Good news and bad news. The bad news is that there aren't really any reasonable ways to rule out the possibility of getting sued. The good news is that (at least under US law) this situation pretty much treated as a legitimate business practice. Artists can and often do release cover versions of other people's songs. There is a specific statutory license permitting anyone to copy the lyrics and sheet music of any released song without needing to ask permission. The law calls it the "mechanical royalty rate" and it's currently 9.1 cents per copy (or 1.75 cents per minute for a song longer than 5.2 minutes). That statutory license does not cover any copying of recorded sound, so an artist needs to play their own instruments and preform their own vocals. Of course that perfectly covers any issue of unintentional copying lyric/note copying when you make your own music.
I think the worst case, if you couldn't negotiate a lower settlement, would be to just claim the statutory license and pay the 9.1 cent per copy rate. If your song went gold with a million copies sold that would be $91,000. That's obviously not chump change, but it's probably not catastrophic if you hit gold record status. If you choose not to take that route and you let them sue you in court they would have to choose between claiming statutory damages or actual damages. Statutory damages go from a normal $750 minimum to a normal $30,000 maximum unless the they meets the burden of proving the infringement was willful, in which case the maximum would rise to $150,000. So the statutory maximum in your example would presumably be $30,000. Their other option is to claim actual damages which essentially means claiming the baseline 9.1 cents per copy cited above. However if the copying was unintentional and it only composed of a fractional part of your combined lyrics¬es then the judge may decide the actual damages are only a fraction of the 9.1 cents-per-copy rate for copying an entire song. So you can probably just insist upon a fractional rate back in the settlement phase.
I guess the back royalty could exceed your current net worth if you already spent all your past profits without accumulating much of value. Handy financial tip: if you strike it rich don't be so quick to blow it all on cocaine and hookers:)
I'm not actually a lawyer so it's certainly possible I've overlooked some aspect of the issue.
Does that mean that if I machine-generate a song that is quite similar to an existing one, I can't be sued for copyright violation?
Nothing much short of human extinction can accomplish that. Chuckle. So while it is virtually certain you will get sued for it, the question is whether they would win that lawsuit against you. Copying is an essential foundation to an infringement claim. For example there was a case where a song had some of the name notes as an earlier song. There was no evidence of deliberate copying, but the earlier song was popular and the later artist had certainly heard it. In civil court the standard is "preponderance of the evidence", whichever side convinces the court more than 50% that they are right. The fact that the later artist almost certainly had heard the song, and the extent of the similarity, was enough for the judge to conclude greater than 50% that the later artist had unintentionally/subconsciously copied those notes.
So it doesn't even need to be machine generated. If you can establish a preponderance of the evidence that you probably never heard the song or otherwise that there was no copying, then the law says you should win.
As long as you did not directly or indirectly enter the older song into your machine that powerfully establishes that there was no copying. However the courts will take an extremely dim view on any steps you make trying to get your machine to mimic any one or more existing songs. If you are trying to do this then you are going to be toast. If you come up with some objective scientific analysis defining of what sorts of note sequences sound best to the human ear and you direct your computer to generate the top ten best sounding note sequences, and some of those happen to already have been used by other songs, then you should be legally in the clear. Where "legally in the clear" means you're gonna get sued but the law is on your side.
you just have to worry about the lack of oxygen damaging your brain and your internal organs, but not about endangering your data or the performance of your laptop.
We need to put Slashdot on an encrypted Geeknet. We don't want Normals seeing that is how we think.
(1) You missed on the date. The Bible would be ~2000. 6000 implies the universe. (2) You missed the emphasized 'you' in the quote and implied 'I' of my answer. (3) You missed that I would never code into the universe anything as silly as talking snakes or magical fruit;)
It would be great if the schools responded by setting up a massive file sharing system loaded with public domain, Creative Commons, GPL, and other legal content. There could easily fill it with hundreds of gigs of free legal music. I think pushing free legal non-RIAA music would be an AWESOME way to comply with RIAA demands to combat downloads of their stuff.
For some strange reason I wound up on rightwing mailing and phone lists and they contacted me multiple times with that sort of wildly biased "question". I find it most amusing, and most effective, to select the "B) we should give government all of our money and let it control every aspect of our lives?" option. It drives home the point of just how strongly I oppose them and their idiot propaganda question. It leaves them speechless and they quickly hang up on me:)
A quote from a few months ago: The BBC has indicated that third party content owners are seeking to ensure that reception equipment will implement... copy protection. Because [these] requirements are not mandatory, representatives of content owners have asked the BBC to take steps to ensure that reception equipment will implement the specified content management arrangements.
The "standards issue" is that certain parties want the government to define and impose a DRM system and for the government to make it MANDATORY for all hardware to include and enforce this DRM system.
The guardian.co.uk story contains a link to dtg_bbc_trust_canvas_response.pdf were they say they want a new Digital Rights Management expert working group (diagram on page 2), and where they want a "high integrity receiver conformance regime" for receivers. That is a fancy way of saying want all receivers to the securely welded shut and they want circuitry and software securely locked down to prevent device owners or third party services from unscrewing the box to upgrade them in unapproved ways. And most of all it means strictly prohibiting any open platform such as MythTV or or a generic GPL Linux PC reception where people can modify the software. On page 10 they have a section explicitly titled "Conditional Access and DRM" where they explicitly state their concern is for Canvas to ensure the inclusion of DRM components in receivers.
The EFF has a good article discussing how it's the same thing that went on in the U.S. with the same people demanding the "Broadcast Flag" and demanding the FCC to make it mandatory for all receivers to include a government imposed DRM system on the entire public. There were the same demands for "high integrity receiver conformance regime" to lock down the hardware and software against modification by owners or third party services.
The US said it is sure that most criminals use ICQ
It's true. I once parked in a handicap space about a dozen years ago, which was about the same number of years ago that I tried out ICQ for a couple of days.
Nonsense. The TPM includes a function to create public/private key pairs and store the private key on-chip with no ability to retrieve it, but this is done under the control of the owner.
False. The highest level key is the PrivEK, the Private Endorsement key. According to the TPM technical specifications this key MUST be generated my the manufacturer. The manufacture then cryptographically signs the matching PubEK (Public Endorsement key) in order to authenticate the key and the chip.
>Sealed Storage This, too, is nonsense.
You are absolutely right that the chip has limited power. And yes, the chip does need to interact with the rest of the computer in order to implement Sealed Storage. However I was completely correct in my point that Sealed Storage is one of the primary design functions of the chip.
>Remote Attestation Once again, this is a thing which a TPM chip simply cannot do on its own
Again, of course the chip needs to interact with the rest of the system in order to preform Remote Attestation. And again, yes, this absolutely is an explicit core design function of the chip.
>The TPM chip prohibits you from being able to read or modify YOUR OWN FILES (Sealed Storage) unless you are running precisely the approved and mandatory software and hardware dictated by other people via Remote Attestation. It turns your computer into an insane ultra-DRM system and worse.
No. No, it doesn't.
And in your logic speakers don't produce sound and hard drives don't store any files. Yes, you are "correct" in that if you don't use the speakers they don't make sound, and if you don't use a hard drive it doesn't store any files, and if you don't use a TPM it doesn't do any of the things I listed. However the primary design purpose of speakers is to produce sound, and in the most common expected operation they do produce sound. The primary design purpose of hard drives is to store files, and in the most common expected operation they do store files. The primary design purpose of TPMs is to do the things I listed, and in the most common expected operation they do the things I listed.
And all of your theoreticals about how it's possible for a TPM not to do the things I listed, your argument is moo and just plain wrong. We are discussing the article White House Unveils Plans For "Trusted Identities In Cyberspace", and the system does operate as I explained.
It's not nearly as scary as you make it out to be.
I have studied the technical specifications of this. Yes, it is what I described and more. Either you don't know the Trust system very well or you and I have extremely different ideas about what is good vs what is scary.
The Trusted Platform Module (TPM) has three primary functions. #1 is to hold the master keys locked away specifically secure against the owner himself. #2 is called Sealed Storage, this encrypts files on the computer and again specifically secured against the owner being able to read or modify his own files except under the strict control and permission of the TPM chip. #3 is called Remote Attestation, this means that the TPM chip keeps a spy log of the hardware and software on your computer specifically for the purpose of sending this log out to remote parties over the internet, and again this spy log is specifically designed to be secure against any control or modification by the owner.
The TPM chip prohibits you from being able to read or modify YOUR OWN FILES (Sealed Storage) unless you are running precisely the approved and mandatory software and hardware dictated by other people via Remote Attestation. It turns your computer into an insane ultra-DRM system and worse.
The way Trusted Network Connect works, or any Trust-based software over the internet, the first thing that happens is you get tested for having a TPM chip. If your computer doesn't have a TPM then the connection is denied. If do you have a Trust chip but you didn't "opt-in" and turn it on, again the connection is denied. The next step is the Remote Attestation check. If you are not running a specifically approved operating system you again fail the check and are again denied a connection. This also check that you are running a specifically approved BIOS and an approved bootloader and that all of your drivers are approved. If any of this software has not been specifically approved then you fail the Trust test and again your connection is rejected. If you have attempted to modify any of the system software, or if you are not up to date with all mandatory patches, again you fail the Trust test and again your connection is denied. It then checks exactly what applications you are running (and what you are forbidden to run). For example your ISP could mandate that you be running a specific approved virus scanner and firewall. If you're not, or if you have attempted to modify them, you fail the check and your connection is denied. Or if you are connecting to any sort of music or video site it can enforce that you're running specific uber-DRM software. If you connect to a general website it can check that you have an approved webbrowser and check that you're not doing any sort of ad blocking. And again if you fail the check the connection is denied. And your files get locked under Sealed Storage that enforce all of these same things even when you're offline. If cannot access the Sealed files unless you are not running an exact unmodified approved operating system with the exact unmodified drivers and exact unmodified software (and that you're NOT running any prohibited software).
It is an ultimate remote ownership of your computer. You get locked out of the entire Trust system and get locked out of your own files and nothing works unless you are running an approved unmodified operating system with approved unmodified software. This chip denies you access or control of your own files if you attempt to modify any of the software or if you attempt to use other software of your own design or your own choice.
The way they sell it to the public is as a "security system". Trusted Network Connect is advertised as preventing virus infected (or virus vulnerable) computers from getting onto a network and causing damage. If you aren't running an approved operating system, or if you are running custom software, then Trusted Network Connect cannot validate that your computer is uninfected. If you fail the Trust checks then your computer gets "quarantined", denied network access, until you "fix" your computer to match the specific known approved virus-free configuration.
Yesterday's story Senate Panel Approves Cybersecurity Billwould give the president an emergency 'kill switch' over the Internet, but added some restrictions to the bill. The president may no longer simply assert that the threat remains indefinitely, he must now seek Congressional approval after 120 days.
There is an important connection between these two stories. The "Trusted Identities in Cyberspace" system includes something called Trusted Network Connect. Technical PDF on Trusted Network Connect. Once the Trusted Identities in Cyberspace system is in place (lets call it ten years as a nice round number) Trusted Network Connect is designed to selectively ban noncompliant computers from getting internet access. In the event of an "cyber attack" or internet virus the U.S. government would have the power to shut down any or all internet connections for 120 days, and then asking Congress to extend it indefinitely. The Trusted Network Connect feature means that this shutdown can, and would, be limited to locking out computers that are not secured by the Trusted Identities system. Any computer that lacked a Trusted Platform Module would be unable to connect to the internet. The effect would be a global internet lockout against noncompliant computers. Anyone who declined to "voluntarily" opt-in to the Global Trusted Identities system would be denied internet access. Any nation that declined to comply would be locked out of the internet.
If the Trusted Identities system goes forward is is only a question of how many years it will take before noncompliant computers can and will be denied access to the Global Trusted Internet.
It's a lot worse than you think. I just finished reading the draft. This is an effort to impose Trusted Platform Modules - globally. For those not familiar with Trusted Platform Modules, it all boils down to one simple point. Computers and other electronic devices with each have a Master Key locked inside. A master key locking and controlling operation of the device. The owner is forbidden to know or control the key locking and controlling his devices. That leads to many technically complex results, but the simple point is that you are forbidden to know "your own" master security keys. They describe all sorts of supposed benefits of the system, but the inescapable end fact is that the system is designed to secure your computer against you. The simple simple point is that if you are forbidden to know your own keys then the system is locked against you. You are denied ownership and full control of your own computers.
I made a few very hasty notes from the draft document. Many of these items should scare the shit out of everyone:
Draft page 4, blue box: Identity card for to "anonymous" bloggers, i.e. no anonymous blogs. Identity card for e-mail.
page 15 explicitly states this is based upon the Trusted Platform Module.
Page 19 lists your ELECTRIC COMPANY adopting the system and requiring you to use it to access your account. (Although the DESCRIBED usage is plausibly optional web access)
Page 22 requires new laws "establishing an enforcement mechanism" for this system. Says government services will be used to drive adoption by the public. Says government buying power will be used to drive adoption in the business sector.
Page 23 explicitly names Intellectual Property Protection as a purpose of the system.
Page 24 explicitly states that "the scope of this strategy extends beyond national boundaries". Says the US Federal government must establish programs to execute this strategy. Says the US Federal government is to focus its recourses on influencing national and international standards to carry out this strategy. "Coordinate Federal Government efforts associated with digital identities both domestically and internationally".
Page 25 "cybersecurity is becoming a matter of diplomacy, activities under the strategy intend to address the increased importance of international policy efforts. The Federal Government, by leading and coordinating national efforts, as well as collaborating on international policy efforts, can drive a unified approach to trusted digital identities". "the creation of a global trusted infrastructure" Says the government should fund research and development of these systems and transfer it to the commercial sector. "Todays environment is driven by a global economy, with transactions occurring without regard to physical or political boundaries; the infrastructure developed under this strategy will, to the extent feasible, be interoperable among these environments, while also respecting the laws and policies of different nations."
Page 26 "The Federal Government is committed to the actions herein and will move forward as a leader, first adopter, and enabler" "The White House will select an agency and hold it accountable for coordinating the processes and organizations that will implement the Strategy".
Page 27 "All levels of Government will play a part in the adoption of the Identity Ecosystem for government services. As a major provider of services spanning individuals, private sector, and other governments, the Federal Government is positioned to enable high impact, high penetration Identity Ecosystem services."
Page 29 says the Federal Government will engage in media campaign activities to persuade the public to accept the system. (I would call it propaganda, though I have no doubt others would disagree with the use of that word.) "Success of the Identity Ecosystem depends on participation from multi-national corporations and global providers in the use of federated identities and that interoperable and scalable to internet lev
It's almost baffling that the "oh, think of the children" crowd doesn't want this.
They are opposed to it because they give a fuck about kids (well except for those of them that actually are fucking kids while publicly crusading on morality). They want to shove their noses into adult's bedrooms. They want to criminalize porn in general. They want to criminalize porn for adults.
As they see it establishing a.xxx domain legitimizes porn. As they see it establishing a.xxx domain undermines their cause. They believe porn harms adults. They talk of "protecting children" as a more mainstream-tolerable sham for "protecting immoral adults from porn".
... as interpreted by nine individuals selected at random intervals in time by whichever side of two warring factions happens to have a slight edge at the moment.
Civilized Behavior. Violence is only appropriate as an unfortunately necessary response to violence.
and you believe it would be hypocritical and ignorant to suggest otherwise, yes?
Yes.
and no violence has yet taken place, yes?
WHAT?!?!
At least about 58 people, believed to be Christians were killed in an outbreak of deadly protest by Muslims in Maiduguri, Borno State, at the weekend, angered by the caricatures of the Prophet Mohammed in a Danish and other European publications.
The Danish embassies in Syria, Lebanon, and Iran were all set on fire, as well as the Norwegian embassy in Syria, resulting in at least one death.
There have been a multitude of death threats and public offers of cash rewards of up to Rs 51 crore (US$11 million) to kill cartoonists.
Police in Berlin overwhelmed Amer Cheema, a student from Pakistan, as he entered the office building of Die Welt newspaper, armed with a large knife. Cheema admitted to trying to kill editor Roger Köppel for reprinting the Mohammad cartoons in the newspaper.
Two suitcase bombs were discovered in trains near the German cities of Dortmund and Koblenz, undetonated due to an assembly error. Video footage from Cologne train station, where the bombs were put on the trains, led to the arrest of two Lebanese students in Germany, Youssef el-Hajdib and Jihad Hamad, and subsequently of three suspected co-conspirators in Lebanon.[80] On 1 September 2006, Jörg Ziercke, head of the Bundeskriminalamt (Federal Police), reports that the suspects saw the Muhammad cartoons as an "assault by the West on Islam" and the "initial spark" for the attack
during the ongoing trial of four terror suspects arrested in Denmark, known as the Vollsmose case, one of the accused testified that Jyllands-Posten culture editor Flemming Rose was the target of a terror bombing the group had planned. According to the suspect, they were considering sending a remote-controlled car packed with explosives into the private residence of the editor.
A 28-year-old Somali Islamist used an ax to break down the front door of one of the cartoonists and attempted kill him. He then turned and attacked the police who arrived, and had to be shot twice to subdue him for arrest. And in a lovely touch, the cartoonist's five year old granddaughter was there while this man attempted to slaughter her grandfather.
If fact there have been multiple additional arrests of people planning or attempting to assassinate Muhammad cartoonists.
I can't even begin to list additional violent protests across the world over the images. Just going by the ones I skimmed over in a Google search I see cumulative death toll of over 200. Who knows what the complete total would be.
what if someone fires a bullet in your direction, and then puts down their arms and surrenders. is violence still unfortunately necessary?
Then you put them in prison. I think it would be awesome if more criminals would surrender peacefully.
you are NOTHING
You appear to have a peculiar fixation on people being "nothing". Did your father, or perhaps the women in your life, leave you with feelings of inadequacy?
Slashdot Mirror
Good news and bad news. The bad news is that there aren't really any reasonable ways to rule out the possibility of getting sued. The good news is that (at least under US law) this situation pretty much treated as a legitimate business practice. Artists can and often do release cover versions of other people's songs. There is a specific statutory license permitting anyone to copy the lyrics and sheet music of any released song without needing to ask permission. The law calls it the "mechanical royalty rate" and it's currently 9.1 cents per copy (or 1.75 cents per minute for a song longer than 5.2 minutes). That statutory license does not cover any copying of recorded sound, so an artist needs to play their own instruments and preform their own vocals. Of course that perfectly covers any issue of unintentional copying lyric/note copying when you make your own music.
I think the worst case, if you couldn't negotiate a lower settlement, would be to just claim the statutory license and pay the 9.1 cent per copy rate. If your song went gold with a million copies sold that would be $91,000. That's obviously not chump change, but it's probably not catastrophic if you hit gold record status. If you choose not to take that route and you let them sue you in court they would have to choose between claiming statutory damages or actual damages. Statutory damages go from a normal $750 minimum to a normal $30,000 maximum unless the they meets the burden of proving the infringement was willful, in which case the maximum would rise to $150,000. So the statutory maximum in your example would presumably be $30,000. Their other option is to claim actual damages which essentially means claiming the baseline 9.1 cents per copy cited above. However if the copying was unintentional and it only composed of a fractional part of your combined lyrics¬es then the judge may decide the actual damages are only a fraction of the 9.1 cents-per-copy rate for copying an entire song. So you can probably just insist upon a fractional rate back in the settlement phase.
I guess the back royalty could exceed your current net worth if you already spent all your past profits without accumulating much of value. Handy financial tip: if you strike it rich don't be so quick to blow it all on cocaine and hookers :)
I'm not actually a lawyer so it's certainly possible I've overlooked some aspect of the issue.
-
Does that mean that if I machine-generate a song that is quite similar to an existing one, I can't be sued for copyright violation?
Nothing much short of human extinction can accomplish that. Chuckle. So while it is virtually certain you will get sued for it, the question is whether they would win that lawsuit against you. Copying is an essential foundation to an infringement claim. For example there was a case where a song had some of the name notes as an earlier song. There was no evidence of deliberate copying, but the earlier song was popular and the later artist had certainly heard it. In civil court the standard is "preponderance of the evidence", whichever side convinces the court more than 50% that they are right. The fact that the later artist almost certainly had heard the song, and the extent of the similarity, was enough for the judge to conclude greater than 50% that the later artist had unintentionally/subconsciously copied those notes.
So it doesn't even need to be machine generated. If you can establish a preponderance of the evidence that you probably never heard the song or otherwise that there was no copying, then the law says you should win.
As long as you did not directly or indirectly enter the older song into your machine that powerfully establishes that there was no copying. However the courts will take an extremely dim view on any steps you make trying to get your machine to mimic any one or more existing songs. If you are trying to do this then you are going to be toast. If you come up with some objective scientific analysis defining of what sorts of note sequences sound best to the human ear and you direct your computer to generate the top ten best sounding note sequences, and some of those happen to already have been used by other songs, then you should be legally in the clear. Where "legally in the clear" means you're gonna get sued but the law is on your side.
-
you just have to worry about the lack of oxygen damaging your brain and your internal organs, but not about endangering your data or the performance of your laptop.
We need to put Slashdot on an encrypted Geeknet.
We don't want Normals seeing that is how we think.
-
Platypus is closed as WONTFIX.
All remaining bug reports are closed as PEBCAK.
-
(1) You missed on the date. The Bible would be ~2000. 6000 implies the universe. ;)
(2) You missed the emphasized 'you' in the quote and implied 'I' of my answer.
(3) You missed that I would never code into the universe anything as silly as talking snakes or magical fruit
-
Containing a picture of a cat with the caption "I can haz cheezburger?"
-
when was the last time you wrote code that lasted more than two centuries with less than 30 patches?
Six thousand years ago.
-
I always end my centuries on the 97's.
-
It would be great if the schools responded by setting up a massive file sharing system loaded with public domain, Creative Commons, GPL, and other legal content. There could easily fill it with hundreds of gigs of free legal music. I think pushing free legal non-RIAA music would be an AWESOME way to comply with RIAA demands to combat downloads of their stuff.
Just a few links to get them started:
http://www.dance-industries.com/
http://ccmixter.org/view/media/remix
http://phlow-magazine.com/free-mp3-music-download
http://www.clearbits.net/torrents
http://www.jamendo.com/en/
http://www.archive.org/details/audio
http://newteevee.com/2007/03/03/ten-sites-for-free-and-legal-torrents/
http://newteevee.com/2010/02/05/ten-more-sites-for-free-and-legal-torrents/
and another four or five hundred links:
http://wiki.creativecommons.org/Content_Directories
-
For some strange reason I wound up on rightwing mailing and phone lists and they contacted me multiple times with that sort of wildly biased "question". I find it most amusing, and most effective, to select the "B) we should give government all of our money and let it control every aspect of our lives?" option. It drives home the point of just how strongly I oppose them and their idiot propaganda question. It leaves them speechless and they quickly hang up on me :)
-
And here are the photos everyone is looking for.
Yes, I'd definitely say she's hot.
-
We don't know and we're not going to help you, but god damn that Bilski patent was stupid.
-
A quote from a few months ago: The BBC has indicated that third party content owners are seeking to ensure that reception equipment will implement ... copy protection. Because [these] requirements are not mandatory, representatives of content owners have asked the BBC to take steps to ensure that reception equipment will implement the specified content management arrangements.
The "standards issue" is that certain parties want the government to define and impose a DRM system and for the government to make it MANDATORY for all hardware to include and enforce this DRM system.
The guardian.co.uk story contains a link to dtg_bbc_trust_canvas_response.pdf were they say they want a new Digital Rights Management expert working group (diagram on page 2), and where they want a "high integrity receiver conformance regime" for receivers. That is a fancy way of saying want all receivers to the securely welded shut and they want circuitry and software securely locked down to prevent device owners or third party services from unscrewing the box to upgrade them in unapproved ways. And most of all it means strictly prohibiting any open platform such as MythTV or or a generic GPL Linux PC reception where people can modify the software. On page 10 they have a section explicitly titled "Conditional Access and DRM" where they explicitly state their concern is for Canvas to ensure the inclusion of DRM components in receivers.
The EFF has a good article discussing how it's the same thing that went on in the U.S. with the same people demanding the "Broadcast Flag" and demanding the FCC to make it mandatory for all receivers to include a government imposed DRM system on the entire public. There were the same demands for "high integrity receiver conformance regime" to lock down the hardware and software against modification by owners or third party services.
-
The US said it is sure that most criminals use ICQ
It's true. I once parked in a handicap space about a dozen years ago, which was about the same number of years ago that I tried out ICQ for a couple of days.
-
Nonsense. The TPM includes a function to create public/private key pairs and store the private key on-chip with no ability to retrieve it, but this is done under the control of the owner.
False. The highest level key is the PrivEK, the Private Endorsement key. According to the TPM technical specifications this key MUST be generated my the manufacturer. The manufacture then cryptographically signs the matching PubEK (Public Endorsement key) in order to authenticate the key and the chip.
>Sealed Storage
This, too, is nonsense.
You are absolutely right that the chip has limited power. And yes, the chip does need to interact with the rest of the computer in order to implement Sealed Storage. However I was completely correct in my point that Sealed Storage is one of the primary design functions of the chip.
>Remote Attestation
Once again, this is a thing which a TPM chip simply cannot do on its own
Again, of course the chip needs to interact with the rest of the system in order to preform Remote Attestation. And again, yes, this absolutely is an explicit core design function of the chip.
>The TPM chip prohibits you from being able to read or modify YOUR OWN FILES (Sealed Storage) unless you are running precisely the approved and mandatory software and hardware dictated by other people via Remote Attestation. It turns your computer into an insane ultra-DRM system and worse.
No. No, it doesn't.
And in your logic speakers don't produce sound and hard drives don't store any files. Yes, you are "correct" in that if you don't use the speakers they don't make sound, and if you don't use a hard drive it doesn't store any files, and if you don't use a TPM it doesn't do any of the things I listed. However the primary design purpose of speakers is to produce sound, and in the most common expected operation they do produce sound. The primary design purpose of hard drives is to store files, and in the most common expected operation they do store files. The primary design purpose of TPMs is to do the things I listed, and in the most common expected operation they do the things I listed.
And all of your theoreticals about how it's possible for a TPM not to do the things I listed, your argument is moo and just plain wrong. We are discussing the article White House Unveils Plans For "Trusted Identities In Cyberspace", and the system does operate as I explained.
-
It's not nearly as scary as you make it out to be.
I have studied the technical specifications of this. Yes, it is what I described and more. Either you don't know the Trust system very well or you and I have extremely different ideas about what is good vs what is scary.
The Trusted Platform Module (TPM) has three primary functions. #1 is to hold the master keys locked away specifically secure against the owner himself. #2 is called Sealed Storage, this encrypts files on the computer and again specifically secured against the owner being able to read or modify his own files except under the strict control and permission of the TPM chip. #3 is called Remote Attestation, this means that the TPM chip keeps a spy log of the hardware and software on your computer specifically for the purpose of sending this log out to remote parties over the internet, and again this spy log is specifically designed to be secure against any control or modification by the owner.
The TPM chip prohibits you from being able to read or modify YOUR OWN FILES (Sealed Storage) unless you are running precisely the approved and mandatory software and hardware dictated by other people via Remote Attestation. It turns your computer into an insane ultra-DRM system and worse.
The way Trusted Network Connect works, or any Trust-based software over the internet, the first thing that happens is you get tested for having a TPM chip. If your computer doesn't have a TPM then the connection is denied. If do you have a Trust chip but you didn't "opt-in" and turn it on, again the connection is denied. The next step is the Remote Attestation check. If you are not running a specifically approved operating system you again fail the check and are again denied a connection. This also check that you are running a specifically approved BIOS and an approved bootloader and that all of your drivers are approved. If any of this software has not been specifically approved then you fail the Trust test and again your connection is rejected. If you have attempted to modify any of the system software, or if you are not up to date with all mandatory patches, again you fail the Trust test and again your connection is denied. It then checks exactly what applications you are running (and what you are forbidden to run). For example your ISP could mandate that you be running a specific approved virus scanner and firewall. If you're not, or if you have attempted to modify them, you fail the check and your connection is denied. Or if you are connecting to any sort of music or video site it can enforce that you're running specific uber-DRM software. If you connect to a general website it can check that you have an approved webbrowser and check that you're not doing any sort of ad blocking. And again if you fail the check the connection is denied. And your files get locked under Sealed Storage that enforce all of these same things even when you're offline. If cannot access the Sealed files unless you are not running an exact unmodified approved operating system with the exact unmodified drivers and exact unmodified software (and that you're NOT running any prohibited software).
It is an ultimate remote ownership of your computer. You get locked out of the entire Trust system and get locked out of your own files and nothing works unless you are running an approved unmodified operating system with approved unmodified software. This chip denies you access or control of your own files if you attempt to modify any of the software or if you attempt to use other software of your own design or your own choice.
The way they sell it to the public is as a "security system". Trusted Network Connect is advertised as preventing virus infected (or virus vulnerable) computers from getting onto a network and causing damage. If you aren't running an approved operating system, or if you are running custom software, then Trusted Network Connect cannot validate that your computer is uninfected. If you fail the Trust checks then your computer gets "quarantined", denied network access, until you "fix" your computer to match the specific known approved virus-free configuration.
-
Yesterday's story Senate Panel Approves Cybersecurity Bill would give the president an emergency 'kill switch' over the Internet, but added some restrictions to the bill. The president may no longer simply assert that the threat remains indefinitely, he must now seek Congressional approval after 120 days.
There is an important connection between these two stories. The "Trusted Identities in Cyberspace" system includes something called Trusted Network Connect. Technical PDF on Trusted Network Connect. Once the Trusted Identities in Cyberspace system is in place (lets call it ten years as a nice round number) Trusted Network Connect is designed to selectively ban noncompliant computers from getting internet access. In the event of an "cyber attack" or internet virus the U.S. government would have the power to shut down any or all internet connections for 120 days, and then asking Congress to extend it indefinitely. The Trusted Network Connect feature means that this shutdown can, and would, be limited to locking out computers that are not secured by the Trusted Identities system. Any computer that lacked a Trusted Platform Module would be unable to connect to the internet. The effect would be a global internet lockout against noncompliant computers. Anyone who declined to "voluntarily" opt-in to the Global Trusted Identities system would be denied internet access. Any nation that declined to comply would be locked out of the internet.
If the Trusted Identities system goes forward is is only a question of how many years it will take before noncompliant computers can and will be denied access to the Global Trusted Internet.
-
It's a lot worse than you think. I just finished reading the draft. This is an effort to impose Trusted Platform Modules - globally. For those not familiar with Trusted Platform Modules, it all boils down to one simple point. Computers and other electronic devices with each have a Master Key locked inside. A master key locking and controlling operation of the device. The owner is forbidden to know or control the key locking and controlling his devices. That leads to many technically complex results, but the simple point is that you are forbidden to know "your own" master security keys. They describe all sorts of supposed benefits of the system, but the inescapable end fact is that the system is designed to secure your computer against you. The simple simple point is that if you are forbidden to know your own keys then the system is locked against you. You are denied ownership and full control of your own computers.
I made a few very hasty notes from the draft document. Many of these items should scare the shit out of everyone:
Draft page 4, blue box: Identity card for to "anonymous" bloggers, i.e. no anonymous blogs. Identity card for e-mail.
page 15 explicitly states this is based upon the Trusted Platform Module.
Page 19 lists your ELECTRIC COMPANY adopting the system and requiring you to use it to access your account. (Although the DESCRIBED usage is plausibly optional web access)
Page 22 requires new laws "establishing an enforcement mechanism" for this system. Says government services will be used to drive adoption by the public. Says government buying power will be used to drive adoption in the business sector.
Page 23 explicitly names Intellectual Property Protection as a purpose of the system.
Page 24 explicitly states that "the scope of this strategy extends beyond national boundaries". Says the US Federal government must establish programs to execute this strategy. Says the US Federal government is to focus its recourses on influencing national and international standards to carry out this strategy. "Coordinate Federal Government efforts associated with digital identities both domestically and internationally".
Page 25 "cybersecurity is becoming a matter of diplomacy, activities under the strategy intend to address the increased importance of international policy efforts. The Federal Government, by leading and coordinating national efforts, as well as collaborating on international policy efforts, can drive a unified approach to trusted digital identities". "the creation of a global trusted infrastructure" Says the government should fund research and development of these systems and transfer it to the commercial sector.
"Todays environment is driven by a global economy, with transactions occurring without regard to physical or political boundaries; the infrastructure developed under this strategy will, to the extent feasible, be interoperable among these environments, while also respecting the laws and policies of different nations."
Page 26 "The Federal Government is committed to the actions herein and will move forward as a leader, first adopter, and enabler" "The White House will select an agency and hold it accountable for coordinating the processes and organizations that will implement the Strategy".
Page 27 "All levels of Government will play a part in the adoption of the Identity Ecosystem for government services. As a major provider of services spanning individuals, private sector, and other governments, the Federal Government is positioned to enable high impact, high penetration Identity Ecosystem services."
Page 29 says the Federal Government will engage in media campaign activities to persuade the public to accept the system. (I would call it propaganda, though I have no doubt others would disagree with the use of that word.) "Success of the Identity Ecosystem depends on participation from multi-national corporations and global providers in the use of federated identities and that interoperable and scalable to internet lev
lose virtually all of the youth vote
Like, almost both?
-
It's almost baffling that the "oh, think of the children" crowd doesn't want this.
They are opposed to it because they give a fuck about kids (well except for those of them that actually are fucking kids while publicly crusading on morality). They want to shove their noses into adult's bedrooms. They want to criminalize porn in general. They want to criminalize porn for adults.
As they see it establishing a .xxx domain legitimizes porn. As they see it establishing a .xxx domain undermines their cause. They believe porn harms adults. They talk of "protecting children" as a more mainstream-tolerable sham for "protecting immoral adults from porn".
-
some people are so twisted, they consider anything less than this arousing
Pooooooorn!
Porn! Porn! Porn! Porn!
Naked toes! Do you realize how many people have foot fetishes?
-
... as interpreted by nine individuals selected at random intervals in time by whichever side of two warring factions happens to have a slight edge at the moment.
-
Civilized Behavior. Violence is only appropriate as an unfortunately necessary response to violence.
and you believe it would be hypocritical and ignorant to suggest otherwise, yes?
Yes.
and no violence has yet taken place, yes?
WHAT?!?!
At least about 58 people, believed to be Christians were killed in an outbreak of deadly protest by Muslims in Maiduguri, Borno State, at the weekend, angered by the caricatures of the Prophet Mohammed in a Danish and other European publications.
The Danish embassies in Syria, Lebanon, and Iran were all set on fire, as well as the Norwegian embassy in Syria, resulting in at least one death.
There have been a multitude of death threats and public offers of cash rewards of up to Rs 51 crore (US$11 million) to kill cartoonists.
Police in Berlin overwhelmed Amer Cheema, a student from Pakistan, as he entered the office building of Die Welt newspaper, armed with a large knife. Cheema admitted to trying to kill editor Roger Köppel for reprinting the Mohammad cartoons in the newspaper.
Two suitcase bombs were discovered in trains near the German cities of Dortmund and Koblenz, undetonated due to an assembly error. Video footage from Cologne train station, where the bombs were put on the trains, led to the arrest of two Lebanese students in Germany, Youssef el-Hajdib and Jihad Hamad, and subsequently of three suspected co-conspirators in Lebanon.[80] On 1 September 2006, Jörg Ziercke, head of the Bundeskriminalamt (Federal Police), reports that the suspects saw the Muhammad cartoons as an "assault by the West on Islam" and the "initial spark" for the attack
during the ongoing trial of four terror suspects arrested in Denmark, known as the Vollsmose case, one of the accused testified that Jyllands-Posten culture editor Flemming Rose was the target of a terror bombing the group had planned. According to the suspect, they were considering sending a remote-controlled car packed with explosives into the private residence of the editor.
A 28-year-old Somali Islamist used an ax to break down the front door of one of the cartoonists and attempted kill him. He then turned and attacked the police who arrived, and had to be shot twice to subdue him for arrest. And in a lovely touch, the cartoonist's five year old granddaughter was there while this man attempted to slaughter her grandfather.
If fact there have been multiple additional arrests of people planning or attempting to assassinate Muhammad cartoonists.
I can't even begin to list additional violent protests across the world over the images. Just going by the ones I skimmed over in a Google search I see cumulative death toll of over 200. Who knows what the complete total would be.
what if someone fires a bullet in your direction, and then puts down their arms and surrenders. is violence still unfortunately necessary?
Then you put them in prison.
I think it would be awesome if more criminals would surrender peacefully.
you are NOTHING
You appear to have a peculiar fixation on people being "nothing".
Did your father, or perhaps the women in your life, leave you with feelings of inadequacy?
-
I hear Dr. Kevorkian was recently released from prison.
-
They could hand out free puppy dogs and ice cream for the next year and nobody would ever love them again.
A free supply of puppies and icecream?
You obviously overlooked Uncle George with the nice white van.
-