The problem was never the definition of "reasonable". "Reasonableness" is not the criteria for a legal search: having a warrant is. Searching or seizing someone else's property without their consent, legally, requires special legal dispensation granting immunity for that violation of the owner's property rights. Said special legal dispensation is known as a warrant. Without a warrant, searching or seizing someone else's property (domestic of foreign, it makes no difference) is a criminal act, regardless of who does it or what badge they wear—and any law which purports to authorize such searches or seizures without "probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized" is an unconstitutional warrant which neither Congress nor any other branch of the government has the authority to issue.
Technically, Spectre only reveals data to which the process had already access to begin with.
The "process", perhaps, but not the attacker. To say that "correctly designed software should be unaffected" is disingenuous. Until this vulnerability was announced, that software was considered correctly designed. It did not permit arbitrary code execution; the inputs were sanitized and verified to be safe. The flaw is not the software design but rather the hardware, which ignored those security checks for the sake of speculative execution, then allowed the results—which should not have been observable by anyone, since according to the system architecture the code was never executed—to be exfiltrated through a side-channel.
Do not make the mistake of assuming that this is limited to scripting languages, JIT engines, and VMs. That would be sufficiently catastrophic by itself, of course, but any program which processes input from untrusted sources (i.e. any program where security is a factor) is potentially vulnerable. The attacker doesn't need access to a general-purpose programming language, just the right sequence of perfectly normal and harmless-looking instructions. More direct control makes it easier to exploit the flaw, but that does not imply that other, more limited programs are immune.
In the Google demo, it works because all in-kernel code (here: JIT-ed bytecode) has access to in-kernel data.
JIT is not required, at least on Intel Haswell Xeon CPUs:
During the course of our research, we developed the following proofs of concept (PoCs):... 2. A PoC for variant 1 [Spectre] that, when running with normal user privileges under a modern Linux kernel with a distro-standard config, can perform arbitrary reads in a 4GiB range in kernel virtual memory on the Intel Haswell Xeon CPU. If the kernel's BPF JIT is enabled (non-default configuration), it also works on the AMD PRO CPU.
This particular PoC exploit requires JIT to work on the AMD PRO. On the Intel Haswell Xeon, the eBPF bytecode interpreter was sufficient. With enough effort, determined attackers could uncover a vulnerable code sequence in a standard distro kernel which does not depend on eBPF at all.
Nobody who cared about the environment would have every little item to their house delivered.
Every item in your house was delivered there by one means or another. Do you think it is better for the environment to have the same items delivered to a store first, to wait indefinitely on a shelf in the hopes that someone will make a trip there to purchase them and drive them home, compared to shipping them directly from the warehouse? For the majority of items which are not produced locally, I see no reason to think that online shopping would not be much better for the environment than buying the same items in person from retail store.
Also, why should economic activity that took place in the far past have the same "value" years later?
Because during that time you've been refraining from consuming and thus allowing others to benefit from the product of your labor. You did useful work, and received money in return—the overall supply of goods increased. You saved the money rather than spending it—so other people received those goods, not you. Assuming a stable money supply, if deflation has occurred that means that the difference between your production and your consumption has contributed to capital investment and more efficient production. That is why your money is now worth more. The deflation is your reward for refraining from entering the market and competing with others for scarce goods and services. Similarly, inflation, when it occurs naturally, reflects capital consumption and less efficient production, and the resulting decrease in the value of savings is a penalty for leaving the market to others who have failed to cultivate it.
The natural, unforced rate of deflation reflects how good the average investor is at turning a profit and bringing value to society. If you can do better than the average investor, great—you will receive a return higher than the rate of deflation. If not, everyone will be better off if you just "hoard" your money and refrain from diverting resources away from those who know what they're doing.
If the money supply is manipulated to force inflation, however, that makes the market look worse than it actually is, which encourages investment in below-average ventures—ventures which will not pay enough of a return to exceed the deflation which would otherwise have occurred. The result is capital consumption and a lower rate of growth. This presumes that the inflation occurs evenly; if the new money all goes to one place (such as the Treasury, banks, government contractors...) the distortion in the market becomes even worse.
Of course, forcing deflation causes the opposite problem, inhibiting useful investments which would have payed better than the natural rate of deflation. It's only a good thing when it occurs naturally, without manipulation of the money supply. Sometimes inflation can be a force for good—but only when it isn't forced.
I don't think Charter, or TWC, or Comcast would drop completely out of a market just because they were told they had to give everyone access. If they would, another monopolistic cable company would gladly step in.
You are assuming that they are already have a monopoly with no realistic threat of competition from other Internet providers, in which case it is also safe to assume that they are already charging whatever the market will bear and pocketing the difference. That is a problem which should be addressed by lowering barriers to entry and encouraging more competition—exactly the opposite of the proposed regulations.
It is not the giants like BT or Comcast that are most impacted by these rules, but rather the smaller, less profitable, local ISPs which can't afford to build out to service the entire countryside. Don't be fooled by their diminutive stature; they may be small, but the threat of their competition is what keeps the giants in check. Even if they don't service your market, the giants are well aware of the fact that if they set their prices too unreasonably these smaller providers would step in to take their place—unless sufficient barriers are erected to keep them from competing.
They're only being forced to do this because it is not something they would do voluntarily.
The key thing is that the ISPs aren't forced to provide rural Internet service—they can choose not to provide Internet service at all. And some of them will. Which makes matters worse for every non-rural Internet consumer.
That said, they will make their money back from this.
Either that, or go out of business. That doesn't necessarily mean that they're losing money in an accounting sense, just that the money can be more profitably invested elsewhere. Why invest in providing Internet service when you can get a higher return doing something else? Either way the result is the same, less competition and higher prices.
If anyone is really worried about rural access to broadband Internet they should just provide it directly, at cost, as a private non-profit organization with no special privileges or subsidies. It may still cost more than the for-profit Internet service in the cities, but that is a reasonable and expected consequence of the choice to live away from other people.
And whereas, initially that is true, in the end, the person using that connection will pay for it. It will just take longer for the [ISP] to get their money back from installing the cable for a rural route not already served, than it would in a densely populated urban cluster.
A longer payback time equals a higher opportunity cost—the difference between what the investors could have made from any other business and what they can make from offering Internet service to rural customers over the same time period. Due to this regulation, the person using the connection is not paying that higher cost, which means that the difference is externalized onto the ISP. This increases barriers to entry and drives marginally-profitable service providers out of business, reducing competition and raising prices for the consumers of Internet service living in more densely populated areas.
Let's say you loaned me $100 for a business venture for a period of one year at 5% interest. Would you be satisfied receiving $105 back in ten years? Or even the $100 principle in one year and the $5 interest in ten? After all, it "only" took you longer to get your money back. No harm done, right?
We don't know that the owner would have made the same choices.
Doesn't matter. If they were able to turn a profit then it stands to reason that the owner could have done the same. Either way they are responsible for taking away that choice from someone they never proved guilty of any crime. Making their victim whole involves more than just the return of the original property; they have a responsibility to render the accused at least as well off as they might plausibly have become had the property never been seized.
On the other hand, you appear to be suggesting that the government should profit from their seizure of property from a (presumably) innocent person, at their expense, having failed to prove their case. As such, you can't possibly be serious.
On the other hand, volatility works both ways. If they fail to make their case then they owe Aaron Shamo his seized property back, 513 BTC and 512 BCH, plus whatever profit they realized on it while it was in their keeping, since that profit would naturally have accrued to the owner if they hadn't interfered.
Selling now allows them to lock in the higher price in the event that they win, but also means that they stand to lose quite a bit if the price rises and they lose the case.
Wait, am I still talking about cars or have I reverted to drones? Seems to me the answers are the same for each.
You can build you own car without getting permission from anyone, and drive it as much as you want on private property with the consent of the property owner. Vehicle registration is only required if you want to drive the vehicle on public roads. The rules being proposed for drones are much more restrictive. If they'd stop messing with people flying over their own property or with the owner's permission (up to, say, 400' AGL) they wouldn't get nearly as much opposition.
So the fees depends on the number of transactions.
No, that would be reasonable. The fees depend on the number of pledges, not the number of transactions. Whether you have one $40 pledge or 40 $1 pledges, there is only one $40 transaction. The division of the total among the pledges is nothing more than a series of entries in a database managed by Patreon.
Patreon's role in the process lies precisely in batching together small payments to multiple recipients into a single deposit, and small donations from multiple donors into a single withdrawal. The addition of per-pledge fees defeats the point of having the service. Rather than paying 2.9% + $0.35 per pledge up front, with another 5% of the remainder paid by the recipient, you might as well just send your pledges through PayPal—where there are no fees for the sender and the recipient only pays 2.9% + $0.30 per transfer. If you sent $1.38 via Patreon ($1 pledge + fees) the recipient would only get $0.95, whereas if you send the same amount by PayPal they would net $1.04, or about 9% more. The fee structure with Square Cash is even better: 2.75% for business payments and no fixed charge per transaction.
Frankly, their fees are far better than any other site, even with the recent changes. You keep 95%? that's the fairest site of them all.
With the new 2.9% + $0.35 per pledge fees they're rolling out for donors, it's more like you keep ~69% of each nominally-$1 pledge. (Actual cost payed by donor $1.37, of which you receive $0.95.) Larger pledges result in a better ratio, naturally, up to about 92.3% in the best case.
Those fees might be reasonable on a per-transfer basis, where a transfer is $15 or more and can be used to fund multiple pledges, but not for each individual pledge. Especially since the only difference in the cost to Patreon between one $40 pledge and 40 $1 pledges is some entries in a database.
The part that is causing outrage is "patrons will pay for each individual pledge". If you pledge $40/mo. to one artist you'll pay $1.50/mo. in fees (not unreasonable), but if you make 40 $1 pledges then you'll pay $15.16/mo in fees. In the latter case, combined with their 5% cut on the recipient's side, Patreon is keeping almost 40% of the amount payed by donors. This change effectively makes small pledges unworkable, which is a problem for those Patreon users who rely on small pledges from many different patrons. As for the costs, Patreon doesn't do a separate transaction per pledge; they combine all the pledges together into a single transaction. Their processing costs are thus the same whether the donations go to one pledge or many.
Copyright is an artificial monopoly enforced by the State. Nothing at all to do with capitalism. (Unless you meant "crony capitalism", a.k.a. "corporatism", which isn't the same thing at all.)
Copyright's are easy to explain and understand. You don't copy stuff that you didn't produce yourself, without permission.
Fair use laws... That's the problem here. They don't make sense to the average person.
If that is how you think of copyright then you don't understand copyright at all. Fair use laws exist because the "simple" version of copyright, you have stated it, is fundamentally and obviously wrong and would never be accepted by the public. Don't just take my word for it; the fair use doctrine in the U.S. came about precisely because the Supreme Court recognized that copyright sans fair use infringed on the freedom of speech. There are many situations where it is plainly unreasonable to expect anyone to ask permission before making a copy. The more egregious cases (e.g. backups, parody, educational use) have been codified as "fair use" to co-opt the more dangerous forms of opposition and keep people from questioning the underlying premise that non-original speech is something that should require permission. (The other cases where permission is still required are also unreasonable, but less obviously so.)
Copyright has its roots in state censorship, and dates from a time when enforcement only directly affected a handful of publishers. It was wrong when it was originally introduced, and it hasn't aged well as improvements in communications and information processing have made copying a fundamental aspect of modern life.
First, your scheme requires the ability to export the private key from the device (even if it is encrypted). This is poor security practice.
Why? If RSA and/or ECC are really "uncrackable", and is mathematically proven so, I fail to see the problem.
First, there is no system other than the one-time pad (which is not a public-key cryptosystem and thus not applicable here) which is mathematically proven to be "uncrackable". Public-key cryptography depends on problems which are believed to be hard to solve, but it could be that there is a solution which simply hasn't been discovered yet.
Second, even assuming that the encryption is "uncrackable", the security of the manufacturer's private key and the process meant to ensure that it is only used in response to a lawful warrant are both much weaker targets than the encryption algorithm. As the saying goes, two people can keep a secret—provided that one of them is dead. A key which only the device has access to is inherently more secure than one which is meant to be accessible to both the device and the manufacturer (or the owner or anyone else).
If they keys are stored encrypted, the the key encryption key has to be stored in pain-text. These chips often have limited memory, so you can off-load secrets from the crypto chip into the host, but this key is encrypted using a chip-specific key. What you call "poor security practice" is baked into the TPM spec.
Perhaps I over-simplified. The point is that the plain-text key only exists inside the tamper-resistant chip. While the encryption version can be stored outside the chip, it can't be decrypted anywhere else, not even by the owner of the device and certainly not by the manufacturer. This is entirely different from sending the encrypted key to a third party who has the ability to decrypt it.
However, if you accept the postulate that somebody with a warrant signed by a judge has the right to break into your stuff, then you have to trust SOMEBODY.
Assuming that they have probable cause to search the device, I accept that they have the right to seize it and try to break into it. I do not accept that they have any right to succeed, or to force anyone to help them do so, either before or after the fact.
Maybe not the manufacturer, but a private company with a staff of lawyers to protect the rights of the customers.
Moving the goalposts a bit, but OK. That resolves the issue of incentives and representation, so long as I get to pick the company (potentially myself), but the other objections still apply. No one has sufficient technical competence to protect the master key from falling into the wrong hands; that is why we have things like TPMs and HSMs and smartcards in the first place.
As far as who keeps the keys, as I said, certificate organizations manage the run their entire business around keeping their private key private. Every organization that has an "https" web page has a private key that they somehow manage. You act as if this type of thing has never happened before.
You act as if CAs have never had keys compromised, or abused their position of trust to issue false certificates (under duress or otherwise). Some organizations which have had exactly these problems are still around and allowed to issue keys trusted by all the major browsers. If anything, the CA system illustrates exactly why key escrow is a horrible idea.
Several things, actually. First, your scheme requires the ability to export the private key from the device (even if it is encrypted). This is poor security practice. The current trend—long overdue, and implemented in response to real security breaches—is to generate and store the private key in a tamper-resistant secure chip, with no external access to the key material. All operations involving the key occur inside the chip. This protects against vulnerabilities in the operating system as well as physical tampering.
Second, why should the manufacturer have the ability to decrypt the user's data? Again, poor security practice. The manufacturer should not be considered a trusted party, beyond device itself as it was originally delivered and later software updates accepted by the owner and installed while the device is unlocked.
Third, the private key on the device is generally only part of the information needed to decrypt the contents; you also need the user's password. Even assuming you could get the private key from a locked device, if the user chose a secure password (as opposed to a PIN you could easily brute-force) then the device key won't do you any good. Storing the combined key would, of course, be very poor security practice, even wrapped in some form of encryption.
Fourth, the manufacturer's private key will eventually leak. Their backdoor access is a single point of failure, and a very tempting target for hackers and foreign governments alike. The manufacturer does not have nearly as much incentive to secure their backdoor as all of the end-users combined have to secure their individual devices.
Fifth, the manufacturer cannot be trusted to represent the owner's interests by requiring a legally-sound warrant before exercising their backdoor. They can be coerced or bribed into complying "voluntarily", without a warrant—the subject of this very article—and they have no incentive to fight dubious warrants which have a chance of being overturned since it's not their data, the effort required to comply would be trivial, and they have the cover of a "legal" order (however threadbare) to protect them against any public backlash.
But certainly the reason to pay $19.99 for the DVD is to watch the movie.
Close. The reason to pay $19.99 for the DVD is to be able to watch the movie as many times as you want, with the option to resell the used DVD when you've tired of it. That does not imply that a single viewing would be worth $19.99.
Anyway, the key metric here is not what might you have otherwise payed but rather what will it cost to "make the victim whole"—and in the case of copyright infringement the answer to that is nothing. The "victim" hasn't lost anything and is already whole; no restitution is owed. That just leaves retribution, and on that score the "victim" is welcome to infringe on the "pirate's" copyrights in turn—assuming that they claim any.
Electricity consumption ensures that it cannot be created without cost, thereby preventing anyone from artificially increasing the supply....
ASIC mining reduced the electric costs of bitcoin mining.
Actually, no, it didn't. It costs far more to mine a block now than it did before ASIC mining was invented. The difference has nothing to do with the technology used and everything to do with the fact that the price of Bitcoin has increased by several orders of magnitude. When each block earns you a block reward of $125,000 (12.5 BTC/block * $10k/BTC), a marginally profitable miner will spend almost that much on electricity for each block mined, whether mining is done with ASICs, GPUs, or CPUs. More efficient mining hardware just means you have to solve more calculations per block, since the network automatically adjusts the difficulty to maintain a rate of six blocks per hour. Even if this interval is shortened slightly by ever-increasing hash rates, that just means that the next "halving event" where the block reward drops to 6.25 BTC comes that much sooner, and the hard cap of 21 million BTC remains unaffected.
It all this foolproof? Not quite, since the limits could be changed with a hard fork if enough people agreed.
On the other hand, the scarcity of precious metals has its own caveats. We could discover vast new sources, e.g. through asteroid mining, or a—cheaper, more practical—way to transmute common elements into gold. (We already know that this can be done through nuclear transmutation; it just isn't cost-effective.)
Congratulations, you've just invented the banking system!
No, the escrow system is a way to get the benefits of a bank without involving a fully-trusted third party. A bank can refuse to process the payment even when the buyer and seller agree, whereas the escrow partner is completely out of the loop in this case. The bank can also take the money and run against the wishes of both buyer and seller, again something the escrow partner cannot do since at least one of them must sign off on the transfer. The only real risk is that the escrow partner fails to act impartially in the event of a dispute, which is mitigated by the fact that both the buyer and the seller agree on the choice of escrow service in advance.
There are also arrangements which do away with the third party entirely—in the event of a dispute the payment (plus an optional deposit to keep things balanced) is either locked up permanently or donated to charity. This implies that both sides lose if either cheats, which isn't really fair to the victim, but this unfairness is minimized by removing the incentive to cheat in the first place.
Step #1 falls down immediately. The constitution clearly states that "To promote the progress of science and useful arts, by securing for limited times to authors and inventors the exclusive right to their respective writings and discoveries." There is no requirement that they exercise that right.
The Constitution states that Congress shall have the power to do this. It does not state that Congress is obligated to do this, in every case or in any specific case. If Congress wants to do away with patents entirely, or limit them to X per entity or X per year or whatever, that is well within their jurisdiction. They may not be able to take away patents which have already been granted, but they can certainly refuse to issue new ones.
However you'll die at the first corner because it will have the same momentum but only 1/3 the gravitational downforce...
One could compensate for the lower gravity, for example by building magnets into the road to provide extra downforce and/or replacing the flat road surface and rubber tires with interlocking gears.
Speaking of which, anyone else find it funny that the same folks who tell you gov't can't do anything right also tell you gov't can't be allowed to compete with private business because it would be unfair?
These statement are not in any way contradictory. Government is allowed to do thing (like collect taxes and impose regulations) which private businesses are not allowed to do. Things which no one should be allowed to do. That is what makes the "competition" unfair. Not that they can out-compete private businesses by doing things right, but that they have a license to cheat.
What are they afraid of, the gov't's just gonna fail anyway, right?
They're more afraid that the project will not be allowed to fail—that it will waste the community's resources and drive more efficient (but unsubsidized) private offerings out of business.
I am personally in favor of community-driven Internet service projects, but they should be organized as subscriber-owned co-ops with no special privileges or legal favor, not branches of the municipal government.
To express the idea of Social Security in a way that you young whippersnappers will understand, it's just like those times when you're at Starbucks and you pay for the person in line behind you.
No, because that would be your choice. Social Security is more like when you're at Starbucks and the person in line in front of you leaves you their bill, justifying it on the basis that the person in front of them did the same.
Ya, but that's not the original language source from, say C, etc... just the Web Assembly text.
Disassembled WebAssembly can't be much worse than the minified JavaScript distributed with most web pages, to say nothing of asm.js. Sure, not every script is minified, but most of them are. Whether to publish the original source code is already up to the site's authors; WebAssembly doesn't change that.
Slashdot Mirror
The problem was never the definition of "reasonable". "Reasonableness" is not the criteria for a legal search: having a warrant is. Searching or seizing someone else's property without their consent, legally, requires special legal dispensation granting immunity for that violation of the owner's property rights. Said special legal dispensation is known as a warrant. Without a warrant, searching or seizing someone else's property (domestic of foreign, it makes no difference) is a criminal act, regardless of who does it or what badge they wear—and any law which purports to authorize such searches or seizures without "probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized" is an unconstitutional warrant which neither Congress nor any other branch of the government has the authority to issue.
Technically, Spectre only reveals data to which the process had already access to begin with.
The "process", perhaps, but not the attacker. To say that "correctly designed software should be unaffected" is disingenuous. Until this vulnerability was announced, that software was considered correctly designed. It did not permit arbitrary code execution; the inputs were sanitized and verified to be safe. The flaw is not the software design but rather the hardware, which ignored those security checks for the sake of speculative execution, then allowed the results—which should not have been observable by anyone, since according to the system architecture the code was never executed—to be exfiltrated through a side-channel.
Do not make the mistake of assuming that this is limited to scripting languages, JIT engines, and VMs. That would be sufficiently catastrophic by itself, of course, but any program which processes input from untrusted sources (i.e. any program where security is a factor) is potentially vulnerable. The attacker doesn't need access to a general-purpose programming language, just the right sequence of perfectly normal and harmless-looking instructions. More direct control makes it easier to exploit the flaw, but that does not imply that other, more limited programs are immune.
In the Google demo, it works because all in-kernel code (here: JIT-ed bytecode) has access to in-kernel data.
JIT is not required, at least on Intel Haswell Xeon CPUs:
During the course of our research, we developed the following proofs of concept (PoCs): ... 2. A PoC for variant 1 [Spectre] that, when running with normal user privileges under a modern Linux kernel with a distro-standard config, can perform arbitrary reads in a 4GiB range in kernel virtual memory on the Intel Haswell Xeon CPU. If the kernel's BPF JIT is enabled (non-default configuration), it also works on the AMD PRO CPU.
This particular PoC exploit requires JIT to work on the AMD PRO. On the Intel Haswell Xeon, the eBPF bytecode interpreter was sufficient. With enough effort, determined attackers could uncover a vulnerable code sequence in a standard distro kernel which does not depend on eBPF at all.
Nobody who cared about the environment would have every little item to their house delivered.
Every item in your house was delivered there by one means or another. Do you think it is better for the environment to have the same items delivered to a store first, to wait indefinitely on a shelf in the hopes that someone will make a trip there to purchase them and drive them home, compared to shipping them directly from the warehouse? For the majority of items which are not produced locally, I see no reason to think that online shopping would not be much better for the environment than buying the same items in person from retail store.
Also, why should economic activity that took place in the far past have the same "value" years later?
Because during that time you've been refraining from consuming and thus allowing others to benefit from the product of your labor. You did useful work, and received money in return—the overall supply of goods increased. You saved the money rather than spending it—so other people received those goods, not you. Assuming a stable money supply, if deflation has occurred that means that the difference between your production and your consumption has contributed to capital investment and more efficient production. That is why your money is now worth more. The deflation is your reward for refraining from entering the market and competing with others for scarce goods and services. Similarly, inflation, when it occurs naturally, reflects capital consumption and less efficient production, and the resulting decrease in the value of savings is a penalty for leaving the market to others who have failed to cultivate it.
The natural, unforced rate of deflation reflects how good the average investor is at turning a profit and bringing value to society. If you can do better than the average investor, great—you will receive a return higher than the rate of deflation. If not, everyone will be better off if you just "hoard" your money and refrain from diverting resources away from those who know what they're doing.
If the money supply is manipulated to force inflation, however, that makes the market look worse than it actually is, which encourages investment in below-average ventures—ventures which will not pay enough of a return to exceed the deflation which would otherwise have occurred. The result is capital consumption and a lower rate of growth. This presumes that the inflation occurs evenly; if the new money all goes to one place (such as the Treasury, banks, government contractors...) the distortion in the market becomes even worse.
Of course, forcing deflation causes the opposite problem, inhibiting useful investments which would have payed better than the natural rate of deflation. It's only a good thing when it occurs naturally, without manipulation of the money supply. Sometimes inflation can be a force for good—but only when it isn't forced.
I don't think Charter, or TWC, or Comcast would drop completely out of a market just because they were told they had to give everyone access. If they would, another monopolistic cable company would gladly step in.
You are assuming that they are already have a monopoly with no realistic threat of competition from other Internet providers, in which case it is also safe to assume that they are already charging whatever the market will bear and pocketing the difference. That is a problem which should be addressed by lowering barriers to entry and encouraging more competition—exactly the opposite of the proposed regulations.
It is not the giants like BT or Comcast that are most impacted by these rules, but rather the smaller, less profitable, local ISPs which can't afford to build out to service the entire countryside. Don't be fooled by their diminutive stature; they may be small, but the threat of their competition is what keeps the giants in check. Even if they don't service your market, the giants are well aware of the fact that if they set their prices too unreasonably these smaller providers would step in to take their place—unless sufficient barriers are erected to keep them from competing.
They're only being forced to do this because it is not something they would do voluntarily.
The key thing is that the ISPs aren't forced to provide rural Internet service—they can choose not to provide Internet service at all. And some of them will. Which makes matters worse for every non-rural Internet consumer.
That said, they will make their money back from this.
Either that, or go out of business. That doesn't necessarily mean that they're losing money in an accounting sense, just that the money can be more profitably invested elsewhere. Why invest in providing Internet service when you can get a higher return doing something else? Either way the result is the same, less competition and higher prices.
If anyone is really worried about rural access to broadband Internet they should just provide it directly, at cost, as a private non-profit organization with no special privileges or subsidies. It may still cost more than the for-profit Internet service in the cities, but that is a reasonable and expected consequence of the choice to live away from other people.
And whereas, initially that is true, in the end, the person using that connection will pay for it. It will just take longer for the [ISP] to get their money back from installing the cable for a rural route not already served, than it would in a densely populated urban cluster.
A longer payback time equals a higher opportunity cost—the difference between what the investors could have made from any other business and what they can make from offering Internet service to rural customers over the same time period. Due to this regulation, the person using the connection is not paying that higher cost, which means that the difference is externalized onto the ISP. This increases barriers to entry and drives marginally-profitable service providers out of business, reducing competition and raising prices for the consumers of Internet service living in more densely populated areas.
Let's say you loaned me $100 for a business venture for a period of one year at 5% interest. Would you be satisfied receiving $105 back in ten years? Or even the $100 principle in one year and the $5 interest in ten? After all, it "only" took you longer to get your money back. No harm done, right?
We don't know that the owner would have made the same choices.
Doesn't matter. If they were able to turn a profit then it stands to reason that the owner could have done the same. Either way they are responsible for taking away that choice from someone they never proved guilty of any crime. Making their victim whole involves more than just the return of the original property; they have a responsibility to render the accused at least as well off as they might plausibly have become had the property never been seized.
On the other hand, you appear to be suggesting that the government should profit from their seizure of property from a (presumably) innocent person, at their expense, having failed to prove their case. As such, you can't possibly be serious.
On the other hand, volatility works both ways. If they fail to make their case then they owe Aaron Shamo his seized property back, 513 BTC and 512 BCH, plus whatever profit they realized on it while it was in their keeping, since that profit would naturally have accrued to the owner if they hadn't interfered.
Selling now allows them to lock in the higher price in the event that they win, but also means that they stand to lose quite a bit if the price rises and they lose the case.
Wait, am I still talking about cars or have I reverted to drones? Seems to me the answers are the same for each.
You can build you own car without getting permission from anyone, and drive it as much as you want on private property with the consent of the property owner. Vehicle registration is only required if you want to drive the vehicle on public roads. The rules being proposed for drones are much more restrictive. If they'd stop messing with people flying over their own property or with the owner's permission (up to, say, 400' AGL) they wouldn't get nearly as much opposition.
So the fees depends on the number of transactions.
No, that would be reasonable. The fees depend on the number of pledges, not the number of transactions. Whether you have one $40 pledge or 40 $1 pledges, there is only one $40 transaction. The division of the total among the pledges is nothing more than a series of entries in a database managed by Patreon.
Patreon's role in the process lies precisely in batching together small payments to multiple recipients into a single deposit, and small donations from multiple donors into a single withdrawal. The addition of per-pledge fees defeats the point of having the service. Rather than paying 2.9% + $0.35 per pledge up front, with another 5% of the remainder paid by the recipient, you might as well just send your pledges through PayPal—where there are no fees for the sender and the recipient only pays 2.9% + $0.30 per transfer. If you sent $1.38 via Patreon ($1 pledge + fees) the recipient would only get $0.95, whereas if you send the same amount by PayPal they would net $1.04, or about 9% more. The fee structure with Square Cash is even better: 2.75% for business payments and no fixed charge per transaction.
Frankly, their fees are far better than any other site, even with the recent changes. You keep 95%? that's the fairest site of them all.
With the new 2.9% + $0.35 per pledge fees they're rolling out for donors, it's more like you keep ~69% of each nominally-$1 pledge. (Actual cost payed by donor $1.37, of which you receive $0.95.) Larger pledges result in a better ratio, naturally, up to about 92.3% in the best case.
Those fees might be reasonable on a per-transfer basis, where a transfer is $15 or more and can be used to fund multiple pledges, but not for each individual pledge. Especially since the only difference in the cost to Patreon between one $40 pledge and 40 $1 pledges is some entries in a database.
The part that is causing outrage is "patrons will pay for each individual pledge". If you pledge $40/mo. to one artist you'll pay $1.50/mo. in fees (not unreasonable), but if you make 40 $1 pledges then you'll pay $15.16/mo in fees. In the latter case, combined with their 5% cut on the recipient's side, Patreon is keeping almost 40% of the amount payed by donors. This change effectively makes small pledges unworkable, which is a problem for those Patreon users who rely on small pledges from many different patrons. As for the costs, Patreon doesn't do a separate transaction per pledge; they combine all the pledges together into a single transaction. Their processing costs are thus the same whether the donations go to one pledge or many.
Copyright is an artificial monopoly enforced by the State. Nothing at all to do with capitalism. (Unless you meant "crony capitalism", a.k.a. "corporatism", which isn't the same thing at all.)
Copyright's are easy to explain and understand. You don't copy stuff that you didn't produce yourself, without permission.
Fair use laws... That's the problem here. They don't make sense to the average person.
If that is how you think of copyright then you don't understand copyright at all. Fair use laws exist because the "simple" version of copyright, you have stated it, is fundamentally and obviously wrong and would never be accepted by the public. Don't just take my word for it; the fair use doctrine in the U.S. came about precisely because the Supreme Court recognized that copyright sans fair use infringed on the freedom of speech. There are many situations where it is plainly unreasonable to expect anyone to ask permission before making a copy. The more egregious cases (e.g. backups, parody, educational use) have been codified as "fair use" to co-opt the more dangerous forms of opposition and keep people from questioning the underlying premise that non-original speech is something that should require permission. (The other cases where permission is still required are also unreasonable, but less obviously so.)
Copyright has its roots in state censorship, and dates from a time when enforcement only directly affected a handful of publishers. It was wrong when it was originally introduced, and it hasn't aged well as improvements in communications and information processing have made copying a fundamental aspect of modern life.
First, your scheme requires the ability to export the private key from the device (even if it is encrypted). This is poor security practice.
Why? If RSA and/or ECC are really "uncrackable", and is mathematically proven so, I fail to see the problem.
First, there is no system other than the one-time pad (which is not a public-key cryptosystem and thus not applicable here) which is mathematically proven to be "uncrackable". Public-key cryptography depends on problems which are believed to be hard to solve, but it could be that there is a solution which simply hasn't been discovered yet.
Second, even assuming that the encryption is "uncrackable", the security of the manufacturer's private key and the process meant to ensure that it is only used in response to a lawful warrant are both much weaker targets than the encryption algorithm. As the saying goes, two people can keep a secret—provided that one of them is dead. A key which only the device has access to is inherently more secure than one which is meant to be accessible to both the device and the manufacturer (or the owner or anyone else).
If they keys are stored encrypted, the the key encryption key has to be stored in pain-text. These chips often have limited memory, so you can off-load secrets from the crypto chip into the host, but this key is encrypted using a chip-specific key. What you call "poor security practice" is baked into the TPM spec.
Perhaps I over-simplified. The point is that the plain-text key only exists inside the tamper-resistant chip. While the encryption version can be stored outside the chip, it can't be decrypted anywhere else, not even by the owner of the device and certainly not by the manufacturer. This is entirely different from sending the encrypted key to a third party who has the ability to decrypt it.
However, if you accept the postulate that somebody with a warrant signed by a judge has the right to break into your stuff, then you have to trust SOMEBODY.
Assuming that they have probable cause to search the device, I accept that they have the right to seize it and try to break into it. I do not accept that they have any right to succeed, or to force anyone to help them do so, either before or after the fact.
Maybe not the manufacturer, but a private company with a staff of lawyers to protect the rights of the customers.
Moving the goalposts a bit, but OK. That resolves the issue of incentives and representation, so long as I get to pick the company (potentially myself), but the other objections still apply. No one has sufficient technical competence to protect the master key from falling into the wrong hands; that is why we have things like TPMs and HSMs and smartcards in the first place.
As far as who keeps the keys, as I said, certificate organizations manage the run their entire business around keeping their private key private. Every organization that has an "https" web page has a private key that they somehow manage. You act as if this type of thing has never happened before.
You act as if CAs have never had keys compromised, or abused their position of trust to issue false certificates (under duress or otherwise). Some organizations which have had exactly these problems are still around and allowed to issue keys trusted by all the major browsers. If anything, the CA system illustrates exactly why key escrow is a horrible idea.
Have I missed something?
Several things, actually. First, your scheme requires the ability to export the private key from the device (even if it is encrypted). This is poor security practice. The current trend—long overdue, and implemented in response to real security breaches—is to generate and store the private key in a tamper-resistant secure chip, with no external access to the key material. All operations involving the key occur inside the chip. This protects against vulnerabilities in the operating system as well as physical tampering.
Second, why should the manufacturer have the ability to decrypt the user's data? Again, poor security practice. The manufacturer should not be considered a trusted party, beyond device itself as it was originally delivered and later software updates accepted by the owner and installed while the device is unlocked.
Third, the private key on the device is generally only part of the information needed to decrypt the contents; you also need the user's password. Even assuming you could get the private key from a locked device, if the user chose a secure password (as opposed to a PIN you could easily brute-force) then the device key won't do you any good. Storing the combined key would, of course, be very poor security practice, even wrapped in some form of encryption.
Fourth, the manufacturer's private key will eventually leak. Their backdoor access is a single point of failure, and a very tempting target for hackers and foreign governments alike. The manufacturer does not have nearly as much incentive to secure their backdoor as all of the end-users combined have to secure their individual devices.
Fifth, the manufacturer cannot be trusted to represent the owner's interests by requiring a legally-sound warrant before exercising their backdoor. They can be coerced or bribed into complying "voluntarily", without a warrant—the subject of this very article—and they have no incentive to fight dubious warrants which have a chance of being overturned since it's not their data, the effort required to comply would be trivial, and they have the cover of a "legal" order (however threadbare) to protect them against any public backlash.
But certainly the reason to pay $19.99 for the DVD is to watch the movie.
Close. The reason to pay $19.99 for the DVD is to be able to watch the movie as many times as you want, with the option to resell the used DVD when you've tired of it. That does not imply that a single viewing would be worth $19.99.
Anyway, the key metric here is not what might you have otherwise payed but rather what will it cost to "make the victim whole"—and in the case of copyright infringement the answer to that is nothing. The "victim" hasn't lost anything and is already whole; no restitution is owed. That just leaves retribution, and on that score the "victim" is welcome to infringe on the "pirate's" copyrights in turn—assuming that they claim any.
Electricity consumption ensures that it cannot be created without cost, thereby preventing anyone from artificially increasing the supply. ...
ASIC mining reduced the electric costs of bitcoin mining.
Actually, no, it didn't. It costs far more to mine a block now than it did before ASIC mining was invented. The difference has nothing to do with the technology used and everything to do with the fact that the price of Bitcoin has increased by several orders of magnitude. When each block earns you a block reward of $125,000 (12.5 BTC/block * $10k/BTC), a marginally profitable miner will spend almost that much on electricity for each block mined, whether mining is done with ASICs, GPUs, or CPUs. More efficient mining hardware just means you have to solve more calculations per block, since the network automatically adjusts the difficulty to maintain a rate of six blocks per hour. Even if this interval is shortened slightly by ever-increasing hash rates, that just means that the next "halving event" where the block reward drops to 6.25 BTC comes that much sooner, and the hard cap of 21 million BTC remains unaffected.
It all this foolproof? Not quite, since the limits could be changed with a hard fork if enough people agreed. On the other hand, the scarcity of precious metals has its own caveats. We could discover vast new sources, e.g. through asteroid mining, or a—cheaper, more practical—way to transmute common elements into gold. (We already know that this can be done through nuclear transmutation; it just isn't cost-effective.)
Congratulations, you've just invented the banking system!
No, the escrow system is a way to get the benefits of a bank without involving a fully-trusted third party. A bank can refuse to process the payment even when the buyer and seller agree, whereas the escrow partner is completely out of the loop in this case. The bank can also take the money and run against the wishes of both buyer and seller, again something the escrow partner cannot do since at least one of them must sign off on the transfer. The only real risk is that the escrow partner fails to act impartially in the event of a dispute, which is mitigated by the fact that both the buyer and the seller agree on the choice of escrow service in advance.
There are also arrangements which do away with the third party entirely—in the event of a dispute the payment (plus an optional deposit to keep things balanced) is either locked up permanently or donated to charity. This implies that both sides lose if either cheats, which isn't really fair to the victim, but this unfairness is minimized by removing the incentive to cheat in the first place.
Step #1 falls down immediately. The constitution clearly states that "To promote the progress of science and useful arts, by securing for limited times to authors and inventors the exclusive right to their respective writings and discoveries." There is no requirement that they exercise that right.
The Constitution states that Congress shall have the power to do this. It does not state that Congress is obligated to do this, in every case or in any specific case. If Congress wants to do away with patents entirely, or limit them to X per entity or X per year or whatever, that is well within their jurisdiction. They may not be able to take away patents which have already been granted, but they can certainly refuse to issue new ones.
However you'll die at the first corner because it will have the same momentum but only 1/3 the gravitational downforce ...
One could compensate for the lower gravity, for example by building magnets into the road to provide extra downforce and/or replacing the flat road surface and rubber tires with interlocking gears.
Speaking of which, anyone else find it funny that the same folks who tell you gov't can't do anything right also tell you gov't can't be allowed to compete with private business because it would be unfair?
These statement are not in any way contradictory. Government is allowed to do thing (like collect taxes and impose regulations) which private businesses are not allowed to do. Things which no one should be allowed to do. That is what makes the "competition" unfair. Not that they can out-compete private businesses by doing things right, but that they have a license to cheat.
What are they afraid of, the gov't's just gonna fail anyway, right?
They're more afraid that the project will not be allowed to fail—that it will waste the community's resources and drive more efficient (but unsubsidized) private offerings out of business.
I am personally in favor of community-driven Internet service projects, but they should be organized as subscriber-owned co-ops with no special privileges or legal favor, not branches of the municipal government.
To express the idea of Social Security in a way that you young whippersnappers will understand, it's just like those times when you're at Starbucks and you pay for the person in line behind you.
No, because that would be your choice. Social Security is more like when you're at Starbucks and the person in line in front of you leaves you their bill, justifying it on the basis that the person in front of them did the same.
Ya, but that's not the original language source from, say C, etc... just the Web Assembly text.
Disassembled WebAssembly can't be much worse than the minified JavaScript distributed with most web pages, to say nothing of asm.js. Sure, not every script is minified, but most of them are. Whether to publish the original source code is already up to the site's authors; WebAssembly doesn't change that.