While most people would tell you that there's more to life than making money, the same people suddenly become completely driven by financial interests when put in a corporate environment.
You mean as in a "Corporation", a legal entity created where people have the legal duty to maximize the profits of the shareholders?
This is an excellent example of my point. Corporations do NOT have a LEGAL duty to maximize the profits of shareholders. Producing profits is why corporations exist, but there is nothing in my contract that says I have a duty to maximize the profits for the shareholders of the company I work for. That said, there is a great deal of pressure to maximize profits. Most of the time, there are no conflicts of interest, so this is a non-issue. However, there may be times when a person's own morals and maximizing profits may be in opposition. In those cases, that person is forced to make a choice between following their morals and towing the party line.
Often times this happens on a very small scale, and usually aren't straightforward, line in the sand kinds of things. Maybe you work at a chemical company whose environmental policy isn't really as sound as you would consider appropriate. Maybe you ship products with a known problem because they've already been manufactured and the problem won't show up under most normal use. Maybe you work espescially long hours because that's what everyone else is doing even though you really feel that you should be at home with your family. All of these are cases where we may do something slightly less than our morals would typically demand because we feel we have to. For some of us, the decisions may be more severe, such as (dare I say it) illegally manipulating financial records.
OK, tell me how DRM is "morally wrong." What's wrong with technology that protects the rights of artists?
Remember: You don't have "complete" control of your car, telephone, or television, either.
I'm sure many people working on DRM would agree with you.
On this we just disagree. I didn't say everyone thought DRM was morally wrong. In fact, there are lots of good uses for it in military and some civilian security settings.
What most people object to is the way that they envision DRM will be implemented for digital media. They predict that instead of empowering artists, DRM will simply further protect the profits of the entrenched media companies, to the detriment of both consumers AND artists. They don't trust the media companies and don't like the prospects of forcing people into trading a general-purpose computer for a DRM-enabled media device that is built around the whole idea that the consumer is untrustworthy.
Things probably aren't quite that bad, but what most people who oppose DRM would agree with are two things:
DRM primarily (if not exclusively) benefits existing media and software conglomerates.
DRM Will restrict consumer rights from the comparative freedom that we have today.
So, like many who worked to split the atom, those who oppose DRM don't morally object to the technology itself, they morally object to what it will be used to do.
--- Their morals--real morality, not technicalities like "can I play my MP3 on fifteen computers with one purchase"--are most likely almost exactly in line with yours or mine ---
I've found that people in groups often have different morals than those individuals have by themselves. I guess it's just the way group dynamics work, but all of the PEOPLE in an organization will often have different morals than those exhibited by the ORGANIZATION itself.
Big corporations are a great example of this. While most people would tell you that there's more to life than making money, the same people suddenly become completely driven by financial interests when put in a corporate environment. Doubly so if they're in a high-level position.
I can only guess at the reasons for this (I've never taken a psychology course), but a feeling of powerlessness within the group combined with a lack of individual accountability (as in "I was just doing what was expected of me") combine to make good people act in ways they normally wouldn't.
What this boils down to is that many of the people involved in DRM development/policy may consider the overall project to be morally wrong, but are able to (consciously or not) justify their part in it enough to become active participants.
The theory is that it's a percentages game. If 80% of people with "superior" genes are capable and 80% of people wih "inferior" genes are incapable, then it makes sense statistically to do gene screening. Sure, there are people who don't fit the mold, but it would probably be more accurate than interviews.
However, there would be so many exceptions that for 20% of the population with "inferior" genes it would be useless discrimination, which is what the movie portrays.
If you do, and they are higher quality than the pre-release builds of Mozilla that you are using, then I can at least understand your frustration.
If you don't get pre-release builds of IE, then why are you upset about the instability of Mozilla pre-release builds? The other platform that you cite gives you NO access to "know the direction the browser is taking all the time."
So, unless you get pre-release builds of IE that are more stable than the pre-release builds of Mozilla, then Mozilla gives you more of a choice. You can either have no idea of the future state of the browser (as you do with IE) or you can get alpha builds that break things, as alpha builds tend to do. If you choose the former, then just support Mozilla 1.0 and ignore the later versions until an official release arrives. If you choose the latter, then you'll have to put up with changing versions and compatibility, but realize that you have chosen this instability in exchange for information about upcoming but unreleased products.
Where I live (Travis County, Texas) we use bubble-in ballots (think Scan-Tron, only with the choices listed on the form and the bubbles next to each choice).
They're VERY clear and easy to read, easy to hand count, and easy for computers to count.
Does this mean that if someone distributes a previously-existing decoder that fell under the free-of-charge clause, they can continue distributing it under the license they originally licensed it with?
Did the original license have a clause where they could change the license terms?
It seems to me that without a clause allowing them to change the license at a later date you could claim that any existing player that fell and continues to fall under the previous exemption doesn't need to pay the fee, since it was licensed under the original terms.
No, bend.over.4.sony should be owned by whoever owns the bend or sony domain (by convention sony). Hierarchical domain names ARE useful, and need some kind of separator. It's the artificial.com that needs to be removed.
Precisely. This is what Chess is all about. Chess is a game about war, where "pawns" are killed without a second thought, and the only thing that matters is killing the other guy.
Of course, the simplicity of the gameplay makes the true meaning of the game too abstract for most modern people to understand.
While the solutions he describes (at least by themselves) aren't necessarily a full security solution, he's right that this is no more secure than existing technologies that are used along with an encrypted disk for data.
Security can be three things: something you know, something you have, and something you are. The wristwatch described here is no more secure than a smartcard reader, espescially if it doesn't involve use of some kind of password or biometric.
What's novel about this solution is threefold:
1.) The encryption occurs when the user goes out of range (essentially a more accurate screen saver lock).
2.) Data in memory on the laptop is encrypted when the screen saver lock is started (i.e. when the user goes out of range).
3.) Data begins to be decrypted when the user is back in range. This is more of a performance thing, and is actually LESS secure, because it is security based solely on what the user has. It would be more secure to wait until the user enters their password AND is within range, or better yet wait for the user to enter their password, scan their fingerprint, and be within range.
So: 1.) is only security-enhancing if you can't convince your users to force-lock their screens when they're away. 2.) is a legitimate security enhancement. 3.) is a performance enhancement of an old security method, and is actually security-disabling as it only relies on what the user has, and not what they know or are.
My suspiscion is that the watch thing is just a red herring for the real security enhancement of encrypting memory while the user is away.
GREG
Just think about using this in a military setting: Owner: You can have the data on my laptop, if you pull this watch from my cold, dead wrist. Enemy: Your proposal is acceptable.
Except that this is an ENGINEERING program, not a CS program. C# (or Java, or even to a certain extent C++) is just way too abstract to be required for anyone trying to get an ECE degree.
Requiring C# is basically like requiring Quantum physics for everyone trying to get an ECE degree. It's nice, but it's such a small part of the field that requiring it as part of a general undergraduate curriculum is wasting a class, and you've only got about 32 (including humanities courses) until the student graduates.
The REQUIRED classes for an ECE degree should include lots of circuits (digital and analog), some assembly, some C (C++ is okay, so long as you're still dealing with low-level stuff like pointers) and then leave the rest to specialization. C# and Java are such abstract languages that they don't have general applicability to the field as a whole, and should only be taught as part of the specialization area.
Now, for CS students abstract languages like C# or Java are an important part of their field, and something along those lines should be required (although there are plenty of alternative languages available to teach similar concepts.)
My wife and I have agreed to always do the LEAST efficient thing... we both put the lid down. Then we both have to put the lid up to use the toilet.
In fact, I've had this habit since before we were married. This way I don't get yelled at for leaving the toilet seat up, but I know that no matter who sits on the toilet next, they're going to have to put at least the lid up.
It's totally inefficient, but it is equal division of labor.
Several online clothing retailers offer the ability to try clothes on a model that you build yourself (presumably to look like whoever you're buying it for.) I know several times my wife and I have used this to evaluate online clothes purchases. It's amazing how accurate even a crude model can be about giving you an idea how clothes will look on a specific person. It's certainly a lot better than just looking at the models.
Then again, since people are doing this already, a 3D image format probably wouldn't improve things that much, although it would allow things to be a little more fluid.
This would actually be quite healthy if everyone were drinking water. I don't know about you, but I don't get my 64oz of water a day without carrying some around with me, and your body tends to process it better if it doesn't come all at once anyways.
So I can't buy the original of some artist's work, paint a big red circle with a line through it on top, and write THIS ARTIST'S WORK IS BAD across the bottom?
What piece of law prevents that?
How about I do all of the above and burn half of it while I'm at it?
I'm not saying that I would actually DO any of the above, just that I don't think I would be prevented from doing so.
Now, if I want to sell prints, then I would need to purchase the copyright from the author. I have no rights to copy the original or the above modified original without them.
Why don't people see this as the free speech issue that it is. I should have the right to take any content produced by someone else and edit it for whatever speech purpose I see fit. Provided I don't break any laws with my speech, then this is and should be protected by the United States First Amendment.
If I purchase a portrait of Mickey Mouse, cut the head off, and replace it with a portrait of my daughter, have I done something wrong? What if I then sell that portrait to someone else? If I pass this off as an actual Disney photo or even something approved by Disney, then I'm slandering (or at least misrepresenting) the company. But, if I give proper attribution, and produce no copies of the copyrighted content beyond those I have purchased, then I have done nothing wrong.
Editing movies may seem like it's hurting the author, but it hurts society more when their speech rights are removed.
Suppose I edit a US Army recruitment video and remove some of the rhetoric and replace it with pictures of the dead in hiroshima, shouldn't this be allowed? How about I just edit out the recruitment parts and only leave the pictures of combat, with the sound muted? Both of these fall squarely into free speech, assuming I only edit the video that I have legally acquired.
Now, how about I edit an alcohol advertisement in a similar fashion, to include pictures of drunk driving fatalities, should this be allowed? How about a cellular phone commercial combined with automobile fatalities involving cellular phones?
All of these are important opportunities for free speech that need to be allowed for true freedom of expression to exist. Editing a movie for content is no different from the above, and in many ways makes similar statements about our motion picture industry. By viewing a movie edited to remove, for instance, sexuality, I am viewing a statement about the prevalence of sexuality in the motion picture industry. It says: "this is what this motion picture could look like without sexuality." That is important speech that should be protected, regardless of how I feel about the role of sexuality in the motion picture industry. Similarly, and edit that adds sexual content should be allowed, again provided proper attribution is provided, and no other laws (such as copyright) are broken.
Probably want to back up/etc also, but I basically agree. It doesn't change as much, but should probably be backed up whenever something in there changes.
The box could sit between your phone and the line. After 1 ring, it picks up the line, plays the tone, and then starts making sounds over the line that sound like rings to a caller on the other end. At the same time, on your phone's end the device looks like a ringing phone line. When you pick up the phone it stops ringing and connects the two lines. Otherwise, it goes back to a wait state when the caller hangs up.
Another fix (not available in a normal unix configuration) is to not allow normal users to have exececutable files. Most users don't need to run anything from their own filespace, they only need to run programs owned by root or some other administrative user.
This requires "developer" accounts that are able to run their own programs, but the average Joe/Jane doesn't need to do this, and so developer accounts can be isolated and used only for development in situations where they're really needed.
A weakness in this solution is that it doesn't prevent the user from opening a file that causes a trusted program to do rm -rf $HOME/*. However, there's very little that can be done to prevent such attacks without having the user periodically back-up their data (recovery, not prevention) or having them edit every file in it's own sandbox requiring explicit user intervention to change (or possibly even read) any other file. (I.E. more hassle than the ordinary user is willing to put up with.)
There are variations on the sandbox idea that can be implemented with capabilities, but these are going to be significantly more complex than the solutions available in current operating systems, and most likely difficult for the average user to secure adequately.
Not quite. MacOS X still has the (user-level) concept of administrator and "user" accounts.
Administrator accounts can use sudo to do pretty much whatever they want.
User accounts cannot use sudo, so they're pretty limited as to what they can do.
However, most people I know only have/use an administrator account, so this limits their protection to that provided by sudo (which is probably reasonable for a personal computer, depending on what the timeouts are set to.)
As for enabling root, after poking around at the security configuration of a friend's box I decided that this is a stupid thing to do from a security perspective, and should only be done if you have a REALLY good reason. (A really good reason would be a unix program that requires that the root account be able to log in, and these are few and far between these days.)
Slashdot Mirror
This is an excellent example of my point. Corporations do NOT have a LEGAL duty to maximize the profits of shareholders. Producing profits is why corporations exist, but there is nothing in my contract that says I have a duty to maximize the profits for the shareholders of the company I work for. That said, there is a great deal of pressure to maximize profits. Most of the time, there are no conflicts of interest, so this is a non-issue. However, there may be times when a person's own morals and maximizing profits may be in opposition. In those cases, that person is forced to make a choice between following their morals and towing the party line.
Often times this happens on a very small scale, and usually aren't straightforward, line in the sand kinds of things. Maybe you work at a chemical company whose environmental policy isn't really as sound as you would consider appropriate. Maybe you ship products with a known problem because they've already been manufactured and the problem won't show up under most normal use. Maybe you work espescially long hours because that's what everyone else is doing even though you really feel that you should be at home with your family. All of these are cases where we may do something slightly less than our morals would typically demand because we feel we have to. For some of us, the decisions may be more severe, such as (dare I say it) illegally manipulating financial records.
I'm sure many people working on DRM would agree with you.
On this we just disagree. I didn't say everyone thought DRM was morally wrong. In fact, there are lots of good uses for it in military and some civilian security settings.
What most people object to is the way that they envision DRM will be implemented for digital media. They predict that instead of empowering artists, DRM will simply further protect the profits of the entrenched media companies, to the detriment of both consumers AND artists. They don't trust the media companies and don't like the prospects of forcing people into trading a general-purpose computer for a DRM-enabled media device that is built around the whole idea that the consumer is untrustworthy.
Things probably aren't quite that bad, but what most people who oppose DRM would agree with are two things:
- DRM primarily (if not exclusively) benefits existing media and software conglomerates.
- DRM Will restrict consumer rights from the comparative freedom that we have today.
So, like many who worked to split the atom, those who oppose DRM don't morally object to the technology itself, they morally object to what it will be used to do.---
Their morals--real morality, not technicalities like "can I play my MP3 on fifteen computers with one purchase"--are most likely almost exactly in line with yours or mine
---
I've found that people in groups often have different morals than those individuals have by themselves. I guess it's just the way group dynamics work, but all of the PEOPLE in an organization will often have different morals than those exhibited by the ORGANIZATION itself.
Big corporations are a great example of this. While most people would tell you that there's more to life than making money, the same people suddenly become completely driven by financial interests when put in a corporate environment. Doubly so if they're in a high-level position.
I can only guess at the reasons for this (I've never taken a psychology course), but a feeling of powerlessness within the group combined with a lack of individual accountability (as in "I was just doing what was expected of me") combine to make good people act in ways they normally wouldn't.
What this boils down to is that many of the people involved in DRM development/policy may consider the overall project to be morally wrong, but are able to (consciously or not) justify their part in it enough to become active participants.
The theory is that it's a percentages game. If 80% of people with "superior" genes are capable and 80% of people wih "inferior" genes are incapable, then it makes sense statistically to do gene screening. Sure, there are people who don't fit the mold, but it would probably be more accurate than interviews.
However, there would be so many exceptions that for 20% of the population with "inferior" genes it would be useless discrimination, which is what the movie portrays.
Do you get pre-release builds of IE?
If you do, and they are higher quality than the pre-release builds of Mozilla that you are using, then I can at least understand your frustration.
If you don't get pre-release builds of IE, then why are you upset about the instability of Mozilla pre-release builds? The other platform that you cite gives you NO access to "know the direction the browser is taking all the time."
So, unless you get pre-release builds of IE that are more stable than the pre-release builds of Mozilla, then Mozilla gives you more of a choice. You can either have no idea of the future state of the browser (as you do with IE) or you can get alpha builds that break things, as alpha builds tend to do. If you choose the former, then just support Mozilla 1.0 and ignore the later versions until an official release arrives. If you choose the latter, then you'll have to put up with changing versions and compatibility, but realize that you have chosen this instability in exchange for information about upcoming but unreleased products.
Where I live (Travis County, Texas) we use bubble-in ballots (think Scan-Tron, only with the choices listed on the form and the bubbles next to each choice).
They're VERY clear and easy to read, easy to hand count, and easy for computers to count.
Anyone remember getsadam.exe?
:)
Now that was some fine political commentary.
Does this mean that if someone distributes a previously-existing decoder that fell under the free-of-charge clause, they can continue distributing it under the license they originally licensed it with?
Did the original license have a clause where they could change the license terms?
It seems to me that without a clause allowing them to change the license at a later date you could claim that any existing player that fell and continues to fall under the previous exemption doesn't need to pay the fee, since it was licensed under the original terms.
No, bend.over.4.sony should be owned by whoever owns the bend or sony domain (by convention sony). Hierarchical domain names ARE useful, and need some kind of separator. It's the artificial .com that needs to be removed.
Precisely. This is what Chess is all about. Chess is a game about war, where "pawns" are killed without a second thought, and the only thing that matters is killing the other guy.
Of course, the simplicity of the gameplay makes the true meaning of the game too abstract for most modern people to understand.
Not just buildings, EVERYTHING is numbered. The TREES usually have little metal tags with numbers on them.
While the solutions he describes (at least by themselves) aren't necessarily a full security solution, he's right that this is no more secure than existing technologies that are used along with an encrypted disk for data.
Security can be three things: something you know, something you have, and something you are. The wristwatch described here is no more secure than a smartcard reader, espescially if it doesn't involve use of some kind of password or biometric.
What's novel about this solution is threefold:
1.) The encryption occurs when the user goes out of range (essentially a more accurate screen saver lock).
2.) Data in memory on the laptop is encrypted when the screen saver lock is started (i.e. when the user goes out of range).
3.) Data begins to be decrypted when the user is back in range. This is more of a performance thing, and is actually LESS secure, because it is security based solely on what the user has. It would be more secure to wait until the user enters their password AND is within range, or better yet wait for the user to enter their password, scan their fingerprint, and be within range.
So:
1.) is only security-enhancing if you can't convince your users to force-lock their screens when they're away.
2.) is a legitimate security enhancement.
3.) is a performance enhancement of an old security method, and is actually security-disabling as it only relies on what the user has, and not what they know or are.
My suspiscion is that the watch thing is just a red herring for the real security enhancement of encrypting memory while the user is away.
GREG
Just think about using this in a military setting:
Owner: You can have the data on my laptop, if you pull this watch from my cold, dead wrist.
Enemy: Your proposal is acceptable.
Because it was filed before the change in policy about opening up pending patent applications.
Except that this is an ENGINEERING program, not a CS program. C# (or Java, or even to a certain extent C++) is just way too abstract to be required for anyone trying to get an ECE degree.
Requiring C# is basically like requiring Quantum physics for everyone trying to get an ECE degree. It's nice, but it's such a small part of the field that requiring it as part of a general undergraduate curriculum is wasting a class, and you've only got about 32 (including humanities courses) until the student graduates.
The REQUIRED classes for an ECE degree should include lots of circuits (digital and analog), some assembly, some C (C++ is okay, so long as you're still dealing with low-level stuff like pointers) and then leave the rest to specialization. C# and Java are such abstract languages that they don't have general applicability to the field as a whole, and should only be taught as part of the specialization area.
Now, for CS students abstract languages like C# or Java are an important part of their field, and something along those lines should be required (although there are plenty of alternative languages available to teach similar concepts.)
My wife and I have agreed to always do the LEAST efficient thing... we both put the lid down. Then we both have to put the lid up to use the toilet.
In fact, I've had this habit since before we were married. This way I don't get yelled at for leaving the toilet seat up, but I know that no matter who sits on the toilet next, they're going to have to put at least the lid up.
It's totally inefficient, but it is equal division of labor.
Several online clothing retailers offer the ability to try clothes on a model that you build yourself (presumably to look like whoever you're buying it for.) I know several times my wife and I have used this to evaluate online clothes purchases. It's amazing how accurate even a crude model can be about giving you an idea how clothes will look on a specific person. It's certainly a lot better than just looking at the models.
Then again, since people are doing this already, a 3D image format probably wouldn't improve things that much, although it would allow things to be a little more fluid.
This would actually be quite healthy if everyone were drinking water. I don't know about you, but I don't get my 64oz of water a day without carrying some around with me, and your body tends to process it better if it doesn't come all at once anyways.
So I can't buy the original of some artist's work, paint a big red circle with a line through it on top, and write THIS ARTIST'S WORK IS BAD across the bottom?
What piece of law prevents that?
How about I do all of the above and burn half of it while I'm at it?
I'm not saying that I would actually DO any of the above, just that I don't think I would be prevented from doing so.
Now, if I want to sell prints, then I would need to purchase the copyright from the author. I have no rights to copy the original or the above modified original without them.
Why don't people see this as the free speech issue that it is. I should have the right to take any content produced by someone else and edit it for whatever speech purpose I see fit. Provided I don't break any laws with my speech, then this is and should be protected by the United States First Amendment.
If I purchase a portrait of Mickey Mouse, cut the head off, and replace it with a portrait of my daughter, have I done something wrong? What if I then sell that portrait to someone else? If I pass this off as an actual Disney photo or even something approved by Disney, then I'm slandering (or at least misrepresenting) the company. But, if I give proper attribution, and produce no copies of the copyrighted content beyond those I have purchased, then I have done nothing wrong.
Editing movies may seem like it's hurting the author, but it hurts society more when their speech rights are removed.
Suppose I edit a US Army recruitment video and remove some of the rhetoric and replace it with pictures of the dead in hiroshima, shouldn't this be allowed? How about I just edit out the recruitment parts and only leave the pictures of combat, with the sound muted? Both of these fall squarely into free speech, assuming I only edit the video that I have legally acquired.
Now, how about I edit an alcohol advertisement in a similar fashion, to include pictures of drunk driving fatalities, should this be allowed? How about a cellular phone commercial combined with automobile fatalities involving cellular phones?
All of these are important opportunities for free speech that need to be allowed for true freedom of expression to exist. Editing a movie for content is no different from the above, and in many ways makes similar statements about our motion picture industry. By viewing a movie edited to remove, for instance, sexuality, I am viewing a statement about the prevalence of sexuality in the motion picture industry. It says: "this is what this motion picture could look like without sexuality." That is important speech that should be protected, regardless of how I feel about the role of sexuality in the motion picture industry. Similarly, and edit that adds sexual content should be allowed, again provided proper attribution is provided, and no other laws (such as copyright) are broken.
NO, NO, NO, NO, NO!!!
Look at the post again.
0.1 goes down. As does 0.01, and 0.001, and 0.0001...
And likewise:
5.1 goes up. As does 5.01, 5.001, 5.0001...
The only question is 5.0000000...
This doesn't matter though, because it is highly unlikely that 5.0000000 would ever occur. (probability 0)
Problem is, 5.0000000 occurs a lot in real-world data sets, even though it shouldn't statistically.
Probably want to back up /etc also, but I basically agree. It doesn't change as much, but should probably be backed up whenever something in there changes.
100GB of 5.25 inch floppies is like 28 cubic feet of floppy disk.
At:
2 MB/Floppy=.002GB/floppy
5x5x1/25 Floppies/inch^3 = 1 Floppy/inch^3
12x12x12=1728in^3/ft^3
100GB of 5.25in floppies is:
100/.002=
50,000 floppies or
50,000/1=
50,000 cubic inches or
50,000/1728=
28.9 cubic feet
That's a heck of a lot of floppy disks, espesically to back up one 5x3x10 = 150 cubic inch hard drive.
Uhhh, why not just boot off of a CD-ROM?
Not necessarily.
The box could sit between your phone and the line. After 1 ring, it picks up the line, plays the tone, and then starts making sounds over the line that sound like rings to a caller on the other end. At the same time, on your phone's end the device looks like a ringing phone line. When you pick up the phone it stops ringing and connects the two lines. Otherwise, it goes back to a wait state when the caller hangs up.
Another fix (not available in a normal unix configuration) is to not allow normal users to have exececutable files. Most users don't need to run anything from their own filespace, they only need to run programs owned by root or some other administrative user.
This requires "developer" accounts that are able to run their own programs, but the average Joe/Jane doesn't need to do this, and so developer accounts can be isolated and used only for development in situations where they're really needed.
A weakness in this solution is that it doesn't prevent the user from opening a file that causes a trusted program to do rm -rf $HOME/*. However, there's very little that can be done to prevent such attacks without having the user periodically back-up their data (recovery, not prevention) or having them edit every file in it's own sandbox requiring explicit user intervention to change (or possibly even read) any other file. (I.E. more hassle than the ordinary user is willing to put up with.)
There are variations on the sandbox idea that can be implemented with capabilities, but these are going to be significantly more complex than the solutions available in current operating systems, and most likely difficult for the average user to secure adequately.
Not quite. MacOS X still has the (user-level) concept of administrator and "user" accounts.
Administrator accounts can use sudo to do pretty much whatever they want.
User accounts cannot use sudo, so they're pretty limited as to what they can do.
However, most people I know only have/use an administrator account, so this limits their protection to that provided by sudo (which is probably reasonable for a personal computer, depending on what the timeouts are set to.)
As for enabling root, after poking around at the security configuration of a friend's box I decided that this is a stupid thing to do from a security perspective, and should only be done if you have a REALLY good reason. (A really good reason would be a unix program that requires that the root account be able to log in, and these are few and far between these days.)