These guys are guilty of copyright infringement, so charge them with copyright infringement. That's the crime they committed. There's no reason for "circumventing copy protection" to be a crime - unless you want to prosecute people MERELY for circumventing copy protection, even if they are NOT committing copyright infringement in the process. If you believe committing copyright infringement by circumventing copy protection is somehow worse than just committing copyright infringement, then the law should make circumventing copy protection in the process of committing copyright infringement illegal.
But it doesn't. It makes it illegal to circumvent copy protection even if the copying would otherwise be illegal. Thus, the DMCA effecively allows content owners to EXTEND their copyright protection by adding copy protection.
If it's legal for me to copy something, it should be legal whether the something has copy protection or not.
This is a non-problem. I put this in the same category as "Why arn't there any black people in northern michigan?" Is it because Northern Michigan hates black people? Of course not - it's because black people don't want to go there! There's no jobs, and it's freaking cold!
The question not being asked here is, why would you want to get a CS degree? CS doesn't exist in a vacuum - computers are tools to solve other problems. If you're a woman, and you are smart enough to use computers, why not major in biology, and use computers to solve biology problems? Or major in chemistry, and use computers to solve chemistry problems? Or major in any of several engineering fields? You don't need to know how operating systems or cache management or machine code works to write useful programs.
Women don't participate in CS because women don't want to. Men major in CS because:
1) They think it will make them lots of money 2) They REALLY REALLY REALLY like computers. 3) They are social idiots and CS ain't a bad career for people who don't like people.
Maybe, just maybe, girls don't major in CS because they have other things they'd rather major in, that better match their interests and talents, both intelletual AND social?
I've met several women who are proficient at computers. Only one of them majored in computing - the rest all majored in something else, whether it be chemistry, biology, technical writing, or graphics design. They didn't pass on CS or drop out of CS because of bias, they did so because of better options for them. Of the women I knew who dropped out of CS, they dropped out either because they were dumb (the same as all the guys who drop out of CS), or because they were BORED OUT OF THEIR SKULLS. They took a chem or bio or english elective and liked that better. About half-and-half. Contrast that with many of the men in CS - how many of them even have the option of doing something else? There are many, many men in CS who are in CS because they have no idea what else they can do, because they were socially stunted, and instead of being pushed to do girly things, were allowed to spend those career-forming high school years staring at their monitor and occasionally watching Star Trek.
but not important enough to require immediate attention from the people.
What if his motivation wasn't waiting for the book, but was waiting to release the story until just before a vote on extending the Patriot Act to have the maximum political effect?
The timing does seem rather convenient - and if this is true, is the guy slimy for waiting so it would have enhanced political effect, or a hero since it helped stall the patriot act?
Taking out commercials makes sense: Cuts your download time by a third, saves you the time of actually watching them. But smearing out product placements? Too much work for too little payoff.
Your technical analysis is incomplete, and based on poor assumptions.
Firstly, it assumes that a written-down password needs to be obtained at great risk. What if it's obtained by someone who has access to your office? Like the janitor? What if it gets thrown out? What if the user writing down the password just puts it on a post-it note on their monitor where anyone who happens to be there for whatever reason can see it? What if a fired employee intentionally takes note of another employees password on the way out?
So your assumption that getting a written-down password is a bad one. Conversely, a password that is not written down is not subject to any of these problems.
It has also been suggested that just because a password is memorized doesn't mean it can't be compramised - this is true. But any way a memorized password can be compramised, a written password can also be compramised.
Secondly, there is an assumption that a password that is not changed, if compramised, it can be used forever. This is also a bad assumption - there are plenty of ways to detect that a compramised password has been compramised short of changing it - like keeping track of where the password is used from. O not allowing it to be used from any but a handful of locations. A written-down password fails here - whereas you'll know a password has been compramised immediately if someone tries to use it from outside where you expect it to be used, you won't know that a written-down password has been compramised because it's being used from exactly where it's supposed to be - the computer next to where it is written down.
When considering written-down passwords against passwords that don't change, you have to comparethe loss of security of the password being written down with the gain in security of a compramised password eventually being changed. And you have to factor those risks by the damage - is a compramised password that changes 2 weeks from now much better than a compramised password that never changes? The amount of damage after the first two weeks is incrementally small when compared to the amount of damage in the first few hours.
Requiring frequent password changes is EXPENSIVE and gets either a MINIMAL or perhaps DETRIMENTAL affect on overall security, and legislating them is stupid - it's to make people FEEL like companies are protecting their assets when they really are not. It's like taking away nail clippers from people before they get on the airline.
If you are SERIOUS about security, you do a combinaion of things - you monitor where users log in from (don't let your developer log in from Chinabecause it ain't him.) You provide physical tokens to authenticate with (give your users a password generator that has its own password) so that possession of the token is required for login, and thus you'll know you've been compramised when your token is missing.
IF a system where you force your users to change their passwords every 3 months is secure enough for particular needs, a system that doesn't force passwords to change every 3 months is going to be fine too. If a system where you don't have to change passwords is NOT secure enough, you need to be thinking about something a little more secure than just going through the motions of making your employees call IT every 3 months.
This polar shift is obviously caused by excessive emissions. We're putting tons of pollutants into the atmosphere, and now the poles have started moving faster. This can't be coincidence.
Coming to an enfironmentalist's pamphlet near you.
What's meant by "authorities"?
on
Sober Code Cracked
·
· Score: 2, Interesting
Isn't the authorities being able to block a URL a problem? If authority means "Software I've willingly installed on my computer to block malicious URLs", then good, fine and dandy. If authorities means the government, I'm not so keen about that possibility.
Re:Hard to admit, but that is quite clever
on
Sober Code Cracked
·
· Score: 2, Insightful
why do talented people waste their abilities on viruses?
Because it's perceived as more profitable than dealing with a manager?
And neither of your points answer the question "Why are written passwords that change every three months more secure than memorized passwords that never change?"
All you said was that people believed the former were more secure, and therefore you have to have them or you'd be liable. I wasn't commenting on liability. I was commenting on the BASIS for liability being STUPID.
Again, why is a memorized password that never changes LESS secure than a written password that changes every 3 months?
At any given time, there is one password. One is written down, and the other is memorized. What makes the one that's actually written down more secure?
If the new way is so good, how come the world wasn't going to hell before? Did Enron and Worldcom go bust because the passwords wern't changed? Or did they go bust because our government coddles corporate criminals - in the cases suits stealing money is even illegal in the first place.
I can understand mandating a security protocol for systems that protect information subject to privacy. But if I have a company, and the only thing on my computers is my company's design information, my company should be able to choose the appropriate level of security for our business.
Why is a password that a user has committed to memory that never changes worse than a password that changes every three months that a user has to write down?
I don't know what country you live in, but here in the US there are no more "production jobs"...factories/plants have all moved production to Mexico, India, and China...
ALL? Com'on, there are plenty of manufacturing plants in all sorts of sectors in the US. Hell, even Japanese car companies build plants here.
I don't know if you've noticed, but unemployment is going up...if all technology brought more employment, we would not have such high unemployment...
Unemployment has historically swung mainly between 4 and 8 %, with a few years in the 1.whatever% and a few near 10. The current rate, 5.5%, is lower than last year's rate, 6%, corresponding to the end of the recession (unemployment, like the economy, is cyclical.)
First, the percentage of inventory lost to shoplifting is NOT A RELEVANT STATISTIC. Losses are determined by the VALUE of inventory lost to shoplifting. If you lose 0.6% of your department store's inventory, but it's all diamond rings, that's a big problem. You'll tend to lose a lot more valuable inventory than unvaluable inventory.
Second, 1% is a lot, especially if your profit margins are 2-5%. While a 1% difference in price may not be a big deal to you, it's a huge difference to the store.
Third, what's wrong with getting rid of employees? Economic growth DEPENDS on getting rid of employees. The less people involved in getting a product to a consumer, the more people we can employ on providing other products. If the company gets rid of an employee, saving the costs of paying that employee, competition will force those savings to get passed onto the consumer. That consumer will then spend that money they saved elsewhere - causing more people to be employed over there (or they'll save it, and it'll get invested somewhere else, causing more people to be employed over there.) The net result: More stuff!
There's a reason we all tend to have TV's, PC's, and cars, instead of being poor farmers or 60-80-hour week factory workers like we were in the 1800's: JOB ELIMINATION! Any job that can be eliminated by technology should be. If we're really good at it, technology will eliminate all jobs and we can spend all our time watching TV and still have all the stuff we want.
Just goes to show people don't become criminals because they're smart.
Why not? If anyone is going to consider becoming a criminal, it should be the smart ones. What you meant to say was that criminals don't get CAUGHT because they're smart. There are smart criminals. If they're really smart, they're the only ones who ever realize a crime was committed.
For example:
A dumb criminal switches barcodes to get a cheaper IPod. A SMART criminal hacks into the inventory control system, altering the number of products that were in inventory so that there's one less iPod and one more of the other item.
But that's not the main reason your motherboard has that fault tolerance built in - the major reason is fan failure. PC overheating will be caused by the environment/fans dying plenty more than "hot" components.
Now we know for certain that the machine is not only prone to overheating, there is an inbuilt error message related to it.
Kind of like the BIOS shipped with every PC nowadays? They'll even shut your computer down for you if it gets too hot. Man, all of those PC manufacturers must KNOW their PCs are defective because there's built-in thermal error message, right?
There is a difference between being able to say whatever you want, and being able to say whatever you want at whatever volume you want. If everyone speaks at the same volume, everyone's opinion has an equal chance of being heard. But if some people are allowed to speak at a much higher volume than others, the result is a loss of free speech for those who can't turn up their volume.
McCain/Fiengold does not restrict free speech, it RESTORES free speech, by attempting to limit the amount of speech that can be suppressed by being drowning others out.
Dropping the analogy, do we really have free speech if the only people who can be heard are those with millions of dollars to spend? Remember, speech is free as in speech, not free as in beer. It's not really free speech if you buy it - or have to.
Campaign finance laws are not designed to limit free speech, but to assure that the volume of the speech is proportional to the number of people speaking.
Slashdot Mirror
These guys are guilty of copyright infringement, so charge them with copyright infringement. That's the crime they committed. There's no reason for "circumventing copy protection" to be a crime - unless you want to prosecute people MERELY for circumventing copy protection, even if they are NOT committing copyright infringement in the process. If you believe committing copyright infringement by circumventing copy protection is somehow worse than just committing copyright infringement, then the law should make circumventing copy protection in the process of committing copyright infringement illegal.
But it doesn't. It makes it illegal to circumvent copy protection even if the copying would otherwise be illegal. Thus, the DMCA effecively allows content owners to EXTEND their copyright protection by adding copy protection.
If it's legal for me to copy something, it should be legal whether the something has copy protection or not.
I'm stuck with MREs and freeze dried crap.
There are other options. Like meaty travel companions and a big knife.
Foreign contries are more likely to export males to be educated abroad (this IS a social problem), and especially in CS, they skew the numbers.
This is a non-problem. I put this in the same category as "Why arn't there any black people in northern michigan?" Is it because Northern Michigan hates black people? Of course not - it's because black people don't want to go there! There's no jobs, and it's freaking cold!
The question not being asked here is, why would you want to get a CS degree? CS doesn't exist in a vacuum - computers are tools to solve other problems. If you're a woman, and you are smart enough to use computers, why not major in biology, and use computers to solve biology problems? Or major in chemistry, and use computers to solve chemistry problems? Or major in any of several engineering fields? You don't need to know how operating systems or cache management or machine code works to write useful programs.
Women don't participate in CS because women don't want to. Men major in CS because:
1) They think it will make them lots of money
2) They REALLY REALLY REALLY like computers.
3) They are social idiots and CS ain't a bad career for people who don't like people.
Maybe, just maybe, girls don't major in CS because they have other things they'd rather major in, that better match their interests and talents, both intelletual AND social?
I've met several women who are proficient at computers. Only one of them majored in computing - the rest all majored in something else, whether it be chemistry, biology, technical writing, or graphics design. They didn't pass on CS or drop out of CS because of bias, they did so because of better options for them. Of the women I knew who dropped out of CS, they dropped out either because they were dumb (the same as all the guys who drop out of CS), or because they were BORED OUT OF THEIR SKULLS. They took a chem or bio or english elective and liked that better. About half-and-half. Contrast that with many of the men in CS - how many of them even have the option of doing something else? There are many, many men in CS who are in CS because they have no idea what else they can do, because they were socially stunted, and instead of being pushed to do girly things, were allowed to spend those career-forming high school years staring at their monitor and occasionally watching Star Trek.
Americans don't know what a decimeter is.
but not important enough to require immediate attention from the people.
What if his motivation wasn't waiting for the book, but was waiting to release the story until just before a vote on extending the Patriot Act to have the maximum political effect?
The timing does seem rather convenient - and if this is true, is the guy slimy for waiting so it would have enhanced political effect, or a hero since it helped stall the patriot act?
Taking out commercials makes sense: Cuts your download time by a third, saves you the time of actually watching them. But smearing out product placements? Too much work for too little payoff.
tortured so effectively I have to wonder if you work for the White House.
If it was done effectively, the White House had nothing to do with it.
Protect yourselves from new government throwabale WiFi camera technology with our new throwable anti-WiFi-Cam Shield!
Consider all the lobbyists, state representatives, and state senators you have to buy.
Your technical analysis is incomplete, and based on poor assumptions.
Firstly, it assumes that a written-down password needs to be obtained at great risk. What if it's obtained by someone who has access to your office? Like the janitor? What if it gets thrown out? What if the user writing down the password just puts it on a post-it note on their monitor where anyone who happens to be there for whatever reason can see it? What if a fired employee intentionally takes note of another employees password on the way out?
So your assumption that getting a written-down password is a bad one. Conversely, a password that is not written down is not subject to any of these problems.
It has also been suggested that just because a password is memorized doesn't mean it can't be compramised - this is true. But any way a memorized password can be compramised, a written password can also be compramised.
Secondly, there is an assumption that a password that is not changed, if compramised, it can be used forever. This is also a bad assumption - there are plenty of ways to detect that a compramised password has been compramised short of changing it - like keeping track of where the password is used from. O not allowing it to be used from any but a handful of locations. A written-down password fails here - whereas you'll know a password has been compramised immediately if someone tries to use it from outside where you expect it to be used, you won't know that a written-down password has been compramised because it's being used from exactly where it's supposed to be - the computer next to where it is written down.
When considering written-down passwords against passwords that don't change, you have to comparethe loss of security of the password being written down with the gain in security of a compramised password eventually being changed. And you have to factor those risks by the damage - is a compramised password that changes 2 weeks from now much better than a compramised password that never changes? The amount of damage after the first two weeks is incrementally small when compared to the amount of damage in the first few hours.
Requiring frequent password changes is EXPENSIVE and gets either a MINIMAL or perhaps DETRIMENTAL affect on overall security, and legislating them is stupid - it's to make people FEEL like companies are protecting their assets when they really are not. It's like taking away nail clippers from people before they get on the airline.
If you are SERIOUS about security, you do a combinaion of things - you monitor where users log in from (don't let your developer log in from Chinabecause it ain't him.) You provide physical tokens to authenticate with (give your users a password generator that has its own password) so that possession of the token is required for login, and thus you'll know you've been compramised when your token is missing.
IF a system where you force your users to change their passwords every 3 months is secure enough for particular needs, a system that doesn't force passwords to change every 3 months is going to be fine too. If a system where you don't have to change passwords is NOT secure enough, you need to be thinking about something a little more secure than just going through the motions of making your employees call IT every 3 months.
This polar shift is obviously caused by excessive emissions. We're putting tons of pollutants into the atmosphere, and now the poles have started moving faster. This can't be coincidence.
Coming to an enfironmentalist's pamphlet near you.
Isn't the authorities being able to block a URL a problem? If authority means "Software I've willingly installed on my computer to block malicious URLs", then good, fine and dandy. If authorities means the government, I'm not so keen about that possibility.
why do talented people waste their abilities on viruses?
Because it's perceived as more profitable than dealing with a manager?
And neither of your points answer the question "Why are written passwords that change every three months more secure than memorized passwords that never change?"
All you said was that people believed the former were more secure, and therefore you have to have them or you'd be liable. I wasn't commenting on liability. I was commenting on the BASIS for liability being STUPID.
Again, why is a memorized password that never changes LESS secure than a written password that changes every 3 months?
At any given time, there is one password. One is written down, and the other is memorized. What makes the one that's actually written down more secure?
Because compromising written passwords do require physical access.
So? Compramising a password in my head requires telepathic access.
Since telepathic access is harder than physical access, wouldn't that make the memorized password more secure?
Those of us with sturdy tin hats already have our histories disabled.
Those of us with wedding rings do that too.
If the new way is so good, how come the world wasn't going to hell before? Did Enron and Worldcom go bust because the passwords wern't changed? Or did they go bust because our government coddles corporate criminals - in the cases suits stealing money is even illegal in the first place.
I can understand mandating a security protocol for systems that protect information subject to privacy. But if I have a company, and the only thing on my computers is my company's design information, my company should be able to choose the appropriate level of security for our business.
Why is a password that a user has committed to memory that never changes worse than a password that changes every three months that a user has to write down?
I go to the receptionist's computer and email IT to come and reset my password everytime I need to log in, since I forgot it.
I don't know what country you live in, but here in the US there are no more "production jobs"...factories/plants have all moved production to Mexico, India, and China...
t
ALL? Com'on, there are plenty of manufacturing plants in all sorts of sectors in the US. Hell, even Japanese car companies build plants here.
I don't know if you've noticed, but unemployment is going up...if all technology brought more employment, we would not have such high unemployment...
I havn't noticed, because IT IS NOT TRUE.
ftp://ftp.bls.gov/pub/special.requests/lf/aat1.tx
Unemployment has historically swung mainly between 4 and 8 %, with a few years in the 1.whatever% and a few near 10. The current rate, 5.5%, is lower than last year's rate, 6%, corresponding to the end of the recession (unemployment, like the economy, is cyclical.)
So, yes, you're full of FUD.
Your post is FUD.
First, the percentage of inventory lost to shoplifting is NOT A RELEVANT STATISTIC. Losses are determined by the VALUE of inventory lost to shoplifting. If you lose 0.6% of your department store's inventory, but it's all diamond rings, that's a big problem. You'll tend to lose a lot more valuable inventory than unvaluable inventory.
Second, 1% is a lot, especially if your profit margins are 2-5%. While a 1% difference in price may not be a big deal to you, it's a huge difference to the store.
Third, what's wrong with getting rid of employees? Economic growth DEPENDS on getting rid of employees. The less people involved in getting a product to a consumer, the more people we can employ on providing other products. If the company gets rid of an employee, saving the costs of paying that employee, competition will force those savings to get passed onto the consumer. That consumer will then spend that money they saved elsewhere - causing more people to be employed over there (or they'll save it, and it'll get invested somewhere else, causing more people to be employed over there.) The net result: More stuff!
There's a reason we all tend to have TV's, PC's, and cars, instead of being poor farmers or 60-80-hour week factory workers like we were in the 1800's: JOB ELIMINATION! Any job that can be eliminated by technology should be. If we're really good at it, technology will eliminate all jobs and we can spend all our time watching TV and still have all the stuff we want.
Just goes to show people don't become criminals because they're smart.
Why not? If anyone is going to consider becoming a criminal, it should be the smart ones. What you meant to say was that criminals don't get CAUGHT because they're smart. There are smart criminals. If they're really smart, they're the only ones who ever realize a crime was committed.
For example:
A dumb criminal switches barcodes to get a cheaper IPod. A SMART criminal hacks into the inventory control system, altering the number of products that were in inventory so that there's one less iPod and one more of the other item.
But that's not the main reason your motherboard has that fault tolerance built in - the major reason is fan failure. PC overheating will be caused by the environment/fans dying plenty more than "hot" components.
Now we know for certain that the machine is not only prone to overheating, there is an inbuilt error message related to it.
Kind of like the BIOS shipped with every PC nowadays? They'll even shut your computer down for you if it gets too hot. Man, all of those PC manufacturers must KNOW their PCs are defective because there's built-in thermal error message, right?
It's called fault-tolerance.
There is a difference between being able to say whatever you want, and being able to say whatever you want at whatever volume you want. If everyone speaks at the same volume, everyone's opinion has an equal chance of being heard. But if some people are allowed to speak at a much higher volume than others, the result is a loss of free speech for those who can't turn up their volume.
McCain/Fiengold does not restrict free speech, it RESTORES free speech, by attempting to limit the amount of speech that can be suppressed by being drowning others out.
Dropping the analogy, do we really have free speech if the only people who can be heard are those with millions of dollars to spend? Remember, speech is free as in speech, not free as in beer. It's not really free speech if you buy it - or have to.
Campaign finance laws are not designed to limit free speech, but to assure that the volume of the speech is proportional to the number of people speaking.