor is taking regardless of whether the manufacturer refunds the cost of unsold products.
As an aside, this also keep distributors from trying alternative business models. In the grocery industry, for example, it is common to be a "loss leader" on certain products in order to attract customers who are likely to buy other (profitable) items. I'm all for promoting legit alternative business practices, and this goes against that.
Intuitively, I find that fixing this is the least offensive of the "everything copyable should be freeeee!" movement, but at the same time the difficultly is that the alternative actually restricts the ability for other companies to try alternative business models.
For example, let's say I want to buy a song from Garth Brooks. Curiously, none of the music services I've tried (as far as I can remember) offer his songs for download. Maybe iTunes does; I haven't tried that one. But that's perfectly fine in my view -- he (or his distributor, or whatever) decided he didn't want to distribute his songs under that model. Who am I to force him to?
One of the great things about the music business is that there's a lot of talent out there. This means there's a lot of opportunity to create and try new business models, even if not everybody signs on. Exclusivity can be used to push business models, both to an individual consumer's advantage and disadvantage. But that's OK.
Huh? I must have been hallucinating when I walked into Best Buy over the weekend and saw non-iPod MP3 players. I must have also had the same fever when browsing the web learning about services such as Zune and Yahoo! Music, which let you not only purchase non-iTunes music for use with those hypothetical non-iPod players, but also subscribe to services which let you download unlimited music for a monthly fee. Alternative business models - imagine that!
Now, if the government regulated that all music players must be iPods and forced everybody else out of the industry then we would have cause for concern. Until then, use iPod if you like it or you think it makes you look cool, and use whatever else if you like that. But don't complain that you don't have choices, because you do.
Oh, and while you're at it, please favor either subscription services or services where when you buy a song you get the *rights* to play that song in perpetuitity regardless of how technology progresses. Buying the same music over and over is lame. (I have yet to see a business promoting the latter, but if there's more demand...)
Actually, I think this makes sense. If you want control over the price of a product that you manufacture then form your own distribution channel that doesn't rely on others taking risk stocking your product. Alternatively, if you want to take advantage of a broad distribution mechanism controlled by a 3rd party, simply set your wholesale price to something reasonable for both your own interests and those of the distributors. Who cares what price the distributor charges after that?
If the distributor "outsmarted" the manufacturer by understanding the market would bear a price significantly higher than the wholesale price, then the manufacturer learned a lesson and can refine their business practices for the next iteration. That's how business works. If the manufacturer can't sell a product and dumps it at a low price, potentially damaging the brand image for products (like *cough*handbags/purses*cough) that are sold at artificially hyper-inflated prices, then too bad. That's how business works.
It sounds like this handbag company wants the best of both worlds. Maybe they should have tried scalping Playstation 3's on ebay instead. ("Hey, if I sell for a profit, great! If I can't sell for above what I paid, I'll just take it back to the store!")
The only way I think this could possibly be reasonable is that if there were no concept of a wholesale price and the manufacturer relied on the distributor to set the price, and would only get paid a certain percentage of whatever the distributor decided to sell the product for. Then the distributor starts selling cars for five bucks. But this isn't how business works.
What you are forgetting is that the lack of copyright will reduce the incentive for people to create new material.
If YouTube is successful and sets a precedent, I hope you are happy with watching reruns for all the stuff created between ~1900-2007, because everything else will likely be created by India and China, with serious DRM protecting their content.
DNG is an attempt by Adobe to consolidate RAW formats. As a digital photographer I hope they're successful too.
But think of it this way: in a photographer's workflow one does not usually alter the RAW (or DNG) file -- it's the raw sensor data from the camera. In other words, DNG is the digital negative, and HD Photo would be more like the "print", with the cropping and sharpening applied, tweaked level/curves, etc..
It sounds like Adobe is also interested embracing HD Photo and doesn't consider it a competitor to DNG.
If you look at the history people have been changing Licensing section of the Wikipedia article as we speak, but it still sounds to me like what I said is true: GPL software can use the format, but it would be have to be implemented based on the spec and not the reference implementation. I guess we will have to wait and see if it's officially added to the "Open Specification Promise".
An AC wrote:
I'm not aware of the details on this issue, but based on some web searches it sounds like it was fairly quickly resolved in a way that enabled GPL implementations, PLUS it sounds like the HD Photo spec was made to be compatible from the outset.
Regardless, if your sole measuring stick for new technology is whether the company decides to *not only* give it away free, but does so in a way that respects the transitive/viral nature of the GPL, then you're clearly out of touch with reality. Have fun doing low-level tech support and janitorial work all your life! Cheers!
Before slamming the format, please read more about it. Regardless of what you think about Microsoft, I think it has great potential. Some highlights:
Also, take a look at http://labs.live.com/photosynth and http://blogs.msdn.com/billcrow. To quote one thing from his blog:
IMHO this seems like a well-balanced format that has most of the advantages of a cornucopia of different formats (JPEG, JPEG 2000, RAW, TIFF) without the corresponding disadvantages. If it's not successful, I at least hope something equivalent is!
It's hard to know where to begin and others have commented on many of the problems with this so-called analysis, but I want to take issue with one of the core statements in the article:
Huh? This is perhaps the most oversimplified and outright incorrect statement about what it takes to create secure applications that I have ever seen.
Let's take one very simple counterexample. Let's imagine that in the Apache* scenario, all string operations use the legacy C APIs (strcpy, strcat, sprintf, etc.) and the developers were too lazy to even add the manual error-prone bounds checks, whereas in IIS6, all string operations use Microsoft's strsafe.h replacement APIs (StringCchCopy, StringCchCat, StringCchPrintf, etc.) with extra diligence to make sure they are correct and even protect against integer overflows. Now which application is more secure, regardless of whether one has more lines on a graph?
I'm guessing the author's intent was to talk about attack surface area and how it relates to securing applications, but this is an extremely poor way to do it.
* - For the pedants, I'm not saying this is really the case with Apache.
The problem is that if the data path isn't secure then type type of DRM is worthless. Unfortunately, the only way to make that path secure (between the playback device and the screen/speakers) is to do it through the OS and the drivers. This is what puts MS in the dilemma (or opportunity, if you will) it's in.
I certainly hope so. I strongly oppose copyright violation because I believe the people who creates stuff (music, movies, software, books, etc.) deserve to be compensated and have some say over how their work is distributed. But at the same time I have now been burned enough times by DRM that I avoid it as much as possible. Currently I have a ton of songs purchased from MSN Music that I can't play on Vista for some reason, so I'll eventually have to burn them to CD (using my XP partition) and rip them, just so that I can play them on the very same machine I purchased them on.
I'm holding out hope that one day we'll figure out the right way to compensate the people who actually help *create* music/movies/software/etc. in a way that encourages creation and risk taking, is non-restrictive, and doesn't disproportionately reward "second handers" like the current system does. Yeah, I can dream. :)
I can't help but think that you guys are missing the point.
Anyone building hardware and/or software to play back modern media currently has two choices:
1) Implement the restrictions and allow the content to be viewable.
2) Don't allow the content to be viewable at all. (i.e. No HD-DVD or Blu-Ray playback, period.)
Microsoft doesn't create movies or music. Their only interest in implementing these things is so that users have a way of playing content on their operating system. Apple and Linux vendors will also have to bend over for the RIAA and MPAA if they want to be able to support viewing the content. There's a chance that Steve Jobs will bend the universe to his will on this and avoid it, but it's doubtful. Linux users will probably just find ways hack around it, and ignore the fact they're breaking the law (no matter how ill-conceived that law may be; the point is that if Microsoft breaks the same law they would be sued into oblivion. It's simply not an option.).
Blaming Microsoft for this DRM fiasco is lame. If you don't like DRM, focus your blame on those that deserve it and buy your media from sources that don't promote it.
That said, one thing that could be argued is that Microsoft wields enough money/power that they could fight back against the RIAA, MPAA, etc. and block the media industry's attempts to create such lame DRM policies. Personally I don't believe they have this amount of clout, especially with the antitrust thing still hanging over their head.
Shads, for the record I have no respect for companies that:
a) File bullshit patents for common sense or obvious things, with the hope that one will slip by and get granted.
b) File patents with no intent to follow through and build a product that realizes said patent.
and/or
c) File possibly legit patents (creative algorithms and such), but silently sits on them until someone else's independent invention becomes popular, or even the de facto standard, and then surfaces their submarine patent and holds everybody hostage.
Intellectual property is necessary and has a net positive affect, but that doesn't mean it isn't abused.
No, they were looking for a practical way to lessen the devastating affects of hurricanes and earthquakes and you completely dismissed their research and development with your "duh, screws" comment.
Actually, this was my primary reason for responding. Because it's not a teleporter and time machine all-in-one device, you and many others like you don't find it innovative. That's not because it's not innovative, it's because you don't understand what innovation is. You confuse innovation with some sort of absolutely-pure groundbreaking invention, whereas 99% of real innovation consists of incremental (and sometimes subtle) improvements such as this. But even those small improvements are important and often take years of research and development.
It hasn't been patented; it's patent pending. Maybe it will get rejected. But with most innovations, they're "obvious" once you have 20/20 hindsight, even though it may have taken years of research and development and testing to figure out.
In other words, you're saying that Bostitch's team of researchers spent six years researching and designing a product and accidentally overlooked the screw? And in naming it a "Best of What's New", PopSci also must have also overlooked that very subtle and mostly unknown but perfectly viable alternative: the screw?
And of course, for the patent pending features I'm sure they never thought to go to a hardware store and look at other nails. It's clear that your 20 seconds of thought is superior to their six years of research.
It's so typical of Slashdot readers to waaay underestimate and devalue real research & development and the seemingly minor innovations that come out of it, but fall short of completely revolutionary turn-the-world-upside-down grand-scale innovations -- like building a time machine and teleporter (that's also portable and inexpensive, of course!).
However, looking at your home page, as a researcher it's surprising that you're one of these people.
As you can see by my other posts, I'm highly in favor of artists choosing the distribution model that works best for them. For some artists, giving away CDs or songs on the internet and then charging modest fees to attend performances is a *great* model and they should be free to do so. Again, it comes down to the creators being able to choose how their creation is distributed. I don't think we have any disagreement here.
The problem is that as the people creating software/music/movies/etc. find that people are willfully ignoring their copyright, they're resorting to draconian measures to force the content to be protected. This results in consumer-unfriendly solutions such as:
So, I guess if you prefer a world where you could *try* to copy stuff without much risk of prosecution but the content providers end up locking everything down so hard that you can no longer even run arbitrary software on your PC, then YAY! you're winning. I prefer to have proper "fair use" rights over the content I buy and the ability to run arbitrary software on the hardware I buy.
Jane sues said scientist for a percentage of the billions of dollars of profit he will get for selling said cure to (individuals | governments). ;-)
More seriously, my situation was realistic and not an edge case hypothetical situation. Usually Jane isn't a single person who works for ten solid years, but more like a conglomeration of five people over two years who take a chance to build a product, and has a good chance of being run out of business because of piracy -- of either their own product or a competitor's product that would normally be 10x the price.
As per my other post, currently the piracy situation in North America is mitigated by people with high enough moral standards to protect copyright, whether it be the GPL or commercial software. But just because the situation still happens to be managable doesn't mean that piracy is OK.
Cite 1 reference where this has happened IRL.
It's hard to come by specific stories, especially individual's failures where they go out of business quickly without a huge commotion on the internet, but a little-known company named "id" which you might have heard of has made statements that corroborate my point such as:
Another little company named Ritual Entertainment has commented that:
But that's ok, right? Like another poster said, since other people pay for software, it means that *you* don't have to. You can be one of the pirates, and the chumps can pay to support the creation of the software.
In another post I spoke about how this has affected my personal incentive, as well as other great software engineers I know. This is a real problem, and the only reason it hasn't collapsed is that people are basically good and have enough morals to know -- at least by the time they're on their own and not living with their parents -- that creating intellectual property takes a ton of time and effort, and therefore has value, and the choice of how the creator wants to distribute it should be respected.