If self-preservation is an instinct you possess, you should not be probing any site that has not contracted you to do so. You are probably opening yourself and your company to liability when you do so. Most computer crime statutes criminalize "unauthorized access", where unauthorized simply means you didn't have permission from the owner to access the computer resources that you did.
Now, it may certainly be true that a company that has a published link on the front page of their website to a document X (where X is information that the company would prefer remain private) probably would see their case against an entity Y accused of accessing X without authorization dismissed almost immediately. But that doesn't mean that it hasn't cost Y anything, even though the case never went to trial.
Further, the vulnerabilities you are discussing require you to access your non-client's sites in... unconventional ways. Courts do not understand technology, but by now many judges understand that your average consumer is not going to be firing up SQL Server Enterprise manager to make authorized access to any given internet site that they have no contract or agreement with.
If you have already come forward to one of your lost clients and merely been called a sore loser, you're either lucky or have no significant assets. From a legal standpoint, you should not be making unauthorized access to any site, for any reason.
You already made unauthorized access to the site of at least one non-client, that you've mentioned. It sounds like your actions went beyond a simple portscan, which is probably ok, to retrieving database records (the hire dates, fire dates, ssns you mention), which in court would quite possibly be actionable - at the very least, you won't get a summary dismissal.
Unless you'd *LIKE* to get sued by a lost client with a grudge, you shouldn't be probing their sites.
Actually, Linux is dreadfully slow on the Sun4c architecture. The hardware MMU does not work with Linux, so it is all done in software. While it does reduce overhead to run Linux, I found it was still quite slow on my SS2. For Sun4c machines run OpenBSD/NetBSD. You will notice a difference. The hardware MMU on Sun4m and later SPARC CPU's is well supported by Linux.
At the time I'm referring to (late '98), Linux did beat the snot out of Solaris 2.5 on my IPX at work, had great framebuffer console support, and ran SunOS 4.x binaries (Netscape!). It ran pretty well for my purposes (Netscape & xterms, running wm2). I don't remember why I didn't go with NetBSD at that time; I used to run NetBSD at home on a Macintosh SE/30 a few years prior, and was using my BSD-based NextStation as my primary home machine.
...Solaris is better suited than Linux for most SPARCs.
I have, in the past, run Linux/SPARC on older machines (pre-sun4m boxes like the IPX, IPC, SS2) where the lower overhead of Linux made a significant improvement in the usability of the machine as a workstation, but that's about the only circumstance I can think of where Linux is better suited for a Sun box than the OS it was designed with.
Given the mandatory tap-and-trace infrastructure provisions of CALEA (the Communications Assistance to Law Enforcement Act of 1994), plus the long history of cozy cooperation between Ma Bell and the feds, I think you can safely assume that there's no way to detect taps with simple voltage checkers. Such devices might tell you if another phone has been plugged in to your circuit, but taps are done at the central office; since the switches these days are overwhelmingly digital, the telco just commands the switch to duplicate traffic to/from port X of blade Y to another port (like a "management port" on a router). The cops just tune in on this monitoring port - they don't touch your physical circuit, and so avoid changing its electrical properties and tipping you off.
There's nothing secret about this - do a search for CALEA and you'll find hundreds of links.
If the very influencial LEA and Intel agencies failed to convince the US legislature / ANSI using the Four Horsemen argument (e.g. that nuclear terrorists, child pornographers, money launderers, and drug dealers, would flourish if crypto remained freely available) then what makes you think RIAA / MPAA can succeed by persuading congress with the argument that the latest movies are being copied illegaly?
Law enforcement and intelligence agencies don't have lobbying budgets, and don't make campaign contributions, where the sole purpose of "industry associations" like the MPAA and RIAA is to collectively represent the cartels' interests in politics. Also, while cops show up on the news occasionally, the ??AA member companies *are* the news (see ABCDisney, AOLTimeWarner (CNN), CBS/Viacom, etc.). No politician is willing to trash the media cartels, as long as they're dependent on them to get elected/stay in office.
If the collective tech/electronics industries weren't so cowed by the ??AA's political muscle (and deathgrip on the media), they would have kicked big media to the curb as soon as they realized that more dollars were spent on CD-R/RW drives and media last year, alone, than the entire MPAA grossed at the box office, and that unlike the MPAA, CD/DVD-R/RW sales are still growing to the tune of 10-25%/year.
Those calling themselves "anti-abortion" have defined themselves by what they are against - the act of abortion.
Those calling themselves "pro-choice" have defined themselves by what they are for - the right of a woman to choose whether or not to carry a child to term.
"Pro-life", while not inherently descriptive, has become shorthand for "in favor extending the legal definition of human life as beginning at conception, and of extending the attendant rights and protections to the zygote/embryo/fetus at that point". I'm not a fan of this term, because it's less precise than "anti-abortion".
I could see the term "pro-abortion" being used accurately to describe those who favor the act of abortion itself - the only example I can think of would be forced abortion/sterilization that has taken place in parts of China as population control measures.
Of course, many from each side like to tar the other with terms like "pro-abortion" (inaccurate insofar as "pro-choice" != "pro-abortion"; it's not about the act of abortion but about the decision to carry a child to term belonging to the woman carrying it.), "anti-life" (who would describe themselves as "anti-life"? This is just the classic semiotic game of attempting to redefine your opponent's position through loaded words with multiple connotative/denotative meanings.), or "anti-choice" (a favorite of some on the "pro-choice" camp. Technically accurate, inasmuch as an abortion ban removes choice, but similarly loaded as in the last example).
I'm wasting a lot of wind here, so I'll recap:
anti-abortion = opposed to the act of abortion
pro-choice = supporting a woman's right to choose whether or not to carry a child in her own body to term
pro-abortion = in favor of the act of abortion, advocating the act itself
All joking aside, it's pretty obvious that the federales want an IM monopoly (or at worst, an oligopoly with AOL and MSN), for one excellent reason - every "buddy list" is available at a central location. Even if the messages don't transit AOL's servers themselves, it's the buddy list that's important anyhow.
I've brought this example up before, but here goes: say one of your AIM buddies, unknown to you, commits or comes under suspicion of having committed some hot-button computer crime (DoS, whatever). At roughly the same time, you were online, with this user in your buddy list (or vice versa).
Now, you're drawn into the investigation. All your electronics are confiscated as potential evidence. At best, you might get them back in a year. At worst, the investigation of your friend will go to trial, and it could be several years. Or perhaps that copy of Office97 isn't licensed to you, or you've got napster installed, and the feds start pressuring you to testify, using this as leverage. "You were online at the same time, and on his buddy list! What do you mean you don't know anything?! C'mon, just spill it and we'll forget about this whole copyright infringement thing."
IMs have their place, but we shouldn't be naive about how these technologies will be (ab)used by authorities.
Human beings are social animals. So they tend to enjoy celebrating the things that they have in common. Like it or not, interest in pop culture phenomenons like Star Wars provides a common context for millions of people to chat at the water cooler, post a message on a newsgroup, or run a fansite.
Of course, you're right about the common context. I personally don't like it, though. I don't like the fact that today's "common contexts" in much of the world are properties to be owned. It's the very fact that people build obsessive communities around pop entertainment that I find distressing. This tendency is, I feel, one worth cautioning against, insofar as it
provides a disincentive to the production of new works.
promotes a culture in which a corporate machine is looked to as the sole generator of new characters and universes.
requires consumption, rather than creation, as a barrier to entry.
And original subject matter is hardly a prerequisite for art to be "legitimate". If all the artists through history had "created their own characters and settings" instead of reproducing the same old scenes from the bible, the world would be a much poorer place.
Borrowing common themes from the Bible is one thing, adding new "fan-fic" books to the Bible is quite another. (A funny idea, though!)
I'm not a believer in "legitimacy tests" for art, I just call things as I see them. And I see fan-sites as a big fat waste of human intelligence. I'll still defend the rights of their creators to create them - I just won't get too bent out of shape when the corporate owners of the seminal works these sites are built around decide to co-opt them.
You've never enjoyed something so much you wished you could be a part of it?
Of course I have. I just don't think that writing a fan site or fan fiction makes me involved in the creative process for the original work, or that it makes me a creator or artist at all. At best, it would make me an imitator, and an unpaid marketroid. I demand pounds for my shilling, if you know what I mean.
If you've got nothing better to do than slam on people doing stuff they like to do, get a fucking life yourself. No-one's forcing you to look an these fan-sites you hate so much. Who are you to tell people what is an "appropriate" use of their time?
I'll slam who I want to slam, if I feel it's an appropriate use of my time to do so. I'll even use my name to do so, unlike yourself. In this case, I freely offered the notion that fan-sites are crap, and wastes of talent and effort, as a potential point of discussion.
People are free to do say and think and write what they will (and you want find me arguing for laws to force them to do otherwise - I believe in real freedom). I'm using a few moments of my free time to nudge others away from non-productive fanboy ventures and towards the creation of new, original works. Note that I'm not using all my free time to this end, nor am I using any of my free time to browse fan sites. In fact, I use a good chunk of my free time to support a non-profit, ad-free educational website.
Real fan sites depress me. Why would a rational human being devote dozens of hours to fawning over a piece of commercial entertainment? Does knowing what the stars ate from the craft-services table make the movie better? No. Does Jennifer Lopez sound better when you know who she's dating? No. Will knowing the exact date and hour of the premiere of the next Star Wars movie make it suck any less? No.
A plea to the fawning fanboys - get a life! Direct your energies to something useful. If your skill is in documenting minutia, apply it to an educational or reference site. If you like writing fan-fiction, try creating your own characters and settings for once. If you're good with image/video editing, or with 3d software, work on an original indie creation (or go pro), instead of reenacting the Phantom Menace with South Park characters.
There's a place for sampling existing works and distorting them, but the final product should be original. Think Negativland instead of Pat Boone or Puff Daddy.
ATRAC is making decent inroads into the US. It has the advantage of being sylish, small, and cheap.
74min of MD is $2.50
64mb of MP3 is $90-$120
I don't think this argument holds water when there's a dozen portable MP3-CD players on the market from major manufacturers (like Philips, Casio, Sonicblue/Rio, Teac, etc.) in addition to lots of cheapo chinese oems. None cost more than $200. The RioVolt is about $160, has an MD-style remote and displays ID3 info on a dot-matrix LCD.
All these players support CDRW, allowing for well over 10 hours of 128kbit MP3 on a single rewritable disk. Granted, there's no stereo component recorder for such disks, yet, but then manipulating/storing MP3s is still much easier on a computer with a real keyboard and display.
The newest generation of these players don't even run the CD continuously, but buffer several minutes into RAM and then spin down.
Media cost is less than Minidisk (I bought 100 cdrs for $19 the other day, at a retail CompUSA), and I can use whatever bitrate I prefer, rather than fixed 132kbit ATRAC. I can play the disks I burn in my MP3-supporting DVD player in addition to my portable. There are mini-component and car stereos from Aiwa, Philips, and others that support MP3-CD as well.
Minidisk's looking much less attractive now. I do like the small disks and the hard shell, though.
I posted this on PDA Buzz a few days ago.
Yes, it's pretty. Yes, the hires screen is promising. But that ATRAC crap won't fly outside of Japan. It requires some extraordinarily nasty windoze software, along with special "MagicGate" SDMI MemorySticks(TM) that are even more expensive than regular MemorySticks(TM) (which are already expensive and proprietary).
No MP3 support here, no-how. As if regular joes (or even fickle early-adopters) are going to start using sony's ATRAC, when they can't play them in anything but sony players (no, you can't digitally copy ATRAC files to/from minidisc) and must suffer Sony's onerous SDMI requirements (like mandatory check-in of files after x listens, etc.)
This looks nice, but reinforces my belief that the worst thing Sony did to themselves was to get into the music business. Trade MemoryStick(TM) and ATRAC for the open, industry standard CompactFlash and MP3, and they'd have a huge winner. But this thing doesn't look like a particularly good multimedia device - more like a color CLIE with a MusicClip grafted on. Two mediocre devices that go poorly together.
I won't be using a PDA as an MP3 player until it's forgettably seamless, has ample removable solid-state storage (several hours of 192kbit MP3 at least), supports the full range of bitrates to 320kbit, and battery life long enough to spend a week out of the cradle playing a few hours of tunes a day in addition to PDA functions. This thing falls down on all counts - hell, it doesn't even play the MP3's I already have (and I'm not going to convert already lossy mp3's into another lossy format, degrading them further). MagicGate Memorysticks are scarce and expensive, and bitrate is limited to 132kbit in any case.
And it's a chunkster, the thickest PalmOS device yet. And I wonder what kind of battery life they're getting... I wouldn't want to inadvertently drain my batteries dry listening to tunes and find myself needing to look up a contact or be reminded of an appointment later.
I think I'll keep my 2 meg Palm V for PDA use and my MP3-CD player for MP3 use for another few years.
euroderf asserts without so much as a shred of proof that "girls do better than boys when younger, but worse later, in education" and "girls are good at doing routine tasks. It has been scientifically shown that they have a higher boredom threshhold." and gets moderated to +4 Insightful.
I challenge his assertion, provide links to reputable sources to back up my claim, and I'm moderated down as a troll?
I think this explains why girls do better than boys when younger, but worse later, in education. Girls are good at doing routine tasks. It has been scientifically shown that they have a higher boredom threshhold. However, boys desire stimulation, and so the pre teen education system disadvantages them.
I'd love a citation on this.
I know you're just a bullshit troll, but I'm still calling you out on the bogus gender stereotypes.
Just so this isn't a one-sided game, here's an article
from US News about how women now outnumber men in higher education. And
here's
a report from the US Department of Education's Education Statistics Quarterly that suggests that girls continue to excel in verbal skills relative to boys at all ages, and that there's no statistically significant difference in their achievment in math and sciences.
Kinda shoots down your central assumption ("girls do better than boys when younger, but worse later, in education").
Software patents are abhorrent to me insofar as all patentable software is pure math (algorithms - data like text and graphics are copyrightable expressions, but not patentable). To patent software is to grant a government-enforced monopoly on a set of mathematical operations to a person or group.
Yes, that means if you perform or cause to be performed a set of mathematical operations that someone else has patented, and are discovered, men with guns will come and stop you. Only the patent holders (and licensees, if applicable) are allowed to do this math; because it's a patent, it doesn't matter if you derived these mathematical operations independently or not.
It's hard for me to articulate the degree to which I feel this represents an unconsionable hindrance in the advancement of human understanding. What does society gain by having the government say who may perform what mathematical operations by beaurocratic fiat?
So in a new age artist aren't intitled to say what happens to their music?
First, IANAL, yet.
Artists have never been entitled to say what happens to their works, at least in the USA. Now, they are granted the sole, assignable right to make commercial copies of said work. Similarly, they are granted by law royalties for public performance of their works. That is the extent of their entitlement, to my knowledge.
Copyright, based on the clause in the US Constitution investing Congress with the power to secure a limited monopoly for artists and inventors "to promote the useful arts and sciences", is not an absolute grant nor a property right. It is a limited monopoly, granted by Congress. This stands in contrast to legal systems in other countries (e.g. France) wherein the foundation of Copyright is a "natural right" - a non-assignable (IIRC) right of authors to dispose of their works as they see fit. This is why French directors and authors always get the final cut of their works, if I'm not mistaken.
Our system recognizes different "natural rights" (like freedom of speech, and the press), and the foundation of our copyright system is pragmatic - designed to promote progress and the creation of new works, not to ensure an artist has total control over a work they have created (there are good philosophical reasons for this I won't go into here, but for a start, consider that neither art nor invention exist in a vacuum). I would further argue that the philosophy behind the Constitutional basis for copyright would find the current copyright regime (which rather than encouraging new works, encourages an "everlasting gravy-train" mentality among copyright holders) abhorrent.
I am not a lawyer, this is not legal advice, blah blah blah.
That's funny! You think he's me, but he's not. I never post anonymously; I think AC's are usually chickenshits, except when they have a real need for anonymity (like fear of retribution from an employer or gov't).
While keeping in mind that Sun and Microsoft are arch-rivals, I sense that they share one common trait - both want to lock businesses and customers into their respective sets of competing technologies.
I am willing to bet several dozen donuts that these two companies in particular (in addition to whatever tricks the RIAA and MPAA might be up to, per usual) are lobbying the US Congress to establish a legal framework for an all-out assault on untrusted clients. The ability of an individual to write or use free software that eschews the Digital Rights Management (a more honest term is Copy Prevention) constraints being built into the next generation of commercial software is the "threat lawmakers need to be made aware of" whereof Allchin spoke. Today we have Bill Joy, an influential blowhard with no love for Microsoft, stating openly and publicly "I think that the copyright laws need to be enforced, and maybe they need to be changed. We need an enforceable digital-rights management scheme..."
Why would anyone choose to use software that adds no value, but instead restricts what an individual may do with the hardware which he or she has purchased? Answer: They would, if the alternative was a stiff fine or jail time. A full-court-press is underway on behalf of the media business (with the help of technology companies like MS, Sun, and RealNetworks) to require DRM technologies be built into all connected devices.
The grand irony here is that Microsoft and Sun both know the value of free distribution, in terms of architectural lock-in, regardless of whether the copies are authorized or not. Don't look to Microsoft to build "phone-home"-style copy protection into versions of Windows sold in the developing world- they know there's more value in people pirating their software and driving up their market share in these places than there is money to be squeezed out of the few groups willing and able to actually license all of their MSWare. Sun gives away their software for the same reason. These two sharks are just along for the ride, because they know that having the government mandate the use of DRM technology is a sure recipe for vendor lock-in. Microsoft wants to control the whole pie (from server to client), where Sun is just realistic enough to know that they're not in a position to control the client themselves (that's for their friends at AOL TimeWarner), and so just want to own the server platform.
Folks, even though the lobbying going on here is smoky-back-room shit, bills will eventually have to come before Congress. I urge all of you to keep up with what bills are before the Judiciary and Commerce committees in the Senate and House. I would be astonished if new legislation mandating DRM did not get floated during this Congress. Hold on to your CD-RWs and non-SDMI-compliant MP3 players, folks. And your wallets. We're in for a dirty fight.
Here's the traceroute to rs.internic.net with the first two hops obliterated for my privacy.:)
traceroute to rs.internic.net (198.41.0.6), 30 hops max, 38 byte packets
1 xxx.xxx.xxx.xxx (xxx.xxx.xxx.xxx) 108.557 ms 129.644 ms 149.795 ms
2 xxx.xxx.xxx.xxx (xxx.xxx.xxx.xxx) 139.893 ms 269.754 ms 169.839 ms
3 63.66.208.25 (63.66.208.25) 99.686 ms 109.726 ms 169.577 ms
4 63.66.208.2 (63.66.208.2) 99.746 ms 159.767 ms 129.806 ms
5 oc12-2.SJC2.ALTER.NET (157.130.203.17) 109.765 ms 109.636 ms 89.850 ms
6 171.ATM2-0.XR1.SFO4.ALTER.NET (152.63.52.106) 129.774 ms 129.654 ms 149.822 ms
7 191.at-1-1-0.TR1.SAC1.ALTER.NET (152.63.50.254) 109.771 ms 179.825 ms 129.694 ms
8 127.at-6-3-0.TR1.DCA8.ALTER.NET (146.188.141.113) 249.786 ms 179.875 ms 159.633 ms
9 297.at-6-0-0.XR1.TCO1.ALTER.NET (152.63.32.201) 159.805 ms 249.695 ms 199.837 ms
10 193.ATM7-0.GW6.TCO1.ALTER.NET (152.63.37.53) 179.758 ms 219.625 ms 199.832 ms
11 Internic1-gw.customer.ALTER.NET (157.130.32.242) 189.753 ms 189.616 ms 269.824 ms
12 rs.internic.net (198.41.0.6) 149.751 ms 219.701 ms 169.831 ms
My girlfriend has the pcmcia modem, while I have the external. The PC card is nice and small and sexy compared to the external modem, but it drains your laptop's battery more (the GS modem has its own battery good for 6 hours), and doesn't have a status light or make noises to indicate connection status. I'd call it a wash for the average user, where I personally prefer the external modem as a techie. I haven't tried the pcmcia modem under Linux yet, but the external works great (even using the USB connector) with it.
I've been a happy user of 128k Ricochet in the SF Bay area since the day it became available. It has absolutely lived up to its potential thus far. I regularly see speeds in excess of 160kbps - my record is over 256kbps downloading a mozilla nightly. It works beautifully under any OS that supports PPP. It's flat rate ($68/month when prepaid for a year), and is at least 20 times faster than any pay-per-minute/byte connectivity like GSM Data, CDPD, Mobitex, etc.
Basically, it rocks. Yes, it's slower than DSL, but try taking that DSL with you to your local coffeeshop or to work (!). As a UNIX consultant, Ricochet is invaluable to me as it allows me to bring my own, independent connectivity to my client's site. It's worth every penny to me.
Let the naysayers not forget that Metricom is backed by Paul Allen and MCI Worldcom, and already has a functioning, high-speed data network in most of the major metro areas in the US. (No, there's not national coverage in every two-horse town, but such areas lack the density to make rollout worthwhile right now.)
Anyhow, even if Metricom goes belly up, their existing wireless network is a tremendous asset, and I can't see service ceasing in currently served locales. Someone else will pick this asset up in the (rather unlikely) event of a liquidation.
I think this article is more a propaganda piece for Omnisky (*cough*majorzdnetadvertiser*cough*), more than anything particularly revelatory about Metricom. I certainly don't have any problem with Omnisky, mind - it's just that their slow, PDA-only service doesn't meet my needs. Bully for them if they're on track for profitability; they're simply reselling existing CDPD service with PDA-specifc radio modems, and their competitor is palm.net, not Metricom.
Check out Adi Shamir's work on TWINKLE. I'd wager that the NSA has had practical machinery with similar operating principles in use for some time, given that they are the world's largest employer of mathematicians and cryptologists.
You're making my point - cryptanalysis is neither cheap nor fast, and hence is only used where out-of-band attacks are unfeasable.
My sources are a special agent from the Florida Department of Law Enforcement with whom I worked on a computer crime case in 1998, and Robert D. Steele, former CIA case officer, founder of
OSS Inc., and author of On Intelligence: Spies and Secrecy in an Open World. Good enough for me.
Incidentally, Mr. Steele's excellent talk at H2K is online in MP3 form
here.
Slashdot Mirror
First, IANAL, this is not legal advice, etc.
If self-preservation is an instinct you possess, you should not be probing any site that has not contracted you to do so. You are probably opening yourself and your company to liability when you do so. Most computer crime statutes criminalize "unauthorized access", where unauthorized simply means you didn't have permission from the owner to access the computer resources that you did.
Now, it may certainly be true that a company that has a published link on the front page of their website to a document X (where X is information that the company would prefer remain private) probably would see their case against an entity Y accused of accessing X without authorization dismissed almost immediately. But that doesn't mean that it hasn't cost Y anything, even though the case never went to trial.
Further, the vulnerabilities you are discussing require you to access your non-client's sites in... unconventional ways. Courts do not understand technology, but by now many judges understand that your average consumer is not going to be firing up SQL Server Enterprise manager to make authorized access to any given internet site that they have no contract or agreement with.
If you have already come forward to one of your lost clients and merely been called a sore loser, you're either lucky or have no significant assets. From a legal standpoint, you should not be making unauthorized access to any site, for any reason.
You already made unauthorized access to the site of at least one non-client, that you've mentioned. It sounds like your actions went beyond a simple portscan, which is probably ok, to retrieving database records (the hire dates, fire dates, ssns you mention), which in court would quite possibly be actionable - at the very least, you won't get a summary dismissal.
Unless you'd *LIKE* to get sued by a lost client with a grudge, you shouldn't be probing their sites.
-Isaac
At the time I'm referring to (late '98), Linux did beat the snot out of Solaris 2.5 on my IPX at work, had great framebuffer console support, and ran SunOS 4.x binaries (Netscape!). It ran pretty well for my purposes (Netscape & xterms, running wm2). I don't remember why I didn't go with NetBSD at that time; I used to run NetBSD at home on a Macintosh SE/30 a few years prior, and was using my BSD-based NextStation as my primary home machine.
...Solaris is better suited than Linux for most SPARCs.
I have, in the past, run Linux/SPARC on older machines (pre-sun4m boxes like the IPX, IPC, SS2) where the lower overhead of Linux made a significant improvement in the usability of the machine as a workstation, but that's about the only circumstance I can think of where Linux is better suited for a Sun box than the OS it was designed with.
-Isaac
Given the mandatory tap-and-trace infrastructure provisions of CALEA (the Communications Assistance to Law Enforcement Act of 1994), plus the long history of cozy cooperation between Ma Bell and the feds, I think you can safely assume that there's no way to detect taps with simple voltage checkers. Such devices might tell you if another phone has been plugged in to your circuit, but taps are done at the central office; since the switches these days are overwhelmingly digital, the telco just commands the switch to duplicate traffic to/from port X of blade Y to another port (like a "management port" on a router). The cops just tune in on this monitoring port - they don't touch your physical circuit, and so avoid changing its electrical properties and tipping you off.
There's nothing secret about this - do a search for CALEA and you'll find hundreds of links.
-Isaac
As my copy-editor girlfriend would say, "The passive voice is to be avoided."
Law enforcement and intelligence agencies don't have lobbying budgets, and don't make campaign contributions, where the sole purpose of "industry associations" like the MPAA and RIAA is to collectively represent the cartels' interests in politics. Also, while cops show up on the news occasionally, the ??AA member companies *are* the news (see ABCDisney, AOLTimeWarner (CNN), CBS/Viacom, etc.). No politician is willing to trash the media cartels, as long as they're dependent on them to get elected/stay in office.
If the collective tech/electronics industries weren't so cowed by the ??AA's political muscle (and deathgrip on the media), they would have kicked big media to the curb as soon as they realized that more dollars were spent on CD-R/RW drives and media last year, alone, than the entire MPAA grossed at the box office, and that unlike the MPAA, CD/DVD-R/RW sales are still growing to the tune of 10-25%/year.
-Isaac
Those calling themselves "pro-choice" have defined themselves by what they are for - the right of a woman to choose whether or not to carry a child to term.
"Pro-life", while not inherently descriptive, has become shorthand for "in favor extending the legal definition of human life as beginning at conception, and of extending the attendant rights and protections to the zygote/embryo/fetus at that point". I'm not a fan of this term, because it's less precise than "anti-abortion".
I could see the term "pro-abortion" being used accurately to describe those who favor the act of abortion itself - the only example I can think of would be forced abortion/sterilization that has taken place in parts of China as population control measures.
Of course, many from each side like to tar the other with terms like "pro-abortion" (inaccurate insofar as "pro-choice" != "pro-abortion"; it's not about the act of abortion but about the decision to carry a child to term belonging to the woman carrying it.), "anti-life" (who would describe themselves as "anti-life"? This is just the classic semiotic game of attempting to redefine your opponent's position through loaded words with multiple connotative/denotative meanings.), or "anti-choice" (a favorite of some on the "pro-choice" camp. Technically accurate, inasmuch as an abortion ban removes choice, but similarly loaded as in the last example).
I'm wasting a lot of wind here, so I'll recap:
Make sense?
-Isaac
All joking aside, it's pretty obvious that the federales want an IM monopoly (or at worst, an oligopoly with AOL and MSN), for one excellent reason - every "buddy list" is available at a central location. Even if the messages don't transit AOL's servers themselves, it's the buddy list that's important anyhow.
I've brought this example up before, but here goes: say one of your AIM buddies, unknown to you, commits or comes under suspicion of having committed some hot-button computer crime (DoS, whatever). At roughly the same time, you were online, with this user in your buddy list (or vice versa).
Now, you're drawn into the investigation. All your electronics are confiscated as potential evidence. At best, you might get them back in a year. At worst, the investigation of your friend will go to trial, and it could be several years. Or perhaps that copy of Office97 isn't licensed to you, or you've got napster installed, and the feds start pressuring you to testify, using this as leverage. "You were online at the same time, and on his buddy list! What do you mean you don't know anything?! C'mon, just spill it and we'll forget about this whole copyright infringement thing."
IMs have their place, but we shouldn't be naive about how these technologies will be (ab)used by authorities.
-Isaac
Of course, you're right about the common context. I personally don't like it, though. I don't like the fact that today's "common contexts" in much of the world are properties to be owned. It's the very fact that people build obsessive communities around pop entertainment that I find distressing. This tendency is, I feel, one worth cautioning against, insofar as it
Borrowing common themes from the Bible is one thing, adding new "fan-fic" books to the Bible is quite another. (A funny idea, though!)
I'm not a believer in "legitimacy tests" for art, I just call things as I see them. And I see fan-sites as a big fat waste of human intelligence. I'll still defend the rights of their creators to create them - I just won't get too bent out of shape when the corporate owners of the seminal works these sites are built around decide to co-opt them.
-Isaac
Of course I have. I just don't think that writing a fan site or fan fiction makes me involved in the creative process for the original work, or that it makes me a creator or artist at all. At best, it would make me an imitator, and an unpaid marketroid. I demand pounds for my shilling, if you know what I mean.
-Isaac
I'll slam who I want to slam, if I feel it's an appropriate use of my time to do so. I'll even use my name to do so, unlike yourself. In this case, I freely offered the notion that fan-sites are crap, and wastes of talent and effort, as a potential point of discussion.
People are free to do say and think and write what they will (and you want find me arguing for laws to force them to do otherwise - I believe in real freedom). I'm using a few moments of my free time to nudge others away from non-productive fanboy ventures and towards the creation of new, original works. Note that I'm not using all my free time to this end, nor am I using any of my free time to browse fan sites. In fact, I use a good chunk of my free time to support a non-profit, ad-free educational website.
-Isaac
Real fan sites depress me. Why would a rational human being devote dozens of hours to fawning over a piece of commercial entertainment? Does knowing what the stars ate from the craft-services table make the movie better? No. Does Jennifer Lopez sound better when you know who she's dating? No. Will knowing the exact date and hour of the premiere of the next Star Wars movie make it suck any less? No.
A plea to the fawning fanboys - get a life! Direct your energies to something useful. If your skill is in documenting minutia, apply it to an educational or reference site. If you like writing fan-fiction, try creating your own characters and settings for once. If you're good with image/video editing, or with 3d software, work on an original indie creation (or go pro), instead of reenacting the Phantom Menace with South Park characters.
There's a place for sampling existing works and distorting them, but the final product should be original. Think Negativland instead of Pat Boone or Puff Daddy.
Enough ranting for now,
-Isaac
I don't think this argument holds water when there's a dozen portable MP3-CD players on the market from major manufacturers (like Philips, Casio, Sonicblue/Rio, Teac, etc.) in addition to lots of cheapo chinese oems. None cost more than $200. The RioVolt is about $160, has an MD-style remote and displays ID3 info on a dot-matrix LCD.
All these players support CDRW, allowing for well over 10 hours of 128kbit MP3 on a single rewritable disk. Granted, there's no stereo component recorder for such disks, yet, but then manipulating/storing MP3s is still much easier on a computer with a real keyboard and display.
The newest generation of these players don't even run the CD continuously, but buffer several minutes into RAM and then spin down.
Media cost is less than Minidisk (I bought 100 cdrs for $19 the other day, at a retail CompUSA), and I can use whatever bitrate I prefer, rather than fixed 132kbit ATRAC. I can play the disks I burn in my MP3-supporting DVD player in addition to my portable. There are mini-component and car stereos from Aiwa, Philips, and others that support MP3-CD as well.
Minidisk's looking much less attractive now. I do like the small disks and the hard shell, though.
-Isaac
No MP3 support here, no-how. As if regular joes (or even fickle early-adopters) are going to start using sony's ATRAC, when they can't play them in anything but sony players (no, you can't digitally copy ATRAC files to/from minidisc) and must suffer Sony's onerous SDMI requirements (like mandatory check-in of files after x listens, etc.)
This looks nice, but reinforces my belief that the worst thing Sony did to themselves was to get into the music business. Trade MemoryStick(TM) and ATRAC for the open, industry standard CompactFlash and MP3, and they'd have a huge winner. But this thing doesn't look like a particularly good multimedia device - more like a color CLIE with a MusicClip grafted on. Two mediocre devices that go poorly together.
I won't be using a PDA as an MP3 player until it's forgettably seamless, has ample removable solid-state storage (several hours of 192kbit MP3 at least), supports the full range of bitrates to 320kbit, and battery life long enough to spend a week out of the cradle playing a few hours of tunes a day in addition to PDA functions. This thing falls down on all counts - hell, it doesn't even play the MP3's I already have (and I'm not going to convert already lossy mp3's into another lossy format, degrading them further). MagicGate Memorysticks are scarce and expensive, and bitrate is limited to 132kbit in any case.
And it's a chunkster, the thickest PalmOS device yet. And I wonder what kind of battery life they're getting... I wouldn't want to inadvertently drain my batteries dry listening to tunes and find myself needing to look up a contact or be reminded of an appointment later.
I think I'll keep my 2 meg Palm V for PDA use and my MP3-CD player for MP3 use for another few years.
-Isaac
I challenge his assertion, provide links to reputable sources to back up my claim, and I'm moderated down as a troll?
Truly sick.
-Isaac
I'd love a citation on this.
I know you're just a bullshit troll, but I'm still calling you out on the bogus gender stereotypes.
Just so this isn't a one-sided game, here's an article from US News about how women now outnumber men in higher education. And here's a report from the US Department of Education's Education Statistics Quarterly that suggests that girls continue to excel in verbal skills relative to boys at all ages, and that there's no statistically significant difference in their achievment in math and sciences.
Kinda shoots down your central assumption ("girls do better than boys when younger, but worse later, in education").
Any response?
-Isaac
Software patents are abhorrent to me insofar as all patentable software is pure math (algorithms - data like text and graphics are copyrightable expressions, but not patentable). To patent software is to grant a government-enforced monopoly on a set of mathematical operations to a person or group.
Yes, that means if you perform or cause to be performed a set of mathematical operations that someone else has patented, and are discovered, men with guns will come and stop you. Only the patent holders (and licensees, if applicable) are allowed to do this math; because it's a patent, it doesn't matter if you derived these mathematical operations independently or not.
It's hard for me to articulate the degree to which I feel this represents an unconsionable hindrance in the advancement of human understanding. What does society gain by having the government say who may perform what mathematical operations by beaurocratic fiat?
-Isaac
First, IANAL, yet.
Artists have never been entitled to say what happens to their works, at least in the USA. Now, they are granted the sole, assignable right to make commercial copies of said work. Similarly, they are granted by law royalties for public performance of their works. That is the extent of their entitlement, to my knowledge.
Copyright, based on the clause in the US Constitution investing Congress with the power to secure a limited monopoly for artists and inventors "to promote the useful arts and sciences", is not an absolute grant nor a property right. It is a limited monopoly, granted by Congress. This stands in contrast to legal systems in other countries (e.g. France) wherein the foundation of Copyright is a "natural right" - a non-assignable (IIRC) right of authors to dispose of their works as they see fit. This is why French directors and authors always get the final cut of their works, if I'm not mistaken.
Our system recognizes different "natural rights" (like freedom of speech, and the press), and the foundation of our copyright system is pragmatic - designed to promote progress and the creation of new works, not to ensure an artist has total control over a work they have created (there are good philosophical reasons for this I won't go into here, but for a start, consider that neither art nor invention exist in a vacuum). I would further argue that the philosophy behind the Constitutional basis for copyright would find the current copyright regime (which rather than encouraging new works, encourages an "everlasting gravy-train" mentality among copyright holders) abhorrent.
I am not a lawyer, this is not legal advice, blah blah blah.
-Isaac
That's funny! You think he's me, but he's not. I never post anonymously; I think AC's are usually chickenshits, except when they have a real need for anonymity (like fear of retribution from an employer or gov't).
-Isaac
I am willing to bet several dozen donuts that these two companies in particular (in addition to whatever tricks the RIAA and MPAA might be up to, per usual) are lobbying the US Congress to establish a legal framework for an all-out assault on untrusted clients. The ability of an individual to write or use free software that eschews the Digital Rights Management (a more honest term is Copy Prevention) constraints being built into the next generation of commercial software is the "threat lawmakers need to be made aware of" whereof Allchin spoke. Today we have Bill Joy, an influential blowhard with no love for Microsoft, stating openly and publicly "I think that the copyright laws need to be enforced, and maybe they need to be changed. We need an enforceable digital-rights management scheme..."
Why would anyone choose to use software that adds no value, but instead restricts what an individual may do with the hardware which he or she has purchased? Answer: They would, if the alternative was a stiff fine or jail time. A full-court-press is underway on behalf of the media business (with the help of technology companies like MS, Sun, and RealNetworks) to require DRM technologies be built into all connected devices.
The grand irony here is that Microsoft and Sun both know the value of free distribution, in terms of architectural lock-in, regardless of whether the copies are authorized or not. Don't look to Microsoft to build "phone-home"-style copy protection into versions of Windows sold in the developing world- they know there's more value in people pirating their software and driving up their market share in these places than there is money to be squeezed out of the few groups willing and able to actually license all of their MSWare. Sun gives away their software for the same reason. These two sharks are just along for the ride, because they know that having the government mandate the use of DRM technology is a sure recipe for vendor lock-in. Microsoft wants to control the whole pie (from server to client), where Sun is just realistic enough to know that they're not in a position to control the client themselves (that's for their friends at AOL TimeWarner), and so just want to own the server platform.
Folks, even though the lobbying going on here is smoky-back-room shit, bills will eventually have to come before Congress. I urge all of you to keep up with what bills are before the Judiciary and Commerce committees in the Senate and House. I would be astonished if new legislation mandating DRM did not get floated during this Congress. Hold on to your CD-RWs and non-SDMI-compliant MP3 players, folks. And your wallets. We're in for a dirty fight.
-IsaaC
Here's the traceroute to rs.internic.net with the first two hops obliterated for my privacy. :)
traceroute to rs.internic.net (198.41.0.6), 30 hops max, 38 byte packets
1 xxx.xxx.xxx.xxx (xxx.xxx.xxx.xxx) 108.557 ms 129.644 ms 149.795 ms
2 xxx.xxx.xxx.xxx (xxx.xxx.xxx.xxx) 139.893 ms 269.754 ms 169.839 ms
3 63.66.208.25 (63.66.208.25) 99.686 ms 109.726 ms 169.577 ms
4 63.66.208.2 (63.66.208.2) 99.746 ms 159.767 ms 129.806 ms
5 oc12-2.SJC2.ALTER.NET (157.130.203.17) 109.765 ms 109.636 ms 89.850 ms
6 171.ATM2-0.XR1.SFO4.ALTER.NET (152.63.52.106) 129.774 ms 129.654 ms 149.822 ms
7 191.at-1-1-0.TR1.SAC1.ALTER.NET (152.63.50.254) 109.771 ms 179.825 ms 129.694 ms
8 127.at-6-3-0.TR1.DCA8.ALTER.NET (146.188.141.113) 249.786 ms 179.875 ms 159.633 ms
9 297.at-6-0-0.XR1.TCO1.ALTER.NET (152.63.32.201) 159.805 ms 249.695 ms 199.837 ms
10 193.ATM7-0.GW6.TCO1.ALTER.NET (152.63.37.53) 179.758 ms 219.625 ms 199.832 ms
11 Internic1-gw.customer.ALTER.NET (157.130.32.242) 189.753 ms 189.616 ms 269.824 ms
12 rs.internic.net (198.41.0.6) 149.751 ms 219.701 ms 169.831 ms
My girlfriend has the pcmcia modem, while I have the external. The PC card is nice and small and sexy compared to the external modem, but it drains your laptop's battery more (the GS modem has its own battery good for 6 hours), and doesn't have a status light or make noises to indicate connection status. I'd call it a wash for the average user, where I personally prefer the external modem as a techie. I haven't tried the pcmcia modem under Linux yet, but the external works great (even using the USB connector) with it.
Hope this helps,
-Isaac
I've been a happy user of 128k Ricochet in the SF Bay area since the day it became available. It has absolutely lived up to its potential thus far. I regularly see speeds in excess of 160kbps - my record is over 256kbps downloading a mozilla nightly. It works beautifully under any OS that supports PPP. It's flat rate ($68/month when prepaid for a year), and is at least 20 times faster than any pay-per-minute/byte connectivity like GSM Data, CDPD, Mobitex, etc.
Basically, it rocks. Yes, it's slower than DSL, but try taking that DSL with you to your local coffeeshop or to work (!). As a UNIX consultant, Ricochet is invaluable to me as it allows me to bring my own, independent connectivity to my client's site. It's worth every penny to me.
Let the naysayers not forget that Metricom is backed by Paul Allen and MCI Worldcom, and already has a functioning, high-speed data network in most of the major metro areas in the US. (No, there's not national coverage in every two-horse town, but such areas lack the density to make rollout worthwhile right now.)
Anyhow, even if Metricom goes belly up, their existing wireless network is a tremendous asset, and I can't see service ceasing in currently served locales. Someone else will pick this asset up in the (rather unlikely) event of a liquidation.
I think this article is more a propaganda piece for Omnisky (*cough*majorzdnetadvertiser*cough*), more than anything particularly revelatory about Metricom. I certainly don't have any problem with Omnisky, mind - it's just that their slow, PDA-only service doesn't meet my needs. Bully for them if they're on track for profitability; they're simply reselling existing CDPD service with PDA-specifc radio modems, and their competitor is palm.net, not Metricom.
-Isaac
Consider the passphrase, for instance - much less entropy in a typical PGP pass phrase than in the key itself.
Or, how about advances in machine factoring a la TWINKLE.
If it's bugs you want, try the infamous ADK bug that went undetected for 3+ years, allowing third parties access to cleartext, a-la escrow.
Or the randpool bug of 1995?
I'd go on, but I'm bored of trying to pull heads out of sand.
-Isaac
-Isaac
My sources are a special agent from the Florida Department of Law Enforcement with whom I worked on a computer crime case in 1998, and Robert D. Steele, former CIA case officer, founder of OSS Inc., and author of On Intelligence: Spies and Secrecy in an Open World. Good enough for me.
Incidentally, Mr. Steele's excellent talk at H2K is online in MP3 form here.
-Isaac