A common technique in AI to deal with learning is called simulated annealing. The idea is that early on, you want basics of a problem to be learned, and once those fundamentals are learned, the AI can start working on the fine points. If you "change" the AI too much, cause it to "learn" too strongly every time it makes a guess, it throws out a lot of what it has already learned. If it learns too slowly, it will take forever to solve a problem.
The solution is to make it learn quickly at the beginning and then slow down the rate of learning.
When Wikipedia was new, it had no data, and a tremendous amount of content that needed to be added. A "free add at any time to anything" policy was reasonable. Now, however, it has a large amount of existing good content that can be screwed up. It might be possible to force changes to long-standing entries in it be reviewed before the changes hit the page, for instance, or use some other mechanism to slow down the rate of change to portions of Wikipedia that are already in place.
The people complaining about the USPTO only supporting MSIE -- that may suck. However, it's not illegal. You may have to buy all kinds of products to deal with them -- when you wanted to use any HTTPS connections for a long time, RSA security was getting patent licensing fees, for instance. If you don't like it, you can complain and see if you can get them to change it. But don't start ranting about "constitutional rights", because you don't have a constitutional right to use Mozilla on Linux.
Also keep in mind that the US gov writes a not insignificant amount of Open Source content -- the timezone/offset database, for example, is funded by and maintained by the US gov, and it sits in glibc. The best security framework out there for Linux, SELinux, was developed by the NSA.
Once again, patent critics fail to know what they're talking about. The blogger got lucky -- he is probably right on the first patent being BS, though I'm a lot less sure about the second.
When you are determining whether a patent is sane, the abstract content *does not matter*. That's just a tool to help you find a patent you're looking for. Same goes for the title. If you are saying "this patent has prior art", you should never, never, ever even *mention* the contents of the title or the abstract. They don't have legal force.
The thing to look at are the *claims*. The patent covers anything that uses one ore more of the listed claims (these are numbered). Each claim has to be invalidated on its own, so you can invalidate a bunch of claims and not invalidate the whole patent. If there are multiple sections to a claim (these are lettered), then *all* of the sections must apply to a device,system, or whatever before it is infringing.
So if you want to say "this patent has a claim that's bullshit", you need to cite an *entire claim*, including all the subsections of that claim, and show how those subsections already applied to an existing system *before* the claimed date of invention (there's another point; the date the patent is *issued* doesn't mean much). Furthermore, unless every claim is invalid, the patent still has strength on the valid claims.
I don't like Microsoft. I really don't like software patents. But claiming that Microsoft is coming up with bullshit patents based on totally ridiculous grounds doesn't do anyone any good -- it just spreads misinformation among the group of people that could be criticizing Microsoft for one of many legitimate reasons.
Opera is INNOVATIVE, when was the last time you saw a new (and I mean a NEW) feautere in Moz/Fire ?? Tabs ?
Opera used to be MDI, which was *awful*, worse than non-tabbed browsing, and it wasn't until other browsers introduced the "tabbed SDI" interface that tabbed browsing really became usable.
popup blocking
Popups should never have been part of JavaScript in the first place. You can't let remote pages do abusable things to your local system, no ifs, ands or buts. There were a lot of proxies that blocked these, though, and frankly I really like the incredibly flexible and powerful privoxy more than any browser-native blocking.
Voice operated browsing ?
Fair enough. You could probably do it without many problems on the classic Mac (using the Speakable Items features and AppleScript), but native support? No.
Reading pages out loud ?
Been around in plugins forever, since at least NS 4 days.
It is not a bug in Slashcode. It is a bug in the Gecko (the rendering portion of Mozilla) code related to incremental reflow. It has been fixed in Gecko, but the latest version of Gecko has not been rolled into Firefox.
(Courtesy of another Slashdotter in the know.)
I'm not sure what the schedule is on rolling in the fix.
As regards voting -- yes, I think it is quite reasonable to be suspicious about a combination of (a) an exploitable voting system and (b) clearly partisian links from an operator. And that goes for the right *or* the left -- if the Demms could get away with ballot box fraud, you bet your ass that they'd do it in a second as well. But at the moment, the concern happens to be companies with ties to the Republicans.
SPF is not an effective anti-joe-job mechanism either. I have posted analysis (very negative) of SPF's anti-spam and anti-joe-job capabilitites to Slashdot before.
The reason SPF isn't good at anti-joe-jobbing is that there is no trusted map for users between a domain name and a company identity. If I send an email from @boa-international.com or @bankofamerica.banknetwork.com, end users won't consider the fact that it doesn't come from @bankofamerica.com. SPF is fundamentally tied to domain names. Furthermore, SPF has only domain-level granularity, which means that the larger the company, the weaker the anti-joe-job factor. It just takes compromising one computer anywhere at Ford to be able to send trusted "Ford official customer service" email.
SPF is (a) not a good anti-spam mechanism, and (b) not a good anti-joe-job mechanism. It is a very weak and fairly broken authentication scheme. It lacks trust management (despite the fact that the SPF people admit the need for trust network management). There are known attacks on SPF that will beat it, like the fact that it rides on an easily spoofable protocol (DNS) and does not attempt to establish a secure connection on top of it.
I'm not saying that PGP is ideal, but it could be used to provide a foundation to build a strong, effective anti-spam mechanism that doesn't suffer from SPF's flaws.
Note that Microsoft's Sender ID largely suffers from the same problems as SPF.
Yahoo's Domain Keys is actually somewhat better built (provides for a more sane delegation of mail server authority, and so forth), but still is a fairly inflexible and ineffective system.
Designing secure systems is very hard, no matter *how* good at it you think you are. It took a *long* time to get SSL reasonably mature and free of attacks. Throwing out a system like PGP which *is* mature, well-tested, well-built, flexible, and in favor of something new hacked up is really not a very wise decision.
That doesn't mean that we should just take PGP and whitelist people that you know (knowing that someone's identity is correctly associated with their email address is a different thing than knowing whether they won't spam you), but if there are flags like "authorized to authorize people as legitimate email parties", non-boolean trust metrics ("I trust this person.5, he trusts this person.1, so I trust the second person.05, which is above my threshhold of.001"), and some form of feedback mechanism ("This person spammed me so I trust not only him not at all, but the person that trusted him less") you have major benefits -- you have carry-over reputation ("Linus just got a new email address, but it's endorsed by his old email address") and the like. Futhermore, you can have a "company postmaster" PGP key, which is used to sign keys of employees at a company, so when a large company opens a business relationship with that company, it just has their own postmaster (which their local users trust) sign the key of the other postmaster.
Good point. And it is possible that running BitTorrent in the manner mentioned *is* legal under Swedish law (I would doubt it, but it's certainly possible). However, the DMCA is not core to this C&D.
The new USCO-proposed INDUCE Act is still *very* dangerous, and vastly extends the arm of copyright law. Please take a moment, read my analysis, and post your thoughts, because I am quite worried about some of the elements here.
The new act bans P2P retransmission mechanisms that are dissociated from content. The following thing is considered "inducement":
distributing any dissemination technology that, when used as intended, automatically cuases the user of the technology to infringe copyrighted works without the user making a specific, informed decision, for each copyrighted work at issue, about whether to engage in such an infringement
Mechanisms that this ban includes:
Allowing remote, unauthenticated, or anyonymous publication mechanisms. Freenet, for instance, would be illegal if this act is passed, as the mechanism has everyone acting as a distribution point for anyone that wants to distribute data.
Partial-download sharing would be disallowed, as you must allow uploading of anything that you are downloading -- even if your own download is not infringing.
Scanning of drives for files to share would be legally dubious -- it might be necessary to force the user to manually add each file. The same goes for systems that share all files in a directory hierarchy, such as Windows Filesharing or FTP or Web servers.
It might require P2P systems to request metadata regarding file hashes (rather than simply *allowing* them to do so) to present data to the user so that he may make an "informed" decision.
Also banned is:
actively interfering with copyright holders' efforts to detect infringing uses of dissemination technology and enforce their copyright against those users
This would anonymous distribution systems, such as cypherpunk mailers, Freenet, Kast, and so forth -- a coder that adds features to prevent identification of end users is clearly interfering with copyright holders' efforts to enforce their copyright against such end users. This might also make illegal Tor and Zero Knowledge Systems' now defunct privacy services when used in conjunction with P2P.
offering an incentive to users of dissemination technology to make infringing use of the technology, such as providing improved performance of the technology in exchange for infringing distribution of copyrighted works
A significant factor in this is that there is a very great demand for cheaply distributed infringing files today (hence all the people downloading infringing files using P2P distribution mechanisms). The problem is that frequently infringing files are in greater demand than non-infringing files. Many interesting mechanisms to advance P2P system performance (like trust networks, free market sales of data a la Mojo Nation, etc) would be banned by this, as distributing infringing content is associated with distributing *desired* content, which many systems have good reason to encourage users to do.
failing to take reasonably available corrective measures to prevent any continuing acts of infringement...that were committed before the effective date of this subsection
I find this to be very unclear. What criterion is to be used for "reasonable"? Is it "and still maintain a profitable service"? Before something like this gets signed into federal law, I want to see this clarified.
Distributing a dissemination technology as part of an enterprise that substantially relies on the infringing acts of others for its commercial viability or the revenues of which are predominantly derived from the infringing acts of others
Wow. Sounds good, actually *very* scary. This could be repaired with the addition of a single word -- "...as a part of an enterprise that necessarily substantially relies on the infringing acts of others." As this clause is currently written, it means that if the majority of people using a commercial file distribution service *happen* to be infringing, even i
(a) People complaining about treatment of past software products, really pretty much ignoring Ingres. This has nothing to do with the stated topic of the interview.
(b) People complaining (now) that there is $1M involved. Come *on*. People hack on company-backed stuff for free, like MySQL or Evolution. If they want to give out money, fine. There's certainly no requirement to take any. You could donate it to the FSF.
(c) Demands for feature comparisons were, frankly, stupid. This is the CEO. He's going to know the strategic point of what's going on,a nd that sort of stuff. Not only is he probably not the best person to ask about feature comparisons, but there are probably such comparisons on their website.
Really, the entire interview was kind of a depressing way for Slashdot and the OSS world to deal with a company that is trying (potentially clumsily, yes) to donate some code to the OSS world and jump on the bandwagon. I remember that IBM used to get slagged on *all the time* when they first when OSSish. Does everyone have to pass a trial of fire by insult?
Some of them were, frankly, insults, and the sort of thing that I'm embarassed to have coming from Slashdot.
Some of them attacked CA's tendency to "kill off" products. Well, for Chrissake, this guy just did the *exact opposite* -- he open sourced something so that it can be developed and used and maintained.
I mean, it sounds like CA has an awfully low degree of respect among the masses of IT people on this board -- and people were being pretty frank about their opinions. *However*, I don't understand why people were so incredibly angry about Ingres. There was only one relevant, non-insulting question that I really saw on there.
Actually, this isn't the case. There was a copyright infringement C&D that included mention of the DMCA to try to scare the ISP (I wasn't aware that the DMCA made ISPs liable -- as a matter of fact, this was a major bone of contention in a lot of attempted legislation.)
The Berne Convention means that US copyright does apply in other countries, with different time limits (a country can make something public-domain after fifty years, even if it is still copyrighted in the United States). Shrek 2 is definitely newer than 50 years.
At this point, the BS takedown notices have reached such a fever pitch that I've started rolling around a couple ideas for eliminating them as attacks.
One possibility would be writing a script that simply mails bogus takedown notices (based on the official ones) for various files, flooding the "takedown notice" mechanism and making it ineffective.
Note that recent federal antispam laws may have eliminated this as a legal tactic, due to the "misleading origin" bits. On the other hand, it doesn't have to look like it's coming from the MPAA -- just send a takedown request from someone else, even yourself. Enough incorrect takedown requests and people will start simply ignoring them.
"I'm as fired up now as I've ever been in 24 years at Microsoft," Ballmer said. Noting the rapid adoption of technology such as PCs, the Internet and cellular telephones in the preceding decade,
As anyone who has seen the Ballmer:Monkey Boy video can attest, this is quite a claim.
Ballmer said a new generation of software and hardware, driven by advances in speech recognition technology and multimedia, will revolutionize the way individuals work and live.
So "speech recognition" and "multimedia" are the two current buzzwords?
Ballmer singled out XML and Web services as the "big breakthrough" of the next decade that will spur innovation.
I really wonder what it was like at that long-ago Microsoft meeting where they agreed to use the word "innovation" at every possible opportunity.
"If you have two popular operating systems, both will get attacked -- whatever is popular is going to be attacked," he said.
Yeah? Linux is a more popular server OS than Windows. How come Apache hasn't been compromised in the numbers that IIS has been?
While not perfect on security, Microsoft has a defined process for addressing security vulnerabilities, compared with the open source community, which he called "all over the map," when it came to addressing vulnerabilities in Linux, Ballmer said.
Microsoft's system, which isn't working as well as the apparently "all over the map" OSS world consists of (a) take in complaint, (b) cover up as long as possible, (c) refuse to call a the problem a "bug" and insist that it's an "issue", and (d) refuse to allow people who have the ability to fix the problem to *fix* them (in the OSS world, there's always some coder who can say "oh, shit, that's bad" and spin out a patch almost instantaneously, which is immediately available to those who need it immediately. This then gets integrated into the software package, and can be used at a higher level of QA by folks that can afford to wait around a bit, and then later with even stronger QA assurance as the distro okays the patch.) Microsoft's mechanism for dealing with problems is not transparent, not rapid, and has been dishonest in the past, attempting to falsely spin down the severity of problems or to shove blame off on to IT people "Well, yeah, we had a remote root issue in the RPC mechanism, but we put out a patch a *week* ago and besides, it's your fault for not firewalling our server." In the OSS world, people call bugs "bugs", give the whole world access to the bug-tracking system used by the the developers so they can see whether a problem is fixed and provide additional information, and there isn't any spin from a marketing department.
Finally, Ballmer argued that companies should be wary of the lack of indemnity from lawsuits, such as the suit filed by The SCO Group Inc. against DaimlerChrysler AG, IBM, Novell Inc. and others over parts of the Linux operating system that SCO claims infringe on elements of the Unix operating system that it owns.
"In the Linux world, nobody stands behind patent claims," he said, noting that Microsoft could be forced to swallow a $550 million judgement if it loses its ongoing case with Eolas Technologies Inc., but that its customers would be protected.
That is absurd. You can make the same claim about every product that I'm using. I have a keyboard in my hands -- there could be patents that cover it, but I'm provided no indemnification by the manufacturer. Same goes for HDTVs, cars, and whatnot. Besides, Microsoft has *never* followed up on covering customer losses. How many people do you know that have suffered damages from defects in Office or Windows? Has Microsoft ever offered to cover those losses, flaws in their *own product*? Hell, no.
"I'm not trying to spread fear, uncertainty and doubt," Ballmer said.
Ballmer is absolutely full of it. That is *exactly* what he's trying to do. Lots of vague claims to produce an inflated sense of worry.
"I just think people should go out and research this for themselves."
By "identification", they mean "authentication" (actually, I'm an idiot and wrote "authorization", so I'm not much better). They aren't using the terms in the way that a security person would.
When people want to "see a form of ID", they want to see an authorization that you are who you say you are, not just you saying "I'm John Smith", which is a form of ID.
(a) An SSN is only supposed to be used for identification, not authorization. Unfortunately, it's used for authorization all over the place (go to a bank, give 'em your SSN and you can withdraw money). This means that we can't use it for identification without severely impacting the users and providers on systems that use the SSN for authentication.
(b) SSNs as an identity scheme disallows the use of pseudonyms. I can't just give Apple an identifier to deal with me -- I have to give them an identifier that links my identity with my real name, credit history, and all that. There is absolutely no reason Apple needs any of that, and no reason whatsoever that I should give that to them.
Not only that, extensions are a nasty potential culprit. I use Adblock, and my last upgrade caused some sort of nasty problems in Firefox (I don't remember what it was, might have been something to do with font sizes being wrong, was a known problem with installing newer versions over an old version of Adblock).
I love Firefox's extensions, but they simply are not as well tested as Firefox itself, and upgrading them or Firefox can cause nasty problems that are very difficult for an end-user to track down. Flash Click To View doesn't work in the current Firefox, for instance...
I thought I had just finished with everyone under the sun trying to ram gmail tokens down my throat, and now I have to start over with the damn iTunes thing? Argh!
People are going to be suckers for recursive marketing until the market gets saturated.
Slashdot Mirror
A common technique in AI to deal with learning is called simulated annealing. The idea is that early on, you want basics of a problem to be learned, and once those fundamentals are learned, the AI can start working on the fine points. If you "change" the AI too much, cause it to "learn" too strongly every time it makes a guess, it throws out a lot of what it has already learned. If it learns too slowly, it will take forever to solve a problem.
The solution is to make it learn quickly at the beginning and then slow down the rate of learning.
When Wikipedia was new, it had no data, and a tremendous amount of content that needed to be added. A "free add at any time to anything" policy was reasonable. Now, however, it has a large amount of existing good content that can be screwed up. It might be possible to force changes to long-standing entries in it be reviewed before the changes hit the page, for instance, or use some other mechanism to slow down the rate of change to portions of Wikipedia that are already in place.
The people complaining about the USPTO only supporting MSIE -- that may suck. However, it's not illegal. You may have to buy all kinds of products to deal with them -- when you wanted to use any HTTPS connections for a long time, RSA security was getting patent licensing fees, for instance. If you don't like it, you can complain and see if you can get them to change it. But don't start ranting about "constitutional rights", because you don't have a constitutional right to use Mozilla on Linux.
Also keep in mind that the US gov writes a not insignificant amount of Open Source content -- the timezone/offset database, for example, is funded by and maintained by the US gov, and it sits in glibc. The best security framework out there for Linux, SELinux, was developed by the NSA.
Once again, patent critics fail to know what they're talking about. The blogger got lucky -- he is probably right on the first patent being BS, though I'm a lot less sure about the second.
When you are determining whether a patent is sane, the abstract content *does not matter*. That's just a tool to help you find a patent you're looking for. Same goes for the title. If you are saying "this patent has prior art", you should never, never, ever even *mention* the contents of the title or the abstract. They don't have legal force.
The thing to look at are the *claims*. The patent covers anything that uses one ore more of the listed claims (these are numbered). Each claim has to be invalidated on its own, so you can invalidate a bunch of claims and not invalidate the whole patent. If there are multiple sections to a claim (these are lettered), then *all* of the sections must apply to a device,system, or whatever before it is infringing.
So if you want to say "this patent has a claim that's bullshit", you need to cite an *entire claim*, including all the subsections of that claim, and show how those subsections already applied to an existing system *before* the claimed date of invention (there's another point; the date the patent is *issued* doesn't mean much). Furthermore, unless every claim is invalid, the patent still has strength on the valid claims.
I don't like Microsoft. I really don't like software patents. But claiming that Microsoft is coming up with bullshit patents based on totally ridiculous grounds doesn't do anyone any good -- it just spreads misinformation among the group of people that could be criticizing Microsoft for one of many legitimate reasons.
Opera is INNOVATIVE, when was the last time you saw a new (and I mean a NEW) feautere in Moz/Fire ?? Tabs ?
Opera used to be MDI, which was *awful*, worse than non-tabbed browsing, and it wasn't until other browsers introduced the "tabbed SDI" interface that tabbed browsing really became usable.
popup blocking
Popups should never have been part of JavaScript in the first place. You can't let remote pages do abusable things to your local system, no ifs, ands or buts. There were a lot of proxies that blocked these, though, and frankly I really like the incredibly flexible and powerful privoxy more than any browser-native blocking.
Voice operated browsing ?
Fair enough. You could probably do it without many problems on the classic Mac (using the Speakable Items features and AppleScript), but native support? No.
Reading pages out loud ?
Been around in plugins forever, since at least NS 4 days.
It is not a bug in Slashcode. It is a bug in the Gecko (the rendering portion of Mozilla) code related to incremental reflow. It has been fixed in Gecko, but the latest version of Gecko has not been rolled into Firefox.
(Courtesy of another Slashdotter in the know.)
I'm not sure what the schedule is on rolling in the fix.
As regards voting -- yes, I think it is quite reasonable to be suspicious about a combination of (a) an exploitable voting system and (b) clearly partisian links from an operator. And that goes for the right *or* the left -- if the Demms could get away with ballot box fraud, you bet your ass that they'd do it in a second as well. But at the moment, the concern happens to be companies with ties to the Republicans.
SPF is not an effective anti-joe-job mechanism either. I have posted analysis (very negative) of SPF's anti-spam and anti-joe-job capabilitites to Slashdot before.
.5, he trusts this person .1, so I trust the second person .05, which is above my threshhold of .001"), and some form of feedback mechanism ("This person spammed me so I trust not only him not at all, but the person that trusted him less") you have major benefits -- you have carry-over reputation ("Linus just got a new email address, but it's endorsed by his old email address") and the like. Futhermore, you can have a "company postmaster" PGP key, which is used to sign keys of employees at a company, so when a large company opens a business relationship with that company, it just has their own postmaster (which their local users trust) sign the key of the other postmaster.
The reason SPF isn't good at anti-joe-jobbing is that there is no trusted map for users between a domain name and a company identity. If I send an email from @boa-international.com or @bankofamerica.banknetwork.com, end users won't consider the fact that it doesn't come from @bankofamerica.com. SPF is fundamentally tied to domain names. Furthermore, SPF has only domain-level granularity, which means that the larger the company, the weaker the anti-joe-job factor. It just takes compromising one computer anywhere at Ford to be able to send trusted "Ford official customer service" email.
SPF is (a) not a good anti-spam mechanism, and (b) not a good anti-joe-job mechanism. It is a very weak and fairly broken authentication scheme. It lacks trust management (despite the fact that the SPF people admit the need for trust network management). There are known attacks on SPF that will beat it, like the fact that it rides on an easily spoofable protocol (DNS) and does not attempt to establish a secure connection on top of it.
I'm not saying that PGP is ideal, but it could be used to provide a foundation to build a strong, effective anti-spam mechanism that doesn't suffer from SPF's flaws.
Note that Microsoft's Sender ID largely suffers from the same problems as SPF.
Yahoo's Domain Keys is actually somewhat better built (provides for a more sane delegation of mail server authority, and so forth), but still is a fairly inflexible and ineffective system.
Designing secure systems is very hard, no matter *how* good at it you think you are. It took a *long* time to get SSL reasonably mature and free of attacks. Throwing out a system like PGP which *is* mature, well-tested, well-built, flexible, and in favor of something new hacked up is really not a very wise decision.
That doesn't mean that we should just take PGP and whitelist people that you know (knowing that someone's identity is correctly associated with their email address is a different thing than knowing whether they won't spam you), but if there are flags like "authorized to authorize people as legitimate email parties", non-boolean trust metrics ("I trust this person
Good point. And it is possible that running BitTorrent in the manner mentioned *is* legal under Swedish law (I would doubt it, but it's certainly possible). However, the DMCA is not core to this C&D.
The newest cards supported well in DRI are from ATI. I have a Radeon 9200 I just bought, as it's the newest thing out with good open source support.
Nvidia is binary-only, and Matrox has lost their earlier excellent open-source support in the G200/G400/G450 era.
The new USCO-proposed INDUCE Act is still *very* dangerous, and vastly extends the arm of copyright law. Please take a moment, read my analysis, and post your thoughts, because I am quite worried about some of the elements here.
The new act bans P2P retransmission mechanisms that are dissociated from content. The following thing is considered "inducement":
distributing any dissemination technology that, when used as intended, automatically cuases the user of the technology to infringe copyrighted works without the user making a specific, informed decision, for each copyrighted work at issue, about whether to engage in such an infringement
Mechanisms that this ban includes:
Allowing remote, unauthenticated, or anyonymous publication mechanisms. Freenet, for instance, would be illegal if this act is passed, as the mechanism has everyone acting as a distribution point for anyone that wants to distribute data.
Partial-download sharing would be disallowed, as you must allow uploading of anything that you are downloading -- even if your own download is not infringing.
Scanning of drives for files to share would be legally dubious -- it might be necessary to force the user to manually add each file. The same goes for systems that share all files in a directory hierarchy, such as Windows Filesharing or FTP or Web servers.
It might require P2P systems to request metadata regarding file hashes (rather than simply *allowing* them to do so) to present data to the user so that he may make an "informed" decision.
Also banned is:
actively interfering with copyright holders' efforts to detect infringing uses of dissemination technology and enforce their copyright against those users
This would anonymous distribution systems, such as cypherpunk mailers, Freenet, Kast, and so forth -- a coder that adds features to prevent identification of end users is clearly interfering with copyright holders' efforts to enforce their copyright against such end users. This might also make illegal Tor and Zero Knowledge Systems' now defunct privacy services when used in conjunction with P2P.
offering an incentive to users of dissemination technology to make infringing use of the technology, such as providing improved performance of the technology in exchange for infringing distribution of copyrighted works
A significant factor in this is that there is a very great demand for cheaply distributed infringing files today (hence all the people downloading infringing files using P2P distribution mechanisms). The problem is that frequently infringing files are in greater demand than non-infringing files. Many interesting mechanisms to advance P2P system performance (like trust networks, free market sales of data a la Mojo Nation, etc) would be banned by this, as distributing infringing content is associated with distributing *desired* content, which many systems have good reason to encourage users to do.
failing to take reasonably available corrective measures to prevent any continuing acts of infringement...that were committed before the effective date of this subsection
I find this to be very unclear. What criterion is to be used for "reasonable"? Is it "and still maintain a profitable service"? Before something like this gets signed into federal law, I want to see this clarified.
Distributing a dissemination technology as part of an enterprise that substantially relies on the infringing acts of others for its commercial viability or the revenues of which are predominantly derived from the infringing acts of others
Wow. Sounds good, actually *very* scary. This could be repaired with the addition of a single word -- "...as a part of an enterprise that necessarily substantially relies on the infringing acts of others." As this clause is currently written, it means that if the majority of people using a commercial file distribution service *happen* to be infringing, even i
Let's take a look at the interview:
You had:
(a) People complaining about treatment of past software products, really pretty much ignoring Ingres. This has nothing to do with the stated topic of the interview.
(b) People complaining (now) that there is $1M involved. Come *on*. People hack on company-backed stuff for free, like MySQL or Evolution. If they want to give out money, fine. There's certainly no requirement to take any. You could donate it to the FSF.
(c) Demands for feature comparisons were, frankly, stupid. This is the CEO. He's going to know the strategic point of what's going on,a nd that sort of stuff. Not only is he probably not the best person to ask about feature comparisons, but there are probably such comparisons on their website.
Really, the entire interview was kind of a depressing way for Slashdot and the OSS world to deal with a company that is trying (potentially clumsily, yes) to donate some code to the OSS world and jump on the bandwagon. I remember that IBM used to get slagged on *all the time* when they first when OSSish. Does everyone have to pass a trial of fire by insult?
What are you *talking* about?
Let's take a look at the questions.
Some of them were, frankly, insults, and the sort of thing that I'm embarassed to have coming from Slashdot.
Some of them attacked CA's tendency to "kill off" products. Well, for Chrissake, this guy just did the *exact opposite* -- he open sourced something so that it can be developed and used and maintained.
I mean, it sounds like CA has an awfully low degree of respect among the masses of IT people on this board -- and people were being pretty frank about their opinions. *However*, I don't understand why people were so incredibly angry about Ingres. There was only one relevant, non-insulting question that I really saw on there.
Actually, this isn't the case. There was a copyright infringement C&D that included mention of the DMCA to try to scare the ISP (I wasn't aware that the DMCA made ISPs liable -- as a matter of fact, this was a major bone of contention in a lot of attempted legislation.)
The Berne Convention means that US copyright does apply in other countries, with different time limits (a country can make something public-domain after fifty years, even if it is still copyrighted in the United States). Shrek 2 is definitely newer than 50 years.
Other movie titles that are resistant to keyword-based searching:
:-) )
* One Point Oh
* XXX
* Thirteen
* M (Definitely predates P2P
At this point, the BS takedown notices have reached such a fever pitch that I've started rolling around a couple ideas for eliminating them as attacks.
One possibility would be writing a script that simply mails bogus takedown notices (based on the official ones) for various files, flooding the "takedown notice" mechanism and making it ineffective.
Note that recent federal antispam laws may have eliminated this as a legal tactic, due to the "misleading origin" bits. On the other hand, it doesn't have to look like it's coming from the MPAA -- just send a takedown request from someone else, even yourself. Enough incorrect takedown requests and people will start simply ignoring them.
I'd like to see telecom providers be forced to open platforms so that people can produce open source phones.
I'm not a huge fan of cell phones, but I'd get one if I could get one that I could hack up to add whatever features I want.
"I'm as fired up now as I've ever been in 24 years at Microsoft," Ballmer said. Noting the rapid adoption of technology such as PCs, the Internet and cellular telephones in the preceding decade,
As anyone who has seen the Ballmer:Monkey Boy video can attest, this is quite a claim.
Ballmer said a new generation of software and hardware, driven by advances in speech recognition technology and multimedia, will revolutionize the way individuals work and live.
So "speech recognition" and "multimedia" are the two current buzzwords?
Ballmer singled out XML and Web services as the "big breakthrough" of the next decade that will spur innovation.
I really wonder what it was like at that long-ago Microsoft meeting where they agreed to use the word "innovation" at every possible opportunity.
"If you have two popular operating systems, both will get attacked -- whatever is popular is going to be attacked," he said.
Yeah? Linux is a more popular server OS than Windows. How come Apache hasn't been compromised in the numbers that IIS has been?
While not perfect on security, Microsoft has a defined process for addressing security vulnerabilities, compared with the open source community, which he called "all over the map," when it came to addressing vulnerabilities in Linux, Ballmer said.
Microsoft's system, which isn't working as well as the apparently "all over the map" OSS world consists of (a) take in complaint, (b) cover up as long as possible, (c) refuse to call a the problem a "bug" and insist that it's an "issue", and (d) refuse to allow people who have the ability to fix the problem to *fix* them (in the OSS world, there's always some coder who can say "oh, shit, that's bad" and spin out a patch almost instantaneously, which is immediately available to those who need it immediately. This then gets integrated into the software package, and can be used at a higher level of QA by folks that can afford to wait around a bit, and then later with even stronger QA assurance as the distro okays the patch.) Microsoft's mechanism for dealing with problems is not transparent, not rapid, and has been dishonest in the past, attempting to falsely spin down the severity of problems or to shove blame off on to IT people "Well, yeah, we had a remote root issue in the RPC mechanism, but we put out a patch a *week* ago and besides, it's your fault for not firewalling our server." In the OSS world, people call bugs "bugs", give the whole world access to the bug-tracking system used by the the developers so they can see whether a problem is fixed and provide additional information, and there isn't any spin from a marketing department.
Finally, Ballmer argued that companies should be wary of the lack of indemnity from lawsuits, such as the suit filed by The SCO Group Inc. against DaimlerChrysler AG, IBM, Novell Inc. and others over parts of the Linux operating system that SCO claims infringe on elements of the Unix operating system that it owns.
"In the Linux world, nobody stands behind patent claims," he said, noting that Microsoft could be forced to swallow a $550 million judgement if it loses its ongoing case with Eolas Technologies Inc., but that its customers would be protected.
That is absurd. You can make the same claim about every product that I'm using. I have a keyboard in my hands -- there could be patents that cover it, but I'm provided no indemnification by the manufacturer. Same goes for HDTVs, cars, and whatnot. Besides, Microsoft has *never* followed up on covering customer losses. How many people do you know that have suffered damages from defects in Office or Windows? Has Microsoft ever offered to cover those losses, flaws in their *own product*? Hell, no.
"I'm not trying to spread fear, uncertainty and doubt," Ballmer said.
Ballmer is absolutely full of it. That is *exactly* what he's trying to do. Lots of vague claims to produce an inflated sense of worry.
"I just think people should go out and research this for themselves."
Well, at least Balmer and I can agree on this.
By "identification", they mean "authentication" (actually, I'm an idiot and wrote "authorization", so I'm not much better). They aren't using the terms in the way that a security person would.
When people want to "see a form of ID", they want to see an authorization that you are who you say you are, not just you saying "I'm John Smith", which is a form of ID.
The odds are still terrible you'll win an iPod Mini, but it looks like the only thing signing up for this will cost you is your time.
Yup. So it consumes some chunk of your time for an incredibly small chance to win an iPod Mini.
You really want an iPod Mini, with a 100% chance to win (and help out the other folks in the Open Source world)?
Do a GNOME Bug Bounty, and just *buy* an iPod Mini.
Apple wins, you win, the Open Source world wins, and the musicians win.
The sad thing is that:
(a) An SSN is only supposed to be used for identification, not authorization. Unfortunately, it's used for authorization all over the place (go to a bank, give 'em your SSN and you can withdraw money). This means that we can't use it for identification without severely impacting the users and providers on systems that use the SSN for authentication.
(b) SSNs as an identity scheme disallows the use of pseudonyms. I can't just give Apple an identifier to deal with me -- I have to give them an identifier that links my identity with my real name, credit history, and all that. There is absolutely no reason Apple needs any of that, and no reason whatsoever that I should give that to them.
Not only that, extensions are a nasty potential culprit. I use Adblock, and my last upgrade caused some sort of nasty problems in Firefox (I don't remember what it was, might have been something to do with font sizes being wrong, was a known problem with installing newer versions over an old version of Adblock).
I love Firefox's extensions, but they simply are not as well tested as Firefox itself, and upgrading them or Firefox can cause nasty problems that are very difficult for an end-user to track down. Flash Click To View doesn't work in the current Firefox, for instance...
That is the most ignorant Slashdot posting I've ever read that used complete sentences.
"And others are probably spoofing Apache to throw hackers off the scent, so Netcraft numbers" is not a complete sentence.
But even if it did use the mDNSResponder library, just because it's open source doesn't mean it is secure.
Obviously -- but there's a pretty good argument that it helps improve security (other factors being held the same, naturally).
I thought I had just finished with everyone under the sun trying to ram gmail tokens down my throat, and now I have to start over with the damn iTunes thing? Argh!
People are going to be suckers for recursive marketing until the market gets saturated.
Nice as this sounds and all, I have to point out that there's an awful lot of OS X code out there that is closed source.
Though most of the directly network-exposed stuff seems to be generally open source (well, dunno about Rendevous).