Slashdot Mirror


User: WNight

WNight's activity in the archive.

Stories
0
Comments
6,024
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 6,024

  1. Re:Trust. on EFF Position on Trusted Computing · · Score: 1

    Wrong. You have no right to create duplicate copies of a copyrighted work. But copies implicit in its use, such as modifying it for your enjoyment or playing it, are explicitly allowed under US copyright and most other copyright acts around the world.

    You can buy a DVD and legally modify it however you wish, just as you can write in the margins of a book and black out the bad words. You may violate the DMCA doing this, but that's not a copyright issue (you're allowed to do it, the DMCA just forbids certain ways of doing it and certain motivations) and the DMCA is likely going the way of the UCITA. The DMCA is being used as a blanket law to squash too many legitimate pursuits, eventually states are going to write laws that as good as render their citizens immune to prosecution under it and eventually it'll get overturned. This is in process for the UCITA already.

  2. Re:Doesn't that... on EFF Position on Trusted Computing · · Score: 1

    It's not only extreme, it's stupid. Both because of the implications of losing your content when someone whistles happy birthday that you mention, but because it's flawed.

    For one, A/D converters are literally selling for pennies in quantity. Adding public-key decryption and watermark scanning in realtime would mean we'd need the equivalent of a pentium in every A/D converter. Now the price has gone from pennies to tens of dollars, at a minimum. This would make nearly every electronic device that consumers buy more expensive by a factor of ten, I'd guess. (After all, even A/D converters that aren't being used for audio recording could be used that way if you disassembled the device and took the components.) Trying to legislate this would never work once consumers realized that a cordless phone would cost five hundred dollars, that a microwave over would cost over a grand, etc. Worse, they'd never get as cheap as they are now.

    But, finally and most importantly, there are billions of A/D converters in existance without Fritz chips. Simple ones used to read thermometers in a fridge and complex ones with the quality to record 24/96 audio. (Not that a lot of lesser ones could be made to produce a higher quality signal, with the right processing and quite a few passes.) These aren't going to disappear and even if they're declared legal it'll just mean that only criminals have them.

    If even one unsecured A/D converter exists, or can be built by a electronic grad student, no content is secure from this. You can copy it, strip the watermark, and pass the unsecured data around the world for even people with Fritz chips to enjoy.

    The only thing for them to do, if they want to stop this, is simply charge everyone a content tax. They assume we're all pirates and bill us accordingly at tax time. Except some retribution though if they try it.

  3. Re:I want a secure computer on EFF Position on Trusted Computing · · Score: 1

    If you wish to use a house analogy, it's like having a house whose walls are completely transparent. You've got a tarp over it most of the time, but if someone asks you a question about your house, even if you don't wish them to know, you are unable to lie because they demand to look for themselves. Further, because it's one of these transparent houses (a computer - not granted the same constitutional protection as a primary residence) the police can lift the tarp and peer in. Even worse, it's impossible for you to stop this because while you have a "tell me who wants to look" feature, it can be overriden for you by the company that built your house.

    However, I think it's probably best to ditch the analogy. It's a computer that anyone can query and (supposedly) get a unfakable answer about what you're running. Now instead of being able to fake your user agent string to view a site that merely "Works best in IE", you'll be unable to use it at all. Great advancement in my ability to use my computer. You'll also have DVDs that don't contain the decryption keys, they'll phone home and ask for a key, provided you aren't running anything that might let you take a screenshot, or evil hacker tools like a debugger (which is always running on my computer because I'm frequently doing driver development work for the company I work at), and if the player is one of a select few that won't let you skip advertisments or trailers. It'll also be a computer that'll secretly respond to the authorities, or whoever you OS vendor thinks are the authorities, with any information about your computer... But only if they have a warrant of course.

    Yeah, that's an exciting new world.

  4. Re:IF mobs are smarter... on Smart People in the News: Rheingold, Gosling · · Score: 1

    The point about pointing out that morals are not absolute is a good one. Once you can't claim something is correct "just because", you gain the ability to question it.

    And yeah, it was nice to have a long discussion about racism that didn't end in tears and threats. :) Maybe we should submit this to a internet-debate hall-of-fame or something...

  5. Re:Bad assumption on EFF Position on Trusted Computing · · Score: 1

    Palladium and similar "trusted" environments won't help your server at all. It's not like you've got a "Upload and run program - non-malicious only please" page on your server, where all you need is a decent way of checking digital signatures. Attacks happen when there's a hole in software. When bad data (that's all code it, until your machine decides to execute it) causes a program to do something it has the access to do, but is not supposed to be doing.

    For example, Outlook has access (intentionally) to your MyDocuments folder, so you can send attachments. Outlook has the ability to send email, and to read from the address book. You should be able to write a script to get outlook to email random documents to random people. This is intentional. The only problem is that a badly formed email can cause Outlook to do this without the owner's intent.

    Palladium won't stop this. It's not like people are going to submit their emails to Microsoft for a round of testing and a "Certified safe data" signature to apply. EMail will still come from untrusted sources and will still contain information that breaks tricks outlook into doing something it shouldn't.

    For better security, run your services (all of them ideally) in a chroot jail, using remount to expose files to them on a case by case basis. Give them read access only, accept to a few key files, probably logs. This way, even if someone does trick the service into doing bad things, its ability to do anything is severely limited.

    And there are ways of keeping Outlook locked in its own directory, unable to read your files, yet able to send them at your command. Have it request a system file-selector dialog. This dialog would be a system tool, not an Outlook window. When a file was selected the contents (not a pointer to it) would be passed to outlook in a manner similar to the clipboard. Even if you got an Outlook worm it would only be able to request this system dialog, not actually open a file and send it.

    This, without any hardware protection of cryptographic keys, would be more secure than Palladium (or any other "trusted" architecture). If there was an OS exploit (an ability to fake console input) you'd be at risk, but you would with a trusted architecture too. The difference is that only an OS leak would cause improper application access. A mere application bug (95%+ of the bugs out there) would only cause problems for that appliciation.

  6. Re:Sad to see EFF legitimizing this on EFF Position on Trusted Computing · · Score: 1

    I agree. I think the EFF is saying essentially, "TCPA is anti-customer, remove [core feature that sounds minor] and it won't be." They're doing it in a way that people can't help but agree with "Owner override? Of course I trust myself," so that the TC advocates can't ignore it. But, if they comply, the intended 100% trust won't be there and none of the friendly companies advocating this will want to be involved.

    It's the computer equivalent of fluffy kittens and kissing babies, of "won't someone please think of the children." In other words, it's a hand-wave, a delibrate misunderstanding and misstating of the issue, intended to redirect everyone but the frustrated original person, the TC advocates in this case.

    Do they want to be seen as being anti-consumer? Do they think they've got popular support, given the results the RIAA is getting?

  7. Re:Liable in my state on Lawsuit Against Microsoft Over Insecure Software · · Score: 1

    All you have to do to avoid that is document every known bug. It's legal to sell fast motorcycles to people, despite their deadliness if used incorrectly. You simply don't misrepresent the product and tell the user about the issues if they ask.

    Thus, as long as your open source project has an open bug database and you compile a "known issues" list at every release you should never be liable for knowingly releasing a defective product and not informing the users. If they choose to use it, knowing the risks, they can't come back to you for damages. At least, not past the purchase price (unfit for sale, fails implied warranty of merchantability, etc).

  8. Re:OSS would be lible for damages too on Lawsuit Against Microsoft Over Insecure Software · · Score: 1

    If I give away free chairs I'm liable to the tune of $0 for damages. That is, unless I knew about a potentially dangerous flaw, not simply a failure to operate as a chair. If I gave away a webserver that failed to function as a webserver, or didn't properly enforce security, I wouldn't be liable past the price of the product. (A refund essentially.) If someone used a backdoor that I put in there and did harm with this intentional hole, it would be different.

    No matter how much you MS appologists want it, giving products away removes much of the liability.

  9. Re:IF mobs are smarter... on Smart People in the News: Rheingold, Gosling · · Score: 1

    Okay, the thing you're proud of doesn't have to be better, just yours. I think for pride to be rational (as much as it could be) it has to be in something that you've had a part in. Your kid, your project, etc.

    I don't know where pride in a country fits, or pride in a sports team. I think Canada is pretty cool but I don't feel pride in it, but then I don't feel guilty about the crimes of Canada or dead white men, or anyone who isn't me.

    So yeah, I guess people can be proud of their race in the same way. "A bunch of people who weren't me, but who looked like me, did some cool stuff. Yay me!" Weird but plausible.

    I'll still hear a racist overtone, but I'll try to keep in mind that they don't mean it that way.

  10. Re:Following their lead on Lawsuit Against Microsoft Over Insecure Software · · Score: 1

    Technically, it's not anecdotal. Anecdotal evidence is casual instead of rigorous.

    If he clicked on a URL and his browser died it's pretty much got to be the link. I'd feel coincidence is unlikely because he was told beforehand to go to the link with the intent of killing IE. It's possible the friend had a trojan on his computer and crashed the browser manually, but that doesn't sound too likely. Especially when there are known bugs in IE, it's not hard to believe in a new one.

    His proof would be anecdotal if he had used IE and simply found that it crashed a lot, especially on "hacker" sites. A lot compared to what, and what's a hacker site, etc.

    You may not believe him, but that has nothing to do with the anecdotalness of the proof.

  11. Re:Wealth creation? on Computers, Unemployment and Wealth Creation · · Score: 1

    I'm not saying it's *my* worldview of enlightened self interest, I'm saying that all that is required for a society is the basic ability to understand deferred rewards, or in other words, enlightened self interest. You don't need morality to have laws, you only need to have people who understand that laws which may hinder them in the short term (taking away theft as a valid career option) allow them to accumulate much more in the end, by making their posessions safe from other would-be thieves.

    As to murder being acceptable in some parts of the world, this is mistaken. What is legal is the judicially sanctioned killing of criminals. Adultery is a crime which warrants the death penalty. You could stone an adultress to death (don't try to apply the rules to the men) and it would be legal, but to stone the same woman to death without "proof" of her crime would not be tolerated. In this sense, there is agreement that unsanctioned killing should not be allowed. Murder is essentially defined as unsanctioned killing, not as any killing.

    Much the same with theft. No society allows theft. You may say that the taxation is theft, but it is government sanctioned theft.

    It isn't even required that you have some sense of wanting to benefit "society", only a desire to help your self. A society of sorts, even implicit agreements to talk first and shoot later, is required for any sort of commerce. Assuming you don't intend to live off the land, you need trade. Or, you intend to take what you want, in which case you're the enemy of society and your views aren't really that important to anyone else.

    Anyways, the happiness of everyone is not required. If you insist on laws that control my private actions, you're saying that one or the other of us will not be happy. In this case I think society is fairly justified in ignoring your demands, telling you to stop seeking me out to be offended by me. In other words, you're entitled to the pursuit of happiness, but not to happiness yourself. If you interfere with your own happiness, tough.

    Finally, the emulation by your children, of me, isn't my problem. In fact, I'd say it's a feature of society. As long as I get to teach my children what I want at home it only makes them better people with better critical thinking skills to be exposed to multiple viewpoints and to question everything. If your teachings can't stand up to my "long hair", I say it's for the best.

    Anyways, there may be cases where a system based on enlightened self interest wouldn't please everyone, but I don't think there are any cases where a religious system would please those people, except in that they would like to see the promotion of their religion. In essense, they can only be happy when they are in charge, dictating rules to others.

  12. Re:Why ? on Replacing the Aging Init Procedure on Linux · · Score: 1

    Technically, anything that can execute a daemon can be used for init scripts. Embedded linux (the only reason to not have maybe 20MB of Perl and Python) can get by with a simple shell script, or even lighter weight, just a list of services to run and standardize parameters. (In other words, get rid of the need for a script for each.)

    The reason to write this in Python (or Perl) is that shell scripting is hideously ugly. While it's technically Turing complete it lacks many features that modern programmers feel are essential. When I have to write something in shell script it invariable takes longer, produces longer and uglier code, is less robust, slower to execute, and has less features because everything I want to add is such a pain.

    Something like this is pretty much the exact target application for a language like Python or Perl.

  13. Cracking vs Buying on The Incredible Shrinking Recording Studio · · Score: 1

    There are a lot of students, deadbeats, or casual users of expensive art/music/modelling software who aren't going to buy the software if it can't be cracked. You call this irrelevant, but it goes to poke holes in your numbers. If I sell a CAD package for $10k and along with my thousand registered users, ten people pirate it, or a million people pirate it, I still make $10M. The percentage of pirates changes, but because the copies don't cost me anything they don't cut into the bottom line. The only way you "lose" money is if that person would have bought the software. Most of those 95% wouldn't/couldn't so while immoral, they aren't an impact on the bottom line. They aren't a lost sale.

    If businesses or pros working in the industry who could buy just copied software instead you'd lose a sale, but I think most businesses are going to buy because they're afraid of being reported, even if they don't care about the ethics. All the pro shops I've done any consulting for have paid for all the main software they use, like Photoshop and Illustrator.

    I think part of what you're missing in this equation is that many people aren't going to have the recommended system, when I was a student I had a $400 (at a best guess) PC, not the $2000 one you'd want if you were going to run Photoshop properly. Also, even when someone does have a $2000 computer and they pirate Photoshop they probably didn't buy the computer for that purpose. It's a general use computer and use of pirated copies of Photoshop are merely an incidental benefit.

  14. Re:Wealth creation? on Computers, Unemployment and Wealth Creation · · Score: 1

    The idea is to pick ideas that everyone can tolerate, even if they aren't very fond of, with an eye to minding your own business.

    If my hair length doesn't directly impact you, you shouldn't have any say over it unless I come onto your private property. If the smoke from my cigarette drifts past you, you should have a say.

    Further, there are some basic rules we all need to agree on to make the world run smoothly. Basic property laws, assault and murder laws, etc. Even if they aren't always just (ie, I doubt your right to the property) there are courts to decide these issues and I shouldn't just take what I feel is only yours through error.

    You don't even need morals to understand how a law against killing helps society. It's pretty basic, if you feel safe to walk the street you'll be a lot more productive (time and energy not spent on defence, etc) and in the end, everyone benefits.

    While a law against murder may have been codified as a religious law, every society has a similar law and not all are religious and the ones that are aren't from the same god, so I think it's fair to say some concepts are universal.

    So yes, I think my assumptions are the right ones. We should try to have the minimum of rules, and the most consistent and agreed upon rules. Murder, theft, etc. Further, we shouldn't have any rules for victimless crimes. I really don't care that you think my hair (for example) is an offense against god.

    Thus, seeing as I don't think religion is in any way needed or even to be desired by society, I don't think we should sponsor it. I don't expect you to fund my hypothetical athiesm-based philosophy class, and I don't want to fund your, or anyone else's, religious classes. That sort of thing, if it's necessary to teach, can be done at home. Because I think all laws that we need can be derived from enlightened self interest I don't think we need religion in government.

  15. Re:IF mobs are smarter... on Smart People in the News: Rheingold, Gosling · · Score: 1

    I think there's a big difference with being happy with the hand that fate dealt you, your skin color, your eye color, etc, and being proud of them. To be proud implies that there's something special and that you had something to do with it. Even if I'd rather have hair than be bald, it's not a "proud" thing because I didn't do anything either way. It's like winning the lottery, you hear people say "I'm so happy!", not "I'm so proud." Athletes who win a race, or authors who get published say "I'm proud of my accomplishments."

    In this sense, I think it's wrong to be proud of your skin color. I don't think you can be proud of something, without thinking it's special, better than something else. If you think that your skin color is better than another skin color we're right back at mild racism. And to answer your point, I don't feel that my skin color is better. I'm used to it. It's neither good nor bad, and I actually forget all about the issue most of the time. Usually until I sunburn, or someone talks about being proud of having different skin. This is partly why I don't understand, I don't think about it often enough to care, let alone be proud.

    On the culture topic, I would agree that you should be able to live your life however you want, but not when it goes so far as to restrict someone else. If US culture (I'm not in the US btw) is so popular as to be adopted everywhere else, perhaps it is better, in the sense that people enjoy living that way. If you want crappy hamburgers and dumb TV shows I pity you, because that's not my culture, but I don't feel I have a right to stop you from partaking. If I want people to follow my traditions I need to show people they can be enjoyable and get people to want to partake.

    This is the problem with older generations wanting to bring the children into the old ways - they often only show them the traditions in dull ceremonial ways, not as they can simply relate to decent dinner ideas of fun party games. As such, the children associate the old ways with dull or weird ways and justifiably drop them as soon as possible.

  16. Re:Wealth creation? on Computers, Unemployment and Wealth Creation · · Score: 1

    I disagree. Religion is an organized system of belief. Athiesm is a lack of belief and it's not organized. I don't believe in something else in place of a god and I surely don't read a bible to tell me what I can believe. I think the only way you can confuse a religion with a lack of religion is if you are religious and can't understand how someone could survive without a religion, you'd imagine a substitute instead of an alternative.

    As far as I'm concerned, though kooky, everyone has a right to their religion. What they don't have is a right to make me pay for it. Teach it at home, teach it at church, even teach it at a privately funded school, just don't make it part of the public school system and don't ask me for any money for it.

  17. Re:IF mobs are smarter... on Smart People in the News: Rheingold, Gosling · · Score: 1

    I think the difference is that I think "I'm black and proud of it" is somewhat racist. I mean, I'm white, and, um, it's, um, a skin color. You know. Like having blue eyes, or dark hair, or anything else physical. To imply that it's worth being proud of is implying that it makes a difference, and that implies that there's one way that's better than another. Why does it sound racist to say "I'm proud of being blonde-haired and blue-eyed," and empowered to say "I'm proud of being black"?

    My opinion on "protecting your culture", at least as everyone means it when they say that, is that it's all about making other people live the way you want them to. I doubt anyone is really having their right to celebrate their heritage's holidays in traditional ways. If it's anything like every other time I hear about this, it's people being upset about children not adopting traditional ways.

  18. Re:NBC and Computer Associates. on Group Asks Gov't to Crack Down on Product Placement · · Score: 1

    I remember brands from commercials. When a commercial annoys me enough I will make a point of remembering to never buy from them again.

    Not all publicity is good publicity.

  19. Re:Opening the company to copyright liability on Changes in the Network Security Model? · · Score: 1

    Technically, what I mean by authorized them implicitly, is that you're hired as a sales clerk and while your boss didn't say "you are allowed to sell the inventory of this company", he did implicitly authorized you to sell items with price tags on them.

    However, opening the ports for Kazaa (general purpose) would be different than opening the ports for Napster (music only). I don't think either is a direct violation, but the first is a lot easier to explain away.

    I think the situation most likely to occur though is that the company doesn't lock down outgoing ports for Kazaa and employees use it, with no interference, or help, from the company. In this situation it'd be pretty hard for the company to be blamed for the non-work actions (even if they occured while on the premises) of their employees.

  20. Re:Wealth creation? on Computers, Unemployment and Wealth Creation · · Score: 1

    I think private land is the appropriate place for restrictive laws. Want to make everyone wear long-sleeve shirts and full pants? Setup a gated community, don't claim any governmental status (municipality, etc) and you're allowed all the rules I claim in my own home.

    But, call yourselves a city, build on public land, and you should be held to national standards.

    Same as I feel about private schools. Want to teach creationism? Fine, build your own "school" and misinform your children there. Want to receive any public funding? Then start conforming to what the public thinks a school is; a centre of education, not a place for religious indoctrination.

  21. Re:+5: Socialism Advocate on Computers, Unemployment and Wealth Creation · · Score: 1

    I'm living a just and kind life, that doesn't seem to greatly intersect with the christian bible any more than it intersects the teachings of Buddha or anyone else. I also find many cases in which the bible is, as I see it, way off base. This means that I don't think the bible is being shown to be correct. I'm sure I'd agree with Jeffery Dahlmer on some issues, that doesn't mean he's correct.

    Your point about the book of acts is related to what I was saying. There's a lot of writing in the "bible". You have to pick and choose what to obey. One part overrules another, etc. Did Jesus, the only one who was right by definition, say "Ignore these rules" or is it implied by the rest of his teachings?

    I never really understood the idea of being religious (accepting things on faith) and examining the book to follow what feels right. If you think there's a god and this is his word, follow it. If you don't believe this (as I do not) then skim the book for good ideas perhaps, but don't "follow" anything. Adopt good ideas into your personal philosophy, ignore the rest.

    Anyways, what I'm trying to say is that if you want your opinion to be respected, justify it. Don't do that by saying, "I think X, Famous person Y agrees with me." Say, "I think X because ..." If you want someone to act in a certain manner, explain how it's the best for them (in the social context, where purely greedy actions are often counter-productive in the long term). Don't say, "My book says," and expect them to listen.

  22. Re:+5: Socialism Advocate on Computers, Unemployment and Wealth Creation · · Score: 1

    If the best way you can "prove" something is to quote someone, chances are you aren't very convincing.

    If I wanted to follow rules from old books there are plenty to choose from and even the best of them aren't all right. It still requires judgement or you're avoiding shellfish and pork at the same time as turning the other cheek. Why not simply skip the dusty old book step and examine your actions.

    What I don't see is how you expect any quote from the bible to be a testimony to the rightness of the bible. If you like circular proofs, consider that I declare this post to be absolutely correct.

    I question how deeply you can think if you come up with those answers.

  23. Re:ideal vs practical on Changes in the Network Security Model? · · Score: 1

    I hope your network doesn't have any client machines that'll boot from removable media, has a passworded bios, and intrusion detection on the case. Otherwise someone MIGHT have brought a boot disk from home and bypassed everything.

    I mean, it's incredibly unlikely, but you can never be sure so you should run around like a chicken with your head cut off, reinstalling everything despite the fact that you haven't identified a hole, let alone closed it.

    That way lies true security - your network will be down so often that nothing else will happen to it.

  24. Re:Opening the company to copyright liability on Changes in the Network Security Model? · · Score: 1

    This "your company is liable for your employees files" is bullshit. You're not liable if an employee brings a suitcase of drugs to work, nor are you liable if the employee sneaks into a back room to use those drugs.

    Further, you aren't even liable if you don't take any precautions to stop this. It's not your duty to stop this.

    In fact, your only liability could come from running scans, looking for MP3s, deciding they're not legit and then not doing something. Then you'd be in the position of having asked the employee for a glimpse into their suitcase, seeing the drugs, and then being obligated to report them.

    Ignore the possiblity. Post a rule saying "The company accepts no responsibility for any unauthorized modifications to your personal workstation - you retain sole responsibility for your actions despite using company equipment." It'll help you show that you didn't know that the employee was doing something possibly illegal and it'll keep you out of trouble.

    The only way in which an employer is legal responsible for the actions of their employees is when the employer authorized them (even implicitly) to do those things. If I damage something when installing our product on a customer site it's my company's problem. If I use the photocopier to print money, when they aren't looking, it's not their fault.

  25. Re:No wonder... on iRiver Announces A New Ogg/MP3 Player · · Score: 1

    > What's the point of logging in?

    Seeing replies to your posts. One of the reason that many people ignore ACs is that you usually can't have a conversation with them. Logged in users get told about replies and get a link to view them directly.

    As for the music, I've got a lot of my own rips, but I've also downloaded everything I had on tape or record. Technically it's a violation but that's something I don't feel hurts anyone. I paid for the song, I'm listening to the song.