...is where he described how companies are invoking the DMCA to protect themselves from criticism.
a British pharmaceutical company invoked the DMCA in order to force an ISP to shut down an animal rights site that criticized the British company. Said the ISP, "It's very clear [the British company] just wants to shut them up," but ISPs have no incentive to resist the claims.
Consider the ramifications if applied widely.
To call attention to, say, meat products in McDonald's supposedly-vegetarian food (as in India). To Nike's sweatshops. Even if the
information is true, the ISPs might prefer
to yank it rather than verify that it
violates copyright. And, since you're
obviously a troublemaker, they might cancel
your account completely.
So welcome to the DMCA future, where an unsubstantiated accusation carries punishment even without a conviction -- so long as the accusation is coming from a moneyed source.
(Actually, given that people accused of crimes often have their reputations ruined, even after acquital, perhaps it's just a logical extension of the world today. But it still sucks.)
So if Microsoft is responsible for Open Source, and Open Source (by their own accusations) is Unamerican, then isn't Gates really taking credit for a great deal of Unamerican Activity?
Hmmm, you know, this IS a time of war. Maybe the new Ashcroft HUAC would be interested...
Well, the internal combustion engine hasn't really changed a lot since it was first developed either. Sometimes, systems built of small, simple, reliable components really can go the distance.
OTOH, future computers (say, 20 years from now) will likely have to deal with quantum processing hardware (no, this is not Star Trek). Since there will be a fundamental shift in the way we design algorithms for chips that work with Qbits, we may need a fundamental shift in the operating system too.
Let's say that in the future, company X uses website cookies which contain encrypted information. You're curious, so you capture your HTTP dialog with their website and, after a little fiddling, discover that the cookie is your Social Security Number, base64-encoded. Except that you never gave them your SSN.
You call them up:
How the hell did you get a hold of my SSN?
What are you talking about?
Your website cookies are base-64 encoded SSNs!
They are? I didn't know that. Please hold...
And the next day you're sued under the DMCA for cracking their "data protection scheme" (base64) and sharing information on how to crack it (with their customer service rep).
Yeah, right, that's sounds ridiculous. Could never happen. Not in the USA. We don't do things like that here. All our arrests make sense...
The newspaper said its user logs indicated hundreds of attempts to contact the web site Feb. 1.
It doesn't say that all of them came from Brian West, does it? I'll bet a bunch of them were just Code Red....
The affadavit said many of
the attempts were efforts to access the files and scripts that cause the web site to operate.
Like what? index.html? Or dir.gif?
favicon.ico?
Or maybe 4 shift-reloads of a page with 50 gifs?
I have yet to hear any sane theory as to why Brian would intentionally probe a website -- knowing that his accesses would be in the server logs -- only to phone them up and say that they have a security weakness. What would his motive be?
Occam's Razor applies. The simplest explanation is Brian's. Even if he was probing for weaknesses, he still did the right
thing when he found them.
But consider what it would take for you to move from a MS operating system to a competitor...
You've paid $$$ for lots of MS-only software:
will it all run?
If not, how will you read/edit all your existing files?
Since the cost of conversion from one OS to another - in time and money - is prohibitively high for most users, you have the same effect as if the cost of the raw materials were locked up:
new entries into the market cannot compete on merit alone.
BTW, note that it's not against the Sherman Anti-Trust Act to be a monopoly... you just can't use a monopoly in business domain A to create a new one in business domain B. This practice is what MS was found guilty of.
This bug has been reported already, 277168 hours, 16 minutes ago. No need to report it again.
Re:Do they WANT virii?
on
PDF Virus Spotted
·
· Score: 2, Insightful
The fault lies somewhere between the two,
but a little closer to VBScript:
The VBScript engine being used by the PDF interpreter should provide a sandbox in which untrusted scripts (e.g., scripts
embedded in PDF email attachments)
can be run.
Having a script interpreter (or a virtual machine) support different access permissions for different classes of apps (signed and trusted, unsigned, etc.) is exactly akin to having an operating system support different access permissions for different users.
This is how (and why) Java's security manager works for things like applets.
XML, by virtue of being text-based, may be easily inspected and understood. Sure, it's a little bulky, but if you're transmitting something like an XML-encoded vCard versus an ASN.1 encoding of the same info, the bulk is negligible.
Yes, for mp3-sized data streams, or real-time systems, there would be a difference. But many interesting applications don't require that much bandwidth.
ASN.1 achieves its compactness by sacrificing transparency. Sure, it's probably straightforward enough if you have the document which says how the tags are encoded, but good documentation of anything is rare as hen's teeth, and not all software companies are willing to play nice with the developer community at large and share their standards documents. And some of them get downright nassssssty if your reverse engineer...
Transparency is one of the reasons for the rapid growth of the Web: both HTML and HTTP were easy enough to understand that it took very little tech savvy to throw up a website or code an HTTPD or a CGI program.
Transparency and extensibiliy also make XML an excellent archival format; so if your protocol messages contain data you want to keep around for a while, you can snip out portions of the stream and save them, knowing that 10 or 15 years from now, even if all the relevant apps (and their documentation) disappear, you'll still be able to grok the data.
Shhhhhh... in reality, the "closed source" will be the Linux kernel, with the game thrown on top. This is really just a covert way to get millions of unsuspecting individuals to install Linux on their Windows boxes...
you know, just like the CodeRed[Hat] worm...
You hit upon an interesting point:
the emergence of a prevailing mindset that code should be accessible.
No one would buy a car nowadays with the hood welded shut (and the assurance that if it breaks down on a dark road, well, you can call a tow truck).
We need to get software owners, at least corporate software owners, to think of themselves in the same way. Because a million-dollar business should not have to wait for the next Service Pack.
Exactly right. In fact, I'd love to see it based solely on naming authority (with internationally-registered marks using
the country of origin). And get rid of.org,.com, etc. (I wonder if we can get rid of.edu too) Some samples:
disney.us
yale.us (no need for.edu, I hope)
yale.edu.us (if you prefer)
corel.ca
nasa.gov.us (gov't agency namespace, if you like)
bobs-garage.ny.us (a small company incorporated only in New York)
bobs-garage.md.us (different company, in Maryland)
united-nations.int
Oh, yeah, one more thing: if you have the rights to "foo-bar-baz.us", then you have the rights to "foobarbaz.us" and all other reasonable variants.
But if MSFT's engineers released the NT source code, then MSFT's own PR department would immediately condemn it as Communist, Un-American, Viral, Cancerous Open Source code.
Then MSFT management, hearing that the ranks have been compromised by dreaded Open Source advocates, would fire the lot of them, leaving no one to work on.NET but Gates, who can only code in VB, making it slower than molasses in the Arctic.
Corporate America, hooked on all things MSFT, would use it anyway, and all of civilization would grind to a halt while we sat waiting for our automobiles and toasters and TV sets to boot up.
Or something like that.
Any word from the Russian government?
on
Adobe Backs Down
·
· Score: 1
I was wondering whether or not they had an official position about this...
Slashdot Mirror
Let's see... at $30 per RedHat CD...
Consider the ramifications if applied widely. To call attention to, say, meat products in McDonald's supposedly-vegetarian food (as in India). To Nike's sweatshops. Even if the information is true, the ISPs might prefer to yank it rather than verify that it violates copyright. And, since you're obviously a troublemaker, they might cancel your account completely.
So welcome to the DMCA future, where an unsubstantiated accusation carries punishment even without a conviction -- so long as the accusation is coming from a moneyed source.
(Actually, given that people accused of crimes often have their reputations ruined, even after acquital, perhaps it's just a logical extension of the world today. But it still sucks.)
"The dog ate my homework."
"Why didn't you print out another copy?"
"It ate my monitor too..."
So if Microsoft is responsible for Open Source, and Open Source (by their own accusations) is Unamerican, then isn't Gates really taking credit for a great deal of Unamerican Activity?
Hmmm, you know, this IS a time of war. Maybe the new Ashcroft HUAC would be interested...
Well, the internal combustion engine hasn't really changed a lot since it was first developed either. Sometimes, systems built of small, simple, reliable components really can go the distance.
OTOH, future computers (say, 20 years from now) will likely have to deal with quantum processing hardware (no, this is not Star Trek). Since there will be a fundamental shift in the way we design algorithms for chips that work with Qbits, we may need a fundamental shift in the operating system too.
to be strictly correct, you'd say:
doubleplus ungood
Oldthinkers unbellyfeel billspeak.
Let's say that in the future, company X uses website cookies which contain encrypted information. You're curious, so you capture your HTTP dialog with their website and, after a little fiddling, discover that the cookie is your Social Security Number, base64-encoded. Except that you never gave them your SSN. You call them up:
And the next day you're sued under the DMCA for cracking their "data protection scheme" (base64) and sharing information on how to crack it (with their customer service rep).
Yeah, right, that's sounds ridiculous. Could never happen. Not in the USA. We don't do things like that here. All our arrests make sense...
It doesn't say that all of them came from Brian West, does it? I'll bet a bunch of them were just Code Red....
The affadavit said many of the attempts were efforts to access the files and scripts that cause the web site to operate.
Like what? index.html? Or dir.gif? favicon.ico? Or maybe 4 shift-reloads of a page with 50 gifs?
I have yet to hear any sane theory as to why Brian would intentionally probe a website -- knowing that his accesses would be in the server logs -- only to phone them up and say that they have a security weakness. What would his motive be?
Occam's Razor applies. The simplest explanation is Brian's. Even if he was probing for weaknesses, he still did the right thing when he found them.
Since the cost of conversion from one OS to another - in time and money - is prohibitively high for most users, you have the same effect as if the cost of the raw materials were locked up: new entries into the market cannot compete on merit alone.
BTW, note that it's not against the Sherman Anti-Trust Act to be a monopoly... you just can't use a monopoly in business domain A to create a new one in business domain B. This practice is what MS was found guilty of.
This bug has been reported already, 277168 hours, 16 minutes ago. No need to report it again.
The fault lies somewhere between the two, but a little closer to VBScript:
The VBScript engine being used by the PDF interpreter should provide a sandbox in which untrusted scripts (e.g., scripts embedded in PDF email attachments) can be run.
Having a script interpreter (or a virtual machine) support different access permissions for different classes of apps (signed and trusted, unsigned, etc.) is exactly akin to having an operating system support different access permissions for different users.
This is how (and why) Java's security manager works for things like applets.
XML, by virtue of being text-based, may be easily inspected and understood. Sure, it's a little bulky, but if you're transmitting something like an XML-encoded vCard versus an ASN.1 encoding of the same info, the bulk is negligible.
Yes, for mp3-sized data streams, or real-time systems, there would be a difference. But many interesting applications don't require that much bandwidth.
ASN.1 achieves its compactness by sacrificing transparency. Sure, it's probably straightforward enough if you have the document which says how the tags are encoded, but good documentation of anything is rare as hen's teeth, and not all software companies are willing to play nice with the developer community at large and share their standards documents. And some of them get downright nassssssty if your reverse engineer...
Transparency is one of the reasons for the rapid growth of the Web: both HTML and HTTP were easy enough to understand that it took very little tech savvy to throw up a website or code an HTTPD or a CGI program.
Transparency and extensibiliy also make XML an excellent archival format; so if your protocol messages contain data you want to keep around for a while, you can snip out portions of the stream and save them, knowing that 10 or 15 years from now, even if all the relevant apps (and their documentation) disappear, you'll still be able to grok the data.
I am not going to be hugging trees and saving fish anymore.
What about fish arrested under the DMCA? :-)
Shhhhhh... in reality, the "closed source" will be the Linux kernel, with the game thrown on top. This is really just a covert way to get millions of unsuspecting individuals to install Linux on their Windows boxes... you know, just like the CodeRed[Hat] worm...
"I think the CDs are ok," James said, "but the jewel case is shot. Guess I'll have to go to Sam Goody this afternoon again. Sheesh."
(shudder)...
Cue "Dear Kindly Sargeant Krupke"...
No one would buy a car nowadays with the hood welded shut (and the assurance that if it breaks down on a dark road, well, you can call a tow truck).
We need to get software owners, at least corporate software owners, to think of themselves in the same way. Because a million-dollar business should not have to wait for the next Service Pack.
Paging (your full name here)...
Please pick up the black Courtesy Phone hanging on your belt...
Paging (your full name here)...
Oh, yeah, one more thing: if you have the rights to "foo-bar-baz.us", then you have the rights to "foobarbaz.us" and all other reasonable variants.
I started the task at 8:00 this morning, and by 9:32 a shrill schreeching sound told me that one of the monkeys had solved the 1620-bit number.
Now if I could just figure out which one...
Plus, an infinite number of bananas costs more than my prize money. :-( And don't get me started about the mess they've made...
Then MSFT management, hearing that the ranks have been compromised by dreaded Open Source advocates, would fire the lot of them, leaving no one to work on .NET but Gates, who can only code in VB, making it slower than molasses in the Arctic.
Corporate America, hooked on all things MSFT, would use it anyway, and all of civilization would grind to a halt while we sat waiting for our automobiles and toasters and TV sets to boot up.
Or something like that.
I was wondering whether or not they had an official position about this...