We don't have disaster recovery plans for nothing.
Part of the "safe practices" I mentioned.
No firing reasonable people who failed if they can reasonably learn from it is not sensible.
"Punish" can mean many things. The point is, defend yourself! Pay your vendor to defend you, or choose a new one. Don't expect the Feds to make it all OK.
mired in office politics that force them
In that case, those office-politicers doing the forcing are the ones whose jobs should be endangered.
. Bear in mind that the defenders have to take care of -every- vulnerability, while the attackers (dolts) have to just find one vulnerability - basically, it's worlds harder to defend than to attack.
Yes, that's the Fundamental Offense-Defense Inequality, which has diverse applications from warfare to philosophy and futurism ("psychohistory" - Asimov).
Trivially provable for simple domains- for a size N change to a target, there are N*N ways to break it, but only N to maintain it's status. In the physical world, N is measured as the amount of kinetic energy you can deploy ("War is just the directed exchange of kinetic energy" - Adam Selene). This gives an interesting result for the nature of warfare across history: As technology increases so does our ability to output kinetic energy, and by the (N*N - N) equation, our ability to inflict harm will progress much faster than we can learn to block it.
Thus a simple math formula predicts the Mutually-Assured-Destruction scenario which occured 50 years ago, and also suggests that the "National Missile Defense" program of the US administration will not be successful.
care of -every- vulnerability
Naturally 100% security (of anything!) is impossible (cheap trusim). Its true that can't close every vulnerabilty- for a sufficiently broad definition of vulnerability (such as wasting a secretary's time). But for those vulnerabilities which are significant (violate your privacy, redirect funds, extended DOS), you need to try to close them somehow. You can try technological means, or you can recruit armed guards (in the form of legions of police officiers)- neither will be 100% perfect, but either will help in some circumstances.
Outlawing something won't stop it from happening. At best it may reduce the incidence. So the question becomes, which approach will be cheaper? Physical force, or technical control? You need a some of both, of course, but which will be most cost effective? Which will be scalable to an eventually enormous number of internet users around the world?
I say the technical approach is more scalable. Secure software can be written once and infinitely replicated. (There's custom configuration needed too, but as time goes by it will become more well known and thus cheaply replicable). Cost is proportional to the number of kinds of systems in use (much lower than the actual number of systems). In 50 years, the software needed to secure (the vulnerable parts) of 99% of all business software will be commodotized and cheap (eventually its copyright will expire).
But for the physical approach, you need to have a X number of police officers for every 1000 humans on the planet, and Y district attorneys and Z jail cells also. (In addition to what you need for fighting traditional crimes). Costs proportional to the number of potential offenders. As a long time passes, it won't get cheaper. Retiring personnel will need to be replaced, and the population will keep on expanding. This sounds much more expensive than technological security measures, especially in the long run.
The number of potential offenders (all of humanity) is much bigger (>>) than the number of potential targets (remembering that identical kinds of computer systems count as one). Therefore, physical protections for our computer systems will be inherently more expensive than technological solutions. Any short-term actions (more stringent hacker arrests) which undermines the deployment of tech. fixes will threaten our future.
And when I write my congresscritters about how I'd like to see things handled, that's influence.
Yes, I have some influence. And I'll push for a computer solution to a computer problem. Seems like you'll try to cancel me out, oh well. I didn't have much hope anyway, these humans are too driven by emotion to see the big picture.
So I'm being a techno-optimist here. The rules of the computer world are artificial, defined by humans. The only limit to our control of the computer world is our ability to understand it- so far we change the cyberworld faster than we can catch up. But if we were, say, to define a specific subset of high-value operations (money transfers, personel privacy, encryption) as being fundamental towards future security, we could "feature-freeze" the software we use, and eventually study it so closely that it can be proven exploit-free.
That's a utopian vision, but it is partially attainable (and more feasible than creating a 3:1 cops:citizens ratio for round-the-clock physical enforcement). Partially attainable, that is, only if we decide to go that way, and really invest in securing our computers. Allowing system administrators to say "We were attacked by a criminal, it's a police matter, there's nothing I could've done to stop it" won't bring us down the right road.
Instead, it will supress outbreaks of computer intrusions long enough for the developed world to become 100% reliant on digital systems for day-to-day distribution of water, power, and food. Then you'll get a handful of kamikaze whackos with no fear of mortal punishment, and the age of cyber-terrorism will really begin.
some hackers really are hackers. All hackers really are hackers. "hacker, n. A person who operates a complex system in a manner inconsistent with it's designer's intent."
mistake you've made in your claims about me You're the one who admitted to have been repeatedly 0wned. If you were exaggerating, then so was I.
(rather obvious, really) Maybe it was obvious because it was a generalized attack against a whole class of inadquate administrators. "You" is also a plural word, remember.
Genital mutilation aside, I agree that punishing the bad sysadmins will usually be more productive than searching for hackers to punish instead.
However, there's 2 ways to punish the sysadmins: active or passive. The government can actively seek them out and torment them. This will create lots of police, lots of trials, lots of licensing buearacracy and circular fingerpointing to pass along shared guilt. The practical, legal, and constitutional barriers are enormous.
Or there's the "passive" punishment. Sysadmins have customers, and customers want to see someone get blamed for security failures. If they don't see the government punishing a hacker for it, they'll eventually start punishing the sysadmins on their own. (Either by simple withholding of money, or more medieval approaches)
Everytime some idiot joyrider breaks into one of our systems
Everytime that happens, it means YOU failed to do your job of maintaining security. Be happy that you only have to wipe up a little mess, instead of getting fired like your incompetence deserves.
Maybe the failure came when the wrong product was selected, or when something was installed wrongly or incompletely- but someone in your organization caused the vulnerablity, and the boss should be free to put him on trial for it.
Am I "blaming the victim" here? Yes, but that's the only approach that will be productive. You can't ask the entire human population to respect your machines- you've got no influence with them. The only way to attack the problem is via the people your boss does control: his employees. Tell them to buy secure systems and use safe practices, and punish them when they fail.
Like many people, I don't want to see new laws created to cover every time someone uses a computer for some $CRIMINAL_ACTIVITY which was already illegal by itself.
However, there's a real limit to how far analogies can take you. We can't just say "it's like vandalism / theft / graffiti / spying / workplace disruption / copyright infringment" and expect applying the equivalent punishments to produce the best results for our society. There are ways that internet-based activities are completely unlike anything that's come before.
Lets focus on just one of the most important differences between "cyber-crimes" and the old-fashioned physical variety: it's now possible (and easy) for the victim and perpetrator to be in different jurisdictions when the offense is committed.
During the early popularization of the internet, most users were in the US (or its servant-states like the UK), so often enough the vic & perp were under the same set of laws. The FBI was able to haul in domestic hackers like of Cpt. Crunch, Bob Morris, Mitnick, and later Mafiaboy. (I think Jaegar was a notable exception)
But is arresting those guys really the best way to protect the US economy? The US government is using guns and handcuffs to protect US businesses' computers from tampering- can we expect that defense to remain viable in the future?
Physical force is not a lasting solution to an electronic threat
(It's like "security through obscurity"- it will work at first, and is easy to implement. But someday the enemies become experienced enough to circumvent that defense, and by then you need real protection)
Threat of arrest only works on perpetrators inside your jurisdiction. "Cyber-Crimes" can be performed by anyone with a PPP stack- which is everyplace with reliable electricity. The US has a powerful law-enforcement/military presence, and with extradition treaties can bump up their effective jurisdiction to cover a majority of the earth's landmass. (Although with reduced precision in the less-friendly or less-developed nations, or where local cops are too busy with violent crimes to go hunting down script-kiddies)
What about nations that are downright non-friendly? If a Canadian teen can inflict billions of dollars of economic damage in 3 days (and only be caught after public bragging), what about government-sponsored agents in "The Axis of Evil"? Suppose China takes offense at "US imperialists", and assigned 200 CS PhDs to build innovative DOS strategies for e-commerce sites?
Unless we can rely on forming a durable "Pax Americana", with a single organization enforcing a uniform law code across the entire planet, there will always be places for hackers to hide beyond your reach. (The Bush administration wants to create such an empire, but they will fail.)
I would argue that so-called "cyber-terrorism" hasn't happened yet, and will never be a major concern (the small number of computer-operated systems capable of producing enough violent damage to evoke "terror" will be heavily protected, with much redundancy and human oversight).
But "cyber-economic-warfare" is a real risk in next 20 years, and so far the US government has been allocating serious funds to make the problem worse when it starts to hit.
All of the FBI efforts to strongarm and incarcerate computer pranksters is just reducing our resisitance to the eventual onslaught. The government subsidizes insecure software by arresting people who break it, relieving the developers from fixing their own products. Microsoft might not publish such dangerously insecure systems if they faced the traditional punishments that the free market unleases on inferior products.
Let's privatize computer security! Save tax dollars, and increase effectiveness at the same time. We could reduce the penalty for "hacking" type crimes (or DOS) to the magnitude of a traffic ticket. (Teens cannot commit them with impunity, but companies can't rely on arresting offenders as their sole defense).
(Naturally, using "hacking" perform any real crime- unauthorized fund transfer for instance, or copyright infringment- should be punishable just like that crime by itself)
He asked who rendered the avatars, not the habitats. You're not really disagreeing with him (or at least, your statment doesn't necessarily have a conflict).
From both of your descriptions, it seems that objects are rendered on the box that contains them: * Avatars are rendered on the (public) terminal where the operator is seated, then transmitted to viewers. * Habitats are rendered on the centralized server that hosts them, then transmitted to viewers.
In both cases, the image quality of an object is determined by the CPU resources of its creator.
And just like he said (marked with an *), corporations spend a big percentage of an employee's wages in other costs to support him: giving him tools, a desk, a roof and heat/AC. Plus administrative support, and a little left over for corporate profit... and if not doubling the price, it's climbing upwards.
(we *did* kick ass in afganistan, _but_ with the help of the Birts and Canadians)
With the help of the Afghans, really ("Northern Alliance" they called them). They supplied the men on the ground, 99.99% of the force, and 100% of the people who got shot (until 2 months had gone by, and anything resembling a "war" was already done)
The US put up some bomber pilots, and occasional SOF spotters.
We only viewed the war as easy because it wasn't our guys charging on horseback to get chewed up by AA fire.
Probably just an Anti-Personell mine. AP mines have a pale fraction of the power in an anti-tank mine (which are too large for most humans to carry). Pieces of HMMVW would rain a kilometer away if it parked on an AT.
(Still, it is important for light, infantry-mobility vehicles to have some survivablity too)
There's so much wrong here, I won't go through it all. Just the first complete error/lie:
1.) The Crusader is a smaller system then the current Paladin system that has been in use since around the 1950's. Yes we are talking the 1950's
First, the word is has no place after "Crusader", which is a purely hypothetical machine that has never even been prototyped. (A non-drivable gun doesn't count)
Second (as it says on the page you link), the Crusader was initially planned for 60t, although the designers slimmed it down to 38t once it was clear they were going to be cancelled. But the Paladin is 32t! Which one is "smaller" again?
Most of the strongest objections to the Crusader system were made towards the 60t proposal(it looks a lot more reasonable if you believe that it could get down to 38. But that's such a drastic change, I'd hardly call it the same system). Such a massive platform would have dismal, dismal ground mobility. It can't cross a river, bridges would rarely hold it. Fuel consumption like 10 gallons per mile for both the gun and the ammo-hauler would require 5 fueltime trucks just to keep it in gas.
Logistically it would never make sense, even the smaller version is barely worth it. It's like this: do you use a constant stream of large, slow, vulnerable propeller aircraft to land Crusaders, munitions, and fuel 30 miles short of the target, so they can scatter shells around a position the target was reportedly located 10 minutes ago?
Or just use a constant stream of F-18s to carry iron bombs directly ontop of the enemy, allowing each pilot to eyeball the target before unloading on it? There's no real need to use a whole separate system to for the last leg of the "power projection" journey.
Artillery can only be deployed if you have secure ground adjacent to the enemy. To secure that ground, you've either got to drive in from friendly terrain (a long trip, if there even is any friendly country nearby), or use strong air-power to secure the LZ. And if you've got strong air-power, you may as well use it to prosecute the rest of the enemy targets while the ground-forces are unpacking. And the way US air-power is shaping up, by the time the artillery has fully set up, they won't have any targets left.
direction control) The Crusader has proven to also be more accurate in shooting as well.
The limiting factor in US military firing isn't accuracy of shooting, it's accuracy of targeting Yes, it would be way cool if a Ranger could sight on a hostile tank column, squeeze a button on his OICW and instantly upload imagery and coordinates to a Crusader that launches a MLSI (Multiple-Launch Single Impact) barrage that lands 20 seconds later.
But that means 2 expensive ground assets, which while prehaps very tough, can't fly and are thus vulnerable to counterattack and slow to redeploy against new targets. More realistically, we'd just have a UAV that flys for 72 hours at a stretch call in a flight of F-35s from offshore to detonate a single AGM on each tank.
Sure, there are situations were you'd value the standoff ability of the Crusader- that they, unlike a plane, can hold position near the enemy for weeks on end and instantly start firing if the targets begin advancing. But the low chance of the US ever getting into a situation like that, the inflexible deployablity of heavy artillery, and the cost of developing yet another unproven high-tech system
This comes from someone who use to be in the Field Artillery and also lives 10 miles from the Field Artiller Training School for the Army.
Good of you to reveal your bias. Having invested your military career in artillery, you don't want to percieve it as a waste. Thus you'll optimistically assume that your training was worthwhile, and there will be a place for artillery on the future battlefield. Projects which reinforce this view you support- others can be ignored.
Cavalrymen felt the same way in 1915- they mostly got machine-gunned. Artillery crews in 2015 will be luckier- they'll mostly just get bored.
I mean, at one point the Aztecs had a little party where they had 86,000 human sacrifices in 3 days, killing more people per minute than the Nazis ever did on a good day.
86000/3 = 29000 daily, eh?
The European Axis did 10,000 daily, so that one (alledged*) mega-death incident is less than their average week. With an uneven rate of killing, it's very likely that Nazis occasionally did triple their average on a "good day".
In WWII, the US twice accomplished 40,000+ killings in a single day. (With a peak rate of 11,000 per second)
Between the Aztec losing control in 1519 and 1530 the population of Mexico went from 30 million to 6 million, so in that time there was a sustained death rate of 6,000 daily. Smallpox humbles the fiercest works of man.
* I've never read of Aztecs killing more than 20,000 in a year, and even that sounds exaggerated.
An EDL doesn't have to be spread on a p2p network or through email. Under present US copyright law, the EDL is probably not a derivative work.
Yeah, but even if its legal you need some way to spread it around. Those or an http-server might be equally good, as long as the media-player can eventually get the ability to search the net for matching EDLs as soon as it begins queuing up the video.
However, I'm afraid that if anti-commerical EDLs ever start to put a dent into revenues, MPAA lawyers will argue "The EDL could not have been created without use of our work, it is in essence replicating creative editing choices made by our hard-working artists as they selected the most effective points to insert hard-hitting, thought-provoking sponsor messages. Your site must desist immediately, or face triple-damages in court"
play CMX EDLs of every enthusiasts's alternate edit of TPM, Memento and the Matrix.
To be impossibly optimistic, maybe someday TV producers (not "network" middlemen") will publish say 65 minutes of footage for an average 48 minute program. They'd include 2 or 3 precreated EDLs (G and PG-13), but fans would be allowed and encouraged to create their own.
Just as long as anyone who wants to view a remix is going to pay the publishers to download the original content-blob, they should be happy with the financial arrangement.
(I'd like to see some TV series like X-Files or Babylon 5 get compressed into 5-part miniseries, for instance)
Your assumption that when a source of high quality digitized video appears, a tool to play the video using an EDL will magically appear also is wishful thinking
It might not happen instantly. But the more popular high-quality entertainment videos with embedded advertisting becomes, the greater the incentive to create one. (Of course players already exist, but there's an ease-of-use barrier blocking most users. Price too.) But at some point a "Napster moment" will take place, as one developer releases a program that makes applying a popular EDL brain-deadeningly simple.
(Note that anti-commercial EDLs might not become overwhelmingly useful until there's been some back and forth between media players with 30 second skip software and the publisher's counterattack, which will be to decrease the regularity of commercial lengths, or to place ads on the edge of the screen while content plays. A more advanced EDL format could address the latter, too, by selecting only certain rectangular portions of the screen for viewing.)
(An additional EDL-countermeasure publishers could use would be to release multiple versions of videos, with commercials lasting for different durations, or invading different sizes of the screen. But that would merely force a more elaborate mapping between the video you have and the EDL you need to clean it up. Again, like cddb)
Yes, copyright already makes infringment illegal, but personal violations are hard to enforce.
However, the DMCA adds onto it by creating a super-broad definition of "contributory infringment", allowing the FBI to target the 10-20 hackers who post messages describing how to copy the shows. Otherwise the cops would be stuck trying to arrest millions of people doing the actual copying.
The TV networks can't feasibly hope that an armed police response to copyright violators will protect their profits streams- there's just too many targets. But pilloring a few people for DMCA infringment? That might work! (As long as their defense attorneys fail to argue the "no-circumvention" exception described above)
Yes, if CBS offered commercial-laden downloads on p2p, (without deploying any imaginative new impediments) they'd become the vastly preferred download source.
In comparison to random tivo-rippers, they'd have superior timeliness, audiovisual quality, and legality (the viewers can sooth that tiny pange of guilt that plagues them today).
The TV networks might even arrange some formula to inject p2p downloads into their Nielsen computations, so their income can proceed as usual.
However, if this happens, their profit model will immediately face a new menace: "virtual copyright infringment". Some hackers will create/modify a software MPEG player so that it applies a simple EDL (Edit Directive List) to the video as it plays.
When following an EDL, a player doesn't read through the stream linearly from start to finish. ("Begin at the beginning, and go on to the end. Then stop"). Instead it may start playing 15 seconds in, then pause after 24 seconds and skip ahead 30 seconds before continuing, etc. Using an appropriate EDL, you could for instance watch a PG-13 edit of an R-rated DVD.
Or, more worrisome in this scenario, you could skip over the commercials of a recorded TV program.
So what will happen eventually is that the first few viewers to download a TV show will create a list of commercial start/end times when watching the show (just tap a button when viewing it for the first time) and then dissemenate a no-commercials EDL far and wide.
The EDL might be spread on a p2p network, or ftp site. But it's such a tiny file that you could easily transmit them through (mass?) email or IM instead. If the EDLs have a naming convention based on the authoritative filename used when the TV network released their show, then the viewer's process could be automated even more: when you start to play an official MPEG, the player hops onto Morpheus and searches for an EDL matching the commercial breaks for the video in question. (rather like the CD-audio database)
I could go on and discuss possible countermeasures (technical, legal, or creative) to the threat of EDL and virtual-infringment, but you get the idea.
You're dead wrong. If one employee of a company copys a program for another, she's just distributed it. That definition holds in both the English language, and courts of law. Even though corporations are in certain situations treated like a single entity, Intellectual Property law isn't one of them.
Can AOL buy a single copy of Microsoft Office for all of their employees? No, that would violate copyright.
Can AOL modify OpenOffice.org (LGPL) and give it to all their employees? No, that would violate copyright too.
First they'd have to agree to the LGPL, which means they'd have to give every recipient (each employee) permission to take a copy home and post it on their webpages.
The (L)GPL doesn't require you to publish changes you've made for all the world to see. However, if one of the people you've given it to (an employee) decides he wants to spread it far and wide, you've got no recourse to stop him. (Besides the threat of firing. Which may be effective, but illegal)
No, in the US at least, there are no copyright expirations right now. In 1975 there were, when materials published in 1921 were expiring and becoming Public Domain. But in 1976, copyrights got 19 years added onto them. So everything pre-1923 had expired already, but things published afterwards wouldn't start expiring again until 1997.
There was a brief period of renewed PD growth, but then copyrights were retroactively extended again. So now we can wait for 2018 for the next work to expire.
And that's assuming Congress doesn't roll it back yet again.
(The "strange" part, of course, is the surprised feeling a USian gets upon noticing entire planet doesn't suffer the same laws quite yet. A situation the RIAA will surely rectify, if the MPAA doesn't beat them to it.)
After the Vorbis guys released the free integer Ogg codec, you no longer need to buy tkcPlayer to get mobile ogginess. The Linux standby XMMS and also Opie Player can play them on a Zaurus (and probably some Ipaqs too).
Yeah, but the point about "no additional software" is that they don't have the resources to go around modifying all these existing games to output 2 pictures with 9 cm displacement between them. The games just output a list of triangles, based on viewing from a single camera position.
At some point Sharp has to slip in a modified driver which will produce the separate left_eye and right_eye images based on the 3d geometry the game wants to show. It'll need to know depth info so that the polygons can be given a horizontal displacement inversely proportional to their distance from the viewer. (A far-off tower looks the same from each eye, but a hand in your face has two detectably different images)
The existing stereoscopic 3d glasses also need a different image for each eye, and I assume they're generated the same way this Sharp monitor will.
Chances are they'll try some hacks in the Direct3d driver to guess at the Z values of onscreen objects in games. (Most likely, just reading the depth-buffer values that games use for hidden surface removal).
There is already a line of 3d glasses which will supposedly work with any game running on an NVidia card.
Given Sharp's emphasis on "3D without special glasses", the effect produced is probably similar to that existing product (but integrated into the monitor, and not as separate glasses)
You omitted the important part: A second octopus was allowed to watch through a window. When given a the same (refilled) jar herself, it took even less time to open.
Thus, octopi have demonstrated the ability to learn without first-hand experience. (A feat beyond the grasp of some primates)
I hope you're not just trying to play the game for free. You can already download a demo version with 20% of the levels and 90% of the weapons. The source code won't get you the rest, you'd still have to find the datafiles to enable them (such as from the full version of the game).
Getting this to work will probably be harder than you're expecting. Looking at the history of commerical FPS released as GPL (Wolf3d, DooM, Quake, Quake2), there'll be a lot of work needed to just make something compile, and then more work to get the colors, framerates, and file-locations right. The companies consider it a favor that they're releasing code at all- spending extra time writing updated directions isn't likely to be on their agenda.
Your surest bet, honestly, is to wait for someone else to solve those problems. In a situation like this, an expert can find the answer faster than you'd find the question. Come back in 3 weeks and check around for a distribution set to compile on your favorite OS. For instance, initial release of DooM source code would only compile on DOS with a commercial (Watcom?) compiler, and absolutely would not play sound. But today you can download ZDoom or PrBoom to run on any desktop PC (via SDL, for instance)
We don't have disaster recovery plans for nothing.
Part of the "safe practices" I mentioned.
No firing reasonable people who failed if they can reasonably learn from it is not sensible.
"Punish" can mean many things. The point is, defend yourself! Pay your vendor to defend you, or choose a new one. Don't expect the Feds to make it all OK.
mired in office politics that force them
In that case, those office-politicers doing the forcing are the ones whose jobs should be endangered.
. Bear in mind that the defenders have to take care of -every- vulnerability, while the attackers (dolts) have to just find one vulnerability - basically, it's worlds harder to defend than to attack.
Yes, that's the Fundamental Offense-Defense Inequality, which has diverse applications from warfare to philosophy and futurism ("psychohistory" - Asimov).
Trivially provable for simple domains- for a size N change to a target, there are N*N ways to break it, but only N to maintain it's status. In the physical world, N is measured as the amount of kinetic energy you can deploy ("War is just the directed exchange of kinetic energy" - Adam Selene). This gives an interesting result for the nature of warfare across history: As technology increases so does our ability to output kinetic energy, and by the (N*N - N) equation, our ability to inflict harm will progress much faster than we can learn to block it.
Thus a simple math formula predicts the Mutually-Assured-Destruction scenario which occured 50 years ago, and also suggests that the "National Missile Defense" program of the US administration will not be successful.
care of -every- vulnerability
Naturally 100% security (of anything!) is impossible (cheap trusim). Its true that can't close every vulnerabilty- for a sufficiently broad definition of vulnerability (such as wasting a secretary's time). But for those vulnerabilities which are significant (violate your privacy, redirect funds, extended DOS), you need to try to close them somehow. You can try technological means, or you can recruit armed guards (in the form of legions of police officiers)- neither will be 100% perfect, but either will help in some circumstances.
Outlawing something won't stop it from happening. At best it may reduce the incidence. So the question becomes, which approach will be cheaper? Physical force, or technical control? You need a some of both, of course, but which will be most cost effective? Which will be scalable to an eventually enormous number of internet users around the world?
I say the technical approach is more scalable. Secure software can be written once and infinitely replicated. (There's custom configuration needed too, but as time goes by it will become more well known and thus cheaply replicable). Cost is proportional to the number of kinds of systems in use (much lower than the actual number of systems). In 50 years, the software needed to secure (the vulnerable parts) of 99% of all business software will be commodotized and cheap (eventually its copyright will expire).
But for the physical approach, you need to have a X number of police officers for every 1000 humans on the planet, and Y district attorneys and Z jail cells also. (In addition to what you need for fighting traditional crimes). Costs proportional to the number of potential offenders. As a long time passes, it won't get cheaper. Retiring personnel will need to be replaced, and the population will keep on expanding. This sounds much more expensive than technological security measures, especially in the long run.
The number of potential offenders (all of humanity) is much bigger (>>) than the number of potential targets (remembering that identical kinds of computer systems count as one). Therefore, physical protections for our computer systems will be inherently more expensive than technological solutions. Any short-term actions (more stringent hacker arrests) which undermines the deployment of tech. fixes will threaten our future.
And when I write my congresscritters about how I'd like to see things handled, that's influence.
Yes, I have some influence. And I'll push for a computer solution to a computer problem. Seems like you'll try to cancel me out, oh well. I didn't have much hope anyway, these humans are too driven by emotion to see the big picture.
So I'm being a techno-optimist here. The rules of the computer world are artificial, defined by humans. The only limit to our control of the computer world is our ability to understand it- so far we change the cyberworld faster than we can catch up. But if we were, say, to define a specific subset of high-value operations (money transfers, personel privacy, encryption) as being fundamental towards future security, we could "feature-freeze" the software we use, and eventually study it so closely that it can be proven exploit-free.
That's a utopian vision, but it is partially attainable (and more feasible than creating a 3:1 cops:citizens ratio for round-the-clock physical enforcement). Partially attainable, that is, only if we decide to go that way, and really invest in securing our computers. Allowing system administrators to say "We were attacked by a criminal, it's a police matter, there's nothing I could've done to stop it" won't bring us down the right road.
Instead, it will supress outbreaks of computer intrusions long enough for the developed world to become 100% reliant on digital systems for day-to-day distribution of water, power, and food. Then you'll get a handful of kamikaze whackos with no fear of mortal punishment, and the age of cyber-terrorism will really begin.
some hackers really are hackers.
All hackers really are hackers. "hacker, n. A person who operates a complex system in a manner inconsistent with it's designer's intent."
mistake you've made in your claims about me
You're the one who admitted to have been repeatedly 0wned. If you were exaggerating, then so was I.
(rather obvious, really)
Maybe it was obvious because it was a generalized attack against a whole class of inadquate administrators. "You" is also a plural word, remember.
Genital mutilation aside, I agree that punishing the bad sysadmins will usually be more productive than searching for hackers to punish instead.
However, there's 2 ways to punish the sysadmins: active or passive. The government can actively seek them out and torment them. This will create lots of police, lots of trials, lots of licensing buearacracy and circular fingerpointing to pass along shared guilt. The practical, legal, and constitutional barriers are enormous.
Or there's the "passive" punishment. Sysadmins have customers, and customers want to see someone get blamed for security failures. If they don't see the government punishing a hacker for it, they'll eventually start punishing the sysadmins on their own. (Either by simple withholding of money, or more medieval approaches)
Everytime some idiot joyrider breaks into one of our systems
Everytime that happens, it means YOU failed to do your job of maintaining security. Be happy that you only have to wipe up a little mess, instead of getting fired like your incompetence deserves.
Maybe the failure came when the wrong product was selected, or when something was installed wrongly or incompletely- but someone in your organization caused the vulnerablity, and the boss should be free to put him on trial for it.
Am I "blaming the victim" here? Yes, but that's the only approach that will be productive. You can't ask the entire human population to respect your machines- you've got no influence with them. The only way to attack the problem is via the people your boss does control: his employees. Tell them to buy secure systems and use safe practices, and punish them when they fail.
Like many people, I don't want to see new laws created to cover every time someone uses a computer for some $CRIMINAL_ACTIVITY which was already illegal by itself.
However, there's a real limit to how far analogies can take you. We can't just say "it's like vandalism / theft / graffiti / spying / workplace disruption / copyright infringment" and expect applying the equivalent punishments to produce the best results for our society. There are ways that internet-based activities are completely unlike anything that's come before.
Lets focus on just one of the most important differences between "cyber-crimes" and the old-fashioned physical variety: it's now possible (and easy) for the victim and perpetrator to be in different jurisdictions when the offense is committed.
During the early popularization of the internet, most users were in the US (or its servant-states like the UK), so often enough the vic & perp were under the same set of laws. The FBI was able to haul in domestic hackers like of Cpt. Crunch, Bob Morris, Mitnick, and later Mafiaboy. (I think Jaegar was a notable exception)
But is arresting those guys really the best way to protect the US economy? The US government is using guns and handcuffs to protect US businesses' computers from tampering- can we expect that defense to remain viable in the future?
Physical force is not a lasting solution to an electronic threat
(It's like "security through obscurity"- it will work at first, and is easy to implement. But someday the enemies become experienced enough to circumvent that defense, and by then you need real protection)
Threat of arrest only works on perpetrators inside your jurisdiction. "Cyber-Crimes" can be performed by anyone with a PPP stack- which is everyplace with reliable electricity. The US has a powerful law-enforcement/military presence, and with extradition treaties can bump up their effective jurisdiction to cover a majority of the earth's landmass. (Although with reduced precision in the less-friendly or less-developed nations, or where local cops are too busy with violent crimes to go hunting down script-kiddies)
What about nations that are downright non-friendly?
If a Canadian teen can inflict billions of dollars of economic damage in 3 days (and only be caught after public bragging), what about government-sponsored agents in "The Axis of Evil"? Suppose China takes offense at "US imperialists", and assigned 200 CS PhDs to build innovative DOS strategies for e-commerce sites?
Unless we can rely on forming a durable "Pax Americana", with a single organization enforcing a uniform law code across the entire planet, there will always be places for hackers to hide beyond your reach. (The Bush administration wants to create such an empire, but they will fail.)
I would argue that so-called "cyber-terrorism" hasn't happened yet, and will never be a major concern (the small number of computer-operated systems capable of producing enough violent damage to evoke "terror" will be heavily protected, with much redundancy and human oversight).
But "cyber-economic-warfare" is a real risk in next 20 years, and so far the US government has been allocating serious funds to make the problem worse when it starts to hit.
All of the FBI efforts to strongarm and incarcerate computer pranksters is just reducing our resisitance to the eventual onslaught. The government subsidizes insecure software by arresting people who break it, relieving the developers from fixing their own products. Microsoft might not publish such dangerously insecure systems if they faced the traditional punishments that the free market unleases on inferior products.
Let's privatize computer security! Save tax dollars, and increase effectiveness at the same time. We could reduce the penalty for "hacking" type crimes (or DOS) to the magnitude of a traffic ticket. (Teens cannot commit them with impunity, but companies can't rely on arresting offenders as their sole defense).
(Naturally, using "hacking" perform any real crime- unauthorized fund transfer for instance, or copyright infringment- should be punishable just like that crime by itself)
He asked who rendered the avatars, not the habitats. You're not really disagreeing with him (or at least, your statment doesn't necessarily have a conflict).
From both of your descriptions, it seems that objects are rendered on the box that contains them:
* Avatars are rendered on the (public) terminal where the operator is seated, then transmitted to viewers.
* Habitats are rendered on the centralized server that hosts them, then transmitted to viewers.
In both cases, the image quality of an object is determined by the CPU resources of its creator.
The trucks wouldn't be reconfigured very often, crews would be assigned to the same vehicle for long periods. Not many will be idled.
The cost savings comes from using the same replacement parts (and mechanic training) to keep all 8 of those configurations maintained.
(The same principle is at work in the JSF, which comes in different AF/Navy/Marines configurations, but on the same airframe)
Um, Stingers are anti-air weapons, ok? This truck doesn't fly (yet).
(Sure, a Stinger has enough power to destroy it. But so would a $2k LAW)
And just like he said (marked with an *), corporations spend a big percentage of an employee's wages in other costs to support him: giving him tools, a desk, a roof and heat/AC. Plus administrative support, and a little left over for corporate profit... and if not doubling the price, it's climbing upwards.
(we *did* kick ass in afganistan, _but_ with the help of the Birts and Canadians)
With the help of the Afghans, really ("Northern Alliance" they called them). They supplied the men on the ground, 99.99% of the force, and 100% of the people who got shot (until 2 months had gone by, and anything resembling a "war" was already done)
The US put up some bomber pilots, and occasional SOF spotters.
We only viewed the war as easy because it wasn't our guys charging on horseback to get chewed up by AA fire.
Yes, but a vehicle with high mobility and lots of supressive firepower (an M60 on the back) will be less likely to find an RPG targeting it at all.
The new truck looks like strictly behind-the-lines support (either C&C, ELINT/COMINT, or launching a handful of smart missiles at BVR targets).
Probably just an Anti-Personell mine. AP mines have a pale fraction of the power in an anti-tank mine (which are too large for most humans to carry).
Pieces of HMMVW would rain a kilometer away if it parked on an AT.
(Still, it is important for light, infantry-mobility vehicles to have some survivablity too)
There's so much wrong here, I won't go through it all. Just the first complete error/lie:
1.) The Crusader is a smaller system then the current Paladin system that has been in use since around the 1950's. Yes we are talking the 1950's
First, the word is has no place after "Crusader", which is a purely hypothetical machine that has never even been prototyped. (A non-drivable gun doesn't count)
Second (as it says on the page you link), the Crusader was initially planned for 60t, although the designers slimmed it down to 38t once it was clear they were going to be cancelled. But the Paladin is 32t! Which one is "smaller" again?
Most of the strongest objections to the Crusader system were made towards the 60t proposal(it looks a lot more reasonable if you believe that it could get down to 38. But that's such a drastic change, I'd hardly call it the same system). Such a massive platform would have dismal, dismal ground mobility. It can't cross a river, bridges would rarely hold it. Fuel consumption like 10 gallons per mile for both the gun and the ammo-hauler would require 5 fueltime trucks just to keep it in gas.
Logistically it would never make sense, even the smaller version is barely worth it. It's like this: do you use a constant stream of large, slow, vulnerable propeller aircraft to land Crusaders, munitions, and fuel 30 miles short of the target, so they can scatter shells around a position the target was reportedly located 10 minutes ago?
Or just use a constant stream of F-18s to carry iron bombs directly ontop of the enemy, allowing each pilot to eyeball the target before unloading on it? There's no real need to use a whole separate system to for the last leg of the "power projection" journey.
Artillery can only be deployed if you have secure ground adjacent to the enemy. To secure that ground, you've either got to drive in from friendly terrain (a long trip, if there even is any friendly country nearby), or use strong air-power to secure the LZ. And if you've got strong air-power, you may as well use it to prosecute the rest of the enemy targets while the ground-forces are unpacking. And the way US air-power is shaping up, by the time the artillery has fully set up, they won't have any targets left.
direction control) The Crusader has proven to also be more accurate in shooting as well.
The limiting factor in US military firing isn't accuracy of shooting, it's accuracy of targeting Yes, it would be way cool if a Ranger could sight on a hostile tank column, squeeze a button on his OICW and instantly upload imagery and coordinates to a Crusader that launches a MLSI (Multiple-Launch Single Impact) barrage that lands 20 seconds later.
But that means 2 expensive ground assets, which while prehaps very tough, can't fly and are thus vulnerable to counterattack and slow to redeploy against new targets. More realistically, we'd just have a UAV that flys for 72 hours at a stretch call in a flight of F-35s from offshore to detonate a single AGM on each tank.
Sure, there are situations were you'd value the standoff ability of the Crusader- that they, unlike a plane, can hold position near the enemy for weeks on end and instantly start firing if the targets begin advancing. But the low chance of the US ever getting into a situation like that, the inflexible deployablity of heavy artillery, and the cost of developing yet another unproven high-tech system
This comes from someone who use to be in the Field Artillery and also lives 10 miles from the Field Artiller Training School for the Army.
Good of you to reveal your bias. Having invested your military career in artillery, you don't want to percieve it as a waste. Thus you'll optimistically assume that your training was worthwhile, and there will be a place for artillery on the future battlefield. Projects which reinforce this view you support- others can be ignored.
Cavalrymen felt the same way in 1915- they mostly got machine-gunned.
Artillery crews in 2015 will be luckier- they'll mostly just get bored.
I mean, at one point the Aztecs had a little party where they had 86,000 human sacrifices in 3 days, killing more people per minute than the Nazis ever did on a good day.
86000/3 = 29000 daily, eh?
The European Axis did 10,000 daily, so that one (alledged*) mega-death incident is less than their average week. With an uneven rate of killing, it's very likely that Nazis occasionally did triple their average on a "good day".
In WWII, the US twice accomplished 40,000+ killings in a single day. (With a peak rate of 11,000 per second)
Between the Aztec losing control in 1519 and 1530 the population of Mexico went from 30 million to 6 million, so in that time there was a sustained death rate of 6,000 daily. Smallpox humbles the fiercest works of man.
* I've never read of Aztecs killing more than 20,000 in a year, and even that sounds exaggerated.
An EDL doesn't have to be spread on a p2p network or through email. Under present US copyright law, the EDL is probably not a derivative work.
Yeah, but even if its legal you need some way to spread it around. Those or an http-server might be equally good, as long as the media-player can eventually get the ability to search the net for matching EDLs as soon as it begins queuing up the video.
However, I'm afraid that if anti-commerical EDLs ever start to put a dent into revenues, MPAA lawyers will argue "The EDL could not have been created without use of our work, it is in essence replicating creative editing choices made by our hard-working artists as they selected the most effective points to insert hard-hitting, thought-provoking sponsor messages. Your site must desist immediately, or face triple-damages in court"
play CMX EDLs of every enthusiasts's alternate edit of TPM, Memento and the Matrix.
To be impossibly optimistic, maybe someday TV producers (not "network" middlemen") will publish say 65 minutes of footage for an average 48 minute program. They'd include 2 or 3 precreated EDLs (G and PG-13), but fans would be allowed and encouraged to create their own.
Just as long as anyone who wants to view a remix is going to pay the publishers to download the original content-blob, they should be happy with the financial arrangement.
(I'd like to see some TV series like X-Files or Babylon 5 get compressed into 5-part miniseries, for instance)
Your assumption that when a source of high quality digitized video appears, a tool to play the video using an EDL will magically appear also is wishful thinking
It might not happen instantly. But the more popular high-quality entertainment videos with embedded advertisting becomes, the greater the incentive to create one. (Of course players already exist, but there's an ease-of-use barrier blocking most users. Price too.) But at some point a "Napster moment" will take place, as one developer releases a program that makes applying a popular EDL brain-deadeningly simple.
(Note that anti-commercial EDLs might not become overwhelmingly useful until there's been some back and forth between media players with 30 second skip software and the publisher's counterattack, which will be to decrease the regularity of commercial lengths, or to place ads on the edge of the screen while content plays. A more advanced EDL format could address the latter, too, by selecting only certain rectangular portions of the screen for viewing.)
(An additional EDL-countermeasure publishers could use would be to release multiple versions of videos, with commercials lasting for different durations, or invading different sizes of the screen. But that would merely force a more elaborate mapping between the video you have and the EDL you need to clean it up. Again, like cddb)
Yes, copyright already makes infringment illegal, but personal violations are hard to enforce.
However, the DMCA adds onto it by creating a super-broad definition of "contributory infringment", allowing the FBI to target the 10-20 hackers who post messages describing how to copy the shows. Otherwise the cops would be stuck trying to arrest millions of people doing the actual copying.
The TV networks can't feasibly hope that an armed police response to copyright violators will protect their profits streams- there's just too many targets. But pilloring a few people for DMCA infringment? That might work! (As long as their defense attorneys fail to argue the "no-circumvention" exception described above)
Yes, if CBS offered commercial-laden downloads on p2p, (without deploying any imaginative new impediments) they'd become the vastly preferred download source.
In comparison to random tivo-rippers, they'd have superior timeliness, audiovisual quality, and legality (the viewers can sooth that tiny pange of guilt that plagues them today).
The TV networks might even arrange some formula to inject p2p downloads into their Nielsen computations, so their income can proceed as usual.
However, if this happens, their profit model will immediately face a new menace: "virtual copyright infringment". Some hackers will create/modify a software MPEG player so that it applies a simple EDL (Edit Directive List) to the video as it plays.
When following an EDL, a player doesn't read through the stream linearly from start to finish. ("Begin at the beginning, and go on to the end. Then stop"). Instead it may start playing 15 seconds in, then pause after 24 seconds and skip ahead 30 seconds before continuing, etc. Using an appropriate EDL, you could for instance watch a PG-13 edit of an R-rated DVD.
Or, more worrisome in this scenario, you could skip over the commercials of a recorded TV program.
So what will happen eventually is that the first few viewers to download a TV show will create a list of commercial start/end times when watching the show (just tap a button when viewing it for the first time) and then dissemenate a no-commercials EDL far and wide.
The EDL might be spread on a p2p network, or ftp site. But it's such a tiny file that you could easily transmit them through (mass?) email or IM instead. If the EDLs have a naming convention based on the authoritative filename used when the TV network released their show, then the viewer's process could be automated even more: when you start to play an official MPEG, the player hops onto Morpheus and searches for an EDL matching the commercial breaks for the video in question. (rather like the CD-audio database)
I could go on and discuss possible countermeasures (technical, legal, or creative) to the threat of EDL and virtual-infringment, but you get the idea.
You're dead wrong. If one employee of a company copys a program for another, she's just distributed it. That definition holds in both the English language, and courts of law. Even though corporations are in certain situations treated like a single entity, Intellectual Property law isn't one of them.
Can AOL buy a single copy of Microsoft Office for all of their employees?
No, that would violate copyright.
Can AOL modify OpenOffice.org (LGPL) and give it to all their employees?
No, that would violate copyright too.
First they'd have to agree to the LGPL, which means they'd have to give every recipient (each employee) permission to take a copy home and post it on their webpages.
The (L)GPL doesn't require you to publish changes you've made for all the world to see. However, if one of the people you've given it to (an employee) decides he wants to spread it far and wide, you've got no recourse to stop him. (Besides the threat of firing. Which may be effective, but illegal)
No, in the US at least, there are no copyright expirations right now. In 1975 there were, when materials published in 1921 were expiring and becoming Public Domain. But in 1976, copyrights got 19 years added onto them. So everything pre-1923 had expired already, but things published afterwards wouldn't start expiring again until 1997.
There was a brief period of renewed PD growth, but then copyrights were retroactively extended again. So now we can wait for 2018 for the next work to expire.
And that's assuming Congress doesn't roll it back yet again.
(The "strange" part, of course, is the surprised feeling a USian gets upon noticing entire planet doesn't suffer the same laws quite yet. A situation the RIAA will surely rectify, if the MPAA doesn't beat them to it.)
(My dates may be off by a year here or there, but the principle is the same. Here's an informative anti-copyright extension page that only has vague chronology)
After the Vorbis guys released the free integer Ogg codec, you no longer need to buy tkcPlayer to get mobile ogginess. The Linux standby XMMS and also Opie Player can play them on a Zaurus (and probably some Ipaqs too).
Even a higher-end Palm can run Vorbis software too.
Yeah, but the point about "no additional software" is that they don't have the resources to go around modifying all these existing games to output 2 pictures with 9 cm displacement between them. The games just output a list of triangles, based on viewing from a single camera position.
At some point Sharp has to slip in a modified driver which will produce the separate left_eye and right_eye images based on the 3d geometry the game wants to show. It'll need to know depth info so that the polygons can be given a horizontal displacement inversely proportional to their distance from the viewer. (A far-off tower looks the same from each eye, but a hand in your face has two detectably different images)
The existing stereoscopic 3d glasses also need a different image for each eye, and I assume they're generated the same way this Sharp monitor will.
Chances are they'll try some hacks in the Direct3d driver to guess at the Z values of onscreen objects in games. (Most likely, just reading the depth-buffer values that games use for hidden surface removal).
There is already a line of 3d glasses which will supposedly work with any game running on an NVidia card.
Given Sharp's emphasis on "3D without special glasses", the effect produced is probably similar to that existing product (but integrated into the monitor, and not as separate glasses)
You omitted the important part:
A second octopus was allowed to watch through a window. When given a the same (refilled) jar herself, it took even less time to open.
Thus, octopi have demonstrated the ability to learn without first-hand experience. (A feat beyond the grasp of some primates)
I hope you're not just trying to play the game for free. You can already download a demo version with 20% of the levels and 90% of the weapons. The source code won't get you the rest, you'd still have to find the datafiles to enable them (such as from the full version of the game).
Getting this to work will probably be harder than you're expecting. Looking at the history of commerical FPS released as GPL (Wolf3d, DooM, Quake, Quake2), there'll be a lot of work needed to just make something compile, and then more work to get the colors, framerates, and file-locations right. The companies consider it a favor that they're releasing code at all- spending extra time writing updated directions isn't likely to be on their agenda.
Your surest bet, honestly, is to wait for someone else to solve those problems. In a situation like this, an expert can find the answer faster than you'd find the question.
Come back in 3 weeks and check around for a distribution set to compile on your favorite OS. For instance, initial release of DooM source code would only compile on DOS with a commercial (Watcom?) compiler, and absolutely would not play sound. But today you can download ZDoom or PrBoom to run on any desktop PC (via SDL, for instance)
Yes, I remember, but the program was really named "copywrit". MS-DOS only permitted 8 characters, you know...
Although anything beyond the first 8 would be ignored by command.com, so you could type the full "copywrite" if you preferred.