100% sure, no, but 99% sure. Why, you ask? Civil cases are easier to prosecute. No need for the state (DA's or whatever) to initiate. The standard of proof required is much lower (preponderance of guilt vs. guilty beyond a reasonable doubt). Fines in criminal cases generally go to the state, fines in civil cases usually go to the plaintiff. It is much harder to put a corporation in jail (not impossible, execs have been jailed, but it is rare). Jailed people usually don't have much money to pay their fines. Basically, the potential "benefit" is much greater in a civil suit than a criminal trial. Criminal actions are reserved for cases where they do not think they can make any money but as a PR stunt to set an example.
This is a US-centric statement, but I am sure the same principles work in most other countries.
OTOH, they pulled off a great one on the DVD. At the very beginning (right after you hit play) they run this "DVD virus scanner" that is very believable for about 10 seconds. Very creative and funny.
There was some issue about the use of non-Bell phones on the system. Could someone respond with more intelligent and enlightening information regarding this?
There were BIG issues around this. I am old enough to remember when you were supposed to rent a thingie (a box full of caps) to isolate your non-bell equipment from the phone lines (but was young enough then to completely ignore that rule). You can find a lot of info on this with a google search for "carterphone". My favorite page that covers this and a lot of other phun stuff from telco history is here at Sandman's telco history site. Lots of cool pics of phones, old catalogs and shit. The background of the Carterphone decision is towards the beginning.
This was done secretly a while back by the NTSB. While studying the data they noticed something intersting. In almost all states an average of 86.7% of the driver's last words before an accident were "OH SHIT". The only exception was Tennessee where in 63.2% of the accidents the last words were "Hey Bubba, watch this";)
Sorry, couldn't resist.
Re:Not just for geeks,...it's education for everyo
on
Revolution OS
·
· Score: 1
I try to explain what open source is to these folks every time I go to a conference and address attendees but I always feel like I fall short explaining what open source actually is. These folks like most normal non geek people can't grasp that it's free and superior!
I think that is a good idea, because I am not sure you get it either. OSS is not, by definition, "free" (as in free beer), it is only, by definition, free as in speech. A developer can release the source but still charge a license fee.
Perhaps I misinterpreted your use of the word free, if so, I apologize. ESR made me post this:)
They will now steal a car and park it in a public place for 24-48 hours. If it is still there after that time,
That is good to hear. I guess we are all getting some advantage then, even if we don't have Lojack. Also good the insurance discount helps pay for it. I guess that is an indication it must work sometimes as the insurance companies would not give a discount for something that is completely useless.
I still hold that it is the worst of several good options, and with newer packet technologies coming out, combined with GPS, there are much better and cheaper options on the way. Let's just hope none of us need to find out!
What would be the technical hurdles in implementing this yourself? How would you transmit (not receive) your location? Hook up a gps receiver to a laptop with a cellular modem (isn't there a better way?)?
It would seem that a cheap car alarm that triggers a small computer with a GPS and GPRS packet modem could send the coordinates every minute after it is triggered to your computer at home/work. That would let you know where it is and has been.
And how would you implement a remote kill switch?
As you have been getting packets from your box, you know it's IP address (Mobile IP would be more reliable), so you send it a message (digitally signed or similar for security) that triggers a kill switch and a siren.
Might be a bit pricey to do yourself, but I think someone could make this for cheap and provide the server service for a small fee (if you don't want to hassle with it). All this could be MUCH cheaper than Onstar route, and more effective than Lojack (Lojack sucks).
In Amsterdam, every time they dredge the canals, they find hundreds of bicycles.
I remember a tourist guidebook (a fairly bohemian one) about Amsterdam had a funny line on this topic. In the "renting a bike" section they listed a bunch of rental shops, then "if you can't afford that, just go up to a bunch of kids on bikes and yell 'Hey, that's my bike', and there is a good chance one will drop their bike and run".;)
LoJack apparently has a better signal strength and doesn't rely on GPS, but rather on cellular triangulation. Many police departments have cars equipped with LoJack tracking systems as well. There's no subscription fee, just the purchase of the unit itself (around $600) which is covered for the life of the car. The only drawback is....
Actually, Lojack blows. I bought that line of crap and purchased Lojack. My car was stolen in broad daylight from a bank parking lot. I was only in for 15 minutes, so I know I caught it in a reasonable timeframe. I called Lojack, they said just report it to the Chicago Police and the system will be activated. Not true. It got activated 4 hours later when the record was transferred from the Chicago computer system to the Illinois computer system. By then, the car was stripped and the Lojack disabled.
What I also learned in the process is the way Lojack works. When it gets activated it starts emitting a signal. When it gets near a lojack equipped cop car, the cop gets a signal then triangulates in on it. If they do not come near a cop car with the right gear, they are free and clear. If they steal it out of your garage at 11pm and you don't discover it until 7am, you are also SOL.
If any of you are thinking of this kind of thing, look for something that is more proactive like periodically (every half hour or so) sending in your location to a computer. Or, even better, sending in the location every minute when an alarm (possibly a silent alarm) has been triggered as this kind of minimizes privacy issues. This kind of thing would allow you to track after the fact where it is (or at least where it last sent a signal from).
Hopefully with GPRS (and/or "3G") packet oriented services this will be cheap to do, and even pretty easy to DIY as you could have it just send the data back to your computer.
Bottom line, Lojack failed me, the process is full of holes well beyond the obvious ones. Also note, their "guarantee" is not for life, only the "service" is. When I tried to collect, they said I was out of warranty and the fact it was not triggered in time was the fault of the Chicago Police, not theirs. It is a typical good idea, poor execution.
Hehe. Yeah, I could think of worse problems to have, but they sure do lose a great opportunity for some great publicity.
I would think this could be a good revenue opp for/. to say to the site "hey, we are about to publish your story, for $10K we will mirror your site (or at least put your static content on our servers) for a week to take some of the load off your boxes and increase the effectiveness of this rare opportunity".
Probably not too feasible in reality, but worth a thought. They would just have to find a way to make sure this does not get in the way of objectivity.
its not like you need more than a handfull (25) of good coders to keep redhat updated
No argument there, but what about support people? Based on 630 employees, if 90% (~560) of the people are selling, 4% (25) are developing, that leaves about 40 for support, janitors, admins, shipping, etc. I thought support was their primary revenue stream?
Based on my experience, and paying $300/hr, they could barely serve. The guys I dealt with were good, but obviously horribly disorganized and way over-worked.
hehe, OK, busted, I am a cronic cynic. Wrapping back to the main topic, I think their ideas are for the most part stupid. We don't need feature bloat, just the half-dozen or so very good in many ways clients to focus on fixing their bugs, securing them, and refining their interfaces, not adding ridiculous features.
Hard to argue my friend. To be honest, I could write a list of features I don't like in Mulberry, OE, Messenger, Pine, or whatever. As I believe the author of Mutt once said (paraphrasing): "All email clients suck, some just suck less";)
I got no problem with them instituting a monthly cap, but my contract says UNLIMITED, ALWAYS ON usage. How does that jive with, you are using too much ?
If is says "terms subject to change with xx days notice" or it is for a set period of time (a year would be normal), then I guess you might be SOL at some point. If not (unlikely), party on dude.
Would you be willing to pay half your electricity bill if you had 22 hours a day of electricity?
A more fair comparison would be "would you be willing to conserve electriicity for 2 hours a day during peak in exchange for a significant discount". My answer would be yes, my guess is many others would be the same.
Actually, this exact concept is used in many places, where folks get a significant discount if they put a device on their A/C compressor that limits (not completely shuts off) it when the electric company is under stress during heat waves. It is radio controlled.
- If they charge you when you're NOT competing with other users, they pulled money from you when the difference between you having used the bandwidth and having NOT used the bandwidth made no difference to their costs and to their other customers' experiences.
I am in 100% agreement.
- If they charge you when you ARE competing, they're charging you when you're no more of a problem then any one of the other customers you're allegedly causing a problem for.
But if they charge you during peak, and not during non-peak, you are likely to adjust your ways and take some traffic (say MP3s, ISOs, etc.) off-peak. That causes efficiencies for your provider, your fellow users, the backbone, the servers you are hitting, etc.
BTW, I am NOT advocating strict metering (some per-byte charge for ANY usage), just some sort of monthly cap for usage during peak where a charge kicks in to convince heavy users to tone it down during peak. Sure, bandwidth is cheap at the micro level (spread across all users), but it is NOT cheap at the macro level (all users of a particular network combined) and peak usage is the absolute most directly related measure and where the marginal costs occur. Reduce peak significantly and costs will reduce significantly, it is a direct relationship.
Don't get me wrong, I am a heavy user myself. I download lots of crap, but I tend to do the heavy lifting off-peak, just light surfing during peak. Partly out of courtesy (to fellow users and the sites I am downloading from mostly), and partly out of self-interest as I find peak usage annoying (hard to get in to some sites, poor performance, etc.).
I agree, this, on the face of it, is a good thing. If your usage causes increased costs, you should pay more.
Though, the real cost is provisioning for peak usage. Having enough bandwidth to keep users happy at 6-12 pm (time varies in different environments, but this pretty much covers it for residential usage) is what drives the costs up as they need to engineer and provision for that load. The rest of the day it is (for the most part) "free".
What I think they should be doing is only metering during those peak periods and leaving it status quo the rest of the day. They would find users would start those ISO, Warez, etc. downloads before they go to bed, or setting up a cron job for 3am or whatever, turn off their P2P server during the billable time, etc.
I think this would solve the problem they are trying to solve and more accurately pass on costs. The phone company has been doing this forever, it only makes sense.
Any other recommendations for windows IMAP clients?
One worth looking at is Mulberry. It is a great client written primarily for IMAP (with top-notch IMAP compatability). One or two annoyances, most of which I figured out in the first 15 minutes (it is very configurable and I don't agree with many of their defaults). Worth a look. Similar to OE in many ways, but fixes the security holes, auto-HTML rendering, shows you the real email address, etc.
Could someone please explain to me how a digital copy could be "wholly inferior" to the original media?
Two issues I can think of, these commonets particularly apply to the unreleased movies:
- They were probably filmed with a camera in a theatre, possibly with a few heads of other viewers in the picture, plus some coughing and random cell-phones ringing, audience reactions, etc. So, it may be a "digital recording" but it is digital to analog to analog to digital.
- Doing a good master of a DVD is an art-form in itself. I am pretty sure these pirate films do not have 5.1 sound, anamorphic video, or any of the other things that make a good mastering really look and sound awesome. That takes access to the digital source, some really nice gear, alot of time and some very skilled engineers. This is probably not as noticeable on a $100 player and 10 year old TV, but VERY noticeable on a nice player, 5.1 sound, and digital 16:9 TV. Heck, even some commercial releases get re-released with new mastering done as the original was weak and the movie is popular. (Note: and they feel they can get diehards to buy a second copy).
This is one of the reasons they are so freaked out about DECSS, as it allows for a pure copy with all the original quality included (a bit for bit digital copy). Now don't mistake my comments as backing up the MPAA, they could greatly reduce the pirate market by dropping prices and eliminating region codes.....but this is why they freak out about it.
So, yes, I would agree, the pirate copies are almost certainly WAY inferior to a commercial DVD release of a movie. Not even comparable even.
There is a third reason: That is what the MPAA PR guys are supposed to say.;)
If I've used it for 15 years without it every being compromised
How do you know it has not been compromised? They could be holding on to it waiting for a good time to use it. They could be logging in, copying files, but not destroying anything that you would notice.
Why is it that everyone assumes they KNOW when they have been hacked. I happen to know my boss's server password and he has no idea that I know it and he does not change it. If I so desired I can read his mail at will, read my co-workers reviews, etc. I don't, but I can. what makes you so sure that you have not been compromised and someone isn't surreptitiously using it?
A while back I discovered one of our server's had been hacked (we discovered a root kit had been installed). We never figured out exactly how long it had been there. Could have been as long as a year, and who knows how much vital data could have been taken over that period while we were blissfully ignorant. Bottom line, don't be so ignorant, a good cracker is not likely to be noticed! You may very well have been watched for years.
Reading through this thread, there are lots of valid issues brought up. I would agree that this concept alone would either be just as difficult as passwords (assuming the resolution of where you clicked was tight) or just as insecure as a bad password (assuming fairly forgiving resolution).
BUT, a simple pictorial password combined with a simple alphanumberic password could be very secure as well as easy to use. Far greater than the sum of either used individually.
I used to work at a large bank which employed this kind of multi-level security. A mag card got you into offices, a mag card plus a numeric keypad got you into medium security areas (teller lines, etc.). The higher security the area, the more techniques were added (retina scan, knowing your mother's maiden name, manager's name or department name, etc.). Basically, each aspect is individually attackable (stealing the mag-card, dictionary attacks, shoulder-surfing, password sniffing, etc.), but you have to know all of them to get access. Each obstacle in the way added a large measure of unpredictability and hence security.
I could even see this being used in a "telnet" (ehem, ssh) like scenario where a traditional userid and password are the first level, then some quiz (arranging shapes or colors in a specific sequence for example) is the second level. Each would be easy to remember, combined it would be very difficult to guess both (or several).
Basically, I think there is a great amount of promise in this kind of research. Yeah, you can shoot down each method as flawed, but combine a few of the methods and you can get some very powerful and easy to use security.
In the UK, you don't get to keep it. That's why you want to be very careful when buying used cars
Hmmm, interesting. I wonder if that same premise applies to less easily traceable items (like GPL software).
I guess I should also put a caveat around my original statement. Common Law is many hundreds of years old, and is obviously overridden by modern legislated law. One would have a difficult time using that defense for easily checked items like cars, land, etc. as it is relatively easy to check if the seller has adequate title. It would surprise me though if the concept would not at least be admissable as a defense in the case of GPL code that cannot be easily verified. Who knows though, hopefully it does not come to that.
This does raise an interesting question about whether the redisseminated material can be recalled, given that all the people who used it used it legally and in good compliance with wishes of the author, as best they understood. How can those guys demand that people now start paying license fees without given them a chance to choose otherwise?
Very, very interesting point. I am also not a lawyer, but I remember an interesting point of Common Law from Bus Law class (way back in the last century) that if you obtain title to something from someone you reasonably believe to have valid title, your title is valid and the legit owner has no recourse against you. Basically if you buy a stolen item, and have no reason to believe it is stolen, it is yours to keep. This, of course, is a flakey area of law, and not something I would want to defend for buying a nice TV for $10 from some dude on the street. BUT, I think anyone accepting GPL code in this situation could probably use this to defend their right to the code in question. Heck, even the "thief" in this case did it in good faith.
Slashdot Mirror
Are you sure it wouldn't be a criminal case?
100% sure, no, but 99% sure. Why, you ask? Civil cases are easier to prosecute. No need for the state (DA's or whatever) to initiate. The standard of proof required is much lower (preponderance of guilt vs. guilty beyond a reasonable doubt). Fines in criminal cases generally go to the state, fines in civil cases usually go to the plaintiff. It is much harder to put a corporation in jail (not impossible, execs have been jailed, but it is rare). Jailed people usually don't have much money to pay their fines. Basically, the potential "benefit" is much greater in a civil suit than a criminal trial. Criminal actions are reserved for cases where they do not think they can make any money but as a PR stunt to set an example.
This is a US-centric statement, but I am sure the same principles work in most other countries.
My favorite mac movie moment was office space.
OTOH, they pulled off a great one on the DVD. At the very beginning (right after you hit play) they run this "DVD virus scanner" that is very believable for about 10 seconds. Very creative and funny.
Were you in an Apple Store? Did they get out the LSD iMac and show you a thing or two?
Was that the one with the "lickable buttons" the article referred to?
There was some issue about the use of non-Bell phones on the system. Could someone respond with more intelligent and enlightening information regarding this?
There were BIG issues around this. I am old enough to remember when you were supposed to rent a thingie (a box full of caps) to isolate your non-bell equipment from the phone lines (but was young enough then to completely ignore that rule). You can find a lot of info on this with a google search for "carterphone". My favorite page that covers this and a lot of other phun stuff from telco history is here at Sandman's telco history site. Lots of cool pics of phones, old catalogs and shit. The background of the Carterphone decision is towards the beginning.
This was done secretly a while back by the NTSB. While studying the data they noticed something intersting. In almost all states an average of 86.7% of the driver's last words before an accident were "OH SHIT". The only exception was Tennessee where in 63.2% of the accidents the last words were "Hey Bubba, watch this" ;)
Sorry, couldn't resist.
I try to explain what open source is to these folks every time I go to a conference and address attendees but I always feel like I fall short explaining what open source actually is. These folks like most normal non geek people can't grasp that it's free and superior!
:)
I think that is a good idea, because I am not sure you get it either. OSS is not, by definition, "free" (as in free beer), it is only, by definition, free as in speech. A developer can release the source but still charge a license fee.
Perhaps I misinterpreted your use of the word free, if so, I apologize. ESR made me post this
They will now steal a car and park it in a public place for 24-48 hours. If it is still there after that time,
That is good to hear. I guess we are all getting some advantage then, even if we don't have Lojack. Also good the insurance discount helps pay for it. I guess that is an indication it must work sometimes as the insurance companies would not give a discount for something that is completely useless.
I still hold that it is the worst of several good options, and with newer packet technologies coming out, combined with GPS, there are much better and cheaper options on the way. Let's just hope none of us need to find out!
What would be the technical hurdles in implementing this yourself? How would you transmit (not receive) your location? Hook up a gps receiver to a laptop with a cellular modem (isn't there a better way?)?
It would seem that a cheap car alarm that triggers a small computer with a GPS and GPRS packet modem could send the coordinates every minute after it is triggered to your computer at home/work. That would let you know where it is and has been.
And how would you implement a remote kill switch?
As you have been getting packets from your box, you know it's IP address (Mobile IP would be more reliable), so you send it a message (digitally signed or similar for security) that triggers a kill switch and a siren.
Might be a bit pricey to do yourself, but I think someone could make this for cheap and provide the server service for a small fee (if you don't want to hassle with it). All this could be MUCH cheaper than Onstar route, and more effective than Lojack (Lojack sucks).
In Amsterdam, every time they dredge the canals, they find hundreds of bicycles.
;)
I remember a tourist guidebook (a fairly bohemian one) about Amsterdam had a funny line on this topic. In the "renting a bike" section they listed a bunch of rental shops, then "if you can't afford that, just go up to a bunch of kids on bikes and yell 'Hey, that's my bike', and there is a good chance one will drop their bike and run".
LoJack apparently has a better signal strength and doesn't rely on GPS, but rather on cellular triangulation. Many police departments have cars equipped with LoJack tracking systems as well. There's no subscription fee, just the purchase of the unit itself (around $600) which is covered for the life of the car. The only drawback is ....
Actually, Lojack blows. I bought that line of crap and purchased Lojack. My car was stolen in broad daylight from a bank parking lot. I was only in for 15 minutes, so I know I caught it in a reasonable timeframe. I called Lojack, they said just report it to the Chicago Police and the system will be activated. Not true. It got activated 4 hours later when the record was transferred from the Chicago computer system to the Illinois computer system. By then, the car was stripped and the Lojack disabled.
What I also learned in the process is the way Lojack works. When it gets activated it starts emitting a signal. When it gets near a lojack equipped cop car, the cop gets a signal then triangulates in on it. If they do not come near a cop car with the right gear, they are free and clear. If they steal it out of your garage at 11pm and you don't discover it until 7am, you are also SOL.
If any of you are thinking of this kind of thing, look for something that is more proactive like periodically (every half hour or so) sending in your location to a computer. Or, even better, sending in the location every minute when an alarm (possibly a silent alarm) has been triggered as this kind of minimizes privacy issues. This kind of thing would allow you to track after the fact where it is (or at least where it last sent a signal from).
Hopefully with GPRS (and/or "3G") packet oriented services this will be cheap to do, and even pretty easy to DIY as you could have it just send the data back to your computer.
Bottom line, Lojack failed me, the process is full of holes well beyond the obvious ones. Also note, their "guarantee" is not for life, only the "service" is. When I tried to collect, they said I was out of warranty and the fact it was not triggered in time was the fault of the Chicago Police, not theirs. It is a typical good idea, poor execution.
Hehe. Yeah, I could think of worse problems to have, but they sure do lose a great opportunity for some great publicity.
/. to say to the site "hey, we are about to publish your story, for $10K we will mirror your site (or at least put your static content on our servers) for a week to take some of the load off your boxes and increase the effectiveness of this rare opportunity".
I would think this could be a good revenue opp for
Probably not too feasible in reality, but worth a thought. They would just have to find a way to make sure this does not get in the way of objectivity.
its not like you need more than a handfull (25) of good coders to keep redhat updated
No argument there, but what about support people? Based on 630 employees, if 90% (~560) of the people are selling, 4% (25) are developing, that leaves about 40 for support, janitors, admins, shipping, etc. I thought support was their primary revenue stream?
Based on my experience, and paying $300/hr, they could barely serve. The guys I dealt with were good, but obviously horribly disorganized and way over-worked.
...is the last refuge of something. Come on now.
hehe, OK, busted, I am a cronic cynic. Wrapping back to the main topic, I think their ideas are for the most part stupid. We don't need feature bloat, just the half-dozen or so very good in many ways clients to focus on fixing their bugs, securing them, and refining their interfaces, not adding ridiculous features.
Hard to argue my friend. To be honest, I could write a list of features I don't like in Mulberry, OE, Messenger, Pine, or whatever. As I believe the author of Mutt once said (paraphrasing): "All email clients suck, some just suck less" ;)
I got no problem with them instituting a monthly cap, but my contract says UNLIMITED, ALWAYS ON usage. How does that jive with, you are using too much ?
If is says "terms subject to change with xx days notice" or it is for a set period of time (a year would be normal), then I guess you might be SOL at some point. If not (unlikely), party on dude.
Would you be willing to pay half your electricity bill if you had 22 hours a day of electricity?
A more fair comparison would be "would you be willing to conserve electriicity for 2 hours a day during peak in exchange for a significant discount". My answer would be yes, my guess is many others would be the same.
Actually, this exact concept is used in many places, where folks get a significant discount if they put a device on their A/C compressor that limits (not completely shuts off) it when the electric company is under stress during heat waves. It is radio controlled.
- If they charge you when you're NOT competing with other users, they pulled money from you when the difference between you having used the bandwidth and having NOT used the bandwidth made no difference to their costs and to their other customers' experiences.
I am in 100% agreement.
- If they charge you when you ARE competing, they're charging you when you're no more of a problem then any one of the other customers you're allegedly causing a problem for.
But if they charge you during peak, and not during non-peak, you are likely to adjust your ways and take some traffic (say MP3s, ISOs, etc.) off-peak. That causes efficiencies for your provider, your fellow users, the backbone, the servers you are hitting, etc.
BTW, I am NOT advocating strict metering (some per-byte charge for ANY usage), just some sort of monthly cap for usage during peak where a charge kicks in to convince heavy users to tone it down during peak. Sure, bandwidth is cheap at the micro level (spread across all users), but it is NOT cheap at the macro level (all users of a particular network combined) and peak usage is the absolute most directly related measure and where the marginal costs occur. Reduce peak significantly and costs will reduce significantly, it is a direct relationship.
Don't get me wrong, I am a heavy user myself. I download lots of crap, but I tend to do the heavy lifting off-peak, just light surfing during peak. Partly out of courtesy (to fellow users and the sites I am downloading from mostly), and partly out of self-interest as I find peak usage annoying (hard to get in to some sites, poor performance, etc.).
I agree, this, on the face of it, is a good thing. If your usage causes increased costs, you should pay more.
Though, the real cost is provisioning for peak usage. Having enough bandwidth to keep users happy at 6-12 pm (time varies in different environments, but this pretty much covers it for residential usage) is what drives the costs up as they need to engineer and provision for that load. The rest of the day it is (for the most part) "free".
What I think they should be doing is only metering during those peak periods and leaving it status quo the rest of the day. They would find users would start those ISO, Warez, etc. downloads before they go to bed, or setting up a cron job for 3am or whatever, turn off their P2P server during the billable time, etc.
I think this would solve the problem they are trying to solve and more accurately pass on costs. The phone company has been doing this forever, it only makes sense.
Any other recommendations for windows IMAP clients?
One worth looking at is Mulberry. It is a great client written primarily for IMAP (with top-notch IMAP compatability). One or two annoyances, most of which I figured out in the first 15 minutes (it is very configurable and I don't agree with many of their defaults). Worth a look. Similar to OE in many ways, but fixes the security holes, auto-HTML rendering, shows you the real email address, etc.
but i fail to see how DECSS allows for a pure copy (bit for bit digital copy)
;)
I don't know what I was thinking.... excellent point. Ignore that part of my comment
Could someone please explain to me how a digital copy could be "wholly inferior" to the original media?
;)
Two issues I can think of, these commonets particularly apply to the unreleased movies:
- They were probably filmed with a camera in a theatre, possibly with a few heads of other viewers in the picture, plus some coughing and random cell-phones ringing, audience reactions, etc. So, it may be a "digital recording" but it is digital to analog to analog to digital.
- Doing a good master of a DVD is an art-form in itself. I am pretty sure these pirate films do not have 5.1 sound, anamorphic video, or any of the other things that make a good mastering really look and sound awesome. That takes access to the digital source, some really nice gear, alot of time and some very skilled engineers. This is probably not as noticeable on a $100 player and 10 year old TV, but VERY noticeable on a nice player, 5.1 sound, and digital 16:9 TV. Heck, even some commercial releases get re-released with new mastering done as the original was weak and the movie is popular. (Note: and they feel they can get diehards to buy a second copy).
This is one of the reasons they are so freaked out about DECSS, as it allows for a pure copy with all the original quality included (a bit for bit digital copy). Now don't mistake my comments as backing up the MPAA, they could greatly reduce the pirate market by dropping prices and eliminating region codes.....but this is why they freak out about it.
So, yes, I would agree, the pirate copies are almost certainly WAY inferior to a commercial DVD release of a movie. Not even comparable even.
There is a third reason: That is what the MPAA PR guys are supposed to say.
If I've used it for 15 years without it every being compromised
How do you know it has not been compromised? They could be holding on to it waiting for a good time to use it. They could be logging in, copying files, but not destroying anything that you would notice.
Why is it that everyone assumes they KNOW when they have been hacked. I happen to know my boss's server password and he has no idea that I know it and he does not change it. If I so desired I can read his mail at will, read my co-workers reviews, etc. I don't, but I can. what makes you so sure that you have not been compromised and someone isn't surreptitiously using it?
A while back I discovered one of our server's had been hacked (we discovered a root kit had been installed). We never figured out exactly how long it had been there. Could have been as long as a year, and who knows how much vital data could have been taken over that period while we were blissfully ignorant. Bottom line, don't be so ignorant, a good cracker is not likely to be noticed! You may very well have been watched for years.
Reading through this thread, there are lots of valid issues brought up. I would agree that this concept alone would either be just as difficult as passwords (assuming the resolution of where you clicked was tight) or just as insecure as a bad password (assuming fairly forgiving resolution).
BUT, a simple pictorial password combined with a simple alphanumberic password could be very secure as well as easy to use. Far greater than the sum of either used individually.
I used to work at a large bank which employed this kind of multi-level security. A mag card got you into offices, a mag card plus a numeric keypad got you into medium security areas (teller lines, etc.). The higher security the area, the more techniques were added (retina scan, knowing your mother's maiden name, manager's name or department name, etc.). Basically, each aspect is individually attackable (stealing the mag-card, dictionary attacks, shoulder-surfing, password sniffing, etc.), but you have to know all of them to get access. Each obstacle in the way added a large measure of unpredictability and hence security.
I could even see this being used in a "telnet" (ehem, ssh) like scenario where a traditional userid and password are the first level, then some quiz (arranging shapes or colors in a specific sequence for example) is the second level. Each would be easy to remember, combined it would be very difficult to guess both (or several).
Basically, I think there is a great amount of promise in this kind of research. Yeah, you can shoot down each method as flawed, but combine a few of the methods and you can get some very powerful and easy to use security.
In the UK, you don't get to keep it. That's why you want to be very careful when buying used cars
Hmmm, interesting. I wonder if that same premise applies to less easily traceable items (like GPL software).
I guess I should also put a caveat around my original statement. Common Law is many hundreds of years old, and is obviously overridden by modern legislated law. One would have a difficult time using that defense for easily checked items like cars, land, etc. as it is relatively easy to check if the seller has adequate title. It would surprise me though if the concept would not at least be admissable as a defense in the case of GPL code that cannot be easily verified. Who knows though, hopefully it does not come to that.
This does raise an interesting question about whether the redisseminated material can be recalled, given that all the people who used it used it legally and in good compliance with wishes of the author, as best they understood. How can those guys demand that people now start paying license fees without given them a chance to choose otherwise?
Very, very interesting point. I am also not a lawyer, but I remember an interesting point of Common Law from Bus Law class (way back in the last century) that if you obtain title to something from someone you reasonably believe to have valid title, your title is valid and the legit owner has no recourse against you. Basically if you buy a stolen item, and have no reason to believe it is stolen, it is yours to keep. This, of course, is a flakey area of law, and not something I would want to defend for buying a nice TV for $10 from some dude on the street. BUT, I think anyone accepting GPL code in this situation could probably use this to defend their right to the code in question. Heck, even the "thief" in this case did it in good faith.