When you make music available for others to download, you must use software that is approved for this purpose. Getting such software approved should be very easy, because the requirements are simple.
And here is where your solution falls flat in the ground. Where would that software come from? If it's the recording industry, forget it. Would you really trust Sony not to put a rootkit this time ("for market research purposes" or whatever newspeak phrase)?
How would you certify Free software, knowing you not only that you can modify it, but you're SUPPOSED to do it.
Same goes about displaying that license. No F/OSS is going to be certified (impossible to check) and I don't trust the MAFIAA to let them run their software here (assuming they make software for my platform).
What the GP and GGP were saying is that the philosophy behind windows is unrestricted superuser access. While Vista might have new security software, the perception of Windows is still the same, users and application programmers expect root, and it will remain like that at least for a while while they adapt to the new conditions (or forever, if the new software is not strict enough).
Su and the like is the perfectly natural thing on unix, software developers know they shouldn't request root unless necessary. In the windows world, UAC just means a million popups, and users auto-clicking on the "OK" button (and IIRC with no password input, real bad).
The difference is clearly seen on copy protection software. Windows developers get away with things that would get them kicked out of a unix system. The day things like starforce or the sony rootkit are rejected on security grounds will be the day when windows finally matches unix on security (at least for home use).
You know there are patched versions of microsoft apps that aren't affected by WGA checks. If they get to the point where they declare MS copyrights invalid, what makes you think they won't allow (in fact encourage) the distribution of whatever cracking software they need.
Assuming they don't make their own cracked version. The EU is a big and powerful customer, and they certainly have access to the source code of most MS apps.
I know it's bad netiquette to reply to yourself, but I've got news!
I managed to get in contact with youtube using TOR. The servers are not down, there must be a hell of a mess in the net somewhere between Miami and San Jose.
Try several times, until you hit an exit node capable of reaching them, let the page load. When the video player is loaded, you'll be handed off to a google server for the content. Once you're handed off, you can resume communications without TOR. Be sure to check first if you can reach the google server with traceroute, though.
PS: It's slower than molasses. PS2: An open proxy could work too. PS3: Interesting that bit about BGP in this subthread. That could cause all that disruption. Any news from west of SJC to confirm?
If you are suspicious about the spurious entries, these are just additional domains, usually registered with humorous intent (check microsoft.com entry for THE example).
The servers shown in the youtube entry are in fact in a network belonging to youtube.
The problem seems to be that all the packets headed there disappear shortly after entering the US. There must be a problem on a link going out of Miami belonging to PCCW Datacom Services (registered on HK, but the link's name certainly suggests Miami) or on whatever is the next hop.
Thinking that a watermark is unremovable is incredibly naive, considering all the time we've been spending discussing them here (in relation to music and film copyright enforcement).
A watermark is removable by a resourceful attacker. If the attacker is not so resourceful/intelligent/creative, simply storing some identifying metadata should suffice. With that watermark, you gain protection against a "mid-range" attacker only, that does not know/cannot remove the mark, but knows how to touch the metadata.
In no case iris scanning is of help, you could just embed some other info in the watermark (your name, or similar), unless the camera can take the fingerprint for every photo (think of someone else using your camera).
Office not working correctly on your XP machine, blame Microsoft. JDK not working on your Sun workstation, blame Sun. Ubuntu not installing, blame uhmm... who do you blame? You might as well blame me or the guy sitting next to you. We might have messed with the code in a subtle way. That's the point of Open Source, right? The community works on it. I'm not a Microsoft shill, I just like having someone to blame when things don't work.
I've got a story for you. A few years ago we installed an exchange server. A feature of the motherboard we were using was a bios raid (one of those highpoint controllers). Since we though it would be better than nothing we decided to activate it. A few days later, we find some CRC errors in the exchange store (only in the store, not anywhere else). We search a bit and find reports of the same problem, with no answer at all. We email MS support (you get nothing more than that if you don't pay extra). A few days later we get a reply saying that our raid is not supported, and a link to a few articles we had already found. No explanation at all and no useful data on fixing the store ("not in our HCL", guess they can play the blame game too). And no more support, since they give you ONE free support request by mail with each exchange. We managed to get the store up on our own (we had found that information before emailing support) but even a few years later there are still a couple of places with errors (that seem harmless, fortunately).
Blame anyone you want, however shifting blame does not fix a malfunctioning program (and making it work again is what's needed then). Without a support contract, you're on your own, commercial software or not. And when asking for help with FOSS, you get some useful help, instead of ending up talking to a drone.
Oh, BTW. When Ubuntu does not work correctly you blame Canonical, it works just as fine as blaming Sun or Microsoft (that is, not at all).
There's an obvious solution to the problem. Why not just make a copy of the movie on 35mm film?
Movies are just strings of pictures shown one after another (plus sound), there's nothing that prevents a computer from showing each of them and "burning" them into celluloid. After that, you've got a copy that can be preserved in case your digital copy fails (or your only copy, if you want to store then cheaply).
And only giving the franchise to people who have previously served in the military? Screw you! What gives you the right to decide that? What gives those citizens the right to decide how everyone else gets to live? Nothing whatsoever.
You haven't read the book, have you? The rationale is explained there.
First, military service is not the only way of getting a franchise, there are other ways, although military service would be the most common way. People incapable of fighting would get their chance too.
The idea is that in order to be a citizen you need to risk your life defending your species. The usual way is fighting, but might be testing drugs, or equipment, or exploration, etc. The rationale behind that is people willing to risk their life for others would value the well being of society above theirs, so they would be great leaders that protect society instead of filling their own pockets with cash or abusing their power for their own benefit.
The X-15 is no "normal plane flying at 7 miles high". Even a couple of X-15 flights could be considered space missions, having flown higher than 100km. The wikipedia article says that the fastest flights were at a 20 mile altitude.
Given the large amount of watches and time nuts, I'd say the chance of 12 watches synchronized within 30 seconds aproaches 1.
I don't know the exact meaning of "watch" you're considering, but in my case my server's clock synchronises via NTP with the pool (I used to synchronise to USNO, but I'd rather not load them without need). My workstation get the time from the server. The router gets the time via NTP from somewhere (haven't bothered to look in the code).
Those are three clocks in sync.
The workstation sets the time on the PDA (which I consider the master clock when not on a workstation). Using the PDA clock, I synchronized my two mobile phones (I work in IT) and my wrist watch within about two seconds from each other.
So, counting all clocks mentioned, you have 7 within 30 seconds from each other. If you want to count only the ones that I use as a watch, that would be 4 (the phones, the PDA and the wristwatch).
Worst case, you just have to find two time geeks that do the same with the same reference clock.
And yes, I got the meaning of your post, it wouldn't matter a damn if they weren't in sync.
PS: I remembered I have to synchronize the alarm clock. It's 3 minutes slow.
"Privacy no longer can mean anonymity, says Donald Kerr, the principal deputy director of national intelligence. Instead, it should mean that government and businesses properly safeguard people's private communications and financial information."
That's a funny phrase, considering it's supposedly an evaluation about the status after the warrantless wiretapping events, a situation where a business (AT&T) did not protect the information of its customers and gave it instead to the government.
The must have changed the meaning of the word "safeguard", and forgotten to tell me.
4GB worth of keys is almost a full DVD! I know BD and HD-DVD have more capacity than that, but 4GB is an awfully big chunk. At the same time, 32 bits keys are trivial to bruteforce. It would depend on the details of your mechanism, but even if the pirates have to find a particular key, 2^32 attempts is well within a typical PC's reach. That not even considering you could crack it just by finding one key of the bunch (in that case, that's a one in four chance).
Those keys will get cracked like mad, and innocent people will find themselves with a useless player. I'd say it would be more annoying than the current situation.
Usually the rules are the ones that are off, but because somebody screwed up while making them. The most common cases being a manager choosing overly restrictive rules while wanting an exception for himself, or not counting on a business need that is interfered by the new rule.
The problem with IT is that they (we?) try to solve "social" problems with technology, thus making a hostile environment (like those block-evade arms races), instead of having a chat with the user (which usually yields better results). Of course, there are times when you should stand firm and even cut his net access if necessary, but they should be very few occasions, and usually as not only a punishment/enforcement to the user in question and a message to others. Blocking and other such actions are like a weapon, and should be used only when necessary, and not at the first available occasion because it's easier (which is not in the long run).
The same thing happens with managers: instead of trying to find out why people read their own personal mail at work, they simply make an unenforceable rule that forbids them from doing so. They try to solve a "social" problems with rules.
In practice, when there are a lot of rules, they are more like "I'd rather you didn't do..." things. Either that fact needs to be cleared or few rules should be in place (and the really important ones marked as such).
If your list has 99 innocent people listed for each terrorist, you will constantly flag ordinary people as terrorists. These people will have to be checked and probably will be cleared. By the time a real terrorist goes through the system, he will be just one more guy on the queue, and could probably be overlooked (because the system cries wolf all the time).
That is assuming you want to do things right and secure the airliners so that innocent people can fly safely. If you just want to prevent a lot of people from flying (as it seems to be the case), my suggestion would be to ground all the airplanes and forget about air travel. That would certainly guarantee that no air hijacking can take place. What's worse, my suggestion would be perfectly reasonable according to your line of thinking (effectively being an example showing your reasoning is absurd).
And besides, if I were a terrorist, I'd just change my name to something not on the list. Unless you can guarantee I use my true name all the time, the list is completely useless, since you cannot control what name I use for the comparison (unless you screen everyone without "trustworthy" documents and make sure there are no flaws on the process of creating those documents). After all, if I enter the US with an Indian passport that says I'm Apu Nahasapeemapetilon, how in the hell are you going to validate that I'm really Apu and not Ahmed Al-qaeda from Pakistan that somehow obtained an Indian passport (by bribery, forgery or whatever)?
The point is that a laptop is a relatively easy target of opportunity. In your case, is was a (semi) targetted robbery. The guys were looking for a desktop to steal.
Anyway, see your desktop and raise you a mainframe. Remember Sydney airport back in 2003? It's pretty difficult to protect something that is a group/mafia/etc's primary target.
If a man in the middle were to spoof ICMP source quench packets that looked like they came from either of the p2p nodes that were communicating, the effect would be that they would start sending data more slowly to each other. The connection would still be open, they just wouldn't transmit as fast as they could.
No need to spoof anything at all. Their routers could just send ICMP source quench with their own IP in the source address field and it would be ok according to the protocol (source quench is a mechanism for congestion control, so it's reasonable that the network sends these packets).
You underestimate how annoying those little changes in layout are. I haven't used vista, but when XP came out, those little changes made a mess at work (sysadmin). Each change means just an extra click, or spending 30 seconds looking for some control panel or such, but it adds up. In the end it's a big waste of time and annoyance. The worse part of it is that it's just the same panel/control that's been moved, so you waste your time for no benefit, and you don't even get the consolation that it somehow made your job easier, better, etc.
I'd say this service is worth trying, but not for the service itself. By trying it one would get a reasonable idea of the capabilities of such a device. If an advertising firm can get its hands on one of these devices, then probably anyone with relatively modest resources can. So, if this service is as good as they say, then we should assume that almost anyone (say, your employer, telco, law enforcement) could also be tapping your phones and making transcripts too.
That gives us the capability. Now with that in mind, the obvious question is "Does someone want to tap my phone?". If the answer is yes (police state, nosey employer, etc), then you should assume the eavesdroppers can have transcripts made automatically. If nobody's tapping your phones, then using this service is definitely a bad idea. If somebody is, you might as well take advantage of the free calls.
The important point is that if this service is as good as they say, right now would be a very good time to start using end to end crypto in all phone calls.
Boy, I'm really paranoid today! I should join the cypherpunks one of these days.
OTOH, since TFA says they disregard "explicit" words, it would be interesting to talk in a code formed by those words. Like morse with fuck=dih and bitch=dah.
Slashdot Mirror
And here is where your solution falls flat in the ground.
Where would that software come from? If it's the recording industry, forget it. Would you really trust Sony not to put a rootkit this time ("for market research purposes" or whatever newspeak phrase)?
How would you certify Free software, knowing you not only that you can modify it, but you're SUPPOSED to do it.
Same goes about displaying that license. No F/OSS is going to be certified (impossible to check) and I don't trust the MAFIAA to let them run their software here (assuming they make software for my platform).
If AMT is active, it should show up on a port scan. No need to trace circuitry or anything fancy. The ports are well known, too.
A UDP service would be a little harder to detect, but UDP ports can be scanned too.
You didn't get it.
What the GP and GGP were saying is that the philosophy behind windows is unrestricted superuser access. While Vista might have new security software, the perception of Windows is still the same, users and application programmers expect root, and it will remain like that at least for a while while they adapt to the new conditions (or forever, if the new software is not strict enough).
Su and the like is the perfectly natural thing on unix, software developers know they shouldn't request root unless necessary. In the windows world, UAC just means a million popups, and users auto-clicking on the "OK" button (and IIRC with no password input, real bad).
The difference is clearly seen on copy protection software. Windows developers get away with things that would get them kicked out of a unix system. The day things like starforce or the sony rootkit are rejected on security grounds will be the day when windows finally matches unix on security (at least for home use).
You know there are patched versions of microsoft apps that aren't affected by WGA checks. If they get to the point where they declare MS copyrights invalid, what makes you think they won't allow (in fact encourage) the distribution of whatever cracking software they need.
Assuming they don't make their own cracked version. The EU is a big and powerful customer, and they certainly have access to the source code of most MS apps.
I know it's bad netiquette to reply to yourself, but I've got news!
I managed to get in contact with youtube using TOR. The servers are not down, there must be a hell of a mess in the net somewhere between Miami and San Jose.
Try several times, until you hit an exit node capable of reaching them, let the page load. When the video player is loaded, you'll be handed off to a google server for the content. Once you're handed off, you can resume communications without TOR. Be sure to check first if you can reach the google server with traceroute, though.
PS: It's slower than molasses.
PS2: An open proxy could work too.
PS3: Interesting that bit about BGP in this subthread. That could cause all that disruption. Any news from west of SJC to confirm?
I don't agree with you.
If you are suspicious about the spurious entries, these are just additional domains, usually registered with humorous intent (check microsoft.com entry for THE example).
The servers shown in the youtube entry are in fact in a network belonging to youtube.
The problem seems to be that all the packets headed there disappear shortly after entering the US. There must be a problem on a link going out of Miami belonging to PCCW Datacom Services (registered on HK, but the link's name certainly suggests Miami) or on whatever is the next hop.
Maybe someone west of SJC has some data?
You seem to be having a problem with your keyboard.
Anyway, I corrected the text for you.
Thinking that a watermark is unremovable is incredibly naive, considering all the time we've been spending discussing them here (in relation to music and film copyright enforcement).
A watermark is removable by a resourceful attacker. If the attacker is not so resourceful/intelligent/creative, simply storing some identifying metadata should suffice. With that watermark, you gain protection against a "mid-range" attacker only, that does not know/cannot remove the mark, but knows how to touch the metadata.
In no case iris scanning is of help, you could just embed some other info in the watermark (your name, or similar), unless the camera can take the fingerprint for every photo (think of someone else using your camera).
I've got a story for you. A few years ago we installed an exchange server. A feature of the motherboard we were using was a bios raid (one of those highpoint controllers). Since we though it would be better than nothing we decided to activate it. A few days later, we find some CRC errors in the exchange store (only in the store, not anywhere else). We search a bit and find reports of the same problem, with no answer at all. We email MS support (you get nothing more than that if you don't pay extra). A few days later we get a reply saying that our raid is not supported, and a link to a few articles we had already found. No explanation at all and no useful data on fixing the store ("not in our HCL", guess they can play the blame game too). And no more support, since they give you ONE free support request by mail with each exchange. We managed to get the store up on our own (we had found that information before emailing support) but even a few years later there are still a couple of places with errors (that seem harmless, fortunately).
Blame anyone you want, however shifting blame does not fix a malfunctioning program (and making it work again is what's needed then). Without a support contract, you're on your own, commercial software or not. And when asking for help with FOSS, you get some useful help, instead of ending up talking to a drone.
Oh, BTW. When Ubuntu does not work correctly you blame Canonical, it works just as fine as blaming Sun or Microsoft (that is, not at all).
If the object is solid, why not use the archimedes principle?
It worked for gold, why not for titanium?
There's an obvious solution to the problem.
Why not just make a copy of the movie on 35mm film?
Movies are just strings of pictures shown one after another (plus sound), there's nothing that prevents a computer from showing each of them and "burning" them into celluloid. After that, you've got a copy that can be preserved in case your digital copy fails (or your only copy, if you want to store then cheaply).
You haven't read the book, have you? The rationale is explained there.
First, military service is not the only way of getting a franchise, there are other ways, although military service would be the most common way. People incapable of fighting would get their chance too.
The idea is that in order to be a citizen you need to risk your life defending your species. The usual way is fighting, but might be testing drugs, or equipment, or exploration, etc. The rationale behind that is people willing to risk their life for others would value the well being of society above theirs, so they would be great leaders that protect society instead of filling their own pockets with cash or abusing their power for their own benefit.
The X-15 is no "normal plane flying at 7 miles high".
Even a couple of X-15 flights could be considered space missions, having flown higher than 100km.
The wikipedia article says that the fastest flights were at a 20 mile altitude.
Then you really expect that computer to be synchonized so precisely that such offset makes a difference?
Anyway, you could easily set it manually, or ignore it and work on TAI.
Given the large amount of watches and time nuts, I'd say the chance of 12 watches synchronized within 30 seconds aproaches 1.
I don't know the exact meaning of "watch" you're considering, but in my case my server's clock synchronises via NTP with the pool (I used to synchronise to USNO, but I'd rather not load them without need). My workstation get the time from the server. The router gets the time via NTP from somewhere (haven't bothered to look in the code).
Those are three clocks in sync.
The workstation sets the time on the PDA (which I consider the master clock when not on a workstation). Using the PDA clock, I synchronized my two mobile phones (I work in IT) and my wrist watch within about two seconds from each other.
So, counting all clocks mentioned, you have 7 within 30 seconds from each other. If you want to count only the ones that I use as a watch, that would be 4 (the phones, the PDA and the wristwatch).
Worst case, you just have to find two time geeks that do the same with the same reference clock.
And yes, I got the meaning of your post, it wouldn't matter a damn if they weren't in sync.
PS: I remembered I have to synchronize the alarm clock. It's 3 minutes slow.
That's a funny phrase, considering it's supposedly an evaluation about the status after the warrantless wiretapping events, a situation where a business (AT&T) did not protect the information of its customers and gave it instead to the government.
The must have changed the meaning of the word "safeguard", and forgotten to tell me.
4GB worth of keys is almost a full DVD! I know BD and HD-DVD have more capacity than that, but 4GB is an awfully big chunk. At the same time, 32 bits keys are trivial to bruteforce. It would depend on the details of your mechanism, but even if the pirates have to find a particular key, 2^32 attempts is well within a typical PC's reach. That not even considering you could crack it just by finding one key of the bunch (in that case, that's a one in four chance).
Those keys will get cracked like mad, and innocent people will find themselves with a useless player. I'd say it would be more annoying than the current situation.
Futile is the right word.
I'd say people.
Usually the rules are the ones that are off, but because somebody screwed up while making them. The most common cases being a manager choosing overly restrictive rules while wanting an exception for himself, or not counting on a business need that is interfered by the new rule.
The problem with IT is that they (we?) try to solve "social" problems with technology, thus making a hostile environment (like those block-evade arms races), instead of having a chat with the user (which usually yields better results). Of course, there are times when you should stand firm and even cut his net access if necessary, but they should be very few occasions, and usually as not only a punishment/enforcement to the user in question and a message to others. Blocking and other such actions are like a weapon, and should be used only when necessary, and not at the first available occasion because it's easier (which is not in the long run).
The same thing happens with managers: instead of trying to find out why people read their own personal mail at work, they simply make an unenforceable rule that forbids them from doing so. They try to solve a "social" problems with rules.
In practice, when there are a lot of rules, they are more like "I'd rather you didn't do..." things. Either that fact needs to be cleared or few rules should be in place (and the really important ones marked as such).
Except that the false positive rate DOES matter.
If your list has 99 innocent people listed for each terrorist, you will constantly flag ordinary people as terrorists. These people will have to be checked and probably will be cleared. By the time a real terrorist goes through the system, he will be just one more guy on the queue, and could probably be overlooked (because the system cries wolf all the time).
That is assuming you want to do things right and secure the airliners so that innocent people can fly safely. If you just want to prevent a lot of people from flying (as it seems to be the case), my suggestion would be to ground all the airplanes and forget about air travel. That would certainly guarantee that no air hijacking can take place. What's worse, my suggestion would be perfectly reasonable according to your line of thinking (effectively being an example showing your reasoning is absurd).
And besides, if I were a terrorist, I'd just change my name to something not on the list. Unless you can guarantee I use my true name all the time, the list is completely useless, since you cannot control what name I use for the comparison (unless you screen everyone without "trustworthy" documents and make sure there are no flaws on the process of creating those documents). After all, if I enter the US with an Indian passport that says I'm Apu Nahasapeemapetilon, how in the hell are you going to validate that I'm really Apu and not Ahmed Al-qaeda from Pakistan that somehow obtained an Indian passport (by bribery, forgery or whatever)?
The point is that a laptop is a relatively easy target of opportunity. In your case, is was a (semi) targetted robbery. The guys were looking for a desktop to steal.
Anyway, see your desktop and raise you a mainframe. Remember Sydney airport back in 2003? It's pretty difficult to protect something that is a group/mafia/etc's primary target.
No need to spoof anything at all.
Their routers could just send ICMP source quench with their own IP in the source address field and it would be ok according to the protocol (source quench is a mechanism for congestion control, so it's reasonable that the network sends these packets).
It doesn't even have to be a black hole consuming another. A black hole consuming enough matter (say, a star) would do.
You underestimate how annoying those little changes in layout are.
I haven't used vista, but when XP came out, those little changes made a mess at work (sysadmin). Each change means just an extra click, or spending 30 seconds looking for some control panel or such, but it adds up. In the end it's a big waste of time and annoyance.
The worse part of it is that it's just the same panel/control that's been moved, so you waste your time for no benefit, and you don't even get the consolation that it somehow made your job easier, better, etc.
Or simply they believe in the fires of hell but they don't believe what they're doing is a sin.
I'd say this service is worth trying, but not for the service itself. By trying it one would get a reasonable idea of the capabilities of such a device. If an advertising firm can get its hands on one of these devices, then probably anyone with relatively modest resources can. So, if this service is as good as they say, then we should assume that almost anyone (say, your employer, telco, law enforcement) could also be tapping your phones and making transcripts too.
That gives us the capability. Now with that in mind, the obvious question is "Does someone want to tap my phone?". If the answer is yes (police state, nosey employer, etc), then you should assume the eavesdroppers can have transcripts made automatically. If nobody's tapping your phones, then using this service is definitely a bad idea. If somebody is, you might as well take advantage of the free calls.
The important point is that if this service is as good as they say, right now would be a very good time to start using end to end crypto in all phone calls.
Boy, I'm really paranoid today! I should join the cypherpunks one of these days.
OTOH, since TFA says they disregard "explicit" words, it would be interesting to talk in a code formed by those words. Like morse with fuck=dih and bitch=dah.