Sorry, this is completely stupid. Only the US (and a couple of other countries) allow software patents; the other one hundred and twenty-something countries don't. This is just another place where the US needs to step into line with the rest of the world.
I don't think he's joking at all. I think he's dead serious, and I think he's absolutely right to be. European programmers can no longer travel to the United States without risking being arrested for doing things which are perfectly legal where they did them (and in 95% of the rest of the world). Until you guys get this sorted, you have to face up to the fact that the rest of us can't safely share stuff with you.
They search for steganographic images on eBay and
have found none. Quel surprise.
Eventually they get told that
yes, there is a steganographic image on
ABC, and they look at it, and guess what? They
prove that it is a steganographic image and they can
really desteg it. Quel surprise!
Of course, this particular image was
very simply constructed as an example for a mass
entertainment news channel intended for a general,
non-specialist, audience. It was
not constructed by someone concerned about secrecy
or desperate to conceal a secret message. On
the contrary it was constructed using
handy, freely available steganographic
image tools,
not special purpose custom written ones.
Great!
This doesn't prove that there aren't staganographic images on eBay which their software can't detect. It doesn't prove there aren't steganographic images on alt.sex.binaries.fluffy-bunnies. It doesn't prove there aren't steganographic images on your favourite pr0n site.
It doesn't even prove that some spook agency somewhere can't detect all these steganographic messages, desteg them, and read the payload. All it proves is that these two academics can only detect a steganographic image it they're told where it is and what it is, and even then only if it's produced with a small range of well known, freely available tools.
Incidentally, there is a steganographic payload in this post. Care to scan all Slashdot posts for steganographic payload? All Usenet? No, thought not.
I'm personally a member of ISOC; my membership costs US$35 per annum. As ISOC is the IETF's parent body, that makes me part of the IETF's constituency. The IETF is answerable to me and to thousands of people like me for what it does. By contrast, W3C membership costs US$50,000 per annum, and in consequence W3C membership is limited to a few hundred large corporates. Many important sections of the stake-holders of the Web, the users, the open source developers, the thousands of authors and site administrators, and the private citizens, are not represented at all.
It seems to me that this is the key to the current problem, and illustrates that fixing the current problem - the incompatibility betwen RAND licensing and open source software - won't fix the underlying problem and this sort of hting will keep on occurring.
This raises a number of questions for me:
What is the justification for having a W3C separate from the IETF?
If it's reasonable to have two standards-setting bodies for the net, why not three?
Why should we, as people explicitly excluded from the W3C's processes, treat W3C as authoritative?
What if anything is W3C going to do about expanding its constituency?
You know those situations where you meet someone and they recognise you but you haven't a clue who they are... easy. Face recognition software and it prints up in your sunglasses... 'that's your mother'.
Plug it (or wireless it - better) into your car's onboard computer and have head up speedo, tachometer, fuel, oil pressure, anything else you care about. But personally I'd find a head up speedo most useful.
From this page [w3.org] it seems both Apple and Kodak claim to have patents covering SVG.
See my analysis of these patents. Quick summary: both these patents are bare-faced attempts to claim techniques which were at the
time of their filing long established and well understood
techniques in broad general use. If W3C had had the courage to
face down these patent claims in court, they would
have collapsed.
This is possible and practical and we should prepare to do it. However, to have three Internet standards bodies would be a bad thing. What we should really seek to achieve is a situation where:
Either
W3C commits to not incorporating any proprietary technologies into standards, and
W3C opens up its membership to ordinary peoplr, with a subscription for individual members of not more than US $50 per annum
or
W3C winds up and IETF resumes the role of setting Web standards, and
IETF commits to not incorporating any proprietary technologies into standards.
So long as W3C remains a rich corporations club this sort of proposal will come bach again and again. It is, after all, in the rich corporations' interest.
If I've missed anyone I shouldn't have, I'm sorry - blame tired eyes. I was particularly looking for comments by Brian Behlendorf, Eric Raymond, Larry Wall, Linus, Hakon Lie, Vint Cerf and Tim Berners-Lee, but if they were there I didn't see them.
OK, so what are we going to do about it?
We have to face the fact that these days commercial companies have a lot of power on the Web. If AOL/Time Warner/Netscape, Microsoft, CNN, the movie studios and the big music companies get together to invent new, patented (in the US) Web technologies which won't interoperate with Open Source technology, then 90% of the Web using public will not notice. If they do notice, they'll blame our software for 'not working'.
So we have to make a determined, co-ordinated grab for the moral high ground. I'm prepared to bet that W3C will be a bit shaken by the furore they've brewed up here, and I would endorse everyone else's suggestions that anyone who hasn't responded yet to the consultation document does so now, in calm, polite, grammatical, spelling-corrected - words, explaining why you see 'reasonable and non discriminatory' license fees as unacceptable.
This may in itself be enough. I hope it will, but I think we should prepare against the possibility that it won't. What should we do? I believe we should take immediate steps to set up a new, independent, standards setting body for the Web spearheaded by people with a wide international reputation with the avowed intention of forking the standards base and maintaining free, open, standards for the Web. We should work to include the corporates who have already shown their commitment to Open Source into a broad coalition alongside the recognised open source projects, and seek to isolate Apple, Hewlett-Packard and Microsoft (the companies who actually authored this proposal).
The long term objective is not to have two competing standards setting bodies: it is to hold over the W3C a credible threat of two competing standards setting bodies. In the face of that credible threat it's my opinion that W3C will rethink. If they don't, we would have to do this for real, but that is in my opinion very much a suboptimal option.
The real question is, is this a violation of the owner's civil liberties, or a victory against spammers?
The guy is setting out to deceive the unwary. Do you have a civil right to deceive people? Of course people decieve people all the time, and some forms of deceit are considered legal (and, equally, some illegal). But there's a big difference between being legal and being a civil right. What it seems to me this is fundamentally about is the right to lie, and as far as I'm concerned that is not a civil right.
H'mmm... yes... if that's what paedophile means...
Systematic over counting of Microsoft servers?
on
Netcraft Survey Updated
·
· Score: 5, Insightful
From the document:
Of the 80,000 ip addresses no longer running Microsoft-IIS, only around 2,000 are now running a competing web server.
This kind of implies to me that at least 78,000 of the machines Netcraft have been counting as IIS Web servers were in fact just machines on which IIS had been loaded by default, and were never serving any real content anyway. If that's true of 78,000, how many more is it true of? In other words, are Netcraft systematically overcounting IIS by counting all machines with IIS running whether they are in fact serving any real content or not? Likewise, how many of the 'Apache' servers counted are in fact just 'out of the box' Linux installs with no real content?
So why the heck is there this concept that we (North Americans) live in a sexually repressed society?
Uhhmmm... you live in a society where it's OK for children to see pictures of people killing people, but it's not alright for children to see pictures of people having sex with people, and you think that doesn't constitute a 'sexually repressed society'?
You live in a society where it's OK to show a bullet penetrating flesh on prime time TV, but it's not OK to show a penis penetrating flesh on prime time TV, and you think that doesn't constitute a 'sexually repressed society'?
You live in a society where it makes sense even to have debates about whether drawings of sex should be banned and you think that doesn't constitute a 'sexually repressed society'?
On the other hand, a (virtual) crime is depicted and thereby probably even promoted (nonvirtual).
Doesn't promoting a crime you in some degree guilty of the same crime?
Hey, hey!
The vast majority of Hollywood's ouotput - and most fiction, too - depicts crime. Murder, assault, theft, fraud, cannibalism, rape... they're all there. They're all there in mainstream cinema. They're all there in mainstream novels. They're all there in prime-time television. Why aren't you out there murdering, assaulting, stealing, defrauding and eating people? You've seen these movies, haven't you? You've read these books?
If you can watch a film about a heist and not want to become a bank robber, why can't you watch child porn and not become a paedophile?
Take manga, for example, or hentai. Most of the characters in most Japanese animation have characteristics that look to westerners child-like. Does that make all sexually explicit manga child pornography? Is this child pornography [warning: explicit]? Should it be banned?
Then, how do you tell by looking at a picture how old the subject is? Sure, yes, you can (almost always) tell the difference between a five year old and a fifty year old, but can you always tell the difference between a fifteen year old and a twenty-five year old, even in real life? If you can't in real life, how can you in drawings?
What about fantasy worlds in which people change ages? Take, for example, Freaky Friday, in which a mother and child exchange bodies for a day. If the 'mother' character (supposedly actually an adult but in a child's body) had had sex, would that be child porn? If the 'daughter' character (supposedly actually a child but in an adult body) had had sex, wouold that be child sex?
Good and evil are not relative. Moral relativism is a weak and wrong idea.
There are those who are evil. They desire nothing other than to prey upon their fellow human beings.
There are those who are good. They do nothing but help fellow human beings.
This is utter, simple-minded, bollocks. Very few actions are either completely good or completely evil. No-one who has ever lived has never done harm to any other human being, and no-one who has ever lived has never helped another human being.
Human beings are very mixed. Whether you're a christian and believe in original sin, or you just look at the actions of the people around you, you know that everyone is sometimes petty, sometimes mean, sometimes spiteful, sometimes unkind.
Furthermore, and more importantly, in many situations in which people have to make judgements when the outcomes are unclear. Sometimes, with the best of intentions, you can produce evil results.
Welcome to the real world. It's complex, messy, uncertain, and contains no absolutes. No absolute good, and no absolute evil.
The Register is running a story about an advert - deeply tasteful under present conditions - which MicroSoft are running in the UK. As a matter of interest, is this advert being run in the US? If so, what it the reaction to it?
It's actually remarkable how little power is needed to get a very light aircraft into the air. There certainly have been microlight aircraft powered by lawnmower engines. Similarly, not a lot of power is needed to get a hovercraft up - and the vertical shaft axis will actually help with that. If it hasn't enough power to get something up, would it push something when it was up? Build your own blimp!
You can get Nimda about seven different ways and 6 of them have nothing to do with running a web server. Just browsing an infected site, something beyond your control, with IE 5.5 sp1 or less was enough.
This is true, of course. This worm spreads in a number of ways, all of which exploit
security flaws in Microsoft software:
It can directly attack your computer if you are running
Microsoft Internet Information Server (IIS)
Notice a pattern there? Yes, that's right. If you don't run Microsoft, you can't get Nimda. Or Code Red, or Code Red II, or SirCam, or Melissa, or...
This isn't about being a Linux bigot. You can't get Nimda on MacOS. You can't get it on Solaris. You can't get in on OS/400, or AIX, or an Amiga, or on *BSD. This isn't a matter of Linux being good. Linux is just ordinary, like any other half-competent operating system.
This is a matter of Microsoft being incompetent. Hopelessly, culpably, irredeemably incompetent.
So the service provider should simply have bandwidth caps. Or bill users according to their usage. If someone wants to run an insecure system that eats up bandwidth, that's their concern.
Not if it's my bandwidth and I'm paying for it, it's not. Yes, so I could sue them. But frankly if they're too stupid to use a computer, cutting them off the Net is for their own good.
Why is it an ISPs job to have any concern over what's passing across the wires?
I pay a lot of money for my leased line. So do my ISP's other customers. A substantial fraction of my expensive bandwidth is being eaten up because other people (mostly also customers of my ISP) can't be bothered to patch their systems. The service my ISP is able to provide me is consequently degraded, and I'm not happy about it.
If an ISP emerges who only accepts clueful customers, I'm likely to move my account. ISPs know this: if they don't switch off the clueless (and consequently troublesome) customers, they will lose the clueful (and consequently more profitable) ones.
I'm getting to the point where I think there would be some merit in having to pass a test, like a driving test, before you can connect your computer to the public information infrastructure.
Since this is - probably - I hope - the last time we discuss this on Slashdot, I'd like to say how well I think Slashdot's done through this crisis. News on Slashdot has been timely, useful, accessible when many of the 'big' news sources on the web fell over. Furthermore, Slashdot has been mostly right about facts on this one - both in what the editorial team has posted and in what others have contributed.
It has allowed for the expression of a wide range of views - far wider than we would have seen from any single conventional news site - and many of the views (even ones I don't agree with) have been well expressed.
It's also interesting to note the drop in the volume of Katz-bashing we've seen. I mostly read and often agree with what Jon writes, and I've often suspected that a lot of the Katz-bashing is ritualistic pack behaviour (k001 dud3z 645h Katz - me b45h Katz, me k3wl). But Katz was there, on the ground, reporting what he was seeing and feeling, and it seems people respected that.
So, congratulations, guys. I hope that we don't see too many more real world news events so big that they become News for Nerds; but it's great to know that when one does, my favourite news site will handle it well.
Slashdot Mirror
Sorry, this is completely stupid. Only the US (and a couple of other countries) allow software patents; the other one hundred and twenty-something countries don't. This is just another place where the US needs to step into line with the rest of the world.
I don't think he's joking at all. I think he's dead serious, and I think he's absolutely right to be. European programmers can no longer travel to the United States without risking being arrested for doing things which are perfectly legal where they did them (and in 95% of the rest of the world). Until you guys get this sorted, you have to face up to the fact that the rest of us can't safely share stuff with you.
Eventually they get told that yes, there is a steganographic image on ABC, and they look at it, and guess what? They prove that it is a steganographic image and they can really desteg it. Quel surprise!
Of course, this particular image was very simply constructed as an example for a mass entertainment news channel intended for a general, non-specialist, audience. It was not constructed by someone concerned about secrecy or desperate to conceal a secret message. On the contrary it was constructed using handy, freely available steganographic image tools, not special purpose custom written ones.
Great!
This doesn't prove that there aren't staganographic images on eBay which their software can't detect. It doesn't prove there aren't steganographic images on alt.sex.binaries.fluffy-bunnies. It doesn't prove there aren't steganographic images on your favourite pr0n site.
It doesn't even prove that some spook agency somewhere can't detect all these steganographic messages, desteg them, and read the payload. All it proves is that these two academics can only detect a steganographic image it they're told where it is and what it is, and even then only if it's produced with a small range of well known, freely available tools.
Incidentally, there is a steganographic payload in this post. Care to scan all Slashdot posts for steganographic payload? All Usenet? No, thought not.
It seems to me that this is the key to the current problem, and illustrates that fixing the current problem - the incompatibility betwen RAND licensing and open source software - won't fix the underlying problem and this sort of hting will keep on occurring.
This raises a number of questions for me:
You know those situations where you meet someone and they recognise you but you haven't a clue who they are... easy. Face recognition software and it prints up in your sunglasses... 'that's your mother'.
Plug it (or wireless it - better) into your car's onboard computer and have head up speedo, tachometer, fuel, oil pressure, anything else you care about. But personally I'd find a head up speedo most useful.
See my analysis of these patents. Quick summary: both these patents are bare-faced attempts to claim techniques which were at the time of their filing long established and well understood techniques in broad general use. If W3C had had the courage to face down these patent claims in court, they would have collapsed.
This is possible and practical and we should prepare to do it. However, to have three Internet standards bodies would be a bad thing. What we should really seek to achieve is a situation where:
So long as W3C remains a rich corporations club this sort of proposal will come bach again and again. It is, after all, in the rich corporations' interest.
If I've missed anyone I shouldn't have, I'm sorry - blame tired eyes. I was particularly looking for comments by Brian Behlendorf, Eric Raymond, Larry Wall, Linus, Hakon Lie, Vint Cerf and Tim Berners-Lee, but if they were there I didn't see them.
OK, so what are we going to do about it?
We have to face the fact that these days commercial companies have a lot of power on the Web. If AOL/Time Warner/Netscape, Microsoft, CNN, the movie studios and the big music companies get together to invent new, patented (in the US) Web technologies which won't interoperate with Open Source technology, then 90% of the Web using public will not notice. If they do notice, they'll blame our software for 'not working'.
So we have to make a determined, co-ordinated grab for the moral high ground. I'm prepared to bet that W3C will be a bit shaken by the furore they've brewed up here, and I would endorse everyone else's suggestions that anyone who hasn't responded yet to the consultation document does so now, in calm, polite, grammatical, spelling-corrected - words, explaining why you see 'reasonable and non discriminatory' license fees as unacceptable.
This may in itself be enough. I hope it will, but I think we should prepare against the possibility that it won't. What should we do? I believe we should take immediate steps to set up a new, independent, standards setting body for the Web spearheaded by people with a wide international reputation with the avowed intention of forking the standards base and maintaining free, open, standards for the Web. We should work to include the corporates who have already shown their commitment to Open Source into a broad coalition alongside the recognised open source projects, and seek to isolate Apple, Hewlett-Packard and Microsoft (the companies who actually authored this proposal).
The long term objective is not to have two competing standards setting bodies: it is to hold over the W3C a credible threat of two competing standards setting bodies. In the face of that credible threat it's my opinion that W3C will rethink. If they don't, we would have to do this for real, but that is in my opinion very much a suboptimal option.
The guy is setting out to deceive the unwary. Do you have a civil right to deceive people? Of course people decieve people all the time, and some forms of deceit are considered legal (and, equally, some illegal). But there's a big difference between being legal and being a civil right. What it seems to me this is fundamentally about is the right to lie, and as far as I'm concerned that is not a civil right.
Ah! You mean:
Definition(from )
Microsoft VBScript runtime error '800a0005'
Invalid procedure call or argument: 'left'
H'mmm... yes... if that's what paedophile means...
This kind of implies to me that at least 78,000 of the machines Netcraft have been counting as IIS Web servers were in fact just machines on which IIS had been loaded by default, and were never serving any real content anyway. If that's true of 78,000, how many more is it true of? In other words, are Netcraft systematically overcounting IIS by counting all machines with IIS running whether they are in fact serving any real content or not? Likewise, how many of the 'Apache' servers counted are in fact just 'out of the box' Linux installs with no real content?
Uhhmmm... you live in a society where it's OK for children to see pictures of people killing people, but it's not alright for children to see pictures of people having sex with people, and you think that doesn't constitute a 'sexually repressed society'?
You live in a society where it's OK to show a bullet penetrating flesh on prime time TV, but it's not OK to show a penis penetrating flesh on prime time TV, and you think that doesn't constitute a 'sexually repressed society'?
You live in a society where it makes sense even to have debates about whether drawings of sex should be banned and you think that doesn't constitute a 'sexually repressed society'?
Mind you, I'm not claiming the UK is much better.
Hey, hey!
The vast majority of Hollywood's ouotput - and most fiction, too - depicts crime. Murder, assault, theft, fraud, cannibalism, rape... they're all there. They're all there in mainstream cinema. They're all there in mainstream novels. They're all there in prime-time television. Why aren't you out there murdering, assaulting, stealing, defrauding and eating people? You've seen these movies, haven't you? You've read these books?
If you can watch a film about a heist and not want to become a bank robber, why can't you watch child porn and not become a paedophile?
What is a 'virtual child'?
Take manga, for example, or hentai. Most of the characters in most Japanese animation have characteristics that look to westerners child-like. Does that make all sexually explicit manga child pornography? Is this child pornography [warning: explicit]? Should it be banned?
Then, how do you tell by looking at a picture how old the subject is? Sure, yes, you can (almost always) tell the difference between a five year old and a fifty year old, but can you always tell the difference between a fifteen year old and a twenty-five year old, even in real life? If you can't in real life, how can you in drawings?
What about fantasy worlds in which people change ages? Take, for example, Freaky Friday, in which a mother and child exchange bodies for a day. If the 'mother' character (supposedly actually an adult but in a child's body) had had sex, would that be child porn? If the 'daughter' character (supposedly actually a child but in an adult body) had had sex, wouold that be child sex?
This is utter, simple-minded, bollocks. Very few actions are either completely good or completely evil. No-one who has ever lived has never done harm to any other human being, and no-one who has ever lived has never helped another human being.
Human beings are very mixed. Whether you're a christian and believe in original sin, or you just look at the actions of the people around you, you know that everyone is sometimes petty, sometimes mean, sometimes spiteful, sometimes unkind.
Furthermore, and more importantly, in many situations in which people have to make judgements when the outcomes are unclear. Sometimes, with the best of intentions, you can produce evil results.
Welcome to the real world. It's complex, messy, uncertain, and contains no absolutes. No absolute good, and no absolute evil.
The Register is running a story about an advert - deeply tasteful under present conditions - which MicroSoft are running in the UK. As a matter of interest, is this advert being run in the US? If so, what it the reaction to it?
No, no. You need rocket engines for that.
It's actually remarkable how little power is needed to get a very light aircraft into the air. There certainly have been microlight aircraft powered by lawnmower engines. Similarly, not a lot of power is needed to get a hovercraft up - and the vertical shaft axis will actually help with that. If it hasn't enough power to get something up, would it push something when it was up? Build your own blimp!
This is true, of course. This worm spreads in a number of ways, all of which exploit security flaws in Microsoft software:
Notice a pattern there? Yes, that's right. If you don't run Microsoft, you can't get Nimda. Or Code Red, or Code Red II, or SirCam, or Melissa, or...
This isn't about being a Linux bigot. You can't get Nimda on MacOS. You can't get it on Solaris. You can't get in on OS/400, or AIX, or an Amiga, or on *BSD. This isn't a matter of Linux being good. Linux is just ordinary, like any other half-competent operating system.
This is a matter of Microsoft being incompetent. Hopelessly, culpably, irredeemably incompetent.
Not if it's my bandwidth and I'm paying for it, it's not. Yes, so I could sue them. But frankly if they're too stupid to use a computer, cutting them off the Net is for their own good.
I pay a lot of money for my leased line. So do my ISP's other customers. A substantial fraction of my expensive bandwidth is being eaten up because other people (mostly also customers of my ISP) can't be bothered to patch their systems. The service my ISP is able to provide me is consequently degraded, and I'm not happy about it.
If an ISP emerges who only accepts clueful customers, I'm likely to move my account. ISPs know this: if they don't switch off the clueless (and consequently troublesome) customers, they will lose the clueful (and consequently more profitable) ones.
I'm getting to the point where I think there would be some merit in having to pass a test, like a driving test, before you can connect your computer to the public information infrastructure.
[simon@beesianum simon]$ cat /var/log/httpd/*access* | grep msadc | wc -l
133
Not bad for a worm that's been live for less than seven hours, and attacks an operating system that's 'easy to secure'.
It has allowed for the expression of a wide range of views - far wider than we would have seen from any single conventional news site - and many of the views (even ones I don't agree with) have been well expressed.
It's also interesting to note the drop in the volume of Katz-bashing we've seen. I mostly read and often agree with what Jon writes, and I've often suspected that a lot of the Katz-bashing is ritualistic pack behaviour (k001 dud3z 645h Katz - me b45h Katz, me k3wl). But Katz was there, on the ground, reporting what he was seeing and feeling, and it seems people respected that.
So, congratulations, guys. I hope that we don't see too many more real world news events so big that they become News for Nerds; but it's great to know that when one does, my favourite news site will handle it well.