Of course, someone always mention when this comes up that the music can always be copied after it comes out the speakers.
And then, someone always mentions this results in a degradation of quality.
Actually, it doesn't have to.
Statistics says that the random errors resulting from noise (say, in digital-analog conversion) will decrease as the square root of the number of times a signal is overlaid over independent noisy copies of itself.
So, if you want to reduce the amount of noise in a signal by half, record the signal four times and overlay. If you want to reduce it by 10, record the signal 100 times and overlay. Depending on how much effort you are willing to put into it, you can reduce the error to any level you want.
Non-human celebrities have a certain disadvantage that I believe limits them to the niche markets they've already pretty much sewn up (ie, children's entertainment, video games, advertising, etc.)
Celebs in the mainstream of pop culture generally have their image based on one of two things (and often both.) Fantasy role-model (everybody wants to be like Mike) or sex appeal.
Animated characters will have trouble cracking the role-model market, because there isn't the illusion that if I tried real hard, devoted my life to the goal, had a few lucky breaks, whatnot, I could be like the celebrity. Let's face it, eating a lot of bowls of frosted flakes is going to make me more like Homer Simpson than Tony the Tiger.
Animations certainly can (and already have) crack the sex-appeal market, but even there I think they remain sort of the grown-up version of kid's cartoons. There's something about the person being real that aids the transition from "Oh... that character has nice (anatomy part)," which any animation can do (remember iMac Girl), to insidious fantasy figure. I doubt I will ever see an animation acquire a deranged stalker.
I end up relying not only on you, but on the people you claim to be trusted.
This is remarkably similar to trusting physically promiscuous people to not carry something transmittable to me.
Yeah, and unlike in sex, in software, monogamy really isn't a feasible option (unless you believe Microsoft.)
Ironically, this treaty would represent an enormous threat to corporate security. I don't see why any organization whose operation requires keeping certain things secret, in particular any closed-source software company, would consider operating in any nation signatory to this treaty.
Consider: Company A in country XYZ, signatory to the treaty, produces a software / digital encryption scheme / computer chip / etc. that they maintain as a trade secret. Company B in country ABC, also signatory to the treaty, would like a look at it. Company B places a few bribes in the police organizations of ABC and gets a warrant for the examination of company A's trade secret.
Essentially, this makes all nations who sign the treaty subject to the practices of the most corrupt government among them.
Re:He he ... "fabulous work" he said ..
on
HDCP Break Proven
·
· Score: 1
Don't you think that it might just be possible that the NSA was fully aware of the flaws in thier products, and was hoping that their standards would be widely adopted before anyone found out that they were peddling snake oil?
While this is possible, and it's always good to be more paranoid than necessary when dealing with security, it does not behoove the NSA to distribute products with known flaws as suggested standards.
The NSA is charged with protecting national security. If they promote a product with a known flaw as a standard for U.S. government agencies and businesses to use, of course it lets them snoop on anyone who uses the product. But it also gives that ability to anyone else that knows the flaw. This potentially includes foreign intelligence agencies, and if the flaw is publically discovered, everyone.
It would be the height of arrogance on the NSA's part to assume that they are so far ahead of other cryptanalytic researchers that the flawed standard they promote will not be broken by anyone else until all data protected by the standard is no longer sensitive. Remember, even if the standard is "secure" at the time of transmission, an evesdropper can catalogue it in the hopes of a future break.
While it was once true that the NSA was about two decades ahead of public academic cryptanalysts (judging by the fact that DES is resistant to differential cryptanalysis), what scanty evidence there is suggests the gap was about 3-5 years during the 1990's. This is hardly time enough for sensitive data to become irrelevant.
For the NSA to promote a flawed standard would be an enormous risk to national security, because the odds are high that the standard will be publically broken eventually.
I think the evidence supports this. In the case of SHA-0, the NSA retracted the standard citing an unrevealed flaw, and about three years later the flaw was publically figured out. Even if the NSA is inhumanly good, possibly omniscient, I have seen no evidence that they are prescient enough to figure out that academic researchers would break their standard three years in the future and so withdrew a flawed standard that they always knew was flawed. It seems far more plausible that they released the standard, discovered the flaw, and retracted it (in that order).
And the Dual Counter Mode was nothing more than completely shoddy work. Any professional cryptanalyst could break it using publically known techniques (and several did). If the NSA released it knowing it was flawed but thinking no one else would figure it out, they were not only arrogant, but downright foolish. It is far more likely that they didn't subject it to much internal review.
As for Skipjack, who knows? It's possible the NSA didn't discover impossible differentials first, although it being exactly one round above the breakpoint seems a little bit suspicious. It's equally likely they knew about impossible differentials and published an algorithm on the very edge of security.
I don't trust the NSA, but I think their mission of protecting national security precludes them from releasing products with known flaws. It's nice to be able to snoop on your own citizens, but not at the cost of letting everyone else do so, too.
However, Ron Rivest has shown in his papers on "chaffing and winnowing" that you can have efficient encryption based only on authentication. Essentially, you toss garbage information in with the real stuff and use MAC's in such a way that only someone who knows the authentication key can distinguish the real data from the garbage.
This alone is nice, but the kicker is that the 5th amendment (self-incrimination) should prevent legislation that requires the release of authentication (as opposed to encryption) information. The courts have repeatedly ruled that while the authorities have the right to subpoena your data, they cannot (under protection against self-incrimination) require you to testify that the data is in fact yours.
You are allowed to hack the system and proove that it is broken (by showing exactly where is the flaw etc..) - but you cannot use the resulted crack for profit...
Indeed, that's how it's supposed to work, but that doesn't stop the "offended" party from filing a lawsuit they never intend to bring to court. Let's face it, most people don't have the resources to wait out a legal siege, regardless of whether or not the law is on their side.
The problem with American civil law as it stands is the more powerful party can do irreparable harm to the weaker party without having a valid claim. They only need a claim plausible enough to enter discovery.
Re:He he ... "fabulous work" he said ..
on
HDCP Break Proven
·
· Score: 1
Most likely, NSA fully subscribes to this idea and promotes peer review of top-secret work. They have plenty of scientists with security clearances for that. If NSA doesn't send a paper for review to me or to you it doesn't mean that someone else, better qualified, doesn't look at it.
This is quite likely, but even the NSA isn't invulnerable. In the past decade, most of their products they have released for public consumption have been found to be flawed. Consider:
The original SHA hash algorithm had only 2^61 bits of complexity rather than the 2^80 it was originally claimed to have.
Skipjack has only one more round than is necessary to break it with impossible differential cryptanalysis.
The "Dual Counter Mode" they proposed for AES was independently broken by multiple reviewers within weeks of publication.
The NSA is quite good, but even they are human. And sadly, to err is human.
I don't like the security implications of this. Disk access is relatively easy to monitor, and one can shred files appropriately. But having to shred memory, as would be the case in a system with persistent RAM, sounds like a management nightmare.
I mean, as things stand, one can at least be confident that a value stored in volatile RAM is irretrievably gone if the power gets cut.
Would it be feasible to have the OS shred all memory granted to a process when the process exits?
Depends on what you think of as an assembly language. It was a somewhat provocative statement, but I didn't mean it to anger people, just to make them think.
Java is missing certain kinds of syntactic abstraction that force me to forever spell out things that I'd rather abbreviate. That's characteristic of assembly languages. Some of them anyway. Some of them actually have better syntactic abstraction than Java does. Perhaps I was unfair in reverse.;-)
You certainly were. The macro capabilities built into most of the major assemblers out there (particularly masm and tasm; nasm's preprocessor isn't really as flexible as it could be yet) are enough to put many high-level languages' syntaxes to shame.
Several years ago on c.l.asm.x86 a poster supplied a macro library that could be used with tasm to assemble BASIC syntax. The only thing that he could not make compatible was line numbers.
But briefly put, the preprocessors of modern assemblers give them enormous syntactic flexibility. I haven't put in the time to learn LISP, but I would certainly say that masm or tasm's preprocessor is the equal of Scheme in this regard.
I think the neater application for these conducting=(and semiconducting) ink technologies is do-it-yourself hardware. I pretty sure you could print out an early microprocessor (say an 8088) onto a sheet of legal-sized paper with a good-resolution inkjet.
Why?
Well, besides the inherent coolness factor, it would make all this talk of "hardware encryption" mildly irrelevant.
Bruce makes a good point regarding software liability laws, or rather the lack thereof.
Almost every piece of commercial software you install these days has something in the license like (taken from the Red Hat legalese):
"There is no warantee for the program, to the extent permitted by applicable law. Except when otherwise stated in writing by the copyright holders and/or other parties provide the program "as is" without warranty of any kind, either expressed or implied, including, but not limited to, the implied warantees of merchantability and fitness for a particular purpose. The entire risk of as to the quality and performance of the program is with you. Should the program prove defective, you assume the cost of all necessary servicing, repair, or correction."
Now someone explain to me why, when software vendors disavow all responsibility for their products, they should be granted some special status with regards to information about those products' misbehavior.
The other big problem with this is that the patent system is explicitly not supposed to cover algorithms or mathematical formulae, because these are deemed fundamental properties of nature. However, patenting software is a surprisingly easy backdoor to patenting algorithms. E.g. RSA Data Security and the RSA patent which held back public key cryptography by a decade or more, and would have been worse if RSA had succeeded in convincing the PTO that their patent actually covers all forms of PK crypto.
IIRC, there were already patents on public-key crypto in general, and so RSA were able only to patent a specific public-key cryptography scheme. The patents were to Diffie & Hellman for key exchange and ElGamal for digital signatures. Both patents expired in 1997.
Don't get me wrong. Mathworld is a great resource. Eric did an enormous amount of great work putting it together. Unfortunately, being the work of a single person, it is and always will be limited in very important ways.
First off, all of the treasure troves always seemed very idiosyncratic. Since they represented only what the author felt was important / had access to / had time to write up, this was inevitable. Particularly amusing in the chemistry treasure trove which manages to be mostly useless to a college chemistry student while still bothering to include the mineral names of a great number of inorganic compounds.
The math treasure trove, by virtue of its sheer size, eventually escaped the worst effects of idiosyncrasy, but it still suffers from covering topics it varying levels of detail utterly out of proportion with their importance in mathematical study.
Despite all this, in its day, mathworld managed to be an enormously useful resource. However, even before it was shut down, it was beginning to totter under the effects of being (mostly) a one-man project. Despite the solicitation of "contributors," who did write a small fraction of the entries, Eric took a great deal of pride in having put the treasure trove together, and in his management of the treasure trove project, ensured that outside contributions would never be a substantial enough part of the project to threaten his claims to absolute control over it.
And absolute control was definitely one of his priorities. Mathworld was protected by some of the most stringent anti-mirroring measures I have seen. If the web server thought too large of fraction of the archive had gone to any IP or group of IP's, they banned the entire network. With a few rare exceptions, such bannings were without appeal. Yes, this meant that if someone else at your school attempted to mirror mathworld and got caught, you were banned from it until if and when your sysadmin managed to make nice with Eric.
I don't deny that Eric, being the author of almost all the material in the treasure-troves, had the right to do this. However, these policies forced me to reevaluate my opinion of him. Whereas before, I considered him a great altruist, I came to realize that offering mathword free to the public had no altruism in it at all -- it was simply a business decision to amass personal fame and publicity for his product, which he never intended to give to the public to use in any way he did not intend. Mathword, while originally free as in beer, was never free as in speech.
This is the great irony of mathworld's downfall: Because Eric never allowed anyone to have substantial collaberation in or to mirror the site, when it fell, the only way to get the information was off of a few illicit mirrors created from the CRC CD, and even then, Eric and Wolfram still shut down any mirror they became aware of. Again, I don't blame him for doing so -- it was his work. It just caused me to reevaluate the spirit in which the work was put together.
I now hold Eric Weisstein in about the same esteem as RMS. Both created a wonderful thing, but in time, their respective egos became one of the larger barriers to that thing acheiving its full potential.
What direction should mathworld have gone? What resources are there that attempt similar things in better manners?
First off, there is http://planetmath.org, a collaborative attempt at becoming what mathworld should have been. All contributions are under a public license of sorts, so it is immune to what befell mathworld. It is, however, still in its infancy. Go there, contribute, and fix that.
Second, there is http://www.mathforum.org, which has been bounced around from being a project of the Stanford math department, an independent dot-com, a subsidiary of WebCT, and now finally a not-for-profit sponsored by Drexel University. This is not an encyclopedia, it is a question and answer service for K-12 math questions. Because it is entirely volunteer-staffed, though, it actually answers whatever questions the volunteers feel like answering, and as a result, has amassed an archive of answers to math questions ranging from the most basic to graduate-level topics. In its current incarnation as a not-for-profit and with the site licnesed to print the authors' work with the author's retaining ownership, it should last as long as Drexel pays for the web space. I recommend that anyone who is interested volunteer as a Math Doctor to help enrich the site.
These two sites, I feel, far better embody the open-source spirit than mathworld, and in time their potential vastly exceeds anything Eric Weisstein will ever manage (mostly single handed). I bear no ill will towards Eric. I greatly respect his work. I just believe that the paradigm and motive it was compiled under are now obsolete, though it took the CRC morass to make me realize that.
> But how many people send random bitstreams to
> each other? Somebody doing so would stand out
> like a sore thumb against the usual traffic of
> ASCII.
If you look closely, there's plenty of random-ish bits floating around. Besides the usual media for stego (spam, images, audioclips), there's data that is random by design.
How are you to say that there aren't secret messages encoded in the cards that are dealt by Yahoo's hearts server? Is the Irony Games dice server a terrorist front? Is the latency observed by pinging server x really indicative of network traffic, or is server x modulating its response to ECHO_REQUEST packets to try to tell you something? Heck, during Code Red, you could have had a communcations procotol encoded in the least significant bits of the timestamps of pakcets masquerading as Code Red infection attempts.
While none of these have enough bandwidth to support secretly throwing multimedia around the net, language doesn't require much bandwidth. If I recall, early American insurrectionists arranged protocols based on the transfer of a single bit. (One of by land, two if by sea.)
I have to disagree with Cringeley's comment that virii programmed to spread slowly and lie dormant for months would be more likely to go undetected until "deployment day" than the current generation of balls-out, spread-like-mad worms.
Once a virus is detected, software can be written to clean it and possibly prevent its further transmission. These days, the delay between first detection and anti-virus software is usually a few days.
The more time a virus spends lying dormant or slowly spreading, the more time there is for someone to find it and spread the word. There are a small number of highly secure systems run by highly paranoid sysadmins who do things like compare all files to known good copies on a regular basis and log all network traffic. Even a quiet virus will be detected if it attempts to spread to one of these systems. If the virus attempts to infect something like a Honeypot, it will be detected. And then, the game is up.
These virii are only effective against the uninformed. The slower it moves, the more time it gives information to spread.
The "if your compiler can do it" is the mother of all caveats.
From my point of view, the Iantium shares a lot of similarities with the iAPX432 of 20 years ago. Both are new architectures that purport to emulate the previous technology, but from all reports at least, don't do that emulation very well. Both rely on software technology that exists only in the laboratory, if there.
Only time will tell if both share the same marketing fate.
Taking a course in ethics only requires you to know about them (and not even that if you don't care to get particularly good marks.) It does not require you to actually believe them, much less act according to them.
Honestly, the evolution of spam has a certain aesthetic to it. Kind of like a computer virus or a deadly disease, after you get past the whole horrible consequences aspect of it, even spam might be appreciated as an engineering marvel.
I mean, polymorphic software is something we all want to see, and if the mass mailers are the only ones who are going to develop it, let them.
...is that with digital signatures, the next step is for the powers that be to mandate the the son-of-IP repace plaintext headers with digitally signed ones, and hold the signer of a packet legally repsonsible for its contents.
While this would cause undue processor load on routers today, give Moore's law a few more doublings, and I'm sure it's quite feasible.
This would deprive the 'net of anonymity, since few would be willing to take the risk of stripping the headers off a packet, because it would have to be signed by someone, and who would want to take responsibility for unknown data passing through them?
I fear it's become a race between regulators figuring out how to regulate the net and quantum computing rendering all known authentication methods insecure. And for the first time in my life, I'm rooting for the quantum computers.
This highlights an odd difference between various entertainment cultures. In pop-music fandom, fans distribute copies wholesale and even feel mildly righteous (in a Robin Hood sort of way) for screwing over the record companies, who deserve whatever they get.
In pop-lit fandom, very few would ever dream of ripping their favorite novels into pdf and distrbuting them for free. Most readers of genre fiction have enormous respect for their favorite authors, and almost no one would think of depriving their tin household gods from the fruits of their effort. The fact that of the eight bucks you may drop on a massmarket paperback, the author is fortunate to see one does not inspire readers to mount a "screw the publishers" crusade.
I wonder why the difference?
Slashdot Mirror
And then, someone always mentions this results in a degradation of quality.
Actually, it doesn't have to.
Statistics says that the random errors resulting from noise (say, in digital-analog conversion) will decrease as the square root of the number of times a signal is overlaid over independent noisy copies of itself.
So, if you want to reduce the amount of noise in a signal by half, record the signal four times and overlay. If you want to reduce it by 10, record the signal 100 times and overlay. Depending on how much effort you are willing to put into it, you can reduce the error to any level you want.
Celebs in the mainstream of pop culture generally have their image based on one of two things (and often both.) Fantasy role-model (everybody wants to be like Mike) or sex appeal.
Animated characters will have trouble cracking the role-model market, because there isn't the illusion that if I tried real hard, devoted my life to the goal, had a few lucky breaks, whatnot, I could be like the celebrity. Let's face it, eating a lot of bowls of frosted flakes is going to make me more like Homer Simpson than Tony the Tiger.
Animations certainly can (and already have) crack the sex-appeal market, but even there I think they remain sort of the grown-up version of kid's cartoons. There's something about the person being real that aids the transition from "Oh... that character has nice (anatomy part)," which any animation can do (remember iMac Girl), to insidious fantasy figure. I doubt I will ever see an animation acquire a deranged stalker.
I end up relying not only on you, but on the people you claim to be trusted. This is remarkably similar to trusting physically promiscuous people to not carry something transmittable to me. Yeah, and unlike in sex, in software, monogamy really isn't a feasible option (unless you believe Microsoft.)
Consider: Company A in country XYZ, signatory to the treaty, produces a software / digital encryption scheme / computer chip / etc. that they maintain as a trade secret. Company B in country ABC, also signatory to the treaty, would like a look at it. Company B places a few bribes in the police organizations of ABC and gets a warrant for the examination of company A's trade secret.
Essentially, this makes all nations who sign the treaty subject to the practices of the most corrupt government among them.
While this is possible, and it's always good to be more paranoid than necessary when dealing with security, it does not behoove the NSA to distribute products with known flaws as suggested standards.
The NSA is charged with protecting national security. If they promote a product with a known flaw as a standard for U.S. government agencies and businesses to use, of course it lets them snoop on anyone who uses the product. But it also gives that ability to anyone else that knows the flaw. This potentially includes foreign intelligence agencies, and if the flaw is publically discovered, everyone.
It would be the height of arrogance on the NSA's part to assume that they are so far ahead of other cryptanalytic researchers that the flawed standard they promote will not be broken by anyone else until all data protected by the standard is no longer sensitive. Remember, even if the standard is "secure" at the time of transmission, an evesdropper can catalogue it in the hopes of a future break.
While it was once true that the NSA was about two decades ahead of public academic cryptanalysts (judging by the fact that DES is resistant to differential cryptanalysis), what scanty evidence there is suggests the gap was about 3-5 years during the 1990's. This is hardly time enough for sensitive data to become irrelevant.
For the NSA to promote a flawed standard would be an enormous risk to national security, because the odds are high that the standard will be publically broken eventually.
I think the evidence supports this. In the case of SHA-0, the NSA retracted the standard citing an unrevealed flaw, and about three years later the flaw was publically figured out. Even if the NSA is inhumanly good, possibly omniscient, I have seen no evidence that they are prescient enough to figure out that academic researchers would break their standard three years in the future and so withdrew a flawed standard that they always knew was flawed. It seems far more plausible that they released the standard, discovered the flaw, and retracted it (in that order).
And the Dual Counter Mode was nothing more than completely shoddy work. Any professional cryptanalyst could break it using publically known techniques (and several did). If the NSA released it knowing it was flawed but thinking no one else would figure it out, they were not only arrogant, but downright foolish. It is far more likely that they didn't subject it to much internal review.
As for Skipjack, who knows? It's possible the NSA didn't discover impossible differentials first, although it being exactly one round above the breakpoint seems a little bit suspicious. It's equally likely they knew about impossible differentials and published an algorithm on the very edge of security.
I don't trust the NSA, but I think their mission of protecting national security precludes them from releasing products with known flaws. It's nice to be able to snoop on your own citizens, but not at the cost of letting everyone else do so, too.
This alone is nice, but the kicker is that the 5th amendment (self-incrimination) should prevent legislation that requires the release of authentication (as opposed to encryption) information. The courts have repeatedly ruled that while the authorities have the right to subpoena your data, they cannot (under protection against self-incrimination) require you to testify that the data is in fact yours.
Indeed, that's how it's supposed to work, but that doesn't stop the "offended" party from filing a lawsuit they never intend to bring to court. Let's face it, most people don't have the resources to wait out a legal siege, regardless of whether or not the law is on their side.
The problem with American civil law as it stands is the more powerful party can do irreparable harm to the weaker party without having a valid claim. They only need a claim plausible enough to enter discovery.
This is quite likely, but even the NSA isn't invulnerable. In the past decade, most of their products they have released for public consumption have been found to be flawed. Consider:
The original SHA hash algorithm had only 2^61 bits of complexity rather than the 2^80 it was originally claimed to have.
Skipjack has only one more round than is necessary to break it with impossible differential cryptanalysis.
The "Dual Counter Mode" they proposed for AES was independently broken by multiple reviewers within weeks of publication.
The NSA is quite good, but even they are human. And sadly, to err is human.
I mean, as things stand, one can at least be confident that a value stored in volatile RAM is irretrievably gone if the power gets cut.
Would it be feasible to have the OS shred all memory granted to a process when the process exits?
Java is missing certain kinds of syntactic abstraction that force me to forever spell out things that I'd rather abbreviate. That's characteristic of assembly languages. Some of them anyway. Some of them actually have better syntactic abstraction than Java does. Perhaps I was unfair in reverse. ;-)
You certainly were. The macro capabilities built into most of the major assemblers out there (particularly masm and tasm; nasm's preprocessor isn't really as flexible as it could be yet) are enough to put many high-level languages' syntaxes to shame.
Several years ago on c.l.asm.x86 a poster supplied a macro library that could be used with tasm to assemble BASIC syntax. The only thing that he could not make compatible was line numbers.
But briefly put, the preprocessors of modern assemblers give them enormous syntactic flexibility. I haven't put in the time to learn LISP, but I would certainly say that masm or tasm's preprocessor is the equal of Scheme in this regard.
Why?
Well, besides the inherent coolness factor, it would make all this talk of "hardware encryption" mildly irrelevant.
Almost every piece of commercial software you install these days has something in the license like (taken from the Red Hat legalese):
"There is no warantee for the program, to the extent permitted by applicable law. Except when otherwise stated in writing by the copyright holders and/or other parties provide the program "as is" without warranty of any kind, either expressed or implied, including, but not limited to, the implied warantees of merchantability and fitness for a particular purpose. The entire risk of as to the quality and performance of the program is with you. Should the program prove defective, you assume the cost of all necessary servicing, repair, or correction."
Now someone explain to me why, when software vendors disavow all responsibility for their products, they should be granted some special status with regards to information about those products' misbehavior.
Why is this news? Slashdot covered it only four days ago.
Actually, AMD has been at least making an effort to look like they encourage the development of 64-bit Linux for their upcoming "Hammer" processors.
See www.linux64.org for more details.
IIRC, there were already patents on public-key crypto in general, and so RSA were able only to patent a specific public-key cryptography scheme. The patents were to Diffie & Hellman for key exchange and ElGamal for digital signatures. Both patents expired in 1997.
Don't get me wrong. Mathworld is a great resource. Eric did an enormous amount of great work putting it together. Unfortunately, being the work of a single person, it is and always will be limited in very important ways.
First off, all of the treasure troves always seemed very idiosyncratic. Since they represented only what the author felt was important / had access to / had time to write up, this was inevitable. Particularly amusing in the chemistry treasure trove which manages to be mostly useless to a college chemistry student while still bothering to include the mineral names of a great number of inorganic compounds.
The math treasure trove, by virtue of its sheer size, eventually escaped the worst effects of idiosyncrasy, but it still suffers from covering topics it varying levels of detail utterly out of proportion with their importance in mathematical study.
Despite all this, in its day, mathworld managed to be an enormously useful resource. However, even before it was shut down, it was beginning to totter under the effects of being (mostly) a one-man project. Despite the solicitation of "contributors," who did write a small fraction of the entries, Eric took a great deal of pride in having put the treasure trove together, and in his management of the treasure trove project, ensured that outside contributions would never be a substantial enough part of the project to threaten his claims to absolute control over it.
And absolute control was definitely one of his priorities. Mathworld was protected by some of the most stringent anti-mirroring measures I have seen. If the web server thought too large of fraction of the archive had gone to any IP or group of IP's, they banned the entire network. With a few rare exceptions, such bannings were without appeal. Yes, this meant that if someone else at your school attempted to mirror mathworld and got caught, you were banned from it until if and when your sysadmin managed to make nice with Eric.
I don't deny that Eric, being the author of almost all the material in the treasure-troves, had the right to do this. However, these policies forced me to reevaluate my opinion of him. Whereas before, I considered him a great altruist, I came to realize that offering mathword free to the public had no altruism in it at all -- it was simply a business decision to amass personal fame and publicity for his product, which he never intended to give to the public to use in any way he did not intend. Mathword, while originally free as in beer, was never free as in speech.
This is the great irony of mathworld's downfall: Because Eric never allowed anyone to have substantial collaberation in or to mirror the site, when it fell, the only way to get the information was off of a few illicit mirrors created from the CRC CD, and even then, Eric and Wolfram still shut down any mirror they became aware of. Again, I don't blame him for doing so -- it was his work. It just caused me to reevaluate the spirit in which the work was put together.
I now hold Eric Weisstein in about the same esteem as RMS. Both created a wonderful thing, but in time, their respective egos became one of the larger barriers to that thing acheiving its full potential.
What direction should mathworld have gone? What resources are there that attempt similar things in better manners?
First off, there is http://planetmath.org, a collaborative attempt at becoming what mathworld should have been. All contributions are under a public license of sorts, so it is immune to what befell mathworld. It is, however, still in its infancy. Go there, contribute, and fix that.
Second, there is http://www.mathforum.org, which has been bounced around from being a project of the Stanford math department, an independent dot-com, a subsidiary of WebCT, and now finally a not-for-profit sponsored by Drexel University. This is not an encyclopedia, it is a question and answer service for K-12 math questions. Because it is entirely volunteer-staffed, though, it actually answers whatever questions the volunteers feel like answering, and as a result, has amassed an archive of answers to math questions ranging from the most basic to graduate-level topics. In its current incarnation as a not-for-profit and with the site licnesed to print the authors' work with the author's retaining ownership, it should last as long as Drexel pays for the web space. I recommend that anyone who is interested volunteer as a Math Doctor to help enrich the site.
These two sites, I feel, far better embody the open-source spirit than mathworld, and in time their potential vastly exceeds anything Eric Weisstein will ever manage (mostly single handed). I bear no ill will towards Eric. I greatly respect his work. I just believe that the paradigm and motive it was compiled under are now obsolete, though it took the CRC morass to make me realize that.
If you look closely, there's plenty of random-ish bits floating around. Besides the usual media for stego (spam, images, audioclips), there's data that is random by design.
How are you to say that there aren't secret messages encoded in the cards that are dealt by Yahoo's hearts server? Is the Irony Games dice server a terrorist front? Is the latency observed by pinging server x really indicative of network traffic, or is server x modulating its response to ECHO_REQUEST packets to try to tell you something? Heck, during Code Red, you could have had a communcations procotol encoded in the least significant bits of the timestamps of pakcets masquerading as Code Red infection attempts.
While none of these have enough bandwidth to support secretly throwing multimedia around the net, language doesn't require much bandwidth. If I recall, early American insurrectionists arranged protocols based on the transfer of a single bit. (One of by land, two if by sea.)
Once a virus is detected, software can be written to clean it and possibly prevent its further transmission. These days, the delay between first detection and anti-virus software is usually a few days.
The more time a virus spends lying dormant or slowly spreading, the more time there is for someone to find it and spread the word. There are a small number of highly secure systems run by highly paranoid sysadmins who do things like compare all files to known good copies on a regular basis and log all network traffic. Even a quiet virus will be detected if it attempts to spread to one of these systems. If the virus attempts to infect something like a Honeypot, it will be detected. And then, the game is up.
These virii are only effective against the uninformed. The slower it moves, the more time it gives information to spread.
From my point of view, the Iantium shares a lot of similarities with the iAPX432 of 20 years ago. Both are new architectures that purport to emulate the previous technology, but from all reports at least, don't do that emulation very well. Both rely on software technology that exists only in the laboratory, if there.
Only time will tell if both share the same marketing fate.
Taking a course in ethics only requires you to know about them (and not even that if you don't care to get particularly good marks.) It does not require you to actually believe them, much less act according to them.
I mean, polymorphic software is something we all want to see, and if the mass mailers are the only ones who are going to develop it, let them.
Let's hear it for polymorphic spam!
While this would cause undue processor load on routers today, give Moore's law a few more doublings, and I'm sure it's quite feasible.
This would deprive the 'net of anonymity, since few would be willing to take the risk of stripping the headers off a packet, because it would have to be signed by someone, and who would want to take responsibility for unknown data passing through them?
I fear it's become a race between regulators figuring out how to regulate the net and quantum computing rendering all known authentication methods insecure. And for the first time in my life, I'm rooting for the quantum computers.
This highlights an odd difference between various entertainment cultures. In pop-music fandom, fans distribute copies wholesale and even feel mildly righteous (in a Robin Hood sort of way) for screwing over the record companies, who deserve whatever they get. In pop-lit fandom, very few would ever dream of ripping their favorite novels into pdf and distrbuting them for free. Most readers of genre fiction have enormous respect for their favorite authors, and almost no one would think of depriving their tin household gods from the fruits of their effort. The fact that of the eight bucks you may drop on a massmarket paperback, the author is fortunate to see one does not inspire readers to mount a "screw the publishers" crusade. I wonder why the difference?