If you look at it from a very high level, the process of decrypting video is essentially identical on everything that's ever done it:
Step 1 - Decrypt the data stream. Step 2 - Plug the output of step 1 into the input of a suitable decoder algorithm (eg. MPEG4).
There's no reason Step 2 couldn't be "write the output to a hard drive" and then read it back and pass it through your codec at a later date.
The only way open source DRM like that can work is if there are no such thing as TV capture cards (or USB devices...) and instead everything goes through dedicated set top boxes which are essentially Tivo'd - you could hack the firmware to decrypt and write to a hard drive rather than decode and display, but you'd also have to hack the hardware itself because the resulting firmware wouldn't be signed.
I mean, this basically means all of the broadcast can be copied and used in any way imaginable except for the part of the broadcast which is important to the handicapped ? This sounds sort of immoral to me.
It sounds sort of illegal to me, they'd essentially be forcing everyone who's deaf to go out and buy a new Freeview box which supports their encryption. IANAL, but I'd have thought this would fly in the face of the Disability Discrimination Act. Unless they also encrypt the EPG, that way everyone would have to upgrade if they wanted to actually be able to use the features which are the whole freaking point of digital TV.
My understanding (and I hope someone will correct me if they know I'm wrong) is that it's not as simple as "most of it is owned by third party production companies".
There is a lot which essentially boils down to how the television industry works. When the BBC makes a show of their own, it's not just "they own it, they can do what they like". Quite often the writer is essentially a freelance who gets royalties but continues to hold copyright on the script - therefore there's a contract with the writer which says "the BBC can broadcast it until this date, they must pay the writer £XXX for every time they broadcast it" and that contract has to be re-negotiated if they want to repeat it.
I'm told something similar applies to actors, composers - and then of course there's the royalties for when they're playing a commercial piece of music as background.
I've been walking around with DRM-free files for over a year. Anyway, after stripping of them of DRM, I changed the filenames, and added prefixes to the titles (my real goal) to "categorize" them, which is why I wanted to unDRM them in the first place--adding text prefixes to the titles to indicate category makes it easier to use a Kindle without folder capability.
If Amazon really wanted to, they could easily identify their own books on the Kindle regardless of what messing around you've done.
The obvious way would be to put in the occasional misprint - an extra space or punctuation mark would be the easiest, though the odd mis-spelled word would also work - and check for it in a firmware update later. IIRC there are cases of publishers doing exactly this to determine if works they publish were being infringed upon. Put in enough little things like this (and in a book you've got space for hundreds without anyone really noticing) and the only way to avoid it is to retype the whole thing.
Though I'm sure some enterprising fellow somewhere will reply to this with a five-line Perl script which takes a block of text, removes extraneous spaces, adds a few of its own, corrects existing mis-spellings and adds a few new ones and also messes with the punctuation, all of which without impacting the readability of the text.
I don't agree. By that logic everyone with a trojan and that is using online banking would loose their money. Why isn't this happening? Because the of the token.
Are you referring to the electronic OTP that some banks in some countries provide?
These aren't standard worldwide. UK banks are only just starting to offer things like this, and there are plenty of instances of people with trojans losing money.
I know Google is a big company, but you don't think it's remotely possible that they might - just might - start to notice a pattern after the first few hundred reports of search engine spam concerning a single domain?
And yes, that is the case; it's a new feature introduced in Windows 7 that other OSes have absolutely no concept of.
In that case, it won't be any good until at least the third iteration anyhow and nobody who's serious needs concern themselves with it for at least four years.
This is just it - my solution is only really workable if you have a very narrow range of "things it is desirable to have available from outside the corporate network".
In other words, fairly useless for most practical purposes. By hypothetically doable...
.... right now they're a necessary evil. There's no reason why you couldn't eliminate VPNs altogether if you ran every service over SSL and verified the client certificate before granting access. Though of course that's of limited benefit unless you can configure every application that needs to be accessed remotely to do this, regardless of server or client OS (...or you don't need to care because you only run applications which can be configured like this).
Knowing Microsoft, this is only useful if all your clients are Windows 7 and all your servers are Windows Server 2008. Can any early adopters confirm whether or not this is the case?
The reason I say this is that, IME, OSS doesn't really deal very well with very niche requirements that aren't directly related to technology or anything that is not interesting from a technological standpoint.
Sending, relaying and receiving email? There's a plethora of products.
Writing a web application? Again, more options than I can even contemplate.
Filling out your tax return or paying your staff? One or two options which are generally terrible. Frankly, tax software is a fairly simple problem: start with a few numbers, add/subtract/multiply a few other numbers, send a cheque for the result to the tax man. The technically interesting bit is writing a generic engine to deal with whatever addition/subtraction/multiplication is necessary but writing the rules for that engine to deal with the various tax laws worldwide is mind-numbingly boring and there's no standard way such as an internationally agreed XML schema for the taxman to publish this years' tax legislation.
Software for your specific business niche? By definition, a niche.
Groupware? The only reason anyone's writing replacements for Exchange is because they can't stand Exchange. It's a mind-numbingly boring set of problems that nobody in their right mind is going to go near unless Exchange has seriously pissed them off or there's real money in it.
WHOIS results for bing.com Created on..............: 1996-01-28.
Correct me if I'm wrong, but surely all that means is someone registered it in 1996. It may have changed hands several times before being taken over by Microsoft.
Bacteria tends to accumulate on the surface of meat. Therefore, it's the surface that really needs cooking.
Where you need to cook the meat right through is:
Dishes where the meat's been minced up, mixing any bacteria into it. Anything with ground meat in, basically.
Meat from an animal that tends to harbour bacteria in its flesh. The most common problems come from poultry and pork, but lamb can also contain a parasite which requires the meat to be fully cooked to kill.
Steak is generally fairly safe in this respect. Just make sure the outside is browned all over.
The proper way to resolve this is to make the penalty for falsely sending DMCA takedown notices equal to that of actually committing an infringement. In some cases this can amount to millions of dollars;)
I'm not sure there's any real need. A penalty is built in to a DMCA takedown notice: "I swear under penalty of perjury...."
So all you need to do is get a few of them on trial for perjury.
What C++ has always lacked, and PHP, Java and others do not, is a bundle of standard libraries that let you do things like process XML, talk to databases, and make templating EASY.
That's it. php does the same things C++ does, but go one beyond and add a rich library and of course, the ability to skip the "compile" step in the write -> compile -> test
I agree with you, but there's one small thing I don't get.
Faced with this piece of information, someone thought the logical thing to do was to, er, write an entirely new language?
The hard part is getting this information to consumers in a form that's clear and easy to understand, when the providers themselves seem dedicated to obfuscation.
Of course they are. Mobile phones are essentially a commodity. An expensive one, but nevertheless a commodity.
Obfuscating your product in the name of offering choice when there fundamentally isn't much to choose between competing products is a common tactic when you're selling commodity items.
Well, they can't remove the HTML rendering engine because so many things depend on it. But by and large they hook directly into the engine, they don't call iexplore.exe (which is essentially a frontend to it). So it may well be practical to remove that.
Replying to myself but... permission to withdraw from your account? What do you mean? If you're paying Phil McGroin and he gives you his bank details - it's you initiating the transaction, not Phil.
There is a system for others to withdraw from your account - it's called direct debit, it can only be set up by businesses and there's a guarantee scheme which means you get your money back immediately if it's taken in error.
Not really. You probably wouldn't publish them on the Internet but the bank won't let money back out of the account without a few security checks like date of birth, knowledge of recent transaction details etc.
Most banks are fairly good about dealing with fraudulent transactions.
Would that be the same post office that the government seems to be doing everything in its power to shut down? (despite the fact that Post Office Counters is a private company)
Slashdot Mirror
The AC doesn't fail.
If you look at it from a very high level, the process of decrypting video is essentially identical on everything that's ever done it:
Step 1 - Decrypt the data stream.
Step 2 - Plug the output of step 1 into the input of a suitable decoder algorithm (eg. MPEG4).
There's no reason Step 2 couldn't be "write the output to a hard drive" and then read it back and pass it through your codec at a later date.
The only way open source DRM like that can work is if there are no such thing as TV capture cards (or USB devices...) and instead everything goes through dedicated set top boxes which are essentially Tivo'd - you could hack the firmware to decrypt and write to a hard drive rather than decode and display, but you'd also have to hack the hardware itself because the resulting firmware wouldn't be signed.
I mean, this basically means all of the broadcast can be copied and used in any way imaginable except for the part of the broadcast which is important to the handicapped ? This sounds sort of immoral to me.
It sounds sort of illegal to me, they'd essentially be forcing everyone who's deaf to go out and buy a new Freeview box which supports their encryption. IANAL, but I'd have thought this would fly in the face of the Disability Discrimination Act. Unless they also encrypt the EPG, that way everyone would have to upgrade if they wanted to actually be able to use the features which are the whole freaking point of digital TV.
My understanding (and I hope someone will correct me if they know I'm wrong) is that it's not as simple as "most of it is owned by third party production companies".
There is a lot which essentially boils down to how the television industry works. When the BBC makes a show of their own, it's not just "they own it, they can do what they like". Quite often the writer is essentially a freelance who gets royalties but continues to hold copyright on the script - therefore there's a contract with the writer which says "the BBC can broadcast it until this date, they must pay the writer £XXX for every time they broadcast it" and that contract has to be re-negotiated if they want to repeat it.
I'm told something similar applies to actors, composers - and then of course there's the royalties for when they're playing a commercial piece of music as background.
If it was part of a DRM scheme, what on Earth makes you think the publishers hadn't given full consent to Amazon?
I've been walking around with DRM-free files for over a year. Anyway, after stripping of them of DRM, I changed the filenames, and added prefixes to the titles (my real goal) to "categorize" them, which is why I wanted to unDRM them in the first place--adding text prefixes to the titles to indicate category makes it easier to use a Kindle without folder capability.
If Amazon really wanted to, they could easily identify their own books on the Kindle regardless of what messing around you've done.
The obvious way would be to put in the occasional misprint - an extra space or punctuation mark would be the easiest, though the odd mis-spelled word would also work - and check for it in a firmware update later. IIRC there are cases of publishers doing exactly this to determine if works they publish were being infringed upon. Put in enough little things like this (and in a book you've got space for hundreds without anyone really noticing) and the only way to avoid it is to retype the whole thing.
Though I'm sure some enterprising fellow somewhere will reply to this with a five-line Perl script which takes a block of text, removes extraneous spaces, adds a few of its own, corrects existing mis-spellings and adds a few new ones and also messes with the punctuation, all of which without impacting the readability of the text.
I don't agree. By that logic everyone with a trojan and that is using online banking would loose their money. Why isn't this happening? Because the of the token.
Are you referring to the electronic OTP that some banks in some countries provide?
These aren't standard worldwide. UK banks are only just starting to offer things like this, and there are plenty of instances of people with trojans losing money.
But if you client gets hijacked the hacker gets both. What your password is (what you know) and your certificate (what you have).
A password and a certificate really just sounds redundant in this case.
If your client gets hijacked you're hosed anyway, VPN or no VPN.
Unless you're concerned about a MITM attack - but the whole point of SSL with verified certificates is that it's resilient to these things.
Extra points if you mention HP whose web technologies are for a technology company nothing short of incredible.
I'm not sure if you mean that in a good way or a bad way...
I know Google is a big company, but you don't think it's remotely possible that they might - just might - start to notice a pattern after the first few hundred reports of search engine spam concerning a single domain?
And yes, that is the case; it's a new feature introduced in Windows 7 that other OSes have absolutely no concept of.
In that case, it won't be any good until at least the third iteration anyhow and nobody who's serious needs concern themselves with it for at least four years.
This is just it - my solution is only really workable if you have a very narrow range of "things it is desirable to have available from outside the corporate network".
In other words, fairly useless for most practical purposes. By hypothetically doable...
Client and server verifying each others certificates gives you the first factor (something you both have).
Stick a password in front of your applications and there's your second.
.... right now they're a necessary evil. There's no reason why you couldn't eliminate VPNs altogether if you ran every service over SSL and verified the client certificate before granting access. Though of course that's of limited benefit unless you can configure every application that needs to be accessed remotely to do this, regardless of server or client OS (...or you don't need to care because you only run applications which can be configured like this).
Knowing Microsoft, this is only useful if all your clients are Windows 7 and all your servers are Windows Server 2008. Can any early adopters confirm whether or not this is the case?
You are wasting your time.
The reason I say this is that, IME, OSS doesn't really deal very well with very niche requirements that aren't directly related to technology or anything that is not interesting from a technological standpoint.
Sending, relaying and receiving email? There's a plethora of products.
Writing a web application? Again, more options than I can even contemplate.
Filling out your tax return or paying your staff? One or two options which are generally terrible. Frankly, tax software is a fairly simple problem: start with a few numbers, add/subtract/multiply a few other numbers, send a cheque for the result to the tax man. The technically interesting bit is writing a generic engine to deal with whatever addition/subtraction/multiplication is necessary but writing the rules for that engine to deal with the various tax laws worldwide is mind-numbingly boring and there's no standard way such as an internationally agreed XML schema for the taxman to publish this years' tax legislation.
Software for your specific business niche? By definition, a niche.
Groupware? The only reason anyone's writing replacements for Exchange is because they can't stand Exchange. It's a mind-numbingly boring set of problems that nobody in their right mind is going to go near unless Exchange has seriously pissed them off or there's real money in it.
Hmm. Microsoft got bing.com a while ago
WHOIS results for bing.com
Created on..............: 1996-01-28.
Correct me if I'm wrong, but surely all that means is someone registered it in 1996. It may have changed hands several times before being taken over by Microsoft.
Sorry, you fail basic food hygiene.
Bacteria tends to accumulate on the surface of meat. Therefore, it's the surface that really needs cooking.
Where you need to cook the meat right through is:
Steak is generally fairly safe in this respect. Just make sure the outside is browned all over.
I agree with this, but one thing I am baffled about - why are RATM part of the Sony Empire? Surely completely against what they stand for?
No matter what they publicly stand for, at the end of the day most people stand for paying their mortgage and putting food on the table.
The proper way to resolve this is to make the penalty for falsely sending DMCA takedown notices equal to that of actually committing an infringement. In some cases this can amount to millions of dollars ;)
I'm not sure there's any real need. A penalty is built in to a DMCA takedown notice: "I swear under penalty of perjury...."
So all you need to do is get a few of them on trial for perjury.
What C++ has always lacked, and PHP, Java and others do not, is a bundle of standard libraries that let you do things like process XML, talk to databases, and make templating EASY.
That's it. php does the same things C++ does, but go one beyond and add a rich library and of course, the ability to skip the "compile" step in the write -> compile -> test
I agree with you, but there's one small thing I don't get.
Faced with this piece of information, someone thought the logical thing to do was to, er, write an entirely new language?
The hard part is getting this information to consumers in a form that's clear and easy to understand, when the providers themselves seem dedicated to obfuscation.
Of course they are. Mobile phones are essentially a commodity. An expensive one, but nevertheless a commodity.
Obfuscating your product in the name of offering choice when there fundamentally isn't much to choose between competing products is a common tactic when you're selling commodity items.
Well, they can't remove the HTML rendering engine because so many things depend on it. But by and large they hook directly into the engine, they don't call iexplore.exe (which is essentially a frontend to it). So it may well be practical to remove that.
Replying to myself but... permission to withdraw from your account? What do you mean? If you're paying Phil McGroin and he gives you his bank details - it's you initiating the transaction, not Phil.
There is a system for others to withdraw from your account - it's called direct debit, it can only be set up by businesses and there's a guarantee scheme which means you get your money back immediately if it's taken in error.
Not really. You probably wouldn't publish them on the Internet but the bank won't let money back out of the account without a few security checks like date of birth, knowledge of recent transaction details etc.
Most banks are fairly good about dealing with fraudulent transactions.
No, you need Phil's bank details first.
Other than that, you're pretty much correct.
Would that be the same post office that the government seems to be doing everything in its power to shut down? (despite the fact that Post Office Counters is a private company)