1. The merchant can charge you for more than the authorized amount. They need only modify the PIN-pad device to display one amount and charge a different one. The charge should be displayed on hardware controlled by the cardholder/bank.
2. Not sure if the device is using SSL certs and signed transactions. If it is just a static account number with a PIN it could easily be cloned.
3. If criminals are using rigged readers they wouldn't even need to clone the cards. They could just capture the PIN and then generate a dozen fraudulent transactions while the card is still present. This would defeat even an SSL cert. Unless the card contained its own time reference this could not be prevented simply by only accepting 1 transaction per minute - the PIN-pad device would just back or future-date all its fraudulent transactions and submit them all to the card, which would not realize that it has gotten 10 requests in 2 seconds with times a minute apart.
Having the authentication hardware self-contained would defeat these attacks. The only thing the card should obtain from the outside world is the name/ID of the merchant and the amount of the sale. Both could be displayed on-screen for verification prior to PIN-entry.
I didn't see much in that article that addressed my criticism - the author aruges that if patents really worked then most drugs should be developed in countries with strong patent laws. This is incorrect. In fact, most drug companies should invest in selling new drugs in countries with strong patent laws, and this is what happens. The lion's share of drug profits are made in the USA. However, the US does not discriminate against foreign companies with regard to patents, so there is no benefit to being US based if you want to sell your products in the USA. Hence many drug companies are based in Europe, despite the fact that drugs don't make much money in Europe (they may have patents, but they also dictate prices and engage in compulsory licensing, which is little different from not having patents at all). So, you can't just look at the industry within a single country and assume that the patent policy of that country has anything to do with its health.
In fact, most clinical trials are done outside the USA due to cost - you have to pay people money to get them to take potentially dangerous pills, and that is cheaper to do in countries where people will sell their soul for $5. Also, laws regulating testing are laxer outside the US - even Europe is easier to comply with.
You also need to take data that is pre-1960s with a grain of salt. Drugs were a far different beast back then - this was long before drug development costs were what they are today. Sure, Germany was a big drug giant in the pre-patent days, but back then you could just inject a few volunteers with some compound used in dye manufacture, see that it made them more energetic, and and then sell it as a stimulant. If we wanted to get rid of drug safety regulations then the drug industry probably could survive without patent protection - but new drugs discovered under these conditions would not be of much medical use.
I wouldn't use the sniffed password, but logging is easily covered if there is a message on the laptop stating that the owner of the equipment reserves all rights to monitor all data contained within. After all, it is your laptop!
Agreed - a biometric authentication needs to run on trusted hardware. I could use one safely to let people into my computer. However, I wouldn't tell my fileserver to serve up my files to any computer that claims I stuck my finger onto their scanner.
The reason is simple - whoever controls the hardware can tell the scanner to report whatever it wants, mount data replay attacks, etc.
Even if the scanner this company is using is ultra-strong and can tell fingers apart from gummy-bears, who is to say I'll even use their scanner. All I need to do is take one apart, figure out how it works, remove any embedded encryption keys, and then create my own "virtual" scanner that reports whatever finger-prints I want it to. As the parent mentioned, there is a ready supply of fingerprints - I might start with my mailman who leaves his on my front porch every day.
And even strong biometric systems have problems (inability to change compromised credentials for one). This system isn't even remotely strong from the start.
Here is an idea for a payment system that would work. Credit card with no mag stripe - just a smart-card interface, a small LCD display, a small PIN entry pad, and a small acoustic modem (possibly an external device that the card can be attached to easily), and a tiny USB interface. Card contains SSL key known to nobody, but the cert is signed by the bank issuing the card (with CRL available). I walk up to a check-out counter, and insert my card, and then remove it. The card displays the transaction amount on the display, and I enter my PIN on the card. I re-insert the card, and the transaction is complete. Transactions are time-stamped and cannot be replayed (unless the transaction is a subscription which would be noted on the display). PINs are entered on the card itself - so no capturing these unless you have a camera overhead. SSL key never leaves the card, so without physical card presence you can't make transactions. Acoustic modem / USB can be used for online or phone transactions - again with full security.
This would resist just about every form of fraud that is common today. Without the card and the PIN you can't make a transaction. Sure, you could steal the card and force somebody to enter a PIN at gunpoint, but this is not a significant source of fraud (and while we're at it we could have a 2nd call-police PIN that still makes transactions appear to work). The only downside is the implementation cost - but I wonder if it wouldn't pay for itself pretty quickly...
Truecrypt volumes are filled with random data when they are initialized, and appear random when files are created/deleted. There is nothing you can do to tell whether a volume was ever written to without knowing the key.
So, yes it does look like "used" space. But it also looks like "empty" space by the same virtue. If you just put your regular checkbook in a truecrypt volume and put something else in a hidden volume it would be plausible to say that the checkbook is the only thing in there.
So, then you put a hidden share in, and then put another hidden share inside that hidden share. Truecrypt hidden shares can be an arbitrary number of levels deep, and unless the authorities intend to just beat you until you die they're going to have to figure at some point that you might just be telling them the truth when you say there isn't another level...
The design of truecrypt is that it isn't possible to tell whether there is a hidden volume or not - it just looks like unused space.
No Konqueror support. Not that this should be surprising considering the lack of Safari support.
I gave up on firefox due to the excessively long timeouts when loading pages. For whatever odd reason it occasionally takes all day to load a page, and when this happens other tabs refuse to load either. I've had browsers with 15 tabs all spinning doing nothing and then all the sudden they all load.
"In fact, only 238 out of 1035 drugs approved by the FDA contained new active ingredients and were given priority ratings on the base of their clinical performances. In other words, about 77% percent of what the FDA approves is "redundant" from the strictly medical point of view."
Well, duh. And most of those compounds are probably also not patent protected (you didn't cite a time-range, but only a few dozen patented drugs hit the market each year). If Rite Aid wants to sell their own brand of aspirin they need to file for FDA approval, and if CVS wants to do the same they must also file for FDA approval. Neither is strictly needed from a medical standpoint, but all those senior citizens forced to choose between medicine and food aren't going to be complaining that they can buy generic pills for $2/bottle instead of Bayer for $10.
And even in cases where new medicines are just variations on existing drugs, there is still a huge market benefit. Consider cholesterol medications - the prices actually paid for these dropped over the last 10 years as newer medicines hit the market. This wasn't because of any benefit from the newer medicines - rather it was due to the fact that insurance companies could offer exclusive deals to one manufacturer in exchange for lower prices.
Also - ever hear of drug allergies? Strictly speaking we shouldn't need more than 1 antibiotic - the rest are mostly redundant. However, if you end up with a drug-resistant strain, or if you're allergic to that one antibiotic, then it is good that some manufacturer decided to come up with a "non-innovative" medicine that you could actually take.
I know somebody with a lot of drug sensitivity issues. If it weren't for the fact that there are multiple drugs on the market for various conditions she might have had serious problems.
Italy, with a vibrant generic drug industry, did not achieve any significant increase in the discovery of innovative drugs during the first decade after the Italian Supreme Court mandated the issue of pharmaceutical product patents
Why would they? Italian drug companies would gain little from the enforcement of patents in Italy. If they made money on innovative drugs in the past, it was probably from selling them in the USA (the only place anybody makes any money on new drugs, although Japan is a distant 2nd because there is a cultural fondness for taking pills). They would have had patents in the USA all along. The only thing the law change would do is allow them to make a few more bucks back home - but that would be a drop in the bucket.
What exactly is the problem with "non-innovative" drugs? People don't have to take them if they don't want to - and if they don't take them they don't pay a dime for them.
Patents on drugs should not be lengthened because while it is very risky and expensive to do drug research, that's the nature of the business.
If it weren't for patents it wouldn't even be a business - at least not the R&D side.
Now, if society just wants to say that drugs aren't all that big a deal - who needs them - then maybe getting rid of patents makes sense. However, if that were really the position of society then there is another easy solution - leave the current system alone but don't buy the drugs (after all, without patents they probably wouldn't exist in the first place).
If the main concern is lowering drug prices, then something probably has to give. One option would be to lower safety standards - that would eliminate barriers to entry and increase competition, while driving down costs. Right now when a small company comes up with a plausible drug they license it out to a major pharma outfit - since nobody else can afford to find out if it is safe or not, or if it even works. The big pharma companies then share the profits if the drug works, and eat the costs if it does not (which happens most of the time). If you got rid of the Food, Drug, and Cosmetics Acts then there would be a flood of new drugs on the market at rock-bottom prices. Of course, there would be no way to know which ones work. A compromise might be to find some in-between standard for safety. However, the FDA has only been tightening the rules in recent years - it should be no surprise that companies are not releasing as many new products as in years past. And fewer products mean less competition and therefore higher prices. Besides - everybody has been complaining about me-too drugs being unnecessary - not thinking about the fact that having two pizza shops in the same town is also unnecessary but it is the only reason why pizza doesn't cost $6/slice...:)
The 13th amendment also bans indentured servitude - which was entered into on a contract basis. The effects were similar to slavery even if there was technically a difference.
You could loan the black guy $40k and forgive $8k each year that he works for you after he finishes college - that works and is legal.
Notice that only the Federal government is in the student loan business? (Well, the money comes from banks, but it is lent though Federal programs.) The reason is simple - bankruptcy. All that guy needs to do is file once he finishes college and never work for you at all (unless your wages are competitive with companies that don't pay for people to go to college - which is unlikely).
Then offer them a 200% payback. Outright. Instead of a patent creating a monopoly, let it be worth a 200% ROI for the patent holder if it gets used in products to a certain amount within the next five (or ten, or thirty) years. Paid by the patent office, financed through ordinary state financing rather than a hidden economic tax in the incarnation of monopoly pricing.
You essentially described how the phone company used to work. You know why the telephone company invented the transistor? Simple - their profits were a fixed percentage of their costs - the more they spent the more they made. As a result blue sky R&D was heavily financed - since every dollar spent was GUARANTEED a $1.10 return (or whatever the rate was). It also used to be the case that people would tiptoe around the house when somebody was on a long distance call, since the rates were amazingly high - probably a result of the aforementioned waste. Sure, the transistor was a good thing to come out of the arrangement, but for every dollar spent on R&D I'm sure 50 were spent on bureaucracy - since the more you wasted the more you made.
Pharmaceuticals are a perfect example; they waste 80% of their income outside research. They spend more than twice as much on marketing and administration as they do on R&D. The protection breeds the expense which makes the protection necessary for the protected business model.
Hardly - the figures you quote apply in ANY industry - Pharma actually tends to invest more in R&D comparatively than most industries. NOBODY spends more on R&D than they do on marketing. That is simply because people buy the products they see on TV regardless of whether they are better. If you ban advertising of any kind then maybe that might change. Your own figures above suggests Pharma is spending 20% on R&D. Name any company outside of Pharma that has comparable expenses - other than startups that obviously only spend money on R&D as they have no product to market (and even then they often spend money to create a market for products that don't yet exist). Even software houses that have low manufacturing costs probably don't spend more than 20% on R&D.
Don't get me wrong - I'd like to see more of the money going to R&D. However, that is a function of how society actually works - if you have to make a profit, then you need to market. And if consumers buy what the Hollywood actor tells them to buy, then it is more important to pay Hollywood actors to promote your product than scientists to make it better.
Tivo came out with a GREAT product which was well marketed. However, it really was just the next technological step - apparently other companies were working on the same thing at the same time.
Tivo enjoyed great profits from their launch, but what they want now is a lock on the market for what was essentially a small up-front investment.
Tivo's current systems are generally superior to most of the competition. Their problem is that they are EXPENSIVE. The cable companies realized that DVRs sell service, so like cell phones they give them away in exchange for monthly contracts. Tivo is selling $400 cell phones in a market where most people expect them to be free (even if a bit more junky). This is why Tivo is losing market share fast.
While I'd love to see Tivo win, the fact is that their original product wasn't that innovative. Others were working on the same sorts of things, but Tivo executed better. That should earn them some bucks, but not royalties for 17 years. Plus, Tivo's up-front expenses were not that high - probably not more than a few 10's of millions of dollars - they were almost certainly fully recovered with a healthy profit.
Patents should exist where they are needed to allow companies to make healthy profits on risky ideas. However, that is all they are needed for - if a company is able to make a healthy profit without a patent, then one is not necessary. Patent lifetimes should probably be tweaked by industry as well - in industries where we expect a high level of expense to ensure quality (such as pharmaceuticals) we should probably grant longer patents (or lower the safety standards to reduce up-front costs). In an industry like toothbrush designs they should probably be shorter. Software patents should probably only last a year or two - as softare is not capital-intensive and a two year head start is plenty to make a profit.
In general patents should exist for the benefit of society - to encourage companies to come up with innovative products. That benefits everyone. However, if a company is willing to do R&D with the promise of a 200% payback we shouldn't be offering them 20,000%.
I'm confused. Guy wants to work more and make more money, when he's currently dirt poor. Apple is (you allege) circumventing a tyrannical system that doesn't let the guy do it... but it's Apple that's being exploitative? What about the Chinese government? They're being humane by preventing the guy from working overtime? Gee, thanks.
Ok, perhaps a better example of what you're getting at:
I'm confused. Black guy has no education and can't find anybody willing to pay him even minimum wages. His poor family is starving, and he feels like he is no use to them at all. One day a white guy walks up to him and sees that he looks reasonably strong, and that with a little training he might pay off as a construction worker. However, he doesn't want to invest all kinds of money in training just to have the guy get a job somewhere else. So, he makes the black guy an offer written up on a contract - he will be paid $40,000 in cash in exchange for ownership of his body/mind/labor/etc. He explains that the black guy shouldn't worry about harsh working conditions - it is in the interest of his owner to protect his investment. And, the money would fix his family's problems - $40k is probably more money than the guy would bring home in his entire life the way things are currently going.
But then some oppressive federal agent comes in and says that the 13th amendment prevents this poor black entrepreneur from selling the one asset he has, and solving his family's problems...
Maybe the 13th amendment was passed because allowing people to enter into unrestricted labor contracts had been tried before, and it didn't work.
Well, I think that is pretty-much Federal labor law across the entire US. However, good luck working less than 40 hours per week - technically they need to pay you the same, but in real life they just fire you if it happens regularly.
Again, from my orginal post, GPL treats the source code as the only thing.
Actually, the GPL enforces copyright on the binaries as well as the source code. If you distribute GPL software, you must provide the source, and you must license your distributed code under the GPL. You don't need to accept the GPL only in order to distribute the source - it applies to the binaries as well.
If you sell somebody a Debian install CD and tell them they can't make copies of any part of it, you're violating the GPL - despite the fact that you haven't distributed any source code at all. The binaries are copyrighted and you need permission of the copyright holders to distribute them. The copyright holders of linux have granted permission to distribute so long as you grant permission using the GPL for others to do the same.
The GPL gives users benefits even if they never care to look at or use the source.
The likelihood of scrapping the whole thing because you've got nothing is logarithmic to the cost. That is, the more the costs go up, the more likely you scrap the whole thing.
Yes, but that is the backwards-looking result at the end of the project.
When you are 1 year into a project, the chance of it being cancelled its related to the ratio of costs-approved / money already spent. If the project is a 10-stage project that you consider likely to succeed, then there is substantial risk that management will cancel it at stage 1-2 to free up funds that were allocated for stages 3-10.
On the other hand, if you make it one monster project, and sink tons of money into pre-paid contracts, license fees, and hardware costs in the first month of the project, then management looks at the costs as sunk and lets the project go on. As a result, project managers run their projects that way.
I'm always amazed at work when a new system is approved that will take 1 year to develop that the first step is inevitably to order the production server hardware. Then when the project is done 2 years later everybody is shocked that it is running on stuff that you can't even buy any more. If they waited they could get superior performance for half the cost. On the other hand, they could have had the budget taken from them - and hence the reason the money got spent as soon as it was granted.
For some reason the temp internet files are in the roaming profile. By default, they're a percentage of the drive (usually gigs).
That would be because web-browser designers don't read the standards... In the case of mozilla, it might be the only standard they didn't read.
There is a local application data folder in the profile which does NOT roam - this is where the cache belongs. Everything else (bookmarks/etc) should go in the non-local application data folder, which does roam. Or better still it should go on a network drive, so that if you log into 3 PCs at once your bookmarks don't end up overwriting each other when the profile directories get resynced.
The my documents folder can actually be redirected to another path to achieve exactly this. I think you can just right click on it on the start menu and go into properties. I forget offhand though.
The issue is that there is no law that states that you need the permission of a copyright holder to use software. The law does state that you need the permission of a copyright holder to copy the software. So, you need a licenses for the latter and not the former. The same applies to both binary and source.
You don't need to accept the GPL to use GPL software, or even to modify it. You do need to accept it to distribute it.
Well, if you are a vendor making money from a product shouldn't you be willing to foot the bill for fixing problems with your software? You can always re-engineer the fix under GPL v2 at a pretty low cost. The cost is likely going to be less than if you had to license some other embedded OS. And if you'd rather pay somebody in gold so that you know what their motives are, then you probably don't want to be using FOSS, as this isn't the typical motivation there...:)
With proprietary software you're up the creek if your vendor changes the license - at least with open source you have some options. And if there were a law requiring software distributors to offer security patches under the same license as the original code it would probably apply to GPLed code as well - so you wouldn't even have to worry about this problem at all.
Good thing F/OSS comes with none of that baggage. If it breaks "you get to keep both pieces".
Yes, but usually you haven't paid for it either, so you are getting what you paid for. Also, if a flaw is published you have the ability to fix it on your own. With closed-source software you're at the mercy of the vendor - if they don't offer a patch then you're not likely to ever fix the problem.
Uh, nobody is required to accept a newer version of the GPL to obtain security patches.
If the version of the software you are using was under GPL v2 you can always patch it for security holes and recompile it for as long as you are using it. The original software is still GPL v2 licensed.
Now, if you want to upgrade to a later software version with new features it might not still be available under GPL v2, but that isn't a case of an agreement rewrite - the new agreement only applies to a newer version of the software. If you wanted you could always fork the project and rewrite the new versions under GPL v2.
MS is rewriting the EULA in order to obtain security patches for software that was already purchased under a different license. Nobody is complaining that the EULA for Windows XP is different than the EULA for Windows 2K or NT.
Windows is only being modified in the sense that a Honda Civic is being modified when they replace a defective water pump with a working one. If there is a warranty then they are required to do it. Even if there isn't a warranty and there is a major defect in manufacture they might still have to do it (this is more of a gray area).
The windows box didn't advertise that it contained buffer overflows - this wasn't a feature that was purchased. The consumer wanted a working version of the software - this is what they paid for.
Now, paying for Media Player 10 vs Media Player 7 would certainly fall under the category of an enhancement. However, asking for a fix to a buffer overflow in Media Player 7 (without upgrading it to a later version) would not.
Basically, the issue is whether products are required to meet some basic standard of security for some period of time after release. Patches for 10-year-old Windows NT are one thing. Patches for software that was purchased six months ago are something else. Companies should be required to support software with security patches for at least a few years after they sell the last copy.
The system has a few drawbacks:
1. The merchant can charge you for more than the authorized amount. They need only modify the PIN-pad device to display one amount and charge a different one. The charge should be displayed on hardware controlled by the cardholder/bank.
2. Not sure if the device is using SSL certs and signed transactions. If it is just a static account number with a PIN it could easily be cloned.
3. If criminals are using rigged readers they wouldn't even need to clone the cards. They could just capture the PIN and then generate a dozen fraudulent transactions while the card is still present. This would defeat even an SSL cert. Unless the card contained its own time reference this could not be prevented simply by only accepting 1 transaction per minute - the PIN-pad device would just back or future-date all its fraudulent transactions and submit them all to the card, which would not realize that it has gotten 10 requests in 2 seconds with times a minute apart.
Having the authentication hardware self-contained would defeat these attacks. The only thing the card should obtain from the outside world is the name/ID of the merchant and the amount of the sale. Both could be displayed on-screen for verification prior to PIN-entry.
I didn't see much in that article that addressed my criticism - the author aruges that if patents really worked then most drugs should be developed in countries with strong patent laws. This is incorrect. In fact, most drug companies should invest in selling new drugs in countries with strong patent laws, and this is what happens. The lion's share of drug profits are made in the USA. However, the US does not discriminate against foreign companies with regard to patents, so there is no benefit to being US based if you want to sell your products in the USA. Hence many drug companies are based in Europe, despite the fact that drugs don't make much money in Europe (they may have patents, but they also dictate prices and engage in compulsory licensing, which is little different from not having patents at all). So, you can't just look at the industry within a single country and assume that the patent policy of that country has anything to do with its health.
In fact, most clinical trials are done outside the USA due to cost - you have to pay people money to get them to take potentially dangerous pills, and that is cheaper to do in countries where people will sell their soul for $5. Also, laws regulating testing are laxer outside the US - even Europe is easier to comply with.
You also need to take data that is pre-1960s with a grain of salt. Drugs were a far different beast back then - this was long before drug development costs were what they are today. Sure, Germany was a big drug giant in the pre-patent days, but back then you could just inject a few volunteers with some compound used in dye manufacture, see that it made them more energetic, and and then sell it as a stimulant. If we wanted to get rid of drug safety regulations then the drug industry probably could survive without patent protection - but new drugs discovered under these conditions would not be of much medical use.
I wouldn't use the sniffed password, but logging is easily covered if there is a message on the laptop stating that the owner of the equipment reserves all rights to monitor all data contained within. After all, it is your laptop!
Agreed - a biometric authentication needs to run on trusted hardware. I could use one safely to let people into my computer. However, I wouldn't tell my fileserver to serve up my files to any computer that claims I stuck my finger onto their scanner.
The reason is simple - whoever controls the hardware can tell the scanner to report whatever it wants, mount data replay attacks, etc.
Even if the scanner this company is using is ultra-strong and can tell fingers apart from gummy-bears, who is to say I'll even use their scanner. All I need to do is take one apart, figure out how it works, remove any embedded encryption keys, and then create my own "virtual" scanner that reports whatever finger-prints I want it to. As the parent mentioned, there is a ready supply of fingerprints - I might start with my mailman who leaves his on my front porch every day.
And even strong biometric systems have problems (inability to change compromised credentials for one). This system isn't even remotely strong from the start.
Here is an idea for a payment system that would work. Credit card with no mag stripe - just a smart-card interface, a small LCD display, a small PIN entry pad, and a small acoustic modem (possibly an external device that the card can be attached to easily), and a tiny USB interface. Card contains SSL key known to nobody, but the cert is signed by the bank issuing the card (with CRL available). I walk up to a check-out counter, and insert my card, and then remove it. The card displays the transaction amount on the display, and I enter my PIN on the card. I re-insert the card, and the transaction is complete. Transactions are time-stamped and cannot be replayed (unless the transaction is a subscription which would be noted on the display). PINs are entered on the card itself - so no capturing these unless you have a camera overhead. SSL key never leaves the card, so without physical card presence you can't make transactions. Acoustic modem / USB can be used for online or phone transactions - again with full security.
This would resist just about every form of fraud that is common today. Without the card and the PIN you can't make a transaction. Sure, you could steal the card and force somebody to enter a PIN at gunpoint, but this is not a significant source of fraud (and while we're at it we could have a 2nd call-police PIN that still makes transactions appear to work). The only downside is the implementation cost - but I wonder if it wouldn't pay for itself pretty quickly...
Truecrypt volumes are filled with random data when they are initialized, and appear random when files are created/deleted. There is nothing you can do to tell whether a volume was ever written to without knowing the key.
So, yes it does look like "used" space. But it also looks like "empty" space by the same virtue. If you just put your regular checkbook in a truecrypt volume and put something else in a hidden volume it would be plausible to say that the checkbook is the only thing in there.
So, then you put a hidden share in, and then put another hidden share inside that hidden share. Truecrypt hidden shares can be an arbitrary number of levels deep, and unless the authorities intend to just beat you until you die they're going to have to figure at some point that you might just be telling them the truth when you say there isn't another level...
The design of truecrypt is that it isn't possible to tell whether there is a hidden volume or not - it just looks like unused space.
No Konqueror support. Not that this should be surprising considering the lack of Safari support.
I gave up on firefox due to the excessively long timeouts when loading pages. For whatever odd reason it occasionally takes all day to load a page, and when this happens other tabs refuse to load either. I've had browsers with 15 tabs all spinning doing nothing and then all the sudden they all load.
"In fact, only 238 out of 1035 drugs approved by the FDA contained new active ingredients and were given priority ratings on the base of their clinical performances. In other words, about 77% percent of what the FDA approves is "redundant" from the strictly medical point of view."
Well, duh. And most of those compounds are probably also not patent protected (you didn't cite a time-range, but only a few dozen patented drugs hit the market each year). If Rite Aid wants to sell their own brand of aspirin they need to file for FDA approval, and if CVS wants to do the same they must also file for FDA approval. Neither is strictly needed from a medical standpoint, but all those senior citizens forced to choose between medicine and food aren't going to be complaining that they can buy generic pills for $2/bottle instead of Bayer for $10.
And even in cases where new medicines are just variations on existing drugs, there is still a huge market benefit. Consider cholesterol medications - the prices actually paid for these dropped over the last 10 years as newer medicines hit the market. This wasn't because of any benefit from the newer medicines - rather it was due to the fact that insurance companies could offer exclusive deals to one manufacturer in exchange for lower prices.
Also - ever hear of drug allergies? Strictly speaking we shouldn't need more than 1 antibiotic - the rest are mostly redundant. However, if you end up with a drug-resistant strain, or if you're allergic to that one antibiotic, then it is good that some manufacturer decided to come up with a "non-innovative" medicine that you could actually take.
I know somebody with a lot of drug sensitivity issues. If it weren't for the fact that there are multiple drugs on the market for various conditions she might have had serious problems.
Italy, with a vibrant generic drug industry, did not achieve any significant increase in the discovery of innovative drugs during the first decade after the Italian Supreme Court mandated the issue of pharmaceutical product patents
Why would they? Italian drug companies would gain little from the enforcement of patents in Italy. If they made money on innovative drugs in the past, it was probably from selling them in the USA (the only place anybody makes any money on new drugs, although Japan is a distant 2nd because there is a cultural fondness for taking pills). They would have had patents in the USA all along. The only thing the law change would do is allow them to make a few more bucks back home - but that would be a drop in the bucket.
What exactly is the problem with "non-innovative" drugs? People don't have to take them if they don't want to - and if they don't take them they don't pay a dime for them.
Patents on drugs should not be lengthened because while it is very risky and expensive to do drug research, that's the nature of the business.
:)
If it weren't for patents it wouldn't even be a business - at least not the R&D side.
Now, if society just wants to say that drugs aren't all that big a deal - who needs them - then maybe getting rid of patents makes sense. However, if that were really the position of society then there is another easy solution - leave the current system alone but don't buy the drugs (after all, without patents they probably wouldn't exist in the first place).
If the main concern is lowering drug prices, then something probably has to give. One option would be to lower safety standards - that would eliminate barriers to entry and increase competition, while driving down costs. Right now when a small company comes up with a plausible drug they license it out to a major pharma outfit - since nobody else can afford to find out if it is safe or not, or if it even works. The big pharma companies then share the profits if the drug works, and eat the costs if it does not (which happens most of the time). If you got rid of the Food, Drug, and Cosmetics Acts then there would be a flood of new drugs on the market at rock-bottom prices. Of course, there would be no way to know which ones work. A compromise might be to find some in-between standard for safety. However, the FDA has only been tightening the rules in recent years - it should be no surprise that companies are not releasing as many new products as in years past. And fewer products mean less competition and therefore higher prices. Besides - everybody has been complaining about me-too drugs being unnecessary - not thinking about the fact that having two pizza shops in the same town is also unnecessary but it is the only reason why pizza doesn't cost $6/slice...
The 13th amendment also bans indentured servitude - which was entered into on a contract basis. The effects were similar to slavery even if there was technically a difference.
You could loan the black guy $40k and forgive $8k each year that he works for you after he finishes college - that works and is legal.
Notice that only the Federal government is in the student loan business? (Well, the money comes from banks, but it is lent though Federal programs.) The reason is simple - bankruptcy. All that guy needs to do is file once he finishes college and never work for you at all (unless your wages are competitive with companies that don't pay for people to go to college - which is unlikely).
Then offer them a 200% payback. Outright. Instead of a patent creating a monopoly, let it be worth a 200% ROI for the patent holder if it gets used in products to a certain amount within the next five (or ten, or thirty) years. Paid by the patent office, financed through ordinary state financing rather than a hidden economic tax in the incarnation of monopoly pricing.
You essentially described how the phone company used to work. You know why the telephone company invented the transistor? Simple - their profits were a fixed percentage of their costs - the more they spent the more they made. As a result blue sky R&D was heavily financed - since every dollar spent was GUARANTEED a $1.10 return (or whatever the rate was). It also used to be the case that people would tiptoe around the house when somebody was on a long distance call, since the rates were amazingly high - probably a result of the aforementioned waste. Sure, the transistor was a good thing to come out of the arrangement, but for every dollar spent on R&D I'm sure 50 were spent on bureaucracy - since the more you wasted the more you made.
Pharmaceuticals are a perfect example; they waste 80% of their income outside research. They spend more than twice as much on marketing and administration as they do on R&D. The protection breeds the expense which makes the protection necessary for the protected business model.
Hardly - the figures you quote apply in ANY industry - Pharma actually tends to invest more in R&D comparatively than most industries. NOBODY spends more on R&D than they do on marketing. That is simply because people buy the products they see on TV regardless of whether they are better. If you ban advertising of any kind then maybe that might change. Your own figures above suggests Pharma is spending 20% on R&D. Name any company outside of Pharma that has comparable expenses - other than startups that obviously only spend money on R&D as they have no product to market (and even then they often spend money to create a market for products that don't yet exist). Even software houses that have low manufacturing costs probably don't spend more than 20% on R&D.
Don't get me wrong - I'd like to see more of the money going to R&D. However, that is a function of how society actually works - if you have to make a profit, then you need to market. And if consumers buy what the Hollywood actor tells them to buy, then it is more important to pay Hollywood actors to promote your product than scientists to make it better.
Tivo came out with a GREAT product which was well marketed. However, it really was just the next technological step - apparently other companies were working on the same thing at the same time.
Tivo enjoyed great profits from their launch, but what they want now is a lock on the market for what was essentially a small up-front investment.
Tivo's current systems are generally superior to most of the competition. Their problem is that they are EXPENSIVE. The cable companies realized that DVRs sell service, so like cell phones they give them away in exchange for monthly contracts. Tivo is selling $400 cell phones in a market where most people expect them to be free (even if a bit more junky). This is why Tivo is losing market share fast.
While I'd love to see Tivo win, the fact is that their original product wasn't that innovative. Others were working on the same sorts of things, but Tivo executed better. That should earn them some bucks, but not royalties for 17 years. Plus, Tivo's up-front expenses were not that high - probably not more than a few 10's of millions of dollars - they were almost certainly fully recovered with a healthy profit.
Patents should exist where they are needed to allow companies to make healthy profits on risky ideas. However, that is all they are needed for - if a company is able to make a healthy profit without a patent, then one is not necessary. Patent lifetimes should probably be tweaked by industry as well - in industries where we expect a high level of expense to ensure quality (such as pharmaceuticals) we should probably grant longer patents (or lower the safety standards to reduce up-front costs). In an industry like toothbrush designs they should probably be shorter. Software patents should probably only last a year or two - as softare is not capital-intensive and a two year head start is plenty to make a profit.
In general patents should exist for the benefit of society - to encourage companies to come up with innovative products. That benefits everyone. However, if a company is willing to do R&D with the promise of a 200% payback we shouldn't be offering them 20,000%.
I'm confused. Guy wants to work more and make more money, when he's currently dirt poor. Apple is (you allege) circumventing a tyrannical system that doesn't let the guy do it... but it's Apple that's being exploitative? What about the Chinese government? They're being humane by preventing the guy from working overtime? Gee, thanks.
Ok, perhaps a better example of what you're getting at:
I'm confused. Black guy has no education and can't find anybody willing to pay him even minimum wages. His poor family is starving, and he feels like he is no use to them at all. One day a white guy walks up to him and sees that he looks reasonably strong, and that with a little training he might pay off as a construction worker. However, he doesn't want to invest all kinds of money in training just to have the guy get a job somewhere else. So, he makes the black guy an offer written up on a contract - he will be paid $40,000 in cash in exchange for ownership of his body/mind/labor/etc. He explains that the black guy shouldn't worry about harsh working conditions - it is in the interest of his owner to protect his investment. And, the money would fix his family's problems - $40k is probably more money than the guy would bring home in his entire life the way things are currently going.
But then some oppressive federal agent comes in and says that the 13th amendment prevents this poor black entrepreneur from selling the one asset he has, and solving his family's problems...
Maybe the 13th amendment was passed because allowing people to enter into unrestricted labor contracts had been tried before, and it didn't work.
Well, I think that is pretty-much Federal labor law across the entire US. However, good luck working less than 40 hours per week - technically they need to pay you the same, but in real life they just fire you if it happens regularly.
Again, from my orginal post, GPL treats the source code as the only thing.
Actually, the GPL enforces copyright on the binaries as well as the source code. If you distribute GPL software, you must provide the source, and you must license your distributed code under the GPL. You don't need to accept the GPL only in order to distribute the source - it applies to the binaries as well.
If you sell somebody a Debian install CD and tell them they can't make copies of any part of it, you're violating the GPL - despite the fact that you haven't distributed any source code at all. The binaries are copyrighted and you need permission of the copyright holders to distribute them. The copyright holders of linux have granted permission to distribute so long as you grant permission using the GPL for others to do the same.
The GPL gives users benefits even if they never care to look at or use the source.
The likelihood of scrapping the whole thing because you've got nothing is logarithmic to the cost. That is, the more the costs go up, the more likely you scrap the whole thing.
Yes, but that is the backwards-looking result at the end of the project.
When you are 1 year into a project, the chance of it being cancelled its related to the ratio of costs-approved / money already spent. If the project is a 10-stage project that you consider likely to succeed, then there is substantial risk that management will cancel it at stage 1-2 to free up funds that were allocated for stages 3-10.
On the other hand, if you make it one monster project, and sink tons of money into pre-paid contracts, license fees, and hardware costs in the first month of the project, then management looks at the costs as sunk and lets the project go on. As a result, project managers run their projects that way.
I'm always amazed at work when a new system is approved that will take 1 year to develop that the first step is inevitably to order the production server hardware. Then when the project is done 2 years later everybody is shocked that it is running on stuff that you can't even buy any more. If they waited they could get superior performance for half the cost. On the other hand, they could have had the budget taken from them - and hence the reason the money got spent as soon as it was granted.
For some reason the temp internet files are in the roaming profile. By default, they're a percentage of the drive (usually gigs).
That would be because web-browser designers don't read the standards... In the case of mozilla, it might be the only standard they didn't read.
There is a local application data folder in the profile which does NOT roam - this is where the cache belongs. Everything else (bookmarks/etc) should go in the non-local application data folder, which does roam. Or better still it should go on a network drive, so that if you log into 3 PCs at once your bookmarks don't end up overwriting each other when the profile directories get resynced.
The my documents folder can actually be redirected to another path to achieve exactly this. I think you can just right click on it on the start menu and go into properties. I forget offhand though.
The issue is that there is no law that states that you need the permission of a copyright holder to use software. The law does state that you need the permission of a copyright holder to copy the software. So, you need a licenses for the latter and not the former. The same applies to both binary and source.
You don't need to accept the GPL to use GPL software, or even to modify it. You do need to accept it to distribute it.
Well, if you are a vendor making money from a product shouldn't you be willing to foot the bill for fixing problems with your software? You can always re-engineer the fix under GPL v2 at a pretty low cost. The cost is likely going to be less than if you had to license some other embedded OS. And if you'd rather pay somebody in gold so that you know what their motives are, then you probably don't want to be using FOSS, as this isn't the typical motivation there... :)
With proprietary software you're up the creek if your vendor changes the license - at least with open source you have some options. And if there were a law requiring software distributors to offer security patches under the same license as the original code it would probably apply to GPLed code as well - so you wouldn't even have to worry about this problem at all.
Hope you didn't look at any of that GPLv3 code!
Actually, even if you did it would only cause a problem if you wanted to distribute the code.
You don't need a license to use softare - only to distribute it. Nobody needs to accept the GPL in order to use GPL-licensed software.
Good thing F/OSS comes with none of that baggage. If it breaks "you get to keep both pieces".
Yes, but usually you haven't paid for it either, so you are getting what you paid for. Also, if a flaw is published you have the ability to fix it on your own. With closed-source software you're at the mercy of the vendor - if they don't offer a patch then you're not likely to ever fix the problem.
Uh, nobody is required to accept a newer version of the GPL to obtain security patches.
If the version of the software you are using was under GPL v2 you can always patch it for security holes and recompile it for as long as you are using it. The original software is still GPL v2 licensed.
Now, if you want to upgrade to a later software version with new features it might not still be available under GPL v2, but that isn't a case of an agreement rewrite - the new agreement only applies to a newer version of the software. If you wanted you could always fork the project and rewrite the new versions under GPL v2.
MS is rewriting the EULA in order to obtain security patches for software that was already purchased under a different license. Nobody is complaining that the EULA for Windows XP is different than the EULA for Windows 2K or NT.
Windows is only being modified in the sense that a Honda Civic is being modified when they replace a defective water pump with a working one. If there is a warranty then they are required to do it. Even if there isn't a warranty and there is a major defect in manufacture they might still have to do it (this is more of a gray area).
The windows box didn't advertise that it contained buffer overflows - this wasn't a feature that was purchased. The consumer wanted a working version of the software - this is what they paid for.
Now, paying for Media Player 10 vs Media Player 7 would certainly fall under the category of an enhancement. However, asking for a fix to a buffer overflow in Media Player 7 (without upgrading it to a later version) would not.
Basically, the issue is whether products are required to meet some basic standard of security for some period of time after release. Patches for 10-year-old Windows NT are one thing. Patches for software that was purchased six months ago are something else. Companies should be required to support software with security patches for at least a few years after they sell the last copy.