Total cost of Ownership ? I thought and it was Microsoft and its BSA/SPA satellite that software could not be owned, hence the EULAs. So, they imply one might OWN a system ?
Oh, OWNing a system is easy...especially if it has as many security holes as Windows!
I don't think it will happen any time soon; however, there is always the possibility that Congress will change the law to include "contributing to infringement" as an offense as well, which could be construed as to include receiving nonauthorized distributions of materials.
They'll repeal that law about 24 hours after passing it, b/c they will have been spammed with 50,000 copies of the latest Britney MP3.
Either that or they'll outlaw email. You figure it out.
> I wish I could persuade my boss to give me data in an Excel spreadsheet rather than a PDF produced by Word. At least I can save a spreadsheet as CVS and parse it for entry into a database.
I think you mean CSV (comma-separated values).:)
But since you mentioned it, a spreadsheet that used CVS, or even had some versioning capability would be useful thing, too. Hmmmm.
> Challenge / response systems are broken anyway, even if spammers > can't break it. > > Why? Because from: is forgeable, and viruses use other people's real > addresses constantly.
So Alice spoofs a mail from Bill to Charlie. Charlie's C/R system falls for the spoof and challenges Bill's system. Bill's system, formerly oblivious, doesn't recognize Charlie and issues a challenge to Charlie's challenge. Whereupon Charlie's system re-challenges Bill's system, Bill's system re-challenges Charlie's system, and...
Obviously a simple 2-way deadlock.
The way to break this deadlock is for a C/R system (Bill's or Charlie's, doesn't matter which), to silently ignore identical mail. That is, if Bill's system gets a 3rd mail from Charlie's that is identical to the first two, it doesn't issue a challenge, but ignores it.
Since you never have to worry about 3-way or N-way where N>2, problem solved.
> however, the interesting tidbit is that the outsourcing companies turn > around and outsource to Indian firms for handling the bounces. There's > literally a room full of people in India, sitting there answering > those challenge/responses and updating the client's customer email > list(unlike spammers, it really is in their best interests to minimize > failed deliveries). It sounds "expensive", but it's not, considering > how few people use challenge/response systems. Further- a reasonably > smart human can get familiar with all the various systems quickly(an > hour or two, I'd guess, tops) and probably process close to a message > every few seconds with a client program set up to do that limited > functionality smoothly. Best part- if your client does several > mailings, unless the recipient goes in and removes you, you're clear > for future emailings.
I'm not sure this is a problem. Remember spam costs the spammer zero. But if the spammer has to hire a roomful of people (India or anywhere) merely to answer C/R's, then that costs $.
So you've effectively turned your C/R system into a pay-for-mail system, which many of the big boys are in favor of, anyway.
> I challenge someone to find an automated response to C/R.
I challenge someone to find an automated response to all types of C/R. That's what spammers would have to deal with.
Alice's C/R system makes you enter text hidden in an image. Bill's C/R system makes you click on a keyhole. Charle's C/R system simply asks you what's 2+2?
Each of these systems can be automated by a determined spammer. But is there any spammer that can automate all three? How about one that can automate all of the possible challenges? That will foil the spammers.
You know, when they want to immunize you against measles, what do they do? They inject you with weak measles viruses. That can't hurt you, but does trigger your immune responses. Presto, you're safely immune from measles!
Perhaps the high schools are trying to immunize you from shakespeare by exposing you to a watered-down version (eg reading the text as opposed to watching the play, or better yet, acting in it in a theatre!). Presto, you're safely immune from Shakespeare!
I always thought Sun's tight control over Java was so that they could keep Microsoft from polluting it, using their usual 'embace, extend, extinguish' method.
After all, Sun did force MS to change their product name from Java to J++, since it did not follow the spec.
Even if such a tragedy would not recur, can you blame Sun for being paranoid?
Naturally, if this ruling stands, I see no other possible result than to either force the RIAA to do just that--file lawsuits before recieving personal info--, or to stop shaking down end users through threats of multi-million dollar lawsuits.
Yes, but that would make too much sense!
The RIAA has been using the subpoenas (sp) to figure out who to sue. Which is putting the cart before the horse legally, but was necessary technically. Because they would have a log saying 'user #2341234123 shares lots of MP3s, who is this' and force the ISP to divulge the user's personal info via the subpoena. Without the subpeona they can't sue people using their current methods.
Imagine a P2P system like Kazaa but with one extra twist...Whenever someone wants to download a file from you, your computer doesn't send it directly to theirs. Instead your computer sends the file to a proxy machine which then sends the file to the rceipient. Both connections are encrypted with public-key cryptography, and the proxy machine stores nothing that is not encrypted. Congratulations, you have just send a file to anyone (maybe even an RIAA spy) without then interacting with you and finding out what your IP address is or who you are.
Now imagine that in addition to super-peers, Kazaa maintains a list of proxy servers whose sole job is to upload stuff from users and download stuff to other users. You can run such a 'data peer' yourself legelly since all the data is encrypted so you don't know what your computer is storing.
Of course this network is less efficient than Kazaa, since each file gets copied twice whenever it is downloaded. I guess that's why nothing like this network exists yet. But if Kazaa dies due to its users being sued off the network, I'll bet this 'proxy'-based network takes over. Let the RIAA try to sue users on this proxy network!
Another idea: mechanizing the concept of reputation so people know whose thoughts and whose creative works (like software) are worth using or believing.
I would submit that this is true in a strictly legal sense, and that the whole P2P contraversy is an excellent counter-argument.
The DMCA, in its final form, runs to about 20,000 pages and is only understood by copyright lawyers, it is therefore useful only to those who are able to afford on-staff copyright lawyers (eg the *AA and other media cartels) It reads pretty much like a multiparty business negotiation contract, which is basically what it is, and it (as well as all copyright law) was never meant to be enforced on John Q Public. One could argue that since the public has no real means of knowing or understanding the finer points of the DMCA, is it really fair to enforce the DMCA against them?
Sigh. And as long as I'm dreaming, I'd like a pony.
Last time I looked, Kazaa's got notices all over the place that tells
you not to pirate stuff with it.
Correct. IIRC the girl's mother didn't go directly to Kazaa's website, she got it from a 3rd-party website who 'sold' her Kazaa for $30. So technically, Kazaa is not at fault here, its the 3rd-party website that the family should sue. (Is it still even up?)
Slashdot Mirror
It's something plenty of employers will fire you for, even when they're not unhappy with your performance. Got any evidence? Experience? Studies?
Most of those aspects also apply to _West Side Story_.
Although in that case the hero doesn't fare too well...
Yes, but then you'd have to woo Spock!
Total cost of Ownership ?
I thought and it was Microsoft and its BSA/SPA satellite that software could not be owned, hence the EULAs.
So, they imply one might OWN a system ?
Oh, OWNing a system is easy...especially if it has as many security holes as Windows!
<ducks>
They'll repeal that law about 24 hours after passing it, b/c they will have been spammed with 50,000 copies of the latest Britney MP3.
Either that or they'll outlaw email. You figure it out.
Even the trojans 'just work'!
> I wish I could persuade my boss to give me data in an Excel spreadsheet rather than a PDF produced by Word. At least I can save a spreadsheet as CVS and parse it for entry into a database.
:)
I think you mean CSV (comma-separated values).
But since you mentioned it, a spreadsheet that used CVS, or even had some versioning capability would be useful thing, too. Hmmmm.
> Challenge / response systems are broken anyway, even if spammers
> can't break it.
>
> Why? Because from: is forgeable, and viruses use other people's real
> addresses constantly.
So Alice spoofs a mail from Bill to Charlie. Charlie's C/R system
falls for the spoof and challenges Bill's system. Bill's system,
formerly oblivious, doesn't recognize Charlie and issues a challenge
to Charlie's challenge. Whereupon Charlie's system re-challenges
Bill's system, Bill's system re-challenges Charlie's system, and...
Obviously a simple 2-way deadlock.
The way to break this deadlock is for a C/R system (Bill's or
Charlie's, doesn't matter which), to silently ignore identical
mail. That is, if Bill's system gets a 3rd mail from Charlie's that is
identical to the first two, it doesn't issue a challenge, but ignores
it.
Since you never have to worry about 3-way or N-way where N>2, problem
solved.
> however, the interesting tidbit is that the outsourcing companies turn
> around and outsource to Indian firms for handling the bounces. There's
> literally a room full of people in India, sitting there answering
> those challenge/responses and updating the client's customer email
> list(unlike spammers, it really is in their best interests to minimize
> failed deliveries). It sounds "expensive", but it's not, considering
> how few people use challenge/response systems. Further- a reasonably
> smart human can get familiar with all the various systems quickly(an
> hour or two, I'd guess, tops) and probably process close to a message
> every few seconds with a client program set up to do that limited
> functionality smoothly. Best part- if your client does several
> mailings, unless the recipient goes in and removes you, you're clear
> for future emailings.
I'm not sure this is a problem. Remember spam costs the spammer
zero. But if the spammer has to hire a roomful of people (India or
anywhere) merely to answer C/R's, then that costs $.
So you've effectively turned your C/R system into a pay-for-mail
system, which many of the big boys are in favor of, anyway.
> I challenge someone to find an automated response to C/R.
I challenge someone to find an automated response to all types of C/R. That's what spammers would have to deal with.
Alice's C/R system makes you enter text hidden in an image. Bill's C/R system makes you click on a keyhole. Charle's C/R system simply asks you what's 2+2?
Each of these systems can be automated by a determined spammer. But is there any spammer that can automate all three? How about one that can automate all of the possible challenges? That will foil the spammers.
Once again, we will find salvation in diversity.
You know, when they want to immunize you against measles, what do they do? They inject you with weak measles viruses. That can't hurt you, but does trigger your immune responses. Presto, you're safely immune from measles!
Perhaps the high schools are trying to immunize you from shakespeare by exposing you to a watered-down version (eg reading the text as opposed to watching the play, or better yet, acting in it in a theatre!). Presto, you're safely immune from Shakespeare!
Methinks I need a tinfoil hat...
I always thought Sun's tight control over Java was so that they could keep Microsoft from polluting it, using their usual 'embace, extend, extinguish' method.
After all, Sun did force MS to change their product name from Java to J++, since it did not follow the spec.
Even if such a tragedy would not recur, can you blame Sun for being paranoid?
can I get a job as a Slashdot article duplication identifier?
Yes, but that would make too much sense!
The RIAA has been using the subpoenas (sp) to figure out who to sue. Which is putting the cart before the horse legally, but was necessary technically. Because they would have a log saying 'user #2341234123 shares lots of MP3s, who is this' and force the ISP to divulge the user's personal info via the subpoena. Without the subpeona they can't sue people using their current methods.
That's good news...maybe the ISP's will stand up to the RIAA now. But the article is light on details...which appeals court made this ruling?
Slashdot has already considered this. RTFFAQ
For instance, search for: ...but you won't get DeCSS!
css ~help
and you'll get sites with tutorials, guides, support, etc
So you just whole-heartedly copied a copyrighted article onto /...which is about copying. Would you like that slab of irony rare, medium, or well-done?
Imagine a P2P system like Kazaa but with one extra twist...Whenever
someone wants to download a file from you, your computer doesn't send
it directly to theirs. Instead your computer sends the file to a proxy
machine which then sends the file to the rceipient. Both connections
are encrypted with public-key cryptography, and the proxy machine
stores nothing that is not encrypted. Congratulations, you have just
send a file to anyone (maybe even an RIAA spy) without then
interacting with you and finding out what your IP address is or who
you are.
Now imagine that in addition to super-peers, Kazaa maintains a list of
proxy servers whose sole job is to upload stuff from users and
download stuff to other users. You can run such a 'data peer' yourself
legelly since all the data is encrypted so you don't know what your
computer is storing.
Of course this network is less efficient than Kazaa, since each file
gets copied twice whenever it is downloaded. I guess that's why
nothing like this network exists yet. But if Kazaa dies due to its
users being sued off the network, I'll bet this 'proxy'-based network
takes over. Let the RIAA try to sue users on this proxy network!
Anyone interested in helping build this?
Yes, /. covered it recently
OMG! /. is a P2P concept! Down with /.!
-
So then if a majority thinks that it is ok to steal, we shouldn't have any laws making it illegal?
Please tell us where you live so we can help releave you of your possessions.
Maybe he lives in Baghdad?
(Feigning) ignorance is not a defense.
I would submit that this is true in a strictly legal sense, and that
the whole P2P contraversy is an excellent counter-argument.
The DMCA, in its final form, runs to about 20,000 pages and is only
understood by copyright lawyers, it is therefore useful only to those
who are able to afford on-staff copyright lawyers (eg the *AA and
other media cartels) It reads pretty much like a multiparty business
negotiation contract, which is basically what it is, and it (as well
as all copyright law) was never meant to be enforced on John Q
Public. One could argue that since the public has no real means of
knowing or understanding the finer points of the DMCA, is it really
fair to enforce the DMCA against them?
Sigh. And as long as I'm dreaming, I'd like a pony.
That's swell. Are they willing to pay the fines of the other 260 fileswappers being sued?
Last time I looked, Kazaa's got notices all over the place that tells
you not to pirate stuff with it.
Correct. IIRC the girl's mother didn't go directly to Kazaa's
website, she got it from a 3rd-party website who 'sold' her Kazaa for
$30. So technically, Kazaa is not at fault here, its the 3rd-party
website that the family should sue. (Is it still even up?)