The propulsion you need beyond LEO is very different
from the propulsion you need to get to LEO, anyway.
Once you reach LEO, you no longer have to worry
about generating >1G of thrust. That lets you use
all kinds of nifty, highly efficient, low-thrust,
long-term deep space propulsion systems that are
useless for a launch vehicle.
... and the vehicle itself can be designed for
pure space operation, which is a big win.
Any realistic system is going to use different mechanisms
above a certain level (probably just about LEO)
than it uses below it. The two problems are
naturally separate, they naturally need to be
solved separately, and the space elevator is a Really
Cool solution to one of them. It's just plain
fallacious to claim that a space elevator
hurts access above LEO; it makes such access
much easier.
... which I actually sort of do, then "informed
consent" is going to lead you to take the head
option anyway. It cools the brain faster and
more evenly, and lets the perfusion be managed
much better, reducing the probability of
information theoretic death, especially with
vitrification. Furthermore, storage is easier,
transport is easier, and security is easier,
increasing the chance that there'll still
be something to work from when and if
revival becomes possible.
Meanwhile, any technology that could plausibly
rebuild your brain after the damage from disease
or trauma, the ischemic damage, and the enormous
damage from cryopreservation itself, is pretty
clearly not going to have a lot of trouble
building you a new body. Probably a new body
that you won't be able to distinguish from
the original one.
Not to say that plenty of people won't
go for whole-body anyway, but I can't
say I believe they'll be doing it on the
basis of being
more "informed". They'll be doing it on
the basis of the same religious and sentimental
factors that make anybody else not donate organs.
The reality of the matter is that, while it
certainly would be possible for somebody to gag
a machine to evade all your wascally checksumming
tricks, they frequently don't do so. And when they
do it, there's the usual arms-race lag between
the time when a new method of checking comes out
and when they update their tools to evade it.
And there's a cost to them for each defense
they evade; if you want to avoid every defense
you ever hear of, you basically have to
roll your own rootkits, which is a huge time
investment.
And a kiddie who's out there collecting hundreds
of boxes has no particular incentive to
be anal about holding onto yours.
... and everybody makes mistakes. Yes, you're
right, looking at checksums gives you absolutely
no security against omniscient adversaries with
infinite resources. Luckily, real adversaries
are not omniscient and have limited resources.
Yes, you'll even miss some of the real
adversaries. You'll also catch some. Probably
a lot. Nothing is perfect. Deal with it.
I used to have a job where I was on call 24x7, for
some reasonably critical stuff. There'd usually
be a call a day; some days more, some
days none. Late-night calls were less common,
partly because the group of people who took
the calls was distributed around the planet.
However, there were calls at 3 AM
now and then.
Why did I accept that? Because there was a quid
pro quo. As long as I kept myself available for
those calls, and as long as I got a certain
amount of total work done on some other things,
my employer asked NO
QUESTIONS about where I was. I could go anywhere,
any time. I didn't even have to be in any
specific town.
Well, OK, I did have meetings
once or twice a week (on no fixed schedule),
but that was about it. If I was in my office,
it was because I wanted to be there at that
time.
No, I wasn't the only person who could handle
the calls. You need backup, always, because
there's always a chance that something will
keep you from taking a call. If we'd had
fixed shifts, we'd have had to have at least
two people chained to desks all the time,
covering each other. That's six people total,
instead of three people with each
taking point for her own time zone
and the other two backing her up.
By the way, I never, once permitted
my phone to
ring audibly in a movie theater. That's what
vibrate mode is for. Sit near a door, and you
can quietly and unobtrusively get outside in
plenty of time to take the call.
The arrangement had plenty of problems, many of
them
caused by my own failure to hire enough people
to keep up with expanding load. On the whole, though,
it worked. I can see the appeal
of having "my time" and "their time", but I also
know the appeal of being able to go home and
prune my roses if I feel like it.
When you are negotiating for the process, at least one sales person and probably a pre-sales consultant goes to your site and goes through the registration process multiple times. Some of the addresses they then ask to unsubscribe - if you spam them anyway there's a problem. They also go through your privacy policy to ensure compliance.
That's opt-out, not opt-in.
Look, folks, no matter how much marketing drones
would like to redefine it, the phrase
"opt in" has a meaning in the English language.
It means that the person took an affirmative
step to get on the list and get the mail.
It does not mean that they forgot to uncheck
a button on a Web form somewhere, or that
they signed up for something unrelated but were too
apathetic (or too paranoid) to ask to be
removed from the list when some huckster
started bothering them.
If the user has to take action to get off
the list, then it's not opt-in. If there's
a check box on a Web form somewhere, but
the default value is "yes, send the mail",
then that's not opt-in, either. For a list
to be "opt-in", the user must actually
request the mail. And that's not common.
There's an attitude out there that says people
should have to justify their access to information
about security... not just network security.
You hear a lot of bleating in the press about how
"just anybody" can get access to information about
how to do dangerous things, and how we (whoever
"we" are) need to clamp down on that in various
ways.
The problem with that attitude is that, to get
real security, you have to do things in a
secure way everywhere. That means
that everybody has to be thinking
in terms of security... and not only that, but
thinking in terms of things that will actually
help, rather than just giving a false sense
of security. That takes a certain mindset, and
the only way to develop that mindset is to
think about ways to break security, to see
examples of how security is broken, and to
see how existing security measures work, both
so you can improve them and so you can avoid
screwing them up.
If you restrict access to information, you end
up with only two sets of people who have
a clue:
A small group of overworked security
specialists. These people can't do it all,
and, if the rest of the world is poorly informed,
they won't be listened to. In addition, in
an environment where information is tightly
restricted, it's very difficult to recruit
and educate new security specialists.
The bad guys. Being more motivated than
the general population, the bad guys will
get most or all of the "restricted" information
through their own networks.
Security is everybody's problem, and that means
everybody has to understand it. When you release
information widely, you educate 100 good guys
for every bad guy. When you try to keep
everything secret, you hold the good guys back
more than the bad guys.
I'm not saying that there's never a reason to
keep anything secret, but there should be a
presumption in favor of openness. You should
try to keep something secret only when:
It describes the details of an actual
vulnerability that hasn't been fixed, and
provides information useful in exploiting
that vulnerability, AND
Having information about the vulnerability
would not, in itself, permit people to protect
themselves, AND
You're reasonably sure that large numbers
of bad guys don't already know about it. In
network security, large number of bad guys
will definitely find out about it within a
few months, if they haven't already found
it independently. That means that keeping
anything secret for a long time will never work.
In government, the sorts of things we need
to watch out for are:
Excessive classification. It would be nice
to see more legislative sunsets on
classification, and more requirements for
review of the decision to classify something.
Patent secrecy orders are especially suspect.
Programs where government information is
shared only with "trusted private sector
partners". Not only is this intrinsically bad,
but it encourages cronyism and corruption,
and can create economic problems by raising
barriers to entry in security-related
industries.
Misguided weakening of "sunshine laws"
like the FOIA. Because information is power
even more in the Federal bureaucracy than
in most places, there's an incentive for
agencies to hoard it for political reasons.
When all else fails, these laws often serve,
not so much to free the underlying information,
as to expose the illegitimate reasons it's
being held secret.
The occasional calls for outright
banning the release of scientific or
engineering information, in the style of
the idiotic Feinstein "bomb making information"
law.
Quesiton for you -- Isn't a bit naive to think that a software industry group would take a negative position on software
patents?
Only if you have a rather simplistic view of
the internal dynamics of the "software
industry", which includes everything from
large companies (which in turn have their
own very complex internal politics) to
individual open source developers.
The W3C is in the process of being
captured by the industry's patent lovers.
It's not captured yet.
Isn't it naive to think that a practical discussion of patent licencing wrt standards can be submarined by a broader debate
about patent policy?
Either way,
the W3C will be taking a position in
the "broader" patent policy war.
There is no way
to stay neutral; whatever policy they adopt
on this "practical" issue will put them on one
side or the other of the larger debate.
People who say that the W3C should remain
neutral and just adapt to the present patent
regime are, for the most part, very well
aware that such adaptation would amount
to direct political support for the status
quo.
I keep hearing about this "new reality", and it
confuses me. Nothing has changed. Everybody who's
been paying attention has always known that there
were people who might do things like this.
Everybody who's been paying attention has always
known that it was possible, and even
more or less known how they might go about it.
We've always known what security tradeoffs
we were making.
There is no new information
here, nor has the nature of the enemy in fact
changed.
The only thing I can see that's new is that
this thing has made it more difficult for people
in the US, and maybe some other places, to
maintain their illusion of safety. Is a
change in illusions now considered enough to
be a "new reality"?
In fact, I'd argue that one reason some of the
things that are proposed are counterproductive
is that all people really want is something
that restores precisely the illusion of
safety. Reality is less important; as long as,
by avoiding thinking too hard about it, they
can convince themselves that something helps,
that's good enough. People don't want to look
too hard at what they're suggesting,
because they may find something wrong with it...
and they're afraid they may not come up with
any better idea.
I'm not sure I give a damn about privacy any
more myself, but that's not related to this
incident.
You know, if I hear one more fuckwit mouth crap
along the lines of
Those Americans who don't vote, no matter how they excuse this failure, have no right to criticize their government.
I am going to bloody scream.
Folks, liberty is an intrinsic human right. It
is not something the government grants you;
it is something that you already have, and
the purpose of having a government, at least
in the US, is supposed to be to guarantee
that nobody takes it away from you.
Liberty is not something you should
have to register for. It is not something that
you should have to go out and vote for. It
is not contingent on any demonstration of
civic virtue.
Now, it's true that you can't trust the government
to do its duty, and that it's therefore wise
to do things like voting and writing letters
to your representatives and calling them on the
phone and all that. I do that stuff myself.
However, if I burn down your house and you're
too shocked to say anything, or too afraid
of me to say anything, or even too busy dealing
with something more important (and, yes, there
could be something more important) to say
anything, nobody is going to tell you you
have no right to complain. They may tell you
you were foolish for not stopping me, but
they're not going to tell you you weren't wronged.
This "vote or don't complain" crap is just
plain buck passing.
It gets sickening, going to hearing after hearing about proposed laws like UCITA, DMCA, and SSSCA and always seeing a
whole bunch of industry lobbyists wearing expensive suits, but hardly ever anyone who could be classified as an "ordinary citizen."
Maybe, just maybe, that's because the lobbyists
get paid to spend their entire lives on this
crap, whereas the "ordinary citizens" have other
concerns? Maybe, just maybe, there's a problem
with a system that requires people to spend
half their lives sitting in hearings fighting
back idiocy (which idiocy will be repeatedly
reproposed until it passes), rather than rejecting
that idiocy automatically and out of hand?
Maybe, just maybe, legislators, who are elected
to consider legislation, should get
off their asses and do that, find out
what the implications are, maybe actively
find out what their constituents' informed opinion would be, maybe
refuse to vote on things they haven't
personally studied, rather
than just favoring whatever special interest
makes the most noise, or whatever position
gives the best sound bites? Maybe we could
stop measuring the performance of a legislature
by the number of stupid laws it manages to
inflict on the populace?
... not because the software is a problem, since, after all,
you don't have to install or use it. The problem
is that this software is a very unsympathetic "test case".
If Web publishers sue over this, they stand a
goodish chance of getting courts to decide that
client software that deliberately modifies the
look of a Web page is "vicarious infringement by
unauthorized creation of a derivative work" or
some such silly thing. If they can't do that,
they may even be able to get some DMCA-like
law banning the practice.
Some people are arguing that that's a good
thing. Well, it's not, and the reason it's not
has nothing to do with advertising software
or "no-click" search engines. The reason it's
a problem is that it destroys the possibility
of effective cooperative annotation software.
There's stuff on the Net right now that lets any
user of the system add annotations to the pages
she sees. Those annotations are made visible to
other users of the same system. There are two
ways to do that: proxies (e.g. CritSuite, sorry,
no link, because I don't want the server
slashdotted, and it seems to be dead at the
moment anyway), and servers similar to the
ones under discussion (e.g. the now defunct
ThirdVoice").
This is good and useful. It
makes it that much more difficult to put drivel
on the Web, whether it be advertising, political
propaganda, or just plain misinformation, without
there being visible dissent. It completely
short-circuits, for example, the practice of
registering <yourcompany>sucks.com to prevent
people from finding your detractors, since the
annotations don't have to come from any particular
domain. Furthermore, the wide deployment of
such software would be a wonderful step for
collaboration and cooperative discussion, and
preventing the software from working on Web
pages in general would be a huge blow to that
deployment.
The proxy implementation of annotations has
copyright problems because the proxy clearly
redistributes a derivative work. If people
get all upset about this advertising software
and try to get it banned, that ban is almost
certain to sweep in the client-based annotation
solution, and that could destroy annotation
completely. That would be a huge victory for
the Forces of Evil. No, it wouldn't be a total
victory for them; a person can still put up
an opposing view on another page, and a user
can still use a search engine to find it. It
would, however, make critical debate just that
little bit harder, and that is never a good thing.
And, no, you do not have a right to completely
control how your Web page looks on my
screen.
Undoubtedly due to your following the hallowed
Slashdot tradition of not doing even the most
cursory reading of the material before spewing.
The reason trademark holders win the vast
majority of these domain name disputes couldn't
possibly be because they deserve the name and the
current holder has no reason other than cybersquatting to have it...could it?
I suppose it could.
What does that have to do
with this guy's study, which is not about the
absolute percentage of these cases resolved in
favor of the complainants, but about some
mighty suspicious looking differences in those
percentages depending on which arbitrator is
hearing the case and which of the alternate
procedures are followed?
His argument is basically that, out of all the
arbitrators legitimately accredited by this
process, some seem much more likely to rule
in favor of complainants than others, and oddly
enough it looks as though somebody is using
the process to steer cases to those arbitrators.
That's procedural bias even if these "hangin'
arbitrators" are in the right. Not that I think
they probably are.
A friend of mine built a memory expansion card.
As I recall, there was 32KB of RAM on that card,
and he kludged up a bank select system that
used a big transistor to forcibly overwhelm
the drivers on one of the address lines.
I wrote
a CP/M BIOS that would bank-switch over to the
normal address space and call the built-in ROM
to do I/O. You had to buy the disk drive expansion
kit, of course.
We had this weird idea that we could sell it.
No clue what we were doing, but it was fun.
The "censorware tax" isn't a literal tax. The
phrase is an analogy. You have to pay for
the censorware whether you want it or not,
so the entire price of the censorware is
like a tax.
The original such analogy was the "Windows tax", where you
buy Windows with a new PC even if you intend to delete it immediately
I was wondering why you thought the censorware
was so cheap.
... and if I'm a minimum-wage earner, trying
to get a computer because I believe that it
will keep my child from being a minimum-wage
earner, too, and I'm fighting to scrape
up the $300 for a bottom-end machine? What then?
... and if these idiots decide that I have
to have a bunch of other stuff, as well?
What then?
... and if the censorware writers decide to
jack up the prices because of the captive
audience? What then?
Amazingly enough, some of us aren't completely
selfish.
... but I am. Please send me $2 today.
After all, you won't miss it.
It is censorware unless the person
who is doing the reading is the one
who installs the software. This stuff is mostly
used by one party (a parent or employer)
to decide what another party (a child or
employee) can read. That is censorship, whether
you think it's good or bad. It's not
government censorship, but government
is not part of the definition of censorship.
Especially for older children, it's not a settled
question whether you have a moral right to
control what they see, or whether anybody
should help you out with that.
Even if you do have such a right, the
software doesn't work, and the state shouldn't
be encouraging people to sell snake oil.
Even if the software worked, different programs
would have different blocking criteria. If you're
going to control somebody else's Internet access
using a piece of software, you
should damned well be paying some attention
to what the
software is doing, not taking some random program
chosen by the state.
I don't want to pay extra for software that
I won't use. I don't want to pay it in the
price of the computer, and I don't want to pay
it in taxes, either. If you want the software,
you pay for it. If you think it's
absolutely essential for you to have this
software to raise a child, and you can't
afford the software, then I guess you can't
afford to have a child. Shit happens.
In the pre-DMCA world, the whole
"common carrier" claim for
service providers was basically
conjecture based on analogies.
It was never really litigated, and it certainly
wasn't obviously written in any statute.
People relied on it, but it might or might
not have held up in court;
the question was pretty muddy. I suspect
that it would not have worked for Slashdot,
which could not have asserted ignorance in the
same way as, say, a Usenet server.
Regardless of whether the "common carrier"
claim would have held up before
the DMCA, it definitely will not
hold up now, because the DMCA replaces
all that uncertainty with a great deal of
certainty. Service providers are
obligated to take down supposedly infringing
material under a very well defined set of
procedures. US law has changed on this issue.
Assuming that Scientology has a valid copyright
on this material (and it does), and assuming
that there are no first-amendment freedom of
religion issues muddying the waters (which I'd
think there should be, but the courts do
not seem to agree), there is absolutely
no question that Slashdot was legally obligated
to take it down. Chanting "common carrier" no
longer has any legal effect, if it ever did.
I understand Scientology has a reputation for
litigating bogus claims. This one, however,
would seem to be (legally, not morally) valid.
It's not really worth fighting this sort of thing
in court. The right response to Scientology is
just to overwhelm them with the volume of
criticism.
You can get yourself into a lot of trouble
by listening to half-informed amateur
interpretations of the law.
Hmm. On second thought, I lied. I don't have
as many years of education. My market value
is higher, though. And I don't idle people
in my present job the way I would have in
my last one.
Anyway, my point is that nobody is immune from
courtesy.
I am considerably more expensive by the
hour than my doctor. Like by a factor of 4.
My being idle frequently idles other people
as well.
I have more or less equivalent education,
and my skills are probably rarer.
I don't double-book appointments.
The breaking strength of an object increases
(roughly) as the
square of the linear dimension. The mass increases
with the cube. If you shake something
(or drop it), the stress it experiences is
proportional to the mass.
Bigger things are generally
more fragile than smaller things.
You can drop a small ant from a height of
a meter, and the ant will walk away. If you
drop an elephant from a meter, the elphant
will break bones and end up dead.
Nanotech stuff is likely to be so tough that
you couldn't even crush it without
a diamond hammer, let
alone break it by shaking it.
Also, one of the fun things you can do with
(dream) nanotech is to build big
things to atomic precision. A one-meter cube
of monocrystalline diamond is not a fragile
object.
Rights are not conferred by laws. Laws exist
to protect rights. The fact that the law
gives a corporation certain "rights" does
not mean that those rights exist morally.
In fact, corporations' "right" to exist at
all is purely legal, not moral. It's granted
by the government because corporations are
a convenient way to organize large-scale
activity. There would be no inconsistency in
limiting corporations in any way... as long
as the purpose of that limitation wasn't
to destroy the rights of the underlying
individuals.
Anybody who brings up the law in an argument
about what corporations should be
able to do is an idiot. The law is subject to
change, should it be determined to be wrong.
The thing is that law enforcement people, in
the US and many other countries, don't believe
that the existing laws are sufficient. They
want to do things like outlawing tools, outlawing
the spread of certain information, giving
themselves power to do all kinds of spying,
and so forth.
They generally want to increase
their own power, and to outlaw behavior that,
as far as they're concerned, is "only engaged
in by criminals anyway". This is not about
justifying their existence. It's about their
desire for legal tools to lock up people who,
in their opinion, deserve to be locked up.
These legal changes are often politically
unpopular, since they're usually based on
an incredibly fucked up,
power-tripping worldview that has no room
for variation from some imaginary norm,
precious little room for the idea of independent
thought, and no real respect for the ideas
(as opposed to the forms) behind due process.
Because these changes are unpopular, the people
who want them (again, mostly law enforcement
people) use various political tactics to get
them. One useful tactic is to find a pliable
international body that's having some discussion,
where the people involved in the discussion are
either sympathizers of yours or people you
can pressure. You then get that body to issue
some piece of paper, say a draft treaty, that
requires what you want.
Politics being what they are, it's hard to change
these drafts once they come out, and it gets
progressively harder to change them as they
move further along in the process. When it comes
time to get your domestic legislature to approve
the treaty, you say, basically, "everybody else
is doing it". You also try to word your treaty
so that it's not obvious what it really implies.
Since the treaty approval process is different
from the approval process for regular legislation,
and usually involves different people, and since
little attention is usually paid to "technical"
treaties, you may very well be able to get your
treaty approved.
Once you get everybody to adopt the treaty,
you spring the trap... you explain to your
local legislature that it's now required by
this treaty to pass the laws you couldn't
get it to pass before. Game over.
Slashdot Mirror
Any realistic system is going to use different mechanisms above a certain level (probably just about LEO) than it uses below it. The two problems are naturally separate, they naturally need to be solved separately, and the space elevator is a Really Cool solution to one of them. It's just plain fallacious to claim that a space elevator hurts access above LEO; it makes such access much easier.
Meanwhile, any technology that could plausibly rebuild your brain after the damage from disease or trauma, the ischemic damage, and the enormous damage from cryopreservation itself, is pretty clearly not going to have a lot of trouble building you a new body. Probably a new body that you won't be able to distinguish from the original one.
Not to say that plenty of people won't go for whole-body anyway, but I can't say I believe they'll be doing it on the basis of being more "informed". They'll be doing it on the basis of the same religious and sentimental factors that make anybody else not donate organs.
Tell that to a bloodhound.
The reality of the matter is that, while it certainly would be possible for somebody to gag a machine to evade all your wascally checksumming tricks, they frequently don't do so. And when they do it, there's the usual arms-race lag between the time when a new method of checking comes out and when they update their tools to evade it. And there's a cost to them for each defense they evade; if you want to avoid every defense you ever hear of, you basically have to roll your own rootkits, which is a huge time investment.
And a kiddie who's out there collecting hundreds of boxes has no particular incentive to be anal about holding onto yours.
Fucking pompous amateurs.
I used to have a job where I was on call 24x7, for some reasonably critical stuff. There'd usually be a call a day; some days more, some days none. Late-night calls were less common, partly because the group of people who took the calls was distributed around the planet. However, there were calls at 3 AM now and then.
Why did I accept that? Because there was a quid pro quo. As long as I kept myself available for those calls, and as long as I got a certain amount of total work done on some other things, my employer asked NO QUESTIONS about where I was. I could go anywhere, any time. I didn't even have to be in any specific town.
Well, OK, I did have meetings once or twice a week (on no fixed schedule), but that was about it. If I was in my office, it was because I wanted to be there at that time.
No, I wasn't the only person who could handle the calls. You need backup, always, because there's always a chance that something will keep you from taking a call. If we'd had fixed shifts, we'd have had to have at least two people chained to desks all the time, covering each other. That's six people total, instead of three people with each taking point for her own time zone and the other two backing her up.
By the way, I never, once permitted my phone to ring audibly in a movie theater. That's what vibrate mode is for. Sit near a door, and you can quietly and unobtrusively get outside in plenty of time to take the call.
The arrangement had plenty of problems, many of them caused by my own failure to hire enough people to keep up with expanding load. On the whole, though, it worked. I can see the appeal of having "my time" and "their time", but I also know the appeal of being able to go home and prune my roses if I feel like it.
The Rijndael/AES cryptosystem does not depend on the difficulty of factoring. This is a big deal mostly for RSA.
That's opt-out, not opt-in.
Look, folks, no matter how much marketing drones would like to redefine it, the phrase "opt in" has a meaning in the English language. It means that the person took an affirmative step to get on the list and get the mail. It does not mean that they forgot to uncheck a button on a Web form somewhere, or that they signed up for something unrelated but were too apathetic (or too paranoid) to ask to be removed from the list when some huckster started bothering them.
If the user has to take action to get off the list, then it's not opt-in. If there's a check box on a Web form somewhere, but the default value is "yes, send the mail", then that's not opt-in, either. For a list to be "opt-in", the user must actually request the mail. And that's not common.
Capische?
The problem with that attitude is that, to get real security, you have to do things in a secure way everywhere. That means that everybody has to be thinking in terms of security... and not only that, but thinking in terms of things that will actually help, rather than just giving a false sense of security. That takes a certain mindset, and the only way to develop that mindset is to think about ways to break security, to see examples of how security is broken, and to see how existing security measures work, both so you can improve them and so you can avoid screwing them up.
If you restrict access to information, you end up with only two sets of people who have a clue:
-
-
Security is everybody's problem, and that means everybody has to understand it. When you release information widely, you educate 100 good guys for every bad guy. When you try to keep everything secret, you hold the good guys back more than the bad guys.A small group of overworked security specialists. These people can't do it all, and, if the rest of the world is poorly informed, they won't be listened to. In addition, in an environment where information is tightly restricted, it's very difficult to recruit and educate new security specialists.
The bad guys. Being more motivated than the general population, the bad guys will get most or all of the "restricted" information through their own networks.
I'm not saying that there's never a reason to keep anything secret, but there should be a presumption in favor of openness. You should try to keep something secret only when:
It describes the details of an actual vulnerability that hasn't been fixed, and provides information useful in exploiting that vulnerability, AND
Having information about the vulnerability would not, in itself, permit people to protect themselves, AND
You're reasonably sure that large numbers of bad guys don't already know about it. In network security, large number of bad guys will definitely find out about it within a few months, if they haven't already found it independently. That means that keeping anything secret for a long time will never work.
In government, the sorts of things we need to watch out for are:
Excessive classification. It would be nice to see more legislative sunsets on classification, and more requirements for review of the decision to classify something. Patent secrecy orders are especially suspect.
Programs where government information is shared only with "trusted private sector partners". Not only is this intrinsically bad, but it encourages cronyism and corruption, and can create economic problems by raising barriers to entry in security-related industries.
Misguided weakening of "sunshine laws" like the FOIA. Because information is power even more in the Federal bureaucracy than in most places, there's an incentive for agencies to hoard it for political reasons. When all else fails, these laws often serve, not so much to free the underlying information, as to expose the illegitimate reasons it's being held secret.
The occasional calls for outright banning the release of scientific or engineering information, in the style of the idiotic Feinstein "bomb making information" law.
Only if you have a rather simplistic view of the internal dynamics of the "software industry", which includes everything from large companies (which in turn have their own very complex internal politics) to individual open source developers.
The W3C is in the process of being captured by the industry's patent lovers. It's not captured yet.
Either way, the W3C will be taking a position in the "broader" patent policy war. There is no way to stay neutral; whatever policy they adopt on this "practical" issue will put them on one side or the other of the larger debate.
People who say that the W3C should remain neutral and just adapt to the present patent regime are, for the most part, very well aware that such adaptation would amount to direct political support for the status quo.
There is no new information here, nor has the nature of the enemy in fact changed.
The only thing I can see that's new is that this thing has made it more difficult for people in the US, and maybe some other places, to maintain their illusion of safety. Is a change in illusions now considered enough to be a "new reality"?
In fact, I'd argue that one reason some of the things that are proposed are counterproductive is that all people really want is something that restores precisely the illusion of safety. Reality is less important; as long as, by avoiding thinking too hard about it, they can convince themselves that something helps, that's good enough. People don't want to look too hard at what they're suggesting, because they may find something wrong with it... and they're afraid they may not come up with any better idea.
I'm not sure I give a damn about privacy any more myself, but that's not related to this incident.
Folks, liberty is an intrinsic human right. It is not something the government grants you; it is something that you already have, and the purpose of having a government, at least in the US, is supposed to be to guarantee that nobody takes it away from you. Liberty is not something you should have to register for. It is not something that you should have to go out and vote for. It is not contingent on any demonstration of civic virtue.
Now, it's true that you can't trust the government to do its duty, and that it's therefore wise to do things like voting and writing letters to your representatives and calling them on the phone and all that. I do that stuff myself.
However, if I burn down your house and you're too shocked to say anything, or too afraid of me to say anything, or even too busy dealing with something more important (and, yes, there could be something more important) to say anything, nobody is going to tell you you have no right to complain. They may tell you you were foolish for not stopping me, but they're not going to tell you you weren't wronged.
This "vote or don't complain" crap is just plain buck passing.
Maybe, just maybe, that's because the lobbyists get paid to spend their entire lives on this crap, whereas the "ordinary citizens" have other concerns? Maybe, just maybe, there's a problem with a system that requires people to spend half their lives sitting in hearings fighting back idiocy (which idiocy will be repeatedly reproposed until it passes), rather than rejecting that idiocy automatically and out of hand? Maybe, just maybe, legislators, who are elected to consider legislation, should get off their asses and do that, find out what the implications are, maybe actively find out what their constituents' informed opinion would be, maybe refuse to vote on things they haven't personally studied, rather than just favoring whatever special interest makes the most noise, or whatever position gives the best sound bites? Maybe we could stop measuring the performance of a legislature by the number of stupid laws it manages to inflict on the populace?Some people are arguing that that's a good thing. Well, it's not, and the reason it's not has nothing to do with advertising software or "no-click" search engines. The reason it's a problem is that it destroys the possibility of effective cooperative annotation software.
There's stuff on the Net right now that lets any user of the system add annotations to the pages she sees. Those annotations are made visible to other users of the same system. There are two ways to do that: proxies (e.g. CritSuite, sorry, no link, because I don't want the server slashdotted, and it seems to be dead at the moment anyway), and servers similar to the ones under discussion (e.g. the now defunct ThirdVoice").
This is good and useful. It makes it that much more difficult to put drivel on the Web, whether it be advertising, political propaganda, or just plain misinformation, without there being visible dissent. It completely short-circuits, for example, the practice of registering <yourcompany>sucks.com to prevent people from finding your detractors, since the annotations don't have to come from any particular domain. Furthermore, the wide deployment of such software would be a wonderful step for collaboration and cooperative discussion, and preventing the software from working on Web pages in general would be a huge blow to that deployment.
The proxy implementation of annotations has copyright problems because the proxy clearly redistributes a derivative work. If people get all upset about this advertising software and try to get it banned, that ban is almost certain to sweep in the client-based annotation solution, and that could destroy annotation completely. That would be a huge victory for the Forces of Evil. No, it wouldn't be a total victory for them; a person can still put up an opposing view on another page, and a user can still use a search engine to find it. It would, however, make critical debate just that little bit harder, and that is never a good thing.
And, no, you do not have a right to completely control how your Web page looks on my screen.
What does that have to do with this guy's study, which is not about the absolute percentage of these cases resolved in favor of the complainants, but about some mighty suspicious looking differences in those percentages depending on which arbitrator is hearing the case and which of the alternate procedures are followed?
His argument is basically that, out of all the arbitrators legitimately accredited by this process, some seem much more likely to rule in favor of complainants than others, and oddly enough it looks as though somebody is using the process to steer cases to those arbitrators. That's procedural bias even if these "hangin' arbitrators" are in the right. Not that I think they probably are.
Lazarus Long is a fictional character created
by... Robert Heinlein.
I wrote a CP/M BIOS that would bank-switch over to the normal address space and call the built-in ROM to do I/O. You had to buy the disk drive expansion kit, of course.
We had this weird idea that we could sell it. No clue what we were doing, but it was fun.
Oops. I missed your biggest misunderstanding.
The "censorware tax" isn't a literal tax. The phrase is an analogy. You have to pay for the censorware whether you want it or not, so the entire price of the censorware is like a tax.
The original such analogy was the "Windows tax", where you buy Windows with a new PC even if you intend to delete it immediately
I was wondering why you thought the censorware was so cheap.
Amazingly enough, some of us aren't completely selfish.
It is censorware unless the person who is doing the reading is the one who installs the software. This stuff is mostly used by one party (a parent or employer) to decide what another party (a child or employee) can read. That is censorship, whether you think it's good or bad. It's not government censorship, but government is not part of the definition of censorship.
Especially for older children, it's not a settled question whether you have a moral right to control what they see, or whether anybody should help you out with that.
Even if you do have such a right, the software doesn't work, and the state shouldn't be encouraging people to sell snake oil.
Even if the software worked, different programs would have different blocking criteria. If you're going to control somebody else's Internet access using a piece of software, you should damned well be paying some attention to what the software is doing, not taking some random program chosen by the state.
I don't want to pay extra for software that I won't use. I don't want to pay it in the price of the computer, and I don't want to pay it in taxes, either. If you want the software, you pay for it. If you think it's absolutely essential for you to have this software to raise a child, and you can't afford the software, then I guess you can't afford to have a child. Shit happens.
Sigh. Wrong. Wrong. Wrong.
In the pre-DMCA world, the whole "common carrier" claim for service providers was basically conjecture based on analogies. It was never really litigated, and it certainly wasn't obviously written in any statute. People relied on it, but it might or might not have held up in court; the question was pretty muddy. I suspect that it would not have worked for Slashdot, which could not have asserted ignorance in the same way as, say, a Usenet server.
Regardless of whether the "common carrier" claim would have held up before the DMCA, it definitely will not hold up now, because the DMCA replaces all that uncertainty with a great deal of certainty. Service providers are obligated to take down supposedly infringing material under a very well defined set of procedures. US law has changed on this issue.
Assuming that Scientology has a valid copyright on this material (and it does), and assuming that there are no first-amendment freedom of religion issues muddying the waters (which I'd think there should be, but the courts do not seem to agree), there is absolutely no question that Slashdot was legally obligated to take it down. Chanting "common carrier" no longer has any legal effect, if it ever did.
I understand Scientology has a reputation for litigating bogus claims. This one, however, would seem to be (legally, not morally) valid.
It's not really worth fighting this sort of thing in court. The right response to Scientology is just to overwhelm them with the volume of criticism.
You can get yourself into a lot of trouble by listening to half-informed amateur interpretations of the law.
Hmm. On second thought, I lied. I don't have as many years of education. My market value is higher, though. And I don't idle people in my present job the way I would have in my last one. Anyway, my point is that nobody is immune from courtesy.
I am considerably more expensive by the hour than my doctor. Like by a factor of 4. My being idle frequently idles other people as well. I have more or less equivalent education, and my skills are probably rarer. I don't double-book appointments.
The breaking strength of an object increases (roughly) as the square of the linear dimension. The mass increases with the cube. If you shake something (or drop it), the stress it experiences is proportional to the mass. Bigger things are generally more fragile than smaller things.
You can drop a small ant from a height of a meter, and the ant will walk away. If you drop an elephant from a meter, the elphant will break bones and end up dead.
Nanotech stuff is likely to be so tough that you couldn't even crush it without a diamond hammer, let alone break it by shaking it.
Also, one of the fun things you can do with (dream) nanotech is to build big things to atomic precision. A one-meter cube of monocrystalline diamond is not a fragile object.
Rights are not conferred by laws. Laws exist to protect rights. The fact that the law gives a corporation certain "rights" does not mean that those rights exist morally.
In fact, corporations' "right" to exist at all is purely legal, not moral. It's granted by the government because corporations are a convenient way to organize large-scale activity. There would be no inconsistency in limiting corporations in any way... as long as the purpose of that limitation wasn't to destroy the rights of the underlying individuals.
Anybody who brings up the law in an argument about what corporations should be able to do is an idiot. The law is subject to change, should it be determined to be wrong.
The thing is that law enforcement people, in the US and many other countries, don't believe that the existing laws are sufficient. They want to do things like outlawing tools, outlawing the spread of certain information, giving themselves power to do all kinds of spying, and so forth.
They generally want to increase their own power, and to outlaw behavior that, as far as they're concerned, is "only engaged in by criminals anyway". This is not about justifying their existence. It's about their desire for legal tools to lock up people who, in their opinion, deserve to be locked up.
These legal changes are often politically unpopular, since they're usually based on an incredibly fucked up, power-tripping worldview that has no room for variation from some imaginary norm, precious little room for the idea of independent thought, and no real respect for the ideas (as opposed to the forms) behind due process.
Because these changes are unpopular, the people who want them (again, mostly law enforcement people) use various political tactics to get them. One useful tactic is to find a pliable international body that's having some discussion, where the people involved in the discussion are either sympathizers of yours or people you can pressure. You then get that body to issue some piece of paper, say a draft treaty, that requires what you want.
Politics being what they are, it's hard to change these drafts once they come out, and it gets progressively harder to change them as they move further along in the process. When it comes time to get your domestic legislature to approve the treaty, you say, basically, "everybody else is doing it". You also try to word your treaty so that it's not obvious what it really implies.
Since the treaty approval process is different from the approval process for regular legislation, and usually involves different people, and since little attention is usually paid to "technical" treaties, you may very well be able to get your treaty approved.
Once you get everybody to adopt the treaty, you spring the trap... you explain to your local legislature that it's now required by this treaty to pass the laws you couldn't get it to pass before. Game over.
Bad news, kid. They don't think any more when they get older...