People don't consider it an "interruption" they expect that window to appear and if it doesn't it's not acceptable.
Well, I consider it an interruption. Am I not part of the people?
The problem is that there is a gap between when I insert the device and when the OS is ready. I like to be able to do something in this time, not just sit there waiting for my computer to spit the silly notification.
I agree with the grandparent that I would prefer a less intrusive behavior (something appearing in the notification area).
What is interesting is that, from a business perspective, there is no need for Harmony to be fully compliant with Sun's closed Java standards. The route to divergence is...
I think that full compliance is important. There's a world of difference between getting people to use a new VM for an existing language, and proposing a new language.
If Harmony is a fork of Java, then I want nothing to do with it.
I think we can look at computer games: they have been fighting DRM longer than music has. Initially, no game was protected. Now, some games can be copied trivially (i.e. no DRM), many are protected to the extreme (require the CD to start, or even require an internet connection to start(!)). And yet, hacked versions of the games are easily available. This is similar to your scenario no 2.
And what happens? Most people buy games (possibly because we feel the makers of the game deserve our money), and the industry is still very alive and prosperous.
So my prediction would be that music will go the way of the video games: lots of yucky DRM and there will still be freeloaders, but not enough to entirely trash the system.
I can't say I'm happy with the current state of video games protection, because none of the non-independent games I bought will work once their CD gets scratched. I cannot make backup copies.
Maybe we'll see more independent work? That's certainly happening these days with video games.
Both Doctorow's and Stross's work are released under the Creative Commons license. They are explained here. There are several variants, but they only differ in what you can or cannot do to redistribute the work. As far as what you do in the privacy of your own home, they are all the same: they say that you can do whatever you want with the work. And, yes, that includes printing. It's also OK for others to print it for you, even if they charge you for the privilege.
I know it's bad form to reply to my own post, but after some more thinking it seems that you are right: we can edit the documents, and the edits don't even need to match. That's because the two documents are put together anyways in the attack.
I tried it. It works. That's pretty cool, and slightly scary too!
So, yes, they basically published an "exploit" as we'd say.
All you need to do is download the two postscript documents and do *exactly corresponding edits* in both of them, and you get two documents saying different things and still have the same md5sums!
No. The whole point of hashing that it is extremely difficult to figure out what *exactly corresponding edits* are, so the provided exploit documents cannot be edited. This is why these two postscript files are noteworthy: they are different, yet they hash to the same thing. Since the two postscripts are different, changing the same letter in both will NOT result in the same hash.
You still have to use the attack from Wang and Yu [WY05], so having these postscript files makes no difference to an attacker. Unless he happens to deal with Alice and Caesar, of course.
This particular sail is not expected to escape from earth. From the article: " It is possible that by this time the spacecraft will have risen to a high enough orbit that it will remain there, forever orbiting the Earth. It is more likely, however, that the orbit will slowly decay, and Cosmos 1 will end its days as a fireball in the Earth's atmosphere."
That's because the material of the sails is not very resistant and will break after about a month. I suppose that a stronger sail could eventually reach the edge of the solar system, but someone else will have to fill us in on how long that would take.
Ah, but a lot of "free" content is either GPL (for code) or Creative Commons (for everything else), both of which rely on copyrights to work. Everything that is created automatically has a copyright (in the US and Europe, at least).
Your are right though, there is also some out-of-copyright materials. Not very many unfortunately, with copyright duration being 95 years and growing. How many TV shows were produced 95 years ago?
Come on guys, bittorrent is not limited to illegally sharing copyrighted materials for evil (which movies companies hate) or for good (which obscure anime companies love).
There is also this large world of legally sharing copyrighted content, like linux ISO or actually free radio or TV shows.
And this leads us to the solution to this thread's initial question, which was: "since a nuclear battery provides power all the time, even when the gizmo is not in use, wouldn't that mean that my powered-off gizmo will get very hot in my pocket?"
The trick is to connect the "nuclear battery" to a traditional battery, which will store the energy when the gizmo is turned off. Of course we can still run into heat issues when the gizmo is turned off for too long (connect it to your house, use it to warm water?).
Turns out this is similar to the idea of trickle-charge I remember reading somewhere. The point is to connect a weak kind of "nuclear battery" to a regular battery. If this is connected to a gizmo that is off most of the time (say, a cell phone) then with a bit of luck the nuclear part may charge the conventional battery during the night, enough for normal use in the day. The result: a cell phone that you never have to charge. Amazing! But the technology is not quite there yet.
When there is no drain on the battery, it will power a small motor to use up some energy.
That wouldn't work, because the energy of the spinning motor would then be dissipated into heat. Even if you had a frictionless motor, you get heat when you stop the motor.
Unless, of course, you only slow down the wheel when you need the energy, and then you slow it down in a way that gives you electric power back. That could work, but if you don't use your PDA for a week, that wheel will end up spinning very fast!
The Neuromancer is a great book. Another read that I really enjoyed and happens to be exactly on topic is "Permutation City" by Greg Egan. I'm posting a non-affiliate Amazon link below.
"The good news is that you have just awakened into Eternal Life. You are going to live forever. Immortality is a reality. A medical miracle? Not exactly.
The bad news is that you are a scrap of electronic code. The world you see around you, the you that is seeing it, has been digitized, scanned, and downloaded into a virtual reality program. You are a Copy that knows it is a copy.
The good news is that there is a way out. By law, every Copy has the option of terminating itself, and waking up to normal flesh-and-blood life again. The bail-out is on the utilities menu. You pull it down...
The bad news is that it doesn't work. Someone has blocked the bail-out option. And you know who did it. You did. The other you. The real you. The one that wants to keep you here forever. "
There are also reviews available. And, no, I have no relation to the author or publisher or whatever.
I want to see a JVM for PocketPC. That's a pretty glaring omission for the "write once-run anywhere"..
Well, let's see... OK, so what you're asking for is that Sun should write a standard for a slimmed-down version of Java, just for PDAs? Say, we could call it Java 2 Micro Edition? And maybe you'd want that standard to be implemented
on PocketPC machines?
If you want something in between, there's also PersonalJava. It has more features than J2ME, but fewer than a full java. It's nearing end of life though, I'm not sure what will come out to replace it.
There are JVMs for PDAs and cell phones and yes, PocketPC too. They are a very good way of getting your software to run on many portable devices. The only downside is that your code will run slower than something hand-crafted for a particular type of device.
You say: Of course a knowledgable user can tell if they have been infected with a virus or spyware!
Certainly. The last time I was infected (stoned? jerusalem? I don't remember). I could totally tell that I was infected. I mean, who could possibly miss the extra 25 cycles it took to start a program? And the extra 2k of RAM that had gone away?
That was a while ago, but I believe that there is still malware today (botnets come to mind) that are designed to not be visible. And it is certainly possible to write software that remains nicely hidden.
So unless you're running tripwire from a clean boot CD or something equivalent, I really don't think it's a matter of course that you can tell whether you're infected. Just because many trojans are badly done does not mean that all are.
It looks like we found the root of the problem. You're looking at technology that's widely available today and say "all that was invented 20 years ago, there's nothing new going on".
The problem is that it takes 20 years for many fundamental advances to make it into mainstream. So the fundamental research that you claim is not happening? You'll see it in 20 years, when it will be mainstream.
Yeah that's right, nothing came out of CS research in the last 20 years, everything's been already invented. To take just one example, this whole web thing of the 90s should not count for anything. CS research is worthless, real progress comes from companies like Google or Akamai. Oh wait... both came to us straight from the university (Stanford and MIT, respectively).
The compartmentalization you're talking about is actually in development now. See the Nooks project at http://nooks.cs.washington.edu/
they have code there that you can download for Linux, which allow your kernel to survive a driver crash.
I think it's really nice how Linux, by making the code accessible, allows smart people to improve it in ways that were not originally in the plan.
You hope. If they can crack DNS then they can crack Verisign or whoever to get a "valid" certificate. A well coordinated attack with a bit of planning could wipe the accounts of millions.
Well, actually the keys that are used to sign the certificates are not stored on internet-accessible machines, so cracking into Verisign would do no good. These keys are split into sub-keys such that you need all the sub-keys to sign a certificate. Also, these subkeys are stored on a physical medium (not connected to a general-purpose computer, let alone the internet) that has very good physical security.
So yes, stealing Verisign's private keys would enable a cracker to do significant damage. Verisign is however also one of the hardest targets you could pick, so I think that crackers are more likely to focus on easier targets.
Slashdot Mirror
People don't consider it an "interruption" they expect that window to appear and if it doesn't it's not acceptable.
Well, I consider it an interruption. Am I not part of the people?
The problem is that there is a gap between when I insert the device and when the OS is ready. I like to be able to do something in this time, not just sit there waiting for my computer to spit the silly notification.
I agree with the grandparent that I would prefer a less intrusive behavior (something appearing in the notification area).
What is interesting is that, from a business perspective, there is no need for Harmony to be fully compliant with Sun's closed Java standards. The route to divergence is...
I think that full compliance is important. There's a world of difference between getting people to use a new VM for an existing language, and proposing a new language.
If Harmony is a fork of Java, then I want nothing to do with it.
This suggests a very reasonable business model for musicians if no other IP authors. Hmm...
Online concerts! Genius!
I think you're onto something.
I think we can look at computer games: they have been fighting DRM longer than music has. Initially, no game was protected. Now, some games can be copied trivially (i.e. no DRM), many are protected to the extreme (require the CD to start, or even require an internet connection to start(!)). And yet, hacked versions of the games are easily available. This is similar to your scenario no 2.
And what happens? Most people buy games (possibly because we feel the makers of the game deserve our money), and the industry is still very alive and prosperous.
So my prediction would be that music will go the way of the video games: lots of yucky DRM and there will still be freeloaders, but not enough to entirely trash the system.
I can't say I'm happy with the current state of video games protection, because none of the non-independent games I bought will work once their CD gets scratched. I cannot make backup copies.
Maybe we'll see more independent work? That's certainly happening these days with video games.
Yes, you can print them.
Both Doctorow's and Stross's work are released under the Creative Commons license. They are explained here. There are several variants, but they only differ in what you can or cannot do to redistribute the work. As far as what you do in the privacy of your own home, they are all the same: they say that you can do whatever you want with the work. And, yes, that includes printing. It's also OK for others to print it for you, even if they charge you for the privilege.
I don't see it in the comments yet, so I'll say it myself: thank you Cory Doctorow and Charles Stross!
Another game I really liked (and it works in Linux, too) is gate 88. It's a space shooter (single- or multiplayer) with RTS elements thrown in.
I'm with Dunbar on this one. Because he has a point, and because he explains his point instead of attacking your character.
I stopped reading at the first line of your post, so I don't know if that proves or disproves your point.
I know it's bad form to reply to my own post, but after some more thinking it seems that you are right: we can edit the documents, and the edits don't even need to match. That's because the two documents are put together anyways in the attack.
I tried it. It works. That's pretty cool, and slightly scary too!
So, yes, they basically published an "exploit" as we'd say.
All you need to do is download the two postscript documents and do *exactly corresponding edits* in both of them, and you get two documents saying different things and still have the same md5sums!
No. The whole point of hashing that it is extremely difficult to figure out what *exactly corresponding edits* are, so the provided exploit documents cannot be edited. This is why these two postscript files are noteworthy: they are different, yet they hash to the same thing. Since the two postscripts are different, changing the same letter in both will NOT result in the same hash.
You still have to use the attack from Wang and Yu [WY05], so having these postscript files makes no difference to an attacker. Unless he happens to deal with Alice and Caesar, of course.
This particular sail is not expected to escape from earth. From the article: " It is possible that by this time the spacecraft will have risen to a high enough orbit that it will remain there, forever orbiting the Earth. It is more likely, however, that the orbit will slowly decay, and Cosmos 1 will end its days as a fireball in the Earth's atmosphere."
That's because the material of the sails is not very resistant and will break after about a month. I suppose that a stronger sail could eventually reach the edge of the solar system, but someone else will have to fill us in on how long that would take.
Ah, but a lot of "free" content is either GPL (for code) or Creative Commons (for everything else), both of which rely on copyrights to work. Everything that is created automatically has a copyright (in the US and Europe, at least).
Your are right though, there is also some out-of-copyright materials. Not very many unfortunately, with copyright duration being 95 years and growing. How many TV shows were produced 95 years ago?
Come on guys, bittorrent is not limited to illegally sharing copyrighted materials for evil (which movies companies hate) or for good (which obscure anime companies love).
There is also this large world of legally sharing copyrighted content, like linux ISO or actually free radio or TV shows.
Good point, thanks.
And this leads us to the solution to this thread's initial question, which was: "since a nuclear battery provides power all the time, even when the gizmo is not in use, wouldn't that mean that my powered-off gizmo will get very hot in my pocket?"
The trick is to connect the "nuclear battery" to a traditional battery, which will store the energy when the gizmo is turned off. Of course we can still run into heat issues when the gizmo is turned off for too long (connect it to your house, use it to warm water?).
Turns out this is similar to the idea of trickle-charge I remember reading somewhere. The point is to connect a weak kind of "nuclear battery" to a regular battery. If this is connected to a gizmo that is off most of the time (say, a cell phone) then with a bit of luck the nuclear part may charge the conventional battery during the night, enough for normal use in the day. The result: a cell phone that you never have to charge. Amazing! But the technology is not quite there yet.
When there is no drain on the battery, it will power a small motor to use up some energy.
That wouldn't work, because the energy of the spinning motor would then be dissipated into heat. Even if you had a frictionless motor, you get heat when you stop the motor.
Unless, of course, you only slow down the wheel when you need the energy, and then you slow it down in a way that gives you electric power back. That could work, but if you don't use your PDA for a week, that wheel will end up spinning very fast!
The Neuromancer is a great book. Another read that I really enjoyed and happens to be exactly on topic is "Permutation City" by Greg Egan. I'm posting a non-affiliate Amazon link below.
/ explore-items/-/006105481X/0/101/1/none/purchase/r ef%3Dpd_sxp_r0/102-8039472-0160938
http://www.amazon.com/exec/obidos/tg/sim-explorer
"The good news is that you have just awakened into Eternal Life. You are going to live forever. Immortality is a reality. A medical miracle? Not exactly.
The bad news is that you are a scrap of electronic code. The world you see around you, the you that is seeing it, has been digitized, scanned, and downloaded into a virtual reality program. You are a Copy that knows it is a copy.
The good news is that there is a way out. By law, every Copy has the option of terminating itself, and waking up to normal flesh-and-blood life again. The bail-out is on the utilities menu. You pull it down...
The bad news is that it doesn't work. Someone has blocked the bail-out option. And you know who did it. You did. The other you. The real you. The one that wants to keep you here forever. "
There are also reviews available. And, no, I have no relation to the author or publisher or whatever.
Well, let's see... OK, so what you're asking for is that Sun should write a standard for a slimmed-down version of Java, just for PDAs? Say, we could call it Java 2 Micro Edition? And maybe you'd want that standard to be implemented on PocketPC machines?
Wait, it gets better. You can also find a full java implementation (Java 1.3) for iPAQ.
If you want something in between, there's also PersonalJava. It has more features than J2ME, but fewer than a full java. It's nearing end of life though, I'm not sure what will come out to replace it.
There are JVMs for PDAs and cell phones and yes, PocketPC too. They are a very good way of getting your software to run on many portable devices. The only downside is that your code will run slower than something hand-crafted for a particular type of device.
wow.
Certainly. The last time I was infected (stoned? jerusalem? I don't remember). I could totally tell that I was infected. I mean, who could possibly miss the extra 25 cycles it took to start a program? And the extra 2k of RAM that had gone away?
That was a while ago, but I believe that there is still malware today (botnets come to mind) that are designed to not be visible. And it is certainly possible to write software that remains nicely hidden.
So unless you're running tripwire from a clean boot CD or something equivalent, I really don't think it's a matter of course that you can tell whether you're infected. Just because many trojans are badly done does not mean that all are.
well put. Mod parent up!
It looks like we found the root of the problem. You're looking at technology that's widely available today and say "all that was invented 20 years ago, there's nothing new going on".
The problem is that it takes 20 years for many fundamental advances to make it into mainstream. So the fundamental research that you claim is not happening? You'll see it in 20 years, when it will be mainstream.
Yeah that's right, nothing came out of CS research in the last 20 years, everything's been already invented. To take just one example, this whole web thing of the 90s should not count for anything. CS research is worthless, real progress comes from companies like Google or Akamai. Oh wait... both came to us straight from the university (Stanford and MIT, respectively).
I think it's really nice how Linux, by making the code accessible, allows smart people to improve it in ways that were not originally in the plan.
- You hope. If they can crack DNS then they can crack Verisign or whoever to get a "valid" certificate. A well coordinated attack with a bit of planning could wipe the accounts of millions.
Well, actually the keys that are used to sign the certificates are not stored on internet-accessible machines, so cracking into Verisign would do no good. These keys are split into sub-keys such that you need all the sub-keys to sign a certificate. Also, these subkeys are stored on a physical medium (not connected to a general-purpose computer, let alone the internet) that has very good physical security.So yes, stealing Verisign's private keys would enable a cracker to do significant damage. Verisign is however also one of the hardest targets you could pick, so I think that crackers are more likely to focus on easier targets.