There are international agreements that imply allowance of reverse engineering. The US is a signatory to these.
TRIPS:
"Article 9, 2. Copyright protection shall extend to expressions and not to ideas, procedures, methods of operation or mathematical concepts as such." [http://www.wto.org/english/tratop_e/trips _e/t_agm 3_e.htm]
WTO Copyright Treaty:
"Article 2, Copyright protection extends to expressions and not to ideas, procedures, methods of operation or mathematical concepts as such." [http://www.wipo.org/eng/diplconf/distrib/ 94dc.htm ]
If you really want to read about this and reverse engineering in depth, try:
* "REVERSE ENGINEERING & DECOMPILATION OF COMPUTER PROGRAMS" [http://www.indlaw.com/publicdata/Articles/4_6_200 1_2_57_29_PM_Indlaw/article.pdf]
* "Reverse Engineering Clauses in Current Shrinkwrap and Clickwrap Contracts" [http://www.cptech.org/ecom/ucita/licenses/reverse.html]
* "THE LAW & ECONOMICS OF REVERSE ENGINEERING" [http://www.sims.berkeley.edu/~pam/papers/l&e reveng5.pdf]
* "REVERSE ENGINEERING UNDER SIEGE" [http://www.sims.berkeley.edu/~pam/papers/CACM on Bunner.pdf]
You already opened the shrinkwrap and agreed to a shrinkwrap license, or you downloaded the software through a clickwrap license. This means that even before you've agreed to the installer's "I agree", then you've already bound yourself to contractual terms. There is a lot of literature about the validity of click/shrinkwrap licenses, and about issues of how they can/can't be modified by the subsequent installer license. Have no fear that these issues are actively debated in the legal community.
As for your DMCA question: you don't even need encryption: digital rights management and copy protection systems don't necessarily imply any level of strong crypto: so the fact that the software is bundled with an installer, and you circumvent the installer to avoid the "I agree" Terms and Conditions, means that you are probably violating DMCA provisions.
As for your final question: these issues are debated, and although you have already exchanged money (e.g. you bought the software as a result of the click/shrinkwrap license), then if it turns out that there are any subsequent different licenses (e.g. the installer's "I agree") then you are within your rights to return the software for a full refund. Once you agree to all of these license s though, it's too late (unless the software is defective in some way / etc and you return it because it doesn't work or fails to live up to requirements).
If we are referring to the existing state of play, then using the term Intellectual Property is the correct term - whether we like it or not, the existing laws and statutes make it clear that copyrights, trademarks, patents, design rights, and so on are indeed intangible property rights. The subject matter is a sort of property, and the mechanisms confer rights.
To look to a brave new future, then choose a term that is backed by a new framework or doctrine. It seems to me that for all the complaints about the existing IP system, there has been no tangible alternative put forward.
Cellular is already a ubiquitous technology in some places, notably the pan european GSM coverage allowing you to roam across Europe with a single handset and seamlessly make and receive calls from new carriers. I'm sorry that the United States never achieved this - we've enjoyed it for a few years now.
802.11x protocols were not designed for roaming - they are primarily wireless LAN products, they don't include sophisticated power modulation, directionality, handover and numerous other things. The fact that 802.11 hotspots have taken off is more of a grass roots effort from the ground up, by taking a technology and trying to turn it into something else, rather than designing it from top down to satisfy the requirements. I think wi-fi is in some ways a poor man's 4G.
4G is basically high speed and low speed adaptable always connected pure data roamability and heterogeneous device connectivity with power and directionality and bandwidth management and so on. This is a step beyond 3G (obviously, by its name). There is no 4G available, nor any standards nor any clear definitions: it's just a rough sort of location in the technology roadmap, somewhat like transparent object distribution and computing is today (i.e. that goal were you can use computing services and objects on "tap" from all over, and local applications and web services merge to become a sort of sea of computability).
The problem with trying to build a large scale wi-fi network is simple that wi-fi was not designed to be such a network. Don't use apples when you need to use oranges! wi-fi will continue to work and become popular as a hotspot technology, but don't expect it to include the kinds of sophistication that you see in WLAN and 3G technologies. Better to design a real 4G protocol (i.e. in the same way that the Internet Protocol is now the ubiquitous network layer protocol that succeeded past all others [osi, x.25, etc], then 4G protocols could become the ubiquitous wireless protocol that suceeds all others [umts/3g, wlan, wi-fi, etc]. Don't expect this to occur for 5-10 years or so).
In the mean time, move to a region in the world where companies agree on standards rather than trying to use them as a competitive weapon.
Your employment contract states that you are contracted to work a fixed amount of hours per week (say, 40). Often - mine does - it also says that you are to work some degree overtime when necessary. However, this doesn't extend to the sort of overtime that your organisation is demanding. You are within your rights to state that you can't work 12/7 - and you should try to negotiate and state that you are prepared to work some amount, say 50 hours a week, that is "reasonable" amount of overtime. The organisation cannot dismiss you otherwise it is wrongful termination. You can simply refuse to work to their excessive demands.
Firstly, on the point of obtaining patents for inventive ideas, there is nothing wrong with focusing just on that activity. Some people are very inventive, and if they can help advance society (and make a living for themselves at the same time) by coming up with patents then that's good for us all. It's better than them having their bright ideas stolen and used without any remmuneration in return. There are many other examples of industrial specialisation in society, and this is one of them: here the specialisation is on producing new technologies. If it turns out that many of these new technologies are not feasible or require further work to implement, well that just devalues that worth of the patent (potentially) and the collorary is that the incentive for the patent producers is to produce worthwhile patents (rather than waste money on unworkable ideas). If people are "lucky dipping" and "jackpotting" by creating realms of dubious patents, then so be it.
Secondly, there's always going to be some level of dodgy practice - but this goes two ways: you have peope filing "bogus" patents, but you also have companies and organisations that work around legitimate patents so as to avoid paying royalties. Everybody is playign the game - it used to be a gentleman's game, but society isn't so much like this anymore, and I don't think that's a per se issue in the patent system but it reflects an ethical and moral position that we all take. On the other hand, new technology is always going to cause problems with existing systems, so there's another problem of "good faith" dodgy patents simply where filer and examiner aren't aware that the patent doesn't reflect the situation with a new technology (and the kinds of people that read slashdot are very technologically savvy and can see these points straight away, but the rest of the world isn't quite there).
In fact, I say this because I'm one of these inventive people that has a lot of good ideas, but I'm quite useless at implementing them. I hate it when people criticise me for this, and in return I say that there are many people out there with bad ideas (or no ideas) but are very good implementors. The world requires people of all sorts to work together - and if there are structures and systems in the world that help facilitate this (and every sensible person accepts that all structures and systems have some degree of flaw) then that's to the benefit of us all.
This is a bad way to run the world. Full disclosure causes too many headaches for too many people. Developers having to stay back until 11pm working on an emergency fix for the next day, and administrators called in at 2am to emergency workaround critical software. It's just not good.
The small window of time allows developers to do their job properly, e.g. when I'm asked to resolve a defect, I look not just at that defect, but similar classes of defects as well (whether it's a security issue or not) - and then the build has to go through QA tests before we can be sure that the patch is safe to be released.
When some fool has made a vulnerability public, we're under tremendous pressure (customers on the phone hounding us). Alternatively, when we know that it's not yet public, but it will be in - say - a week or two time, then we're still under pressure, but it's not so grinding, and we really can resolve the issue properly. Sure, in that week or two, it's possible for the vulnerability to be exploited, but I'm sure that there's less knowledge floating around about it than if several hundred black hats were working away as a result of a bugtraq post.
* you mention that you are currently customising open source software, does this mean that you are legitimately honouring the licenses associated with that software ? if not, then that should be your first step. the choice here is simple: either honour the license, or don't use the software. this may require you to make available your modifications.
* you really need to write up a business case: why is in the companies interest to do this ? will it be "pr" ? will it cost ? will it cause legal (liability) issues ? will others run with the software and turn it into something better (free labour for you) ? does the work required (to package, make available, etc) outweigh the costs ?
You need to answer these questions in an intelligent and reasoned way before someone else (i.e. your engineering manager / etc) is going to allow this to occur.
Umm. Just because you can do it, doesn't mean that it's irrelevant or legal. Anyone can knife another person, but that's surely not legal.
You've just described a couple of scenarios where you are depriving authors of economic rights to their works. When these authors can't make a living and have to go and flip burgers down at McDonalds, then perhaps you'll think twice about paying for music.
I think that no one wants to be ripped off, yet everyone recognises that you can't have something for nothing, so that issue is trying to find some common ground.
Another related issue is that many open source developers have day jobs, and there are likely to be circumstances where it could be argued that the open source development work makes use of knowledge, skills and related confidential knowledge gained during day time employment (and is covered either implicitly as part of your fidicury duty with your employer, or by explicit provisions in your employment/ipr contract). I'm surprised that we have not yet seen a case on this, as I'm sure that it occurs.
As a 'consultant' you are considered to be an expert position and not 'in the office of the company' - which means that you have separate legal personality from the organisation, which means that you can be subject to legal action against you by another party - and you can't rest upon the organisation (i.e. vicarious liability) to indemnify you. You are probably not covered by the organisations liability insurance - as it is likely to extend to employees only, and not contractors or consultants. If you didn't know this already, I feel sorry for you. You may earn extra money being 'a consultant', but this is one of the downsides.
This strongly suggests that it's in your best interests to act somewhat ethically and carefully to protect your professional interests. When it comes down to 'not agreeing with a decision' or 'doing somethign you don't agree with', you need to take each case on its merits.
If you object for non objective reasons (e.g. "you like linux over BSD"), the best you can do is to refuse, and they may decide to terminate your contract. If you object for objective reasons (e.g. safety issues, bad design decisions, etc) then you could either leave without saying anything, or make your case known - if they decide to terminate you, I'm not sure what the circumstances are there - but at least you've made it clear that you don't agree with the situation. If you do take on the task, then you could be said to have agreed and therefore you could eventually be liable.
"The future of computing-new architectures and new technologies"
By Paul Warren (04-Dec-2002)
The worlds of biology and physics both provide massive parallelism that can be exploited to speed up lengthy computations-with profound consequences for both everyday computing and cryptography.
2. Yes, it's been apparent for the last few years that computing is entering a new phase with diversity of computing 'substrates' as one key theme. Ameoba, Java,.NET, CORBA and GRIDs also point to the other theme of distribution and transparency.
The implications are that you should be able to design software that chooses an appropriate substrate for the problem at hand, such as RNA based computing for graph minimisation problems. If you can't afford to have this kind of computing substrate locally, you should be able to pay for the services over the net to someone who offers the raw power - e.g. an IBM style raw computing data centre. This is where computing is a commodity product, and organisations will pay for the appropriate computing power where it demonstrates productivity enhancements (e.g. completing a complex CFD simulation in minutes rather than hours).
It's easy to dismiss this when you are located in another country, but you have to remember that Germany like some other parts of the continent have some history of dealing with copyright in this way. For instance, a surcharge ("tax") is levied on all blank tapes and various other related media, and the surchage is paid to a copyright collecting society which then distributes it to the authors/etc.
The reasoning behind this was that for a majority of cases (not "all" cases), the blank media would be used to make recordings of copyright works (if you dispute this, I'd like you to think about how you use blank media, and whether most of it has copyright works, albeit for personal consumption). This is not a perfect model, but of all the various possible models, it isn't so bad. Remember also, before you bring "big corporate music world" into it, that these copyright societies represent many individual authors/etc and have a history of dealing with micropayments and handing out royalties to those individuals - which despite some imperfections is not a terribly bad model for ensuring that rightholders are paid for their works.
So while this seems not very workable, it's not surprising to see where it is coming from: some politics of old media copyright societies trying to get a grab into the digital world.
The way to resolve this is to allow customers limited ability to specify filtering restrictions on the ISP side of their connection. Effectively what you want is to allow customers to have access to a web based management console that can set policing/qos/etc rules on their inbound (network side) interface. You could have a couple of "dummy style" settings: (a) minimal protection, (b) medium level, (c) maximum... etc, with indication of consequences of setting these levels. If the user chooses minimum protection then they must be aware of the consequences of anything coming through to their pipe - otherwise, if they want maximum protection, then their pipe looks like a proxy / firewall style dmz.
Putting backdoors is unethical, but possibly not illegal depending upon how you make your software available (i.e. license terms and conditions). It may only be illegal where you _use_ the backdoor (because you are then technically trespassing on property of another), or if someone else uses the backdoor (you could be held in negligence).
I've been involved in a project where an easter egg was planted (command line interface to a subsystem, and if you enter right command, it will drop into a text RPG). You could get in trouble for this in certain ways: (a) wasting client money (if the program developed under contract and this functionality is outside of the scope of the development agreement); (b) negligence/action if something goes wrong with the functionality or leads to lack of performance of the software, etc.
You should come to the EU, where (a) abuse of patent right by refusing to license may see you end up in court in an antitrust action; and there is case law to back this up; (b) the development of a 'utility model' is seen as a half-way IPR between patents and designs - providing limited protection for technological developments that do not meet the patent 'inventive' criteria;
In principle, patents for software algorithms and techniques are entirely sensible, but the issues at the moment are: (a) people (and the PTO) are abusing or not understanding how patents 'fit' with software technologies; (b) lack of understnading how other forms of IPR's (or lack of availability of other IPR's) that are suitable for software technologies;
In a number of years it will be fleshed out: the various commentators calling for "end to the patent system" will look silly.
You're not strictly correct. Patents confer limited monopoly rights on the owner of the patent, and can be subject to abuse (i.e. the patent holder can refuse to license). In this case, the courts (in the EU at least) can step in and force a patent holder to license. This is the "social contract": you get the monopoly right but you cannot abuse it. There are (in the EU) situations in which patent holders can grant exclusive licenses, mostly these relate to where the exclusive license is necessary to commercialise the technology (e.g. in a start up situation).
This is good news for me, and possibly some others as well. I'm looking forward to DRM documents.
When I publish an academic paper - it ends up being spidered by numerous search engines out there, and I can't wait until I can embed rights such as "caching allowed by google, not allowed by turnitin.bot", and "caching allowing for non-commercial purposes", or similiar. robots.txt doesn't work effectively enough, nor does it take into account what happens when someone takes a copy of the document into their intranet or onto their work machine. I'm looking forward to backup software that will honour DRM and refuse to backup documents where DRM disallows it.
It'll also be useful when I can allow use for research and teaching purposes, but indicate that licensing is needed for anything else. I'd like to allow some cut'n'paste (fair use), but I'd prefer to have the application prevent the user from extracting too many or too large a portion (I know that the technology is imperfect, and the geeks can get around it, but at least it prevents the majority of users).
It'll also be good when DRM is embedded into the metamodel itself, so that internal objects (images, movies, audio, etc) also have their own DRM perhaps with separate t&c - so I might be able to use an image under terms of fair use, and it would still properly identify its original author/owner, and the DRM would be retained even if it was cut'n'pasted out of my document. This is going to be great for my free pictures collection because I'll allow people to use the pictures in their material, and they will know that they can safely do so. And should the like it ? They'll hopefully pay me to make more !
Sorry to hear that you guys are so down in DRM. Without good DRM, the use of information (copyright, etc) will be left to FUD - with DRM, at least it's all going to be explicit.
Better code is not the only thing in the world. What about better design, better architecture, better dedicated talent, better testing resources, better hardware and tools support, etc. It's hard to take something about code defect ratios and turn that into a wide-sweeping statement. I can show you plenty of low defect code that is part of a bad design.
The facts are this: - the BSA has no statutory powers to investigate or so on, but as a representative of various organisations, they can pursue civil action on behalf of their members: there's nothing wrong with this in theory. - these tactics they are using are a little heavy handed, not dissimiliar to the TV licensing authority approach in the united kingdom, personally I don't like it, and the ethics are questionable, it is a form of heavy handedness. - you say ' I know that I cannot produce the original CD's and/or documentation for some of the software that we HAVE paid for.' - well, that's your fault really, you should keep better records - try speaking to an accountant about the need to keep records for purchase of assets. No one excuses you for failing to keep proper business records of ownership (why don't you throw away the deeds to your house/property?). - if you are eventually shown to be in violation of licensing terms, then punitive damages could actually be higher because you've already received a notification about the fact that you may be in violation - you can't claim to have been unknowledgeable. - software costs money to produce - you might not entirely agree with the licensing terms, but how can you disagree with the need for organisations to try and enforce the terms of their agreements. personally, my life wouldn't have been so good if I had not developed commercial software for which companies were able to license/sell.
The press release is here (in various languages). Don't forget to read it, and the draft directive, in detail before entering into uninformed discussion based upon a possibly incorrect third-party news article.
I don't think that Google can be considered liable here. Google honours the Robots Exclusion Protocol: and this protocol is so well known and defined as a standard, that any website owner who failed to use it would be considered negligent. What I mean to say is, that if any website owner claimed that its content was in Google when it shouldn't be, then Google could use the defence that the global web community has a well known standard at its availability to use to prevent its content from being indexed or cached, and if a website owner fails to implement the protocol, then the website owner get the default behaviour: index and caching.
>Hey, I may have wailed on your ass, but at least I didn't drop to calling you stupid.
I have no problem calling someone stupid when they post a public message with content that's so obviously wrong and showing gross lack of understanding about the way things are.
>WHO THE FUCK MADE THE RIAA A POLICE FORCE?
The same people that allow me, and you, to pursue civil actions against infringement of my intellectual property rights.
>Since when do they get the right to invade me and those that I deal with's private domain and force us to turn over information because they suspect, SUSPECT
They get the right to execute search and seizure for evidence when there's enough prima facie evidence to illustrate that you're breaking the law, and in such case, you forfeit some of your rights to freedom as the court allows (and search and seizure only allowed after court approval) further process to substantiate claims.
I'm the stupid one for falling to slashdot flame bait and ignorance.
>There should be the right to remain anonymous until you do something wrong.
This exists, and is present in this case. The alleged infringer was able to remain anonymous until evidence was gathered to indicate that a substantial amount of infringement took place. Remember that this is just one step in the process. Note that by this time, that the court takes the RIAA request seriously, the RIAA would have already had to have provided strong prima facia evidence that infringement occurred before the court would even take the request seriously.
>But for God sakes - not all things that are "wrong" are the same. >Pirating overpriced music from a fucked up monopolistic greedy industry (however illegal) is no where in the same solar system as kiddie porn.
Hello ? Did you have an education in logic. You admit in "not all things that are 'wrong' are the same" that two things are indeeded _wrong_. If they are _wrong_, then the legal system allows due process (with regard to some issues of proportionality) to rectify that wrong. If the matter finally enters the court system, and then remedies / settlement is applied, then the court has lattitude to adjust the remedy in proportion to the seriousness of the crime.
The idea of "equal rights for all" is predicated on the understanding that things have different value in the eyes of different people. What seems like "monopolistic greedy industry" to you, could be (at the other end), some new band whose been playing the traps and now has the chance to sign up with a marketing/brand/promotion powerhouse to put their music into the big league. Personally, I'm not sure about this model for the music industry in the future, but I respect the right of the music industry to do these things within the letter of the law, and if I didn't agree to it, I wouldn't buy their music, and I'd just go down to my local pub and listen to bands. If everyone did this, then so called "monopolistic" industries would fall apart because no-one would buy their music.
Slashdot Mirror
There are international agreements that imply allowance of reverse engineering. The US is a signatory to these.
s _e/t_agm 3_e.htm]
/ 94dc.htm ]
0 1_2_57_29_PM_Indlaw/article.pdf]
e .html]
TRIPS:
"Article 9, 2. Copyright protection shall extend to expressions and not to ideas, procedures, methods of operation or mathematical concepts as such."
[http://www.wto.org/english/tratop_e/trip
WTO Copyright Treaty:
"Article 2, Copyright protection extends to expressions and not to ideas, procedures, methods of operation or mathematical concepts as such."
[http://www.wipo.org/eng/diplconf/distrib
If you really want to read about this and reverse engineering in depth, try:
* "REVERSE ENGINEERING & DECOMPILATION OF COMPUTER PROGRAMS" [http://www.indlaw.com/publicdata/Articles/4_6_20
* "Reverse Engineering Clauses in Current Shrinkwrap and Clickwrap Contracts" [http://www.cptech.org/ecom/ucita/licenses/revers
* "THE LAW & ECONOMICS OF REVERSE ENGINEERING" [http://www.sims.berkeley.edu/~pam/papers/l&e reveng5.pdf]
* "REVERSE ENGINEERING UNDER SIEGE" [http://www.sims.berkeley.edu/~pam/papers/CACM on Bunner.pdf]
You already opened the shrinkwrap and agreed to a shrinkwrap license, or you downloaded the software through a clickwrap license. This means that even before you've agreed to the installer's "I agree", then you've already bound yourself to contractual terms. There is a lot of literature about the validity of click/shrinkwrap licenses, and about issues of how they can/can't be modified by the subsequent installer license. Have no fear that these issues are actively debated in the legal community.
As for your DMCA question: you don't even need encryption: digital rights management and copy protection systems don't necessarily imply any level of strong crypto: so the fact that the software is bundled with an installer, and you circumvent the installer to avoid the "I agree" Terms and Conditions, means that you are probably violating DMCA provisions.
As for your final question: these issues are debated, and although you have already exchanged money (e.g. you bought the software as a result of the click/shrinkwrap license), then if it turns out that there are any subsequent different licenses (e.g. the installer's "I agree") then you are within your rights to return the software for a full refund. Once you agree to all of these license s though, it's too late (unless the software is defective in some way / etc and you return it because it doesn't work or fails to live up to requirements).
The IEEE USA is pursuing this:
* Press release regarding Baystate v Bowers:
http://www.ieeeusa.org/releases/2003/060
* Details of the amicus curiae, etc:
http://www.ieeeusa.org/forum/policy/2003/Ba
* General position on reverse engineering:
http://www.ieeeusa.org/forum/POSITI
If we are referring to the existing state of play, then using the term Intellectual Property is the correct term - whether we like it or not, the existing laws and statutes make it clear that copyrights, trademarks, patents, design rights, and so on are indeed intangible property rights. The subject matter is a sort of property, and the mechanisms confer rights.
To look to a brave new future, then choose a term that is backed by a new framework or doctrine. It seems to me that for all the complaints about the existing IP system, there has been no tangible alternative put forward.
You are a little confused.
Cellular is already a ubiquitous technology in some places, notably the pan european GSM coverage allowing you to roam across Europe with a single handset and seamlessly make and receive calls from new carriers. I'm sorry that the United States never achieved this - we've enjoyed it for a few years now.
802.11x protocols were not designed for roaming - they are primarily wireless LAN products, they don't include sophisticated power modulation, directionality, handover and numerous other things. The fact that 802.11 hotspots have taken off is more of a grass roots effort from the ground up, by taking a technology and trying to turn it into something else, rather than designing it from top down to satisfy the requirements. I think wi-fi is in some ways a poor man's 4G.
4G is basically high speed and low speed adaptable always connected pure data roamability and heterogeneous device connectivity with power and directionality and bandwidth management and so on. This is a step beyond 3G (obviously, by its name). There is no 4G available, nor any standards nor any clear definitions: it's just a rough sort of location in the technology roadmap, somewhat like transparent object distribution and computing is today (i.e. that goal were you can use computing services and objects on "tap" from all over, and local applications and web services merge to become a sort of sea of computability).
The problem with trying to build a large scale wi-fi network is simple that wi-fi was not designed to be such a network. Don't use apples when you need to use oranges! wi-fi will continue to work and become popular as a hotspot technology, but don't expect it to include the kinds of sophistication that you see in WLAN and 3G technologies. Better to design a real 4G protocol (i.e. in the same way that the Internet Protocol is now the ubiquitous network layer protocol that succeeded past all others [osi, x.25, etc], then 4G protocols could become the ubiquitous wireless protocol that suceeds all others [umts/3g, wlan, wi-fi, etc]. Don't expect this to occur for 5-10 years or so).
In the mean time, move to a region in the world where companies agree on standards rather than trying to use them as a competitive weapon.
The simple approach is this.
Your employment contract states that you are contracted to work a fixed amount of hours per week (say, 40). Often - mine does - it also says that you are to work some degree overtime when necessary. However, this doesn't extend to the sort of overtime that your organisation is demanding. You are within your rights to state that you can't work 12/7 - and you should try to negotiate and state that you are prepared to work some amount, say 50 hours a week, that is "reasonable" amount of overtime. The organisation cannot dismiss you otherwise it is wrongful termination. You can simply refuse to work to their excessive demands.
There are two issues here.
Firstly, on the point of obtaining patents for inventive ideas, there is nothing wrong with focusing just on that activity. Some people are very inventive, and if they can help advance society (and make a living for themselves at the same time) by coming up with patents then that's good for us all. It's better than them having their bright ideas stolen and used without any remmuneration in return. There are many other examples of industrial specialisation in society, and this is one of them: here the specialisation is on producing new technologies. If it turns out that many of these new technologies are not feasible or require further work to implement, well that just devalues that worth of the patent (potentially) and the collorary is that the incentive for the patent producers is to produce worthwhile patents (rather than waste money on unworkable ideas). If people are "lucky dipping" and "jackpotting" by creating realms of dubious patents, then so be it.
Secondly, there's always going to be some level of dodgy practice - but this goes two ways: you have peope filing "bogus" patents, but you also have companies and organisations that work around legitimate patents so as to avoid paying royalties. Everybody is playign the game - it used to be a gentleman's game, but society isn't so much like this anymore, and I don't think that's a per se issue in the patent system but it reflects an ethical and moral position that we all take. On the other hand, new technology is always going to cause problems with existing systems, so there's another problem of "good faith" dodgy patents simply where filer and examiner aren't aware that the patent doesn't reflect the situation with a new technology (and the kinds of people that read slashdot are very technologically savvy and can see these points straight away, but the rest of the world isn't quite there).
In fact, I say this because I'm one of these inventive people that has a lot of good ideas, but I'm quite useless at implementing them. I hate it when people criticise me for this, and in return I say that there are many people out there with bad ideas (or no ideas) but are very good implementors. The world requires people of all sorts to work together - and if there are structures and systems in the world that help facilitate this (and every sensible person accepts that all structures and systems have some degree of flaw) then that's to the benefit of us all.
This is a bad way to run the world. Full disclosure causes too many headaches for too many people. Developers having to stay back until 11pm working on an emergency fix for the next day, and administrators called in at 2am to emergency workaround critical software. It's just not good.
The small window of time allows developers to do their job properly, e.g. when I'm asked to resolve a defect, I look not just at that defect, but similar classes of defects as well (whether it's a security issue or not) - and then the build has to go through QA tests before we can be sure that the patch is safe to be released.
When some fool has made a vulnerability public, we're under tremendous pressure (customers on the phone hounding us). Alternatively, when we know that it's not yet public, but it will be in - say - a week or two time, then we're still under pressure, but it's not so grinding, and we really can resolve the issue properly. Sure, in that week or two, it's possible for the vulnerability to be exploited, but I'm sure that there's less knowledge floating around about it than if several hundred black hats were working away as a result of a bugtraq post.
* you mention that you are currently customising open source software, does this mean that you are legitimately honouring the licenses associated with that software ? if not, then that should be your first step. the choice here is simple: either honour the license, or don't use the software. this may require you to make available your modifications.
* you really need to write up a business case: why is in the companies interest to do this ? will it be "pr" ? will it cost ? will it cause legal (liability) issues ? will others run with the software and turn it into something better (free labour for you) ? does the work required (to package, make available, etc) outweigh the costs ?
You need to answer these questions in an intelligent and reasoned way before someone else (i.e. your engineering manager / etc) is going to allow this to occur.
You idiot.
Umm. Just because you can do it, doesn't mean that it's irrelevant or legal. Anyone can knife another person, but that's surely not legal.
You've just described a couple of scenarios where you are depriving authors of economic rights to their works. When these authors can't make a living and have to go and flip burgers down at McDonalds, then perhaps you'll think twice about paying for music.
I think that no one wants to be ripped off, yet everyone recognises that you can't have something for nothing, so that issue is trying to find some common ground.
Another related issue is that many open source developers have day jobs, and there are likely to be circumstances where it could be argued that the open source development work makes use of knowledge, skills and related confidential knowledge gained during day time employment (and is covered either implicitly as part of your fidicury duty with your employer, or by explicit provisions in your employment/ipr contract). I'm surprised that we have not yet seen a case on this, as I'm sure that it occurs.
As a 'consultant' you are considered to be an expert position and not 'in the office of the company' - which means that you have separate legal personality from the organisation, which means that you can be subject to legal action against you by another party - and you can't rest upon the organisation (i.e. vicarious liability) to indemnify you. You are probably not covered by the organisations liability insurance - as it is likely to extend to employees only, and not contractors or consultants. If you didn't know this already, I feel sorry for you. You may earn extra money being 'a consultant', but this is one of the downsides.
This strongly suggests that it's in your best interests to act somewhat ethically and carefully to protect your professional interests. When it comes down to 'not agreeing with a decision' or 'doing somethign you don't agree with', you need to take each case on its merits.
If you object for non objective reasons (e.g. "you like linux over BSD"), the best you can do is to refuse, and they may decide to terminate your contract. If you object for objective reasons (e.g. safety issues, bad design decisions, etc) then you could either leave without saying anything, or make your case known - if they decide to terminate you, I'm not sure what the circumstances are there - but at least you've made it clear that you don't agree with the situation. If you do take on the task, then you could be said to have agreed and therefore you could eventually be liable.
1. This article is worthwhile reading:
"The future of computing-new architectures and new technologies"
By Paul Warren (04-Dec-2002)
The worlds of biology and physics both provide massive parallelism that can be exploited to speed up lengthy computations-with profound consequences for both everyday computing and cryptography.
2. Yes, it's been apparent for the last few years that computing is entering a new phase with diversity of computing 'substrates' as one key theme. Ameoba, Java, .NET, CORBA and GRIDs also point to the other theme of distribution and transparency.
The implications are that you should be able to design software that chooses an appropriate substrate for the problem at hand, such as RNA based computing for graph minimisation problems. If you can't afford to have this kind of computing substrate locally, you should be able to pay for the services over the net to someone who offers the raw power - e.g. an IBM style raw computing data centre. This is where computing is a commodity product, and organisations will pay for the appropriate computing power where it demonstrates productivity enhancements (e.g. completing a complex CFD simulation in minutes rather than hours).
It's easy to dismiss this when you are located in another country, but you have to remember that Germany like some other parts of the continent have some history of dealing with copyright in this way. For instance, a surcharge ("tax") is levied on all blank tapes and various other related media, and the surchage is paid to a copyright collecting society which then distributes it to the authors/etc.
The reasoning behind this was that for a majority of cases (not "all" cases), the blank media would be used to make recordings of copyright works (if you dispute this, I'd like you to think about how you use blank media, and whether most of it has copyright works, albeit for personal consumption). This is not a perfect model, but of all the various possible models, it isn't so bad. Remember also, before you bring "big corporate music world" into it, that these copyright societies represent many individual authors/etc and have a history of dealing with micropayments and handing out royalties to those individuals - which despite some imperfections is not a terribly bad model for ensuring that rightholders are paid for their works.
So while this seems not very workable, it's not surprising to see where it is coming from: some politics of old media copyright societies trying to get a grab into the digital world.
The way to resolve this is to allow customers limited ability to specify filtering restrictions on the ISP side of their connection. Effectively what you want is to allow customers to have access to a web based management console that can set policing/qos/etc rules on their inbound (network side) interface. You could have a couple of "dummy style" settings: (a) minimal protection, (b) medium level, (c) maximum ... etc, with indication of consequences of setting these levels. If the user chooses minimum protection then they must be aware of the consequences of anything coming through to their pipe - otherwise, if they want maximum protection, then their pipe looks like a proxy / firewall style dmz.
Putting backdoors is unethical, but possibly not illegal depending upon how you make your software available (i.e. license terms and conditions). It may only be illegal where you _use_ the backdoor (because you are then technically trespassing on property of another), or if someone else uses the backdoor (you could be held in negligence).
I've been involved in a project where an easter egg was planted (command line interface to a subsystem, and if you enter right command, it will drop into a text RPG). You could get in trouble for this in certain ways:
(a) wasting client money (if the program developed under contract and this functionality is outside of the scope of the development agreement);
(b) negligence/action if something goes wrong with the functionality or leads to lack of performance of the software, etc.
You should come to the EU, where
(a) abuse of patent right by refusing to license may see you end up in court in an antitrust action; and there is case law to back this up;
(b) the development of a 'utility model' is seen as a half-way IPR between patents and designs - providing limited protection for technological developments that do not meet the patent 'inventive' criteria;
In principle, patents for software algorithms and techniques are entirely sensible, but the issues at the moment are:
(a) people (and the PTO) are abusing or not understanding how patents 'fit' with software technologies;
(b) lack of understnading how other forms of IPR's (or lack of availability of other IPR's) that are suitable for software technologies;
In a number of years it will be fleshed out: the various commentators calling for "end to the patent system" will look silly.
You're not strictly correct. Patents confer limited monopoly rights on the owner of the patent, and can be subject to abuse (i.e. the patent holder can refuse to license). In this case, the courts (in the EU at least) can step in and force a patent holder to license. This is the "social contract": you get the monopoly right but you cannot abuse it. There are (in the EU) situations in which patent holders can grant exclusive licenses, mostly these relate to where the exclusive license is necessary to commercialise the technology (e.g. in a start up situation).
This is good news for me, and possibly some others as well. I'm looking forward to DRM documents.
When I publish an academic paper - it ends up being spidered by numerous search engines out there, and I can't wait until I can embed rights such as "caching allowed by google, not allowed by turnitin.bot", and "caching allowing for non-commercial purposes", or similiar. robots.txt doesn't work effectively enough, nor does it take into account what happens when someone takes a copy of the document into their intranet or onto their work machine. I'm looking forward to backup software that will honour DRM and refuse to backup documents where DRM disallows it.
It'll also be useful when I can allow use for research and teaching purposes, but indicate that licensing is needed for anything else. I'd like to allow some cut'n'paste (fair use), but I'd prefer to have the application prevent the user from extracting too many or too large a portion (I know that the technology is imperfect, and the geeks can get around it, but at least it prevents the majority of users).
It'll also be good when DRM is embedded into the metamodel itself, so that internal objects (images, movies, audio, etc) also have their own DRM perhaps with separate t&c - so I might be able to use an image under terms of fair use, and it would still properly identify its original author/owner, and the DRM would be retained even if it was cut'n'pasted out of my document. This is going to be great for my free pictures collection because I'll allow people to use the pictures in their material, and they will know that they can safely do so. And should the like it ? They'll hopefully pay me to make more !
Sorry to hear that you guys are so down in DRM. Without good DRM, the use of information (copyright, etc) will be left to FUD - with DRM, at least it's all going to be explicit.
"get better code"
Better code is not the only thing in the world. What about better design, better architecture, better dedicated talent, better testing resources, better hardware and tools support, etc. It's hard to take something about code defect ratios and turn that into a wide-sweeping statement. I can show you plenty of low defect code that is part of a bad design.
The facts are this:
- the BSA has no statutory powers to investigate or so on, but as a representative of various organisations, they can pursue civil action on behalf of their members: there's nothing wrong with this in theory.
- these tactics they are using are a little heavy handed, not dissimiliar to the TV licensing authority approach in the united kingdom, personally I don't like it, and the ethics are questionable, it is a form of heavy handedness.
- you say ' I know that I cannot produce the original CD's and/or documentation for some of the software that we HAVE paid for.' - well, that's your fault really, you should keep better records - try speaking to an accountant about the need to keep records for purchase of assets. No one excuses you for failing to keep proper business records of ownership (why don't you throw away the deeds to your house/property?).
- if you are eventually shown to be in violation of licensing terms, then punitive damages could actually be higher because you've already received a notification about the fact that you may be in violation - you can't claim to have been unknowledgeable.
- software costs money to produce - you might not entirely agree with the licensing terms, but how can you disagree with the need for organisations to try and enforce the terms of their agreements. personally, my life wouldn't have been so good if I had not developed commercial software for which companies were able to license/sell.
The press release is here (in various languages). Don't forget to read it, and the draft directive, in detail before entering into uninformed discussion based upon a possibly incorrect third-party news article.
I don't think that Google can be considered liable here. Google honours the Robots Exclusion Protocol: and this protocol is so well known and defined as a standard, that any website owner who failed to use it would be considered negligent. What I mean to say is, that if any website owner claimed that its content was in Google when it shouldn't be, then Google could use the defence that the global web community has a well known standard at its availability to use to prevent its content from being indexed or cached, and if a website owner fails to implement the protocol, then the website owner get the default behaviour: index and caching.
>Hey, I may have wailed on your ass, but at least I didn't drop to calling you stupid.
I have no problem calling someone stupid when they post a public message with content that's so obviously wrong and showing gross lack of understanding about the way things are.
>WHO THE FUCK MADE THE RIAA A POLICE FORCE?
The same people that allow me, and you, to pursue civil actions against infringement of my intellectual property rights.
>Since when do they get the right to invade me and those that I deal with's private domain and force us to turn over information because they suspect, SUSPECT
They get the right to execute search and seizure for evidence when there's enough prima facie evidence to illustrate that you're breaking the law, and in such case, you forfeit some of your rights to freedom as the court allows (and search and seizure only allowed after court approval) further process to substantiate claims.
I'm the stupid one for falling to slashdot flame bait and ignorance.
You are a stupid and ill-informed man.
>There should be the right to remain anonymous until you do something wrong.
This exists, and is present in this case. The alleged infringer was able to remain anonymous until evidence was gathered to indicate that a substantial amount of infringement took place. Remember that this is just one step in the process. Note that by this time, that the court takes the RIAA request seriously, the RIAA would have already had to have provided strong prima facia evidence that infringement occurred before the court would even take the request seriously.
>But for God sakes - not all things that are "wrong" are the same.
>Pirating overpriced music from a fucked up monopolistic greedy industry (however illegal) is no where in the same solar system as kiddie porn.
Hello ? Did you have an education in logic. You admit in "not all things that are 'wrong' are the same" that two things are indeeded _wrong_. If they are _wrong_, then the legal system allows due process (with regard to some issues of proportionality) to rectify that wrong. If the matter finally enters the court system, and then remedies / settlement is applied, then the court has lattitude to adjust the remedy in proportion to the seriousness of the crime.
The idea of "equal rights for all" is predicated on the understanding that things have different value in the eyes of different people. What seems like "monopolistic greedy industry" to you, could be (at the other end), some new band whose been playing the traps and now has the chance to sign up with a marketing/brand/promotion powerhouse to put their music into the big league. Personally, I'm not sure about this model for the music industry in the future, but I respect the right of the music industry to do these things within the letter of the law, and if I didn't agree to it, I wouldn't buy their music, and I'd just go down to my local pub and listen to bands. If everyone did this, then so called "monopolistic" industries would fall apart because no-one would buy their music.