Carly and co. want to shed all the research and development departments here in HPC. Every single team has been told to show what they are working on will create a profit for the company within one year, or expect to be downsized. All research has stopped, its all development now. Every group is scrambling to get something published within the next few months, everyone is working on papers to get published at symposiums or mainstream press. Of course, everyone has updated their resumes.
This is a very strange comment. The report is about work being done in HP Labs, which I believe would be called HPL not HPC. Was this a typo (preview is your friend) or is HPC some other part of the company that has been doing long term research that more properly belongs in HPL as the corporate research laboratory. If management is just telling people to focus on their own responsibilities, rather than doing other people's jobs, then I don't see what the big fuss is about.
Technology companies become successful by creating innovative products with the best technology. Carly and co. has yet to grasp this concept.
Whatever he may have done elsewhere, Bruce was not creating products at HP, nor was he marketing HP products. Choosing not to have an Open Source Advocate as an employee says very little about HPs product plans. Other articles have suggested that HP may hire Bruce as a consultant when they need specific advice about Open Source issues.
I also disagree that creating innovative products with the best technology is the route to success for a technology company. Two of the most successful technology companies are Microsoft and Intel, and I do not see 'innovative' or 'best' as significant factors in their success. It seems to me that however distasteful it may be, good marketing and ruthlessness in business dealings are far more important than anything technical.
Infoworld Aug 15 story has a different emphasis
on
Bruce Perens Canned by HP
·
· Score: 3, Informative
Bruce Perens leaving HP was reported in an Infoworld article on August 15. Although it is essentially the same story, the emphasis seems somewhat different. That article suggests that HP was restricting the level of activism, and Bruce would leave rather than put up with that. It does not mention Microsoft-baiting.
Note also that HP is cutting jobs at the moment; people who are given the boot get some money, those who walk don't. I would not read too much into "being fired" rather than "resigning" at the moment, it could just be a procedural device that Bruce goes as part of the cuts, so gets some money on the way out.
Now understand, that which can be accidental does not need to be.
One factor that we must remember is that permission to use a device applies to all the passengers, but malicious intent is rare. It may well be the case that one or a few devices can be tolerated, but dozens or hundreds cause a problem. For example, the one cellphone activated by a terrorist may not do much harm, but when every passenger calls to say "we are just landing", that may be more of a problem.
One passenger using one device may not do much harm, just as killing one whale, using one CFC aerosol, cutting down one tree etc. does not do much harm. If we want to be sure that the devices are safe, we have to think in terms of every passenger being wired up like a christmas tree with every combination of devices. It may be beyond the average, but I would not want to be crew on a flight taking people to the UberGeek Convention if there is no restriction on passengers' use of electronic and radiating devices.
Maybe you just have no clue about Style sheets and styles??
Let me leap into the argument here. I used to use Framemaker a few years ago and used its style features to create sets of documents that had a consistent look. We even managed to get a whole team to produce consistently styled and very large documents. We decided to change the look of our documents, and the style tools just let us upgrade all the old ones to the new look.
I then had to use Word, and still do when I must, because "that's what everybody uses". The style features in Word are an abomination if you are trying to write serious documents. Word is just about the most frustrating program I have ever used. My preferred tactic now is to generate HTML with appropriate class tags and stylesheet, and then, if the management insists, import that into Word as the very last thing I do. It is so much quicker than fighting Word's fixed ideas on how I ought to do things.
Bruce Schneier lists Ross Anderson's so-called "TCPA/Palladium FAQ" among a whole lot of other links to related content. Having read the TCPA spec, the recently published book on TCPA, Seth Schoen's notes (referred to by Schneier), and as much else as I can find about TCPA and Palladium, I would say that if you want to stand on someone's shoulders to see further into this area, Schneier is a giant, but Anderson is at best a dwarf, and probably standing at the bottom of a deep hole. I was shocked that someone with Anderson's reputation could produce such a poorly researched piece of work.
Read the TCPA spec for yourself, it's on the web for all to see, as Schneier points out. Do your own thinking. A lot of what has been written about it is just plain wrong. There are risks and a dark side to that sort of technology, but also a lot of good things that could be done with it. The open source community could exploit TCPA to their advantage if there are people with the insight and imagination to see the opportunities.
I read through the decisions for the unix.com and unix.org cases, and can see some parts of the answer to kyler's question If the domain unix.com doesn't violate the UNIX trademark, what gives them the right to take unix.net away from me and unix.org away from Michael?
The unix.com domain had been in use for some time for a discussion forum where the main topic was unix, they kept their domain registration despite it including the trademark. The unix.org domain had not been actively used for anything, and the information provided about what it had been intended to be used for was seen by the arbitrators as indicating an intent to make money as a result of attracting visitors, with the unix trademark being part of what attracted visitors.
The argument about 'unix' having become generic failed in both cases.
The arbitrators seem to be deciding on the basis of whether or not the domain is actually being used for some legitimate purpose. Mere ownership of the trademark does not seem to be enough for victory. It is good that the holders of unix.com won, but if the report of the unix.org case is accurate as to the facts, then I think that was a reasonable decision.
I also tracked down the decision for the unix.net case http://arbiter.wipo.int/domains/decisions/html/200 2/d2002-0296.html, and among the things it says is The Respondent failed to file any evidence that might lead the Panel to the inference that the Respondent has rights or a legitimate interest in the domain name. Not having seen the site in its original form I can't tell for myself whether or not the arbitrators are right to judge that there was no legitimate interest. They seem to have formed the opinion that the site was really a web designer advertising their services, and using someone else's trademark to attract visitors. Perhaps someone who visited the site in its old form can comment.
It's also worth mentioning that the second you attach that NT system to a LAN (or any other network iirc) it is no longer C2 certified.
That is not the case for NT4. The cited report refers to the NT 3.51 evaluation since the NT4 evaluation had not been published when it was written. The summary of the NT4 evaluation says "A networked configuration was evaluated for interconnecting the various hardware with Windows NT workstations and servers.". The full evaluation report is available for those who want to read it.
Windows NT4 (with specified SPs and fixes) also has an ITSEC E3/F-C2 certificate, and networking is mentioned in that one too - search from the CESG certified products page if you want details.
These certificates do not necessarily mean much in practice, but we should refer to up to date ones if we refer to them at all.
Read Fred Cohen's paper Computer Viruses - Theory and Experiments published in 1984. The original experiments that demonstrated the threat of viruses were done on Unix.
You may have captured the URL, but you didn't bother to find out whether it was doing anything wrong, did you? My guess is the "across domains" it was referring to was between msn.com and msn.co.uk.
What they were doing may not have been wrong from their point of view, but it goes against the spirit of some of the assurances people are given about cookies, and does that without asking for permission or giving any kind of explicit warning. Since I had just been instructing Hotmail (or was it Passport) to not pass my data around, seeing what might be the passing of data from one Passport client site to another serves to increase the already high level of distrust of Microsoft.
I was just updating another account which I set up with the first/last name "Concerned User" a while ago (I used it to send a polite "did you know you are a spam relay" message once so chose a suitable name for the purpose). After switching off those permissions I tried to update the account only to find that "User" is no longer acceptable as a last name. For that account I am now "Concerned Individual" which apparently is OK.
Is this a stupid policy implemented by idiots? It looks like it to me. I pity the people who use Hotmail for anything serious.
fortunately, the system was being so slow that I had time to capture it. It looks as if the protections we are supposed to have about cookies not being sent to different domains mean nothing to Microsoft. No surprise there then.
SOAP is also much lighter and easier to use than most of the other solutions out there (e.i. CORBA, XML RPC).
I have often seen this claim of the latest hyped up fad being "lighter" than a more mature existing technology. As usual, the lightness is not in the technology, but in the level of thought needed to take the first step. It certainly takes effort to use CORBA, but it is being used for real-time control systems in a way that "lightweight" SOAP cannot hope to match. If the real-world demands that have driven the CORBA specification to where it is now are applied to SOAP, it will end up heavier and harder to use, but I expect it to be displaced by the next hyped up silver bullet with embedded philosophers stone and free elixir of life before that happens. XML-RPC is really pre-hype SOAP so not an interesting comparison. DCE would be more interesting, it had its problems, but also a security model that its successors have struggled to match.
Yes, SOAP definitely tunnels through firewalls, but this is for a good reason - you don't need to open up any extra holes in your firewall. W/ every other method you need to poke holes in odd ports, and often that's not an option or in the end less secure than letting SOAP take HTTP.
This is exactly what is wrong with the whole SOAP approach. Poking odd holes in your firewall is just the wrong thing to do. Assuming that the mapping between ports and protocols is anything more than a convenience is the sign of just not understanding how attachers are not limited by what you intended. Failure to distinguish the roles of client-side and server-side firewalls, as the SOAP community seems to do, is also a sign of just not having the right attitude to security.
Setting your objective as getting traffic through that irritating firewall lines you up nicely with all the people trying to break in to your system. This cannot be a good way to start if you want any useful security.
The article by Rich DeMillo (CNet news.com May 15, 2002) is much better. He gets to the underlying issue that we are patching up problems as they arise rather than paying any attention to understanding what we are really trying to achieve. In particular he says "The headlong rush to Web services is going to make things worse."
DeMillo has been around long enough to know what he is talking about, but I expect his wisdom to fall on deaf ears in today's instant gratification culture.
...is that IT has the One True Canonical Disk Image. IT performs backups of the network drives; if you want anything safe, you keep it on the network drives. Anything goes wrong on your machine, their first step is *WHOMP* reimage the machine.
The only part of that which is correct is that IT performs backups of network drives. Consider also that H-P's lab implies that there is one lab where in fact there are labs in many different product divisions, and HP Labs is a whole separate part of the organisation. Anyone who has worked at HP would also know that you never write the name as H-P; the hyphen is used only when the founders are named in full.
Also IIRC they allow users to install stuff, make local changes and tweaks, etc. I think they might even have machine-local administrator rights. But if you change anything, it breaks, and you complain, *WHOMP*.
The support obviously varies across such a large organisation, but my understanding of what goes on is that your first two sentences are correct, and the third is just totally bogus
(On an ironical note, I work for a military research lab, and IT is not at all alarmed when users have local admin rights to their Lose2K boxes. It makes things far easier for everybody, including IT. (IT can still do remote admin.))
On an ironical note, it seems you have less flexibility than the folks in HP Labs where the IT folks provide support for a lot more than just Windows. It may come as a shock, but the kind of IT support in various places depends on what kind of work people are expected to be doing.
The ACM paper is also available here. It is a good description of the compartment model, but the product has some extra features not described in the paper.
This sounds like it's just using HP's VirtualVault...
VirtualVault runs on a modified version of HP-UX, on PA-RISC hardware. It is also rather expensive (a lot more than $3000). That the new product has some of the features that made VirtualVault a success is not really surprising, after all, the people who worked on it can get all that secret internal information from the VirtualVault team because that are part of the same company.
A search for "documentation security" on the HP site takes you to an interesting page - follow the hp-tlx link in the index for Administration Guide, Installation Guide and Release Notes.
Read the article about obstetric forceps in the April 21 edition of New Scientist. How many women and children died because the inventors of forceps kept them secret for over a century rather than lose the family business by revealing the design? For all its faults, just getting rid of the patent system could make things worse than they are now.
I will pick up only a couple of points here. Firstly the statement "Nope, there are several treaties in place that makes a patent issued in one county valid in all the others.". You can file with WIPO rather than USPTO, EPO, and any national offices you think relevant, but you have to file everywhere you want protection. Filing through WIPO takes a very long time and is very expensive if you choose full coverage. You should attend a meeting where IP attorneys discuss where to file with the inventors or other interested parties; you might then understand that filing for full international protection is not somthing you would do for just any application.
"This is nonsense, it has nothing to do with the fee.". Did you know that you have to pay renewal fees to keep patents valid? Did you know that depending on jurisdiction, those fees increase later in the life of the patent? Companies that manage their patent portfolios explicitly look to which patents they can allow to expire early in order to save that very large cost.
Part of the problem with this subject is that those who think patents are evil seem to have never talked to an IP attorney about how the system really works in practice, and what the laws are in various jurisdictions. Hate me for being a named inventor if you like, at least it means I have had to talk to IP attorneys, so I have some idea of how the system works.
Since Free Software exists despite the current patent system, why should those who believe that they benefit from patents seek to change anything? The goose grew up and started laying its golden eggs in the world where patents exist. Why should leaving that world as it is kill the goose? Perhaps changing that world by abolishing patents would be more dangerous; it would benefit the ruthless and unscrupulous operators who think nothing of stealing the work of others.
On the subject of the arguments themselves; even as examples to provide food for thought, I have not seen anything in response to my counter-arguments that I think would be likely to have much impact on the people responsible for patent strategy in IBM, HP or similar companies. Better arguments will be needed if there is to be any chance of changing anything.
The five arguments Bruce puts forward are weak. If he wants to make progress, he will need something stronger. Here are some counter arguments; those who wish to help Bruce may want to find arguments that defeat them. (Note that denial or ranting is not going to give him anything he can take into the meeting.)
constitutionally unjustified: this may be something that you could use in the US legal or political systems, but why should it influence multinational companies? It is not their business to interpret or enforce the US constitution, they just operate within the law as interpreted in the courts.
isn't the computer, not its software, the thing that should have been patented? Why is it wrong to be able to protect a new idea implemented as a pattern of digits, but right to be able to protect a new idea implemented as a pattern of metal or plastic? It is the new idea that is being patented, the preferred embodiment being in software is not the real issue. This is where all the generalised argument against an ill-defined concept of "software patent" will be easiest to take apart.
The 20-year term it may be true that the particular embodiment will be obsolete, but the idea could well still be very valuable. If the idea is not valuable then the patent does not matter because nobody is using the idea, and the holder is paying the patent fees for no benefit. If people still want to use the idea in a new implementation, then it is still valuable and clearly not obsolete.
The monopoly... anti-trust laws this is much like the constitution issue, this is a matter for the political and legal system, why should the companies be doing anything themselves?
U.S.A. Tax if other countries change their patent laws, then US companies will have to start paying holders of patents in those other countries if they want to use the ideas there. Making the patent law the same everywhere could just as easily reduce the dominance of US-based patent holders.
Remember that "hundreds of anonymous people don't like it" is not much of an argument to take into a meeting with companies that are making a lot of money out of their patent portfolios. Don't just say you think patents are evil, think of some better arguments than the ones Bruce started with.
You are absolutely right: all that will count in court is what is in the claims. I did not see the patent number mentioned anywhere, but I think it may be US5837461 which is fairly short and has only six claims of which only the first and fifth stand alone (the rest depend on 1 or 5). The claims are explicitly about "A method of detecting [...] vision disorders", and there is not even the slightest hint of the idea of patenting a gene.
If the company thinks they have bought the right to the gene, they are fooling themselves; I think it more likely that their PR people have just gone for an attention grabbing phrase.
Suppose I have a duty to demonstrate that I took appropriate measures given what was known at the time? Suppose I have to exercise "due diligence", and keep a record of what was done that can be verified by an auditor some time later. I may still be able to keep a record of what I did, but how can I show that it was reasonable given what was known at the time? If the details are on someone else's web site, with no assurance of a dated archive, and a copyright policy that prohibits me from taking snapshots and having them timestamped (by some independent notary), where does that leave me in producing some argument about what was known at the time? (Fortunately, I don't have to do this myself, but it is not such a crazy thing to expect.)
I understand the desire to provide the latest information, and it is a good idea, but it is not the only requirement. What would be so hard about putting a "latest information on this issue is here" link at the top of a full disclosure dated and signed bulletin? It may be uncomfortable to leave a fully detailed record of how long it took to deal with a problem, but I think companies that take that pain would get more respect once people got used to the idea, if it was allowed to run and not be killed by short-sighted liability claims.
Slashdot Mirror
Carly and co. want to shed all the research and development departments here in HPC. Every single team has been told to show what they are working on will create a profit for the company within one year, or expect to be downsized. All research has stopped, its all development now. Every group is scrambling to get something published within the next few months, everyone is working on papers to get published at symposiums or mainstream press. Of course, everyone has updated their resumes.
This is a very strange comment. The report is about work being done in HP Labs, which I believe would be called HPL not HPC. Was this a typo (preview is your friend) or is HPC some other part of the company that has been doing long term research that more properly belongs in HPL as the corporate research laboratory. If management is just telling people to focus on their own responsibilities, rather than doing other people's jobs, then I don't see what the big fuss is about.
Technology companies become successful by creating innovative products with the best technology. Carly and co. has yet to grasp this concept.
Whatever he may have done elsewhere, Bruce was not creating products at HP, nor was he marketing HP products. Choosing not to have an Open Source Advocate as an employee says very little about HPs product plans. Other articles have suggested that HP may hire Bruce as a consultant when they need specific advice about Open Source issues.
I also disagree that creating innovative products with the best technology is the route to success for a technology company. Two of the most successful technology companies are Microsoft and Intel, and I do not see 'innovative' or 'best' as significant factors in their success. It seems to me that however distasteful it may be, good marketing and ruthlessness in business dealings are far more important than anything technical.
Bruce Perens leaving HP was reported in an Infoworld article on August 15. Although it is essentially the same story, the emphasis seems somewhat different. That article suggests that HP was restricting the level of activism, and Bruce would leave rather than put up with that. It does not mention Microsoft-baiting.
Note also that HP is cutting jobs at the moment; people who are given the boot get some money, those who walk don't. I would not read too much into "being fired" rather than "resigning" at the moment, it could just be a procedural device that Bruce goes as part of the cuts, so gets some money on the way out.
Now understand, that which can be accidental does not need to be.
One factor that we must remember is that permission to use a device applies to all the passengers, but malicious intent is rare. It may well be the case that one or a few devices can be tolerated, but dozens or hundreds cause a problem. For example, the one cellphone activated by a terrorist may not do much harm, but when every passenger calls to say "we are just landing", that may be more of a problem.
One passenger using one device may not do much harm, just as killing one whale, using one CFC aerosol, cutting down one tree etc. does not do much harm. If we want to be sure that the devices are safe, we have to think in terms of every passenger being wired up like a christmas tree with every combination of devices. It may be beyond the average, but I would not want to be crew on a flight taking people to the UberGeek Convention if there is no restriction on passengers' use of electronic and radiating devices.
Maybe you just have no clue about Style sheets and styles??
Let me leap into the argument here. I used to use Framemaker a few years ago and used its style features to create sets of documents that had a consistent look. We even managed to get a whole team to produce consistently styled and very large documents. We decided to change the look of our documents, and the style tools just let us upgrade all the old ones to the new look.
I then had to use Word, and still do when I must, because "that's what everybody uses". The style features in Word are an abomination if you are trying to write serious documents. Word is just about the most frustrating program I have ever used. My preferred tactic now is to generate HTML with appropriate class tags and stylesheet, and then, if the management insists, import that into Word as the very last thing I do. It is so much quicker than fighting Word's fixed ideas on how I ought to do things.
Bruce Schneier lists Ross Anderson's so-called "TCPA/Palladium FAQ" among a whole lot of other links to related content. Having read the TCPA spec, the recently published book on TCPA, Seth Schoen's notes (referred to by Schneier), and as much else as I can find about TCPA and Palladium, I would say that if you want to stand on someone's shoulders to see further into this area, Schneier is a giant, but Anderson is at best a dwarf, and probably standing at the bottom of a deep hole. I was shocked that someone with Anderson's reputation could produce such a poorly researched piece of work.
Read the TCPA spec for yourself, it's on the web for all to see, as Schneier points out. Do your own thinking. A lot of what has been written about it is just plain wrong. There are risks and a dark side to that sort of technology, but also a lot of good things that could be done with it. The open source community could exploit TCPA to their advantage if there are people with the insight and imagination to see the opportunities.
I read through the decisions for the unix.com and unix.org cases, and can see some parts of the answer to kyler's question If the domain unix.com doesn't violate the UNIX trademark, what gives them the right to take unix.net away from me and unix.org away from Michael?
The unix.com domain had been in use for some time for a discussion forum where the main topic was unix, they kept their domain registration despite it including the trademark. The unix.org domain had not been actively used for anything, and the information provided about what it had been intended to be used for was seen by the arbitrators as indicating an intent to make money as a result of attracting visitors, with the unix trademark being part of what attracted visitors.
The argument about 'unix' having become generic failed in both cases.
The arbitrators seem to be deciding on the basis of whether or not the domain is actually being used for some legitimate purpose. Mere ownership of the trademark does not seem to be enough for victory. It is good that the holders of unix.com won, but if the report of the unix.org case is accurate as to the facts, then I think that was a reasonable decision.
I also tracked down the decision for the unix.net case http://arbiter.wipo.int/domains/decisions/html/200 2/d2002-0296.html, and among the things it says is The Respondent failed to file any evidence that might lead the Panel to the inference that the Respondent has rights or a legitimate interest in the domain name. Not having seen the site in its original form I can't tell for myself whether or not the arbitrators are right to judge that there was no legitimate interest. They seem to have formed the opinion that the site was really a web designer advertising their services, and using someone else's trademark to attract visitors. Perhaps someone who visited the site in its old form can comment.
That is not the case for NT4. The cited report refers to the NT 3.51 evaluation since the NT4 evaluation had not been published when it was written. The summary of the NT4 evaluation says "A networked configuration was evaluated for interconnecting the various hardware with Windows NT workstations and servers.". The full evaluation report is available for those who want to read it.
Windows NT4 (with specified SPs and fixes) also has an ITSEC E3/F-C2 certificate, and networking is mentioned in that one too - search from the CESG certified products page if you want details.
These certificates do not necessarily mean much in practice, but we should refer to up to date ones if we refer to them at all.
Read Fred Cohen's paper Computer Viruses - Theory and Experiments published in 1984. The original experiments that demonstrated the threat of viruses were done on Unix.
What they were doing may not have been wrong from their point of view, but it goes against the spirit of some of the assurances people are given about cookies, and does that without asking for permission or giving any kind of explicit warning. Since I had just been instructing Hotmail (or was it Passport) to not pass my data around, seeing what might be the passing of data from one Passport client site to another serves to increase the already high level of distrust of Microsoft.
I was just updating another account which I set up with the first/last name "Concerned User" a while ago (I used it to send a polite "did you know you are a spam relay" message once so chose a suitable name for the purpose). After switching off those permissions I tried to update the account only to find that "User" is no longer acceptable as a last name. For that account I am now "Concerned Individual" which apparently is OK.
Is this a stupid policy implemented by idiots? It looks like it to me. I pity the people who use Hotmail for anything serious.
I was just logging out after turning off those options that had magically been turned on when I noticed this URL go by in the address bar
fortunately, the system was being so slow that I had time to capture it. It looks as if the protections we are supposed to have about cookies not being sent to different domains mean nothing to Microsoft. No surprise there then.
I have often seen this claim of the latest hyped up fad being "lighter" than a more mature existing technology. As usual, the lightness is not in the technology, but in the level of thought needed to take the first step. It certainly takes effort to use CORBA, but it is being used for real-time control systems in a way that "lightweight" SOAP cannot hope to match. If the real-world demands that have driven the CORBA specification to where it is now are applied to SOAP, it will end up heavier and harder to use, but I expect it to be displaced by the next hyped up silver bullet with embedded philosophers stone and free elixir of life before that happens. XML-RPC is really pre-hype SOAP so not an interesting comparison. DCE would be more interesting, it had its problems, but also a security model that its successors have struggled to match.
This is exactly what is wrong with the whole SOAP approach. Poking odd holes in your firewall is just the wrong thing to do. Assuming that the mapping between ports and protocols is anything more than a convenience is the sign of just not understanding how attachers are not limited by what you intended. Failure to distinguish the roles of client-side and server-side firewalls, as the SOAP community seems to do, is also a sign of just not having the right attitude to security.
Setting your objective as getting traffic through that irritating firewall lines you up nicely with all the people trying to break in to your system. This cannot be a good way to start if you want any useful security.
The article by Rich DeMillo (CNet news.com May 15, 2002) is much better. He gets to the underlying issue that we are patching up problems as they arise rather than paying any attention to understanding what we are really trying to achieve. In particular he says "The headlong rush to Web services is going to make things worse."
DeMillo has been around long enough to know what he is talking about, but I expect his wisdom to fall on deaf ears in today's instant gratification culture.
The only part of that which is correct is that IT performs backups of network drives. Consider also that H-P's lab implies that there is one lab where in fact there are labs in many different product divisions, and HP Labs is a whole separate part of the organisation. Anyone who has worked at HP would also know that you never write the name as H-P; the hyphen is used only when the founders are named in full.
Also IIRC they allow users to install stuff, make local changes and tweaks, etc. I think they might even have machine-local administrator rights. But if you change anything, it breaks, and you complain, *WHOMP*.
The support obviously varies across such a large organisation, but my understanding of what goes on is that your first two sentences are correct, and the third is just totally bogus
(On an ironical note, I work for a military research lab, and IT is not at all alarmed when users have local admin rights to their Lose2K boxes. It makes things far easier for everybody, including IT. (IT can still do remote admin.))
On an ironical note, it seems you have less flexibility than the folks in HP Labs where the IT folks provide support for a lot more than just Windows. It may come as a shock, but the kind of IT support in various places depends on what kind of work people are expected to be doing.
The ACM paper is also available here. It is a good description of the compartment model, but the product has some extra features not described in the paper.
This sounds like it's just using HP's VirtualVault ...
VirtualVault runs on a modified version of HP-UX, on PA-RISC hardware. It is also rather expensive (a lot more than $3000). That the new product has some of the features that made VirtualVault a success is not really surprising, after all, the people who worked on it can get all that secret internal information from the VirtualVault team because that are part of the same company.
A search for "documentation security" on the HP site takes you to an interesting page - follow the hp-tlx link in the index for Administration Guide, Installation Guide and Release Notes.
The paper "An Operating System Approach to Securing e-Services" published in Communications of the ACM Feb 2001 is also of interest since it describes some of the features of the system.
Read the article about obstetric forceps in the April 21 edition of New Scientist. How many women and children died because the inventors of forceps kept them secret for over a century rather than lose the family business by revealing the design? For all its faults, just getting rid of the patent system could make things worse than they are now.
See the entry in the Evaluated Products List for the C2 status of NT4 with SP6a and a C2 update. NT4 with SP3 has an E3/F-C2 evaluation from UK ITSEC.
If you don't already know about these sites, you probably don't want to bother reading the evaluation reports.
I will pick up only a couple of points here. Firstly the statement "Nope, there are several treaties in place that makes a patent issued in one county valid in all the others.". You can file with WIPO rather than USPTO, EPO, and any national offices you think relevant, but you have to file everywhere you want protection. Filing through WIPO takes a very long time and is very expensive if you choose full coverage. You should attend a meeting where IP attorneys discuss where to file with the inventors or other interested parties; you might then understand that filing for full international protection is not somthing you would do for just any application.
"This is nonsense, it has nothing to do with the fee.". Did you know that you have to pay renewal fees to keep patents valid? Did you know that depending on jurisdiction, those fees increase later in the life of the patent? Companies that manage their patent portfolios explicitly look to which patents they can allow to expire early in order to save that very large cost.
Part of the problem with this subject is that those who think patents are evil seem to have never talked to an IP attorney about how the system really works in practice, and what the laws are in various jurisdictions. Hate me for being a named inventor if you like, at least it means I have had to talk to IP attorneys, so I have some idea of how the system works.
Since Free Software exists despite the current patent system, why should those who believe that they benefit from patents seek to change anything? The goose grew up and started laying its golden eggs in the world where patents exist. Why should leaving that world as it is kill the goose? Perhaps changing that world by abolishing patents would be more dangerous; it would benefit the ruthless and unscrupulous operators who think nothing of stealing the work of others.
On the subject of the arguments themselves; even as examples to provide food for thought, I have not seen anything in response to my counter-arguments that I think would be likely to have much impact on the people responsible for patent strategy in IBM, HP or similar companies. Better arguments will be needed if there is to be any chance of changing anything.
The five arguments Bruce puts forward are weak. If he wants to make progress, he will need something stronger. Here are some counter arguments; those who wish to help Bruce may want to find arguments that defeat them. (Note that denial or ranting is not going to give him anything he can take into the meeting.)
constitutionally unjustified: this may be something that you could use in the US legal or political systems, but why should it influence multinational companies? It is not their business to interpret or enforce the US constitution, they just operate within the law as interpreted in the courts.
isn't the computer, not its software, the thing that should have been patented? Why is it wrong to be able to protect a new idea implemented as a pattern of digits, but right to be able to protect a new idea implemented as a pattern of metal or plastic? It is the new idea that is being patented, the preferred embodiment being in software is not the real issue. This is where all the generalised argument against an ill-defined concept of "software patent" will be easiest to take apart.
The 20-year term it may be true that the particular embodiment will be obsolete, but the idea could well still be very valuable. If the idea is not valuable then the patent does not matter because nobody is using the idea, and the holder is paying the patent fees for no benefit. If people still want to use the idea in a new implementation, then it is still valuable and clearly not obsolete.
The monopoly ... anti-trust laws this is much like the constitution issue, this is a matter for the political and legal system, why should the companies be doing anything themselves?
U.S.A. Tax if other countries change their patent laws, then US companies will have to start paying holders of patents in those other countries if they want to use the ideas there. Making the patent law the same everywhere could just as easily reduce the dominance of US-based patent holders.
Remember that "hundreds of anonymous people don't like it" is not much of an argument to take into a meeting with companies that are making a lot of money out of their patent portfolios. Don't just say you think patents are evil, think of some better arguments than the ones Bruce started with.
You are absolutely right: all that will count in court is what is in the claims. I did not see the patent number mentioned anywhere, but I think it may be US5837461 which is fairly short and has only six claims of which only the first and fifth stand alone (the rest depend on 1 or 5). The claims are explicitly about "A method of detecting [...] vision disorders", and there is not even the slightest hint of the idea of patenting a gene.
If the company thinks they have bought the right to the gene, they are fooling themselves; I think it more likely that their PR people have just gone for an attention grabbing phrase.
Suppose I have a duty to demonstrate that I took appropriate measures given what was known at the time? Suppose I have to exercise "due diligence", and keep a record of what was done that can be verified by an auditor some time later. I may still be able to keep a record of what I did, but how can I show that it was reasonable given what was known at the time? If the details are on someone else's web site, with no assurance of a dated archive, and a copyright policy that prohibits me from taking snapshots and having them timestamped (by some independent notary), where does that leave me in producing some argument about what was known at the time? (Fortunately, I don't have to do this myself, but it is not such a crazy thing to expect.)
I understand the desire to provide the latest information, and it is a good idea, but it is not the only requirement. What would be so hard about putting a "latest information on this issue is here" link at the top of a full disclosure dated and signed bulletin? It may be uncomfortable to leave a fully detailed record of how long it took to deal with a problem, but I think companies that take that pain would get more respect once people got used to the idea, if it was allowed to run and not be killed by short-sighted liability claims.