... if the internet happens to be accessed via another application, namely Internet Explorer, which you expect to access the internet and thus are likely not to block?
Because that is (according to the article and MS's statement) what actually happens.
And if even that should be forbidden, what happens if i just mention that by entering a search string like DeCSS into your favourite search engine it will probably pop up about 50.000 web-pages discussing DeCSS, with a sufficient percentage of them linking to the actual code.
Will that be forbidden next? Or will all big search engines be forced to use "filter lists" to ban the bad words (i can imagine some people might then push on to get words like 'sex', 'nude' etc. on that lists). Why stop there, why not ban every mentioning of the 'evil word' altogether since otherwise people might get the idea to search for it.
I think i'll go and read Kerningham/Ritchie before they start burning books.
But what amazes me, is that they just try to move everything to Windows
Well, maybe just to avoid the bad publicity of an article such as this one. That should be reason enough for them. What should trouble windows users more than MS using Unix etc. on their own servers is the failure (of their own experts) to move to Windows and the recommendation not to use it for production.
Remember "Jesus He Knows Me" by Genesis? Especially the line "Just do as I say, don't do as I do..." applies here.
Before you ask who pays this "Tom" guy's wage you shold at least consider reading the article (thus helping to pay tom's wage) and following the links, for example to HardOCP.
Then you would notice, that
a) Tom gave intel ample time for reaction (he even called them prior to posting his first article) and really tried to get in contact and get some statements out of intel afterwards when it should have been intel (being concerned about their product) contacting Tom
b) Later HardOCP confirmed, Tom's findings, namely that Tom (and they too) got a production CPU that wasn't up to spec and that no 1.133 GHZ PIII could be relied on compiling a Linux Kernel
Considering the chain of events (especially intels noncommunication) I consider it highly likely that intel would have tried to hush it all up hadn't Tom acted as he had.
Also things would have been much worse for intel if the glitches where discovered later, since then there would have been much more systems already sold, and maybe intel would have started a major PR campaign about the fastest processor on the market (or somesuch). So Tom might have saved intel from a much bigger faceloss.
Had intel reacted quicker on Toms first article they could have come out of the story even better, and hadn't intel brought their 'fastest processor' to the market with uncalled for haste to beat AMD's announced 1.1 GHZ Athlon the whole story wouldn't have happened at all.
So please stop shooting at the messenger when hearing bad news.
One problem is, that the internet fundamentally changed some things, especially in the case of software. One thing is, that software is easy to use, once it's in your computer you can run it, and nowadays there's a lot of computers. It's not like some description how to make an atomic bomb because creating an atomic bomb is a lengthy expensive process, getting the right materials is only the start.
The other thing is the internet, spreading files blindingly fast aound the globe, once the thing is out of the bag and there's enough people interested in it, word will get around in a couple of weeks, together with the software. Something like gnutella is an ideal example: the internet can't be rid of it now that it's widely distributed, and it can be used with very little effort.
So while before big corporations could face down their 'problems' by keeping them local and by introducing new technologies before something was widespread enough to affect their income this is no longer the case. Before it was more like squishing ants: if joe normal choose to copy and sell music the company holding the copyright could beat him up pretty nicely in court and then proceed to hold him up as a bad example (or keep silent about the case if it ended unfavorable).
But now all those ants are darned fast, hard to localize and hit (try to make a big case of someone trading one musicfile), there's a lot of them and they're all attacking (their revenues) at once.
Naturally the companies are looking for new targets to strike at, and what better target is there than a single programmer, preferably without enough money to go through all those courts before going broke. Minimum effort for maximum effect: hit one little guy scare a million others (in that case the fast, information spreading internet even works for them).
But there's still hope: even the big business can't bring down the internet (especially without hurting themselves more than anyone else) and programs like gnutella and DeCSS will still surface and spread (maybe a little later than before) it will just become harder to track the sources down.
One good start for this is involving more people in the process (maybe working in some forum to cobble together a nice protocol (e.g. for filesharing)), implement it in source projects, and if possible make general purpose tools (filesharing and anonymity have other purposes than just distributing MP3's).
If you are a german maybe you want to tell your bank what you think about this and why you think about moving your account somewhere else, (most of them are banks) if they appear on this list.
In this case i'm less concerned about a business trying to defend their name than about the way they do it, namely using 'Abmahnung' demands where unsuspecting businesses get a letter demanding money from them just because they used the wrong wording in their advertising (see this comment for a pretty good explanation).
You answered your own question: "99% of all major companies USE Microsoft products" and that's sufficient reason to run MS stories. That MS is in legal trouble because they try to dominate the market in every way they can is MS's fault, i'm quite interested in this story, since i'm an european, and thus would like to see some sensible legislation in the way of MS marketing strategies preventing customers to be ripped of more than necessary. A good example of this is win98SE which costs four times as much if you buy it from the shelf than as an OEM version.
Since at present the internet is one of the fastest extending markets i'd like to see MS prevented from dominating that market for the next twenty years, like it has dominated OSes and key applications for the last twenty. MS is definitley making a grab for it as can be seen from their bundling IE with Win strategy (they where late to get in the business, but simply used the leverage of their OS to kick out the marketleader netscape), their approach to the kerberos protocol (basically trying to change a widely used protocol into some MSproprietary one), their recent.net initiative and their efforts in embedded applications (now it's handhelds, next will be phones, but it'll all be connected in the future, even your toaster).
Now i'd like a future where Microsoft has to make an effort that their applications correctly connect with everything else on the planet (basically by not screwing up when implementing a protocol) and not the other way around, like it's now with software: If some application doesn't work too well with Windows because some windows feature doesn't work as documented it's the applications (programmers) problem to get it fixed.
While i prefer a system of posting security holes in the open to the alternatives (namely that the security holes are spread in obscure cracker forums and thus will have a far longer lifetime) i find it debatable to provide readily usable scripts for even the dumbest to use freely. In most cases a simple "at this point a vulnerability exists which can be used for such and such a form of attack by people with such and such privileges" should give the maker of the software enough hints to fix the hole while it would take at least a little work for a cracker to make use of that information thus greatly reducing the number of potential crackers.
The only argument for giving away such scripts is to exert pressure on a company that totally ignores announcements of bugs otherwise and will only react when critical comments start to effect their product sales. I think the fairest way would be to give the company some headstart to fix the hole so they can provide the fix with the report (which should honor the finder of the bug for his efforts) and proceed to publish the hole on some open forum after a few days. If the company chooses to ignore the bug it will only make them look worse later. There is no need to add a script to the exploit as these will sprout up anyway as soon as the hole is known.
Really good point, i too wonder, why the recording industry continues to handle this case so inexpertly. Instead of setting their lawyers too it they could have made much better use of the money by buying into napster and seeing this as an investment into music distribution over the internet, a thing that will come anyway. Why break something that already works and then create it anew. The threat of legal action would have been a good bargaining chip and i think napsters management would have prefered to come to some status quo with the music industry on peaceful terms.
By dragging napster to the court the music industry can only loose, even if they win their case and shut down napster they will have won over a (then) worthless business, a business they will want to enter themselves in the near future but are not ready to (the 'association' in RIAA says it all, after they shut down napster they'll need at least two years to reinvent it on their own terms so nobody feels shortchanged).
The music industry could have had some good PR (hey look, we're giving away [rights for] music for free) and would have got into control to the point where they could choose which music is swappable and which isn't and begin to install themselves as the major partner for fileswapping slowly changing the bazaar into a shopfront with some leased space for free goodies in front of it to attract more customers and apart from that they'd had a new tool to promote new music.
What they're doing at the moment is in stark contrast to their own longterm interests: they're blocking napster, thereby making the people switch to more and different services, especially decentralized services which will be much harder to track down. If i have a problem i prefer it in plain view in one place rather than hidden and scattered literally all over the globe. To stress the aforementined bazaar-analogy a little more, they did a police raid on it and made the people carry the trade to their own homes.
What i don't understand is, why the music industry, that occupies so many PR people and marketdroids to create their own spin of trends, didn't ask some of them how to handle this best. Maybe they would have had to accept a new player on the market, but now they're just setting back their prospects of ever getting a grip on the situation, meanwhile making bad PR for themselves.
What would probably happen is, that a) big parts of the net would be missing b) maybe some countries/continents become either isolated or are badly (small bandwith) connected to the rest of the world
but this is very shortterm, after a few days/weeks alternative lines would be found, (phonelines etc.) and bandwith previously routed via USA would be routed elsewhere, and future projects for transatlantic lines are more likely to avoid USA.
The reason is, that the internet is a driving factor for too many countries economies by now, it's no longer the toy of some university geeks. If the net fails bigscale because the FBI wants to flex it's muscles this will be taken into account in the future, measures will be taken to reduce the dependency of the internet on the USA backbones.
The FBI knows this too, and even if their Carnivore toys have some builtin facility to shut down the whole trafic this will be used very carefully, and probably not nationwide. But theres a different aspect: Carnivore could be used to work selectively this makes a lot of sense: shut down that annoying website at ISP level with a commandline, put pressure on an ISP by just threatening to shut down it's services, put diplomatic pressure on other countries (one at a time) threatening to isolate their part of the internet (at least what is routed through US), simply drop any packets encrypted in a way the FBI doesn't like. The thing is, that Carnivore works as the big Hammer (shut down the net) only once, but much better and more effectively as a scalpel, to push some policies and generally make the internet behave the way the FBI wants it to.
The best thing that could happen to the internet is that some cracker found out now, how to shut down these boxes and do it to the 20 or so that are already in place, then the project would die pretty fast after some very bad publicity for the FBI.
It's even funnier regarding the fact that while the MPAA is raising a big fuss about anything from DeCSS to napster they don't seem to be concerned at all about the fact that a big market for DVDmachines (as in cranking out one every few seconds) is in China, now i don't know all those famous Chinese movies...
So when the MPAA starts lawsuits because of someone linking to the DeCSS tools why don't they try to sue those who sell DVDmachines to countries where american copyright isn't enforcable at all? I'd really love to see the MPAA answer that one, backed up with some numbers of DVDmachines sold to China versus legal DVD's being produced there.
If i write a post i don't want advertisements popped in and yes, i regard this as altering of content! The altered message makes me look like i wrote that to advertise, and the colored link is probably giving emphasis to subjects i didn't mean to. Also, i drop in links if i think a site is worth mentioning. For this place i don't need to, since noone will follow any links there anyway.
It would be even worse (and it's just a small step now) if someone got it into their heads to distribute altered messages further along the usenet. Imagine your newly advertisement enhanced messages spreading over a good part of usenet. What next, banners in usenet messages?
I don't think it's a good idea to alter content of posts (even if it's 'only' dropping in links) and i think other usenetservers should think about barring dejanews usenetaccess for some days to stop this scheme becoming too popular.
The main reasons for open source drivers are in my opinion: - short response times for new kernel developments etc. (the next kernel version/xf86-version (whatever the driver is for) could break the driver but that might be easily fixed with an open source driver.) - support from the open source community will make the drivers better and even help to develop better windows counterparts etc. - proper linux support lasts much longer, once it's running most changes are automatically (more reflecting changes in the kernel than enhancements of the drivers) and comes for free
The drawbacks are: - 'secrets' are slightly more obscured in binary versions (but if a competitor REALLY wants to know how that driver works he'll take it apart with a disassembler anyway) - there's anyway people working on the drivers, so open-source won't make it cheaper (but maybe better)
In that light it may make sense to keep a driver closed for some time (maybe half a year or so, true 'secrets' will either be copied or reproduced by competitors, be the driver binary or not), but in the long term opening the driver makes more sense (new driver revisions for linux come automatically, and maybe there's even some concepts to be learned for the next generation hardware and it's drivers.)
I think that is addressed under the keyword scalability: "Perhaps the most far-reaching innovations have been brought by the Keck, with virtually unlimited scalability of the telescope primary optics". The Keck telescope consists of 36 smaller mirrors (supplied by Kodak). Since for such big telescopes active optical control (meaning that the mirror(s) can be deformed slightly by special elements under them) is necessary anyway to counteract athmospheric effects and structural relaxation in different positions the problem of microadjusting all those smaller mirrors could be addressed by the active optics (though this is apparently still an issue).
This might also mean that the OWL could already start working before the main mirror is completely assembled, probably starting with the outer ring to make most of the diameter.
The problem with putting software into smaller boxes is obvious: in principle the jewel case would suffice, it has even space for a slim booklet, more than comes with most software. A lot of software IS in tha stores like that, but it's mostly chaep or old titles, for 20-30DM ($10-$15 in US i guess). One reason is that most customers arent used to spend $50+ on a CD or something of similar size. Another reason is also very obvious if you imagine 3-4 jewel case packaged Games between all those big cases: the customers wouldn't find them without asking, and if you put that brandnew game between all those (apparently) 'lame old' jewelcase packaged software many people don't even look at it doesn't work either.
One solution to this might be display cases: they take up the same space on the shelf as 4-5 'bigpackage' softwarecases, catch the customers eye but what you take home is just that slim jewel case (which has the added benefit of not cluttering up your shelf at home), there's even some cool variations about the jewelcase theme, music industry surly will provide examples.
Hmm, it occurs to me that they had better tested against XFree86 4.0 since that's a big step towards hardware acceleration support. For the right graphics boards the Linux numbers should have been a lot more like the W98 numbers (extrapolating from Q3A) as can be seen here though it seems the Voodoo fares better under 3.3.6 for now but the latter article also hints at how much can still be done for Voodoo support under linux.
What amazes me most in the article is how BeOS compares very well against windows. I'm really looking forward to a Q3A comparison of BeOS, Linux/XFree86 4.0 and W98 in a few months (best by some neutral agency) when Q3A is there for BeOS, more graphic cards are supported and XFree86 4.X has shed some bugs.
It seems to me, that this patent covers anything, where you use an input mechanism on a kind of "index" at a client to make a server come up with changing your display according to what that index refers to. (If they already extend this patent to cover WWW-links they have to extend "keyboard" to "input mechanism" to include mose, "terminal" has to be extended to any form of client, "phone line" has to be extended to any means of connection).
So surely this patent covers any client-server information access using any form of index like electronic library catalogues or any other form of electronically indexed database if only it has some form of visible index (this actually matches the description in the patent much closer).
It would also cover configuring the server side of a terminalconnection or any aplication running on a server the terminal is connected to via an option menu. This too is a much better match to the patents wording, small wonder, since the patent was thought of with a "one server, many dumb terminals" structure in mind.
Now it is very strange indeed, that the patent holders never tried for lincense fees from all those libraries, or anyone with a server-terminals structure setup for that matter. Maybe it was too easy then to dig up prior art. Or maybe they just got inspired by the Rambus Toshiba deal and just wait for someone who's paying before thinking.
I can't estimate the extent to which dynamic optimizations went into the results of the article in contrast to good optimizations from scratch.
Nevertheless i think dynamic optimizations are the thing to come: it costs a lot of man hours to find ideal optimizations to code, (you need to figure out the core routines, think about which optimizations make most sense for the current architecture, check those assumptions against reality) and man-hours, in contrast to cpu-time, don't become much cheaper. The dynamic optimizer does all that work for you, and even optimizes for different starting conditions/parameters by looking at what is *really* taking time now.
Look at the success (regarding computing power per bucks) of transmetas crusoe. A dynamic optimizer can gather far more hints for optimisations (branch predictions, loop length, array sizes, memory lookups) than a static one, in the latter case the programmer has to give all the hints (compile a subroutine with the correct set of optimisations, sort the loops right, sort branches, keep in mind some ranges for parameters and how they affect loop length, for some compilers throw in compiler directives, etc.) and even has to reconsider when porting to another architecture.
So with static optimizations it's either optimization limited to the part the compiler can see at compiletime (except for very basic stuff, every decent compiler will get that matrix multiplication right) or man-hour intensive and thus costly optimization.
It's a bad idea to set up something that 'automatically hacks back' e.g. launches an attack back at the attacker. The reason is, that now the hacker doesn't even need to launch his own attack, he only needs to tickle a system in the right way to provoke a reaction, if that reaction acts against another host with the same system installed: wonderful, we have a loop.
It gets even better if the mail, seeing that one mailer is overburdened, gets redirected to an alternative host (or something similar for other services)... now all we need is the routers in between reacting to the enhanced network traffic for a nice chain reaction (did you ever see the video with the room full of tabletennisballs on moustraps).
Just try to imagine that you are the sysadmin who later should sort out the mess, maybe it was even started by some accident or some rampant virus.
Once more it occurs to me, that it is far too easy for larger corporations to disrupt smaller businesses and free services by simply threatening lawsuits, even if the claims are totally bogus. In my view the problem is, that there is no risc in sending around some letter threatening lawsuits, especially if the lawyers are paid anyway and maybe have a little free time on their hand. Is there a possibility to countersue for done damages to reputation, service, etc.? That would enhance the risc, and maybe make lawyers think twice before sending out bogus claims. I think if such a claim can be proven to be bogus the claiming party should have to pay all costs, including lawyers of the accused party and compensation for any damages if the accused party chooses to take it to court.
Sorry, I don't understand why many US citizens are so fascination with weapons (about 20 lines of my rant deleted) but in stark contrast to weapons anonymity has more defensive character, forbidding it is more like forbidding kevlar vests, because with em you might raid a bank without the government being able to shoot you.
The bogus thing about most arguments against anonymity is, that the people who really want it (the big bad mafiaboss planning to soak america in cocaine) will still have it, there are too many ways on the net to become anonymous by redirecting information, if i want to hide the source i redirect the information often enough, if i wnat to hide the recipicient i encrypt it and send it to some newsgroup.
So a government will always have a hard time explaining to citizens who think a little about it why anonymity must be forbidden, the catch is they don't need to do this, since most citizens don't stop to think about it, even most politicians don't, it's much easier to listen to the big industry and reiterate their phrases.
I wonder if Judge Jacksons 'Findings of Fact' might also be affected by UCITA, at least he states there, that windows is overpriced, isn't that enough criticism to have it banned?
OTOH if DeCSS came under UCITA then noone could claim that it can be used for pirating movies without risking some serious legal trouble.
Actually UCITA is one of the biggest roadblocks on the way to innovation i've ever seen, since (constructive) criticism is always the first step to make something better. Now there's no more need for patches, security holes are no longer a problem (at least not a problem of the softwarevendor, if the customer learns about the problem when his host is all cracked over it's early enough to sell him the 'upgrade pack') and if some webpublisher writes the wrong things about the wrong software, why not simply remotely bring his hosts down.
Does anyone who stands behind UCITA even think a moment about consumers? or even economy? (no it's actually not a good idea in a world where nearly all production relies on Software to let the Softwaremakers have an easy way out of any responsibility or even critique.)
Can't the USPTO simply reject patents on grounds of unreadability? That would transfer the work of making a patent understandable to the patentholder, make future lawsuits much simpler (in those sentences a misplaced colon can make a big difference) and the damage of rejecting patents formulated in 'unreadable mode' would probably be negligible to granting them and then hoping that noone ever invokes the powers of the fineprint.
As far as i understand it he has patented any client-server process where you can initiate some request and then get some form of output from it.
Now what is affected by this patent? Search enginnes, network queuing systems, remotely accessible batchservices, what about a supercomputer only accessible via another computer, mpegstreams, multiplayergames, xterms, remoteshell, any remotely accessible process, java applets... or is it just a very special implementation of a database?
I probably overlooked some serious restrictions in that patent, it can't be that overly applicable, but i can't fight that grammatics.
It seems to me, that had the name "Kerberos" been somehow protected all this wouldn't be possible. Apparently everyone can do what he wants with the protocol and still call it Kerberos and even sue others if they distribute his altered specifications.
It would thus make sense to:
- protect the names of protocols somehow, by specifying what standards an implementation must fulfill so it may be called an XXX-implementation (this would have made it impossible for MS to call their protocol "kerberos" while it's not operating with other servers) it would suffice to address compatibility issues here, so one implementation of XXX will always operate with another while it may add additional features.
- include in the protocol specification that any implementation of the protocol is only valid (and may call itself XXX) if its specifications are made public without any legal restraints.
We should look what protocols are out there for MS to grab next.
Slashdot Mirror
... if the internet happens to be accessed via another application, namely Internet Explorer, which you expect to access the internet and thus are likely not to block?
Because that is (according to the article and MS's statement) what actually happens.
And if even that should be forbidden, what happens if i just mention that by entering a search string like DeCSS into your favourite search engine it will probably pop up about 50.000 web-pages discussing DeCSS, with a sufficient percentage of them linking to the actual code.
Will that be forbidden next? Or will all big search engines be forced to use "filter lists" to ban the bad words (i can imagine some people might then push on to get words like 'sex', 'nude' etc. on that lists). Why stop there, why not ban every mentioning of the 'evil word' altogether since otherwise people might get the idea to search for it.
I think i'll go and read Kerningham/Ritchie before they start burning books.
But what amazes me, is that they just try to move everything to Windows
Well, maybe just to avoid the bad publicity of an article such as this one. That should be reason enough for them. What should trouble windows users more than MS using Unix etc. on their own servers is the failure (of their own experts) to move to Windows and the recommendation not to use it for production.
Remember "Jesus He Knows Me" by Genesis? Especially the line "Just do as I say, don't do as I do..." applies here.
Before you ask who pays this "Tom" guy's wage you shold at least consider reading the article (thus helping to pay tom's wage) and following the links, for example to HardOCP.
Then you would notice, that
a) Tom gave intel ample time for reaction (he even called them prior to posting his first article) and really tried to get in contact and get some statements out of intel afterwards when it should have been intel (being concerned about their product) contacting Tom
b) Later HardOCP confirmed, Tom's findings, namely that Tom (and they too) got a production CPU that wasn't up to spec and that no 1.133 GHZ PIII could be relied on compiling a Linux Kernel
Considering the chain of events (especially intels noncommunication) I consider it highly likely that intel would have tried to hush it all up hadn't Tom acted as he had.
Also things would have been much worse for intel if the glitches where discovered later, since then there would have been much more systems already sold, and maybe intel would have started a major PR campaign about the fastest processor on the market (or somesuch). So Tom might have saved intel from a much bigger faceloss.
Had intel reacted quicker on Toms first article they could have come out of the story even better, and hadn't intel brought their 'fastest processor' to the market with uncalled for haste to beat AMD's announced 1.1 GHZ Athlon the whole story wouldn't have happened at all.
So please stop shooting at the messenger when hearing bad news.
One problem is, that the internet fundamentally changed some things, especially in the case of software. One thing is, that software is easy to use, once it's in your computer you can run it, and nowadays there's a lot of computers. It's not like some description how to make an atomic bomb because creating an atomic bomb is a lengthy expensive process, getting the right materials is only the start.
The other thing is the internet, spreading files blindingly fast aound the globe, once the thing is out of the bag and there's enough people interested in it, word will get around in a couple of weeks, together with the software. Something like gnutella is an ideal example: the internet can't be rid of it now that it's widely distributed, and it can be used with very little effort.
So while before big corporations could face down their 'problems' by keeping them local and by introducing new technologies before something was widespread enough to affect their income this is no longer the case. Before it was more like squishing ants: if joe normal choose to copy and sell music the company holding the copyright could beat him up pretty nicely in court and then proceed to hold him up as a bad example (or keep silent about the case if it ended unfavorable).
But now all those ants are darned fast, hard to localize and hit (try to make a big case of someone trading one musicfile), there's a lot of them and they're all attacking (their revenues) at once.
Naturally the companies are looking for new targets to strike at, and what better target is there than a single programmer, preferably without enough money to go through all those courts before going broke. Minimum effort for maximum effect: hit one little guy scare a million others (in that case the fast, information spreading internet even works for them).
But there's still hope: even the big business can't bring down the internet (especially without hurting themselves more than anyone else) and programs like gnutella and DeCSS will still surface and spread (maybe a little later than before) it will just become harder to track the sources down.
One good start for this is involving more people in the process (maybe working in some forum to cobble together a nice protocol (e.g. for filesharing)), implement it in source projects, and if possible make general purpose tools (filesharing and anonymity have other purposes than just distributing MP3's).
If you are a german maybe you want to tell your bank what you think about this and why you think about moving your account somewhere else, (most of them are banks) if they appear on this list.
In this case i'm less concerned about a business trying to defend their name than about the way they do it, namely using 'Abmahnung' demands where unsuspecting businesses get a letter demanding money from them just because they used the wrong wording in their advertising (see this comment for a pretty good explanation).
You answered your own question: "99% of all major companies USE Microsoft products" and that's sufficient reason to run MS stories. That MS is in legal trouble because they try to dominate the market in every way they can is MS's fault, i'm quite interested in this story, since i'm an european, and thus would like to see some sensible legislation in the way of MS marketing strategies preventing customers to be ripped of more than necessary. A good example of this is win98SE which costs four times as much if you buy it from the shelf than as an OEM version.
.net initiative and their efforts in embedded applications (now it's handhelds, next will be phones, but it'll all be connected in the future, even your toaster).
Since at present the internet is one of the fastest extending markets i'd like to see MS prevented from dominating that market for the next twenty years, like it has dominated OSes and key applications for the last twenty. MS is definitley making a grab for it as can be seen from their bundling IE with Win strategy (they where late to get in the business, but simply used the leverage of their OS to kick out the marketleader netscape), their approach to the kerberos protocol (basically trying to change a widely used protocol into some MSproprietary one), their recent
Now i'd like a future where Microsoft has to make an effort that their applications correctly connect with everything else on the planet (basically by not screwing up when implementing a protocol) and not the other way around, like it's now with software: If some application doesn't work too well with Windows because some windows feature doesn't work as documented it's the applications (programmers) problem to get it fixed.
While i prefer a system of posting security holes in the open to the alternatives (namely that the security holes are spread in obscure cracker forums and thus will have a far longer lifetime) i find it debatable to provide readily usable scripts for even the dumbest to use freely. In most cases a simple "at this point a vulnerability exists which can be used for such and such a form of attack by people with such and such privileges" should give the maker of the software enough hints to fix the hole while it would take at least a little work for a cracker to make use of that information thus greatly reducing the number of potential crackers.
The only argument for giving away such scripts is to exert pressure on a company that totally ignores announcements of bugs otherwise and will only react when critical comments start to effect their product sales. I think the fairest way would be to give the company some headstart to fix the hole so they can provide the fix with the report (which should honor the finder of the bug for his efforts) and proceed to publish the hole on some open forum after a few days. If the company chooses to ignore the bug it will only make them look worse later. There is no need to add a script to the exploit as these will sprout up anyway as soon as the hole is known.
Really good point, i too wonder, why the recording industry continues to handle this case so inexpertly. Instead of setting their lawyers too it they could have made much better use of the money by buying into napster and seeing this as an investment into music distribution over the internet, a thing that will come anyway. Why break something that already works and then create it anew. The threat of legal action would have been a good bargaining chip and i think napsters management would have prefered to come to some status quo with the music industry on peaceful terms.
By dragging napster to the court the music industry can only loose, even if they win their case and shut down napster they will have won over a (then) worthless business, a business they will want to enter themselves in the near future but are not ready to (the 'association' in RIAA says it all, after they shut down napster they'll need at least two years to reinvent it on their own terms so nobody feels shortchanged).
The music industry could have had some good PR (hey look, we're giving away [rights for] music for free) and would have got into control to the point where they could choose which music is swappable and which isn't and begin to install themselves as the major partner for fileswapping slowly changing the bazaar into a shopfront with some leased space for free goodies in front of it to attract more customers and apart from that they'd had a new tool to promote new music.
What they're doing at the moment is in stark contrast to their own longterm interests: they're blocking napster, thereby making the people switch to more and different services, especially decentralized services which will be much harder to track down. If i have a problem i prefer it in plain view in one place rather than hidden and scattered literally all over the globe. To stress the aforementined bazaar-analogy a little more, they did a police raid on it and made the people carry the trade to their own homes.
What i don't understand is, why the music industry, that occupies so many PR people and marketdroids to create their own spin of trends, didn't ask some of them how to handle this best. Maybe they would have had to accept a new player on the market, but now they're just setting back their prospects of ever getting a grip on the situation, meanwhile making bad PR for themselves.
What would probably happen is, that
a) big parts of the net would be missing
b) maybe some countries/continents become either isolated or are badly (small bandwith) connected to the rest of the world
but this is very shortterm, after a few days/weeks alternative lines would be found, (phonelines etc.) and bandwith previously routed via USA would be routed elsewhere, and future projects for transatlantic lines are more likely to avoid USA.
The reason is, that the internet is a driving factor for too many countries economies by now, it's no longer the toy of some university geeks. If the net fails bigscale because the FBI wants to flex it's muscles this will be taken into account in the future, measures will be taken to reduce the dependency of the internet on the USA backbones.
The FBI knows this too, and even if their Carnivore toys have some builtin facility to shut down the whole trafic this will be used very carefully, and probably not nationwide. But theres a different aspect: Carnivore could be used to work selectively this makes a lot of sense: shut down that annoying website at ISP level with a commandline, put pressure on an ISP by just threatening to shut down it's services, put diplomatic pressure on other countries (one at a time) threatening to isolate their part of the internet (at least what is routed through US), simply drop any packets encrypted in a way the FBI doesn't like. The thing is, that Carnivore works as the big Hammer (shut down the net) only once, but much better and more effectively as a scalpel, to push some policies and generally make the internet behave the way the FBI wants it to.
The best thing that could happen to the internet is that some cracker found out now, how to shut down these boxes and do it to the 20 or so that are already in place, then the project would die pretty fast after some very bad publicity for the FBI.
It's even funnier regarding the fact that while the MPAA is raising a big fuss about anything from DeCSS to napster they don't seem to be concerned at all about the fact that a big market for DVDmachines (as in cranking out one every few seconds) is in China, now i don't know all those famous Chinese movies ...
So when the MPAA starts lawsuits because of someone linking to the DeCSS tools why don't they try to sue those who sell DVDmachines to countries where american copyright isn't enforcable at all? I'd really love to see the MPAA answer that one, backed up with some numbers of DVDmachines sold to China versus legal DVD's being produced there.
If i write a post i don't want advertisements popped in and yes, i regard this as altering of content! The altered message makes me look like i wrote that to advertise, and the colored link is probably giving emphasis to subjects i didn't mean to. Also, i drop in links if i think a site is worth mentioning. For this place i don't need to, since noone will follow any links there anyway.
It would be even worse (and it's just a small step now) if someone got it into their heads to distribute altered messages further along the usenet. Imagine your newly advertisement enhanced messages spreading over a good part of usenet. What next, banners in usenet messages?
I don't think it's a good idea to alter content of posts (even if it's 'only' dropping in links) and i think other usenetservers should think about barring dejanews usenetaccess for some days to stop this scheme becoming too popular.
The main reasons for open source drivers are in my opinion:
- short response times for new kernel developments etc. (the next kernel version/xf86-version (whatever the driver is for) could break the driver but that might be easily fixed with an open source driver.)
- support from the open source community will make the drivers better and even help to develop better windows counterparts etc.
- proper linux support lasts much longer, once it's running most changes are automatically (more reflecting changes in the kernel than enhancements of the drivers) and comes for free
The drawbacks are:
- 'secrets' are slightly more obscured in binary versions (but if a competitor REALLY wants to know how that driver works he'll take it apart with a disassembler anyway)
- there's anyway people working on the drivers, so open-source won't make it cheaper (but maybe better)
In that light it may make sense to keep a driver closed for some time (maybe half a year or so, true 'secrets' will either be copied or reproduced by competitors, be the driver binary or not), but in the long term opening the driver makes more sense (new driver revisions for linux come automatically, and maybe there's even some concepts to be learned for the next generation hardware and it's drivers.)
I think that is addressed under the keyword scalability: "Perhaps the most far-reaching innovations have been brought by the Keck, with virtually unlimited scalability of the telescope primary optics". The Keck telescope consists of 36 smaller mirrors (supplied by Kodak). Since for such big telescopes active optical control (meaning that the mirror(s) can be deformed slightly by special elements under them) is necessary anyway to counteract athmospheric effects and structural relaxation in different positions the problem of microadjusting all those smaller mirrors could be addressed by the active optics (though this is apparently still an issue).
This might also mean that the OWL could already start working before the main mirror is completely assembled, probably starting with the outer ring to make most of the diameter.
The problem with putting software into smaller boxes is obvious: in principle the jewel case would suffice, it has even space for a slim booklet, more than comes with most software. A lot of software IS in tha stores like that, but it's mostly chaep or old titles, for 20-30DM ($10-$15 in US i guess). One reason is that most customers arent used to spend $50+ on a CD or something of similar size. Another reason is also very obvious if you imagine 3-4 jewel case packaged Games between all those big cases: the customers wouldn't find them without asking, and if you put that brandnew game between all those (apparently) 'lame old' jewelcase packaged software many people don't even look at it doesn't work either.
One solution to this might be display cases: they take up the same space on the shelf as 4-5 'bigpackage' softwarecases, catch the customers eye but what you take home is just that slim jewel case (which has the added benefit of not cluttering up your shelf at home), there's even some cool variations about the jewelcase theme, music industry surly will provide examples.
Hmm, it occurs to me that they had better tested against XFree86 4.0 since that's a big step towards hardware acceleration support. For the right graphics boards the Linux numbers should have been a lot more like the W98 numbers (extrapolating from Q3A) as can be seen here though it seems the Voodoo fares better under 3.3.6 for now but the latter article also hints at how much can still be done for Voodoo support under linux.
What amazes me most in the article is how BeOS compares very well against windows. I'm really looking forward to a Q3A comparison of BeOS, Linux/XFree86 4.0 and W98 in a few months (best by some neutral agency) when Q3A is there for BeOS, more graphic cards are supported and XFree86 4.X has shed some bugs.
It seems to me, that this patent covers anything, where you use an input mechanism on a kind of "index" at a client to make a server come up with changing your display according to what that index refers to. (If they already extend this patent to cover WWW-links they have to extend "keyboard" to "input mechanism" to include mose, "terminal" has to be extended to any form of client, "phone line" has to be extended to any means of connection).
So surely this patent covers any client-server information access using any form of index like electronic library catalogues or any other form of electronically indexed database if only it has some form of visible index (this actually matches the description in the patent much closer).
It would also cover configuring the server side of a terminalconnection or any aplication running on a server the terminal is connected to via an option menu. This too is a much better match to the patents wording, small wonder, since the patent was thought of with a "one server, many dumb terminals" structure in mind.
Now it is very strange indeed, that the patent holders never tried for lincense fees from all those libraries, or anyone with a server-terminals structure setup for that matter. Maybe it was too easy then to dig up prior art. Or maybe they just got inspired by the Rambus Toshiba deal and just wait for someone who's paying before thinking.
I can't estimate the extent to which dynamic optimizations went into the results of the article in contrast to good optimizations from scratch.
Nevertheless i think dynamic optimizations are the thing to come: it costs a lot of man hours to find ideal optimizations to code, (you need to figure out the core routines, think about which optimizations make most sense for the current architecture, check those assumptions against reality) and man-hours, in contrast to cpu-time, don't become much cheaper. The dynamic optimizer does all that work for you, and even optimizes for different starting conditions/parameters by looking at what is *really* taking time now.
Look at the success (regarding computing power per bucks) of transmetas crusoe. A dynamic optimizer can gather far more hints for optimisations (branch predictions, loop length, array sizes, memory lookups) than a static one, in the latter case the programmer has to give all the hints (compile a subroutine with the correct set of optimisations, sort the loops right, sort branches, keep in mind some ranges for parameters and how they affect loop length, for some compilers throw in compiler directives, etc.) and even has to reconsider when porting to another architecture.
So with static optimizations it's either optimization limited to the part the compiler can see at compiletime (except for very basic stuff, every decent compiler will get that matrix multiplication right) or man-hour intensive and thus costly optimization.
It's a bad idea to set up something that 'automatically hacks back' e.g. launches an attack back at the attacker. The reason is, that now the hacker doesn't even need to launch his own attack, he only needs to tickle a system in the right way to provoke a reaction, if that reaction acts against another host with the same system installed: wonderful, we have a loop.
... now all we need is the routers in between reacting to the enhanced network traffic for a nice chain reaction (did you ever see the video with the room full of tabletennisballs on moustraps).
It gets even better if the mail, seeing that one mailer is overburdened, gets redirected to an alternative host (or something similar for other services)
Just try to imagine that you are the sysadmin who later should sort out the mess, maybe it was even started by some accident or some rampant virus.
Once more it occurs to me, that it is far too easy for larger corporations to disrupt smaller businesses and free services by simply threatening lawsuits, even if the claims are totally bogus. In my view the problem is, that there is no risc in sending around some letter threatening lawsuits, especially if the lawyers are paid anyway and maybe have a little free time on their hand. Is there a possibility to countersue for done damages to reputation, service, etc.? That would enhance the risc, and maybe make lawyers think twice before sending out bogus claims. I think if such a claim can be proven to be bogus the claiming party should have to pay all costs, including lawyers of the accused party and compensation for any damages if the accused party chooses to take it to court.
Sorry, I don't understand why many US citizens are so fascination with weapons (about 20 lines of my rant deleted) but in stark contrast to weapons anonymity has more defensive character, forbidding it is more like forbidding kevlar vests, because with em you might raid a bank without the government being able to shoot you.
The bogus thing about most arguments against anonymity is, that the people who really want it (the big bad mafiaboss planning to soak america in cocaine) will still have it, there are too many ways on the net to become anonymous by redirecting information, if i want to hide the source i redirect the information often enough, if i wnat to hide the recipicient i encrypt it and send it to some newsgroup.
So a government will always have a hard time explaining to citizens who think a little about it why anonymity must be forbidden, the catch is they don't need to do this, since most citizens don't stop to think about it, even most politicians don't, it's much easier to listen to the big industry and reiterate their phrases.
I wonder if Judge Jacksons 'Findings of Fact' might also be affected by UCITA, at least he states there, that windows is overpriced, isn't that enough criticism to have it banned?
OTOH if DeCSS came under UCITA then noone could claim that it can be used for pirating movies without risking some serious legal trouble.
Actually UCITA is one of the biggest roadblocks on the way to innovation i've ever seen, since (constructive) criticism is always the first step to make something better. Now there's no more need for patches, security holes are no longer a problem (at least not a problem of the softwarevendor, if the customer learns about the problem when his host is all cracked over it's early enough to sell him the 'upgrade pack') and if some webpublisher writes the wrong things about the wrong software, why not simply remotely bring his hosts down.
Does anyone who stands behind UCITA even think a moment about consumers? or even economy? (no it's actually not a good idea in a world where nearly all production relies on Software to let the Softwaremakers have an easy way out of any responsibility or even critique.)
Can't the USPTO simply reject patents on grounds of unreadability?
That would transfer the work of making a patent understandable to the patentholder, make future lawsuits much simpler (in those sentences a misplaced colon can make a big difference) and the damage of rejecting patents formulated in 'unreadable mode' would probably be negligible to granting them and then hoping that noone ever invokes the powers of the fineprint.
As far as i understand it he has patented any client-server process where you can initiate some request and then get some form of output from it.
... or is it just a very special implementation of a database?
Now what is affected by this patent? Search enginnes, network queuing systems, remotely accessible batchservices, what about a supercomputer only accessible via another computer, mpegstreams, multiplayergames, xterms, remoteshell, any remotely accessible process, java applets
I probably overlooked some serious restrictions in that patent, it can't be that overly applicable, but i can't fight that grammatics.
It seems to me, that had the name "Kerberos" been somehow protected all this wouldn't be possible. Apparently everyone can do what he wants with the protocol and still call it Kerberos and even sue others if they distribute his altered specifications.
It would thus make sense to:
- protect the names of protocols somehow, by specifying what standards an implementation must fulfill so it may be called an XXX-implementation (this would have made it impossible for MS to call their protocol "kerberos" while it's not operating with other servers) it would suffice to address compatibility issues here, so one implementation of XXX will always operate with another while it may add additional features.
- include in the protocol specification that any implementation of the protocol is only valid (and may call itself XXX) if its specifications are made public without any legal restraints.
We should look what protocols are out there for MS to grab next.