The DMCA Safe Harbor clause will allow them to escape litigation as long as they remove the video as soon as they receive a takedown notice. Which they've been doing. To be honest, litigation isn't YouTube's problem. The poor video quality and the lack of people willing to pay for it is what's going to do them in.
> It makes me wonder what incentive Europeans would have to pre-order it, then.
You're donating to the OpenBSD project. You can download the CDs for free, if that suits you. The box and printed insert cost maybe $1... the rest is money so the devs can continue to write an excellent OS.
Somehow I managed to spend $120 at the OpenBSD store today...:)
> Since you have to be the author of the package being installed to make this "hack" work, I don't see *any* difference between the.deb problem, and the mac one. If I'm the author of a.deb, and I want to be nasty, why can't I crypographically sign the nasty version of the code ?
Debian packages are signed by the Debian project when they are approved for inclusion. If you have nasty bits in your package, you're not going to get it signed.
debian packages are cryptographically authenticated and come from a known-good source. Sure, someone on the Debian project could compromise my machine, but that's pretty obvious anyway.
This is worse because any Joe on the Internet can create one of these packages. (Yes, any joe on the internet can create a debian package, but that's not a typical use case for apt users, whereas it's the only use case for Apple users.)
> This was largely because MySQL used to lack some of the most basic things that make a DBMS relational (for example, for quite a long time there was no ACID compliance at all)
Uh, ACID doesn't make a database "relational", being able to JOIN does. ACID is a feature that you expect to have in a RDBMS, but they have nothing to do with relation.
Also, you can have a database without relations, or a relational database without a database management system (i.e., Berkeley, and yes, it's ACIDic).
I'm having excellent luck with OpenBSD's spamd blacklisting and greylisting. Haven't lost any important mail, but my SPAM has been cut by about 98%. It's truly amazing.
> Following that logic, wouldn't this then also be just as usefull a tool to spammers looking to crack those crazy registration verification images?
Let me let you in on a little secret. CAPTCHAs were brpken a long time ago. They're the eqivalent of writing your password on a sticky note and putting it under your keyboard.
I recommend authenticating people with strong cryptography, which is how people can post to my blog.
The TI site is talking about RFid, not RFID. Two different things:) RFID is generally accepted to mean dumb tags that you stick on products in stores. Now people are using them for building access, transit system fare collection, etc. In the end, though, "RFID" means dumb. That's what the D stands for:P
> So, Im still curious. Since your non-RFID access cards can just will doors open, does that mean that your locks just will the doors closed? Do the elevators in your building need wire rope, pullies, and motors, or do they just will themselves up and down?
RFID is a specific technology. Some contactless cards have smart crypto chips in them, so they do actual challenge-response authentication. RFIDs just say "I'm 12837345" whenever they are powered up. (Search google for spoofing RFID cards. It's trivial these days to "record" someone's RFID card, and then "play it back".)
Back in the day, cable had a lot more bandwidth than DSL. DSL was around 128k or maybe 384k, while cable was 3M+. Now that 6Mbps consumer DSL is common, this isn't the case anymore. (And with DSL, the 6Mbps is *yours*, you're not sharing it with anyone as you are with cable.)
> keep the data center cool at "a reduced cost"/me mentions something about how fans increase the energy in the system (room), and therefore heat the room, not cool it.
I've looked at the ath code, and I don't see any obvious buffer overflows. This driver, remember, is included in an operating system that has only had one remote hole in 8 years.
> I was hoping that this would be a rather benign wake-up call (given that it wasn't an exploit seen in the wild, and the hats were taking proper precautions to prevent it from becoming so).
It was. I realized it was time to wipe out OS X and replace it with OpenBSD. Incidentally, the "unnamed chip" (an Atheros USB) is supported by OpenBSD - with a 100% open source driver. I can safely browse the web at a coffee shop without being 0wned! Awesome!
(And sure Apple could do something - they could say, no closed drivers in the kernel. Works for OpenBSD, why not Apple?)
> Why else would they be retaining personally-identifiable search information?
Perhaps because that's useful data that they can use to turn their results and make their product more useful?
> Why should the library retain any sort of record of your past book checkouts AT ALL?
They shouldn't. Apples to oranges.
However, the problem is not with Google or libraries -- the problem is with a society that assumes search results and the books you read are "evidence" in a court of law.
Slashdot Mirror
The DMCA Safe Harbor clause will allow them to escape litigation as long as they remove the video as soon as they receive a takedown notice. Which they've been doing. To be honest, litigation isn't YouTube's problem. The poor video quality and the lack of people willing to pay for it is what's going to do them in.
> It makes me wonder what incentive Europeans would have to pre-order it, then.
:)
You're donating to the OpenBSD project. You can download the CDs for free, if that suits you. The box and printed insert cost maybe $1... the rest is money so the devs can continue to write an excellent OS.
Somehow I managed to spend $120 at the OpenBSD store today...
> but it won't run my real-world Java apps that I need, like NetBeans
It will run real-world apps like Eclipse, though. Since that's all I use Java for, I'm loving it. Native Eclipse!
What about "Microso£t"? I like that, actually.
Micro$o£t
> Since you have to be the author of the package being installed to make this "hack" work, I don't see *any* difference between the .deb problem, and the mac one. If I'm the author of a .deb, and I want to be nasty, why can't I crypographically sign the nasty version of the code ?
Debian packages are signed by the Debian project when they are approved for inclusion. If you have nasty bits in your package, you're not going to get it signed.
debian packages are cryptographically authenticated and come from a known-good source. Sure, someone on the Debian project could compromise my machine, but that's pretty obvious anyway.
This is worse because any Joe on the Internet can create one of these packages. (Yes, any joe on the internet can create a debian package, but that's not a typical use case for apt users, whereas it's the only use case for Apple users.)
Metasploit has Mac exploits. And if they don't anymore, they're certainly easy to write.
This is why I hug my OpenBSD machine. It may be my family's only line of defense!
> This was largely because MySQL used to lack some of the most basic things that make a DBMS relational (for example, for quite a long time there was no ACID compliance at all)
Uh, ACID doesn't make a database "relational", being able to JOIN does. ACID is a feature that you expect to have in a RDBMS, but they have nothing to do with relation.
Also, you can have a database without relations, or a relational database without a database management system (i.e., Berkeley, and yes, it's ACIDic).
s/// works on $_ by default, ya know.
> I guess I must have missed the day in Management 101
That was the first day. Due to cost-cutting, we forgot to send you a schedule. Terribly sorry.
Also, they forgot about EditGrid, which is based on Gnumeric and web-ified with Catalyst.
Nothing, but everyone else capitializes it these days, so "SPAM" looks correct now. Thanks for your insightful comment, though; I appreciate it.
I'm having excellent luck with OpenBSD's spamd blacklisting and greylisting. Haven't lost any important mail, but my SPAM has been cut by about 98%. It's truly amazing.
http://www.openbsd.org/spamd/
> Following that logic, wouldn't this then also be just as usefull a tool to spammers looking to crack those crazy registration verification images?
Let me let you in on a little secret. CAPTCHAs were brpken a long time ago. They're the eqivalent of writing your password on a sticky note and putting it under your keyboard.
I recommend authenticating people with strong cryptography, which is how people can post to my blog.
The TI site is talking about RFid, not RFID. Two different things :) RFID is generally accepted to mean dumb tags that you stick on products in stores. Now people are using them for building access, transit system fare collection, etc. In the end, though, "RFID" means dumb. That's what the D stands for :P
> So, Im still curious. Since your non-RFID access cards can just will doors open, does that mean that your locks just will the doors closed? Do the elevators in your building need wire rope, pullies, and motors, or do they just will themselves up and down?
What?
RFID is a specific technology. Some contactless cards have smart crypto chips in them, so they do actual challenge-response authentication. RFIDs just say "I'm 12837345" whenever they are powered up. (Search google for spoofing RFID cards. It's trivial these days to "record" someone's RFID card, and then "play it back".)
Back in the day, cable had a lot more bandwidth than DSL. DSL was around 128k or maybe 384k, while cable was 3M+. Now that 6Mbps consumer DSL is common, this isn't the case anymore. (And with DSL, the 6Mbps is *yours*, you're not sharing it with anyone as you are with cable.)
http://speakeasy.net/ works for me. 6Mbps/768k, no bandwidth cap, servers allowed, and 8 static IPs. ~$120/month, but so worth it.
> So not only is this nothing new, but "somethign" is spelled incorrectly, by our own favorite linguist, CmdrTaco.
I think you're being overly critical, Overly Critical Guy.
Not to mention that the article asked me to "bare with" the author. Unless she's hot, I think I'll pass.
> keep the data center cool at "a reduced cost" /me mentions something about how fans increase the energy in the system (room), and therefore heat the room, not cool it.
Have you ever used OS X on a 400MHz machine with 256M of RAM? If not, I wouldn't recommend it.
Also, please provide the source code for OS X.
I've looked at the ath code, and I don't see any obvious buffer overflows. This driver, remember, is included in an operating system that has only had one remote hole in 8 years.
> I was hoping that this would be a rather benign wake-up call (given that it wasn't an exploit seen in the wild, and the hats were taking proper precautions to prevent it from becoming so).
It was. I realized it was time to wipe out OS X and replace it with OpenBSD. Incidentally, the "unnamed chip" (an Atheros USB) is supported by OpenBSD - with a 100% open source driver. I can safely browse the web at a coffee shop without being 0wned! Awesome!
(And sure Apple could do something - they could say, no closed drivers in the kernel. Works for OpenBSD, why not Apple?)
> Why else would they be retaining personally-identifiable search information?
Perhaps because that's useful data that they can use to turn their results and make their product more useful?
> Why should the library retain any sort of record of your past book checkouts AT ALL?
They shouldn't. Apples to oranges.
However, the problem is not with Google or libraries -- the problem is with a society that assumes search results and the books you read are "evidence" in a court of law.
Yup, this C (header) works great when compiled by a C++ compiler :)
:)
typedef int protected;
protected private(int public, char *protected);
void class(void);
and so on