True - but that's really not much different from giving your REAL money to a non-FDIC insured investment broker. You give cash and deposit stock to Charles Schwab because you trust they will take your money and stock, digitize them, and not screw it up.
And while I don't think I would trust EA with much, Blizzard has in fact proved - with the most popular MMO in history that deals with bits in databases people value very much - that they are at least moderately trustworthy and won't arbitrarily screw their customers over.
Yeah, duh. You are being completely, pointlessly pedantic. Obviously we are talking about some *reasonable* attempt at anti-piracy here, and it refers to apps that people install on their devices and use, not free apps and not apps that no one uses.
Except that it's almost totally useless because there is no validation that the receipt is tied to a user! If you want to try to prevent that you have to implement your own server proxy, at which point the whole concept of a centralized Firefox marketplace becomes kind of redundant.
"Even if you validate receipts for your paid app, it can be pirated if someone passes around the receipt. The receipt validation methods given above do not prevent this. If you want a better defense against piracy, you might want to set up a proxy server that will be an intermediary between the app and the Firefox Marketplace. The proxy server can check the receipts, IP addresses and other things. The server might do something like notice if the same receipt was coming from different IP addresses and take appropriate action. This setup is probably more appropriate with big complicated apps that use server processing."
So, what, apps that "aren't complicated" or don't use "server processing" should be allowed to be pirated? Those (like games, etc) are the ones that get pirated the most, anyway.
Oh well, I guess this is what happens when a non-profit open source project tries to set up a "web store". Good luck competing if you can't guarantee developers will make anything on their apps...
The difference is that Argo massively played off of the current climate of patriotism, terrorism, CIA heriosm and Iranian diplomatic friction. You clearly have not watched any of the interviews, awards shows, etc that continuously thank Mendez for his devotion and work "in the real event" and often never even mention the real Canadian involvement.
That said, it was a good movie; but it would have been more tactful if at ANY point in the press/media/awards frenzy they had cleared up the misconceptions they have propagated about the real event (which they CLEARLY KNEW the majority who has never heard of the event or thought to research it would consider the truth).
He just had the address, not the name (or *real* name, as least). An address alone is not enough to sue since it's not enough to prove who did it - in this case he thought the person used someone else's address (someone who probably knew him, but still not enough to accuse them). Plus, he was in SF and the address was in LA. Going through the LA courts without any police/government assistance would have inevitably cost him more in time and effort than he lost.
The address was *plenty* of information for the police to investigate, of course, but that was the point - they weren't interested and more or less forbade him from confronting anyone there on his own (not that it would have been a particularly smart idea to fly/drive down to a dangerous neighborhood in LA and bang on a random door, anyway).
The "three strikes" baseball analogy was supposed to make it EASIER to understand. "Five or six strikes" has passed up strained and become just plain stupid.
As I'm sure about a million other people who have tried this before could tell you, this is a complete waste of time.
Most police departments couldn't care less if you report your car being burgled or your cell phone stolen (two cases I have tried to report and they basically acted like they couldn't be bothered), let alone someone just trying to use your email address on a web site. At least in the former case it is useful if you want to make an insurance claim.
As for any Internet fraud claims, etc - as another poster said, the local police will just refer you to the FBI, who will just tell you if there is no material loss they really don't care (and even if there is, if it's not thousands of dollars they really don't care, either). An old roommate of mine actually had the address of a person who scammed him for about $500 on Yahoo Auctions - the FBI, Postal Inspectors, and police all brushed him off. When he asked if it would be better for him to go to the address and confront the person himself, the police told him if there was an incident it would then be his fault. Nice.
Well... first we were talking about Android... maybe the OP knew the Apple walled garden crap (though I doubt it). But, hey, in any case even jailbreaking is far from somehow changing the firmware to become a TI calculator:)
And to follow up... turns out there are actually several projects doing just what we are talking about. You may need to provide your own ROM but that's just for copyright purposes...
Yeah, so when they burgle your home when you are not there (which is almost always how it's done) they now have your AR-15 with high capacity mags as well as all of your electronics.
I wasn't saying anything about the need for the calculator hardware itself, but that trying to hack the firmware for Android to become a TI calculator doesn't make any sense (in the end Android firmware is mostly Linux with a particular userspace and libraries/APIs). A hacked "firmware" on a completely unrelated device won't get you any closer to running those TI programs.
You'd be better off emulating the calculator in an app, which was my point. And given all of the emulators out there already, I kind of think emulating a calculator with a 15MHz Z80 isn't going to be as complicated as the PSX, C64, or GBA.
Why on earth would you want to mess with a tablet's firmware when you can much more easily write a graphing calculator app for it, and still use the tablet for other things?
The same thing could be said of the oceans. No one owns the oceans, but they take resources from them. Of course whoever has the largest military presence effectively controls them, but not in any legal sense.
Treaties may not stop corporations from *controlling* or mining asteroids, but they can definitely stop them from owning them, since ownership is just a legal concept.
This is the definite truth. I can personally vouch for the fact that the federal government just loves giving huge tax credits to incomes between $6000 and about $40,000 a year. Middle class people can generally find enough deductions to drop their tax burden and they also have most of the same "loopholes" available to them that rich people do.
$6000-$40,000 a year is NOT "middle class people", especially for a family. That would be more in the range of "severe poverty" to "barely enough to make it through". It's absurd to say anyone in that range - or even in what one might actually call "middle class" - has the luxury of using the same loopholes as the rich, since most of the loopholes involve making income through clever investments rather than basic salaries. When you barely make enough to pay the bills and have a few hundred dollars in your bank account, good luck with all of those investment managers/advisors, tax free bonds, dividend stocks, and offshore accounts.
And sort of to your other point - the whole concept of using a loosely typed, dynamic programming language just seems a bit scary in a driver in that sometimes trivial errors are hard to detect until runtime. Though I guess at least the worst that can happen (assuming there are no bugs in the interpreter) is an exception that can be caught - as long as whoever is writing the code actually does proper error handling...
You might as well expire those banned IP addresses after a day because 99.97% of them are compromised machines on dynamic connections. Having a file that size just wastes computing resources (having to check every single one) and slightly increases the chance you won't be able to log in from some random place one day.
*Might* make sense to expire the IP addresses eventually for dynamic hosts (especially ones that are at least in the same country/region that he might be connecting from).
But wasting computing resources "having to check every single one"?? It would have to be a moronically brain dead filter implementation to do that (and it's not). IP addresses are by nature great for hashing, I don't think a few extra pointer traversals per socket connection are going to make any difference whatsoever.
It absolutely works. Obviously it's not foolproof and should not be relied on as the only security measure, but if it adds enough time/complication/etc that it's just easier to move on to an easier target it does greatly reduce the chances of a successful attack.
It is a really simple syntax and reasonably efficient interpreter, and metatables allow a surprising amount of OO design and easy C integration. One complaint is I wish they hadn't made it so minimal as to combine hashes and arrays into one type. I kind of wonder if that's going to be a pain when writing more traditional C-ish driver-type code in this project.
I never said the current military spending was a good thing, so your point is a bit of a straw man. I agree that the US military budget (and recent expenditures on campaigns) is absurd for the price/effectiveness ratio, and that tens of millions of lives around the world could have been saved (or hundreds of millions improved) for all that was wasted in the last decade.
But yeah, I guess your priorities are somewhat out of whack. Reduce the Pentagon budget, absolutely. And then first feed the 500M+ starving/underfed people in the world and eradicate the dozens of completely preventable diseases that kill another 30M *a year*. Then maybe work on early warning, safety, and disaster management for the natural disasters that happen frequently all over the world (earthquakes, tsunamis, tornadoes, floods, etc) After THAT we can worry about re-encting Armageddon movies...
Slashdot Mirror
True - but that's really not much different from giving your REAL money to a non-FDIC insured investment broker. You give cash and deposit stock to Charles Schwab because you trust they will take your money and stock, digitize them, and not screw it up.
And while I don't think I would trust EA with much, Blizzard has in fact proved - with the most popular MMO in history that deals with bits in databases people value very much - that they are at least moderately trustworthy and won't arbitrarily screw their customers over.
Yeah, duh. You are being completely, pointlessly pedantic. Obviously we are talking about some *reasonable* attempt at anti-piracy here, and it refers to apps that people install on their devices and use, not free apps and not apps that no one uses.
Or 18 months with a large infusion of capital.
Except that it's almost totally useless because there is no validation that the receipt is tied to a user! If you want to try to prevent that you have to implement your own server proxy, at which point the whole concept of a centralized Firefox marketplace becomes kind of redundant.
"Even if you validate receipts for your paid app, it can be pirated if someone passes around the receipt. The receipt validation methods given above do not prevent this. If you want a better defense against piracy, you might want to set up a proxy server that will be an intermediary between the app and the Firefox Marketplace. The proxy server can check the receipts, IP addresses and other things. The server might do something like notice if the same receipt was coming from different IP addresses and take appropriate action. This setup is probably more appropriate with big complicated apps that use server processing."
So, what, apps that "aren't complicated" or don't use "server processing" should be allowed to be pirated? Those (like games, etc) are the ones that get pirated the most, anyway.
Oh well, I guess this is what happens when a non-profit open source project tries to set up a "web store". Good luck competing if you can't guarantee developers will make anything on their apps...
The difference is that Argo massively played off of the current climate of patriotism, terrorism, CIA heriosm and Iranian diplomatic friction. You clearly have not watched any of the interviews, awards shows, etc that continuously thank Mendez for his devotion and work "in the real event" and often never even mention the real Canadian involvement.
That said, it was a good movie; but it would have been more tactful if at ANY point in the press/media/awards frenzy they had cleared up the misconceptions they have propagated about the real event (which they CLEARLY KNEW the majority who has never heard of the event or thought to research it would consider the truth).
He just had the address, not the name (or *real* name, as least). An address alone is not enough to sue since it's not enough to prove who did it - in this case he thought the person used someone else's address (someone who probably knew him, but still not enough to accuse them). Plus, he was in SF and the address was in LA. Going through the LA courts without any police/government assistance would have inevitably cost him more in time and effort than he lost.
The address was *plenty* of information for the police to investigate, of course, but that was the point - they weren't interested and more or less forbade him from confronting anyone there on his own (not that it would have been a particularly smart idea to fly/drive down to a dangerous neighborhood in LA and bang on a random door, anyway).
The "three strikes" baseball analogy was supposed to make it EASIER to understand. "Five or six strikes" has passed up strained and become just plain stupid.
As I'm sure about a million other people who have tried this before could tell you, this is a complete waste of time.
Most police departments couldn't care less if you report your car being burgled or your cell phone stolen (two cases I have tried to report and they basically acted like they couldn't be bothered), let alone someone just trying to use your email address on a web site. At least in the former case it is useful if you want to make an insurance claim.
As for any Internet fraud claims, etc - as another poster said, the local police will just refer you to the FBI, who will just tell you if there is no material loss they really don't care (and even if there is, if it's not thousands of dollars they really don't care, either). An old roommate of mine actually had the address of a person who scammed him for about $500 on Yahoo Auctions - the FBI, Postal Inspectors, and police all brushed him off. When he asked if it would be better for him to go to the address and confront the person himself, the police told him if there was an incident it would then be his fault. Nice.
Well... first we were talking about Android... maybe the OP knew the Apple walled garden crap (though I doubt it). But, hey, in any case even jailbreaking is far from somehow changing the firmware to become a TI calculator :)
And to follow up... turns out there are actually several projects doing just what we are talking about. You may need to provide your own ROM but that's just for copyright purposes...
http://www.androidpolice.com/2011/01/17/nostalgic-and-awesome-fully-working-ti-83-ti-85-and-ti-86-android-emulators-hit-the-market/
http://www.androidpolice.com/2012/02/15/nostalgia-ti-89-calculator-emulator-finally-comes-to-android-download-it-while-you-still-can/
https://play.google.com/store/apps/details?id=net.supware.tipro&hl=en
Yeah, so when they burgle your home when you are not there (which is almost always how it's done) they now have your AR-15 with high capacity mags as well as all of your electronics.
I wasn't saying anything about the need for the calculator hardware itself, but that trying to hack the firmware for Android to become a TI calculator doesn't make any sense (in the end Android firmware is mostly Linux with a particular userspace and libraries/APIs). A hacked "firmware" on a completely unrelated device won't get you any closer to running those TI programs.
You'd be better off emulating the calculator in an app, which was my point. And given all of the emulators out there already, I kind of think emulating a calculator with a 15MHz Z80 isn't going to be as complicated as the PSX, C64, or GBA.
Why on earth would you want to mess with a tablet's firmware when you can much more easily write a graphing calculator app for it, and still use the tablet for other things?
The same thing could be said of the oceans. No one owns the oceans, but they take resources from them. Of course whoever has the largest military presence effectively controls them, but not in any legal sense.
Treaties may not stop corporations from *controlling* or mining asteroids, but they can definitely stop them from owning them, since ownership is just a legal concept.
But did he go FULL lead farmer??
This story has been up all day and not one mention of the Kuang Grade Mark 11.
They're LEAD FARMERS, motharfucka!
Actually, this explains why lead farmers seem to be so violent, as well.
This is the definite truth. I can personally vouch for the fact that the federal government just loves giving huge tax credits to incomes between $6000 and about $40,000 a year. Middle class people can generally find enough deductions to drop their tax burden and they also have most of the same "loopholes" available to them that rich people do.
$6000-$40,000 a year is NOT "middle class people", especially for a family. That would be more in the range of "severe poverty" to "barely enough to make it through". It's absurd to say anyone in that range - or even in what one might actually call "middle class" - has the luxury of using the same loopholes as the rich, since most of the loopholes involve making income through clever investments rather than basic salaries. When you barely make enough to pay the bills and have a few hundred dollars in your bank account, good luck with all of those investment managers/advisors, tax free bonds, dividend stocks, and offshore accounts.
Yeah - that's exactly what I was talking about :)
And sort of to your other point - the whole concept of using a loosely typed, dynamic programming language just seems a bit scary in a driver in that sometimes trivial errors are hard to detect until runtime. Though I guess at least the worst that can happen (assuming there are no bugs in the interpreter) is an exception that can be caught - as long as whoever is writing the code actually does proper error handling...
You might as well expire those banned IP addresses after a day because 99.97% of them are compromised machines on dynamic connections. Having a file that size just wastes computing resources (having to check every single one) and slightly increases the chance you won't be able to log in from some random place one day.
*Might* make sense to expire the IP addresses eventually for dynamic hosts (especially ones that are at least in the same country/region that he might be connecting from).
But wasting computing resources "having to check every single one"?? It would have to be a moronically brain dead filter implementation to do that (and it's not). IP addresses are by nature great for hashing, I don't think a few extra pointer traversals per socket connection are going to make any difference whatsoever.
It absolutely works. Obviously it's not foolproof and should not be relied on as the only security measure, but if it adds enough time/complication/etc that it's just easier to move on to an easier target it does greatly reduce the chances of a successful attack.
Eh, if you want a *big* example, how about a significant amount of both the client and server code for World of Warcraft?
It is a really simple syntax and reasonably efficient interpreter, and metatables allow a surprising amount of OO design and easy C integration. One complaint is I wish they hadn't made it so minimal as to combine hashes and arrays into one type. I kind of wonder if that's going to be a pain when writing more traditional C-ish driver-type code in this project.
Exactly. Which is probably why "dumbing down" driver writing for "users" who can't handle C is so useless...
http://cdn.memegenerator.net/instances/400x/34938664.jpg
I never said the current military spending was a good thing, so your point is a bit of a straw man. I agree that the US military budget (and recent expenditures on campaigns) is absurd for the price/effectiveness ratio, and that tens of millions of lives around the world could have been saved (or hundreds of millions improved) for all that was wasted in the last decade.
But yeah, I guess your priorities are somewhat out of whack. Reduce the Pentagon budget, absolutely. And then first feed the 500M+ starving/underfed people in the world and eradicate the dozens of completely preventable diseases that kill another 30M *a year*. Then maybe work on early warning, safety, and disaster management for the natural disasters that happen frequently all over the world (earthquakes, tsunamis, tornadoes, floods, etc) After THAT we can worry about re-encting Armageddon movies...