Re:Clarification on the enzyme issue.
on
Steal This Idea
·
· Score: 1
And without the "prize" of winning exclusive rights for being the first company to commercialize the drug, all those companies wouldn't have worked and fought to hard to be first. We would't have seen as much investment into COX-2 drugs and the medicines would not have come to market as quickly.
The true economic argument against patents is that they actually encourage too much investment in research. In this case, all those companies spent enormous sums on research, gambling that they would win. But only one did win, and the money spent by the others was essentially wasted. You can show, economically, that when you offer a prize, companies will spend at least the value of the prize to try to win it. The net economic gain is zero.
But it doesn't sound so good to say, we shouldn't have patents so that we can spend more on consumer goods and less on scientific research. That would be a valid argument but it won't persuade the kind of people who get righteously angry about patents. We end up with a lot of bullshit rhetoric. Sounds like this book may not be much better.
That has more to do with the fact they used an INCREDIBLY FAT PIPE (a 10gigabit connection), probably in a laboratory setting, than any of FAST's optimizations.
Well, according to the Caltech press release, the data was sent between California and Geneva, which is a pretty damn big laboratory. So I'd say it is more than a lab experiment. OTOH you do need a fast connection to the Internet to be able to send the data that fast at all. Once you get it onto the net then their protocol helps keep it moving that fast.
And BTW this is old news, it was discussed earlier on a site called Slashdot and there's nothing new to motivate the new article.
The article doesn't make clear that this is an extremely speculative prediction which requires some highly nonstandard physics results. Indeed, if this accelerator (or cosmic rays for that matter) actually produces black holes it will undoubtedly be considered one of the greatest and most astounding physics discoveries of the past 100 years.
The paper that started all this speculation (which is now presented as fact more often than not) is http://xxx.lanl.gov/abs/hep-ph/0106219. In that article, the authors explain that the model requires a version of the universe that has ten dimensions, arranged in such a way that the Planck mass, where gravity merges with other forces, is about 10^3 GeV. Standard physics says that the Planck mass is at 10^19 GeV. Their assumption is 16 orders of magnitude different from the conventional wisdom.
The paper above concludes with the comment, "Collider study of black hole creation would certainly be an astounding pursuit". Indeed, the authors and experimentalists would be guaranteed Nobel prizes if black holes actually form.
Unfortunately, popular articles gloss over the speculative nature of these predictions and we are told that the LHC "should be enough" to create black holes, and that cosmic rays are "probably" creating them right now. The levels of certainty implied by this wording could not be more misleading.
In my experience, looking at Jupiter with a telescope, it is not uncommon to see stars nearby that are somewhat fainter than Jupiter's moons. It's surprising to me, given the large area of the photograph, that no stars appear bright enough to show up, since Jupiter's moons are quite bright looking in the picture.
Here's one example I found with google, someone's photo of Jupiter and Venus. It's a little similar, you see Jupiter in the lower left with 3 moons, and Venus in the upper right. And there are a fair sprinkling of stars about.
Now the difference is that this is a longer exposure, you can see that Jupiter and Venus are way overexposed. That's necessary to see the Jupiter moons.
I think the Mars picture has been tweaked quite a bit. You should not see that much detail on Jupiter if the moons were that bright. So they turned down Jupiter, they turned up the moons, and they didn't turn up the stars, so we don't see them.
Mutually agreed transaction
on
I, Spammer
·
· Score: 1
This is bullshit. What happens with any email, including spam, is that the sender's mail server communicates with the receiver's mail server. The sender says, I have some email for you. Would you like it? The receiver says, yes, please give it to me.
There's no way you can construe this as theft of service. You, or your email server, agreed to receive the email! How can you complain when you intentionally facilitated the transaction!
I might as easily argue that the sender's resources were stolen by you, if you're not going to read the email. It is a fully symmetric transaction and both sides agreed to complete it. If one side is going to suffer regrets afterwards, they should have thought of that before agreeing to go through with the deal.
Spam is a problem, but the rhetoric being floated here is totally inappropriate. You can't be promiscuous without expecting to pick up a few unwelcome partners, and the same goes for your mail server.
Let's suppose that all different universes exist. Then somewhere, as Rees writes, there is a universe which is simulating our own universe. So are we real, or are we living in one of those simulations?
Well, the answer is, both. Our universe is real, because all the different universes exist and we are one of them, and our universe is also being simulated. We can't tell the difference. And from a certain philosophical sense, maybe there isn't any difference. The universe is basically a mathematical object in this model, and the object's existence and nature is independent of the substrate that creates it.
John Gilmore published an essay a while back that also tied together concerns about nanotech and DRM. Gilmore of course is a long-time champion of online freedom and free software. In his essay he writes about how nanotech could bring an era of plenty to all, but only if there are free designs that people can feed into their nanotech assemblers.
Gilmore argues that the problems we are facing now with information goods - music, movies, games, software - are just the beginning. In a few decades, all products will be in the same situation. Whatever solutions we find now will be the way we handle physical products in the future.
If we can build a world where information goods are plentiful and cheap, that is a good sign that nanotech will bring us a similar bounty of physical goods. On the other hand if we end up with an information market built on scarcity and high prices, nanotech won't bring the world the riches that it could potentially provide.
The ongoing content wars are even more important than they seem. They are putting us on the path that will determine the future economy of the 21st century.
Has anyone noticed that most of the nanodangers people are worried about are far-future sort of scenarios.
That's true, although I have seen some recent commentary that suggests that nanoparticles might turn out to be harmful. Just as asbestos, an inert fiber, damages the lungs, so other sorts of nanotech waste products like buckyballs might turn out to be biologically harmful.
As far as self-replication, there are two issues. You're right that to get commercially significant numbers of nanotech devices you probably need some kind of self-rep capability. However it is sufficient to keep the self-rep within the lab or manufactury.
The real issue with self-rep is doing it in the field; making a device that is going to go out in the world and duplicate itself. That's where the danger comes in. Laboratory self-rep is much safer because it can be made to depend on certain chemicals or feedstock that isn't present in nature. (And no, it's not going to mutate, any more than your car is going to mutate to live off of tree sap. These are machines, not living beings evolved to evolve.)
My DNS lookups are not able to resolve invisiblog.com. I've been trying for a few hours, since before the slashdot posting. Is anyone else able to see it?
The listed name servers are DNS7.GAHOST.COM and DNS8.GAHOST.COM. Neither responds to requests, for me. Anyone else with different results?
It's a sad commentary on how low the fortunes of the music business have sunk, that mere rumors of Apple's offer to buy Universal caused its stock to be hammered. That must make Universal Music feel really great, huh?
There are a couple of theories as to why the music business is doing so badly. One is that music isn't good any more and people don't like it. The other is that people would rather get it for free than pay for it, because that's human nature.
Astonishingly, here at slashdot the former theory is by far the more popular and widely believed. I'm not sure whether it's because people here are stupid, or just greedy and dishonest.
REVERSE ENGINEERING... a person who has lawfully obtained the right to use a copy of a computer program may circumvent a technological measure that effectively controls access to a particular portion of that program for the sole purpose of identifying and analyzing those elements of the program that are necessary to achieve interoperability of an independently created computer program with other programs...
It seems pretty clear that reverse engineering the BIOS for interoperability would have been fine. Besides, the DMCA only applies to circumventing a technological protection measure like encrypted content, and there was no such protection applied to the BIOS source. Felten doesn't quite come out and say this, probably because he doesn't want to say anything good about DMCA.
This should also put an end to the claims that the DMCA would prevent reverse engineering Microsoft's new encrypted file formats for compatibility with OpenOffice and other such programs. But it won't.... Sigh...
It's sad to see civil libertarians like Felten and the EFF jumping on the mandatory licensing bandwagon. Few policies could be as unfair, misguided and unimplementable.
Mandatory licensing is unfair because people are forced to pay a fee even if they don't take advantage of what they are paying for. Everyone would be paying for music and movies and whatever other content people start pirating, even if they don't partake of those sources of entertainment.
(This is assuming that everyone is charged this "content tax" just to use the net. If we try to inspect what people download to see if it's music, etc., that just raises enormously more problematic issues in terms of privacy, restrictions on encryption, and a host of other negative consequences.)
Mandatory licensing is misguided because it throws in the towel prematurely. We don't know, yet, whether technological means for protecting content are going to succeed. The situation is still in flux, with proposals like Palladium and DRM, or the new ideas from Cryptography Research still offering the potential for letting content producers get paid.
Mandatory licensing is unimplementable because there is no way to fairly divide up the funds. Realize that the amount of money raised by the modem tax, excuse me, the content tax, would have to be comparable in size to the combined revenues of the music, movie, game and software industries, if we accept that those goods are all going to be pirated and this tax will replace their current sources of funding. We're talking probably $50 billion or more. What do you think is going to happen when you put that pot of money on the table and try to allocate it based on how many times things get downloaded?
People are going to cheat! They'll build all kinds of download bots and use other methods to get their statistics inflated. It's hard enough to measure popularity today; once you have tens of billions of dollars riding on the outcome it's going to be impossible.
That's one thing markets are good at: by making people pay for what they get, they reveal very clearly which items are worth more to the public than others. Trying to replicate this information service using some kind of polling or sampling of downloads is not only going to be invasive, it is just not going to work.
I wish we could nip this stupid idea in the bud, but apparently it is the best the "freedom" community can do. Taxing net users so the government can subsidize the arts is the worst possible solution to our problem.
When you read that the user doesn't hold or control or own the keys to his computer, you naturally assume that someone else does. This is not true. No one owns the keys.
The keys are generated internally in the secure hardware. They are public and private keys, and the private keys never leave the chip. Neither Microsoft nor the user nor the chip manufacturer can get at those keys.
These keys are used by the secure hardware to lock data and to report a hash of an executing "secure" program. Because no one else has the key, neither the user nor Microsoft, no one can forge such a message (modulo the issue of breaking the hardware security).
This is how Trusted Computing has to work. If anyone could get access to the secure keys, then they could misuse them and make false statements with them, and there would be no trust and no security. Only by embedding the keys in a well-defined piece of hardware, with predictable and known behavior, can the keys serve to transfer trust to other software.
So when we see these complaints about the users not controlling their own keys, keep in mind that the point is not to put control in someone else's hands; it is to make it possible for the hardware to make trustworthy and believable cryptographic statements. The keys can't be owned or controlled by anyone, for this to work.
Palladium was intended to be a joint hardware and software excercise. Where you could only run signed code on your boxen.
The claim that Palladium will only run signed code is one of the biggest falsehoods out there. We see it many times in this thread, but I can't correct them all. Read this message from Microsoft to see yet another explanation of why this is not true.
Exactly - plus, the judge pointed out that he couldn't anticipate the full scope of what Edelman's research might entail, so he could hardly rule on its legality beforehand. It's only after the facts are established that you can determine which side will prevail. You can't go to court on hypothetical cases. Most of the comments in this topic are totally off base.
Re:Open Source and DRM are fundamentally incompati
on
Open Source DRM
·
· Score: 1
As soon as you go Open Source, *anyone* can take the code appart, take the decryption routine, and get the plaintext right out of that. There is nothing 'forcing' the data directly into the hardware. At that point, the plaintext can be distributed, and the DRM has failed.
That's a good point. But if you had some secure hardware like TCPA, open source DRM could work. What would happen is that the hash of your open source application gets reported to the remote system, using the secure hardware. If the hash is different from what it is supposed to be, then the remote system won't send you the data.
Also, the open source application can save the data encrypted so that it can only be unlocked when that same application (unmodified) is run. So after downloading, if you hack your app, you can't unlock the data.
That's the theory, anyway. Now one problem is that Open Source is supposed to encourage modification, but a mod will change the hash, so the remote system has to know and approve all the "good" versions of the software that are floating around.
But the point is, if you're going to use something like TCPA at all, wouldn't you rather use it with an Open Source application so that you know *exactly* what it's going to do? Rather than a closed app which cloaks its activities with encryption so you don't have any idea what it's doing?
Demand Open Source when you use Trusted Computing technology!
"(Microsoft has) already been killed by one open-source product. Slaughtered, wiped out, taken from market dominance to irrelevance [...]"
But if you look at the graph linked from the article, you see that IIS never dominated Apache. Apache has held a comfortable lead from the beginning, about 2 to 1, which is roughly where it is today. There's no way IIS ever had "market dominance".
The only sense in which it did was that a few years ago, open source wasn't on the public radar so people just compared IIS to other commercial products. Now that's changed and Apache is recognized as being dominant. But it always was. The only thing that's changed is the perception.
Too many questions in these kinds of topics get modded 5. Right now fully half of the comments rated 2 or more are at 5!!! That means you moderators are throwing your power away, turning the decision over to the hands of the slashdot editors who will have to choose 10 questions out of 50 or more that are modded to the max.
Use your power! Mod down those 5's that aren't of the highest quality. Mark them as overrated. Forget that dreck about how you should mod up more than mod down. You've got to be tough when it comes to "ask slashdot" topics. Not everybody can be a 5, despite what they taught you in kindergarten about being nice.
Of course you should still mod up the good questions that are rated lower. But use at least a point or two to mod down some 5's if there are more than about 15 of them. That's my advice.
And don't mod this up or down, that's a waste of resources. Use your points to improve the interview.
Do I completely misunderstand the scope of the DMCA, or would it have actually prohibited the actions of clone manufacturers, starting with Compaq, when they reverse-engineered the IBM PC BIOS in 1984?
Are you aware that the DMCA specifically allows reverse engineering for the purpose of compatibility?
If I use a VPN or an anonymous remailer, all of my IP packets are correctly labeled with regard to their source and destination as they travel from my system to the remailer or VPN server. If I use a NAT box, all of my IP packets are correctly labeled with regard to their source and destination as they travel from the NAT box to the remote system.
Why do you claim that these technologies would be outlawed by the so-called Super DMCA laws, even though using these technologies does not involve falsifying the source or destination of any of my packets? Isn't it more likely that these laws are directed against IP spoofing, where people do in fact falsify these fields, to the great detriment of the net?
Security expert Steve Bellovin writes that he thinks this bill is intended by ISPs to fight off WiFi hotspots.
There has been a controversy in the WiFi arena about whether commercial WiFi services will take off or whether free access via "warchalking" etc is going to make it impossible to make a profit from commercial wireless access. Mostly it is the ISPs who are operating these commercial services (in partnerships with some national companies that set up the technology). And these same ISPs have anti-sharing clauses in their end-user contracts that are widely ignored.
This Michigan law, like the others that have been proposed, would make it arguably illegal to operate a free, public wireless access point without permission from your ISP. And if your ISP is trying to sell commercial wireless that you'd be competing with, you certainly won't get permission.
This law puts teeth in that prohibition. It could doom free wireless. A very big deal indeed.
No offense bud, but take some care with your typing, okay? Between "Pallium" and "DMR" it's hard to figure out what you're saying.
And while you're right that Palladium is not the same as DRM, I've heard Manferdelli (the Microsoft manager) talk, and he very frankly admitted that the original motivation for the project was to support DRM. Then they realized they could generalize it and do a lot more with it.
I also disagree that Palladium provides a sandbox. Palladium applications can still be pretty damaging. They can delete all your files, or whatever, just like apps today. What Palladium does allow is that an application can encrypt its data and be confident that no one else can decrypt it. So you do gain a certain amount of security in that way. Palladium-aware apps can protect themselves in ways that old-style programs cannot. But there's no sandbox per se.
Your final point is right, if Microsoft really did turn this into the fascist nightmare that people are describing, they'd lose market share like crazy. Nobody is that committed to Microsoft. The fact is, Microsoft is petrified of losing customers - that's the only way they've managed to stay on top. They'll do anything, anything, to increase market share.
The whole point of Palladium is to try to find a compromise between the requirements of the media companies to allow PCs to be used to download movies and such, and the demands of end users to have control over their computers. Technically, Palladium achieves this - where users give up control, it is done voluntarily and in exchange for being allowed to download legal multimedia content. But that hasn't quelled the FUD.
Slashdot Mirror
And without the "prize" of winning exclusive rights for being the first company to commercialize the drug, all those companies wouldn't have worked and fought to hard to be first. We would't have seen as much investment into COX-2 drugs and the medicines would not have come to market as quickly.
The true economic argument against patents is that they actually encourage too much investment in research. In this case, all those companies spent enormous sums on research, gambling that they would win. But only one did win, and the money spent by the others was essentially wasted. You can show, economically, that when you offer a prize, companies will spend at least the value of the prize to try to win it. The net economic gain is zero.
But it doesn't sound so good to say, we shouldn't have patents so that we can spend more on consumer goods and less on scientific research. That would be a valid argument but it won't persuade the kind of people who get righteously angry about patents. We end up with a lot of bullshit rhetoric. Sounds like this book may not be much better.
That has more to do with the fact they used an INCREDIBLY FAT PIPE (a 10gigabit connection), probably in a laboratory setting, than any of FAST's optimizations.
Well, according to the Caltech press release, the data was sent between California and Geneva, which is a pretty damn big laboratory. So I'd say it is more than a lab experiment. OTOH you do need a fast connection to the Internet to be able to send the data that fast at all. Once you get it onto the net then their protocol helps keep it moving that fast.
And BTW this is old news, it was discussed earlier on a site called Slashdot and there's nothing new to motivate the new article.
The article doesn't make clear that this is an extremely speculative prediction which requires some highly nonstandard physics results. Indeed, if this accelerator (or cosmic rays for that matter) actually produces black holes it will undoubtedly be considered one of the greatest and most astounding physics discoveries of the past 100 years.
The paper that started all this speculation (which is now presented as fact more often than not) is http://xxx.lanl.gov/abs/hep-ph/0106219. In that article, the authors explain that the model requires a version of the universe that has ten dimensions, arranged in such a way that the Planck mass, where gravity merges with other forces, is about 10^3 GeV. Standard physics says that the Planck mass is at 10^19 GeV. Their assumption is 16 orders of magnitude different from the conventional wisdom.
The paper above concludes with the comment, "Collider study of black hole creation would certainly be an astounding pursuit". Indeed, the authors and experimentalists would be guaranteed Nobel prizes if black holes actually form.
Unfortunately, popular articles gloss over the speculative nature of these predictions and we are told that the LHC "should be enough" to create black holes, and that cosmic rays are "probably" creating them right now. The levels of certainty implied by this wording could not be more misleading.
In my experience, looking at Jupiter with a telescope, it is not uncommon to see stars nearby that are somewhat fainter than Jupiter's moons. It's surprising to me, given the large area of the photograph, that no stars appear bright enough to show up, since Jupiter's moons are quite bright looking in the picture.
Here's one example I found with google, someone's photo of Jupiter and Venus. It's a little similar, you see Jupiter in the lower left with 3 moons, and Venus in the upper right. And there are a fair sprinkling of stars about.
Now the difference is that this is a longer exposure, you can see that Jupiter and Venus are way overexposed. That's necessary to see the Jupiter moons.
I think the Mars picture has been tweaked quite a bit. You should not see that much detail on Jupiter if the moons were that bright. So they turned down Jupiter, they turned up the moons, and they didn't turn up the stars, so we don't see them.
This is bullshit. What happens with any email, including spam, is that the sender's mail server communicates with the receiver's mail server. The sender says, I have some email for you. Would you like it? The receiver says, yes, please give it to me.
There's no way you can construe this as theft of service. You, or your email server, agreed to receive the email! How can you complain when you intentionally facilitated the transaction!
I might as easily argue that the sender's resources were stolen by you, if you're not going to read the email. It is a fully symmetric transaction and both sides agreed to complete it. If one side is going to suffer regrets afterwards, they should have thought of that before agreeing to go through with the deal.
Spam is a problem, but the rhetoric being floated here is totally inappropriate. You can't be promiscuous without expecting to pick up a few unwelcome partners, and the same goes for your mail server.
Let's suppose that all different universes exist. Then somewhere, as Rees writes, there is a universe which is simulating our own universe. So are we real, or are we living in one of those simulations?
Well, the answer is, both. Our universe is real, because all the different universes exist and we are one of them, and our universe is also being simulated. We can't tell the difference. And from a certain philosophical sense, maybe there isn't any difference. The universe is basically a mathematical object in this model, and the object's existence and nature is independent of the substrate that creates it.
WTF is the "cod philosophy"? Is that some British expression? A cod is a fish, right?
John Gilmore published an essay a while back that also tied together concerns about nanotech and DRM. Gilmore of course is a long-time champion of online freedom and free software. In his essay he writes about how nanotech could bring an era of plenty to all, but only if there are free designs that people can feed into their nanotech assemblers.
Gilmore argues that the problems we are facing now with information goods - music, movies, games, software - are just the beginning. In a few decades, all products will be in the same situation. Whatever solutions we find now will be the way we handle physical products in the future.
If we can build a world where information goods are plentiful and cheap, that is a good sign that nanotech will bring us a similar bounty of physical goods. On the other hand if we end up with an information market built on scarcity and high prices, nanotech won't bring the world the riches that it could potentially provide.
The ongoing content wars are even more important than they seem. They are putting us on the path that will determine the future economy of the 21st century.
Has anyone noticed that most of the nanodangers people are worried about are far-future sort of scenarios.
That's true, although I have seen some recent commentary that suggests that nanoparticles might turn out to be harmful. Just as asbestos, an inert fiber, damages the lungs, so other sorts of nanotech waste products like buckyballs might turn out to be biologically harmful.
As far as self-replication, there are two issues. You're right that to get commercially significant numbers of nanotech devices you probably need some kind of self-rep capability. However it is sufficient to keep the self-rep within the lab or manufactury.
The real issue with self-rep is doing it in the field; making a device that is going to go out in the world and duplicate itself. That's where the danger comes in. Laboratory self-rep is much safer because it can be made to depend on certain chemicals or feedstock that isn't present in nature. (And no, it's not going to mutate, any more than your car is going to mutate to live off of tree sap. These are machines, not living beings evolved to evolve.)
Kind of gives "don't cross the beam" a new meaning...
My DNS lookups are not able to resolve invisiblog.com. I've been trying for a few hours, since before the slashdot posting. Is anyone else able to see it?
The listed name servers are DNS7.GAHOST.COM and DNS8.GAHOST.COM. Neither responds to requests, for me. Anyone else with different results?
It's a sad commentary on how low the fortunes of the music business have sunk, that mere rumors of Apple's offer to buy Universal caused its stock to be hammered. That must make Universal Music feel really great, huh?
There are a couple of theories as to why the music business is doing so badly. One is that music isn't good any more and people don't like it. The other is that people would rather get it for free than pay for it, because that's human nature.
Astonishingly, here at slashdot the former theory is by far the more popular and widely believed. I'm not sure whether it's because people here are stupid, or just greedy and dishonest.
This should also put an end to the claims that the DMCA would prevent reverse engineering Microsoft's new encrypted file formats for compatibility with OpenOffice and other such programs. But it won't.... Sigh...
It's sad to see civil libertarians like Felten and the EFF jumping on the mandatory licensing bandwagon. Few policies could be as unfair, misguided and unimplementable.
Mandatory licensing is unfair because people are forced to pay a fee even if they don't take advantage of what they are paying for. Everyone would be paying for music and movies and whatever other content people start pirating, even if they don't partake of those sources of entertainment.
(This is assuming that everyone is charged this "content tax" just to use the net. If we try to inspect what people download to see if it's music, etc., that just raises enormously more problematic issues in terms of privacy, restrictions on encryption, and a host of other negative consequences.)
Mandatory licensing is misguided because it throws in the towel prematurely. We don't know, yet, whether technological means for protecting content are going to succeed. The situation is still in flux, with proposals like Palladium and DRM, or the new ideas from Cryptography Research still offering the potential for letting content producers get paid.
Mandatory licensing is unimplementable because there is no way to fairly divide up the funds. Realize that the amount of money raised by the modem tax, excuse me, the content tax, would have to be comparable in size to the combined revenues of the music, movie, game and software industries, if we accept that those goods are all going to be pirated and this tax will replace their current sources of funding. We're talking probably $50 billion or more. What do you think is going to happen when you put that pot of money on the table and try to allocate it based on how many times things get downloaded?
People are going to cheat! They'll build all kinds of download bots and use other methods to get their statistics inflated. It's hard enough to measure popularity today; once you have tens of billions of dollars riding on the outcome it's going to be impossible.
That's one thing markets are good at: by making people pay for what they get, they reveal very clearly which items are worth more to the public than others. Trying to replicate this information service using some kind of polling or sampling of downloads is not only going to be invasive, it is just not going to work.
I wish we could nip this stupid idea in the bud, but apparently it is the best the "freedom" community can do. Taxing net users so the government can subsidize the arts is the worst possible solution to our problem.
When you read that the user doesn't hold or control or own the keys to his computer, you naturally assume that someone else does. This is not true. No one owns the keys.
The keys are generated internally in the secure hardware. They are public and private keys, and the private keys never leave the chip. Neither Microsoft nor the user nor the chip manufacturer can get at those keys.
These keys are used by the secure hardware to lock data and to report a hash of an executing "secure" program. Because no one else has the key, neither the user nor Microsoft, no one can forge such a message (modulo the issue of breaking the hardware security).
This is how Trusted Computing has to work. If anyone could get access to the secure keys, then they could misuse them and make false statements with them, and there would be no trust and no security. Only by embedding the keys in a well-defined piece of hardware, with predictable and known behavior, can the keys serve to transfer trust to other software.
So when we see these complaints about the users not controlling their own keys, keep in mind that the point is not to put control in someone else's hands; it is to make it possible for the hardware to make trustworthy and believable cryptographic statements. The keys can't be owned or controlled by anyone, for this to work.
Palladium was intended to be a joint hardware and software excercise. Where you could only run signed code on your boxen.
The claim that Palladium will only run signed code is one of the biggest falsehoods out there. We see it many times in this thread, but I can't correct them all. Read this message from Microsoft to see yet another explanation of why this is not true.
Exactly - plus, the judge pointed out that he couldn't anticipate the full scope of what Edelman's research might entail, so he could hardly rule on its legality beforehand. It's only after the facts are established that you can determine which side will prevail. You can't go to court on hypothetical cases. Most of the comments in this topic are totally off base.
As soon as you go Open Source, *anyone* can take the code appart, take the decryption routine, and get the plaintext right out of that. There is nothing 'forcing' the data directly into the hardware. At that point, the plaintext can be distributed, and the DRM has failed.
That's a good point. But if you had some secure hardware like TCPA, open source DRM could work. What would happen is that the hash of your open source application gets reported to the remote system, using the secure hardware. If the hash is different from what it is supposed to be, then the remote system won't send you the data.
Also, the open source application can save the data encrypted so that it can only be unlocked when that same application (unmodified) is run. So after downloading, if you hack your app, you can't unlock the data.
That's the theory, anyway. Now one problem is that Open Source is supposed to encourage modification, but a mod will change the hash, so the remote system has to know and approve all the "good" versions of the software that are floating around.
But the point is, if you're going to use something like TCPA at all, wouldn't you rather use it with an Open Source application so that you know *exactly* what it's going to do? Rather than a closed app which cloaks its activities with encryption so you don't have any idea what it's doing?
Demand Open Source when you use Trusted Computing technology!
"(Microsoft has) already been killed by one open-source product. Slaughtered, wiped out, taken from market dominance to irrelevance [...]"
But if you look at the graph linked from the article, you see that IIS never dominated Apache. Apache has held a comfortable lead from the beginning, about 2 to 1, which is roughly where it is today. There's no way IIS ever had "market dominance".
The only sense in which it did was that a few years ago, open source wasn't on the public radar so people just compared IIS to other commercial products. Now that's changed and Apache is recognized as being dominant. But it always was. The only thing that's changed is the perception.
Too many questions in these kinds of topics get modded 5. Right now fully half of the comments rated 2 or more are at 5!!! That means you moderators are throwing your power away, turning the decision over to the hands of the slashdot editors who will have to choose 10 questions out of 50 or more that are modded to the max.
Use your power! Mod down those 5's that aren't of the highest quality. Mark them as overrated. Forget that dreck about how you should mod up more than mod down. You've got to be tough when it comes to "ask slashdot" topics. Not everybody can be a 5, despite what they taught you in kindergarten about being nice.
Of course you should still mod up the good questions that are rated lower. But use at least a point or two to mod down some 5's if there are more than about 15 of them. That's my advice.
And don't mod this up or down, that's a waste of resources. Use your points to improve the interview.
Do I completely misunderstand the scope of the DMCA, or would it have actually prohibited the actions of clone manufacturers, starting with Compaq, when they reverse-engineered the IBM PC BIOS in 1984?
Are you aware that the DMCA specifically allows reverse engineering for the purpose of compatibility?
If I use a VPN or an anonymous remailer, all of my IP packets are correctly labeled with regard to their source and destination as they travel from my system to the remailer or VPN server. If I use a NAT box, all of my IP packets are correctly labeled with regard to their source and destination as they travel from the NAT box to the remote system.
Why do you claim that these technologies would be outlawed by the so-called Super DMCA laws, even though using these technologies does not involve falsifying the source or destination of any of my packets? Isn't it more likely that these laws are directed against IP spoofing, where people do in fact falsify these fields, to the great detriment of the net?
Security expert Steve Bellovin writes that he thinks this bill is intended by ISPs to fight off WiFi hotspots.
There has been a controversy in the WiFi arena about whether commercial WiFi services will take off or whether free access via "warchalking" etc is going to make it impossible to make a profit from commercial wireless access. Mostly it is the ISPs who are operating these commercial services (in partnerships with some national companies that set up the technology). And these same ISPs have anti-sharing clauses in their end-user contracts that are widely ignored.
This Michigan law, like the others that have been proposed, would make it arguably illegal to operate a free, public wireless access point without permission from your ISP. And if your ISP is trying to sell commercial wireless that you'd be competing with, you certainly won't get permission.
This law puts teeth in that prohibition. It could doom free wireless. A very big deal indeed.
I've had a DivX DVD player for years. I got it cheap from CompUSA after DivX went out of business.
Oh, thatDivX...
Never mind.
No offense bud, but take some care with your typing, okay? Between "Pallium" and "DMR" it's hard to figure out what you're saying.
And while you're right that Palladium is not the same as DRM, I've heard Manferdelli (the Microsoft manager) talk, and he very frankly admitted that the original motivation for the project was to support DRM. Then they realized they could generalize it and do a lot more with it.
I also disagree that Palladium provides a sandbox. Palladium applications can still be pretty damaging. They can delete all your files, or whatever, just like apps today. What Palladium does allow is that an application can encrypt its data and be confident that no one else can decrypt it. So you do gain a certain amount of security in that way. Palladium-aware apps can protect themselves in ways that old-style programs cannot. But there's no sandbox per se.
Your final point is right, if Microsoft really did turn this into the fascist nightmare that people are describing, they'd lose market share like crazy. Nobody is that committed to Microsoft. The fact is, Microsoft is petrified of losing customers - that's the only way they've managed to stay on top. They'll do anything, anything, to increase market share.
The whole point of Palladium is to try to find a compromise between the requirements of the media companies to allow PCs to be used to download movies and such, and the demands of end users to have control over their computers. Technically, Palladium achieves this - where users give up control, it is done voluntarily and in exchange for being allowed to download legal multimedia content. But that hasn't quelled the FUD.