Coming the day after the Xupiter
article, this is interesting.
It is entirely plausible that Xupiter or something similar (who knows, even some nice popular game or operating system or email client) has code squirrelled away in it that could serve as the basis for a large scale network attack. This code could be very small indeed as it can bootstrap on system libraries or other, quite legitimate, code in the application.
If the Wrong People (tm) in the Axis of Evil or connected with International Terrorists had planted this code, it could easily be used to mount a serious attack (DDOS or otherwise), and the trigger could be a file on the Xupiter
website, email to the users (the Bad Guys could collect email addresses at installation and not use them for anything till needed) or even a user comment on some commonly visited user discussion forum.
The payload does not even have to be in the distributed code - it can easily be fetched from a website someplace, loaded between infection and activation or even distributed to other websites during the infection phase. These websites would not even have to know what they are carrying - I've not looked at the structure of GPG signature blocks, but it is certainly possible that portions (at least) of the payload could be encoded in such or the like.
I know - this is true of most viruses - but putting a virus into a distributed application does make it less likely that it will be seriously scanned for a virus, and if it uses code not already identified by the virus hunters, or if it masks that code well enough it is quite likely to escape detection. I suspect that with some work I could construct a series of X86 instructions that would look perfectly reasonable, but that when XORed with the right sequence of bytes would produce virus code. Or the virus code could be distributed in all the legit code in sequences of a few dozen instructions at a time separated by jumps. Or...
If there were some reasonable number of users using the application (how many Ever Quest users are there? how many Xupiter toolbars are now sitting in people's browsers) and if the payload consisted of variants of other viruses (even identified ones) the large base of infected sites could lead to a massive and very threatening attack.
Xupiter would be an interesting vehicle for such a thing. Between the Xupiter license and the DMCA it would be illegal for users to try to examine the Xupiter code to find out exactly what it does (or might) do. Does the DMCA prohibit virus scanning on something? It certainly prohibits users from even trying to figure out if the program is benign.
Worse yet, Xupiter could use its periodic "update" checks as part of the trigger, plant the trigger on advertiser's web sites, or even use advertisers web sites as part of the attack/infection mechanism.
You've got to wonder - if the Axis of Evil is smart enough to build Nuquulur (TM - lets spell it the way the Leader of the Free World says it) Weapons are they smart enough to build (or rich enough to hire to build) a small group of people to build a network infrastructure attack. It probably would not kill a whole lot of people - but Death and Destruction are not the only tools of warfare.
It suddenly occurs to me that when I send email to a webmaster for a site that insists on internet explorer I should do it in HTML and include a link to the installation URL with a note like, "Hey, if you like IE, you'll like this too."
But, I guess that would be rude, mean and obnoxious.
Almost as much so as refusing to let me visit their site because I use Mozilla or Phoenix.
I probably won't. But I'll probably be tempted often enough.
I've long contemplated (without building one) building a "spam cannon" from fastened together spam containers and shooting the meat product - not the icky email.
Probably wouldn't make dents in most things, but my thoughts always work more toward the notion of a high angle shot (a "spam mortar" perhaps). Imagine standing in line to see "The Return of the King" and suddenly being bombarded with spam.
Or maybe being that email spam king and having your back yard picnic, well, spammed.
Of course, combined with a potato bazooka, we'd have Hash Artillery (and not the kind you'd smoke or bake into brownies). Toss in a cabbage trebuchet and a flambe' (why didn't the ampersand-eacute-semicolon character entity work there?) thrower and you'd have mealtime covered.
I've been doing the distributed proofing for a while now and its a relatively painless way to spend a few minutes and put a few pages into the public domain.
Mostly relatively painless anyway - I've spent some time working on the "Anatomy of Melancholy" which is a bear to do. Many english texts I've proofed here I can proof at the rate of a few minutes per page. "Melancholy" is more like a half hour per page.
Most of the works are nowhere near that bad though and this is a good way to make all that cool (or not so cool) stuff available and usable electronically.
Is there any way that the internet community might force this issue by sending SBC urls for sites that might infringe? Asking if the site does infringe and precisely how.
And include in the communication a refusal to pay and a statement that if the site is not informed immediately of infringement that it will be taken as an admission that the site does not infringe.
I like this proposal in general, but I'd change it a bit.
Copyright extends for 17 years (why 17? Its the only random number, of course.) automatically. A second 17 years can be obtained on payment of a $1000 fee. This isn't that much if something is bringing in money.
Subsequent extensions may also be purchased with the fee for every period equal to pow(1000,n-2). Thus the third period would be $1,000,000, the fourth $1,000,000,000 and so on. Get Disney to sign up for a fifth extension this way and the government might end up with money in the bank.
Recently there has been some discussion of a phenomenon called slashdotting - which occurs sporadically across the network and which consists of what looks like a DDOS attack on a web server.
<silly-parody>
There are an amaizing(sic) number of closed minds and assumptions out
there. 99% of the posts I'm seeing here are people who have heard
something once or twice on the radio about some "slashdotters" often with a
computer running something called LLinnuchs (try to find that on Google!), and who have made up their
minds and decided that every single instance of slashdotting all over
the world, past and future, can be explained away by that one
method. I had expected a little more from the crop circle circle.
I am one of the biggest skeptics out there, but I always try to
balance it with an open-minded analysis of all available
facts. Looking at all the factors involved, it seems to me that
calling every single slashdotting a hoax with confidence is
just impossible. Let's run down some factors here:
Numbers: First off, there's the sheer number of these things occurring
all over the world. They often show up on websites where the locals have
never heard of the slashdot phenomenon and don't care when they
do. They show up on websites where the owner is so poor that there is
no money for stupid practical jokes. They show up all over the world.
(This factor, in and of itself, I do not offer as complete evidence.)
Size: Some of these slashdottings are huge. An adolescent script kiddie
may be able to hit a single website a couple hundred times during the night, but even a team of people (less than a thousand or so) wouldn't be able to finish some of these things in one night.
(This factor, in and of itself, I do not offer as complete evidence.)
</silly-parody>
And so on. The rest is left to the diligent reader's imagination.
I'd laugh at this and urge modding up for "Funny" but I suspect the poster is serious.
So far everyone has missed the obvious and most sinister significance of these crop circles.
They are a steganographic (sort of) signalling mechanism used by International Terrorists (TM) (and funded by the Axis of Evil (TM)) to communicate with each other.
You see, they know that they only have to make one of these circles and the press (or the Swirlies (TM)) will report it. The intended recipients only need to look it up in their Magic Decoder Ring (circle, actually).
According to "Penn and Teller's Bullshit", a new Showtime production focussing on hoaxes and hoaxers, they could not call the people involved "liars", "con men" and the like, nor could they claim that they were lying or cheating or so on.
They could call the people involved "assholes" and "motherfuckers" and say that the hoaxes were "bullshit". Go fig.
An interesting first episode, by the way. Probably worth following.
For telemarketers I now quite prefer the "counterscript" . I've used it a few times and the telemarketers do NOT like it. I had one guy so disturbed that I almost felt sorry for him. Almost.
"Why does a single 24-year-old guy need coupons for feminine hygiene products?"
Now there's a question for the ages. Enquiring minds do want to know. There's always wallpaper, confusing the supermarket tracking your purchases in their database, anticipation (buy them in the hope....). You could always take the coupons to singles bars and hand them out to likely prospects (laugh).
"All that XML is, is an easy-to-parse, text based data transfer mechanism."
Might I also add "storage".
But that word "ALL" up there. Thats a lot. Think of all the different data transfer/storage mechanisms people have invented. Unix types should go browse/etc for config files - passwd isn't the same as termcap isnt the same as sudoers isn't the same as sshd config isn't the same as....
And so on. And on. And on. Think of all the one off formats people have invented. Mail (message format). HTML. HTTP. SMTP. RPM. passwd, printcap, procmail...
Try to come up with a general markup mechanism for various kinds of data and you'll see how tough it is.
Of course, the difficulty is that to make XML powerful enough to handle these varied kinds of data representations, it gets big and pointy.
And there are difficult problems not very far beneath the surface - XML does not solve them all by any means, but does provide at least a starting point.
And there are many more places where XML could at least provide a starting point.
XML is just a way to markup certain kinds of structured data. Thats a lot, and XML is a non-trivial solution (or set of solutions) to a non-trivial problem.
... One is derided, one is Derrida (???)
on
DTD vs. XML Schema
·
· Score: 1
When James Clark speaks on the subject of SGML/XML/... I listen. And having looked at RELAX, DTD's and SCHEMA, and having discovered that none of them are easy to do correctly, I tend to favor RELAX. Largely because James Clark does usually know what he's talking about.
That XML describes trees and so does lisp is a good observation and worth noting.
We can even describe a subset of lisp sexes that would be more or less isomorphic to XML. Not all lisp sexes work (I believe, but would need to read the XML specification carefully to pontificate) :
(1 2 3) would need to be something like :
<> 1 2 3 </>
but if all the sexes started with (atom (attribute-list)... ) the mapping would be pretty complete.
So, if the notations are isomorphic (that is if there is a deterministic mapping from each to the other where composition gives the identity on both sides) there is no problem. Write a program that does the mapping and then work in whichever syntax you prefer.
I'd suspect though that such a mapping is tough. I remember watching a debate on an XML mailing list about the fact that it was difficult to produce a canonical form for an XML structure.
I don't know if that has been resolved, but I do remember that some of the problems raised were quite subtle and difficult.
Which, if true, would mean that the structures (XML and Lisp) would be more homomorphic (whatever that means here) than isomorphic. Which (at least for those of us for whom "homomorphism" is not a scary word) raises questions of just what is, and is not, preserved.
That said, the parallel with lisp is quite interesting and productive. On a couple of occasions I've found that converting XML to lisp and doing some lisp magic the converting back has been productive and far easier than using the XML tools available.
Even better the analogy with lisp raises some very interesting ideas that I keep wanting to get around to exploring - but don't.
I'd think this patent is absurd given the dates involved. It shouldn't be hard to find websites that infringe this absurdity that amount to prior art. (Or should it? Do reliable archives exist prior to 1996?)
In any case, this might be a good case for everyone to send their (potentially) infringing links to the patent holder and refuse to pay. Maybe it will take something like that before the USPTO actually wakes up and realizes these things are absurd.
Even without prior art, I'd suspect a good case can be made that this is "obvious" which is also supposed to be unpatentable.
Lets just take as our hypotheses that such a "hydra" is possible and has been written, that it was done by some third party, that this effort was supported by the RIAA and that it was set loose in the wild and infected some large percentage of the machines it encountered.
Now, what if someone else looks at the code (disassembled/decompiled or by finding a source copy) and exploits things to use the compromized hosts to launch (as mentioned) a ddos attack against some tempting target.
Now, who is responsible? In particular, who goes to jail or gets sued?
All the parties are guilty of some crime and certainly of contributing to the problem. The last guy in the chain is likely to be the biggest target, but the rest are certainly culpable.
Would the answer change if the ddos were the result of a bug and the hydra writer were under contract to the RIAA?
Or if the RIAA (or one of its major members) were itself the target of the attack?
Keep the lawyers busy for years and years this would.
As a side note I suspect that if such a beastie were built and let loose that the reporting itself would amount to a ddos.
"...a language that by its nature is abstracted and modular, even to the point where the syntax of, say, control structures could be modified in a module?"
Lisp.
On the deeper question of "why bother writing a new language?" there are lots of answers. Some are mentioned in a response in this thread.
But there are a couple others as well.
One common one is that people are solving a closely related set of problems (say programming neural nets, or doing discrete event simulations). One approach is to build a set of libraries in a language you have and just thread those together. Works fine. But if you build your own language where the stuff you're doing a lot is easy to do - because you designed the syntax that way - (and the stuff you don't need to do much can be harder), you can gain quite a bit. Compare APL's array handling syntax to that in Fortran.
Another reason for new languages is incremental change to an existing language. C++ started out as a C preprocessor (of a sort) and has evolved to the point where it is now a very different language.
And as for novelty, there are some nicely novel languages - if you've never programmed in a functional language try Haskell, SNOBOL isn't well known these days, but has some very intriging notion. Self is quite an elegant language based on very different OO principles than you might find in C++ or Java. Then we have APL (quite a nice language once you figure out how to read it), J, Prolog, Clips, XSLT and so on. These may share some bits with more familiar languages, but also have a good deal that is different and novel.
Of course, if you really want novelty, no language discussion would be complete without Intercal.
The customer base here is actually pretty small. the MPEG people don't sell to end users, but to software developers/vendors.
Even if we count end users, the customer base is still fixed in size and most every user of the web will want one or another of these things installed.
Or both. Which is the real problem in some way. As long as there are multiple standards, its likely that end users are going to want to play files in all the standards. In which case the
short term result will be that the end user will be forced to get one of each. Even if a single player can handle all the file types the MS and MPEG fees with both need to be paid on the player. Not exactly cheaper for the consumer.
The other side of this is that MS does have enough cash to support their standard as long as they want to and its not clear to me that MPEG does.
So, its easy to say that MPEG will have do do on half their revenue - but there is no reason that MS could not then cut their price again. MS could even say something like "We'll charge no licensing fees for the next three years." Can MPEG do on zero income?
It was by the Harvard Lampoon and I have a copy right here (it usually sits on my shelf of Tolkien stuff). It is adolescent, dated, rude, vulgar and very funny. Highly recommended for Tolkien fans and foes alike.
I can probably do no better than to quote from the blurb inside the front cover :
"This book... tremor... Manichean guilt... existential... pleonastic... redundancy... " Orlando Di Bisquit, Hobnob
Some of the characters included the Boggies (hobbits) Dildo Bugger and his nephew Frito, Spam Gangree and the twins Moxie and Pepsi ; the wizard Goodgulf (and his evil counterpart Serutan) ; Legolam the elf, Gimlet the dwarf and of course Arrowroot, Son of Arrowshirt. All going up against the monstrous evil nasty guy Sorhed.
My congratulations. I'd never thought of this, but now it will probably haunt me. And I'm likely to be grinning about this now for days.
I would suggest that if you say anything about this anywhere near any MLA (Modern Language Association) get togethers, you may want to avoid dark alleys.
The things you find on slashdot. Who'd a'thunk it?
I'm not at all sure what to make of this except that I don't see any interesting applications on his site (Yes, I've looked at the "applications" column.) What do these things actually do and why should I care? I also don't see any math (theorems, conjectures at least) that looks interesting either. (However, I"m still looking at the associated russian site.)
For the computational I'd expect to see the one and for the mathematical I'd expect to see the other.
Worse yet, there's mention of a patent. On the MATLAB toolbox, I'd expect. Certainly not on the mathematics, since that is not allowed in US Patents (I'm carefully hiding any laughter at the thought of something being patented that should not be).
On the plus side the russian side (see above) does seem to have some math and that doesn't look (at first glimpse) to be the kind of junk thats often generated like this.
This attitude may work for fifth grade, but in college its way wrong. As a professor, it is my job to do my best to help a student to learn. I can not, should not, will not, foo not, bar not, whatever not compel a student to learn. Even if I strap a student into a torture device and administer punishment on wandering of attention or wrong answers, I can still not compel a student to learn.
Ever go rock climbing? Heres a bad analogy (bad analogies are often the best ones). Imagine me, the professor, at the top of a climb and you, the student at the bottom. You've got a climbing harness on and a rope in it which I'm belaying.
Your attitude is something like expecting me to just pull you up the cliff. Ain't gunna happen. I'll try to help you find the right places to put your hands and feet, I'll try to keep you from falling to your death, I'll help as much as I can, but I can't and won't just pull you up.
However, this is a common enough attitude among so many college students. They think "I pay the professors to make me learn." They should remember the nice saying "never try to teach a pig to sing. Its a waste of time and annoys the pig."
And for the poster, I'd suggest not going to class at all if things are that bad - talk the instructor into letting you skip it unless they dont require attendance. Then use the time to learn it on your own. It will be time better spent for you, the professor and anyone else in class you may be annoying. (My stated policy is that I do not require attendance - if a student doesn't want to come to class, I'm not going to require it. My observed result is that students who do not come to class fail more often than not.)
Slashdot Mirror
It is entirely plausible that Xupiter or something similar (who knows, even some nice popular game or operating system or email client) has code squirrelled away in it that could serve as the basis for a large scale network attack. This code could be very small indeed as it can bootstrap on system libraries or other, quite legitimate, code in the application.
If the Wrong People (tm) in the Axis of Evil or connected with International Terrorists had planted this code, it could easily be used to mount a serious attack (DDOS or otherwise), and the trigger could be a file on the Xupiter website, email to the users (the Bad Guys could collect email addresses at installation and not use them for anything till needed) or even a user comment on some commonly visited user discussion forum.
The payload does not even have to be in the distributed code - it can easily be fetched from a website someplace, loaded between infection and activation or even distributed to other websites during the infection phase. These websites would not even have to know what they are carrying - I've not looked at the structure of GPG signature blocks, but it is certainly possible that portions (at least) of the payload could be encoded in such or the like.
I know - this is true of most viruses - but putting a virus into a distributed application does make it less likely that it will be seriously scanned for a virus, and if it uses code not already identified by the virus hunters, or if it masks that code well enough it is quite likely to escape detection. I suspect that with some work I could construct a series of X86 instructions that would look perfectly reasonable, but that when XORed with the right sequence of bytes would produce virus code. Or the virus code could be distributed in all the legit code in sequences of a few dozen instructions at a time separated by jumps. Or...
If there were some reasonable number of users using the application (how many Ever Quest users are there? how many Xupiter toolbars are now sitting in people's browsers) and if the payload consisted of variants of other viruses (even identified ones) the large base of infected sites could lead to a massive and very threatening attack.
Xupiter would be an interesting vehicle for such a thing. Between the Xupiter license and the DMCA it would be illegal for users to try to examine the Xupiter code to find out exactly what it does (or might) do. Does the DMCA prohibit virus scanning on something? It certainly prohibits users from even trying to figure out if the program is benign.
Worse yet, Xupiter could use its periodic "update" checks as part of the trigger, plant the trigger on advertiser's web sites, or even use advertisers web sites as part of the attack/infection mechanism.
You've got to wonder - if the Axis of Evil is smart enough to build Nuquulur (TM - lets spell it the way the Leader of the Free World says it) Weapons are they smart enough to build (or rich enough to hire to build) a small group of people to build a network infrastructure attack. It probably would not kill a whole lot of people - but Death and Destruction are not the only tools of warfare.
But, I guess that would be rude, mean and obnoxious.
Almost as much so as refusing to let me visit their site because I use Mozilla or Phoenix.
I probably won't. But I'll probably be tempted often enough.
Probably wouldn't make dents in most things, but my thoughts always work more toward the notion of a high angle shot (a "spam mortar" perhaps). Imagine standing in line to see "The Return of the King" and suddenly being bombarded with spam. Or maybe being that email spam king and having your back yard picnic, well, spammed.
Of course, combined with a potato bazooka, we'd have Hash Artillery (and not the kind you'd smoke or bake into brownies). Toss in a cabbage trebuchet and a flambe' (why didn't the ampersand-eacute-semicolon character entity work there?) thrower and you'd have mealtime covered.
But I've used Project Gutenberg texts as sources for English text for various purposes - and images just wouldn't do it.
No reason the two can't coexist - it would even be useful to keep both the image and textual form together.
Mostly relatively painless anyway - I've spent some time working on the "Anatomy of Melancholy" which is a bear to do. Many english texts I've proofed here I can proof at the rate of a few minutes per page. "Melancholy" is more like a half hour per page.
Most of the works are nowhere near that bad though and this is a good way to make all that cool (or not so cool) stuff available and usable electronically.
And include in the communication a refusal to pay and a statement that if the site is not informed immediately of infringement that it will be taken as an admission that the site does not infringe.
Copyright extends for 17 years (why 17? Its the only random number, of course.) automatically. A second 17 years can be obtained on payment of a $1000 fee. This isn't that much if something is bringing in money.
Subsequent extensions may also be purchased with the fee for every period equal to pow(1000,n-2). Thus the third period would be $1,000,000, the fourth $1,000,000,000 and so on. Get Disney to sign up for a fifth extension this way and the government might end up with money in the bank.
<silly-parody>
There are an amaizing(sic) number of closed minds and assumptions out there. 99% of the posts I'm seeing here are people who have heard something once or twice on the radio about some "slashdotters" often with a computer running something called LLinnuchs (try to find that on Google!), and who have made up their minds and decided that every single instance of slashdotting all over the world, past and future, can be explained away by that one method. I had expected a little more from the crop circle circle.
I am one of the biggest skeptics out there, but I always try to balance it with an open-minded analysis of all available facts. Looking at all the factors involved, it seems to me that calling every single slashdotting a hoax with confidence is just impossible. Let's run down some factors here:
Numbers: First off, there's the sheer number of these things occurring all over the world. They often show up on websites where the locals have never heard of the slashdot phenomenon and don't care when they do. They show up on websites where the owner is so poor that there is no money for stupid practical jokes. They show up all over the world. (This factor, in and of itself, I do not offer as complete evidence.)
Size: Some of these slashdottings are huge. An adolescent script kiddie may be able to hit a single website a couple hundred times during the night, but even a team of people (less than a thousand or so) wouldn't be able to finish some of these things in one night. (This factor, in and of itself, I do not offer as complete evidence.)
</silly-parody>
And so on. The rest is left to the diligent reader's imagination.
I'd laugh at this and urge modding up for "Funny" but I suspect the poster is serious.
"Method for Secret Communication Utilizing Simple Materials Found Around the Farm."
Do I have a grace period before I file?
They are a steganographic (sort of) signalling mechanism used by International Terrorists (TM) (and funded by the Axis of Evil (TM)) to communicate with each other.
You see, they know that they only have to make one of these circles and the press (or the Swirlies (TM)) will report it. The intended recipients only need to look it up in their Magic Decoder Ring (circle, actually).
They could call the people involved "assholes" and "motherfuckers" and say that the hoaxes were "bullshit". Go fig.
An interesting first episode, by the way. Probably worth following.
"Why does a single 24-year-old guy need coupons for feminine hygiene products?"
Now there's a question for the ages. Enquiring minds do want to know. There's always wallpaper, confusing the supermarket tracking your purchases in their database, anticipation (buy them in the hope ....). You could always take the coupons to singles bars and hand them out to likely prospects (laugh).
Might I also add "storage".
But that word "ALL" up there. Thats a lot. Think of all the different data transfer/storage mechanisms people have invented. Unix types should go browse /etc for config files - passwd isn't the same as termcap isnt the same as sudoers isn't the same as sshd config isn't the same as ....
And so on. And on. And on. Think of all the one off formats people have invented. Mail (message format). HTML. HTTP. SMTP. RPM. passwd, printcap, procmail ...
Try to come up with a general markup mechanism for various kinds of data and you'll see how tough it is.
Of course, the difficulty is that to make XML powerful enough to handle these varied kinds of data representations, it gets big and pointy. And there are difficult problems not very far beneath the surface - XML does not solve them all by any means, but does provide at least a starting point.
And there are many more places where XML could at least provide a starting point.
XML is just a way to markup certain kinds of structured data. Thats a lot, and XML is a non-trivial solution (or set of solutions) to a non-trivial problem.
When James Clark speaks on the subject of SGML/XML/... I listen. And having looked at RELAX, DTD's and SCHEMA, and having discovered that none of them are easy to do correctly, I tend to favor RELAX. Largely because James Clark does usually know what he's talking about.
We can even describe a subset of lisp sexes that would be more or less isomorphic to XML. Not all lisp sexes work (I believe, but would need to read the XML specification carefully to pontificate) : (1 2 3) would need to be something like : ... ) the mapping would be pretty complete.
<> 1 2 3 </>
but if all the sexes started with (atom (attribute-list)
So, if the notations are isomorphic (that is if there is a deterministic mapping from each to the other where composition gives the identity on both sides) there is no problem. Write a program that does the mapping and then work in whichever syntax you prefer.
I'd suspect though that such a mapping is tough. I remember watching a debate on an XML mailing list about the fact that it was difficult to produce a canonical form for an XML structure. I don't know if that has been resolved, but I do remember that some of the problems raised were quite subtle and difficult.
Which, if true, would mean that the structures (XML and Lisp) would be more homomorphic (whatever that means here) than isomorphic. Which (at least for those of us for whom "homomorphism" is not a scary word) raises questions of just what is, and is not, preserved.
That said, the parallel with lisp is quite interesting and productive. On a couple of occasions I've found that converting XML to lisp and doing some lisp magic the converting back has been productive and far easier than using the XML tools available.
Even better the analogy with lisp raises some very interesting ideas that I keep wanting to get around to exploring - but don't.
In any case, this might be a good case for everyone to send their (potentially) infringing links to the patent holder and refuse to pay. Maybe it will take something like that before the USPTO actually wakes up and realizes these things are absurd.
Even without prior art, I'd suspect a good case can be made that this is "obvious" which is also supposed to be unpatentable.
Now, what if someone else looks at the code (disassembled/decompiled or by finding a source copy) and exploits things to use the compromized hosts to launch (as mentioned) a ddos attack against some tempting target.
Now, who is responsible? In particular, who goes to jail or gets sued?
All the parties are guilty of some crime and certainly of contributing to the problem. The last guy in the chain is likely to be the biggest target, but the rest are certainly culpable.
Would the answer change if the ddos were the result of a bug and the hydra writer were under contract to the RIAA?
Or if the RIAA (or one of its major members) were itself the target of the attack?
Keep the lawyers busy for years and years this would.
As a side note I suspect that if such a beastie were built and let loose that the reporting itself would amount to a ddos.
Perhaps part of their hurry is to grab the money and run before the patents do expire.
Lisp.
On the deeper question of "why bother writing a new language?" there are lots of answers. Some are mentioned in a response in this thread.
But there are a couple others as well.
One common one is that people are solving a closely related set of problems (say programming neural nets, or doing discrete event simulations). One approach is to build a set of libraries in a language you have and just thread those together. Works fine. But if you build your own language where the stuff you're doing a lot is easy to do - because you designed the syntax that way - (and the stuff you don't need to do much can be harder), you can gain quite a bit. Compare APL's array handling syntax to that in Fortran.
Another reason for new languages is incremental change to an existing language. C++ started out as a C preprocessor (of a sort) and has evolved to the point where it is now a very different language.
And as for novelty, there are some nicely novel languages - if you've never programmed in a functional language try Haskell, SNOBOL isn't well known these days, but has some very intriging notion. Self is quite an elegant language based on very different OO principles than you might find in C++ or Java. Then we have APL (quite a nice language once you figure out how to read it), J, Prolog, Clips, XSLT and so on. These may share some bits with more familiar languages, but also have a good deal that is different and novel.
Of course, if you really want novelty, no language discussion would be complete without Intercal.
Even if we count end users, the customer base is still fixed in size and most every user of the web will want one or another of these things installed.
Or both. Which is the real problem in some way. As long as there are multiple standards, its likely that end users are going to want to play files in all the standards. In which case the short term result will be that the end user will be forced to get one of each. Even if a single player can handle all the file types the MS and MPEG fees with both need to be paid on the player. Not exactly cheaper for the consumer.
The other side of this is that MS does have enough cash to support their standard as long as they want to and its not clear to me that MPEG does. So, its easy to say that MPEG will have do do on half their revenue - but there is no reason that MS could not then cut their price again. MS could even say something like "We'll charge no licensing fees for the next three years." Can MPEG do on zero income?
I can probably do no better than to quote from the blurb inside the front cover : "This book ... tremor ... Manichean guilt ... existential ... pleonastic ... redundancy... " Orlando Di Bisquit, Hobnob
Some of the characters included the Boggies (hobbits) Dildo Bugger and his nephew Frito, Spam Gangree and the twins Moxie and Pepsi ; the wizard Goodgulf (and his evil counterpart Serutan) ; Legolam the elf, Gimlet the dwarf and of course Arrowroot, Son of Arrowshirt. All going up against the monstrous evil nasty guy Sorhed.
There you have it.
The mind boggles. And having boggled moves on.
My congratulations. I'd never thought of this, but now it will probably haunt me. And I'm likely to be grinning about this now for days.
I would suggest that if you say anything about this anywhere near any MLA (Modern Language Association) get togethers, you may want to avoid dark alleys.
The things you find on slashdot. Who'd a'thunk it?
Don't forget the endless discussions of how to overclock the ring without having it turn into the very lava in Mt. Doom.
For the computational I'd expect to see the one and for the mathematical I'd expect to see the other.
Worse yet, there's mention of a patent. On the MATLAB toolbox, I'd expect. Certainly not on the mathematics, since that is not allowed in US Patents (I'm carefully hiding any laughter at the thought of something being patented that should not be).
On the plus side the russian side (see above) does seem to have some math and that doesn't look (at first glimpse) to be the kind of junk thats often generated like this.
Ever go rock climbing? Heres a bad analogy (bad analogies are often the best ones). Imagine me, the professor, at the top of a climb and you, the student at the bottom. You've got a climbing harness on and a rope in it which I'm belaying. Your attitude is something like expecting me to just pull you up the cliff. Ain't gunna happen. I'll try to help you find the right places to put your hands and feet, I'll try to keep you from falling to your death, I'll help as much as I can, but I can't and won't just pull you up.
However, this is a common enough attitude among so many college students. They think "I pay the professors to make me learn." They should remember the nice saying "never try to teach a pig to sing. Its a waste of time and annoys the pig."
And for the poster, I'd suggest not going to class at all if things are that bad - talk the instructor into letting you skip it unless they dont require attendance. Then use the time to learn it on your own. It will be time better spent for you, the professor and anyone else in class you may be annoying. (My stated policy is that I do not require attendance - if a student doesn't want to come to class, I'm not going to require it. My observed result is that students who do not come to class fail more often than not.)