True, but how is it enforced? Perhaps in the Netherlands, people can be trusted to just do it, but I'm not sure that would work here.
In fact, I'm pretty sure that in my municipality, it's technically illegal to throw out anything that's toxic into the regular trash, but there's no enforcement mechanism, and given a choice between taking that old NiCd phone battery or fluorescent light tube to the recycling center, and just putting it in the trash... well, you tell me which one people are going to do? (Hint, it's the one that's less work.) Hell, I know people who don't even recycle metals, because it's too much work to sort stuff into the bin that they're already given. Easier just to chuck it all in one bin and not think about it. And that's only two cans, one for all mixed recyclables and one for 'everything else.'
I've heard anecdotally that in Japan, there are people who basically go through trash at transfer stations, and will hunt down (based on personally identifying information in the trash) those folks who don't sort their recyclables out and reprimand/embarrass them -- short of something vaguely creepy like that (and in the U.S., social ostracism and humiliation aren't going to work as punishments), I'm not sure any consumer-sorting programs are going to work.
Without draconian enforcement, I think the sorting has to be -- or at least has to be backed up by sorting -- done at the transfer station or dump.
From a different perspective, sorting garbage based on predetermined criteria seems to be like something that, once you get over the initial investment in the system that does it, is probably better done by one giant machine that sorts the garbage for 100,000 people, than each of those 100,000 people having to take a few minutes a day to think about it. From a purely economic perspective, the opportunity cost of everyone's time probably justifies an automatic sorter, and when you factor in the recovered value from the recyclables [1] and the possible "dump mining" aspects that it creates later, I'd think it would be a good investment.
[1] The value of the metal and Type 1 plastic, anyway; the higher-number plastics don't seem to be worth recycling right now, at least based on what I've read.
Although I agree with your overall conclusion -- I think space warfare would just lead to the weaker party polluting near space with a whole truckload of hex nuts; goodbye space exploration for the next few generations -- I'm not sure if the 'no defensive options' line is really a good argument.
You could say the same thing about undersea submarine warfare. If a submarine gets hit by a torpedo, it's pretty much Game Over. They don't bother giving them a lot of armor plate for a reason: it wouldn't work and it would just make them easier targets. Instead, they try to be invisible and sneaky, and most of the tactics seem to revolve basically around killing your enemy before he knows your there and has the time and opportunity to kill you, too. (Or, launch your missiles and complete your mission before your enemy can find and kill you.)
I think that's a paradigm that could be applied to space warfare; defense-through-stealth rather than defense-through-terrain, or even through maneuver.
However, to imagine such a war, you'd have to somehow come up with magic solutions for why an enemy, as soon as they started to lose, wouldn't just (A) pollute space with debris, and (B) use their last bit of launch capability to drop nuclear weapons (or superflu, or airborne AIDS, or whatever) on enemy cities, leading to a strategic nuclear exchange. On one hand, you're talking about resource allocations to space-weapons research that are indicative of planning for a total war, but I'm not sure how you can discuss total war and not also just have it devolve into nuclear/biological annihilation.
The only problem is that they also have a very high density of thoroughly toxic materials, stuff that you really don't want disturbed if you can avoid it.
Unfortunately, I could easily see it being economically infeasible to mine garbage dumps, because the cost of environmental remediation would be worse than just leaving the resources there, entombed with all the hazardous stuff.
Really, if we had a slightly longer planning horizon than we seem to have, we'd at least be sorting our garbage before burying it, instead of piling it all together. Just pulling out all the metal and putting it in one hole, with the plastic and organics in another, or burying similar types of appliances together, would make the landfills that much more attractive to mine later on.
There's a free service called Openomy which offers 1GB of free "network drive" space.
The whole thing seems very dot-com-era-ish to me; I'm not clear on how they're going to make money off of it, and until I understand their business model I'm not going to trust them with anything valuable, but hey -- it would beat emailing myself stuff. Apparently they're going to offer "Premium Memberships" in the future which will offer extra services (this sounds a little like "3. ???", but I'll give them the benefit of the doubt).
They have an open API, and file organization is done via tags (which is either a bug or a neat feature depending on your stance on tags vs folder-hierarchies in terms of organizational paradigms). The API is similar, in some ways to Flickr's -- applications need to be authorized before they can access user data, using cryptographic keys, and it uses simple HTTP calls for the actual interaction/transfer.
Anyway, I haven't played with it much but I'm definitely pretty intrigued. I think that online file storage is definitely harder to monetize than free email (you can't offer context-sensitive ads when the user only accesses the site through an API and a frontend app, and if their files are all encrypted archives or something), but it seems like there are enough possibilities that we're going to see some serious competition in the market soon.
And there's nothing better than a bunch of cash-flush tech companies competing to give the most stuff away for free...reminds me of 1998...
Not being privy to the argument I can only speculate, but I bet that there are other tests that people would like to perform on the prototype wings, which they won't be able to do if they break them during the load test.
Same here. I can't remember when I first started using AIM, but it was pretty soon after it came out, and aside from a few Europeans who are on MSN (I don't understand the Europe/MSN connection, but it seems to be much more popular over there), and people who use GTalk while at work, everyone I talk with is still on AIM. The features or lack thereof of any other network are basically irrelevant to me, since I'm not going to switch.
The AOL client is certainly dreadful (just like the stock MSN client, or the stock Yahoo client), but that's solved easily by using Gaim/Pidgin/Adium. Once you ditch the crappy client... it's just a network. As long as it passes my packets to the people I want to talk with, that's all I care about.
You might have a preference set that gives a bonus to certain types of comments.
I don't think there's any way to start out at +3 without any moderation. Even if you have Karma Bonus and are a subscriber, you'll only start out at +2, the bonuses aren't cumulative. (And if you don't want subscribers to get a bonus you can change that in your personal preferences, too.)
Just as an example, I'm a subscriber and I also get the karma point, but when I submit this (I won't disable either, although as a general rule I normally check 'No Karma Bonus' for offtopic/meta comments) it'll just be +2 before it gets moderated.
I'm wondering if the regular sex tape scandals on the net giving the next generation innate knowledge of how difficult(impossible?) DRM is.
A while ago there was a thread on Ask Metafilter where a person basically wanted to know if this was possible -- make a sex tape with the BF, but retain the ability to revoke it later so that it wouldn't get spammed all over the internet as part of a bad breakup. Not, perhaps, the most common situation, but there are lots of situations where people would like to have the sort of magic abilities that DRM purports to offer (the ability, generally, to modify or destroy things on computers you don't actually control).
I thought it was interesting because it didn't take them very long to comprehend that what they were asking for was basically impossible.
(Now, if you wanted to make a video that could only be watched by two people, together, you could probably do something with threshold encryption, but that's an entirely different problem. It's actually cryptographically robust, while a "self-destructing file" is not.)
If they'd checked for box cutters, the terrorists wouldn't have used box cutters.
You can kill someone stone dead in a few seconds with a bath towel, you know. Or with a pair of pantyhose and a can of soda. Or god knows what else.
The point is, short of stripping everyone naked and zip-tying them into their seats, you can't keep someone from attacking the crew on a plane. You might be able to stop them from taking control of it by reinforcing the cockpit, maybe building the aircraft without an interior door, etc., and you might be able to keep them from using the plane as a flying bomb by building in a fail-safe (or a remote self-destruct), but the restrictions on pocketknives, toothpaste, nail clippers, scissors, and the like are just security theater.
(Probably the best security method would be to give everyone on the plane some type of very-close-range weapon that was easy to use, so that a possible terrorist would have as little advantage as possible over the rest of the passengers. There's an implicit assumption that the majority of passengers are not terrorists, so what you need to do is just keep the terrorists from getting the edge that makes them more powerful than 100 others, not try to disarm everyone completely.)
Simplify the architecture as far as possible. Like, 1980s architecture simple. Publish all the code publicly, so as many people as want to can comb over it. Make the 'bootstrapping' of the compiler chain a public event, open to observers. Use a hardware design that's as simple as possible, using parts that are old and widely understood. Make one single, standard reference design, and test/audit the hell out of it. Allow opposing political parties to act as observers during the election and vote-counting process. Keep an audit trail and make that public, too.
Alternately, just use pencils and learn to be slightly more patient than usual. The whole desire for electronic voting is due to a desire for immediate gratification and a pointless requirement to have the votes tallied on the same day as the election. It's stupid; voting is the most important thing in our government, if it takes a week, it takes a week. Democracy functioned without e-voting; we're just making the system more opaque than it needs to be.
The question is, what's a "performance." The RIAA, et al, want it defined as broadly as possible, so that they can collect royalties from every transfer of a copyrighted work from person to person. Prior to 1995, transferring music over the Internet wasn't necessarily a 'performance' subject to royalties. It was treated just like regular radio, where no royalties are necessary. The decision to make digital broadcasting subject to royalties, separating it from conventional broadcasting, was not accidental. (See Section 106 of the Copyright Act; they single out 'digital broadcasting' specifically, putting it in with CD sales, and not with regular broadcasting.) If you remember back to 1995, the reasons for this are obvious: the music lobby was terrified of anything digital, and was fighting it tooth and nail. This legislation was bought and paid for by the RIAA and the other record companies.
Anyway, as to your other point, streaming a few hundred channels of music really isn't that hard. You need a lot of bandwidth, sure, at least at peak times, but if you do it right it's a reasonable cost and can be carefully balanced against revenue sources. Lots of one-man websites do it every day. (It's not like you need a lot of personnel to run an internet radio channel, you essentially just need to make up the playlist -- many of them don't have live DJs or anything.) The key difference between the terrestrial broadcasting market and the Internet one is the barriers to entry -- anyone with a few thousand dollars in capital could set up an Internet 'radio' station and start attracting listeners -- do well and you can be producing many channels, each with only a few listeners (remember -- it doesn't take any more bandwidth, really, for each listener to have a different stream); starting a new terrestrial radio station costs millions, and that's if you can buy the spectrum at all (and obviously you can forget about customized radio on using traditional technology -- the spectrum is too crowded and expensive).
The effect -- in my opinion, the sole purpose -- of the Digital Performance Right in Sound Recordings Act is to make the cost of entering the Internet broadcasting market just as prohibitive as the terrestrial one.
If it's problematic for the radio station to work out deals with every owner of every song, then how does SoundExchange do it?
They were handed a big, fat monopoly by the government.
So if I set up a station and play classical music including Bach, Mozart, and a bunch of other guys who have been dead for a long time, the I still have to pay them.
Yep. And probably even more offensively (because, let's face it, Beethoven doesn't give a shit either way), if you play music by a band that's not a member of the RIAA's little club, they don't get one thin dime of SoundExchange's revenues. So, for example, let's say you set up a really cool internet radio station that plays a lot of alternative stuff. In order to keep yourself lawsuit-free, you get a SoundExchange license. Regardless of what you play, most of your license fees are going to go to the teeny-bopper, top-40 artists. (I believe SoundExchange pays out revenues based on "popularity" data that's compiled from terrestrial radio airplay statistics; so basically it takes in money from everyone and spits it back out to the ClearChannel Top 40.) Pretty slick way to keep the gravy train rolling, eh?
What's your point? If the election staff are compromised, then no voting system in the world (at least as long as you want one that's anonymous) is going to save you. An electronic system certainly isn't -- in fact it's going to make vote-tampering that much harder to detect.
Oversight and complete transparency are the only weapons against corruption.
In the beginning. Prior to 1995, you could 'perform' music in public, via digital broadcasting, without paying any royalties on it. I'm a little fuzzy on exactly what you used to have to pay royalties for (Wikipedia says there was "no performance right" for artists, but that doesn't make a lot of sense, I remember performance-rights cases prior to '95; I think it was just a digital thing), but anyway, in 1995 Congress passed a law granting rightsholders control over the digital 'performance' of their works. The upshot of this was that anyone distributing music digitally now had to pay 'performance' royalties for it.
Obviously, trying to pay royalties directly to the owner of each piece of music that you might play on a radio station would be problematic. It would require negotiating a license with each rightsholder, for each work, for every station. The paperwork and negotiations would be crippling. So a provision was made for so-called 'statutory licenses,' basically blanket licenses that you buy from an organization who takes the proceeds and divides them up among artists. (Blanket broadcast licenses like this aren't a new thing, but this extended them to digital broadcasting.) In return, you can play whatever you want, without worrying about negotiating individual contracts. The cost and rate structure of these licenses is set, theoretically, by the U.S. Copyright Office.
Enter SoundExchange. The RIAA [1] has a division/subsidiary/department-of-evil called "SoundExchange", which is designated, by the U.S. Copyright Office, as the sole supplier of "statutory licenses" for digital music. So if you wanted to run an internet radio station or other digital broadcast, and weren't going to stick to just playing independent artists who have relinquished some of their rights to public performance, you needed to go to SoundExchange and buy a license. While philosophically objectionable to many (including many artists!) because of the metrics they use to distribute the fees, SoundExchange had licensing terms that weren't horrific, including some that were based on a percentage-of-revenue (I've heard 10-13% quoted). So if you were running a small-time internet radio station, the fees wouldn't break the bank. This has been the status quo for a while now.
The Rubber Stamp. The current controversy started a while back, when SoundExchange proposed, and the Copyright Office approved, a dramatic rate hike. Among other things, the new rates eliminated the percent-of-revenue model, replacing it instead with a per-song-per-listener model, combined with a minimum per-channel fee, and a bunch of other onerous terms (including making the fees retroactive to some point in the past, which would instantly force any station without large cash reserves out of existence). The bottom line was that under the new fees, most small internet radio stations -- particularly those who have lots of channels tailored to particular musical tastes or genres -- just wouldn't be able to pay the bills. The effect as far as I can tell, would be to make Internet radio much like terrestrial broadcast radio: dominated by a few corporate-backed players (e.g., Last.fm), with a small number of channels playing basically the same thing. The new rates, if nothing happens to forestall them, go into effect around the middle of next month.
Yep, that is exactly how I have it set up here. I cringe every time I go into a new client site and see them using OPEN wireless access points as an extension of their wired LAN. At the very least encrypt it....
There's no good reason to use encryption in a corporate environment. Put all the wireless APs in the DMZ, so that they're outside the network, and leave the APs open. That way you don't have to make users screw around trying to get WEP/WPA/whatever to work, or use crummy MAC-based authentication schemes (that are a steaming pile anyway; whoever decided authentication based on MAC addresses was a good idea should be shot). Until you do that, wireless security is (in my experience anyway) harmful, because it makes the PHBs think they're on a "secure network" and shouldn't have to VPN. And once you require everyone to VPN when they use wireless, there's no point in using WEP/WPA on top of it (particularly considering that WEP is so broken as to be useless, and lots of devices don't support WPA).
The problem isn't lack of encryption, it's putting wireless APs in on the trusted side of the network at all. Avoid doing that, and treat someone connecting from an AP just like you'd treat someone connecting from Kalamazoo (meaning they have to connect via a VPN and authenticate), and you avoid most of the security vulnerabilities that plague wireless installs.
It's more like a whole group of fat chicks who only hang out with each other, and due to their lack of perspective and self-imposed isolation, think they're a lot hotter than they actually are.
(The difference from your example being that there are no 'hot chicks' here; it's all trivialities.)
Though I'm hardly one to argue with Bruce Perens, I think the (theoretical) system he's talking about is what I was alluding to in my earlier footnote. You can have an "open source" software DRM system, if you put the "black box" in hardware. The software then doesn't have anything critical in it; it just passes bits to the hardware module which actually does the trickery. However, this really isn't that great a system, it's still just a black box. It might make the system more difficult to reverse-engineer than a software implementation (to get some idea of the workings of the hardware chip you might need serious scientific equipment, not just a PC and a debugger), but it's still just obscurity.
I recall the discussions about a GPLed DRM system also, and my recollection was that it was widely criticized for being impossible to achieve without a hardware module, or binary blob. At some point, you need the black box that does the magic and hides the keys from the user. Even if you pile on layers and layers of encryption onto the key (which is basically what AACS does), somewhere you have to decrypt the content in order to let the user view it. If you have a system that's open, where the code that's being executed at any given moment can be analyzed, then you're never going to be able to avoid letting the user get their hands on the key. (Or even more easily, just letting them get their hands on the decrypted content.)
GPLed opensource product that institute DRM. It went something like a ssha encryption of the binary content and the provider generated an encrypted key based on your key which was based on your account information(from the provider). Then whatever player you were using needed a plugin that used another program to decrypt the media and stream it into the player.
Just to follow on your example, in such a system, the plugin would probably have to be a closed-source binary blob, or else you could just modify it to intercept and spit out the decryption key as it was being received from the provider. (I'm not trying to personally attack you -- what you created there was as good a DRM system as most of the real ones on the market, but it's running into the fundamental limitation of DRM.) It's all smoke and mirrors.
Anyway, after doing a little Googling, I think the "open source DRM" thing a while back was related to someone on the Gstreamer project discussing adding support for DRMed formats -- but it's still not clear how they'd accomplish that. Some people have pointed towards Sun's drm-opera project as one possible avenue, but AFAIK that's nothing but vaporware, and it too was widely criticized as being impossible when Jonathan Schwartz announced it. According to this article there have been two past attempts to create "open source DRM": one was OpenIPMP in 2002, another was Media-S, more recently.
OpenIPMP has a SourceForge project page, although the latest update was a year ago. Apparently there's some code that can be downloaded, but aside from that they are cagey on how it works, and heavy on buzzwords. Nothing about it makes me suspect that they have really discovered anything huge (and a DRM system that didn't rely on obscurity would be pretty huge). If anyone is familiar with the project and wants to comment, I'm genuinely curious.
Media-S apparently evolved out of an effort to make a "Secure OGG" format. They at least have an FAQ. Basically, they're going for the straightforward 'binary blob' route:
If Media-S is open source, how can the encryption be secure?
If a company wishes to use Media-S to protect their content, SideSpace Solutions highly recommends purchasing a binary distribution license. Under this license, any modifications to Media-S (such as a change of encryption engine or pri
You can't expose the keys, but any DRM system that's based on a secret implementation rather than cryptography is going to be cracked.
Even ones based on cryptography are going to be cracked, since there's no way to make a cryptographically secure DRM system. The end user has to have both the ciphertext and the key, in order to use the content at all -- therefore they can get the plaintext. It's often not exactly trivial, because the keys can be obscured, but there's no mathematical security there. It's always just a "secret implementation." Remove the secrecy and you break the system, period.
It doesn't and never will. DRM and openness are fundamentally incompatible. You can't have an "open source DRM" system, because it would expose the fundamental flaw of DRM -- that it's trying to keep something from you that you already have. [1]
I think what's really galling people is that the BBC is using DRM at all.
[1] It might be possible to build an "open source" DRM system, if you were only talking about 'open' software, and it was just a wrapper around some sort of hardware system that actually held the keys. But that's why I said "openness" and DRM are incompatible -- in a truly open computer platform there's absolutely no way to enforce DRM against a savvy user that doesn't want it enforced on them. The only way DRM works is if you have a 'black box' somewhere, either in software or hardware.
How can anyone with any appreciation for coding -- or, for that matter, aesthetics in general, at all -- go near MySpace? Every time I go there (and I do this every few months, just to see if it's changed) it's like some circus side-show of bad design.
The whole concept is flawed; the site takes what's inherently repetitive, structured data, and just lets people dump it into tag-soup HTML pages. Facebook's approach is far more elegant, not to mention pleasant to view.
Slashdot Mirror
True, but how is it enforced? Perhaps in the Netherlands, people can be trusted to just do it, but I'm not sure that would work here.
... well, you tell me which one people are going to do? (Hint, it's the one that's less work.) Hell, I know people who don't even recycle metals, because it's too much work to sort stuff into the bin that they're already given. Easier just to chuck it all in one bin and not think about it. And that's only two cans, one for all mixed recyclables and one for 'everything else.'
In fact, I'm pretty sure that in my municipality, it's technically illegal to throw out anything that's toxic into the regular trash, but there's no enforcement mechanism, and given a choice between taking that old NiCd phone battery or fluorescent light tube to the recycling center, and just putting it in the trash
I've heard anecdotally that in Japan, there are people who basically go through trash at transfer stations, and will hunt down (based on personally identifying information in the trash) those folks who don't sort their recyclables out and reprimand/embarrass them -- short of something vaguely creepy like that (and in the U.S., social ostracism and humiliation aren't going to work as punishments), I'm not sure any consumer-sorting programs are going to work.
Without draconian enforcement, I think the sorting has to be -- or at least has to be backed up by sorting -- done at the transfer station or dump.
From a different perspective, sorting garbage based on predetermined criteria seems to be like something that, once you get over the initial investment in the system that does it, is probably better done by one giant machine that sorts the garbage for 100,000 people, than each of those 100,000 people having to take a few minutes a day to think about it. From a purely economic perspective, the opportunity cost of everyone's time probably justifies an automatic sorter, and when you factor in the recovered value from the recyclables [1] and the possible "dump mining" aspects that it creates later, I'd think it would be a good investment.
[1] The value of the metal and Type 1 plastic, anyway; the higher-number plastics don't seem to be worth recycling right now, at least based on what I've read.
s/"knows your there"/"knows you\'re there"/
Mea culpa.
Although I agree with your overall conclusion -- I think space warfare would just lead to the weaker party polluting near space with a whole truckload of hex nuts; goodbye space exploration for the next few generations -- I'm not sure if the 'no defensive options' line is really a good argument.
You could say the same thing about undersea submarine warfare. If a submarine gets hit by a torpedo, it's pretty much Game Over. They don't bother giving them a lot of armor plate for a reason: it wouldn't work and it would just make them easier targets. Instead, they try to be invisible and sneaky, and most of the tactics seem to revolve basically around killing your enemy before he knows your there and has the time and opportunity to kill you, too. (Or, launch your missiles and complete your mission before your enemy can find and kill you.)
I think that's a paradigm that could be applied to space warfare; defense-through-stealth rather than defense-through-terrain, or even through maneuver.
However, to imagine such a war, you'd have to somehow come up with magic solutions for why an enemy, as soon as they started to lose, wouldn't just (A) pollute space with debris, and (B) use their last bit of launch capability to drop nuclear weapons (or superflu, or airborne AIDS, or whatever) on enemy cities, leading to a strategic nuclear exchange. On one hand, you're talking about resource allocations to space-weapons research that are indicative of planning for a total war, but I'm not sure how you can discuss total war and not also just have it devolve into nuclear/biological annihilation.
The only problem is that they also have a very high density of thoroughly toxic materials, stuff that you really don't want disturbed if you can avoid it.
Unfortunately, I could easily see it being economically infeasible to mine garbage dumps, because the cost of environmental remediation would be worse than just leaving the resources there, entombed with all the hazardous stuff.
Really, if we had a slightly longer planning horizon than we seem to have, we'd at least be sorting our garbage before burying it, instead of piling it all together. Just pulling out all the metal and putting it in one hole, with the plastic and organics in another, or burying similar types of appliances together, would make the landfills that much more attractive to mine later on.
There's a free service called Openomy which offers 1GB of free "network drive" space.
The whole thing seems very dot-com-era-ish to me; I'm not clear on how they're going to make money off of it, and until I understand their business model I'm not going to trust them with anything valuable, but hey -- it would beat emailing myself stuff. Apparently they're going to offer "Premium Memberships" in the future which will offer extra services (this sounds a little like "3. ???", but I'll give them the benefit of the doubt).
They have an open API, and file organization is done via tags (which is either a bug or a neat feature depending on your stance on tags vs folder-hierarchies in terms of organizational paradigms). The API is similar, in some ways to Flickr's -- applications need to be authorized before they can access user data, using cryptographic keys, and it uses simple HTTP calls for the actual interaction/transfer.
Anyway, I haven't played with it much but I'm definitely pretty intrigued. I think that online file storage is definitely harder to monetize than free email (you can't offer context-sensitive ads when the user only accesses the site through an API and a frontend app, and if their files are all encrypted archives or something), but it seems like there are enough possibilities that we're going to see some serious competition in the market soon.
And there's nothing better than a bunch of cash-flush tech companies competing to give the most stuff away for free...reminds me of 1998...
Not being privy to the argument I can only speculate, but I bet that there are other tests that people would like to perform on the prototype wings, which they won't be able to do if they break them during the load test.
Same here. I can't remember when I first started using AIM, but it was pretty soon after it came out, and aside from a few Europeans who are on MSN (I don't understand the Europe/MSN connection, but it seems to be much more popular over there), and people who use GTalk while at work, everyone I talk with is still on AIM. The features or lack thereof of any other network are basically irrelevant to me, since I'm not going to switch.
... it's just a network. As long as it passes my packets to the people I want to talk with, that's all I care about.
The AOL client is certainly dreadful (just like the stock MSN client, or the stock Yahoo client), but that's solved easily by using Gaim/Pidgin/Adium. Once you ditch the crappy client
You might have a preference set that gives a bonus to certain types of comments.
I don't think there's any way to start out at +3 without any moderation. Even if you have Karma Bonus and are a subscriber, you'll only start out at +2, the bonuses aren't cumulative. (And if you don't want subscribers to get a bonus you can change that in your personal preferences, too.)
Just as an example, I'm a subscriber and I also get the karma point, but when I submit this (I won't disable either, although as a general rule I normally check 'No Karma Bonus' for offtopic/meta comments) it'll just be +2 before it gets moderated.
I'm wondering if the regular sex tape scandals on the net giving the next generation innate knowledge of how difficult(impossible?) DRM is.
A while ago there was a thread on Ask Metafilter where a person basically wanted to know if this was possible -- make a sex tape with the BF, but retain the ability to revoke it later so that it wouldn't get spammed all over the internet as part of a bad breakup. Not, perhaps, the most common situation, but there are lots of situations where people would like to have the sort of magic abilities that DRM purports to offer (the ability, generally, to modify or destroy things on computers you don't actually control).
I thought it was interesting because it didn't take them very long to comprehend that what they were asking for was basically impossible.
(Now, if you wanted to make a video that could only be watched by two people, together, you could probably do something with threshold encryption, but that's an entirely different problem. It's actually cryptographically robust, while a "self-destructing file" is not.)
If they'd checked for box cutters, the terrorists wouldn't have used box cutters.
You can kill someone stone dead in a few seconds with a bath towel, you know. Or with a pair of pantyhose and a can of soda. Or god knows what else.
The point is, short of stripping everyone naked and zip-tying them into their seats, you can't keep someone from attacking the crew on a plane. You might be able to stop them from taking control of it by reinforcing the cockpit, maybe building the aircraft without an interior door, etc., and you might be able to keep them from using the plane as a flying bomb by building in a fail-safe (or a remote self-destruct), but the restrictions on pocketknives, toothpaste, nail clippers, scissors, and the like are just security theater.
(Probably the best security method would be to give everyone on the plane some type of very-close-range weapon that was easy to use, so that a possible terrorist would have as little advantage as possible over the rest of the passengers. There's an implicit assumption that the majority of passengers are not terrorists, so what you need to do is just keep the terrorists from getting the edge that makes them more powerful than 100 others, not try to disarm everyone completely.)
Simplify the architecture as far as possible. Like, 1980s architecture simple. Publish all the code publicly, so as many people as want to can comb over it. Make the 'bootstrapping' of the compiler chain a public event, open to observers. Use a hardware design that's as simple as possible, using parts that are old and widely understood. Make one single, standard reference design, and test/audit the hell out of it. Allow opposing political parties to act as observers during the election and vote-counting process. Keep an audit trail and make that public, too.
Alternately, just use pencils and learn to be slightly more patient than usual. The whole desire for electronic voting is due to a desire for immediate gratification and a pointless requirement to have the votes tallied on the same day as the election. It's stupid; voting is the most important thing in our government, if it takes a week, it takes a week. Democracy functioned without e-voting; we're just making the system more opaque than it needs to be.
The question is, what's a "performance." The RIAA, et al, want it defined as broadly as possible, so that they can collect royalties from every transfer of a copyrighted work from person to person. Prior to 1995, transferring music over the Internet wasn't necessarily a 'performance' subject to royalties. It was treated just like regular radio, where no royalties are necessary. The decision to make digital broadcasting subject to royalties, separating it from conventional broadcasting, was not accidental. (See Section 106 of the Copyright Act; they single out 'digital broadcasting' specifically, putting it in with CD sales, and not with regular broadcasting.) If you remember back to 1995, the reasons for this are obvious: the music lobby was terrified of anything digital, and was fighting it tooth and nail. This legislation was bought and paid for by the RIAA and the other record companies.
Anyway, as to your other point, streaming a few hundred channels of music really isn't that hard. You need a lot of bandwidth, sure, at least at peak times, but if you do it right it's a reasonable cost and can be carefully balanced against revenue sources. Lots of one-man websites do it every day. (It's not like you need a lot of personnel to run an internet radio channel, you essentially just need to make up the playlist -- many of them don't have live DJs or anything.) The key difference between the terrestrial broadcasting market and the Internet one is the barriers to entry -- anyone with a few thousand dollars in capital could set up an Internet 'radio' station and start attracting listeners -- do well and you can be producing many channels, each with only a few listeners (remember -- it doesn't take any more bandwidth, really, for each listener to have a different stream); starting a new terrestrial radio station costs millions, and that's if you can buy the spectrum at all (and obviously you can forget about customized radio on using traditional technology -- the spectrum is too crowded and expensive).
The effect -- in my opinion, the sole purpose -- of the Digital Performance Right in Sound Recordings Act is to make the cost of entering the Internet broadcasting market just as prohibitive as the terrestrial one.
If it's problematic for the radio station to work out deals with every owner of every song, then how does SoundExchange do it?
They were handed a big, fat monopoly by the government.
So if I set up a station and play classical music including Bach, Mozart, and a bunch of other guys who have been dead for a long time, the I still have to pay them.
Yep. And probably even more offensively (because, let's face it, Beethoven doesn't give a shit either way), if you play music by a band that's not a member of the RIAA's little club, they don't get one thin dime of SoundExchange's revenues. So, for example, let's say you set up a really cool internet radio station that plays a lot of alternative stuff. In order to keep yourself lawsuit-free, you get a SoundExchange license. Regardless of what you play, most of your license fees are going to go to the teeny-bopper, top-40 artists. (I believe SoundExchange pays out revenues based on "popularity" data that's compiled from terrestrial radio airplay statistics; so basically it takes in money from everyone and spits it back out to the ClearChannel Top 40.) Pretty slick way to keep the gravy train rolling, eh?
What's your point? If the election staff are compromised, then no voting system in the world (at least as long as you want one that's anonymous) is going to save you. An electronic system certainly isn't -- in fact it's going to make vote-tampering that much harder to detect.
Oversight and complete transparency are the only weapons against corruption.
Okay, here's what I understand of it.
In the beginning. Prior to 1995, you could 'perform' music in public, via digital broadcasting, without paying any royalties on it. I'm a little fuzzy on exactly what you used to have to pay royalties for (Wikipedia says there was "no performance right" for artists, but that doesn't make a lot of sense, I remember performance-rights cases prior to '95; I think it was just a digital thing), but anyway, in 1995 Congress passed a law granting rightsholders control over the digital 'performance' of their works. The upshot of this was that anyone distributing music digitally now had to pay 'performance' royalties for it.
Obviously, trying to pay royalties directly to the owner of each piece of music that you might play on a radio station would be problematic. It would require negotiating a license with each rightsholder, for each work, for every station. The paperwork and negotiations would be crippling. So a provision was made for so-called 'statutory licenses,' basically blanket licenses that you buy from an organization who takes the proceeds and divides them up among artists. (Blanket broadcast licenses like this aren't a new thing, but this extended them to digital broadcasting.) In return, you can play whatever you want, without worrying about negotiating individual contracts. The cost and rate structure of these licenses is set, theoretically, by the U.S. Copyright Office.
Enter SoundExchange. The RIAA [1] has a division/subsidiary/department-of-evil called "SoundExchange", which is designated, by the U.S. Copyright Office, as the sole supplier of "statutory licenses" for digital music. So if you wanted to run an internet radio station or other digital broadcast, and weren't going to stick to just playing independent artists who have relinquished some of their rights to public performance, you needed to go to SoundExchange and buy a license. While philosophically objectionable to many (including many artists!) because of the metrics they use to distribute the fees, SoundExchange had licensing terms that weren't horrific, including some that were based on a percentage-of-revenue (I've heard 10-13% quoted). So if you were running a small-time internet radio station, the fees wouldn't break the bank. This has been the status quo for a while now.
The Rubber Stamp. The current controversy started a while back, when SoundExchange proposed, and the Copyright Office approved, a dramatic rate hike. Among other things, the new rates eliminated the percent-of-revenue model, replacing it instead with a per-song-per-listener model, combined with a minimum per-channel fee, and a bunch of other onerous terms (including making the fees retroactive to some point in the past, which would instantly force any station without large cash reserves out of existence). The bottom line was that under the new fees, most small internet radio stations -- particularly those who have lots of channels tailored to particular musical tastes or genres -- just wouldn't be able to pay the bills. The effect as far as I can tell, would be to make Internet radio much like terrestrial broadcast radio: dominated by a few corporate-backed players (e.g., Last.fm), with a small number of channels playing basically the same thing. The new rates, if nothing happens to forestall them, go into effect around the middle of next month.
[1] Okay, allegedly it's "independent" now. Riiight...
There's no good reason to use encryption in a corporate environment.
I mean, there's no reason to use client-to-accesspoint encryption. Instead you should be encrypting directly from the client to the VPN gateway.
Yep, that is exactly how I have it set up here. I cringe every time I go into a new client site and see them using OPEN wireless access points as an extension of their wired LAN. At the very least encrypt it....
There's no good reason to use encryption in a corporate environment. Put all the wireless APs in the DMZ, so that they're outside the network, and leave the APs open. That way you don't have to make users screw around trying to get WEP/WPA/whatever to work, or use crummy MAC-based authentication schemes (that are a steaming pile anyway; whoever decided authentication based on MAC addresses was a good idea should be shot). Until you do that, wireless security is (in my experience anyway) harmful, because it makes the PHBs think they're on a "secure network" and shouldn't have to VPN. And once you require everyone to VPN when they use wireless, there's no point in using WEP/WPA on top of it (particularly considering that WEP is so broken as to be useless, and lots of devices don't support WPA).
The problem isn't lack of encryption, it's putting wireless APs in on the trusted side of the network at all. Avoid doing that, and treat someone connecting from an AP just like you'd treat someone connecting from Kalamazoo (meaning they have to connect via a VPN and authenticate), and you avoid most of the security vulnerabilities that plague wireless installs.
It's more like a whole group of fat chicks who only hang out with each other, and due to their lack of perspective and self-imposed isolation, think they're a lot hotter than they actually are.
(The difference from your example being that there are no 'hot chicks' here; it's all trivialities.)
So who is paying for the BBC's existing web streaming infrastructure? Magic money pixies?
Underpants gnomes.
I recall the discussions about a GPLed DRM system also, and my recollection was that it was widely criticized for being impossible to achieve without a hardware module, or binary blob. At some point, you need the black box that does the magic and hides the keys from the user. Even if you pile on layers and layers of encryption onto the key (which is basically what AACS does), somewhere you have to decrypt the content in order to let the user view it. If you have a system that's open, where the code that's being executed at any given moment can be analyzed, then you're never going to be able to avoid letting the user get their hands on the key. (Or even more easily, just letting them get their hands on the decrypted content.)
Just to follow on your example, in such a system, the plugin would probably have to be a closed-source binary blob, or else you could just modify it to intercept and spit out the decryption key as it was being received from the provider. (I'm not trying to personally attack you -- what you created there was as good a DRM system as most of the real ones on the market, but it's running into the fundamental limitation of DRM.) It's all smoke and mirrors.
Anyway, after doing a little Googling, I think the "open source DRM" thing a while back was related to someone on the Gstreamer project discussing adding support for DRMed formats -- but it's still not clear how they'd accomplish that. Some people have pointed towards Sun's drm-opera project as one possible avenue, but AFAIK that's nothing but vaporware, and it too was widely criticized as being impossible when Jonathan Schwartz announced it. According to this article there have been two past attempts to create "open source DRM": one was OpenIPMP in 2002, another was Media-S, more recently.
OpenIPMP has a SourceForge project page, although the latest update was a year ago. Apparently there's some code that can be downloaded, but aside from that they are cagey on how it works, and heavy on buzzwords. Nothing about it makes me suspect that they have really discovered anything huge (and a DRM system that didn't rely on obscurity would be pretty huge). If anyone is familiar with the project and wants to comment, I'm genuinely curious.
Media-S apparently evolved out of an effort to make a "Secure OGG" format. They at least have an FAQ. Basically, they're going for the straightforward 'binary blob' route:
Would we say wikipedia is 'receiving funding from Microsoft' if MS was paying employees to write about MS products?
No, we'd call that "astroturfing."
You can't expose the keys, but any DRM system that's based on a secret implementation rather than cryptography is going to be cracked.
Even ones based on cryptography are going to be cracked, since there's no way to make a cryptographically secure DRM system. The end user has to have both the ciphertext and the key, in order to use the content at all -- therefore they can get the plaintext. It's often not exactly trivial, because the keys can be obscured, but there's no mathematical security there. It's always just a "secret implementation." Remove the secrecy and you break the system, period.
It doesn't and never will. DRM and openness are fundamentally incompatible. You can't have an "open source DRM" system, because it would expose the fundamental flaw of DRM -- that it's trying to keep something from you that you already have. [1]
I think what's really galling people is that the BBC is using DRM at all.
[1] It might be possible to build an "open source" DRM system, if you were only talking about 'open' software, and it was just a wrapper around some sort of hardware system that actually held the keys. But that's why I said "openness" and DRM are incompatible -- in a truly open computer platform there's absolutely no way to enforce DRM against a savvy user that doesn't want it enforced on them. The only way DRM works is if you have a 'black box' somewhere, either in software or hardware.
That is, maybe someone switches back to Windows after running it in a virtual machine.
God, that was funny.
Wait -- you weren't joking, were you.
There are geeks on Myspace? Really?
How can anyone with any appreciation for coding -- or, for that matter, aesthetics in general, at all -- go near MySpace? Every time I go there (and I do this every few months, just to see if it's changed) it's like some circus side-show of bad design.
The whole concept is flawed; the site takes what's inherently repetitive, structured data, and just lets people dump it into tag-soup HTML pages. Facebook's approach is far more elegant, not to mention pleasant to view.