It's not a "black-and-white" issue. No software is 100% secure. No hardware is 100% secure. Users are going to have to patch their systems at one time or another. Users also have to know not to open attachments in email unless they're reasonably[1] sure it's not dangerous.
At the same time, software and hardware manufacturers (closed and open source alike) have to be diligent about shipping reasonably[1] secure products.
And let's not forget the people who supply the pipe through which the lusers with their horrible software are infecting every other computer on the planet. ISP's have to be more responsible for their users. Both in educating them and preventing them from being too dangerous when they do screw up.
Yes. Unfortunately the general trend, even for professionals whose job is writing, is to allow the spelling and grammar checker to substitute for proof reading. I can't tell you how many times I've seen, in supposedly professionally written documents, "you" when the author meant "your", and the obvious permutations thereof, when a simple proof reading by a human would have caught the mistakes. And that's not even counting how relevant the grammar was to the argument.
I'm a tech-head. I think technology can help the human race in some areas. But when humans can't even define what "quality" is to each other, how the hell can they instruct a computer to detect it?
In fact, it's the most reliable and common way of getting a law you don't agree with overturned - break it, get arrested, and challenge it in court.
The problem is you need to show actual harm. Someone has to take the risk of being arrested or sued, and possibly losing in court, before the law gets overturned. In most cases the risk of losing greatly outweighs the cost of complying. In some cases the legal fees to win outweigh the cost of complying. This allows companies with large legal teams to intimidate ordinary people into doing things which would not stand up in court if challenged.
If the agreement was INSIDE the shrinkwrap (as has been tried before), and you are made to agree to it by opening the box, then you would be right.
If it's a click-through EULA, it is inside the shrinkwrap. You cannot read it without buying the software first.
But, as you are given the opportunity to not agree to the terms, logic (not Law, since Law and logic are not always in sync) dictates that the terms are, in fact, binding.
Well, since most vendors won't accept returns on opened software, what exactly is your recourse if you don't agree? Sure, you could only purchase from vendors who accept returns on opened software, but you can't even know to ask that question until you've read the agreement which you can't do until you've purchased the software.
My father said it best when I asked him if he wanted to read the EULA on some software I was installing for him. He said, "I've already paid for it. What am I going to do? Say 'no'?"
I'm not a lawyer and I'm not going to pretend to know anything about contract law, but the problems I see with this from a common sense point of view are: 1) click-through EULAs offer no way of reading the license agreement without purchasing and installing the software. Even if the license is printed on the outside of the box, that's not the license you're agreeing to. There's no way to know that the click-through license is the same as the one on the box before you buy it. 2) most EULAs provide no recourse if you don't agree with the license. Few vendors will accept returns on opened software, but most EULAs tell you to return the software to the vendor if you don't agree to the license. So, you either agree to the license and use the software, or you don't agree and don't use it but you're out the cost of the software.
That doesn't make any sense. You want everyone to read the list and push a button if their vote showed up? well, find, but all you've done is delay the issue...either their 'that's my vote' is matched up with their vote, in which case you're just managed to make it non-anoynous, or it isn't, and there's no reason someone can't sit there and say 'that's my vote' fifty times. Actually, there's no reason they couldn't do that if it wasn't anonymous, either.
If Joe Smith read in the newspaper (or however it's published) that his vote was counted correctly, he need do nothing more. He doesn't have to tell anybody that it's right. He doesn't even have to tell anybody if it's wrong unless he decides to. The only purpose to publishing the vote is so the voter can verify it was counted correctly.
My point is, the voter must trust that the system is working correctly (mechanical, electronic or paper). He has no way to verify the process was correct. By allowing him to verify that a) his vote was registered correctly and b) the number of votes cast for each candidate add up to the reported totals, he no longer has to have blind faith in the security of the system. It also makes it much easier to detect errors / fraud when the outputs of the system are verifiable with the inputs.
It also does not rely on every voter checking his vote. Providing enough people check, the public can be reasonably confident in the outcome. The more errors there are in the outcome, the fewer the number of people required to catch them. The fewer the errors, the more people required to catch them, but the less damage they can do. And the more wrong votes that are reported, the more people will check.
I'm also not suggesting this as a replacement for physical security, but it does go a long way towards making sure the security is working.
If the voter is the only one who knows his number, it can't be tracked. The only purpose of the number is to allow the voter to verify his vote was counted correctly. Nobody else need know it. Have a sticker with two copies of the number, drawn at random. He puts one copy on his ballot before he places it in a sealed box, the other in his pocket and lets no one else see the number.
As for just adding more votes, if everyone can verify their vote is correct and that the total adds up to what was reported, then it's just a matter of making sure the number of votes is less than the number of registered voters. Except in very close elections, you would have to add a bunch more votes to make a difference. Keep in mind, the system we have now doesn't disallow adding more votes either. This would at least allow people to verify their vote was counted correctly.
You do have a point with election buying. But if buying votes is illegal, then the candidate buying the votes opens himself up to criminal risks by offering to buy votes. The risk is proportional to how many votes he needs to buy to win the election. If he doesn't need many votes, it probably isn't worth the risk. If he needs a lot, the risk is much higher that someone will turn him in.
It's not a complete solution. But as it is now, the only person who knows how he voted is the voter and he has no way of telling his vote was counted correctly. There are no checks on the vote counters whether they be machines or people. Solve that problem, and the issue of how the votes get counted becomes much simpler.
Take the card and pop it in the voting box as is normal now. No ambiguous half-filled circles, no dangling chads, no worrying that data in the machine will be lost or untracable.
Just the worry that the voting box will be tampered with or "lost", the machines or people that count the votes will be tampered with or any of a number of ways to commit fraud with paper ballots.
The fundamental flaw in any voting system (electronic, mechanical, paper or smoke signals) which relies on a secret ballot is that the voter has no way of verifying the reported results actually count his vote. Even if you mail him a piece of paper then next day indicating how he voted, he can't verify the total is correct without knowing how everyone else voted, too.
If you assigned everyone a one-time voter number (which changes with every vote) that cannot be used to identify the voter and publish each number / vote pair in the newspaper the next day, you might have a shot at maintaining anonymity and verifiability. It would also make the security of the voting system itself less important since the results could be verified and indiscrepancies caught.
[ObTroll] Of course, this is all assuming that voting actually matters [d&r].
Secret ballots are overrated. I say record everyone's name and how they voted and publish it in the newspaper the next day. It would be trivial to verify that your vote was actually counted correctly and to verify that everyone on the list was actually registered.
Screw this secrecy shit, take responsibility for your vote.
This is not exactly true, you are not forced to release what you have written and you don't have to share the code unless you release your changes.
It depends on how you read the sentence. "You must release it under the same license" does not necessarily mean "you must release it". It could be read to mean "you must relase it under the same license, or not at all". "You must drive on the right side of the road" doesn't mean "you must drive".
Yeah, it could have been clearer, but I wouldn't accuse him of spreading FUD just on that basis.
When you buy a book, you are the owner of the paper it is written on, not the content. When you buy software, you are the owner of the media and the license enclosed, not the program.
There's no guarantee the EULA in the box will match the one on the counter. An unscrupulous manufacturer may be inclined to place egregious terms in the box which are conveniently missing from the counter copy, claiming the counter copy was "outdated". I'm sure the first term in the box would say "This agreement supercedes any and all other agreements made previously." As long as the actual agreement is not visible until after the purchase, there's going to be a problem.
If we're going to say that the end user can't be bound to an agreement he had no chance to review before the purchase, then we can't expect the reseller to be held to an agreement they are never going to see[1]. Unless the manufacturer has made a prior arrangement with the reseller, they have no business making commitments on the reseller's behalf.
[1] Keep in mind, even if the reseller has a copy outside the box, there is no guarantee the EULA inside the box will match it. They can't tell what the EULA says anymore than the customer can.
Pesronally, I do not see how the manufacturer foisting return responsibility on to the vendor is even legal.
The manufacturers could require the retailers, through an agreement, to accept returns as a condition of being a reseller.
The third party really has nothing to do with it.
Technically, the third party sold you the license. They are acting as an agent of the manufacturer and could be held responsible. I'm not suggesting they should be, but a court may decide otherwise.
All that aside, it benefits everyone if the EULA is available before the purchase is made. Retailers don't accept returns on open software to prevent install-and-returns. Customers don't want to have to get home and find out it's unacceptable and then return it. More people may actually read them in that case. Most of the people I know that click through the license without reading it do so, as my father once said, because "I've already paid for it, am I going to say 'No'?"
It's CompUSA's store policy not to accept returns on opened software. They are named in the suit.
The EULA states (usually) that if you don't agree with the terms of the license, to return the software to the retailer. But the EULA isn't binding on the retailer, so they aren't obligated to take it back if it's opened.
Either the manufacturers are going to have to print the EULA on the outside of the box where you can read it before buying it or they are going to require retailers to accept returns on opened merchandise. Of the two, the former is much more likely.
It won't change the EULA's at all, but you'll at least be able to read it before you buy it.
How is buying something over the internet different from mail or phone order? If they're going to start charging sales tax for things ordered out of state, what difference does it make how it got ordered? Even if it's delivered over the internet, how is that different from being delivered UPS ground on a CD?
Why is this an "E-Commerce Tax" and not an "Interstate Commerce" tax?
Parents, who are legally and morally responsibile for their kids, are then empowered into deciding if a game is suitable.
What makes the law stupid is it suggests that parents are completely powerless from preventing their children from buying video games without the law.
If I decide my 12 yearold kid can have alcohol, thats great. I dont want them buying it behind my back, hence they have to be 18 before they can buy it on their own (well, 16-17 depending on time, location and attitude)
The difference being that alcohol has been shown to be harmful to children. Video games have not.
All this legistation is doing is (rightly) expanding the laws that prevent minors from buying "Childs Play 3" to include other media, namely games.
I'm assuming from your web page address that you are in the UK. But since this is a US law, it is relevant the film ratings are completely voluntary and carry no force of law in the United States. Any policies about minors renting or purchasing "R" rated movies is completely up to the retail outlet. The same with Music CD labels. Video games have been voluntarily rated for a while. Why do we need legislation for this?
It does not take away the power, rights or responsibilities of the parent.
Under this law, who gets punished if the minor purchases the game? Not the parent, the store owner. This makes the parent not responsible anymore. It makes someone else responsible for deciding what content is violent and what is not. It makes someone else responsible for keeping it away from the child. All for an unfounded fear that video games are turning our children into murderous psychopaths.
Yes I did: "First, show me the scientific study that proves violent video games are harmful to children.
Second, it's yet another law forcing people to be responsible for raising someone else's kids."
First, let me guess, you're not a parent are you?
Yes, I am.
Second, I don't need some "scientfic" study to see the effects of mild games on my kids. I can think and see for myself.
Ah, yes. Because emotional reactions are so much more reliable then unbiased facts. These people are passing legislation to restrict the purchase of something that has no basis in fact of being harmful to children. At best, it's unnecessary.
Third, it's not forcing somebody else to raise my kids. It's keeping my kids from sneaking behind my back and doing something that I don't approve of.
It's making someone else responsible for something you will not do. If your kids are sneaking behind your back, it's not the store owners fault.
Slashdot Mirror
It's not a "black-and-white" issue. No software is 100% secure. No hardware is 100% secure. Users are going to have to patch their systems at one time or another. Users also have to know not to open attachments in email unless they're reasonably[1] sure it's not dangerous.
At the same time, software and hardware manufacturers (closed and open source alike) have to be diligent about shipping reasonably[1] secure products.
And let's not forget the people who supply the pipe through which the lusers with their horrible software are infecting every other computer on the planet. ISP's have to be more responsible for their users. Both in educating them and preventing them from being too dangerous when they do screw up.
All sides need to do their jobs better.
[1]For very large values of "reasonably"
"Copyright infringement is illegal."
I never said otherwise.
Joseph Stalin once famously said: "Tell a big lie enough times and it becomes the truth."
Repeating the truth does not make it a lie.
>sigh<
Okay, class. Say it with me:
"Copyright infringement is not property theft."
"Copyright infringement is not property theft."
"Copyright infringement is not property theft."
Say it enough and maybe it will sink in.
Yes. Unfortunately the general trend, even for professionals whose job is writing, is to allow the spelling and grammar checker to substitute for proof reading. I can't tell you how many times I've seen, in supposedly professionally written documents, "you" when the author meant "your", and the obvious permutations thereof, when a simple proof reading by a human would have caught the mistakes. And that's not even counting how relevant the grammar was to the argument.
I'm a tech-head. I think technology can help the human race in some areas. But when humans can't even define what "quality" is to each other, how the hell can they instruct a computer to detect it?
-------
Of course, lots of software has the agreement in the box
-------
Really? Like what? Which programs in the last couple years??
It's almost always on the install screen and not in any printed format.
It's on the install screen which comes from the installation media which is inside the box.
In fact, it's the most reliable and common way of getting a law you don't agree with overturned - break it, get arrested, and challenge it in court.
The problem is you need to show actual harm. Someone has to take the risk of being arrested or sued, and possibly losing in court, before the law gets overturned. In most cases the risk of losing greatly outweighs the cost of complying. In some cases the legal fees to win outweigh the cost of complying. This allows companies with large legal teams to intimidate ordinary people into doing things which would not stand up in court if challenged.
If the agreement was INSIDE the shrinkwrap (as has been tried before), and you are made to agree to it by opening the box, then you would be right.
If it's a click-through EULA, it is inside the shrinkwrap. You cannot read it without buying the software first.
But, as you are given the opportunity to not agree to the terms, logic (not Law, since Law and logic are not always in sync) dictates that the terms are, in fact, binding.
Well, since most vendors won't accept returns on opened software, what exactly is your recourse if you don't agree? Sure, you could only purchase from vendors who accept returns on opened software, but you can't even know to ask that question until you've read the agreement which you can't do until you've purchased the software.
My father said it best when I asked him if he wanted to read the EULA on some software I was installing for him. He said, "I've already paid for it. What am I going to do? Say 'no'?"
I'm not a lawyer and I'm not going to pretend to know anything about contract law, but the problems I see with this from a common sense point of view are: 1) click-through EULAs offer no way of reading the license agreement without purchasing and installing the software. Even if the license is printed on the outside of the box, that's not the license you're agreeing to. There's no way to know that the click-through license is the same as the one on the box before you buy it. 2) most EULAs provide no recourse if you don't agree with the license. Few vendors will accept returns on opened software, but most EULAs tell you to return the software to the vendor if you don't agree to the license. So, you either agree to the license and use the software, or you don't agree and don't use it but you're out the cost of the software.
That doesn't make any sense. You want everyone to read the list and push a button if their vote showed up? well, find, but all you've done is delay the issue...either their 'that's my vote' is matched up with their vote, in which case you're just managed to make it non-anoynous, or it isn't, and there's no reason someone can't sit there and say 'that's my vote' fifty times. Actually, there's no reason they couldn't do that if it wasn't anonymous, either.
If Joe Smith read in the newspaper (or however it's published) that his vote was counted correctly, he need do nothing more. He doesn't have to tell anybody that it's right. He doesn't even have to tell anybody if it's wrong unless he decides to. The only purpose to publishing the vote is so the voter can verify it was counted correctly.
My point is, the voter must trust that the system is working correctly (mechanical, electronic or paper). He has no way to verify the process was correct. By allowing him to verify that a) his vote was registered correctly and b) the number of votes cast for each candidate add up to the reported totals, he no longer has to have blind faith in the security of the system. It also makes it much easier to detect errors / fraud when the outputs of the system are verifiable with the inputs.
It also does not rely on every voter checking his vote. Providing enough people check, the public can be reasonably confident in the outcome. The more errors there are in the outcome, the fewer the number of people required to catch them. The fewer the errors, the more people required to catch them, but the less damage they can do. And the more wrong votes that are reported, the more people will check.
I'm also not suggesting this as a replacement for physical security, but it does go a long way towards making sure the security is working.
If the voter is the only one who knows his number, it can't be tracked. The only purpose of the number is to allow the voter to verify his vote was counted correctly. Nobody else need know it. Have a sticker with two copies of the number, drawn at random. He puts one copy on his ballot before he places it in a sealed box, the other in his pocket and lets no one else see the number.
As for just adding more votes, if everyone can verify their vote is correct and that the total adds up to what was reported, then it's just a matter of making sure the number of votes is less than the number of registered voters. Except in very close elections, you would have to add a bunch more votes to make a difference. Keep in mind, the system we have now doesn't disallow adding more votes either. This would at least allow people to verify their vote was counted correctly.
You do have a point with election buying. But if buying votes is illegal, then the candidate buying the votes opens himself up to criminal risks by offering to buy votes. The risk is proportional to how many votes he needs to buy to win the election. If he doesn't need many votes, it probably isn't worth the risk. If he needs a lot, the risk is much higher that someone will turn him in.
It's not a complete solution. But as it is now, the only person who knows how he voted is the voter and he has no way of telling his vote was counted correctly. There are no checks on the vote counters whether they be machines or people. Solve that problem, and the issue of how the votes get counted becomes much simpler.
Take the card and pop it in the voting box as is normal now. No ambiguous half-filled circles, no dangling chads, no worrying that data in the machine will be lost or untracable.
Just the worry that the voting box will be tampered with or "lost", the machines or people that count the votes will be tampered with or any of a number of ways to commit fraud with paper ballots.
The fundamental flaw in any voting system (electronic, mechanical, paper or smoke signals) which relies on a secret ballot is that the voter has no way of verifying the reported results actually count his vote. Even if you mail him a piece of paper then next day indicating how he voted, he can't verify the total is correct without knowing how everyone else voted, too.
If you assigned everyone a one-time voter number (which changes with every vote) that cannot be used to identify the voter and publish each number / vote pair in the newspaper the next day, you might have a shot at maintaining anonymity and verifiability. It would also make the security of the voting system itself less important since the results could be verified and indiscrepancies caught.
[ObTroll] Of course, this is all assuming that voting actually matters [d&r].
Secret ballots are overrated. I say record everyone's name and how they voted and publish it in the newspaper the next day. It would be trivial to verify that your vote was actually counted correctly and to verify that everyone on the list was actually registered.
Screw this secrecy shit, take responsibility for your vote.
This is not exactly true, you are not forced to release what you have written and you don't have to share the code unless you release your changes.
It depends on how you read the sentence. "You must release it under the same license" does not necessarily mean "you must release it". It could be read to mean "you must relase it under the same license, or not at all". "You must drive on the right side of the road" doesn't mean "you must drive".
Yeah, it could have been clearer, but I wouldn't accuse him of spreading FUD just on that basis.
When you buy a book, you are the owner of the paper it is written on, not the content. When you buy software, you are the owner of the media and the license enclosed, not the program.
There's no guarantee the EULA in the box will match the one on the counter. An unscrupulous manufacturer may be inclined to place egregious terms in the box which are conveniently missing from the counter copy, claiming the counter copy was "outdated". I'm sure the first term in the box would say "This agreement supercedes any and all other agreements made previously." As long as the actual agreement is not visible until after the purchase, there's going to be a problem.
If we're going to say that the end user can't be bound to an agreement he had no chance to review before the purchase, then we can't expect the reseller to be held to an agreement they are never going to see[1]. Unless the manufacturer has made a prior arrangement with the reseller, they have no business making commitments on the reseller's behalf.
[1] Keep in mind, even if the reseller has a copy outside the box, there is no guarantee the EULA inside the box will match it. They can't tell what the EULA says anymore than the customer can.
Pesronally, I do not see how the manufacturer foisting return responsibility on to the vendor is even legal.
The manufacturers could require the retailers, through an agreement, to accept returns as a condition of being a reseller.
The third party really has nothing to do with it.
Technically, the third party sold you the license. They are acting as an agent of the manufacturer and could be held responsible. I'm not suggesting they should be, but a court may decide otherwise.
All that aside, it benefits everyone if the EULA is available before the purchase is made. Retailers don't accept returns on open software to prevent install-and-returns. Customers don't want to have to get home and find out it's unacceptable and then return it. More people may actually read them in that case. Most of the people I know that click through the license without reading it do so, as my father once said, because "I've already paid for it, am I going to say 'No'?"
It's CompUSA's store policy not to accept returns on opened software. They are named in the suit.
The EULA states (usually) that if you don't agree with the terms of the license, to return the software to the retailer. But the EULA isn't binding on the retailer, so they aren't obligated to take it back if it's opened.
Either the manufacturers are going to have to print the EULA on the outside of the box where you can read it before buying it or they are going to require retailers to accept returns on opened merchandise. Of the two, the former is much more likely.
It won't change the EULA's at all, but you'll at least be able to read it before you buy it.
How is buying something over the internet different from mail or phone order? If they're going to start charging sales tax for things ordered out of state, what difference does it make how it got ordered? Even if it's delivered over the internet, how is that different from being delivered UPS ground on a CD?
Why is this an "E-Commerce Tax" and not an "Interstate Commerce" tax?
Parents, who are legally and morally responsibile for their kids, are then empowered into deciding if a game is suitable.
What makes the law stupid is it suggests that parents are completely powerless from preventing their children from buying video games without the law.
If I decide my 12 yearold kid can have alcohol, thats great. I dont want them buying it behind my back, hence they have to be 18 before they can buy it on their own (well, 16-17 depending on time, location and attitude)
The difference being that alcohol has been shown to be harmful to children. Video games have not.
All this legistation is doing is (rightly) expanding the laws that prevent minors from buying "Childs Play 3" to include other media, namely games.
I'm assuming from your web page address that you are in the UK. But since this is a US law, it is relevant the film ratings are completely voluntary and carry no force of law in the United States. Any policies about minors renting or purchasing "R" rated movies is completely up to the retail outlet. The same with Music CD labels. Video games have been voluntarily rated for a while. Why do we need legislation for this?
It does not take away the power, rights or responsibilities of the parent.
Under this law, who gets punished if the minor purchases the game? Not the parent, the store owner. This makes the parent not responsible anymore. It makes someone else responsible for deciding what content is violent and what is not. It makes someone else responsible for keeping it away from the child. All for an unfounded fear that video games are turning our children into murderous psychopaths.
Why is it a stupid law? You never said why.
Yes I did: "First, show me the scientific study that proves violent video games are harmful to children.
Second, it's yet another law forcing people to be responsible for raising someone else's kids."
First, let me guess, you're not a parent are you?
Yes, I am.
Second, I don't need some "scientfic" study to see the effects of mild games on my kids. I can think and see for myself.
Ah, yes. Because emotional reactions are so much more reliable then unbiased facts. These people are passing legislation to restrict the purchase of something that has no basis in fact of being harmful to children. At best, it's unnecessary.
Third, it's not forcing somebody else to raise my kids. It's keeping my kids from sneaking behind my back and doing something that I don't approve of.
It's making someone else responsible for something you will not do. If your kids are sneaking behind your back, it's not the store owners fault.
Give me one good reason why this is a good thing.
We're talking about passing legislation here. "Why not" doesn't cut it.
It's a stupid law.
First, show me the scientific study that proves violent video games are harmful to children.
Second, it's yet another law forcing people to be responsible for raising someone else's kids.
If parents don't want their children playing violent video games then maybe they should take an active interest in their children's life.
"After spending millions on the lawsuit, SCO is expected to ask for an apology and a promise never to do it again."