So before, the only people who probably knew how to crack these would have been the people who designed them, plus whoever else had access to the source code, plus probably a whole bunch of administrators who would have access to the data files during the election.
Now, as if that's not bad enough, in addition to all of them we have a whole team of hackers who have proven that they know SPECIFICALLY how to do it. And by the way, they hacked both the voting machines themselves AND the back-end remote machines that do the tabulating.
And those facts are all public knowledge now!
So if these machines were merely "ridiculously" insecure to begin with, now they're just split wide open like a dvda. Yay democracy. What exactly does Ms Bowen need until next Friday to fucking think about?
And please, can we quit calling them "computer security researchers"? What's wrong with hackers? When did we start on the euphemism treadmill?
Running few power plants is more efficient than running millions of small engines to generate the same amount of energy.
I doubt it, unless the power plant is nuclear or solar etc. If you're burning fossil fuels to make the electricity, which do you think is more efficient: a car which turns chemical energy directly into kinetic energy, or a car which starts by converting that same fuel first to electricty at the power plant, then transmitting it many miles, then converting it to chemical energy in the battery, then converting that back to electricity, and then using that electricity to produce kinetic energy? Don't forget to factor in the increased weight you have to lug around, and all the energy consumed in manufacturing the car itself.
I'm all for reducing pollution, but if electric cars are running off the power grid, aren't they _worse_ than gas cars?
to McDonalds. When was the last time you had a Big Mac? It may not be the most nutritious thing in the world, but at least it's TASTY. I have eaten many an XP installer CD, and I can assure you it is neither.
only last week at the body corporate meeting did we (the resident owners who bothered to turn up) manage to reach an agreement that the monopoly situation was of no benefit to the residents nor the owners.
Right! This calls for immediate discussion!
Yeah.
What?!
Immediate.
Right.
New motion?
Completely new motion, eh, that, ah-- that there be, ah, immediate action--
Ah, once the vote has been taken.
Well, obviously once the vote's been taken. You can't act another resolution till you've voted on it...
Let's take a wireless cards for example. There are many companies that know how to make wireless cards, so how does locking down the driver prevent cloning of a particular card?
It's because without knowledge of how the driver communicates with the card, the best a knock-off competitor could do is to make a functionally similar card with a driver of its own. They can NOT make a card that will work with the same drivers as the original one. (i.e. is "pin compatible").
This gives the manufacturer with existing market share a big advantage, because if a competitor comes along later and says "look, ours does the same thing!" then the OEM or embedded systems engineer (people who buy thousands of these things) will say "yes the specs are similar but it doesn't work with our supported drivers. It's not worth it to us to qualify a new driver even if we can save a few cents per unit."
However, there is a secondary concern that knowledge of the driver interface actually helps a lot for someone to learn how to implement a competing technology even if it doesn't use the same driver. It's not like the data sheets just say "the magic numbers are 0x5724 and 0x3217 etc." You actually need to reveal quite a lot about how the device works in order for someone to be able to write a driver for it.
The demand for linux drivers needs to reach the point at which a given manufacturer perceives that whatever IP they might expose by releasing Linux drivers is less of an impact than losing out on those sales. We are almost certainly at that point already, but most manufacturers don't realize it.
If you put $1 in the machine and got a $10 credit, I should think that the user would figure out that there's more going on than them just being "lucky".
I wouldn't. When I've walked through vegas casinos some of those games look pretty freagin complicated and I wouldn't think anything of it if I got $10 credits for $1, especially with all the stupid lights and bells going off all around me. I'd probably figure there was a ratio of "game dollars" to real dollars, or something like when you put a quarter in a video game and it says "1/3" credit (because the game costs 75 cents). Why not 1/4 credit for a quarter? I wouldn't think anything of it I'd just stick some money in and play the game for a bit, and consider myself lucky if I came out with more $$ than I started. Big deal.
Also consider the fact that this was, according to TFA, a foreign machine that did not recognize dollars (anyone actually believe that?). Well if that were really the case that they couldn't even get the currency right, then I'd expect a the on-screen instructions to be poorly translated at best. It might be showing the wrong currency symbol entirely. Who knows.
One thing's for sure though: if these casinos are dumb enough to start suing their customers or trying to put them in jail, it's not going to entice a whole lot of people to take a trip to vegas... look at how well that plan worked for the music industry.
The open source community creates it, and then another company sells it, with the hope of making revenue from specialized knowledge.
Why not? Isn't Red Hat getting people to use OSS who otherwise wouldn't? That seems to be an incremental effect which is not taking any opportunity away from the developer. I'm sure if the original developer wanted to be in the software support business he could easily do so.
Combining OSS + proprietary software can get complicated, but it's entirely possible to make a viable business that way and still have a positive, reciprocal relationship with the OSS community. You just need to make sure that the open source stuff actually has some value and is not a way to leech some free R&D. I.e. it should be be managed by you and hopefully mostly developed on your dime. If it is useful for your customers to be able to tweak the source, or if the software is useful by itself, then developers will work on it. However, if you're only playing lip-service to OSS, and people are really just going to run into a bunch of obstacles where they can't really edit the software because it's tied in to too many proprietary pieces, then you need to rethink your strategy.
Why would you expect that anyone posting to a stock message board did NOT have some stake in the game? I don't see how or why you would differentiate the CEO from any other stakeholder who chooses to post for his own self interest. Does the public in general use their real names?
It certainly reflects poorly on the him, but only insofar as he's just another lame schmuck posting propaganda on the message boards. Maybe I'm missing something but I wouldn't expect to find unbiased opinions there.
Looks legit to me. If you click through the photos you will see him and the iphone dust from several different angles. These shots were not parts of the video, and presumably not available elsewhere on the net.
Because then you'd have to measure also the size of the UNIX system in the count of your decoder program, and that would ruin your ratio.
You don't get it. The issue is to what degree the decoder is tuned to the data set. A unix system obviously is not. You can use it for other things. But if a large decompressing program is only useful for decompressing a particular limited type of data, then your effective compression ratio is very poor by the time you download the data and the additional data that you need to decompress ONLY that data. See the difference?
If the contest does not specify this stuff or make any constraints as to the applicability of the algorithm to arbitrary data sets, then it is really just an exercise in finding patterns in this one particular 100MB file. Not very interesting unless some general techniques are discovered as a result.
Actually, the size of the program (decompressor) binary is 99,696 bytes, and it is the binary size that is included in the prize calculation.
Wha wha wha? So why couldn't I just include a 100MB data file with my decompressor and claim an infinite compression ratio with just the following shell script: "cat datafile" Maybe I'm misunderstanding the contents of that rar file. Are both of those data files needed? The.exe by itself is 124KB. Where did you get 99,696?
Which is included in the size calculation... but this raises the question of how much data you'd really want to compress with such a program. It might be quite reasonable to use a decompressor which is, say, 100MB in size if it gives you a better net compression ratio on several GB of text.
100MB of input text seems kind of small and might rule out more useful or more creative solutions to this problem. It also calls into question the relevance of Shannon's theory - what size data set was _he_ talking about?
I've worked with some general purpose compression algorithms like zlib, lossy audio compression like mp3, and also lossless audio.
Each is very different and interesting in its own right. MP3 especially, because the compression model is built on what the ears+brain can perceive.
This algorithm I guess would be sort of like mp3 in that it contains some human-based element, maybe a language structure or something, but more like FLAC in that it might use predictors to say what word is likely to come next, with an error bitstream to point to progressively less likely words using bit sequences whose is inversely related to the probability of that word. But that's just a guess from an audio guy.
Can somebody who's looked at this post a synopsis of how it works?
I once bought a set of OrCad software for $13K, but even after several calls to tech support I could not get the parallel-port security dongles to work properly. I even got a replacement set of dongles from them and it still didn't work reliably. So I downloaded a crack for it, and then everything was fine.
When you have to download a pirated version just to use the software you've legitimately paid for because of artificial limitations like this, it doesn't exactly install a lot of goodwill in the customer. I never purchased anything from Cadence again, and don't intend to.
If enough of us refuse to buy software, music, or movies from companies that deliberately frustrate their paying customers, then they will either change their strategy or they will deservedly go out of business.
The in-kernel vs userland distinction has always struck me as quite arbitrary. So in one case you're linked at compile time and in another case you compile them separately and go through system calls. Why should that make one of them a derivative work and the other not? In either case the file system can be taken out and you still have a perfectly functional kernel that can run other file systems. Same goes for graphics drivers.
The GPL doesn't attempt to codify all the intricate details that it would take to define such a distinction in the license. It's only described as an accepted rule of thumb in the FAQ. So what's the deal? It seems like this rule is really holding back some commercial support for Linux - is the current situation what we really want, and at any rate how did we get here? Would we be better off if such a separable, non-essential feature could be linked in somehow instead of needing to be put behind extra layers of abstraction?
Just give me more fucking money. I'm there to work.
Things like health insurance, dental, retirement plans, and yes, even gym memberships are vastly cheaper when a company buys them for hundreds of employees than if you were to pay that stuff on your own - even after you subtract the half of them you don't want!
They also do it because the company will have a real problem if they don't offer say, a dental plan, and then somebody needs dental work but he can't afford it. You just end up with your employees needing paycheck advances to deal with emergencies. It is in the company's best interests to keep its employees healthy and productive, you know, so that they can still be around to employ you.
If you don't like the "benefits" of employment you're free to go off and start your own business or work as an independent contractor. Or you could get an equally effective attitude adjustment the easy way, by just getting some exercise on that free membership.
If I were Michael Dell, I would fire whomever sent the take-down notice. The outcome was quite predictable by anyone with half a brain (especially after the very recent AACS fiasco).
Did you stop to think that might be exactly what they wanted? Nothing moves units like when customers think they've beat the system or found some angle on a promo, like combining a promo with a sale price etc.
This law was put in place to criminalize hacking into someone else's system - that's what the "unauthorized" bit is about. Since securing a wifi network is a trivial matter of checking a box and entering a password, NOT doing so should be viewed as giving implicit permission to use it. Is there any reason not to put a password on it if you really don't want others using it?
On top of that, this wasn't like someone's private network. This was specifically put in place so that visitors to the coffee shop could use the internet. How does not paying for your cup of coffee make it "unauthorized"? Was there a big sign out in the driveway saying "unsecured wifi network only for customer use."
If they really only wanted customers to use it, they could have just put the WPA key on a sign at the cash register with a notice saying "for paying customers only". Then someone would actually have to go out of their way to connect to it without permission.
I bet this guy had a really bad lawyer.
Re:Apple will still need lots of luck
on
FCC Approves iPhone
·
· Score: 5, Insightful
What part of 'Apple cache'' didn't you read?
I read it and I also think you're wrong. Not everybody buys Apple products for their "cache" [sic]. Some of us buy them because they WORK BETTER, and that does not mean "has the most checkbox features".
If something is SO obvious that any moron can come up with it, it deserves no patent.
Actually it is even broader than that. A patent is considered obvious if not merely a moron, but even someone having ordinary skill in the relevant field, could have been expected to come up with the same solution.
Patents exist so investition in research and development can be reimbused.
Not quite. They exist to encourage invention, by securing the inventors exclusive right to produce his inventions. If the inventor happens to have some sunk costs then he might be better able to recover them by having a patent, but that is incidental.
If you have no expense for research and development, you deserve no patent.
So what if an idea comes by a stroke of pure genius?
Slashdot Mirror
So before, the only people who probably knew how to crack these would have been the people who designed them, plus whoever else had access to the source code, plus probably a whole bunch of administrators who would have access to the data files during the election.
Now, as if that's not bad enough, in addition to all of them we have a whole team of hackers who have proven that they know SPECIFICALLY how to do it. And by the way, they hacked both the voting machines themselves AND the back-end remote machines that do the tabulating.
And those facts are all public knowledge now!
So if these machines were merely "ridiculously" insecure to begin with, now they're just split wide open like a dvda. Yay democracy. What exactly does Ms Bowen need until next Friday to fucking think about?
And please, can we quit calling them "computer security researchers"? What's wrong with hackers? When did we start on the euphemism treadmill?
Running few power plants is more efficient than running millions of small engines to generate the same amount of energy.
I doubt it, unless the power plant is nuclear or solar etc. If you're burning fossil fuels to make the electricity, which do you think is more efficient: a car which turns chemical energy directly into kinetic energy, or a car which starts by converting that same fuel first to electricty at the power plant, then transmitting it many miles, then converting it to chemical energy in the battery, then converting that back to electricity, and then using that electricity to produce kinetic energy? Don't forget to factor in the increased weight you have to lug around, and all the energy consumed in manufacturing the car itself.
I'm all for reducing pollution, but if electric cars are running off the power grid, aren't they _worse_ than gas cars?
to McDonalds. When was the last time you had a Big Mac? It may not be the most nutritious thing in the world, but at least it's TASTY. I have eaten many an XP installer CD, and I can assure you it is neither.
I mean how the hell am I gonna overclock light?
Immerse it in lead and then run it on Xrays. Duh.
only last week at the body corporate meeting did we (the resident owners who bothered to turn up) manage to reach an agreement that the monopoly situation was of no benefit to the residents nor the owners.
Right! This calls for immediate discussion!
Yeah.
What?!
Immediate.
Right.
New motion?
Completely new motion, eh, that, ah-- that there be, ah, immediate action--
Ah, once the vote has been taken.
Well, obviously once the vote's been taken. You can't act another resolution till you've voted on it...
Am I missing something here?
Let's take a wireless cards for example. There are many companies that know how to make wireless cards, so how does locking down the driver prevent cloning of a particular card?
It's because without knowledge of how the driver communicates with the card, the best a knock-off competitor could do is to make a functionally similar card with a driver of its own. They can NOT make a card that will work with the same drivers as the original one. (i.e. is "pin compatible").
This gives the manufacturer with existing market share a big advantage, because if a competitor comes along later and says "look, ours does the same thing!" then the OEM or embedded systems engineer (people who buy thousands of these things) will say "yes the specs are similar but it doesn't work with our supported drivers. It's not worth it to us to qualify a new driver even if we can save a few cents per unit."
However, there is a secondary concern that knowledge of the driver interface actually helps a lot for someone to learn how to implement a competing technology even if it doesn't use the same driver. It's not like the data sheets just say "the magic numbers are 0x5724 and 0x3217 etc." You actually need to reveal quite a lot about how the device works in order for someone to be able to write a driver for it.
The demand for linux drivers needs to reach the point at which a given manufacturer perceives that whatever IP they might expose by releasing Linux drivers is less of an impact than losing out on those sales. We are almost certainly at that point already, but most manufacturers don't realize it.
If you put $1 in the machine and got a $10 credit, I should think that the user would figure out that there's more going on than them just being "lucky".
I wouldn't. When I've walked through vegas casinos some of those games look pretty freagin complicated and I wouldn't think anything of it if I got $10 credits for $1, especially with all the stupid lights and bells going off all around me. I'd probably figure there was a ratio of "game dollars" to real dollars, or something like when you put a quarter in a video game and it says "1/3" credit (because the game costs 75 cents). Why not 1/4 credit for a quarter? I wouldn't think anything of it I'd just stick some money in and play the game for a bit, and consider myself lucky if I came out with more $$ than I started. Big deal.
Also consider the fact that this was, according to TFA, a foreign machine that did not recognize dollars (anyone actually believe that?). Well if that were really the case that they couldn't even get the currency right, then I'd expect a the on-screen instructions to be poorly translated at best. It might be showing the wrong currency symbol entirely. Who knows.
One thing's for sure though: if these casinos are dumb enough to start suing their customers or trying to put them in jail, it's not going to entice a whole lot of people to take a trip to vegas... look at how well that plan worked for the music industry.
The case points to the dangers of electronic voting systems, which make it harder to ensure fair elections, Luke said.
How about "make it relatively trivial to rig an election".
The open source community creates it, and then another company sells it, with the hope of making revenue from specialized knowledge.
Why not? Isn't Red Hat getting people to use OSS who otherwise wouldn't? That seems to be an incremental effect which is not taking any opportunity away from the developer. I'm sure if the original developer wanted to be in the software support business he could easily do so.
Combining OSS + proprietary software can get complicated, but it's entirely possible to make a viable business that way and still have a positive, reciprocal relationship with the OSS community. You just need to make sure that the open source stuff actually has some value and is not a way to leech some free R&D. I.e. it should be be managed by you and hopefully mostly developed on your dime. If it is useful for your customers to be able to tweak the source, or if the software is useful by itself, then developers will work on it. However, if you're only playing lip-service to OSS, and people are really just going to run into a bunch of obstacles where they can't really edit the software because it's tied in to too many proprietary pieces, then you need to rethink your strategy.
right down the tubes!
Why would you expect that anyone posting to a stock message board did NOT have some stake in the game? I don't see how or why you would differentiate the CEO from any other stakeholder who chooses to post for his own self interest. Does the public in general use their real names?
It certainly reflects poorly on the him, but only insofar as he's just another lame schmuck posting propaganda on the message boards. Maybe I'm missing something but I wouldn't expect to find unbiased opinions there.
Looks legit to me. If you click through the photos you will see him and the iphone dust from several different angles. These shots were not parts of the video, and presumably not available elsewhere on the net.
Because then you'd have to measure also the size of the UNIX system in the count of your decoder program, and that would ruin your ratio.
You don't get it. The issue is to what degree the decoder is tuned to the data set. A unix system obviously is not. You can use it for other things. But if a large decompressing program is only useful for decompressing a particular limited type of data, then your effective compression ratio is very poor by the time you download the data and the additional data that you need to decompress ONLY that data. See the difference?
If the contest does not specify this stuff or make any constraints as to the applicability of the algorithm to arbitrary data sets, then it is really just an exercise in finding patterns in this one particular 100MB file. Not very interesting unless some general techniques are discovered as a result.
Actually, the size of the program (decompressor) binary is 99,696 bytes, and it is the binary size that is included in the prize calculation.
.exe by itself is 124KB. Where did you get 99,696?
Wha wha wha? So why couldn't I just include a 100MB data file with my decompressor and claim an infinite compression ratio with just the following shell script: "cat datafile"
Maybe I'm misunderstanding the contents of that rar file. Are both of those data files needed? The
Which is included in the size calculation... but this raises the question of how much data you'd really want to compress with such a program. It might be quite reasonable to use a decompressor which is, say, 100MB in size if it gives you a better net compression ratio on several GB of text.
100MB of input text seems kind of small and might rule out more useful or more creative solutions to this problem. It also calls into question the relevance of Shannon's theory - what size data set was _he_ talking about?
I've worked with some general purpose compression algorithms like zlib, lossy audio compression like mp3, and also lossless audio.
Each is very different and interesting in its own right. MP3 especially, because the compression model is built on what the ears+brain can perceive.
This algorithm I guess would be sort of like mp3 in that it contains some human-based element, maybe a language structure or something, but more like FLAC in that it might use predictors to say what word is likely to come next, with an error bitstream to point to progressively less likely words using bit sequences whose is inversely related to the probability of that word. But that's just a guess from an audio guy.
Can somebody who's looked at this post a synopsis of how it works?
In one of the life in hell books he says it rhymes with "complaining".
I once bought a set of OrCad software for $13K, but even after several calls to tech support I could not get the parallel-port security dongles to work properly. I even got a replacement set of dongles from them and it still didn't work reliably. So I downloaded a crack for it, and then everything was fine.
When you have to download a pirated version just to use the software you've legitimately paid for because of artificial limitations like this, it doesn't exactly install a lot of goodwill in the customer. I never purchased anything from Cadence again, and don't intend to.
If enough of us refuse to buy software, music, or movies from companies that deliberately frustrate their paying customers, then they will either change their strategy or they will deservedly go out of business.
The in-kernel vs userland distinction has always struck me as quite arbitrary. So in one case you're linked at compile time and in another case you compile them separately and go through system calls. Why should that make one of them a derivative work and the other not? In either case the file system can be taken out and you still have a perfectly functional kernel that can run other file systems. Same goes for graphics drivers.
The GPL doesn't attempt to codify all the intricate details that it would take to define such a distinction in the license. It's only described as an accepted rule of thumb in the FAQ. So what's the deal? It seems like this rule is really holding back some commercial support for Linux - is the current situation what we really want, and at any rate how did we get here? Would we be better off if such a separable, non-essential feature could be linked in somehow instead of needing to be put behind extra layers of abstraction?
Just give me more fucking money. I'm there to work.
Things like health insurance, dental, retirement plans, and yes, even gym memberships are vastly cheaper when a company buys them for hundreds of employees than if you were to pay that stuff on your own - even after you subtract the half of them you don't want!
They also do it because the company will have a real problem if they don't offer say, a dental plan, and then somebody needs dental work but he can't afford it. You just end up with your employees needing paycheck advances to deal with emergencies. It is in the company's best interests to keep its employees healthy and productive, you know, so that they can still be around to employ you.
If you don't like the "benefits" of employment you're free to go off and start your own business or work as an independent contractor. Or you could get an equally effective attitude adjustment the easy way, by just getting some exercise on that free membership.
If I were Michael Dell, I would fire whomever sent the take-down notice. The outcome was quite predictable by anyone with half a brain (especially after the very recent AACS fiasco).
Did you stop to think that might be exactly what they wanted? Nothing moves units like when customers think they've beat the system or found some angle on a promo, like combining a promo with a sale price etc.
This law was put in place to criminalize hacking into someone else's system - that's what the "unauthorized" bit is about. Since securing a wifi network is a trivial matter of checking a box and entering a password, NOT doing so should be viewed as giving implicit permission to use it. Is there any reason not to put a password on it if you really don't want others using it?
On top of that, this wasn't like someone's private network. This was specifically put in place so that visitors to the coffee shop could use the internet. How does not paying for your cup of coffee make it "unauthorized"? Was there a big sign out in the driveway saying "unsecured wifi network only for customer use."
If they really only wanted customers to use it, they could have just put the WPA key on a sign at the cash register with a notice saying "for paying customers only". Then someone would actually have to go out of their way to connect to it without permission.
I bet this guy had a really bad lawyer.
What part of 'Apple cache'' didn't you read?
I read it and I also think you're wrong. Not everybody buys Apple products for their "cache" [sic]. Some of us buy them because they WORK BETTER, and that does not mean "has the most checkbox features".
If something is SO obvious that any moron can come up with it, it deserves no patent.
Actually it is even broader than that. A patent is considered obvious if not merely a moron, but even someone having ordinary skill in the relevant field, could have been expected to come up with the same solution.
Patents exist so investition in research and development can be reimbused.
Not quite. They exist to encourage invention, by securing the inventors exclusive right to produce his inventions. If the inventor happens to have some sunk costs then he might be better able to recover them by having a patent, but that is incidental.
If you have no expense for research and development, you deserve no patent.
So what if an idea comes by a stroke of pure genius?