Do you need a tissue, noob? Why hasn't this gotten thrown out of court already, it's absolutely rediculous.
Why don't you print out the caselaw that states that you can sue someone for not getting mad at someone else for calling you names, take the papers and dry your tears.
The data is retrievable from the iPod, even the music. It's in a hidden directory, and the song files are hashed into directories in seemingly random order. So it's hard to say, pull off a whole album, but it's definitely possible. There are also apps that can automate this process for you.
It seems that they don't actually find a way to make the iPod play RealAudio, they just wrote a Real --> AAC converter, FairPlayed the AACs (it's not that hard, folks) and stored them in the appropriate place on the iPod disk, updating the database appropriately. So you're getting doubly-compressed audio. The only advantage here is user choice over music store, which frankly, as a huge Apple/iTunes/iPod fan, I'm all for. Buy your music from wherever you want.
So all they reverse engineered is how FairPlay finds keys to do AES?
Why should we need a semi-colon to end a statement. The line feed should be enough.
Why should we need a closing brace. Cannot the compier SEE that it is the end of a block simply because the indenting is different?
This must be why all those folks love Python... I get it now...
An acquaintance of mine discovered some PHP vulnerabilities in my school's CS website. It was your usual $include from a GET variable crap. Horrible coding. So he published his results, not to the webmaster, whose email address is available on the website, not to the faculty, but to the CS Undergrad mailing list. He also mentioned his website, HackThisSite.org, which had recently been made an ACM project. As a result, he was kicked out of the ACM chapter and of the College of Engineering. He remains a student of the university, but he ruined his choice of major...
I have to support the decision made by the administrative folks. Pointing out vulnerabilities and how to fix them is one thing. Pointing them out and showing how to exploit them to a large, relatively untrusted population is quite another. I mean, I ran his POC code that showed a directory listing... I imagine others did the same. I also imagine others probably wrote their own code and ran that. He had www access to the server.
I'm all for finding vulnerabilities. I think if he had handled it better, he would have been touted as almost a hero and not some malicious kid. But he didn't.
An acquaintance of mine discovered some PHP vulnerabilities in my school's CS website. It was your usual $include from a GET variable crap. Horrible coding. So he published his results, not to the webmaster, whose email address is available on the website, not to the faculty, but to the CS Undergrad mailing list. He also mentioned his website, HackThisSite.org, which had recently been made an ACM project. As a result, he was kicked out of the ACM chapter and of the College of Engineering. He remains a student of the university, but he ruined his choice of major...
I have to support the decision made by the administrative folks. Pointing out vulnerabilities and how to fix them is one thing. Pointing them out and showing how to exploit them to a large, relatively untrusted population is quite another. I mean, I ran his POC code that showed a directory listing... I imagine others did the same. I also imagine others probably wrote their own code and ran that. He had www access to the server.
I'm all for finding vulnerabilities. I think if he had handled it better, he would have been touted as almost a hero and not some malicious kid. But he didn't.
If copyrighted material is put on media, there has to be some way to put it on... do we ban recording studios because they can record something copyrighted? Ban cameras? Ban the telephone? Nirvana recorded a demo on an answering machine once... it's possible. Ban 'em.
Obviously, this is rediculous, but where is the line drawn? There are plenty of legitimate uses for DeCSS. I'd like to be able to bring a FireWire hard drive around with my DVD collection, but that's illegal.
Kind of. Not really. Machina II (The Friends and Enemies of Modern Music) was, as the parent said, pressed to 25 vinyl copies and given to family, friends, and members of the community. A few radio stations got them, with instructions to play it in its entirety if they so choosed. A few members of online SP communities also recieved copies in order to promote the online distribution of the album. Very few non-mp3 sourced copies of it are available... I've yet to get my hands on one.
But as several people have said, only a few songs from Machina II ever ended up on commercial release - those were included on the second disc of the SP Greatest Hits compilation, called Judas O.
For more complete information, check here. For a copy of Machina II, try SoulSeek. There's an SP hub on Direct Connect, but they're kind of bastardly about letting people on.
...not necessarily self-modifying, but at least self-upgrading. For instance, imagine a system that is part of the "societal infrastructure." This system is running a database... we'll assume for the moment that it's MySQL. MySQL releases a new version. The database (either automatically or at the DBA's request) patches the running binary. There is a short delay of lag while the caches are repopulated, and then the new version is running. Perhaps a "checkChangelog()" function is called, reading a machine-readable changelog to determine if there's any changes to input/output/config files that it needs to know about... no downtime, no kill -HUP, nothing.
What about gnutella, Poisoned, mlnet, or any other number of GPLd P2P apps? Obviously this would make it illegal to make a profit off them, but what about when there's no profit to be had?
kick 'em off the network. That's what the network guys at my school did, and within a week, we were essentially Blaster-free. They distributed CDs with fixes for the worms, as well as instructions to turn ICF on. A week later they started banning anyone trying to remotely reach RPC ports. Worked like a charm. People think "oh, I don't have a virus, I don't need to patch." Kick em off, it'll learn em.
naim and btdownloadcurses.py are probably my favorites, especially when used with screen. Because when I'm home from school, I can leech my parents' lack of bandwidth caps to up my share ratio on bittorrent trackers.
Slackintosh is dead as of today. Slackintosh was a port of Slackware to the PPC, specifically Macs, by simply recompiling Slack packages from source.
If anyone is interested in taking this project, I would love to help. I don't have the webspace, but I'm willing to do the porting, and get Slack 10 into PPC form. If you're interested email me: jlongs2@SLACKuic.edu minus distro.
used a pencil/paper Risk-style game to simulate the colonization of Africa, and the partnerships between the English, French, and Dutch. It worked out really well, and I think if it had been a video game, it would have only speeded up the process, so that we would have done more. Seems like a good idea to me.
While you might not be able to play Tetris or send email with Visual Studio (or maybe you can - they did, after all, put a flight simulator in Excel!), you also can't visually design a GUI with Emacs!
Maybe not, but you could write an Emacs Lisp module that would let you, and if you submitted it, it would likely be included in a subsequent version of Emacs.
Clickthrough EULAs have never been held up as legally binding in court. Microsoft simply has the money to back it up.
If I wrote an operating system, and a business used it, and it had bugs which caused loss of data... the lawyers for that business could probably force me to pay (out of court) by sheer quantity of funds, regardless of whether or not they had agreed not to sue in an EULA.
For another example, Mike Rowe (of MikeRoweSoft.com fame) had every legal right to register the domain name mikerowesoft.com. M$ didn't like that too much. He ended up being payed $10k for the domain name. If this had gone to court, Mike's rights to the domain name likely would have been held up. However, he chose to take the money and not go through the costs and hassle over a $70/year domain name.
Law only comes into play in a civil matter when both sides cannot reach an agreement out of court.
Slashdot Mirror
I thought I knew you, man.
to 0wn j00r w1nd0wz b0x.
Why don't you print out the caselaw that states that you can sue someone for not getting mad at someone else for calling you names, take the papers and dry your tears.
Mod me flamebait, I don't care. This is too far.
What /.er has 50 CDs? I have hundreds of audio CDs... probably 50 software CDs, and probably 200 data CDs of random crap.
Point and click is not necessarily intuitive. As Bruce Ediger said, the only intuitive interface is the nipple. After that, it's all learned.
The data is retrievable from the iPod, even the music. It's in a hidden directory, and the song files are hashed into directories in seemingly random order. So it's hard to say, pull off a whole album, but it's definitely possible. There are also apps that can automate this process for you.
So all they reverse engineered is how FairPlay finds keys to do AES?
Why should we need a closing brace. Cannot the compier SEE that it is the end of a block simply because the indenting is different?
This must be why all those folks love Python... I get it now...
I have to support the decision made by the administrative folks. Pointing out vulnerabilities and how to fix them is one thing. Pointing them out and showing how to exploit them to a large, relatively untrusted population is quite another. I mean, I ran his POC code that showed a directory listing... I imagine others did the same. I also imagine others probably wrote their own code and ran that. He had www access to the server.
I'm all for finding vulnerabilities. I think if he had handled it better, he would have been touted as almost a hero and not some malicious kid. But he didn't.
I have to support the decision made by the administrative folks. Pointing out vulnerabilities and how to fix them is one thing. Pointing them out and showing how to exploit them to a large, relatively untrusted population is quite another. I mean, I ran his POC code that showed a directory listing... I imagine others did the same. I also imagine others probably wrote their own code and ran that. He had www access to the server.
I'm all for finding vulnerabilities. I think if he had handled it better, he would have been touted as almost a hero and not some malicious kid. But he didn't.
Obviously, this is rediculous, but where is the line drawn? There are plenty of legitimate uses for DeCSS. I'd like to be able to bring a FireWire hard drive around with my DVD collection, but that's illegal.
But as several people have said, only a few songs from Machina II ever ended up on commercial release - those were included on the second disc of the SP Greatest Hits compilation, called Judas O.
For more complete information, check here. For a copy of Machina II, try SoulSeek. There's an SP hub on Direct Connect, but they're kind of bastardly about letting people on.
...why the TV starts buzzing a couple seconds before my phone rings?
s/Mach/Warp/g; and we'll be fine :)
...not necessarily self-modifying, but at least self-upgrading. For instance, imagine a system that is part of the "societal infrastructure." This system is running a database... we'll assume for the moment that it's MySQL. MySQL releases a new version. The database (either automatically or at the DBA's request) patches the running binary. There is a short delay of lag while the caches are repopulated, and then the new version is running. Perhaps a "checkChangelog()" function is called, reading a machine-readable changelog to determine if there's any changes to input/output/config files that it needs to know about... no downtime, no kill -HUP, nothing.
And turning to the 3D graph, we see an inmistakeable cone of ignorance.
What about gnutella, Poisoned, mlnet, or any other number of GPLd P2P apps? Obviously this would make it illegal to make a profit off them, but what about when there's no profit to be had?
kick 'em off the network. That's what the network guys at my school did, and within a week, we were essentially Blaster-free. They distributed CDs with fixes for the worms, as well as instructions to turn ICF on. A week later they started banning anyone trying to remotely reach RPC ports. Worked like a charm. People think "oh, I don't have a virus, I don't need to patch." Kick em off, it'll learn em.
naim and btdownloadcurses.py are probably my favorites, especially when used with screen. Because when I'm home from school, I can leech my parents' lack of bandwidth caps to up my share ratio on bittorrent trackers.
If anyone is interested in taking this project, I would love to help. I don't have the webspace, but I'm willing to do the porting, and get Slack 10 into PPC form. If you're interested email me: jlongs2@SLACKuic.edu minus distro.
Seriously, Apple, I love you, but what were you thinking there?
used a pencil/paper Risk-style game to simulate the colonization of Africa, and the partnerships between the English, French, and Dutch. It worked out really well, and I think if it had been a video game, it would have only speeded up the process, so that we would have done more. Seems like a good idea to me.
Maybe not, but you could write an Emacs Lisp module that would let you, and if you submitted it, it would likely be included in a subsequent version of Emacs.
If I wrote an operating system, and a business used it, and it had bugs which caused loss of data... the lawyers for that business could probably force me to pay (out of court) by sheer quantity of funds, regardless of whether or not they had agreed not to sue in an EULA.
For another example, Mike Rowe (of MikeRoweSoft.com fame) had every legal right to register the domain name mikerowesoft.com. M$ didn't like that too much. He ended up being payed $10k for the domain name. If this had gone to court, Mike's rights to the domain name likely would have been held up. However, he chose to take the money and not go through the costs and hassle over a $70/year domain name.
Law only comes into play in a civil matter when both sides cannot reach an agreement out of court.
Imagine a Beowulf cluster of these!