The only thing that worries me about this whole thing is resale.
I like to buy second hand games, I occasionally like to be able to sell them, or loan them to friends, or whatever. Much like with books. Steam doesn't really do that AFAICT.
It was a very short game, and the DLC was available from day1, completing the game. IIRC the original game was pretty low priced though, so instead of looking at it as being ripped off and getting nickel-and-dimes for the full game, you could say that they were offering a half-game for half price and you could buy the rest if you liked it.
I'm not sure, this is a big grey area. When am I not getting a full game I've paid for? When am I genuinely paying for extra content? How long *should* a game be?
That stuff should only be relevant if they alter it and then try to resell it as a genuine Kinect... IMHO. Tampering implies deception, or messing with something that doesn't belong to you.
Trade secret violation is a non-issue. Licensing is also a non-issue with hardware you bought. Patents... seriously, how could patents apply here?
MS has no more grounds to sue on a hardware mod than on a software driver. I acknowledge that that wouldn't necessarily stop them trying it on though.
"If the hacker only released a driver that works without altering the Kinect module in any way, MS can say what they want but they don't have much legal standing."
Why the hell would they have any standing if he did alter it? It belongs to him, not MS!
Hell, he could pull it apart, rewire it, reflash things...
What the hell happened to I bought it, it's mine ?? If I want to use it as a doorstop I will, if I figure out a way to cannibalise a sensor in it for some other purpose, I will. If I want to paint it green and shove it up my arse, I will.
I'll leave you in charge of the communication and education campaign so that John Q Public gets the message reliably then!
'cos some of them are only just figuring out that seeing https in the url bar is a good thing, let alone any of the other indicators their browsers show them...
It's true, unless you personally vet and keep track of the authorities your browser allows, it's not perfect. But I don't think I really see much benefit from allowing self-signed stuff more easily, particularly when an unauthenticated certificate could be the indicator of an attack, and if people start getting used to them then others will start abusing that trust. Now perhaps if you walked into starbucks and they gave you a cd with something a cert to install into your browser....
Yeah, that's a recipe for disaster and malware too. Hmmm.
Well, given that it takes a tool of some sort to do it in the cleartext situation, and a much more complex tool in the encrypted situation -
I'd say it's more like you used to have a door that could be opened with a crowbar, now the door's reinforced and you need a number 3 lockpick, possibly a number 4 as well.
Actually I'm still not happy. Trying to find a simple analogy to a situation where the information is thrown around in the clear but it requires some knowledge and a special tool to access it... It's like you need a screwdriver to open the already unlocked door, and now you... Hmmm. How about -
Or two people shouting in the street, except they're shouting in french.... no this one isn't going anywhere either. Damn!
So what if we had an authenticated wireless system (similar to SSL or SSH) using signed certificates? It pushes the processor requirements in a WAP up a little, but isolates users from each other.
I think there are ways to do this sort of thing but at present they're complex and enterprisey...
"It's taught people to think that insecure browsing is safer than SSL with self-signed certificates."
Look at it this way - someone sees the 'https' and thinks it's secure, so they do their internet stuff over it, potentially with sensitive personal or financial data.
Is it secure? Is it bollocks. MITM is perfectly possible. To the extent that in our arms-race-at-starbucks scenario where the hacker has done his ARP spoofind and DHCP, you just add an MITM proxy for SSL connections. Done, your self-signed certs are now useless.
Self-signed == no authentication == no security. UNLESS the private cert or cert authority public certificate is distributed first and in an offline manner.
"And if the wifi were encrypted, I would not also have to worry about my fellow cafe' sniffers.
So is that first hop encryption a complete solution? Nope. Anyone between the wireless router and facebook can still listen in. But it'd sure be a hellofa lot better than in the clear."
Except it's not, because there are attacks that allow you to see the data if you capture the handshake, regardless of whether the traffic once you've set up the session is encrypted or not. And there are ways to force the handshake to replay without the user ever finding out. Even with DH there are various MITM, DNS insertion and other tricks that can be done.
Worse than useless I'm not sure, but equal to useless, certainly, because it doesn't stop the other people in the coffee shop from doing anything much they like, they just need slightly more sophisticated tools than firesheep.
The subtext of your post there is that they should be worshipped and revered as a result. Despite behaving like sociopaths, despite (in the case of MS) anti-competitive, harmful actions, despite wasting a hell of a lot of taxpayer cash in the courtroom, despite being involved in the dirty and broken aspects of western democracy....
Yeah, I'd love to have all that money, but it's true that I don't have the instinct to fuck everyone else over to get there. I don't think that's a personality type that the rest of us should aspire to, let alone worship.
Not all of them work that way. Netgear have, in the past, provided a pretty coherent tarball and build instructions. Linksys too. Western Digital more recently have just spuffed out a load of source with a broken build system. That's when you have to go in with the multimeter and the soldering iron to get serial access and try a bunch of things...
If you distributed the product then you have to make available the source (or an offer of the source) to anyone you have distributed it to.
I'm pretty sure that a delivery company is just an agent of another party and thus exempt, and a link further up the chain is also fine. Mostly people will look to the manufacturer, but on a strict interpretation - yes, I would imagine the shop you bought it from is responsible.
Now if it's done correctly you'll buy it from a shop who have handed you a retail pack containing documentation and a link to the manufacturers website (with source) and we're all good to go, no need for more source repositories than the manufacturer themselves. But it needs to come with the details and someone has to supply it.
Wouldn't surprise me at all to see MS throwing its weight around on this matter and attempting to crush this sort of deviant, rebellious behaviour. Not much to be done about that.
I really want to get one of these, but I have no excuse at the moment because my eee 901 is still working perfectly, and I spent a fair amount modding it over the last couple of years.:(
Linux isn't a cheap alternative to windows. Linux is a completely different OS that is FAR more capable and can be customised by the user to do a million and one things windows can't. Some of this is a side of effect of freedom and openness, some is just that it kicks ass. If capability and customisation are not what you're after then maybe it's not for you.
"who wants to be the martyr and take a stand by sacrificing their productivity to deal with an operating system that cannot natively run 99% of software products, has compatibility issues, and bugs up the wazoo due to being a mish-mash of spaghetti code written by unorganized contributors?"
Exactly why I don't use windows, you've described the MS situation extremely well for me. Windows is a great load of conflicting, counter-intuitive weirdness, glued together over many years, full of obscure bugs, incompatible with a lot of hardware.
Linux just works, for me. It may not for you, but I couldn't imagine going back to an MS operating system full time. I keep one around for the odd game.
Somebody at MS got a promotion and a big bonus for the work, I'm sure. They killed netbooks, IMHO. When the windows ones started to come out they were dreadful. Slow, heavy and noisy compared to the flash based ones that came before.
The Toshiba AC100 looks interesting now though. And there's no chance of windows getting on it:)
No, it's exactly what's right. Linux is not ever going to have a "one-true distro", no matter how much you demand it.
If that means that 'ordinary' people aren't going to use it then I can't say it bothers me, not in the slightest.
Hell, 'normal' people aren't even going to install a new OS on their computer, ever. In a lot of ways that makes this discussion completely irrelevant as the people who need to be persuaded are manufacturers and distributors, not users. If the likes of Dell started to offer something like Ubuntu as a Windows alternative across a decent proportion of its range (instead of offering only a few, generally pretty poor machines) then that would help adoption I suppose.
But as I say, it's kind of irrelevant. Desktop linux is awesome for my needs and somehow development has struggled on and improved for 15 or so years.
So what if it's not the year of the linux desktop?
You can already get the Toshiba AC100, and ARM laptop/netbook thing based on nVidia's Tegra platform. It ships with Android but Ubuntu apparently runs nicely already. It's pretty cheap.
ARM have PCI and PCIE bus available as well as a lot of other standard stuff like USB.
Wait, so a distro should do things your way, and everyone else should shut up shop?
I think you'll find that's the beauty of open source, everyone can do it the way they want to. If you can persuade people that your way is the best way then some may join you.
Abandoning 99% of the distros would piss off a large portion of users. Why abandon any of them? If you come up with the perfect interface (TM) then they can all ship it, if it's right for them?
Or are you trying on that old argument that the very concept of a distro is confusing to people who just want the linux on their computers?
Slashdot Mirror
The only thing that worries me about this whole thing is resale.
I like to buy second hand games, I occasionally like to be able to sell them, or loan them to friends, or whatever. Much like with books. Steam doesn't really do that AFAICT.
Yeah! That's where half the game is!
Well, console hacking could easily be caught under copyright circumvention, so I can see how it would apply there. Not so sure on this.
But the IANAL and I'm not American either, so I have no idea!
I thought the DMCA only (only!!) criminalised copyright protection circumvention?
MS would be very hard pressed to prove that there was any sort of copyright law violation here.
I am, as much of the time, willing to be shown wrong here. Did the DMCA criminalise other reverse engineering activities?
Beautiful Katamari
It was a very short game, and the DLC was available from day1, completing the game. IIRC the original game was pretty low priced though, so instead of looking at it as being ripped off and getting nickel-and-dimes for the full game, you could say that they were offering a half-game for half price and you could buy the rest if you liked it.
I'm not sure, this is a big grey area. When am I not getting a full game I've paid for? When am I genuinely paying for extra content? How long *should* a game be?
Meh.
That stuff should only be relevant if they alter it and then try to resell it as a genuine Kinect... IMHO. Tampering implies deception, or messing with something that doesn't belong to you.
Trade secret violation is a non-issue. Licensing is also a non-issue with hardware you bought. Patents... seriously, how could patents apply here?
MS has no more grounds to sue on a hardware mod than on a software driver. I acknowledge that that wouldn't necessarily stop them trying it on though.
"If the hacker only released a driver that works without altering the Kinect module in any way, MS can say what they want but they don't have much legal standing."
Why the hell would they have any standing if he did alter it? It belongs to him, not MS!
Hell, he could pull it apart, rewire it, reflash things...
What the hell happened to I bought it, it's mine ?? If I want to use it as a doorstop I will, if I figure out a way to cannibalise a sensor in it for some other purpose, I will. If I want to paint it green and shove it up my arse, I will.
FFS what's wrong with this planet?
I'll leave you in charge of the communication and education campaign so that John Q Public gets the message reliably then!
'cos some of them are only just figuring out that seeing https in the url bar is a good thing, let alone any of the other indicators their browsers show them...
It's true, unless you personally vet and keep track of the authorities your browser allows, it's not perfect. But I don't think I really see much benefit from allowing self-signed stuff more easily, particularly when an unauthenticated certificate could be the indicator of an attack, and if people start getting used to them then others will start abusing that trust. Now perhaps if you walked into starbucks and they gave you a cd with something a cert to install into your browser....
Yeah, that's a recipe for disaster and malware too. Hmmm.
Well, given that it takes a tool of some sort to do it in the cleartext situation, and a much more complex tool in the encrypted situation -
I'd say it's more like you used to have a door that could be opened with a crowbar, now the door's reinforced and you need a number 3 lockpick, possibly a number 4 as well.
Actually I'm still not happy. Trying to find a simple analogy to a situation where the information is thrown around in the clear but it requires some knowledge and a special tool to access it... It's like you need a screwdriver to open the already unlocked door, and now you... Hmmm. How about -
Or two people shouting in the street, except they're shouting in french.... no this one isn't going anywhere either. Damn!
So what if we had an authenticated wireless system (similar to SSL or SSH) using signed certificates? It pushes the processor requirements in a WAP up a little, but isolates users from each other.
I think there are ways to do this sort of thing but at present they're complex and enterprisey...
"It's taught people to think that insecure browsing is safer than SSL with self-signed certificates."
Look at it this way - someone sees the 'https' and thinks it's secure, so they do their internet stuff over it, potentially with sensitive personal or financial data.
Is it secure? Is it bollocks. MITM is perfectly possible. To the extent that in our arms-race-at-starbucks scenario where the hacker has done his ARP spoofind and DHCP, you just add an MITM proxy for SSL connections. Done, your self-signed certs are now useless.
Self-signed == no authentication == no security. UNLESS the private cert or cert authority public certificate is distributed first and in an offline manner.
"And if the wifi were encrypted, I would not also have to worry about my fellow cafe' sniffers.
So is that first hop encryption a complete solution? Nope. Anyone between the wireless router and facebook can still listen in. But it'd sure be a hellofa lot better than in the clear."
Except it's not, because there are attacks that allow you to see the data if you capture the handshake, regardless of whether the traffic once you've set up the session is encrypted or not. And there are ways to force the handshake to replay without the user ever finding out. Even with DH there are various MITM, DNS insertion and other tricks that can be done.
Worse than useless I'm not sure, but equal to useless, certainly, because it doesn't stop the other people in the coffee shop from doing anything much they like, they just need slightly more sophisticated tools than firesheep.
The subtext of your post there is that they should be worshipped and revered as a result. Despite behaving like sociopaths, despite (in the case of MS) anti-competitive, harmful actions, despite wasting a hell of a lot of taxpayer cash in the courtroom, despite being involved in the dirty and broken aspects of western democracy....
Yeah, I'd love to have all that money, but it's true that I don't have the instinct to fuck everyone else over to get there. I don't think that's a personality type that the rest of us should aspire to, let alone worship.
Yup, most likely.
Not all of them work that way. Netgear have, in the past, provided a pretty coherent tarball and build instructions. Linksys too. Western Digital more recently have just spuffed out a load of source with a broken build system. That's when you have to go in with the multimeter and the soldering iron to get serial access and try a bunch of things...
If you distributed the product then you have to make available the source (or an offer of the source) to anyone you have distributed it to.
I'm pretty sure that a delivery company is just an agent of another party and thus exempt, and a link further up the chain is also fine. Mostly people will look to the manufacturer, but on a strict interpretation - yes, I would imagine the shop you bought it from is responsible.
Now if it's done correctly you'll buy it from a shop who have handed you a retail pack containing documentation and a link to the manufacturers website (with source) and we're all good to go, no need for more source repositories than the manufacturer themselves. But it needs to come with the details and someone has to supply it.
Only 10%?
Wow. Well, if/when I pick one up it won't have android on it for long.
Wouldn't surprise me at all to see MS throwing its weight around on this matter and attempting to crush this sort of deviant, rebellious behaviour. Not much to be done about that.
I really want to get one of these, but I have no excuse at the moment because my eee 901 is still working perfectly, and I spent a fair amount modding it over the last couple of years. :(
Human sacrifice, dogs and cats living together... mass hysteria!
Your laptop is thin, light, has a long battery life and is also the first of its kind without volume production to drive cost down?
No, didn't think so.
Accept that your original comments about ARM latops being horrendously expensive and having no working software are wrong, then move on.
It's NOT your intention to troll?!?!?
Linux isn't a cheap alternative to windows. Linux is a completely different OS that is FAR more capable and can be customised by the user to do a million and one things windows can't. Some of this is a side of effect of freedom and openness, some is just that it kicks ass. If capability and customisation are not what you're after then maybe it's not for you.
"who wants to be the martyr and take a stand by sacrificing their productivity to deal with an operating system that cannot natively run 99% of software products, has compatibility issues, and bugs up the wazoo due to being a mish-mash of spaghetti code written by unorganized contributors?"
Exactly why I don't use windows, you've described the MS situation extremely well for me. Windows is a great load of conflicting, counter-intuitive weirdness, glued together over many years, full of obscure bugs, incompatible with a lot of hardware.
Linux just works, for me. It may not for you, but I couldn't imagine going back to an MS operating system full time. I keep one around for the odd game.
Somebody at MS got a promotion and a big bonus for the work, I'm sure. They killed netbooks, IMHO. When the windows ones started to come out they were dreadful. Slow, heavy and noisy compared to the flash based ones that came before.
The Toshiba AC100 looks interesting now though. And there's no chance of windows getting on it :)
"This is exactly what's wrong."
No, it's exactly what's right. Linux is not ever going to have a "one-true distro", no matter how much you demand it.
If that means that 'ordinary' people aren't going to use it then I can't say it bothers me, not in the slightest.
Hell, 'normal' people aren't even going to install a new OS on their computer, ever. In a lot of ways that makes this discussion completely irrelevant as the people who need to be persuaded are manufacturers and distributors, not users. If the likes of Dell started to offer something like Ubuntu as a Windows alternative across a decent proportion of its range (instead of offering only a few, generally pretty poor machines) then that would help adoption I suppose.
But as I say, it's kind of irrelevant. Desktop linux is awesome for my needs and somehow development has struggled on and improved for 15 or so years.
So what if it's not the year of the linux desktop?
"I share the author's frustration at a "Linux experience" that keeps trying to be Windows-like and ends up feeling like a cheap knockoff."
Funny, I haven't noticed that since the early days of fvwm95 and really early KDE versions.
If anything Ubuntu is trying very hard to emulate the MacOS look and feel, and other distros are doing their own thing.
You do realise you're talking bullshit, right?
You can already get the Toshiba AC100, and ARM laptop/netbook thing based on nVidia's Tegra platform. It ships with Android but Ubuntu apparently runs nicely already. It's pretty cheap.
ARM have PCI and PCIE bus available as well as a lot of other standard stuff like USB.
Wait, so a distro should do things your way, and everyone else should shut up shop?
I think you'll find that's the beauty of open source, everyone can do it the way they want to. If you can persuade people that your way is the best way then some may join you.
Abandoning 99% of the distros would piss off a large portion of users. Why abandon any of them? If you come up with the perfect interface (TM) then they can all ship it, if it's right for them?
Or are you trying on that old argument that the very concept of a distro is confusing to people who just want the linux on their computers?
Well good luck with that.