I still don't think you should use the term "theft of service" for people who buy a TiVo and then don't subscribe. Avoidance of service, maybe, but not theft. How can it be theft if you're not buying or receiving something?
I agree. I do not consider the situation you describe to be theft of service. I was specifically referring to the practice of making the TiVo dial in with forged authentication, so that you get the TiVo service (ie, schedule information) without paying for it.
I like the idea of the "hacker's TiVo", but I don't think it's going to happen, simply because of the added development costs. It doesn't take much change-- just a boottime flag set by the ROM indicating whether or not to do checks-- but it's still cost. I guess a bit of marketing research would be needed to tell what the right price point would be to offset this.
People will probably say, "Without IP, you can't survive if you write programs etc."
I will. I write programs for a living.
An enormous percentage of software written is for internal use. That's what I do. I write testing infrastructure, so my company can test their product. We don't sell what I write. We're planning on giving it away, in fact, to foster goodwill amongst our customers.
If everything was open-source tomorrow, then I'd still have work to do. That's not going to change.
Most people think that software is only the shrink-wrapped stuff you buy at Fry's. That's why they talk about problems with programmers finding work, if everything is open-source.
But the reality is that the majority of software is written for internal use. It's stuff that we would need to write and maintain, no matter how plentiful FOSS is. Artificial scarcity isn't helping here; it's hurting. Programmers won't lose jobs. They'll have more meaningful jobs, jobs that mean pushing the frontiers of computing rather than duplicating each others' work.
Today, years later, the people who have followed in Tridge's footsteps, have refused to destroy TiVo's revenue stream. They have been very careful to try to make sure that only people who can't get TiVo service in their area are allowed to get around it.
The TiVo hacker community has always done this out of respect for TiVo. We like the product and service, and they had always treated hackers well. They never tried to shut down hacker boards, and in return, the boards don't allow information about theft of service to be posted.
That may be changing, though. The Series 2 is less friendly to hackers: the boot process is signed. (The ROM checks the boot loader, the loader checks the kernel, and the kernel checks the filesystems. Only/var is left unchecked.) Starting with 4.0 (or so), the backdoor enable codes are now encrypted, and long (presumably to prevent brute-forcing-- and we tried!). It's now difficult to get a shell prompt.
Part of this may have to do with the new Home Media Option. For those who aren't aware, HMO allows filesharing (only within a household), music & picture viewing, and web-based scheduling. Now, filesharing is a verboten topic on the boards, so that's new. But picture viewers have been around, I wouldn't be surprised if music players are there, and web-based scheduling has been around for a long time-- in a technically superior (if more difficult to secure) manner than that provided by HMO. TiVo may have made hacking more difficult, in order to make room for HMO.
I don't like this shift in focus. TiVo attracted a lot of the geek community involved because of the product's hackability. These geeks acted as field salesmen, recommending TiVos to their friends, family, anybody who would listen. I thing this was a good part of the TiVo's success; it's different enough that word-of-mouth advertising is a necessity. And now TiVo closes off their products to the hackers who helped make the product what it is today.
Is it legal? Sure. Do they have the right? Absolutely. Is it the right way to treat your customers? I don't think so. Is it good business sense? Well, time will tell, but they'd best have some good profit streams that require them to alienate hackers.
Don't get me wrong: even without its hackability, the TiVo is a great product, and I love it. But I still can't help but to feel a bit betrayed.
Indeed, but then you are not statically linking in the entire libc system, which is the problem.
When you statically link, you only link in what you need. It doesn't suck in all of libc.a, only the.o files that are necessary. (Remember that a.a is an archive of.o files.)
For capitalism to work, it requires consumers to be able to make informed choices about the goods and services they purchase. By criminalizing the distribution of security information, the federal courts are preventing consumers from making truly informed decisions regarding security, which is arguably an important element of a purchase decision. If it were not, then why would Tornado be so miffed? Two end results, if this decision runs its course. First, security will fall through the floor as companies realize that they do not need to invest in it to get customers. Second, consumers will only be able to choose based on who presents the best front; advertising wins. I'm fine with advertising, but it should not replace informed discourse in the marketplace.
You see, in a Smalltalk environment, the entire system is available to you, at your fingertips.
The same is true of Lisp. I can look at the function slot of the + symbol to get the function. It's a compiled function object. I can use that object opaquely, or if I want to analyze it, I can call function-lambda-expression to recover the source (if it was compiled with debug info), or disassemble to get the assembly code.
The whole system is out there, in the open. I can change it, I can query it.
One company that made their living on Lisp was called Symbolics. They made Lisp Machines, aka lispms. These were specialized hardware platforms with processors designed to run Lisp very efficiently. Also, they came with an OS called Genera. Genera was a programmer's dream OS. I won't try to describe it here, because I couldn't do it justice; I'll just say that I started using Squeak because it reminded me of Genera.
Now, lispms were all about the openness. You could play with the smallest internal function you wanted to. They also came with almost all the source (I think missing just part of the boot loader). But that openness was bordered by your license agreement; you still couldn't share it with your neighbor.
Symbolics wasn't the first to make lispms. They started at the MIT AI lab. This was about the time that parts of the computer industry discovered that Lisp was a good thing. There was a sudden explosion of Lisp in the industry (much like the.com boom). Some of the lab hackers, led by Richard Greenblatt, formed a hacking company called Lisp Machines Incorporated, or LMI. This company was set up to support hackers, rather than maximize profits. (For this reason, they didn't take outside investors.)
While the company wasn't profit-driven, nobody wanted it to piledrive into the ground. So Greenblatt called in Russell Noftsker, who had more business sense. Nofstker promptly took Greenblatt's ideas and started his own company, Symbolics. The two were instantly bitter rivals.
Everybody at the AI lab was associated with one of the two companies, except for RMS. (Symbolics was entirely proprietary, and LMI-- while they wanted an open OS-- was fine with proprietary apps. RMS wouldn't camp with either of them.) LMI wanted hackers to work part-time at the lab, and part-time for LMI. The point of LMI was to support the lab hackers, and the culture. But Symbolics was about making money, and didn't care about the culture. They hired away all the hackers they could. Symbolics also leveled accusations about conflict of interest, and made all the LMI hackers leave the lab.
Almost overnight, the AI lab had been decimated. There's more to this story, but I think you get the idea. The once-open lab culture had been destroyed by ideas of proprietary business.
RMS was very sad to see this happen. He was the only hacker who hadn't left for LMI or Symbolics. This is why he started GNU: he wanted to recreate the culture of openness and freedom that he had known before.
I do believe that the Sapir-Whorf hypothesis applies to programming languages; the design of the languages a programmer knows will strongly influence how he thinks about problems. But this story is a counterexample to the idea that openness in a language design engenders openness in other areas.
Because there's a lot of logic in, say, PAM or NSS, which are needed often in/bin and/sbin. You could write that into each program, but then you'd have to update them all each time you found a bug or needed to add a feature. You could share a.o file between them, and then it's the same thing as statically linking them in the first place.
From his paper, "Why Software Should Be Free" (in the Emacs distro as WHY-FREE):
This reflects a crucial difference between copies of programs and
cars, chairs, or sandwiches. There is no copying machine for material
objects outside of science fiction. But programs are easy to copy;
anyone can produce as many copies as are wanted, with very little
effort. This isn't true for material objects because matter is
conserved: each new copy has to be built from raw materials in the same
way that the first copy was built.
Working a material good out of rock, wood, sand, etc, and working bits out of random noise, turns out to be equivalent.
cp/cdrom/sandwich ~/kitchen
Nope. No sandwich here. Guess I'll need to make one.
I disagree, at least in part. I saw some software in there that I had manually installed and didn't realize was in ports. I saw some stuff that I use but rarely update.
Also, just because a port is marked as broken doesn't mean no one has made an effort. There may be outstanding dialog with the developers or maintainers, and it hasn't produced a fix yet.
It sounds like you're describing bento, which Kris linked to in his email. If you ever wonder how a port build fails, or what it logs when it works, check bento!
If a port is important to you, then fix it! Many of these ports only require trivial changes. So far today, I've submitted fixes for two of the ports that I want to live: games/xpuyo and emulators/its. Both only required simple changes.
No. If you've already installed the port, then this change will not delete the installed copy. (It will still be deleted from your ports directory.) However, you may want to fix the port so it stays in the tree, if the port is important to you. Some of the so-called "broken" ports work fine, and some only need minor tweaking.
Meanwhile, users of GCC can exploit whatever multimedia SIMD instructions their processor supports
Yeah, I've always wondered about that. About how well it explots them, for example, and what GCC needs to recognize a SIMD-acceleratable bit of code. (I also wonder if it puts NaN and Inf traps around 3Dnow! instructions, or if compiling with 3Dnow! means you lose IEEE floating point.)
The x-acto that many people described is fine for modern mice. (I prefer to hold the knife at just shy of a right angle to the of the roller, and the blade at a right angle to the roller surface, and scrape along the length of the roller. Do this with the blade at a right angle or slightly tilted BACKWARDS; never cut into the roller!)
But look out for some of the older steel mice, such as on the Xerox Alto or earlier Symbolics Lispms. Those can be seriously damaged by x-actos. From Peter Payne's FAQ:
Q: My mouse is getting arthritis, can I do anything about it? (translation: your mouse has problems)
A: That's a piece of cake. If you have an original metal and comutator mouse, keep it, it is a work of art. My advice for all such tasks is (a) take your time (do it when you don't feel flustered or impatient) and (b) make sure your glasses are clean and the place that you are working has a really bright light - it helps enormously if you can see really clearly. Power down the machine, unscrew the bottom of your mouse, use common sense to remove fluff - and don't go jamming sharp metal things in there (if you do, there'll be tears before bedtime). I suggest that you also give your mouse mat a vigorous brushing too.
What would be fun to see, though, is a virus that encrypts your entire hard drive, and only if the virus is run at boot is you system able to decrypt it.
There's been a few that scramble the boot sector in just such a fashion. They infect the MBR and then rewrite the boot sector. If you boot from a clean disk and do an "fdisk/mbr" then you still have the scrambled boot sector, and you've pretty much lost your data (unless you know how to fix it).
Also, there are a few nasty hardware things they could do as well.
Been a few viruses-- such as Turkey-- that would trash the monitor. Also, look at the bit in the Jargon File about The Meaning of Hack for some cute hardware tricks employed by some, er, unauthorized software.
Slashdot Mirror
I still don't think you should use the term "theft of service" for people who buy a TiVo and then don't subscribe. Avoidance of service, maybe, but not theft. How can it be theft if you're not buying or receiving something?
I agree. I do not consider the situation you describe to be theft of service. I was specifically referring to the practice of making the TiVo dial in with forged authentication, so that you get the TiVo service (ie, schedule information) without paying for it.
I like the idea of the "hacker's TiVo", but I don't think it's going to happen, simply because of the added development costs. It doesn't take much change-- just a boottime flag set by the ROM indicating whether or not to do checks-- but it's still cost. I guess a bit of marketing research would be needed to tell what the right price point would be to offset this.
People will probably say, "Without IP, you can't survive if you write programs etc."
I will. I write programs for a living.
An enormous percentage of software written is for internal use. That's what I do. I write testing infrastructure, so my company can test their product. We don't sell what I write. We're planning on giving it away, in fact, to foster goodwill amongst our customers.
If everything was open-source tomorrow, then I'd still have work to do. That's not going to change.
Most people think that software is only the shrink-wrapped stuff you buy at Fry's. That's why they talk about problems with programmers finding work, if everything is open-source.
But the reality is that the majority of software is written for internal use. It's stuff that we would need to write and maintain, no matter how plentiful FOSS is. Artificial scarcity isn't helping here; it's hurting. Programmers won't lose jobs. They'll have more meaningful jobs, jobs that mean pushing the frontiers of computing rather than duplicating each others' work.
Today, years later, the people who have followed in Tridge's footsteps, have refused to destroy TiVo's revenue stream. They have been very careful to try to make sure that only people who can't get TiVo service in their area are allowed to get around it.
The TiVo hacker community has always done this out of respect for TiVo. We like the product and service, and they had always treated hackers well. They never tried to shut down hacker boards, and in return, the boards don't allow information about theft of service to be posted.
That may be changing, though. The Series 2 is less friendly to hackers: the boot process is signed. (The ROM checks the boot loader, the loader checks the kernel, and the kernel checks the filesystems. Only /var is left unchecked.) Starting with 4.0 (or so), the backdoor enable codes are now encrypted, and long (presumably to prevent brute-forcing-- and we tried!). It's now difficult to get a shell prompt.
Part of this may have to do with the new Home Media Option. For those who aren't aware, HMO allows filesharing (only within a household), music & picture viewing, and web-based scheduling. Now, filesharing is a verboten topic on the boards, so that's new. But picture viewers have been around, I wouldn't be surprised if music players are there, and web-based scheduling has been around for a long time-- in a technically superior (if more difficult to secure) manner than that provided by HMO. TiVo may have made hacking more difficult, in order to make room for HMO.
I don't like this shift in focus. TiVo attracted a lot of the geek community involved because of the product's hackability. These geeks acted as field salesmen, recommending TiVos to their friends, family, anybody who would listen. I thing this was a good part of the TiVo's success; it's different enough that word-of-mouth advertising is a necessity. And now TiVo closes off their products to the hackers who helped make the product what it is today.
Is it legal? Sure. Do they have the right? Absolutely. Is it the right way to treat your customers? I don't think so. Is it good business sense? Well, time will tell, but they'd best have some good profit streams that require them to alienate hackers.
Don't get me wrong: even without its hackability, the TiVo is a great product, and I love it. But I still can't help but to feel a bit betrayed.
Indeed, but then you are not statically linking in the entire libc system, which is the problem.
When you statically link, you only link in what you need. It doesn't suck in all of libc.a, only the .o files that are necessary. (Remember that a .a is an archive of .o files.)
Yes, from my post: advertising wins. I'm fine with advertising, but it should not replace informed discourse in the marketplace.
I'm not advocating removing advertising as a factor, but I do not want it to be the only factor.
Oh, I realize that I'm idealizing here. But that still doesn't make me any less pissed when we move away from it.
Besides, the "threat to capitalism" argument is great for swaying political opinion.
For capitalism to work, it requires consumers to be able to make informed choices about the goods and services they purchase. By criminalizing the distribution of security information, the federal courts are preventing consumers from making truly informed decisions regarding security, which is arguably an important element of a purchase decision. If it were not, then why would Tornado be so miffed? Two end results, if this decision runs its course. First, security will fall through the floor as companies realize that they do not need to invest in it to get customers. Second, consumers will only be able to choose based on who presents the best front; advertising wins. I'm fine with advertising, but it should not replace informed discourse in the marketplace.
You see, in a Smalltalk environment, the entire system is available to you, at your fingertips.
The same is true of Lisp. I can look at the function slot of the + symbol to get the function. It's a compiled function object. I can use that object opaquely, or if I want to analyze it, I can call function-lambda-expression to recover the source (if it was compiled with debug info), or disassemble to get the assembly code.
The whole system is out there, in the open. I can change it, I can query it.
One company that made their living on Lisp was called Symbolics. They made Lisp Machines, aka lispms. These were specialized hardware platforms with processors designed to run Lisp very efficiently. Also, they came with an OS called Genera. Genera was a programmer's dream OS. I won't try to describe it here, because I couldn't do it justice; I'll just say that I started using Squeak because it reminded me of Genera.
Now, lispms were all about the openness. You could play with the smallest internal function you wanted to. They also came with almost all the source (I think missing just part of the boot loader). But that openness was bordered by your license agreement; you still couldn't share it with your neighbor.
Symbolics wasn't the first to make lispms. They started at the MIT AI lab. This was about the time that parts of the computer industry discovered that Lisp was a good thing. There was a sudden explosion of Lisp in the industry (much like the .com boom). Some of the lab hackers, led by Richard Greenblatt, formed a hacking company called Lisp Machines Incorporated, or LMI. This company was set up to support hackers, rather than maximize profits. (For this reason, they didn't take outside investors.)
While the company wasn't profit-driven, nobody wanted it to piledrive into the ground. So Greenblatt called in Russell Noftsker, who had more business sense. Nofstker promptly took Greenblatt's ideas and started his own company, Symbolics. The two were instantly bitter rivals.
Everybody at the AI lab was associated with one of the two companies, except for RMS. (Symbolics was entirely proprietary, and LMI-- while they wanted an open OS-- was fine with proprietary apps. RMS wouldn't camp with either of them.) LMI wanted hackers to work part-time at the lab, and part-time for LMI. The point of LMI was to support the lab hackers, and the culture. But Symbolics was about making money, and didn't care about the culture. They hired away all the hackers they could. Symbolics also leveled accusations about conflict of interest, and made all the LMI hackers leave the lab.
Almost overnight, the AI lab had been decimated. There's more to this story, but I think you get the idea. The once-open lab culture had been destroyed by ideas of proprietary business.
RMS was very sad to see this happen. He was the only hacker who hadn't left for LMI or Symbolics. This is why he started GNU: he wanted to recreate the culture of openness and freedom that he had known before.
I do believe that the Sapir-Whorf hypothesis applies to programming languages; the design of the languages a programmer knows will strongly influence how he thinks about problems. But this story is a counterexample to the idea that openness in a language design engenders openness in other areas.
Because there's a lot of logic in, say, PAM or NSS, which are needed often in /bin and /sbin. You could write that into each program, but then you'd have to update them all each time you found a bug or needed to add a feature. You could share a .o file between them, and then it's the same thing as statically linking them in the first place.
Yeah, but talking about investments and calling them risk-free is illegal.
When was the last time you heard someone complaining about Maya's or Mathcad's lack of features? Or them hindering productivity?
Me, when I was in college.
Don't like Mathcad? Try Maple, Mathematica, MATLAB.
I used Maxima, which seems to have inspired (or been the basis for) Mathematica and, indirectly, Maple. And it's free. And I can extend it.
What about non-free material goods?
From his paper, "Why Software Should Be Free" (in the Emacs distro as WHY-FREE):
Working a material good out of rock, wood, sand, etc, and working bits out of random noise, turns out to be equivalent.
cp /cdrom/sandwich ~/kitchen
Nope. No sandwich here. Guess I'll need to make one.
I disagree, at least in part. I saw some software in there that I had manually installed and didn't realize was in ports. I saw some stuff that I use but rarely update.
Also, just because a port is marked as broken doesn't mean no one has made an effort. There may be outstanding dialog with the developers or maintainers, and it hasn't produced a fix yet.
It sounds like you're describing bento, which Kris linked to in his email. If you ever wonder how a port build fails, or what it logs when it works, check bento!
If a port is important to you, then fix it! Many of these ports only require trivial changes. So far today, I've submitted fixes for two of the ports that I want to live: games/xpuyo and emulators/its. Both only required simple changes.
No. If you've already installed the port, then this change will not delete the installed copy. (It will still be deleted from your ports directory.) However, you may want to fix the port so it stays in the tree, if the port is important to you. Some of the so-called "broken" ports work fine, and some only need minor tweaking.
Meanwhile, users of GCC can exploit whatever multimedia SIMD instructions their processor supports
Yeah, I've always wondered about that. About how well it explots them, for example, and what GCC needs to recognize a SIMD-acceleratable bit of code. (I also wonder if it puts NaN and Inf traps around 3Dnow! instructions, or if compiling with 3Dnow! means you lose IEEE floating point.)
Anybody have links to this kind of info?
Wow, $350k a yar?
Yeah, until the yars get tired of your extortive prices and get their revenge.
Mister, that is a damn fine story. Thanks for sharing.
our linux license was based on "demand". LOL.
Literally? There was laughter on the teleconference line?
there are two Operating System platforms in the world. Windows and Unix.
Boy, HP's gonna hate to hear that.
Even Linux companies that are pro-Linux are scared that their code "will get sucked into the GPL machine".
Did he even pretend to have any supporting evidence?
This sounds a lot like a planted rumor for some reason.
The x-acto that many people described is fine for modern mice. (I prefer to hold the knife at just shy of a right angle to the of the roller, and the blade at a right angle to the roller surface, and scrape along the length of the roller. Do this with the blade at a right angle or slightly tilted BACKWARDS; never cut into the roller!)
But look out for some of the older steel mice, such as on the Xerox Alto or earlier Symbolics Lispms. Those can be seriously damaged by x-actos. From Peter Payne's FAQ:
What would be fun to see, though, is a virus that encrypts your entire hard drive, and only if the virus is run at boot is you system able to decrypt it.
There's been a few that scramble the boot sector in just such a fashion. They infect the MBR and then rewrite the boot sector. If you boot from a clean disk and do an "fdisk /mbr" then you still have the scrambled boot sector, and you've pretty much lost your data (unless you know how to fix it).
Also, there are a few nasty hardware things they could do as well.
Been a few viruses-- such as Turkey-- that would trash the monitor. Also, look at the bit in the Jargon File about The Meaning of Hack for some cute hardware tricks employed by some, er, unauthorized software.
but Holmes was the cocaine addict
I thought Holmes was an opium addict. But admittedly, it's been a while.
Huh? It was a ptrace exploit, from what I read. Nothing to do with wu-ftpd.