I'm not intimately familiar with the specifics, but my former employer is pursuing this. I beleive it LIMITS liability, and doesn't eliminate it altogether.
Actually, it most certainly does try cases based on those laws. The executive branch of the government is responsible for enforcement of the laws created by the legislative branch. Which is why the Justice department and the Attorney General are both arms of that branch. In other words, it is up to the executive branch to decide what cases to try (when representing the people) and what means and remedies to pursue for the actions it does pursue. The Microsoft case is a classic example of how the policy of two different administrations (Clinton vs. W) can affect the enforcement of law.
At a more pratical level, the President is very much involved in the creation of laws. The President, with his veto power and general position of the power wields influence over the legislative (and to a lesser extent) and judicial branches of government.
SCO has a marketing arm that has the contacts and resources to get their message heard in the media. Their marketing agency is getting the word out on the AP wire and the like.. while making contact with the technology columnists they have built relationships with over the years.
The open source community just doesn't have that. For the most part reporters are just as lazy as any other human, and unless we can somehow get our side in front of them they'll be blissfully ignorant that it even exists.
A company that buys a license is doing so based on their particular beliefs about the situation. For some companies it's just easier to buy a license and possibly sue for damages later.
Most of the technology used in autonomous disaster recovery robots (you know, the ones who go into earthquake zones and the like searching for survivors without any risk to humans?) where almost completely developed at the University level. It's involved NUMEROUS institutions who all contributed a certain piece (for example, I personally worked on flocking algorithms for controlling groups of these things while an undergrad).
The MPAA and the RIAA are quite aware of why they're not making money. They don't truly beleive that filesharing and text messages are killing their business. The people running these things are many things, but stupid is not one of them.
What they are really interested in is providing the perception of being victims. They are hoping to use this perception that they are failing at the hands of college-age criminals in order to garner anti-competitive protections for their business. Even if they may be making less money than before (is that even true?), media remains a TREMENDOUSLY good business for established players. By establishing themselves as victims, they can prevent new distribution channels (like P2P) that they can't control from allowing new competitors to emerge.
In the end, that's what this is about. The Theater->Video->Tv chain is a tightly controlled one for the members of the MPAA (the RIAA has similiar in CD->Radio). When indepednent film makers can start to distribute quality work over alternative distribution channels it is in the best interests of these companies to shut them down.
One thing to consider.. if the RIAA wasn't seen as the victim of 'stealing' on Napster, does the DMCA even get passed? I doubt it.. Much like the airline industry bail-outs. Without 9/11 the Airlines would have a much more difficult time getting money out of our government, but since they are seen as 'victims' of the increased fear after 9/11 it is much easier for them to get these kinds of concessions.
These laws are not born out of hatred for the American consumer, but generally on really wanting to do the right thing. After all, if the MPAA is being stole from then we should do what we can to fix that. The problem is, our representatives are having trouble seeing the difference between justice and manipulation.
If the GPL is valid, they are in a boatload of shit anyway: How the fuck could they get EXT2 compatability in SCO Unix? They sure the hell didn't clean room it. I wanna see the code to their filesystems. How about the Linux Compatability crap? Clean room? NO FUCKING WAY!
Isn't that EXACTLY the argument that SCO is making?
The article didn't seem to indicate the nature of the data. I know that as a general rule any data exposed outside of Acxioms firewall is encrypted as a matter of policy. The data he obtained may have been nothing but encrypted bits that he couldn't DO anything with (unless he stole the key from his former employer).
I can answer part of this (I was an employee there a little over a year ago).
The FTP server was likely one of the servers used to move data from Acxiom (who is simply a data processor) back to the client. So, the thing sits outside of the firewall. This was only done for customer data that was considered 'public record' or 'less sensitive' data. Which means that it's only the type of information that you can garner from various sources without to much trouble.
The data was more than likely encrypted, and I doubt he actually broke the encryption on the data itself.
As for how he got the actual passwords, your guess is as good as mine. Many of Acxioms customers keep internal lists of passwords in encrypted form on their servers (using one of the billion types of keychain software floating around). I can ALMOST guarantee that he didn't easily get the password file off of the FTP server itself.. instead he had access to this particular key file at his former employers shop and used that.
I'm not sure if the article mentioned it, but sources inside the company (I worked there a little over a year ago) are telling me that he simply got access to the the FTP server used to transmit data from Acxiom to the company this guy worked for. Also, the data that he obtained was completely encrypted, so it's likely he didn't get any actual useful data. Just a bunch of encrypted bits that aren't probably useful to him at all.
As a former employee at Acxiom (Conway offices), let me jump in here.
I worked as a developer on one of their primary marketing campaign management tools. As part of this, I had access to all of our particular customers (not in the company, just the customers who used our tool) data. This was absolutely nececesary for us to track down client-specific problems.
The comapny did have very good policies restricting access to data access to only those who needed it (and only the data that they needed). Keep in mind that Acxiom is one of the largest data processing centers in the world.. manay many many terrabytes of information are processed at their facilities. So it's possible for someone to get at quite a bit of data if they worked for the right company.
More than once people where fired during the two years I worked there for misuse of data. Usually, it would be people looking up data about famous people or someone that was making news for whatever reason. Curiosity and all..
The person that did the 'break in' was likely either a programmer or more likely a data auditor. The auditors are people who randomly grab information from the database and check it against other sources to verify that a 3-year old kid didn't somehow make it into the database or what not. They have access to the data, and can pull out large pieces of it without raising eye-brows. I know this was raised as a security concern at some point..
The job of our representatives IS to win re-election. That should be their goal. The problem occurs when the represented (that would be you and I) don't properly hold them accountable for their actions while representing us. If a rep. is not 'representing the voters', then it should be impossible to win re-election.
In this day of party-line votes, heavily partisan bickering pretty much everywhere, and TV commericals.. it's become possible to represent just a few of the voters (generally extremist in your party) and still satisfy the electorate.
A lot of companies support linux (and Mac OS for that matter) for many reasons.. a common one among them being Goodwill. They recgonize that a lot of IT decision makers are also Unix* users.. by supporting your product on Linux those decision makers become familiar with it and have a positive view of the product which translates to sales on other (more prominent) platforms.
As they say in business school, 'never understimate the power of goodwill.'
They are not responsible for file sharing.. Under this decision, they can not be held responsible for the actions of their users. This insulates them from lawsuits from the RIAA because their users are sharing files across their network.
That's not the issue here. The issue being fought by SBC is that the RIAA currently has the power to force them to turn over the identity of users for a given IP address without a court mandate.
Right now the RIAA can send a list of IP's and times those IP's where logged to a ISP and force the ISP to reveal the contact information for the user who owned that IP at that particular point in time. They can do all of this without any intervention from the courts.
SBC is fighting that... so the case that you reference has no relevance at all.
I've had a couple of long conversations with the Tapwave people. They are most definitely targetting the 25+ group who see the Gameboy as a toy. The device is pretty compelling.. it offers PDA functionality in a pretty slick form factor that wouldn't look out of place in your average office or work environment.
What you have to realize is that they're not looking to take over the gameboy market. They don't need to sell a bajillion units to succeed in their business model.. their goals are to find a niche market and I think they have a great chance to do pretty well.
The Office file formats have actually been fairly stable since Office 97 (and to an extent before that). They've added, but have managed to more or less maintain backwards compatibility with older office versions. Workbooks created in Office XP will still open just fine in Office 97.. with a few newer features missing. The same works in reverse...
n older contracts, Microsoft agreed to pay all legal fees for volume license customers who got sued because of Microsoft, but only up to the value of the software they bought.
Under the new provision, which took effect March 1, Microsoft removed the liability cap in intellectual property suits and altered other parts of the agreements that potentially expand its liability.
Microsoft has ALWAYS had this in their EULA, the only difference is that now the liability cap is no longer just up to the value of their software... It just can't be any more clear than that. Your not facing $1300 liability from SCO, the new provisions defend against that.
I agree... let me change my example then. Casino's have the same dilemna. The casino enforcement is generally done by state employees in many states.. They have no incentive to let kids in. It actually can get them fired.. yet Casinos still have similiar identification problems. Kids under the legal gambling age still borrow ID's and pass through this security with little or no hassle in quite a few circumstances (I've done this as well in my youth).
What this fixes is the problem of HUMAN recognition of other humans.. which is remarkably bad. How many 16 year old kids borrow an older kids ID to sneak into a club or by liquor (hell I've done it). These are two different people, yet 90% of the time it works without a hitch.
When your in customs, and you have thousands and thousands of people coming into the country.. the margin for error just goes up and up. Screw 9/11, this is just a good idea. It's nothing that we don't have already.. it's just a more efficient and more accurate system that better ensures the person who has the passport matches up with the person that passport was assigned to.
The overhead of paper money is FAR less than plastic. Money is made and released, and the governments obligation ends there.
With plastic the government has to become a bank (the money the card represents has to be managed by somebody). This implies that people have the ability to get money into the bank (direct deposite, tellers, etc..). That's big money right there.
Then there is the question of fraud.. with money there is no question. Posession almost entirely determines ownership of paper money. When someone robs you, it is a criminal matter. However, if you don't catch the crook you don't get the money back. With plastic fraud is much easier to get away with (you just need a number after all), and so government has to support THAT as well.
So the government is going to have to get into the banking business... which is not something I beleive it should stick it's nose in. Let it make the currency, leave it to the private sector to manage that currency.
To bad it's not really true. The file format (in particular from Word 97 on) is pretty compatible going both ways. Documents created in XP can be opened in 97 and vice versa. 97 simply doesn't access the features added in later versions.
The structured storage approach is fairly neat. The close and obsfucated format itself is... something else entirely.
Slashdot Mirror
I'm not intimately familiar with the specifics, but my former employer is pursuing this. I beleive it LIMITS liability, and doesn't eliminate it altogether.
Not to mention that this kid is living in public housing.. The RIA is not only extorting 2,000.. it's $2000 they probably desperately need.
Actually, it most certainly does try cases based on those laws. The executive branch of the government is responsible for enforcement of the laws created by the legislative branch. Which is why the Justice department and the Attorney General are both arms of that branch. In other words, it is up to the executive branch to decide what cases to try (when representing the people) and what means and remedies to pursue for the actions it does pursue. The Microsoft case is a classic example of how the policy of two different administrations (Clinton vs. W) can affect the enforcement of law.
At a more pratical level, the President is very much involved in the creation of laws. The President, with his veto power and general position of the power wields influence over the legislative (and to a lesser extent) and judicial branches of government.
It's not bias, it's exposure.
SCO has a marketing arm that has the contacts and resources to get their message heard in the media. Their marketing agency is getting the word out on the AP wire and the like.. while making contact with the technology columnists they have built relationships with over the years.
The open source community just doesn't have that. For the most part reporters are just as lazy as any other human, and unless we can somehow get our side in front of them they'll be blissfully ignorant that it even exists.
Why would you care?
A company that buys a license is doing so based on their particular beliefs about the situation. For some companies it's just easier to buy a license and possibly sue for damages later.
I have a very personal one:
Most of the technology used in autonomous disaster recovery robots (you know, the ones who go into earthquake zones and the like searching for survivors without any risk to humans?) where almost completely developed at the University level. It's involved NUMEROUS institutions who all contributed a certain piece (for example, I personally worked on flocking algorithms for controlling groups of these things while an undergrad).
Your wrong, kind of.
The MPAA and the RIAA are quite aware of why they're not making money. They don't truly beleive that filesharing and text messages are killing their business. The people running these things are many things, but stupid is not one of them.
What they are really interested in is providing the perception of being victims. They are hoping to use this perception that they are failing at the hands of college-age criminals in order to garner anti-competitive protections for their business. Even if they may be making less money than before (is that even true?), media remains a TREMENDOUSLY good business for established players. By establishing themselves as victims, they can prevent new distribution channels (like P2P) that they can't control from allowing new competitors to emerge.
In the end, that's what this is about. The Theater->Video->Tv chain is a tightly controlled one for the members of the MPAA (the RIAA has similiar in CD->Radio). When indepednent film makers can start to distribute quality work over alternative distribution channels it is in the best interests of these companies to shut them down.
One thing to consider.. if the RIAA wasn't seen as the victim of 'stealing' on Napster, does the DMCA even get passed? I doubt it.. Much like the airline industry bail-outs. Without 9/11 the Airlines would have a much more difficult time getting money out of our government, but since they are seen as 'victims' of the increased fear after 9/11 it is much easier for them to get these kinds of concessions.
These laws are not born out of hatred for the American consumer, but generally on really wanting to do the right thing. After all, if the MPAA is being stole from then we should do what we can to fix that. The problem is, our representatives are having trouble seeing the difference between justice and manipulation.
If the GPL is valid, they are in a boatload of shit anyway: How the fuck could they get EXT2 compatability in SCO Unix? They sure the hell didn't clean room it. I wanna see the code to their filesystems. How about the Linux Compatability crap? Clean room? NO FUCKING WAY!
Isn't that EXACTLY the argument that SCO is making?
The article didn't seem to indicate the nature of the data. I know that as a general rule any data exposed outside of Acxioms firewall is encrypted as a matter of policy. The data he obtained may have been nothing but encrypted bits that he couldn't DO anything with (unless he stole the key from his former employer).
I can answer part of this (I was an employee there a little over a year ago).
The FTP server was likely one of the servers used to move data from Acxiom (who is simply a data processor) back to the client. So, the thing sits outside of the firewall. This was only done for customer data that was considered 'public record' or 'less sensitive' data. Which means that it's only the type of information that you can garner from various sources without to much trouble.
The data was more than likely encrypted, and I doubt he actually broke the encryption on the data itself.
As for how he got the actual passwords, your guess is as good as mine. Many of Acxioms customers keep internal lists of passwords in encrypted form on their servers (using one of the billion types of keychain software floating around). I can ALMOST guarantee that he didn't easily get the password file off of the FTP server itself.. instead he had access to this particular key file at his former employers shop and used that.
I'm not sure if the article mentioned it, but sources inside the company (I worked there a little over a year ago) are telling me that he simply got access to the the FTP server used to transmit data from Acxiom to the company this guy worked for. Also, the data that he obtained was completely encrypted, so it's likely he didn't get any actual useful data. Just a bunch of encrypted bits that aren't probably useful to him at all.
As a former employee at Acxiom (Conway offices), let me jump in here.
I worked as a developer on one of their primary marketing campaign management tools. As part of this, I had access to all of our particular customers (not in the company, just the customers who used our tool) data. This was absolutely nececesary for us to track down client-specific problems.
The comapny did have very good policies restricting access to data access to only those who needed it (and only the data that they needed). Keep in mind that Acxiom is one of the largest data processing centers in the world.. manay many many terrabytes of information are processed at their facilities. So it's possible for someone to get at quite a bit of data if they worked for the right company.
More than once people where fired during the two years I worked there for misuse of data. Usually, it would be people looking up data about famous people or someone that was making news for whatever reason. Curiosity and all..
The person that did the 'break in' was likely either a programmer or more likely a data auditor. The auditors are people who randomly grab information from the database and check it against other sources to verify that a 3-year old kid didn't somehow make it into the database or what not. They have access to the data, and can pull out large pieces of it without raising eye-brows. I know this was raised as a security concern at some point..
Which makes sense until you read the article and raelize that he ADMITTED to to the cracking episodes he was charged with.
Nope.. not a problem.
The job of our representatives IS to win re-election. That should be their goal. The problem occurs when the represented (that would be you and I) don't properly hold them accountable for their actions while representing us. If a rep. is not 'representing the voters', then it should be impossible to win re-election.
In this day of party-line votes, heavily partisan bickering pretty much everywhere, and TV commericals.. it's become possible to represent just a few of the voters (generally extremist in your party) and still satisfy the electorate.
Not exactly true...
A lot of companies support linux (and Mac OS for that matter) for many reasons.. a common one among them being Goodwill. They recgonize that a lot of IT decision makers are also Unix* users.. by supporting your product on Linux those decision makers become familiar with it and have a positive view of the product which translates to sales on other (more prominent) platforms.
As they say in business school, 'never understimate the power of goodwill.'
They are not responsible for file sharing.. Under this decision, they can not be held responsible for the actions of their users. This insulates them from lawsuits from the RIAA because their users are sharing files across their network.
That's not the issue here. The issue being fought by SBC is that the RIAA currently has the power to force them to turn over the identity of users for a given IP address without a court mandate.
Right now the RIAA can send a list of IP's and times those IP's where logged to a ISP and force the ISP to reveal the contact information for the user who owned that IP at that particular point in time. They can do all of this without any intervention from the courts.
SBC is fighting that... so the case that you reference has no relevance at all.
I've had a couple of long conversations with the Tapwave people. They are most definitely targetting the 25+ group who see the Gameboy as a toy. The device is pretty compelling.. it offers PDA functionality in a pretty slick form factor that wouldn't look out of place in your average office or work environment.
What you have to realize is that they're not looking to take over the gameboy market. They don't need to sell a bajillion units to succeed in their business model.. their goals are to find a niche market and I think they have a great chance to do pretty well.
How long ago was this?
The Office file formats have actually been fairly stable since Office 97 (and to an extent before that). They've added, but have managed to more or less maintain backwards compatibility with older office versions. Workbooks created in Office XP will still open just fine in Office 97.. with a few newer features missing. The same works in reverse...
From the article:
n older contracts, Microsoft agreed to pay all legal fees for volume license customers who got sued because of Microsoft, but only up to the value of the software they bought.
Under the new provision, which took effect March 1, Microsoft removed the liability cap in intellectual property suits and altered other parts of the agreements that potentially expand its liability.
Microsoft has ALWAYS had this in their EULA, the only difference is that now the liability cap is no longer just up to the value of their software... It just can't be any more clear than that. Your not facing $1300 liability from SCO, the new provisions defend against that.
I agree... let me change my example then. Casino's have the same dilemna. The casino enforcement is generally done by state employees in many states.. They have no incentive to let kids in. It actually can get them fired.. yet Casinos still have similiar identification problems. Kids under the legal gambling age still borrow ID's and pass through this security with little or no hassle in quite a few circumstances (I've done this as well in my youth).
What the hell is evil about this? What obligation do they have to hire overpriced, undertrained American workers?
What this fixes is the problem of HUMAN recognition of other humans.. which is remarkably bad. How many 16 year old kids borrow an older kids ID to sneak into a club or by liquor (hell I've done it). These are two different people, yet 90% of the time it works without a hitch.
When your in customs, and you have thousands and thousands of people coming into the country.. the margin for error just goes up and up. Screw 9/11, this is just a good idea. It's nothing that we don't have already.. it's just a more efficient and more accurate system that better ensures the person who has the passport matches up with the person that passport was assigned to.
The overhead of paper money is FAR less than plastic. Money is made and released, and the governments obligation ends there.
With plastic the government has to become a bank (the money the card represents has to be managed by somebody). This implies that people have the ability to get money into the bank (direct deposite, tellers, etc..). That's big money right there.
Then there is the question of fraud.. with money there is no question. Posession almost entirely determines ownership of paper money. When someone robs you, it is a criminal matter. However, if you don't catch the crook you don't get the money back. With plastic fraud is much easier to get away with (you just need a number after all), and so government has to support THAT as well.
So the government is going to have to get into the banking business... which is not something I beleive it should stick it's nose in. Let it make the currency, leave it to the private sector to manage that currency.
To bad it's not really true. The file format (in particular from Word 97 on) is pretty compatible going both ways. Documents created in XP can be opened in 97 and vice versa. 97 simply doesn't access the features added in later versions.
The structured storage approach is fairly neat. The close and obsfucated format itself is... something else entirely.
That's funny.. I'm not. I'm actually quite happy being an American.