Short version: A common technology for verifying that a file you've downloaded is legitimate and untampered-with, known as MD5, isn't as secure as people thought.
Slightly longer version: MD5 is a way of generating a checksum -- a single, comparable value -- from a file. Ideally it is supposed to give you different numbers for different files, so if a web site advertises the checksum a file should have, you can compare that with one generated from the file you actually got to see whether the file you've downloaded has been modified, potentially maliciously.
The research shows that it is possible for someone to construct a drop-in replacement for the file you thought you had that generates the same MD5 checksum as the original, so anyone attempting to validate the file this way would think they had the real thing. If it turns out that you can construct a damaging replacement for a common file -- perhaps an installer for a popular application like Firefox or OpenOffice that's usually downloaded from a public server -- then this could open a loophole for viruses, worms, etc. that would slip through the security net often used by cautious people when downloading such programs.
Oh get off your damn high horse already. I'm well aware of how Windows is "supposed to work", and for that matter how to change Thunderbird's profile location the hard way, thank you.
For the hard of understanding, the relevant points here are that:
most people aren't aware of these things
even for those of us who are, it's more difficult than it needs to be
there are sensible reasons for wanting to do it, for example in the case I described where one has a back-up system for important data that doesn't easily fit into Microsoft's grand plan.
I assume the esoteric way of moving the profile that you mentioned is the one described in this Knowledge Base article. In that case, the article clearly warns that the change is completely unsupported by Microsoft, and requires registry hacks and/or non-standard tools to achieve. If that's the level of support they provide for a straightforward wish to store vital data on a robust, backed-up drive, then it's not my set-up that's broken, it's their standard. I don't blame the Mozilla team for following this standard by default; indeed, as I wrote before, following local standards by default is a commendable thing. That doesn't mean it's wrong to ask for a feature allowing the user to do something different if they want to.
People with your attitude -- it's my problem, I'm just a luser who can't use Windows properly, I shouldn't even consider asking the application developers to change it, yada yada -- are exactly the reason it's taken so long for Linux, Firefox, Thunderbird etc. to get where they are today. You are part of the problem, not part of the solution, and it would be better for everyone if you didn't comment any more unless youy actually have something constructive to contribute.
Can anyone tell me whether they've added any new mail filtering features to this release? That's the killer "missing feature" for 0.9 (which I installed a few days back) for me.
In particular, can you now apply rules based on message size (e.g., don't download messages >100K) or on attachment status (e.g., automatically move anything with an attachment to "suspected junk" if the sender isn't in my address book)?
I thought Moz used to have these (though possibly my memory is failing me) and I was disappointed to find that Thunderbird apparently doesn't, despite its otherwise simple-but-effective rules system.
FireFox follows Microsoft's standards to the letter
That is true, it's commendable that it is the default.
However, many users don't follow Microsoft's standard here, nor do they want to. I couldn't care less where Microsoft wants to store my data, and I'm never going to use roaming profiles yada yada on my home PC.
I do, however, want all of my essential data to be stored on my RAIDed, routinely backed-up hard drive. I don't want it in a Windows-standardised yet strangely still hidden directory, which lives five levels deep on my (not backed-up) OS drive.
I think a new feature request to add a straightforward and reliable way to create the data in a non-standard place (and, equally importantly, to easily move existing data to such a place if you change your mind later) would be very popular.
Do you still have to create a dummy set-up in the default place before you can do this? In previous versions, it seemed to be necessary, and then you created a new profile with the data store wherever you wanted it, but it was always counter-intuitive for users and a pain for those of us hackers who wanted to shift things around until we worked out what it was doing There must be an easier way...
Been to an airport lately? They now do patdown searches on folks... and in a few years they plan to do full-body scans of all passengers... and yet most folks, while some bitch at first, don't really fight back - instead rationalize such actions as being worth it in the name of security.
Two of my friends, both long-time students in the UK and engaged to British men but technically foreign nationals, seem to get strip-searched at airports with remarkable frequency. I'm sure the fact that they're both young girls who look like models has nothing to do with it (and the fact that other friends who have far less history with the country but don't look like models don't have the same problem).
Believe me, bitching about it doesn't help. Then you're just being "evasive", which gives them an excuse to do even more personally offensive things. Herein lieth the problem with the system: attempting to defend a right to a reasonable amount of privacy is counter-productive.
Fortunately for us, between knocking up a married woman, dubious actions regarding his government position vs. his private life, and then slagging off half the cabinet behind their backs and spending a whole day ringing around to apologise, Blunkett's days appear to be numbered in single figures. Tony Blair recently said Blunkett had "his full support", which is usually the kiss of death for a senior government figure in the UK...
The great irony for the week was the official Home Office statement that "Like anyone else, David Blunkett is entitled to the presumption of innocence." Anyone else except those being held without trial in Belmarsh prison with the Home Secretary's personal OK, perhaps.
Ah, well. Maybe he really has done nothing wrong, and the circumstantial evidence against him won't stand up to scrutiny. If the man who wants to force us all into a national ID database winds up losing his career despite being innocent, purely because The System decides he's a bad person and he has no practical recourse, I will laugh forever.
It seems fashionable to reject authority here in the US, and seems to have always been that way.
It's funny how that'll happen, if the authority is openly abused. You've got everything from a corrupt electoral system to corporate financial fraud to the copyright law fiasco that's being used as a big stick by big media to the DoJ being all chummy with a convicted monopolist, just to give a few topical examples around here that directly affect the lives of millions of american citizens (and others). Is it any wonder when the citizenry fights back?
Since we're all so fond of aphorisms around here, please allow me to contribute my current favouriate:
"History, I believe, furnishes no example of a priest-ridden people maintaining a free civil government. This marks the lowest grade of ignorance of which their civil as well as religious leaders will always avail themselves for their own purposes." -- Thomas Jefferson
Identifying who today's priests are, and the religion they follow, is left as a fairly simple exercise for the reader.
With the rest of the world turning anti-american, it seems like we should be doing more to advance our society quickly.
You could just, y'know, stop trying to tell everyone what to do all the time. If you treat your neighbours in the world with a little more respect, you might find a number of problems -- not least genuine terrorism by those from the Middle East -- start to get better.
Of course, when your own president decides not to attend what should have been a banquet dinner in his honour attended by senior representatives of 20 or so other states, because the USSS want to shove all these people through their draconian security and they refuse because they find it insulting, then someone's ego is a little bigger than it should be.
Please see, for example, RFC 1036, which has a section all about expiry of Usenet messages. It provides for including an "Expires" header, but recommends against using it except where there's an obvious expiration date (e.g., for announcements, after the thing they announce has happened), with a local default expiration date being the default if nothing is specified in the message. Claiming that "local default expiration date" means "keep it forever" is like claiming that US copyright law should be extended forever to support the big media corps.
I've been using Usenet for more than a decade, and in my experience, no NNTP-server, whether in academia or commercially run, kept messages indefinitely. Local policies on message lifetimes I've encountered have ranged from around 1-4 weeks, with 2 being pretty typical.
Since this is both what the RFC provides for and what has actually happened since forever, claiming that someone is giving implicit permission to do more by posting in the first place is a very weak argument.
My argument boils down to showing you there is no rigidly definable difference between "unspecified amount of time" and "so far it's been permanent up til now".
The thing is, every NNTP-based Usenet server I've ever used -- and that covers most of the major ISPs in the UK and some academic ones over a period of around a decade -- has a different policy to what you keep stating. Repeating that something is the case does not actually make it the case.
Oh... so is our society back to guilty until proven innocent?
No. You're fundamentally misunderstanding what that principle means, and what the situation is here.
In this case, it is clear that Google is copying someone else's copyright material. By default, that action is illegal under copyright law. It is legal to do it only if permission has been given by the copyright holder, or if an exemption included in the copyright law (such as fair use provisions in the US) applies. There is no assumption of guilt here: there is clear evidence that a copy is being made.
OK, before anyone else posts ill-informed rubbish, please go back and read the previous thread, where this argument was done to death. For those who can't be bothered, here's the executive summary:
Usenet posts are copyright of their authors, automatically and without any obligation to register in most jurisdictions. They do not become public domain, free-for-all content just because they're posted to Usenet.
The reason Usenet itself is legal is because the authors implicitly give their permission to copy the work for distribution around the system when they post.
Since Usenet posts normally expire after a few days, it is questionable whether the implicit permission covers archival usage, and if so, whether that archive is then allowed to be used for further commercial purposes.
Google has no magical rights in law, and does not gain any just because someone didn't put an x-no-archive header on their post or because someone knows that Google Groups exists. (In fact, that header isn't a standard one anyway -- hence the "x-" -- and didn't even exist when the earlier posts in Google's current archive were made.)
In the absence of explicit permission to reproduce the posts in this way, the onus is on Google to demonstrate that implicit permission has been given. If it can't, it's breaking the law.
I think we'll just have to agree to disagree on this one.
Yes, the general question of illegal activity vs. technology is a side-issue; my comment on that was a side-comment, which I stand by, but I've only followed up on it because you challenged it.
The main issue is indeed whether Google has done anything illegal here. I think that question remains unanswered, as do the points I've made that would suggest it has. You continually state that they have not, and that Usenet is intended to be an archive (by which I assume you mean a permanent record). AFAICS you have yet to provide any evidence or even subjective reasoning to back this up. The default under copyright law in most places is that you have no right to copy without permission, so you need to provide an argument that either permission has been given or one of the legal exemptions applies before you have any sort of case.
I've acknowledged that there must logically be implicit permission to propagate the posts around Usenet and store them for some amount of time. I also questioned whether that necessarily implies permission to store them permanently. Your argument that it does seems to boil down to nothing more than "I think it should" and there's not really much I need to say to refute that.
Nice bait-and-switch. You didn't start talking about the general case until this post. Before that is was the specific case of Dejanews and Google archiving usenet posts and showing them through a publilc web interface.
This whole discussion is about whether there's more than just that case! Look at my first post to this subthread, and indeed the title of this subthread, please.
And the more general attitude of the legal system towards technology that can be used to commit crime, and how it might apply here, was exactly what I was talking about when I wrote:
How far that aiding and abetting concept goes in cases like Google image search or P2P distribution is open to debate. There are clearly legitimate applications for these things as well. Still, expecting the legal system not to act when a technology is being distributed in the full knowledge that it will lead to large amounts of crime being committed is naive.
You were the one who claimed this only happened in "the imaginary world in which [I] apparently live." I simply demonstrated that it has, in fact, happened in other contexts in the real world, the point being that it might well be expected that cases like the Google technologies we are discussing would go the same way.
I'll skip your comment about Joe's cache, except to note that there have been specific test cases about whether browser caches were in fact legal in various places. This, however, I will follow up:
expecting the legal system not to act when a technology is being distributed in the full knowledge that it will lead to large amounts of crime being committed is naive.
True. When that starts happening somewhere other than the imaginary world in which you apparently live, I'll worry about it then.
I'm afraid my imaginary world is very real. Consider the most obvious example: cars. These are valuable tools but inevitably dangerous to use. What happens? We develop a whole body of specific laws governing how cars may and may not be used, some of which (e.g., registration plates) might be regarded as gross infringements of personal rights in other contexts, but are mostly accepted for motoring because so much experience tells us that they do more good than harm in that context.
Computers are going the same way, they're just a few decades behind. Things like the US' DMCA, the UK's RIP Act, etc. are just the tip of an iceberg; the industry still relies predominantly on self-regulation, and look where that's got us: spam, viruses, bogus advice sites on finance, health and law, etc.
What part of this is different in your world from the imaginary one in which I live?
Um... It's far easier to change the location of your mail folder in Outlook Express than in Thunderbird, it actually works without loads of profile hackery, and the default directory is perfectly sensible and fits in with the Windows standards for application data. But apart from that, your argument was great.:-)
Seriously, Thunderbird has many things going for it over OE, but how it stores the files on disk is not one of them.
It's true that Outlook can do much more than Thunderbird, and as someone else already pointed out, Outlook Express would be a fairer alternative to compare against.
Still, I prefer Thunderbird even to Outlook, for a simple reason: I don't need those extra features. All I want is a mail client that can:
read mail effectively (including avoiding HTML bugs, not filtering out genuine.exes, etc.)
provide a simple and effective address book
provide decent mail processing rules
back up and restore mail without losing data
without zillions of stability and security issues. I switched to Thunderbird after a system failure (caused by an official MS update, in fact) took out my MS-based mail system.
I doubt I'm the only one in the world who really doesn't care about scheduling meetings and booking rooms using Outlook. I'd rather just have a simple, effective tool that helps me do my job. Trying to schedule meetings using Outlook is far less efficient than simply e-mailing, picking up the phone or (shock!) walking around and talking to people, IME.
OK, thanks, I see the link now. However, the very fact that I couldn't spot it before despite looking for 30 seconds is probably enough to render it invalid, even without the fact that nothing says that by posting I agree to those terms...
As I post this reply to you, that text does not appear anywhere on the page, nor can I see a link to it, though there is an explicit note that comments are owned by the poster. I don't know where you found the claim you quoted -- your link isn't even to part of slashdot.org -- but AFAICS, it sure as hell doesn't apply to what I'm writing right now.:-)
But most of the posts I've seen talking about copyright are just saying "that's illegal". And I'm sorry to have to point this out, but that's exactly what the RIAA and MPAA say too. And it's not good enough coming from them, so why should it be good enough coming from a slashdotter?
It is good enough coming from them, which is why they are successfully taking action against lots of people.
The **AA certainly have their flaws, not least blatant price-fixing, effective monopoly abuse, and threatening/taking legal action without a genuine case in the hope of forcing a settlement. The fact that they can do this is testament to the inadequacy of the US legal system and DoJ, and if the latter every wake up and sue the media mafia into oblivion I will be standing at ringside and laughing.
However, the **AA have every right to sue people who really are infringing their copyright, and no-one who gets done as a result of actually breaking the law has any right to complain about it. If you don't like it, go buy the CD or DVD from a shop like everyone else.
If it's illegal, then show me the court case to prove it.
Erm... You do know that there's a difference between statute law and case law, right? Or even that statute law exists?
BTW, the current case against Google, as mentioned on Slashdot the other day, is a completely different situation.
If you put something up in public where anyone can access it and you INTEND for them to access it, that is implicit permission to have people propigate it.
Not without limits, it's not. Consider your own example of an open web site. If I post an article on my site, do you think it is OK for Joe Rip-Off to copy it verbatim onto his own site without permission, just because he attributes the original to me?
The thing you've been missing in nearly every one of the replies you just gave me is where the burden of proof lies. If Google is going to claim it's legal to copy your stuff without explicit permission because you gave permission implicitly, then they have to demonstrate why the permission was implicit. If they can't, they lose. You don't have to demonstrate anything; you win by default.
In the case where someone reposts a private work to a public forum (like the current pending case against google with the porn site), then the one who broke the law is the one who moved it from the private world to the public world, not the one who automatically propigated what was made public.
Again, see Slashdot passim. Standard refutations for this one include selling stolen property, aiding and abetting, etc. While the main perpetrator may be the one committing the more serioue offence, you certainly can be forced to give back stolen goods without compensation in most places (even if you bought them in good faith), and knowingly assisting others to commit a crime is a big no-no.
How far that aiding and abetting concept goes in cases like Google image search or P2P distribution is open to debate. There are clearly legitimate applications for these things as well. Still, expecting the legal system not to act when a technology is being distributed in the full knowledge that it will lead to large amounts of crime being committed is naive.
Tell you what: you report back once any case has set a precedent that says you're safe, then I'll believe you (in that jurisdiction). Until then, your only options are "lose" and "no change".
That's the best argument in their favour, but if it wasn't widely known and supported when the post was made (and it still isn't now, so it certainly wasn't then) that rather dimishes its strength, no? Also the fact that most people don't use Usenet that way (except those who post via Google as well, perhaps) must count against it.
What happened to the unofficial motto of slashdot: "information wants to be free"?
It was a cheap excuse then, and it's a cheap excuse now, and in neither case does it over-rule the law.
And in answer to your other points: I'm not expecting them to pay me for the post, but if they're going to host my copyright material, I expect them to do so in a way that is in the spirit in which I originally gave the post. That doesn't mean hidden in some archive where someone has to search through pages and pages of Google-profit-making advertising just to read it. Nothing about posting to Usenet gave my permission for them to republish my material in that way.
Short version: A common technology for verifying that a file you've downloaded is legitimate and untampered-with, known as MD5, isn't as secure as people thought.
Slightly longer version: MD5 is a way of generating a checksum -- a single, comparable value -- from a file. Ideally it is supposed to give you different numbers for different files, so if a web site advertises the checksum a file should have, you can compare that with one generated from the file you actually got to see whether the file you've downloaded has been modified, potentially maliciously.
The research shows that it is possible for someone to construct a drop-in replacement for the file you thought you had that generates the same MD5 checksum as the original, so anyone attempting to validate the file this way would think they had the real thing. If it turns out that you can construct a damaging replacement for a common file -- perhaps an installer for a popular application like Firefox or OpenOffice that's usually downloaded from a public server -- then this could open a loophole for viruses, worms, etc. that would slip through the security net often used by cautious people when downloading such programs.
Please go back and read my original post again, particularly the part that says "RAID". :-)
Oh get off your damn high horse already. I'm well aware of how Windows is "supposed to work", and for that matter how to change Thunderbird's profile location the hard way, thank you.
For the hard of understanding, the relevant points here are that:
I assume the esoteric way of moving the profile that you mentioned is the one described in this Knowledge Base article. In that case, the article clearly warns that the change is completely unsupported by Microsoft, and requires registry hacks and/or non-standard tools to achieve. If that's the level of support they provide for a straightforward wish to store vital data on a robust, backed-up drive, then it's not my set-up that's broken, it's their standard. I don't blame the Mozilla team for following this standard by default; indeed, as I wrote before, following local standards by default is a commendable thing. That doesn't mean it's wrong to ask for a feature allowing the user to do something different if they want to.
People with your attitude -- it's my problem, I'm just a luser who can't use Windows properly, I shouldn't even consider asking the application developers to change it, yada yada -- are exactly the reason it's taken so long for Linux, Firefox, Thunderbird etc. to get where they are today. You are part of the problem, not part of the solution, and it would be better for everyone if you didn't comment any more unless youy actually have something constructive to contribute.
Can anyone tell me whether they've added any new mail filtering features to this release? That's the killer "missing feature" for 0.9 (which I installed a few days back) for me.
In particular, can you now apply rules based on message size (e.g., don't download messages >100K) or on attachment status (e.g., automatically move anything with an attachment to "suspected junk" if the sender isn't in my address book)?
I thought Moz used to have these (though possibly my memory is failing me) and I was disappointed to find that Thunderbird apparently doesn't, despite its otherwise simple-but-effective rules system.
That is true, it's commendable that it is the default.
However, many users don't follow Microsoft's standard here, nor do they want to. I couldn't care less where Microsoft wants to store my data, and I'm never going to use roaming profiles yada yada on my home PC.
I do, however, want all of my essential data to be stored on my RAIDed, routinely backed-up hard drive. I don't want it in a Windows-standardised yet strangely still hidden directory, which lives five levels deep on my (not backed-up) OS drive.
I think a new feature request to add a straightforward and reliable way to create the data in a non-standard place (and, equally importantly, to easily move existing data to such a place if you change your mind later) would be very popular.
Do you still have to create a dummy set-up in the default place before you can do this? In previous versions, it seemed to be necessary, and then you created a new profile with the data store wherever you wanted it, but it was always counter-intuitive for users and a pain for those of us hackers who wanted to shift things around until we worked out what it was doing There must be an easier way...
Two of my friends, both long-time students in the UK and engaged to British men but technically foreign nationals, seem to get strip-searched at airports with remarkable frequency. I'm sure the fact that they're both young girls who look like models has nothing to do with it (and the fact that other friends who have far less history with the country but don't look like models don't have the same problem).
Believe me, bitching about it doesn't help. Then you're just being "evasive", which gives them an excuse to do even more personally offensive things. Herein lieth the problem with the system: attempting to defend a right to a reasonable amount of privacy is counter-productive.
Fortunately for us, between knocking up a married woman, dubious actions regarding his government position vs. his private life, and then slagging off half the cabinet behind their backs and spending a whole day ringing around to apologise, Blunkett's days appear to be numbered in single figures. Tony Blair recently said Blunkett had "his full support", which is usually the kiss of death for a senior government figure in the UK...
The great irony for the week was the official Home Office statement that "Like anyone else, David Blunkett is entitled to the presumption of innocence." Anyone else except those being held without trial in Belmarsh prison with the Home Secretary's personal OK, perhaps.
Ah, well. Maybe he really has done nothing wrong, and the circumstantial evidence against him won't stand up to scrutiny. If the man who wants to force us all into a national ID database winds up losing his career despite being innocent, purely because The System decides he's a bad person and he has no practical recourse, I will laugh forever.
It's funny how that'll happen, if the authority is openly abused. You've got everything from a corrupt electoral system to corporate financial fraud to the copyright law fiasco that's being used as a big stick by big media to the DoJ being all chummy with a convicted monopolist, just to give a few topical examples around here that directly affect the lives of millions of american citizens (and others). Is it any wonder when the citizenry fights back?
Since we're all so fond of aphorisms around here, please allow me to contribute my current favouriate:
Identifying who today's priests are, and the religion they follow, is left as a fairly simple exercise for the reader.
You could just, y'know, stop trying to tell everyone what to do all the time. If you treat your neighbours in the world with a little more respect, you might find a number of problems -- not least genuine terrorism by those from the Middle East -- start to get better.
Of course, when your own president decides not to attend what should have been a banquet dinner in his honour attended by senior representatives of 20 or so other states, because the USSS want to shove all these people through their draconian security and they refuse because they find it insulting, then someone's ego is a little bigger than it should be.
One of us is spreading FUD. It's not me.
Please see, for example, RFC 1036, which has a section all about expiry of Usenet messages. It provides for including an "Expires" header, but recommends against using it except where there's an obvious expiration date (e.g., for announcements, after the thing they announce has happened), with a local default expiration date being the default if nothing is specified in the message. Claiming that "local default expiration date" means "keep it forever" is like claiming that US copyright law should be extended forever to support the big media corps.
I've been using Usenet for more than a decade, and in my experience, no NNTP-server, whether in academia or commercially run, kept messages indefinitely. Local policies on message lifetimes I've encountered have ranged from around 1-4 weeks, with 2 being pretty typical.
Since this is both what the RFC provides for and what has actually happened since forever, claiming that someone is giving implicit permission to do more by posting in the first place is a very weak argument.
The thing is, every NNTP-based Usenet server I've ever used -- and that covers most of the major ISPs in the UK and some academic ones over a period of around a decade -- has a different policy to what you keep stating. Repeating that something is the case does not actually make it the case.
No. You're fundamentally misunderstanding what that principle means, and what the situation is here.
In this case, it is clear that Google is copying someone else's copyright material. By default, that action is illegal under copyright law. It is legal to do it only if permission has been given by the copyright holder, or if an exemption included in the copyright law (such as fair use provisions in the US) applies. There is no assumption of guilt here: there is clear evidence that a copy is being made.
OK, before anyone else posts ill-informed rubbish, please go back and read the previous thread, where this argument was done to death. For those who can't be bothered, here's the executive summary:
I think we'll just have to agree to disagree on this one.
Yes, the general question of illegal activity vs. technology is a side-issue; my comment on that was a side-comment, which I stand by, but I've only followed up on it because you challenged it.
The main issue is indeed whether Google has done anything illegal here. I think that question remains unanswered, as do the points I've made that would suggest it has. You continually state that they have not, and that Usenet is intended to be an archive (by which I assume you mean a permanent record). AFAICS you have yet to provide any evidence or even subjective reasoning to back this up. The default under copyright law in most places is that you have no right to copy without permission, so you need to provide an argument that either permission has been given or one of the legal exemptions applies before you have any sort of case.
I've acknowledged that there must logically be implicit permission to propagate the posts around Usenet and store them for some amount of time. I also questioned whether that necessarily implies permission to store them permanently. Your argument that it does seems to boil down to nothing more than "I think it should" and there's not really much I need to say to refute that.
This whole discussion is about whether there's more than just that case! Look at my first post to this subthread, and indeed the title of this subthread, please.
And the more general attitude of the legal system towards technology that can be used to commit crime, and how it might apply here, was exactly what I was talking about when I wrote:
You were the one who claimed this only happened in "the imaginary world in which [I] apparently live." I simply demonstrated that it has, in fact, happened in other contexts in the real world, the point being that it might well be expected that cases like the Google technologies we are discussing would go the same way.
I'll skip your comment about Joe's cache, except to note that there have been specific test cases about whether browser caches were in fact legal in various places. This, however, I will follow up:
I'm afraid my imaginary world is very real. Consider the most obvious example: cars. These are valuable tools but inevitably dangerous to use. What happens? We develop a whole body of specific laws governing how cars may and may not be used, some of which (e.g., registration plates) might be regarded as gross infringements of personal rights in other contexts, but are mostly accepted for motoring because so much experience tells us that they do more good than harm in that context.
Computers are going the same way, they're just a few decades behind. Things like the US' DMCA, the UK's RIP Act, etc. are just the tip of an iceberg; the industry still relies predominantly on self-regulation, and look where that's got us: spam, viruses, bogus advice sites on finance, health and law, etc.
What part of this is different in your world from the imaginary one in which I live?
Um... It's far easier to change the location of your mail folder in Outlook Express than in Thunderbird, it actually works without loads of profile hackery, and the default directory is perfectly sensible and fits in with the Windows standards for application data. But apart from that, your argument was great. :-)
Seriously, Thunderbird has many things going for it over OE, but how it stores the files on disk is not one of them.
It's true that Outlook can do much more than Thunderbird, and as someone else already pointed out, Outlook Express would be a fairer alternative to compare against.
Still, I prefer Thunderbird even to Outlook, for a simple reason: I don't need those extra features. All I want is a mail client that can:
- read mail effectively (including avoiding HTML bugs, not filtering out genuine
.exes, etc.)
- provide a simple and effective address book
- provide decent mail processing rules
- back up and restore mail without losing data
without zillions of stability and security issues. I switched to Thunderbird after a system failure (caused by an official MS update, in fact) took out my MS-based mail system.I doubt I'm the only one in the world who really doesn't care about scheduling meetings and booking rooms using Outlook. I'd rather just have a simple, effective tool that helps me do my job. Trying to schedule meetings using Outlook is far less efficient than simply e-mailing, picking up the phone or (shock!) walking around and talking to people, IME.
OK, thanks, I see the link now. However, the very fact that I couldn't spot it before despite looking for 30 seconds is probably enough to render it invalid, even without the fact that nothing says that by posting I agree to those terms...
As I post this reply to you, that text does not appear anywhere on the page, nor can I see a link to it, though there is an explicit note that comments are owned by the poster. I don't know where you found the claim you quoted -- your link isn't even to part of slashdot.org -- but AFAICS, it sure as hell doesn't apply to what I'm writing right now. :-)
It is good enough coming from them, which is why they are successfully taking action against lots of people.
The **AA certainly have their flaws, not least blatant price-fixing, effective monopoly abuse, and threatening/taking legal action without a genuine case in the hope of forcing a settlement. The fact that they can do this is testament to the inadequacy of the US legal system and DoJ, and if the latter every wake up and sue the media mafia into oblivion I will be standing at ringside and laughing.
However, the **AA have every right to sue people who really are infringing their copyright, and no-one who gets done as a result of actually breaking the law has any right to complain about it. If you don't like it, go buy the CD or DVD from a shop like everyone else.
Erm... You do know that there's a difference between statute law and case law, right? Or even that statute law exists?
BTW, the current case against Google, as mentioned on Slashdot the other day, is a completely different situation.
Not without limits, it's not. Consider your own example of an open web site. If I post an article on my site, do you think it is OK for Joe Rip-Off to copy it verbatim onto his own site without permission, just because he attributes the original to me?
The thing you've been missing in nearly every one of the replies you just gave me is where the burden of proof lies. If Google is going to claim it's legal to copy your stuff without explicit permission because you gave permission implicitly, then they have to demonstrate why the permission was implicit. If they can't, they lose. You don't have to demonstrate anything; you win by default.
Again, see Slashdot passim. Standard refutations for this one include selling stolen property, aiding and abetting, etc. While the main perpetrator may be the one committing the more serioue offence, you certainly can be forced to give back stolen goods without compensation in most places (even if you bought them in good faith), and knowingly assisting others to commit a crime is a big no-no.
How far that aiding and abetting concept goes in cases like Google image search or P2P distribution is open to debate. There are clearly legitimate applications for these things as well. Still, expecting the legal system not to act when a technology is being distributed in the full knowledge that it will lead to large amounts of crime being committed is naive.
Tell you what: you report back once any case has set a precedent that says you're safe, then I'll believe you (in that jurisdiction). Until then, your only options are "lose" and "no change".
That's the best argument in their favour, but if it wasn't widely known and supported when the post was made (and it still isn't now, so it certainly wasn't then) that rather dimishes its strength, no? Also the fact that most people don't use Usenet that way (except those who post via Google as well, perhaps) must count against it.
It was a cheap excuse then, and it's a cheap excuse now, and in neither case does it over-rule the law.
And in answer to your other points: I'm not expecting them to pay me for the post, but if they're going to host my copyright material, I expect them to do so in a way that is in the spirit in which I originally gave the post. That doesn't mean hidden in some archive where someone has to search through pages and pages of Google-profit-making advertising just to read it. Nothing about posting to Usenet gave my permission for them to republish my material in that way.