Yours, yes. Lots of people, and almost all companies, pay for their internet access, often by traffic. Blocking the crap at the firewall doesn't take care of that problem. In many cases, it makes it worse (due to retries).
If your car is stolen because you left it unlocked in a parking lot and used in a hit-and-run accident, the car owner should not be held responsible. Yes, it is his fault that he didn't lock his car, but it shouldn't be illegal for him to leave his car unlocked. The crime committed here was by the thief.
But Mullen isn't talking about the thief - he's talking about the guy with the pickup who rams your car during the hit-and-run, stopping the crime and catching the thief.
Did that guy commit a crime? Would you have a claim against him for the damage he did?
Your idea is a good alternative. Probably the better one. However, it won't happen, because it requires worldwide cooperation. There are good graphics on dshield.org about the spread of Code Red. Even if every IIS server in the US would have been unplugged within an hour, it wouldn't have made much of a difference.
Mullen's proposal is very different from the RIAAs.
The RIAA wants the right to hack your computer because they suspect you copied CDs. Metaphorically, they want the right to break into your home because you sneaked into the disco without paying.
Mullen wants to shut you down if you attack him. Metaphorically, he wants the right to knock you out if you try to rob him.
Guess what, in the real world, one of these rights already exists. It's called self-defense. The point is that the two things are not only related, they also depend on each other. The RIAA hacking your machine will not stop you from copying CDs. Shutting down your machine will stop the virus from spreading, at least temporarily.
Guess what, the incompetent won't be able to, even if they had the right.
There's something called self-defense in virtually every law on the planet. It usually reads something like: "You are allowed to stop or prevent an illegal assault on you or someone else by using any means necessary and adequate." Key points: - the assault must be illegal - if it is, you have the right to stop or prevent it (no need to wait until you've been killed, you know) - the means must be reasonable, i.e. you can't kill someone because he grabbed your butt. However, if someone tries to kill you, then killing him first is acceptable.
The strikeback idea was developed against Code Red infections. It uses the same attack vector that Code Red uses. That leaves you with two options:
a) Code Red is not an illegal assault. In that case, neither is my counterattack, since it uses the same method b) Code Red is an illegal assault. In that case, using the same means to stop it is entirely within my rights.
I have strikeback code running on my webserver. If you can't defend your machine from a 2 year old worm, then you don't belong on the Internet.
Systrace is a nice toy, but unfortunately a flawed concept. There's a whitepaper from the NSA about the why, look on their selinux site (www.nsa.gov/selinux)
Forget the RIAA bashing, the Gobbles guys know what they do. That said, this is very un-gobbles from what I've seen from them in the past. Not the technology, but the comments in the source, for example. Then again, they're supposedly a large group.
From the little info that is available, I'd give them a 50-50 chance that it's true. That would be interesting.
Evidence can be sealed, you know? Google can present the evidence to the court with a court order that it will never leave the hall. And while IANAL, I'm fairly sure the penalty for breaching that is high enough to make searchking not even think about it.
There's this thing called "context". I don't know what it's good for, either, but I've been told one can get "meaning" from it or something.
When I have two tools that do the same thing. Let's assume they do it equally well. In short: They are identical in all aspects, except that one is proprietary and the other is Free Software - isn't it obvious to a blind man with attention deficit disorder who just lost his glasses because his Alzheimer keeps making him forget where he put them that the Free solution is the superior one? There are long explanations on sites such as gnu.org as to why this is the case, but in essence it boils down to: a) there's more you can do with it and b) nobody can take it away
In the MPlayer case, there's also the interesting little fact, which is of no consequence, of course, but interesting nevertheless, that MPlayer can play anything that that other thing can, because it can use its codeces. In addition to that, it can also play a lot more. In fact, it can play so much more that WMP is left a little bit in the dust with a funny look on its face along the lines of "what the hell was that?".
Finally, it doesn't matter whether or not quicktime is any good. Lots of content is only available in quicktime.
Wrong topic. This isn't about sniffing the SSH traffic, it's about sniffing the memory of the machine, which can well contain the key. Your hit-chance is pretty bad, though.
Cyberspace or not, there are real scarcities. Server cpu cycles are limited. Server ram is limited. Server disk space is limited.
So what you're saying is that the item prices should depend on how much performance it costs? The buggy is more expensive than the bike because it has more polygons and four wheels cost more CPU power than two?
That would definitely make for an interesting economy. I'm not satirical, this would be a very interesting idea.
Why exactly would I want a proprietary, closed-source spyware application when I have free software mplayer which plays everything from.mp3 to quicktime and can double not only as a DVD player but also as an encoder ?
That's like running IE when you can run Mozilla, isn't it?
Can someone explain why this case goes the property route at all ? As I understand it, the domain name was obtained using forgery and other fraudulent methods. Does it even matter whether the domain name is property?
Remember, this is about the jurisdiction question. It has nothing to do with the case itself, i.e. the SC would not decide whether DeCSS is legal or not.
What this is about is that DVD CCA sued 77 people from two dozen US states and a dozen foreign countries, all in one fell swoop. As one of the defendents in question, I have to say it's got nothing to do with saving legal fees. We received an e-mail notification of the pending injunction less than 48 hours before it would have been signed. If you live somewhere in europe, have less than two days and the time difference working against you, there is little chance that you can do anything about it. Even had I gotten hold of legal council first thing next morning, my lawyer would have had less than 24 hours to investigate the relevant US laws, find a California lawyer to represent me and write up a defense.
This was not at all about saving legal fees, it was all about steamrolling over as many people as you can manage to squeeze in.
(fortunately, the idiots didn't know CC from BCC, so we got a full list of everyone sued, had all of them put on a mailing list within a few hours and the twits were greeted by EFF lawyers when they tried to get their court signature. The full story is somewhere on my website).
Re:Do not pass go, do not collect $200
on
Dow vs. Parody
·
· Score: 2
I correct myself: The legislature writes the laws. However, in a civilized country, only a court can decide whether or not a specific event was against the law or not. That's the point: That you have the right to be heard by a court. No such luck with the DMCA.
As for Verio: You missed the point by a mile. The AUP are something that Verio has written and that Verio can choose to enforce or not. Lots of choice there, and necessarily so. As I said, I work for an ISP. Our AUPs prohibit malicious activity. Part of my job is to decide which kind of attacks, hacking attempts and script-kiddie behaviour falls intot that category and which not. Lots of choice there. With a DMCA takedown notice, there is no such choice. I've been through the dance with our legal department. If you're an ISP in the USA, then the procedure is crystal clear and your choice is essentially reduced to whether you yank the site before or after lunch break.
Re:Do not pass go, do not collect $200
on
Dow vs. Parody
·
· Score: 2
here are lots of types of speech that are not lawful.
And here I was thinking that it's the job of the courts to decide what's lawful and what not.
By that reasoning, libel laws are violations of the 1st amendment,
There is a fine difference here. The libel laws have, over time, been worked out so that they can be applied without what is called the "chilling effect". The DMCA has not.
Verio did not have much of a choice in this matter. I work for an ISP, and I've been involved in our own DMCA discussions. The law is pretty clear that there is a definite procedure for the ISP to follow, and there is very little choice involved. You get a takedown notice, you take the site down. If your lawyers tell you anything else, please give me their number so I can put them in touch with our legal eagles (whom I'd love to convince otherwise).
There is a "counter notification" option in the DMCA. However, from reading it my personal verdict is that it's a farce.
There is a huge difference between DMCA takedown notices and harsh letters from a lawyer. The letter essentially says "if you do this, we will sue you". You still have a choice and can weigh your chances. A DMCA takedown notice requires you to do something, and with a deadline. You can ignore the lawyers letter. You can't ignore a DMCA takedown notice.
Re:Do not pass go, do not collect $200
on
Dow vs. Parody
·
· Score: 2
I'm well aware of the points you make.
However, note that Dow has not (yet?) tried to sue the Yes Men. What they did do was shut them up. I don't mind if they drag them into a court and try to get damages. However, the Yes Men do have a right to say whatever they want to say, unless a court decides that they can't.
The entire DMCA is a 1st Amendment violation, because it allows certain entities (copyright holders) to bar someone elses speech without a court trial.
Re:Do not pass go, do not collect $200
on
Dow vs. Parody
·
· Score: 2
Ah, the classic "But they started it!" defense. That always works so well in the courts.
Nope, you read that wrong. I don't care who did it first, what I care about is what is being done.
Free speech does not give you the right to say whatever you want and damned be the consequences. It doesn't work that way.
It doesn't? If it carries consequences, then it ain't free speech. If that were the definition of free speech, then hey, you have a lot of free speech in, say, china. You can say whatever you want. They might kill you for it, but that's just the consequences, so it's still free speech, right? Is that how you want it to work?
Re:Do not pass go, do not collect $200
on
Dow vs. Parody
·
· Score: 5, Insightful
The entire point of the Yes Man's actions has always been that it is confused with the real thing. They've done a couple things that make you really think about it, and they could only do it the way they did.
If corporations have free speech, why can't the Yes Men? Honestly, what's the worse crime - poisoning a couple thousand people, or impersonating someone who isn't even a person?
Actually, that books has two chapters, and the first one is the most bloody thing I've ever read. The executive summary runs something like "kill anyone you don't like". Funny thing that "though shalt not kill" is only a few dozen pages away from "though shalt not suffer a witch to live". Oh, maybe that Jehova guy just couldn't make up his mind.
(1) What do you mean by fundamentalism? Quick three-point-check: a) a believe in absolute good and evil b) the accompanying belief that you know which is which (usually through some scripture) c) the desire to force "the good" on everyone, whether they want it or not. This usually follows from a) and b), because if it's good, then those not wanting it must be either evil or misguided.
(2) Is it necessarily true, then, that fundamentalists don't have [or, being charitable don't use] the brains that God gave them? They use the brain that god gave them. Since I'm still missing a proof for god, I'm also in doubt that they have a brain. I'm pretty sure mine was grown the natural way, not "given". To be honest, I'm fairly sure that theirs was also grown, but it doesn't look like they've used it recently.
Yes, that is a little loaded. Yes, I know that there are very bright people who still believe in one or many gods. Heck, I believe in a bunch of 'em too, when I feel like it. But those aren't the religious weirdos. They're not making their religion the central element of their lives. I could care less if someone smokes dope or plays counterstrike or prays at church all weekend, as long as he's a normal person when I'm around.
You're right. They could do it to each other. I'm happy with that. :-)
Quote from your first link:
:-)
See the Flask paper for a discussion of why system call interception is fundamentally inadequate.
How you jump from that to your conclusion is beyond me.
Seems to solve 99% of my problems
Yours, yes. Lots of people, and almost all companies, pay for their internet access, often by traffic. Blocking the crap at the firewall doesn't take care of that problem. In many cases, it makes it worse (due to retries).
If your car is stolen because you left it unlocked in a parking lot and used in a hit-and-run accident, the car owner should not be held responsible. Yes, it is his fault that he didn't lock his car, but it shouldn't be illegal for him to leave his car unlocked. The crime committed here was by the thief.
But Mullen isn't talking about the thief - he's talking about the guy with the pickup who rams your car during the hit-and-run, stopping the crime and catching the thief.
Did that guy commit a crime? Would you have a claim against him for the damage he did?
Your idea is a good alternative. Probably the better one. However, it won't happen, because it requires worldwide cooperation. There are good graphics on dshield.org about the spread of Code Red. Even if every IIS server in the US would have been unplugged within an hour, it wouldn't have made much of a difference.
Mullen's proposal is very different from the RIAAs.
The RIAA wants the right to hack your computer because they suspect you copied CDs. Metaphorically, they want the right to break into your home because you sneaked into the disco without paying.
Mullen wants to shut you down if you attack him. Metaphorically, he wants the right to knock you out if you try to rob him.
Guess what, in the real world, one of these rights already exists. It's called self-defense. The point is that the two things are not only related, they also depend on each other. The RIAA hacking your machine will not stop you from copying CDs. Shutting down your machine will stop the virus from spreading, at least temporarily.
Guess what, the incompetent won't be able to, even if they had the right.
There's something called self-defense in virtually every law on the planet. It usually reads something like: "You are allowed to stop or prevent an illegal assault on you or someone else by using any means necessary and adequate."
Key points:
- the assault must be illegal
- if it is, you have the right to stop or prevent it (no need to wait until you've been killed, you know)
- the means must be reasonable, i.e. you can't kill someone because he grabbed your butt. However, if someone tries to kill you, then killing him first is acceptable.
The strikeback idea was developed against Code Red infections. It uses the same attack vector that Code Red uses. That leaves you with two options:
a) Code Red is not an illegal assault. In that case, neither is my counterattack, since it uses the same method
b) Code Red is an illegal assault. In that case, using the same means to stop it is entirely within my rights.
I have strikeback code running on my webserver. If you can't defend your machine from a 2 year old worm, then you don't belong on the Internet.
You didn't read the article, did you? Maybe you should. He addressed your point, and made short work of it.
NT kernel is fully pre-emptible, fully-interuptible,
:-)
Especially by the BSOD function.
scnr
Systrace is a nice toy, but unfortunately a flawed concept. There's a whitepaper from the NSA about the why, look on their selinux site (www.nsa.gov/selinux)
Forget the RIAA bashing, the Gobbles guys know what they do. That said, this is very un-gobbles from what I've seen from them in the past. Not the technology, but the comments in the source, for example. Then again, they're supposedly a large group.
From the little info that is available, I'd give them a 50-50 chance that it's true. That would be interesting.
Evidence can be sealed, you know? Google can present the evidence to the court with a court order that it will never leave the hall. And while IANAL, I'm fairly sure the penalty for breaching that is high enough to make searchking not even think about it.
"Closed-source"=bad? -Grow up.
There's this thing called "context". I don't know what it's good for, either, but I've been told one can get "meaning" from it or something.
When I have two tools that do the same thing. Let's assume they do it equally well. In short: They are identical in all aspects, except that one is proprietary and the other is Free Software - isn't it obvious to a blind man with attention deficit disorder who just lost his glasses because his Alzheimer keeps making him forget where he put them that the Free solution is the superior one? There are long explanations on sites such as gnu.org as to why this is the case, but in essence it boils down to:
a) there's more you can do with it and
b) nobody can take it away
In the MPlayer case, there's also the interesting little fact, which is of no consequence, of course, but interesting nevertheless, that MPlayer can play anything that that other thing can, because it can use its codeces. In addition to that, it can also play a lot more. In fact, it can play so much more that WMP is left a little bit in the dust with a funny look on its face along the lines of "what the hell was that?".
Finally, it doesn't matter whether or not quicktime is any good. Lots of content is only available in quicktime.
Wrong topic. This isn't about sniffing the SSH traffic, it's about sniffing the memory of the machine, which can well contain the key.
Your hit-chance is pretty bad, though.
Cyberspace or not, there are real scarcities. Server cpu cycles are limited. Server ram is limited. Server disk space is limited.
So what you're saying is that the item prices should depend on how much performance it costs? The buggy is more expensive than the bike because it has more polygons and four wheels cost more CPU power than two?
That would definitely make for an interesting economy. I'm not satirical, this would be a very interesting idea.
Why exactly would I want a proprietary, closed-source spyware application when I have free software mplayer which plays everything from .mp3 to quicktime and can double not only as a DVD player but also as an encoder ?
That's like running IE when you can run Mozilla, isn't it?
Can someone explain why this case goes the property route at all ?
As I understand it, the domain name was obtained using forgery and other fraudulent methods. Does it even matter whether the domain name is property?
Remember, this is about the jurisdiction question. It has nothing to do with the case itself, i.e. the SC would not decide whether DeCSS is legal or not.
What this is about is that DVD CCA sued 77 people from two dozen US states and a dozen foreign countries, all in one fell swoop.
As one of the defendents in question, I have to say it's got nothing to do with saving legal fees. We received an e-mail notification of the pending injunction less than 48 hours before it would have been signed. If you live somewhere in europe, have less than two days and the time difference working against you, there is little chance that you can do anything about it. Even had I gotten hold of legal council first thing next morning, my lawyer would have had less than 24 hours to investigate the relevant US laws, find a California lawyer to represent me and write up a defense.
This was not at all about saving legal fees, it was all about steamrolling over as many people as you can manage to squeeze in.
(fortunately, the idiots didn't know CC from BCC, so we got a full list of everyone sued, had all of them put on a mailing list within a few hours and the twits were greeted by EFF lawyers when they tried to get their court signature. The full story is somewhere on my website).
I correct myself: The legislature writes the laws. However, in a civilized country, only a court can decide whether or not a specific event was against the law or not. That's the point: That you have the right to be heard by a court. No such luck with the DMCA.
As for Verio: You missed the point by a mile. The AUP are something that Verio has written and that Verio can choose to enforce or not. Lots of choice there, and necessarily so. As I said, I work for an ISP. Our AUPs prohibit malicious activity. Part of my job is to decide which kind of attacks, hacking attempts and script-kiddie behaviour falls intot that category and which not. Lots of choice there.
With a DMCA takedown notice, there is no such choice. I've been through the dance with our legal department. If you're an ISP in the USA, then the procedure is crystal clear and your choice is essentially reduced to whether you yank the site before or after lunch break.
here are lots of types of speech that are not lawful.
And here I was thinking that it's the job of the courts to decide what's lawful and what not.
By that reasoning, libel laws are violations of the 1st amendment,
There is a fine difference here. The libel laws have, over time, been worked out so that they can be applied without what is called the "chilling effect". The DMCA has not.
Verio did not have much of a choice in this matter. I work for an ISP, and I've been involved in our own DMCA discussions. The law is pretty clear that there is a definite procedure for the ISP to follow, and there is very little choice involved. You get a takedown notice, you take the site down. If your lawyers tell you anything else, please give me their number so I can put them in touch with our legal eagles (whom I'd love to convince otherwise).
There is a "counter notification" option in the DMCA. However, from reading it my personal verdict is that it's a farce.
There is a huge difference between DMCA takedown notices and harsh letters from a lawyer. The letter essentially says "if you do this, we will sue you". You still have a choice and can weigh your chances. A DMCA takedown notice requires you to do something, and with a deadline. You can ignore the lawyers letter. You can't ignore a DMCA takedown notice.
I'm well aware of the points you make.
However, note that Dow has not (yet?) tried to sue the Yes Men. What they did do was shut them up. I don't mind if they drag them into a court and try to get damages. However, the Yes Men do have a right to say whatever they want to say, unless a court decides that they can't.
The entire DMCA is a 1st Amendment violation, because it allows certain entities (copyright holders) to bar someone elses speech without a court trial.
Ah, the classic "But they started it!" defense. That always works so well in the courts.
Nope, you read that wrong. I don't care who did it first, what I care about is what is being done.
Free speech does not give you the right to say whatever you want and damned be the consequences. It doesn't work that way.
It doesn't? If it carries consequences, then it ain't free speech. If that were the definition of free speech, then hey, you have a lot of free speech in, say, china. You can say whatever you want. They might kill you for it, but that's just the consequences, so it's still free speech, right?
Is that how you want it to work?
The entire point of the Yes Man's actions has always been that it is confused with the real thing. They've done a couple things that make you really think about it, and they could only do it the way they did.
If corporations have free speech, why can't the Yes Men? Honestly, what's the worse crime - poisoning a couple thousand people, or impersonating someone who isn't even a person?
Actually, that books has two chapters, and the first one is the most bloody thing I've ever read. The executive summary runs something like "kill anyone you don't like". Funny thing that "though shalt not kill" is only a few dozen pages away from "though shalt not suffer a witch to live". Oh, maybe that Jehova guy just couldn't make up his mind.
(1) What do you mean by fundamentalism?
Quick three-point-check:
a) a believe in absolute good and evil
b) the accompanying belief that you know which is which (usually through some scripture)
c) the desire to force "the good" on everyone, whether they want it or not. This usually follows from a) and b), because if it's good, then those not wanting it must be either evil or misguided.
(2) Is it necessarily true, then, that fundamentalists don't have [or, being charitable don't use] the brains that God gave them?
They use the brain that god gave them. Since I'm still missing a proof for god, I'm also in doubt that they have a brain.
I'm pretty sure mine was grown the natural way, not "given". To be honest, I'm fairly sure that theirs was also grown, but it doesn't look like they've used it recently.
Yes, that is a little loaded. Yes, I know that there are very bright people who still believe in one or many gods. Heck, I believe in a bunch of 'em too, when I feel like it. But those aren't the religious weirdos. They're not making their religion the central element of their lives. I could care less if someone smokes dope or plays counterstrike or prays at church all weekend, as long as he's a normal person when I'm around.