To paraphrase my iPhone-using coworker, "I'm safe from this vulnerability because I NEVER GET ANY F*CKING SIGNAL to receive a dodgy SMS packet in the first place".
with DRM the intended recipient and the potential attacker is THE SAME PERSON We hear this line a lot when discussing DRM, and it's right.
with DRM, you give the recipient the file *AND* the decryption-key This isn't quite right, and I think it might be why foolish people are fooled into believing that DRM can work. The intended recipient doesn't personally have the decryption key.
Imagine you receive a pad-locked box (a DRM'ed music file). You can't open it yourself, because you don't actually have the key on you. In fact, the key is in the hand of a 7ft big mean-ass nightclub bouncer who's standing next to you (Windows Media Player / iTunes).
You ask the bouncer nicely, "I'd like to listen to this pad-locked box please.", and maybe the bouncer will then unlock the box, take out some sheet music and a trumpet, play the tune for you, and then put it back and lock the box again.
If you ask, "Can I see the sheet music please?", the bouncer will refuse.
The bouncer has the ability to say "yes" and "no" to your requests because the bouncer is a proprietary program over which you have no control. Well, unless you kick him in the gonads (crack the software, and maybe the gonads too), in which case maybe you'll be able to pry the key out of his quivering hand.
If you have an open-source bouncer, then you can make him always say "yes" to your requests, because mere act of being open source allows you to change the way he answers.
So, sending padlocked boxes to a bouncer who will always do what you say offers no control (to the sender of the box) over what is done with the contents of that box.
Similarly, sending DRM'ed files to a piece of software that will unlock them for any purpose offers no control to the sender of the DRM'ed files.
That is why Open Source DRM cannot "work".
The only reason that people continue to invest in DRM is because they believe that they can make an infallible bouncer. They can't.
There was a really good article on the MS XP EULA called "Windows XP EULA in Plain English" by linuxadvocate.org but that site seems to be gone and I can't find a mirror or PDF of it. WayBack machine to the rescue: Windows XP EULA in Plain English
Sir, I would like to congratulate you on your use of the word 'fewer'.
There are so many illiterate idiots around here who would attempt to use 'less' instead of the grammatically correct 'fewer' in such a sentence that it would hurt my head if I were to stop and count them.
Labout MPs all voted aye (with the exception of 9 rebels), and the Conservatives and Lib Dems *all* voted no.
The result was still 305 for to 251 against. How on earth is such a representation meant to be democratic? The vast majority of the population do NOT want ID cards!
They offer downloads with no DRM in MP3 format, encoded at 192kbps and 320kbps. Charges are normally GBP 1.00 for 192kbps tracks and GBP 1.25 for 320kbps tracks.
Why exactly might GRUB not work in some cases where LILO would work?
I've been a GRUB person for since the beginning, but I recently put together a server with a SCSI array, the entries for which all appeared under/dev/ida.
GRUB didn't believe any drives existed, but LILO was fine with it. Differences in design, perhaps?
The studios don't want this because then you just hook up a recorder.. Yes, because consumer-level DVI-capable video capture devices are so common. The quality is perfectly acceptable for most people when recorded from a low-def output like S-video anyway.
Bloody studios. I really hope that enough people stand up to this to cause them to back down from these ridiculous totalitarian schemes.
.. respond to organized attacks on the security system by allowing dynamic updates of compromised code
This just sounds like they'd include patches for the firmware of compromised players on Blu-Ray discs themselves. Fair enough for them to do that, I suppose. You find out that the FooCorp BD1000 has a bug that disables DRM if you draw a smiley face on it with a black marker, so the next few Blu-Ray discs contain automatically-applied patches to that player's firmware.
I don't think it'll work, I don't think the original concept of DRM is any good, but if you have a lot of harware that needs to be 'updated' then it seems like a sensible way to do it.
Of course, since the Blu-Ray discs are read-only, all it will take is a player that completely defeats all the DRM schemes to play a disc back in the way the user wants rather than the way the content-providers want. It just might take some time to crack.
However, this auto-patching isn't so bad. It's not like they're requiring each machine to have a permanent internet connection or anything.
* You would risk intense lobbying efforts to extend the lifetime of a software patent "just a little bit longer", ad infinitum until they last for ages.
* Obtaining a patent is a slow process. Do patents count from submission date, or approval date? If I'm going to make my fortune with only 6 months to do so, I could do with knowing when I need to mobilise!
Does the introduction of the money making but otherwise pointless TLDs harm the net?
It does encourage domain-squatting, and may force companies/individuals into purchasing otherwise unnecessary domain names in order to keep up with preserving the 'uniqueness' of their net identity. I would say that was a bad thing.
Is it evil for them to make money?
Of course not.
sitefinder was more or less defeated, and wasn't forced on people either and again I ask is it evil for them to make money?
And lucky for us it was defeated. But you see the lengths that Verisign will go to just to try. And no, it is not necessarily evil for them to make money. However, you'll probably agree that the motives behind sitefinder could be described as veering a little bit towards the evil side, to the detriment of the technical efficiency of the net (non-existent domain names suddenly responding to pings, confusing spam filters, etc.).
Can you give an example of this [IP Address] misallocation?
Off the top of my head, doesn't the entire continent of Africa have just one class A subnet for itself? How many does MIT have? What about the US DoD? (I'm afraid I don't have concrete references for the answers actually, but the allocation has been swayed against the "rest of the world")
Similarly, I can't reference anything for this, but I'm pretty sure that some ISPs in developing countries can't even afford to give their customers live IP addresses, because they don't have enough: they have to use NAT to connect all their customers!
Country code TLDs are incredibly useful, as almost all domain names fall into the natural country borders, or are international (for which we have the.int TLD - e.g. http://europa.eu.int).
The hierarchical approach also allows the management of entire TLDs to be delegated to the country in question. If the address space were flat, then things would be messy.
I also believe that the distinction between commercial and non-commercial domains is important. Requiring all commercial domains to be held under a commercial subdomain (e.g. company.co.us, company.co.fr) stops corporate types from pinching personal-use domains.
Doing away with this disctinction would be analogous to preventing some homeowners from calling their house "Tudor Lodge" because of the existence of a business "Tudor Lodge Insurance", or whatever - you see might point.
They were put there for a good reason. Let's not forget it.
I haven't heard of any cases in which the internet has been abused by the United States or any organization assigned to administrate it.
Do any of the following bother you? * Introduction of money-making but otherwise pointless TLDs like.mobi,.tel,.xxx,.biz...? * Verisign's sitefinder, or indeed the general ability they have to redirect lookup requests to their own search engine for money-making purposes? * Gross misallocation of limited IP addresses?
I think the UN could do a good job with management of the internet.
NAT will not allow you to do easy VOIP or video-conferencing.
Now think about this: there's an entire class A subnet allocated to MIT. There's quite a few class A subnets allocated for various US governmental institutions. There's a whole one for Apple computer.
But, there's just one for the entire African continent. Some ISPs in countries besides the US cannot give their customers a real IP address! There are not enough to go round. The way they have been allocated is clearly skewed.
So yes, lots of people stand to gain by having more addresses. They just happen to be in some of the poorer nations.
The cases you mention might be things to consider when applying to renew your domain name. So: * You couldn't continue to register mycompany.co.us if your company went out of business two years ago. * Similarly, if you apply to renew your non-profit domain name, and those in charge see a 'subscribe for only $10' link on the front page, they might base a decision on whether to allow to renew on that.
I don't pretend that I can come up with a solution that fits every need perfectly (indeed the one I mentioned is clearly subject to central corruption at the domain registration and renewal stages), and you're right:.org/.com isn't 100% enforcable, but I think that even a modest bit of regulation would be better than none.
The old.com and.net suffix were put there for a reason, and things could still possibly be put right.
If there were no TLDs, and you registered "prestige", as your own domain name, then it could easily conflict with any number of other people who have legitimate uses for that name: * Companies in your country called "prestige". * Anyone in another country wanting the name "prestige" - perhaps it has a different meaning in another country's tongue? * Companies in other countries.
I think there's definitely a need to separate: * Domain names in different countries/continents. * Commercial domains. * Official government bodies of countries/regions. * Non-profit organisations, and personal-use domains.
You see, the original system wasn't so bad after all. I think it is just a lack of regulation when registering for domains that has ruined things. And everybody's guilty - I mean, look at me: I own a.net domain name and I'm not an ISP.
However, I don't think there's any easy way to kick things back into shape now. But if it had been done properly to begin with, things would be ok.
If I had my way, the only top-level domains would be.int (international),.eu/.asia/.. (continents), and country codes. No top-level.com or.org addresses. Also, the US isn't special - why should.gov,.edu etc. represent US institutions?
Take a look at these: prestige.co.us - clearly a company called 'prestige' in the US. foobar.edu.fr - The 'foobar' educational facility in France. trade.gov.tv - The trade department of the Tuvalu government (a bit random, but you see my point).
I really do think that these extra TLDs detract from the point of it all. Telcoms are just companies; they don't need their own TLD. I was never even fully convinced about the need for a.net TLD either.
Is there any hope of enforcing a bit more regulation to get things into a sensible state?
Slashdot Mirror
To paraphrase my iPhone-using coworker, "I'm safe from this vulnerability because I NEVER GET ANY F*CKING SIGNAL to receive a dodgy SMS packet in the first place".
I suppose I've got to hand him that one.
Thanks for the postage price conversion, but what about the demand itself?
Perhaps we should come up with some kind of analogy involving cars like everyone else :-).
Imagine you receive a pad-locked box (a DRM'ed music file). You can't open it yourself, because you don't actually have the key on you. In fact, the key is in the hand of a 7ft big mean-ass nightclub bouncer who's standing next to you (Windows Media Player / iTunes).
You ask the bouncer nicely, "I'd like to listen to this pad-locked box please.", and maybe the bouncer will then unlock the box, take out some sheet music and a trumpet, play the tune for you, and then put it back and lock the box again.
If you ask, "Can I see the sheet music please?", the bouncer will refuse.
The bouncer has the ability to say "yes" and "no" to your requests because the bouncer is a proprietary program over which you have no control. Well, unless you kick him in the gonads (crack the software, and maybe the gonads too), in which case maybe you'll be able to pry the key out of his quivering hand.
If you have an open-source bouncer, then you can make him always say "yes" to your requests, because mere act of being open source allows you to change the way he answers.
So, sending padlocked boxes to a bouncer who will always do what you say offers no control (to the sender of the box) over what is done with the contents of that box.
Similarly, sending DRM'ed files to a piece of software that will unlock them for any purpose offers no control to the sender of the DRM'ed files.
That is why Open Source DRM cannot "work".
The only reason that people continue to invest in DRM is because they believe that they can make an infallible bouncer. They can't.
Windows XP EULA in Plain English
And not just that..
I bought a component video cable for my PAL Gamecube, and the picture is absolutely gorgeous.
It uses the other AV socket on the back.
Sir, I would like to congratulate you on your use of the word 'fewer'.
There are so many illiterate idiots around here who would attempt to use 'less' instead of the grammatically correct 'fewer' in such a sentence that it would hurt my head if I were to stop and count them.
You have my thanks and utmost respect.
Speaking of what MPs are voting for, have a look at the voting record for this bill on wednesday:
Identity Cards Bill - 29th March 2006 at 14:30
Labout MPs all voted aye (with the exception of 9 rebels), and the Conservatives and Lib Dems *all* voted no.
The result was still 305 for to 251 against. How on earth is such a representation meant to be democratic? The vast majority of the population do NOT want ID cards!
Run a Sega Saturn emulator :-).
Great! Now when can we expect similarly advanced levels of production and refinement in the spelling and grammatical skills of our summary writers?
Here's a similar apparently paradoxical result:
-1 = sqrt(-1) * sqrt(-1)
-1 = sqrt(-1) * sqrt(1 / -1)
-1 = sqrt(-1) * sqrt(1) / sqrt(-1)
-1 = sqrt(1)
-1 = 1
Can you spot the flaw?
An excellent online music store for all those of you who are interested in dance/house/trance music is Audiojelly:
http://www.audiojelly.com/
They offer downloads with no DRM in MP3 format, encoded at 192kbps and 320kbps. Charges are normally GBP 1.00 for 192kbps tracks and GBP 1.25 for 320kbps tracks.
Highly recommended.
Why exactly might GRUB not work in some cases where LILO would work?
/dev/ida.
I've been a GRUB person for since the beginning, but I recently put together a server with a SCSI array, the entries for which all appeared under
GRUB didn't believe any drives existed, but LILO was fine with it. Differences in design, perhaps?
The studios don't want this because then you just hook up a recorder .. Yes, because consumer-level DVI-capable video capture devices are so common. The quality is perfectly acceptable for most people when recorded from a low-def output like S-video anyway.
Bloody studios. I really hope that enough people stand up to this to cause them to back down from these ridiculous totalitarian schemes.
.. respond to organized attacks on the security system by allowing dynamic updates of compromised code
This just sounds like they'd include patches for the firmware of compromised players on Blu-Ray discs themselves. Fair enough for them to do that, I suppose. You find out that the FooCorp BD1000 has a bug that disables DRM if you draw a smiley face on it with a black marker, so the next few Blu-Ray discs contain automatically-applied patches to that player's firmware.
I don't think it'll work, I don't think the original concept of DRM is any good, but if you have a lot of harware that needs to be 'updated' then it seems like a sensible way to do it.
Of course, since the Blu-Ray discs are read-only, all it will take is a player that completely defeats all the DRM schemes to play a disc back in the way the user wants rather than the way the content-providers want. It just might take some time to crack.
However, this auto-patching isn't so bad. It's not like they're requiring each machine to have a permanent internet connection or anything.
This might work, but unfortunately:
* You would risk intense lobbying efforts to extend the lifetime of a software patent "just a little bit longer", ad infinitum until they last for ages.
* Obtaining a patent is a slow process. Do patents count from submission date, or approval date? If I'm going to make my fortune with only 6 months to do so, I could do with knowing when I need to mobilise!
Does the introduction of the money making but otherwise pointless TLDs harm the net?
It does encourage domain-squatting, and may force companies/individuals into purchasing otherwise unnecessary domain names in order to keep up with preserving the 'uniqueness' of their net identity. I would say that was a bad thing.
Is it evil for them to make money?
Of course not.
sitefinder was more or less defeated, and wasn't forced on people either and again I ask is it evil for them to make money?
And lucky for us it was defeated. But you see the lengths that Verisign will go to just to try. And no, it is not necessarily evil for them to make money. However, you'll probably agree that the motives behind sitefinder could be described as veering a little bit towards the evil side, to the detriment of the technical efficiency of the net (non-existent domain names suddenly responding to pings, confusing spam filters, etc.).
Can you give an example of this [IP Address] misallocation?
Off the top of my head, doesn't the entire continent of Africa have just one class A subnet for itself? How many does MIT have? What about the US DoD? (I'm afraid I don't have concrete references for the answers actually, but the allocation has been swayed against the "rest of the world")
Similarly, I can't reference anything for this, but I'm pretty sure that some ISPs in developing countries can't even afford to give their customers live IP addresses, because they don't have enough: they have to use NAT to connect all their customers!
Slow down there, cowboy!
.int TLD - e.g. http://europa.eu.int).
Country code TLDs are incredibly useful, as almost all domain names fall into the natural country borders, or are international (for which we have the
The hierarchical approach also allows the management of entire TLDs to be delegated to the country in question. If the address space were flat, then things would be messy.
I also believe that the distinction between commercial and non-commercial domains is important. Requiring all commercial domains to be held under a commercial subdomain (e.g. company.co.us, company.co.fr) stops corporate types from pinching personal-use domains.
Doing away with this disctinction would be analogous to preventing some homeowners from calling their house "Tudor Lodge" because of the existence of a business "Tudor Lodge Insurance", or whatever - you see might point.
They were put there for a good reason. Let's not forget it.
I haven't heard of any cases in which the internet has been abused by the United States or any organization assigned to administrate it.
.mobi, .tel, .xxx, .biz...?
Do any of the following bother you?
* Introduction of money-making but otherwise pointless TLDs like
* Verisign's sitefinder, or indeed the general ability they have to redirect lookup requests to their own search engine for money-making purposes?
* Gross misallocation of limited IP addresses?
I think the UN could do a good job with management of the internet.
As a sibling mentioned, doing away entirely with TLDs is not such a good idea.
.tel TLD
I talked in detail about this in a previous slashdot discussion about the similarly abominable
NAT will not allow you to do easy VOIP or video-conferencing.
Now think about this: there's an entire class A subnet allocated to MIT. There's quite a few class A subnets allocated for various US governmental institutions. There's a whole one for Apple computer.
But, there's just one for the entire African continent. Some ISPs in countries besides the US cannot give their customers a real IP address! There are not enough to go round. The way they have been allocated is clearly skewed.
So yes, lots of people stand to gain by having more addresses. They just happen to be in some of the poorer nations.
The cases you mention might be things to consider when applying to renew your domain name. So:
.org/.com isn't 100% enforcable, but I think that even a modest bit of regulation would be better than none.
* You couldn't continue to register mycompany.co.us if your company went out of business two years ago.
* Similarly, if you apply to renew your non-profit domain name, and those in charge see a 'subscribe for only $10' link on the front page, they might base a decision on whether to allow to renew on that.
I don't pretend that I can come up with a solution that fits every need perfectly (indeed the one I mentioned is clearly subject to central corruption at the domain registration and renewal stages), and you're right:
The old .com and .net suffix were put there for a reason, and things could still possibly be put right.
.net domain name and I'm not an ISP.
.int (international), .eu/.asia/.. (continents), and country codes. No top-level .com or .org addresses. Also, the US isn't special - why should .gov, .edu etc. represent US institutions?
.net TLD either.
If there were no TLDs, and you registered "prestige", as your own domain name, then it could easily conflict with any number of other people who have legitimate uses for that name:
* Companies in your country called "prestige".
* Anyone in another country wanting the name "prestige" - perhaps it has a different meaning in another country's tongue?
* Companies in other countries.
I think there's definitely a need to separate:
* Domain names in different countries/continents.
* Commercial domains.
* Official government bodies of countries/regions.
* Non-profit organisations, and personal-use domains.
You see, the original system wasn't so bad after all. I think it is just a lack of regulation when registering for domains that has ruined things. And everybody's guilty - I mean, look at me: I own a
However, I don't think there's any easy way to kick things back into shape now. But if it had been done properly to begin with, things would be ok.
If I had my way, the only top-level domains would be
Take a look at these:
prestige.co.us - clearly a company called 'prestige' in the US.
foobar.edu.fr - The 'foobar' educational facility in France.
trade.gov.tv - The trade department of the Tuvalu government (a bit random, but you see my point).
I really do think that these extra TLDs detract from the point of it all. Telcoms are just companies; they don't need their own TLD. I was never even fully convinced about the need for a
Is there any hope of enforcing a bit more regulation to get things into a sensible state?
Of course, that should be 'off'.
if you asked people how to spell this term, they'd repond ..
"Repond" - Isn't that what frogs do when they jump of lily pads?