But nowadays, when someone finds a vulnerability and tells the vendor, the vendor goes and gets a gag order to prevent the public from being able to protect themselves. Or the security researcher gets arrested. It might be safer to just tell everybody, anonymously, through one of the many full disclosure lists.
Indeed. In a recent discussion on this topic, someone pointed out that there's a legal name for the strategy of "tell the vendor, and if they don't fix it, tell everyone". The name for this is "blackmail", and you are in danger of prosecution.
We might add that if you tell the vendor, and offer to work for them to fix the problem, there's also a legal term that applies: "extortion".
The only real way to protect yourself from the danger of prosecution is to not tell the vendor anything. You should simply make the information public. That way, it's clear that you're not threatening the vendor with release of the information and you're not trying to get them to pay you to fix it.
This also prevents them from asking the courts to impose gag orders. It doesn't do much to prevent the media from labelling you a "hacker", which to the general public is a kind of criminal. But if you are knowledgeable enough to find and fix security problems, there's probably no way to prevent the media or the political system from labelling you as some sort of criminal. People in positions of authority have always wanted to silence messengers with inconvenient messages, and there's probably no way to fix this bug in the human psyche.
Hmmm... I wonder if there's a Fair Use Law in China. Not that this would have much impact on youtube servers in the US.
Actually, I tried to look up "fair use" in a couple of online Mandarin dictionaries. The closest I came was two chars pronounced gong1 yong4, but that means "for public use". My Mandarin is pretty feeble, though, so maybe some other slashdotter know.
(And when will we be permitted to use UTF-8 on/.? For at least the next couple weeks, it could be useful to be able to include a bit of Chinese text here. Then we'll forget all about them, but there'll be lots of other non-Western countries whose news stories we won't be able to quote literally.;-)
Heh; yeah. But how do you phrase it so that it's clear that by "terrorits" you mean your own local politicians, not those fuzzy, invisible foreign people (who might well be terrorists, but we usually don't really know much more than vague accusations).
Please stop with this "the terrorists have won" crap.
Indeed. It isn't the terrorists that have won. The winners are the local authoritarian thug politicians. They've used the traditional approach of invoking scary foreigners to justify "security" measures that are mostly aimed at controlling their own population. It's an old story. How many actual terrorists have the current measures actually convicted? There was the one guy who was hired by al Qaeda as a chauffeur, with no evidence that he ever did anything but drive people and their luggage around. Anyone else?
And it actually isn't anything new in the US. Look at the 1950s for a lot of good examples. That's when the "Red Scare" was used to justify the HUAC and other measures that were ostensibly aimed at Communists, but were actually aimed at anyone that the authoritarian types didn't like. We actually haven't gotten quite as far into a police state as we were back then. It took a lot of passive resistance, but we (sorta) won that one. We'll see how the current iteration turns out...
I've been wondering what would happen if the Olympics were held in Seattle. There's a bunch of mountains 50 miles west of the city called "the Olympics", though "the Olympic Mountains" would be the more formal name. Would the IOC demand that the range be renamed? Because of the mountains, there are a number of Olympic-themed place names in the general area. Would they all be forced to change their names? Some of the smaller eateries would probably just laugh and refuse to change.
Maybe this issue would suffice to reject Seattle as an Olympics venue.
... a lot of symbols surrounding the Olympics are trademarked. And, in the US, trademark law requires that you take steps to protect your trademark, or you risk losing some or all of your rights to it.
People keep saying this, but I don't think that trademark law says quite what you're claiming.
News clips routinely show city scenes with easily-recognizable brand names all over the place. To use the traditional auto analogy, you never hear of Ford or GM attempting to block broadcast of videos that show cars with logos visible in the background. This is not in any sense a legal challenge to those trademarks. Not even when the company is part of the news story. If there are workers picketing an auto plant over some contract dispute, news photographers will even try to get the building's logo into the shot to help illustrate where the news originated. The broadcast and print media routinely show such shots with no worries about infringement claims.
Claiming that the five-circle Olympic logo's trademark status is threatened by inclusion in a new video of a political demonstration is about as bogus as you can get. This it absolutely fair use, and there's no legal threat to anyone's "intellectual property". Claiming such a threat is merely a heavy-handed excuse for censorship.
I'm canadian, and get all my american news from colbert/stewart.
You're probably better informed than most Americans, then. Before the last two major elections, there were a number of fun surveys showing that the people who watched the Daily Show and the Colbert Report were generally able to correctly answer a much higher percentage of questions about the candidates than the people who didn't watch those shows. Listeners to the NPR radio quiz show Wait Wait, Don't Tell Me also scored high on these survey.
Of course, we don't know which is the cause and which is the effect. It's possible that these shows are attractive to people who follow the news. It's also possible that these shows make people more curious about what's going on. And this might be a feedback loop, with each leading to the other.
There are also a number of news blogs that take a satirical or comical approach. So far, I haven't heard of any surveys that test their readers' understanding of candidates or issues. It could be interesting. I wonder if there are any good ones out there that I've missed...
(Unfortunately, cruel.com seems to have died out - or maybe its domain was hijacked by the Drudge Retort. It was a fun "news" source while it lasted.;-)
This may come as a surprise, but Stephen Colbert isn't a republican. He's a character, played by a man who also happens to be named Stephen Colbert. This man? He is what we call a satirist.
Hey, Shhh...! Most of the "conservative" politicians don't understand this. You can see this in their confused looks when Colbert "interviews" them. We don't want them catching on and refusing to appear on the show.
OTOH, Jon Stewart openly and repeatedly reminds his guests (and critics) that he is a professional comedian. They seem to keep forgetting, and even his reminders doesn't seem to get the message through. There are some seriously thick-skulled politicos running around calling themselves "conservative" these days.
Why are there so few successful conservative comedians? P.J. O'Rourke has shown that it can be done. There should be a lot more of them around.
I keep reading that Justice Scalia has a wicked sense of humor. Could we maybe get him to moonlight for the Comedy Channel? Think of the legal precedent that would set...
So what's the definition of "password reset"? I'd started off assuming that it refers to one of those "I forgot my password" thingies. But the few times I've used one of those (usually helping a friend get a new password, actually), the result has always been for the site to email a new password that was random and unpronouncable, plus a link to change the password.
Are there sites that actually set your password to one of these personal-info strings? If so, that's incredibly demented behavior on their part. I'd think seriously of not using that site any more, if possible.
But I was disappointed that TFA didn't seem to define the "password reset" phrase. So I have to admit that I don't know what he's talking about. And I'm curious, because I've found that stories on new security problems have this way of quickly becoming relevant.
I hadn't seen that translation. It's wonderful! It's so much better than that boring old explanation that what Jesus was doing was what's called "treading water" in English, with similar phrasing used in most other languages (and is an example of why you shouldn't trust word-for-word translations). The idea that he had pontoon ("giant clown") shows is so much more interesting.
Re:What about the Advanced Bash Scripting Guide?
on
Bash Cookbook
·
· Score: 1
I read that a lot - "why buy a book when there's so much information online for free?"
Yeah; and I like to use that as an intro to explaining just why people do that.
My favorite example is to suggest walking into any of the tech bookshops that have popped up in many academin and high-tech areas in the past decade or so. They typically have several showcases inside the door that display the top sellers. If you open any of them and scan through all the usual publishers boilerplate, preface, etc., you'll typically find a URL that you can use to download a PDF of the book. For free.
This is interesting. You can get all the contents online for free, but the books are best sellers. What's going on here? Do people really pay for books when they can download the contents for free?
The publishing industry is slowly waking up to the fact that the answer is "Yes." There is a lot of value to electronic copies of books. But there's also a lot of value to a real book. Books aren't obsolete. They are just somewhat more limited before, restricted to the situations where hard copy has an advantage over electronic text.
One example that I like to use: I've worked in a lot of software development labs, where we have a flock of "crash and burn" machines for testing purposes. Typically each machine has a sign on it saying what is installed at the moment -- and a stack of printed manuals at the side. The fact is, when a machine is in a flaky state because of the half-tested software installed, you often find that you can't reach the network. So you'd better have the manuals there in printed form. That's all you have. (Actually, you usually have some nearby machines that can reach the network, but you've learned that it's not all that good an iidea to realy on that.;-)
Other examples abound. I remember a few years ago, when I was involved in playing for a music/dance workshop in the wilds of the Berkshires, and someone asked "Can you play the tune for XXX?" While the other musicians tried to think of the standard tune, I whipped out my smartphone, connected to my website, downloaded the tune, and told the phone to play it. The other musicians said "Oh, yeah; that tune." I got instant geek points, and we played the tune. But frankly, here in the US, wireless Internet access is so spotty, due to the phone companies' desire to wring every last cent out of access, that this works in less than 1% of the landscape. It was pure luck that I had connectivity there. Despite having equipment that can do such things, I still tend to carry along copies of the most useful books to such events. Given the recalcitrance of the comm companies to give us universal wireless access, I estimate that it'll be decades before the Internet is useful in out-of-the-way places like this.
In general, there are good reasons for printed books. Most of those reasons won't be going away any time soon. Some of them won't go away ever. Publishers can take some comfort in this. They should also be aware that they do need to look seriously at this new "publishing" medium, and learn to use it. Those who do will prosper; those who don't will fade away.
It is fun to point out that, in the high-tech arena, hard-copy publishing is thriving.
I'm more worried about the number of college graduates who can barely read and write than whether or not 8th graders know science.
I saw some illustrations of this problem back in the 70s, when I was a grad student assistant working as the computer guru for several departments in a university that I won't name (but it's generally considered one of the top schools in the US). A big part of my job was to advise other students trying to use the equipment in the departments' joint computer lab.
A recurring situation was: A student would ask for help on something that I knew was covered in the manual. I'd ask if they'd read the manual, and they'd say they had, but it hadn't helped. I'd pull out the manual and find the relevant section. It looked informative to me. After a bit of questioning, I'd try an experiment. I simply read the relevant passage out loud. The student would say something like "Oh, that's how it's supposed to work?" They'd proceed to do what they were trying to do, perhaps with a bit more consulting, but often not.
Note two critical facts here: 1) I had simply read the passage from the manual, and 2) the student understood it when I read it.
Conclusion: The student was illiterate.
Granted, they could probably sound out the words. But they were illiterate in the important sense: They couldn't extract the meaning from the printed words. This wasn't because the printed words didn't explain the information. It was because they understood the words only when they were spoken, not when they were in print form. And this wasn't just a few students. It might even have been the majority, though of course I was in no situation to be performing the obvious systematic test on the departments' entire grad-student populations.
I eventually mentioned this to a couple of the profs, and they invariably got a sad look on their faces. They understood the situation. One of them passed on a comment from someone else, which I've remembered ever since: The classroom lecture system is the best way known for teaching people who can't read. (I wonder who originated that one. Anyone know?)
Also, I don't think this is just a problem in the US. I suspect that it's a generic problem with schools in most of the world. I wonder what the effect will be when some small nation finds a way to reverse this...
Science says that it is highly unlikely that anyone can walk through walls, or walk on water, or...
Hmmmm... Maybe you should be a bit more careful about making such claims. Some 30 years ago, while I was at the U of Wisconsin (which is on the shore of a good-size lake), I watched a small group of people experimenting with and demoing equipment that quite literally implemented "walking on water". They're generally called "water shoes" or "pontoon shoes". The idea is to make a small pair of pontoon-like devices that will support a bit more than your weight, and strap them to your feet like snowshoes. Some were made with small flaps on the bottom that favored forward motion, to make "walking" easier. They actually worked fairly well, making it possible for people to move across the surface of the water in a manner that looked very much like normal walking.
The idea turned out not to be too practical or useful, though. It was mostly a fun gimmick, to show how easy it actually was to do one of the classical "miracle" actions. Commercialization never much happened, partly because there were a few serious safety problems with some of the first products. These problems could be solved, of course, but without a real prospect of large sales, nobody much bothered.
For that matter, I have installed in my house several devices that allow us to walk through walls. We call them "doors".;-) We also have devices that allow us to see through the walls. There seem to be no safety issues with these devices. Maybe we should market them. In the US and a few other countries, we would have to deal with the resistance of the religious people who would naturally fear that we were usurping their god's powers.
I just wish the USA Today reporter for this story would get his facts straight. AAAS doesn't stand for American Academy of Arts and Sciences; it stands for American Association for the Advancement of Science.
Ah, but that's just one organization's (the AAAS's) opinion. The USA Today reporter obviously understood that other views were needed. He asked around, and reported on an opposing opinion.
Don't worry about liking sushi. Most of the calories are in the rice, and that part is cooked. In fact, "sushi" actually means that sticky rice. The slices of fish supply a bit of protein, and the veggies supply a few vitamins, which you need, though they're really there to give the rice a bit more flavor. But the cooked rice is almost pure carbohydrate in an easily-digested form that is quickly-available fuel for your muscles and brain.
Note that rice nicely illustrates the writer's hypothesis. In its raw form, rice is hard, dense, and nearly indigestible. But when cooked, rice breaks down into simple carbs that your digestive system quickly turns into sugars. This "fuel" is so easily available that it leads to the well known "an hour later you're hungry again" phenomenon. Of course, most grains work about the same way. And this also shows that the article isn't exactly describing a new concept. Many people have inferred from the archaeological evidence that the start of real advances in human society coincided with the development of agriculture, in particular the domestication of grains. That gave us a high-energy food that was easy to digest. The only problem was that eating just grains is boring. So you start mixing in things with flavor, and before you know it, you've invented cuisine.
The real heroes in our evolution were the ones that developed cooking utensils.;-)
Hey, this is slashdot. If you read the article, you lose serious geek cred. You're supposed to pick a few words from the summary, and write some sort of take-off on those words. Extra points if you connect it to a hot political topic.
If the ability to cause problems was a legitimate reason to stop someone from practicing their hobby, then what about gun enthusiasts? What about drunks? And what about people with cars?
Hey, I have an accordion, and I know how to use it.
Does this mean that anyone who does anything except: watch TV, visit shopping malls or go to the pub is weird and so under suspicion?
Of course it does. Are you new here or something?
And "here" basically means the planet Earth. All human societies behave that way. The point of things like the US Bill of Rights is to protect people exhibiting "weird" behavior from the authorities.
Actually, not just human societies. It's common in most social species to avoid individuals who are acting "weird", whatever that means for your species. Someone exhibiting unusual behavior is likely sick, and they might be contagious. Avoiding them is an adaptive behavior.
The odd aspect of this, as hinted by the "Home Science" in the title, is that the authorities in question are probably quite well aware that the Massachusetts economy depends strongly on its high-tech sector, yet they are attacking someone for doing the sort of thing that has produced that high-tech economic sector. Rational behavior in such an area would be to encourage the small-time developers that are the foundation of much of the area's economy. But this is probably too high-level a view for the police that carried out this action. They likely do think that "chem lab" and "drug lab" are synonyms.
[Y]ou usually get a warrant before you bust into someone's house.
Correction: You used to get a warrant before you bust into someone's house.
For about 7 years now, that has no longer been necessary in the US. The authorities (at any level) can just chant "terrorists", and that gives them permission to go anywhere, and do anything with the people and things they find there.
If more people stood up to, and openly defied the courts, we'd have more people in jail - and a court system with less credibility. If an average citizen can shrug off a court order, what use do are the courts?
Actually, probably not. We've already had a long history of such things, in the US and in many other countries. The results are hard to separate from the noise, but on balance are probably to our benefit.
There's a reasonable argument for the opposite conclusion. The legal term is "judicial review", the principal of law in the US and a few other countries that laws and other government actions can be declared invalid by the courts. In practice, to get a law, court order, or other government action decreed unconstitutional, you have to have "standing" to challenge it in court. The usual way you get such standing is by violating the law or order, and challenging the authorities to punish you. If you don't do this, you usually can't get a court test at all. And historically, judicial reviews have a record of deciding for the victim (probably because nobody presses such a case unless their lawyers say they have good reason to believe they'll succeed).
So openly violating court orders or laws are an important part of our legal system. It's what starts the process of judicial review that gets things declared unconstitutional. If nobody ever challenged laws or government orders, we'd have to obey every law or order, and the Constitution would be an irrelevant historic oddity.
Prior restraint is unconstitutional. This will not survive the appeal.
Um, so what? The court order succeeded; it prevented the MIT guys from giving their talk. If the appeal says the order was unconstitutional, that won't retroactively result in the talk having been given (unless someone has a working time machine that we don't know about). The judge may get a stern talking-to by the appeals court, but there will be no punishment.
As with many such violations of rights, the deed is done and can't be undone. When there is no punishment for the perpetrators (primarily the judge), a later decision that it was wrong doesn't mean much, and does nothing to prevent such court orders in the future.
Of course, the fact that the MIT guys have released all the info and the Tech has published it online does make the court (and the MBTA bureaucrats) seem sorta foolish. It most produced a Streisand Effect, bringing public attention to something that only a few geeks would have noticed (and maybe fixed) if there had been no court order.
"Engadget reports Microsoft has readied a blacklisting system which allows the company to remotely disable applications on your Windows/XP PC."
There; fixed that for ya.;-)
A few years ago, I got a machine with Windows/something, and turned it into a dual-boot Windows/linux box. After verifying that the linux installation went well, I booted up Windows to make sure that it worked, and it did. I then tried to re-boot to linux - and it wouldn't boot. A bit of digging turned up the paragraph in the Windows docs stating that one of its startup tasks was to scan the disk partitions, and make any non-Windows partition non-bootable. I also found the paragraph stating that by running Windows, you gave MS's software permission to write anywhere on any disk partition.
I wiped the Windows partition, reinstalled linux, and have never bought a machine with Windows installed since then.
"Yer honor, they offered to fix this issue at our business for 150$/hr. If we chose not to, they'd leak it to the public".
I cant believe it's not blackmail.
It'd be interesting to learn whether any US courts have actually held that such an offer was legally blackmail (or, more likely, extortion).
If so, it would be very useful in discussions about release of security-related info. It would shoot down the standard recommendation to first tell the vendor about a problem, and if they don't fix it in a reasonable time, release the info to the public.
Rather, it would be a good reason to do as djb suggests: Release such information publicly as your first step. Simultaneously, offer (also publicly) to work with the vendor to fix the problem before an exploit appears. That would presumably not be blackmail, since you're not threatening to release the info unless you're paid. It wouldn't be extortion, either, because you'd just be making a conventional job offer. The vendor could reasonably say "We already have people on our payroll who can fix the problem, but thanks for the info." You wouldn't be making any sort of threat against them if they didn't pay you.
But if I were working for the vendor in such cases, I think I'd rather know about the problem before it's publicly announced. Threatening such obviously competent programmers with fines or jail if they tell me about my security problem strikes me as a seriously foolish approach. I'd expect that they'd just shrug, and accept the job offers from my competitors.
Not only that, but Google is just a company, and a company is made up of people - it is the people who make the decisions. Those people really should appreciate the difference between the online and offline worlds, and should realise that the vast majority of people value their privacy.
Well, yeah, but note something very important: Google is a corporation, and here in the US as in many other countries, corporations are allowed to do things that mere humans aren't.
In particular, if I were to collect a lot of of personal information about you, including the id numbers that identify you, and sell that information to other interested people, I'd run afoul of all sorts of laws, and would likely end up in jail. But corporations are doing that openly in the US, and there's no obvious threat that the legal system will do anything at all about it. Corporations can also buy and sell your medical information, often completely legally. Thus, a recent court ruling said that pharmacies were not subject to the medical secrecy rules that limit what doctors and hospitals can do with their medical records. When you give your prescription to a pharmacy, it goes into their commercial database, and they can legally sell it to anyone.
If you want to learn more about this, pay one of the credit agencies for your credit record. You probably have never done business with any of them, but you might be impressed by how much data about you they have been able to collect. And their main business is selling this information to other companies.
In contrast note that, as a private citizen, if the same data about large numbers of people were found on your personal computer, you could be in a lot of trouble.
For corporations, there are few if any enforced laws telling them to respect anyone's privacy. Information about you is simply a commercial commodity for them, and they won't be punished for selling it (only for accidentally letting it out for free;-).
This is especially true of the corporations called government bodies...
I don't imagine they'd have much difficulty in redefining "free software" so that it means "MS software with a price tag of $0"
You should be careful there, because corporations have a way of imposing a price that's much greater than the money involved.
It's entirely likely that, if you sign on to any of Microsoft's "open source" plans, and they show you their source code, they could "pwn" you thereafter. They'll have the legal right to demand access to the code you write, not just for yourself, but for any other employer. And if anything in your future code has any resemblance to any of the MS code you saw, you'll be defending against an infringement suit.
Note that "open source" really just means that you are permitted to read the source code. It doesn't mean that you can use the knowledge that you gain from that reading. That's what the "free software" people have been warning us about all along. Unless you are allowed to use the concepts in the code, the right to read it could easily mean that you have lost rights, namely the right to ever write any variants of that code any time in the future.
It's what is meant by the "NDA" TLA. If you do anything that legally binds you to an NDA, then reading anything immediately takes away your right to use the knowledge of what you just read, except when you're working for the owner of the NDA (i.e., your owner).
It used to be that a workers' knowledge was their own, and went with them from job to job. Those days seem to be over. Knowledge that you gain working for one employer can be owned by that employer, and it can be illegal for you to use that knowledge after the job is done and they send you on your way.
Open source is important. But the freedom to use that source is also important. Legal documents often intentionally confuse these concepts, giving you access to the code without also giving you the freedom to use it in the future.
Slashdot Mirror
But nowadays, when someone finds a vulnerability and tells the vendor, the vendor goes and gets a gag order to prevent the public from being able to protect themselves. Or the security researcher gets arrested. It might be safer to just tell everybody, anonymously, through one of the many full disclosure lists.
Indeed. In a recent discussion on this topic, someone pointed out that there's a legal name for the strategy of "tell the vendor, and if they don't fix it, tell everyone". The name for this is "blackmail", and you are in danger of prosecution.
We might add that if you tell the vendor, and offer to work for them to fix the problem, there's also a legal term that applies: "extortion".
The only real way to protect yourself from the danger of prosecution is to not tell the vendor anything. You should simply make the information public. That way, it's clear that you're not threatening the vendor with release of the information and you're not trying to get them to pay you to fix it.
This also prevents them from asking the courts to impose gag orders. It doesn't do much to prevent the media from labelling you a "hacker", which to the general public is a kind of criminal. But if you are knowledgeable enough to find and fix security problems, there's probably no way to prevent the media or the political system from labelling you as some sort of criminal. People in positions of authority have always wanted to silence messengers with inconvenient messages, and there's probably no way to fix this bug in the human psyche.
Hmmm ... I wonder if there's a Fair Use Law in China. Not that this would have much impact on youtube servers in the US.
Actually, I tried to look up "fair use" in a couple of online Mandarin dictionaries. The closest I came was two chars pronounced gong1 yong4, but that means "for public use". My Mandarin is pretty feeble, though, so maybe some other slashdotter know.
(And when will we be permitted to use UTF-8 on /.? For at least the next couple weeks, it could be useful to be able to include a bit of Chinese text here. Then we'll forget all about them, but there'll be lots of other non-Western countries whose news stories we won't be able to quote literally. ;-)
Heh; yeah. But how do you phrase it so that it's clear that by "terrorits" you mean your own local politicians, not those fuzzy, invisible foreign people (who might well be terrorists, but we usually don't really know much more than vague accusations).
Please stop with this "the terrorists have won" crap.
Indeed. It isn't the terrorists that have won. The winners are the local authoritarian thug politicians. They've used the traditional approach of invoking scary foreigners to justify "security" measures that are mostly aimed at controlling their own population. It's an old story. How many actual terrorists have the current measures actually convicted? There was the one guy who was hired by al Qaeda as a chauffeur, with no evidence that he ever did anything but drive people and their luggage around. Anyone else?
And it actually isn't anything new in the US. Look at the 1950s for a lot of good examples. That's when the "Red Scare" was used to justify the HUAC and other measures that were ostensibly aimed at Communists, but were actually aimed at anyone that the authoritarian types didn't like. We actually haven't gotten quite as far into a police state as we were back then. It took a lot of passive resistance, but we (sorta) won that one. We'll see how the current iteration turns out ...
I've been wondering what would happen if the Olympics were held in Seattle. There's a bunch of mountains 50 miles west of the city called "the Olympics", though "the Olympic Mountains" would be the more formal name. Would the IOC demand that the range be renamed? Because of the mountains, there are a number of Olympic-themed place names in the general area. Would they all be forced to change their names? Some of the smaller eateries would probably just laugh and refuse to change.
Maybe this issue would suffice to reject Seattle as an Olympics venue.
... a lot of symbols surrounding the Olympics are trademarked. And, in the US, trademark law requires that you take steps to protect your trademark, or you risk losing some or all of your rights to it.
People keep saying this, but I don't think that trademark law says quite what you're claiming.
News clips routinely show city scenes with easily-recognizable brand names all over the place. To use the traditional auto analogy, you never hear of Ford or GM attempting to block broadcast of videos that show cars with logos visible in the background. This is not in any sense a legal challenge to those trademarks. Not even when the company is part of the news story. If there are workers picketing an auto plant over some contract dispute, news photographers will even try to get the building's logo into the shot to help illustrate where the news originated. The broadcast and print media routinely show such shots with no worries about infringement claims.
Claiming that the five-circle Olympic logo's trademark status is threatened by inclusion in a new video of a political demonstration is about as bogus as you can get. This it absolutely fair use, and there's no legal threat to anyone's "intellectual property". Claiming such a threat is merely a heavy-handed excuse for censorship.
I'm canadian, and get all my american news from colbert/stewart.
You're probably better informed than most Americans, then. Before the last two major elections, there were a number of fun surveys showing that the people who watched the Daily Show and the Colbert Report were generally able to correctly answer a much higher percentage of questions about the candidates than the people who didn't watch those shows. Listeners to the NPR radio quiz show Wait Wait, Don't Tell Me also scored high on these survey.
Of course, we don't know which is the cause and which is the effect. It's possible that these shows are attractive to people who follow the news. It's also possible that these shows make people more curious about what's going on. And this might be a feedback loop, with each leading to the other.
There are also a number of news blogs that take a satirical or comical approach. So far, I haven't heard of any surveys that test their readers' understanding of candidates or issues. It could be interesting. I wonder if there are any good ones out there that I've missed ...
(Unfortunately, cruel.com seems to have died out - or maybe its domain was hijacked by the Drudge Retort. It was a fun "news" source while it lasted. ;-)
This may come as a surprise, but Stephen Colbert isn't a republican. He's a character, played by a man who also happens to be named Stephen Colbert. This man? He is what we call a satirist.
Hey, Shhh...! Most of the "conservative" politicians don't understand this. You can see this in their confused looks when Colbert "interviews" them. We don't want them catching on and refusing to appear on the show.
OTOH, Jon Stewart openly and repeatedly reminds his guests (and critics) that he is a professional comedian. They seem to keep forgetting, and even his reminders doesn't seem to get the message through. There are some seriously thick-skulled politicos running around calling themselves "conservative" these days.
Why are there so few successful conservative comedians? P.J. O'Rourke has shown that it can be done. There should be a lot more of them around.
I keep reading that Justice Scalia has a wicked sense of humor. Could we maybe get him to moonlight for the Comedy Channel? Think of the legal precedent that would set ...
So what's the definition of "password reset"? I'd started off assuming that it refers to one of those "I forgot my password" thingies. But the few times I've used one of those (usually helping a friend get a new password, actually), the result has always been for the site to email a new password that was random and unpronouncable, plus a link to change the password.
Are there sites that actually set your password to one of these personal-info strings? If so, that's incredibly demented behavior on their part. I'd think seriously of not using that site any more, if possible.
But I was disappointed that TFA didn't seem to define the "password reset" phrase. So I have to admit that I don't know what he's talking about. And I'm curious, because I've found that stories on new security problems have this way of quickly becoming relevant.
I hadn't seen that translation. It's wonderful! It's so much better than that boring old explanation that what Jesus was doing was what's called "treading water" in English, with similar phrasing used in most other languages (and is an example of why you shouldn't trust word-for-word translations). The idea that he had pontoon ("giant clown") shows is so much more interesting.
I read that a lot - "why buy a book when there's so much information online for free?"
Yeah; and I like to use that as an intro to explaining just why people do that.
My favorite example is to suggest walking into any of the tech bookshops that have popped up in many academin and high-tech areas in the past decade or so. They typically have several showcases inside the door that display the top sellers. If you open any of them and scan through all the usual publishers boilerplate, preface, etc., you'll typically find a URL that you can use to download a PDF of the book. For free.
This is interesting. You can get all the contents online for free, but the books are best sellers. What's going on here? Do people really pay for books when they can download the contents for free?
The publishing industry is slowly waking up to the fact that the answer is "Yes." There is a lot of value to electronic copies of books. But there's also a lot of value to a real book. Books aren't obsolete. They are just somewhat more limited before, restricted to the situations where hard copy has an advantage over electronic text.
One example that I like to use: I've worked in a lot of software development labs, where we have a flock of "crash and burn" machines for testing purposes. Typically each machine has a sign on it saying what is installed at the moment -- and a stack of printed manuals at the side. The fact is, when a machine is in a flaky state because of the half-tested software installed, you often find that you can't reach the network. So you'd better have the manuals there in printed form. That's all you have. (Actually, you usually have some nearby machines that can reach the network, but you've learned that it's not all that good an iidea to realy on that. ;-)
Other examples abound. I remember a few years ago, when I was involved in playing for a music/dance workshop in the wilds of the Berkshires, and someone asked "Can you play the tune for XXX?" While the other musicians tried to think of the standard tune, I whipped out my smartphone, connected to my website, downloaded the tune, and told the phone to play it. The other musicians said "Oh, yeah; that tune." I got instant geek points, and we played the tune. But frankly, here in the US, wireless Internet access is so spotty, due to the phone companies' desire to wring every last cent out of access, that this works in less than 1% of the landscape. It was pure luck that I had connectivity there. Despite having equipment that can do such things, I still tend to carry along copies of the most useful books to such events. Given the recalcitrance of the comm companies to give us universal wireless access, I estimate that it'll be decades before the Internet is useful in out-of-the-way places like this.
In general, there are good reasons for printed books. Most of those reasons won't be going away any time soon. Some of them won't go away ever. Publishers can take some comfort in this. They should also be aware that they do need to look seriously at this new "publishing" medium, and learn to use it. Those who do will prosper; those who don't will fade away.
It is fun to point out that, in the high-tech arena, hard-copy publishing is thriving.
I'm more worried about the number of college graduates who can barely read and write than whether or not 8th graders know science.
I saw some illustrations of this problem back in the 70s, when I was a grad student assistant working as the computer guru for several departments in a university that I won't name (but it's generally considered one of the top schools in the US). A big part of my job was to advise other students trying to use the equipment in the departments' joint computer lab.
A recurring situation was: A student would ask for help on something that I knew was covered in the manual. I'd ask if they'd read the manual, and they'd say they had, but it hadn't helped. I'd pull out the manual and find the relevant section. It looked informative to me. After a bit of questioning, I'd try an experiment. I simply read the relevant passage out loud. The student would say something like "Oh, that's how it's supposed to work?" They'd proceed to do what they were trying to do, perhaps with a bit more consulting, but often not.
Note two critical facts here: 1) I had simply read the passage from the manual, and 2) the student understood it when I read it.
Conclusion: The student was illiterate.
Granted, they could probably sound out the words. But they were illiterate in the important sense: They couldn't extract the meaning from the printed words. This wasn't because the printed words didn't explain the information. It was because they understood the words only when they were spoken, not when they were in print form. And this wasn't just a few students. It might even have been the majority, though of course I was in no situation to be performing the obvious systematic test on the departments' entire grad-student populations.
I eventually mentioned this to a couple of the profs, and they invariably got a sad look on their faces. They understood the situation. One of them passed on a comment from someone else, which I've remembered ever since: The classroom lecture system is the best way known for teaching people who can't read. (I wonder who originated that one. Anyone know?)
Also, I don't think this is just a problem in the US. I suspect that it's a generic problem with schools in most of the world. I wonder what the effect will be when some small nation finds a way to reverse this ...
Science says that it is highly unlikely that anyone can walk through walls, or walk on water, or ...
Hmmmm ... Maybe you should be a bit more careful about making such claims. Some 30 years ago, while I was at the U of Wisconsin (which is on the shore of a good-size lake), I watched a small group of people experimenting with and demoing equipment that quite literally implemented "walking on water". They're generally called "water shoes" or "pontoon shoes". The idea is to make a small pair of pontoon-like devices that will support a bit more than your weight, and strap them to your feet like snowshoes. Some were made with small flaps on the bottom that favored forward motion, to make "walking" easier. They actually worked fairly well, making it possible for people to move across the surface of the water in a manner that looked very much like normal walking.
The idea turned out not to be too practical or useful, though. It was mostly a fun gimmick, to show how easy it actually was to do one of the classical "miracle" actions. Commercialization never much happened, partly because there were a few serious safety problems with some of the first products. These problems could be solved, of course, but without a real prospect of large sales, nobody much bothered.
For that matter, I have installed in my house several devices that allow us to walk through walls. We call them "doors". ;-) We also have devices that allow us to see through the walls. There seem to be no safety issues with these devices. Maybe we should market them. In the US and a few other countries, we would have to deal with the resistance of the religious people who would naturally fear that we were usurping their god's powers.
I just wish the USA Today reporter for this story would get his facts straight. AAAS doesn't stand for American Academy of Arts and Sciences; it stands for American Association for the Advancement of Science.
Ah, but that's just one organization's (the AAAS's) opinion. The USA Today reporter obviously understood that other views were needed. He asked around, and reported on an opposing opinion.
That's quality, unbiased journalism at work.
Don't worry about liking sushi. Most of the calories are in the rice, and that part is cooked. In fact, "sushi" actually means that sticky rice. The slices of fish supply a bit of protein, and the veggies supply a few vitamins, which you need, though they're really there to give the rice a bit more flavor. But the cooked rice is almost pure carbohydrate in an easily-digested form that is quickly-available fuel for your muscles and brain.
Note that rice nicely illustrates the writer's hypothesis. In its raw form, rice is hard, dense, and nearly indigestible. But when cooked, rice breaks down into simple carbs that your digestive system quickly turns into sugars. This "fuel" is so easily available that it leads to the well known "an hour later you're hungry again" phenomenon. Of course, most grains work about the same way. And this also shows that the article isn't exactly describing a new concept. Many people have inferred from the archaeological evidence that the start of real advances in human society coincided with the development of agriculture, in particular the domestication of grains. That gave us a high-energy food that was easy to digest. The only problem was that eating just grains is boring. So you start mixing in things with flavor, and before you know it, you've invented cuisine.
The real heroes in our evolution were the ones that developed cooking utensils. ;-)
You need to read the article also.
Hey, this is slashdot. If you read the article, you lose serious geek cred. You're supposed to pick a few words from the summary, and write some sort of take-off on those words. Extra points if you connect it to a hot political topic.
If the ability to cause problems was a legitimate reason to stop someone from practicing their hobby, then what about gun enthusiasts? What about drunks? And what about people with cars?
Hey, I have an accordion, and I know how to use it.
Maybe I should be worried ...
Does this mean that anyone who does anything except: watch TV, visit shopping malls or go to the pub is weird and so under suspicion?
Of course it does. Are you new here or something?
And "here" basically means the planet Earth. All human societies behave that way. The point of things like the US Bill of Rights is to protect people exhibiting "weird" behavior from the authorities.
Actually, not just human societies. It's common in most social species to avoid individuals who are acting "weird", whatever that means for your species. Someone exhibiting unusual behavior is likely sick, and they might be contagious. Avoiding them is an adaptive behavior.
The odd aspect of this, as hinted by the "Home Science" in the title, is that the authorities in question are probably quite well aware that the Massachusetts economy depends strongly on its high-tech sector, yet they are attacking someone for doing the sort of thing that has produced that high-tech economic sector. Rational behavior in such an area would be to encourage the small-time developers that are the foundation of much of the area's economy. But this is probably too high-level a view for the police that carried out this action. They likely do think that "chem lab" and "drug lab" are synonyms.
[Y]ou usually get a warrant before you bust into someone's house.
Correction: You used to get a warrant before you bust into someone's house.
For about 7 years now, that has no longer been necessary in the US. The authorities (at any level) can just chant "terrorists", and that gives them permission to go anywhere, and do anything with the people and things they find there.
If more people stood up to, and openly defied the courts, we'd have more people in jail - and a court system with less credibility. If an average citizen can shrug off a court order, what use do are the courts?
Actually, probably not. We've already had a long history of such things, in the US and in many other countries. The results are hard to separate from the noise, but on balance are probably to our benefit.
There's a reasonable argument for the opposite conclusion. The legal term is "judicial review", the principal of law in the US and a few other countries that laws and other government actions can be declared invalid by the courts. In practice, to get a law, court order, or other government action decreed unconstitutional, you have to have "standing" to challenge it in court. The usual way you get such standing is by violating the law or order, and challenging the authorities to punish you. If you don't do this, you usually can't get a court test at all. And historically, judicial reviews have a record of deciding for the victim (probably because nobody presses such a case unless their lawyers say they have good reason to believe they'll succeed).
So openly violating court orders or laws are an important part of our legal system. It's what starts the process of judicial review that gets things declared unconstitutional. If nobody ever challenged laws or government orders, we'd have to obey every law or order, and the Constitution would be an irrelevant historic oddity.
Prior restraint is unconstitutional. This will not survive the appeal.
Um, so what? The court order succeeded; it prevented the MIT guys from giving their talk. If the appeal says the order was unconstitutional, that won't retroactively result in the talk having been given (unless someone has a working time machine that we don't know about). The judge may get a stern talking-to by the appeals court, but there will be no punishment.
As with many such violations of rights, the deed is done and can't be undone. When there is no punishment for the perpetrators (primarily the judge), a later decision that it was wrong doesn't mean much, and does nothing to prevent such court orders in the future.
Of course, the fact that the MIT guys have released all the info and the Tech has published it online does make the court (and the MBTA bureaucrats) seem sorta foolish. It most produced a Streisand Effect, bringing public attention to something that only a few geeks would have noticed (and maybe fixed) if there had been no court order.
"Engadget reports Microsoft has readied a blacklisting system which allows the company to remotely disable applications on your Windows/XP PC."
There; fixed that for ya. ;-)
A few years ago, I got a machine with Windows/something, and turned it into a dual-boot Windows/linux box. After verifying that the linux installation went well, I booted up Windows to make sure that it worked, and it did. I then tried to re-boot to linux - and it wouldn't boot. A bit of digging turned up the paragraph in the Windows docs stating that one of its startup tasks was to scan the disk partitions, and make any non-Windows partition non-bootable. I also found the paragraph stating that by running Windows, you gave MS's software permission to write anywhere on any disk partition.
I wiped the Windows partition, reinstalled linux, and have never bought a machine with Windows installed since then.
"Yer honor, they offered to fix this issue at our business for 150$/hr. If we chose not to, they'd leak it to the public".
I cant believe it's not blackmail.
It'd be interesting to learn whether any US courts have actually held that such an offer was legally blackmail (or, more likely, extortion).
If so, it would be very useful in discussions about release of security-related info. It would shoot down the standard recommendation to first tell the vendor about a problem, and if they don't fix it in a reasonable time, release the info to the public.
Rather, it would be a good reason to do as djb suggests: Release such information publicly as your first step. Simultaneously, offer (also publicly) to work with the vendor to fix the problem before an exploit appears. That would presumably not be blackmail, since you're not threatening to release the info unless you're paid. It wouldn't be extortion, either, because you'd just be making a conventional job offer. The vendor could reasonably say "We already have people on our payroll who can fix the problem, but thanks for the info." You wouldn't be making any sort of threat against them if they didn't pay you.
But if I were working for the vendor in such cases, I think I'd rather know about the problem before it's publicly announced. Threatening such obviously competent programmers with fines or jail if they tell me about my security problem strikes me as a seriously foolish approach. I'd expect that they'd just shrug, and accept the job offers from my competitors.
Not only that, but Google is just a company, and a company is made up of people - it is the people who make the decisions. Those people really should appreciate the difference between the online and offline worlds, and should realise that the vast majority of people value their privacy.
Well, yeah, but note something very important: Google is a corporation, and here in the US as in many other countries, corporations are allowed to do things that mere humans aren't.
In particular, if I were to collect a lot of of personal information about you, including the id numbers that identify you, and sell that information to other interested people, I'd run afoul of all sorts of laws, and would likely end up in jail. But corporations are doing that openly in the US, and there's no obvious threat that the legal system will do anything at all about it. Corporations can also buy and sell your medical information, often completely legally. Thus, a recent court ruling said that pharmacies were not subject to the medical secrecy rules that limit what doctors and hospitals can do with their medical records. When you give your prescription to a pharmacy, it goes into their commercial database, and they can legally sell it to anyone.
If you want to learn more about this, pay one of the credit agencies for your credit record. You probably have never done business with any of them, but you might be impressed by how much data about you they have been able to collect. And their main business is selling this information to other companies.
In contrast note that, as a private citizen, if the same data about large numbers of people were found on your personal computer, you could be in a lot of trouble.
For corporations, there are few if any enforced laws telling them to respect anyone's privacy. Information about you is simply a commercial commodity for them, and they won't be punished for selling it (only for accidentally letting it out for free ;-).
This is especially true of the corporations called government bodies ...
[What, me cynical? ;-]
I don't imagine they'd have much difficulty in redefining "free software" so that it means "MS software with a price tag of $0"
You should be careful there, because corporations have a way of imposing a price that's much greater than the money involved.
It's entirely likely that, if you sign on to any of Microsoft's "open source" plans, and they show you their source code, they could "pwn" you thereafter. They'll have the legal right to demand access to the code you write, not just for yourself, but for any other employer. And if anything in your future code has any resemblance to any of the MS code you saw, you'll be defending against an infringement suit.
Note that "open source" really just means that you are permitted to read the source code. It doesn't mean that you can use the knowledge that you gain from that reading. That's what the "free software" people have been warning us about all along. Unless you are allowed to use the concepts in the code, the right to read it could easily mean that you have lost rights, namely the right to ever write any variants of that code any time in the future.
It's what is meant by the "NDA" TLA. If you do anything that legally binds you to an NDA, then reading anything immediately takes away your right to use the knowledge of what you just read, except when you're working for the owner of the NDA (i.e., your owner).
It used to be that a workers' knowledge was their own, and went with them from job to job. Those days seem to be over. Knowledge that you gain working for one employer can be owned by that employer, and it can be illegal for you to use that knowledge after the job is done and they send you on your way.
Open source is important. But the freedom to use that source is also important. Legal documents often intentionally confuse these concepts, giving you access to the code without also giving you the freedom to use it in the future.