So by your arguement, AOL TW can and should stop all traffic it deems unacceptable. And that would be free speech.
Censorship is about "can" not "should".
But to your point specifically, they already do this. As to "should": I find their implementation of what is "unacceptable" to be obnoxious I don't use them and I encourage others to dump them.
Just because a private company has control over something, they still don't have the right to infringe on anyone's rights.
That's the free speech argument that web site vandals use. The catch is that you do not have a right to use another's resources, so their not infringing your rights if they to carry your speech.
For example, I have a right to put you in my killfile. I still have that right if I build a private network. I still have that right if my network becomes an ISP with paying customers (so long as I'm not deceiving them). And if I'm successful and oust AOL from the top ISP spot, then I STILL retain that right. So, yes, AOL could arbitrarily blacklist you or anybody else. In fact they do this on a much large scale when they lock out the other IM protocols.
for example Microsoft, and their OS
What does this have to do with the previous topic? Microsoft is an adjudicated monopoly. That is the problem with Microsoft, not something else. Again, the best response is to not use them, and to not shun speech that requires you do.
When a private entity decides which speech will be available on its private resources, that IS free speech, not censorship. If you don't like the choices that entity makes, get your own resources and compete with them. An ISP is not a "common carrier" and thus they are completely within their rights to adopt ANY content policy they choose.
Censoring blackhole lists is a violation of free speech, not an act that upholds it.
ME: I think hundreds of people making up amateur fonts is exactly what we need.
YOU: The problem with having lots of fonts is I have trouble keeping more than about 3 fonts in my memory. Specifically, I know of 'system' (fixed width), 'times new roman' (normal writing) and 'arial' (sans-serif normal).... My fonts folder has no less than 463 fonts. I don't need more fonts - I need a few select, high quality fonts.
I never said that we needed hundreds of fonts made by amateurs. Most of what newbies do in any arena is crap. What we need is PEOPLE who have mastered the basics.
ME: The only way to learn rocket science is to DO rocket science.
YOU: Um... it's conventionally learned by years of study in school and university, leading to a degree in Physics, before you even approach a real rocket.
You obviously never saw the movie October Sky (which is a true story). No, the conventional way to become a rocket scientist is to build a bunch of rockets when you are 12 (anybody shot off an Estes rocket lately?), fall in love with it, and master the things you have to to reach the cutting edge.
Hundreds of people learning to make fonts won't result in good fonts, just hundreds of people frustrated at the amount of time they wasted in making fonts nobody uses.
Nobody said it would be easy and quick. Anything worth doing is hard. Besides, that kind of frustration is what brings people together to stop working as lone wolves and instead work as a pack. But it's important to have the lone wolf experience first so that you have the basic skills. I understand that font creation isn't exactly collaborative, but peer review is the engine of high quality work in any field.
I've worked with type designers and have, in fact, created my own fonts, one of which is a rendition of an older font (from the 30s) called Albertus.
Good. You are the kind of person the Linux community needs more of. If there were a hundred people who had the experience you have, then I have no doubt that the "Linux font problem" could be solved rather quickly.
Unlike kernel development or software collaboration, in which hundreds of people can each contribute something that winds up in the final results (or even tens of thousands), font design is a lonely profession with lots of abandoned work. I disagree. In fact, kernel development is much more difficult to coordinate because there are interactions between the different contributions. Two beautiful fonts have virtually no chance to get in each other's way.
we certainly don't need is hundrets of people making up amateur open source fonts, but a few people who know what they're doing
I disagree. I think hundreds of people making up amateur fonts is exactly what we need. After a while, a few of these people will get really good at it, and then we'll have the latter half. Meanwhile, and more importantly, a font design sub-culture will have been established.
The only way to learn rocket science is to DO rocket science. I have never, ever seen a difficult field that could be learned any better than by just flat out trying to do it and puzzling through every obstacle.
Can somebody tell me what the origin of "All Your Base Are Belong To Us" actually is? I understand what it means -- I just want to know who said it first and why everybody latched on to it.
No I didn't read the definitions, because those aren't words that have arcane definitions. I don't need a weatherman to tell me which way the wind blows, nor some "scholar" to tell me what capitalism is.
And the DMCA does NOT enforce ownership, it DIMINISHES it. If I own the DVD, certain uses of that DVD are taken from me and given by statutory decree to someone who is no longer the owner of the physical object. You cannot tell me that capitalism smiles on a situation where I need a licence to access the contents of my own propery.
Open source, 'I trade my IP for yours' what I've never known anyone who thinks that way about open source.
You should get out more.
Most people promote open source because they don't believe it should be owned, GPL prevents ownership by giving the author some rights.
This is almost unintelligable. At best you are badly stating a common myth and misconception.
Open Source is not the same thing as public domain. Open Source retains and DEPENDS ON active retaining of copyright ownership. If NuSphere violates the MySQL licence, they get sued.
I have no idea what the hell you mean when you say " GPL prevents ownership by giving the author some rights." The GPL does not give the author any rights. The Copyright Act creates those rights, and the GPL retains them, but grants OTHERS, not the author, certain LIMITED permissions.
The limitations are designed to assure that code written to extend the original will be passed back to the original author, which is why I say open source is "my IP for yours".
Why would you deny CA the right to choose to adopt open source, then?
If CA voters want to choose their procurement strategy to maximize the total value added to the citizens of CA, would you argue they should be forced to allow IT managers who work for them to set alternative policies?
The market is ruling. California is a customer, and must make purchasing decisions. Those purchasing decision should be made in accordance with policy objectives set by the democratic process. As such, the state of California is simply one customer in a market. No other customers are constrainted by the procurement policy.
A law forbidding you from looking at Open Source products would be "bad". A law prohibiting you from considering non-Open Source products is just as bad if not worse.
I agree. But the law doesn't prohibit "you" or me either. CA would regulate only itself.
Some Open Source products rule. Some stink. Some proprietary products rule. Some stink.
Number your statements 1 to 4. The very purpose of law is to drive investement toward turning case 2's into case 1's. That sort of investment not only benefits the state of CA as a buyer of services, but it benefits the citizens of CA directly, because they also benefit from the improvement.
Compare that to changing case 4 to case 3. There is no benefit to private citizens of California.
When the choice is NEVER between procurement in case 2 and case 3, because it is really between (case 2 + services to move to case 1) and case 3. The people of CA are essentially saying that as a matter of policy, they benefit from the first option so greatly that they wish to make it mandatory. Not only does the resulting investment provide dividends for everyone, but the services required are more likely to be local consulting companies than remote software vendors. Jobs for the local economy.
The RIAA is a "special interest" that seeks to lobby Congress to regulate in its favor against the public interest. It is corporatist and elitist, but certainly not capitalist. Selling a product does not make you a free trader.
The DMCA is fascist -- it takes property rights away from the owners of the property and gives them to somebody else. "Access" is a right own the owner of the physical medium. Declaring otherwise is fascist in the strictest sense of the word.
Personally I would call opensource, P2P networks &co comunist.
P2P is a form of rebellion and civil disobedience to oppressive laws that create and maintain a sound recording cartel that has market power to exclude innovative alternatives, fabricate "artists", and exclude alternative music from radio and record stores.
Open source is extremely capitalist. I trade my IP for yours, and we both act voluntarily and without government coercion.
Open source is not communist because an author if they desired sell their own copyright ownership to someone else. The fact that they often choose not to is irrelevent.
The suffix "-zilla" has entered the lexicon as a direct result of the Godzilla franchise.
Of course, Godzilla uses the suffix "illa" which was popularized by a human predecessors known as the "gorilla".
The bottom line in trademark infringement is that it turns on a "likely to cause confusion in the market". If you think the Mozilla software browser is likely to be confused with the Godzilla entertainment brand, then you have the intellect of a gorilla.
Indeed, Netscape filed for trademark protection for the term "Mozilla" on 7-July-1995, under serial number 74698316.
However, since 18-July-1997, the status has been "An opposition is now pending at the Trademark Trial and Appeal Board." There has not been a resolution and so "Mozilla" is not a registered trademark.
I don't care how "easy" Linux ever is, 90% of people will never, ever install it. Unless more vendors start offering it pre-installed (hooray for Wal-Mart), Linux will never be adopted by any sizable percentage of desktops.
The whole conversation about "ease of installation" is completely wrong-minded.
"IT" always represented this flashy thing where the company was paying a bazillion dollars to move everything to platform X with some flashy vendor and new "in" technology. This type of IT is dead. It's dead because people started to see it as an end in iteself, and somebody finally asked "where's the bang for the buck in our core business operations?"
I've always felt that simply polishing the hell out of your internal apps is the best way to spend money on IT. It's pretty easy in most business system to find ways to take business functions that take a minute or two but are done by several hundred / thousand people a day (or more) and reduce them by 50-90% time-wise. If those take a month or two each of programmer time, that is big-time ROI.
Lets say the programmer makes double what the typical business process user costs. If it takes the programmer two months to do a project and the net result is that a business function/transaction occurring 480 times a day is cut from 90 seconds to 30 seconds, then the project pays for itself in four months. That kind of work isn't sexy, but it sure does pay for itself, especially when departments can delay hiring more people because their existing folks are more productive.
There are a lot of crappy apps out there that waste user/customer time, especially because IT managers were hell-bent to shove new apps out so they could claim victory in the time-to-delivery game. The whole IT industry needs to step back and focus back on the end user experience and business fundamentals: eliminate waste in core business processes.
What this allows is a man-in-the-middle attack without the usual telltale browser confirmation box that one sees when using an unsigned certificate. The attacker still has to get on the network between you and the website and essentially transparent-proxy your connection through a rogue ssl proxy to make this all work.
Any IP address can be "between you and the website". All he has to do is to get you to click a link to his site while giving the impression you are going to the desired site.
Spammers do this all the time: send a spam saying you need to change your bank password because it is expiring and providing the link to YourBank. You click the link, which goes to the middleman (I used slashdot just to illustrate), which identifies itself to you as your bank using a falsely certified cert.
He can simply forward all commands that you send to your real bank while he captures the data. If you've already fallen for it by going to his link, then you won't notice until months later when your cash disappears.
He uses a stolen CA'd cert and a hacked box for the middleman and is therefore completely untraceable.
Any of those companies can "go rogue" and start issuing free certs to anybody who asks, which one of them did a while back (then they succombed to the pressures and revoked all the rights, which was pretty crummy).
A certificate authority really is nothing different than a 3rd party who says "that certificate is legit". As you point out, anybody can be a certificate authority. However, I should be able to control who I think is a TRUSTED certificate authority, and the application should assure that I'm only told that certificate authority X certified certificate Y if that did in fact happen. If a CA goes "rogue", you can (and should) simply remove it from CA's that you trust.
This bug is much worse: IE appearently treats anyone certified by a CA as equivalent to that CA for certification of intermediates. Verisign certifies JohnDoe and then JohnDoe can transitively assert that Verisign certifies BadDude.
That is a disaster, because it means that in order to trust Verisign, you have to trust **everybody** that Verisign has ever certified, which is impossible.
Which is why I self sign everything. Since it all boils down to whether or not you trust me, why should I spend $150 trying to trick you into thinking I've passed some rigorous test for "trust".
Thats why I self-sign everything as you too:-] Seriously, though , there is nothing wrong with self-signing so long as there is an independent way to validate that you are who you say you are. For example, I work in a military environment and our cert admins hand walk certificates from them to you. Browsers generally come with the big CA's certificates built-in, so it's much easier to validate that Verisign is Verisign.
I think peer based trust will rapidly become essential element of P2P. Digital signatures for identity authentication combined with some kind of peer based trust combined with some kind of network resource allocation based on trust seems like the way to go if the RIAA is going to start trying to infiltrate the networks.
The advogato trust metric and slashdot's moderation system are the most prominent implementations that try to solve the problem of peer based trust. It clearly needs more research.
Slashdot Mirror
It seems to me a hard thing to believe that a swing that big could happen in a month. Anybody have any explaination for how it happened.
Maybe people are finally deploying the new version of Apache? Or is this just sampling error?
So by your arguement, AOL TW can and should stop all traffic it deems unacceptable. And that would be free speech.
Censorship is about "can" not "should".
But to your point specifically, they already do this. As to "should": I find their implementation of what is "unacceptable" to be obnoxious I don't use them and I encourage others to dump them.
Just because a private company has control over something, they still don't have the right to infringe on anyone's rights.
That's the free speech argument that web site vandals use. The catch is that you do not have a right to use another's resources, so their not infringing your rights if they to carry your speech.
For example, I have a right to put you in my killfile. I still have that right if I build a private network. I still have that right if my network becomes an ISP with paying customers (so long as I'm not deceiving them). And if I'm successful and oust AOL from the top ISP spot, then I STILL retain that right. So, yes, AOL could arbitrarily blacklist you or anybody else. In fact they do this on a much large scale when they lock out the other IM protocols.
for example Microsoft, and their OS
What does this have to do with the previous topic? Microsoft is an adjudicated monopoly. That is the problem with Microsoft, not something else. Again, the best response is to not use them, and to not shun speech that requires you do.
Everyone should be against any censorship!!
I don't think you understand what censorship is.
When a private entity decides which speech will be available on its private resources, that IS free speech, not censorship. If you don't like the choices that entity makes, get your own resources and compete with them. An ISP is not a "common carrier" and thus they are completely within their rights to adopt ANY content policy they choose.
Censoring blackhole lists is a violation of free speech, not an act that upholds it.
ME: I think hundreds of people making up amateur fonts is exactly what we need.
... My fonts folder has no less than 463 fonts. I don't need more fonts - I need a few select, high quality fonts.
YOU: The problem with having lots of fonts is I have trouble keeping more than about 3 fonts in my memory. Specifically, I know of 'system' (fixed width), 'times new roman' (normal writing) and 'arial' (sans-serif normal).
I never said that we needed hundreds of fonts made by amateurs. Most of what newbies do in any arena is crap. What we need is PEOPLE who have mastered the basics.
ME: The only way to learn rocket science is to DO rocket science.
YOU: Um... it's conventionally learned by years of study in school and university, leading to a degree in Physics, before you even approach a real rocket.
You obviously never saw the movie October Sky (which is a true story). No, the conventional way to become a rocket scientist is to build a bunch of rockets when you are 12 (anybody shot off an Estes rocket lately?), fall in love with it, and master the things you have to to reach the cutting edge.
Hundreds of people learning to make fonts won't result in good fonts, just hundreds of people frustrated at the amount of time they wasted in making fonts nobody uses.
Nobody said it would be easy and quick. Anything worth doing is hard. Besides, that kind of frustration is what brings people together to stop working as lone wolves and instead work as a pack. But it's important to have the lone wolf experience first so that you have the basic skills. I understand that font creation isn't exactly collaborative, but peer review is the engine of high quality work in any field.
I've worked with type designers and have, in fact, created my own fonts, one of which is a rendition of an older font (from the 30s) called Albertus.
Good. You are the kind of person the Linux community needs more of. If there were a hundred people who had the experience you have, then I have no doubt that the "Linux font problem" could be solved rather quickly.
Unlike kernel development or software collaboration, in which hundreds of people can each contribute something that winds up in the final results (or even tens of thousands), font design is a lonely profession with lots of abandoned work.
I disagree. In fact, kernel development is much more difficult to coordinate because there are interactions between the different contributions. Two beautiful fonts have virtually no chance to get in each other's way.
No, that's obviously his cat's name.
we certainly don't need is hundrets of people making up amateur open source fonts, but a few people who know what they're doing
I disagree. I think hundreds of people making up amateur fonts is exactly what we need. After a while, a few of these people will get really good at it, and then we'll have the latter half. Meanwhile, and more importantly, a font design sub-culture will have been established.
The only way to learn rocket science is to DO rocket science. I have never, ever seen a difficult field that could be learned any better than by just flat out trying to do it and puzzling through every obstacle.
Are there any good sites out there for finding mp3 friendly labels?
Sooner or later somebody will write an email worm that makes people send a random mp3 or two out to everybody they know.
Is windows media player scriptable?
Can somebody tell me what the origin of "All Your Base Are Belong To Us" actually is? I understand what it means -- I just want to know who said it first and why everybody latched on to it.
No I didn't read the definitions, because those aren't words that have arcane definitions. I don't need a weatherman to tell me which way the wind blows, nor some "scholar" to tell me what capitalism is.
And the DMCA does NOT enforce ownership, it DIMINISHES it. If I own the DVD, certain uses of that DVD are taken from me and given by statutory decree to someone who is no longer the owner of the physical object. You cannot tell me that capitalism smiles on a situation where I need a licence to access the contents of my own propery.
Open source, 'I trade my IP for yours' what I've never known anyone who thinks that way about open source.
You should get out more.
Most people promote open source because they don't believe it should be owned, GPL prevents ownership by giving the author some rights.
This is almost unintelligable. At best you are badly stating a common myth and misconception.
Open Source is not the same thing as public domain. Open Source retains and DEPENDS ON active retaining of copyright ownership. If NuSphere violates the MySQL licence, they get sued.
I have no idea what the hell you mean when you say " GPL prevents ownership by giving the author some rights." The GPL does not give the author any rights. The Copyright Act creates those rights, and the GPL retains them, but grants OTHERS, not the author, certain LIMITED permissions.
The limitations are designed to assure that code written to extend the original will be passed back to the original author, which is why I say open source is "my IP for yours".
Freedom of choice.
Why would you deny CA the right to choose to adopt open source, then?
If CA voters want to choose their procurement strategy to maximize the total value added to the citizens of CA, would you argue they should be forced to allow IT managers who work for them to set alternative policies?
Let the market rule.
The market is ruling. California is a customer, and must make purchasing decisions. Those purchasing decision should be made in accordance with policy objectives set by the democratic process. As such, the state of California is simply one customer in a market. No other customers are constrainted by the procurement policy.
A law forbidding you from looking at Open Source products would be "bad". A law prohibiting you from considering non-Open Source products is just as bad if not worse.
I agree. But the law doesn't prohibit "you" or me either. CA would regulate only itself.
Some Open Source products rule. Some stink. Some proprietary products rule. Some stink.
Number your statements 1 to 4. The very purpose of law is to drive investement toward turning case 2's into case 1's. That sort of investment not only benefits the state of CA as a buyer of services, but it benefits the citizens of CA directly, because they also benefit from the improvement.
Compare that to changing case 4 to case 3. There is no benefit to private citizens of California.
When the choice is NEVER between procurement in case 2 and case 3, because it is really between (case 2 + services to move to case 1) and case 3. The people of CA are essentially saying that as a matter of policy, they benefit from the first option so greatly that they wish to make it mandatory. Not only does the resulting investment provide dividends for everyone, but the services required are more likely to be local consulting companies than remote software vendors. Jobs for the local economy.
DMCA and all the RIAA lobying is capatilist.
.
B.S.
The RIAA is a "special interest" that seeks to lobby Congress to regulate in its favor against the public interest. It is corporatist and elitist, but certainly not capitalist. Selling a product does not make you a free trader.
The DMCA is fascist -- it takes property rights away from the owners of the property and gives them to somebody else. "Access" is a right own the owner of the physical medium. Declaring otherwise is fascist in the strictest sense of the word.
Personally I would call opensource, P2P networks &co comunist.
P2P is a form of rebellion and civil disobedience to oppressive laws that create and maintain a sound recording cartel that has market power to exclude innovative alternatives, fabricate "artists", and exclude alternative music from radio and record stores.
Open source is extremely capitalist. I trade my IP for yours, and we both act voluntarily and without government coercion
Open source is not communist because an author if they desired sell their own copyright ownership to someone else. The fact that they often choose not to is irrelevent.
The suffix "-zilla" has entered the lexicon as a direct result of the Godzilla franchise.
Of course, Godzilla uses the suffix "illa" which was popularized by a human predecessors known as the "gorilla".
The bottom line in trademark infringement is that it turns on a "likely to cause confusion in the market". If you think the Mozilla software browser is likely to be confused with the Godzilla entertainment brand, then you have the intellect of a gorilla.
Indeed, Netscape filed for trademark protection for the term "Mozilla" on 7-July-1995, under serial number 74698316.
However, since 18-July-1997, the status has been "An opposition is now pending at the Trademark Trial and Appeal Board." There has not been a resolution and so "Mozilla" is not a registered trademark.
Didn't the 9th Circuit just rule that Godzilla was unconstitutional?
Is there a site that offers indie videos?
I'd be happy to put Jackboots Valenti a few bucks in the whole by supporting somebody else once in a while.
... vendors install it for you!
I don't care how "easy" Linux ever is, 90% of people will never, ever install it. Unless more vendors start offering it pre-installed (hooray for Wal-Mart), Linux will never be adopted by any sizable percentage of desktops.
The whole conversation about "ease of installation" is completely wrong-minded.
"IT" always represented this flashy thing where the company was paying a bazillion dollars to move everything to platform X with some flashy vendor and new "in" technology. This type of IT is dead. It's dead because people started to see it as an end in iteself, and somebody finally asked "where's the bang for the buck in our core business operations?"
I've always felt that simply polishing the hell out of your internal apps is the best way to spend money on IT. It's pretty easy in most business system to find ways to take business functions that take a minute or two but are done by several hundred / thousand people a day (or more) and reduce them by 50-90% time-wise. If those take a month or two each of programmer time, that is big-time ROI.
Lets say the programmer makes double what the typical business process user costs. If it takes the programmer two months to do a project and the net result is that a business function/transaction occurring 480 times a day is cut from 90 seconds to 30 seconds, then the project pays for itself in four months. That kind of work isn't sexy, but it sure does pay for itself, especially when departments can delay hiring more people because their existing folks are more productive.
There are a lot of crappy apps out there that waste user/customer time, especially because IT managers were hell-bent to shove new apps out so they could claim victory in the time-to-delivery game. The whole IT industry needs to step back and focus back on the end user experience and business fundamentals: eliminate waste in core business processes.
What this allows is a man-in-the-middle attack without the usual telltale browser confirmation box that one sees when using an unsigned certificate. The attacker still has to get on the network between you and the website and essentially transparent-proxy your connection through a rogue ssl proxy to make this all work.
Any IP address can be "between you and the website". All he has to do is to get you to click a link to his site while giving the impression you are going to the desired site.
Spammers do this all the time: send a spam saying you need to change your bank password because it is expiring and providing the link to YourBank. You click the link, which goes to the middleman (I used slashdot just to illustrate), which identifies itself to you as your bank using a falsely certified cert.
He can simply forward all commands that you send to your real bank while he captures the data. If you've already fallen for it by going to his link, then you won't notice until months later when your cash disappears.
He uses a stolen CA'd cert and a hacked box for the middleman and is therefore completely untraceable.
Agreed, especially because I personally submitted some of the SSL certificate bugs and they have been fixed (long ago, in fact). 0.9.4 is really old.
Any of those companies can "go rogue" and start issuing free certs to anybody who asks, which one of them did a while back (then they succombed to the pressures and revoked all the rights, which was pretty crummy).
:-] Seriously, though , there is nothing wrong with self-signing so long as there is an independent way to validate that you are who you say you are. For example, I work in a military environment and our cert admins hand walk certificates from them to you. Browsers generally come with the big CA's certificates built-in, so it's much easier to validate that Verisign is Verisign.
A certificate authority really is nothing different than a 3rd party who says "that certificate is legit". As you point out, anybody can be a certificate authority. However, I should be able to control who I think is a TRUSTED certificate authority, and the application should assure that I'm only told that certificate authority X certified certificate Y if that did in fact happen. If a CA goes "rogue", you can (and should) simply remove it from CA's that you trust.
This bug is much worse: IE appearently treats anyone certified by a CA as equivalent to that CA for certification of intermediates. Verisign certifies JohnDoe and then JohnDoe can transitively assert that Verisign certifies BadDude.
That is a disaster, because it means that in order to trust Verisign, you have to trust **everybody** that Verisign has ever certified, which is impossible.
Which is why I self sign everything. Since it all boils down to whether or not you trust me, why should I spend $150 trying to trick you into thinking I've passed some rigorous test for "trust".
Thats why I self-sign everything as you too
I think peer based trust will rapidly become essential element of P2P. Digital signatures for identity authentication combined with some kind of peer based trust combined with some kind of network resource allocation based on trust seems like the way to go if the RIAA is going to start trying to infiltrate the networks.
The advogato trust metric and slashdot's moderation system are the most prominent implementations that try to solve the problem of peer based trust. It clearly needs more research.
sprintf() can't be removed without breaking literally thousands of stupidly-written apps which depend upon it.
Isn't this precisely the set of programs that need to be broken, so they don't allow root?