NWN is very extensible. I've been working at converting it to the d20modern rule set which while similiar has some differences. There is also the Hard Core Rules project that has implimented most of the rules that Bioware chose not to impliment.
In Legal First, ACLU Sues Over New Copyright Law: Says Blocking Program Lists Should Be Revealed
FOR IMMEDIATE RELEASE Thursday, July 25, 2002
NEW YORK-In the first challenge of its kind, the American Civil Liberties Union today asked a federal court in Massachusetts to rule that a computer researcher has First Amendment and "fair use" rights to examine the full list of sites contained in an Internet blocking program and to share his research tools and results with others.
The ACLU said the lawsuit has relevance not only for researchers but for parents and other consumers - including thousands of schools and libraries - who want to know what the software is actually blocking. Reseacher Benjamin Edelman wants to take a closer look at N2H2's Internet blocking program.
"Current copyright law and blocking software licenses prevent consumers from looking under the hood of the blocking products they buy," said Ann Beeson, Litigation Director of the ACLU's Technology and Liberty Program and lead counsel in the case. "These products do not work as advertised, and consumers have a right to know what they're really buying," she said.
The ACLU legal papers filed today seek a "declaratory judgment" from the court on behalf of researcher Benjamin Edelman, who wishes to examine a controversial blocking program manufactured by N2H2 Inc., of Seattle.
The lawsuit challenges provisions of the Digital Millennium Copyright Act of 1998 and the non-negotiable N2H2 license, which forces buyers to accept a "fine print" contract saying they won't attempt to access the list of blocked sites.
"Especially when governments in the U.S. and abroad mandate the use of blocking programs, the public has a right to know what is being blocked, and I believe I have a right to uncover this information without being subject to a corporate lawsuit," said Edelman, a computer expert and consultant who currently works for the Berkman Center for Internet & Society at Harvard Law School in Cambridge, MA. Edelman is suing as an individual and not on behalf of the Berkman Center or Harvard Law School.
Earlier this year, Edelman provided expert testimony in an ACLU challenge to the Children's Internet Protection Act, a federal law passed in December 2000 that ties crucial library funding to the mandated use of blocking programs on Internet terminals used by both adults and minors in public libraries. The court overturned the law, which is now on direct appeal to the U.S. Supreme Court.
N2H2 refused Edelman's request for a list of their blocked sites and intervened in the trial to prevent disclosure of other confidential information in open court. The court granted this request, but later unsealed the testimony, ruling that it did not warrant trade secret protection. Without a court ruling that his continued research is protected under the law, Edelman said he fears the company's aggressive actions make clear that he would be sued.
According to the ACLU legal complaint, N2H2 controls a significant portion of the library market, and its blocking program is used by at least five state governments, including Florida, Ohio, Tennessee, Utah and Wyoming. The National Center for Education Statistics reports that over 65,000 public schools used some sort of blocking program in the year 2001, and N2H2's 2001 annual report claims that over 40 percent of those schools (attended by over 16 million students) currently use N2H2's program, making the company the leader in the education market.
Human rights groups are also seeking information on the lists of Web sites blocked by repressive foreign governments that are increasingly using blocking programs to limit citizens' access to the outside world. Edelman's other research has investigated usage of blocking software in China and Saudi Arabia. N2H2 is one of the blocking program vendors currently competing for the contract to supply Saudi Arabia with blocking technology to prevent its citizens from accessing sites about religion, health, education, humor, and entertainment.
Although the DMCA provides a limited exception for accessing lists of blocked Web sites, Beeson said that it is meaningless because another provision blocks users from writing the software tools necessary to access the lists.
"The copyright law says you can look under the hood under certain circumstances but you can't build a tool needed to open the hood," Beeson said. "This irrational rule is chilling important scientific research in violation of the First Amendment."
The lawsuit, Edelman v. N2H2, Inc., was filed in federal district court in Boston, MA. Attorneys in the case are Beeson, Christopher Hansen and Kevin Bankston of the national ACLU.
The ACLU's legal complaint is online at http://www.aclu.org/court/edelman.pdf
A Web feature on the case, with links to Edelman's research, is online at http://www.aclu.org/issues/cyber/Edelman_N2H2_feat ure.html
A Web feature on the ACLU's challenge to CIPA is online at http://www.aclu.org/features/f032001a.html
Edelman's research on the use of blocking programs by foreign governments is online at http://cyber.law.harvard.edu/filtering
This is definatly something unique in the Console gaming market. It makes a lot of sense to do it as well. Console manufacturers have been losing money on the consoles themselves in order to gain marketshare, hoping to make bank on the games they play. Setting the cost on a 3rd party makes for good economics. Nintendo still makes money off of licenses and games, but is not responsible for losing money on the consoles!
In this era of government being swamped by technology, and the people in charge being so untechnical, it doens't seem surprizing that any government would "outright ban" anything. As to them it is better to get a law on the books quickly in order to make it relevant to the times as opposed to having the law make sense but be enacted "too late" to do anything!
The process of porting a game can be much less difficult if the developer chooses a multi-platform library. For games SDL allows this and for other sorts of applications, QT can do the same. The challenge lies not in porting, but rather the developer chosing to work with a propietary single-platform library (DirectX) versus something more portable, and argueably better!
Re:Great but...
on
WipOut Contest
·
· Score: 4, Insightful
The Declaration of Independence, does that ring a bell? If you consider the defination of the word, it was an essay. An essay that changed history. Some say for the worse, but it definatly had an impact!!!! And it did work. TJ did a good real life job of telling the world why the USoA decided to jump off the England Bandwagon
I'm definatly going to try my hand at this essay. If I don't win, it's not a big deal, as I'll be able to at the very least send it to the letter-to-the-editor of my local newspaper. Anything to get the word out! Send a copy of your letter to a senator! To the president! The possibilities are endless.
Error handling is much less important when the frequency of errors is so low with in our community. Error handling is even less importnat when the results of errors don't cause things like BSODs, GPFs or icons with frowning faces.M$ and others need to be more concerned with error handling because it's a much more common occurance in the closed source world.
Actually, a voluntary system will give parents the choice of what censorship method to use. Although I don't agree with technology protecting childern when parents can fulfill the role, it gives flexibility in this realm. Perhaps this will catch on, and allow the categorization of "good" versus "bad" sites to be determined by people other than right wing conservatives who's sole purpose is to hold to the values of a society differnt than today's.
Although, what's to say a faximile of this situation will not occur? Why is it implausible to believe that a corporation can't be in such control of it's content? There was a post on slashdot a few days ago sugguesting that the RIAA wanted to have legal access to hack your PC to remove Illegal content. If an absurdity such as that can be legitmatly considered by anyone, then it is plausible that a situation as the one I described could occur.
The year is 2021; corporations run what was formerly known as the United States of America. Waking up, you log onto your computer terminal and begin your morning read of the newspaper. Browsing through "IBM Times" and "Microsoft Journal," you grow sick of the corporate propaganda riddled throughout the "pages." Wishing to view an opinion different from the standard, you attempt to veer off the normal course. Immediately, you receive a message from the local Microsoft Police Corp informing you that you've violated the law, and have been fined $200 dollars. They warn repeated offenses will have the end result of imprisonment and additional fines. Not surprised, you return to reading the "IBM Times," subjected to the regulation of a corporate controlled government. Now, in the mood to listen to your favorite old music you insert a Compact Disk into the computer, and attempt to load a small program you've written to use this old technology. Unfortunately, this CD will not play, and seconds later you hear a knock at the door.
The agent for the Recording Industry of America standing before you looks like he's done this a million times, but you don't feel so comfortable in the handcuffs he's put on you. "The computer warned you, and you didn't listen," he lectures. A "repeated offense," he continues "is grounds for imprisonment." It is no longer legal to listen to the Brittany Spears or Led Zeppelin CD you purchased 20 years ago. In addition, the mere creation of your CD player is grounds for 5 years in prison, and a $200,000 fine.
Absurd as it may sound, this reality may soon exist. This month, a bill is being brought to Congress called the Software Security Standards and Certification Act. Proposed by Senators Ted Stevens (R-Alaska) and Fritz Hollings (D-SC) and backed by many corporate lobbyists, this bill requires all software to use government approved security measures. The effects of this law are far reaching, effecting people all over the world in addition to those in this land of the free. Beginning with the mandatory government regulation of software, then through the prosecution of those who choose not to integrate this police ware into their products, and ending at a yet unknown level, the SSSCA benefits few people. A law that forces regulation inhibits civil liberties and lessens the rights of US citizens deserves to be dismissed, but unless people are informed, this bill will pass under the noses of Americans everywhere. With the intent to "benefit" the public, the law does anything but, as it will negatively impact the technology industry, programmers and anyone who uses a computer.
The stifling of innovation, a longtime defense by Microsoft in their anti-trust trial, is a major concern of those opposed to the SSSCA. Section 105 of the SSSCA states, "The Secretary shall certify technologies that adhere to the security system standards adopted. . . " Under this direction, all software must be reviewed by the Secretary of Commerce before distribution is allowed. It is at the Secretary's discrescion to determine if an application sufficiently adopts the security standard created by a private industry committee. (Section 104 b) Software often has a rapid development, with some products having new versions released multiple times a day. The requirement of review by the Commerce Department would instantly destroy this rapid release cycle. The purpose of a cycle like this is to quickly stomp out bugs in applications, and allow developers quick feedback about their applications. Unfortunately, feedback will be far from quick and the technological revolution quite visible today will cease to exist, caught up in bureaucratic processes. In addition, the private panel may use the opportunity to create a security policy to legally hinder the advancement of technology in favor of gaining market share.
Not only does the SSSCA allow for corporations to determine the new security policy, it offers them exemption from anti-trust laws in accord with section 107. In the past there have been many attempts at allowing an industry to regulate itself, such as the steel industry in the early 20th Century, and more recently, cable and telephone industries. In all instances, after a period of time, the government has stepped in and taken control of the situation, for fear that monopolistic business tactics being used by the companies involved may have led to unfair completion. In fact, a major court case is still being reviewed after 4 years of court battle. The Microsoft anti-trust case has cost taxpayers millions of dollars in the attempt to punish the company for violating government sanctions. In contrast to the stern stand the US's past stance against anti-business practices, the SSSCA allows for legal exemption from anti-trust laws under the banner of security certification discussion (Section 107 c).
In addition, George W. Bush's recent dismissal of the Microsoft breakup and the ratification of laws like the Digital Millennium Copyright Act have caused a large distrust of the government by programmers across the world and the SSSCA is enhancing that further. This fear of government holds strong in the programming community at large and has caused much concern among its more popular proponents. Reactions to the possibility of the SSSCA's ratification have ranged from vocal protest to boycotts of varying degree. Government funded research groups like those at Fermilab or NASA utilize many free softwares to cut costs and improve the quality of their work. The inability to use these applications due to either programming boycott or massive bureaucratic delay will have disastrous effects on these centers of science. The unwillingness of programmers in response to government action will only further hinder the development cycle of technology. This creates a loop of constant degradation in technology, a complete reversal of the SSSCA's supposed intent. Lower quality technology lessens a programmer's ability to perform his chosen profession. Unfortunately, the proponents of the SSSCA are not concerned with any of this.
There exists a large group of programmers known as the Open Source Community. Releasing their software free of charge, these programmers want to help others and to aid in the dissemination of information. Unfortunately for them, they are not paid and often work on their software solely in their free time. In addition, many are very attached to their products, as to many; a computer program can be a work of art. The SSSCA would require members of this community to adapt their art to the whim of a private-industry panel. To violate standards of their own decree would absolutely disgust the programmers whose goal is to aid others by making quality software. An idea proposed by those in favor of this legislation suggest standard libraries, or routines be developed by the industry-panel and government for use in software projects. While this would put the actual implementation of security in the hands of the government, programmers would still be responsible for using these libraries. Complications related to copyright and interoperability would cause many problems. A disagreement with the government in either could prevent the programmer from using the government routines under a moral or ethical standpoint, violating their right to freely voice their beliefs. Another problem exists for those who work on much smaller projects, where a government-created library might be unavailable due to either its newness or obscurity. Without the ability to use those routines, a developer would be in violation of the SSSCA if she wanted to release her application, or other software (Section 103).
In addition to inhibiting a developer from freely expressing his beliefs through an artistic medium (programming) the SSSCA would also require programmers to further monopolize their own free time and cash flow in order to integrate any certified security implementations. By adhering to the law, they agree to the terms of security set fourth by the government, and must spend their time updating software not to add new features or usability, but rather, implementing federally mandated changes. (Section 102) Although the law offers a grandfather clause to programs currently available, new releases of the software would be required to adhere to certified security standards (Section101 b). In addition to their self designated duty of helping people, open source developers would be forced into the labor of securing software all because they have the desire to help anyone who uses technology. Lastly, those with barely the skills necessary to create an application may not be able to implement security regulation into their programs, due to inexperience or lack of knowledge. This has the potential to limit further, technological advancement.
Overall, the inability of a programmer to implement security features, or the conscious decision not to, can result in numerous felony charges to be filed against him or her. In fact, even improper adherence to the standards whether intentional or accidental meet with the same punishments: monetary fines and imprisonment. With government regulation, programmers will be forced to bend to the will of ever changing standards and those who choose not to follow the regulation will be met with fierce punishment. Like many other recent technology laws, the intent will not matter, only the actions taken. In the world of technology those actions can be the exact same, only one could cause millions of dollars in damages, and the other the realization that a computer has a true security vulnerability. Enforcement of the SSSCA does nothing to protect American citizens, but the implementations of the laws have disastrous effects on most everyone, including anyone who uses technology.
First on the near-never ending list of ways the SSSCA will hurt the American public is the realization that it will cause the creation of inferior software. At first the regulation will bring to a halt the creation of some software, as it's developers will protest the passing and enforcement of the SSSCA. Quick to follow the boycotts, development testing will halt as the bureaucratic delays of the certification process delay software releases. After this, those who do not have the time to add security implementations to their application will halt development. Next, the programmers who wish to comply with the SSSCA will halt the addition of new features to their applications and instead work to comply with security standards. Finally, a halt in the open source community will begin to occur, as corporations with cash are able to bring to market applications faster than the developers who are working for free. Now the rapid, fast moving, and rapidly improving technological change will come to a HALT. Nobody benefits from a stagnant industry. As the number of new features and bug-fixes decrease so will the value of the market, as competition will be lost, and quality slashed. The efforts of open source programmers all over will be broken.
The spirit of open source will not be the only thing broken. Despite the SSSCA's purpose of improving security, a policy such as this will horribly break the security of computers and make them much more vulnerable to hackers. Consider a neighborhood where every house used the same type of lock, a type of lock with its specifications available to the public. It's easy to estimate how quickly every house in the neighborhood would be robbed. As soon as one thief figured out how to pick the lock, it would be simple to figure out the rest. Now put that into computer terms. If everyone used the exact same methods of securing their machines, methods set forth by the government, what would it mean if a vulnerability were found in the security standard. Once one is discovered, as there is no such thing as absolute security, ever machine complying with the SSSCA's provisions would be a house in that neighborhood. Easily broken into. Consider another hypothetical situation. VISA decides it does not want to violate the law so it chooses to implement the SSSCA's certified security standards on all of it's Internet accessible machines, in compliance with section 102. After this is done a vulnerability is found, unbeknownst to the company and a malicious hacker decides to exploit this vulnerability. Now he has the credit card numbers, as well as personal information of every VISA customer. VISA is responsible for the stealing of all that information, because they decided to follow the law.
The imagined world of the "IBM Times" and the "Microsoft Police" is not entirely fictional. As time passes and corporations become more involved in the lobbying of laws towards the inhibition of civil rights, those "deriving their just powers from the consent of the governed" need to be reminded that the governed do not agree with the legislation being snunk underneath the noses of the populace. One such law, the Software Security Standards and Certification Act is being presented to congress right now. Do not allow corporations take the "decent respect to the opinions of mankind" from us, the true rulers of the United States of America. Do not read the "IBM Times." Do not support the United States of America-Online/Time Warner by remaining silent or allowing others to be ignorant of the travesties being played upon us by the greedy.
Well, this was my fortune at the bottom of the comments page from this story. It's a bit ironic as we're all talking about the stupidity of the US government right now
"I hold it, that a little rebellion, now and then, is a good thing... -- Thomas Jefferson"
-Joe LaPenna
Honorary Canadian
Milk in bags is un-natural
GO CANADA!
Slashdot Mirror
I got mine, so did other slashdotters!
One Man's Check From The RIAA
My friend actually accidentally ripped mine in half, the bank still accepted it though.
OH! Look!
*grabs plastic bag*
Look this is fun!
hrmm... what does this say?
Not a toy!
*falls over due to lack of oxygen*
1976
And they wonder why their systems don't run properly.
"JUST SAY NO!" It's like drugs. They still don't get it, they never listen.
When will my parents realize I'm telling them that for their own good.
NWN is very extensible. I've been working at converting it to the d20modern rule set which while similiar has some differences. There is also the Hard Core Rules project that has implimented most of the rules that Bioware chose not to impliment.
Anyone else getting timeouts for kernel.org? Have we slashdotted linux?
)
http://216.239.39.100/search?q=cache:UwFu_Q0Ssx8J: www.viperlair.com/articles/techreport/input/bsmemb rane.shtml+&hl=en&ie=UTF-8
There's the google cache for the upcoming slashdotting.
Does slashdotting a US government server constitute terrorism?
*grins*
-Joe
I just turned 20 today... What, I don't get a slashdot story about it?
-Joe
http://www.gbronline.com/brooksdesign/
Yah... People asked... I found... it seems...
In Legal First, ACLU Sues Over New Copyright Law: Says Blocking Program Lists Should Be Revealed
t ure.html
FOR IMMEDIATE RELEASE
Thursday, July 25, 2002
NEW YORK-In the first challenge of its kind, the American Civil Liberties Union today asked a federal court in Massachusetts to rule that a computer researcher has First Amendment and "fair use" rights to examine the full list of sites contained in an Internet blocking program and to share his research tools and results with others.
The ACLU said the lawsuit has relevance not only for researchers but for parents and other consumers - including thousands of schools and libraries - who want to know what the software is actually blocking.
Reseacher Benjamin Edelman wants to take a closer look at N2H2's Internet blocking program.
"Current copyright law and blocking software licenses prevent consumers from looking under the hood of the blocking products they buy," said Ann Beeson, Litigation Director of the ACLU's Technology and Liberty Program and lead counsel in the case. "These products do not work as advertised, and consumers have a right to know what they're really buying," she said.
The ACLU legal papers filed today seek a "declaratory judgment" from the court on behalf of researcher Benjamin Edelman, who wishes to examine a controversial blocking program manufactured by N2H2 Inc., of Seattle.
The lawsuit challenges provisions of the Digital Millennium Copyright Act of 1998 and the non-negotiable N2H2 license, which forces buyers to accept a "fine print" contract saying they won't attempt to access the list of blocked sites.
"Especially when governments in the U.S. and abroad mandate the use of blocking programs, the public has a right to know what is being blocked, and I believe I have a right to uncover this information without being subject to a corporate lawsuit," said Edelman, a computer expert and consultant who currently works for the Berkman Center for Internet & Society at Harvard Law School in Cambridge, MA. Edelman is suing as an individual and not on behalf of the Berkman Center or Harvard Law School.
Earlier this year, Edelman provided expert testimony in an ACLU challenge to the Children's Internet Protection Act, a federal law passed in December 2000 that ties crucial library funding to the mandated use of blocking programs on Internet terminals used by both adults and minors in public libraries. The court overturned the law, which is now on direct appeal to the U.S. Supreme Court.
N2H2 refused Edelman's request for a list of their blocked sites and intervened in the trial to prevent disclosure of other confidential information in open court. The court granted this request, but later unsealed the testimony, ruling that it did not warrant trade secret protection. Without a court ruling that his continued research is protected under the law, Edelman said he fears the company's aggressive actions make clear that he would be sued.
According to the ACLU legal complaint, N2H2 controls a significant portion of the library market, and its blocking program is used by at least five state governments, including Florida, Ohio, Tennessee, Utah and Wyoming. The National Center for Education Statistics reports that over 65,000 public schools used some sort of blocking program in the year 2001, and N2H2's 2001 annual report claims that over 40 percent of those schools (attended by over 16 million students) currently use N2H2's program, making the company the leader in the education market.
Human rights groups are also seeking information on the lists of Web sites blocked by repressive foreign governments that are increasingly using blocking programs to limit citizens' access to the outside world. Edelman's other research has investigated usage of blocking software in China and Saudi Arabia. N2H2 is one of the blocking program vendors currently competing for the contract to supply Saudi Arabia with blocking technology to prevent its citizens from accessing sites about religion, health, education, humor, and entertainment.
Although the DMCA provides a limited exception for accessing lists of blocked Web sites, Beeson said that it is meaningless because another provision blocks users from writing the software tools necessary to access the lists.
"The copyright law says you can look under the hood under certain circumstances but you can't build a tool needed to open the hood," Beeson said. "This irrational rule is chilling important scientific research in violation of the First Amendment."
The lawsuit, Edelman v. N2H2, Inc., was filed in federal district court in Boston, MA. Attorneys in the case are Beeson, Christopher Hansen and Kevin Bankston of the national ACLU.
The ACLU's legal complaint is online at http://www.aclu.org/court/edelman.pdf
A Web feature on the case, with links to Edelman's research, is online at http://www.aclu.org/issues/cyber/Edelman_N2H2_fea
A Web feature on the ACLU's challenge to CIPA is online at http://www.aclu.org/features/f032001a.html
Edelman's research on the use of blocking programs by foreign governments is online at http://cyber.law.harvard.edu/filtering
I'd like one of those computurds with the megaram and the gigahurts. Does it come with the www.pr0n.com installed?
-Joe
Not Funny, but I try
Synergy?
Gosh, must be hard for aspiring artists to write these songs . . . crazy words like paradyme don't rhyme easily!
-Joe
Didn't they already try this and it met with little . . . er . . . no success?
-Joe
This is definatly something unique in the Console gaming market. It makes a lot of sense to do it as well. Console manufacturers have been losing money on the consoles themselves in order to gain marketshare, hoping to make bank on the games they play. Setting the cost on a 3rd party makes for good economics. Nintendo still makes money off of licenses and games, but is not responsible for losing money on the consoles!
In this era of government being swamped by technology, and the people in charge being so untechnical, it doens't seem surprizing that any government would "outright ban" anything. As to them it is better to get a law on the books quickly in order to make it relevant to the times as opposed to having the law make sense but be enacted "too late" to do anything!
The process of porting a game can be much less difficult if the developer chooses a multi-platform library. For games SDL allows this and for other sorts of applications, QT can do the same. The challenge lies not in porting, but rather the developer chosing to work with a propietary single-platform library (DirectX) versus something more portable, and argueably better!
The Declaration of Independence, does that ring a bell? If you consider the defination of the word, it was an essay. An essay that changed history. Some say for the worse, but it definatly had an impact!!!! And it did work. TJ did a good real life job of telling the world why the USoA decided to jump off the England Bandwagon
I'm definatly going to try my hand at this essay. If I don't win, it's not a big deal, as I'll be able to at the very least send it to the letter-to-the-editor of my local newspaper. Anything to get the word out! Send a copy of your letter to a senator! To the president! The possibilities are endless.
Error handling is much less important when the frequency of errors is so low with in our community. Error handling is even less importnat when the results of errors don't cause things like BSODs, GPFs or icons with frowning faces.M$ and others need to be more concerned with error handling because it's a much more common occurance in the closed source world.
Actually, a voluntary system will give parents the choice of what censorship method to use. Although I don't agree with technology protecting childern when parents can fulfill the role, it gives flexibility in this realm. Perhaps this will catch on, and allow the categorization of "good" versus "bad" sites to be determined by people other than right wing conservatives who's sole purpose is to hold to the values of a society differnt than today's.
Although, what's to say a faximile of this situation will not occur? Why is it implausible to believe that a corporation can't be in such control of it's content? There was a post on slashdot a few days ago sugguesting that the RIAA wanted to have legal access to hack your PC to remove Illegal content. If an absurdity such as that can be legitmatly considered by anyone, then it is plausible that a situation as the one I described could occur.
[insert nifty sounding somthing here]
Thanks, I'm always up for comments!!!!
-Joe
My take on this whole bit, a work in progress.
The year is 2021; corporations run what was formerly known as the United States of America. Waking up, you log onto your computer terminal and begin your morning read of the newspaper. Browsing through "IBM Times" and "Microsoft Journal," you grow sick of the corporate propaganda riddled throughout the "pages." Wishing to view an opinion different from the standard, you attempt to veer off the normal course. Immediately, you receive a message from the local Microsoft Police Corp informing you that you've violated the law, and have been fined $200 dollars. They warn repeated offenses will have the end result of imprisonment and additional fines. Not surprised, you return to reading the "IBM Times," subjected to the regulation of a corporate controlled government. Now, in the mood to listen to your favorite old music you insert a Compact Disk into the computer, and attempt to load a small program you've written to use this old technology. Unfortunately, this CD will not play, and seconds later you hear a knock at the door.
The agent for the Recording Industry of America standing before you looks like he's done this a million times, but you don't feel so comfortable in the handcuffs he's put on you. "The computer warned you, and you didn't listen," he lectures. A "repeated offense," he continues "is grounds for imprisonment." It is no longer legal to listen to the Brittany Spears or Led Zeppelin CD you purchased 20 years ago. In addition, the mere creation of your CD player is grounds for 5 years in prison, and a $200,000 fine.
Absurd as it may sound, this reality may soon exist. This month, a bill is being brought to Congress called the Software Security Standards and Certification Act. Proposed by Senators Ted Stevens (R-Alaska) and Fritz Hollings (D-SC) and backed by many corporate lobbyists, this bill requires all software to use government approved security measures. The effects of this law are far reaching, effecting people all over the world in addition to those in this land of the free. Beginning with the mandatory government regulation of software, then through the prosecution of those who choose not to integrate this police ware into their products, and ending at a yet unknown level, the SSSCA benefits few people. A law that forces regulation inhibits civil liberties and lessens the rights of US citizens deserves to be dismissed, but unless people are informed, this bill will pass under the noses of Americans everywhere. With the intent to "benefit" the public, the law does anything but, as it will negatively impact the technology industry, programmers and anyone who uses a computer.
The stifling of innovation, a longtime defense by Microsoft in their anti-trust trial, is a major concern of those opposed to the SSSCA. Section 105 of the SSSCA states, "The Secretary shall certify technologies that adhere to the security system standards adopted. . . " Under this direction, all software must be reviewed by the Secretary of Commerce before distribution is allowed. It is at the Secretary's discrescion to determine if an application sufficiently adopts the security standard created by a private industry committee. (Section 104 b) Software often has a rapid development, with some products having new versions released multiple times a day. The requirement of review by the Commerce Department would instantly destroy this rapid release cycle. The purpose of a cycle like this is to quickly stomp out bugs in applications, and allow developers quick feedback about their applications. Unfortunately, feedback will be far from quick and the technological revolution quite visible today will cease to exist, caught up in bureaucratic processes. In addition, the private panel may use the opportunity to create a security policy to legally hinder the advancement of technology in favor of gaining market share.
Not only does the SSSCA allow for corporations to determine the new security policy, it offers them exemption from anti-trust laws in accord with section 107. In the past there have been many attempts at allowing an industry to regulate itself, such as the steel industry in the early 20th Century, and more recently, cable and telephone industries. In all instances, after a period of time, the government has stepped in and taken control of the situation, for fear that monopolistic business tactics being used by the companies involved may have led to unfair completion. In fact, a major court case is still being reviewed after 4 years of court battle. The Microsoft anti-trust case has cost taxpayers millions of dollars in the attempt to punish the company for violating government sanctions. In contrast to the stern stand the US's past stance against anti-business practices, the SSSCA allows for legal exemption from anti-trust laws under the banner of security certification discussion (Section 107 c).
In addition, George W. Bush's recent dismissal of the Microsoft breakup and the ratification of laws like the Digital Millennium Copyright Act have caused a large distrust of the government by programmers across the world and the SSSCA is enhancing that further. This fear of government holds strong in the programming community at large and has caused much concern among its more popular proponents. Reactions to the possibility of the SSSCA's ratification have ranged from vocal protest to boycotts of varying degree. Government funded research groups like those at Fermilab or NASA utilize many free softwares to cut costs and improve the quality of their work. The inability to use these applications due to either programming boycott or massive bureaucratic delay will have disastrous effects on these centers of science. The unwillingness of programmers in response to government action will only further hinder the development cycle of technology. This creates a loop of constant degradation in technology, a complete reversal of the SSSCA's supposed intent. Lower quality technology lessens a programmer's ability to perform his chosen profession. Unfortunately, the proponents of the SSSCA are not concerned with any of this.
There exists a large group of programmers known as the Open Source Community. Releasing their software free of charge, these programmers want to help others and to aid in the dissemination of information. Unfortunately for them, they are not paid and often work on their software solely in their free time. In addition, many are very attached to their products, as to many; a computer program can be a work of art. The SSSCA would require members of this community to adapt their art to the whim of a private-industry panel. To violate standards of their own decree would absolutely disgust the programmers whose goal is to aid others by making quality software. An idea proposed by those in favor of this legislation suggest standard libraries, or routines be developed by the industry-panel and government for use in software projects. While this would put the actual implementation of security in the hands of the government, programmers would still be responsible for using these libraries. Complications related to copyright and interoperability would cause many problems. A disagreement with the government in either could prevent the programmer from using the government routines under a moral or ethical standpoint, violating their right to freely voice their beliefs. Another problem exists for those who work on much smaller projects, where a government-created library might be unavailable due to either its newness or obscurity. Without the ability to use those routines, a developer would be in violation of the SSSCA if she wanted to release her application, or other software (Section 103).
In addition to inhibiting a developer from freely expressing his beliefs through an artistic medium (programming) the SSSCA would also require programmers to further monopolize their own free time and cash flow in order to integrate any certified security implementations. By adhering to the law, they agree to the terms of security set fourth by the government, and must spend their time updating software not to add new features or usability, but rather, implementing federally mandated changes. (Section 102) Although the law offers a grandfather clause to programs currently available, new releases of the software would be required to adhere to certified security standards (Section101 b). In addition to their self designated duty of helping people, open source developers would be forced into the labor of securing software all because they have the desire to help anyone who uses technology. Lastly, those with barely the skills necessary to create an application may not be able to implement security regulation into their programs, due to inexperience or lack of knowledge. This has the potential to limit further, technological advancement.
Overall, the inability of a programmer to implement security features, or the conscious decision not to, can result in numerous felony charges to be filed against him or her. In fact, even improper adherence to the standards whether intentional or accidental meet with the same punishments: monetary fines and imprisonment. With government regulation, programmers will be forced to bend to the will of ever changing standards and those who choose not to follow the regulation will be met with fierce punishment. Like many other recent technology laws, the intent will not matter, only the actions taken. In the world of technology those actions can be the exact same, only one could cause millions of dollars in damages, and the other the realization that a computer has a true security vulnerability. Enforcement of the SSSCA does nothing to protect American citizens, but the implementations of the laws have disastrous effects on most everyone, including anyone who uses technology.
First on the near-never ending list of ways the SSSCA will hurt the American public is the realization that it will cause the creation of inferior software. At first the regulation will bring to a halt the creation of some software, as it's developers will protest the passing and enforcement of the SSSCA. Quick to follow the boycotts, development testing will halt as the bureaucratic delays of the certification process delay software releases. After this, those who do not have the time to add security implementations to their application will halt development. Next, the programmers who wish to comply with the SSSCA will halt the addition of new features to their applications and instead work to comply with security standards. Finally, a halt in the open source community will begin to occur, as corporations with cash are able to bring to market applications faster than the developers who are working for free. Now the rapid, fast moving, and rapidly improving technological change will come to a HALT. Nobody benefits from a stagnant industry. As the number of new features and bug-fixes decrease so will the value of the market, as competition will be lost, and quality slashed. The efforts of open source programmers all over will be broken.
The spirit of open source will not be the only thing broken. Despite the SSSCA's purpose of improving security, a policy such as this will horribly break the security of computers and make them much more vulnerable to hackers. Consider a neighborhood where every house used the same type of lock, a type of lock with its specifications available to the public. It's easy to estimate how quickly every house in the neighborhood would be robbed. As soon as one thief figured out how to pick the lock, it would be simple to figure out the rest. Now put that into computer terms. If everyone used the exact same methods of securing their machines, methods set forth by the government, what would it mean if a vulnerability were found in the security standard. Once one is discovered, as there is no such thing as absolute security, ever machine complying with the SSSCA's provisions would be a house in that neighborhood. Easily broken into. Consider another hypothetical situation. VISA decides it does not want to violate the law so it chooses to implement the SSSCA's certified security standards on all of it's Internet accessible machines, in compliance with section 102. After this is done a vulnerability is found, unbeknownst to the company and a malicious hacker decides to exploit this vulnerability. Now he has the credit card numbers, as well as personal information of every VISA customer. VISA is responsible for the stealing of all that information, because they decided to follow the law.
The imagined world of the "IBM Times" and the "Microsoft Police" is not entirely fictional. As time passes and corporations become more involved in the lobbying of laws towards the inhibition of civil rights, those "deriving their just powers from the consent of the governed" need to be reminded that the governed do not agree with the legislation being snunk underneath the noses of the populace. One such law, the Software Security Standards and Certification Act is being presented to congress right now. Do not allow corporations take the "decent respect to the opinions of mankind" from us, the true rulers of the United States of America. Do not read the "IBM Times." Do not support the United States of America-Online/Time Warner by remaining silent or allowing others to be ignorant of the travesties being played upon us by the greedy.
It's just another step beyond my mp3 player in my car
Well, this was my fortune at the bottom of the comments page from this story. It's a bit ironic as we're all talking about the stupidity of the US government right now
"I hold it, that a little rebellion, now and then, is a good thing... -- Thomas Jefferson"
-Joe LaPenna
Honorary Canadian
Milk in bags is un-natural
GO CANADA!