I read the Notice of Proposed Rulemaking. (well actually, the Report and Order and Further NPRM)
the MAKERS of the electronics will decided how to implement this, and will have to compete for consumers.
The makers propose protection mechanisms, but the FCC must approve them. That means they consider the views of whoever bothers to write Comments. The MPAA bothers quite a bit & their voice seems to be heard quite clearly, though the comissioners don't always agree.
The guvmint doesn't want 20 standards, but they don't want to impose a single one, so they've told the content makers and movers to figure something out. I expect we'll see DTCP, CPRM, 5C, 4C & all the stuff we've seen proposed before. The interesting bit will be the rules under which the device receiving an encrypted signal from a "demodulator" must operate. I see comments about retention periods, but the FCC's report only mentions the single Redistribution Control Descriptor.
This isn't going to get simpler with the Broadcast Flag, but trickier. There will be streams of still-compressed (so not to large to wield) HDTV that are receivable and maybe decryptable by general purpose devices (e.g. a PCI Firewire card with crap from these guys), so how will they keep it from leaking onto the internet then?
The attack on the general purpose-ness of the PC will continue after a word from our sponsor, Longhorn TV.
Here, the posibility might exist that due to bad software design someone with nefarious purposes could come up with an exploit to poision the results and there not be a way to go back an argue over the evidence.
It doesn't even take deliberate bad intentions for bad software to fsck up the democratic process.
Remember in Cryptonomicon when the lady pulling the bingo balls to form a one-time pad didn't like certain numbers, but preferred multiples of 5 so skewed the probability distribution enough that the cryptext could be attacked?
In one of Georgia's elections using a Diebold machine, Green party votes got screwed up.
The systems are new, so the election officials are interested in figuring out went wrong.
Once the systems lose their freshness, maybe an official won't persevere for a resolution to losing votes for a 2% party.
However, candidates getting 2% encourages those who feel disenfranchised by the two-party system and would rather vote for someone like Camejo than Bustamante (California Gubernatorial election).
Successive elections can build momentum as more and more people see that a third party is possible. Then a candidate gets enough votes to qualify for federal election funds and the spiral continues upwards.
It doesn't take a grand conspiracy but simply a hegemony of just not caring that much plus difficulty in resolving the problem (due to grody Access databases and crappy documentation), to screw up democracy bigtime.
The most insidious are the ones we don't even know about.
Mod parent up MORE!
Ding ding ding!!!
Why has AIDS killed more people than Ebola? Because it takes long enough to kill the host that many more hosts can be infected. You'd be lucky if you make it to the airport once you contract ebola, let alone fly to the States and bleed out on a Manhattan subway platform at rush hour.
We keep hearing about how horrible Blaster/SoBig/CodeRed &c &c are, but wait until the worm that's been in the wild for a year, spreading slowly & carefully so as to not alarm intrusion detection wakes up on some very large portion of Windows boxes.
Someone mentioned Magic Lantern, but even though it might not be conventionally detectable, at least the source is sort of known. It's the people clever enough not to brag, even to their spouse/sibling/friend, and to keep the conspiracy small that are more dangerous. (I just self-selected out of this group)
How many times have you loosened up a firewall's rules because it was interfering with something you were trying to do, then not tightened back up when you were done? If a worm knocked at your door once a month instead of 100 times per second, do you think you'd notice?
Yeah, I've been reading too much Brunner.
We had a worm that exploited the RPC hole running around work. We have a good firewall, so no one's ever directly compromised one of the unsecured machines inside (e.g. CVS pserver running with cleartext user list and no passwords) and Lotus Notes, though mostly execreble hasn't brought a worm inside (thanks, I think, to server-side virus checkers). However, people check their personal email accounts with Outlook. That gets a worm inside that spreads around to unpatched win2k boxes (all of 'em).
IT's response was to update virus checker definitions and run full scans more often. Kills the worm, but it's back an hour later. The only way to kill such a worm without patching the machines (which they finally did) is to turn off the switch and clean every machine.
I hear they have these new things called DVD players that will so something like this.
Coincidentally, I just tried out Dazzle's OnDVD to make a VCD slide show. Interesting....
However, DVD players are only capable of 720x486 or 720x576 resolution (CCIR-601). HDTV can be as high as 1920x[1080i|720p]. Roku doesn't support 1080p-- too bad.
Mr. KELLER. Okay. Let me walk you through a hypothetical and ask how the FBI would be involved. Next week, for example, a major movie called ''Sea Biscuit'' is going to be opening up by Universal, I think. Let's say that today it was posted on the Internet somehow, that an advance copy got out similar to what happened with ''The Hulk'' movie, and that the folks down at Universal Studios in Orlando, Florida in my district found out about it through their own internal investigation. What would be their procedure for dealing with the FBI? Would they contact the Orlando FBI office, or is there some specialized FBI unit, some other location they would contact?
[...] Mr. KELLER. I am wondering if there should be some sort of like an online intellectual property SWAT team in place that people like that could contact if they know that there is an imminent up loading of their movies, some group of FBI officials somewhere that this is their expertise, rather than some generic agent in Tampa.
if you have an earlier version of QuickTime installed on your PC, it will be replaced with QuickTime 6.4.
Well, I guess I'll stick with ephPod then. I use Cinestream for Windows, which after Radius changed their name to Digital Origin, sold EditDV to Media 100 who renamed it then sold it to Discreet (division of Autodesk) who promptly abandoned it. It works great for me, but I can never upgrade past Quicktime 5.
I found the Matrix Revolutions trailer in divx, so that was OK, but this is icky. 1 Red hat & 1 XP partition are enough to keep track of. Two XP partitions will be maximally grody.
BitTorrent always sounded like a good idea, but I've never tried it until today. While waiting for the Apple/Akamai download, I downloaded & installed the client and got iTunes.
if you hit cancel on the EULA it automatically ejects the CD
I was confused by the article on whether or not he'd accepted the EULA and how he knew about the DLL installation if he hadn't.
What he says is that the.exe runs when you put in the CD. It installs the DLL right away. While the EULA agreement dialog is visible you can switch to other programs. The CD is still in the drive and the DLL is active. That's how he produced a sample of garbled (by the DLL) music without agreeing to the EULA. That's also how he discovered where the DLL was.
It sounds (this part is really not clear) that once you say NO and the CD ejects, the DLL is disabled, but not uninstalled. That sound like unauthorized modifiction of a computing system to me.
It also sounds like you might be able to uninstall the DLL with the EULA dialog still up and rip the disk. This is what SunComm was complaining about in the news article breaking the suit story. They weren't bitching about him telling people to hold down the shift key, because that would have sounded INCREDIBLY stupid.
I wish they had sued him and won. I don't wish H. any harm, but judges (see the garage door opener case) have to stop figuring out ways to not enforce the DMCA so it can be repealed. I think if SunnComm had won, Princeton would have let the student stay in school though bankrupt and an act of Congress have not only overturned the DMCA, but given a grant to Princeton for MORE security research which would fund the rest of the students education. Probably a bit optimistic, but I prefer to call it hope.
LaunchCD.exe located on the disc. [...] provides access to the DRM-controlled encrypted content, but it also loads a special device driver [...] called SbcpHid. The LaunchCD.exe program also presents an end user license agreement (EULA). If the user ever clicks Accept to agree to the terms of the license, the MediaMax driver is set to remains active even after the computer is rebooted. The driver examines each CD placed in the machine, and when it recognizes the protected title, it actively interferes with read operations on the audio content.
and
When MediaMax loads, it presents an end user license agreement (EULA) [10]. If the user declines the EULA or closes the window, the software ejects the CD. However, users can simply ignore the EULA window and start other applications on top of MediaMax.
For the time being I've decided not to accept the EULA, so I can't access the software to evaluate it further.
Now the thing that SunnComm is objecting to is not the shift key bypass (which is a DMCA violation which I hope is fully prosecuted so we can see how stupid the law is), but instructions on how to remove the driver. It sounds like the driver is installed whether one accepts the EULA or not, but not left active if you don't (which is what H. seems to have done).
Here's a great defense: removing the driver is *repairing* your computer. The driver might only interfere with discs it recognizes as protected, but maybe I've suffered enough Windows driver incompatibilities and find a tip that a driver's secretly installed & how to get rid of it useful.
Does WinXP's system restore also get rid of the driver?
Why doesn't the "interoperability" defense *built in* to the DMCA ever get used?
Now here's what I don't get: The USB-IF throws up their hands at this confustion, saying:
The USB-IF is a nonprofit industry organization. We do not and cannot control how manufacturers label their products.
But the logos are trademarked! Isn't it worth it to intel & other IF sponsors to reduce confusion by enforcing proper use of their logos and mebbe promoting them a bit?
How 'bout a trademark-usage license that requires manufacturers to put a link to an informational site like Microsofts "howtotell" authentic-Windows B.S.?
It's obvious that Microsoft's month for secuirty wasn't enough (after 20 years of feature creep, we only get a month for?).
I've read the TCPA specs and it's not a bad idea in a commercial & some home environments as long as you can turn it off so you can develop code or run someone elses' if youchoose to (as opposed to sneak-ware like Gator). I have two computers at work & wouldn't mind if the one running email were "locked down" to keep corporate IS from losing their minds for every MSBlaster/Fizzer/MSwormoftheweek as long as they leave my "programming" box alone (where's the checkbox for USB compliance suite on their audit checklist???).
At home, it would be an advantage to have two copies of Windows installed- one that lets me play & one that I run video editing on & only runs trusted code.
By mixing DRM in, Intel, Microsoft, h-p & others are guaranteeing that
1) there will be strong opposition to the tech in the form of boycotts (see the anti-RFID flak) & cracks
2) the tech will be weakened to serve its new DRM masters by complexity not needed for simple rogue code protection
The non-standard-sized disc is an anti-copying mechanism. "Effective" in the text of the law just means it's present, not good. Through the normal course of using the player can you extract the contents of a disc or make your own?
Another question: through the normal course of using a computer, can you make a compatible disc? Ah!! But computers are general purpose devices. Or are they? (Or will they be?) This is one of the loopholes that the **AAs would like to close. If people are producing their own music and movies at home and burning CDs and DVDs (of their OWN stuff, not ripped off), then tools that deal with open media formats are something that would be used in the normal course of using a computer. If computers are reduced to web surfing and Office-running boxes that only do movies with iMovie or XP Movie Maker, spitting out proprietary WMVs & the like, open formats/tools are something only for "professionals."
If we're making standard DVDs (of our own stuff), the interoperability clause of the DMCA should let us reverse engineer this format so we can make copies of the video for the kids to watch on their player. Here we have a conflict between the increased utility vs. the ability to copy the Duff movies. In Sony v. Universal and Diamond v. RIAA, the judges liked utility. In Elcomsoft v. (Ashcroft?), they're starting to poo-poo utility.
Remove the utility argument completely by closing up the home-DVD creation process and you don't have to convince a judge anymore. My boss doesn't want to edit DV then wait for MPEG-2 compression before burning a disc (with a separate authoring app)-- he wants it to be seamless and fast. I think he'd give up freedom for speed.
I've seen other tests where CD-Rs can't be written reliably after sitting around blank for a few years or artifically "flash aged" using elevated heat &c.
That matters to me a bit, but what's much more important is how reliable the data can be read after *being written*, then stored for years.
I use Kodak pseudo-golds (they don't make the real gold on gold ultima anymore) for anything I care about. The discs should be good, but they are also actually made by Kodak. No problems with the manufacturer changing & the brand remaining the same. No research on who's selling the best Taiyo Yudens this week needed.
Oh, shit! Good things never last. Well, the folks I bought my last batch of Kodak's from have a replacement: Mitsui Golds
I don't abuse my "archival" discs, so I don't care much about scratch-resistance, which is all some "life" discs offer. I care about bit rot.
This copyright does *not* cover user programs that use kernel services by normal system calls
Well, this is strange indeed. This means that Linux is *not* precisely GPL and this matters quite a bit in TiVo's case.
The GPL follows general copyright law by insisting that the creator of work A gets to have a say in how work C is used where C = A + B. GPL removes some of A's creator's rights over C if the sourcecode to C is released.
For TiVo, what's a "work?" In my opinion, it's the whole box. Most people seem to think the end-user application, the kernel and the drivers (loadable modules) are separate works, but this device is not a computer and those pieces are not "merely aggregated" in the same way that code on CD-ROM Linux distro is aggregated.
I don't care about the drivers, because Linus has made many statements about how he allows that and other developers have known about this policy long enough that they could have stopped contributing years ago.
Maybe this preamble has also always been present, but I've seen no discussion of how this is why TiVo is allowed to keep their app closed source.
Let me give another real world example from embedded systems. At my company, a guy just got the MAD mp3 library running on our digital camera prototype. We'd like to offer this to our customers (camera manufacturers who make cameras for the brands you're familiar with). If we statically link it in to our closed-source camera code, that seems a clear GPL violation.
What if we create a MacOS/Palm-like jump table for "camera OS" calls and only make our mods to an mp3 player "application" using MAD open-source?
What if the binary of this app lives in a hidden partition of internal NAND flash?
What if it can only be run from the hidden partition or if the app is signed? It seems that TiVo is doing that now.
My plan is to allow running apps from removable cards and the "published" (over USB Mass Storage class) internal NAND flash. I'm hoping our customers (the manufacturers, not the end users) will see the benefit of that over having to pay the MAD author for a proprietary license (though they'll probably still have to pay Fraunhofer).
Is simply publishing a header file for calling OS functions through the jump table transparent and for prototypes sufficient to satisfy the "arms length" requirement (see the GPL FAQ), or must we document those calls in detail.
Here's part of an interesting discussion by ham radio people on VHF and UHF antennas in an area (Santa Cruz mountains) where reception is terrible.
The conclusions I draw are:
1. crappy antennas with amplifiers can work esp. if the amp is right next to the antenna (but it does have to get power- the Fubas on VWs are too short, but amplified, but they switched from separate power to "phantom" power over the RF lead that's unreliable)
2. putting the antenna outside on a tall mast is better than indoors, but in an attic might be an OK compromise
3. directional beats omni, but you'll need a rotator, a "farm" of antennas (feasible when there are only 3 or 4 xmitter sites as in SCruz) or you need to live somewhere (the end of a long peninsula?) where all the transmitter antennas are in the same direction
4. some commercial antennas are poorly designed, but good ones (Winegard) aren't that expensive- $90 - $220.
5. there are good VHF antenna designs for the ham bands near the TV bands and software that'll calculate element lengths & performance if you put in the different frequency
6. the emphasis in antenna design seems to be in UHF these days because HDTV uses that band & the set owners are the people that need the reception & have the $$ for the antenna & installation.
---
If I didn't have satellite, I'd build a farm of stacked dipoles on the roof for VHF and buy a couple bowtie + screen antennas for UHF. Rotators are pain in the ass because the wind can blow the antenna out of alignment so all of your channel/angle settings need to be re-jiggered. They're also expensive.
coincidental circumstantial evidence, with no prior record or other connection to the crime, and you'll be eliminated from the police's enquiries in a flash,
This, for me, is one of the major problems with TIA-esque systems.
The abuses are:
1) a cop harrasses his ex-wife's new boyfriend using TIA data
2) government critics are harrassed
3) innocents are convicted using a "web" of circumstantial evidence
Maybe I watch too much Law & Order & C.S.I., but I do worry that someone with my general description and some other minor similarity: same brand of shoes or car, same point of debit card usage) along with proximity to a cell site near the crime at the time it's committed could be enough to lock me up. Means and opportunity, leaving only a thin motive to fabricate: pysch history, associates, financial issues, high school "permanent record" (corroborated with testimony from a vice principal).
They seem to be able to get bank records phone LUDs and FastPass usage without subpoaenas and use this probably cause to get search warrants.
#2 is what I see as the greatest threat to society at large, but I'm not that outspoken, so it's #3 I worry about personally.
5.005_03 seems to be a baseline for which a lot of scripts are written (that don't want to count on the latest). It's what's installed on our Solaris box.
ObNotation: I want to make an I ching notation, using the 2 symbols (bar, broken bar) as bits, so 6 bits per hexagram. Printable ASCII is 96 characters, but if you leave out upper case, space and tab, you only have to drop 4 more symbols to fit.
qrpff would be my choice, but it uses every punctuation mark but ! and `, so it won't fit. A base64 of a bzip2 comes out a bit longer, but it's too obscure. Instead, I like just leaving the four characters after z, {|}~ untranslated.
472 characters would give us 20 & 1/2 23 character rows.
Hmmm... use a perl script to generate postscript for this?
Too bad Ryan Neaveill's font has both cases & so little punctuation.
l'Olonnais questioning the unlucky survivors of a party sent to ambush him. During the questioning, l'olonnais, becoming frustrated with the prisoners' silence, drew his knife and cut the heart from one of the Spaniards and began to gnaw upon it.
Maybe teaching people how bad the pirates really were will help counteract this hysterical retoric coming from the "content" industries' trade associations.
If anyone with a camera & the 10-pin-card-edge to USB cable is in the SF Bay Area, come visit me (Santa Cruz) & I'll hook it up to the CATC (USB analyzer).
Also, I have an embedded device (another camera of all things) that can act as a USB host, so we could do some USB mass store tweaks on it. That could be attempted with Linux, but those drivers are kind of large & hard to keep in your head at one time. Mine are small & simple, though I guess if I learned driver debugging on Linux, it would be easier than debugging over a serial line.
I'll get a few of these myself in a few days, but if someone's already got the cable hooked up, it'd be nice to save the trouble.
I agree with your reason that DIVX wasn't hacked-- it would have been the next target after CSS.
Howver, you didn't comment on the lack of hacks for digital cable, the price of which just keeps going up & up. Is it beyond the reach of people unwilling/unable to bribe/blackmail Motorola & S-A employees?
strategically tapping the interconnects between the main ASIC and the key-storage device
At this price point ($30-50 cost of goods, payback in 5 "rentals", 8% lossage?), I don't expect there will be many chips on the board. Besides the CPU/DSP, sensor and some regulators, probably external NAND flash, and maybe DRAM, but the code ROM (likely to be masked or OTP with only a bit of e2rom or flash) is likely on-chip.
I like your points about power profiling and I recall the IBM encryption device for banks that was tricked into giving up its secret key, but there are some boxes that do have strong incentive to hack that haven't been comprompised yet. Digital cable boxes (PowerKEY and DigiCipher II) is my best example: they had the advantage of trailing the satellite guys in technology (didn't repeat mistakes) and that stuff is damned well built. Also (ducking...) Divx was never hacked. It has layers on top of CSS. Remember, CSS was weak and the Xbox took a very smart and persistent guy to hack.
If they don't embed the NAND flash in the CPU/DSP, and I haven't seen anyone doing that yet, it'll be easy (for those with Metcals, microscopes & steady hands) to wire on a Smartmedia socket & use removable cards + a card reader. Much easier than figuring out how to talk to the thing when you can't snoop on a legit conversation (unless you have a friend at Ritz boost a reader).
Silly puck, until this reusable came along, all of the cameras using the chip were supported with Windows drivers (actually, they probably use Mass Store for stills & webcam mode is where you need a driver). For instance (from the release notes at SourceForge):
Currently, the following cameras are supported by this driver: Mustek gSmart mini 2 055F C420 Working Mustek gSmart mini 3 055F C520 Working
But the challenge here might not be slurping pictures out of the camera, but getting the camera to give them up at all. Might take hacking the controller instead of just the USB protocol to see what magic vendor specific specific request needs to be sent to let the mass storage class go. Snooping a Ritz printer with a CATC would work, but you have to get your hands on one.
Spec sheets for some of the chips are available here, but these are VGA and XGA chips using 8051s, not 2 megapixel.
For the SPCA504A used in the mustek 2mpix, there's a partial datasheet here. Snooping the "hidden" links at sunplus.com.cn didn't help....
So anyone even vaguely interested in photography won't give this a second look.
It's not the tools, it's how you use them.
Ever heard of Lomo, or the even-more-respected-by-"art"-photographers-but-not -as-hyped Holga? which comes with a lens that's not only crappy, but has serious camera-to-camera variance so you have to buy a few ($15 each in lots of 2-5), find & tape up the light leaks, then shoot to find out which distortion you like the best.
Some people like cheap cameras 'cause you can shoot on any street in the world without worrying about getting ripped off. This guy has a Leica, but check out his ode to the lowly Canonet of the golden age of 35mm (1967-1988)
Do you know that Leicas from the 30s still work and are repairable, but LCDs have finite lifetime and spare parts mfg a the same time as the original cameras age the same way, so NO Nikon F5s will be operational in 50 years?
Every cheap photo lab has the idiots open these cameras, so you can be pretty sure that once you take a roll it is trivial to get the film out without a darkroom.
Grandparent post mentioned dark bag (also known as a changing bag), which I have seen sitting around at the local Walgreens & Target minilabs.
Slashdot Mirror
READ THE FUCKING PRESS RELEASES!!!!
I read the Notice of Proposed Rulemaking. (well actually, the Report and Order and Further NPRM)
the MAKERS of the electronics will decided how to implement this, and will have to compete for consumers.
The makers propose protection mechanisms, but the FCC must approve them. That means they consider the views of whoever bothers to write Comments. The MPAA bothers quite a bit & their voice seems to be heard quite clearly, though the comissioners don't always agree.
The guvmint doesn't want 20 standards, but they don't want to impose a single one, so they've told the content makers and movers to figure something out. I expect we'll see DTCP, CPRM, 5C, 4C & all the stuff we've seen proposed before. The interesting bit will be the rules under which the device receiving an encrypted signal from a "demodulator" must operate. I see comments about retention periods, but the FCC's report only mentions the single Redistribution Control Descriptor.
This isn't going to get simpler with the Broadcast Flag, but trickier. There will be streams of still-compressed (so not to large to wield) HDTV that are receivable and maybe decryptable by general purpose devices (e.g. a PCI Firewire card with crap from these guys), so how will they keep it from leaking onto the internet then?
The attack on the general purpose-ness of the PC will continue after a word from our sponsor, Longhorn TV.
Here, the posibility might exist that due to bad software design someone with nefarious purposes could come up with an exploit to poision the results and there not be a way to go back an argue over the evidence.
It doesn't even take deliberate bad intentions for bad software to fsck up the democratic process.
Remember in Cryptonomicon when the lady pulling the bingo balls to form a one-time pad didn't like certain numbers, but preferred multiples of 5 so skewed the probability distribution enough that the cryptext could be attacked?
In one of Georgia's elections using a Diebold machine, Green party votes got screwed up.
The systems are new, so the election officials are interested in figuring out went wrong.
Once the systems lose their freshness, maybe an official won't persevere for a resolution to losing votes for a 2% party.
However, candidates getting 2% encourages those who feel disenfranchised by the two-party system and would rather vote for someone like Camejo than Bustamante (California Gubernatorial election).
Successive elections can build momentum as more and more people see that a third party is possible. Then a candidate gets enough votes to qualify for federal election funds and the spiral continues upwards.
It doesn't take a grand conspiracy but simply a hegemony of just not caring that much plus difficulty in resolving the problem (due to grody Access databases and crappy documentation), to screw up democracy bigtime.
The most insidious are the ones we don't even know about.
Mod parent up MORE!
Ding ding ding!!!
Why has AIDS killed more people than Ebola? Because it takes long enough to kill the host that many more hosts can be infected. You'd be lucky if you make it to the airport once you contract ebola, let alone fly to the States and bleed out on a Manhattan subway platform at rush hour.
We keep hearing about how horrible Blaster/SoBig/CodeRed &c &c are, but wait until the worm that's been in the wild for a year, spreading slowly & carefully so as to not alarm intrusion detection wakes up on some very large portion of Windows boxes.
Someone mentioned Magic Lantern, but even though it might not be conventionally detectable, at least the source is sort of known. It's the people clever enough not to brag, even to their spouse/sibling/friend, and to keep the conspiracy small that are more dangerous. (I just self-selected out of this group)
How many times have you loosened up a firewall's rules because it was interfering with something you were trying to do, then not tightened back up when you were done? If a worm knocked at your door once a month instead of 100 times per second, do you think you'd notice?
Yeah, I've been reading too much Brunner.
We had a worm that exploited the RPC hole running around work. We have a good firewall, so no one's ever directly compromised one of the unsecured machines inside (e.g. CVS pserver running with cleartext user list and no passwords) and Lotus Notes, though mostly execreble hasn't brought a worm inside (thanks, I think, to server-side virus checkers). However, people check their personal email accounts with Outlook. That gets a worm inside that spreads around to unpatched win2k boxes (all of 'em).
IT's response was to update virus checker definitions and run full scans more often. Kills the worm, but it's back an hour later. The only way to kill such a worm without patching the machines (which they finally did) is to turn off the switch and clean every machine.
I hear they have these new things called DVD players that will so something like this.
Coincidentally, I just tried out Dazzle's OnDVD to make a VCD slide show. Interesting....
However, DVD players are only capable of 720x486 or 720x576 resolution (CCIR-601). HDTV can be as high as 1920x[1080i|720p]. Roku doesn't support 1080p-- too bad.
if you have an earlier version of QuickTime installed on your PC, it will be replaced with QuickTime 6.4.
Well, I guess I'll stick with ephPod then. I use Cinestream for Windows, which after Radius changed their name to Digital Origin, sold EditDV to Media 100 who renamed it then sold it to Discreet (division of Autodesk) who promptly abandoned it. It works great for me, but I can never upgrade past Quicktime 5.
I found the Matrix Revolutions trailer in divx, so that was OK, but this is icky. 1 Red hat & 1 XP partition are enough to keep track of. Two XP partitions will be maximally grody.
Thanks!
BitTorrent always sounded like a good idea, but I've never tried it until today. While waiting for the Apple/Akamai download, I downloaded & installed the client and got iTunes.
if you hit cancel on the EULA it automatically ejects the CD
.exe runs when you put in the CD. It installs the DLL right away. While the EULA agreement dialog is visible you can switch to other programs. The CD is still in the drive and the DLL is active. That's how he produced a sample of garbled (by the DLL) music without agreeing to the EULA. That's also how he discovered where the DLL was.
I was confused by the article on whether or not he'd accepted the EULA and how he knew about the DLL installation if he hadn't.
What he says is that the
It sounds (this part is really not clear) that once you say NO and the CD ejects, the DLL is disabled, but not uninstalled. That sound like unauthorized modifiction of a computing system to me.
It also sounds like you might be able to uninstall the DLL with the EULA dialog still up and rip the disk. This is what SunComm was complaining about in the news article breaking the suit story. They weren't bitching about him telling people to hold down the shift key, because that would have sounded INCREDIBLY stupid.
I wish they had sued him and won. I don't wish H. any harm, but judges (see the garage door opener case) have to stop figuring out ways to not enforce the DMCA so it can be repealed. I think if SunnComm had won, Princeton would have let the student stay in school though bankrupt and an act of Congress have not only overturned the DMCA, but given a grant to Princeton for MORE security research which would fund the rest of the students education. Probably a bit optimistic, but I prefer to call it hope.
and
Now the thing that SunnComm is objecting to is not the shift key bypass (which is a DMCA violation which I hope is fully prosecuted so we can see how stupid the law is), but instructions on how to remove the driver. It sounds like the driver is installed whether one accepts the EULA or not, but not left active if you don't (which is what H. seems to have done).
Here's a great defense: removing the driver is *repairing* your computer. The driver might only interfere with discs it recognizes as protected, but maybe I've suffered enough Windows driver incompatibilities and find a tip that a driver's secretly installed & how to get rid of it useful.
Does WinXP's system restore also get rid of the driver?
Why doesn't the "interoperability" defense *built in* to the DMCA ever get used?
This has probably been said a dozen times, but no-one's moderating down incorrect statements (why isn't there a -1:wrong?), so I'll reply aGAIN:
There are two logos- the basic one and one that adds "hi-speed" to that.
the whole scoop
Now here's what I don't get: The USB-IF throws up their hands at this confustion, saying:
But the logos are trademarked! Isn't it worth it to intel & other IF sponsors to reduce confusion by enforcing proper use of their logos and mebbe promoting them a bit?
How 'bout a trademark-usage license that requires manufacturers to put a link to an informational site like Microsofts "howtotell" authentic-Windows B.S.?
It's obvious that Microsoft's month for secuirty wasn't enough (after 20 years of feature creep, we only get a month for?).
I've read the TCPA specs and it's not a bad idea in a commercial & some home environments as long as you can turn it off so you can develop code or run someone elses' if you choose to (as opposed to sneak-ware like Gator). I have two computers at work & wouldn't mind if the one running email were "locked down" to keep corporate IS from losing their minds for every MSBlaster/Fizzer/MSwormoftheweek as long as they leave my "programming" box alone (where's the checkbox for USB compliance suite on their audit checklist???).
At home, it would be an advantage to have two copies of Windows installed- one that lets me play & one that I run video editing on & only runs trusted code.
By mixing DRM in, Intel, Microsoft, h-p & others are guaranteeing that
1) there will be strong opposition to the tech in the form of boycotts (see the anti-RFID flak) & cracks
2) the tech will be weakened to serve its new DRM masters by complexity not needed for simple rogue code protection
The non-standard-sized disc is an anti-copying mechanism. "Effective" in the text of the law just means it's present, not good. Through the normal course of using the player can you extract the contents of a disc or make your own?
Another question: through the normal course of using a computer, can you make a compatible disc? Ah!! But computers are general purpose devices. Or are they? (Or will they be?) This is one of the loopholes that the **AAs would like to close. If people are producing their own music and movies at home and burning CDs and DVDs (of their OWN stuff, not ripped off), then tools that deal with open media formats are something that would be used in the normal course of using a computer. If computers are reduced to web surfing and Office-running boxes that only do movies with iMovie or XP Movie Maker, spitting out proprietary WMVs & the like, open formats/tools are something only for "professionals."
If we're making standard DVDs (of our own stuff), the interoperability clause of the DMCA should let us reverse engineer this format so we can make copies of the video for the kids to watch on their player. Here we have a conflict between the increased utility vs. the ability to copy the Duff movies. In Sony v. Universal and Diamond v. RIAA, the judges liked utility. In Elcomsoft v. (Ashcroft?), they're starting to poo-poo utility.
Remove the utility argument completely by closing up the home-DVD creation process and you don't have to convince a judge anymore. My boss doesn't want to edit DV then wait for MPEG-2 compression before burning a disc (with a separate authoring app)-- he wants it to be seamless and fast. I think he'd give up freedom for speed.
-M
These CDs WERE NOT WRITTEN TO
And here is the key.
I've seen other tests where CD-Rs can't be written reliably after sitting around blank for a few years or artifically "flash aged" using elevated heat &c.
That matters to me a bit, but what's much more important is how reliable the data can be read after *being written*, then stored for years.
I use Kodak pseudo-golds (they don't make the real gold on gold ultima anymore) for anything I care about. The discs should be good, but they are also actually made by Kodak. No problems with the manufacturer changing & the brand remaining the same. No research on who's selling the best Taiyo Yudens this week needed.
Oh, shit! Good things never last. Well, the folks I bought my last batch of Kodak's from have a replacement: Mitsui Golds
I don't abuse my "archival" discs, so I don't care much about scratch-resistance, which is all some "life" discs offer. I care about bit rot.
Well, this is strange indeed. This means that Linux is *not* precisely GPL and this matters quite a bit in TiVo's case.
The GPL follows general copyright law by insisting that the creator of work A gets to have a say in how work C is used where C = A + B. GPL removes some of A's creator's rights over C if the sourcecode to C is released.
For TiVo, what's a "work?" In my opinion, it's the whole box. Most people seem to think the end-user application, the kernel and the drivers (loadable modules) are separate works, but this device is not a computer and those pieces are not "merely aggregated" in the same way that code on CD-ROM Linux distro is aggregated.
I don't care about the drivers, because Linus has made many statements about how he allows that and other developers have known about this policy long enough that they could have stopped contributing years ago.
Maybe this preamble has also always been present, but I've seen no discussion of how this is why TiVo is allowed to keep their app closed source.
Let me give another real world example from embedded systems. At my company, a guy just got the MAD mp3 library running on our digital camera prototype. We'd like to offer this to our customers (camera manufacturers who make cameras for the brands you're familiar with). If we statically link it in to our closed-source camera code, that seems a clear GPL violation.
What if we create a MacOS/Palm-like jump table for "camera OS" calls and only make our mods to an mp3 player "application" using MAD open-source?
What if the binary of this app lives in a hidden partition of internal NAND flash?
What if it can only be run from the hidden partition or if the app is signed? It seems that TiVo is doing that now.
My plan is to allow running apps from removable cards and the "published" (over USB Mass Storage class) internal NAND flash. I'm hoping our customers (the manufacturers, not the end users) will see the benefit of that over having to pay the MAD author for a proprietary license (though they'll probably still have to pay Fraunhofer).
Is simply publishing a header file for calling OS functions through the jump table transparent and for prototypes sufficient to satisfy the "arms length" requirement (see the GPL FAQ), or must we document those calls in detail.
Here's part of an interesting discussion by ham radio people on VHF and UHF antennas in an area (Santa Cruz mountains) where reception is terrible.
The conclusions I draw are:
1. crappy antennas with amplifiers can work esp. if the amp is right next to the antenna (but it does have to get power- the Fubas on VWs are too short, but amplified, but they switched from separate power to "phantom" power over the RF lead that's unreliable)
2. putting the antenna outside on a tall mast is better than indoors, but in an attic might be an OK compromise
3. directional beats omni, but you'll need a rotator, a "farm" of antennas (feasible when there are only 3 or 4 xmitter sites as in SCruz) or you need to live somewhere (the end of a long peninsula?) where all the transmitter antennas are in the same direction
4. some commercial antennas are poorly designed, but good ones (Winegard) aren't that expensive- $90 - $220.
5. there are good VHF antenna designs for the ham bands near the TV bands and software that'll calculate element lengths & performance if you put in the different frequency
6. the emphasis in antenna design seems to be in UHF these days because HDTV uses that band & the set owners are the people that need the reception & have the $$ for the antenna & installation.
---
If I didn't have satellite, I'd build a farm of stacked dipoles on the roof for VHF and buy a couple bowtie + screen antennas for UHF. Rotators are pain in the ass because the wind can blow the antenna out of alignment so all of your channel/angle settings need to be re-jiggered. They're also expensive.
coincidental circumstantial evidence, with no prior record or other connection to the crime, and you'll be eliminated from the police's enquiries in a flash,
This, for me, is one of the major problems with TIA-esque systems.
The abuses are:
1) a cop harrasses his ex-wife's new boyfriend using TIA data
2) government critics are harrassed
3) innocents are convicted using a "web" of circumstantial evidence
Maybe I watch too much Law & Order & C.S.I., but I do worry that someone with my general description and some other minor similarity: same brand of shoes or car, same point of debit card usage) along with proximity to a cell site near the crime at the time it's committed could be enough to lock me up. Means and opportunity, leaving only a thin motive to fabricate: pysch history, associates, financial issues, high school "permanent record" (corroborated with testimony from a vice principal).
They seem to be able to get bank records phone LUDs and FastPass usage without subpoaenas and use this probably cause to get search warrants.
#2 is what I see as the greatest threat to society at large, but I'm not that outspoken, so it's #3 I worry about personally.
You need perl 5.6 for that.
5.005_03 seems to be a baseline for which a lot of scripts are written (that don't want to count on the latest). It's what's installed on our Solaris box.
ObNotation: I want to make an I ching notation, using the 2 symbols (bar, broken bar) as bits, so 6 bits per hexagram. Printable ASCII is 96 characters, but if you leave out upper case, space and tab, you only have to drop 4 more symbols to fit.
qrpff would be my choice, but it uses every punctuation mark but ! and `, so it won't fit. A base64 of a bzip2 comes out a bit longer, but it's too obscure. Instead, I like just leaving the four characters after z, {|}~ untranslated.
472 characters would give us 20 & 1/2 23 character rows.
Hmmm... use a perl script to generate postscript for this?
Too bad Ryan Neaveill's font has both cases & so little punctuation.
Let's not just look like pirates, but act like them & bone up on some of the lore.
Maybe teaching people how bad the pirates really were will help counteract this hysterical retoric coming from the "content" industries' trade associations.
If anyone with a camera & the 10-pin-card-edge to USB cable is in the SF Bay Area, come visit me (Santa Cruz) & I'll hook it up to the CATC (USB analyzer).
Also, I have an embedded device (another camera of all things) that can act as a USB host, so we could do some USB mass store tweaks on it. That could be attempted with Linux, but those drivers are kind of large & hard to keep in your head at one time. Mine are small & simple, though I guess if I learned driver debugging on Linux, it would be easier than debugging over a serial line.
I'll get a few of these myself in a few days, but if someone's already got the cable hooked up, it'd be nice to save the trouble.
-M
I agree with your reason that DIVX wasn't hacked-- it would have been the next target after CSS.
/unable to bribe/blackmail Motorola & S-A employees?
Howver, you didn't comment on the lack of hacks for digital cable, the price of which just keeps going up & up. Is it beyond the reach of people unwilling
strategically tapping the interconnects between the main ASIC and the key-storage device
At this price point ($30-50 cost of goods, payback in 5 "rentals", 8% lossage?), I don't expect there will be many chips on the board. Besides the CPU/DSP, sensor and some regulators, probably external NAND flash, and maybe DRAM, but the code ROM (likely to be masked or OTP with only a bit of e2rom or flash) is likely on-chip.
I like your points about power profiling and I recall the IBM encryption device for banks that was tricked into giving up its secret key, but there are some boxes that do have strong incentive to hack that haven't been comprompised yet. Digital cable boxes (PowerKEY and DigiCipher II) is my best example: they had the advantage of trailing the satellite guys in technology (didn't repeat mistakes) and that stuff is damned well built. Also (ducking...) Divx was never hacked. It has layers on top of CSS. Remember, CSS was weak and the Xbox took a very smart and persistent guy to hack.
If they don't embed the NAND flash in the CPU/DSP, and I haven't seen anyone doing that yet, it'll be easy (for those with Metcals, microscopes & steady hands) to wire on a Smartmedia socket & use removable cards + a card reader. Much easier than figuring out how to talk to the thing when you can't snoop on a legit conversation (unless you have a friend at Ritz boost a reader).
Silly puck, until this reusable came along, all of the cameras using the chip were supported with Windows drivers (actually, they probably use Mass Store for stills & webcam mode is where you need a driver). For instance (from the release notes at SourceForge):
Currently, the following cameras are supported by this driver:
Mustek gSmart mini 2 055F C420 Working
Mustek gSmart mini 3 055F C520 Working
mini 2 system requirements: Windows 98/Me/2000/XP
mini 3 system requirements: Windows 98/Me/2000/XP
But the challenge here might not be slurping pictures out of the camera, but getting the camera to give them up at all. Might take hacking the controller instead of just the USB protocol to see what magic vendor specific specific request needs to be sent to let the mass storage class go. Snooping a Ritz printer with a CATC would work, but you have to get your hands on one.
Spec sheets for some of the chips are available here, but these are VGA and XGA chips using 8051s, not 2 megapixel.
For the SPCA504A used in the mustek 2mpix, there's a partial datasheet here. Snooping the "hidden" links at sunplus.com.cn didn't help....
So anyone even vaguely interested in photography won't give this a second look.
t -as-hyped Holga? which comes with a lens that's not only crappy, but has serious camera-to-camera variance so you have to buy a few ($15 each in lots of 2-5), find & tape up the light leaks, then shoot to find out which distortion you like the best.
It's not the tools, it's how you use them.
Ever heard of Lomo, or the even-more-respected-by-"art"-photographers-but-no
Every photographer doesn't have Greenspun's aesthetic.
Some people like cheap cameras 'cause you can shoot on any street in the world without worrying about getting ripped off. This guy has a Leica, but check out his ode to the lowly Canonet of the golden age of 35mm (1967-1988)
Do you know that Leicas from the 30s still work and are repairable, but LCDs have finite lifetime and spare parts mfg a the same time as the original cameras age the same way, so NO Nikon F5s will be operational in 50 years?
Every cheap photo lab has the idiots open these cameras, so you can be pretty sure that once you take a roll it is trivial to get the film out without a darkroom.
Grandparent post mentioned dark bag (also known as a changing bag), which I have seen sitting around at the local Walgreens & Target minilabs.
CMOS, not CCD sensor. Cheaper.
Not the CMOS sensor like the Canon D30 and D60, but a buffed version of the teensy ones in cellphones like Omnivision's and Pictos (ESS Tech)'s.