No doubt, the public policy of well-monied interests getting special treatment granted to them by Congress every so many years at the expense of the public domain is of dubious value to society. No doubt, the "social contract" between authors and the public that is Copyright hardly requires such overreaching. To the contrary, the Sony Bono bill was bad law, bad policy and generally bad bad bad.
That isn't the question in Eldred v. Ashcroft. Here, the question is whether it is unconstitutional. I say this, because I would like my colleagues on Slashdot to realize the high likelihood that the Supreme Court may not opt to overturn this law, and can do so with the highest appreciation for all of these concerns. Deference of the judiciary to the Congress to make decisions, even bad decisions, is the rule, and it is highly likely that the rule will be followed in any given case.
But here, as the various briefs filed on both sides might indicate, the issues are far from trivial. I would commend to my colleages a careful reading of ALL the briefs, and all the issues before concluding that the Supreme Court has an easy call to "do the right thing." Legally, it is far from obvious that Eldred has the best of the argument.
In short, the vitreol may more properly be directed to the Congress that chose to pass the law than to the Court that may merely conclude that it is not its province to reverse a lousy decision made by the Legislative and Executive branches.
You would of course be legally clear here, and clear according to any AUP your ISP might have, but don't expect overzealous IP lawyers to give a damn about your rights.
It is quite sad how our legal system has been reduced to a system of "survival of the wealthiest."
To the contrary -- and this is the point of why this bill is bad. Presently, a person who's business had been criminally or tortiously interefered with by Computer abuse would have very solid grounds for fighting back. In other words, "overzealous lawyers" would be fond of working for him as well as for the deep-pocketed bad guys.
Don't forget, there is a serious downside of having a deep pocket -- a judgment against you is highly collectible. These entities CANNOT risk crossing the line into tortious conduct, with the concommitant potential for punitive damages.
And that, at the end of the day, is why Hackback is a bad law -- giving deep pockets strong technical defenses for potentially malicious conduct allows them to use their pocketbooks risk-free to abuse us. At least today, an "overzealous lawyer" can make their life as awful as they can make the public's.
Given the name GNU, it's quite easy to find the Manifesto. Just mentioning the Free Software Foundation would be similarly effective. But there are no concrete ethics behind the creation of Linux, so that name doesn't accomplish anything.
Now how, precisely, would renaming a distribution educate users who do not presently know "of their rights?" Perhaps you should propose instead renaming Linux to: GNU/Linux/but-you-really-need-to-read-the-license- inside-this-box-and-read-the-screeds-at-www.fsf.or g?
Quite clearly, the name does nothing to create the awareness of "user rights" (whatever that means) in the minds of those not already aware of them.
What public support? We're having this argument again because Project GNU is still being expunged from public view and the users are still being kept ignorant of their rights.
Now how, precisely, would renaming a distribution educate users who do not presently know "of their rights?" Perhaps you should propose instead renaming Linux to: GNU/Linux/but-you-really-need-to-read-the-license- inside-this-box-and-read-the-screeds-at-www.fsf.or g?
Disputes like this keep FSF's more substantive arguments from being taken seriously. Efforts to define the world to suit their needs by quibbling about language may play in well-educated communities, but will be ignored or worse in the rest of the world -- the part that matters.
People in the real world see through this immediately - indeed intuitively - and quickly grow tired of the wordplay.
This issue, like many others, just gives enemies of open software more fodder on which to chew and helps our community not at all. Whatever the merits of the argument may be, FSF is clearly fighting a losing battle, and squandering a great deal of well-earned credibility and public support in the process.
I am not sure that the argument itself is persuasive, but even if I agreed with it entirely, it isn't an argument that has to be made. It hurts the community at large, and FSF in particular. RMS should cease and desist.
Explain that to Dmitri Sklyarov, who spent more than a month in jail for releasing a hacking tool, which unlocks Adobe e-books.
That's just silly. This is some new use of the word "hacking tools." Certainly, Elcomsoft doesn't think so -- the words "hacking tools" do not appear on their web site.
Sure, you can try to define yourself out of this argument by treating the word "hacking" to mean whatever you like. But that's the same logical error -- you are still conflating the same concepts. If you define "hacking" to include the activity of trafficking in software for "unlocking Adobe e-books," congratulations! You won the argument. But so what? My point is that DMCA is not directed toward the conduct traditionally known as hacking by most of us (clever machination of technical systems) nor the conduct currently known as hacking (cracking). The DCMCA anti-circumvention proscriptions may overlap with some cracking conduct, just as any number of other laws -- that doesn't make it anti-cracking legislation, for the reasons stated earlier.
The reason the DMCA is particularly pernicious, however, is that it criminalizes the dissemination of "hacking tools", not just the act of hacking itself.
You will search in vain to find "hacking tools" among the proscribed devices set forth in DMCA. Only particularized devices are involved there, and very few of them have ANYTHING to do with cracking.
I don't disagree that the DMCA is pernicious, only that the conflation of it with these practices is bad karma for those who would like to criticize DMCA -- its technically weak as an argument, and generally associates violators of DMCA with an image not favorably taken in the public at large. If you want to beat down the DMCA, don't blame everything on it, like some technological "el nino."
There is simply no reason to think that releasing an exploit script directed to a technical vulnerability would be a DMCA violation -- and the HP backtracking that immediately followed their ludicrous overreaching is more evidence that DMCA is not implicated than that it is.
internet is somehow a faucet of distribution with which material and physical distribution cannot meaningfully compete. It is arguably faster and more efficient to distribute DVD's using the mails -- thousands of terabytes per day can be distributed far more efficiently (and cost effectively) in this manner than upon the internet.
The threat to distribution is not that it exists at all (you can find pirated DVD's on most any city street), but whether it is significant compared to the principal modes of distribution available to legitimate parties.
The MPAA claims that the internet has creates significant consequences and risks -- citing to supposedly a kazillion feature films being pirated daily. This simple piece of arithmetic is a useful hunk of rebuttal.
The analysis is really quite simple -- is there consent, actual or implied, either to: (i) reproduce the work; (ii) distribute the work; or to (iii) make derivative works. A quick review of the website indicated that the editing is not a "cut-up" of the original tape, but rather sale or rental (distribution?) of an edited (derivation?) COPY (reproduction?). I think a persuasive argument may be made that, unless a defense is available, the art of editing new copies and distibuting them constitutes an actionable offense. [Indeed, the content manipulation is not relevant to this part of the analysis -- I would come out the same if it was a pure 1:1 copy, with the distribution of the copy while retaining the original "for archival purposes."]
The next question is whether a defense applies. Since the original copy is not distributed, first sale probably does not. The next question is fair use, requiring a four-factor analysis that I am not sure would be present here. And here is where the director's equities, and the for-profit nature of the editor, will fit in.
As a lawyer, my answer on questions like this will always be along the lines of "it depends."
While the ethics of cracking have always been interesting, the legality has never been an issue. It is, and for years has been, a crime, essentially, merely to knowingly obtain unauthorized access or to exceed authorized access to a computer owned by another. [Alas, many companies have injudiciously asserted these criminal charges against former consultants, merely to beat a bill with a nasty counterclaim.]
However popular it is to join the bandwagon railing against the DMCA anti-circumvention provisions (people seem to forget that the DMCA is itself an omnibus of technical and non-technical issues, good, bad and indifferent, and ranging from boat-hull designs to ISP immunities), the article's focus on DMCA is misplaced -- almost irresponsibly so.
The big guns against cracking conduct have been in place for years, and well before DMCA: The Computer Fraud and Abuse Act, the ECPA and countless state computer crime and regular theft statutes. All of these tend to be much broader in scope and reach, and far easier to prove and enforce. After the enhancements (from a prosecutor's point of view) made in the USA-PATRIOT Act, CFAA has become an even more powerful tool. The FBI didn't need a DMCA to get Kevin.
At the end of the day, the HP nonsense was just that: nonsense. The reason the HP DMCA threat was never pressed was simple -- it was a no-play claim, and everybody knew it. However, there are and have for years been a kazillion laws to beat up on anybody who engages in unauthorized access or exceeding authorized access of any kind, and regardless whether the conduct amounts to any circumvention of an effective copyright protection scheme.
I'm not arguing cracker ethics, or defending DMCA. I'm simply saying that the focus of the article is wildly misplaced. DMCA is just barely an interesting curiousity in the enforcement quiver -- so far as real cracking goes, it isn't even a fourth-string defense except in the oddest cases.
Apple is (currently) ignoring Unix users! This is not merely speculation on my part.
No, it is either clearly false (see below) or non-falsifiable blather. Apple has engaged in substantial marketing specifically directed toward the Unix Market, for example by running Apple print ads directed to the Unix Market, complete with "/dev/null" unix jargon.
Reasonable people may differ with our anonymous coward about whether discounting his 1990 suggestion constitutes ignoring the entire Unix market, or whether he simply has an overblown view of the representattive constituency of his own design choices as compared to those of others.
I have worked Unix, Mac, Windows and other OS and development environments for decades, and don't find myself using the control key all that much more in any one as opposed to another, so I don't see this as a peculiarly Unix-centric issue. Even so, despite doing a massive amount of Unix and terminal work day by day on my prime ax, an Apple Powerbook, and having a zillion desktop and other machines around from which to pick, I just don't experience his pains. (I suppose I find the virtue of my wireless flexibility to walk around my world more significant to me than the slight trick of learning my fingers around a keyboard.)
1) It's not worth doing a patent search. Most of the larger companies do not. If you've done a perfunctory search and it's not obviously covered by prior art, then go for it! Worst case, the patent office tells you about some prior art & you adjust your application to take it into account (this almost always happens anyway).
This advice is so bad that I almost don't know where to start. A competent prior art search is an essential first step to obtaining adequate patent coverage, and is a practical and relatively low-cost way to avoid investing in preparation and prosecution of a dead-end valueless patent.
Some people want to file for a patent solely to obtain the pretty deed-like certificate. To that end, perhaps the author's advices may be meaningful. The rest of us (meaning MOST of us) would invest in preparing a patent application solely for the hope of obtaining a grant of rights more valuable than the expenses. Without a competent search, you will lose on every front:
1) avoid claiming too broadly. If you claim too broadly, and then amend by substantially revising the claims, you lose all benefit of the doctrine of equivalents due to prosecution history estoppel;
2) avoid claiming too narrowly. You simply can't know how good or bad is your invention until you have done a novelty search. If you don't see what is really out there, you might not claim enough;
3) avoid filing negative value patents. A negative value patent is a patent that, even if obtained or obtainable, will never have commercial value exceeding the cost of obtaining the rights. $25,000 for a piece of waterfront property in Miami sounds like a great deal -- until you discovery that the property is only a square inch in area. Without a prior art search, you cannot responsibly evaluate or even estimate the commercial benefit or value of the invention. Guess too high or too low, and you have lost value.
The remark about large companies not performing searches is primarily false, and certainly misleading. Large companies with in-house patent counsel might not need to perform searches for general improvements to well-known technology, for the simple reason that these in-house lawyers are ALREADY experts on the relevant prior art. This is common, particularly in the arena of manufacturing entities, where it is not only practical, but frequently the case, that a good in-house lawyer may be aware of (and routinely keep up with) most of the relevant art. Other companies distinguish between "commodity" patents from real inventions, the former being primarily portfolio fodder to avoid third-party claims and to reserve opportunities for cross-licensing out of lawsuits. For these commodity patents, less investment is justified beyond a cursory search.
Few individuals have any use for vanity or commodity patents. Let your lawyer do a real search -- the failure to do so will cost you much down the road, one way or the other.
Reading the comments, I notice that readers are confusing or conflating various issues -- not terribly, but it may be interesting to understand the various bodies of law applicable here:
1) Trade secret law. This is the body of law that prevents you from using or disclosing certain information disclosed to you, directly or indirectly under certain circumstances amounting to a "confidential relationship." You get nailed either by using or disclosing, or by threatening to do so. Virtually every state has strong TSL. TSL is a species of intellectual property law.
2) Covenants not to compete. This is the body of law governing the enforceability of contract provisions stating that a person promises not to compete with a business entity. State laws vary widely as to enforceability. Some completely prohibit these provisions. Others enforce them skeptically, depending upon their "reasonability." Still others have detailed rules for reasonability as to time and space limitations. Others limit to whether the covenant is necessary to protect a reasonable commercial interest. CNC is a species of antitrust regulation.
3) Inevitable Disclosure Rules. This is the DMCA of trade secret law, and this was the subject of the case here. Various jurisdictions (including, alas, Florida) have taken to the view that enforceable non-compete-like protections can be given, without express covenant, to protect a trade secret when a former employee undertakes a job where the disclosure of the secrets is an inevitable consequence of working there. It is a monster, because it invades and disfigures both trade secret AND covenant policies: ID, like trade secrets, potentially last forever and have no territorial bounds. And ID, like covenants, require no proof of bad intent or misappropriation -- even threatened misappropriation. ID, like DMCA, is neither antitrust nor intellectual property -- it is merely naked technology regulation.
Since covenants and trade secrets, respectively, embody a complex set of balancing issues and policies -- ID, by rejecting those policies, unmoors trade secrets and covenants law from their fundamental justifications, and therefore is as likely to hurt the economy as help it. Like the DMCA, which unmoors copyright law from its fundamental policies, ID risks creation of dangerous rights in gross to a few powerful litigious corporations, with no useful payback to society.
4) "Right to work" law, so far as I know, is simply a euphemism for the proposition that an employer is free to hire or fire any employee on any given day, and cannot be held to contract (union or otherwise) regarding employment on any other basis. Basically, it makes illegal the old union notion of a closed shop. (In this arena, I am no expert, but folks seem to be misusing the term here.) RTW is a species of employment law, slightly akin to a backwards version of antitrust.
This article here comments on a legal case where a shrink-wrap license may be binding.
The Bowers case is scary, indeed, but it hardly breaks ground on the proposition quoted above. The Federal Circuit Opinion relies on a longstanding string of case law (including the 1996 7th Circuit opinion in the ProCD case) finding a shrink-wrap agreement to be enforceable. While the enforceability of shrink-wraps will likely be heavily fact-dependent (and possibly jurisdiction-dependent), there has been enough guidance for years for a well-advised publisher to have little doubt that purchase and use of her software will be governed by the shrink-wrap. In other words, "Shrink wraps done right are enforceable. Duh."
The scary result in Bowers is not the enforceability of the shrink-wrap agreement, but the enforceability of a particular provision (the no-reverse-engineering provision), and a holding that the Copyright law that permits reverse engineering DOES NOT PREEMPT a state contract claim. This is actually quite a huge(ly bad) result, and it is hard to distinguish the analysis of the Federal Circuit case from a hypothetical book with the "no fair use" shrink-wrap provision.
This isn't a question of offer and acceptance -- its a question of federal law being circumvented by an activist court.
As far as QA, I tell you what. If the system is designed correctly, it will need very little QA. I know this because some systems can never get it right, no matter how much QA go into them, because of fundamuntal design flaws.
Chris argues that because systemically flawed systems cannot be cured by any amount of QA, it follows that systemically adequate designs do not require more than "very little QA." Not only is this a logical fallacy, it is also dead wrong.
QA is an essential part of any system development methodology -- no matter how good the design, human beings implement it, and humans make errors. Relying on design alone (or even primarily) is a terrible error. Humans cannot help but make errors -- and design alone cannot prevent this. QA gets short shrift enough in the best of systems -- it is inherently and necessarily an essential part of product development.
You should see the fangs MIT and its licensees come out with when it is their intellectual property that is used, knowingly or otherwise. Compare this with the cavalier and legally naive response to this claim of copyright infringement: we didn't make that many copies.
Whether or not it was fair use, it was inane and stupid to use it without consent. Consent is virtually trivial and often cheap to obtain for the asking beforehand, and sometimes VERY expensive to obtain afterward. The problem is that the Institute seems to have plural standards to apply -- hands out, when doling out the licenses; but "come on, we're just a poor little educational institution" when seeking free use of the property of others.
We are heavily under-staffed even with my multiple attempts to show the owner that we need more resources. . . ..A large reason why many in this industry find themselves working long hours and weekends is that management makes unreasonable expectations and deadlines.
Maybe yes, and maybe no. But be very careful how you whine. It is not so simple as increasing staff and insisting on 40-hour weeks for everyone. That strategy can be as losing as the brain-dead whines of management.
Do NOT suggest that instead of doubling hours you should double staff to double productivity. The linear arithmetic of the mythical man-month is a disaster however you argue. Count on this -- be certain of it: doubling staff will not double productivity, probably not close to that. If you don't get this -- read Brooks. If you do, read it again anyway.
I think there are many reasonable views and unreasonable views on the time/productivity thing. In my experience, it is not the number of programmer hours, but rather the number of programmer hours "in the zone" that is the credible measure of productivity. Once I am "in the zone," it is a horrific waste of me to let me go home -- I for one am far better off hacking till I drop "out of zone," and then taking some recovery time, than coming in and leaving at any schedule. Everyone's (and every project's and every group's) rhythms are different.
But this is difficult to measure and understand -- part of the goal here is to recognize that it is not for management to MAKE ONE DO ONE'S JOB, but rather to MAKE IT POSSIBLE to do one's job.
I have no problem when management sets tough-to-meet, even unrealistic goals, so long as they permit engineers to do the engineering right. They cannot simultaneously control scope, resources and time allotted-- fixing two of these means the third must give. I have discovered that it is possible to explain and sell this to management -- and indeed other, more sophisticated ideas as well.
But if you try to sell the idea that increasing staff will get more productivity by itself, you are the one who has committed malpractice -- because you should know better. A bit more time than an 8-hour day may well improve productivity significantly. Much more than a 40-hour work week over an extended period of time may significantly decrease it. A few weeks at 80 hours or more may generate breakthroughs. But all these must be carefully managed and motivated, and combined with a sense of mission and purpose.
In short, the devil is in the details. It all depends on the project, the team, the requirements and the resources. More time may be reasonable, and for short spurts may not only be necessary but best. Weigh all the options intelligently -- consider reducing project scope or time expectations and weigh them against increases in staff or draw from present staff. The costs and benefits are tricky to weigh.
But quite frankly, if you are just there to sell the idea of shorter work weeks and larger staff as a panacea -- you are selling as much of a fantasy and bill of goods as was management.
The House of Representatives voted 385-3 last month to approve life prison sentences for malicious computer hackers.
Declan presumes that the Congress ignores geek wisdom, concluding that resistance is futile:
Trust me, a few--even a few thousand--peeved e-mail messages won't change vote totals that lopsided.
His defeatism is misplaced.
First, he overstates the argument -- Congress required far more than malice to earn a life sentence, you have to take or seriously risk lives in the process of your hackery. Indeed, in the Slashdot debate, only a few obvious ideas were floated HOW one could actually do such a thing.
Second, I have found to the contrary that the legislative process can be worked to the benefit of hackers, and precisely because of techno-lobbying. Many horrific and just plain stupid bills were floated this year and just as quickly dumped precisely because of sound, intelligent and organized lobbying by geek activist organizations. Other bills were neutralized or rendered harmless.
Lobbying does not equate to whining through email -- which appears to be Declan's only, quite blunt and ineffective, tool. But it is a straw man for his rather simple-minded argument. Others, using traditional processes and traditional means, seem to be doing much better.
While the Congress did provide for Criminal remedies for copyright infringement, they did so only in cases where the individual was doing so for private financial gain, or for cases where the infringement was egregious and amounting to actual privacy (at least $1,000 value in 180 days). For Justice to actually make a case against any individual would require intensive investigation and monitoring over an extensive period of time.
It is for precisely this reason that the Congress provided for civil remedies for copyright infringement including awards of an attorney fee -- so that private copyright owners can pursue their remedies on their own dime -- if it actually creates a meaningful cost to them (and presumably to society).
RIAA would like for us to spend tax money to support them, and save them the costs of prosecution. These Congressmen are engaging in the worst kind of pork by suggesting that our Justice department should waste tax and precious law enforcement resources prosecuting penny-ante civil copyright infringement cases. RIAA neither needs nor deserves such public assistance. Save Justice resources for meaningful pirates, yet, or more important, for meaningful law enforcement matters. The RIAA should take care of itself.
The conduct complained of here would also violate computer crime laws in most states. Thus, while Valenti might avoid federal prison for violation of the CFAA, he might still have to face charges and related civiil actions for violation of State laws in Florida.
Absent an express preemption clause, the bill would not have the desired effect for its authors -- and if they added an express preemption clause, the bill might become defective as unconstitutional under a host of theories.
Slashdot Mirror
Sonny Bono gets a Copyright law passed that will extend the term that Scientology can attempt to keep knowledge of their sham from the general public.
Coincidence, how? Bono died in January of '98. It is unlikely, no bizarre, to suggest that he fell on his sword for the faithful.
The CTEA passed in 1998 directly benefits Scientology and is a very bad law.
A truly staggering analysis.
No doubt, the public policy of well-monied interests getting special treatment granted to them by Congress every so many years at the expense of the public domain is of dubious value to society. No doubt, the "social contract" between authors and the public that is Copyright hardly requires such overreaching. To the contrary, the Sony Bono bill was bad law, bad policy and generally bad bad bad.
That isn't the question in Eldred v. Ashcroft. Here, the question is whether it is unconstitutional. I say this, because I would like my colleagues on Slashdot to realize the high likelihood that the Supreme Court may not opt to overturn this law, and can do so with the highest appreciation for all of these concerns. Deference of the judiciary to the Congress to make decisions, even bad decisions, is the rule, and it is highly likely that the rule will be followed in any given case.
But here, as the various briefs filed on both sides might indicate, the issues are far from trivial. I would commend to my colleages a careful reading of ALL the briefs, and all the issues before concluding that the Supreme Court has an easy call to "do the right thing." Legally, it is far from obvious that Eldred has the best of the argument.
In short, the vitreol may more properly be directed to the Congress that chose to pass the law than to the Court that may merely conclude that it is not its province to reverse a lousy decision made by the Legislative and Executive branches.
You would of course be legally clear here, and clear according to any AUP your ISP might have, but don't expect overzealous IP lawyers to give a damn about your rights.
It is quite sad how our legal system has been reduced to a system of "survival of the wealthiest."
To the contrary -- and this is the point of why this bill is bad. Presently, a person who's business had been criminally or tortiously interefered with by Computer abuse would have very solid grounds for fighting back. In other words, "overzealous lawyers" would be fond of working for him as well as for the deep-pocketed bad guys.
Don't forget, there is a serious downside of having a deep pocket -- a judgment against you is highly collectible. These entities CANNOT risk crossing the line into tortious conduct, with the concommitant potential for punitive damages.
And that, at the end of the day, is why Hackback is a bad law -- giving deep pockets strong technical defenses for potentially malicious conduct allows them to use their pocketbooks risk-free to abuse us. At least today, an "overzealous lawyer" can make their life as awful as they can make the public's.
Given the name GNU, it's quite easy to find the Manifesto. Just mentioning the Free Software Foundation would be similarly effective. But there are no concrete ethics behind the creation of Linux, so that name doesn't accomplish anything.
- inside-this-box-and-read-the-screeds-at-www.fsf.or g?
Now how, precisely, would renaming a distribution educate users who do not presently know "of their rights?" Perhaps you should propose instead renaming Linux to: GNU/Linux/but-you-really-need-to-read-the-license
Quite clearly, the name does nothing to create the awareness of "user rights" (whatever that means) in the minds of those not already aware of them.
What public support? We're having this argument again because Project GNU is still being expunged from public view and the users are still being kept ignorant of their rights.
- inside-this-box-and-read-the-screeds-at-www.fsf.or g?
Now how, precisely, would renaming a distribution educate users who do not presently know "of their rights?" Perhaps you should propose instead renaming Linux to: GNU/Linux/but-you-really-need-to-read-the-license
Disputes like this keep FSF's more substantive arguments from being taken seriously. Efforts to define the world to suit their needs by quibbling about language may play in well-educated communities, but will be ignored or worse in the rest of the world -- the part that matters.
People in the real world see through this immediately - indeed intuitively - and quickly grow tired of the wordplay.
This issue, like many others, just gives enemies of open software more fodder on which to chew and helps our community not at all. Whatever the merits of the argument may be, FSF is clearly fighting a losing battle, and squandering a great deal of well-earned credibility and public support in the process.
I am not sure that the argument itself is persuasive, but even if I agreed with it entirely, it isn't an argument that has to be made. It hurts the community at large, and FSF in particular. RMS should cease and desist.
Explain that to Dmitri Sklyarov, who spent more than a month in jail for releasing a hacking tool, which unlocks Adobe e-books.
That's just silly. This is some new use of the word "hacking tools." Certainly, Elcomsoft doesn't think so -- the words "hacking tools" do not appear on their web site.
Sure, you can try to define yourself out of this argument by treating the word "hacking" to mean whatever you like. But that's the same logical error -- you are still conflating the same concepts. If you define "hacking" to include the activity of trafficking in software for "unlocking Adobe e-books," congratulations! You won the argument. But so what? My point is that DMCA is not directed toward the conduct traditionally known as hacking by most of us (clever machination of technical systems) nor the conduct currently known as hacking (cracking). The DCMCA anti-circumvention proscriptions may overlap with some cracking conduct, just as any number of other laws -- that doesn't make it anti-cracking legislation, for the reasons stated earlier.
The reason the DMCA is particularly pernicious, however, is that it criminalizes the dissemination of "hacking tools", not just the act of hacking itself.
You will search in vain to find "hacking tools" among the proscribed devices set forth in DMCA. Only particularized devices are involved there, and very few of them have ANYTHING to do with cracking.
I don't disagree that the DMCA is pernicious, only that the conflation of it with these practices is bad karma for those who would like to criticize DMCA -- its technically weak as an argument, and generally associates violators of DMCA with an image not favorably taken in the public at large. If you want to beat down the DMCA, don't blame everything on it, like some technological "el nino."
There is simply no reason to think that releasing an exploit script directed to a technical vulnerability would be a DMCA violation -- and the HP backtracking that immediately followed their ludicrous overreaching is more evidence that DMCA is not implicated than that it is.
internet is somehow a faucet of distribution with which material and physical distribution cannot meaningfully compete. It is arguably faster and more efficient to distribute DVD's using the mails -- thousands of terabytes per day can be distributed far more efficiently (and cost effectively) in this manner than upon the internet.
The threat to distribution is not that it exists at all (you can find pirated DVD's on most any city street), but whether it is significant compared to the principal modes of distribution available to legitimate parties.
The MPAA claims that the internet has creates significant consequences and risks -- citing to supposedly a kazillion feature films being pirated daily. This simple piece of arithmetic is a useful hunk of rebuttal.
The analysis is really quite simple -- is there consent, actual or implied, either to: (i) reproduce the work; (ii) distribute the work; or to (iii) make derivative works. A quick review of the website indicated that the editing is not a "cut-up" of the original tape, but rather sale or rental (distribution?) of an edited (derivation?) COPY (reproduction?). I think a persuasive argument may be made that, unless a defense is available, the art of editing new copies and distibuting them constitutes an actionable offense. [Indeed, the content manipulation is not relevant to this part of the analysis -- I would come out the same if it was a pure 1:1 copy, with the distribution of the copy while retaining the original "for archival purposes."]
The next question is whether a defense applies. Since the original copy is not distributed, first sale probably does not. The next question is fair use, requiring a four-factor analysis that I am not sure would be present here. And here is where the director's equities, and the for-profit nature of the editor, will fit in.
As a lawyer, my answer on questions like this will always be along the lines of "it depends."
While the ethics of cracking have always been interesting, the legality has never been an issue. It is, and for years has been, a crime, essentially, merely to knowingly obtain unauthorized access or to exceed authorized access to a computer owned by another. [Alas, many companies have injudiciously asserted these criminal charges against former consultants, merely to beat a bill with a nasty counterclaim.]
However popular it is to join the bandwagon railing against the DMCA anti-circumvention provisions (people seem to forget that the DMCA is itself an omnibus of technical and non-technical issues, good, bad and indifferent, and ranging from boat-hull designs to ISP immunities), the article's focus on DMCA is misplaced -- almost irresponsibly so.
The big guns against cracking conduct have been in place for years, and well before DMCA: The Computer Fraud and Abuse Act, the ECPA and countless state computer crime and regular theft statutes. All of these tend to be much broader in scope and reach, and far easier to prove and enforce. After the enhancements (from a prosecutor's point of view) made in the USA-PATRIOT Act, CFAA has become an even more powerful tool. The FBI didn't need a DMCA to get Kevin.
At the end of the day, the HP nonsense was just that: nonsense. The reason the HP DMCA threat was never pressed was simple -- it was a no-play claim, and everybody knew it. However, there are and have for years been a kazillion laws to beat up on anybody who engages in unauthorized access or exceeding authorized access of any kind, and regardless whether the conduct amounts to any circumvention of an effective copyright protection scheme.
I'm not arguing cracker ethics, or defending DMCA. I'm simply saying that the focus of the article is wildly misplaced. DMCA is just barely an interesting curiousity in the enforcement quiver -- so far as real cracking goes, it isn't even a fourth-string defense except in the oddest cases.
There are several versions of the Apple Unix-centric print ads available on-line.
Apple is (currently) ignoring Unix users! This is not merely speculation on my part.
No, it is either clearly false (see below) or non-falsifiable blather. Apple has engaged in substantial marketing specifically directed toward the Unix Market, for example by running Apple print ads directed to the Unix Market, complete with "/dev/null" unix jargon.
Reasonable people may differ with our anonymous coward about whether discounting his 1990 suggestion constitutes ignoring the entire Unix market, or whether he simply has an overblown view of the representattive constituency of his own design choices as compared to those of others.
I have worked Unix, Mac, Windows and other OS and development environments for decades, and don't find myself using the control key all that much more in any one as opposed to another, so I don't see this as a peculiarly Unix-centric issue. Even so, despite doing a massive amount of Unix and terminal work day by day on my prime ax, an Apple Powerbook, and having a zillion desktop and other machines around from which to pick, I just don't experience his pains. (I suppose I find the virtue of my wireless flexibility to walk around my world more significant to me than the slight trick of learning my fingers around a keyboard.)
1) It's not worth doing a patent search. Most of the larger companies do not. If you've done a perfunctory search and it's not obviously covered by prior art, then go for it! Worst case, the patent office tells you about some prior art & you adjust your application to take it into account (this almost always happens anyway).
This advice is so bad that I almost don't know where to start. A competent prior art search is an essential first step to obtaining adequate patent coverage, and is a practical and relatively low-cost way to avoid investing in preparation and prosecution of a dead-end valueless patent.
Some people want to file for a patent solely to obtain the pretty deed-like certificate. To that end, perhaps the author's advices may be meaningful. The rest of us (meaning MOST of us) would invest in preparing a patent application solely for the hope of obtaining a grant of rights more valuable than the expenses. Without a competent search, you will lose on every front:
1) avoid claiming too broadly. If you claim too broadly, and then amend by substantially revising the claims, you lose all benefit of the doctrine of equivalents due to prosecution history estoppel;
2) avoid claiming too narrowly. You simply can't know how good or bad is your invention until you have done a novelty search. If you don't see what is really out there, you might not claim enough;
3) avoid filing negative value patents. A negative value patent is a patent that, even if obtained or obtainable, will never have commercial value exceeding the cost of obtaining the rights. $25,000 for a piece of waterfront property in Miami sounds like a great deal -- until you discovery that the property is only a square inch in area. Without a prior art search, you cannot responsibly evaluate or even estimate the commercial benefit or value of the invention. Guess too high or too low, and you have lost value.
The remark about large companies not performing searches is primarily false, and certainly misleading. Large companies with in-house patent counsel might not need to perform searches for general improvements to well-known technology, for the simple reason that these in-house lawyers are ALREADY experts on the relevant prior art. This is common, particularly in the arena of manufacturing entities, where it is not only practical, but frequently the case, that a good in-house lawyer may be aware of (and routinely keep up with) most of the relevant art. Other companies distinguish between "commodity" patents from real inventions, the former being primarily portfolio fodder to avoid third-party claims and to reserve opportunities for cross-licensing out of lawsuits. For these commodity patents, less investment is justified beyond a cursory search.
Few individuals have any use for vanity or commodity patents. Let your lawyer do a real search -- the failure to do so will cost you much down the road, one way or the other.
Reading the comments, I notice that readers are confusing or conflating various issues -- not terribly, but it may be interesting to understand the various bodies of law applicable here:
1) Trade secret law. This is the body of law that prevents you from using or disclosing certain information disclosed to you, directly or indirectly under certain circumstances amounting to a "confidential relationship." You get nailed either by using or disclosing, or by threatening to do so. Virtually every state has strong TSL. TSL is a species of intellectual property law.
2) Covenants not to compete. This is the body of law governing the enforceability of contract provisions stating that a person promises not to compete with a business entity. State laws vary widely as to enforceability. Some completely prohibit these provisions. Others enforce them skeptically, depending upon their "reasonability." Still others have detailed rules for reasonability as to time and space limitations. Others limit to whether the covenant is necessary to protect a reasonable commercial interest. CNC is a species of antitrust regulation.
3) Inevitable Disclosure Rules. This is the DMCA of trade secret law, and this was the subject of the case here. Various jurisdictions (including, alas, Florida) have taken to the view that enforceable non-compete-like protections can be given, without express covenant, to protect a trade secret when a former employee undertakes a job where the disclosure of the secrets is an inevitable consequence of working there. It is a monster, because it invades and disfigures both trade secret AND covenant policies: ID, like trade secrets, potentially last forever and have no territorial bounds. And ID, like covenants, require no proof of bad intent or misappropriation -- even threatened misappropriation. ID, like DMCA, is neither antitrust nor intellectual property -- it is merely naked technology regulation.
Since covenants and trade secrets, respectively, embody a complex set of balancing issues and policies -- ID, by rejecting those policies, unmoors trade secrets and covenants law from their fundamental justifications, and therefore is as likely to hurt the economy as help it. Like the DMCA, which unmoors copyright law from its fundamental policies, ID risks creation of dangerous rights in gross to a few powerful litigious corporations, with no useful payback to society.
4) "Right to work" law, so far as I know, is simply a euphemism for the proposition that an employer is free to hire or fire any employee on any given day, and cannot be held to contract (union or otherwise) regarding employment on any other basis. Basically, it makes illegal the old union notion of a closed shop. (In this arena, I am no expert, but folks seem to be misusing the term here.) RTW is a species of employment law, slightly akin to a backwards version of antitrust.
This article here comments on a legal case where a shrink-wrap license may be binding.
The Bowers case is scary, indeed, but it hardly breaks ground on the proposition quoted above. The Federal Circuit Opinion relies on a longstanding string of case law (including the 1996 7th Circuit opinion in the ProCD case) finding a shrink-wrap agreement to be enforceable. While the enforceability of shrink-wraps will likely be heavily fact-dependent (and possibly jurisdiction-dependent), there has been enough guidance for years for a well-advised publisher to have little doubt that purchase and use of her software will be governed by the shrink-wrap. In other words, "Shrink wraps done right are enforceable. Duh."
The scary result in Bowers is not the enforceability of the shrink-wrap agreement, but the enforceability of a particular provision (the no-reverse-engineering provision), and a holding that the Copyright law that permits reverse engineering DOES NOT PREEMPT a state contract claim. This is actually quite a huge(ly bad) result, and it is hard to distinguish the analysis of the Federal Circuit case from a hypothetical book with the "no fair use" shrink-wrap provision.
This isn't a question of offer and acceptance -- its a question of federal law being circumvented by an activist court.
As far as QA, I tell you what. If the system is designed correctly, it will need very little QA. I know this because some systems can never get it right, no matter how much QA go into them, because of fundamuntal design flaws.
Chris argues that because systemically flawed systems cannot be cured by any amount of QA, it follows that systemically adequate designs do not require more than "very little QA." Not only is this a logical fallacy, it is also dead wrong.
QA is an essential part of any system development methodology -- no matter how good the design, human beings implement it, and humans make errors. Relying on design alone (or even primarily) is a terrible error. Humans cannot help but make errors -- and design alone cannot prevent this. QA gets short shrift enough in the best of systems -- it is inherently and necessarily an essential part of product development.
You should see the fangs MIT and its licensees come out with when it is their intellectual property that is used, knowingly or otherwise. Compare this with the cavalier and legally naive response to this claim of copyright infringement: we didn't make that many copies.
Whether or not it was fair use, it was inane and stupid to use it without consent. Consent is virtually trivial and often cheap to obtain for the asking beforehand, and sometimes VERY expensive to obtain afterward. The problem is that the Institute seems to have plural standards to apply -- hands out, when doling out the licenses; but "come on, we're just a poor little educational institution" when seeking free use of the property of others.
We are heavily under-staffed even with my multiple attempts to show the owner that we need more resources. . . . .A large reason why many in this industry find themselves working long hours and weekends is that management makes unreasonable expectations and deadlines.
Maybe yes, and maybe no. But be very careful how you whine. It is not so simple as increasing staff and insisting on 40-hour weeks for everyone. That strategy can be as losing as the brain-dead whines of management.
Do NOT suggest that instead of doubling hours you should double staff to double productivity. The linear arithmetic of the mythical man-month is a disaster however you argue. Count on this -- be certain of it: doubling staff will not double productivity, probably not close to that. If you don't get this -- read Brooks. If you do, read it again anyway.
I think there are many reasonable views and unreasonable views on the time/productivity thing. In my experience, it is not the number of programmer hours, but rather the number of programmer hours "in the zone" that is the credible measure of productivity. Once I am "in the zone," it is a horrific waste of me to let me go home -- I for one am far better off hacking till I drop "out of zone," and then taking some recovery time, than coming in and leaving at any schedule. Everyone's (and every project's and every group's) rhythms are different.
But this is difficult to measure and understand -- part of the goal here is to recognize that it is not for management to MAKE ONE DO ONE'S JOB, but rather to MAKE IT POSSIBLE to do one's job.
I have no problem when management sets tough-to-meet, even unrealistic goals, so long as they permit engineers to do the engineering right. They cannot simultaneously control scope, resources and time allotted-- fixing two of these means the third must give. I have discovered that it is possible to explain and sell this to management -- and indeed other, more sophisticated ideas as well.
But if you try to sell the idea that increasing staff will get more productivity by itself, you are the one who has committed malpractice -- because you should know better. A bit more time than an 8-hour day may well improve productivity significantly. Much more than a 40-hour work week over an extended period of time may significantly decrease it. A few weeks at 80 hours or more may generate breakthroughs. But all these must be carefully managed and motivated, and combined with a sense of mission and purpose.
In short, the devil is in the details. It all depends on the project, the team, the requirements and the resources. More time may be reasonable, and for short spurts may not only be necessary but best. Weigh all the options intelligently -- consider reducing project scope or time expectations and weigh them against increases in staff or draw from present staff. The costs and benefits are tricky to weigh.
But quite frankly, if you are just there to sell the idea of shorter work weeks and larger staff as a panacea -- you are selling as much of a fantasy and bill of goods as was management.
But this case lies in a gray area, he notes, because until the idea is reduced to practice, it's not an invention and you can't patent it.
This simply isn't the law, at least not here in the United States. Many inventions have been patented without being reduced to practice.
Sorry about the bold-faced "shouting" -- I mistyped a for a
.
Predicated on the premise that
The House of Representatives voted 385-3 last month to approve life prison sentences for malicious computer hackers.
Declan presumes that the Congress ignores geek wisdom, concluding that resistance is futile:
Trust me, a few--even a few thousand--peeved e-mail messages won't change vote totals that lopsided.
His defeatism is misplaced.
First, he overstates the argument -- Congress required far more than malice to earn a life sentence, you have to take or seriously risk lives in the process of your hackery. Indeed, in the Slashdot debate, only a few obvious ideas were floated HOW one could actually do such a thing.
Second, I have found to the contrary that the legislative process can be worked to the benefit of hackers, and precisely because of techno-lobbying. Many horrific and just plain stupid bills were floated this year and just as quickly dumped precisely because of sound, intelligent and organized lobbying by geek activist organizations. Other bills were neutralized or rendered harmless.
Lobbying does not equate to whining through email -- which appears to be Declan's only, quite blunt and ineffective, tool. But it is a straw man for his rather simple-minded argument. Others, using traditional processes and traditional means, seem to be doing much better.
While the Congress did provide for Criminal remedies for copyright infringement, they did so only in cases where the individual was doing so for private financial gain, or for cases where the infringement was egregious and amounting to actual privacy (at least $1,000 value in 180 days). For Justice to actually make a case against any individual would require intensive investigation and monitoring over an extensive period of time.
It is for precisely this reason that the Congress provided for civil remedies for copyright infringement including awards of an attorney fee -- so that private copyright owners can pursue their remedies on their own dime -- if it actually creates a meaningful cost to them (and presumably to society).
RIAA would like for us to spend tax money to support them, and save them the costs of prosecution. These Congressmen are engaging in the worst kind of pork by suggesting that our Justice department should waste tax and precious law enforcement resources prosecuting penny-ante civil copyright infringement cases. RIAA neither needs nor deserves such public assistance. Save Justice resources for meaningful pirates, yet, or more important, for meaningful law enforcement matters. The RIAA should take care of itself.
The conduct complained of here would also violate computer crime laws in most states. Thus, while Valenti might avoid federal prison for violation of the CFAA, he might still have to face charges and related civiil actions for violation of State laws in Florida.
Absent an express preemption clause, the bill would not have the desired effect for its authors -- and if they added an express preemption clause, the bill might become defective as unconstitutional under a host of theories.