People have played the "anger card" against me before. However, unlike blindly angry people like the ranting nuts that write to my local newspaper screeching and hollering about whatever the 'issue du jour' is, I have something that they don't - convictions. Occasionally I get pissed off about something very specific that I don't necessarily have any long-term interest in, so I just fire off a quick vent on a private section of the site and that's the end of it.
And, what makes you think I'm not successful? I have a decent office job and I make significantly more than most other people my age. Given the current economy, I make more than an AWFUL lot of unemployed programmers with far more experience than I.
And, no, I don't blame anyone but me for not going to MIT. I can't afford it, I accept that. I'd like to buy a house now too, but, at the moment, I don't have the money. That can change, however, so I'm not TOO terribly concerned about the immediate situation. On top of that, I COULD certainly go to another school. I simply choose not to. I WANT to got to MIT or Berkely specifically, not college in general.
And, finally, I don't blame Bush for anything that's happening to me personally. I've got strong convictions against the current government, media, population etc. for a very specific set of reasons that aren't locked to any specefic policies. See my journal for details, if you want more details.
Am I an angry, young man? Absolutely. Is it blind and undirected at whatever the closest target happens to be? Far from it. Don't be thrown off by my violent fits. I have only one clear agenda and, whether you agree with the way I pursue it or not, it has, to this point, actually worked fairly well. Take it as you will - you're certainly welcome to judge me in your own personal way as you see fit.
And no, I don't claim that most of the people who don't vote are like me. Most of the people who don't vote seem to fall into one of two categories (the third, smaller, category being the lazy, stupid people): they're either not voting because they perceive that everything has gone "just fine" until now and feel no need to step in (this group is the larger of the two, in my experience), or, they're disillusioned with the system and simply don't vote out of apathetic resignation (not a majority, but, larger than many people might think).
Everyone and anyone should be able to vote, no restrictions. You want to vote? Go for it. However, don't get pissy with me when I don't and just automatically assume I'm "lazy" or I "don't care". From what I can tell, I'm more concerned about who's running the country than most of the half-informed morons that vote. You know, out of all the people who told me they voted for Bush (a good dozen, at least), not a one of them could answer one very simple question without mincing words and, in some cases, confusing the positions of candidates: "why?" You still want to tell me it's more important or I'm lazy when some uninformed imbecile casts an arbitrary party or name-recognition vote? If so, stop reading now, go away, and Foe me, because I want exactly NOTHING to do with someone who thinks arbitrary, uninformed decisions are better than thought out, decision-based inaction.
Of course, while people should be able to vote, no exception, they should also be able to expect that the persons campaigning are at least somewhat trustworthy, competent, and interested in their welfare. These traits, in politicians, are simply figments of idealist's imaginations in most cases.
And, next time you get the brilliant idea of slamming me with a misquoted piece of one of my posts, stop and exercise your brain for a second first:
Until then, keep your mouth shut...
Translation for the contextually impaired: don't come around bitching to me that I'm lazy or "don't care" just because YOU are an elitist bastard and think you're something special because you made a decision to vote (or, more likely, wasted a vote because you didn't think about the candidate or issues for more than 10 seconds) and I actively chose nobody as my vote. Of course you have the right to free speech, but it doesn't mean I can't turn around and tell you to shut up in turn. Don't like it? Too bad. Free speech!
But, hey, I have to hand it to you. If you mean "elitist" as "one who expects a reasonable choice in government officials and a decent level of accountability" why, yes, I am an elitist. What are you that you don't care who gets into the government and what they do once they're there?
It's ridiculous that this is even an argument. Care to try again on why I'm an elitist? Bear in mind that my position is simply this:
If I actively and carefully review all of the available candidates, and I determine that none of them fit my current political views and desires, it is my perogative to abstain from the voting process on the grounds that NONE of the candidates is within my political scope.
Go ahead - argue that that doesn't make sense. I dare you.
Do not kid yourself, X. Given the opportunity, any entity that goes in will try to either stay in, or come out with a load of the loot. Democrat, Republican, Independant, Communist, Facist. It does not matter.
At this point in history, with the condensation of media and corporate conglomerates, conveniently tied to the shoulders of politicians to whisper in their ears as they run the political gauntlet, this country, and many others, are no longer in the hands of the people. Interests and megacorps have purchased the hands of the government and will continue to manipulate them to scratch any itch they see fit.
Meanwhile, politicians like Bush and his cabinet will attempt to prostrate the willfully ignorant mass of helpless flesh that comprises this country by whipping it into a "patriotic" frenzy. It's conveniently easy to make stupid people lose track of the truth when you can make them believe that they're heroic supporters of a glorious cause when they slap static cling flags on their cars and trucks.
Don't fall into the trap of party-saviour systems. You think you can see what's going on, but you haven't quite broken through that haze the governement, media, and corporates put over things. Poke a little further - you're almost there. The left will not save you, the right will not save you - the levelheaded middle barely exists anymore. Don't rely on any of them, because the only person who knows what's good for you is YOU.
I'm REALLY trying hard not to scream bloody murder at you, but you're NOT insightful, you're NOT being smart, you're NOT saying anything of any substance.
Why don't YOU, Mr. "I'm Superior Because I Vote" explain to ME why I'M somehow "lazy" or "don't care" because I took the time to review ALL of the available choices and came to the same inevitable conclusion each time:
They're all faceless, lying, sniveling, backstabbing, morons.
So, because *I* took the time to decide NONE of the candidates would make a suitable President, I'M lazy? But, somehow, all those total fucking idiots that went out and voted on party lines are "doing their duty"?
Fuck that, chump. Voting is a joke in this country and an excuse for a media-saturated populace to feel like it actually has a say in what's going on. For the entire time I've been alive that's been the case. You want a President? You'll get rich, white male who wants the exact same goddamn thing as every other fucking asshole that's gone down the final stretch for the last 4 decades.
You come back and talk to me when somebody runs that's fit to be President. Until then, keep your mouth shut. You're not special because you vote. Quite the contrary, chances are good you're just a tool and you didn't bother to actually research any of the candidates on your own.
And, I'm not just flaming, I really do believe it. I believe that 100% with all my heart, and I'm absolutely infuriated by it.
Speaking of problems with certain strings and forms, my super leet cracker string cuts off the rest of the paragraph because I put a < in by mistake. I was playing with it when I hit Submit instead of preview by mistake. Oops. Here's the whole post:
Hey I found that your system is vulnerable to the 'foo bar baz' expolit. Here's a link to the fix.
The problem, as I see it (and I am always willing to admit my vision is off when someone shows me I'm wrong), is that to find the potential for exploit "foo bar baz", you must usually be engaged in something that frightens clueless business types. If I enter a ' at the end of a form by mistake when I hit the ' and ENTER keys at the same time and get a SQL error in return, that's one thing, but if I'm playing "Super Leet Cracker" and port scanning a swatch of IPs or just arbitrarily telnet to someone's server (I have, for example, telnet'd to bestbuy.com:80 and issued a HEAD just for the sake of it) and find out they're using "OpenSSL x.y.vulnerable", I can report it anonymously if I hassle around a little. Yes, it's trivial, but it's annoying, and, in my experience, it's liable to get ignored if it even gets delivered. If I report with my real name and e-mail, I have to fear that they're going to say "oooh! He's doing recon for an attack! FBI! FBI! Shenanigans! Shenanigans!". Nobody that matters knows who I am and they're liable to take a harmless "hey guys - heads up" as a threat.
Too much lititgation, not enough common sense. If I'm not looking to break into something, I shouldn't have to fear undo prying for trying to help someone out. If I sit and hammer their SQL Server with connection strings for five hours straight, that's one thing, but if I just notice a potential problem while I'm harmlessly poking at the edges of things for lack of anything better to do (yea, I need to get a life), I shouldn't have to fear the Wrath of the Laywers.
Hey I found that your system is vulnerable to the 'foo bar baz' expolit. Here's a link to the fix.
The problem, as I see it (and I am always willing to admit my vision is off when someone shows me I'm wrong), is that to find the potential for exploit "foo bar baz", you must usually be engaged in something that frightens clueless business types. If I enter a ' at the end of a form by mistake when I hit the ' and ENTER keys at the same time and get a SQL error in return, that's one thing, but if I'm playing "5up3r 1337 |-@C|
Too much lititgation, not enough common sense. If I'm not looking to break into something, I shouldn't have to fear undo prying for trying to help someone out. If I sit and hammer their SQL Server with connection strings for five hours straight, that's one thing, but if I just notice a potential problem while I'm harmlessly poking at the edges of things for lack of anything better to do (yea, I need to get a life), I shouldn't have to fear the Wrath of the Laywers.
I have no problem with the treatment of the individual in this case as he did, quite obviously, do nothing more than make a lame attempt at extorting Best Buy.
I have a problem with the original parent's blanket "computer trespass" statement and ideological white-hat bullshit. People who find security holes SHOULD NOT be subject to undue scrutiny. If they were sniffing the network uninvited, there's cause for alarm. If I'm wandering by as a legitimate customer, however, and I notice a SQL injection vulnerability on a form, I shouldn't have to fear prosecution or threats from the legal department for telling them about it. More importantly, I shouldn't even HAVE to expose the problem to the outside world. If I can steal credit card numbers off a website from something that simple, they better damn well fix it rather than continue to endanger other people's information. Yet, in many cases, this is exactly what happens. Rather than a nice "thanks, we'll take care of it" and a quick fix, you get a C&D from their lawyers. Well, fuck you too then - I'll be more than happy to let the exploit loose on IRC and mailing lists if you're going to ACTIVELY EXPOSE OTHER PEOPLE'S INFORMATION TO THEFT. You wouldn't be happy if the company laid all your information out on the street and yelled at people anytime they said something about it, so why should it be okay that they willingly leave it exposed on the web and yell at people who tell them about it? I suppose, in reality, it's more like leaving sensitive information under the counter as a "security measure", however, not leaving it right out on the street.
And, clever how you attacked my unknown credentials by suggesting what I may or may not have by way of education or may or may not have read. In fact, I think I'll keep them unknown as a result of your assumptions. Perhaps next time you have the opportunity, you'll just call on the person for their credentials rather than assuming some made up ones for them. Maybe you could call my bluff, maybe not. Maybe I'm a script kiddy, maybe I'm a security professional, maybe I'm "merely a hobbyist". I'll not say in this thread, now.
That said, perhaps you'd like to share YOUR credentials? Honest ones, please. And no, I'll tell you now, I will not be impressed with your Master's Degree in "technology that was outdated 10 years ago" in case that's it. If that's not it, by all means, do share. If you're the D Clyde Williamson I know of, you've nothing to fear - your credentials DO certainly outwiegh mine and I will readily admit that, yes, on a *nix security subject, you undoubtedly have far more knowledge than I. If you're not the "D Clyde Williamson" I'm thinking of, or you're an imposter, odds are good that's not the case. In fact, I suspect you are who I think you are, except the e-mail address doesn't fit...
Could you please step back into a realistic comparison for just one moment?
Actively breaking into a secured system is one thing. No security is perfect, and, if you have to invest significant time in doing so, you're either really good and likely not interested in doing it to begin with (or, already have ill intent and aren't going to report it) or you're going to get caught in the process. This is like smashing a window. You hear it, you come running and put a shotgun in my face. Security worked just fine. I crash SQL Server, you catch it in the logs, come running, security worked just fine.
However, if I'm walking past your house and I notice a hole in your foundation, crawl under it, find some loose floorboards, and push them up giving me silent access to the first floor, which would you rather I did? Climb back out, knock on your front door, and let you know about the problem (and, if I know something about structural engineering or carpentry, maybe even suggest how you could easily and cheaply fix it), or just walk away and leave you gleefully oblivious until some psychotic rapist finds it?
If your stuff is all that is at stake, and you'd just as soon sue me as fix the problem (meaning, of course, you'd be a complete and total moron), I'll just walk away and leave you to die. Your choice.
But, if you've been babysitting MY KIDS and they're at stake, and now you're WILLFULLY ENDANGERING THEM because you're in a huff that I found a problem with your house, you'd better damn well believe my kids won't stay there anymore, and, if you babysit other people's kids, you better damn well believe I'll make this problem widely known.
In the other scenario, of course, I blackmail you and threaten to tell all of the robbers down at the county jail who'll be getting out soon about your problem (which I haven't explained to you yet). If you would like to have me arrested THEN, that's different and that appears to be what happened here.
I wish you people could get it pounded into your thick skulls that the legal and ethical thing to do aren't always the same. Stop acting like everything is a black and white issue.
I'm so sick of this crap, I don't even know where to begin.
Best Buy is NOT the entire Internet. Best Buy's security problems could potentially be used to inconvenience or incapacitate innocent sites nearby or, even, innocent sites with no connection to Best Buy whatsoever. Best Buy has a responsibility to fix their security problems when they're made known. If Best Buy's lumbering managerial morons see fit to ignore contacts and help offers, there is nothing wrong with exposing Best Buy's problems to force their hand (blackmailing them is a totally different story).
This ridiculous attitude with these clueless businesses is tantamount to politely telling someone their fly is unzipped and getting your nose punched in gratitude (as the person continues to wander around with the fly unzipped, punching people who are trying to help them). If you find a security problem, you let them know about it. If they ignore you, you let everyone else know about it to force their hand. It's not like if someone who's looking to cause trouble right off the bat is going to give a warning shot over the bough and let them prepare. Hmmm... say I'm poking around a form on a popular retailer's website and accidentally type in a "funny character" and submit it. What's this? SQL error? Oh? I guess I should just keep my mouth shut, right? I shouldn't bother to try and report this glaring vulnerability? After all, I have no obligation to their customers, and, since I have no moral compass at all, I shouldn't even think of those poor, trusting fools, right? Give me a break...
...we need companies to go to legitimate security firms and use their tiger team services and so on.
You're a real riot. Are you on one of these "tiger teams", perchance? Mad because all your training doesn't amount to a hill of beans more than someone with a lot of book reading and practice and they're stealing your business by giving out free advice? Or do you just not know what you're talking about? I assume that you believe these "tiger teams" are infallible and could never make a mistake? I guess that once someone goes to a security firm, there's no possible way someone could miss something or something could change after the audit and review? I guess the "tiger team" couldn't possibly have someone on it that has, for some reason, not been acutely focused on the task at hand due to illness, fatigue, personal issues, etc.? I guess this "tiger team" has experienced every possible security problem there will ever be and has taken steps to eliminate all of them forever and there's no possible way a hole will ever be found that they didn't already psychically perceive and patch?
in either case, the consumer wins
I guess the consumer wins when their credit card number, name, and address get stolen too, right? I know that last time MY credit card number got stolen thanks to an utterly stupid retailer, I was REAL pleased about it. In fact, give me your address, I'll mail you all my credit cards and photo id because it's so great when people get them that shouldn't have them.
Here's your passport, sir. Welcome to the real world. Please do try to fit in in some capacity. A good step would be to stop suggesting that knocking the lock off someone's door and walking into an unprotected computer system are the same thing. People who actively break secured systems without invitation are one thing, people reporting obvious flaws or a total lack of security in general are another. Stop lumping them altogther as "computer trespass".
I'D like to know how they compared a single development platform to an entire operating system... either that was one weird study, or they really need to clarify WHAT development platform running on Linux they're referring to.
Did you just give the legal middle finger to the second biggest batch of lawyers in the technology sector with a link to your "Online Book" in your signature?
You, sir, either have the biggest pair of balls on earth such that one of them was mistaken as the recent close-approach of Mars, or you're infinitely stupid (or, I suppose, you could be lying).
A study of total costs of ownership over five years for working corporate infrastructure shows that lower staffing expenses are a large part of an 11-22% cost advantage for Windows. For file-server workloads in particular:
Staffing expenses were 33.5% better.
Training costs were 32.3% better.
Heh.. translation... Micromonkies are a dime a dozen because they don't actually have to know anything to get their "certification". I'd love to see somebody try to price out a clueful Microtech once. I'm sure the prices aren't too much cheaper than a *nix admin. One time, I actually had to sit and explain how a web server works to one of our "affordable" Microsoft certified admins here. That was probably the most pathetic point in both of our careers...
Another tasty quote from "Get the Facts":
Microsoft-sponsored benchmarks prove...
I don't understand this at all. How can people take this crap seriously? That's like having McDonald's sponsor a study on the overall health value of its food. Are there actually people so monumentally STUPID in this world that they would believe a study sponsored by an organization with a vested interest in a certain outcome? We must find these people and run them down like animals before they breed!
What amazes me most, I believe, is that there really are people that horrendously dumb and, yet, we've managed to evolve to this point.... now these people are managers and they tie our evolution in red tape, so the human race is pretty much fucked from this point on....
Uh... hate to burst your bubble cowboy, but that's MASSIVE (catastrophic, whatever you choose) heart failure that's a quick flash in the pan. My grandfather and uncle (yes, someday it'll come to take me, as well) both suffered catastrophic heart attacks and were unconscious within seconds, dead within a minute. However, one of my friends was not so lucky and languished in a hospital bed for days before another, smaller heart attack actually killed him. You could linger in agony for days at the hands of a heart attack followed by long, painful surgery to try and save you. If you happen to survive, expect to suffer for weeks during recuperation. Of course, after that, odds are good your next one will toast you regardless of it's strength.
Stroke, hypertension, etc. are also lingering and miserable things that could be brought on by OD'ing on the coffee and soda.
You jest (or, at least, you've been modded as such), but in the last year I've done a 180 degree spin on the gun issue. I used to say "nobody needs a gun, I'd never buy or use one" to today where I'm seriously researching a firearms purchase. Looking at a Beretta, Colt, and/or, just for kicks (ha ha, I'm punny) and collectibility a.50 cal Desert Eagle if I can scrape up the cash (phew.... they ain't cheap). Also looking into a shotgun. I don't really know what I'm going to do with them. In fact, I probably won't even buy any ammo for them.
But... it's nice to know they're there in the unlikely event I do need them (excuse me... some guys in dark blue shirts, caps, and vests would like to have a word with me).
Okay, I didn't mean it that way. I mean "prove it's a good idea" as in "prove the idea has a reasonable risk/reward ratio based on the research they did".
Yes, this seems to be a rare case of a law that benefits almost everybody, and costs almost nothing.
Allow me to shoot this thread dead once and for all:
Prove it.
Though it's not your job to do so, you are arguing on behalf of this silly law, so I want you to show me the industry studies, independant studies, legal studies, and studies by the lawmakers that show this law is a necessary, sensible addition and not just another big-ticket purchase by big business to line people's pockets at everyone else's expense. I want to see the thought processes and debates that took place in the legislature. I want to see what campaign contributions the supporting lawmakers took from the group(s) lobbying for this (though, I know where to find that myself). Proof! Proof! Proof! I should've brought that up in the "Things You're Not Allowed to Say" story yesterday - anytime you demand accountability from a politician these days, you're sneered at, labeled "unamerican" or whatever other nonsense the crooks can come up with to whip up emotional support from the intellectually stunted, self-appeasing retards that seem to make up the majority populace in this country these days (I'm not labeling you that way, just making a sweeping generalization of the modern American sheep-people which may or may not apply to you personally).
If it's not having a noticeable impact because it's not going to court, how is it going to add deterence?
What's it detering anyway? You think that the people that are too cheap to go to the theatre (though, I sure as hell avoid the theatre thanks to the ridiculous cost) are going to go after you take away their supply of crappy, low-quality ripoffs? Of course, bear in mind that this doesn't address the influx of illegal DVD copies that come from other countries which REALLY cuts into profits. As the text notes, it doesn't address insider ripoffs and stolen reels. Do we need to have special laws instituted for stealing film reels even though there are already laws against theft?
Nope, sorry. Until somebody can provide me with HARD DATA showing that this makes any sense, I'm going to look at it for what it is: redundant laws bought by a big lobbying effort with the help of sleazy politicians with the aim of criminalizing an entirely new subset of the population as a scapegoat for problems the industry doesn't to want to invest the time or money in solving.
I'm all for prosecuting the "bad guys", but when you have to invent the criminals in order to create the laws against them, something just doesn't add up anymore.
You're still missing the point. You seem to see two possible outcomes to this, as do I:
Outcome 1: Theatres just throw people with camcorders out, just like they do now. The law changes nothing (they can already be arrested for being obnoxious and disruptive). The law is useless and threatens to criminalize people who didn't do anything wrong (go ahead - how long until having a camera phone in the theatre is a crime? It's a slippery slope argument, yes, but the past is not in favor of anything else in this regard.)
Outcome 2: Police forces divert critical resources to deal with the dangerous "camcording threat" that Ohio is now facing and have to cut back on other enforcement efforts.
And, either way, we've still not addressed this one crucial fact:
There are already laws to deal with the problem.
The only possible explanation for why the MPAA isn't leveraging these laws to stomp the problem before it really builds too much steam (the RIAA has leveraged these same laws very sucessfully even after ignoring the problem for years and letting it become a fairly common practice) is that they don't want to use their own resources to protect their copyright! YOU, the taxpayer, would be paying for you local police and courts to prosecute copyright infringement on MPAA material! The only time you pay for that now is when it's a federal case pressed by the FBI, and that generally only occurs when it's a very serious case of infringement. I.e. - someone is mass duplicating and selling illegal copies. Why should you have to pay for something the MPAA should be enforcing? A single-copy willful infringement. YOU pay to prosecute that. If somebody steals a big chunk of your code, what then? You could go to the FBI, but they're not going to pay attention to you. So, what are you going to do? Will the local courts and police enforce, using taxpayer dollars, the willful, single-copy infringement you suffered? Nope. File a lawsuit, burden's on you, the bill is on your shoulders. I really can't even begin to fathom how people look at ANY law that's bought by a big lobbying group and don't immediately scrutinize it's necessity and usefulness.
HA! Not understanding an issue never stopped them from discussing it before. The mainstream "American Press" frequently "elaborates on issues" without a clue what they're talking about. Some typical myths the "American Press" insists on blindly perpetuating:
DeCSS is used to make copies of DVDs.
Patently false. As you've already pointed out, CSS is used to prevent a movie from playing on "unapproved" playback systems. DeCSS is used to play those unplayable movies. It never comes into play in the copying process which is why pirate DVDs have been available since DVDs were introduced to the market.
Kazaa is an illegal music sharing site.
Patently false. While many people use it to share illegal music files, KaZaa is a client for accessing a p2p network which can be used to share ANY files, legitimate or not (and it's not a "site"...).
The music industry has said that "xyz" is legal/illegal....
Terribly misleading. Who cares what the music industry says is legal? When I have to stand before Cary Sherman for judgement in a courtroom (god help us all), I'll give a crap what the music industry says is legal.
An "Internet Virus" has been loosed...
...in reference to a virus that only affects one platform (typically, Windows).
mp3s are illegally copied music files that Internet users share.
My god.. I don't even know where to start with this tripe.
To sum it all up, the American Press is just as technologically retarded as the typical American Citizen, so it works out pretty well in the end for selling newspapers and magazines.
Re:Okokrim is NOT the equivalent of the RIAA!
on
DVD-Jon Completely Clear
·
· Score: 4, Interesting
I got in a tiff a few days back with a couple of people for "suggesting" that maybe the spam problem could be solved via vigilante means since the law isn't interested in helping and technology hasn't worked to date. That set me thinking about the mass hysteria that grips people, especially the law, when technology is involved in a crime. I thought about how stupid it is that "breaking into a computer across state lines" is a felony. There is no real equivalent to this in the "real world", since you can't physically break into a building across state lines. Given the odds of someone getting hurt when a hacker breaks into a computer system vs. the odds of someone getting hurt when theives break into a building, why the enthusiastic approach to prosecution when a computer and phone line is involved? You'd probably be better off breaking into a building and actually picking up and walking off with a database server that physically houses millions of credit card numbers than if you broke in and copied the database electronically. I don't know about anyone else, but I'd rather have a guy with a trojan break into my computer than a guy with a gun in my house.
I suspect that the computer crimes investigators in the U.S. are just using an old managment trick: mask incompetence and cluelessness with enthusiasm so it looks like you're chasing a bunch of big bad scary hackers around when, really, you're chasing your own tail because you haven't got a clue. When they catch some punk kid like that teen that modified SoBig (or whatever - I can't remember which of the 10 trillion Windows viruses it was) a while back, they held him up as an example. Example of what? A script kid? Big whoop. They get caught anyway, that's why they're script kiddies. Who caught Mitnick, again? Was it the FBI? Local law enforcement? No, another hacker he made the mistake of pushing. Then, when a catch is made, you get that idiot Ashcroft up there spouting BS as if he had anything to do with it. I'd be willing to bet he has his assistant turn his computer on for him, why's he talking about computer crimes?
The frothing, mad dog approach to computer criminals is really getting old. I'd be happy if they just showed a little competence and treated computer crime just like the original counterparts instead of blasting the occasional catch to pieces as an "example" to others...
If your admin time on WinXP is "next to nothing", you're either one of the legions that doesn't keep up with Windows/IE patches or you're one of the few who's crazy enough to let the procedure be automated. In addition, I assume that if you're going to be counting patches to things like BIND or Mozilla as part of "Linux maintenance", you'll count patches to Adobe products, games, etc? (sorry, but even if you don't use IE, it's part of Windows, so it's part of the patch job). Of course, I guess it's easier to patch a system when the vendor would just as soon pretend the problem doesn't exist as fix it, no?
And, if you're only going to count WinXP in "MS Windows maintenance time", then you can't count any Linux kernel older then 2.4.x. If you jump back to the 2.2.x series of kernels when there was still some issue with drivers (I've yet to find any piece of hardware, other than winmodems or the occasional RAID, that the 2.4.x kernel doesn't pick up, configure, and have "just working" automatically), then you have to jump back to the Win9x series of system where reboots were a daily occurrence, crashes were constant, BSODs were the rule rather than the exception, etc. You can't compare your experience with JUST WinXP against your experience with all of Linux.
In addition, I assume that if you're going to count maintenance on a Linux system that has an FTP server, mail server, web server, database server, etc, etc, you're going to have all the same things running on Windows, right? I assume if you use a journaling filesystem on Linux, you'll do the same on Windows? If you're compiling programs or doing heavy web/db work, Windows will endure the same stress? Do you ever defrag your disks? What about keeping the registry clean, do you do that? Do you mop up residual mess from partially uninstalled programs? Do you have to deal with clueless dolts who get things automatically installed when they browse to websites, or fools that install spyware / adware like Gator and Comet Cursor? What about viruses, worms, and whatnot? I mean... come on.. you're talking about an OS that had an integrated help system that could be used, via a standard hyperlink on any arbitrary webpage, to delete aribtrary files on a person's computer.
Nope, sorry. Keeping up with Windows patches is like trying to bike after an F-16. I'd rather be able to just download a small, simple patch within a day or two of a vulnerability being known for a program that I've chosen to run (let's see you uninstall IE once, or keep Messenger from installing), take a moment to install it, and go on about my work. Nothing like waiting for some enormous "Service Pack" to actually be able to get all the updates (since some updates only appear in SPs) and then losing half a day to download, install, reboot, and reconfigure. I'll pass.
The cops have got more important things to do than chase fat guys in sweats with camcorders. Oh, wait. I forgot. In the mystical fairy-tale world of the average moronic U.S. voter, law enforcement can always just keep going up because there's exactly no cost to it, right? So as people bitch about taxes and departments get cut, we'll just add more cops that work for free to deal with all these new dangerous criminals that are being artificially created by lobbying groups. Right? Or, do you have some magical pixie dust that will somehow reduce the crimes that other people commit so that the cops can spend their time chasing these awful, awful bad guys? Are you going to somehow slow down all the assholes on I-81 and I-83 around here so that the already spotty patrols on those excessively dangerous roads can be cut even further so the cops can go kicking in some guy's door for running a camcorder in the movie theatre (I'm sure lots of people have died as a result of that, so this is DEFINITELY a good shift of resources).
I wish there really was a cluestick because I'd knock the shit out of half of Slashdot with it. We've survived, what, 200+ years now without needing to bring the act of copyright infringement to a local/state level? What's so fundamentally different now except there's a big, lumbering lobbying group lining pockets that hasn't yet grasped the advanced technology of fire, much less anything in the digital age. Explain to me again why they can't just bring a civil lawsuit in federal court? Seems to me that if they know some guy's sitting in the theatre with a camcorder, they need to just throw his bum ass out on the street. If they catch the guy sharing stuff on p2p, they can gather the details on him themselves and bring a lawsuit to shut him down. See, unlike those morons over at the RIAA, the MPAA has a chance to knock some sense into these shitheads right off the bat instead of letting the problem grow to epidemic proportions before bothering to even open their mouths. And, of course, rather than leverage the laws THEY ALREADY HAVE, they just buy some new ones that won't do anything but cause trouble for everybody else to make themselves look proactive. Rather than stopping the handful of crooks doing this, they just stomp on EVERYBODY.
LAWS ALREADY EXIST TO HANDLE THIS. We don't need new ones, and we sure as fuck don't need to waste anymore of the cops' already limited time with this bullshit.
And, for the record, you don't sound smart when you say "x is already happening, so we should just ignore y". That "logic" assumes that all crimes are either equally diabolical or there are no levels at all and there is some sliding scale that says what's worse than what. So if you think kindap, rape, murder, and torture are all the same as running a camcorder in the theatre, you make perfect sense. The alternative, of course, is that you think that crimes are on various levels, but there's somehow always going to be enough resources to deal with them either equally or, at least, based on their perceived level of importance. I don't know what fairy tale world you live in, in that case, but I'd love to join you there. See, I can go out on Route 15 right now and rip from Dillsburg up to the Camp Hill mall at 150 mph and the odds are EXTREMELY good I'm not going to get caught. Why? Because the Upper Allen police department doesn't have the resources to chase the "real bad guys" AND patrol the highway at the same time. See, in the real world, we have real limitations on what can be done, and the last thing we need is additional bullshit laws that suck those resources away when the power is ALREADY in the hands of the copyright holder to deal with it themselves.
Slashdot Mirror
People have played the "anger card" against me before. However, unlike blindly angry people like the ranting nuts that write to my local newspaper screeching and hollering about whatever the 'issue du jour' is, I have something that they don't - convictions. Occasionally I get pissed off about something very specific that I don't necessarily have any long-term interest in, so I just fire off a quick vent on a private section of the site and that's the end of it.
And, what makes you think I'm not successful? I have a decent office job and I make significantly more than most other people my age. Given the current economy, I make more than an AWFUL lot of unemployed programmers with far more experience than I.
And, no, I don't blame anyone but me for not going to MIT. I can't afford it, I accept that. I'd like to buy a house now too, but, at the moment, I don't have the money. That can change, however, so I'm not TOO terribly concerned about the immediate situation. On top of that, I COULD certainly go to another school. I simply choose not to. I WANT to got to MIT or Berkely specifically, not college in general.
And, finally, I don't blame Bush for anything that's happening to me personally. I've got strong convictions against the current government, media, population etc. for a very specific set of reasons that aren't locked to any specefic policies. See my journal for details, if you want more details.
Am I an angry, young man? Absolutely. Is it blind and undirected at whatever the closest target happens to be? Far from it. Don't be thrown off by my violent fits. I have only one clear agenda and, whether you agree with the way I pursue it or not, it has, to this point, actually worked fairly well. Take it as you will - you're certainly welcome to judge me in your own personal way as you see fit.
And no, I don't claim that most of the people who don't vote are like me. Most of the people who don't vote seem to fall into one of two categories (the third, smaller, category being the lazy, stupid people): they're either not voting because they perceive that everything has gone "just fine" until now and feel no need to step in (this group is the larger of the two, in my experience), or, they're disillusioned with the system and simply don't vote out of apathetic resignation (not a majority, but, larger than many people might think).
Elitist? Hardly.
Everyone and anyone should be able to vote, no restrictions. You want to vote? Go for it. However, don't get pissy with me when I don't and just automatically assume I'm "lazy" or I "don't care". From what I can tell, I'm more concerned about who's running the country than most of the half-informed morons that vote. You know, out of all the people who told me they voted for Bush (a good dozen, at least), not a one of them could answer one very simple question without mincing words and, in some cases, confusing the positions of candidates: "why?" You still want to tell me it's more important or I'm lazy when some uninformed imbecile casts an arbitrary party or name-recognition vote? If so, stop reading now, go away, and Foe me, because I want exactly NOTHING to do with someone who thinks arbitrary, uninformed decisions are better than thought out, decision-based inaction.
Of course, while people should be able to vote, no exception, they should also be able to expect that the persons campaigning are at least somewhat trustworthy, competent, and interested in their welfare. These traits, in politicians, are simply figments of idealist's imaginations in most cases.
And, next time you get the brilliant idea of slamming me with a misquoted piece of one of my posts, stop and exercise your brain for a second first:
Until then, keep your mouth shut...
Translation for the contextually impaired: don't come around bitching to me that I'm lazy or "don't care" just because YOU are an elitist bastard and think you're something special because you made a decision to vote (or, more likely, wasted a vote because you didn't think about the candidate or issues for more than 10 seconds) and I actively chose nobody as my vote. Of course you have the right to free speech, but it doesn't mean I can't turn around and tell you to shut up in turn. Don't like it? Too bad. Free speech!
But, hey, I have to hand it to you. If you mean "elitist" as "one who expects a reasonable choice in government officials and a decent level of accountability" why, yes, I am an elitist. What are you that you don't care who gets into the government and what they do once they're there?
It's ridiculous that this is even an argument. Care to try again on why I'm an elitist? Bear in mind that my position is simply this:
If I actively and carefully review all of the available candidates, and I determine that none of them fit my current political views and desires, it is my perogative to abstain from the voting process on the grounds that NONE of the candidates is within my political scope.
Go ahead - argue that that doesn't make sense. I dare you.
Do not kid yourself, X. Given the opportunity, any entity that goes in will try to either stay in, or come out with a load of the loot. Democrat, Republican, Independant, Communist, Facist. It does not matter.
At this point in history, with the condensation of media and corporate conglomerates, conveniently tied to the shoulders of politicians to whisper in their ears as they run the political gauntlet, this country, and many others, are no longer in the hands of the people. Interests and megacorps have purchased the hands of the government and will continue to manipulate them to scratch any itch they see fit.
Meanwhile, politicians like Bush and his cabinet will attempt to prostrate the willfully ignorant mass of helpless flesh that comprises this country by whipping it into a "patriotic" frenzy. It's conveniently easy to make stupid people lose track of the truth when you can make them believe that they're heroic supporters of a glorious cause when they slap static cling flags on their cars and trucks.
Don't fall into the trap of party-saviour systems. You think you can see what's going on, but you haven't quite broken through that haze the governement, media, and corporates put over things. Poke a little further - you're almost there. The left will not save you, the right will not save you - the levelheaded middle barely exists anymore. Don't rely on any of them, because the only person who knows what's good for you is YOU.
I'm REALLY trying hard not to scream bloody murder at you, but you're NOT insightful, you're NOT being smart, you're NOT saying anything of any substance.
Why don't YOU, Mr. "I'm Superior Because I Vote" explain to ME why I'M somehow "lazy" or "don't care" because I took the time to review ALL of the available choices and came to the same inevitable conclusion each time:
They're all faceless, lying, sniveling, backstabbing, morons.
So, because *I* took the time to decide NONE of the candidates would make a suitable President, I'M lazy? But, somehow, all those total fucking idiots that went out and voted on party lines are "doing their duty"?
Fuck that, chump. Voting is a joke in this country and an excuse for a media-saturated populace to feel like it actually has a say in what's going on. For the entire time I've been alive that's been the case. You want a President? You'll get rich, white male who wants the exact same goddamn thing as every other fucking asshole that's gone down the final stretch for the last 4 decades.
You come back and talk to me when somebody runs that's fit to be President. Until then, keep your mouth shut. You're not special because you vote. Quite the contrary, chances are good you're just a tool and you didn't bother to actually research any of the candidates on your own.
And, I'm not just flaming, I really do believe it. I believe that 100% with all my heart, and I'm absolutely infuriated by it.
So much for being calm...
More guns and decent healthcare? :p
Speaking of problems with certain strings and forms, my super leet cracker string cuts off the rest of the paragraph because I put a < in by mistake. I was playing with it when I hit Submit instead of preview by mistake. Oops. Here's the whole post:
Hey I found that your system is vulnerable to the 'foo bar baz' expolit. Here's a link to the fix.
The problem, as I see it (and I am always willing to admit my vision is off when someone shows me I'm wrong), is that to find the potential for exploit "foo bar baz", you must usually be engaged in something that frightens clueless business types. If I enter a ' at the end of a form by mistake when I hit the ' and ENTER keys at the same time and get a SQL error in return, that's one thing, but if I'm playing "Super Leet Cracker" and port scanning a swatch of IPs or just arbitrarily telnet to someone's server (I have, for example, telnet'd to bestbuy.com:80 and issued a HEAD just for the sake of it) and find out they're using "OpenSSL x.y.vulnerable", I can report it anonymously if I hassle around a little. Yes, it's trivial, but it's annoying, and, in my experience, it's liable to get ignored if it even gets delivered. If I report with my real name and e-mail, I have to fear that they're going to say "oooh! He's doing recon for an attack! FBI! FBI! Shenanigans! Shenanigans!". Nobody that matters knows who I am and they're liable to take a harmless "hey guys - heads up" as a threat.
Too much lititgation, not enough common sense. If I'm not looking to break into something, I shouldn't have to fear undo prying for trying to help someone out. If I sit and hammer their SQL Server with connection strings for five hours straight, that's one thing, but if I just notice a potential problem while I'm harmlessly poking at the edges of things for lack of anything better to do (yea, I need to get a life), I shouldn't have to fear the Wrath of the Laywers.
Hey I found that your system is vulnerable to the 'foo bar baz' expolit. Here's a link to the fix.
The problem, as I see it (and I am always willing to admit my vision is off when someone shows me I'm wrong), is that to find the potential for exploit "foo bar baz", you must usually be engaged in something that frightens clueless business types. If I enter a ' at the end of a form by mistake when I hit the ' and ENTER keys at the same time and get a SQL error in return, that's one thing, but if I'm playing "5up3r 1337 |-@C|
Too much lititgation, not enough common sense. If I'm not looking to break into something, I shouldn't have to fear undo prying for trying to help someone out. If I sit and hammer their SQL Server with connection strings for five hours straight, that's one thing, but if I just notice a potential problem while I'm harmlessly poking at the edges of things for lack of anything better to do (yea, I need to get a life), I shouldn't have to fear the Wrath of the Laywers.
I have no problem with the treatment of the individual in this case as he did, quite obviously, do nothing more than make a lame attempt at extorting Best Buy.
I have a problem with the original parent's blanket "computer trespass" statement and ideological white-hat bullshit. People who find security holes SHOULD NOT be subject to undue scrutiny. If they were sniffing the network uninvited, there's cause for alarm. If I'm wandering by as a legitimate customer, however, and I notice a SQL injection vulnerability on a form, I shouldn't have to fear prosecution or threats from the legal department for telling them about it. More importantly, I shouldn't even HAVE to expose the problem to the outside world. If I can steal credit card numbers off a website from something that simple, they better damn well fix it rather than continue to endanger other people's information. Yet, in many cases, this is exactly what happens. Rather than a nice "thanks, we'll take care of it" and a quick fix, you get a C&D from their lawyers. Well, fuck you too then - I'll be more than happy to let the exploit loose on IRC and mailing lists if you're going to ACTIVELY EXPOSE OTHER PEOPLE'S INFORMATION TO THEFT. You wouldn't be happy if the company laid all your information out on the street and yelled at people anytime they said something about it, so why should it be okay that they willingly leave it exposed on the web and yell at people who tell them about it? I suppose, in reality, it's more like leaving sensitive information under the counter as a "security measure", however, not leaving it right out on the street.
And, clever how you attacked my unknown credentials by suggesting what I may or may not have by way of education or may or may not have read. In fact, I think I'll keep them unknown as a result of your assumptions. Perhaps next time you have the opportunity, you'll just call on the person for their credentials rather than assuming some made up ones for them. Maybe you could call my bluff, maybe not. Maybe I'm a script kiddy, maybe I'm a security professional, maybe I'm "merely a hobbyist". I'll not say in this thread, now.
That said, perhaps you'd like to share YOUR credentials? Honest ones, please. And no, I'll tell you now, I will not be impressed with your Master's Degree in "technology that was outdated 10 years ago" in case that's it. If that's not it, by all means, do share. If you're the D Clyde Williamson I know of, you've nothing to fear - your credentials DO certainly outwiegh mine and I will readily admit that, yes, on a *nix security subject, you undoubtedly have far more knowledge than I. If you're not the "D Clyde Williamson" I'm thinking of, or you're an imposter, odds are good that's not the case. In fact, I suspect you are who I think you are, except the e-mail address doesn't fit...
Says the anonymous coward who didn't RTFThread. I'm not responding to the article, I'm responding to the poster parent to mine.
Nice try at righteous indignation though. Go flex your newfound glory now while you continue to ignore the fact that you completely missed the point.
Could you please step back into a realistic comparison for just one moment?
Actively breaking into a secured system is one thing. No security is perfect, and, if you have to invest significant time in doing so, you're either really good and likely not interested in doing it to begin with (or, already have ill intent and aren't going to report it) or you're going to get caught in the process. This is like smashing a window. You hear it, you come running and put a shotgun in my face. Security worked just fine. I crash SQL Server, you catch it in the logs, come running, security worked just fine.
However, if I'm walking past your house and I notice a hole in your foundation, crawl under it, find some loose floorboards, and push them up giving me silent access to the first floor, which would you rather I did? Climb back out, knock on your front door, and let you know about the problem (and, if I know something about structural engineering or carpentry, maybe even suggest how you could easily and cheaply fix it), or just walk away and leave you gleefully oblivious until some psychotic rapist finds it?
If your stuff is all that is at stake, and you'd just as soon sue me as fix the problem (meaning, of course, you'd be a complete and total moron), I'll just walk away and leave you to die. Your choice.
But, if you've been babysitting MY KIDS and they're at stake, and now you're WILLFULLY ENDANGERING THEM because you're in a huff that I found a problem with your house, you'd better damn well believe my kids won't stay there anymore, and, if you babysit other people's kids, you better damn well believe I'll make this problem widely known.
In the other scenario, of course, I blackmail you and threaten to tell all of the robbers down at the county jail who'll be getting out soon about your problem (which I haven't explained to you yet). If you would like to have me arrested THEN, that's different and that appears to be what happened here.
I wish you people could get it pounded into your thick skulls that the legal and ethical thing to do aren't always the same. Stop acting like everything is a black and white issue.
Computer trespass is computer trespass.
I'm so sick of this crap, I don't even know where to begin.
Best Buy is NOT the entire Internet. Best Buy's security problems could potentially be used to inconvenience or incapacitate innocent sites nearby or, even, innocent sites with no connection to Best Buy whatsoever. Best Buy has a responsibility to fix their security problems when they're made known. If Best Buy's lumbering managerial morons see fit to ignore contacts and help offers, there is nothing wrong with exposing Best Buy's problems to force their hand (blackmailing them is a totally different story).
This ridiculous attitude with these clueless businesses is tantamount to politely telling someone their fly is unzipped and getting your nose punched in gratitude (as the person continues to wander around with the fly unzipped, punching people who are trying to help them). If you find a security problem, you let them know about it. If they ignore you, you let everyone else know about it to force their hand. It's not like if someone who's looking to cause trouble right off the bat is going to give a warning shot over the bough and let them prepare. Hmmm... say I'm poking around a form on a popular retailer's website and accidentally type in a "funny character" and submit it. What's this? SQL error? Oh? I guess I should just keep my mouth shut, right? I shouldn't bother to try and report this glaring vulnerability? After all, I have no obligation to their customers, and, since I have no moral compass at all, I shouldn't even think of those poor, trusting fools, right? Give me a break...
You're a real riot. Are you on one of these "tiger teams", perchance? Mad because all your training doesn't amount to a hill of beans more than someone with a lot of book reading and practice and they're stealing your business by giving out free advice? Or do you just not know what you're talking about? I assume that you believe these "tiger teams" are infallible and could never make a mistake? I guess that once someone goes to a security firm, there's no possible way someone could miss something or something could change after the audit and review? I guess the "tiger team" couldn't possibly have someone on it that has, for some reason, not been acutely focused on the task at hand due to illness, fatigue, personal issues, etc.? I guess this "tiger team" has experienced every possible security problem there will ever be and has taken steps to eliminate all of them forever and there's no possible way a hole will ever be found that they didn't already psychically perceive and patch?
in either case, the consumer wins
I guess the consumer wins when their credit card number, name, and address get stolen too, right? I know that last time MY credit card number got stolen thanks to an utterly stupid retailer, I was REAL pleased about it. In fact, give me your address, I'll mail you all my credit cards and photo id because it's so great when people get them that shouldn't have them.
Here's your passport, sir. Welcome to the real world. Please do try to fit in in some capacity. A good step would be to stop suggesting that knocking the lock off someone's door and walking into an unprotected computer system are the same thing. People who actively break secured systems without invitation are one thing, people reporting obvious flaws or a total lack of security in general are another. Stop lumping them altogther as "computer trespass".
ACHTUNG!: PARENT IS FUCKHEAD
You really shouldn't talk bad about your mom like that.
I'D like to know how they compared a single development platform to an entire operating system... either that was one weird study, or they really need to clarify WHAT development platform running on Linux they're referring to.
Did you just give the legal middle finger to the second biggest batch of lawyers in the technology sector with a link to your "Online Book" in your signature?
You, sir, either have the biggest pair of balls on earth such that one of them was mistaken as the recent close-approach of Mars, or you're infinitely stupid (or, I suppose, you could be lying).
whatever the case, I salute you!
From the "Get the Facts" site:
A study of total costs of ownership over five years for working corporate infrastructure shows that lower staffing expenses are a large part of an 11-22% cost advantage for Windows. For file-server workloads in particular:
Staffing expenses were 33.5% better. Training costs were 32.3% better.
Heh.. translation... Micromonkies are a dime a dozen because they don't actually have to know anything to get their "certification". I'd love to see somebody try to price out a clueful Microtech once. I'm sure the prices aren't too much cheaper than a *nix admin. One time, I actually had to sit and explain how a web server works to one of our "affordable" Microsoft certified admins here. That was probably the most pathetic point in both of our careers...
Another tasty quote from "Get the Facts":
Microsoft-sponsored benchmarks prove...
I don't understand this at all. How can people take this crap seriously? That's like having McDonald's sponsor a study on the overall health value of its food. Are there actually people so monumentally STUPID in this world that they would believe a study sponsored by an organization with a vested interest in a certain outcome? We must find these people and run them down like animals before they breed!
What amazes me most, I believe, is that there really are people that horrendously dumb and, yet, we've managed to evolve to this point.... now these people are managers and they tie our evolution in red tape, so the human race is pretty much fucked from this point on....
Uh... hate to burst your bubble cowboy, but that's MASSIVE (catastrophic, whatever you choose) heart failure that's a quick flash in the pan. My grandfather and uncle (yes, someday it'll come to take me, as well) both suffered catastrophic heart attacks and were unconscious within seconds, dead within a minute. However, one of my friends was not so lucky and languished in a hospital bed for days before another, smaller heart attack actually killed him. You could linger in agony for days at the hands of a heart attack followed by long, painful surgery to try and save you. If you happen to survive, expect to suffer for weeks during recuperation. Of course, after that, odds are good your next one will toast you regardless of it's strength.
Stroke, hypertension, etc. are also lingering and miserable things that could be brought on by OD'ing on the coffee and soda.
You jest (or, at least, you've been modded as such), but in the last year I've done a 180 degree spin on the gun issue. I used to say "nobody needs a gun, I'd never buy or use one" to today where I'm seriously researching a firearms purchase. Looking at a Beretta, Colt, and/or, just for kicks (ha ha, I'm punny) and collectibility a .50 cal Desert Eagle if I can scrape up the cash (phew.... they ain't cheap). Also looking into a shotgun. I don't really know what I'm going to do with them. In fact, I probably won't even buy any ammo for them.
But... it's nice to know they're there in the unlikely event I do need them (excuse me... some guys in dark blue shirts, caps, and vests would like to have a word with me).
Okay, I didn't mean it that way. I mean "prove it's a good idea" as in "prove the idea has a reasonable risk/reward ratio based on the research they did".
Yes, this seems to be a rare case of a law that benefits almost everybody, and costs almost nothing.
Allow me to shoot this thread dead once and for all:
Prove it.
Though it's not your job to do so, you are arguing on behalf of this silly law, so I want you to show me the industry studies, independant studies, legal studies, and studies by the lawmakers that show this law is a necessary, sensible addition and not just another big-ticket purchase by big business to line people's pockets at everyone else's expense. I want to see the thought processes and debates that took place in the legislature. I want to see what campaign contributions the supporting lawmakers took from the group(s) lobbying for this (though, I know where to find that myself). Proof! Proof! Proof! I should've brought that up in the "Things You're Not Allowed to Say" story yesterday - anytime you demand accountability from a politician these days, you're sneered at, labeled "unamerican" or whatever other nonsense the crooks can come up with to whip up emotional support from the intellectually stunted, self-appeasing retards that seem to make up the majority populace in this country these days (I'm not labeling you that way, just making a sweeping generalization of the modern American sheep-people which may or may not apply to you personally).
If it's not having a noticeable impact because it's not going to court, how is it going to add deterence?
What's it detering anyway? You think that the people that are too cheap to go to the theatre (though, I sure as hell avoid the theatre thanks to the ridiculous cost) are going to go after you take away their supply of crappy, low-quality ripoffs? Of course, bear in mind that this doesn't address the influx of illegal DVD copies that come from other countries which REALLY cuts into profits. As the text notes, it doesn't address insider ripoffs and stolen reels. Do we need to have special laws instituted for stealing film reels even though there are already laws against theft?
Nope, sorry. Until somebody can provide me with HARD DATA showing that this makes any sense, I'm going to look at it for what it is: redundant laws bought by a big lobbying effort with the help of sleazy politicians with the aim of criminalizing an entirely new subset of the population as a scapegoat for problems the industry doesn't to want to invest the time or money in solving.
I'm all for prosecuting the "bad guys", but when you have to invent the criminals in order to create the laws against them, something just doesn't add up anymore.
You're still missing the point. You seem to see two possible outcomes to this, as do I:
Outcome 1: Theatres just throw people with camcorders out, just like they do now. The law changes nothing (they can already be arrested for being obnoxious and disruptive). The law is useless and threatens to criminalize people who didn't do anything wrong (go ahead - how long until having a camera phone in the theatre is a crime? It's a slippery slope argument, yes, but the past is not in favor of anything else in this regard.)
Outcome 2: Police forces divert critical resources to deal with the dangerous "camcording threat" that Ohio is now facing and have to cut back on other enforcement efforts.
And, either way, we've still not addressed this one crucial fact:
There are already laws to deal with the problem.
The only possible explanation for why the MPAA isn't leveraging these laws to stomp the problem before it really builds too much steam (the RIAA has leveraged these same laws very sucessfully even after ignoring the problem for years and letting it become a fairly common practice) is that they don't want to use their own resources to protect their copyright! YOU, the taxpayer, would be paying for you local police and courts to prosecute copyright infringement on MPAA material! The only time you pay for that now is when it's a federal case pressed by the FBI, and that generally only occurs when it's a very serious case of infringement. I.e. - someone is mass duplicating and selling illegal copies. Why should you have to pay for something the MPAA should be enforcing? A single-copy willful infringement. YOU pay to prosecute that. If somebody steals a big chunk of your code, what then? You could go to the FBI, but they're not going to pay attention to you. So, what are you going to do? Will the local courts and police enforce, using taxpayer dollars, the willful, single-copy infringement you suffered? Nope. File a lawsuit, burden's on you, the bill is on your shoulders. I really can't even begin to fathom how people look at ANY law that's bought by a big lobbying group and don't immediately scrutinize it's necessity and usefulness.
HA! Not understanding an issue never stopped them from discussing it before. The mainstream "American Press" frequently "elaborates on issues" without a clue what they're talking about. Some typical myths the "American Press" insists on blindly perpetuating:
DeCSS is used to make copies of DVDs.
Patently false. As you've already pointed out, CSS is used to prevent a movie from playing on "unapproved" playback systems. DeCSS is used to play those unplayable movies. It never comes into play in the copying process which is why pirate DVDs have been available since DVDs were introduced to the market.
Kazaa is an illegal music sharing site.
Patently false. While many people use it to share illegal music files, KaZaa is a client for accessing a p2p network which can be used to share ANY files, legitimate or not (and it's not a "site"...).
The music industry has said that "xyz" is legal/illegal....
Terribly misleading. Who cares what the music industry says is legal? When I have to stand before Cary Sherman for judgement in a courtroom (god help us all), I'll give a crap what the music industry says is legal.
An "Internet Virus" has been loosed...
...in reference to a virus that only affects one platform (typically, Windows).
mp3s are illegally copied music files that Internet users share.
My god.. I don't even know where to start with this tripe.
To sum it all up, the American Press is just as technologically retarded as the typical American Citizen, so it works out pretty well in the end for selling newspapers and magazines.
I got in a tiff a few days back with a couple of people for "suggesting" that maybe the spam problem could be solved via vigilante means since the law isn't interested in helping and technology hasn't worked to date. That set me thinking about the mass hysteria that grips people, especially the law, when technology is involved in a crime. I thought about how stupid it is that "breaking into a computer across state lines" is a felony. There is no real equivalent to this in the "real world", since you can't physically break into a building across state lines. Given the odds of someone getting hurt when a hacker breaks into a computer system vs. the odds of someone getting hurt when theives break into a building, why the enthusiastic approach to prosecution when a computer and phone line is involved? You'd probably be better off breaking into a building and actually picking up and walking off with a database server that physically houses millions of credit card numbers than if you broke in and copied the database electronically. I don't know about anyone else, but I'd rather have a guy with a trojan break into my computer than a guy with a gun in my house.
I suspect that the computer crimes investigators in the U.S. are just using an old managment trick: mask incompetence and cluelessness with enthusiasm so it looks like you're chasing a bunch of big bad scary hackers around when, really, you're chasing your own tail because you haven't got a clue. When they catch some punk kid like that teen that modified SoBig (or whatever - I can't remember which of the 10 trillion Windows viruses it was) a while back, they held him up as an example. Example of what? A script kid? Big whoop. They get caught anyway, that's why they're script kiddies. Who caught Mitnick, again? Was it the FBI? Local law enforcement? No, another hacker he made the mistake of pushing. Then, when a catch is made, you get that idiot Ashcroft up there spouting BS as if he had anything to do with it. I'd be willing to bet he has his assistant turn his computer on for him, why's he talking about computer crimes?
The frothing, mad dog approach to computer criminals is really getting old. I'd be happy if they just showed a little competence and treated computer crime just like the original counterparts instead of blasting the occasional catch to pieces as an "example" to others...
If your admin time on WinXP is "next to nothing", you're either one of the legions that doesn't keep up with Windows/IE patches or you're one of the few who's crazy enough to let the procedure be automated. In addition, I assume that if you're going to be counting patches to things like BIND or Mozilla as part of "Linux maintenance", you'll count patches to Adobe products, games, etc? (sorry, but even if you don't use IE, it's part of Windows, so it's part of the patch job). Of course, I guess it's easier to patch a system when the vendor would just as soon pretend the problem doesn't exist as fix it, no?
And, if you're only going to count WinXP in "MS Windows maintenance time", then you can't count any Linux kernel older then 2.4.x. If you jump back to the 2.2.x series of kernels when there was still some issue with drivers (I've yet to find any piece of hardware, other than winmodems or the occasional RAID, that the 2.4.x kernel doesn't pick up, configure, and have "just working" automatically), then you have to jump back to the Win9x series of system where reboots were a daily occurrence, crashes were constant, BSODs were the rule rather than the exception, etc. You can't compare your experience with JUST WinXP against your experience with all of Linux.
In addition, I assume that if you're going to count maintenance on a Linux system that has an FTP server, mail server, web server, database server, etc, etc, you're going to have all the same things running on Windows, right? I assume if you use a journaling filesystem on Linux, you'll do the same on Windows? If you're compiling programs or doing heavy web/db work, Windows will endure the same stress? Do you ever defrag your disks? What about keeping the registry clean, do you do that? Do you mop up residual mess from partially uninstalled programs? Do you have to deal with clueless dolts who get things automatically installed when they browse to websites, or fools that install spyware / adware like Gator and Comet Cursor? What about viruses, worms, and whatnot? I mean... come on.. you're talking about an OS that had an integrated help system that could be used, via a standard hyperlink on any arbitrary webpage, to delete aribtrary files on a person's computer.
Nope, sorry. Keeping up with Windows patches is like trying to bike after an F-16. I'd rather be able to just download a small, simple patch within a day or two of a vulnerability being known for a program that I've chosen to run (let's see you uninstall IE once, or keep Messenger from installing), take a moment to install it, and go on about my work. Nothing like waiting for some enormous "Service Pack" to actually be able to get all the updates (since some updates only appear in SPs) and then losing half a day to download, install, reboot, and reconfigure. I'll pass.
The cops have got more important things to do than chase fat guys in sweats with camcorders. Oh, wait. I forgot. In the mystical fairy-tale world of the average moronic U.S. voter, law enforcement can always just keep going up because there's exactly no cost to it, right? So as people bitch about taxes and departments get cut, we'll just add more cops that work for free to deal with all these new dangerous criminals that are being artificially created by lobbying groups. Right? Or, do you have some magical pixie dust that will somehow reduce the crimes that other people commit so that the cops can spend their time chasing these awful, awful bad guys? Are you going to somehow slow down all the assholes on I-81 and I-83 around here so that the already spotty patrols on those excessively dangerous roads can be cut even further so the cops can go kicking in some guy's door for running a camcorder in the movie theatre (I'm sure lots of people have died as a result of that, so this is DEFINITELY a good shift of resources).
I wish there really was a cluestick because I'd knock the shit out of half of Slashdot with it. We've survived, what, 200+ years now without needing to bring the act of copyright infringement to a local/state level? What's so fundamentally different now except there's a big, lumbering lobbying group lining pockets that hasn't yet grasped the advanced technology of fire, much less anything in the digital age. Explain to me again why they can't just bring a civil lawsuit in federal court? Seems to me that if they know some guy's sitting in the theatre with a camcorder, they need to just throw his bum ass out on the street. If they catch the guy sharing stuff on p2p, they can gather the details on him themselves and bring a lawsuit to shut him down. See, unlike those morons over at the RIAA, the MPAA has a chance to knock some sense into these shitheads right off the bat instead of letting the problem grow to epidemic proportions before bothering to even open their mouths. And, of course, rather than leverage the laws THEY ALREADY HAVE, they just buy some new ones that won't do anything but cause trouble for everybody else to make themselves look proactive. Rather than stopping the handful of crooks doing this, they just stomp on EVERYBODY.
LAWS ALREADY EXIST TO HANDLE THIS. We don't need new ones, and we sure as fuck don't need to waste anymore of the cops' already limited time with this bullshit.
And, for the record, you don't sound smart when you say "x is already happening, so we should just ignore y". That "logic" assumes that all crimes are either equally diabolical or there are no levels at all and there is some sliding scale that says what's worse than what. So if you think kindap, rape, murder, and torture are all the same as running a camcorder in the theatre, you make perfect sense. The alternative, of course, is that you think that crimes are on various levels, but there's somehow always going to be enough resources to deal with them either equally or, at least, based on their perceived level of importance. I don't know what fairy tale world you live in, in that case, but I'd love to join you there. See, I can go out on Route 15 right now and rip from Dillsburg up to the Camp Hill mall at 150 mph and the odds are EXTREMELY good I'm not going to get caught. Why? Because the Upper Allen police department doesn't have the resources to chase the "real bad guys" AND patrol the highway at the same time. See, in the real world, we have real limitations on what can be done, and the last thing we need is additional bullshit laws that suck those resources away when the power is ALREADY in the hands of the copyright holder to deal with it themselves.