The blog post never mentioned when it was discovered, just "recently". For all anyone knows they could have been doing Linus a favour and kept their mouths shut until Linus came out with a patch, seeing as the very post that announced the exploit already linked to the patch. In a situation like this with Microsoft, do you think they'd exercise the same grace?
Certainly. It's billed as "responsible disclosure" and Microsoft strongly supports it. Many Microsoft vulnerabilities aren't reported until after patches are released. Some vulnerabilities remain in limbo for an extended period of time.
If the only way I can exercise a right is by breaking the law, then I'm not free to exercise that right. Yes, I know how to break the law and accomplish the task. I shouldn't have to break the law.
The problem isn't that it's "not so completely easy that any idiot can do all of them simultaneously while juggling chainsaws." The problem is that it requires very specialized knowledge to exercise that right due to legal barriers (assuming THAT is possible - likely not). Technical barriers isn't a legal issue and entirely beyond my point so you can safely put your chainsaws down.
Don't be ridiculous. The meaning of words predates software entirely. If you can't accept common language then you aren't qualified to participate in discussion.
I'm not sure you're qualified to participate in discussion if you don't actually DISCUSS. What words are you talking about? Yes - words have meaning. And specific words, like "free", have the exact same meanings that some of those crazy software folks are claiming they do (the problem is that they tend to have multiple meanings).
Now whether the FSF and the GPL does what they claim it does... that's a different point of debate.
In Miranda, the Supreme court established that a right is useless, and therefore abridged, if there is no means to execute that right.
This is Slashdot, and you're trying to claim that you have no way of making a backup of a DVD unless you use the RealNetwork's utility? Really?
Moot point. I know all manner of ways to use technology to circumvent the law. Doesn't mean that I should have to in order to exercise my legal rights. And it doesn't mean someone with less technical knowledge should be unable to exercise their rights.
I'd be cautious about dismissing RMS too much. It seems to me that RMS should have some "ownership" of the GPL in so far as it's authored by his group. And that group has always been an advocacy group even while acting as a software collective.
I like GNU's philosophy page. And I like RMS' rants. I can't always find myself agreeing or willing to follow the ideas presented. But they're often worth considering.
I've known individuals before who were very much the backbones of any given technical environment. They weren't good leaders. They weren't good with people in general. They weren't the ones you brought to a big presentation with "the suits." But they certainly were the ones you turned to when wanting things to work - both now and in the future. And even if their initial lack of pragmatism could be frustrating, their long-term view was often solid.
RMS strikes me as one of those guys. He's a sort of Don Quixote. You may not wish to emulate his example. But the ideals he presents aren't always without merit.
Torvalds offers his own merits. I wouldn't even begin to present him and RMS as an either-or choice.
What you missed is that there's a difference between your definitions of "free" and "open source" and what that word and that phrase literally mean to the vast majority of people (even the majority of IT people).
And what you're doing is willfully ignoring the fact that there ARE semantic issues. Freedom and free-of-charge or not the same thing yet they can both be referred to as "free." This is just as much "hijacking" as the Free Software group.
You clearly understand the situation - semantics and all. Yet you're doing nothing to "start debating the real issues."
This sort of attitude is less about giving a company or individual what they want or need and more about making a philosophical/religious point about how you think people should behave and I agree with the article it's stupid and fairly damaging to the reputation and advancement of free/open source software.
What you missed is that there's a difference between "free" and "open source." As you noted, RMS is all about Free Software yet you ignore this distinction as quibbling. This isn't about some indistinct philosophy or religious point. It's about establishing an ecosystem that will service both a company and the individual. RMS pushing this agenda is not so strange.
That doesn't mean everyone has to agree with him. He's a pretty eccentric guy by any account. You can find less eccentric (and less easy targets) than RMS among those who support the GPL. And you can certainly find Open Source proponents who will note that the entire OSS world does not revolve around Free Software and the GPL.
The article is right in so far as the fact that there are many OSS options. One should review those options and pick an appropriate license. However, the rest of the article is, at best, misleading.
My point in this whole thread is that both are wrong for the same reasons. If I steal $10 vs $10,000, we can both agree that they're both wrong because stealing is wrong (and I'm not referring to the legality here).
Which is fine if we're dealing with one single moral rule. But what we're looking at here is a combination of moral issues. The "beyond the pale" part isn't that this group is lying any more than Cohen is. It's that they're invoking harm and damage in the process of their "prank" which is something (I think) Cohen avoids. And that is something entirely different than acting like the fool to unsuspecting people.
I should note that I'm not a Cohen fan. I've seen a good portion of Borat but lost interest in it somewhere and never finished watching the whole thing. I'm not familiar with anything else he's done. So I'm certainly no expert on his particular style.
I have often enjoyed Candid Camera, Trigger Happy TV, and some series of European crew that also put unsuspecting victims in odd situations (sometimes involving nudity - definitely not for US TV). I'd have a real hard time accepting that any of these guys are on the same moral scale as Pranknet.
When a storm knocks out the electricity and the traffic lights stop working, I've always seen everyone obeying the rules.
You must live in fantasy land. Most people don't even know what to do when power goes out at an intersection. They all try to go at the same time.
As much as I grumble about what idiots my fellow drivers are, I've seen this in action. I was in Houston during Ike's aftermath when the majority of the city lost power. I saw plenty of inconsiderate idiots during that time. But I also saw the vast majority of folks working together. You had to be careful around intersections because you didn't know for sure some bozo was going to muck it all up. Sure. But I made it through those intersections without incident (although it was MUCH nicer to have the street lights going again).
Actually, if both were done maliciously for similar reasons, then the morality aspect is the same. One may incur a greater punishment because the damage done was greater.
By saying the morality is the same, I'm not suggesting the crimes are of equal magnitudes. Just that they are on the same "scale", with one being much further along that scale.
But doesn't the intent to create an increased amount of damage imply an additional moral decision? The phrase "beyond the pale" comes to mind. It's one thing to do something with malicious intent where the harm done is negligible. It's another thing to do something maliciously with the intent to cause serious harm or damage. While both might be looked at as points along the same scale (intentional malicious action), it takes a considerable leap in judgment to go from one point along that scale to another.
Bullshit! Is all humans are the same then surely Africa does not need our help and should be as thriving a community as any other western civilization. Since that's clearly not the case your above statement is just a bunch of shit, and the rest of your statements as suspect...
This is precisely why in science, real science, we have the scientific method which requires that experiments/studies etc. be repeatable. All it would take is for these fraudulent claims to be tested and it is over for the fools who tried to usurp the system.
The question is, who's going to do the repeat? If an experiment is prohibitively expensive to recreate it offers a natural cover for fraud. Not that scientific method isn't a Good Thing. But one can't just utter it as an incantation against the demons of deceit.
However, it does seem bizarre that guys who are entrusted to carry loaded automatic weapons around (and use them), aren't trusted to write a tweet to their buddies back home. A guy is given the power to shoot people, but not to blog or buy a beer (if he's under 21). Seems like a mixed message.
My first duty station in the USAF was tech school. The state in which the base was located had set the drinking age at 21. The Base Commander set the drinking age at 18 which meant all military personnel could drink at the base facilities (Airman's Club, NCO Club, Officer's Club, Bowling Alley, etc.). If you were caught drinking under-age off-base you were still very much in trouble for breaking the law.
The action at the Airman's Club would get pretty insane as individuals who went through the clamp-down that's Basic Training and the initial restrictions of tech school finally got access to alcohol. Eventually the Base Commander got tired of these shenanigans and put an end to drinking at the Airman's Club (I forget if he raised the drinking age or simply ordered alcohol removed from the club - training personnel were not allowed at the NCO Club). Enterprising airmen realized that the local Navy CB station was a short drive away, also had their drinking age set to 18, and so made the short drive to their NCO Club. Then trouble started there and the Base Commander banned the CB's NCO CLub from training personnel. My next duty station (first "real" USAF assignment) was in Germany. The drinking age was sufficiently low (I believe they followed local German laws) and so I continued having access to alcohol well before the age of 21.
The point here is that it's not as simple as "a guy is given the power to shoot people, but not to blog or buy a beer..." There is much more to the situation(s) at hand. Just as alcohol was managed according to the impact on the Command (incidentally, getting caught with alcohol during a tour in the Middle East was just as bad as being caught with pot), if you actually look at the situation with social networks you'll find that there's an issue with the impact on the Command.
I can understand that the activity all happened within the US but i'm not quite so sure why there is the instance on extriditing him apart from presumably that a guy on his mom's computer managed to hack into supposedly the most secure computers at the time leaving them with egg on their face and a great deal of embarrasment.
First - let's not give this guy too much credit. I highly doubt he managed to access anything close to "the most secure computers at the time." What systems were involved seems to be subject to a lot of hyperbole. McKinnon's own claims differ depending on whether he's talking up his UFO hunt or fighting extradition. The US Government's case is about showing a reason to support extradition - you can expect any errors in estimation to fall against McKinnon. From what I know of the systems McKinnon vaguely describes in his UFO interviews and my experience with US Government agencies drafting damage estimates for these sorts of incidents, I'm much more willing to believe that this whole thing is blown greatly out of proportion and McKinnon's actual damage and degree of access was far less ominous than some would believe.
So why bother with extradition? It's about law and time-lines. We have to keep in mind that the Government is ultimately bureaucracy defined by law. There are pockets of competence in various given fields of expertise. But the majority of the system consists of bureaucrats that operate according to procedures defined to them largely by various laws. So while there are small groups within Government that can understand technical issues like information security, the vast majority do not. But they do understand law. And they will pursue the Law when possible.
It should be noted that there's been a lot of improvement within Government concerning information security. But that has been a very slow process that has been equally slow in building momentum. The time period of McKinnon's alleged hijinks are pretty early in this process. The methods of the Government at the time were much more weighted to legal prosecution than technical prevention.
Micro-Soft were definitely in the right place at the right time and made the right move. But part of that was due to Digital Research's mis-steps. QDOS existed because CP/M-86 didn't (yet) - without that, MS wouldn't have had anything to sell to IBM. In turn, IBM wouldn't have been looking around for something if Digital Research hadn't frustrated IBM's attempts to license CP/M-86 (I really get the impression that something was holding up CP/M-86 development and everything was a holding tactic that lead to a lost opportunity - but I have no evidence to back that up). And then once CP/M-86 made it to the IBM-PC, it was inordinately more expensive than PCDOS / MSDOS.
The reason DOS was so important was that it was one of the gatekeepers to a commodity platform. When Compaq set out to produce a better IBM-PC than IBM, they needed to maintain compatibility. Being able to license the same underlying OS that IBM used for their products was a big step towards doing that.
I don't see any reason CP/M wouldn't have offered the same environment DOS did. I've seen Gates credited with being astute enough to retain a non-exclusive contract with IBM for DOS (which was indeed important - and a very good move). But Digital Research's business model with CP/M was very much multi-platform and non-exclusive. If talks with IBM hadn't broken down and CP/M-86 was available, then I have no doubt that Compaq would have been licensing CP/M-86 for their first IBM-PC clones, blazing the path for every other clone shop to follow.
The issue isn't that Disney dips in to the Public Domain pool to produce stories. After all, that's exactly why the Public Domain is so important. It SHOULD be there for people to draw from. Rather, the issue with Disney is that they've been a driving force to ensure that their works do not return to the Public Domain, failing to enrich the very resource that as served them so well (and in the process denying the public a very important resource over time).
If you go back in time and prevent Microsoft... then we'll all be using Apples, Amigas, or worse: OS/2 will have caught on... Jebus save us!
I'm not so sure. If it wasn't for DOS, CP/M would still fit the bill - likely setting forward the chain of events that lead to clones and commodity platforms.
There is NO FUCKING BENEFIT to the customer. EVER. Things are not cheaper, they are no easier to access - in fact the opposite is often true.
I can't agree totally with this. DRM makes content that would otherwise be unavailable in a digital format available, only because some companies refuse to license their content unless it is protected by DRM.
I'm more inclined to believe these individuals will grab at DRM because it promises them the moon; that they can be a part of the digital revolution while maintaining scarcity barriers inherent in physical media. If these individuals didn't wish to take the risk of removing the physical barrier, then they can sit there with their "product" unsold while those who take that risk are rewarded with continued sales. Eventually everyone will have to come on board or go out of business. DRM offers the false promise that this risk isn't required.
But what's more dangerous, the bag of tricks in the hands of a few skilled people or an open bulletin board with 0day-exploits for everyone?
What makes this question even more complicated for me is that Secunia, the people who protect us from exploits if we pay them, is sponsoring this practice.
The bag of tricks in the hands of a few - hands down. What we're talking about here is carte blanc access in the hands of a select few. We have to trust that the motives of these few strangers will fall in line with ours. And then we have to trust that the "select few" will remain few. Eventually they won't in both cases. Individuals will use these exploits to cause damage. And knowledge of these exploits will spread until even the least trusted in the underground has access to it.
We ran this gambit in the 80s. Exploits would become known within the underground. The most elite would share the knowledge amongst other inner-circle personalities. Eventually the exploit would slip to wider and wider distribution. Vendors would either be oblivious to the exploit or completely unmotivated to fix it. The general public would be oblivious to it or unmotivated to invoke any fixes a vendor might have provided. Until some amateur will do something damaging (intentional or not) with the information.
An interesting thing to note is the nature of computer crime over the years. A good deal of it was the activities of the stereotypical exploring hacker / phreak. And there was always the insider looking for revenge or manipulating data to steal. However, there were also "classic" hackers making money manipulating systems to steal equipment. And the Mafia was a consumer of Blue Boxes.
Today, the computer crime scene has expanded to provide ample opportunities to tempt the first individual willing to hand over an exploit. You can question Secunia's motives if you want. But you should be aware that there are others just as driven with much more sinister motives.
I agree that 0day exploits on public bulletin boards breeds chaos. But it's very visible chaos. Many more people are aware of the issues presented by a publicly published vulnerability. And that gives it a better chance of being addressed and its effective life shortened.
It would be better, of course, if the vulnerability never existed. But they tend to exist. There are 0days right now waiting to be discovered. The question is how long until they are discovered, by who, and how will they be used?
I imagine that a substantial part of the sudden increase in society's respect for geeks, (maybe mostly their potential incomes,) was due to the glamorous press exposure l0pht received at that time.
Or maybe it's that whole Internet thing that was popping up around that time. The geeks became attractively rich. The tech stopped being black boxes hidden in white-floored, air-conditioned caves and became vehicles for wealth and ubiquitous services. And did I mention the geeks becoming attractively rich?
I doubt "society" in general paid much attention to L0pht (beyond the attention the mysterious hacker "whiz kid" usually gets). There was already about a decade of exposure to the microcomputer and the concept that it would change our lives. And we had already seen ample exposure of the hacker to pop-culture (i.e. the movie War Games and T.V. show Whiz Kids). Mainstream society seemed sort of curious but not entirely impressed with the geek behind the curtain.
But when the Internet dot-boom era began, money got everyone's attention. Suddenly the geek behind the curtain got much more interesting.
I haven't really understood their views on non-disclosure but my guess is they'd rather have no disclosure at all than the farce that is full disclosure.
My guess is that they don't want people ruining their fun. It's a lot easier to have a bag of tricks if people aren't aware of what said tricks are.
Sounds like Guggenheimer is betting on nostalgia. It's not uncommon for the mind's eye to view the past with rose-colored glasses. People forget past hardships and latch on to fond memories. Given enough time, I'm sure the same will happen with Vista.
Which might eventually put Vista on the same footing as The A-Team and Transformers.
Slashdot Mirror
The blog post never mentioned when it was discovered, just "recently". For all anyone knows they could have been doing Linus a favour and kept their mouths shut until Linus came out with a patch, seeing as the very post that announced the exploit already linked to the patch. In a situation like this with Microsoft, do you think they'd exercise the same grace?
Certainly. It's billed as "responsible disclosure" and Microsoft strongly supports it. Many Microsoft vulnerabilities aren't reported until after patches are released. Some vulnerabilities remain in limbo for an extended period of time.
If the only way I can exercise a right is by breaking the law, then I'm not free to exercise that right. Yes, I know how to break the law and accomplish the task. I shouldn't have to break the law.
The problem isn't that it's "not so completely easy that any idiot can do all of them simultaneously while juggling chainsaws." The problem is that it requires very specialized knowledge to exercise that right due to legal barriers (assuming THAT is possible - likely not). Technical barriers isn't a legal issue and entirely beyond my point so you can safely put your chainsaws down.
Don't be ridiculous. The meaning of words predates software entirely. If you can't accept common language then you aren't qualified to participate in discussion.
I'm not sure you're qualified to participate in discussion if you don't actually DISCUSS. What words are you talking about? Yes - words have meaning. And specific words, like "free", have the exact same meanings that some of those crazy software folks are claiming they do (the problem is that they tend to have multiple meanings).
Now whether the FSF and the GPL does what they claim it does... that's a different point of debate.
In Miranda, the Supreme court established that a right is useless, and therefore abridged, if there is no means to execute that right.
This is Slashdot, and you're trying to claim that you have no way of making a backup of a DVD unless you use the RealNetwork's utility? Really?
Moot point. I know all manner of ways to use technology to circumvent the law. Doesn't mean that I should have to in order to exercise my legal rights. And it doesn't mean someone with less technical knowledge should be unable to exercise their rights.
I'd be cautious about dismissing RMS too much. It seems to me that RMS should have some "ownership" of the GPL in so far as it's authored by his group. And that group has always been an advocacy group even while acting as a software collective.
I like GNU's philosophy page. And I like RMS' rants. I can't always find myself agreeing or willing to follow the ideas presented. But they're often worth considering.
I've known individuals before who were very much the backbones of any given technical environment. They weren't good leaders. They weren't good with people in general. They weren't the ones you brought to a big presentation with "the suits." But they certainly were the ones you turned to when wanting things to work - both now and in the future. And even if their initial lack of pragmatism could be frustrating, their long-term view was often solid.
RMS strikes me as one of those guys. He's a sort of Don Quixote. You may not wish to emulate his example. But the ideals he presents aren't always without merit.
Torvalds offers his own merits. I wouldn't even begin to present him and RMS as an either-or choice.
What you missed is that there's a difference between your definitions of "free" and "open source" and what that word and that phrase literally mean to the vast majority of people (even the majority of IT people).
And what you're doing is willfully ignoring the fact that there ARE semantic issues. Freedom and free-of-charge or not the same thing yet they can both be referred to as "free." This is just as much "hijacking" as the Free Software group.
You clearly understand the situation - semantics and all. Yet you're doing nothing to "start debating the real issues."
This sort of attitude is less about giving a company or individual what they want or need and more about making a philosophical/religious point about how you think people should behave and I agree with the article it's stupid and fairly damaging to the reputation and advancement of free/open source software.
What you missed is that there's a difference between "free" and "open source." As you noted, RMS is all about Free Software yet you ignore this distinction as quibbling. This isn't about some indistinct philosophy or religious point. It's about establishing an ecosystem that will service both a company and the individual. RMS pushing this agenda is not so strange.
That doesn't mean everyone has to agree with him. He's a pretty eccentric guy by any account. You can find less eccentric (and less easy targets) than RMS among those who support the GPL. And you can certainly find Open Source proponents who will note that the entire OSS world does not revolve around Free Software and the GPL.
The article is right in so far as the fact that there are many OSS options. One should review those options and pick an appropriate license. However, the rest of the article is, at best, misleading.
My point in this whole thread is that both are wrong for the same reasons. If I steal $10 vs $10,000, we can both agree that they're both wrong because stealing is wrong (and I'm not referring to the legality here).
Which is fine if we're dealing with one single moral rule. But what we're looking at here is a combination of moral issues. The "beyond the pale" part isn't that this group is lying any more than Cohen is. It's that they're invoking harm and damage in the process of their "prank" which is something (I think) Cohen avoids. And that is something entirely different than acting like the fool to unsuspecting people.
I should note that I'm not a Cohen fan. I've seen a good portion of Borat but lost interest in it somewhere and never finished watching the whole thing. I'm not familiar with anything else he's done. So I'm certainly no expert on his particular style.
I have often enjoyed Candid Camera, Trigger Happy TV, and some series of European crew that also put unsuspecting victims in odd situations (sometimes involving nudity - definitely not for US TV). I'd have a real hard time accepting that any of these guys are on the same moral scale as Pranknet.
When a storm knocks out the electricity and the traffic lights stop working, I've always seen everyone obeying the rules.
You must live in fantasy land. Most people don't even know what to do when power goes out at an intersection. They all try to go at the same time.
As much as I grumble about what idiots my fellow drivers are, I've seen this in action. I was in Houston during Ike's aftermath when the majority of the city lost power. I saw plenty of inconsiderate idiots during that time. But I also saw the vast majority of folks working together. You had to be careful around intersections because you didn't know for sure some bozo was going to muck it all up. Sure. But I made it through those intersections without incident (although it was MUCH nicer to have the street lights going again).
Actually, if both were done maliciously for similar reasons, then the morality aspect is the same. One may incur a greater punishment because the damage done was greater.
By saying the morality is the same, I'm not suggesting the crimes are of equal magnitudes. Just that they are on the same "scale", with one being much further along that scale.
But doesn't the intent to create an increased amount of damage imply an additional moral decision? The phrase "beyond the pale" comes to mind. It's one thing to do something with malicious intent where the harm done is negligible. It's another thing to do something maliciously with the intent to cause serious harm or damage. While both might be looked at as points along the same scale (intentional malicious action), it takes a considerable leap in judgment to go from one point along that scale to another.
Bullshit! Is all humans are the same then surely Africa does not need our help and should be as thriving a community as any other western civilization. Since that's clearly not the case your above statement is just a bunch of shit, and the rest of your statements as suspect...
You might be interested in Guns, Germs, and Steel.
This is precisely why in science, real science, we have the scientific method which requires that experiments/studies etc. be repeatable. All it would take is for these fraudulent claims to be tested and it is over for the fools who tried to usurp the system.
The question is, who's going to do the repeat? If an experiment is prohibitively expensive to recreate it offers a natural cover for fraud. Not that scientific method isn't a Good Thing. But one can't just utter it as an incantation against the demons of deceit.
However, it does seem bizarre that guys who are entrusted to carry loaded automatic weapons around (and use them), aren't trusted to write a tweet to their buddies back home. A guy is given the power to shoot people, but not to blog or buy a beer (if he's under 21). Seems like a mixed message.
My first duty station in the USAF was tech school. The state in which the base was located had set the drinking age at 21. The Base Commander set the drinking age at 18 which meant all military personnel could drink at the base facilities (Airman's Club, NCO Club, Officer's Club, Bowling Alley, etc.). If you were caught drinking under-age off-base you were still very much in trouble for breaking the law.
The action at the Airman's Club would get pretty insane as individuals who went through the clamp-down that's Basic Training and the initial restrictions of tech school finally got access to alcohol. Eventually the Base Commander got tired of these shenanigans and put an end to drinking at the Airman's Club (I forget if he raised the drinking age or simply ordered alcohol removed from the club - training personnel were not allowed at the NCO Club). Enterprising airmen realized that the local Navy CB station was a short drive away, also had their drinking age set to 18, and so made the short drive to their NCO Club. Then trouble started there and the Base Commander banned the CB's NCO CLub from training personnel. My next duty station (first "real" USAF assignment) was in Germany. The drinking age was sufficiently low (I believe they followed local German laws) and so I continued having access to alcohol well before the age of 21.
The point here is that it's not as simple as "a guy is given the power to shoot people, but not to blog or buy a beer..." There is much more to the situation(s) at hand. Just as alcohol was managed according to the impact on the Command (incidentally, getting caught with alcohol during a tour in the Middle East was just as bad as being caught with pot), if you actually look at the situation with social networks you'll find that there's an issue with the impact on the Command.
Do we really need GnuFicker?
I can understand that the activity all happened within the US but i'm not quite so sure why there is the instance on extriditing him apart from presumably that a guy on his mom's computer managed to hack into supposedly the most secure computers at the time leaving them with egg on their face and a great deal of embarrasment.
First - let's not give this guy too much credit. I highly doubt he managed to access anything close to "the most secure computers at the time." What systems were involved seems to be subject to a lot of hyperbole. McKinnon's own claims differ depending on whether he's talking up his UFO hunt or fighting extradition. The US Government's case is about showing a reason to support extradition - you can expect any errors in estimation to fall against McKinnon. From what I know of the systems McKinnon vaguely describes in his UFO interviews and my experience with US Government agencies drafting damage estimates for these sorts of incidents, I'm much more willing to believe that this whole thing is blown greatly out of proportion and McKinnon's actual damage and degree of access was far less ominous than some would believe.
So why bother with extradition? It's about law and time-lines. We have to keep in mind that the Government is ultimately bureaucracy defined by law. There are pockets of competence in various given fields of expertise. But the majority of the system consists of bureaucrats that operate according to procedures defined to them largely by various laws. So while there are small groups within Government that can understand technical issues like information security, the vast majority do not. But they do understand law. And they will pursue the Law when possible.
It should be noted that there's been a lot of improvement within Government concerning information security. But that has been a very slow process that has been equally slow in building momentum. The time period of McKinnon's alleged hijinks are pretty early in this process. The methods of the Government at the time were much more weighted to legal prosecution than technical prevention.
Yes! Yes, we are all journalists!
I'm not.
Micro-Soft were definitely in the right place at the right time and made the right move. But part of that was due to Digital Research's mis-steps. QDOS existed because CP/M-86 didn't (yet) - without that, MS wouldn't have had anything to sell to IBM. In turn, IBM wouldn't have been looking around for something if Digital Research hadn't frustrated IBM's attempts to license CP/M-86 (I really get the impression that something was holding up CP/M-86 development and everything was a holding tactic that lead to a lost opportunity - but I have no evidence to back that up). And then once CP/M-86 made it to the IBM-PC, it was inordinately more expensive than PCDOS / MSDOS.
The reason DOS was so important was that it was one of the gatekeepers to a commodity platform. When Compaq set out to produce a better IBM-PC than IBM, they needed to maintain compatibility. Being able to license the same underlying OS that IBM used for their products was a big step towards doing that.
I don't see any reason CP/M wouldn't have offered the same environment DOS did. I've seen Gates credited with being astute enough to retain a non-exclusive contract with IBM for DOS (which was indeed important - and a very good move). But Digital Research's business model with CP/M was very much multi-platform and non-exclusive. If talks with IBM hadn't broken down and CP/M-86 was available, then I have no doubt that Compaq would have been licensing CP/M-86 for their first IBM-PC clones, blazing the path for every other clone shop to follow.
The issue isn't that Disney dips in to the Public Domain pool to produce stories. After all, that's exactly why the Public Domain is so important. It SHOULD be there for people to draw from. Rather, the issue with Disney is that they've been a driving force to ensure that their works do not return to the Public Domain, failing to enrich the very resource that as served them so well (and in the process denying the public a very important resource over time).
Strike "CompUSA" and replace it with "ComputerLand".
If you go back in time and prevent Microsoft... then we'll all be using Apples, Amigas, or worse: OS/2 will have caught on...
Jebus save us!
I'm not so sure. If it wasn't for DOS, CP/M would still fit the bill - likely setting forward the chain of events that lead to clones and commodity platforms.
There is NO FUCKING BENEFIT to the customer. EVER. Things are not cheaper, they are no easier to access - in fact the opposite is often true.
I can't agree totally with this. DRM makes content that would otherwise be unavailable in a digital format available, only because some companies refuse to license their content unless it is protected by DRM.
I'm more inclined to believe these individuals will grab at DRM because it promises them the moon; that they can be a part of the digital revolution while maintaining scarcity barriers inherent in physical media. If these individuals didn't wish to take the risk of removing the physical barrier, then they can sit there with their "product" unsold while those who take that risk are rewarded with continued sales. Eventually everyone will have to come on board or go out of business. DRM offers the false promise that this risk isn't required.
But what's more dangerous, the bag of tricks in the hands of a few skilled people or an open bulletin board with 0day-exploits for everyone?
What makes this question even more complicated for me is that Secunia, the people who protect us from exploits if we pay them, is sponsoring this practice.
The bag of tricks in the hands of a few - hands down. What we're talking about here is carte blanc access in the hands of a select few. We have to trust that the motives of these few strangers will fall in line with ours. And then we have to trust that the "select few" will remain few. Eventually they won't in both cases. Individuals will use these exploits to cause damage. And knowledge of these exploits will spread until even the least trusted in the underground has access to it.
We ran this gambit in the 80s. Exploits would become known within the underground. The most elite would share the knowledge amongst other inner-circle personalities. Eventually the exploit would slip to wider and wider distribution. Vendors would either be oblivious to the exploit or completely unmotivated to fix it. The general public would be oblivious to it or unmotivated to invoke any fixes a vendor might have provided. Until some amateur will do something damaging (intentional or not) with the information.
An interesting thing to note is the nature of computer crime over the years. A good deal of it was the activities of the stereotypical exploring hacker / phreak. And there was always the insider looking for revenge or manipulating data to steal. However, there were also "classic" hackers making money manipulating systems to steal equipment. And the Mafia was a consumer of Blue Boxes.
Today, the computer crime scene has expanded to provide ample opportunities to tempt the first individual willing to hand over an exploit. You can question Secunia's motives if you want. But you should be aware that there are others just as driven with much more sinister motives.
I agree that 0day exploits on public bulletin boards breeds chaos. But it's very visible chaos. Many more people are aware of the issues presented by a publicly published vulnerability. And that gives it a better chance of being addressed and its effective life shortened.
It would be better, of course, if the vulnerability never existed. But they tend to exist. There are 0days right now waiting to be discovered. The question is how long until they are discovered, by who, and how will they be used?
I imagine that a substantial part of the sudden increase in society's respect for geeks, (maybe mostly their potential incomes,) was due to the glamorous press exposure l0pht received at that time.
Or maybe it's that whole Internet thing that was popping up around that time. The geeks became attractively rich. The tech stopped being black boxes hidden in white-floored, air-conditioned caves and became vehicles for wealth and ubiquitous services. And did I mention the geeks becoming attractively rich?
I doubt "society" in general paid much attention to L0pht (beyond the attention the mysterious hacker "whiz kid" usually gets). There was already about a decade of exposure to the microcomputer and the concept that it would change our lives. And we had already seen ample exposure of the hacker to pop-culture (i.e. the movie War Games and T.V. show Whiz Kids). Mainstream society seemed sort of curious but not entirely impressed with the geek behind the curtain.
But when the Internet dot-boom era began, money got everyone's attention. Suddenly the geek behind the curtain got much more interesting.
I haven't really understood their views on non-disclosure but my guess is they'd rather have no disclosure at all than the farce that is full disclosure.
My guess is that they don't want people ruining their fun. It's a lot easier to have a bag of tricks if people aren't aware of what said tricks are.
Sounds like Guggenheimer is betting on nostalgia. It's not uncommon for the mind's eye to view the past with rose-colored glasses. People forget past hardships and latch on to fond memories. Given enough time, I'm sure the same will happen with Vista.
Which might eventually put Vista on the same footing as The A-Team and Transformers.