Wait a minute. The problem only affects misconfigured servers?
The article states that the problem affected servers infected by
CodeRed that had been de-infected, presumably by service
packs downloaded from Microsoft. To quote:
..Exchange servers that had been infected by the
Code Red worm and subsequently cleaned will still have the
guest account enabled...
Does cleaned mean that a MS service pack forgot to close
the holes or even opened a new security hole? Either way, in
the light of MS's so called security initiative the
result is unacceptable.
The argument that moron administrators forgot to do something
misses the point. Microsoft should know that most administrators
don't have the time, training or resources available to discover
and understand all the OS settings required to secure their
servers.
That's why vendors who sell secure systems
set strict default settings. A real security initiative
would lock down the OS a tight as Guantanamo Bay, but MS rightly
fears that would alienate their customers.
Early on MS's goal was market share and control. They
targeted 'ease of use' and
adopted a policy of tight integration between the
OS and applications, including massive auto-enabling
(by default!) of applications via application data
like documents, e-mails, etc. The result is that the current
Microsoft server is merely a single user system on steroids.
Even
with their previous Internet initiative
(which basically produced a free embedded browser and a lot of
service packs)
the MS OS still suffers from the
single user mindset. Witness all the 'way too friendly' default
settings on most Microsoft systems. It worked (mostly) fine when the
PCs were all in one office connected by a sneaker net
(the viruses just spread slower via floppy).
But now in the Internet age they're paying the price.
As Bruce Schneier says: security is a process not a product.
Until that process becomes part of MS's corporate culture,
don't expect much security from Microsoft. Gates may be trying
to change that, but given their
history of going after market share and their
foundations of sand, it's gonna
take a long time.
It's tragic to see that Microsoft, who has been found
guilty in the courts of abusing it's monopoly position has
yet to receive more than a slap on the wrist. I worry that
this is just another one.
Worse the companies and customers at the receiving end of
this abuse have
received little more than a few gift certificates. A just
end to this affair would have been a leveling of the playing
field. It would have forced things like:
A clone manufactors should be able to pre-install any
OS on the PCs they sell without any affect on their
ability to buy MS licenses.
A prohibition of MS secretly changing file formats and
protocols merely to lock out competitors.
Requring MS to reveal their protocols and file formats
and requiring that MS accept third party software interact
at 'low level' with their products.
Prohibition of EULAs that disallow the resale of MS software
(assuming you can prove you no longer use it).
The end of 'tying' whereby purchase of one item (e.g. an OS)
requires purchase of others items (like a media player,
browser, etc.)
Etc., etc., etc.
I fear that all we'll get is another discussion about separating
the OS from the browser and, smoke and mirrirs aside
(like handing out MS vouchers to schools and adding a few
more 'Justice Compliance (TM)' buttons to the install
wizards), nothing will really change.
Its heartening to read about the various government
initiatives (mainly outside the US) recommending, and in some cases
mandating, the consideration of non-Microsoft alternatives when
purchasing software. This will probably cause a larger
behavior change than the anti-trust judgement and will
do more good than the Justice Department has done so far.
So perhaps there's hope.. but not from the US legal system.
The main problem with adult material and the Internet
is how can you tell if a person is an adult without having
them prove their identity? The current least worst solution
is to require a credit card number, which somehow proves
you're old (or clever) enough.
Instead, perhaps you could ask questions that only adults
would know the answers to, say questions about engineering,
calculus or physics. Of course you'd then be allowing
child progodies to access pornography (which may not be a
such bad thing) and you'd obviously be locking out
the 'not the full
six-pack crowd'.
A seconday problem with adult material is that there are
powerful lobbying groups that are trying to ban it completely.
They make use of various arguments, which basically all boil
down to a personal moral choice that is being made by them
and not by you. This flies in the face of the freedoms supposedly
allowed by western democracies. Particularly irritating
is when this is done by country
A
which causes effects ripple effects in country
B.
Sorry I hit the wrong button and published some garbled
text: Here's the corrected version:
With the rise of inexpensive voice over IP (VoIP), there are
going to be big battles as the Telecommunication Companies
(Telcos) attempt to defend their turf against
encroachment by the data network operators and large ISPs.
Basically the current billing models for voice (Telcos) and
data (ISPs) are different, but there is no technological
reason why.
The Economist magazine has often pointed out that
there should be no per minute/distance charge for
telephone use, and that Telcos should just
charge consumers a flate rate monthly fee. E.g. what most IPS
are already doing. Unsurprisingly, the Telcos prefer the current
system because it generates more revenue.
Now that the technological infrastructure is in place to provide an
alternative phone system, there are going to
be problems for the Telcos. Their only advantage
will be their existing customer base and protective
regulations.
Since most people will want to make VoIP calls
to people who still have a normal telephone, the battle
will take place at the boundry between the phone system
and the data networks. And these battles will be over
legal and not technical issues.
Historically the Telcos have been monopolies in many
countries, and even in our new de-regulated world,
they still enjoy an enhanced legal standing that
still protects their business interestes. The Telcos have
extensive experience
with the legal system (their lobbying got the current
regulations enacted) and are not shy about litigation.
Thus, the telecom companies are likely to scream and shout
all the way to the courts as VoIP becomes popular.
But it's not so simple. The Telcos will be facing big
opposition. Companies like Cisco are huge and are investing
lots on VoIP.
If the challengers were merely garage start-ups, this would
just be another instance of new technology getting squashed by
the big players. In this case, however, the challengers
have a chance, and with them the end customer could benefit
too.
With the rise of inexpensive voice over IP (VoIP), there are
going to be big battles as the Telecommunication Companies
(Telcos) attempt to defend their turf against
encroachment by data network operators and large ISPs.
The Economist magazine has often pointed out that
there should be no per minute/distance charge for
telephone use, and that Telcos should just
charge consumers a flate rate monthly fee. E.g. most IPS
are already doing. Unsurprisingly, the Telcos prefer the current
system because it generates more revenue.
Now that there the technological infrastructure to
provide an alternative phone system is in place, there are
going to be problems for the Telcos. Their only advantage
will be their existing customer base and the protective
regulations already in place.
Since most people will want to make VoIP calls
to people who still have a normal telephone, the battle
will take place at the boundry between the phone system
and the data networks.
Historically the Telcos have been monopolies in many countries,
and even in our new de-regulated world, they still enjoy an
enhanced legal standing that will protect their
business interestes. The Telcos have extensive experience
with the legal system (their lobbying got the current
regulations enacted) and are not shy about litigation.
Thus, the telecom companies are like to scream and shout
all the way to the courts as VoIP becomes popular.
But it's not so simple. The Telcos will be facing big
opposition. Companies like Cisco are husg and investing
monsterous amounts on VoIP.
If the challengers were merely garage start-ups, this would
just be another instance new technology getting squashed by
the big players. In this case, however, the challengers
have a chance, and with them the end customer could benefit
too.
With all the froth and lather about how great Google is as
the utimate search machine, we seem to forgotten that we
are slowly entering our life histories into the Internet and
more recently directly into Google's databases. More amazingly
we're doing it for free and in some cases we're even paying
for the priviledge. No one seems to be giving any
thought to who or what controls the resulting data.
If you subscribe to Bill Joy's views about privacy
(Why
the Future Doesn't Need Us) then you're fine and the
rest of this article won't concern you.
If however, you are like most people, and you do draw a line
between public and private information about yourself, then
Google's innovative strategies combined with its overwhelming
market share make it a
privacy time
bomb just waiting to explode.
If Microsoft were behind Google, much of the world would be
up in arms (Remember NT's supposed
NSA
Backdoor?) No so with Google.
Strangely, perhaps because Google actually works
pretty well and isn't laced with bugs that allow viruses to
damage your home computer, no one makes a fuss.
In the recent years the public has sometimes been shocked
to learn about some of the
side effects that our technological progress has
brought. Organizations combining data from multiple databases
(for 'marketing' purposes) and technologies such as
license plate recognition make possible a 'technical
utopia' that Big Brother could only have dreamed about.
This combined with the hightened fear of terrorism
and the corresponding (over-)reaction by governments
has led to a information gathering infrastructure that
is unique in world history. In the post 9/11 world there
has been increasing pressure from the American government
on organizations and companies (from your
local library
to
European
airlines) to
forward all types to
information to 'the authorities'. Google is most likely
just one more intelligence source, though in all probablilty a
highly valuable one, in the war against terrorism.
Suspicions that Google has 'ties' with the NSA was
published in Slashdot
(Should
You Fear Google?) last Febuary. After reading some
of the comments associated with that article, one begins
to wonder if Goggle is just the Internet arm of the
Echelon project.
While each tenticle pulling at our privacy is relatively
harmless by itself, the combined affect of the multiple
attacks on our personal privacy is large and disturbing.
Worse still, is that we have only ourselves blame. Our very
own democratic governments encourage and
protect the individuals and organizations that are
attempting to implement these policies. And largely because
of own our ignorance and apathy, we don't raise our voices
against it.
It's like comparing the public's reaction to a government
proposal to mandate the installation of ID chips in its
citizens, which causes a massive outcry, vs. parents
desire
to
install
the same chips in their children,
because of their fear of abductions. The end result may
be the same, but in the second case we did it to ourselves.
I guess the moral is that we should just be a bit more
aware of what we're doing, and a bit more willing to say
'no'. While the current western decomcratic governments
probably do 'have our best interests at heart', what
happens when some unsavory character sells or gives
this information
to our enemies, or worse our government is no longer
domocratic and becomes our enemy?
One of MIT's main goals with OCW is to provide course materials
for other universities. OCW's primary
mission is not to provide a free education to individuals
with internet access, though there is nothing in their policy that
prevents it. The real winners from OCW will be institutes of
higher learning that can now use the OCW material as a basis for
creating their own university courses. Obviously universities in
poorer countries can benefit greatly from OCW.
About a year ago, when OCW was first being accounced, I attended a
presentation by a MIT official who explained OCW and some of the
issues behind it. He also explained that there was some resistance
by professors, which mainly fell into the following areas:
Concern over intellectual property and copyright issues.
Concern that the professors would not have enough time,
to prepare OCW versions of their courses, given their present
research and teaching responsibilities.
Concern that the material presented via OCW would be of
high quality and worthy of MIT.
Interestingly the resistance due to IP/copyright concerns was the
smallest of the problems. In fact most professors (and students)
welcomed OCW, and from what I've read in the press, most of the
world has too. That said, I was not too surprised to read the
previously mentioned
article
critical of OCW. To complain that your degree will be watered down,
because because others will have access to the same material for
free, is selfish to say the least. Such remarks are definitly
not in the spirit of MIT, at least not while I was there
in the early 80's.
You will note that OCW, in its early stages, will probably consist
of a wide variety of items in strange and incompatible formats,
hopefully coalescing over time into a more unified body of
information.
This is deliberate.
MIT has a policy of never specifying too many details. In OCW's case,
this means that MIT is not specifying how the
material must be technically presented
or formatted, knowing that the best ideas will bubble up as
MIT's creative minds ship away at the problem. Indeed another
goal of OCW is to find better ways to use the internet to
enhance the learning experience. In some ways, OCW's journey
is also it's destination, with the hope of finding something
interesting along the way.
This approach, is what lead to the creation of X (and a ton of
other cool stuff) as a spinoff of the Athena project. There
the stated goal was (somewhat simplified):
We have a bunch of different computers, let's connect
them all together in a network, in spite of the different
hardware and operating systems.
Compare that to all the universities that implemented their
campus wide networks by merely mandating that everyone must
purchase an IBM-PC/Apple/etc.
I guess that the 'trusted and reliable computing initiative' turned out to
be a little too difficult. No surprise there. The thought of fixing all those
legacy applications and the base operating systems must have prompted Microsoft to pick an easier target, namly adding a Bayesian filter to their mail server.
Let's just hope they hire a competent consultant to do the work.
As a side note: The half-life of these initiatives seem to be just under
a year, which matches closely the press and public's attention span.
So in other words, you can safely ignore this announcement and continue
maintenance of whatever spam filter you are currently using.
It won't be as bad as you fear or as good as you hope, but it will take
twice as long as your plan.
I don't actually think that an up to date knowledge of technology is
required to teach ethics in engineering and technology, other than
perhaps as an aide when presenting examples. Most technological
ethical dilemmas can be reduced to fairly simple (simple to
describe, not necessarily simple to resolve) moral dilemmas.
An introductary course should not focus on particular technological
issues, but rather on:
The importance taking responsibility for ethical issues.
Recognizing an ethical dilemma.
Strategies for analyzing ethical issues and making a moral choice.
Techniques for implementing a moral choice, particularly in the
face of opposition.
Practicality of choices. Some moral choices are extremely
impractical or expensive. Can we afford them?
The actual technology is secondary, and the person faced with the
ethical dilemma will probably know more about the technology than
you anyways.
Off the top of my head, I would present the following, incomplete,
list of
dilemma categories (An exercise for the class would be
to have the students come up with the list themselves, perhaps starting
with examples taken from the press and movies):
Harmful technologies - To what extent should you
work on harmful and destructive technologies? Especially harmful
technologies that also have benificial uses (e.g. the use of radation
in medicine)? What is the chain of responsibility for the
initial research, deployment and control against misuse?
Whistleblowing -
When a corporation or government are
doing something unethical, what steps can, should and should
not be taken by an individual to correct the problem?
To what extent can rules and laws be
broken in attempt to serve the greater good.
Responsibility of invividuals vs. groups - Who
ultimately has responsibility for group decisions on ethical
issues? The group itself, the individual members, the group's
leader? How much individual responsibillity do group members have
when bad choices are made by the group.
To what extent should you take individual responsibility for
actions carried out by a group?
Privacy - To what extent do we allow or
prohibit the use of technology that allow us to expose private
information about individuals and groups?
Environment - To what extent must we protect our
natural environment? Particularly faced with mankind's needs.
Technological divide - What is our responsibility
to those who do not have access to modern technology? Must everyone
have equal access to a minimum level of technology? Is it right
to offer services only to those how have some minimum level of
training and technology (Hint: It's not as easy as you think: what
about services to illiterates?)
Equality vs. scientific advances - What is
society's responsibility to the equality of its members in the face
of scientific advances that prove inequallity? E.g. what
happens when genetic testing shows that some people will be stupid
or will die early from a disease? Can they be denied schooling,
insurance or other resources?
One presumes the goal of the course is to encourge ethical
behaviour and decisions, rather than recognizing ethical dilemmas
and using public relations to justify the use of the most
cost-effective solution, regardless of the moral issues.
With that in mind the following meta-issues should be
discussed:
Advocacy - Techniques for promoting corporate,
government and public awareness of the importance moral solutions
to ethical dilemmas.
Individuals vs. powerful groups - Recognizing
the difficulty and risk involved to an individual who takes an
unpopular, though moral, sta
IBM and Intel, and a few other hardware manufacturers,
probably with support from Microsoft, tried something
similar back in 2000.
Then it was called Content Protection for Recordable
Media (CPRM). This was hardware based system that encrypted the
data on hard disks. The idea was that they would sell hard disks
with hardware based encryption and key management. The goal was to
provide a platform for DRM. One description can be found at
The Register.
There was a lot of noise in the press for a couple of months
after the announcements as the public opposition was voiced.
Then the initiative quietly died.
It's not surprising that CPRM dissapeared, since no
one could force you to use CRPM based hardware. Why would
customers go out and upgrade/replace their perfectly
good hard disks with something that imposes (to the ordinary user)
complex and difficult to understand restrictions? Particularly when
when normal unrestricted hard disks would
still to be available.
I suspect (and hope) that Palladium will suffer a similar fate.
Most people resist forced upgrades. Over the years, Microsoft
has tarnished its reputation by continualy forcing users to upgrade.
As the Windows cost/ownership hassle has increased, the minority of
non-upgraders has grown and now includes even a few major corporations.
Worse, it's also caused some previously loyal customers to
switch to Unix and Linux.
With Palladium, the upgrade will require a new Palladium enabled PC,
not just more memory and a faster CPU. This, combined with the
restrictions, will make people even more reluctant.
If Microsoft actually forces the upgrade, say by discontinuing
support and sales of previous Windows versions, they risk a
customer revolt. Microsoft realizes this (as evidenced
by the recent Palladium name changes and smoke and mirrors
announcements) and is treading cautiously.
Note:
I wonder if the real motive is to stop piracy of MS
Office. Microsoft have managed to get most of the world hooked
on Office and if they could get all the pirate copy owners
to pay up, they'd have a pretty nice revenue stream.
My personal belief is that DRM is an unreachable utopia. It only takes
one person to crack an instance of DRM protected media
or indeed the DRM system itself. Once this has happened, then
there's nothing anyone can do, technically or legally, to stop distribution
of the unprotected digital content. Given the financial incentives
there are plenty of clever minds willing to devote a lot of
energy to cracking DRM systems. I'm not saying this is legal/moral, I'm
just pointing out that it's inevitable that DRM systems will be
attacked.
In the end, forcing copy protection schemes on users doesn't solve
the problem and just ends up annoying the users.
Examples of failed DRM are all
around us: DVD's, Adobe's e-books, etc.
Remember 'dongles'? They failed too.
As Bruce Schneier says, encryption
doesn't stop anyone, it only slows them down.
Slashdot Mirror
..Exchange servers that had been infected by the
Code Red worm and subsequently cleaned will still have the
guest account enabled...
Does cleaned mean that a MS service pack forgot to close the holes or even opened a new security hole? Either way, in the light of MS's so called security initiative the result is unacceptable.The argument that moron administrators forgot to do something misses the point. Microsoft should know that most administrators don't have the time, training or resources available to discover and understand all the OS settings required to secure their servers. That's why vendors who sell secure systems set strict default settings. A real security initiative would lock down the OS a tight as Guantanamo Bay, but MS rightly fears that would alienate their customers.
Early on MS's goal was market share and control. They targeted 'ease of use' and adopted a policy of tight integration between the OS and applications, including massive auto-enabling (by default!) of applications via application data like documents, e-mails, etc. The result is that the current Microsoft server is merely a single user system on steroids. Even with their previous Internet initiative (which basically produced a free embedded browser and a lot of service packs) the MS OS still suffers from the single user mindset. Witness all the 'way too friendly' default settings on most Microsoft systems. It worked (mostly) fine when the PCs were all in one office connected by a sneaker net (the viruses just spread slower via floppy). But now in the Internet age they're paying the price.
As Bruce Schneier says: security is a process not a product. Until that process becomes part of MS's corporate culture, don't expect much security from Microsoft. Gates may be trying to change that, but given their history of going after market share and their foundations of sand, it's gonna take a long time.
Worse the companies and customers at the receiving end of this abuse have received little more than a few gift certificates. A just end to this affair would have been a leveling of the playing field. It would have forced things like:
I fear that all we'll get is another discussion about separating the OS from the browser and, smoke and mirrirs aside (like handing out MS vouchers to schools and adding a few more 'Justice Compliance (TM)' buttons to the install wizards), nothing will really change.
Its heartening to read about the various government initiatives (mainly outside the US) recommending, and in some cases mandating, the consideration of non-Microsoft alternatives when purchasing software. This will probably cause a larger behavior change than the anti-trust judgement and will do more good than the Justice Department has done so far. So perhaps there's hope.. but not from the US legal system.
Sigh.
The main problem with adult material and the Internet is how can you tell if a person is an adult without having them prove their identity? The current least worst solution is to require a credit card number, which somehow proves you're old (or clever) enough.
Instead, perhaps you could ask questions that only adults would know the answers to, say questions about engineering, calculus or physics. Of course you'd then be allowing child progodies to access pornography (which may not be a such bad thing) and you'd obviously be locking out the 'not the full six-pack crowd'.
A seconday problem with adult material is that there are powerful lobbying groups that are trying to ban it completely. They make use of various arguments, which basically all boil down to a personal moral choice that is being made by them and not by you. This flies in the face of the freedoms supposedly allowed by western democracies. Particularly irritating is when this is done by country A which causes effects ripple effects in country B.
Here's the corrected version:
With the rise of inexpensive voice over IP (VoIP), there are going to be big battles as the Telecommunication Companies (Telcos) attempt to defend their turf against encroachment by the data network operators and large ISPs.
Basically the current billing models for voice (Telcos) and data (ISPs) are different, but there is no technological reason why. The Economist magazine has often pointed out that there should be no per minute/distance charge for telephone use, and that Telcos should just charge consumers a flate rate monthly fee. E.g. what most IPS are already doing. Unsurprisingly, the Telcos prefer the current system because it generates more revenue.
Now that the technological infrastructure is in place to provide an alternative phone system, there are going to be problems for the Telcos. Their only advantage will be their existing customer base and protective regulations.
Since most people will want to make VoIP calls to people who still have a normal telephone, the battle will take place at the boundry between the phone system and the data networks. And these battles will be over legal and not technical issues.
Historically the Telcos have been monopolies in many countries, and even in our new de-regulated world, they still enjoy an enhanced legal standing that still protects their business interestes. The Telcos have extensive experience with the legal system (their lobbying got the current regulations enacted) and are not shy about litigation. Thus, the telecom companies are likely to scream and shout all the way to the courts as VoIP becomes popular.
But it's not so simple. The Telcos will be facing big opposition. Companies like Cisco are huge and are investing lots on VoIP. If the challengers were merely garage start-ups, this would just be another instance of new technology getting squashed by the big players. In this case, however, the challengers have a chance, and with them the end customer could benefit too.
It should be interesting. Stay tuned.
The Economist magazine has often pointed out that there should be no per minute/distance charge for telephone use, and that Telcos should just charge consumers a flate rate monthly fee. E.g. most IPS are already doing. Unsurprisingly, the Telcos prefer the current system because it generates more revenue.
Now that there the technological infrastructure to provide an alternative phone system is in place, there are going to be problems for the Telcos. Their only advantage will be their existing customer base and the protective regulations already in place.
Since most people will want to make VoIP calls to people who still have a normal telephone, the battle will take place at the boundry between the phone system and the data networks.
Historically the Telcos have been monopolies in many countries, and even in our new de-regulated world, they still enjoy an enhanced legal standing that will protect their business interestes. The Telcos have extensive experience with the legal system (their lobbying got the current regulations enacted) and are not shy about litigation. Thus, the telecom companies are like to scream and shout all the way to the courts as VoIP becomes popular.
But it's not so simple. The Telcos will be facing big opposition. Companies like Cisco are husg and investing monsterous amounts on VoIP. If the challengers were merely garage start-ups, this would just be another instance new technology getting squashed by the big players. In this case, however, the challengers have a chance, and with them the end customer could benefit too.
It should be interesting. Stay tuned.
If however, you are like most people, and you do draw a line between public and private information about yourself, then Google's innovative strategies combined with its overwhelming market share make it a privacy time bomb just waiting to explode. If Microsoft were behind Google, much of the world would be up in arms (Remember NT's supposed NSA Backdoor?) No so with Google. Strangely, perhaps because Google actually works pretty well and isn't laced with bugs that allow viruses to damage your home computer, no one makes a fuss.
In the recent years the public has sometimes been shocked to learn about some of the side effects that our technological progress has brought. Organizations combining data from multiple databases (for 'marketing' purposes) and technologies such as license plate recognition make possible a 'technical utopia' that Big Brother could only have dreamed about.
This combined with the hightened fear of terrorism and the corresponding (over-)reaction by governments has led to a information gathering infrastructure that is unique in world history. In the post 9/11 world there has been increasing pressure from the American government on organizations and companies (from your local library to European airlines) to forward all types to information to 'the authorities'. Google is most likely just one more intelligence source, though in all probablilty a highly valuable one, in the war against terrorism.
Suspicions that Google has 'ties' with the NSA was published in Slashdot (Should You Fear Google?) last Febuary. After reading some of the comments associated with that article, one begins to wonder if Goggle is just the Internet arm of the Echelon project.
While each tenticle pulling at our privacy is relatively harmless by itself, the combined affect of the multiple attacks on our personal privacy is large and disturbing. Worse still, is that we have only ourselves blame. Our very own democratic governments encourage and protect the individuals and organizations that are attempting to implement these policies. And largely because of own our ignorance and apathy, we don't raise our voices against it.
It's like comparing the public's reaction to a government proposal to mandate the installation of ID chips in its citizens, which causes a massive outcry, vs. parents desire to install the same chips in their children, because of their fear of abductions. The end result may be the same, but in the second case we did it to ourselves.
I guess the moral is that we should just be a bit more aware of what we're doing, and a bit more willing to say 'no'. While the current western decomcratic governments probably do 'have our best interests at heart', what happens when some unsavory character sells or gives this information to our enemies, or worse our government is no longer domocratic and becomes our enemy?
One of MIT's main goals with OCW is to provide course materials for other universities. OCW's primary mission is not to provide a free education to individuals with internet access, though there is nothing in their policy that prevents it. The real winners from OCW will be institutes of higher learning that can now use the OCW material as a basis for creating their own university courses. Obviously universities in poorer countries can benefit greatly from OCW.
About a year ago, when OCW was first being accounced, I attended a presentation by a MIT official who explained OCW and some of the issues behind it. He also explained that there was some resistance by professors, which mainly fell into the following areas:
- Concern over intellectual property and copyright issues.
- Concern that the professors would not have enough time,
to prepare OCW versions of their courses, given their present
research and teaching responsibilities.
- Concern that the material presented via OCW would be of
high quality and worthy of MIT.
Interestingly the resistance due to IP/copyright concerns was the smallest of the problems. In fact most professors (and students) welcomed OCW, and from what I've read in the press, most of the world has too. That said, I was not too surprised to read the previously mentioned article critical of OCW. To complain that your degree will be watered down, because because others will have access to the same material for free, is selfish to say the least. Such remarks are definitly not in the spirit of MIT, at least not while I was there in the early 80's.You will note that OCW, in its early stages, will probably consist of a wide variety of items in strange and incompatible formats, hopefully coalescing over time into a more unified body of information. This is deliberate. MIT has a policy of never specifying too many details. In OCW's case, this means that MIT is not specifying how the material must be technically presented or formatted, knowing that the best ideas will bubble up as MIT's creative minds ship away at the problem. Indeed another goal of OCW is to find better ways to use the internet to enhance the learning experience. In some ways, OCW's journey is also it's destination, with the hope of finding something interesting along the way.
This approach, is what lead to the creation of X (and a ton of other cool stuff) as a spinoff of the Athena project. There the stated goal was (somewhat simplified):
- We have a bunch of different computers, let's connect
them all together in a network, in spite of the different
hardware and operating systems.
Compare that to all the universities that implemented their campus wide networks by merely mandating that everyone must purchase an IBM-PC/Apple/etc.As a side note: The half-life of these initiatives seem to be just under a year, which matches closely the press and public's attention span.
So in other words, you can safely ignore this announcement and continue maintenance of whatever spam filter you are currently using.
It won't be as bad as you fear or as good as you hope, but it will take twice as long as your plan.
An introductary course should not focus on particular technological issues, but rather on:
The actual technology is secondary, and the person faced with the ethical dilemma will probably know more about the technology than you anyways.
Off the top of my head, I would present the following, incomplete, list of dilemma categories (An exercise for the class would be to have the students come up with the list themselves, perhaps starting with examples taken from the press and movies):
One presumes the goal of the course is to encourge ethical behaviour and decisions, rather than recognizing ethical dilemmas and using public relations to justify the use of the most cost-effective solution, regardless of the moral issues.
With that in mind the following meta-issues should be discussed:
IBM and Intel, and a few other hardware manufacturers, probably with support from Microsoft, tried something similar back in 2000.
Then it was called Content Protection for Recordable Media (CPRM). This was hardware based system that encrypted the data on hard disks. The idea was that they would sell hard disks with hardware based encryption and key management. The goal was to provide a platform for DRM. One description can be found at The Register.
There was a lot of noise in the press for a couple of months after the announcements as the public opposition was voiced. Then the initiative quietly died.
It's not surprising that CPRM dissapeared, since no one could force you to use CRPM based hardware. Why would customers go out and upgrade/replace their perfectly good hard disks with something that imposes (to the ordinary user) complex and difficult to understand restrictions? Particularly when when normal unrestricted hard disks would still to be available.
I suspect (and hope) that Palladium will suffer a similar fate. Most people resist forced upgrades. Over the years, Microsoft has tarnished its reputation by continualy forcing users to upgrade. As the Windows cost/ownership hassle has increased, the minority of non-upgraders has grown and now includes even a few major corporations. Worse, it's also caused some previously loyal customers to switch to Unix and Linux.
With Palladium, the upgrade will require a new Palladium enabled PC, not just more memory and a faster CPU. This, combined with the restrictions, will make people even more reluctant. If Microsoft actually forces the upgrade, say by discontinuing support and sales of previous Windows versions, they risk a customer revolt. Microsoft realizes this (as evidenced by the recent Palladium name changes and smoke and mirrors announcements) and is treading cautiously.
My personal belief is that DRM is an unreachable utopia. It only takes one person to crack an instance of DRM protected media or indeed the DRM system itself. Once this has happened, then there's nothing anyone can do, technically or legally, to stop distribution of the unprotected digital content. Given the financial incentives there are plenty of clever minds willing to devote a lot of energy to cracking DRM systems. I'm not saying this is legal/moral, I'm just pointing out that it's inevitable that DRM systems will be attacked.
In the end, forcing copy protection schemes on users doesn't solve the problem and just ends up annoying the users. Examples of failed DRM are all around us: DVD's, Adobe's e-books, etc. Remember 'dongles'? They failed too. As Bruce Schneier says, encryption doesn't stop anyone, it only slows them down.
Alan Hodgkinson