An extremely useless article even by slashdot standards, but I remember two copy
protection schemes that sucked even more:
Lenslock - used by a few
80s home computer games. I'm fairly certain it might have been a UK-only thing.
It was horrible. You had to fold this crappy bit of plastic a certain way and
hold it over a part of the screen. If you were lucky, and your TV wasn't too large or
too small, you might be able to make out the decoded letters which you had to type
in.
And then one we used at work: Parallel port dongles. I used to work in electronic
CAD and all the software used this, the result being you needed 5 or more dongles
all plugged in at the same time to do any useful work. In the end we got someone
in the workshop build a kind of "dongle motherboard" where you could plug
in multiple dongles more conveniently than having them hang out the back of
the machine, and more importantly pull them out to swap between machines.
Happy days... No, actually sucky days. I'm glad I use almost completely free software now.
Rich.
Re:Does XEN have a future?
on
Running Xen
·
· Score: 2, Informative
KVM is nice and shows promise, but performance wise the paravirtualized approach of xen is still significantly faster (as in very-near-bare-metal, even significantly faster than vmware ESX on most loads).
VirtIO, which is in latest versions of KVM, paravirtualizes all the hardware and
gives you almost all the benefit.
As you say, Red Hat offers libvirt which hides the differences
between virtualization systems, so for most administrators and application programmers,
which system "wins" is not going to matter. (My personal opinion is that none of them will
win outright, at least not for many many years - different approaches to virtualization are
suitable for different areas).
Here in Europe, in some countries, cell phone companies offer a service that can reveal a phone's location (with the precision of a fraction of a kilometer/mile) at any given time from any place actually... Any tracking (except maybe for aid in criminal investigations?) without the owner's consent would be very illegal.
Very definitely this is used in criminal investigations. In the case of the
Soham murders
back in 2002, one of the victims had a phone which the murderer had turned off.
In a public appeal the police said they'd sent a message to the phone,
trying to trick the murderer into turning the phone on (which would reveal
its location).
The bottom line is that I know that the government does (or could) know my bank account information, my medical history, my cell phone calls, etc etc.
The problem is you're seeing "government" is a single abstract entity. But government is made up of all those
petty civil servants at the local council, policemen, judges and so on. Would you be happy to have a file
with full details of your children sent to every policeman in your city? Presumably only if policemen
were incorruptible, absolutely trusted, and none of them were themselves abusers. If you believe that
about the police, well...
So this is why it's not a question about should "the government" have access to this data.
It's about should all these random people have access to it? Is it really necessary for
anyone but one person (my family doctor alone) to have access to my medical history? Or should
that be shared with every single snooper at the local council? Should I give the firemen plans
to my house, when it's possible that one of them has a sideline in burglary?
but the only one eaten by americans is the cavendish
When I was in Bali I ate several different varieties of banana, and they
were all much more tasty than the "bog-standard" Cavendish. So maybe
this isn't such a bad thing after all.
Yes, you're absolutely right about this. In fact I've got a new (engineering sample) Intel machine at work which has a TPM & VT-d which
ought to protect against these attacks. No operating system that I'm aware of fully supports this stuff yet. (Maybe Windows 2008??)
With physical access you can reflash the firmware in either the BIOS or (eg) an ethernet NIC.
The modified firmware will have full access to the system RAM, disks, and just about anything
else (because it can DMA to/from memory and any device). So the next time the system is
booted and the full-disk-encryption password is entered it is indeed game over.
For instance, you can purchase a hard disk with the bits set randomly, but once you re-arrange the magnetic charges in a specific fashion, you are infringing upon someone else's rights. This goes to show that intellectual property is indeed an illusion. Shouldn't you be able to do what ever you'd like with that chunk of metal in your room?
These sorts of hyper-reductionist arguments are stupid. At the end of the day a human is just a bunch of atoms. Shouldn't I
be able to disrupt those atoms the same way I can disrupt the atoms in my own house if I want? And before you start
on who "owns" atoms, "ownership" is just an arrangement of neuronal connections in people heads. ENOUGH!
If we accept that we're talking about things at a human level, not at an absurd reductionist level, then both
ownership and copyright are meaningful terms about which we are able to have a discussion, and neither
is an "illusion" as you state.
however it does not make it easy to run commercial games for free
Do you happen to know if it enables you to play legally purchased out-of-region games?
I would really really love to play Densha De Go
on my UK Wii, but as far as I know this game won't play even if I bought a copy from Japan.
Blah blah.. It doesn't absolve your management of making forward-looking decisions. Just like other companies, if they ignore the obvious and make stupid decisions, they deserve to go out of business and allow better competitors to flourish.
Because our software doesn't run on linux. It used to be unix based, but several generations ago they decided to go with a windows environment.
You mean you deliberately depend on a software platform that you don't control, written by a vendor who
has demonstrably set out to destroy competitors and who doesn't reveal enough information to allow
you to compete fairly. Great business decision!! Sucks to be you, but you only have
yourself to blame.
The thing is that the guy can't say this after the fact. If he wants a cut, then that needs to be in writing before he accepts the job. I mean, $100k is not bad for what I would imagine is a part time job for a while. I don't know the game, so I don't know the scale of his dialog skills in it, but I doubt it was 2,000 hours of work over a year of time (1 FTE in manager speak).
Exactly, and if he was so sure the game was going to be a big success
why didn't he invest his $100K fee in Rockstar shares? That's the way
to make money on the back of the profitable work of others.
The truth is a bit more sinister. MPs have seen, and rejected, this.
The Labour government then decided they wanted it anyway, and bypassed
Parliament (and even democracy) by policy laundering it through the
unelected European Commission. The bonus is that they not just
bypass pesky "democracy", but they get it Europe-wide which means their
corporate masters pushing for this get to sell a lot more "security technology".
give 'em away to some local kids who are into sci/tech but maybe don't have a lot of money?
Been there, done that, wasn't pleasant.
A friend of mine who is a poor single mum gave me a couple of laptops which were beyond obsolete: 32MB & 64 MB RAM, Pentium few hundred MHz.
I spent some (of my own) money upgrading the RAM and put Xubuntu on them, and they were fine for basic
web browsing, provided you didn't try to open too many Firefox windows at the same time. I
gave one back to her.
A few weeks pass...
She buys a brand new inkjet Winprinter and Photoshop. (Not so poor eh?) And asked her friend to install it for her.
Her friend phoned me after trying several times to run the printer driver SETUP.EXE which wasn't
working.
I had to tell her that she should have asked me about the printer first, that the laptops
were basically bin material, no it's not Windows, no it doesn't run Photoshop, etc. It didn't go down too well.
They did negotiate it with you. [...] Did you not notice the big red STOP sign saying "By opening this package you are agreeing the the..."
The key word here is Negotiate. In a negotiation, both sides have a chance to
argue back and forth about terms in the contract, price agreed and so on. In contract law
this sort of negotiation has to happen, not just "take it or send it back".
It gave me an edge for the future. If the system is going to be bound by such things, I am going to register every stupid thing I come across that hasn't been registered yet. If I can't invent without being stifled, why should anyone else?
Fortunately (for Russia & China), unfortunately for the West, such a future won't come about. It's a bad idea to base
your entire economy on something which is easily copied by people who don't care about the artificial
constraints you put on yourself, and at the same time to ship off all your jobs and manufacturing over to
the same people. They don't care about your silly copy restrictions, and you give them all the
how-to and know-how so they can make the products successfully on their own. Can anyone see the flaw
in this plan?
Unless you like playing around with your user's machines a lot, you should better implement that at the MTA level and configure your mail server(s) so that they include the header.
Sure...
Or you could just use SPF, which basically does the same thing, only more elegantly.
SPF doesn't do the same thing at all. It relies on the receiver MTA to do something about the non-matching SPF records,
which evidently many don't (or at least, I've got proper SPF records, but still get huge amounts of backscatter spam).
interesting.. now, how do I do that in Thunderbird?
I've no idea. I used Thunderbird at work for a while, but got so sick of it that I replaced it with
mutt and have been much happier (and calmer) at work ever since.
There's an easy way to filter out backscatter while preserving bounce messages that you care
about (ie. ones about email that you actually sent):
1. Add your own custom header to all your outgoing emails. Doesn't matter what it is, but it should
be unique, eg. 'X-Really-From-Richard-Jones: xsomesecretx'
2. MTAs include the original headers in bounce messages, so
discard bounce messages which don't contain your custom header.
You can even be smart and sign the header based on the content of the email using a private key,
which would make it unforgeable, but at the moment you don't need to do that.
The situation in the UK is peculiar and accidental. Back in 1982 the government
sold off the state-owned telco, including all the lines in the ground (now worth
a vast fortune) for not nearly what it was worth. But you could argue that at
the time very few people really understood that the plain ol' telephones would
turn into such an important service for the economy.
Since then it's been mismanagement all the way. A series of toothless
regulators did nothing when BT basically refused to get into broadband
(1995-2000), did nothing when BT refused to install fibre to the consumer
(1992-today), actually backed down when BT refused to implement LLU deadlines
required by law (2000-2003),
and are still doing nothing about access speeds, the backhaul
network, price of POTS, phony "unlimited DSL" adverts,
premium line rip-offs, fibre again, etc. etc.
BT realised belatedly that they could make a bit of cash from one technology, ADSL,
which didn't require them to dig anything up and only needed them to install
a few racks of equipment at the exchange.
The only thing the regulator did was force them to sell wholesale ADSL
to themselves (BT) at the same price as to other providers. I was
involved in the early days and the other providers still had to
fight to access BT's order provisioning systems (which involved a lot of
rekeying orders multiple times into slow BT-owned mainframes).
So now most peole in Britain have, almost accidentally, access to speeds around 2-20 Mbps
(mostly 2-8)
for still quite a lot of money.
But, here's the thing. Where is the investment in speeds over ADSL 2+? BT
have spent a few billion implementing what they call their 21st Century Network, which amounts to
replacing a bunch of ATM and Frame Relay switches with IP routers, which
will allow BT to reduce their costs. But where's the fibre into homes and
offices? Where's 100 Mbps+ going to come from? What about the 3/4G mobile access
that isn't charged at ££/megabyte?
None of this bodes well for the future of Internet access or indeed
the economy as a whole.
Slashdot Mirror
literally hundreds of small, medium and big experiments
So simple division gives me a cost of about $1 billion per experiment give-or-take 50%. That's real value for money!
Rich.
It's been completely rewritten from scratch for the recently released RHEL 5.2. Not sure why it's not on the site yet, but I imagine it will be soon.
Rich.
An extremely useless article even by slashdot standards, but I remember two copy protection schemes that sucked even more:
Lenslock - used by a few 80s home computer games. I'm fairly certain it might have been a UK-only thing. It was horrible. You had to fold this crappy bit of plastic a certain way and hold it over a part of the screen. If you were lucky, and your TV wasn't too large or too small, you might be able to make out the decoded letters which you had to type in.
And then one we used at work: Parallel port dongles. I used to work in electronic CAD and all the software used this, the result being you needed 5 or more dongles all plugged in at the same time to do any useful work. In the end we got someone in the workshop build a kind of "dongle motherboard" where you could plug in multiple dongles more conveniently than having them hang out the back of the machine, and more importantly pull them out to swap between machines.
Happy days ... No, actually sucky days. I'm glad I use almost completely free software now.
Rich.
KVM is nice and shows promise, but performance wise the paravirtualized approach of xen is still significantly faster (as in very-near-bare-metal, even significantly faster than vmware ESX on most loads).
VirtIO, which is in latest versions of KVM, paravirtualizes all the hardware and gives you almost all the benefit.
KVM is where things are going because as a poster said above, it avoids having to write all the drivers twice over. Xen dropped the ball by not working closely with the Linux kernel developers. Now XenSource have been bought out by a Microsoft proxy, so the future for Linux & Xen is looking even less rosy.
As you say, Red Hat offers libvirt which hides the differences between virtualization systems, so for most administrators and application programmers, which system "wins" is not going to matter. (My personal opinion is that none of them will win outright, at least not for many many years - different approaches to virtualization are suitable for different areas).
Rich.
Here in Europe, in some countries, cell phone companies offer a service that can reveal a phone's location (with the precision of a fraction of a kilometer/mile) at any given time from any place actually ... Any tracking (except maybe for aid in criminal investigations?) without the owner's consent would be very illegal.
Very definitely this is used in criminal investigations. In the case of the Soham murders back in 2002, one of the victims had a phone which the murderer had turned off. In a public appeal the police said they'd sent a message to the phone, trying to trick the murderer into turning the phone on (which would reveal its location).
In fact this trick didn't work, but mobile phone location data was still crucial. Police plotted all the walking routes around where the phone was last located just before it was switched off, and from this found the suspect (later, murderer's) house and also disproved his alibi.
Rich.
The bottom line is that I know that the government does (or could) know my bank account information, my medical history, my cell phone calls, etc etc.
The problem is you're seeing "government" is a single abstract entity. But government is made up of all those petty civil servants at the local council, policemen, judges and so on. Would you be happy to have a file with full details of your children sent to every policeman in your city? Presumably only if policemen were incorruptible, absolutely trusted, and none of them were themselves abusers. If you believe that about the police, well ...
So this is why it's not a question about should "the government" have access to this data. It's about should all these random people have access to it? Is it really necessary for anyone but one person (my family doctor alone) to have access to my medical history? Or should that be shared with every single snooper at the local council? Should I give the firemen plans to my house, when it's possible that one of them has a sideline in burglary?
Rich.
but the only one eaten by americans is the cavendish
When I was in Bali I ate several different varieties of banana, and they were all much more tasty than the "bog-standard" Cavendish. So maybe this isn't such a bad thing after all.
Rich.
Yes, you're absolutely right about this. In fact I've got a new (engineering sample) Intel machine at work which has a TPM & VT-d which ought to protect against these attacks. No operating system that I'm aware of fully supports this stuff yet. (Maybe Windows 2008??)
Rich.
Physical access is not always game over....
With physical access you can reflash the firmware in either the BIOS or (eg) an ethernet NIC. The modified firmware will have full access to the system RAM, disks, and just about anything else (because it can DMA to/from memory and any device). So the next time the system is booted and the full-disk-encryption password is entered it is indeed game over.
Rich.
For instance, you can purchase a hard disk with the bits set randomly, but once you re-arrange the magnetic charges in a specific fashion, you are infringing upon someone else's rights. This goes to show that intellectual property is indeed an illusion. Shouldn't you be able to do what ever you'd like with that chunk of metal in your room?
These sorts of hyper-reductionist arguments are stupid. At the end of the day a human is just a bunch of atoms. Shouldn't I be able to disrupt those atoms the same way I can disrupt the atoms in my own house if I want? And before you start on who "owns" atoms, "ownership" is just an arrangement of neuronal connections in people heads. ENOUGH!
If we accept that we're talking about things at a human level, not at an absurd reductionist level, then both ownership and copyright are meaningful terms about which we are able to have a discussion, and neither is an "illusion" as you state.
Rich.
however it does not make it easy to run commercial games for free
Do you happen to know if it enables you to play legally purchased out-of-region games? I would really really love to play Densha De Go on my UK Wii, but as far as I know this game won't play even if I bought a copy from Japan.
Rich.
Blah blah .. It doesn't absolve your management of making forward-looking decisions. Just like other companies, if they ignore the obvious and make stupid decisions, they deserve to go out of business and allow better competitors to flourish.
Rich.
Because our software doesn't run on linux. It used to be unix based, but several generations ago they decided to go with a windows environment.
You mean you deliberately depend on a software platform that you don't control, written by a vendor who has demonstrably set out to destroy competitors and who doesn't reveal enough information to allow you to compete fairly. Great business decision!! Sucks to be you, but you only have yourself to blame.
Rich.
Why don't you just install Linux?
Rich.
It's a shame there's no "Scary" rating for the parent post ...
The thing is that the guy can't say this after the fact. If he wants a cut, then that needs to be in writing before he accepts the job. I mean, $100k is not bad for what I would imagine is a part time job for a while. I don't know the game, so I don't know the scale of his dialog skills in it, but I doubt it was 2,000 hours of work over a year of time (1 FTE in manager speak).
Exactly, and if he was so sure the game was going to be a big success why didn't he invest his $100K fee in Rockstar shares? That's the way to make money on the back of the profitable work of others.
Rich.
Nothing is really new.
Bytecode, killer pokes, the auto type, XML ...
Rich.
MPs haven't even seen yet
The truth is a bit more sinister. MPs have seen, and rejected, this. The Labour government then decided they wanted it anyway, and bypassed Parliament (and even democracy) by policy laundering it through the unelected European Commission. The bonus is that they not just bypass pesky "democracy", but they get it Europe-wide which means their corporate masters pushing for this get to sell a lot more "security technology".
Rich.
give 'em away to some local kids who are into sci/tech but maybe don't have a lot of money?
Been there, done that, wasn't pleasant.
A friend of mine who is a poor single mum gave me a couple of laptops which were beyond obsolete: 32MB & 64 MB RAM, Pentium few hundred MHz.
I spent some (of my own) money upgrading the RAM and put Xubuntu on them, and they were fine for basic web browsing, provided you didn't try to open too many Firefox windows at the same time. I gave one back to her.
A few weeks pass ...
She buys a brand new inkjet Winprinter and Photoshop. (Not so poor eh?) And asked her friend to install it for her. Her friend phoned me after trying several times to run the printer driver SETUP.EXE which wasn't working.
I had to tell her that she should have asked me about the printer first, that the laptops were basically bin material, no it's not Windows, no it doesn't run Photoshop, etc. It didn't go down too well.
Rich.
They did negotiate it with you. [...] Did you not notice the big red STOP sign saying "By opening this package you are agreeing the the ..."
The key word here is Negotiate. In a negotiation, both sides have a chance to argue back and forth about terms in the contract, price agreed and so on. In contract law this sort of negotiation has to happen, not just "take it or send it back".
Rich.
It gave me an edge for the future. If the system is going to be bound by such things, I am going to register every stupid thing I come across that hasn't been registered yet. If I can't invent without being stifled, why should anyone else?
Fortunately (for Russia & China), unfortunately for the West, such a future won't come about. It's a bad idea to base your entire economy on something which is easily copied by people who don't care about the artificial constraints you put on yourself, and at the same time to ship off all your jobs and manufacturing over to the same people. They don't care about your silly copy restrictions, and you give them all the how-to and know-how so they can make the products successfully on their own. Can anyone see the flaw in this plan?
Rich.
Unless you like playing around with your user's machines a lot, you should better implement that at the MTA level and configure your mail server(s) so that they include the header.
Sure ...
Or you could just use SPF, which basically does the same thing, only more elegantly.
SPF doesn't do the same thing at all. It relies on the receiver MTA to do something about the non-matching SPF records, which evidently many don't (or at least, I've got proper SPF records, but still get huge amounts of backscatter spam).
Rich.
interesting.. now, how do I do that in Thunderbird?
I've no idea. I used Thunderbird at work for a while, but got so sick of it that I replaced it with mutt and have been much happier (and calmer) at work ever since.
Rich.
There's an easy way to filter out backscatter while preserving bounce messages that you care about (ie. ones about email that you actually sent):
1. Add your own custom header to all your outgoing emails. Doesn't matter what it is, but it should be unique, eg. 'X-Really-From-Richard-Jones: xsomesecretx'
2. MTAs include the original headers in bounce messages, so discard bounce messages which don't contain your custom header.
You can even be smart and sign the header based on the content of the email using a private key, which would make it unforgeable, but at the moment you don't need to do that.
Rich.
The situation in the UK is peculiar and accidental. Back in 1982 the government sold off the state-owned telco, including all the lines in the ground (now worth a vast fortune) for not nearly what it was worth. But you could argue that at the time very few people really understood that the plain ol' telephones would turn into such an important service for the economy.
Since then it's been mismanagement all the way. A series of toothless regulators did nothing when BT basically refused to get into broadband (1995-2000), did nothing when BT refused to install fibre to the consumer (1992-today), actually backed down when BT refused to implement LLU deadlines required by law (2000-2003), and are still doing nothing about access speeds, the backhaul network, price of POTS, phony "unlimited DSL" adverts, premium line rip-offs, fibre again, etc. etc.
BT realised belatedly that they could make a bit of cash from one technology, ADSL, which didn't require them to dig anything up and only needed them to install a few racks of equipment at the exchange. The only thing the regulator did was force them to sell wholesale ADSL to themselves (BT) at the same price as to other providers. I was involved in the early days and the other providers still had to fight to access BT's order provisioning systems (which involved a lot of rekeying orders multiple times into slow BT-owned mainframes).
So now most peole in Britain have, almost accidentally, access to speeds around 2-20 Mbps (mostly 2-8) for still quite a lot of money.
But, here's the thing. Where is the investment in speeds over ADSL 2+? BT have spent a few billion implementing what they call their 21st Century Network, which amounts to replacing a bunch of ATM and Frame Relay switches with IP routers, which will allow BT to reduce their costs. But where's the fibre into homes and offices? Where's 100 Mbps+ going to come from? What about the 3/4G mobile access that isn't charged at ££/megabyte?
None of this bodes well for the future of Internet access or indeed the economy as a whole.
Rich.