Or, to put it another way, which would you rather have:
1) A computer with a fast single CPU core and a fast single GPU core.
2) A computer with two fast cores that can each perform either CPU or GPU tasks equally well.
In this case, 2 is a slam dunk. Let's try it another way, which would you rather have:
1) A computer with a fast single CPU core and also a cryptographic accelerator.
2) A computer with two fast CPU cores, each of which has a cryptographic accelerator.
Hmm, I still like 2 better.
Put every feature you can into the core and give me as many of them as you can. Make them all the same, so scheduling is simple. Sounds like a winning formula.
That should cover us for the next 20 years. Then we may hit walls in synchronization and memory efficiency.
Bluntly, it doesn't sound like you have any idea what you're talking about, as nothing about what you said makes any sense at all. Why not stick to talking about thinks you understand? I'll just pick one example, but there are dozens:
"But you're still left with the issue that the application may not be written to be thread safe - so now, your kernel does something (even if that is thread safe!) on a different core whilst the program continues on the original core and it has an adverse affect on the application since it happens faster than the application needs it to. (Been there - done that. Big problem and hard to find and resolve.)"
A single core that was faster would have the same problem. If the application breaks if things happen "too fast", it *needs* to run slow. There's no hope of speeding it up without fixing it anyway. What does that have to do with multiple cores? Nothing.
Okay, one more:
"If the app was only designed for a single processor, then there will be all kinds of timing issues that will arise including but not limited to race conditions."
This makes absolutely *NO* sense. I defy you to present a single case of an application designed for a single processor that runs into problems when the kernel does work on another processor.
And, this claim:
"Now OS's mitigate a lot of these issues by leaving things mostly the same - programs typically operate on a single core just like they would have if there only existed a single core and single processor in the system - changing that would break a lot of applications, which OS kernel vendors have no desire to do - especially Microsoft."
I cannot believe that you have any idea what you're talking about. When you say "changing that", what are you talking about? What is it that OS kernel vendors aren't changing? They've made just about every possible change to support SMP and multicore that they could think of. If there's some change they have no desire to do, please tell us what it is.
"Each would also have the ability to produce its own at least 64-bit random identification number that could not be changed." Unless quantum computing has made some jumps I'm unaware of, no it can't. Since we're assuming malfeasance from the start of the manufacturing of the chip, I can see no possible way for this to be true. The factory can adjust the process. They will control the vertical, the horizontal, and the clock. A single activation for this 'lock' will apply to each key. The means by which this ID is stored is also not clear. If its burned into by the chip itself on generation/activation, the same code can be burned into the chip by the process by which the chip is manufactured. If its encrypted and stored, it is subject to the same man-in-the-middle problems as any DRM type encryption. Assuming these are "inside jobs", the chip manufacturer would even have tens or even hundreds of thousands of examples of this lock-key pairing on which to base a crack.
Even if they could produce thousands of chips that all require the same activation, that wouldn't help them since they wouldn't ever get a single activation.
Finally, if the blueprint can be "stolen" (although its probably not stolen but improperly used by overseas manufacturers in most cases), why can't the encryption algorithm? Even if this technique would work, a single employee willing to sell the secret for 6 or even 7 figures, a single back door in the system, or any of a dozen other ways could make the entire process useless.
Because the blueprints must be given to every fab that's going to make the chip. On the other hand, the keys needed to unlock the chips need never be given to anyone. They can be locked into one or more physical smartcards and never, ever seen by human eyes.
You miss the huge difference between this and DRM. DRM requires the unlocking to be done in the presence of and under the control of the attacker. This does not.
The reason DRM will never be fundamentally secure is because you are trying to lock out and let in the exact same group of people. With this, that is not the case.
The point of this mechanism is to make it as difficult as possible to "find the few transistors that do this" and further to make the chip inoperative if you "take them out". The result will not be "pre-unlocked chips" but useless chips.
Thankfully, I think I understand what you are stating here. Can you clarify why a mounted die would not be able to be examined, modified, or reverse engineered? Are there no ways for people to examine a die post-process/post mounting? I am assuming you mean when the die is attached to the chip, right?
There are a variety of ways to make is extremely difficult to probe a die once it's mounted in the final chip assembly. One of the simplest is to use an epoxy coating that is bonded to the die.
Isn't having any form of random-looking information whatsoever, with or without a key in any situation how people can start to crack a cipher? I do understand that a cipher is a lot harder to crack than just mere processing power.
I suppose you can argue that any cryptographic scheme will have weaknesses of some kind. But it's a terrible logical fallacy to argue that therefore no cryptographic scheme will achieve its practical intended result. This is a scheme that will almost certainly have no practical cryptographic weaknesses primarily because the requirements are so simple. There is no opportunity to observe the unlocking processes because it need only be performed in a trusted environment.
Also, how would the fake processors be locked in the first place? If someone bought a real one with intent to duplicate fakes, how would those be locked down necessarily? Wouldn't that be all someone needs to start fabbing their own fakes, is a copy of the real?
The die would include the lock, and the lock would not be an on/off switch but a mechanism that blocks real functional elements. The idea would be to make it as difficult as possible to separate the lock from the functional elements. Thus the difficulty involved would go from "sneak a few extra chips out the back door" to "analyze the mask, make new masks, load those new masks on the machine, test/validate the processors".
The mechanism aims to make analyzing the mask sufficiently difficult that the process as a whole is not cost-effective.
Also this "unlocking", what makes you think it really can't be figured out by examining a processor after it's done?
For the same reason you can't figure out how to decrypt something by looking at the plaintext. The dies will either be mounted before they're unlocked or will be mounted and unlocked in the same process in a trusted environment. The point is to secure the dies and the fab.
How is this going to help them discern which is a fake and which is a real processor? Are they going to just seize people's computers and check them for the supposedly inactivated value?
The fake processors will not be unlocked, the real ones will be. They will only unlock those processors that are returned to them by the fabrication plant. If the fabrication plant makes any "extras", they cannot sell them because they won't be unlocked.
Why would they want to seize people's computers? A locked processor would be useless. An unlocked processor would have to be authentic (otherwise, they would not have unlocked it).
How is this supposed to stop theft/espionage, or stop the ability to make a fake processor that functions on a real motherboard?
It would stop theft because the stolen processors would not be unlocked. If you mean how would it stop theft of unlocked processors, it's not intended to. It's only intended to protect the process from the fab to the licensor.
I do not feel you have explained to me the rationale of how this is supposed to stop fake copies or theft, or brand dilution on any level? I would like an answer to this paragraph the most, and I feel you have avoided it/not provided an answer.
If the fab makes extra chips, they will not be unlocked. The fab will have no way to produce more working chips than the licensor allows. That's the whole point.
From your questions, it sounds like you think this is supposed to do something later in the manufacturing/distribution chain than it does. This is designed to secure against the case where the fab makes extra chips, violating the license on the design and masks.
None of what you said makes any sense. This is not a "phone home system". It doesn't compare to cracking systems where you have control over the system during the validation process. Validation is not "via a server".
It's this simple:
1) The processor is manufactured.
2) The fab customer receives the processors from the fab.
3) The fab customer unlocks them.
4) The fab customer pays the fab and sells/ships the processor.
There is no opportunity for anyone to observe or tamper with the unlocking process. No validation is needed prior to unlocking because the fab customer will only unlock processors he has physical custody of.
I think it can be made reliable and can be made very difficult to duplicate. This is not like DRM where you need to provide the same people access to the very information you are trying to hide from them. This is more like encryption where some people have the keys and some people don't. It's not so hard to hide the information from the people who don't have the keys.
It's much harder to open up a chip and probe it than it is to probe software.
Another important issue is the potential failure modes. Unlike DRM, this really doesn't have a failure mode that leaves consumers unable to use what they've paid for. The activation is one-time only and done before the consumer gets the product.
"Who is to say that this "activated after manufacture but before shipped to consumer" method cannot somehow be activated again? Surely we can just be forced to trust the patent holder, right? Surely we can trust the manufacturer as well right? I mean after all, we can't see anything going on so certainly it must be trustworthy."
This is pure idiocy. When you buy, say a Core 2 Duo, you have to trust Intel that the chip will in fact work. If it doesn't, or it later breaks, you can perhaps sue Intel, but basically, you're screwed. Intel has a reputation, and screwing even every single owner of a Core 2 processor today would definitely not be in their long-term best interest. But they do make mistakes, they're only human, and they deal with those mistakes when they happen.
If this mechanism breaks, it will be just like any other problem with a chip. The manufacturer will make it right and/or get sued, and learn their lesson. But as designed, it protects against a very real problem, industrial espionage and black market chips.
I guess my recollection was in error. The FSF does take a nonsensical position about this. I'll add this to the long list of nonsensical positions the FSF takes.
The clearest way to see that this is nonsense is to ask yourself this question -- without a copy of the written offer and without having directly distributed to how, how could the distributor possibly know exactly what source code to give you?
It only makes sense if they can be required to show you a copy of the written offer.
The whole point of almost all economic activity is to drive down the price of everything, so that over time everyone can have more and more. A computer as powerful as the one I'm now using would have cost millions of dollars ten years ago. The television I picked up three days ago for $1,000 would have cost over $10,000 just four years ago. Maybe more and more available for less and less is progress.
You see it as a race to the bottom. But if you look at it as a race to provide more for them same price, it's a race to the top.
This is not the FSF's position, nor is it sane. What the GPL intends, and what makes sense, is that you cannot be refused the source code simply because you aren't the person the offer was originally extended to. That is, the offer must be transferable.
The distribution could include a "coupon" for the source code, so long as the coupon is transferable. That wouldn't mean they'd have to give anyone the source code just because they asked for it.
The data is now nearly conclusive that sea ice and glacier reduction have been on a straight line trend starting from 1830 or so. There were no significant human CO2 emissions then.
This argument makes no sense. It is trying to say that IP, if it is property, should be taxed just like real property is taxed. It then argues that such a tax would have beneficial results. But this argument fails for four major reasons:
1) The analogy fails because the rationale for taxing IP is nothing like the rationale for taxing real property. (Nobody has to provide sewer service to your copyright or pay for schools for your level 70 Shaman's kids.)
2) IP is already taxed when it makes sense to tax it. For example, if you sell or license your copyright or auction off your level 70 Shaman on eBay, the profits are taxed.
3) Taxes on IP would be disastrous if actually implemented. They would have harmful effects that tremendously outweigh any potential benefits. Do you seriously think you should pay a tax every time you level up?
4) If you try to say that you can tax copyrights but not contractual virtual property like game characters, you will find that it's not difficult to implement copyrights in another scheme that acts more like game characters. For example, copyrights can be completely implement with contracts. The net effect would, at best, be to replace the taxed copyright scheme with an untaxed contract scheme that might be even more restrictive. Would you rather live in a world with copyrights or a world where you have to sign a contract to enter a movie theater or buy a CD? (That contract may not say anything about fair use, nor would it have to.)
It does become a new invention when you consider that this accomplishes something fundamentally different from what other payment schemes or other gift card schemes do. Specifically, it makes anonymous payment possible online.
The real purpose of bringing civil lawsuits against the telecoms is to get them to fully reveal what information the government asked them for, and to reveal what was given. Revealing this information publicly would be a great boon to enemies of the US and will help them adjust their operations to elude the authorities.
Huh?!
We already know what information the government asked them for and what was given. That's why the government was unable to stop these cases on national security grounds. Nothing that was sought wasn't already publically available. At least, we know as much as the telcos do. The telcos don't know what the data miners were looking for or what they found, but they know what they were searching through. We'll never know what they were looking for or what they found -- that's clearly protected for reasons of national security
The only real question is whether or not the government got a warrant.
They were not unconstitutional, they were illegal. They were prohibited by FISA. Otherwise, a reasonable argument could be made that the President has the authority to authorize the wiretaps.
At any rate, I find it surprising that we would expect more backbone out of corporations dealing with the American government than we expect out of them when dealing with, say, the Chinese government. If we tolerate Google "playing by China's rules" when all they stand to lose is their entry into the Chinese market, then why would we expect better of AT&T when they would be running afoul of their home country's government?
We don't expect better or worse, we expect them to follow the law in both cases.
If you read the paper, you'll see that intimate knowledge of the source code was necessary to discover the attack in the first place. If the source hadn't been available, it's quite likely this vulnerability would not have been discovered inside the lifetime of the code.
I'm wondering if there wasn't just something screwy about his system. I've never had a game compatibility problem with Vista and I've run dozens of new and old games. (I've had all the other problems people report with Vista, just not this one.)
Perhaps he had some squirrely hardware or a bad driver. Can others at least replicate his problems with the same games?
Obviously you're joking, but such a plan would never work. Copyright protects creative choices, and only creative choices. Your name and contact information contain no such creative choices. Further, in order to violate your copyright, someone would have to copy the thing you had copyrighted, not the same information from some other source.
Copyright exists to promote the sciences and the useful arts. And to answer your question, yes, most everyone has forgotten this, if they ever knew.
Public schools exist to keep kids out of the labor force and to homogenize the immigrants. There is no rule or principle that something's original purpose has any bearing on its present use.
Can I send 40 different versions of cease and desist letters to the US Copyright office and then sue any law firm that uses one that looks a bit too similar to one of mine?
How would that be a violation of your copyright? Creating their own letter similar to yours, having never seen yours, is *not* copying.
The company that made Space Invaders made a video of someone playing Space Invaders and copyrighted it. They then tried to sue companies that made clones of Space Invaders for infringing the copyright on the video.
Their argument was that people playing the clones was too similar to their video.
Courts responded that while they might create quite similar works, they hadn't seen the video sent to the copyright office, so it would be impossible for them to violate the copyright on it.
If nobody sees your letters, nobody can violate the copyright in them.
If two people independently create the same song, note-for-note and word-for-word, they are both entitled to copyright.
Can I get a copyright on 2+2=4? No, that would be rejected out of hand, every mathmatical process is the same, just at difference scales, including source code.
You can't get a copyright on "2+2=4" because it is a fact. Most software contains facts but is not itself a fact nor a list of facts. Software consists of a set of creative choices out of millions of possible equally-good choices, just like works of literature.
Copyright and Patent serve completely different purposes. One is not a replacement for the other and one doesn't really supplement the other either. Patents protect the discovery of new ways of doing things which are demonstrably better than previous ways. Copyright protects creative choices where a large number are equally good.
Slashdot Mirror
Or, to put it another way, which would you rather have:
1) A computer with a fast single CPU core and a fast single GPU core.
2) A computer with two fast cores that can each perform either CPU or GPU tasks equally well.
In this case, 2 is a slam dunk. Let's try it another way, which would you rather have:
1) A computer with a fast single CPU core and also a cryptographic accelerator.
2) A computer with two fast CPU cores, each of which has a cryptographic accelerator.
Hmm, I still like 2 better.
Put every feature you can into the core and give me as many of them as you can. Make them all the same, so scheduling is simple. Sounds like a winning formula.
That should cover us for the next 20 years. Then we may hit walls in synchronization and memory efficiency.
Bluntly, it doesn't sound like you have any idea what you're talking about, as nothing about what you said makes any sense at all. Why not stick to talking about thinks you understand? I'll just pick one example, but there are dozens:
"But you're still left with the issue that the application may not be written to be thread safe - so now, your kernel does something (even if that is thread safe!) on a different core whilst the program continues on the original core and it has an adverse affect on the application since it happens faster than the application needs it to. (Been there - done that. Big problem and hard to find and resolve.)"
A single core that was faster would have the same problem. If the application breaks if things happen "too fast", it *needs* to run slow. There's no hope of speeding it up without fixing it anyway. What does that have to do with multiple cores? Nothing.
Okay, one more:
"If the app was only designed for a single processor, then there will be all kinds of timing issues that will arise including but not limited to race conditions."
This makes absolutely *NO* sense. I defy you to present a single case of an application designed for a single processor that runs into problems when the kernel does work on another processor.
And, this claim:
"Now OS's mitigate a lot of these issues by leaving things mostly the same - programs typically operate on a single core just like they would have if there only existed a single core and single processor in the system - changing that would break a lot of applications, which OS kernel vendors have no desire to do - especially Microsoft."
I cannot believe that you have any idea what you're talking about. When you say "changing that", what are you talking about? What is it that OS kernel vendors aren't changing? They've made just about every possible change to support SMP and multicore that they could think of. If there's some change they have no desire to do, please tell us what it is.
Even if they could produce thousands of chips that all require the same activation, that wouldn't help them since they wouldn't ever get a single activation.
Because the blueprints must be given to every fab that's going to make the chip. On the other hand, the keys needed to unlock the chips need never be given to anyone. They can be locked into one or more physical smartcards and never, ever seen by human eyes.
You miss the huge difference between this and DRM. DRM requires the unlocking to be done in the presence of and under the control of the attacker. This does not.
The reason DRM will never be fundamentally secure is because you are trying to lock out and let in the exact same group of people. With this, that is not the case.
The point of this mechanism is to make it as difficult as possible to "find the few transistors that do this" and further to make the chip inoperative if you "take them out". The result will not be "pre-unlocked chips" but useless chips.
There are a variety of ways to make is extremely difficult to probe a die once it's mounted in the final chip assembly. One of the simplest is to use an epoxy coating that is bonded to the die.
I suppose you can argue that any cryptographic scheme will have weaknesses of some kind. But it's a terrible logical fallacy to argue that therefore no cryptographic scheme will achieve its practical intended result. This is a scheme that will almost certainly have no practical cryptographic weaknesses primarily because the requirements are so simple. There is no opportunity to observe the unlocking processes because it need only be performed in a trusted environment.
The die would include the lock, and the lock would not be an on/off switch but a mechanism that blocks real functional elements. The idea would be to make it as difficult as possible to separate the lock from the functional elements. Thus the difficulty involved would go from "sneak a few extra chips out the back door" to "analyze the mask, make new masks, load those new masks on the machine, test/validate the processors".
The mechanism aims to make analyzing the mask sufficiently difficult that the process as a whole is not cost-effective.
For the same reason you can't figure out how to decrypt something by looking at the plaintext. The dies will either be mounted before they're unlocked or will be mounted and unlocked in the same process in a trusted environment. The point is to secure the dies and the fab.
The fake processors will not be unlocked, the real ones will be. They will only unlock those processors that are returned to them by the fabrication plant. If the fabrication plant makes any "extras", they cannot sell them because they won't be unlocked.
Why would they want to seize people's computers? A locked processor would be useless. An unlocked processor would have to be authentic (otherwise, they would not have unlocked it).
It would stop theft because the stolen processors would not be unlocked. If you mean how would it stop theft of unlocked processors, it's not intended to. It's only intended to protect the process from the fab to the licensor.
If the fab makes extra chips, they will not be unlocked. The fab will have no way to produce more working chips than the licensor allows. That's the whole point.
From your questions, it sounds like you think this is supposed to do something later in the manufacturing/distribution chain than it does. This is designed to secure against the case where the fab makes extra chips, violating the license on the design and masks.
None of what you said makes any sense. This is not a "phone home system". It doesn't compare to cracking systems where you have control over the system during the validation process. Validation is not "via a server".
It's this simple:
1) The processor is manufactured.
2) The fab customer receives the processors from the fab.
3) The fab customer unlocks them.
4) The fab customer pays the fab and sells/ships the processor.
There is no opportunity for anyone to observe or tamper with the unlocking process. No validation is needed prior to unlocking because the fab customer will only unlock processors he has physical custody of.
I think it can be made reliable and can be made very difficult to duplicate. This is not like DRM where you need to provide the same people access to the very information you are trying to hide from them. This is more like encryption where some people have the keys and some people don't. It's not so hard to hide the information from the people who don't have the keys.
It's much harder to open up a chip and probe it than it is to probe software.
Another important issue is the potential failure modes. Unlike DRM, this really doesn't have a failure mode that leaves consumers unable to use what they've paid for. The activation is one-time only and done before the consumer gets the product.
"Who is to say that this "activated after manufacture but before shipped to consumer" method cannot somehow be activated again? Surely we can just be forced to trust the patent holder, right? Surely we can trust the manufacturer as well right? I mean after all, we can't see anything going on so certainly it must be trustworthy."
This is pure idiocy. When you buy, say a Core 2 Duo, you have to trust Intel that the chip will in fact work. If it doesn't, or it later breaks, you can perhaps sue Intel, but basically, you're screwed. Intel has a reputation, and screwing even every single owner of a Core 2 processor today would definitely not be in their long-term best interest. But they do make mistakes, they're only human, and they deal with those mistakes when they happen.
If this mechanism breaks, it will be just like any other problem with a chip. The manufacturer will make it right and/or get sued, and learn their lesson. But as designed, it protects against a very real problem, industrial espionage and black market chips.
I guess my recollection was in error. The FSF does take a nonsensical position about this. I'll add this to the long list of nonsensical positions the FSF takes.
The clearest way to see that this is nonsense is to ask yourself this question -- without a copy of the written offer and without having directly distributed to how, how could the distributor possibly know exactly what source code to give you?
It only makes sense if they can be required to show you a copy of the written offer.
Thanks for the correction.
The whole point of almost all economic activity is to drive down the price of everything, so that over time everyone can have more and more. A computer as powerful as the one I'm now using would have cost millions of dollars ten years ago. The television I picked up three days ago for $1,000 would have cost over $10,000 just four years ago. Maybe more and more available for less and less is progress.
You see it as a race to the bottom. But if you look at it as a race to provide more for them same price, it's a race to the top.
This is not the FSF's position, nor is it sane. What the GPL intends, and what makes sense, is that you cannot be refused the source code simply because you aren't the person the offer was originally extended to. That is, the offer must be transferable.
The distribution could include a "coupon" for the source code, so long as the coupon is transferable. That wouldn't mean they'd have to give anyone the source code just because they asked for it.
The data is now nearly conclusive that sea ice and glacier reduction have been on a straight line trend starting from 1830 or so. There were no significant human CO2 emissions then.
This argument makes no sense. It is trying to say that IP, if it is property, should be taxed just like real property is taxed. It then argues that such a tax would have beneficial results. But this argument fails for four major reasons:
1) The analogy fails because the rationale for taxing IP is nothing like the rationale for taxing real property. (Nobody has to provide sewer service to your copyright or pay for schools for your level 70 Shaman's kids.)
2) IP is already taxed when it makes sense to tax it. For example, if you sell or license your copyright or auction off your level 70 Shaman on eBay, the profits are taxed.
3) Taxes on IP would be disastrous if actually implemented. They would have harmful effects that tremendously outweigh any potential benefits. Do you seriously think you should pay a tax every time you level up?
4) If you try to say that you can tax copyrights but not contractual virtual property like game characters, you will find that it's not difficult to implement copyrights in another scheme that acts more like game characters. For example, copyrights can be completely implement with contracts. The net effect would, at best, be to replace the taxed copyright scheme with an untaxed contract scheme that might be even more restrictive. Would you rather live in a world with copyrights or a world where you have to sign a contract to enter a movie theater or buy a CD? (That contract may not say anything about fair use, nor would it have to.)
It does become a new invention when you consider that this accomplishes something fundamentally different from what other payment schemes or other gift card schemes do. Specifically, it makes anonymous payment possible online.
We already know what information the government asked them for and what was given. That's why the government was unable to stop these cases on national security grounds. Nothing that was sought wasn't already publically available. At least, we know as much as the telcos do. The telcos don't know what the data miners were looking for or what they found, but they know what they were searching through. We'll never know what they were looking for or what they found -- that's clearly protected for reasons of national security
The only real question is whether or not the government got a warrant.
They were not unconstitutional, they were illegal. They were prohibited by FISA. Otherwise, a reasonable argument could be made that the President has the authority to authorize the wiretaps.
If you read the paper, you'll see that intimate knowledge of the source code was necessary to discover the attack in the first place. If the source hadn't been available, it's quite likely this vulnerability would not have been discovered inside the lifetime of the code.
I'm wondering if there wasn't just something screwy about his system. I've never had a game compatibility problem with Vista and I've run dozens of new and old games. (I've had all the other problems people report with Vista, just not this one.)
Perhaps he had some squirrely hardware or a bad driver. Can others at least replicate his problems with the same games?
Obviously you're joking, but such a plan would never work. Copyright protects creative choices, and only creative choices. Your name and contact information contain no such creative choices. Further, in order to violate your copyright, someone would have to copy the thing you had copyrighted, not the same information from some other source.
Public schools exist to keep kids out of the labor force and to homogenize the immigrants. There is no rule or principle that something's original purpose has any bearing on its present use.
How would that be a violation of your copyright? Creating their own letter similar to yours, having never seen yours, is *not* copying.
The company that made Space Invaders made a video of someone playing Space Invaders and copyrighted it. They then tried to sue companies that made clones of Space Invaders for infringing the copyright on the video.
Their argument was that people playing the clones was too similar to their video.
Courts responded that while they might create quite similar works, they hadn't seen the video sent to the copyright office, so it would be impossible for them to violate the copyright on it.
If nobody sees your letters, nobody can violate the copyright in them.
If two people independently create the same song, note-for-note and word-for-word, they are both entitled to copyright.
You can't get a copyright on "2+2=4" because it is a fact. Most software contains facts but is not itself a fact nor a list of facts. Software consists of a set of creative choices out of millions of possible equally-good choices, just like works of literature.
Copyright and Patent serve completely different purposes. One is not a replacement for the other and one doesn't really supplement the other either. Patents protect the discovery of new ways of doing things which are demonstrably better than previous ways. Copyright protects creative choices where a large number are equally good.