If I can agree to a contract with a mouseclick (EULA, etc...), speak to a credit card company about "my" account by providing a SSN and a mother's maiden name, and access my banking data online via a password and perhaps some combination of above, I don't see why this is an important innovation as far as the marketplace is concerned. Granted, it's cool and thus I support the intellectual endeavor, but it as well will be rife with security issues of its own.
-nudicle
Ok guys,
I'm not a big fan of MS either and I'm also against software patents but remember this: one of the reasons we're against software patents is their obviousness or, at least, the ineluctable conclusion that "this" or "something like this" would be a good way to write this code to make it better. While I think knowingly excising email info from the record should be met with large court imposed sanctions, it's also possible that the patent infringement Burst claims is related to aforementioned issues w/ software patents -- the fact that it's obvious how to make it better and compentent ("one of ordinary skill in the art") programmers ar MS saw that.
-nude
True, but where the internet is concerned it matters not whether the spammer is in the "South Pacific" or the hinterlands of Uganda. All that matters is that his emails go through an unprotected SMTP server somewhere in the world -- Korea, China, or the US. The costs to him/her are basically nil and the damage is large. No matter where the spammer is based if he/she is sending tons of them it affects all of us and particularly the US given the entitlement and email addressees we have here.
If I ran the "Yoga Inside" program and I got a nasty, formalistic letter from Intel suggesting I cease and desist or face the consequences I think my response would be to write a reply conisting of only the words "bite me" and a signature.
I don't think the parent is insightful at all. I think it's kneejerk.
Imagine a complex piece of software, a complex exploit, and a couple thousand users of the vulnerable software. The company responsible is made aware of the exploit and sets about to fix it. The fix involves more than switching to strncmp() or something trivial like that, so fixing the bug takes a couple days. Meanwhile, the thousands of customers have to be notified and convinced to upgrade when a patch is released.
If the exploit is published with code the threat to every single user of the vulnerable software increases, probably exponentially. This is because each installation of the software is vulnerable to attack, basically, by people who understand the exploit as published (and those who knew about it prior to publication, but they're not relevant to this analysis...) and when code and examples are published the number of people who can invoke the exploit increases massively.
A reasonable window of opportunity for the programmers to issue a fix and protect the users before explicit details on comprimising the software are published such that any malicious dilettante can invoke them is a good thing.
Dismissing it out of hand as "security by obscurity" misses the point and is mere sloganeering without reflection.
A lot of companies writte lousy code. A lot of companies want to cover up their lousy code. I'm not disagreeing with those statements. Nor am I disagreeing with the sentiment that if compamies wrote secure code to begin with this wouldn't be an issue except to note that that's a fantasy...although there's lots of room for improvement of the industry's code we're still talking about complex systems and there will always be (1) bugs and (2) bugs involving security.
I'm a long-time mac user (1986) and use my 10.2.5 TiBook every day for all kinds of stuff and I have to say that for all the coolness in Apple's recent steps, I think they lost something important in the coherent, simple UI design arena. This is most evident in applications like Addressbook and iCal. Addressbook should win an award for the crappiness of its UI design and iCal suffers from these weird idiosyncracies that in the aggregate really affect productivity. For instance, when adding a new event in iCal, a multi-line text field appears in the window used to create and describe the event. So for weeks I would add events and thoughtlessly press when I wanted to go to the next line... no problem, right? Well, actually, Apple UI people decided that in this multi-line text field was actually going to perform a.. which means instead of moving to the next line in the field, the entire line is selected and deleted when I, operating on 16 years of mac UI instincts, continue typing under the assumption that my mac behaves like it should. Although I'm kind of used to it now, this was an indescribably irritating quirk to have to get used to and one that I don't think would have ever been deemed acceptable in years gone by. Sometimes I wonder if Apple hired a bunch of UNIX guys to make OS X happen and an unfortunate consequence of that is we have to put up with UI inconsistencies that bleed in from other worlds. I mean, Addressbook introduces the UI "feature" of selected text that is not deletable by the "delete" key (eg when creating a new entry and you're presented with "First" (as in name).. and the text is selected... and you can't delete it with "delete." I guess the justification is that the field only accepts legally displayable characters for a first name but I don't care. The fact is that behavior is wrong and it breaks the harmony of using macos.
Don't get me wrong, I love macos x, but I think if Apple knows what's best for it someone will take the GUI people outside and slap them around for a while until they understand that one of the reasons using classic macos was pleasant for so many people is because there was an underlying harmony in how stuff worked
if you're allowed to do that with mp3s this device might be a prima facie DMCA violation for the distributor as "trafficking" technologies that allow use/access to copyright infringements. not that I support the DMCA, just suggesting another way this law chills technological developement.
-nudicle
I was under the impression that the 1976 copyright act was introduced, at least in part, to get rid of the different copyright regimes in the several states and to bring copyright protection under one federal roof. Are these founders copyrights really enforceable or should they be preempted by federal copyright statutes if challenged? I realize that the founders copyright is contract law masquerading as copyright, and may be, I suppose, distinguishable on that ground from a state defined copyright regime, but should that matter? I mean, if we allow people to contract directly around the federal copyright law does that mean federal preemption in the copyright sphere just goes away? Just wondering.
-nudicle
If your point is that a lot of technological innovations don't seem to improve education much and turn out to be a much-hyped waste of money, then fair enough.
If your point is that this is an example of liberal-arts institutions wasting money, then I'd point out that the iPods were donated by the private sector and no liberal arts institutions were harmed by the creation of this experiment.
-nudicle
For a moment I myself was on the forefront of frozen water research. In late 1997 I opened the freezer in my Providence, RI apartment/laboratory and discovered elongated spires of ice extending from the molds in which I had left room temerature tap water the night before (in order to form "ice cubes," scientific parlance for frozen blocks of ice of varying size). I immediately dubbed this formation "ice penis" and alerted my roommates to the discovery. Needless to say a press release was dispatched to the AP and a paper written for Nature, but i never heard back from them.
Since then I think Amazon has patented my ice penis work but I'm not sure.
Slashdot Mirror
If I can agree to a contract with a mouseclick (EULA, etc...), speak to a credit card company about "my" account by providing a SSN and a mother's maiden name, and access my banking data online via a password and perhaps some combination of above, I don't see why this is an important innovation as far as the marketplace is concerned. Granted, it's cool and thus I support the intellectual endeavor, but it as well will be rife with security issues of its own. -nudicle
Ok guys, I'm not a big fan of MS either and I'm also against software patents but remember this: one of the reasons we're against software patents is their obviousness or, at least, the ineluctable conclusion that "this" or "something like this" would be a good way to write this code to make it better. While I think knowingly excising email info from the record should be met with large court imposed sanctions, it's also possible that the patent infringement Burst claims is related to aforementioned issues w/ software patents -- the fact that it's obvious how to make it better and compentent ("one of ordinary skill in the art") programmers ar MS saw that. -nude
True, but where the internet is concerned it matters not whether the spammer is in the "South Pacific" or the hinterlands of Uganda. All that matters is that his emails go through an unprotected SMTP server somewhere in the world -- Korea, China, or the US. The costs to him/her are basically nil and the damage is large. No matter where the spammer is based if he/she is sending tons of them it affects all of us and particularly the US given the entitlement and email addressees we have here.
Dude, These Windows viruses work by getting the email lists of all your friends (in your contact info) and emailing to/from them. No such luck.
If I ran the "Yoga Inside" program and I got a nasty, formalistic letter from Intel suggesting I cease and desist or face the consequences I think my response would be to write a reply conisting of only the words "bite me" and a signature.
I don't think the parent is insightful at all. I think it's kneejerk. Imagine a complex piece of software, a complex exploit, and a couple thousand users of the vulnerable software. The company responsible is made aware of the exploit and sets about to fix it. The fix involves more than switching to strncmp() or something trivial like that, so fixing the bug takes a couple days. Meanwhile, the thousands of customers have to be notified and convinced to upgrade when a patch is released. If the exploit is published with code the threat to every single user of the vulnerable software increases, probably exponentially. This is because each installation of the software is vulnerable to attack, basically, by people who understand the exploit as published (and those who knew about it prior to publication, but they're not relevant to this analysis ...) and when code and examples are published the number of people who can invoke the exploit increases massively.
A reasonable window of opportunity for the programmers to issue a fix and protect the users before explicit details on comprimising the software are published such that any malicious dilettante can invoke them is a good thing.
Dismissing it out of hand as "security by obscurity" misses the point and is mere sloganeering without reflection.
A lot of companies writte lousy code. A lot of companies want to cover up their lousy code. I'm not disagreeing with those statements. Nor am I disagreeing with the sentiment that if compamies wrote secure code to begin with this wouldn't be an issue except to note that that's a fantasy ...although there's lots of room for improvement of the industry's code we're still talking about complex systems and there will always be (1) bugs and (2) bugs involving security.
Don't get me wrong, I love macos x, but I think if Apple knows what's best for it someone will take the GUI people outside and slap them around for a while until they understand that one of the reasons using classic macos was pleasant for so many people is because there was an underlying harmony in how stuff worked
if you're allowed to do that with mp3s this device might be a prima facie DMCA violation for the distributor as "trafficking" technologies that allow use/access to copyright infringements. not that I support the DMCA, just suggesting another way this law chills technological developement. -nudicle
I was under the impression that the 1976 copyright act was introduced, at least in part, to get rid of the different copyright regimes in the several states and to bring copyright protection under one federal roof. Are these founders copyrights really enforceable or should they be preempted by federal copyright statutes if challenged? I realize that the founders copyright is contract law masquerading as copyright, and may be, I suppose, distinguishable on that ground from a state defined copyright regime, but should that matter? I mean, if we allow people to contract directly around the federal copyright law does that mean federal preemption in the copyright sphere just goes away? Just wondering. -nudicle
If your point is that a lot of technological innovations don't seem to improve education much and turn out to be a much-hyped waste of money, then fair enough. If your point is that this is an example of liberal-arts institutions wasting money, then I'd point out that the iPods were donated by the private sector and no liberal arts institutions were harmed by the creation of this experiment. -nudicle
For a moment I myself was on the forefront of frozen water research. In late 1997 I opened the freezer in my Providence, RI apartment/laboratory and discovered elongated spires of ice extending from the molds in which I had left room temerature tap water the night before (in order to form "ice cubes," scientific parlance for frozen blocks of ice of varying size). I immediately dubbed this formation "ice penis" and alerted my roommates to the discovery. Needless to say a press release was dispatched to the AP and a paper written for Nature, but i never heard back from them. Since then I think Amazon has patented my ice penis work but I'm not sure.