From a technological stand-point we'd considering watermarking the code in some form for each customer, but this has problems in that if the customer makes significant changes then the watermark may be illegible. We're also considering some sort of Encrypted key scheme that would tie the software to a particular server or something like that. I'd be interested in knowing what other protections you may have used in the past.
Actually, it does not. You see a good watermark scheme relies extensively on error correcting codes; that is, if they mangle one of your bits you've got enough redundancy to reconstruct your watermark. You don't actually need to hide that many bits in the source to get this watermark in. You should at most require 20 bits; this would give you around a million watermarks. This should give you plenty of scope to hide your watermark.
Compilers ignore whitespace which means you should focus on introducing changes in to the white space. It's also a good idea to change some of the program code aswell. One of the top of the head that might be useful is to expand the ternary operators out in to if statements.
Unfortuantely, all the methods that come to mind seem to depend on the secrecy of the stego method which is bad design. There is probably a way to do this is secure even when the stego algorithm is known. I'd go and hunt through the literature.
Combined with a decent license, this stego can help you protect your copyright.
How are Slashdotters coping with the proliferation of spreadsheets in the face of greater legal accountability and auditing?"
My guess it they're not. I've met FIERCE resistance in the past from accounts trying to reform their spreadsheet ways. Every accountant understands the spreadsheet. The Financial Director understands the spreadsheet. If you can't get the Financial Directory to back your plans then any reform is dead in the water.
The problem is born out of bad communication skills. IT generally assumes that just because the FD doesn't understand C++ he is stupid. We see this kind of behavior all the time on Slashdot:
"What amazed me is that the Judge really understood the GPL."
No fucking shit he understood the GPL. Let's see he probably got a 1st class degree in Law, Passed his BVC with flying colours. He then probably got his pupillage with ease (there are twice as many students each year as there are pupillages) and then rose to the Bar. After that, he'd have spent 15 years working cases in the Crown Court. If he didn't understand the GPL he would have fallen at the first hurdle. My brother is a lawyer and understood the GPL before he even took his LPC. By comparison, you're average IT guy is a mere peon. I'd wager that given your average programmer with no C++ experience, the Judge could beat the programmer hands down in a programming contest. These people are very, very smart.
The same is true of Financial Directors and their ilk. They have to take years of qualifications and have decades of experience before they're allowed to do their job. Talking down to them is a recipe for marginalization. So the solution is to talk to them in clear language. None of this bullshit bingo that seems to be infesting every cranny of IT - clear, plain language.
Explain the problem, then explain the solution. They don't want or care to hear about LAMP, AJAX or Web 2.0. This like a builder telling you the type of screws he's going to use to build your house. All that you care is that your house is well built and will last a long time without significant maintenance. All they want to know why they need your solution, how much it will cost and the consequences if they don't do it. Anything else is a waste of their time and will lower the amount of time they have for you.
It's wrong to attach this issue exclusively to the technology called Web 2.0; whatever that term really means anyway - but that's another rant.
The picture is much broader than that, the assault on our privacy is being conducted on many fronts and motivated by the same desire: To waste less money on marketing.
Someone once said: "I know I'm wasting half my money on advertising. The problem is that I don't know which half that is"
The Internet, it seems, is providing a solution to this conundrum. Suddenly, advertisers have the ability to only pay for advertising only when someone responds the advertising. This makes such adverts far more valuable than something that isn't interactive like a billboard or TV advertisement.
But this is just the beginning. In the next few years, we will see the development of schemes where you pay for advertising only when you make a direct sale off the back of it. The scheme will track you from the moment you click, to the moment you get the confirmation e-mail. The problem with this is that in order to audit it properly you need to link that click through to a real person. And there-in lies the privacy problem.
The solution to this problem is fairly easy: Just block all the advertising. People, like the owners of Slashdot might decry this solution because sites such as theirs might not be able to survive without this revenue. I put my money where my mouth was. I like Slashdot so I paid for it directly.
Imagine how much higher the standard of Slashdot would be if all it's revenues came from subscribes. Suddenly, quality matters much more than page views. Remember, it took Digg to motivate Slashdot to change, because its cash cow was the advertsing and Digg was starting to threaten that. If we took out this source of revenue, the quality of the web would surely increase.
Only the people who make lucid enough points to attract paying subscribers would be able to sustain a high traffic site.
As a result, natural selection would weed out the trash and reward the good. A future without advertising is a future where the user comes first.
Slimey bastards! I wonder what the fallen in the September 11th terrorist outrages would make of this. The US government has repeatedly
used their memory to justify secrecy right across government. It is now trying to use their memory to to silence people who whistle-blow on their
deepest darkest secrets. Well fuck them!
Quite frankly, I couldn't give the faintest whiff of shit what the Attorney General has to say about the issue. The Constitution trumps everything, the Attorney General include, and it states
in no uncertain terms which the rights of citizens of the United States retain for themselves:
Congress shall make no law respecting an establishment of religion, or prohibiting the free exercise thereof; or abridging the freedom of speech,
or of the press; or the right of the people peaceably to assemble, and to petition the Government for a redress of grievances.
I don't see any exception for the state to keep secrets from the electorate. Bring the prosecutions and watch them fall one by one.
This is more sensationalist shit like the story about the RIPA. The law isn't very effective because the police can't force you to hand over keys that are used only to ensure the integrity of messages. This basically means that stuff like SSL, SSH and Zimmerman's Zphone are safe against seizure.
I submitted a story on this but obviously the Slashdot editors care more about exciting headlines than the sober truth. I wrote an essay in 2003 and you can read it here.
I've not read the act but I can already guess how useless it will be. The short and long of it is that it is very tough indeed to prove beyond reasonable doubt that someone that you put the software there. Believe me I know, I was a witness in a Child Porn case. The defence won because when we found the content we didn't follow CPS guidelines in the data recovery method.
Even worse, a hackers machine can look very much like a hacked machine. Hackers, after all, use one machine to get to the next. How are you going to prove they aren't the innocent bystander - BEYOND REASONABLE DOUBT.
Yet more time wasted by an incompetent government that can't even deport convicted foreign criminals.
It's not going to stay that price. All the consoles have come down in price relatively quickly.
So the question is not whether it is viable but more whether it's a sensible decision.
The way consoles are sold is quite a clever exercise in capturing the consumer surplus; that is, segmenting
your market according to their willingness to pay. You launch at a price that is very high to start with and you
capture the relatively small segment of the market that thinks your product is really worth that much. You then slowly
lower your price so you hoover up more and more of the people who are willing to part with their cash when the price is
more reasonable. Eventually, as you near the end of production, you cut your prices further to get it off the shelves and
get the people who want something for nothing.
The problem Sony has neglected to contemplate is that this Playstation is not launching in the same conditions as the previous
versions of the brand. It is not the first to market with the new generation of console. This is crucial, because now
Microsoft is already ahead of the curve with the price strategy I described above. At every stage in the price lowering,
we'd expect Microsoft to be cheaper than the Playstation. The Xbox 360 is likely to have more games at any given instant than the
Playstation 3.
Another factor here is BluRay. I'd estimate that 80% of Playstation 2s are hooked up to a small TV in some teenageers bedroom.
They're not going to go out and buy a High-Definition set for their Playstation 3. They will get no benefit from the enhanced
resolution of BluRay and therefore see no reason to buy it.
For this reason, I expect the Playstation to under perform by a long way. It may even cause the Playstation to fade much in the same
way the Dreamcast caused Sega to wash out to see. These are interesting times to be alive.
I personally believe that the government has no business regulating net neutrality.
The government will be lobbied to the point where the bill actually does more damage
than having a law in the first place.
If you need proof of this just look at the anti-spam
laws around the world that safe-guard "e-marketing".
I actually suspect that this is going to go away by itself. Who is going to pay for
this service? Imagine Google's reply to this: "You're going to make my traffic slower
if I don't pay this fee? Well fuck you very much! In fact, I'm going to go to a new bandwidth
provider who doesn't try to extort me.
I doubt the PHB's have done the maths on this either. History is a great teacher, perhaps they should
pick up a history book. Back in England in the 19th century the price of sending a letter was calculated
depending on how far it has to go. Somebody realised that the cost of calculating the tariff actually
costed the mail company more than extra profit they were trying to make. They introduced a flat fee and
improved profits overnight.
Ask yourselves this, how much is going to cost ISPs to administer this monstrosity? Suppose Google's homepage
has to traverse 5 networks to go to my PC. How is Google's fee going to be split across these networks? That sounds
like a big fucking pain in the arse to me. How many accountant's salaries am I going to have to pay to remit these funds?
Balance this cost against how much additional profit are they are going to make. How much money can you make off
bandwidth when it's literally pennies per gigabyte at these scales?
This has nothing to do with OpenDocument as I can create any program that can read and write the format. In fact, if Winske was such inclined he could write a program to do this himself. Try doing that with Microsoft's format!
It's vitally important that disabled people are able to use computers.
Computers allow them to connect with people in a way where they're truly equal. As a light hearted aside, a disabled guy from Romania who I met when I was there just a few months ago was able to totally own me in Unreal Tournment! To paraphrase a famous gun nut: God created man, colt^H^H^H^Htechnology made them equal.
If anything, OpenDocument will allow much more deeply integrated software for disabled folks. I think once this starts to become a reality, disabled people will really enjoy the format.
Wait, I thought the free market and privatization was supposed to make things cheaper? While state-run systems like the British NHS were supposed to be horribly inefficient and expensive?
Any economists care to explain what's going on here? Is the free market a failure, or is this the way it's supposed to be? Are those extortionate health costs translating into increased prosperity for America in some way?
Markets work very well where prices are elastic; that is, a change in price causes demand to change. Healthcare, by its very nature, is inelastic. The number of broken legs that need to be serviced each year is roughly the same and changing the price to fix a broken leg will not change the demand for the service appreciably. The same goes for Heart Disease, Cancer or just about any other ailment.
The upshot of this is that free market will raise the prices indefinitely, as we have seen in the United States. In fact, in America it's got a whole lot worse because companies are providing healthcare for their employees. The fact that companies have much bigger pockets makes the inflation problem so much worse.
There are also other economic disadvantages to the American set-up. The chief one being purchasing power. The NHS can buy ten million flu shots in a go and can pass these savings on the tax payer. In the mean while, a person doesn't have the same clout. Moreover, you generally need drugs when you're sick and you're going to be prepared sacrifice a lot more in order to get the drug than you would for most products. Not a lot else matter if you're dying of cancer: You either buy the drug or you die.
The best way to run a health service is through "market inspired" communism. That is not as much as an oxymoron as you might think it is. The NHS is a prime example of this.
I believe the problem with Email is usually only 10% of what you are trying to communicate is actually understood.
Sort of like posting on slashdot.....:-)
I know your joking but you're absolutely correct. This is a very serious problem with e-mail and why using the phone should be prefered over it. You see, when you're speaking to someone face to face or even over the telephone a lot of the information is contained in the delivery. Your body language and intonation help to create context and help the message get across to the listener.
E-mail, by contrast has none of this. Writing an e-mail that your audience will understand first time - both in tone and in content - takes considerable effort and skill. E-mails are often not considered fully. Hands up if you've sent an e-mail quickly and realised the tone of the e-mail makes it sound very hard and demanding? I suspect most of us have!
Because writing clear e-mails is difficult, people often resort to writing bullshit instead. The idea being is that if you can bedazzle the recipient enough with your buzzwords and other pseudo-words that they feel inferior and are unlikely to ask for clarification.
Why do we need software to collaborate? Humans have always collaborated best when sat around a table talking to each other. In my opinion, the software solves a problem that would be better solved by taking the time to see each other in the flesh.
It may be expensive but it's less expensive than getting it wrong and ruining the reputation you had with your client.
Self-shrinking generators are broken but the best attack requires an insane amount of plain-text. Far, far, more than you could ever generate by
hand. If Mr Mafia had used this instead of a crappy cipher from two thousand years ago then he might not have been caught.
Throughout history lives have literally depended on the strength of the cryptography people have deployed. I find it exciting that these times are still
with us and are not mearly confined to the history books.
Will gathering a community of people help solve problems such as P=NP, or do you think it requires a lot more than a semi-qualified community to approach the problem?
Proofs are not really found by committee. This Wiki might be a good way to share research and in that sense it may aid the effort but above and beyond that it's not going to contribute much.
It will take a unique insight and a particularly sharp mind to get to the bottom of these problems.
Since the statute predates the Constitution of the U.S., a clever lawyer could argue it applies here equally.
The USA declared independence and is therefore independant of the British legal system.
The same goes for Ireland too. do you think the 1801 Union Act still applies there because it predates their constitution?:P
In the British legal system a contract is formed when the following are all true:
There is an offer
There is consideration of the offer - i.e. Goods or Services exchanged for money or other services.
There is acceptance of the offer
For example, if you exchange e-mails with your girlfriend and you promise to take your girlfriend her to the pictures if she buys you a
pint tonight, and she does, then she can sue for breach of contract if you do not take her. Notice the agreement is independant of the medium it
is formed in. If some new medium communications medium existed tomorrow, contract law still applies to it.
I feel like unless one studies and masters the use of these pretentious buzzwords and phrases,
he/she will be run over by people with worse ideas but a nicer-sounding delivery. Is corporate speak a necessary evil?
No it is not, in fact, it should be resisted at all costs. Corporate speak is the opposite of language. Language is used
between people to discuss ideas and express their emotions to each other. Corporate speak is used for precisely the opposite, to cloud ideas
behind a vineer of self assumed intellect. Often coporate speak can be decomposed in to concepts so simple that they're essentially obvious.
An example from one of my previous rants on this topic: "You can use the leviathan forces of attention and enthusiasm that are swirling
around Web 2.0 these days as a powerful enabler to make something important and exciting happen in your organization."
This is a fairly typical management-speak sentence but what does this actually mean? The sentence essentially boils down to a simple statement:
You can use new technology as an opportunity to improve the operation of your business. I think most would agree this is an obvious, uninteresting
statement and this is precisely the point I'm trying to make. People who use this language are trying to sell you something that's obvious; to sell
the emperor his own clothes. If somebody can't make their point in plain english then they likely don't have a point that's worth hearing at all.
So how do you fight it? I find the following techniques work:
Ask them to explain what each term means. Example: What is Web 2.0 anyway? I haven't seen a new W3C standard called Web 2.0.
Repeat what they just said in English. Rather than agreeing with what they said get them to agree to your formulation of the statement instead.
If your in a position of power, if anybody submits a proposal to you using flowery terms, get them to revise their language.
Tell them why you think clear language is important.
I love our language and I love the mutual heritage shared across the many countries that speak it. Work with me to remove this cancer
from our workplaces because our language is part of who we are. We simply can not allow something so abhorent to become part of our
definition.
That should be: Can God create a stone so heavy he can't lift it, if he can, he's not all powerful because he can't lift the stone, if he can't he's not all powerful because he can't create the stone in the first place.
Once again, Science tightens the vice on God. God must be feeling pretty claustrophobic inhabiting the ever smaller gaps of science.
We already know God is a totally incoherent concept. Here's why:
Theorem: An all powerful God is impossible.
Proof:If God is all powerful that means he can perform any action, this however is absurd. Can God create a stone so heavy he can't lift it, if he can, he's not all powerful because he can't lift the stone, if he can't he's not all powerful because he can't lift the stone in the first place. God could also create married bachelors, square circles and honest politicians.
At best, God could be as powerful as allowed by the laws of logic. However, so can we. Through technology we have mastered what the ancients would have thought impossible: Flight, light at the flick of a switch, devices that allow us to communicate seamlessly over thousands of miles.
A common defence is to say God doesn't adhere to logic and therefore we can't judge him by it. That may be true, but it means we can't say anything about God whatsoever. Any logical contradiction in a system means that every statement within that system can be proved. God would be rendered meaningless. And besides, this is incompatible with Christian theology because God created man in the image of God. If man is logical, then by extension so is God.
Theorem A God that knows everything is impossible
Proof: A subset of knowing everything is to know every true statement. The question then becomes whether it is possible to know every true statement - or more precisely, can we even construct a complete set of statements that are true. The answer, as you've probably guess is no.
To prove this, first assume that we can construct a complete set of truths. Take the power-set of this set. The power-set of any set is bigger than the original set, even for set of infinite sizes, however, there is now a truth associated with each set: Is truth x in a given power-set. This is a contradiction, so we know constructing a set of all truths is impossible. By extension, it is impossible to know everything.
I could go on, the point in that God can be discounted with reason alone. We don't even have to get ourselves involved in Biology or Physics. I don't pretend that all human suffering is derived from religion, but a disgraceful amount of it is. Let's step beyond the God myth and try and make the world a better place.
Imagine if Google profiled you by your Gmail account and web-searches, blogger entries, etc and was able to use this information to do a psychometric profile of you. It could then compare this with other people's profiles and suggest members of the opposite sex that it thinks you would most like!
I don't know whether this would be cool or damn scarey. What's worse is that the only thing standing in the way of this happening is programmer time. What's amazing is how effectively we've created 1984 and in how little time we've done it.
which to my knowledge is unbreakable, although I am not particularly well versed in cryptography
That's right, it is unbreakable - provided you never use the same key twice. And here's why:
Any message is a series of bits which can be represented as a number. Any key of the same length is a series of bits that can be represented as a number. Therefore, we can define the following function that operates on the entire message at once:
CipherText = PlainText XOR Key
The first thing to notice about this construction is that for a fixed plain-text every given key maps to exactly one cipher-text and for any given cipher-text there is exactly one key. In fact, it doesn't matter which parameter you fix be it plain-text, key or the ciphertext. There will always be a one-to-one mapping between the two values you didn't fix.
This leads us straight to our first fact. If you have zero knowledge of the contents of the plain-text then it is impossible to work out the plain-text with the cipher-text alone. This is because if we try every single key then eventually we will step through every possible plain-text of that length. From compressed archives of your favourite porn star to the names of all the CIA secret agents. So given that every possible plain-text is a valid decryption, which plain-text is the correct one? Well every key is equally likely since it was selected at random from all keys of that length. There is no way to know.
It should now start to dawn on you that even with a known plain-text attack, the construction is still secure. Suppose you knew that the first words of my encrypted message were: "Make sure you are at the station with the drugs at " and you wanted to work out from the rest of the message. It's quite clear that the end of the message is a time, or perhaps even a word like "Dawn", "Dusk", "Midday" etc. You say, ah ha, we could step through each key that decrypts to a time or date and recover the correct decryption! Wrong! The problem is that there will be a key that decrypts to every possible date, time and word. The question is, how do you decide which is the correct one?
This is the crux of the proof of security. The key won't give you any information because each of the proposed keys decrypts to a valid plain-text, moreover, each key is equally likely to have been selected as the real encryption key. You're stumped! There's no way to work out the proper date time from the information available to the attacker.
What happens if you reuse the key? You get no security. The proof of security for the one-time-pad comes from the fact that the pad is selected at random. The chances of you picking two pads at random and getting exactly the same pad are so small that we would be safe to round it zero. You can break messages protected by reused pads with a pencil and paper.
Given the fact that, when used properly, one-time-pads are unbreakable why don't we see them in common useage?
Well say you had a communications channel with your friend you want to share secret data with. In order to secure the conversation you need to give him a pad equal in length to the message. This requires a secure channel to exchange the key on which has the same capacity as the message itself. Given that, why not just exchange the actual message rather than the key? It doesn't make a lot of sense.
One-time-pads are useful where you want to time-shift your secure channel. Say I have a secure channel today (I'm meeting up with you in the pub and exchanging a CD) and it's gone tomorrow (I'm moving to the USA) - The one-time pad alllows me to take the secure channel I had yesterday to secure the channel I have today. This is why lots of spys used to use one-time-pads. For them, it makes sense.
Microsoft Office was at it's best with Office 97. OpenOffice might not have all the features of Microsoft Office but I don't care because I'll never use them. Moreover, nobody is going to take away the download for OpenOffice 2 and decide we need a shiny new version. I also resent being called a dinosaur by Microsoft for using one of their old products that I found to be reliable.
I looked, I made the switch and there is no going back.
I just hope that the greater prevalance of Firefox leads to a greater number of sites supporting it. I've had problems with some sites telling me my version of 1.5 needs to be upgraded to an earlier version!!! The site in question was the Comedy Channels's website. To many website designers seem to still design for IE only or use version checking to serve different pages. People should stick to writing valid HTML code that works across all browsers instead of making their websites unusuable for those who don't use IE.
The problem is that the browsers support standards so badly that even a fairly modest design requires CSS hacks galore to get good cross-browser support. You really can have a CSS file that validates exactly with no warnings, a HTML file that validates exactly with no warnings that renders differently in every available browser. In fact, ACID-2 is prime example of this problem.
The only clean solution is to detect the user-agent string and to send a different CSS file to each version of the different browsers you want to support. I don't really advocate browser hacks because the resultant CSS files are harder to maintain and prone to break on future releases.
It's a real bitch and it makes developing web-sites less of a joy than it should be.
Slashdot Mirror
Actually, it does not. You see a good watermark scheme relies extensively on error correcting codes; that is, if they mangle one of your bits you've got enough redundancy to reconstruct your watermark. You don't actually need to hide that many bits in the source to get this watermark in. You should at most require 20 bits; this would give you around a million watermarks. This should give you plenty of scope to hide your watermark.
Compilers ignore whitespace which means you should focus on introducing changes in to the white space. It's also a good idea to change some of the program code aswell. One of the top of the head that might be useful is to expand the ternary operators out in to if statements.
Unfortuantely, all the methods that come to mind seem to depend on the secrecy of the stego method which is bad design. There is probably a way to do this is secure even when the stego algorithm is known. I'd go and hunt through the literature.
Combined with a decent license, this stego can help you protect your copyright.
Simon
How are Slashdotters coping with the proliferation of spreadsheets in the face of greater legal accountability and auditing?"
My guess it they're not. I've met FIERCE resistance in the past from accounts trying to reform their spreadsheet ways. Every accountant understands the spreadsheet. The Financial Director understands the spreadsheet. If you can't get the Financial Directory to back your plans then any reform is dead in the water.
The problem is born out of bad communication skills. IT generally assumes that just because the FD doesn't understand C++ he is stupid. We see this kind of behavior all the time on Slashdot:
No fucking shit he understood the GPL. Let's see he probably got a 1st class degree in Law, Passed his BVC with flying colours. He then probably got his pupillage with ease (there are twice as many students each year as there are pupillages) and then rose to the Bar. After that, he'd have spent 15 years working cases in the Crown Court. If he didn't understand the GPL he would have fallen at the first hurdle. My brother is a lawyer and understood the GPL before he even took his LPC. By comparison, you're average IT guy is a mere peon. I'd wager that given your average programmer with no C++ experience, the Judge could beat the programmer hands down in a programming contest. These people are very, very smart.
The same is true of Financial Directors and their ilk. They have to take years of qualifications and have decades of experience before they're allowed to do their job. Talking down to them is a recipe for marginalization. So the solution is to talk to them in clear language. None of this bullshit bingo that seems to be infesting every cranny of IT - clear, plain language.
Explain the problem, then explain the solution. They don't want or care to hear about LAMP, AJAX or Web 2.0. This like a builder telling you the type of screws he's going to use to build your house. All that you care is that your house is well built and will last a long time without significant maintenance. All they want to know why they need your solution, how much it will cost and the consequences if they don't do it. Anything else is a waste of their time and will lower the amount of time they have for you.
Simon
It's wrong to attach this issue exclusively to the technology called Web 2.0; whatever that term really means anyway - but that's another rant.
The picture is much broader than that, the assault on our privacy is being conducted on many fronts and motivated by the same desire: To waste less money on marketing.
Someone once said: "I know I'm wasting half my money on advertising. The problem is that I don't know which half that is"
The Internet, it seems, is providing a solution to this conundrum. Suddenly, advertisers have the ability to only pay for advertising only when someone responds the advertising. This makes such adverts far more valuable than something that isn't interactive like a billboard or TV advertisement.
But this is just the beginning. In the next few years, we will see the development of schemes where you pay for advertising only when you make a direct sale off the back of it. The scheme will track you from the moment you click, to the moment you get the confirmation e-mail. The problem with this is that in order to audit it properly you need to link that click through to a real person. And there-in lies the privacy problem.
The solution to this problem is fairly easy: Just block all the advertising. People, like the owners of Slashdot might decry this solution because sites such as theirs might not be able to survive without this revenue. I put my money where my mouth was. I like Slashdot so I paid for it directly.Imagine how much higher the standard of Slashdot would be if all it's revenues came from subscribes. Suddenly, quality matters much more than page views. Remember, it took Digg to motivate Slashdot to change, because its cash cow was the advertsing and Digg was starting to threaten that. If we took out this source of revenue, the quality of the web would surely increase.
Only the people who make lucid enough points to attract paying subscribers would be able to sustain a high traffic site. As a result, natural selection would weed out the trash and reward the good. A future without advertising is a future where the user comes first.
Simon.
Slimey bastards! I wonder what the fallen in the September 11th terrorist outrages would make of this. The US government has repeatedly used their memory to justify secrecy right across government. It is now trying to use their memory to to silence people who whistle-blow on their deepest darkest secrets. Well fuck them!
Quite frankly, I couldn't give the faintest whiff of shit what the Attorney General has to say about the issue. The Constitution trumps everything, the Attorney General include, and it states in no uncertain terms which the rights of citizens of the United States retain for themselves:
Congress shall make no law respecting an establishment of religion, or prohibiting the free exercise thereof; or abridging the freedom of speech, or of the press; or the right of the people peaceably to assemble, and to petition the Government for a redress of grievances.
I don't see any exception for the state to keep secrets from the electorate. Bring the prosecutions and watch them fall one by one.
Simon
This is more sensationalist shit like the story about the RIPA. The law isn't very effective because the police can't force you to hand over keys that are used only to ensure the integrity of messages. This basically means that stuff like SSL, SSH and Zimmerman's Zphone are safe against seizure.
I submitted a story on this but obviously the Slashdot editors care more about exciting headlines than the sober truth. I wrote an essay in 2003 and you can read it here.
I've not read the act but I can already guess how useless it will be. The short and long of it is that it is very tough indeed to prove beyond reasonable doubt that someone that you put the software there. Believe me I know, I was a witness in a Child Porn case. The defence won because when we found the content we didn't follow CPS guidelines in the data recovery method.
Even worse, a hackers machine can look very much like a hacked machine. Hackers, after all, use one machine to get to the next. How are you going to prove they aren't the innocent bystander - BEYOND REASONABLE DOUBT.
Yet more time wasted by an incompetent government that can't even deport convicted foreign criminals.
Simon.
It's not going to stay that price. All the consoles have come down in price relatively quickly. So the question is not whether it is viable but more whether it's a sensible decision.
The way consoles are sold is quite a clever exercise in capturing the consumer surplus; that is, segmenting your market according to their willingness to pay. You launch at a price that is very high to start with and you capture the relatively small segment of the market that thinks your product is really worth that much. You then slowly lower your price so you hoover up more and more of the people who are willing to part with their cash when the price is more reasonable. Eventually, as you near the end of production, you cut your prices further to get it off the shelves and get the people who want something for nothing.
The problem Sony has neglected to contemplate is that this Playstation is not launching in the same conditions as the previous versions of the brand. It is not the first to market with the new generation of console. This is crucial, because now Microsoft is already ahead of the curve with the price strategy I described above. At every stage in the price lowering, we'd expect Microsoft to be cheaper than the Playstation. The Xbox 360 is likely to have more games at any given instant than the Playstation 3.
Another factor here is BluRay. I'd estimate that 80% of Playstation 2s are hooked up to a small TV in some teenageers bedroom. They're not going to go out and buy a High-Definition set for their Playstation 3. They will get no benefit from the enhanced resolution of BluRay and therefore see no reason to buy it.
For this reason, I expect the Playstation to under perform by a long way. It may even cause the Playstation to fade much in the same way the Dreamcast caused Sega to wash out to see. These are interesting times to be alive.
Simon.
I personally believe that the government has no business regulating net neutrality. The government will be lobbied to the point where the bill actually does more damage than having a law in the first place.
If you need proof of this just look at the anti-spam laws around the world that safe-guard "e-marketing".
I actually suspect that this is going to go away by itself. Who is going to pay for this service? Imagine Google's reply to this: "You're going to make my traffic slower if I don't pay this fee? Well fuck you very much! In fact, I'm going to go to a new bandwidth provider who doesn't try to extort me.
I doubt the PHB's have done the maths on this either. History is a great teacher, perhaps they should pick up a history book. Back in England in the 19th century the price of sending a letter was calculated depending on how far it has to go. Somebody realised that the cost of calculating the tariff actually costed the mail company more than extra profit they were trying to make. They introduced a flat fee and improved profits overnight.
Ask yourselves this, how much is going to cost ISPs to administer this monstrosity? Suppose Google's homepage has to traverse 5 networks to go to my PC. How is Google's fee going to be split across these networks? That sounds like a big fucking pain in the arse to me. How many accountant's salaries am I going to have to pay to remit these funds? Balance this cost against how much additional profit are they are going to make. How much money can you make off bandwidth when it's literally pennies per gigabyte at these scales?
Simon
Microsoft, DRM and Standard in the same sentence!
Dude, be careful with your words, I almost had a heart attack...
Ahh yes, Microsoft must love this. This is the one standard where breaking interoperability is a feature rather than a bug!
Simon
This has nothing to do with OpenDocument as I can create any program that can read and write the format. In fact, if Winske was such inclined he could write a program to do this himself. Try doing that with Microsoft's format!
It's vitally important that disabled people are able to use computers. Computers allow them to connect with people in a way where they're truly equal. As a light hearted aside, a disabled guy from Romania who I met when I was there just a few months ago was able to totally own me in Unreal Tournment! To paraphrase a famous gun nut: God created man, colt^H^H^H^Htechnology made them equal.
If anything, OpenDocument will allow much more deeply integrated software for disabled folks. I think once this starts to become a reality, disabled people will really enjoy the format.
Simon
Wait, I thought the free market and privatization was supposed to make things cheaper? While state-run systems like the British NHS were supposed to be horribly inefficient and expensive?
Any economists care to explain what's going on here? Is the free market a failure, or is this the way it's supposed to be? Are those extortionate health costs translating into increased prosperity for America in some way?
Markets work very well where prices are elastic; that is, a change in price causes demand to change. Healthcare, by its very nature, is inelastic. The number of broken legs that need to be serviced each year is roughly the same and changing the price to fix a broken leg will not change the demand for the service appreciably. The same goes for Heart Disease, Cancer or just about any other ailment.
The upshot of this is that free market will raise the prices indefinitely, as we have seen in the United States. In fact, in America it's got a whole lot worse because companies are providing healthcare for their employees. The fact that companies have much bigger pockets makes the inflation problem so much worse.
There are also other economic disadvantages to the American set-up. The chief one being purchasing power. The NHS can buy ten million flu shots in a go and can pass these savings on the tax payer. In the mean while, a person doesn't have the same clout. Moreover, you generally need drugs when you're sick and you're going to be prepared sacrifice a lot more in order to get the drug than you would for most products. Not a lot else matter if you're dying of cancer: You either buy the drug or you die.
The best way to run a health service is through "market inspired" communism. That is not as much as an oxymoron as you might think it is. The NHS is a prime example of this.
Simon.
I believe the problem with Email is usually only 10% of what you are trying to communicate is actually understood.
Sort of like posting on slashdot..... :-)
I know your joking but you're absolutely correct. This is a very serious problem with e-mail and why using the phone should be prefered over it. You see, when you're speaking to someone face to face or even over the telephone a lot of the information is contained in the delivery. Your body language and intonation help to create context and help the message get across to the listener.
E-mail, by contrast has none of this. Writing an e-mail that your audience will understand first time - both in tone and in content - takes considerable effort and skill. E-mails are often not considered fully. Hands up if you've sent an e-mail quickly and realised the tone of the e-mail makes it sound very hard and demanding? I suspect most of us have!
Because writing clear e-mails is difficult, people often resort to writing bullshit instead. The idea being is that if you can bedazzle the recipient enough with your buzzwords and other pseudo-words that they feel inferior and are unlikely to ask for clarification.
Why do we need software to collaborate? Humans have always collaborated best when sat around a table talking to each other. In my opinion, the software solves a problem that would be better solved by taking the time to see each other in the flesh.
It may be expensive but it's less expensive than getting it wrong and ruining the reputation you had with your client.
Simon
I took a PDF print of the page. You can see it here
Simon.
Or you could try the one in Cryptonomicon. The details elude me, but I recall it being something like RC4 with a deck of cards.
This was a cipher called Solitaire, which was created by Bruce Schneier. It has been horribly broken.
Simon
You see, now if you want to do secure pencil and paper ciphers here's how you do it.
Self-shrinking generators are broken but the best attack requires an insane amount of plain-text. Far, far, more than you could ever generate by hand. If Mr Mafia had used this instead of a crappy cipher from two thousand years ago then he might not have been caught.
Throughout history lives have literally depended on the strength of the cryptography people have deployed. I find it exciting that these times are still with us and are not mearly confined to the history books.
Simon
Will gathering a community of people help solve problems such as P=NP, or do you think it requires a lot more than a semi-qualified community to approach the problem?
Proofs are not really found by committee. This Wiki might be a good way to share research and in that sense it may aid the effort but above and beyond that it's not going to contribute much.
It will take a unique insight and a particularly sharp mind to get to the bottom of these problems.
Simon
Since the statute predates the Constitution of the U.S., a clever lawyer could argue it applies here equally.
The USA declared independence and is therefore independant of the British legal system. The same goes for Ireland too. do you think the 1801 Union Act still applies there because it predates their constitution? :P
In the British legal system a contract is formed when the following are all true:
For example, if you exchange e-mails with your girlfriend and you promise to take your girlfriend her to the pictures if she buys you a pint tonight, and she does, then she can sue for breach of contract if you do not take her. Notice the agreement is independant of the medium it is formed in. If some new medium communications medium existed tomorrow, contract law still applies to it.
Simon.
"3. If your in position of power..." should read "3. If you're in position of power..."
Jesus Christ, I knew I'd make an error and it had to be something as gastly as that. I am ashamed.
Simon
I feel like unless one studies and masters the use of these pretentious buzzwords and phrases, he/she will be run over by people with worse ideas but a nicer-sounding delivery. Is corporate speak a necessary evil?
No it is not, in fact, it should be resisted at all costs. Corporate speak is the opposite of language. Language is used between people to discuss ideas and express their emotions to each other. Corporate speak is used for precisely the opposite, to cloud ideas behind a vineer of self assumed intellect. Often coporate speak can be decomposed in to concepts so simple that they're essentially obvious.
An example from one of my previous rants on this topic: "You can use the leviathan forces of attention and enthusiasm that are swirling around Web 2.0 these days as a powerful enabler to make something important and exciting happen in your organization."
This is a fairly typical management-speak sentence but what does this actually mean? The sentence essentially boils down to a simple statement: You can use new technology as an opportunity to improve the operation of your business. I think most would agree this is an obvious, uninteresting statement and this is precisely the point I'm trying to make. People who use this language are trying to sell you something that's obvious; to sell the emperor his own clothes. If somebody can't make their point in plain english then they likely don't have a point that's worth hearing at all.
So how do you fight it? I find the following techniques work:
I love our language and I love the mutual heritage shared across the many countries that speak it. Work with me to remove this cancer from our workplaces because our language is part of who we are. We simply can not allow something so abhorent to become part of our definition.
Simon.
That should be: Can God create a stone so heavy he can't lift it, if he can, he's not all powerful because he can't lift the stone, if he can't he's not all powerful because he can't create the stone in the first place.
Simon
Theorem: An all powerful God is impossible.
Proof:If God is all powerful that means he can perform any action, this however is absurd. Can God create a stone so heavy he can't lift it, if he can, he's not all powerful because he can't lift the stone, if he can't he's not all powerful because he can't lift the stone in the first place. God could also create married bachelors, square circles and honest politicians.
At best, God could be as powerful as allowed by the laws of logic. However, so can we. Through technology we have mastered what the ancients would have thought impossible: Flight, light at the flick of a switch, devices that allow us to communicate seamlessly over thousands of miles.
A common defence is to say God doesn't adhere to logic and therefore we can't judge him by it. That may be true, but it means we can't say anything about God whatsoever. Any logical contradiction in a system means that every statement within that system can be proved. God would be rendered meaningless. And besides, this is incompatible with Christian theology because God created man in the image of God. If man is logical, then by extension so is God.
Theorem A God that knows everything is impossible
Proof: A subset of knowing everything is to know every true statement. The question then becomes whether it is possible to know every true statement - or more precisely, can we even construct a complete set of statements that are true. The answer, as you've probably guess is no.
To prove this, first assume that we can construct a complete set of truths. Take the power-set of this set. The power-set of any set is bigger than the original set, even for set of infinite sizes, however, there is now a truth associated with each set: Is truth x in a given power-set. This is a contradiction, so we know constructing a set of all truths is impossible. By extension, it is impossible to know everything.
I could go on, the point in that God can be discounted with reason alone. We don't even have to get ourselves involved in Biology or Physics. I don't pretend that all human suffering is derived from religion, but a disgraceful amount of it is. Let's step beyond the God myth and try and make the world a better place.
Simon
My stomach had a couple of buffer overflows last-night. It was sploited by Arthur Guinness, well known for his ingenious bowel movement exploits.
It may take a life time to fix this vulnerability :(
Simon
Imagine if Google profiled you by your Gmail account and web-searches, blogger entries, etc and was able to use this information to do a psychometric profile of you. It could then compare this with other people's profiles and suggest members of the opposite sex that it thinks you would most like!
I don't know whether this would be cool or damn scarey. What's worse is that the only thing standing in the way of this happening is programmer time. What's amazing is how effectively we've created 1984 and in how little time we've done it.
Simon
which to my knowledge is unbreakable, although I am not particularly well versed in cryptography
That's right, it is unbreakable - provided you never use the same key twice. And here's why:
Any message is a series of bits which can be represented as a number. Any key of the same length is a series of bits that can be represented as a number. Therefore, we can define the following function that operates on the entire message at once:
CipherText = PlainText XOR Key
The first thing to notice about this construction is that for a fixed plain-text every given key maps to exactly one cipher-text and for any given cipher-text there is exactly one key. In fact, it doesn't matter which parameter you fix be it plain-text, key or the ciphertext. There will always be a one-to-one mapping between the two values you didn't fix.
This leads us straight to our first fact. If you have zero knowledge of the contents of the plain-text then it is impossible to work out the plain-text with the cipher-text alone. This is because if we try every single key then eventually we will step through every possible plain-text of that length. From compressed archives of your favourite porn star to the names of all the CIA secret agents. So given that every possible plain-text is a valid decryption, which plain-text is the correct one? Well every key is equally likely since it was selected at random from all keys of that length. There is no way to know.
It should now start to dawn on you that even with a known plain-text attack, the construction is still secure. Suppose you knew that the first words of my encrypted message were: "Make sure you are at the station with the drugs at " and you wanted to work out from the rest of the message. It's quite clear that the end of the message is a time, or perhaps even a word like "Dawn", "Dusk", "Midday" etc. You say, ah ha, we could step through each key that decrypts to a time or date and recover the correct decryption! Wrong! The problem is that there will be a key that decrypts to every possible date, time and word. The question is, how do you decide which is the correct one?
This is the crux of the proof of security. The key won't give you any information because each of the proposed keys decrypts to a valid plain-text, moreover, each key is equally likely to have been selected as the real encryption key. You're stumped! There's no way to work out the proper date time from the information available to the attacker.
What happens if you reuse the key? You get no security. The proof of security for the one-time-pad comes from the fact that the pad is selected at random. The chances of you picking two pads at random and getting exactly the same pad are so small that we would be safe to round it zero. You can break messages protected by reused pads with a pencil and paper.
Given the fact that, when used properly, one-time-pads are unbreakable why don't we see them in common useage? Well say you had a communications channel with your friend you want to share secret data with. In order to secure the conversation you need to give him a pad equal in length to the message. This requires a secure channel to exchange the key on which has the same capacity as the message itself. Given that, why not just exchange the actual message rather than the key? It doesn't make a lot of sense.
One-time-pads are useful where you want to time-shift your secure channel. Say I have a secure channel today (I'm meeting up with you in the pub and exchanging a CD) and it's gone tomorrow (I'm moving to the USA) - The one-time pad alllows me to take the secure channel I had yesterday to secure the channel I have today. This is why lots of spys used to use one-time-pads. For them, it makes sense.
Simon
Will this make anyone look at OpenOffice.org?
Microsoft Office was at it's best with Office 97. OpenOffice might not have all the features of Microsoft Office but I don't care because I'll never use them. Moreover, nobody is going to take away the download for OpenOffice 2 and decide we need a shiny new version. I also resent being called a dinosaur by Microsoft for using one of their old products that I found to be reliable.
I looked, I made the switch and there is no going back.
Simon.
I just hope that the greater prevalance of Firefox leads to a greater number of sites supporting it. I've had problems with some sites telling me my version of 1.5 needs to be upgraded to an earlier version!!! The site in question was the Comedy Channels's website. To many website designers seem to still design for IE only or use version checking to serve different pages. People should stick to writing valid HTML code that works across all browsers instead of making their websites unusuable for those who don't use IE.
The problem is that the browsers support standards so badly that even a fairly modest design requires CSS hacks galore to get good cross-browser support. You really can have a CSS file that validates exactly with no warnings, a HTML file that validates exactly with no warnings that renders differently in every available browser. In fact, ACID-2 is prime example of this problem.
The only clean solution is to detect the user-agent string and to send a different CSS file to each version of the different browsers you want to support. I don't really advocate browser hacks because the resultant CSS files are harder to maintain and prone to break on future releases.
It's a real bitch and it makes developing web-sites less of a joy than it should be.
Simon.