why? much easier to shut you off for non-payment than to risk the life of an installer to go into getto-town and disconnect and end up shot by some homie that capped his ass because he was watchin' judge judy at the time.
I owned a Phillips DVX-8000 which was one of their last attempts to bring some of the pc world to the stereo cabinet.
The DVX-8000 was a high quality onkyo receiver coupled with a built in pentium 233 (modern at the time) and PC DVD player and line doubler. This system cost about $5000 new in 97 but quickly got dumped by phillips because it was a disaster. Custom software that never worked right, no upgrade path, custom hardware that broke, no vision for the future. They never bothered with any real software updates (it was never even able to run windows 98) and was so laden down with custom hardware including the video system that there was really nothing an end user could do. Once the units were out of warrenty thats the last phillips ever touched one leaving all of their owners stranded.
This new phillips system seems novel but i would never consider buying one considering what a poor track record they have with their other 'experiments'
I wonder what the deal is with the record being available for purchase? I just paid $12 for it at the record store that was linked to for the cd info. So can you sell this stuff or not? or is the record store in question essentially selling a bootleg? They are even signed by the guy who made it, i dunno.
I should note that it would be easy to use such a database to detect pure pirates... ie people pressing exact duplicates of commercial albums. But the article is about a recycled beats record, something made presumably by tens of thousands of samples put together. Certainly not going to match in gracenote, unless it was a random false match which does happen.
Seems there now exists a technology called the "major label waveform CD database," which is capable of recognizing materials allegedly owned by the record label cartel. I thought this was a hoax, just something added to spice up the story, until I read a story in J@pan Inc Magazine (June 26) about a company called Gracenote, which specializes in "music recognition service," the software that lets your CD player tell you which artist and track are currently playing. It's pretty easy to see how the RIAA and its international counterpart, IFPI, could use the same technology to track "bootleggers" [...]
As a lot of readers probably know gracenote uses simple metrics about the length of the songs and their position on the cd to check a database to find likely matches. Gracenote maintains nothing of the sort of a waveform database.
While i believe there is/was at least one startup that was working to match music using a beats & tone analysis method that could match to songs that had been shifted or obscured in some way, i'm not sure this technology has ever been in real use.
The idea that there is some huge waveform database that cd pressing plants now use is pretty suspicious. I think working in the industry i would have heard about it, even if it was kept secret the storage capacity and processing needs would be astronomical. 11,000 albums heavily compressed to 160kbps still takes approximately 600gb, I understand that the amount of in print US albums is somewhere between 200,000 - 300,000 and more like 600,000 for world releases (in print only). Searching through a collection like that would easily take days or weeks depending on how small a segment you were trying to match
IMF endorses Everquest as economic development platform for emerging nations.
Think about it. MMORPG's have succeeded in creating one of the only virtual economic systems that has established trade & currency rates against the world's established economies.
You could take a computer and satellite net access nearly anywhere, teach someone who currently makes US $0.35 a day how to play the game, and make back the investment of computer and net access withing a few months. After that, an adapted player might be able to make $2/hr-$100/hr. Most of these sales might not support an american in the lifestyle they have become accustomed to, but nearly all of these reported bounties might go a long way towards (as mentioned) funding a college tuition or even the development of a whole community.
It might be far fetched, but it also might be the leading edge of some of the things the net promised and never delivered in the.com age. Global economies that lessen the spread between the haves and the have nots.
Since I'm way out on a ledge predicting things that will probably never happen let me continue.
2004: After launching a mostly unsuccessful MMORPG company XYZCorp slowly begins selling rare items via ebay on the sly. Discovered and villified by the press and fans, this company's game is soon abandoned. However, it plants the seed in a few heads.
2007: Company ABCCorp launches an MMORPG that includes various features, items and abilities that can be augmented by paying ABCCorp directly.
2013: A "lottery" MMORPG is created that includes a complex form of gambling that involves paying for the opportunity to enter areas, receive quests and conduct raids. HAlf of this money is returned to the game in the form of prize pools that reward the luckiest and most dedicated players with cash prizes for completing very hard tests & adventures. Incredible feats and new discoveries could pay out "lottery" style winning of tens of thousands of dollars.
That's what people here seem to be saying. Good schools, good times, low taxes, and whatever your "pet issue" is.
I think the question asker really has the bulk of the work already done in identifying some of the semi-unique techie draws, but how can you really accomplish them? A town itself usually has little to do with whether or not they become an artistic mecca or some of the other draws, and in many examples the tech would later push out thye artists or many of the other appeals of a city.
What can a city government realistically do to attract a technology economy? Well, probably it's bring the jobs there.
I live in san francisco and boulder, and silicon valley really has little current native appeal. At one point the area may have been beautiful, unique, and full of the arts. Now it is sprawling, close to the same as every other major sprawl and has pushed a majority of it's artists out of town or out of the state.
But if you work in tech silicon valley is still (or maybe was until recently) the golden fleece for high-end jobs, plenty of possibilities, and the chance to work on stuff like you have nowhere else. That's really because of the employers in the area. Take them all and move them to anchorage and I would most likely move there as much as i hate to admit it.
Boulder county is well on it's way to getting it's tech community that it decided it wanted (and trying to ruin itself oalong the way, but hell thats how it goes). The reason? They give fat, fat tax incentives to large nationals and multinationals that want to move portions of their operation there.
I mean, is there really any other way it's ever worked? I can't imagine that you could get all the workers to move there before the jobs came. In this case the chicken certainly comes first.
it uses a dual LNB system and yes the direcTivo is itself a direcTV receiver, you replace your existing one and swap the cards when you purchase it. It doesn't work with dish.
Whatever conclusion you reach, it's already quite clear that Universal is not ruling out the exploitation of the demand for completely unprotected mp3's. At least, not yet
It's really unlikely. Like 100% unlikely. It makes a lot of sense retaining the existing features of services you buy (especially those that aren't any kind of threat... emusic) especially while the hill is watching closely.
Bu there's no way universal will launch any kind of comprehensive service like duet without digital rights management. Since real is taken, you're most likely talking about intertrust DRM+MP3 or microsoft DRM+WMA. I assure you, universal's stock holders won't allow them to do anything different.
I thought the internet bubble had burst. How can mp3.com possibly be worth $372 Million?
Well, I'm no stock analyst, but I worked in the industry and might have a few insights into what mp3.com has that might be valuable.
First is their cash position. You can check out MP3.COM's 01Q1 10Q right here. They have about 90 million in cash right as of april 1st. They also have about 40 million in pre-paid multimedia licenses to the labels. They count total assets of US $190m.
Second would be their network. Networks for serving massive amounts of high bandwdith content are difficult to build, and are valued highly by wall street and investment bankers. The process of building one from scratch is difficult, and very time consuming. Not to mention the value of having done it for some time, having worked out the kinks, monitoring systems, staffing, etc.
Third would be software innovation. Universal recently paid millions of dollars to www.com for the farmclub jukebox project. It was lame. MP3, while perhaps not the best at what they do, has consistently developed and rolled out products that push the industry. A record of performance in software development can be worth a lot.
Forth might be elimination of competitition. With the.com crash, mp3.com may be one of the only viable competitors left in the space. Real is locked up, microsoft has been convinced to stay out of the market for the time being. Eliminating competition is never a bad idea.
So I don't know if they are worth $372m, but of course, that's essentially the going price. I doubt they're too worried about either the brand or the existing application. I doesn't make sense to value them on users as one would assume duet will bring it's own users.
I hate to be a naysayer, but I'm not sure what you could hope to measure with such a thing. Consider this:
Sendmail 8.2.2: If I ran a mail server using only this program and no other ports open, I had a 100% secure system until some time in january '01. I'm not sure how long the software had been out, but let's say it was a year. So I run for a year, which gives me 1 year MTBF for the first instance. Then as the TSIG exploit came out, I would have been rooted. Now, does this mean I'd then have another year before i was rooted again? Of course not. If I didn't patch the system I would have been broken into the next day, the day after that, etc. up until the lion worm where i would have been broken into many times a day.
So is there any way to develop a meaningful statistic about all of that? I don't think so. Software is either broken or not, based on what exploits are available, and doesn't break on a regular basis letting a single script kiddie in once every 60,000 hours.
I've read a lot of posts here questioning who would use such a service, how it'll be cracked, etc.
My friends, you are missing the point
The big five are not interested in online distribution, and will do everything they can to impede it's process. You've seen this for years. The lawsuits against mp3.com, the locking out of online music companies that had a desire to produce for pay music service working with the labels.
The labels have a very specific agenda. Preserve their very high margin compact disc sales at an ASP of $12-$15. As the digital music revolution has unfolded, the labels knew all along that steadfast refusal to do anything was causing problems. So they invested in companies they didn't want to succeed, and produced trial products that were intentionally poor user experiences. They have intentionally allowed the SDMI spec, once heralded as the way the big five would play online, to wither and die with little direction.
This is not incompetance. Say what you will about rhe big five but you don't become billion dollar companies without the abilility to execute on a plan. While perfection may not have been possible, certainly something was... to date they have allowed years of delays in delivering a reasonable spec... all the while leading partners on by the nose, confusing them and keeping them from working on competing solutions.
Fast forward to 2001, you have Hatch on the hill talking about compulsory licenses for on demand systems. Hatch and other know very well there are at least a half a dozen such solutions complete and backed by well funded partners. The only thing all of these lack are the licenses, which they aren't getting come hell or high water. It was said on the hill, in essence, either you do it or we'll let them do it for you.
So the answer? Launch a pair of mediocre services that don't cross-license and essentially produce a failure. Throw in a couple of launch delays, a relauch, and at least a year to declare them total failures. Tah-dah they've just bought themselves at least two more years of unconteseted cd sales.
so essentially the story goes that roxio is using software and/or processes give to them by gracenote and for which they have been awarded a patent, and are now using it to access the free competition.
The patent is on how the hash is created from the cd. hases are made by using the number of tracks, track length and other available information, as audio cd's do not have a natural identifier like a UPC # that is computer readable.
Basically this is a weak patent and is unlikely to be enforceable. Folks like mp3.com and microsoft that use similar processes, but not the _exact_ same hash, are left alone. A user of the free service must provide the same has code as was originally generated by the cddb software, or there is no other (automated) way to do a match. So really the issue is that they use the same hases, as i understand it.
This may be incorrect in some way, as i wasn't goin to post as i'm not an expert, but it seems like there is a good deal of confusion over what the issue is. This is how i understand it.
With all due respect, I think it's complicated because it's a complicated problem.
It might be ideal if you could make rules that would be followed. But the biggest issue i see with all the automated hacking and/or worms on the internet is that it simply swamps the human resources available. I get a bunch of legitimate intrusion attempts every day. I couldn't possibly report them all. And I guarantee the ISP's aren't anywhere close to having enough people to respond to the problem. Even the low amount of email they get now goes unanswered unless the abuse is gross.
Default security will go a long way to fixing that. But with attacks against core services common (bind, iis, ftpd) that may be intentionally configured, default security is not the only answer. People need to patch boxes, there need to be patch servers, and I think any notion that using opt-in email and a web browser and a sysadmin typing 'aptget blah blah' is somehow a better secured system than a default alerting system is misguided. Just because it's the way we do it now doesn't make it infallible, as similar attacks (imagine if i replaced the SP2 binary at microsoft right now) could happen just as easy or easier right now.
Really you are using the same mechanisms right now, it's just harder to use.
Think about this:
alert system: email list
patch server: updates.redhat.com
PKI: pgp signature
key revocation: urgent email
patch application: download & run rpm -u
So... why not make it easier so that compliance goes from xx% to 95% ?
Well, I intentionally never suggested automatic patching. When I said semi-automated, I meant "check for new patches regularly, alert user, make it as easy as possible for user to install new patch, nag regularly when they don't".
While your opinion that security patches should be somewhat difficult to install to make the admin learn more about the system is a valid one, I think that it's pretty unrealistic. The ones who run open bsd, keep up with security patches and source patch the systems aren't the ones getting owned all over the place. It's the folks that don't know there is even a patch, or are too lazy to download it even in binary form that are causing 99% of the problems.
While I agree that no patch should be 100% automatically applied, I think the typical gloom and doom story about the patch box being owned is somewhat overblown. A very secure system can be arranged using public keys and key revocation, coupled with close monitoring of the patch box. Any serious OS vendor could manage this if they made it a real priority. As it is now, standard update methods are indeed less secure than this now.
Regardless of whether you agree with the implementation, I find it had to believe you truly think that patching security holes should be a hard job. It needs to be made as easy as possible, so that you get the closest to 100% usage as possible. Right now you get nothing like that.
I really can't stand behind the release of that kind of worm... While it's entertaining, and certainly well-intentioned... I just can't condone worm proliferation.
You know what would be great though, and be essentially the same code? Something that listened to your firewall logs, detected worms that scanned you, and then went out to their hosts and basically ran it's course, disabling the other worm and closing security holes. But not leaving code to proliferate itself.
I know this would be no different legally, but I would sure feel 100% better about it. How poetic is it to detect a scan and then hack in to shut it down to keep it from scanning anymore. Without any scanning yourself.
I see a lot of tacid support for this worm here. Really, it's not surprising to see. Earlier linux worms have started the practice of patching the holes, if for no other reason than to make sure they have full reign on the box and won't be stepped on by the next leet worm to come along.
I know the author had semi-good intents, but the effort is really mis-guided. Worm proliferation has become significant in the last year (really, six months). A number of effective worms are out there that target both linux and windows. Watching my firewall logs on a variety of hosts (cable, and several colo ISPs) show that the number of intrusion attempts (or at leasts scans, but 90+% of this has to be worm traffic) has increased for me by a factor of 10 since the 1st of the year.
This kind of traffic, whether good or bad intentioned, adds to network congestion, makes running an IDS challenging at best, and has made the ISP's effectively throw their hands up at having any kind of enforcement about hacking attempts. I don't know if anyone has tried reporting the sources of intrusions to their ISP's, but such reports now fall on dead ears almost all the time. Plus, it decreses the S/N ratio on the network security wise considerably. It is much harder to back-track or IDS post-mortum a REAL threat/attack with all of these other attacks going on at the same time. While worms may pose a minimal threat as far as their attack sophistication, a skillfill hacker can use all this worm traffic as an effective cloak.
Even though you can argue that it's all relatively low traffic, that you need a good firewall, and that IDS should only be run inside those firewalls, you still have the possibility of serious network problems of the horizon. It's not un-thinkable that in the near future a large percentage of linux boxes will have multiple worms, exploiting multiple vulnerabilities all running and infecting other boxes. The fallout from this could be severe. Throw in a few anti-worms, and a few bugs caused by the interactions of it all, and could have a real hellstorm, quietly building now. Surely people remember the morris worm in '89? While bandwidth was more easily swampable at that point, we are perhaps only a few years away from waking up to that kind of destruction one morning.
The only real answer is for us to forceably demand that OS vendors become much more diligent about security. If I was a national government I would truly consider this a serious threat to my infrastructure. While OS vendors have become more responsible across the board, we need to shoot for a higher bar. OS vendors need to provide very paranoid installations as default, with software firewalls enabled. The user should have to be asked for each service to be enabled. 100% available services such as ICMP echo should be required to be sandboxed or stack protected. OS's need to provide as a default security update monitoring, and easy, semi-automatic processes for installing new security related patches quickly, even if the admin is prone to do nothing. Nag the hell out of them to update. I would even argue that services with secuiryt holes should be automatically disabled by the OS, forcing the user to either update the service or manually restart the service essentially accepting the liability fo acting like a moron.
I'm sure a lot of you will think I have an overly extreme opinion, and that things are mostly fine. I can't argue that I think the situation is out of control now. But with our infrastructure as vulnerable as it is right now, it will only take one or two really good worms to show everyone how it should be done. The only thing that has really saved us so far is the fact that no one has done it... It is easily accomplishable.
So because all of the development expenses are business expenses to start, there is no further means of tax relief? What happens in a situation where a company makes a product for profit and then donates some of those products to charity? Is there no tax advantage in that case?
It was who I was thinking of. I avoided the name because I didn't want to pull any "I hate richard stallamn" posts. Because you could easily have more than one of these... personalities wouldn't be the issue.
Thanks for the link. The article references this part of the tax code which is "Credit for Increasing Research Activities".
While that is certainly interesting as well, I would think a situation where the copyright was transferred to a non-profit as a charitable gift might be a clearer case. Anyone know?
An organization that specialized in such a thing might be able to provide industry analysts and consultants that could help value the properties and provide third-party testimony during audits.
If a company were to donate their source code to a non-profit organization that acted as kind of a clearing house for open source projects, is it possible that some or part of the development costs could be written off once the result was donated to the non-profit?
While Eazel might not be the best example of the power this could have, as it has already provided the code open sourced and likely doesn't have much tax liability at all... Imagine a closed source project that never sees the light of day and ends up in a bit warehouse somewhere. I am the investors in many of these failed tech companies wouldn't think twice about assigning the IP rights to get something back after everything blew up.
The irman is an example of a serial port dongle that understands RF remotes. Plenty of people make them, and they are quite common among people using full computers in their cars or PC/TV setups.
As far as the LCD & GPS, both are commonly done. You'll find a wealth of resources at mp3car especially on the bulletin boards. They are an excellent resource for finding the best LCD screen.
links for the href weary:
http://www.evation.com/irman/
http://www.mp3car.com/
Slashdot Mirror
nice world view
I owned a Phillips DVX-8000 which was one of their last attempts to bring some of the pc world to the stereo cabinet.
The DVX-8000 was a high quality onkyo receiver coupled with a built in pentium 233 (modern at the time) and PC DVD player and line doubler. This system cost about $5000 new in 97 but quickly got dumped by phillips because it was a disaster. Custom software that never worked right, no upgrade path, custom hardware that broke, no vision for the future. They never bothered with any real software updates (it was never even able to run windows 98) and was so laden down with custom hardware including the video system that there was really nothing an end user could do. Once the units were out of warrenty thats the last phillips ever touched one leaving all of their owners stranded.
This new phillips system seems novel but i would never consider buying one considering what a poor track record they have with their other 'experiments'
thats what dad said huh?
I wonder what the deal is with the record being available for purchase? I just paid $12 for it at the record store that was linked to for the cd info. So can you sell this stuff or not? or is the record store in question essentially selling a bootleg? They are even signed by the guy who made it, i dunno.
I should note that it would be easy to use such a database to detect pure pirates... ie people pressing exact duplicates of commercial albums. But the article is about a recycled beats record, something made presumably by tens of thousands of samples put together. Certainly not going to match in gracenote, unless it was a random false match which does happen.
As a lot of readers probably know gracenote uses simple metrics about the length of the songs and their position on the cd to check a database to find likely matches. Gracenote maintains nothing of the sort of a waveform database.
While i believe there is/was at least one startup that was working to match music using a beats & tone analysis method that could match to songs that had been shifted or obscured in some way, i'm not sure this technology has ever been in real use.
The idea that there is some huge waveform database that cd pressing plants now use is pretty suspicious. I think working in the industry i would have heard about it, even if it was kept secret the storage capacity and processing needs would be astronomical. 11,000 albums heavily compressed to 160kbps still takes approximately 600gb, I understand that the amount of in print US albums is somewhere between 200,000 - 300,000 and more like 600,000 for world releases (in print only). Searching through a collection like that would easily take days or weeks depending on how small a segment you were trying to match
tkcPlayer 1.5.0-18 Price: $9.95 - the first Ogg player for the Zaurus. (09/15/02)
:o
Reef War Price: $9.95 - Battleships (09/15/02)
IslandReversi Price: $9.95 - the classic board game for the beach! (09/15/02)
No wonder linux is a clear choice for pda's
This Just In...
.com age. Global economies that lessen the spread between the haves and the have nots.
IMF endorses Everquest as economic development platform for emerging nations.
Think about it. MMORPG's have succeeded in creating one of the only virtual economic systems that has established trade & currency rates against the world's established economies.
You could take a computer and satellite net access nearly anywhere, teach someone who currently makes US $0.35 a day how to play the game, and make back the investment of computer and net access withing a few months. After that, an adapted player might be able to make $2/hr-$100/hr. Most of these sales might not support an american in the lifestyle they have become accustomed to, but nearly all of these reported bounties might go a long way towards (as mentioned) funding a college tuition or even the development of a whole community.
It might be far fetched, but it also might be the leading edge of some of the things the net promised and never delivered in the
Since I'm way out on a ledge predicting things that will probably never happen let me continue.
2004: After launching a mostly unsuccessful MMORPG company XYZCorp slowly begins selling rare items via ebay on the sly. Discovered and villified by the press and fans, this company's game is soon abandoned. However, it plants the seed in a few heads.
2007: Company ABCCorp launches an MMORPG that includes various features, items and abilities that can be augmented by paying ABCCorp directly.
2013: A "lottery" MMORPG is created that includes a complex form of gambling that involves paying for the opportunity to enter areas, receive quests and conduct raids. HAlf of this money is returned to the game in the form of prize pools that reward the luckiest and most dedicated players with cash prizes for completing very hard tests & adventures. Incredible feats and new discoveries could pay out "lottery" style winning of tens of thousands of dollars.
sleeper
(OK, I am putting down the crack pipe now)
That's what people here seem to be saying. Good schools, good times, low taxes, and whatever your "pet issue" is.
I think the question asker really has the bulk of the work already done in identifying some of the semi-unique techie draws, but how can you really accomplish them? A town itself usually has little to do with whether or not they become an artistic mecca or some of the other draws, and in many examples the tech would later push out thye artists or many of the other appeals of a city.
What can a city government realistically do to attract a technology economy? Well, probably it's bring the jobs there.
I live in san francisco and boulder, and silicon valley really has little current native appeal. At one point the area may have been beautiful, unique, and full of the arts. Now it is sprawling, close to the same as every other major sprawl and has pushed a majority of it's artists out of town or out of the state.
But if you work in tech silicon valley is still (or maybe was until recently) the golden fleece for high-end jobs, plenty of possibilities, and the chance to work on stuff like you have nowhere else. That's really because of the employers in the area. Take them all and move them to anchorage and I would most likely move there as much as i hate to admit it.
Boulder county is well on it's way to getting it's tech community that it decided it wanted (and trying to ruin itself oalong the way, but hell thats how it goes). The reason? They give fat, fat tax incentives to large nationals and multinationals that want to move portions of their operation there.
I mean, is there really any other way it's ever worked? I can't imagine that you could get all the workers to move there before the jobs came. In this case the chicken certainly comes first.
it uses a dual LNB system and yes the direcTivo is itself a direcTV receiver, you replace your existing one and swap the cards when you purchase it. It doesn't work with dish.
It's really unlikely. Like 100% unlikely. It makes a lot of sense retaining the existing features of services you buy (especially those that aren't any kind of threat... emusic) especially while the hill is watching closely.
Bu there's no way universal will launch any kind of comprehensive service like duet without digital rights management. Since real is taken, you're most likely talking about intertrust DRM+MP3 or microsoft DRM+WMA. I assure you, universal's stock holders won't allow them to do anything different.
Well, I'm no stock analyst, but I worked in the industry and might have a few insights into what mp3.com has that might be valuable.
First is their cash position. You can check out MP3.COM's 01Q1 10Q right here. They have about 90 million in cash right as of april 1st. They also have about 40 million in pre-paid multimedia licenses to the labels. They count total assets of US $190m.
Second would be their network. Networks for serving massive amounts of high bandwdith content are difficult to build, and are valued highly by wall street and investment bankers. The process of building one from scratch is difficult, and very time consuming. Not to mention the value of having done it for some time, having worked out the kinks, monitoring systems, staffing, etc.
Third would be software innovation. Universal recently paid millions of dollars to www.com for the farmclub jukebox project. It was lame. MP3, while perhaps not the best at what they do, has consistently developed and rolled out products that push the industry. A record of performance in software development can be worth a lot.
Forth might be elimination of competitition. With the .com crash, mp3.com may be one of the only viable competitors left in the space. Real is locked up, microsoft has been convinced to stay out of the market for the time being. Eliminating competition is never a bad idea.
So I don't know if they are worth $372m, but of course, that's essentially the going price. I doubt they're too worried about either the brand or the existing application. I doesn't make sense to value them on users as one would assume duet will bring it's own users.
Just my $0.02.
oops i meant bind not sendmail =P
Sendmail 8.2.2: If I ran a mail server using only this program and no other ports open, I had a 100% secure system until some time in january '01. I'm not sure how long the software had been out, but let's say it was a year. So I run for a year, which gives me 1 year MTBF for the first instance. Then as the TSIG exploit came out, I would have been rooted. Now, does this mean I'd then have another year before i was rooted again? Of course not. If I didn't patch the system I would have been broken into the next day, the day after that, etc. up until the lion worm where i would have been broken into many times a day.
So is there any way to develop a meaningful statistic about all of that? I don't think so. Software is either broken or not, based on what exploits are available, and doesn't break on a regular basis letting a single script kiddie in once every 60,000 hours.
My friends, you are missing the point
The big five are not interested in online distribution, and will do everything they can to impede it's process. You've seen this for years. The lawsuits against mp3.com, the locking out of online music companies that had a desire to produce for pay music service working with the labels.
The labels have a very specific agenda. Preserve their very high margin compact disc sales at an ASP of $12-$15. As the digital music revolution has unfolded, the labels knew all along that steadfast refusal to do anything was causing problems. So they invested in companies they didn't want to succeed, and produced trial products that were intentionally poor user experiences. They have intentionally allowed the SDMI spec, once heralded as the way the big five would play online, to wither and die with little direction.
This is not incompetance. Say what you will about rhe big five but you don't become billion dollar companies without the abilility to execute on a plan. While perfection may not have been possible, certainly something was... to date they have allowed years of delays in delivering a reasonable spec... all the while leading partners on by the nose, confusing them and keeping them from working on competing solutions.
Fast forward to 2001, you have Hatch on the hill talking about compulsory licenses for on demand systems. Hatch and other know very well there are at least a half a dozen such solutions complete and backed by well funded partners. The only thing all of these lack are the licenses, which they aren't getting come hell or high water. It was said on the hill, in essence, either you do it or we'll let them do it for you.
So the answer? Launch a pair of mediocre services that don't cross-license and essentially produce a failure. Throw in a couple of launch delays, a relauch, and at least a year to declare them total failures. Tah-dah they've just bought themselves at least two more years of unconteseted cd sales.
And that, brothers, is the cold hard truth.
The patent is on how the hash is created from the cd. hases are made by using the number of tracks, track length and other available information, as audio cd's do not have a natural identifier like a UPC # that is computer readable.
Basically this is a weak patent and is unlikely to be enforceable. Folks like mp3.com and microsoft that use similar processes, but not the _exact_ same hash, are left alone. A user of the free service must provide the same has code as was originally generated by the cddb software, or there is no other (automated) way to do a match. So really the issue is that they use the same hases, as i understand it.
This may be incorrect in some way, as i wasn't goin to post as i'm not an expert, but it seems like there is a good deal of confusion over what the issue is. This is how i understand it.
It might be ideal if you could make rules that would be followed. But the biggest issue i see with all the automated hacking and/or worms on the internet is that it simply swamps the human resources available. I get a bunch of legitimate intrusion attempts every day. I couldn't possibly report them all. And I guarantee the ISP's aren't anywhere close to having enough people to respond to the problem. Even the low amount of email they get now goes unanswered unless the abuse is gross.
Default security will go a long way to fixing that. But with attacks against core services common (bind, iis, ftpd) that may be intentionally configured, default security is not the only answer. People need to patch boxes, there need to be patch servers, and I think any notion that using opt-in email and a web browser and a sysadmin typing 'aptget blah blah' is somehow a better secured system than a default alerting system is misguided. Just because it's the way we do it now doesn't make it infallible, as similar attacks (imagine if i replaced the SP2 binary at microsoft right now) could happen just as easy or easier right now.
Really you are using the same mechanisms right now, it's just harder to use.
Think about this:
alert system: email list
patch server: updates.redhat.com
PKI: pgp signature
key revocation: urgent email
patch application: download & run rpm -u
So... why not make it easier so that compliance goes from xx% to 95% ?
While your opinion that security patches should be somewhat difficult to install to make the admin learn more about the system is a valid one, I think that it's pretty unrealistic. The ones who run open bsd, keep up with security patches and source patch the systems aren't the ones getting owned all over the place. It's the folks that don't know there is even a patch, or are too lazy to download it even in binary form that are causing 99% of the problems.
While I agree that no patch should be 100% automatically applied, I think the typical gloom and doom story about the patch box being owned is somewhat overblown. A very secure system can be arranged using public keys and key revocation, coupled with close monitoring of the patch box. Any serious OS vendor could manage this if they made it a real priority. As it is now, standard update methods are indeed less secure than this now.
Regardless of whether you agree with the implementation, I find it had to believe you truly think that patching security holes should be a hard job. It needs to be made as easy as possible, so that you get the closest to 100% usage as possible. Right now you get nothing like that.
You know what would be great though, and be essentially the same code? Something that listened to your firewall logs, detected worms that scanned you, and then went out to their hosts and basically ran it's course, disabling the other worm and closing security holes. But not leaving code to proliferate itself.
I know this would be no different legally, but I would sure feel 100% better about it. How poetic is it to detect a scan and then hack in to shut it down to keep it from scanning anymore. Without any scanning yourself.
Any takers on a modified cheese worm?
I know the author had semi-good intents, but the effort is really mis-guided. Worm proliferation has become significant in the last year (really, six months). A number of effective worms are out there that target both linux and windows. Watching my firewall logs on a variety of hosts (cable, and several colo ISPs) show that the number of intrusion attempts (or at leasts scans, but 90+% of this has to be worm traffic) has increased for me by a factor of 10 since the 1st of the year.
This kind of traffic, whether good or bad intentioned, adds to network congestion, makes running an IDS challenging at best, and has made the ISP's effectively throw their hands up at having any kind of enforcement about hacking attempts. I don't know if anyone has tried reporting the sources of intrusions to their ISP's, but such reports now fall on dead ears almost all the time. Plus, it decreses the S/N ratio on the network security wise considerably. It is much harder to back-track or IDS post-mortum a REAL threat/attack with all of these other attacks going on at the same time. While worms may pose a minimal threat as far as their attack sophistication, a skillfill hacker can use all this worm traffic as an effective cloak.
Even though you can argue that it's all relatively low traffic, that you need a good firewall, and that IDS should only be run inside those firewalls, you still have the possibility of serious network problems of the horizon. It's not un-thinkable that in the near future a large percentage of linux boxes will have multiple worms, exploiting multiple vulnerabilities all running and infecting other boxes. The fallout from this could be severe. Throw in a few anti-worms, and a few bugs caused by the interactions of it all, and could have a real hellstorm, quietly building now. Surely people remember the morris worm in '89? While bandwidth was more easily swampable at that point, we are perhaps only a few years away from waking up to that kind of destruction one morning.
The only real answer is for us to forceably demand that OS vendors become much more diligent about security. If I was a national government I would truly consider this a serious threat to my infrastructure. While OS vendors have become more responsible across the board, we need to shoot for a higher bar. OS vendors need to provide very paranoid installations as default, with software firewalls enabled. The user should have to be asked for each service to be enabled. 100% available services such as ICMP echo should be required to be sandboxed or stack protected. OS's need to provide as a default security update monitoring, and easy, semi-automatic processes for installing new security related patches quickly, even if the admin is prone to do nothing. Nag the hell out of them to update. I would even argue that services with secuiryt holes should be automatically disabled by the OS, forcing the user to either update the service or manually restart the service essentially accepting the liability fo acting like a moron.
I'm sure a lot of you will think I have an overly extreme opinion, and that things are mostly fine. I can't argue that I think the situation is out of control now. But with our infrastructure as vulnerable as it is right now, it will only take one or two really good worms to show everyone how it should be done. The only thing that has really saved us so far is the fact that no one has done it... It is easily accomplishable.
So because all of the development expenses are business expenses to start, there is no further means of tax relief? What happens in a situation where a company makes a product for profit and then donates some of those products to charity? Is there no tax advantage in that case?
It was who I was thinking of. I avoided the name because I didn't want to pull any "I hate richard stallamn" posts. Because you could easily have more than one of these... personalities wouldn't be the issue.
While that is certainly interesting as well, I would think a situation where the copyright was transferred to a non-profit as a charitable gift might be a clearer case. Anyone know?
An organization that specialized in such a thing might be able to provide industry analysts and consultants that could help value the properties and provide third-party testimony during audits.
If a company were to donate their source code to a non-profit organization that acted as kind of a clearing house for open source projects, is it possible that some or part of the development costs could be written off once the result was donated to the non-profit?
While Eazel might not be the best example of the power this could have, as it has already provided the code open sourced and likely doesn't have much tax liability at all... Imagine a closed source project that never sees the light of day and ends up in a bit warehouse somewhere. I am the investors in many of these failed tech companies wouldn't think twice about assigning the IP rights to get something back after everything blew up.
As far as the LCD & GPS, both are commonly done. You'll find a wealth of resources at mp3car especially on the bulletin boards. They are an excellent resource for finding the best LCD screen.
links for the href weary:
http://www.evation.com/irman/
http://www.mp3car.com/