With digital signals, MPEG2 compressed, I can easily use a PCI card in my HTPC to record HDTV programs for time shifting. I record The West Wing and Malcolm in the Middle every week, and skip through the commercials on playback. All at a much higher quality than available through other means.
Two words: Broadcast Flag. Better buy a spare digital TV PCI card now, before it becomes illegal to sell them. (They don't check the broadcast flag, so they will shortly be illegal. If they did check the broadcast flag, they wouldn't let you record everything you want to).
I just started using SVN on a large source tree - >1 Gigabyte, including many binary files. I'm using Windows, and found that CVS trashed all the binary files due to the stupid MS line ending issues. Subversion handles binary files perfectly.
This is a new repository - I didn't test the scripts for converting from CVS.
Subversion isn't as fast as I expected, given all the uninformed statements about "svn update" only having to check revision numbers. It looks like it does recurse into all directories, so performance is similar to CVS.
TortoiseSVN, the Windows front-end, was far too slow to be usable. I've contributed some patches to help with a couple of obvious problems, but don't have the tools to optimise it properly.
Any access to or use of this website or [...] or sending the character string "/I_ACCEPT_the_User_Agreement/" to our web server as you must do to gain access to our images, or [...] or the like, all indicate and signify that "I ACCEPT" this user agreement [...].
This is a neat trick, but I don't know if a judge would fall for it. However, later on the same page, they have an image (the SpamCop button) loaded from: http://www.cprr.org/Museum/images/I_ACCEPT_the_Use r_Agreement/logos/spamcop.gif
So simply by viewing this page you've "accepted" the license agreement!
You are not permitted to, and you warrant and agree that you will not do or facilitate any of the following:
[...]
(9) engage in any activity that may or will directly or indirectly impose a disproportionately large, unanticipated, or unreasonable load on our website bandwidth or infrastructure
Oops! Did the submitter read that? I hope the submitter didn't agree to their terms of service - they might try and charge him:
You agree not to take any action that will impose a disproportionately large or unreasonable load on our computer web server(s), network, or other infrastructure. Please be mindful of the large amounts of data transfer needed to allow viewing of the CPRR Museum web pages with multiple, large images, and avoid suddenly flooding the CPRR Museum website with large numbers of unanticipated visitors. Suddenly increased, excess web traffic on this website as a result of your actions, including but not limited to publicity, reporting, or recommendations to others regarding this website on network television or radio or national publications or media, of more than one gigabyte of additional Internet data transfer per month, shall be at your expense, and you agree to reimburse CPRR.org for the resulting costs at the rate of the then prevailing additional data transfer charge made by the Internet provider(s) hosting this website.
A lot of places are going to "No Return" policies, even if the unit is DOA, as a way of keeping their overhead down. You're stuck with the original mfgr's or distributer's warranty and the hassle of dealing with that. Unless of course you want to pay for one of those overpriced "extended" warranties.
Yuck!
In the UK, a retailer is legally required to give you a full refund if the product is broken (i.e. if it's not "of merchantable quality", not "fit for it's purpose", or not "as described"). They can't take these rights away, although they can offer more generous money-back guarantees.
How can any Malaysians have prior space exploration experience, if no Malaysian has ever gone to space?
Ground support (e.g. for unmanned probes) or even astronomy probably all count as "space exploration", even if they don't actually involve going there.
Europe's "Data Protection" directive & the corresponding national laws make this illegal under criminal law.
The company could be fined, and the directors could go to jail.
Then again, in the UK companies used to be required to provide a "please don't sell my personal data" check box ("opt-out"). I'm not sure whether this is still legal, or whether the European law has tightened this so it has to be a "please *DO* sell my personal data" check box ("opt-in"). So she would have been able to apply without getting spam.
Because if it's open spource, then the user has full access to all the code, and the data on the smartcard. With all this information, piracy will be trivial.
Not the data on the smartcard - that plugs into the POD, and the POD handles all the decryption.
there is something called encryption. Open standards do not mean you have all the keys to unencrypt anything you want.
There are two issues:
Can I watch channels I haven't paid for?
Can I record everything in perfect digital quality and share it on the Internet for people who haven't paid to see?
Having an open-source host doesn't directly help with (1) - you still can only watch channels that your POD will descramble. However, since you can compare the inputs & outputs, it may make it easier to reverse-engineer a POD so that you can do this.
However, an open-source implementation makes (2) trivial - you get the complete unencrypted compressed video signal. This is what the cable companies are worried about.
I don't see the problem with open source set-top boxes. If people want to pirate stuff, they will, regardless of whether or not they use a different PVR system.
They're trying to stop broadcast-quality HD direct digital rips made using hacked cable recievers. There's nothing they can do about lower-quality SD recordings made from the analog output and re-encoded to digital (although Macrovision makes it a little harder for the average consumer).
They can stop you ever getting at a digital bitstream by encrypting it everywhere, and they can stop you getting at HD by refusing to provide HD analog outputs.
I guess they figure people are more likely to pay for high-quality originals if all the rips are low-quality stuff. They're probably right.
Whay are you dragging out a quote from 2000 about Linux not supporting POSIX threads? Linux 2.5 contains support for NPTL, a POSIX-compliant thread library, and has had this since 2002.
The folks that manage my portfolio take 1.5% of the portfolio value at the end of each quarter, not at the beginning of the quarter, therefore their income is dependant upon the performance and my costs to them are based upon mutual growth. Not bleeding the portfolio dry.
And the difference between "end of quarter" and "beginning of quarter" is what exactly? 24 hours? If they *really* wanted to get paid "dependant upon the performance" then they'd take a percentage of the *growth* in your portfolio, not the total portfolio value. And if they lost money then they'd repay you the same percentage of that. LOL.
Sure I could make a card, if I had the right equipment
Making a card is trivial - blank magstripe cards and encoders are legally and cheaply available.
and had the card for long enough to make it,
To clone a card you just need the account number, that's all that's encoded on the magstripe.
but in that case I could just as easily use the card.
No, because you wouldn't know the PIN.
I guess if I were super clever and I owned a business that used ATM's at the POS I could rig a line sniffer or something to save the ATM card info, then make some cards, then do this hack 15 times until I got the pin #
No, if the customer enters their PIN into your dodgy ATM then you just record the account number and PIN - you don't need to hack anything.
This attack can only be done by someone inside the bank with access to the PIN checking machine. These machines are meant to be protected against insider attack, but this attack gets around it. The number of guesses required is so small (~30 - if the machines were secure it should be ~5000 for a 4-digit PIN) they might not even be detected by the bank's auditing (assuming that the PIN checker has a suitable audit trail at all).
then I could steal 300.00 a day
For about one (or maybe two) days, before the bank or cardholder noticed and cancelled the card. For this to work, you need lots of PINs and just use each account once. The paper claims 20,000+ dollars per day (presumably this is based on how long it physically takes to use the ATM with several cards then move to another one before the cops arrive), and claims 2 million dollars total given a half-hour lunchbreak spent cracking PINs.
but if I owned a business why would I need to steal money?
The actual standard is also available (free registration required).
Of course, this is only for analog TV. Digital TV already has some information which could be used for this (Event Information Tables - EIT) but I don't know if any integrated digital reciever/PVR combos use it.
The statutory damages can reach $100K per violation if the judge wants it to.
I doubt it, bearing in mind Castle is a UK company so they'd presumably be sued under UK law. The judge will probably pick an amount in UK pounds (£);-)
I love the idea of these things, but I wonder - can you boot off a USB device yet?
Yes. I've seen a USB pen drive used as a Linux rescue boot disk. You need a fairly recent computer, though - I saw this on one of the Shuttle P4 systems.
Great for a completely solid-state computer (shame the Shuttle's so noisy).
Google already has a way to get cached pages removed. You just add a new robots.txt page denying access to the page, then enter the URL on Google's website.
I don't know a whole LOT about PGP, but I think I know that each public key has a hex identifier (mine is above) that uniquely identifies it and allows others to request it from a keyserver.
Yep, but it's possible for somebody to create a key with the same identifier. For this, you'd want to use the key fingerprint, which is shorter and is practically impossible to clone. But just changing the robots.txt file to the value it should have had in the first place is easier.
Re:Turn Javascript, activex, java off
on
Cross-Site-TRACE
·
· Score: 1
Privoxy could handle that (but you might need to write your own filter rule). http://www.privoxy.org/
The only real way I see it working would be to specify a percentage of revenues for all patent outcomes that the scientist gets
I think this is how Germany does it - the patent belongs to the company, but the inventor gets paid a bonus which is a set percentage of the profits from their patent.
In the UK, we have a law called the "Data Protection Act" that protects all "personally identifiable information". This covers my name, e-mail and postal addresses, telephone number, etc - in fact basically anything that's held in a computer and can be retrieved by searching on my name. Companies are not allowed to gather, hold, disclose or use this information without my consent, and if they don't have a good reason to keep it (e.g. if they're just using it for advertising) then I can ask them to delete it.
This law also stops spammers operating from the UK - they can't legally make a list of e-mail addresses without getting consent from the people involved.
> You can't patent mathematics
You can. The RSA or Diffie-Hellman encryption algotithms are/were patented, and both of them are simple maths.
You can also patent a whole list of mathematics operations (an "algorithm"), such as LZW compression (used in GIF).
Slashdot Mirror
With digital signals, MPEG2 compressed, I can easily use a PCI card in my HTPC to record HDTV programs for time shifting. I record The West Wing and Malcolm in the Middle every week, and skip through the commercials on playback. All at a much higher quality than available through other means.
Two words: Broadcast Flag. Better buy a spare digital TV PCI card now, before it becomes illegal to sell them. (They don't check the broadcast flag, so they will shortly be illegal. If they did check the broadcast flag, they wouldn't let you record everything you want to).
I just started using SVN on a large source tree - >1 Gigabyte, including many binary files. I'm using Windows, and found that CVS trashed all the binary files due to the stupid MS line ending issues. Subversion handles binary files perfectly.
This is a new repository - I didn't test the scripts for converting from CVS.
Subversion isn't as fast as I expected, given all the uninformed statements about "svn update" only having to check revision numbers. It looks like it does recurse into all directories, so performance is similar to CVS.
TortoiseSVN, the Windows front-end, was far too slow to be usable. I've contributed some patches to help with a couple of obvious problems, but don't have the tools to optimise it properly.
Any access to or use of this website or [...] or sending the character string "/I_ACCEPT_the_User_Agreement/" to our web server as you must do to gain access to our images, or [...] or the like, all indicate and signify that "I ACCEPT" this user agreement [...].
This is a neat trick, but I don't know if a judge would fall for it. However, later on the same page, they have an image (the SpamCop button) loaded from:e r_Agreement/logos/spamcop.gif
http://www.cprr.org/Museum/images/I_ACCEPT_the_Us
So simply by viewing this page you've "accepted" the license agreement!
You are not permitted to, and you warrant and agree that you will not do or facilitate any of the following:
[...]
(9) engage in any activity that may or will directly or indirectly impose a disproportionately large, unanticipated, or unreasonable load on our website bandwidth or infrastructure
Oops! Did the submitter read that? I hope the submitter didn't agree to their terms of service - they might try and charge him:
You agree not to take any action that will impose a disproportionately large or unreasonable load on our computer web server(s), network, or other infrastructure. Please be mindful of the large amounts of data transfer needed to allow viewing of the CPRR Museum web pages with multiple, large images, and avoid suddenly flooding the CPRR Museum website with large numbers of unanticipated visitors. Suddenly increased, excess web traffic on this website as a result of your actions, including but not limited to publicity, reporting, or recommendations to others regarding this website on network television or radio or national publications or media, of more than one gigabyte of additional Internet data transfer per month, shall be at your expense, and you agree to reimburse CPRR.org for the resulting costs at the rate of the then prevailing additional data transfer charge made by the Internet provider(s) hosting this website.
A lot of places are going to "No Return" policies, even if the unit is DOA, as a way of keeping their overhead down. You're stuck with the original mfgr's or distributer's warranty and the hassle of dealing with that. Unless of course you want to pay for one of those overpriced "extended" warranties.
Yuck!
In the UK, a retailer is legally required to give you a full refund if the product is broken (i.e. if it's not "of merchantable quality", not "fit for it's purpose", or not "as described"). They can't take these rights away, although they can offer more generous money-back guarantees.
How can any Malaysians have prior space exploration experience, if no Malaysian has ever gone to space?
Ground support (e.g. for unmanned probes) or even astronomy probably all count as "space exploration", even if they don't actually involve going there.
Europe's "Data Protection" directive & the corresponding national laws make this illegal under criminal law.
The company could be fined, and the directors could go to jail.
Then again, in the UK companies used to be required to provide a "please don't sell my personal data" check box ("opt-out"). I'm not sure whether this is still legal, or whether the European law has tightened this so it has to be a "please *DO* sell my personal data" check box ("opt-in"). So she would have been able to apply without getting spam.
#include "disclaimer/IANAL.h"
Because if it's open spource, then the user has full access to all the code, and the data on the smartcard. With all this information, piracy will be trivial.
Not the data on the smartcard - that plugs into the POD, and the POD handles all the decryption.
there is something called encryption. Open standards do not mean you have all the keys to unencrypt anything you want.
There are two issues:
Having an open-source host doesn't directly help with (1) - you still can only watch channels that your POD will descramble. However, since you can compare the inputs & outputs, it may make it easier to reverse-engineer a POD so that you can do this.
However, an open-source implementation makes (2) trivial - you get the complete unencrypted compressed video signal. This is what the cable companies are worried about.
I don't see the problem with open source set-top boxes. If people want to pirate stuff, they will, regardless of whether or not they use a different PVR system.
They're trying to stop broadcast-quality HD direct digital rips made using hacked cable recievers. There's nothing they can do about lower-quality SD recordings made from the analog output and re-encoded to digital (although Macrovision makes it a little harder for the average consumer).
They can stop you ever getting at a digital bitstream by encrypting it everywhere, and they can stop you getting at HD by refusing to provide HD analog outputs.
I guess they figure people are more likely to pay for high-quality originals if all the rips are low-quality stuff. They're probably right.
>> There are currently no manned spacecraft
>> available that can reach a geosynchronous orbit
> one word..."apollo"
The poster did say "available".
I didn't think NASA flew Apollo rockets any more -
all their manned missions are in the space shuttle.
Unfortunately for Linux, Linus believes that certain POSIX standards are stupid and doesn't feel bound to stay compatible.
Whay are you dragging out a quote from 2000 about Linux not supporting POSIX threads? Linux 2.5 contains support for NPTL, a POSIX-compliant thread library, and has had this since 2002.
The folks that manage my portfolio take 1.5% of the portfolio value at the end of each quarter, not at the beginning of the quarter, therefore their income is dependant upon the performance and my costs to them are based upon mutual growth. Not bleeding the portfolio dry.
And the difference between "end of quarter" and "beginning of quarter" is what exactly? 24 hours? If they *really* wanted to get paid "dependant upon the performance" then they'd take a percentage of the *growth* in your portfolio, not the total portfolio value. And if they lost money then they'd repay you the same percentage of that. LOL.
Parent is plain wrong. Read the paper describing the attack (PDF). (Link courtesy of The Register.
Sure I could make a card, if I had the right equipment
Making a card is trivial - blank magstripe cards and encoders are legally and cheaply available.
and had the card for long enough to make it,
To clone a card you just need the account number, that's all that's encoded on the magstripe.
but in that case I could just as easily use the card.
No, because you wouldn't know the PIN.
I guess if I were super clever and I owned a business that used ATM's at the POS I could rig a line sniffer or something to save the ATM card info, then make some cards, then do this hack 15 times until I got the pin #
No, if the customer enters their PIN into your dodgy ATM then you just record the account number and PIN - you don't need to hack anything.
This attack can only be done by someone inside the bank with access to the PIN checking machine. These machines are meant to be protected against insider attack, but this attack gets around it. The number of guesses required is so small (~30 - if the machines were secure it should be ~5000 for a 4-digit PIN) they might not even be detected by the bank's auditing (assuming that the PIN checker has a suitable audit trail at all).
then I could steal 300.00 a day
For about one (or maybe two) days, before the bank or cardholder noticed and cancelled the card. For this to work, you need lots of PINs and just use each account once. The paper claims 20,000+ dollars per day (presumably this is based on how long it physically takes to use the ATM with several cards then move to another one before the cops arrive), and claims 2 million dollars total given a half-hour lunchbreak spent cracking PINs.
but if I owned a business why would I need to steal money?
Some people can never have enough money.
In the UK, we already have this feature - even for analog VCRs. It's called PDC (Programme Delivery Control).
A google turned up this explanation of how it works.
The actual standard is also available (free registration required).
Of course, this is only for analog TV. Digital TV already has some information which could be used for this (Event Information Tables - EIT) but I don't know if any integrated digital reciever/PVR combos use it.
The statutory damages can reach $100K per violation if the judge wants it to.
I doubt it, bearing in mind Castle is a UK company so they'd presumably be sued under UK law. The judge will probably pick an amount in UK pounds (£) ;-)
I love the idea of these things, but I wonder - can you boot off a USB device yet?
Yes. I've seen a USB pen drive used as a Linux rescue boot disk. You need a fairly recent computer, though - I saw this on one of the Shuttle P4 systems.
Great for a completely solid-state computer (shame the Shuttle's so noisy).
Google already has a way to get cached pages removed. You just add a new robots.txt page denying access to the page, then enter the URL on Google's website.
I don't know a whole LOT about PGP, but I think I know that each public key has a hex identifier (mine is above) that uniquely identifies it and allows others to request it from a keyserver.
Yep, but it's possible for somebody to create a key with the same identifier. For this, you'd want to use the key fingerprint, which is shorter and is practically impossible to clone. But just changing the robots.txt file to the value it should have had in the first place is easier.
Privoxy could handle that (but you might need to write your own filter rule). http://www.privoxy.org/
Or switch to Mozilla.
I think this is how Germany does it - the patent belongs to the company, but the inventor gets paid a bonus which is a set percentage of the profits from their patent.
Lookup my .co.uk domain
In the UK, we have a law called the "Data Protection Act" that protects all "personally identifiable information". This covers my name, e-mail and postal addresses, telephone number, etc - in fact basically anything that's held in a computer and can be retrieved by searching on my name. Companies are not allowed to gather, hold, disclose or use this information without my consent, and if they don't have a good reason to keep it (e.g. if they're just using it for advertising) then I can ask them to delete it.
This law also stops spammers operating from the UK - they can't legally make a list of e-mail addresses without getting consent from the people involved.
It's a pity the US doesn't have similar laws.
> Write an application to track keyword usage over time
You mean like this?
> You can't patent mathematics You can. The RSA or Diffie-Hellman encryption algotithms are/were patented, and both of them are simple maths. You can also patent a whole list of mathematics operations (an "algorithm"), such as LZW compression (used in GIF).