So, do you have an answer to why, sometimes, we'll see dupes on the front page? ie, two virtually identical articles posted in the same 24 hour period?
Interesting theory here about dupes (and yes, this is flagrantly off-topic and responding to a troll, I should sacrifice karma, blah blah): People don't report dupes because they don't realize they read it on/. originally. Honestly, Slashdot doesn't have a whole lot in the way of original content-- it's mostly links to other stuff-- so if I see an article that looks familiar, my first instinct is that I saw it somewhere else, unless I know for certain that I saw it on Slashdot first.
that could be the mechanism for geek learning - if you see it repeated on Slashdot then it eventually sticks...
That's the mechanism for all learning. Sadly, the number of repetitions required for non-geeks tends to be exponentially higher than for geeks... Heh, retronym time:
NERD: No Excessive Repetition Desired __ Just because I'm paranoid doesn't mean they're not out to get you. :) No, no idea why there are dupes... Now to check 'Anonymous'
I completely agree. If you aren't willing to let your work go into the public domain you better not benefit in any way from the public domain yourself.
If you lobby to extend copyrights you'd better not raid recently out-of-copyright stories like Disney does.
If you try to enact what are obviously intended to become perpetual copyrights you'd better not try to borrow any old plots from Shakespeare.
If you don't intend to let people base their future works on yours, or sample/quote/etc your works, perhaps you should try to educate yourself without reading anything in, or derived/helped by anything in the public domain.
I completely agree. This corporate disrespect for the public domain has got to end. If they aren't willing to contribute they shouldn't use it. More specifically, they shouldn't benefit from my tax dollars enforcing their monopolies if I don't get the benefit of an increased public domain.
I agree! Nothing entitles him to walk into the studio vaults and make off with the only copy of Gigli.
Um, wait, that is what you meant by stealing right? The dictionary definition of depriving the original owner of it by taking it away?
Or did you simply mean duplicating it without a license? Wow, what a heinous crime!
Copyright law was created to protect the market for the creator. Nobody else would be allowed to publish their work, without their permission. Just that. Nothing about guaranteed profits, or keeping people from seeing it, or controlling when or how someone views it. Simply that nobody else could legally duplicate it (outside of certain narrow cases) without being liable for damages.
I'm not trying to "justify" this, I'm trying to explain the point of the system. Original copyright law didn't really care about the idea of you copying a copyrighted work for private use, it was concerned with stopping commercial competition from profitting off of your work.
Listen, if I have a great idea about making a video game and I describe that game in intricate detail to a friend of mine, you are legally entitled to copy that game and publish it, even scooping me at it. However if I have a trivial idea about passing data over a network I can patent it and 0wn the int3rw3b. The point is that which ideas of mine you can use without paying me is completely arbitrary. If you scooped a poor game developer you'd be an ass - if you ignored some trivial "do X on a computer" patent you'd be in the right as far as everyone except patent attorneys was concerned, but the legal responsibility would not reflect this.
If he was duplicating Gigli and selling it he'd be taking money from people who would pay (however little) for the movie, cutting into the (however slow) market for the movie. If he downloads it for personal viewing, to evaluate the movie before making a purchasing decision, he harms nobody. He sounds like a collector who owns many movies, it's not like he never pays for anything, he's simply not sure he wants to pay for a product he may not like.
This demonization is silly. Copyright and patent laws go against the "natural" way of the world, in that if you see something you can attempt to copy it. They are intended to solve a specific problem with commercial interference. A technical violation of a barely-related law which doesn't actually harm anyone doesn't sound like it's in the same ballpark as depriving the original owner of their property. If we jump up and down and throw emotionally loaded terms around it'll get in the way of a valid discussion on how to best reward creators for enriching society - ideally in relation to how much society appreciates their efforts.
It's a bit of an urban legend. Really, the "Space Pen" was designed by a private company and pens were given to NASA in exchange for them being the official pen of the US Space Program, etc, etc.
Pencils by the way are a bad idea - graphite is conductive and it flakes off. Of course, pencil crayons and other non-conductive wax-based solutions would work with little mess. Someone even mentioned carbon paper where you simply write on it with a stylus (like a Palm Pilot) and the pressure makes marks on the paper - did they have carbon paper in the 60s?
So you give the candidate a ballot and a pencil. They fill out (or fail to do so) their ballot and hold it up to a scanner in a verification machine (keeping it in their hands at all times) and the machine tells them if their vote will be counted. The machine then stamps the selected candidate in a hard to miss fashion and the person verifies this mark. (Eliminating the hanging chad, double selected, whatever, problem.) They then toss the paper into a box and it gets counted later, by machine, and spot-checked by humans.
Having the machine verify the vote means that whatever standard you use for judging a spoiled ballot, it doesn't matter because the person watches it be applied and they are told (on the display, or merely via the "big red mark" on the ballot, or whatever) if they did it right.
I can't see any problems with this method. It adds speed (machine-countable ballots) and reliability (paper trail) and doesn't do anything hidden from the user. It's especially secure because the voting machine doesn't need to understand the ballot, or the party lines, it merely is told that you need one of the boxes checked, up to three of these, and so on. The configuration could be handled with a punch-card (easily human-verifiable) and displayed on the screen. There wouldn't need to be any storage on the machine to be lost, corrupted, or tampered with, and turning the machine off and on would require nothing more than a sub-second start-up and a scan of the configuration card.
And I'd agree that this is the best to use for the final product, and for any critical defense components. But if the missile needs a product like SSH I think there are big gains from using OpenSSH instead of writing your own.
If the government has an encrytion system they trust they don't bother buying products with a potentially flawed system, they simply run the unencrypted system over a VPN, or SSH.
That way everyone saves. The applications can be developed more easily without redoing a specific encryption layer for every one. Nobody wastes money developing and verifying a redundant system.
If the government simply accepted that contractors were going to base things on OpenSSL they'd need to verify every product, to make sure that nobody had accidently or intentionally, weakened it. By simply using the official signed and verified version they only have to trust their verification team once.
This is the problem with using troops for security guards. The military is an organization that is supposed to be prepared to execute the government's mandate via any means necessary. They are supposed to be a last resort, but as appropriate for a last resort, are supposed to be very effective.
We want soldiers to be incredibly deadly, because when we need to stop someone from doing something, we want our costs to be as low as possible, and to succeed as quickly as possible. We also want to have a seperate organization of election supervisors, security consultants, and others, for when the goal isn't to capture an area or kill an enemy.
They don't need to integrate it into their products. If they had a layered design you could use whatever encryption your organization trusted on top of the third-party software.
That way these middle-ware companies wouldn't have to approve OpenSSL and they wouldn't have to pass the costs along. Cut out the middleman and everyone is happier because you get more product for less money, meaning you've got a more efficient economy. Considering this is something my taxes pay for, I like that.
I'm glad to see a government agency making the right decision, opting for small software components they can combine to get a final product they want, instead of buying into some bloated attempt at lock-in. I'd be pissed if the armed forces stopped insisting on second-sourcing parts and signed a lock-in contract for spark plugs, or anything else. I don't have a problem with spark-plug makers making money from selling a product, but I want them to have to compete in an open market, like everyone else.
Funny, a fiscal conservative whining about cutting out excessive government spending.
You have to assume the worst though. If any missile fails to explode it'll be found on the desert sands below a dogfight, potentially by the enemy, and the computer can be slowly peeled apart.
If you have to assume that one of your missiles is sitting in an enemy lab being studied you aren't going to hard-code a specific frequency, or encyrption keys, or even a specific algorithm.
If you code properly (read, modularly) you'd be able to swap out of seeking algorithm for another with a minimum ammount of work. If you know the enemy might have a copy you're going to be working on improving the algorithm.
If you build a safe assuming that you're protecting it against you and your design team you'll be okay even if one of them turns to a life of crime. If you merely build a safe that's uncrackable to anyone who doesn't know the secret you have an ever-widening group of attackers, as the secret slowly leaks. Further, once the secret is discovered once the whole line of safes are vulnerable.
PC Software doesn't install on a Mac and nobody says Macs are hard.
Besides, nobody (new) says "I'm on a PC", they all say "I use a Windows computer", or otherwise identify with Windows, not PC. Grandma will see that the boxed software doesn't run without Windows and she'll be fine.
No, the real story will be when trolls don't pretend that everything a Linux user wants is because of some esoteric philosophy.
I love the programatic freedom of Linux. I like having kernel-level support for custom filesystem, to tweak the disk caching routines on servers, etc. NVidia's graphics cards don't support this though, because we can't properly compile them into the kernel and we don't have source access to tweak or fix things.
What are these "cheats" that video-card companies do to drivers to win in benchmarks? Are there quality settings I could drop a bit without hurting UT2004? Could I compile the drivers with support for nothing else to get a bit of speed? If it'd give me an extra 20% performance it would be worth downloading a Makefile and compiling a special version of the drivers.
For video I can live without open source drivers. For network cards and other devices it's a complete deal breaker. I don't want any restrictions if I decide to run OpenBSD, or buy Athlon 64, or compile some weird options into my servers' kernels. Closed source means you're limited to what other people think you should do - open source means you can do what you want.
But, in the end, even if you don't understand or like any of my reasons, it's you who must acknowledge that I as a customer am demaning open source drivers. If you don't think they're important, look out behind, there's another company that does and they're eyeing your marketshare.
Many programmers rely on their ugly hacks not being found. If you could read the source and see the magic numbers and the//FIXME comments they wouldn't be able to rely on this.
People don't understand how readable ASM (as seen in a debugger) is to a skilled programmer, and how there's nothing you can do (successfully) to keep someone from seeing a program, if it has to be run on a general-purpose machine.
Besides, you hear how millions of lines of code are required for a missile'd guidance system, but many of those could be replaced with a off-the-shelf OS, and many with a floating-point library, and so on. This would drastically reduce the lines of code needed, meaning there's less place for bugs.
That's the problem. People assume it'd take too long to do things right. Hell, Extreme Programming preaches doing nothing except the absolute minimum required to make it work right now - future changes can incorporate the cost of modifying the staticly coded program.
But, once you've been programming for a few years, usually, you realize that it's just as fast to put 'PI = 3.141592;' at the top of the program than it is to use it everywhere, and less error prone. It's also easier to do this with database field widths and everything. When you code for variable widths you're always thinking about the idea of making the data fit, not just blindly accepting. You avoid whole classes of bugs like buffer overflows because you're thinking about the data.
Really, doing it right has a much lower cost in the end, for any non-trivial application.
Re:It's Gone Beyond Science Fiction into Mainstrea
on
Open Source Life?
·
· Score: 1
Not allowing genes to be patented is a legislative NOT a judicial function.
But not allowing a ridiculous interpretation that isn't supported except by the strict letter of the law IS a judicial function.
Now, assuming you agree that applying the patent law as above in other "real" patent cases is legitimate, why should it be different with genes?
in no other areas of patents is it up to the patent holder to prove you obtained a patented product illegally,
Why should it be the same? In no other area does a patented technology virally infect non-encumbered technologies around it. Patented plants are nothing like *any other* patented technology, why should we treat them like they are?
If the patent couldn't be enforced in such situations, then there is no point in the patents, and ipso-facto the patent is invalid!
Not that this is relevant - if your patent is useless, tough luck. Nobody guaranteed you a profit. Last I checked there's no guarantee with a patent that you'll be able to enforce it.
Hell, the patent office routinely gives patents that are completely unjustified and they leave them to the courts to overturn... I believe that's even the stated policy of the US PTO.
Re:It's Gone Beyond Science Fiction into Mainstrea
on
Open Source Life?
·
· Score: 1
While it may seem ridiculous that is indeed the case, but it doesn't just apply to genes it applies to mechanical parts as well so it's not like the court is unfairly applying the law to a "new" area.
Applying a law to a new area where the old assumptions don't make sense is unfairly applying the law. If machine parts mated and your drill press could "infect" your table saw with patented mechanisms, you'd be able to draw better parallels.
That is *the* issue that this hinges on. If the patent-encumbered thing infects a non-encumbered thing, is it in any way the responsibility of the owner of the non-encumbered thing? The *only* fair answer to this is a resounding "No!"
As I pointed out in my last reply, you don't need to stop using the whole of the product, just the part that is patent encumbered.
And it's your responsibility to inspect your materials and your parts to make sure that they haven't been patent-encumbered overnight? Bullshit.
The only thing I'm defending here is the logic behind the decision and the fact that the court had no basis to overturn a patent that the government has granted.
The court doesn't need to say that the patent is invalid, just that it couldn't be enforced in such situations.
It's the responsibility of the court to interpret law in a way that makes sense. Perhaps through an overly strict interpretation of various laws I accuse you of murdering a donut. When this gets to court it's the responsibility of the judge to toss the case out. If I sneak into your house and put an extra gig of memory into your computer the judge is supposed to throw out a theft charge, and a civil charge for damages. Perhaps you couldn't keep the ram at the end of this, but you certainly wouldn't be liable for *anything*.
The court is seriously wrong on this.
Re:It's Gone Beyond Science Fiction into Mainstrea
on
Open Source Life?
·
· Score: 1
> The point is that it doesn't matter how you received a patent encumbered product you can't use it in a commercial enterprise.
This is the ridiculous part. You'd be expected to go out of your way to avoid using the patent-encumbered product, despite it forcing itself on you.
> As well, if you could prove the virus was written by the patent holder than you've got one hell of a law suit.
Yeah, then you stop using a product you depend on until you can prove the guilt of a multi-billion dollar corporation and force them to pay to fix it. Where does the money come from to pursue this?
Patent law is simply broken. It ignores issues of independent discovery, pushes the burden of fighting an invalid patent onto the victims, and is being extended (As if Canada could ever say no to the USA) to cover facts of nature. (Mathematical formulas, etc.)
I'm sure Monsanto is 100%, according to patent law, but the law is so ridiculous as to be useless. For every company it helps it lets two Rambus/Monsanto companies who didn't actually invent anything inflict ruinous judgements on companies that actually do create things.
Re:It's Gone Beyond Science Fiction into Mainstrea
on
Open Source Life?
·
· Score: 1
The precedent you mention is so unrelated as to be useless. This isn't an issue of a farmer getting something he didn't ask for and simply not using it, this is a case of the farmer not being able to use his pre-existing supplies.
A much closer analogy would be a computer virus which replaced the floating-point code in Excel with a patented algorithm. Now imagine that the virus was written by the owners of the patent. Would you be expected to stop using Excel once you were informed of its newly patent-encumbered state?
Perhaps patent law does suggest this, but that's insane. What is a supreme court for other than to correct legal errors like this?
The *one* reservation I have here is in the farmer's intentional cultivation of the special variety of seed before normal reuse, but it seems that if your patented invention hands itself to people, in the normal course of its lifecycle, that you shouldn't expect to make them liable for that.
Re:It's Gone Beyond Science Fiction into Mainstrea
on
Open Source Life?
·
· Score: 1
But, the point is, who cares? Quite simply, if your patented invention blows into my field why should I not be able to use it? Seems to be one of the drawbacks of patenting life; it spreads on its own without contracts.
As long as he didn't obtain the seed illegally there should be nothing Monsanto could do to stop him - that there is, is a serious failing of the court system.
MD4: [I]t has been shown that collisions for MD4 can be found in about a minute on a typical PC. [...] MD4 [...] should not be used.
MD5: Given the surprising speed with which techniques on MD4 were extended to MD5 we feel that it is only prudent to draw a cautious conclusion and to expect that collisions for the entire hash function might soon be found.
In addition, the 128-bit output is arguably not long enough to make generating collisions using a birthday attack infeasible.
I couldn't find an example of actually broken MD5, but it seems like it's simply a matter of time. Considering the value of what could ride on it, it doesn't seem worth using as a document identification (the lawyer example) but it perfectly reasonable to use between trusted parties as a message verification hash for things with a low to medium value and a short lifetime.
(Don't get the government or really motivated crooks interested, and don't hide a secret people will still be interested in twenty years from now.)
Re:It's Gone Beyond Science Fiction into Mainstrea
on
Open Source Life?
·
· Score: 1
If your patented creation walks over to me I feel I've got a right to use it, unlike if I have to go out of my way to create it. If your patented creation blows onto my land and I can't get rid of it, I think it's an open and shut case.
Perhaps some ancient judge doesn't, but if not, only because they haven't considered the implications. Every patent discussion on slashdot has a "I'll patent air and sue everyone" post but this is getting closer to reality.
The courts ruled that the farmer knew he was planting GM seed. Well of course he knew - his crop had been contaminated, what's he supposed to do, go out of his way to make sure he only saves seed from the least contaminated crop? Hell, if all the rest of his fields were contaminated I'm sure a lawyer could show that he knew there was a good chance that the "clean" fields had a low level of contamination too. What could he do?
It's ridiculous, but we're in the middle of a very... bribe-friendly... political time, in which there are insane developments in IP laws. They'll be reversed eventually - not because I believe in the inherent justice in the system, but because other big corporations with tons of "campaign contributions" are going to start being inconvenienced by stupid overly broad fences erected by judges whose idea of technology is a color television.
So it would be reasonable for him to have refused once or twice, but then cave...
There's no good reason for police to force obviously innocent people to identify themselves. If they have any suspicion of guilt they can ask and demand ID, but for people they have no reasonable suspicion of, it's pretty dangerous.
You don't pick a hash, you exploit the "birthday paradox" to get matching files.
Let's say you're a scummy lawyer and you're asked to draw up a will for an old couple. You do, but being the one who writes the will you're allowed to word it, as long as the meaning is what you wish. So you write two wills, one they see and a fake will. The couple "signs" the will by saying "I atest to the terms in will 0x46894a945...." The idea being that you present the until-then secret will at their death and the family knows it's the right one because it hashes to the hash their grandparents agreed to.
What they don't know is that you wrote the non-fake will and then created a few million mechanical almost-copies, with an extra space here and a different phrasing there. You do the same with the fake will and chances are pretty good that you get a match between the sets. Much, much, better than if you simply created slightly different copies of the fake will trying for a match.
With birthdays there's an even chance that in a room of 23 people, two will have the same birthday. Of course, the chance that someone else shares your birthday is still 1/365 and you need 182 people to make the chance even that someone matches you.
So this is just a specialized case of the birthday paradox where you've got two sets and you only care about cross-set matching. Like what's the chance that a girl at the party has the same birthday as a boy at the same party, for groups of a given size. That, and a year with 2^128th days... But it's still easier than trying to match a specific hash/date.
http://efgh.com/math/birthday.htm - Note that the 'hash'ing they talk about is in an index context, but the same principle applies to crypto.
SHA1 is better in two ways. It's a longer hash, meaning that it's harder to attach like this, and it's stronger, meaning it's harder to predict variation at any step in the hash, so it's harder to make changes that don't change the final outcome.
Mozilla just installed and worked. With flash and everything a click away. ut2004 just installed and worked.
Yahoo and MSN messengers don't but they aren't released for Linux. Gaim/Jabber/etc install very easily though. If you insist on specific windows apps then Linux will never be ready, if you insist on capabilities it's already there.
And as a test, give your mother a Windows XP CD and let her install it. The third time, after she's gotten a worm while trying to service pack it, if she gets that far, and while she tries to remove the spyware you get from using IE and Outlook, ask her if she thinks it's been easy. Mandrake and Fedora are no harder, Xandros is easier, Knoppix doesn't even need an install and it detects hardware I've had to fight with in Windows.
So, do you have an answer to why, sometimes, we'll see dupes on the front page? ie, two virtually identical articles posted in the same 24 hour period?
/. originally. Honestly, Slashdot doesn't have a whole lot in the way of original content-- it's mostly links to other stuff-- so if I see an article that looks familiar, my first instinct is that I saw it somewhere else, unless I know for certain that I saw it on Slashdot first.
:) No, no idea why there are dupes... Now to check 'Anonymous'
Interesting theory here about dupes (and yes, this is flagrantly off-topic and responding to a troll, I should sacrifice karma, blah blah): People don't report dupes because they don't realize they read it on
that could be the mechanism for geek learning - if you see it repeated on Slashdot then it eventually sticks...
That's the mechanism for all learning. Sadly, the number of repetitions required for non-geeks tends to be exponentially higher than for geeks... Heh, retronym time:
NERD: No Excessive Repetition Desired
__
Just because I'm paranoid doesn't mean they're not out to get you.
Yeah, but that was an old-world thing, in the colonies they enacted copyright laws for the benefit of the creators. At least, I think so...?
I completely agree. If you aren't willing to let your work go into the public domain you better not benefit in any way from the public domain yourself.
If you lobby to extend copyrights you'd better not raid recently out-of-copyright stories like Disney does.
If you try to enact what are obviously intended to become perpetual copyrights you'd better not try to borrow any old plots from Shakespeare.
If you don't intend to let people base their future works on yours, or sample/quote/etc your works, perhaps you should try to educate yourself without reading anything in, or derived/helped by anything in the public domain.
I completely agree. This corporate disrespect for the public domain has got to end. If they aren't willing to contribute they shouldn't use it. More specifically, they shouldn't benefit from my tax dollars enforcing their monopolies if I don't get the benefit of an increased public domain.
Damn right man, down with the thieving corps.
I agree! Nothing entitles him to walk into the studio vaults and make off with the only copy of Gigli.
Um, wait, that is what you meant by stealing right? The dictionary definition of depriving the original owner of it by taking it away?
Or did you simply mean duplicating it without a license? Wow, what a heinous crime!
Copyright law was created to protect the market for the creator. Nobody else would be allowed to publish their work, without their permission. Just that. Nothing about guaranteed profits, or keeping people from seeing it, or controlling when or how someone views it. Simply that nobody else could legally duplicate it (outside of certain narrow cases) without being liable for damages.
I'm not trying to "justify" this, I'm trying to explain the point of the system. Original copyright law didn't really care about the idea of you copying a copyrighted work for private use, it was concerned with stopping commercial competition from profitting off of your work.
Listen, if I have a great idea about making a video game and I describe that game in intricate detail to a friend of mine, you are legally entitled to copy that game and publish it, even scooping me at it. However if I have a trivial idea about passing data over a network I can patent it and 0wn the int3rw3b. The point is that which ideas of mine you can use without paying me is completely arbitrary. If you scooped a poor game developer you'd be an ass - if you ignored some trivial "do X on a computer" patent you'd be in the right as far as everyone except patent attorneys was concerned, but the legal responsibility would not reflect this.
If he was duplicating Gigli and selling it he'd be taking money from people who would pay (however little) for the movie, cutting into the (however slow) market for the movie. If he downloads it for personal viewing, to evaluate the movie before making a purchasing decision, he harms nobody. He sounds like a collector who owns many movies, it's not like he never pays for anything, he's simply not sure he wants to pay for a product he may not like.
This demonization is silly. Copyright and patent laws go against the "natural" way of the world, in that if you see something you can attempt to copy it. They are intended to solve a specific problem with commercial interference. A technical violation of a barely-related law which doesn't actually harm anyone doesn't sound like it's in the same ballpark as depriving the original owner of their property. If we jump up and down and throw emotionally loaded terms around it'll get in the way of a valid discussion on how to best reward creators for enriching society - ideally in relation to how much society appreciates their efforts.
It's a bit of an urban legend. Really, the "Space Pen" was designed by a private company and pens were given to NASA in exchange for them being the official pen of the US Space Program, etc, etc.
Pencils by the way are a bad idea - graphite is conductive and it flakes off. Of course, pencil crayons and other non-conductive wax-based solutions would work with little mess. Someone even mentioned carbon paper where you simply write on it with a stylus (like a Palm Pilot) and the pressure makes marks on the paper - did they have carbon paper in the 60s?
So you give the candidate a ballot and a pencil. They fill out (or fail to do so) their ballot and hold it up to a scanner in a verification machine (keeping it in their hands at all times) and the machine tells them if their vote will be counted. The machine then stamps the selected candidate in a hard to miss fashion and the person verifies this mark. (Eliminating the hanging chad, double selected, whatever, problem.) They then toss the paper into a box and it gets counted later, by machine, and spot-checked by humans.
Having the machine verify the vote means that whatever standard you use for judging a spoiled ballot, it doesn't matter because the person watches it be applied and they are told (on the display, or merely via the "big red mark" on the ballot, or whatever) if they did it right.
I can't see any problems with this method. It adds speed (machine-countable ballots) and reliability (paper trail) and doesn't do anything hidden from the user. It's especially secure because the voting machine doesn't need to understand the ballot, or the party lines, it merely is told that you need one of the boxes checked, up to three of these, and so on. The configuration could be handled with a punch-card (easily human-verifiable) and displayed on the screen. There wouldn't need to be any storage on the machine to be lost, corrupted, or tampered with, and turning the machine off and on would require nothing more than a sub-second start-up and a scan of the configuration card.
And I'd agree that this is the best to use for the final product, and for any critical defense components. But if the missile needs a product like SSH I think there are big gains from using OpenSSH instead of writing your own.
If the government has an encrytion system they trust they don't bother buying products with a potentially flawed system, they simply run the unencrypted system over a VPN, or SSH.
That way everyone saves. The applications can be developed more easily without redoing a specific encryption layer for every one. Nobody wastes money developing and verifying a redundant system.
If the government simply accepted that contractors were going to base things on OpenSSL they'd need to verify every product, to make sure that nobody had accidently or intentionally, weakened it. By simply using the official signed and verified version they only have to trust their verification team once.
This is the problem with using troops for security guards. The military is an organization that is supposed to be prepared to execute the government's mandate via any means necessary. They are supposed to be a last resort, but as appropriate for a last resort, are supposed to be very effective.
We want soldiers to be incredibly deadly, because when we need to stop someone from doing something, we want our costs to be as low as possible, and to succeed as quickly as possible. We also want to have a seperate organization of election supervisors, security consultants, and others, for when the goal isn't to capture an area or kill an enemy.
They don't need to integrate it into their products. If they had a layered design you could use whatever encryption your organization trusted on top of the third-party software.
That way these middle-ware companies wouldn't have to approve OpenSSL and they wouldn't have to pass the costs along. Cut out the middleman and everyone is happier because you get more product for less money, meaning you've got a more efficient economy. Considering this is something my taxes pay for, I like that.
I'm glad to see a government agency making the right decision, opting for small software components they can combine to get a final product they want, instead of buying into some bloated attempt at lock-in. I'd be pissed if the armed forces stopped insisting on second-sourcing parts and signed a lock-in contract for spark plugs, or anything else. I don't have a problem with spark-plug makers making money from selling a product, but I want them to have to compete in an open market, like everyone else.
Funny, a fiscal conservative whining about cutting out excessive government spending.
You have to assume the worst though. If any missile fails to explode it'll be found on the desert sands below a dogfight, potentially by the enemy, and the computer can be slowly peeled apart.
If you have to assume that one of your missiles is sitting in an enemy lab being studied you aren't going to hard-code a specific frequency, or encyrption keys, or even a specific algorithm.
If you code properly (read, modularly) you'd be able to swap out of seeking algorithm for another with a minimum ammount of work. If you know the enemy might have a copy you're going to be working on improving the algorithm.
If you build a safe assuming that you're protecting it against you and your design team you'll be okay even if one of them turns to a life of crime. If you merely build a safe that's uncrackable to anyone who doesn't know the secret you have an ever-widening group of attackers, as the secret slowly leaks. Further, once the secret is discovered once the whole line of safes are vulnerable.
PC Software doesn't install on a Mac and nobody says Macs are hard.
Besides, nobody (new) says "I'm on a PC", they all say "I use a Windows computer", or otherwise identify with Windows, not PC. Grandma will see that the boxed software doesn't run without Windows and she'll be fine.
No, the real story will be when trolls don't pretend that everything a Linux user wants is because of some esoteric philosophy.
I love the programatic freedom of Linux. I like having kernel-level support for custom filesystem, to tweak the disk caching routines on servers, etc. NVidia's graphics cards don't support this though, because we can't properly compile them into the kernel and we don't have source access to tweak or fix things.
What are these "cheats" that video-card companies do to drivers to win in benchmarks? Are there quality settings I could drop a bit without hurting UT2004? Could I compile the drivers with support for nothing else to get a bit of speed? If it'd give me an extra 20% performance it would be worth downloading a Makefile and compiling a special version of the drivers.
For video I can live without open source drivers. For network cards and other devices it's a complete deal breaker. I don't want any restrictions if I decide to run OpenBSD, or buy Athlon 64, or compile some weird options into my servers' kernels. Closed source means you're limited to what other people think you should do - open source means you can do what you want.
But, in the end, even if you don't understand or like any of my reasons, it's you who must acknowledge that I as a customer am demaning open source drivers. If you don't think they're important, look out behind, there's another company that does and they're eyeing your marketshare.
Many programmers rely on their ugly hacks not being found. If you could read the source and see the magic numbers and the //FIXME comments they wouldn't be able to rely on this.
People don't understand how readable ASM (as seen in a debugger) is to a skilled programmer, and how there's nothing you can do (successfully) to keep someone from seeing a program, if it has to be run on a general-purpose machine.
Besides, you hear how millions of lines of code are required for a missile'd guidance system, but many of those could be replaced with a off-the-shelf OS, and many with a floating-point library, and so on. This would drastically reduce the lines of code needed, meaning there's less place for bugs.
That's the problem. People assume it'd take too long to do things right. Hell, Extreme Programming preaches doing nothing except the absolute minimum required to make it work right now - future changes can incorporate the cost of modifying the staticly coded program.
But, once you've been programming for a few years, usually, you realize that it's just as fast to put 'PI = 3.141592;' at the top of the program than it is to use it everywhere, and less error prone. It's also easier to do this with database field widths and everything. When you code for variable widths you're always thinking about the idea of making the data fit, not just blindly accepting. You avoid whole classes of bugs like buffer overflows because you're thinking about the data.
Really, doing it right has a much lower cost in the end, for any non-trivial application.
Not allowing genes to be patented is a legislative NOT a judicial function.
But not allowing a ridiculous interpretation that isn't supported except by the strict letter of the law IS a judicial function.
Now, assuming you agree that applying the patent law as above in other "real" patent cases is legitimate, why should it be different with genes?
in no other areas of patents is it up to the patent holder to prove you obtained a patented product illegally,
Why should it be the same? In no other area does a patented technology virally infect non-encumbered technologies around it. Patented plants are nothing like *any other* patented technology, why should we treat them like they are?
If the patent couldn't be enforced in such situations, then there is no point in the patents, and ipso-facto the patent is invalid!
Not that this is relevant - if your patent is useless, tough luck. Nobody guaranteed you a profit. Last I checked there's no guarantee with a patent that you'll be able to enforce it.
Hell, the patent office routinely gives patents that are completely unjustified and they leave them to the courts to overturn... I believe that's even the stated policy of the US PTO.
While it may seem ridiculous that is indeed the case, but it doesn't just apply to genes it applies to mechanical parts as well so it's not like the court is unfairly applying the law to a "new" area.
Applying a law to a new area where the old assumptions don't make sense is unfairly applying the law. If machine parts mated and your drill press could "infect" your table saw with patented mechanisms, you'd be able to draw better parallels.
That is *the* issue that this hinges on. If the patent-encumbered thing infects a non-encumbered thing, is it in any way the responsibility of the owner of the non-encumbered thing? The *only* fair answer to this is a resounding "No!"
As I pointed out in my last reply, you don't need to stop using the whole of the product, just the part that is patent encumbered.
And it's your responsibility to inspect your materials and your parts to make sure that they haven't been patent-encumbered overnight? Bullshit.
The only thing I'm defending here is the logic behind the decision and the fact that the court had no basis to overturn a patent that the government has granted.
The court doesn't need to say that the patent is invalid, just that it couldn't be enforced in such situations.
It's the responsibility of the court to interpret law in a way that makes sense. Perhaps through an overly strict interpretation of various laws I accuse you of murdering a donut. When this gets to court it's the responsibility of the judge to toss the case out. If I sneak into your house and put an extra gig of memory into your computer the judge is supposed to throw out a theft charge, and a civil charge for damages. Perhaps you couldn't keep the ram at the end of this, but you certainly wouldn't be liable for *anything*.
The court is seriously wrong on this.
> The point is that it doesn't matter how you received a patent encumbered product you can't use it in a commercial enterprise.
This is the ridiculous part. You'd be expected to go out of your way to avoid using the patent-encumbered product, despite it forcing itself on you.
> As well, if you could prove the virus was written by the patent holder than you've got one hell of a law suit.
Yeah, then you stop using a product you depend on until you can prove the guilt of a multi-billion dollar corporation and force them to pay to fix it. Where does the money come from to pursue this?
Patent law is simply broken. It ignores issues of independent discovery, pushes the burden of fighting an invalid patent onto the victims, and is being extended (As if Canada could ever say no to the USA) to cover facts of nature. (Mathematical formulas, etc.)
I'm sure Monsanto is 100%, according to patent law, but the law is so ridiculous as to be useless. For every company it helps it lets two Rambus/Monsanto companies who didn't actually invent anything inflict ruinous judgements on companies that actually do create things.
The precedent you mention is so unrelated as to be useless. This isn't an issue of a farmer getting something he didn't ask for and simply not using it, this is a case of the farmer not being able to use his pre-existing supplies.
A much closer analogy would be a computer virus which replaced the floating-point code in Excel with a patented algorithm. Now imagine that the virus was written by the owners of the patent. Would you be expected to stop using Excel once you were informed of its newly patent-encumbered state?
Perhaps patent law does suggest this, but that's insane. What is a supreme court for other than to correct legal errors like this?
The *one* reservation I have here is in the farmer's intentional cultivation of the special variety of seed before normal reuse, but it seems that if your patented invention hands itself to people, in the normal course of its lifecycle, that you shouldn't expect to make them liable for that.
But, the point is, who cares? Quite simply, if your patented invention blows into my field why should I not be able to use it? Seems to be one of the drawbacks of patenting life; it spreads on its own without contracts.
As long as he didn't obtain the seed illegally there should be nothing Monsanto could do to stop him - that there is, is a serious failing of the court system.
From this page
MD4:
[I]t has been shown that collisions for MD4 can be found in about a minute on a typical PC. [...] MD4 [...] should not be used.
MD5:
Given the surprising speed with which techniques on MD4 were extended to MD5 we feel that it is only prudent to draw a cautious conclusion and to expect that collisions for the entire hash function might soon be found.
In addition, the 128-bit output is arguably not long enough to make generating collisions using a birthday attack infeasible.
I couldn't find an example of actually broken MD5, but it seems like it's simply a matter of time. Considering the value of what could ride on it, it doesn't seem worth using as a document identification (the lawyer example) but it perfectly reasonable to use between trusted parties as a message verification hash for things with a low to medium value and a short lifetime.
(Don't get the government or really motivated crooks interested, and don't hide a secret people will still be interested in twenty years from now.)
If your patented creation walks over to me I feel I've got a right to use it, unlike if I have to go out of my way to create it. If your patented creation blows onto my land and I can't get rid of it, I think it's an open and shut case.
Perhaps some ancient judge doesn't, but if not, only because they haven't considered the implications. Every patent discussion on slashdot has a "I'll patent air and sue everyone" post but this is getting closer to reality.
The courts ruled that the farmer knew he was planting GM seed. Well of course he knew - his crop had been contaminated, what's he supposed to do, go out of his way to make sure he only saves seed from the least contaminated crop? Hell, if all the rest of his fields were contaminated I'm sure a lawyer could show that he knew there was a good chance that the "clean" fields had a low level of contamination too. What could he do?
It's ridiculous, but we're in the middle of a very... bribe-friendly... political time, in which there are insane developments in IP laws. They'll be reversed eventually - not because I believe in the inherent justice in the system, but because other big corporations with tons of "campaign contributions" are going to start being inconvenienced by stupid overly broad fences erected by judges whose idea of technology is a color television.
So it would be reasonable for him to have refused once or twice, but then cave...
There's no good reason for police to force obviously innocent people to identify themselves. If they have any suspicion of guilt they can ask and demand ID, but for people they have no reasonable suspicion of, it's pretty dangerous.
I'm sure they'd love this at protests.
You don't pick a hash, you exploit the "birthday paradox" to get matching files.
Let's say you're a scummy lawyer and you're asked to draw up a will for an old couple. You do, but being the one who writes the will you're allowed to word it, as long as the meaning is what you wish. So you write two wills, one they see and a fake will. The couple "signs" the will by saying "I atest to the terms in will 0x46894a945...." The idea being that you present the until-then secret will at their death and the family knows it's the right one because it hashes to the hash their grandparents agreed to.
What they don't know is that you wrote the non-fake will and then created a few million mechanical almost-copies, with an extra space here and a different phrasing there. You do the same with the fake will and chances are pretty good that you get a match between the sets. Much, much, better than if you simply created slightly different copies of the fake will trying for a match.
With birthdays there's an even chance that in a room of 23 people, two will have the same birthday. Of course, the chance that someone else shares your birthday is still 1/365 and you need 182 people to make the chance even that someone matches you.
So this is just a specialized case of the birthday paradox where you've got two sets and you only care about cross-set matching. Like what's the chance that a girl at the party has the same birthday as a boy at the same party, for groups of a given size. That, and a year with 2^128th days... But it's still easier than trying to match a specific hash/date.
http://efgh.com/math/birthday.htm - Note that the 'hash'ing they talk about is in an index context, but the same principle applies to crypto.
SHA1 is better in two ways. It's a longer hash, meaning that it's harder to attach like this, and it's stronger, meaning it's harder to predict variation at any step in the hash, so it's harder to make changes that don't change the final outcome.
Mozilla just installed and worked. With flash and everything a click away. ut2004 just installed and worked.
Yahoo and MSN messengers don't but they aren't released for Linux. Gaim/Jabber/etc install very easily though. If you insist on specific windows apps then Linux will never be ready, if you insist on capabilities it's already there.
And as a test, give your mother a Windows XP CD and let her install it. The third time, after she's gotten a worm while trying to service pack it, if she gets that far, and while she tries to remove the spyware you get from using IE and Outlook, ask her if she thinks it's been easy. Mandrake and Fedora are no harder, Xandros is easier, Knoppix doesn't even need an install and it detects hardware I've had to fight with in Windows.