TC provides a computing platform on which you can't tamper with the application software...
That's a total lie. Almost everything in that piece of propaganda masquerading as a FAQ is a lie.
If you want the truth about TC, try Seth Schoen of the EFF. He has a good summary in his recent blog entry:
What the TPM does do is support remote attestation so that a computer user can tell the computer to prove to a remote party what software it is running (if the software that's running also supports being proven in a way that the remote party understands). Then the remote party can make its own decision about whether the software is good or bad, and what it wants to do about that.
This sounds innocuous in a certain sense. We have learned to mistrust the notion of a single centralized entity that decides what we can and can't do. TCG is not that entity, and TCG is not chartering that entity; instead, we have an unlimited number of entities that potentially make their own decisions, on various scales, about what we can and can't do in particular contexts, small and large. (We don't know yet which of those entities will turn out to have enough power to set which kinds of policies, or how the network externalities will shake out. Some entities with a lot of power, like Microsoft, can try to delegate some of their power, but there are plenty of technical and business obstacles to be worked out on both sides of that sort of delegation.)
What the TPM does do is support remote attestation so that a computer user can tell the computer to prove to a remote party what software it is running (if the software that's running also supports being proven in a way that the remote party understands). Then the remote party can make its own decision about whether the software is good or bad, and what it wants to do about that. The user could also choose not to offer any proof at all; however, although the user has the right to remain silent, the user's silence can and will be used against her. Not offering proof is, of necessity, the functional equivalent of offering proof of the most unacceptable and contrary-to-policy facts imaginable.
That does offer an avenue for a lot of control over you via your computer -- if someone else controls a resource that you need, there is a prospect of conditioning your access to that resource upon the provision of proof that you're running software that the resource controller considers "good". Not TCG, but the individual entities that you deal with: a bank, an entertainment company, an employer, an ISP. Furthermore, each of them could have its own independent definition of what "good" means, because there is no central signing or certifying authority. It is logically quite possible that one entity might refuse to talk to you if you're running configuration A instead of B, whereas another entity would refuse to talk to you if you're running B instead of A. (This is trivially true if each entity gave you a bootable CD and said "you can only communicate with us while you're running from our CD" -- with a TPM and the appropriate software, they can actually tell, and you probably can't fool them.)
The ISP scenario is the point at which the most pervasive possible control could be exercised. TCG has already developed a specification called Trusted Network Connect which is based on the idea that you can be forbidden to connect to a network unless you're running a software configuration that the nework operator approves. This is designed for use in corporations, most of which are accustomed to having a high (but imperfect) degree of control over the software running on their employees' PCs. Of course, the technology is more general, and, as TCG told me, there is nothing to stop it from being used by the People's Republic of China, or by a commercial ISP.
Imposing this requirement on a general population has a very high cost; for one thing, it mea
There may still be some controversy about whether TPMs are in all Intel Macs. In any case, there doesn't seem to be any software way to access them, unlike PCs.
TonyMcFadden.net has a reasonably up to date list of systems that have TPMs in them, as well as manufacturers of the chips themselves, software suppliers, etc.
these stacks might involve a GPL shim and a non-GPL binary that's checked and verified by the TPM
No, the main one is TrouSerS. It's fully open source and GPL'd. Contrary to the many lies which have been circulated about it, TC is fully compatible with Linux. In fact, that's where most of the research and development work is at this time. Trusted Grub is another good example. It hashes the Linux kernel and some of the config files into the TPM chip before booting it. This way Linux systems can prove what kernel they booted.
It all depends on who controls the root certificates that are used by the trusted computing hardware to verify the signatures of the BIOS and of the boot image.
I'm sorry, but you don't know how Trusted Computing works. Almost everything you have been told about it is a lie.
There are no root certificates used by TC hardware to verify the signatures of the BIOS and the boot image.
What happens is that the BIOS, OS loader and potentially the OS itself send information to the TPM chip about the hashes of the software that is loading. User software can then, if it chooses, query the TPM chip and get a cryptographically send message telling what these hashes are. The software can use this to report the software configuration that booted.
The root certificates get involved because the TPM crypto key never leaves the chip. The TPM manufacturer has a root certificate which it uses to sign each TPM key. This way people can tell that a message actually comes from a valid TPM and not a fake. It prevents virtualization of TPMs. This is what allows software to report its configuration in a trustable way. It is what gives the system its name, Trusted Computing.
So now the question is, will it be legal to transfer (or as they say, "convey") GPLv3 software to a Trusted Computer? It violates the principle that users must be able to alter their software in such a way that remote servers can't tell. Will that make it illegal to run GPLv3 software on a TC?
From what I understand, Trusted in this context is used as in "I entrust it with my security" rather than "I find it worthy of my trust."
No, that's a common fallacy; in fact, it's an intentionally constructed fallacy. Trusted in this context means that you have evidence to trust that the computer will behave in a specified way, particularly from the point of view of remote access. Normally when you connect to a computer remotely you have no way of knowing what it's doing. It could be essentially running any software at all. But if you connect to a Trusted Computer, it provides cryptographic evidence about its software configuration. Knowing what software it is running gives you grounds to know how it will behave; and to trust that behavior. That is the real meaning of Trusted Computing.
What prevents someone running a Linux box to connect to TiVo and get free service?
I think the answer to your question is that the intention of the GPL is to make it impossible for companies to use free software to do what TiVo did: use crypto to make it impossible to modify the software and have it still work. Companies that wanted to do that would have to develop all of their software via commercial means. They could not take GPL software and use it as a starting point, not if they then wanted to prevent users from modifying it and still using it.
As far as stopping people from getting free service, they could for example require a valid account number to access the service, and keep track often a computer contacts the service with that account number. Two or more people could share an account number but then they'd have to access the service more often. Basically your monthly payment would entitle you to N updates per month, and if you shared your account number you'd get fewer than N. So this would be a disincentive for sharing. Yet it still allows people to modify their software, which is what the GPL aims to allow.
I think, as I have studied the license more closely, that what I want to do will be OK. Maybe it is a loophole though.
Suppose I run, say, Apache web server on my Trusted Computer. I want to prove that it is an unhacked version for some reason. Or maybe it's a hacked version and I want to prove exactly what I did. So I publish the source code, and I use the crypto key embedded in the TPM chip to prove this is what I am running.
I think it's OK, because it falls under clause 4 or clause 5 of the GPL. These cover distributing ("conveying") source code. They do not include the magic words "Corresponding Source Code" which invokes the requirement being discussed here, of also publishing crypto keys to allow people to make changes to the software and fake that they didn't. That would be both impossible, because the keys are embedded in the TPM and won't come out, and counter-productive, as it would defeat the purpose of the whole thing and make it impossible for me to achieve my goal, of letting clients verify what software I am running.
It is only when distributing object code, covered in clause 6, that this Corresponding Source Code requirement comes into play. So it sounds like as long as I only publish source code, I am OK and this can still work in a Trusted Computing environment. The only problem is, it's not clear if it is a loophole (that might be changed in a future rev) or if this is the intention.
> Here's a not-so hypothetical. I want to run a server using Trusted Computing technology so that clients can detect what my software configuration is. In that way they can have greater confidence that my server will follow certain rules and greater trust in the service I provide. I voluntarily add this transparency to my server - it publishes its own source code and the TC technology lets people very that this source is what is running there. I won't rely on that. How are you going to make sure the server is not distributing some other source code? I cannot see what you mean.
This is what is called Remote Attestation. The TC system has a chip in it called the TPM. The BIOS and the OS (Linux!) feed into the TPM hashes of the software as it is loaded. The TPM chip has a crypto key in it generated at manufacture time that never leaves the chip. The manufacturer creates a certificate proving that this particular crypto key is in a genuine TPM. Putting all these pieces together, the TPM can send a signed message testifying to the software configuration (i.e. what software is loaded), and the certificate proves that the message came from a genuine TPM. The server which is running on the TC system publishes its source code so clients know exactly what software they are interacting with.
By the way, how am I supposed to check the keys if they are inside YOUR computer? Oh, you mean I will need TC? @#$K O@@!!! (censored)
No, you as a potential client don't need a Trusted Computer, only my server does. I am proving myself to you, not vice versa. You (or your software, more likely) are able to use the evidence mentioned above to gain confidence in how my server will behave. I have a number of ideas for services which could benefit from this capability; perhaps you will be able to think of some if you try.
Do you think it is evil and wicked for clients to be able to get a more accurate picture of how servers will behave? Should the GPL try to prevent tihs capability? That is what I am afraid it does.
The Corresponding Source also includes any encryption or authorization keys necessary to install and/or execute modified versions from source code in the recommended or principal context of use, such that they can implement all the same functionality in the same range of circumstances. (For instance, if the work is a DVD player and can play certain DVDs, it must be possible for modified versions to play those DVDs. If the work communicates with an online service, it must be possible for modified versions to communicate with the same online service in the same way such that the service cannot distinguish.)
Here's a not-so hypothetical. I want to run a server using Trusted Computing technology so that clients can detect what my software configuration is. In that way they can have greater confidence that my server will follow certain rules and greater trust in the service I provide. I voluntarily add this transparency to my server - it publishes its own source code and the TC technology lets people very that this source is what is running there.
Would I be unable to use any GPLv3 software on this server? Or on any system which revealed what software version was running? It would allow client systems to refuse to interoperate with other versions of the software, if they didn't like what the server would do if it ran those versions.
And since ultimately TC relies on crypto keys that are buried in hardware and can't be exported, it would be impossible to comply with the requirement to publish any such keys.
I would be very disappointed if the world of GPLv3 software were off limits for such a user friendly application, and it became impossible for servers to offer this level of transparency. This is what I've been looking forward to ever since Trusted Computing was announced.
You're in luck, asking this today! Coincidentally, I just received in my email information about an unusual investment opportunity. It is a company called RWGI which is "an explosive pick for our members", according to the email. The email says the stock is selling for $0.32 but I did some research and it is actually only about $0.20, so it is an even better deal now! Imagine if this stock went up to $20 a share, which isn't all that much for a stock, and you put $1,000 into it, you would be worth $100,000! Not a bad financial position for your graduation.
I'll let you know if I get any more investment ideas. Apparently these are all around if you just keep your eyes open. Good luck!
I've been signed up for cryonic suspension for over 15 years, along with my wife and two kids, and I resent being called a "transhumanist nut-job". I am a good husband and father, honest and hard working, and well-respected in my field. It baffles me that in this day and age, the Wired writer (and his editor!) apparently feels free to openly use such an epithet against a group of people whose only sin is unconventional disposal of their bodies after they die. With all the belief systems in this world which have true potential to inflict harm on others, why is it that cryonics in particular is fair game for such defamatory comments?
Having observed this phenomenon for decades, I suspect there is more than a trace of irrationality in these open displays of hostility. We are all uncomfortable with the inevitability of death, and must come to terms with it in some way. The existence of believers in cryonics forces us to consider whether physical death is inevitable after all, opening up an emotional wound which we would prefer to think of as fully scabbed over. Distancing ourselves from this emotional discomfort is accomplished through scornful humor, name-calling, and other practices which would normally be considered off limits.
When criminals in this world appear, And break the laws that they should fear, And frighten all who see or hear, The cry goes up both far and near for
Underdog, Underdog, Underdog, Underdog.
Speed of lightning, roar of thunder, Fighting all who rob or plunder Underdog, Underdog.
When in this world the headlines read Of those who's hearts are filled with greed And rob and steal from those in need. To right this wrong with blinding speed goes
Underdog, Underdog, Underdog, Underdog.
Speed of lightning, roar of thunder, Fighting all who rob or plunder Underdog, Underdog.
And some athletes train in high oxygen environments so as to strenghten their muscles by forcing more oxygen into them. One method is wearing an oxygen mask and exercising at the bottom of a swimming pool, simulating an ultra low altitude.
I saw this demonstrated by Kurzweil a few weeks ago at the Singularity Summit conference at Stanford. He held up the gadget above his book, pushed a button, and it started talking! So simple in concept but so hard to do. The audience went crazy, it was so clear how this would be a world changing gadget for blind people.
The picture in the review showed the projected stars as having constellation lines drawn on them! It looked terrible. If I want to get the feeling of lying in bed or in my living room and looking up at the stars, I don't want to see big, garish lines drawn across the "sky". Hopefully they have some disks without the lines, but the review didn't mention it.
Years ago I used a kit to put luminous paint on my bedroom ceiling in the pattern of the stars. It was a set of stencils you'd stick to the ceiling and use as a guide to make the star dots. Then when you turned the lights off they'd glow dimly for an hour or more. It was really beautiful, but a lot of work to create.
This is not an issue of your rights online. It is a battle between two enormous business groups: Internet providers and content providers. Neither of them has your interests at heart! Both groups are primarily motivated by maximizing their own profits. They are using you and manipulating you in order to try to further their business goals.
I don't love my ISP any more than the next guy, but let me make a brief counter to all the propaganda from Google and Ebay and MSN about the "greedy" ISPs (of course, Google etc. are just in business to extend love and butterflies and puppies throughout the world).
The way people pay for and get charged for the Internet has changed over time. It used to be that many of us had to pay by the minute, or even by the byte. That has mostly disappeared, but we still pay more for better service. Not everyone has the same options for Internet access, and even if they do have the same options not everyone can afford the same access. Internet access is a business, and a relatively new one. Business models are evolving and there is no guarantee that today's model is the perfectly optimal, best possible way that people could pay for Internet access.
It might be that if ISPs could get some money from content providers, they would charge their customers less. Of course, they would not do this out of the goodness of their hearts (they have no hearts!), but rather for the same business reasons that they stopped their per-minute and per-byte charges. ISPs exist in a competitive business environment like other companies and ultimately they need to satisfy their customers.
It might even be that in the future, Internet access could be free. It would effectively be subsidized by the big content companies, which ultimately get their income from ads. Free access to Internet content could be supported by advertising. It has worked with other media and it's possible it could work for the net too. But the only way it can happen is if ISPs, which bear the cost of end-user access, are able to get some of the revenues from the companies that are offering the ads.
That's really what this battle is all about. I don't know how it will come out, but I do know that when good ol' Meg from Ebay suddenly wants me to write my congresswoman about an issue that, coincidentally, would protect the huge profits Meg is earning, her motive is not to benefit me. Meg doesn't actually ask my opinion all that often. She's not on the phone wishing me happy birthday or asking how's the family. No, her interests are not mine. She is looking to protect her company's profits and she is trying to influence me and use me in this political battle against Comcast and other ISPs.
I've been playing SL for a few months and there are some interesting points that were missed by these articles.
First, many of the signups are free accounts. You only need to upgrade to a paid account if you want to own land. I rent a 'condo' and I still only have a free account. However I have spent a few dollars occasionally, converting them directly to Linden-dollars so I could buy stuff. Many players just get by on the 50 Linden-dollars a week basic stipend that even free accounts get.
Second, probably the most noteworthy aspect of SL is the large number of women participating. Female avatars substantially outnumber males, in my experience, and while not all of them are "really" female, it is clear that the game has real appeal to women. In fact one of the main activities in SL is clothes shopping, which is one of the reasons that hardcore gamers (almost all men/boys) often don't like the game.
Another point not often mentioned is that another popular activity is gambling. There are hundreds of casinos in SL offering slot machines, blackjack, poker and dice games. Because Linden-dollars are convertible, it means that the players at these casinos are gambling real money. Which is illegal, in the U.S. Yet the activity goes on openly, on servers owned by a U.S. company. Plus, the casinos are completely unregulated and there is basically no recourse if you think you are being cheated, other than to go elsewhere.
I do think the money-making aspects tend to get over-emphasized in articles about SL. Most people don't make or sell anything, from what I've seen. And those who do are not too happy lately. The Linden-dollars have been highly inflationary and have fallen from 1/250 to 1/300 of a dollar in the past couple of months. In response Linden Labs is constantly rejiggering the various stipends and payments they make.
Which brings up the last point, the dynamism of the game. Things are always changing. My condo complex now has a medieval castle complete with lava-filled moat on one side, and an open-air art gallery on the other. Neither was there when I moved in a couple of months ago. You may go to a formerly-popular spot and find that an entire mall has picked up and moved to the other side of the world, overnight. Or maybe they just went out of business entirely. Several of my favorite places have disappeared since I started playing, which is too bad. But new ones are always being created so there is always something new to see.
If you have a broadband account, give it a try. Don't expect it to be a structured game, just an enormous and diverse world to explore.
I have the three-movie-at-a-time plan, which is the most popular one, and I make no effort to keep track of which envelope which movie came in. So I don't see how an envelope bar code could help.
Hmmm, I just noticed that there's a little window on the envelope and a bar code on the sleeve of the movie... but it would only show if I put the movie in backwards from what I usually do. Is that the trick? Am I supposed to put the movie in so the barcode shows? Then I'll get quicker service?
Gee, I don't remember them telling me to do that, but it makes sense. I'll have to try it and see if it makes a difference.
Paolo Attivissimo's blog provides plenty of documented, photo and other evidence that the new Macs do have TPM chips in them. He started out skeptical but soon got plenty of pictures of motherboards from the new Macs. They plainly have Infineon TPM chips in them. It's not clear what if anything they are being used for, but there is no doubt that Intel Macs have TPMs.
It will never happen because the U.S. and Australian governments at least, among others, will never allow themselves to get into a situation where they appear to be endorsing porn. If they allow special technology to be built into the internet specifically for porn sites, conservatives will be up in arms. Creating a special domain for porn is simply not an option for these governments. Maybe in five or ten years things will be different, but at this time the U.S. is very religious and very conservative and will never endorse a porn-specific domain.
Thanks for posting those excerpts. Lem was an amazing talent.
One correction for the story about the king and his mechanical kingdom. Trurl encountered a deposed tyrant and built for him this model kingdom to rule over. Only he made it too real. The characters were done so faithfully and realistically that their suffering under the tyrant's rule was no longer simulated but became real. This is why the story is subtitled, "how Trurl's own perfection led to no good". It was one of the first explorations of this concept, whether a simulation of consciousness is in fact conscious.
Does anyone ever worry about this, designing AI for video games? Will we ever look at a game and say, that crossed the line; the simulated suffering has become real?
Thanks, that is a good reference and does answer some of the questions that have been posed here.
They measured accelerations with commercially available accelerometers. These were placed into steel boxes to act as Faraday cages and block EM radiation. They ran the experiment many times with non-superconductors and with the superconductors too warm to super-conduct, and found no effects.
There were no effects with high temperature superconductors, which their theory (a non-standard theory) predicted. There were also no effects when high-temp superconductors were lowered to liquid helium temperatures, which they also predicted.
The only effects they saw were with low-temp superconductors, niobium and lead. There were no effects above their superconducting temperatures.
They basically saw two effects. When accelerating a spinning superconducting ring, accelerometers located near a ring segment recorded an acceleration opposite to that experienced by the ring segment. So for example if this piece of the ring was spinning north, when they sped it up the accelerometers showed a southward force, and when they slowed it down the accelerometers showed a northward force.
The strongest reading was by an accelerometer inside the ring, but one located just above the ring was almost as strong. This was actually contrary to their (non-standard) theory, which predicted that the force should be mostly localized to the ring plane. But since their theory is completely blue-sky and non-standard, that perhaps doesn't mean too much.
The other effect they saw was with a constant spinning speed, lowering the temperature from non-superconducting to superconducting. As they passed through the critical temperature, the accelerometers again felt a force. It was noted that this force was in the opposite direction from the acceleration force, which I believe was also contrary to their (non-standard) theory.
They also briefly mentioned Podkletnov, but only to say their results were "very different" from his. They also said that they did not see any signs of the effects he reported, to the limits of their measurement. I would note that I think Podkletnov used a spinning disk while these guys used a spinning ring.
Overall it looks like a very careful experiment that did eliminate most sources of error. However the measured values were close to the noise limits of the accelerometers, which is always a little suspicious in science. The experiment definitely looks ready for replication. If it works it will turn gravitational theory on its head. There is no theory in existence that can account for these results. Not general relativity, not quantum gravity, and not even these guys' non-standard theory will work. Something completely new will be needed.
My son Jason started talking at about nine months and was using complete sentences by a year. At his one year checkup, we told the pediatrician that Jason was talking already. The pediatrician pointed to one of the pictures decorating his office. "What's that, Jason?" he asked. Jason said, "That... is... a... picture... of... a... bird... on... wall." (Jason spoke very slowly and haltingly, with difficulty, like he was thinking hard about each word.) The doctor was amazed, he said he had never heard a child answer like that at that age. He said he thought Jason might say "bird". In fact, he said he would almost have wondered if we had taught Jason to parrot that sentence except that he made one grammatical error.
Jason is now in grad school, got 1600 on his SATs and graduated from Caltech. He's a bright kid. I'm sure there are many kids who are talking well before a year old, and using complete sentences as Jason did at a year.
Plus, what if Wikipedia went through all of the errors Nature found and asked the original authors of the text whether they were really mistaken? I'll bet a lot of them would "stand by their original statements".
I do think Nature should release all of the comments and criticisms and let people judge for themselves which ones are more serious.
Slashdot Mirror
That's a total lie. Almost everything in that piece of propaganda masquerading as a FAQ is a lie.
If you want the truth about TC, try Seth Schoen of the EFF. He has a good summary in his recent blog entry:
There may still be some controversy about whether TPMs are in all Intel Macs. In any case, there doesn't seem to be any software way to access them, unlike PCs.
TonyMcFadden.net has a reasonably up to date list of systems that have TPMs in them, as well as manufacturers of the chips themselves, software suppliers, etc.
these stacks might involve a GPL shim and a non-GPL binary that's checked and verified by the TPM
No, the main one is TrouSerS. It's fully open source and GPL'd. Contrary to the many lies which have been circulated about it, TC is fully compatible with Linux. In fact, that's where most of the research and development work is at this time. Trusted Grub is another good example. It hashes the Linux kernel and some of the config files into the TPM chip before booting it. This way Linux systems can prove what kernel they booted.
It all depends on who controls the root certificates that are used by the trusted computing hardware to verify the signatures of the BIOS and of the boot image.
I'm sorry, but you don't know how Trusted Computing works. Almost everything you have been told about it is a lie.
There are no root certificates used by TC hardware to verify the signatures of the BIOS and the boot image.
What happens is that the BIOS, OS loader and potentially the OS itself send information to the TPM chip about the hashes of the software that is loading. User software can then, if it chooses, query the TPM chip and get a cryptographically send message telling what these hashes are. The software can use this to report the software configuration that booted.
The root certificates get involved because the TPM crypto key never leaves the chip. The TPM manufacturer has a root certificate which it uses to sign each TPM key. This way people can tell that a message actually comes from a valid TPM and not a fake. It prevents virtualization of TPMs. This is what allows software to report its configuration in a trustable way. It is what gives the system its name, Trusted Computing.
So now the question is, will it be legal to transfer (or as they say, "convey") GPLv3 software to a Trusted Computer? It violates the principle that users must be able to alter their software in such a way that remote servers can't tell. Will that make it illegal to run GPLv3 software on a TC?
From what I understand, Trusted in this context is used as in "I entrust it with my security" rather than "I find it worthy of my trust."
No, that's a common fallacy; in fact, it's an intentionally constructed fallacy. Trusted in this context means that you have evidence to trust that the computer will behave in a specified way, particularly from the point of view of remote access. Normally when you connect to a computer remotely you have no way of knowing what it's doing. It could be essentially running any software at all. But if you connect to a Trusted Computer, it provides cryptographic evidence about its software configuration. Knowing what software it is running gives you grounds to know how it will behave; and to trust that behavior. That is the real meaning of Trusted Computing.
What prevents someone running a Linux box to connect to TiVo and get free service?
I think the answer to your question is that the intention of the GPL is to make it impossible for companies to use free software to do what TiVo did: use crypto to make it impossible to modify the software and have it still work. Companies that wanted to do that would have to develop all of their software via commercial means. They could not take GPL software and use it as a starting point, not if they then wanted to prevent users from modifying it and still using it.
As far as stopping people from getting free service, they could for example require a valid account number to access the service, and keep track often a computer contacts the service with that account number. Two or more people could share an account number but then they'd have to access the service more often. Basically your monthly payment would entitle you to N updates per month, and if you shared your account number you'd get fewer than N. So this would be a disincentive for sharing. Yet it still allows people to modify their software, which is what the GPL aims to allow.
I think, as I have studied the license more closely, that what I want to do will be OK. Maybe it is a loophole though.
Suppose I run, say, Apache web server on my Trusted Computer. I want to prove that it is an unhacked version for some reason. Or maybe it's a hacked version and I want to prove exactly what I did. So I publish the source code, and I use the crypto key embedded in the TPM chip to prove this is what I am running.
I think it's OK, because it falls under clause 4 or clause 5 of the GPL. These cover distributing ("conveying") source code. They do not include the magic words "Corresponding Source Code" which invokes the requirement being discussed here, of also publishing crypto keys to allow people to make changes to the software and fake that they didn't. That would be both impossible, because the keys are embedded in the TPM and won't come out, and counter-productive, as it would defeat the purpose of the whole thing and make it impossible for me to achieve my goal, of letting clients verify what software I am running.
It is only when distributing object code, covered in clause 6, that this Corresponding Source Code requirement comes into play. So it sounds like as long as I only publish source code, I am OK and this can still work in a Trusted Computing environment. The only problem is, it's not clear if it is a loophole (that might be changed in a future rev) or if this is the intention.
> Here's a not-so hypothetical. I want to run a server using Trusted Computing technology so that clients can detect what my software configuration is. In that way they can have greater confidence that my server will follow certain rules and greater trust in the service I provide. I voluntarily add this transparency to my server - it publishes its own source code and the TC technology lets people very that this source is what is running there.
I won't rely on that. How are you going to make sure the server is not distributing some other source code? I cannot see what you mean.
This is what is called Remote Attestation. The TC system has a chip in it called the TPM. The BIOS and the OS (Linux!) feed into the TPM hashes of the software as it is loaded. The TPM chip has a crypto key in it generated at manufacture time that never leaves the chip. The manufacturer creates a certificate proving that this particular crypto key is in a genuine TPM. Putting all these pieces together, the TPM can send a signed message testifying to the software configuration (i.e. what software is loaded), and the certificate proves that the message came from a genuine TPM. The server which is running on the TC system publishes its source code so clients know exactly what software they are interacting with.
By the way, how am I supposed to check the keys if they are inside YOUR computer? Oh, you mean I will need TC? @#$K O@@!!! (censored)
No, you as a potential client don't need a Trusted Computer, only my server does. I am proving myself to you, not vice versa. You (or your software, more likely) are able to use the evidence mentioned above to gain confidence in how my server will behave. I have a number of ideas for services which could benefit from this capability; perhaps you will be able to think of some if you try.
Do you think it is evil and wicked for clients to be able to get a more accurate picture of how servers will behave? Should the GPL try to prevent tihs capability? That is what I am afraid it does.
The Corresponding Source also includes any encryption or authorization keys necessary to install and/or execute modified versions from source code in the recommended or principal context of use, such that they can implement all the same functionality in the same range of circumstances. (For instance, if the work is a DVD player and can play certain DVDs, it must be possible for modified versions to play those DVDs. If the work communicates with an online service, it must be possible for modified versions to communicate with the same online service in the same way such that the service cannot distinguish.)
Here's a not-so hypothetical. I want to run a server using Trusted Computing technology so that clients can detect what my software configuration is. In that way they can have greater confidence that my server will follow certain rules and greater trust in the service I provide. I voluntarily add this transparency to my server - it publishes its own source code and the TC technology lets people very that this source is what is running there.
Would I be unable to use any GPLv3 software on this server? Or on any system which revealed what software version was running? It would allow client systems to refuse to interoperate with other versions of the software, if they didn't like what the server would do if it ran those versions.
And since ultimately TC relies on crypto keys that are buried in hardware and can't be exported, it would be impossible to comply with the requirement to publish any such keys.
I would be very disappointed if the world of GPLv3 software were off limits for such a user friendly application, and it became impossible for servers to offer this level of transparency. This is what I've been looking forward to ever since Trusted Computing was announced.
You're in luck, asking this today! Coincidentally, I just received in my email information about an unusual investment opportunity. It is a company called RWGI which is "an explosive pick for our members", according to the email. The email says the stock is selling for $0.32 but I did some research and it is actually only about $0.20, so it is an even better deal now! Imagine if this stock went up to $20 a share, which isn't all that much for a stock, and you put $1,000 into it, you would be worth $100,000! Not a bad financial position for your graduation.
I'll let you know if I get any more investment ideas. Apparently these are all around if you just keep your eyes open. Good luck!
I've been signed up for cryonic suspension for over 15 years, along with my wife and two kids, and I resent being called a "transhumanist nut-job". I am a good husband and father, honest and hard working, and well-respected in my field. It baffles me that in this day and age, the Wired writer (and his editor!) apparently feels free to openly use such an epithet against a group of people whose only sin is unconventional disposal of their bodies after they die. With all the belief systems in this world which have true potential to inflict harm on others, why is it that cryonics in particular is fair game for such defamatory comments?
Having observed this phenomenon for decades, I suspect there is more than a trace of irrationality in these open displays of hostility. We are all uncomfortable with the inevitability of death, and must come to terms with it in some way. The existence of believers in cryonics forces us to consider whether physical death is inevitable after all, opening up an emotional wound which we would prefer to think of as fully scabbed over. Distancing ourselves from this emotional discomfort is accomplished through scornful humor, name-calling, and other practices which would normally be considered off limits.
When criminals in this world appear,
And break the laws that they should fear,
And frighten all who see or hear,
The cry goes up both far and near for
Underdog,
Underdog,
Underdog,
Underdog.
Speed of lightning, roar of thunder,
Fighting all who rob or plunder
Underdog, Underdog.
When in this world the headlines read
Of those who's hearts are filled with greed
And rob and steal from those in need.
To right this wrong with blinding speed goes
Underdog,
Underdog,
Underdog,
Underdog.
Speed of lightning, roar of thunder,
Fighting all who rob or plunder
Underdog, Underdog.
And some athletes train in high oxygen environments so as to strenghten their muscles by forcing more oxygen into them. One method is wearing an oxygen mask and exercising at the bottom of a swimming pool, simulating an ultra low altitude.
I saw this demonstrated by Kurzweil a few weeks ago at the Singularity Summit conference at Stanford. He held up the gadget above his book, pushed a button, and it started talking! So simple in concept but so hard to do. The audience went crazy, it was so clear how this would be a world changing gadget for blind people.
The picture in the review showed the projected stars as having constellation lines drawn on them! It looked terrible. If I want to get the feeling of lying in bed or in my living room and looking up at the stars, I don't want to see big, garish lines drawn across the "sky". Hopefully they have some disks without the lines, but the review didn't mention it.
Years ago I used a kit to put luminous paint on my bedroom ceiling in the pattern of the stars. It was a set of stencils you'd stick to the ceiling and use as a guide to make the star dots. Then when you turned the lights off they'd glow dimly for an hour or more. It was really beautiful, but a lot of work to create.
This is not an issue of your rights online. It is a battle between two enormous business groups: Internet providers and content providers. Neither of them has your interests at heart! Both groups are primarily motivated by maximizing their own profits. They are using you and manipulating you in order to try to further their business goals.
I don't love my ISP any more than the next guy, but let me make a brief counter to all the propaganda from Google and Ebay and MSN about the "greedy" ISPs (of course, Google etc. are just in business to extend love and butterflies and puppies throughout the world).
The way people pay for and get charged for the Internet has changed over time. It used to be that many of us had to pay by the minute, or even by the byte. That has mostly disappeared, but we still pay more for better service. Not everyone has the same options for Internet access, and even if they do have the same options not everyone can afford the same access. Internet access is a business, and a relatively new one. Business models are evolving and there is no guarantee that today's model is the perfectly optimal, best possible way that people could pay for Internet access.
It might be that if ISPs could get some money from content providers, they would charge their customers less. Of course, they would not do this out of the goodness of their hearts (they have no hearts!), but rather for the same business reasons that they stopped their per-minute and per-byte charges. ISPs exist in a competitive business environment like other companies and ultimately they need to satisfy their customers.
It might even be that in the future, Internet access could be free. It would effectively be subsidized by the big content companies, which ultimately get their income from ads. Free access to Internet content could be supported by advertising. It has worked with other media and it's possible it could work for the net too. But the only way it can happen is if ISPs, which bear the cost of end-user access, are able to get some of the revenues from the companies that are offering the ads.
That's really what this battle is all about. I don't know how it will come out, but I do know that when good ol' Meg from Ebay suddenly wants me to write my congresswoman about an issue that, coincidentally, would protect the huge profits Meg is earning, her motive is not to benefit me. Meg doesn't actually ask my opinion all that often. She's not on the phone wishing me happy birthday or asking how's the family. No, her interests are not mine. She is looking to protect her company's profits and she is trying to influence me and use me in this political battle against Comcast and other ISPs.
I've been playing SL for a few months and there are some interesting points that were missed by these articles.
First, many of the signups are free accounts. You only need to upgrade to a paid account if you want to own land. I rent a 'condo' and I still only have a free account. However I have spent a few dollars occasionally, converting them directly to Linden-dollars so I could buy stuff. Many players just get by on the 50 Linden-dollars a week basic stipend that even free accounts get.
Second, probably the most noteworthy aspect of SL is the large number of women participating. Female avatars substantially outnumber males, in my experience, and while not all of them are "really" female, it is clear that the game has real appeal to women. In fact one of the main activities in SL is clothes shopping, which is one of the reasons that hardcore gamers (almost all men/boys) often don't like the game.
Another point not often mentioned is that another popular activity is gambling. There are hundreds of casinos in SL offering slot machines, blackjack, poker and dice games. Because Linden-dollars are convertible, it means that the players at these casinos are gambling real money. Which is illegal, in the U.S. Yet the activity goes on openly, on servers owned by a U.S. company. Plus, the casinos are completely unregulated and there is basically no recourse if you think you are being cheated, other than to go elsewhere.
I do think the money-making aspects tend to get over-emphasized in articles about SL. Most people don't make or sell anything, from what I've seen. And those who do are not too happy lately. The Linden-dollars have been highly inflationary and have fallen from 1/250 to 1/300 of a dollar in the past couple of months. In response Linden Labs is constantly rejiggering the various stipends and payments they make.
Which brings up the last point, the dynamism of the game. Things are always changing. My condo complex now has a medieval castle complete with lava-filled moat on one side, and an open-air art gallery on the other. Neither was there when I moved in a couple of months ago. You may go to a formerly-popular spot and find that an entire mall has picked up and moved to the other side of the world, overnight. Or maybe they just went out of business entirely. Several of my favorite places have disappeared since I started playing, which is too bad. But new ones are always being created so there is always something new to see.
If you have a broadband account, give it a try. Don't expect it to be a structured game, just an enormous and diverse world to explore.
I have the three-movie-at-a-time plan, which is the most popular one, and I make no effort to keep track of which envelope which movie came in. So I don't see how an envelope bar code could help.
Hmmm, I just noticed that there's a little window on the envelope and a bar code on the sleeve of the movie... but it would only show if I put the movie in backwards from what I usually do. Is that the trick? Am I supposed to put the movie in so the barcode shows? Then I'll get quicker service?
Gee, I don't remember them telling me to do that, but it makes sense. I'll have to try it and see if it makes a difference.
Paolo Attivissimo's blog provides plenty of documented, photo and other evidence that the new Macs do have TPM chips in them. He started out skeptical but soon got plenty of pictures of motherboards from the new Macs. They plainly have Infineon TPM chips in them. It's not clear what if anything they are being used for, but there is no doubt that Intel Macs have TPMs.
It will never happen because the U.S. and Australian governments at least, among others, will never allow themselves to get into a situation where they appear to be endorsing porn. If they allow special technology to be built into the internet specifically for porn sites, conservatives will be up in arms. Creating a special domain for porn is simply not an option for these governments. Maybe in five or ten years things will be different, but at this time the U.S. is very religious and very conservative and will never endorse a porn-specific domain.
Thanks for posting those excerpts. Lem was an amazing talent.
One correction for the story about the king and his mechanical kingdom. Trurl encountered a deposed tyrant and built for him this model kingdom to rule over. Only he made it too real. The characters were done so faithfully and realistically that their suffering under the tyrant's rule was no longer simulated but became real. This is why the story is subtitled, "how Trurl's own perfection led to no good". It was one of the first explorations of this concept, whether a simulation of consciousness is in fact conscious.
Does anyone ever worry about this, designing AI for video games? Will we ever look at a game and say, that crossed the line; the simulated suffering has become real?
Thanks, that is a good reference and does answer some of the questions that have been posed here.
They measured accelerations with commercially available accelerometers. These were placed into steel boxes to act as Faraday cages and block EM radiation. They ran the experiment many times with non-superconductors and with the superconductors too warm to super-conduct, and found no effects.
There were no effects with high temperature superconductors, which their theory (a non-standard theory) predicted. There were also no effects when high-temp superconductors were lowered to liquid helium temperatures, which they also predicted.
The only effects they saw were with low-temp superconductors, niobium and lead. There were no effects above their superconducting temperatures.
They basically saw two effects. When accelerating a spinning superconducting ring, accelerometers located near a ring segment recorded an acceleration opposite to that experienced by the ring segment. So for example if this piece of the ring was spinning north, when they sped it up the accelerometers showed a southward force, and when they slowed it down the accelerometers showed a northward force.
The strongest reading was by an accelerometer inside the ring, but one located just above the ring was almost as strong. This was actually contrary to their (non-standard) theory, which predicted that the force should be mostly localized to the ring plane. But since their theory is completely blue-sky and non-standard, that perhaps doesn't mean too much.
The other effect they saw was with a constant spinning speed, lowering the temperature from non-superconducting to superconducting. As they passed through the critical temperature, the accelerometers again felt a force. It was noted that this force was in the opposite direction from the acceleration force, which I believe was also contrary to their (non-standard) theory.
They also briefly mentioned Podkletnov, but only to say their results were "very different" from his. They also said that they did not see any signs of the effects he reported, to the limits of their measurement. I would note that I think Podkletnov used a spinning disk while these guys used a spinning ring.
Overall it looks like a very careful experiment that did eliminate most sources of error. However the measured values were close to the noise limits of the accelerometers, which is always a little suspicious in science. The experiment definitely looks ready for replication. If it works it will turn gravitational theory on its head. There is no theory in existence that can account for these results. Not general relativity, not quantum gravity, and not even these guys' non-standard theory will work. Something completely new will be needed.
My son Jason started talking at about nine months and was using complete sentences by a year. At his one year checkup, we told the pediatrician that Jason was talking already. The pediatrician pointed to one of the pictures decorating his office. "What's that, Jason?" he asked. Jason said, "That... is... a... picture... of... a... bird... on... wall." (Jason spoke very slowly and haltingly, with difficulty, like he was thinking hard about each word.) The doctor was amazed, he said he had never heard a child answer like that at that age. He said he thought Jason might say "bird". In fact, he said he would almost have wondered if we had taught Jason to parrot that sentence except that he made one grammatical error.
Jason is now in grad school, got 1600 on his SATs and graduated from Caltech. He's a bright kid. I'm sure there are many kids who are talking well before a year old, and using complete sentences as Jason did at a year.
Plus, what if Wikipedia went through all of the errors Nature found and asked the original authors of the text whether they were really mistaken? I'll bet a lot of them would "stand by their original statements".
I do think Nature should release all of the comments and criticisms and let people judge for themselves which ones are more serious.