They won't because most ISPs are already blocking child porn (and this was done some years ago with very little fuss, largely because nobody has yet invented a way to fuss about these things without coming across as a kiddie-fiddling pervert).
It's down to the ISP how they actually implement the block, but they get information about what to block from an organisation calling itself the Internet Watch Foundation. AFAICT, almost every ISP simply puts an invisible proxy in place on port 80. Most block access to the page with a generic error which looks very much like the web server you're trying to connect to is down (and I don't believe that's accidental). One or two are honest enough to flash up a page with their logo on explaining that what you're looking at is blocked, but they're very much in the minority.
I imagine the ISPs will simply extend that infrastructure to blocking porn.
The use is so that if your company happens to be in a country where you actually have to look after customer data and a laptop gets stolen, you can now stand up in court and say "When we discovered it was stolen, we activated our remote disabling application. This would have destroyed the CPU and the keys for the encrypted hard disk, turning the laptop into a rather expensive doorstop."
Once you can say this, the fine your company is facing rapidly loses zeroes from the end.
They can stop the processor. It's the data that's in the HD that's important. It's kind of like saying that I'm going to make a vehicle anti-theft device. When you steal the car, the radio won't work.
That might work remarkably well in some modern vehicles. It's becoming more and more common to find all sorts of odd integration of the electronics - I wouldn't be at all surprised if some car manufacturer somewhere has hooked the radio up to the engine immobiliser.
The difference is that Intel's method depends on successful delivery of negative authorization, when the hardware is already stolen and under control of thieves. It should be understood that any industrial spy would know *exactly* what to do; perhaps the notebook will be simply placed into a shielded laptop case - a low-tech solution that defeats an expensive infrastructure.
Where's the XKCD comic showing the security nerds imagination (laptops being regularly stolen for industrial espionage) versus reality (laptops being left behind by forgetful executives and/or being stolen from an open vehicle by a drug addict seeking a hit) when you need it?
The security is there to prevent negative legal/media repercussions in the event of the stolen laptop containing confidential data.
This isn't aimed at domestic users, and won't be found (or at least won't be wired up to work) in domestic PCs where every penny that can be shaved off cost is.
Initially, it'll wind up in PCs aimed at the business market. These have existed as separate product lines from most of the major vendors for some time, and frequently come with remote management at a hardware level and a much better warranty in exchange for rather more cash. I can see this being sold to businesses in industries where they're more-or-less legally obliged to take every reasonable step to protect data.
Thing is, much of the time you can be pretty sure that a particular string of plaintext will appear at least somewhere in the decrypted result.
In the case of your credit card number, for example, there's a few things we can do to eliminate most of the apparently valid numbers:
Mastercard and Visa both allocate the first four digits of card numbers to individual banks. These blocks don't overlap between card types - there's no such thing as a Mastercard that begins with 4547, for instance. If I know where you live, I can take a reasonable guess that your card was issued by a bank in your country and immediately rule out any numbers that weren't allocated to a bank in your country.
Banks frequently use a predictable pattern to fill the rest of the card number, such as account number (which may itself have a check digit, so you essentially wind up with two check digits in the card number). If you know what patterns the banks in your country use, you can cut down the potential matches further.
Beyond this, we probably need insider knowledge of the banks own processes - what numbers have/have not been allocated yet? Can we figure out from the card number when the associated account was opened? - if you're 25 years old, it's unlikely you'll have a number indicating a 30 year old account.
If it's anything like most of these databases, your users aren't really sure what information they want or how to get it - Excel gives more-or-less immediate feedback so they can fiddle with the queries they're making until they finally see the data they want, whereas most web interfaces force you to think about what you want, make the query, examine the results carefully, if they're not what you want you probably need to go back and re-run the query.... it's very fiddly and takes a very long time. But superficially, both are doing the exact same job.
Probably not much, truth be told, but Debian takes the "only run Free (speech)" idea very seriously.
You can still add non-free to your repository list to get the firmware, they just won't be installed by default. Indeed, you'll probably have to for a lot of modern servers (which is the best place for Debian) because the Broadcom NetXTreme network chip appears in many and that requires a non-free firmware;)
That actually makes a lot of sense - it would mean that Oracle customers would have an alternative to Access they can roll out to desktops which offers a clear upgrade path to a proper client-server database app. And they can sell consultancy services when it becomes apparent that what works fine on one person's desktop doesn't translate so well to the client-server database app.
This is an extremely good point, it's something that Apple fully understand, Microsoft sort-of understand and most F/OSS project leaders need beating into them with a heavy stick.
User interfaces matter, and they matter at all levels - not just for the end-user. With the possible exception of Gentoo users, nobody wants to fuck around with their computer. They want to use their computer to solve some other problem - and the best thing the software can do is get the hell out of the way.
P.S.: Before I'd retired I'd already reached the point of being unwilling to agree to the MS EULA. (Read the hideous thing!) So there's no chance that I'll ever find out if MS has mended their ways. But I really doubt it.
We're going off on a tangent here, but I have to ensure we're up to date on licensing as part of my job. I've reached a simple, inevitable conclusion.
You aren't meant to get commercial software licensing right. Indeed, you are being set up for failure.
Now I don't know if this is because of lawyers infesting big commercial software houses or if it's conspiracy, but looking at the various conditions attached to different pieces of software, it's hard not to reach that conclusion.
For instance: According to the EULA for server versions of Windows, any sort of muilti-user GUI-driven remote access requires Terminal Server licensing even if you don't actually use Terminal Server to do it. There are products on the market proudly announcing "Terminal server functionality without the licensing cost!" Erm... I've got news for you guys.
It gets better. Windows OEM stipulates that end users aren't allowed to use an OEM copy of Windows as the basis for an image to roll out to all their PCs. End result? Following the letter of the licensing, even if you set up a business tomorrow and buy all new PCs shipping with Windows 7, you still need an enterprise license if you want to roll out the same image to every PC. And the enterprise license contains a clause saying "You license for every PC in your business. Not every PC you plan to run Windows on." And people wonder why big businesses really don't care about desktop Linux.
"Pull out of the market" seems to be the standard/. expected response whenever a company doesn't get its own way in court.
I don't think I've ever actually seen a company do that, though. Well, not unless the result of the court order was essentially to shut down every avenue of business for them, and then the typical net result is for the company to close down altogether (cf. Lik-Sang, Psystar). It doesn't make any sense - you'd be turning turning a potential (relatively small) loss into a guaranteed huge loss. Far more sensible to suck it up, appeal or figure a way around the court order.
Why on earth are they mentioning how fast rainbow tables can break an old windows hash? That has nothing to do with most pages running apache on linux. The example password would last for quite a while against a brute force attack. Anyone worth their salt wouldn't allow that many auth attempts from one IP.
Any attacker worth their salt won't carry out the attack directly themselves, they'll instruct a botnet of 20,000 PCs to make 3 attempts each and log any that come back as working.
You also have the people who took one look at Access and thought "Eeks, that's scary". They decided to work in Excel instead. Since that day, they have encompassed the business logic of an entire department in a spreadsheet (and almost certainly put in so much effort to understanding Excel that it would actually have been easier to learn a proper programming language, but that's not the point. They're not a programmer and they don't want to be one!)
Anyone who's been in IT support/management for any length of time has at least one Access/Excel related war story.
Won't happen. The attraction to handset makers is they get a reasonably solid base OS they can mess with how they like to create the firmware that'll run on their phones.
The disadvantage to consumers is that handset makers take a reasonably solid base OS them mess with it to create the firmware that runs on their phones.....
Thing is, closed-source applications work notoriously badly under Linux - largely because they invariably target a specific distribution at a specific point in time and are seldom updated when the distribution is.
The solution is an open-source Netflix app - but then it'd be trivially easy to tweak it to divert the decrypted stream to a file. Not something the movie industry is going to put up with.
What is the direct counterpart of Access that uses MySQL?
You've had a number of replies so far. AFAICT, most have missed the point so thoroughly that they can't possibly have seen Access used in a business. So I'm going to explain Access.
Yes, Access gives you a database engine (and not a particularly good one at that). The other thing it gives you is a GUI-driven desktop application which makes it an absolute doddle to design tables, queries, forms and reports without having to write a single line of code.
The end result is frequently badly designed, with little or no attention paid to normalisation or data integrity, but it broadly works.
Now, you might very well turn around and say "Tough. You'll just have to get used to writing code." - you're talking to the wrong people. The people who are using Access in businesses are the middle managers who have never in their life written code and aren't about to start now. So many businesses pushed Access to the desktop years ago when they bought Office, and have since discovered that the reason the IT department hasn't heard from lots of parts of the business is because some manager decided that rather than to-and-fro with the IT department (which would cost a lot of money out of his budget - larger businesses just love shuffling money between departments), he'd cobble together a little application in Access to run his department. It's invariably a mess, but it's a mess that's so ingrained it isn't going anywhere.
Anyhow, these guys have no idea what SQL is and are only vaguely aware that a database stores everything in tables. You can no more ask them to do everything in PHP from now on than you can ask them to lick their own testicles.
It's a common way to circumvent laws which attempt to encourage competition.
Let's consider three parties: Manufacturer, Retailer and Customer.
Broadly speaking, laws governing the contracts between Manufacturer, Retailer and Consumer generally say something like:
The contracts between "Manufacturer and Retailer" and "Retailer and Customer" are wholly separate, and Manufacturer cannot impose subsequent conditions on the contract between "Retailer and Customer". (In other words, Apple can't demand their retailers sell at a specified price).
Usual Solution: Manufacturer doesn't write anything into the contract along those lines, but have internal processes that ensure if the retailer does try and do this, subsequent orders from the retailer are mysteriously "delayed" and/or include a line in the contract giving Manufacturer the right to stop selling to Retailer at any time and for no reason whatsoever.
Retailer is free to source products from anywhere in the world (the "grey market"), they're not obliged to buy from local distributors
Solutions: Sure, but most warranty law deals with the contract between Retailer and Customer. The manufacturer is under no obligation to even offer a warranty - and they often won't with grey market products (which they identify by serial number). Which means that if the product breaks, that's the retailer's problem. Of course, this isn't terribly effective for a lot of things these days - Costco deal in sufficient quantities that they can live with this quite happily.
What else can the manufacturer do? Localise products: ensure that only products destined for the US market get the necessary sticky labels showing they meet safety standards (even if they're all identical) - but this doesn't work very well for designer watches and handbags.
Copyright - ah, that's a good one. The manufacturer obviously holds copyright over their name and various aspects of their products, which means nobody else can use it without their permission. Obviously, no manufacturer in their right mind is going to sue everyone who sells their products for copyright infringement - but they can sue people who they don't want selling their product.
Replying twice, but perhaps you could clarify for the benefit of the OP: is my view of commercial property lets - that they can be very one-sided - equally valid in the US?
Next thing you know you've accidentally signed yourself to a contract paying double the going rate, you can't get out of it and you can't sub-let it without losing money unless you can find someone equally stupid.
I work for an attorney specializing in real estate in the US. Sometimes I feel like our services are completely unnecessary, but when I read things like this I'm reminded that we can sometimes be useful.
Do attorneys get involved in real estate over there?
Yes, but I have no idea if one was involved in this case.
I only have a very vague idea of what happened - the tenant had to declare himself bankrupt in the end. So if a solicitor was involved, they didn't do a very good job!
Slashdot Mirror
They won't because most ISPs are already blocking child porn (and this was done some years ago with very little fuss, largely because nobody has yet invented a way to fuss about these things without coming across as a kiddie-fiddling pervert).
It's down to the ISP how they actually implement the block, but they get information about what to block from an organisation calling itself the Internet Watch Foundation. AFAICT, almost every ISP simply puts an invisible proxy in place on port 80. Most block access to the page with a generic error which looks very much like the web server you're trying to connect to is down (and I don't believe that's accidental). One or two are honest enough to flash up a page with their logo on explaining that what you're looking at is blocked, but they're very much in the minority.
I imagine the ISPs will simply extend that infrastructure to blocking porn.
Already is a very strong magnet in a hard drive, so that's out. Nah, easy solution is to encrypt the hard drive and just wipe the keys.
Erm... no.
The use is so that if your company happens to be in a country where you actually have to look after customer data and a laptop gets stolen, you can now stand up in court and say "When we discovered it was stolen, we activated our remote disabling application. This would have destroyed the CPU and the keys for the encrypted hard disk, turning the laptop into a rather expensive doorstop."
Once you can say this, the fine your company is facing rapidly loses zeroes from the end.
They can stop the processor. It's the data that's in the HD that's important. It's kind of like saying that I'm going to make a vehicle anti-theft device. When you steal the car, the radio won't work.
That might work remarkably well in some modern vehicles. It's becoming more and more common to find all sorts of odd integration of the electronics - I wouldn't be at all surprised if some car manufacturer somewhere has hooked the radio up to the engine immobiliser.
Don't bother. He's either a troll or utterly ignorant of the real world.
Just hope and pray you never wind up with someone so utterly ignorant of the real world as your boss.
The difference is that Intel's method depends on successful delivery of negative authorization, when the hardware is already stolen and under control of thieves. It should be understood that any industrial spy would know *exactly* what to do; perhaps the notebook will be simply placed into a shielded laptop case - a low-tech solution that defeats an expensive infrastructure.
Where's the XKCD comic showing the security nerds imagination (laptops being regularly stolen for industrial espionage) versus reality (laptops being left behind by forgetful executives and/or being stolen from an open vehicle by a drug addict seeking a hit) when you need it?
The security is there to prevent negative legal/media repercussions in the event of the stolen laptop containing confidential data.
This isn't aimed at domestic users, and won't be found (or at least won't be wired up to work) in domestic PCs where every penny that can be shaved off cost is.
Initially, it'll wind up in PCs aimed at the business market. These have existed as separate product lines from most of the major vendors for some time, and frequently come with remote management at a hardware level and a much better warranty in exchange for rather more cash. I can see this being sold to businesses in industries where they're more-or-less legally obliged to take every reasonable step to protect data.
Thing is, much of the time you can be pretty sure that a particular string of plaintext will appear at least somewhere in the decrypted result.
In the case of your credit card number, for example, there's a few things we can do to eliminate most of the apparently valid numbers:
If it's anything like most of these databases, your users aren't really sure what information they want or how to get it - Excel gives more-or-less immediate feedback so they can fiddle with the queries they're making until they finally see the data they want, whereas most web interfaces force you to think about what you want, make the query, examine the results carefully, if they're not what you want you probably need to go back and re-run the query.... it's very fiddly and takes a very long time. But superficially, both are doing the exact same job.
Probably not much, truth be told, but Debian takes the "only run Free (speech)" idea very seriously.
You can still add non-free to your repository list to get the firmware, they just won't be installed by default. Indeed, you'll probably have to for a lot of modern servers (which is the best place for Debian) because the Broadcom NetXTreme network chip appears in many and that requires a non-free firmware ;)
That actually makes a lot of sense - it would mean that Oracle customers would have an alternative to Access they can roll out to desktops which offers a clear upgrade path to a proper client-server database app. And they can sell consultancy services when it becomes apparent that what works fine on one person's desktop doesn't translate so well to the client-server database app.
The platform with the best current sandboxing API is, ironically, Windows Vista/7, with their configurable integrity levels.
They do say that necessity is the mother of invention.
This is an extremely good point, it's something that Apple fully understand, Microsoft sort-of understand and most F/OSS project leaders need beating into them with a heavy stick.
User interfaces matter, and they matter at all levels - not just for the end-user. With the possible exception of Gentoo users, nobody wants to fuck around with their computer. They want to use their computer to solve some other problem - and the best thing the software can do is get the hell out of the way.
P.S.: Before I'd retired I'd already reached the point of being unwilling to agree to the MS EULA. (Read the hideous thing!) So there's no chance that I'll ever find out if MS has mended their ways. But I really doubt it.
We're going off on a tangent here, but I have to ensure we're up to date on licensing as part of my job. I've reached a simple, inevitable conclusion.
You aren't meant to get commercial software licensing right. Indeed, you are being set up for failure.
Now I don't know if this is because of lawyers infesting big commercial software houses or if it's conspiracy, but looking at the various conditions attached to different pieces of software, it's hard not to reach that conclusion.
For instance: According to the EULA for server versions of Windows, any sort of muilti-user GUI-driven remote access requires Terminal Server licensing even if you don't actually use Terminal Server to do it. There are products on the market proudly announcing "Terminal server functionality without the licensing cost!" Erm... I've got news for you guys.
It gets better. Windows OEM stipulates that end users aren't allowed to use an OEM copy of Windows as the basis for an image to roll out to all their PCs. End result? Following the letter of the licensing, even if you set up a business tomorrow and buy all new PCs shipping with Windows 7, you still need an enterprise license if you want to roll out the same image to every PC. And the enterprise license contains a clause saying "You license for every PC in your business. Not every PC you plan to run Windows on." And people wonder why big businesses really don't care about desktop Linux.
OpenOffice has sprouted some kind of database frontend application builder in recent years - although I personally haven't really looked at it, yet.
Save your energy. By my reckoning, it's 3-5 years of fairly solid work behind Access 1997.
Now that is an interesting view and not one I'd considered. I knew Access could connect to MySQL but I never thought of it as a prototyping tool.
Damn good idea. Extra bananas that ape.
"Pull out of the market" seems to be the standard /. expected response whenever a company doesn't get its own way in court.
I don't think I've ever actually seen a company do that, though. Well, not unless the result of the court order was essentially to shut down every avenue of business for them, and then the typical net result is for the company to close down altogether (cf. Lik-Sang, Psystar). It doesn't make any sense - you'd be turning turning a potential (relatively small) loss into a guaranteed huge loss. Far more sensible to suck it up, appeal or figure a way around the court order.
Why on earth are they mentioning how fast rainbow tables can break an old windows hash? That has nothing to do with most pages running apache on linux. The example password would last for quite a while against a brute force attack. Anyone worth their salt wouldn't allow that many auth attempts from one IP.
Any attacker worth their salt won't carry out the attack directly themselves, they'll instruct a botnet of 20,000 PCs to make 3 attempts each and log any that come back as working.
That's only the half of it.
You also have the people who took one look at Access and thought "Eeks, that's scary". They decided to work in Excel instead. Since that day, they have encompassed the business logic of an entire department in a spreadsheet (and almost certainly put in so much effort to understanding Excel that it would actually have been easier to learn a proper programming language, but that's not the point. They're not a programmer and they don't want to be one!)
Anyone who's been in IT support/management for any length of time has at least one Access/Excel related war story.
Won't happen. The attraction to handset makers is they get a reasonably solid base OS they can mess with how they like to create the firmware that'll run on their phones.
The disadvantage to consumers is that handset makers take a reasonably solid base OS them mess with it to create the firmware that runs on their phones.....
Thing is, closed-source applications work notoriously badly under Linux - largely because they invariably target a specific distribution at a specific point in time and are seldom updated when the distribution is.
The solution is an open-source Netflix app - but then it'd be trivially easy to tweak it to divert the decrypted stream to a file. Not something the movie industry is going to put up with.
What is the direct counterpart of Access that uses MySQL?
You've had a number of replies so far. AFAICT, most have missed the point so thoroughly that they can't possibly have seen Access used in a business. So I'm going to explain Access.
Yes, Access gives you a database engine (and not a particularly good one at that). The other thing it gives you is a GUI-driven desktop application which makes it an absolute doddle to design tables, queries, forms and reports without having to write a single line of code.
The end result is frequently badly designed, with little or no attention paid to normalisation or data integrity, but it broadly works.
Now, you might very well turn around and say "Tough. You'll just have to get used to writing code." - you're talking to the wrong people. The people who are using Access in businesses are the middle managers who have never in their life written code and aren't about to start now. So many businesses pushed Access to the desktop years ago when they bought Office, and have since discovered that the reason the IT department hasn't heard from lots of parts of the business is because some manager decided that rather than to-and-fro with the IT department (which would cost a lot of money out of his budget - larger businesses just love shuffling money between departments), he'd cobble together a little application in Access to run his department. It's invariably a mess, but it's a mess that's so ingrained it isn't going anywhere.
Anyhow, these guys have no idea what SQL is and are only vaguely aware that a database stores everything in tables. You can no more ask them to do everything in PHP from now on than you can ask them to lick their own testicles.
It's a common way to circumvent laws which attempt to encourage competition.
Let's consider three parties: Manufacturer, Retailer and Customer.
Broadly speaking, laws governing the contracts between Manufacturer, Retailer and Consumer generally say something like:
The contracts between "Manufacturer and Retailer" and "Retailer and Customer" are wholly separate, and Manufacturer cannot impose subsequent conditions on the contract between "Retailer and Customer". (In other words, Apple can't demand their retailers sell at a specified price).
Usual Solution: Manufacturer doesn't write anything into the contract along those lines, but have internal processes that ensure if the retailer does try and do this, subsequent orders from the retailer are mysteriously "delayed" and/or include a line in the contract giving Manufacturer the right to stop selling to Retailer at any time and for no reason whatsoever.
Retailer is free to source products from anywhere in the world (the "grey market"), they're not obliged to buy from local distributors
Solutions: Sure, but most warranty law deals with the contract between Retailer and Customer. The manufacturer is under no obligation to even offer a warranty - and they often won't with grey market products (which they identify by serial number). Which means that if the product breaks, that's the retailer's problem. Of course, this isn't terribly effective for a lot of things these days - Costco deal in sufficient quantities that they can live with this quite happily.
What else can the manufacturer do? Localise products: ensure that only products destined for the US market get the necessary sticky labels showing they meet safety standards (even if they're all identical) - but this doesn't work very well for designer watches and handbags.
Copyright - ah, that's a good one. The manufacturer obviously holds copyright over their name and various aspects of their products, which means nobody else can use it without their permission. Obviously, no manufacturer in their right mind is going to sue everyone who sells their products for copyright infringement - but they can sue people who they don't want selling their product.
Replying twice, but perhaps you could clarify for the benefit of the OP: is my view of commercial property lets - that they can be very one-sided - equally valid in the US?
Next thing you know you've accidentally signed yourself to a contract paying double the going rate, you can't get out of it and you can't sub-let it without losing money unless you can find someone equally stupid.
I work for an attorney specializing in real estate in the US. Sometimes I feel like our services are completely unnecessary, but when I read things like this I'm reminded that we can sometimes be useful.
Do attorneys get involved in real estate over there?
Yes, but I have no idea if one was involved in this case.
I only have a very vague idea of what happened - the tenant had to declare himself bankrupt in the end. So if a solicitor was involved, they didn't do a very good job!