The hardware developers somehow see this need to provide the software themselves, instead of taking advantage of the community, but then go and do a shoddy job of it.
Bingo.
When hardware companies try to make software, the result is almost inevitably shit. There are some exceptions, but big hardware companies tend to see software development as a 'cost center,' an afterthought to be minimized as much as possible, rather than a critical and major part of their product.
Look at scanners if you want. I've used some great film scanners in the past; brilliant hardware engineering, but coupled with the absolutely shit software that came in the box with it, it was practically a doorstop. To get anything else done, you had to get VueScan or Silverfast -- addon software written by people for whom software is their primary focus.
This is not painless and easy, and IMHO S/MIME is alot nicer implemented than PGP signatures.
S/MIME is oftentimes more slickly implemented, because it tends to get more use on the corporate side, but I think that it's unsuited for wide use because of its reliance on centralized certificate authorities. The whole certificate-based infrastructure isn't anything that most people want to have to deal with.
For 90% of all communications, what people want is an email (or IM, or whatever) version of PGPfone -- they just want the data secured in transit, with the actual user authentication done via some side-channel (calling them up on the phone and exchanging key fingerprints, etc.).
If people have to get and install certificates, they're not going to use the system.
Where is the it-just-works email encrytion for dummies?
AFAICT, it doesn't exist. At least not outside of corporate environments. There are lots of companies that have their encryption set up so that it's transparent to non-technical employees, but it's a lot of work for the people who actually make it run. Lotus Notes, for instance, will do public-key cryptography, using company-wide keyservers -- although it's a proprietary algorithm, or was last time I checked. Once you have the infrastructure in place, the users don't have to think much about it, besides clicking 'encrypt and sign' on the emails they want secured.
I've also heard that within Apple, they use Apple Mail with S/MIME to great effect... but if you're just a regular user, getting that feature working is a real PITA. (Though admittedly, most of the trouble is because of the certificate authorities.)
I think the problem with the free encryption tools is that they're still very much a 'hacker's product,' being designed by fairly advanced users, for other advanced users -- or at least, for users who don't have a problem installing extra software in order to communicate securely. This, IMO, is a mistake; in order for an encryption system to be useful, it has to be widely used. And that means getting it into the hands of people who might not even think, in advance, that they want it. There are lots of people who aren't going to go out and download/install encryption software, but if the feature was there, and working, all the time, they'd probably find themselves clicking the 'Encrypt' button quite a bit.
There's no real reason why encryption can't be built in. It's just that it tends to get viewed as a peripheral, rather than core, feature, in everything except some corporate packages. However, I think that if it was incorporated more widely, it would quickly become a core feature; but getting over that 'chicken and egg' hump is hard.
OTR is miles better than the gaim-encryption/pidgin-encrypt. Honestly, I don't understand why they won't just kill it and move to OTR for good; it's a fundamentally better security model for something transient like instant messages.
Particularly since having two mutually-incompatible encryption packages is a pretty crummy state of affairs; it just means that the few users who do use encryption, are going to be fragmented between incompatible systems.
OTR probably has the greatest market penetration of any IM-encryption system, outside of corporate clients (Sametime, I think, uses encryption by default, although I don't think it's end-to-end, only client-server, because there they want the ability to intercept on the server), because it's built into the fairly popular OS X Adium client. So there's already quite a few users out there who have software that supports it. If only some of the other IM clients would start building it in by default, rather than making it an optional addon, I think it would quickly gain traction as a de facto standard. (And that would be a good thing, since it's a good system and open source.)
It is just that I don't want anybody to intrude my privacy. Do you close the envelope of a regular snail-mail letter? If so, do YOU have something to hide??
YHBT, I think... (Though admittedly, it hasn't been moderated as such, yet.)
This is a state tax. Outside of some minor exceptions, state-derived revenue has negligible impact on military funding. That's all Federal. Even National Guard units that are the last vestiges of independent state militias are Federally funded.
Besides which, talking about military funding as a tax problem is a red herring. It's not an issue of insufficient revenue, it's a question of misplaced priorities. There's more than enough money to buy body armor, or up-armored vehicles, or whatever, for the military, in the budget, if people in Congress wanted to do it. They've just spent that money elsewhere, and decided not to pay for body armor. Giving them more money won't necessarily change that; I can't think of any reason why they wouldn't just keep doing that. If they've already shown that equipping our soldiers is a low priority, a few extra billion here and there isn't going to change that. They're going to squander it the same way they squander all the money they have now.
Also, consider this: State governments are losing revenue to online purchases. If they don't collect it by taxing online purchases, they need to collect it some other way. Do you want to see 15% taxes on things you buy locally?
Actually I'd prefer that they just cut services. Or if they won't do that from the start, then fine, run up the sales tax, drive more sales onto the internet or into neighboring areas, wait for the local economy to collapse, and then cut services. I prefer the former path, but either one works.
There are a lot of states that haven't really been in a financial pinch in a while. This is unhealthy. You need some really lean years from time to time, so that you can actually make the hard decisions about what's worth spending money on and what's not.
I'm also a big fan of earmarking taxes for specific purposes, via referenda. If the voters approve a new tax for some specific purpose (e.g., we really need this new school, so we're going to tax x in order to pay for it), then that tax shouldn't be used for any other purpose. Once its original purpose is accomplished, the tax should evaporate.
Well, actually they can't be retargeted or destroyed in flight, at least not to my knowledge. For any number of reasons, once they're out of the silo/launcher, they're un-recallable. (This is ballistic missiles; cruise missiles are probably different.) Basically they get all their data fed into them right before launch, and then the missile follows its path, using inertial (laser gyroscope, usually, I think) and stellar navigation (to correct for wind drift and other factors at apogee), to their targets. There's no communications channel by which to recall one, re-target it, or tell it to self-destruct.
Once you press the button, it's pretty much a done deal.
I haven't heard of this, could you please enlighten me?:-)
Some of the earlier drafts of the GPL3 were going to eliminate the ability of companies like Google to produce OSS and use it solely as a web-service, where the customer wouldn't 'run' the software but would only see the results over a network. From RMS' standpoint, it's basically the same as Tivoization, because it keeps the consumer from ever being able to access the GPLed software and run it on his/her own machine, etc. It lets people take FOSS, modify it, use it in consumer products, but keep the modifications to themselves; arguably, a Bad Thing.
But I think that it was removed, because FOSS just doesn't have enough clout yet to force companies like Google to open up their code; they'd rather switch to something else -- what, I have no idea, but something else -- rather than deal with that. Plus, defining exactly who would be required to post what modifications to the code, and how they'd have to make it accessible -- basically all the practical concerns -- was pretty messy. So it got removed from GPL3 (one assumes, slated for some later version, according to some FSF Master Plan).
This is the same "targeting" rhetoric from the early 1990s all over again. Pretending that whether missiles are 'targeted' at some city somewhere, really changes the strategic position at all.
It's bullshit. Where a missile is 'targeted' has almost no real-world meaning. You can re-target a missile in a few seconds; in fact all submarine-launched and mobile missile systems have to be targeted right before launch, because the trajectories need to take into account the launch position.
The only scenario in which the 'default target' or preselected target of a missile might matter, would be an accidental launch. But even then, having the missiles aimed at neutral territory might not buy you much, because the unexpected launch itself might be perceived as hostile and engender a response; you can't depend on the mis-targeting for security -- that needs to be built-in to the command-and-control systems absolutely.
The difference between the GPL2 and the GPL3 is that the GPL3 gives you a little bit less additional rights.
Depends on who "you" is. I think this is the crux of the whole public-domain/BSD/GPL2/GPL3 argument. Each one can be argued to be 'more free,' from a different point of view.
As the end user of a piece of software, I get the most freedom to use it and do stuff with it, if it's GPL3. That keeps the developer from locking it up behind a wall of checksums and boobytraps, or (at least in some earlier drafts of the GPL3, although I think it was removed later) releasing it as a web service that keeps me from taking it an running it on my own server, etc.
But as a downstream developer, I get the most freedom, if the code is public domain -- I can take it, change it, put my name on it, sell it at a profit, make locked-down or web-service implementations of it, add all sorts of weird proprietary additions to it and keep them secret to trap my customers, whatever.
The BSD license, in my opinion anyway, is a license, by programmers and for programmers. It preserves the openness of code, and ensures that upstream developers get the credit they want, but basically allows downstream developers to do whatever they want with it, save a few restrictions.
The GPL licenses have always tended towards user freedom at the expense of developers, and if it wasn't for the ideological bend of Stallman et al, there probably wouldn't be much software made under it, since most users who benefit from the GPL (as compared to the BSD) aren't developers themselves. It's dependent on a relatively small number of able individuals' desire to produce something that benefits a large number of people who aren't as able (to program).
Personally, I've never had any option but cable -- no DSL, ever. And I've lived in a variety of areas, from fairly rural (Central Maine, Eastern Connecticut) to suburban (Arlington, VA) and never had DSL. In two cases (VA and CT), the phone companies initially told me I had DSL, but later said "oops, our bad" when it never worked, or when they checked more accurate line-feet databases. (In CT, they actually sent me a DSL modem and tried to give me service, but it just never worked, in VA, I got through two or three levels of customer service before they admitted that it just wasn't going to happen.)
But whether it's just DSL, or just Cable, either way you're screwed, particularly since FCC reversed its stance on Local Loop Unbundling, killing off independent DSL providers in most markets. (Even though anyone who was following the price of broadband, particularly DSL, back when LLU went into effect saw the prices drop and customer service increase as a result; you had low-cost plans introduced, and premium providers like Speakeasy with good service, etc.)
And even if you have access to both, it's really just two sides of the same coin. There's no real competition, no progress on either bandwidth or pricing. They have no reason to.
Does it really matter to anyone else if your Slashdot 'nym can be verified to match your 'nym's on a dozen other boards? Who really cares if you have excellent karma on Slashdot?
It might. I think the best possible solution would be to let the destination site look at whatever pieces of reputation you choose to provide, and then weight them however it wants to.
E.g., let's say I set up a blog. I know most traffic is driven to it by people clicking on my site's URL in my Slashdot comments; therefore, it might not be a terrible metric to utilize Slashdot-karma in approving comments on my blog. There's no guarantee that someone with Excellent/. karma isn't a spammer, but I suspect it's a better chance than "random person on the Internet" being a spammer.
That said, there's no objective reason why Slashdot karma is more valuable than some other kind of Karma (Digg karma, whatever); it's purely a subjective decision on the part of the destination site, deciding what forms of "reputation currency" they're willing to honor. If a site was perceived as being easy to game, then its karma wouldn't be valuable elsewhere. Likewise, credentials that are hard to fake, hard to obtain, and easy to verify (if there is such a thing), would be worth a lot, probably at many places.
Ok, most people realize that the MFRs write the drivers, not MS. And yes Vista specific driver support is lacking in some areas, as moving to the new audio model, video model, network stack, etc can be tricky for native driver support in Vista.
Actually, "most people" don't really know or give a damn. If the drivers for an OS sucks, the OS sucks. Full stop.
This was the problem with Linux until recently; if you didn't have the right drivers for the hardware you wanted to use, then you couldn't do what you wanted to do -- everything else, any other benefits the OS might have, are moot. It's dead in the water.
Russia countered by demanding the US, as a member of said organization, abide by its IP laws and pay Russia royalties for all the AK's the CIA has had manufactured and distributed over the years.
This doesn't make sense. The patent was obtained in 1999, and I think they'd have a tough time proving that the CIA has ordered many AK-47s since then (and even if they did, why the CIA would be responsible for royalties, instead of the Eastern-bloc manufacturers that they were presumably buying them from).
The West doesn't really get harmed, or care very much, about patents or IP claims on the AK-47. If anything, it might be a boon to manufacturers of alternative designs, including U.S. firms.
What this seems much more like, is an attempt by Russia to apply pressure to its neighbors and former client states, in order to squeeze some more revenue out of them. With them, Russia has a pretty big stick (energy, trade, border security) that they can use if the client state doesn't pay up.
Nobody in the U.S. establishment is going to really care about this. If the Russians wanted to fight back in response to AllOfMP3.com, there are much more effective ways they could do it. I think this is probably more about relations with neighbors (including China) than the West.
So you didn't bother to look at the image the parent posted? Apparently all of these cards can be plugged into USB ports, unlike special SD cards that need to have an internal USB plug.
No... the parent was talking about the difference between an MMC (that's "MultiMediaCard") and SD ("Secure Digital") cards and slots.
Many people think that they are the same, but they are slightly different. MMC came first, and was a pretty neat format, but Sony and the other big music companies decided they hated it, because it didn't have built in features that made it DRM-friendly. So they "upgraded" the format and made SD, which includes an extra pin on the connector, an area of the card's memory that's not user-accessible (for storing the media keys, according to some never-widely-implemented DRM scheme they were cooking up), and a lock/unlock switch. They somehow got the manufacturers to kill MMC, by not producing many large-capacity cards for it, and replace it with SD.
From a consumer's standpoint, we got a lock/unlock switch, higher prices for a while, and lost some capacity to the key-escrow area. (The latter is hardly noticed now, but it really sucked back on 32MB cards). MMC seems to have come back from the grave lately, though, mostly because of the reduced-size card implementations. (Maybe it's easier to implement in hardware and software than SD? I'm not clear on that.)
These new memory cards are compatible to both USB and MMC, not SD. However, most SD card slots are backwards-compatible (IMO, that's a misnomer; SD was hardly a step "forwards" for anyone except the content monopolies) to MMC, so to the consumer it's "same difference."
You can do all that in MS Word too. So why does your husband use LaTeX?
Yeah, and you could write your papers on vellum made from your own skin, using fragments of your own bone, with your blood as ink... but some of us would rather avoid the pain.
I don't think that is true. There are precedents where the taking or the publication of pictures of somebody in a public place have been judged to be an invasion of privacy.
I don't think this is true, at least in the U.S.
I think the cases you are thinking of, are more related to improper/unpermitted use of someone's image. That's slightly different than privacy. It's more of an intellectual property dispute, really.
If I take a photo of you in public, say eating a hot dog, and then I sell that image to the hot dog company for a million dollars so they can use it in their promotional material, you'd probably have grounds to sue me. I went and made money off of your image, without authorization. The actionable part isn't the taking of the photograph -- it's not invasion of privacy if it was in public -- but the use of that image, which I don't have the right to use, for a commercial purpose.
The law gives people control over their image (and to a lesser extent, their name), in a way that's not wholly dissimilar to a trademark. There are exceptions -- you don't have complete control, and you can't stop someone from using your image if it's just in the background of a photo or as part of a newscast (e.g., as you're being led out of the courthouse accompanied by your attorneys), and the standards are even looser for celebrities. But there is a significant difference between "invasion of privacy" and "unauthorized use of someone's image," and I think you might be confusing the two.
Not really, see: paparazzi. They can shoot totally non-newsworthy events without consent of the subjects.
They get away with it because of the celebrity of the subjects. If paparazzi did what they did to random people (non-celebs), they'd probably be sued successfully more often.
Well, you're right that the key-revocation scheme was designed to deal with this, however where the problem lies is in certain assumptions that the people designing the revocation system made.
I don't think they ever thought that the keys would get compromised this quickly. The AACSLA is fighting an asymmetric war. It takes them, what, about six months to revoke a key? Maybe they could get that down to a few months, but it's still going to be difficult. They have to realize that a key is compromised, decide to revoke it, make up a new MKB, master a new disc, send that disc master to Taiwan or China for pressing, and import and distribute the new disc. There's only a certain amount that a process like that can be expedited by.
The revocation scheme was designed to deal with insecure players, basically as a one-off process. Player gets compromised? Revoke it. It's not getting them any security in its current state. Right now, they revoke existing key. New key is compromised after one day in circulation. They begin revoking it. Six months later, they revoke new key. Rinse. Repeat. What's the steady state of this system? The hackers win, because at any given time, they probably have the keys to all the extant discs.
Now, you do bring up an interesting point about blocking software players, and just eliminating them altogether. Setting aside the problems this would cause with the likes of Microsoft and other players heavily invested in the concept of HTPCs, it might slow things down. However, I don't think there's any reason to think that they keys can't be extracted from the hardware -- that's just too good of a technical challenge to pass up. And again, if the rate at which keys get compromised is much, much faster than the rate at which compromised keys can be revoked, then the AACS loses control.
In our court system, you are innocent until proven guilty, the burden of proof is on the state.
This is true for sufficiently high values of w, where w is your net worth. If you can't afford tens of thousands of dollars to fight a bogus charge, then you're effectively screwed, particularly if the charge is one of the very emotionally charged ones (child porn, rape, terrorism, etc.).
You'd quickly end up in a situation where you'd be facing a team of prosecutors, working with virtually unlimited taxpayer funds (gotta protect the children, right?), against your fresh-out-of-lawschool public defender, whom if you're unlucky, you might have to share with half a dozen other defendants. And chances are, they're going to believe you're guilty and (consciously or not) treat you like it.
There have been a lot of sociological studies and research done on the U.S. legal system. People who can't afford lawyers plead guilty at an astoundingly high rate, and the entire system is set up to "process" them as quickly as possible, from arrest through to prison.
The system works like you describe in the best case scenario, but even then, it'll probably leave you bankrupt.
Do Medicare funds received by health care providers constitute "benefits" within the meaning of the federal bribery statute prohibiting fraud and other offenses against organizations receiving federal benefits?
Conclusion
Yes. In a 7-2 opinion delivered by Justice Anthony M. Kennedy, the Court held that "Health care providers such as the one defrauded by [Fischer] receive 'benefits' within the meaning of [the federal bribery statute]." Thus, the Medicare funds hospitals receive for treating Medicare patients subject people who bribe hospital officials to federal prosecution.
I don't get how it's related. Am I missing something?
Slashdot Mirror
The hardware developers somehow see this need to provide the software themselves, instead of taking advantage of the community, but then go and do a shoddy job of it.
Bingo.
When hardware companies try to make software, the result is almost inevitably shit. There are some exceptions, but big hardware companies tend to see software development as a 'cost center,' an afterthought to be minimized as much as possible, rather than a critical and major part of their product.
Look at scanners if you want. I've used some great film scanners in the past; brilliant hardware engineering, but coupled with the absolutely shit software that came in the box with it, it was practically a doorstop. To get anything else done, you had to get VueScan or Silverfast -- addon software written by people for whom software is their primary focus.
This is not painless and easy, and IMHO S/MIME is alot nicer implemented than PGP signatures.
S/MIME is oftentimes more slickly implemented, because it tends to get more use on the corporate side, but I think that it's unsuited for wide use because of its reliance on centralized certificate authorities. The whole certificate-based infrastructure isn't anything that most people want to have to deal with.
For 90% of all communications, what people want is an email (or IM, or whatever) version of PGPfone -- they just want the data secured in transit, with the actual user authentication done via some side-channel (calling them up on the phone and exchanging key fingerprints, etc.).
If people have to get and install certificates, they're not going to use the system.
Where is the it-just-works email encrytion for dummies?
... but if you're just a regular user, getting that feature working is a real PITA. (Though admittedly, most of the trouble is because of the certificate authorities.)
AFAICT, it doesn't exist. At least not outside of corporate environments. There are lots of companies that have their encryption set up so that it's transparent to non-technical employees, but it's a lot of work for the people who actually make it run. Lotus Notes, for instance, will do public-key cryptography, using company-wide keyservers -- although it's a proprietary algorithm, or was last time I checked. Once you have the infrastructure in place, the users don't have to think much about it, besides clicking 'encrypt and sign' on the emails they want secured.
I've also heard that within Apple, they use Apple Mail with S/MIME to great effect
I think the problem with the free encryption tools is that they're still very much a 'hacker's product,' being designed by fairly advanced users, for other advanced users -- or at least, for users who don't have a problem installing extra software in order to communicate securely. This, IMO, is a mistake; in order for an encryption system to be useful, it has to be widely used. And that means getting it into the hands of people who might not even think, in advance, that they want it. There are lots of people who aren't going to go out and download/install encryption software, but if the feature was there, and working, all the time, they'd probably find themselves clicking the 'Encrypt' button quite a bit.
There's no real reason why encryption can't be built in. It's just that it tends to get viewed as a peripheral, rather than core, feature, in everything except some corporate packages. However, I think that if it was incorporated more widely, it would quickly become a core feature; but getting over that 'chicken and egg' hump is hard.
OTR is miles better than the gaim-encryption/pidgin-encrypt. Honestly, I don't understand why they won't just kill it and move to OTR for good; it's a fundamentally better security model for something transient like instant messages.
Particularly since having two mutually-incompatible encryption packages is a pretty crummy state of affairs; it just means that the few users who do use encryption, are going to be fragmented between incompatible systems.
OTR probably has the greatest market penetration of any IM-encryption system, outside of corporate clients (Sametime, I think, uses encryption by default, although I don't think it's end-to-end, only client-server, because there they want the ability to intercept on the server), because it's built into the fairly popular OS X Adium client. So there's already quite a few users out there who have software that supports it. If only some of the other IM clients would start building it in by default, rather than making it an optional addon, I think it would quickly gain traction as a de facto standard. (And that would be a good thing, since it's a good system and open source.)
It is just that I don't want anybody to intrude my privacy. Do you close the envelope of a regular snail-mail letter? If so, do YOU have something to hide??
... (Though admittedly, it hasn't been moderated as such, yet.)
YHBT, I think
This is a state tax. Outside of some minor exceptions, state-derived revenue has negligible impact on military funding. That's all Federal. Even National Guard units that are the last vestiges of independent state militias are Federally funded.
Besides which, talking about military funding as a tax problem is a red herring. It's not an issue of insufficient revenue, it's a question of misplaced priorities. There's more than enough money to buy body armor, or up-armored vehicles, or whatever, for the military, in the budget, if people in Congress wanted to do it. They've just spent that money elsewhere, and decided not to pay for body armor. Giving them more money won't necessarily change that; I can't think of any reason why they wouldn't just keep doing that. If they've already shown that equipping our soldiers is a low priority, a few extra billion here and there isn't going to change that. They're going to squander it the same way they squander all the money they have now.
Also, consider this: State governments are losing revenue to online purchases. If they don't collect it by taxing online purchases, they need to collect it some other way. Do you want to see 15% taxes on things you buy locally?
Actually I'd prefer that they just cut services. Or if they won't do that from the start, then fine, run up the sales tax, drive more sales onto the internet or into neighboring areas, wait for the local economy to collapse, and then cut services. I prefer the former path, but either one works.
There are a lot of states that haven't really been in a financial pinch in a while. This is unhealthy. You need some really lean years from time to time, so that you can actually make the hard decisions about what's worth spending money on and what's not.
I'm also a big fan of earmarking taxes for specific purposes, via referenda. If the voters approve a new tax for some specific purpose (e.g., we really need this new school, so we're going to tax x in order to pay for it), then that tax shouldn't be used for any other purpose. Once its original purpose is accomplished, the tax should evaporate.
Somehow I don't think it's the military funding that's at stake here...
Well, actually they can't be retargeted or destroyed in flight, at least not to my knowledge. For any number of reasons, once they're out of the silo/launcher, they're un-recallable. (This is ballistic missiles; cruise missiles are probably different.) Basically they get all their data fed into them right before launch, and then the missile follows its path, using inertial (laser gyroscope, usually, I think) and stellar navigation (to correct for wind drift and other factors at apogee), to their targets. There's no communications channel by which to recall one, re-target it, or tell it to self-destruct.
Once you press the button, it's pretty much a done deal.
I haven't heard of this, could you please enlighten me? :-)
Some of the earlier drafts of the GPL3 were going to eliminate the ability of companies like Google to produce OSS and use it solely as a web-service, where the customer wouldn't 'run' the software but would only see the results over a network. From RMS' standpoint, it's basically the same as Tivoization, because it keeps the consumer from ever being able to access the GPLed software and run it on his/her own machine, etc. It lets people take FOSS, modify it, use it in consumer products, but keep the modifications to themselves; arguably, a Bad Thing.
But I think that it was removed, because FOSS just doesn't have enough clout yet to force companies like Google to open up their code; they'd rather switch to something else -- what, I have no idea, but something else -- rather than deal with that. Plus, defining exactly who would be required to post what modifications to the code, and how they'd have to make it accessible -- basically all the practical concerns -- was pretty messy. So it got removed from GPL3 (one assumes, slated for some later version, according to some FSF Master Plan).
This is the same "targeting" rhetoric from the early 1990s all over again. Pretending that whether missiles are 'targeted' at some city somewhere, really changes the strategic position at all.
It's bullshit. Where a missile is 'targeted' has almost no real-world meaning. You can re-target a missile in a few seconds; in fact all submarine-launched and mobile missile systems have to be targeted right before launch, because the trajectories need to take into account the launch position.
The only scenario in which the 'default target' or preselected target of a missile might matter, would be an accidental launch. But even then, having the missiles aimed at neutral territory might not buy you much, because the unexpected launch itself might be perceived as hostile and engender a response; you can't depend on the mis-targeting for security -- that needs to be built-in to the command-and-control systems absolutely.
The difference between the GPL2 and the GPL3 is that the GPL3 gives you a little bit less additional rights.
Depends on who "you" is. I think this is the crux of the whole public-domain/BSD/GPL2/GPL3 argument. Each one can be argued to be 'more free,' from a different point of view.
As the end user of a piece of software, I get the most freedom to use it and do stuff with it, if it's GPL3. That keeps the developer from locking it up behind a wall of checksums and boobytraps, or (at least in some earlier drafts of the GPL3, although I think it was removed later) releasing it as a web service that keeps me from taking it an running it on my own server, etc.
But as a downstream developer, I get the most freedom, if the code is public domain -- I can take it, change it, put my name on it, sell it at a profit, make locked-down or web-service implementations of it, add all sorts of weird proprietary additions to it and keep them secret to trap my customers, whatever.
The BSD license, in my opinion anyway, is a license, by programmers and for programmers. It preserves the openness of code, and ensures that upstream developers get the credit they want, but basically allows downstream developers to do whatever they want with it, save a few restrictions.
The GPL licenses have always tended towards user freedom at the expense of developers, and if it wasn't for the ideological bend of Stallman et al, there probably wouldn't be much software made under it, since most users who benefit from the GPL (as compared to the BSD) aren't developers themselves. It's dependent on a relatively small number of able individuals' desire to produce something that benefits a large number of people who aren't as able (to program).
Depends on where you are.
Personally, I've never had any option but cable -- no DSL, ever. And I've lived in a variety of areas, from fairly rural (Central Maine, Eastern Connecticut) to suburban (Arlington, VA) and never had DSL. In two cases (VA and CT), the phone companies initially told me I had DSL, but later said "oops, our bad" when it never worked, or when they checked more accurate line-feet databases. (In CT, they actually sent me a DSL modem and tried to give me service, but it just never worked, in VA, I got through two or three levels of customer service before they admitted that it just wasn't going to happen.)
But whether it's just DSL, or just Cable, either way you're screwed, particularly since FCC reversed its stance on Local Loop Unbundling, killing off independent DSL providers in most markets. (Even though anyone who was following the price of broadband, particularly DSL, back when LLU went into effect saw the prices drop and customer service increase as a result; you had low-cost plans introduced, and premium providers like Speakeasy with good service, etc.)
And even if you have access to both, it's really just two sides of the same coin. There's no real competition, no progress on either bandwidth or pricing. They have no reason to.
Does it really matter to anyone else if your Slashdot 'nym can be verified to match your 'nym's on a dozen other boards? Who really cares if you have excellent karma on Slashdot?
/. karma isn't a spammer, but I suspect it's a better chance than "random person on the Internet" being a spammer.
It might. I think the best possible solution would be to let the destination site look at whatever pieces of reputation you choose to provide, and then weight them however it wants to.
E.g., let's say I set up a blog. I know most traffic is driven to it by people clicking on my site's URL in my Slashdot comments; therefore, it might not be a terrible metric to utilize Slashdot-karma in approving comments on my blog. There's no guarantee that someone with Excellent
That said, there's no objective reason why Slashdot karma is more valuable than some other kind of Karma (Digg karma, whatever); it's purely a subjective decision on the part of the destination site, deciding what forms of "reputation currency" they're willing to honor. If a site was perceived as being easy to game, then its karma wouldn't be valuable elsewhere. Likewise, credentials that are hard to fake, hard to obtain, and easy to verify (if there is such a thing), would be worth a lot, probably at many places.
Ok, most people realize that the MFRs write the drivers, not MS. And yes Vista specific driver support is lacking in some areas, as moving to the new audio model, video model, network stack, etc can be tricky for native driver support in Vista.
Actually, "most people" don't really know or give a damn. If the drivers for an OS sucks, the OS sucks. Full stop.
This was the problem with Linux until recently; if you didn't have the right drivers for the hardware you wanted to use, then you couldn't do what you wanted to do -- everything else, any other benefits the OS might have, are moot. It's dead in the water.
Russia countered by demanding the US, as a member of said organization, abide by its IP laws and pay Russia royalties for all the AK's the CIA has had manufactured and distributed over the years.
This doesn't make sense. The patent was obtained in 1999, and I think they'd have a tough time proving that the CIA has ordered many AK-47s since then (and even if they did, why the CIA would be responsible for royalties, instead of the Eastern-bloc manufacturers that they were presumably buying them from).
The West doesn't really get harmed, or care very much, about patents or IP claims on the AK-47. If anything, it might be a boon to manufacturers of alternative designs, including U.S. firms.
What this seems much more like, is an attempt by Russia to apply pressure to its neighbors and former client states, in order to squeeze some more revenue out of them. With them, Russia has a pretty big stick (energy, trade, border security) that they can use if the client state doesn't pay up.
Nobody in the U.S. establishment is going to really care about this. If the Russians wanted to fight back in response to AllOfMP3.com, there are much more effective ways they could do it. I think this is probably more about relations with neighbors (including China) than the West.
So you didn't bother to look at the image the parent posted? Apparently all of these cards can be plugged into USB ports, unlike special SD cards that need to have an internal USB plug.
... the parent was talking about the difference between an MMC (that's "MultiMediaCard") and SD ("Secure Digital") cards and slots.
No
Many people think that they are the same, but they are slightly different. MMC came first, and was a pretty neat format, but Sony and the other big music companies decided they hated it, because it didn't have built in features that made it DRM-friendly. So they "upgraded" the format and made SD, which includes an extra pin on the connector, an area of the card's memory that's not user-accessible (for storing the media keys, according to some never-widely-implemented DRM scheme they were cooking up), and a lock/unlock switch. They somehow got the manufacturers to kill MMC, by not producing many large-capacity cards for it, and replace it with SD.
From a consumer's standpoint, we got a lock/unlock switch, higher prices for a while, and lost some capacity to the key-escrow area. (The latter is hardly noticed now, but it really sucked back on 32MB cards). MMC seems to have come back from the grave lately, though, mostly because of the reduced-size card implementations. (Maybe it's easier to implement in hardware and software than SD? I'm not clear on that.)
These new memory cards are compatible to both USB and MMC, not SD. However, most SD card slots are backwards-compatible (IMO, that's a misnomer; SD was hardly a step "forwards" for anyone except the content monopolies) to MMC, so to the consumer it's "same difference."
You can do all that in MS Word too. So why does your husband use LaTeX?
... but some of us would rather avoid the pain.
Yeah, and you could write your papers on vellum made from your own skin, using fragments of your own bone, with your blood as ink
How long before Venezuela blocks YouTube?
I don't think that is true. There are precedents where the taking or the publication of pictures of somebody in a public place have been judged to be an invasion of privacy.
I don't think this is true, at least in the U.S.
I think the cases you are thinking of, are more related to improper/unpermitted use of someone's image. That's slightly different than privacy. It's more of an intellectual property dispute, really.
If I take a photo of you in public, say eating a hot dog, and then I sell that image to the hot dog company for a million dollars so they can use it in their promotional material, you'd probably have grounds to sue me. I went and made money off of your image, without authorization. The actionable part isn't the taking of the photograph -- it's not invasion of privacy if it was in public -- but the use of that image, which I don't have the right to use, for a commercial purpose.
The law gives people control over their image (and to a lesser extent, their name), in a way that's not wholly dissimilar to a trademark. There are exceptions -- you don't have complete control, and you can't stop someone from using your image if it's just in the background of a photo or as part of a newscast (e.g., as you're being led out of the courthouse accompanied by your attorneys), and the standards are even looser for celebrities. But there is a significant difference between "invasion of privacy" and "unauthorized use of someone's image," and I think you might be confusing the two.
Not really, see: paparazzi. They can shoot totally non-newsworthy events without consent of the subjects.
They get away with it because of the celebrity of the subjects. If paparazzi did what they did to random people (non-celebs), they'd probably be sued successfully more often.
Yeah, because it's obvious that a few people with small arms and improvised explosives can't stymie a world superpower.
Oh, wait.
Well, you're right that the key-revocation scheme was designed to deal with this, however where the problem lies is in certain assumptions that the people designing the revocation system made.
I don't think they ever thought that the keys would get compromised this quickly. The AACSLA is fighting an asymmetric war. It takes them, what, about six months to revoke a key? Maybe they could get that down to a few months, but it's still going to be difficult. They have to realize that a key is compromised, decide to revoke it, make up a new MKB, master a new disc, send that disc master to Taiwan or China for pressing, and import and distribute the new disc. There's only a certain amount that a process like that can be expedited by.
The revocation scheme was designed to deal with insecure players, basically as a one-off process. Player gets compromised? Revoke it. It's not getting them any security in its current state. Right now, they revoke existing key. New key is compromised after one day in circulation. They begin revoking it. Six months later, they revoke new key. Rinse. Repeat. What's the steady state of this system? The hackers win, because at any given time, they probably have the keys to all the extant discs.
Now, you do bring up an interesting point about blocking software players, and just eliminating them altogether. Setting aside the problems this would cause with the likes of Microsoft and other players heavily invested in the concept of HTPCs, it might slow things down. However, I don't think there's any reason to think that they keys can't be extracted from the hardware -- that's just too good of a technical challenge to pass up. And again, if the rate at which keys get compromised is much, much faster than the rate at which compromised keys can be revoked, then the AACS loses control.
In our court system, you are innocent until proven guilty, the burden of proof is on the state.
This is true for sufficiently high values of w, where w is your net worth. If you can't afford tens of thousands of dollars to fight a bogus charge, then you're effectively screwed, particularly if the charge is one of the very emotionally charged ones (child porn, rape, terrorism, etc.).
You'd quickly end up in a situation where you'd be facing a team of prosecutors, working with virtually unlimited taxpayer funds (gotta protect the children, right?), against your fresh-out-of-lawschool public defender, whom if you're unlucky, you might have to share with half a dozen other defendants. And chances are, they're going to believe you're guilty and (consciously or not) treat you like it.
There have been a lot of sociological studies and research done on the U.S. legal system. People who can't afford lawyers plead guilty at an astoundingly high rate, and the entire system is set up to "process" them as quickly as possible, from arrest through to prison.
The system works like you describe in the best case scenario, but even then, it'll probably leave you bankrupt.
Oyez.com says:I don't get how it's related. Am I missing something?