What are the liabilities of Deja.COM if I demand under the DMCA that they remove copyrighted material that belongs to me from their site? Can somebody with the appropriate background explain?
I am in Germany, but Deja.COM should be governed by US law. Is the DMCA already applicable to their state?
This will be a great step forward for computer security. In order to keep their premium down, companies will have to agree to basic external security audits and to implement a set of minimum security procedures. This will generally raise the bar in the field of web security.
Using a forged return address of "@nospam.com" puts undue strain on the network connection of others, namely those people who receive misdirected replies to these mails. You are using an address in a domain you have no authority over and where you hold no legitimate address. In some countries this already is a punishable offense (although these laws were originally created to go after spammers).
Clearly you have slept through the last 55 years of world history. Not only you missed the division and reunification of Germany, the stabilizing work of the German government in Europe, resulting in the founding and growth of the current European Union. You also missed the McCarthy era, Watergate and a few events in the US.
As far as current politics goes, you should read about Echelon, about the European privacy law vs. things like TrustE and Safe Harbor, about DMCA, about UCITA, about Software Patents and a few other things happening around you.
Recently I had to get a new (german) passport, since my old one expired. Remembering my last experience with german bureaucrycy (:-) I really dreaded my visit to the office, fearing to spend the larger part of the morning on some benches or waiting in a line. The fact that I had to draw a number and that this number was several tens larger than what was currently on display added to my fears.
Imagine my surprise when the office ringed the bells and advanced the numbers in steps approximately 20 seconds apart. Waiting no longer than ten minutes (on comfy leather chairs, not in a line) my number showed up and I entered the actual office. The processing of my application for a new passport took only a few seconds, and I was even able to pay with my card. Next to my desk, one of the public servants had problems with her computer.
Even more impressive was what I observed on the desk next to mine, where a public servant had problems with her computer. Not only was she able to summon a technician who helped her to fix the problem almost immediately, but obviously there were procedures to handle this case, as the other desks where taking over her duties during her downtime.
All this had no longer a feel of bureaucracy to it. In fact service was faster and felt more professional than many privately owned companies I have seen from the inside, except perhaps McDonalds. It was frighteningly efficient.
In 9 days there is the Linuxtag meeting in Stuttgart, Germany. A lot of key KDE people will be there as well as quite some Gnomes. Unfortunately Miguel will not attend (his leture will be held by someone else according to the Linuxtag schedule), but perhaps we will see a BOG session addressing that topic.
This actually happend to me when I used my Mastercard first time in an Internet book purchase worth some $300 back in '96. Eurocard Frankfurt called me back the other day and asked whether I actually authorize a transfer of $300 to a certain company in Sebastopol, CA or if this is fraudulent.
At several points in its history, Slashdot's owners had a very liberal attitude towards the ownership of the words of its contributors.
For example, Slashdot once had a notice claiming copyright of the entire page when in fact most of that page were user contributed comments. Also, Slashdot was trying to bundle and print a number of user posts as a book without contacting the original authors first.
I added the Copyright notice to my posts in order to visibly claim ownership of my words - not that this would be necessary under current Copyright legislation in Germany or the US. But it works fine to remind everyone of the current legal situation with respect to the content I and you and everyone else here creates.
Note that I am usually very generous with my own content: I maintain a page where I keep everything that I have written and sold online and readable for everyone for free. If you ask me beforehand, I will usually grant you the needed rights to republish something I have written. I also maintain or have maintained a number of FAQs (currently the de.comp.lang.php FAQ) or HOWTOs (formerly the Linux Partition Mini-HOWTO) and I maintain a popular PHP package (PHPLIB).
But I want to know where I am published and why and that is why I require that you ask me before you work with my words. Hence the disclaimer below my posts.
... and it is called the X-Box. This move is an attempt to secure the market before MS releases their box. And if they do it right and make their move cleverly and boldly, it may work.
According to my personal experience with Open Source projects (http://phplib.netuse.de) it takes at least 6 months starting with the release of proper documentation until you get the first developers who really grok what is going on.
In Europe, privacy is regulated: There are national and european laws detailing what can and can't be done with your personal profile.
The US approach is different and betting on self-regulation in the market. Self-regulation could work, if personal profiles were a thing you, the person being profiles, owned. That is not the case: Your profile is owned by anyone who care to profile you.
This has already happened. Suse Linux 6.3 has included the nonjournalling version of ReiserFS as a module. Suse Linux 6.4 contains an updated journalling version of ReiserFS, I presume.
How to switch (non-root) partitions to ReiserFS has been one of the most frequently asked questions on de.comp.os.unix.linux.misc and many people, including me, are running some of their partitions from Reiser (me: about 50 GB MP3 partitions)
- it makes pages fairly uncacheable in a central proxy while at the same time retaining local cacheability of the pages, thus keeping the back button alive
- you do not have to propagate the session id manually, but only have to use relative links in your pages. This will even would on static pages.
- you can easily log by host and get customer tracking with current tools
Sevenval implements this with a wildcard A-record in the DNS system, which has been around for quite some time, and an initial 302 redirect to a unique hostname. That hostname is long (a 128 bit value) and randomly generated, making it unguessable. Changing the hostname will simply restart your session, as with any other session tracking systems.
Actually, you need both. You need to keep up the Boycott of Amazon so that they feel the public pressure and are operating under the premise that they have to do something to change the situation.
On the other hand you need to have someone whom they trust and whom we trust and have that person talk to them in a truly constructive way. And I cannot say how much I respect Tim for taking up this task and creating a useful and sensible conversation with Bezos and with us (at least with me - I feel included).
US company Lockheed Martin develops Passive Coherent Location systems to detect stealth rainshowers, meteorites and space shuttles. Ah, and incidentally enemy stealth planes, sorry about that.
I know Europe has stricter privacy laws than the US - anyone want to enlighten us on how they work?
Germany has a federal law governing privacy, which applies to federal govermental institutions and all non-governmental institutions, including companies. There is state law governing all state governmental institutions, too, and it is usually stricter than the federal law. Privacy law came into existence in Germany as a response to a census in the Mid-70ies, where the Government asked some over-investigative questions and ran into a PR desaster. The law which came from this regulates mainly the relationship between the state as a data-collector and citizens. The relationship between companies and customers was not seen as the major problem at that time and was not as thoroughly regulated. This is changing at the moment.
The basic idea behind all privacy law in Germany is that you cannot collect any data at all without stating clearly and in advance what data you will collect and - that is the catch - without stating beforehand what you will use that data for. It is a violation of the law to use such data for other purpose than specified.
There is a federal privacy commissioner, who supervises federal institutions and (at the moment) companies and other non-governmental institutions. There are state privacy commissioners, who deal with state govermental institutions. The privacy commissioners are fairly independent and report only to the parliament. They have the ability to check about any personal data records anywhere, without stating that beforehand. Usually they do so because some citizen has complained about some irregularity and the commisioner is now investigating this. As a counterweight the commisioner cannot act directly upon his findings, but can only file a report, which will then be acted upon by other institutions, for example the Police, a prosecutor or somebody else, depending on the case. All privacy commisioners produce annual reports of their findings.
The work of the commissioners is currently changing, as responsibility for companies and other non-governmental institutions is shifted from the federal commisioners to the respecive state commissioners. Also, some of the state commissioners (the "gang of 5") are begining proactive work such as technology evaluation, best-practice definition and sample implementations. The best-practice definition is particularly interesting, because privacy law requires that you use state-of-the-art techniques for privacy protection.
Slashdot Mirror
What are the liabilities of Deja.COM if I demand under the DMCA that they remove copyrighted material that belongs to me from their site? Can somebody with the appropriate background explain?
I am in Germany, but Deja.COM should be governed by US law. Is the DMCA already applicable to their state?
© Copyright 2000 Kristian Köhntopp
According to the European Privacy Directive, which is to become law in all EU states, this is already required for EU based companies.
© Copyright 2000 Kristian Köhntopp
This will be a great step forward for computer security. In order to keep their premium down, companies will have to agree to basic external security audits and to implement a set of minimum security procedures. This will generally raise the bar in the field of web security.
© Copyright 2000 Kristian Köhntopp
Using a forged return address of "@nospam.com" puts undue strain on the network connection of others, namely those people who receive misdirected replies to these mails. You are using an address in a domain you have no authority over and where you hold no legitimate address. In some countries this already is a punishable offense (although these laws were originally created to go after spammers).
If you want a spam drop account, at least create one yourself and do not fill other peoples mailboxes. This is just as offensive as sending SPAM.
© Copyright 2000 Kristian Köhntopp
Webwasher filters all incoming HTML and will remove annoying Javascript as well as ads, and will on request deanimate all animated gifs.
© Copyright 2000 Kristian Köhntopp
Now, what I'm really waiting for is for
someone to write a proxy that can dynamically
rewrite pages as they come through an http
tunnel.
But Siemens Webwasher already does that.
© Copyright 2000 Kristian Köhntopp
Clearly you have slept through the last 55 years of world history. Not only you missed the division and reunification of Germany, the stabilizing work of the German government in Europe, resulting in the founding and growth of the current European Union. You also missed the McCarthy era, Watergate and a few events in the US.
As far as current politics goes, you should read about Echelon, about the European privacy law vs. things like TrustE and Safe Harbor, about DMCA, about UCITA, about Software Patents and a few other things happening around you.
© Copyright 2000 Kristian Köhntopp
Recently I had to get a new (german) passport, since my old one expired. Remembering my last experience with german bureaucrycy (:-) I really dreaded my visit to the office, fearing to spend the larger part of the morning on some benches or waiting in a line. The fact that I had to draw a number and that this number was several tens larger than what was currently on display added to my fears.
Imagine my surprise when the office ringed the bells and advanced the numbers in steps approximately 20 seconds apart. Waiting no longer than ten minutes (on comfy leather chairs, not in a line) my number showed up and I entered the actual office. The processing of my application for a new passport took only a few seconds, and I was even able to pay with my card. Next to my desk, one of the public servants had problems with her computer.
Even more impressive was what I observed on the desk next to mine, where a public servant had problems with her computer. Not only was she able to summon a technician who helped her to fix the problem almost immediately, but obviously there were procedures to handle this case, as the other desks where taking over her duties during her downtime.
All this had no longer a feel of bureaucracy to it. In fact service was faster and felt more professional than many privately owned companies I have seen from the inside, except perhaps McDonalds. It was frighteningly efficient.
© Copyright 2000 Kristian Köhntopp
In 9 days there is the Linuxtag meeting in
Stuttgart, Germany. A lot of key KDE people
will be there as well as quite some Gnomes.
Unfortunately Miguel will not attend (his
leture will be held by someone else according
to the Linuxtag schedule), but perhaps we
will see a BOG session addressing that topic.
I for my part would very much like to see such
a merger. This is a really exciting idea, if
it can be made to work technically and politically.
© Copyright 2000 Kristian Köhntopp
And you can even moderate them.
© Copyright 2000 Kristian Köhntopp
This actually happend to me when I used my
Mastercard first time in an Internet book
purchase worth some $300 back in '96. Eurocard
Frankfurt called me back the other day and
asked whether I actually authorize a transfer
of $300 to a certain company in Sebastopol, CA
or if this is fraudulent.
© Copyright 2000 Kristian Köhntopp
At several points in its history, Slashdot's
owners had a very liberal attitude towards
the ownership of the words of its contributors.
For example, Slashdot once had a notice claiming
copyright of the entire page when in fact most
of that page were user contributed comments. Also,
Slashdot was trying to bundle and print a number
of user posts as a book without contacting the
original authors first.
I added the Copyright notice to my posts in order
to visibly claim ownership of my words - not that
this would be necessary under current Copyright
legislation in Germany or the US. But it works
fine to remind everyone of the current legal
situation with respect to the content I and
you and everyone else here creates.
Note that I am usually very generous with
my own content: I maintain a page where I keep
everything that I have written
and sold online and readable for everyone for
free. If you ask me beforehand, I will usually
grant you the needed rights to republish something
I have written. I also maintain or have maintained
a number of FAQs (currently the de.comp.lang.php
FAQ) or HOWTOs (formerly the Linux Partition
Mini-HOWTO) and I maintain a popular PHP package
(PHPLIB).
But I want to know where I am published and why
and that is why I require that you ask me before
you work with my words. Hence the disclaimer below
my posts.
© Copyright 2000 Kristian Köhntopp
... and it is called the X-Box. This move is
an attempt to secure the market before MS releases
their box. And if they do it right and make their
move cleverly and boldly, it may work.
Alas, it has nothing to do with Open Source or
opening the playstation.
© Copyright 2000 Kristian Köhntopp
Have a look at The Guy I Almost Was by PSP... A comic book story, extremely well done, on this topic.
© Copyright 2000 Kristian Köhntopp
Can you say "I ... am ... the ... law", Stallone?
© Copyright 2000 Kristian Köhntopp
According to my personal experience with Open
Source projects (http://phplib.netuse.de) it
takes at least 6 months starting with the release
of proper documentation until you get the first
developers who really grok what is going on.
It takes at least 12 months for the project
to get a proper community which is able to
self-support itself. Finding developers with
a vision who are able to develop the project
beyond its current scope depends on luck and
charisma. No time scope can ge given for that.
© Copyright 2000 Kristian Köhntopp
In Europe, privacy is regulated: There are national and european laws detailing what can and can't be done with your personal profile.
The US approach is different and betting on self-regulation in the market. Self-regulation could work, if personal profiles were a thing you, the person being profiles, owned. That is not the case: Your profile is owned by anyone who care to profile you.
Markets can regulate anything that has a price. As long as your profile does not have a price, as long as companies do not need to pay for taking your profile, and as long as you can't sue them if they do without having a contract with you, self-regulation does not work.
© Copyright 2000 Kristian Köhntopp
This has already happened. Suse Linux 6.3 has
included the nonjournalling version of ReiserFS
as a module. Suse Linux 6.4 contains an updated
journalling version of ReiserFS, I presume.
How to switch (non-root) partitions to ReiserFS
has been one of the most frequently asked questions on de.comp.os.unix.linux.misc and many people, including me, are running some of their partitions from Reiser (me: about 50 GB MP3 partitions)
© Copyright 2000 Kristian Köhntopp
The Sevenval system is useful, because
- it makes pages fairly uncacheable in a central proxy while at the same time retaining local cacheability of the pages, thus keeping the back button alive
- you do not have to propagate the session id manually, but only have to use relative links in your pages. This will even would on static pages.
- you can easily log by host and get customer tracking with current tools
Sevenval implements this with a wildcard A-record in the DNS system, which has been around for quite some time, and an initial 302 redirect to a unique hostname. That hostname is long (a 128 bit value) and randomly generated, making it unguessable. Changing the hostname will simply restart your session, as with any other session tracking systems.
© Copyright 1999 Kristian Köhntopp
Actually, you need both. You need to keep up the
Boycott of Amazon so that they feel the public
pressure and are operating under the premise that
they have to do something to change the situation.
On the other hand you need to have someone whom
they trust and whom we trust and have that person
talk to them in a truly constructive way. And I
cannot say how much I respect Tim for taking up
this task and creating a useful and sensible
conversation with Bezos and with us (at least with
me - I feel included).
© Copyright 1999 Kristian Köhntopp
In April and May 1999 my wife and I were working with others on a study on controlling harmful and prohibited content on the Internet for the German Ministry of Commerce. The study favored Internet Content Rating and Selection as the premier method of content control, but during our work on the study we found that ICR&S systems have a lot of fundamental problems which stem from the nature of the media and which make it impossible to create a useful ICR&S system. The referenced text lists lists the problems inherent to any selection mechanism...
© Copyright 1999 Kristian Köhntopp
Read more: at Lockheed Martin, about Silent Sentry, about a shuttle launch and about information dating back over a year - this all comes very sudden and suprising to the US defense, completely new and previously unknown technology.
© Copyright 1999 Kristian Köhntopp
What a funny question to ask a thing like this
on Slashdot, of all places.
© Copyright 1999 Kristian Köhntopp
Set your proxy to nrl.onion-router.net:9200.
Read about AT&T Crowds, about TAZ-WWW, see the Proxy Mate, see the COTSE anonymizer or look what fravia has to say about anonymity.
© Copyright 1999 Kristian Köhntopp
I know Europe has stricter privacy laws than the US - anyone want to enlighten us on how they work?
Germany has a federal law governing privacy, which applies to federal govermental institutions and all non-governmental institutions, including companies. There is state law governing all state governmental institutions, too, and it is usually stricter than the federal law. Privacy law came into existence in Germany as a response to a census in the Mid-70ies, where the Government asked some over-investigative questions and ran into a PR desaster. The law which came from this regulates mainly the relationship between the state as a data-collector and citizens. The relationship between companies and customers was not seen as the major problem at that time and was not as thoroughly regulated. This is changing at the moment.
The basic idea behind all privacy law in Germany is that you cannot collect any data at all without stating clearly and in advance what data you will collect and - that is the catch - without stating beforehand what you will use that data for. It is a violation of the law to use such data for other purpose than specified.
There is a federal privacy commissioner, who supervises federal institutions and (at the moment) companies and other non-governmental institutions. There are state privacy commissioners, who deal with state govermental institutions. The privacy commissioners are fairly independent and report only to the parliament. They have the ability to check about any personal data records anywhere, without stating that beforehand. Usually they do so because some citizen has complained about some irregularity and the commisioner is now investigating this. As a counterweight the commisioner cannot act directly upon his findings, but can only file a report, which will then be acted upon by other institutions, for example the Police, a prosecutor or somebody else, depending on the case. All privacy commisioners produce annual reports of their findings.
The work of the commissioners is currently changing, as responsibility for companies and other non-governmental institutions is shifted from the federal commisioners to the respecive state commissioners. Also, some of the state commissioners (the "gang of 5") are begining proactive work such as technology evaluation, best-practice definition and sample implementations. The best-practice definition is particularly interesting, because privacy law requires that you use state-of-the-art techniques for privacy protection.
There are some interesting alliances forming at the moment between the privacy commissioners and the federal ministry for commerce, as the ministry learned about the importance of trustworthy software in cryptographic applications and understood that only Open Source and peer reviewed software is able to generate this kind of trust. There are several projects coming up in Germany which involve cooperation between the privacy commissioners and the ministry, such as governmentally operated anon remailers, anonymizing web proxies, governmentally sponsored developement and distribution of the Open Source software necessary for this and other projects. These projects will fit nicely into a frame as sketched by the above CfP.
© Copyright 1999 Kristian Köhntopp