The journal publishers are in a world of hurt. So are Universities and faculty. They all want to get behind *something,* they just don't know what. Perhaps these guys have a good enough model and a critical mass of backers (one big publisher -- hundreds of journals, and a big University) to build some momentum.
OK, all good points and truthful, for that side of the debate.
The reasons to go IP are: (1) flexibility for the future; (2) more sophisticated, integrated, and remote management; (3) lower cost cabling, particularly for future changes; and (4) more secure.
(1) The world is going IP, like it or not. You don't really know what the access control hardware of the future will look like. If you ever want to add biometric devices, cameras, or who knows what, that stuff will almost certainly be IP only.
(2) IP systems permit hardware and software to sold and upgraded separately. It is common to use existing security, identification, authorization, and logging of access control and physical security system using the IT departments existing infrastructure (RADIUS, TACACS+). You can't do this closed access control systems. Management can be done remotely, for example, in one central location to manage dozens of buildings, or using cloud-based services for smaller companies (like his). If you outsource HR (many people do), you might as well have them control the card-keys, too.
(3) Everybody we work for ends up having to run more cable AFTER the building is finished. Boy, is that expensive, using 'home runs' on special cable. (4) I will put modern, redundant switches up against any current door hardware for reliability -- but I get your point. IP connections are often very securely encrypted. Not true for the RS-485 cables. Either you or I could break into anywhere, if we had access to even one of those cables.
Anyway, its a good debate. I will also give your side credit for having more choices of hardware, currently.
An entity trying to buy votes in an election typical goes to a group of people who would not normally vote but think similarly -- such a members of a church, school or town. They pay individually or give money to the group, and often provide transportation, such as bussing to the polling place. The members feel loyalty to their group or to the payer and so they vote as directed -- mostly. This is the common method. I am not guessing. This is a long established, unfortunate, practice both in the US and other countries.
I agree with you, but want to make two comments: (1) mail is still expensive, slow, and far from perfect; (2) the US Postal Service is the largest polluter (gas fumes, junk mail) in the western world. I don't like giving them more stuff to mess up.
I have a lot of background in cryptography and interent security. (This does not mean my opinion is better than yours.)
I agree that this is a hard problem and that there are many exposed 'weak links.'
But I don't think it is insolvable.
If someone were to offer $1 million to the best proposed solution, and a handful of $100,000 runner up prizes, the zillion smart people who read/. and are underemployed would come up with some great solutions.
There are some tricks that can be borrowed from current election checking. For example, look carefully at all of the user statistics -- compare to prior elections, registration stats, time of day, IP addresses, user PK certificates, comparison to other, "similar," voting domains, etc. This type of non-privacy-invading audit is good at identifying problems down to about 1% - 3% of the voting population. A hacker, trying something for the first time, has a good chance of getting located this way.
Another trick is sample audits -- a bit like "exit polls," where a fraction of voters are asked how the voted. This can be viewed as privacy invasion, but it happens all the time, now, so there is really no policy change. Again, this can find anomalies down to about 3%.
Another trick is post-election audits of PK certificates. Better late than never.
Another tool is to carefully monitor internet traffic to look for anomalies, particularly DOS attempts.
Another tool is to provide "hardened" computers that voters can use, at places smilar to today's polling locations -- senior centers, gov't offices. These machines have had some type of security audit. And yes -- this approach has its own risks, I know. I would suggest mixing this approach with user's own computers.
I know people want to use web browsers, but I would not do that. Voters have to download a totally dedicated app (see open source, below), and each app has PK signature.
Another trick is give some users hardware keys, like paypal and RSA use. Even if only 1% of voters have a hardware key this provides a very high degree of polling information and that can spot fraud down to a small fraction of a percent.
And finally, all software should be open source. Period. As pointed out repeatedly, relying on secrecy is pretty much a guarantee of breech.
I am not offering a solution here. I am merely pointing out that there are methods and tools that can be used as a starting point for a real solution.
Don't say a problem is insolvable until you have tried seriously to solve it.
And finally, no voting system is 100.000% perfect. Get over it. For example, no system prevents buying votes. No system prevents voters from lying. Build the best system you can.
The patent has been granted. It is currently in, but not out of, re-examination. However, the current progress in re-exam doesn't look favorable for the patent holder.
Just pointing out an error in the headline. A "troll" is "non-practicing entity" AKA NPE. This guy has a working web site and business built around the patent. I am just saying...
Please give three examples. Cite specific laws, not your opinion. And, please use a Standard that has a required patent associated with it, to stay on topic.
Standards are never "owned." Except that the text is copyrighted to avoid corruption. Compliance with any Standard is strictly voluntary.
Standards are ABSOLUTELY too important for any one or two companies to control. A typical Standards committee (IEEE, ANSI, CCITT, etc) requires a minimum of 40 industry representatives and 75 to 80% positive vote from those members to pass. 100 members is more typical.
If you want Standards totally unencumbered, great! Volunteer. Most of the other people on the committee will agree with your intent.
Like or not, patents foster innovation. They have done so since the time of the Greeks, and the founding fathers built patent protection into the US Constitution.
A society that does not reward work in an investment with any way to protect the work will still be painting on cave walls.
And, by the way, Standards that people don't like, ARE ignored. Happens every day.
Very few standards are EVER legislated as compulsory.
Standards body are absolutely NOT the government. Participation is voluntary, and so is compliance.
Standards are best possible alternative to government. "If you like this, great! If don't like it, you are free to do whatever you want."
Which is, uh, why there are so MANY Standards. Or, as we used to say, "one for everybody."
People LIKE Standards. If I want to buy an "802.11ac" wireless access point, I have no clue what 802.11ac is, but I have a good chance it will work with other 802.11ac devices.
If Standard REQUIRES patented technology to implement, then you are right. You can't copy a patent and then think you can distribute that for free. However, first there are very few Standards that required patented technology -- although that might get you to market faster, or save you some money.
If you think can implement something close to the proposed Standard, in a way that doesn't infringe on a disclosed patent (patents are always disclosed in advance during Standards meetings), then tell the committee. They almost certainly will use your approach over a patented one. Remember it takes about 75% of the members in a Standards committee to approve a draft Standard. And for anything patented, that benefits only one member, and hurts all the rest. They are not stupid.
If are the source of, or user, of GPL property, then the entire FRAND thing is irrelevant for you. If it's open, it's open. Copyrights and patents are granted only the original creators or original works. If the creator wants to make it open, great! The Standards body prefers that, and so do all the users. These two are not in conflict at all. Open source helps patents, because it provides a widely available reference that can trivially be used against anyone who might (purposefully or accidentally) claim any rights to it.
You NEVER pay royalties to a Standards body. You pay them only the owner of the property.
The F in FRAND stands for "fair." FRAND is an approach used for decades by Standards committees that require any participant and any IP involved with a proposed Standard to offer open and uniform patent licensing to everyone (on the planet). This type of licensing is very much NOT the industry practice, where nearly every patent license is otherwise kept a secret and has to be painfully negotiated. There is nothing in FRAND, that I can see, that prohibits open source software or other open IP. In fact, Standards committees -- given a choice -- would far rather build in open IP to closed IP (even FRAND) into a Standard. Can someone knowledgable explain how FRAND in any way harms open source? I have worked extensively on two international Standards bodies, and have two of my own (non-patented) inventions now as ANSI standards.
I filed a patent application for a "smart plug," which overlaps with Sony's idea. I think mine is far better. I hope to have it become an open standard via the RFP process. I posted the application and illustrations where you can download them on my blog: litebulb.org
Non-profits have to file or disclose practically nothing. They have a tiny fraction of the disclosure requirements of public companies. They don't have to disclose how much officers are paid, or revenue sources, or how revenue is spent. They have only to provide a few very broad categories, with lots of wiggle-room even in those categories. They operate under a charter by the state, but there is no adult-supervision, as it were.
Takes effect on the Ides of March, 2012. For new filings after date. Those new filings will start to come out of the Patent Office mill around 2017. Most professionals in the patent field (including me) don't think the new law will change patent practice much.
Like many others in my field, I prefer to call it by its original name, the "Smith-Leahy Act," since it, disappointingly, doesn't provide meaningful improvement in "inventing."
Slashdot Mirror
The journal publishers are in a world of hurt. So are Universities and faculty. They all want to get behind *something,* they just don't know what. Perhaps these guys have a good enough model and a critical mass of backers (one big publisher -- hundreds of journals, and a big University) to build some momentum.
OK, all good points and truthful, for that side of the debate.
The reasons to go IP are: (1) flexibility for the future; (2) more sophisticated, integrated, and remote management; (3) lower cost cabling, particularly for future changes; and (4) more secure.
(1) The world is going IP, like it or not. You don't really know what the access control hardware of the future will look like. If you ever want to add biometric devices, cameras, or who knows what, that stuff will almost certainly be IP only.
(2) IP systems permit hardware and software to sold and upgraded separately. It is common to use existing security, identification, authorization, and logging of access control and physical security system using the IT departments existing infrastructure (RADIUS, TACACS+). You can't do this closed access control systems. Management can be done remotely, for example, in one central location to manage dozens of buildings, or using cloud-based services for smaller companies (like his). If you outsource HR (many people do), you might as well have them control the card-keys, too.
(3) Everybody we work for ends up having to run more cable AFTER the building is finished. Boy, is that expensive, using 'home runs' on special cable. (4) I will put modern, redundant switches up against any current door hardware for reliability -- but I get your point. IP connections are often very securely encrypted. Not true for the RS-485 cables. Either you or I could break into anywhere, if we had access to even one of those cables.
Anyway, its a good debate. I will also give your side credit for having more choices of hardware, currently.
I design IT for buildings.
Be sure to put in enough access points for wireless. If you can't afford a lot, at least pull the cat6.
If you want to use any kind of access control (card keys for doors) make that IP-based, not the ancient 6-wire proprietary cable.
If you want security cameras, those should all be Ethernet, too. Again, at least pull the cable and terminate it in a J-box.
Put in a small server room (size of an office) with extra air-conditioning, no window, and a heavy-gauge door.
As far a servers go, everything is going VMware now.
An entity trying to buy votes in an election typical goes to a group of people who would not normally vote but think similarly -- such a members of a church, school or town. They pay individually or give money to the group, and often provide transportation, such as bussing to the polling place. The members feel loyalty to their group or to the payer and so they vote as directed -- mostly. This is the common method. I am not guessing. This is a long established, unfortunate, practice both in the US and other countries.
One more tool: capture a picture of the voter using the PC's camera. Helps eliminate a guy voting for his wife. (They probably vote the same, anyway.)
Yeah, voting is pretty imperfect. Do you have a better system?
Yeah, that will work. Except that those actions are highly visible. Criminals don't like getting caught (generally).
I agree with you, but want to make two comments: (1) mail is still expensive, slow, and far from perfect; (2) the US Postal Service is the largest polluter (gas fumes, junk mail) in the western world. I don't like giving them more stuff to mess up.
I'm a very tech guy and I agree with you 100%
I agree that this is a hard problem and that there are many exposed 'weak links.'
But I don't think it is insolvable.
If someone were to offer $1 million to the best proposed solution, and a handful of $100,000 runner up prizes, the zillion smart people who read /. and are underemployed would come up with some great solutions.
There are some tricks that can be borrowed from current election checking. For example, look carefully at all of the user statistics -- compare to prior elections, registration stats, time of day, IP addresses, user PK certificates, comparison to other, "similar," voting domains, etc. This type of non-privacy-invading audit is good at identifying problems down to about 1% - 3% of the voting population. A hacker, trying something for the first time, has a good chance of getting located this way.
Another trick is sample audits -- a bit like "exit polls," where a fraction of voters are asked how the voted. This can be viewed as privacy invasion, but it happens all the time, now, so there is really no policy change. Again, this can find anomalies down to about 3%.
Another trick is post-election audits of PK certificates. Better late than never.
Another tool is to carefully monitor internet traffic to look for anomalies, particularly DOS attempts.
Another tool is to provide "hardened" computers that voters can use, at places smilar to today's polling locations -- senior centers, gov't offices. These machines have had some type of security audit. And yes -- this approach has its own risks, I know. I would suggest mixing this approach with user's own computers.
I know people want to use web browsers, but I would not do that. Voters have to download a totally dedicated app (see open source, below), and each app has PK signature.
Another trick is give some users hardware keys, like paypal and RSA use. Even if only 1% of voters have a hardware key this provides a very high degree of polling information and that can spot fraud down to a small fraction of a percent.
And finally, all software should be open source. Period. As pointed out repeatedly, relying on secrecy is pretty much a guarantee of breech.
I am not offering a solution here. I am merely pointing out that there are methods and tools that can be used as a starting point for a real solution.
Don't say a problem is insolvable until you have tried seriously to solve it.
And finally, no voting system is 100.000% perfect. Get over it. For example, no system prevents buying votes. No system prevents voters from lying. Build the best system you can.
The patent has been granted. It is currently in, but not out of, re-examination. However, the current progress in re-exam doesn't look favorable for the patent holder.
Just pointing out an error in the headline. A "troll" is "non-practicing entity" AKA NPE. This guy has a working web site and business built around the patent. I am just saying ...
Please give three examples. Cite specific laws, not your opinion. And, please use a Standard that has a required patent associated with it, to stay on topic.
Standards are never "owned." Except that the text is copyrighted to avoid corruption. Compliance with any Standard is strictly voluntary.
Standards are ABSOLUTELY too important for any one or two companies to control. A typical Standards committee (IEEE, ANSI, CCITT, etc) requires a minimum of 40 industry representatives and 75 to 80% positive vote from those members to pass. 100 members is more typical.
If you want Standards totally unencumbered, great! Volunteer. Most of the other people on the committee will agree with your intent.
Like or not, patents foster innovation. They have done so since the time of the Greeks, and the founding fathers built patent protection into the US Constitution.
A society that does not reward work in an investment with any way to protect the work will still be painting on cave walls.
And, by the way, Standards that people don't like, ARE ignored. Happens every day.
Very few standards are EVER legislated as compulsory.
Standards body are absolutely NOT the government. Participation is voluntary, and so is compliance.
Standards are best possible alternative to government. "If you like this, great! If don't like it, you are free to do whatever you want."
Which is, uh, why there are so MANY Standards. Or, as we used to say, "one for everybody."
People LIKE Standards. If I want to buy an "802.11ac" wireless access point, I have no clue what 802.11ac is, but I have a good chance it will work with other 802.11ac devices.
Yes, that is the normal rule. Any minimums at all are generally viewed as "not FRAND."
If Standard REQUIRES patented technology to implement, then you are right. You can't copy a patent and then think you can distribute that for free. However, first there are very few Standards that required patented technology -- although that might get you to market faster, or save you some money.
If you think can implement something close to the proposed Standard, in a way that doesn't infringe on a disclosed patent (patents are always disclosed in advance during Standards meetings), then tell the committee. They almost certainly will use your approach over a patented one. Remember it takes about 75% of the members in a Standards committee to approve a draft Standard. And for anything patented, that benefits only one member, and hurts all the rest. They are not stupid.
If are the source of, or user, of GPL property, then the entire FRAND thing is irrelevant for you. If it's open, it's open. Copyrights and patents are granted only the original creators or original works. If the creator wants to make it open, great! The Standards body prefers that, and so do all the users. These two are not in conflict at all. Open source helps patents, because it provides a widely available reference that can trivially be used against anyone who might (purposefully or accidentally) claim any rights to it.
You NEVER pay royalties to a Standards body. You pay them only the owner of the property.
The F in FRAND stands for "fair." FRAND is an approach used for decades by Standards committees that require any participant and any IP involved with a proposed Standard to offer open and uniform patent licensing to everyone (on the planet). This type of licensing is very much NOT the industry practice, where nearly every patent license is otherwise kept a secret and has to be painfully negotiated. There is nothing in FRAND, that I can see, that prohibits open source software or other open IP. In fact, Standards committees -- given a choice -- would far rather build in open IP to closed IP (even FRAND) into a Standard. Can someone knowledgable explain how FRAND in any way harms open source? I have worked extensively on two international Standards bodies, and have two of my own (non-patented) inventions now as ANSI standards.
I filed a patent application for a "smart plug," which overlaps with Sony's idea. I think mine is far better. I hope to have it become an open standard via the RFP process. I posted the application and illustrations where you can download them on my blog: litebulb.org
Non-profits have to file or disclose practically nothing. They have a tiny fraction of the disclosure requirements of public companies. They don't have to disclose how much officers are paid, or revenue sources, or how revenue is spent. They have only to provide a few very broad categories, with lots of wiggle-room even in those categories. They operate under a charter by the state, but there is no adult-supervision, as it were.
Takes effect on the Ides of March, 2012. For new filings after date. Those new filings will start to come out of the Patent Office mill around 2017. Most professionals in the patent field (including me) don't think the new law will change patent practice much.
Like many others in my field, I prefer to call it by its original name, the "Smith-Leahy Act," since it, disappointingly, doesn't provide meaningful improvement in "inventing."
Uh, I forget.
This reminds me of when the Chinese tried to copy a 747. They made it out of wood, and got the center of gravity wrong. Is it a plane?
In the youtube demo, it missed every question.