Since it will be able to run any x86 OS, it should make the transition from windows to linux easy for windows user, plus it will make it possible to easily switch between several OS's such as linux, bsd, be, java, etc.
There's another chip that can run any x86 OS: it's called the Pentium.
Just because this chip is good at emulating other instruction sets doesn't mean that you can magically run multiple OSes at the same time without rebooting. That's still an incredibly hard problem.
They did say that the chip itself can run multiple instruction sets without resetting between them, but that's still a far cry from saying they've solved the problem of scheduling multiple OSes: since every OS has its own scheduler, you'd need a meta-OS with a meta-scheduler. Not to mention the problems of locking hardware access, etc.
Corporations are *people* under the law
on
Hole in GNU GPL?
·
· Score: 5
AC wrote:
Companies are not individuals and have no right as such. The author seems to have missed on a large body of law that says otherwise.
Sadly, this is untrue. Someone else pointed this out earlier but it bears repeating: in the United States, a corporation is a "natural person" under the law, entitled to all the same rights as people who happen to be made of meat.
This great Adbusters article goes into a lot of detail of the history of corporations and how we ended up in this mess. From the article:
Then came a legal event that would not be understood for decades (and remains baffling even today), an event that would change the course of American history. In Santa Clara County vs. Southern Pacific Railroad, a dispute over a railbed route, the US Supreme Court deemed that a private corporation was a "natural person" under the US Constitution and therefore entitled to protection under the Bill of Rights. Suddenly, corporations enjoyed all the rights and sovereignty previously enjoyed only by the people, including the right to free speech.
This 1886 decision ostensibly gave corporations the same powers as private citizens. But considering their vast financial resources, corporations thereafter actually had far more power than any private citizen. They could defend and exploit their rights and freedoms more vigorously than any individual and therefore they were more free. In a single legal stroke, the whole intent of the American Constitution -- that all citizens have one vote, and exercise an equal voice in public debates -- had been undermined. Sixty years after it was inked, Supreme Court Justice William O. Douglas concluded of Santa Clara that it "could not be supported by history, logic or reason." One of the great legal blunders of the nineteenth century changed the whole idea of democratic government.
Anyway, just clearing up a common misconception. VMS->WNT, like HAL->IBM, is a coincidence.
Or maybe not:
From:Uri London <uril@microsoft.com>
This is a very old stuff. Anyway, this is just half of the story. About a year and a half after the beginning of the developing process of NT, someone discover that WNT is VMS++. so he asked Dave about that, and his answer was: "wow, It took you too long to find that".
The Dave above is David Cutler, who was the primary architect of both WNT and VMS.
10 times more expensive? I buy a magazine called "Adbusters" whenever I can find it on the store shelves... They have no ads, and it is less then $8 Canadian price... If these people can do it without ads, so can the rest of the magazines...
Adbusters is a nonprofit; I expect that the magazine is partially subsidized by their other donations and fundraising, not just by the cover price.
Adbusters is wonderful, however: I highly recommend it.
What's with these idiotic macho names that video cards have these days? "Rage Fury Max Extreme, D00D!" Are these computer hardware or skateboards? Oh well, I guess their primary target market is the same: 12 year old testosterone-poisoned boys....
Don't pretend that every side has been heard in full. Even on Slashdot. That's not to say there's editorial bias here - I don't believe there is - but, rather, that there's a limited amount of space and an unlimited number of opinions amongst the different sides.
No editorial bias on Slashdot? Excuse me? This is one of the most biased ``news'' outlets you'll ever see!
And that's fine.
People, even people who write for the news, should have opinions. That's their job. If their job was ``just the facts'' then we might as well all just read press releases instead.
This notion of ``journalistic neutrality'' was invented by the wire services late last century in order to be able to sell their stories to both Democratic and Republican papers. They found that stories that didn't express opinions were saleable to a wider market, and so if they kept up the charade that both sides of an argument had merit, they made more money.
Sometimes both sides of an argument don't have merit. Some times one side is just wrong. Analysis of current events is the most important part of journalism, and yet today people treat it like it's a bug rather than a feature.
Getting the facts right is an important part of journalism, but so is spelling. Explaining what the facts mean is the most important part, and that usually can't be done without expressing an opinion. (Opinions being what is pejoratively refered to as ``bias'' by people who hold opposing opinions.)
Why not use binary builds of the executable files digitally signed by the builders, and have the servers check the signatures against a trusted certifying authority?
Because signing binaries doesn't work. (Not for this problem.) How does the server know what the signature of the client-side binary is? Because the client told it. Carmack's suggestion of using a loader to checksum the binaries, rather than having them checksum themselves, also doesn't work: that just adds another level of indirection and changes the problem from "hack the client" to "hack the loader."
This stuff is easy. People have been cracking harder copy-protection than this for years. And in fully closed-source environments.
When you receive a signed message/packet/whatever, the recipient can verify that the sender of that packet had access to the private key that corresponds to a particular public key. That doesn't say anything about the integrity of the message, only about the set of secrets known to the sender.
To oversimplify: you can know who I am, but you can't know that I'm telling you the truth.
Where do the private keys come from? If they are embedded in the Quake executable, then anyone can extract them and use them to sign anything. If they come from PGP's web of trust, then still all you've done is verify the identity (or pseudonym) of the player -- not of the software that they are using.
Matt Pritchard said a lot of good things and then said:
You can verify that a game is running a specific and trusted executable. This does not achieve security. You can not verify anything else that is running on that computer or any other computer between you and the other players that passes your communication packets along.
I have to disagree with the first part: I don't believe that you can verify that a game is running a specific and trusted executable.
Maybe I'm wrong -- I am not a cryptographer, and don't even play one on TV -- but I just don't understand how this is technically possible. If someone thinks they know how to do this, I'd like to hear how.
For example, using PGP you can sign an email message and others can then verify that the message really came from you. Obviously the same thing could be done for an executable file
Unfortunately, this isn't true.
When you receive a signed message/packet/whatever, the recipient can verify that the sender of that packet had access to the private key that corresponds to a particular public key. That doesn't say anything about the integrity of the message, only about the set of secrets known to the sender.
To oversimplify: you can know who I am, but you can't know that I'm telling you the truth.
Where do the private keys come from? If they are embedded in the Quake executable, then anyone can extract them and use them to sign anything. If they come from PGP's web of trust, then still all you've done is verify the identity (or pseudonym) of the player -- not of the software that they are using.
Would targetting computers and nightscopes be cheating if everyone used them? Of course not. It's only cheating when people don't agree on the rules.
You might think that robot/cyborg players were cheating unless your goal was to see how good you were playing against the AI. Or unless you were competing with other humans to see who could build the best robot.
So making it impossible for the game to have bots and timers and other add-ons isn't necessarily the best approach, since that eliminates the potential for whole new forms of gameplay among consenting participants.
That's why this is and will always be a social problem, not a technical problem. And it's one with a simple solution: don't play with jerks.
It's just like Usenet: it used to be a nice place, but then it got overrun by idiots, and so newer, smaller communities like Slashdot appeared. If you are playing Quake and there are a lot of cheaters and idiots around, chances are your community got too big (and thus lost the elements of it that made it actually be a community) and you need to find or create a more intimate one.
No matter how "strong" Carmack's "anti-cheat" device is, it will be circumvented. Some joker will build a workalike to this complex proxy system that "tells the server what it wants to hear."
A real solution would be to build an actual community.
Yes, this is absolutely right! The problem is that software can never be trusted: only people can be trusted. Take the problem back to the actual source.
The only way to really fix this problem, rather than simply layering more obscurity onto it, is to design a system where you actually know the people you are playing with (or at least know them pseudonymously), and trust them not to cheat.
You can cheat at cards, too. This is no different.
To the folks who think that simply hashing the binaries can solve this: who's to say that my client reports back the hashes from the binary that is actually running? This is the ``copy protection'' problem all over again, it simply doesn't work.
My fax machine got spammed yesterday for the first time. I remembered that, unlike email spam, fax spam is explicitly illegal, so I went looking around to try and see what to do about this. I found this document on the FCC site.
The bottom line is, you're screwed.
While it is illegal for someone to spam your fax machine, there is realistically not a damned thing you can do about it. You can personally take them to small-claims court for up to $500, but that would take forever, and so few people will ever actually do that that spammers will feel free to do their thing with impunity.
They do mention an ``opt out'' list you can have yourself added to, but of it they say:
DMA commercially publishes and markets lists of consumers who do not wish to receive solicitation calls.
Which sounds to me like the DMA sells this list to spammers. So we're to believe that there are spammers out there who would pay money for a list of people who do not want to receive their services. Huh? Forgive me if I have a hard time seeing the motivation there.
It's very unlikely that Amazon will be harmed by the loss of money caused by boycotters taking their business elsewhere. It is possible, but still unlikely, that the negative PR impact of a boycott might hurt them, or cause them to change their ways.
What a boycott will do is make you feel better about yourself. And there's nothing wrong with that.
I don't shop at Fry's because their service sucks and I am offended by the body-cavity search they give you on the way out. I don't rent from Blockbuster because they won't rent NC-17 movies. And now I don't shop at Amazon because I don't like their predatory business practices.
It's completely rational to choose not to do business with companies that behave badly. Just as it is completely rational to choose not to do business with people who are rude, or stores that don't have the products you want.
The really sad thing about this is that Amazon doesn't need to resort to such underhanded tactics. Amazon really does have a good store, and I think they would be successful on that basis alone, without having to resort to such dirty tactics.
So I stopped shopping at Amazon the day I heard about their patent suit, despite the fact that one of my best friends is the guy who implemented ``one-click ordering.''
Here is the letter I sent them:
Subject: patent suit ==> losing customers Date: Fri, 22 Oct 1999 11:57:53 -0700 To: feedback@amazon.com
You have finally gone too far.
When you started spamming me, I was irritated, but didn't much care, since at least you gave me a way to unsubscribe. When you started selling your customers' private information down the river, I was irritated, but didn't much care, because I'm not overly concerned about my privacy. But now you've finally lost me as a customer.
Why? Because you asked for, and were awarded, a 17-year monopoly on the concept of "one-click shopping", because that idea is apparently such an innovation, such a breakthrough, that you never would have gone into business without the incentive of federally-mandated exclusive rights.
As if that wasn't bad enough, now you are sueing Barnes and Noble for adding a similar feature to their web site. So much for the bullshit apology one often hears of "we only have patents for defensive purposes, in case someone bigger and stronger sues us for patent infringement first."
Amazon.com is a great web site, far better than any other online store I've used. But I will not be using it again. I will either use other web sites, or make more trips to physical stores from now on.
Convenience is nice, but I don't feel good giving my money to anticompetitive parasites who succeed because of their lawyers rather than the quality of their products and services.
The real shame of it is that your services are *good*. You don't need to compete this way. It's sad, and sickening.
Software patents are far more of a threat to competition and innovation than anything Microsoft has ever done.
``That ideas should freely spread from one to another over the globe, for the moral and mutual instruction of man, and the improvement of his conditions, seems to have been peculiarly and benevolently designed by nature, when she made them, like fire, expansible over all space, without lessening their density in any point, and like the air in which we breathe, move, and have our physical being, incapable of confinement of exclusive appropriation. Inventions then cannot, in nature, be a subject of property.''
Which is to say,
``People will accept your ideas much more readily if you tell them that Benjamin Franklin said it first.'' -- anonymous
``Most people are other people. Their thoughts are someone else's opinions, their lives a mimicry, their passions a quotation.'' -- Oscar Wilde
``She had a pretty gift for quotation, which is a serviceable substitute for wit.'' -- W. Somerset Maugham
Canon color lasers (800, 1000, 2400, ect.) all have a board that recognizes things like money and postage stamps. If you try and copy any of these it will spit out all black copies, and will continue to do so until a Canon tech is called. (They usualy call the Secret Service)
Do you have a reference for this?
Good story, but since this is a Hard Problem, I'm skeptical, and I'm really curious how they do it if it is true.
The United States constitution does not specically grant a right to privacy. However, the supreme court has on many occasions upheld this as a basic American right. Many states constitutions specifically include such a right. California is one example.
The Supreme Court has upheld privacy rights via the 4th Amendment: the idea is that there is a strong similarity between spying and search-and-seisure.
However, contrary to popular belief, the Constitution does not enumerate the rights of the people. It enumerates the powers of the Government to restrict those rights. Rights belong to the people by default. I think most people have lost this key distinction. (I don't mean you.)
The U.S. Supreme Court effectively outlawed wiretapping in 1967 by extending Fourth Amendment protections against unreasonable search and seizure to telephone conversations. But the following year, Congress decided to allow police interception of phone calls -- under strictly limited circumstances. Among them: that taps be authorized only by specified judges; that they be requested only by the highest ranking prosecutors; that they be employed only in investigating serious crimes; and, perhaps most importantly, that they be used only when other means of investigation had been exhausted or had proved useless.
In other words, a wiretap could be used only as a tightly controlled method of last resort -- not as a broadly-cast net in a police fishing expedition.
To insure taps were reasonably employed and to give their targets an opportunity to seek legal redress if they believed their privacy had been violated, Congress also insisted that law enforcement agencies fully disclose their use of taps, even when they didn't lead to arrests. But the federal guidelines were only minimum standards. "It's precisely because wiretaps represent such an invasion into people's privacy and their use is so potentially abusive," says Professor Pugsley, "that both federal and state laws are so stringent."
Indeed, California's 1989 wiretap law put an even shorter leash on the snoopers than did Congress. The state law requires that all defendants be given transcripts of their recorded conversations. It also mandates that notice of the tap be promptly given to all persons whose voices are intercepted -- not just criminal suspects. And local prosecutors were ordered to provide the necessary information so that judges authorizing electronic surveillance could make that notification.
What bugs me is when you have to use the keyboard to do basic window management things like ``send this window to the bottom of the stack.''
The thing that slows people down is not using the mouse, but switching between the keyboard and the mouse. If I have to hold down control-alt-shift-cokebottle while clicking, that's the worst of both worlds.
Personally, I like to use the keyboard only for text: entering, editing, and navigating through it. I like to use the mouse (and only the mouse, not some heinous keyboard/mouse combo) to do everything else, like moving things around and drawing pictures.
(Gimp's menus get more irritating by the day. You just can't use that program effectively without learning keyboard shortcuts, and that's really a shame.)
Don't believe that ``mouse == wrist damage.'' I messed up my wrists while hardly ever using a mouse, and things have gotten better since I started using the mouse more.
I've finally collected together various things I've written here on my wrist problems and put them on their own page, in case anyone's interested.
People often assume that seeing infrared means seeing heat, and that's just not true. That's the difference between ``near infrared'' and ``far infrared.'' Things that are hot throw off far infrared in the same way that things that are really hot throw off visible light.
The Sony Nightshot camera, and all of those nightvision scopes you can buy on the web for from $200-$3000 are near-IR, which means that they can only see objects that are illuminated by an IR light source, like an IR spotlight, or (sometimes) the ambient IR from the night sky.
Thermal imaging hardware is insanely expensive. I understand that this is because it requires tremendously low temperatures, e.g., liquid nitrogen cooling. The explanation I heard is that, analagous to the way the inside of a camera must be completely dark to pick up light without interference, the inside of a heat imager must be completely cold to pick up heat without interference.
Anyway, I'm not an expert on how thermal imaging works, but I do know that it's not available in any kind of ``cool toy'' price range, so I seriously doubt that's what this car has. It's far more likely that the car has a near-IR CCD camera, and IR headlights.
BTW, almost all CCDs see slightly into near-IR beyond the range of human vision: if you look through any modern camcorder and press the button on a remote control, you'll be able to see the beam.
IRC is a poor choice to sit something like this on top of. For searching to be reasonably fast you *DO* want a semi-centralized search mechanism, otherwise you are connecting to each of 3000 (or more) clients and asking them to do the search for you.. That is just not the right way to do it and congests the network in a bad way.
The way around this would be to store the whole database in each client, and broadcast updates to everybody. That way, any node dropping out of the system doesn't bring down the whole network. This is the trick about Usenet that makes it immune to censorship, and has kept the p0rn flowing for so many years...
Whether this should be done by piggybacking on top of IRC, or by inventing a new, parallel protocol, is left as an exercise to the implementor...
If it's centralized, someone will be sued and shut down. If it's decentralized, there are too many people to sue, and the network adapts itself and routes around the problem areas.
Not that I'm advocating breaking the laws of whatever country you happen to be in, of course. That would be wrong. I'm just talking about robust network design.
what "with" means, various comments
on
Under The Radar
·
· Score: 3
When you see a book written by "A with B" it usually means that A didn't write a word: A was interviewed by B, and then B wrote it.
For example, the Freeing the Source: The Story of Mozilla chapter of O'Reilly's Open Sources book is credited as ``by Jim Hamerly and Tom Paquin with Susan Walton.'' In fact, that document was written entirely by Susan Walton (and I think she did a good job of it.) She based it on extensive interviews with Hammerly, Paquin, and myself. I pissed off a lot of people (at Netscape and O'Reilly) by refusing to allow them to list me as an author, because, quite simply, I hadn't written a word of it, and I didn't want to take credit for something I didn't write.
``This is how the publishing industry works,'' they told me. ``Everyone knows what `with' really means.'' Well, I hadn't known that, and I found it to be deceptive, so I wouldn't play along. I thought it should have been credited as ``by Susan Walton based on interviews with...'' or ``...as told to...'' or something, but they hated those.
Anyway, about the Red Hat book...
I thought the history of Red Hat was interesting. But I'll comment on the parts I have direct knowlege of:
The inside-Netscape history is fairly accurate, including the deliberations about the licenses, but as far as I can tell most of it is lifted directly from Frank Hecker's writings on the subject. If you're interested in this part, you should read Hecker's papers, because they are a much better explanation in their pre-condensed form.
I thought their summary of why we didn't use GPL left out a very important detail. Anyone who understands copyright law would respond to the reasons they gave (``we want to bundle with other proprietary software'') by pointing out that the copyright holder always has the right to do things like that. The important point that they failed to mention is that if the copyright holder does so, they eliminate their ability to take contributions from the outside, which is pretty much a deal-breaker. They mentioned that we had a very hard time trying to find a solution to our various license-related problems, but I don't think they did a very good job of explaining what those problems were, or why we reached the decisions we did. Maybe this wasn't an important detail to a book about Red Hat, but if not, they shouldn't have included it at all. What they did include is fairly muddled.
Throughout the book, there were quite a few things that jumped out at me, like saying in one paragraph about Cryptozilla on page 98 ``less than a month after the source code was released... the group added full encryption,'' and then saying two paragraphs later, ``fifteen hours after the source code release, a fully crypto-enabled version of Mozilla for Linux was released.''
So yeah, 15 hours is less than a month. But the book contains a lot of strange errors like this. It's as if there were no review copies distributed at all. (Were there?)
The entirety of the first year of mozilla.org, between April 1998 and April 1999, seems to be skipped over somewhere in the middle of page 100. Then they say, ``it took over a year for Netscape to ship Netscape Navigator version 5.0.''
When did they ship that exactly? For those keeping score at home, it has now been 18 months, and will certainly have been two years, if it ships at all.
Also they consistently misspelled my name (for which Bob was extremely apologetic -- he mailed me about it a few days before the book was released.) Not that I particularly care about trivia like the spelling of my name, but getting that wrong in a book is really a rookie move, and reflects badly on the book that something so basic slipped through.
I think that all of these problems stem from sloppy editing and lack of review. This book would have been much better if they had taken another month or two to distribute review copies and get feedback and corrections.
``Release early, release often'' doesn't work so well with physical media.
Adbusters is absolutely brilliant. I just love the idea of using the media to undermine the media. And even better, they're actually good at it: they are wonderful propagandists. Adbusters is actually the only paper magazine I have a subscription to.
Never used an IRIX box... so how is the X-server on those things! I mean i like XFree a lot and I think that they are doing a great job with it. And i cant wait till 4.0 comes out! My question is that isthere a way that SGI could bring their "knowledge" i.e. code for an X-server to help us to ? ?
SGI's X server is a thing of beauty, but this is largely because SGI's graphics hardware is leaps and bounds better than anything you'll see on a PC.
I think this is bad. These IPO's are going to really hurt the Linux community and drive developers away from the platform.
Perhaps, but if so, it will only be the jealous ones like you.
I'm still pissed off I got boned on the RedHat thing, while in total friends and aquantences I know (and largely pushed to get involved with Linux) are collectively sitting on over a million dollars in Linux stock.
And stripped of hyperbole, what you're saying is that you know around 20 people who were able to buy no more than 400 shares, and are now sitting on around $50,000 each if they sold at the right time ($30,000 after taxes.)
And you're jealous because they got lucky and you didn't.
When I want to GPL and contribute code to the community (or patches, bugfixes, features, etc...) I can't help but think twice now.
Sounds like a personal problem. You are the one bringing the profit motive into this. You are the one who is letting money make your decisions for you, instead of doing what you enjoy, or what you think is ``right.''
But making billions of dollars in virtual cash because of inflated stock prices
Uh, who made billions?
where my hard work is involved, and I am unable to experience those gains myself? That's something totally different. That just sucks.
If you think that sucks, then you fucked up!
If you contributed code under the GPL, and didn't realize that the GPL explicitly allows people to make money off of your work then you didn't think it through! Or you didn't read the license at all. Either way, it's your own damned fault, and if you wanted to make sure that nobody made money off of your work without paying you for it, then you should have put a license on your work that said that, instead of one that loudly says exactly the opposite.
Wake-up call, people: GPL doesn't prevent people from making money off of you. If you're so profit-motivated that this bothers you, pick a different license.
The catch with helicopters is learning to fly them. You can spend ~$1000-1500 getting started, and then you land at the wrong angle, woops need a replacement set of blades, a tailshaft, new set of skids....
Then once you have the skills, you need to get a bigger, gruntier helicopter, the transmitter & camera setup, more complex radio to handle the extra functions.
See, that's just what I mean! That's not a toy, that's a commitment. Where do I go to buy one that's a foot or two long, has wireless video, and basically flies itself when I push they joystick in the direction I want it to go? Oh, and has at least half an hour flight time, half a mile range, and is damned near indestructible?
Slashdot Mirror
There's another chip that can run any x86 OS: it's called the Pentium.
Just because this chip is good at emulating other instruction sets doesn't mean that you can magically run multiple OSes at the same time without rebooting. That's still an incredibly hard problem.
They did say that the chip itself can run multiple instruction sets without resetting between them, but that's still a far cry from saying they've solved the problem of scheduling multiple OSes: since every OS has its own scheduler, you'd need a meta-OS with a meta-scheduler. Not to mention the problems of locking hardware access, etc.
Sadly, this is untrue. Someone else pointed this out earlier but it bears repeating: in the United States, a corporation is a "natural person" under the law, entitled to all the same rights as people who happen to be made of meat.
This great Adbusters article goes into a lot of detail of the history of corporations and how we ended up in this mess. From the article:
Adbusters is wonderful, you should subscribe.
With a name like "The Arswards", it's a shame they didn't get Arseface himself as their mascot!
(In case you're one of those Without Culture, he's a character in Preacher, the second greatest comic book being published today.)
Or maybe not:
This is a very old stuff. Anyway, this is just half of the story. About a year and a half after the beginning of the developing process of NT, someone discover that WNT is VMS++. so he asked Dave about that, and his answer was: "wow, It took you too long to find that".
The Dave above is David Cutler, who was the primary architect of both WNT and VMS.
Adbusters is a nonprofit; I expect that the magazine is partially subsidized by their other donations and fundraising, not just by the cover price.
Adbusters is wonderful, however: I highly recommend it.
What's with these idiotic macho names that video cards have these days? "Rage Fury Max Extreme, D00D!" Are these computer hardware or skateboards? Oh well, I guess their primary target market is the same: 12 year old testosterone-poisoned boys....
No editorial bias on Slashdot? Excuse me? This is one of the most biased ``news'' outlets you'll ever see!
And that's fine.
People, even people who write for the news, should have opinions. That's their job. If their job was ``just the facts'' then we might as well all just read press releases instead.
This notion of ``journalistic neutrality'' was invented by the wire services late last century in order to be able to sell their stories to both Democratic and Republican papers. They found that stories that didn't express opinions were saleable to a wider market, and so if they kept up the charade that both sides of an argument had merit, they made more money.
Sometimes both sides of an argument don't have merit. Some times one side is just wrong. Analysis of current events is the most important part of journalism, and yet today people treat it like it's a bug rather than a feature.
Getting the facts right is an important part of journalism, but so is spelling. Explaining what the facts mean is the most important part, and that usually can't be done without expressing an opinion. (Opinions being what is pejoratively refered to as ``bias'' by people who hold opposing opinions.)
Because signing binaries doesn't work. (Not for this problem.) How does the server know what the signature of the client-side binary is? Because the client told it. Carmack's suggestion of using a loader to checksum the binaries, rather than having them checksum themselves, also doesn't work: that just adds another level of indirection and changes the problem from "hack the client" to "hack the loader."
This stuff is easy. People have been cracking harder copy-protection than this for years. And in fully closed-source environments.
Like I said yesterday,
Matt Pritchard said a lot of good things and then said:
I have to disagree with the first part: I don't believe that you can verify that a game is running a specific and trusted executable.
Maybe I'm wrong -- I am not a cryptographer, and don't even play one on TV -- but I just don't understand how this is technically possible. If someone thinks they know how to do this, I'd like to hear how.
Amen.
Unfortunately, this isn't true.
When you receive a signed message/packet/whatever, the recipient can verify that the sender of that packet had access to the private key that corresponds to a particular public key. That doesn't say anything about the integrity of the message, only about the set of secrets known to the sender.
To oversimplify: you can know who I am, but you can't know that I'm telling you the truth.
Where do the private keys come from? If they are embedded in the Quake executable, then anyone can extract them and use them to sign anything. If they come from PGP's web of trust, then still all you've done is verify the identity (or pseudonym) of the player -- not of the software that they are using.
This is all very similar to the general copy-protection problem as well as the fundamental impossibility of DVD encryption.
Would targetting computers and nightscopes be cheating if everyone used them? Of course not. It's only cheating when people don't agree on the rules.
You might think that robot/cyborg players were cheating unless your goal was to see how good you were playing against the AI. Or unless you were competing with other humans to see who could build the best robot.
So making it impossible for the game to have bots and timers and other add-ons isn't necessarily the best approach, since that eliminates the potential for whole new forms of gameplay among consenting participants.
That's why this is and will always be a social problem, not a technical problem. And it's one with a simple solution: don't play with jerks.
It's just like Usenet: it used to be a nice place, but then it got overrun by idiots, and so newer, smaller communities like Slashdot appeared. If you are playing Quake and there are a lot of cheaters and idiots around, chances are your community got too big (and thus lost the elements of it that made it actually be a community) and you need to find or create a more intimate one.
Yes, this is absolutely right! The problem is that software can never be trusted: only people can be trusted. Take the problem back to the actual source.
The only way to really fix this problem, rather than simply layering more obscurity onto it, is to design a system where you actually know the people you are playing with (or at least know them pseudonymously), and trust them not to cheat.
You can cheat at cards, too. This is no different.
To the folks who think that simply hashing the binaries can solve this: who's to say that my client reports back the hashes from the binary that is actually running? This is the ``copy protection'' problem all over again, it simply doesn't work.
My fax machine got spammed yesterday for the first time. I remembered that, unlike email spam, fax spam is explicitly illegal, so I went looking around to try and see what to do about this. I found this document on the FCC site.
The bottom line is, you're screwed.
While it is illegal for someone to spam your fax machine, there is realistically not a damned thing you can do about it. You can personally take them to small-claims court for up to $500, but that would take forever, and so few people will ever actually do that that spammers will feel free to do their thing with impunity.
They do mention an ``opt out'' list you can have yourself added to, but of it they say:
Which sounds to me like the DMA sells this list to spammers. So we're to believe that there are spammers out there who would pay money for a list of people who do not want to receive their services. Huh? Forgive me if I have a hard time seeing the motivation there.
It's very unlikely that Amazon will be harmed by the loss of money caused by boycotters taking their business elsewhere. It is possible, but still unlikely, that the negative PR impact of a boycott might hurt them, or cause them to change their ways.
What a boycott will do is make you feel better about yourself. And there's nothing wrong with that.
I don't shop at Fry's because their service sucks and I am offended by the body-cavity search they give you on the way out. I don't rent from Blockbuster because they won't rent NC-17 movies. And now I don't shop at Amazon because I don't like their predatory business practices.
It's completely rational to choose not to do business with companies that behave badly. Just as it is completely rational to choose not to do business with people who are rude, or stores that don't have the products you want.
The really sad thing about this is that Amazon doesn't need to resort to such underhanded tactics. Amazon really does have a good store, and I think they would be successful on that basis alone, without having to resort to such dirty tactics.
So I stopped shopping at Amazon the day I heard about their patent suit, despite the fact that one of my best friends is the guy who implemented ``one-click ordering.''
Here is the letter I sent them:
Date: Fri, 22 Oct 1999 11:57:53 -0700
To: feedback@amazon.com
You have finally gone too far.
When you started spamming me, I was irritated, but didn't much care, since at least you gave me a way to unsubscribe. When you started selling your customers' private information down the river, I was irritated, but didn't much care, because I'm not overly concerned about my privacy. But now you've finally lost me as a customer.
Why? Because you asked for, and were awarded, a 17-year monopoly on the concept of "one-click shopping", because that idea is apparently such an innovation, such a breakthrough, that you never would have gone into business without the incentive of federally-mandated exclusive rights.
As if that wasn't bad enough, now you are sueing Barnes and Noble for adding a similar feature to their web site. So much for the bullshit apology one often hears of "we only have patents for defensive purposes, in case someone bigger and stronger sues us for patent infringement first."
Amazon.com is a great web site, far better than any other online store I've used. But I will not be using it again. I will either use other web sites, or make more trips to physical stores from now on.
Convenience is nice, but I don't feel good giving my money to anticompetitive parasites who succeed because of their lawyers rather than the quality of their products and services.
The real shame of it is that your services are *good*. You don't need to compete this way. It's sad, and sickening.
Software patents are far more of a threat to competition and innovation than anything Microsoft has ever done.
Goodbye.
Here's another good Jefferson quote:
Which is to say,
Do you have a reference for this?
Good story, but since this is a Hard Problem, I'm skeptical, and I'm really curious how they do it if it is true.
The Supreme Court has upheld privacy rights via the 4th Amendment: the idea is that there is a strong similarity between spying and search-and-seisure.
However, contrary to popular belief, the Constitution does not enumerate the rights of the people. It enumerates the powers of the Government to restrict those rights. Rights belong to the people by default. I think most people have lost this key distinction. (I don't mean you.)
This excellent article about the LAPD's extensive use of wiretapping contains the following:
What bugs me is when you have to use the keyboard to do basic window management things like ``send this window to the bottom of the stack.''
The thing that slows people down is not using the mouse, but switching between the keyboard and the mouse. If I have to hold down control-alt-shift-cokebottle while clicking, that's the worst of both worlds.
Personally, I like to use the keyboard only for text: entering, editing, and navigating through it. I like to use the mouse (and only the mouse, not some heinous keyboard/mouse combo) to do everything else, like moving things around and drawing pictures.
(Gimp's menus get more irritating by the day. You just can't use that program effectively without learning keyboard shortcuts, and that's really a shame.)
Don't believe that ``mouse == wrist damage.'' I messed up my wrists while hardly ever using a mouse, and things have gotten better since I started using the mouse more.
I've finally collected together various things I've written here on my wrist problems and put them on their own page, in case anyone's interested.
People often assume that seeing infrared means seeing heat, and that's just not true. That's the difference between ``near infrared'' and ``far infrared.'' Things that are hot throw off far infrared in the same way that things that are really hot throw off visible light.
The Sony Nightshot camera, and all of those nightvision scopes you can buy on the web for from $200-$3000 are near-IR, which means that they can only see objects that are illuminated by an IR light source, like an IR spotlight, or (sometimes) the ambient IR from the night sky.
Thermal imaging hardware is insanely expensive. I understand that this is because it requires tremendously low temperatures, e.g., liquid nitrogen cooling. The explanation I heard is that, analagous to the way the inside of a camera must be completely dark to pick up light without interference, the inside of a heat imager must be completely cold to pick up heat without interference.
Anyway, I'm not an expert on how thermal imaging works, but I do know that it's not available in any kind of ``cool toy'' price range, so I seriously doubt that's what this car has. It's far more likely that the car has a near-IR CCD camera, and IR headlights.
BTW, almost all CCDs see slightly into near-IR beyond the range of human vision: if you look through any modern camcorder and press the button on a remote control, you'll be able to see the beam.
The way around this would be to store the whole database in each client, and broadcast updates to everybody. That way, any node dropping out of the system doesn't bring down the whole network. This is the trick about Usenet that makes it immune to censorship, and has kept the p0rn flowing for so many years...
Whether this should be done by piggybacking on top of IRC, or by inventing a new, parallel protocol, is left as an exercise to the implementor...
If it's centralized, someone will be sued and shut down. If it's decentralized, there are too many people to sue, and the network adapts itself and routes around the problem areas.
Not that I'm advocating breaking the laws of whatever country you happen to be in, of course. That would be wrong. I'm just talking about robust network design.
When you see a book written by "A with B" it usually means that A didn't write a word: A was interviewed by B, and then B wrote it.
For example, the Freeing the Source: The Story of Mozilla chapter of O'Reilly's Open Sources book is credited as ``by Jim Hamerly and Tom Paquin with Susan Walton.'' In fact, that document was written entirely by Susan Walton (and I think she did a good job of it.) She based it on extensive interviews with Hammerly, Paquin, and myself. I pissed off a lot of people (at Netscape and O'Reilly) by refusing to allow them to list me as an author, because, quite simply, I hadn't written a word of it, and I didn't want to take credit for something I didn't write.
``This is how the publishing industry works,'' they told me. ``Everyone knows what `with' really means.'' Well, I hadn't known that, and I found it to be deceptive, so I wouldn't play along. I thought it should have been credited as ``by Susan Walton based on interviews with ...'' or ``...as told to...'' or something, but they hated those.
Anyway, about the Red Hat book...
I thought the history of Red Hat was interesting. But I'll comment on the parts I have direct knowlege of:
The inside-Netscape history is fairly accurate, including the deliberations about the licenses, but as far as I can tell most of it is lifted directly from Frank Hecker's writings on the subject. If you're interested in this part, you should read Hecker's papers, because they are a much better explanation in their pre-condensed form.
I thought their summary of why we didn't use GPL left out a very important detail. Anyone who understands copyright law would respond to the reasons they gave (``we want to bundle with other proprietary software'') by pointing out that the copyright holder always has the right to do things like that. The important point that they failed to mention is that if the copyright holder does so, they eliminate their ability to take contributions from the outside, which is pretty much a deal-breaker. They mentioned that we had a very hard time trying to find a solution to our various license-related problems, but I don't think they did a very good job of explaining what those problems were, or why we reached the decisions we did. Maybe this wasn't an important detail to a book about Red Hat, but if not, they shouldn't have included it at all. What they did include is fairly muddled.
Throughout the book, there were quite a few things that jumped out at me, like saying in one paragraph about Cryptozilla on page 98 ``less than a month after the source code was released ... the group added full encryption,'' and then saying two paragraphs later, ``fifteen hours after the source code release, a fully crypto-enabled version of Mozilla for Linux was released.''
So yeah, 15 hours is less than a month. But the book contains a lot of strange errors like this. It's as if there were no review copies distributed at all. (Were there?)
The entirety of the first year of mozilla.org, between April 1998 and April 1999, seems to be skipped over somewhere in the middle of page 100. Then they say, ``it took over a year for Netscape to ship Netscape Navigator version 5.0.''
When did they ship that exactly? For those keeping score at home, it has now been 18 months, and will certainly have been two years, if it ships at all.
Also they consistently misspelled my name (for which Bob was extremely apologetic -- he mailed me about it a few days before the book was released.) Not that I particularly care about trivia like the spelling of my name, but getting that wrong in a book is really a rookie move, and reflects badly on the book that something so basic slipped through.
I think that all of these problems stem from sloppy editing and lack of review. This book would have been much better if they had taken another month or two to distribute review copies and get feedback and corrections.
``Release early, release often'' doesn't work so well with physical media.
Adbusters is absolutely brilliant. I just love the idea of using the media to undermine the media. And even better, they're actually good at it: they are wonderful propagandists. Adbusters is actually the only paper magazine I have a subscription to.
SGI's X server is a thing of beauty, but this is largely because SGI's graphics hardware is leaps and bounds better than anything you'll see on a PC.
Perhaps, but if so, it will only be the jealous ones like you.
And stripped of hyperbole, what you're saying is that you know around 20 people who were able to buy no more than 400 shares, and are now sitting on around $50,000 each if they sold at the right time ($30,000 after taxes.)
And you're jealous because they got lucky and you didn't.
Sounds like a personal problem. You are the one bringing the profit motive into this. You are the one who is letting money make your decisions for you, instead of doing what you enjoy, or what you think is ``right.''
Uh, who made billions?
If you think that sucks, then you fucked up!
If you contributed code under the GPL, and didn't realize that the GPL explicitly allows people to make money off of your work then you didn't think it through! Or you didn't read the license at all. Either way, it's your own damned fault, and if you wanted to make sure that nobody made money off of your work without paying you for it, then you should have put a license on your work that said that, instead of one that loudly says exactly the opposite.
Wake-up call, people: GPL doesn't prevent people from making money off of you. If you're so profit-motivated that this bothers you, pick a different license.
See, that's just what I mean! That's not a toy, that's a commitment. Where do I go to buy one that's a foot or two long, has wireless video, and basically flies itself when I push they joystick in the direction I want it to go? Oh, and has at least half an hour flight time, half a mile range, and is damned near indestructible?
There's a market for such a toy, and I am it!