There are some features provided by the so-called "expensive" RDBMSs that current "inexpensive", "free" and "open" source database management systems do not provide.
Replication is a feature that allows databases to keep each other up-to-date. In some modes, replication can occur to allow offsite databases to stay synchronzied with a master. Other modes offer replication, often with only seconds of latency.
Being able to perform transaction log dumps and incremental backups are also a feature the "expensive" databases have and others do not. This is very important to ensure minimal data loss in the event of catastrophic hardware failure.
Clustering, to provide transparent, seamless recovery when hardware fails is also a facility that other database systems to not currently offer. This is important in installations that absolultely require 24/7 uptime.
Some "expensive" SQL databases are becoming particularly good at caching data, query plans and even result sets, so that it need not invest large amounts of resources in oft-used queries.
Some expensive engines are capable of analyzing past queries to determine what indexes and stored procedures should be created to optimize efficiency.
High-end databases have been focusing on providing more than just a tabular view of the data. Many are providing complex text-based searching capabilities, which requires a far-different indexing scheme than what is used in traditional SQL databases.
On other fronts, expensive and inexpensive databases seem to do similarly well, and the inexpensive ones are getting more sophisticated with each release. One in particular that has been making such strives is PostgreSQL.
PostgreSQL still has some quirks, though. One in particular is the need in many situations to "vacuum" the database. Hopefully in a future release such garbage collection and optimization management will be transparent to the user.
I found some more information about SafeDisc® here.
It seems from their description, this is intended for CD-ROM interactive programs, not for audio compact discs.
This makes much more sense because of the requirements this would impose on equipment manufacturers, and how it would deprecate any previous equipment purchased by consumers.
"The digital signature is added to the Glass mastering using a Laser Beam Recorder (LBR)." This smacks of the old-fashioned burn-a-laser-hole-in-the-floppy-disk routine of the 1980s...
I'm sure someone is going to fix the bad HTML, but meanwhile, here is the rest of the article...
Finally, on October 2, 2000, NIST released their final decision, that R
ijndael was to be the AES selection. Simultaneously, NIST released a paper detailing their rationale for the selection. In sum, this paper says that any of the finalists could have been selected (an opinion echoed by man y in
the industry), but that Rijndael proved to have the proper balance necessary between speed in hardware, speed in software, and security. To quote from
NIST's statement:
Rijndael appears to be consistently a very good
performer in both hardware and software across a wide range of computing
environments regardless of its use in feedback or non-feedback modes. Its key
setup time is excellent, and its key agility is good. Rijndael's very l ow
memory requirements make it very well suited for restricted-space environ environments,
in which it also demonstrates excellent performance. Rijndael's operations ons are
among the easiest to defend against power and timing attacks. Additionally y, it
appears that some defense can be provided against such attacks without
significantly impacting Rijndael's performance. Rijndael is designed with th some
flexibility in terms of block and key sizes, and the algorithm can accommodate
alterations in the number of rounds, although these features would require e
further study and are not being considered at this time. Finally, Rijndael's
internal round structure appears to have good potential to benefit from
instruction-level parallelism.
At this point, it's all over but the shouting. At some point later this year, the Secretary of Commerce will officially designate Rijndael the
Advanced Encryption Standard, and a new era will have begun. AES was specified (and is expected) to remain a standard for at least as long as DES, and
to protect data for even longer, and barring a major development (such as faster-than-forseen developments in quantum computing), this standard will
likely be met. No one expects research
into new algorithms to die, however. There will continue to be parallel algorithms developed and used, just as there are today. Thanks to be combined
efforts of NIST and the community, however, there will always be the bedrock of AES available.
In conclusion, I'd like to point out the positive role that the U.S. Government, as represented by NIST, has played in this process. The Free
Software/Open Source community has taken its share of shots at the government over patents, copyright and crypto export over the past several years,
and deservedly so. The AES process, however, was lauded throughout the encryption community as a fair and open process that brought together the best
minds available to select the algorithm for the next century (as NIST likes to say). Making an algorithm a FIPS standard gives it a legitimacy that
cannot be obtained in any other way, especially given the way that this standard was arrived at. The algorithm is completely free of any IP hurdles,
as was specified at the beginning of the process, and since the code is open, it can be downloaded by anyone in the world (and since it was designed
outside of the U.S., any attempt to regulate its export from the U.S. would be silly). It is reasonable to criticize when a situation is bad, but
it is only fair to praise when something is good.
Bibliography
I used a great number of sources from print and the web, so
it's only fair to list them here. I also put many links in the body itself,
most of which go into much more detail than I did.
Let's not forget that manufacturers should have the right to manufacture whatever they want, in whatever way. If they want to manufacture equipment that only operates under certain conditions, that should be their right. If they want to manufacture goods that only work when the moon is full, that is their prerogative.
If consumers want to be suckers and purchase their products with knowledge of such restrictions, they should do so at their own peril. Of course, they should be fully informed of what they are purchasing. The shouldn't be driving across the border only to discover then that their GPS-enabled pacemaker isn't authorized for use in the country they're entering.
The flip side of this argument is that anyone should have the right to do whatever they want to a product they purchased. If I want to figure out a way to interface my DVD player into my toaster, as long as the DVD player and the toaster are my property, I should have this right.
This goes for resellers as well. Resellers purchase products from a manufacturer in quantity. If they want to modify this equipment en masse prior to resale, they should be free to do so unless encumbered by contractual obligations. Again, they need to disclose what they are selling to consumers - something different than what was originally manufactured.
Finally, there is the most important issue: the law. The law must not keep us from modifying what is our own property. More and more, individuals and corporations are learning how to manipulate the law and lawmakers to their own advantage. This is having an enourmously detremental effect on individual liberty.
To sum up:
To look under the hood of your car should not be a crime. To tell others how to modify their own property (e.g. deCSS) should not be a crime. To modify your own property should not be a crime.
I disagree; you can have trade which is purely a swap of services. A lot of business-to-business trade is essentially of this form. You only need a concept of property to deal in physical goods which have scarcity (i.e. cannot be duplicated for nothing), like food or computer hardware.
When trading purely services, you are in fact, using your own property, namely your own body, mind, intellect. These belong to you and any services you provide would be based on the use of your property.
If someone wants you to mow the lawn, you would be providing a service. You might use some property to do it more efficiently than otherwise. You might use a lawnmower you own. You use property all the time in the commission of providing a service.
A patent allows you to stop me using an idea which you thought of.
You rightly point out that a patent can even stop me from using an idea I thought about. That fundamental flaw strongly shows why laws to protect intangible "intellectual" property have no place in the information age.
For example...
:-(®
The so-called "frowny" has been trademarked by Despair, inc. Admittedly, it appears that it was registered to make a mockery of the PTO. Though, my use of this trademark in conjunction with a negative comment would "dilute the value" of the frowny trademark, and would be cause for some lawsuit.:P (has the tongue sticking out emoticon been trademarked yet?) http://www.despair.com/demotivators/frownonthis.ht ml
Someone patented the use of a laser to provide exercise for cats. I have, on a number of occasions inadvertently violated this patent in amusing cats, and if it could be proven, I would likely be required to pay royalties for the use of this idea that was independently arrived at. http://www.delphion.com/details?pn=US05443036__
Some might argue that it's just a system that needs to be tweaked - fixed through some kind of reform to allow "legitimate" owners of "intellectual property" to be rewarded for their labor.
I propose that all "intellectual property" law does is prop-up old business models and keep new ones from emerging. If we lived in a world without copyright, patent and trademark, it would be different. The presence of such laws has slowed progress where progress would have naturally occurred. Who's to say that the progress such laws protects is more important than the progress that it discourages?
Some argue that without such protections, less innovation and creation would be performed. Kinsella and Mercer argue that there would be as much creation and innovation that the world requires - no more, no less.
In my view, the world would be transformed to the open-source model. That you give away the recipe and sell the chicken. That you can download music free but pay for the live performance. You'd pay to see movies on the big screen with great sound.
In the year 2080, when we get our first replicator at home, if we decide to replicate something, will someone claim ownership to that idea and only allow us to create an instance of it if we pay? Will someone own the concept of a chair and receive royalties everytime someone replicates one?
Laws should never be created to protect the way of doing business. The industrial age transformed the way things were made. If the Luddites had their way, chairs would still be made by hand, or at least those who use machines would subsidize those who make by hand. Laws should only protect our rights to hold real, tangible property.
Anyone remember the Secure Electronic Transaction initiative? This was Visa's and MasterCard's magic technology to allow secure transactions on the insecure Internet. They warned those doing electronic commerce with plain ol' SSL that SSL was just a short-term kludge until SET was finalized and implemented.
It turned out that those who were going to have to actually implement SET revolted against this initiative as they realized the implications of the full implemnetation. Furthermore, SET wound up being bogged-down in bureaucratic procedure, much as SDMI is now.
What continues to surprise me about SDMI is the continued insistance that the Emperor has clothes. Just as CSS was subverted, so shall SDMI. This is not a matter of opinion, it is a matter of mathematical fact.
Bottom line: if the watermark is audible, then it degrades the quality of the audio; if the watermark is inaudible, then it can be compressed out. So the choice will be "protect" the music with an audible watermark, or have the "protection" subverted.
I can't blame eBay for doing this. I have been contemplating applying for patents on yet unpatented trivial technologies so that I can ensure that another bozo won't come along later and sue me for using their "technology". Various Slashdot articles have been posted on various attempts at organizing a "defensive patent" initiative.
I blame the PTO for allowing these stupid patent tricks. When one company can successfully patent hyperlinks, another can patent "pushing a button to place an order" on the Web, and others can patent genetic sequences without even knowing what they do, you've gotta expect that more crazy patents will be coming next.
Companies, who are just trying to do honest business using new technology, now have to continuously look over their shoulders to make sure nobody's going to pull the rug from under their feet, or pay "protection" to the companies who have already secured patents and are willing to negotiate a "licensing deal".
Usually, the reason cited for an anonymous vote is to protect someone from retribution for voting his or her conscience instead of bowing to pressure from others. I can't say I've heard the reason you cite for voting anonymously.
Your assertion that the "anonymity of the vote is compromised" is difficult for me to accept. In the end, you're going to know how Newfoundland voted, in aggregate form, and in some broad sense they will not be protected by anonymity.
I agree that if the polls close in one province before another, and the results from the first province are released to the second, that the people voting in the second province might have some advantage during the vote.
But how is this different than hearing relevant news about a party during this time between poll closures? Someone in Newfoundland might have been stuck with a party or candidate he or she no longer wants, while someone in British Columbia can use such new information to assess for whom he or she will vote?
Your point about intermediate results does make some sense -- ultimately the final results are the ones that matter. But, news is news. Should intermediate results be suppressed until someone deems the "final" results are in?
In the case of a plane crash, should results of whether any passengers are alright be suppressed until the "final results are in", or would you rather hear news as it develops and as it is discovered?
The authorities often suppress the names of those who didn't survive in plane crashes until their next of kin have been contacted. However, this is not a suppression of press or speech because the information hasn't been released. The media aren't kept from interviewing survivors or taking pictures of the crash.
In the case of an election, results in Canada aren't final until they are "validated", which was scheduled for December 11th. Should the results be suppressed until they are "validated" and official, or should the media give us some glimpse into the situation as it develops?
Finally, if I may address your question about what the relevance is of intermediate results to the public: the public uses information in ways we cannot predict.
When the monetary markets realized the Liberals were going to have a majority, the Canadian Dollar started driving above the 65 cent American mark. People in the East knew why because they had the results, while people in the West were left in the dark to guess why the market was behaving in this way.
Finally, I strongly agree that the only correct vote is the one of your conscience. Your reason you choose to vote a particular way, is yours and yours alone. It is nobody's business but your own.
I believe in the European Parliament, results are not even counted until all of the polls have closed throughout the union. This seems like a fine system, and does not infringe on any rights to a free press or speech.
This is far different than the scenario in Canada where results are released to the public, then the public are ordered, through Section 329, to keep their mouths shut. Canada can "protect democracy" and retain our rights by simply deferring the release of results until all the polls have closed.
I don't know what rights are written into law in the European Union, or the United Kingdom, for that matter. However, in Canada, the Canadian Charter of Rights and Freedoms is designed to protect our rights, including our rights to a free press and freedom of speech.
Under the Charter, rights can only be limited if such limitations can be demonstrably justified in a free and democratic society. I assert that such restrictions cannot be justified when other alternatives solve this perceived problem without infringing on any of our rights. That is why this law is being challenged.
In this day and age, when an individual can communicate his message to thousands, even millions of people with the click of a mouse or the tap of a stylus, our countries must craft laws that acknowledge what technology its citizens have access to.
Furthermore, a country must acknowledge, through its laws, over what it can legitimately assert its jurisdiction. ElectionResultsCanada.com was hosted on a server by Rackspace, in Texas. Does the Canadian government have jurisdiction over this server and what it publishes?
Anyone in the world can publish a web site. Perhaps Canadians will be forced into submission by the government on this issue - it still remains to be seen. However, anyone outside of Canada will be free to post results (or purported results) of the Canadian Election without fear of any legal repercussion. This only places Canadians at a severe disadvantage.
Finally, as a point of note, when the monetary markets (a 24x7 operation now) received word that the Liberals were going to hold a majority government, the Canadian dollar jumped above 65 cents U.S. People in the Eastern provinces knew why, and could react accordingly. People in the West were kept in the dark, under this publication ban, only to guess why the dollar fluctuated, and try their best to make decisions based on little or no information.
There's no way to predict in this day and age how information will be used. Releasing public, facutal information to some Canadians and barring access to others is simply unacceptable in this day and age.
In kindergarten, I learned that if I wanted to keep a secret, I shouldn't tell anyone. Our government appears to need to learn the same lesson. If it wants to protect the democratic process, then it shouldn't release information to the public until all polls across Canada have closed.
Quimby2000.com doesn't support Linux
on
Quimby2000
·
· Score: 1
Yes, Fox is still at it! If you visit Mayor Quimby's official campaign site using Netscape under Linux, you get a nice message indicating that you're a second class citizen. Idn't that special?
This is yet another example of where the notion of intellectual property rights in the information age show their limitations and age. According to the story, copyrights are still valid even when there is no longer a person or company legitimately claiming ownership.
Furthermore, it is a ludicrous argument that copyrights must be upheld and protected to ensure these illegal copies do not compete with today's videogame systems, like the Sony Playstation. If a copyright is infringed upon, it is only the copyright holder who is the "victim", not the their potential competitors who might lose revenue due to an alternative.
I'm not a big fan of "intellectual property rights" as they stand today, but if we're going to keep such a system in place, copyrights should at least be held to the same high standards as patents and trademarks: you don't use them, you lose them.
If a patent is granted to you, you have an obligation to make the technology available at a reasonable cost. If you don't the patent is revoked.
If a trademark is granted, you must actually use the trademark, otherwise you will have no rights to it if it is "infringed" upon. Your trademark would be null and void.
I don't know what you mean by corporate influences on ICANN's the voting system.
This voting system is, by far, superior to the standard popular vote. It is used in democratic countries such as Australia, and once you understand the fairly simple process, is easy appreciate just how good a system it is.
It allows you to vote your conscience (the best candidate, in your opinion), without fear that your vote will be "wasted" on a candidate who has no chance of winning.
If your first choice places last in the first round of tallying, that person is eliminated from the next round, and everyones' votes are moved up to replace him/her on their ballots.
This continues until it gets down to the final two, and the one with the majority of votes wins.
So, it's a recursive process, but it yields a far better result in my opinion compared to the kindergarden voting system in the United States and Canada.
"Of course, that's just my opinion. I could be wrong."
A "security" war is an ongoing war -- an arms race. It is continuous race between those who want to exploit systems and those who want to protect them. This concept seems foreign to many, but especially government.
In the case of CSS and DeCSS, the same concept holds true: your security system, if it remains static will be cracked. Do you choose to: a) give up, b) escalate the arms race, or c) go running to congress to create all kinds of crazy laws?
Crackers and script kiddies will love for you to give up and surrender. They want systems they can easily exploit for their own selfish purposes. They don't want those pesky system administrators to close holes.
Crackers don't take prisoners when you surrender. They won't be merciful. They'll exploit every system you leave exposed, it's just a matter of time. The only protection you have is the constant, unending treadmill of system security auditing, monitoring bugtraqs, patching exploits, and praying you've covered all your bases.
This could be offtopic, but seeing this kind of progress in Mandrake makes me wonder what Debian isn't doing right?
While I don't particularly like the high level of tweaking performed by Mandrake, I have to give them one thing: they're right on the bleeding edge of technology, plowing through new barriers and actually *releasing* their distro.
This would be a huge challenge for the Debian swarm to pull off, even with their new proposed release scheme. It seems to me Debian gets too bogged down in bureaucracy, hindering their ability to actually get things released.
Perhaps some form of competition within the Debian group could be in order. If a package is being too slowly maintained, someone else could get the chance to pick up the pace?
Meanwhile, (ho hum) I guess we virtual community freaks will just keep on manually installing our own XFree86 4.01 until Debian gets into this millenium -- or ultimately break down and start using Mandrake.
> This is the stupidest idea continually propagated by us geeks. I'm not flaming here!
I have the sneaking suspicion that I am walking right into your flamebait trap...:)
> Why should I have to continously check every new phrickin' software product I install for security problems?
You are responsible for the security and stability of your own systems. Debian isn't a public service that you have some right to expect anything from.
> This is analagous to everytime I buy a car, I've got to get under my car and inspect it's braking system, it's steering system, it's fuel system, etc. so the damned car doesn't send me and my family careening over a cliff or exploding on us..
The United States does have laws that protect consumers from vehicle defects, but your braking system, steering system, and so on can fail if not properly maintained. Certainly performing custom hacks on your car is at your own risk.
If you want to ensure your family is safe, you'd better take some responsibility and do research before buying a car, and perform regular maintenance once you own it.
This goes the same with your computer system. New exploits are found all the time in software packages. The duty falls onto you to ensure your system remains secure and stable.
BTW, I seem to recall there was some comparison done between Windows and a car crashing every 50 miles?:)
Well, that takes care of 864 characters. What shall I do with the remaining 5136? Perhaps exerpts from Judge Kaplan's ruling? Do you think it could be interpreted as ancient human humor?
Perhaps a good way to hit the message home that code is speech is to enter this song into evidence, and insist that the judge sit through it and listen to every word.
I wonder what other creative methods could be employed to express source code that highlights its dynamic nature as the expression of ideas, not functionality.
This is definitely the funniest thing I've heard in a long time. The guy's singing was actually pretty good. Plus, the chorus was a nice touch.
I am both a member of the ACM and the IEEE. I find they bring different perspectives to the practice of engineering computer-based solutions, whether solely software or a combination of software and hardware.
The IEEE has its own Computer Society, which has its own periodical publication, but I found it to be somewhat redundant when compared to the ACM. I finally ended my membership in the Computer Society.
IEEE has a number of member benefit programs that the ACM doesn't have: group insurance plans, financial programs, credit cards, regional user groups. These can be useful for independent software whor.. I mean consultants.:)
I'm not sure what kind of cryptographic technology is being employed natively, but they appear to support S/MIME, PGP and their own (proprietary?) cryptographic protocols.
The danger of using mail service providers like Yahoo! is that you must trust that your mail is being stored securely, and that their staff is honest and trustworthy. I'm afraid that's just too much for me.
Now, third-party service providers are going to be trusted with secure communication? I'm going to entrust my S/MIME or PGP private key to some company - a company that can be easily armtwisted by government or corporate interests?
It seems to me putting all of the eggs (in this case, messages and private keys) in one basket is far from prudent. Depending on how popular this service becomes, it has the potential to be the target of numerous cracker attacks.
Also, there's not much point in using encryption any stronger than what your browser is using to communicate with the service provider. Because, after all, the chain is only as strong as its weakest link. So, if you're using 40-bit RSA, why have stronger encryption used in encrypting the message for delivery?
While this service may be useful to help those who want to keep local packet sniffers at bay, I wouldn't seriously trust my private keys to anyone but myself, using software that has undergone countless peer reviews and gives me the option to compile it - not depend on someone's binary distribution.
I'm not paranoid, everyone is just out to get me!:)
The one thing they might have going for them is ease of use. Today, the most significant obstacle to the wide use of cryptographic technology seems to be its difficulty of use. If they solved this problem, they might incur some mindshare...
The act of breaking into a bank is illegal, and it should be rightfully so. The point Emmanuel is making is that the law against distributing information is unconstitutional.
The act of distributing information about how to break into a bank in general, or a branch in particular must be protected under the First Amendment, just as instructions on how to build a bomb are currently protected.
The act of distributing information about how to decode a DVD, protected by cryptography, must also be protected, for source code is speech. The distribution of the source code does not constitute an act of theft, just as publishing instructions on how to build a bomb does not constitute an act of terrorism.
Both instructions can be used for legal and illegal purposes. The act of using such instructions to perform an illegal act is, and must continue to remail illegal.
If computer source code does not qualify for First Amendment protection due to its inherent "functional" qualities, how can computer source and object code justifiably be protected by copyright?
The DMCA anti-trafficking provision may be upheld in the United States, but how do you think it will affect those who actively mirror and "traffic" in DeCSS in other countries? Will this not just hurt organizations in the U.S. as does ITAR if-you-publish-crypto-you're-an-arms-dealer regulations?
Good thing I'm using my trusty rusty ipchains firewalling gateway to prevent direct access to my browsing system. Vern, Vern, Vern, when will you learn, Netscape has more holes than swiss cheese?
As long as you are not looking for neato features like direct seek and realtime "live audio" streaming, http is a fine protocol for streaming mp3. Most decent mp3 players (xmms, mpg123 -b, sonique, winamp) buffer the input stream to handle bumps in the stream. Icecast streams through the http protocol -- it's designed to provide content using the broadcast model instead of pointcast. Apache is a good platform for individual streams.
Slashdot Mirror
There are some features provided by the so-called "expensive" RDBMSs that current "inexpensive", "free" and "open" source database management systems do not provide.
Replication is a feature that allows databases to keep each other up-to-date. In some modes, replication can occur to allow offsite databases to stay synchronzied with a master. Other modes offer replication, often with only seconds of latency.
Being able to perform transaction log dumps and incremental backups are also a feature the "expensive" databases have and others do not. This is very important to ensure minimal data loss in the event of catastrophic hardware failure.
Clustering, to provide transparent, seamless recovery when hardware fails is also a facility that other database systems to not currently offer. This is important in installations that absolultely require 24/7 uptime.
Some "expensive" SQL databases are becoming particularly good at caching data, query plans and even result sets, so that it need not invest large amounts of resources in oft-used queries.
Some expensive engines are capable of analyzing past queries to determine what indexes and stored procedures should be created to optimize efficiency.
High-end databases have been focusing on providing more than just a tabular view of the data. Many are providing complex text-based searching capabilities, which requires a far-different indexing scheme than what is used in traditional SQL databases.
On other fronts, expensive and inexpensive databases seem to do similarly well, and the inexpensive ones are getting more sophisticated with each release. One in particular that has been making such strives is PostgreSQL.
PostgreSQL still has some quirks, though. One in particular is the need in many situations to "vacuum" the database. Hopefully in a future release such garbage collection and optimization management will be transparent to the user.
It seems from their description, this is intended for CD-ROM interactive programs, not for audio compact discs.
This makes much more sense because of the requirements this would impose on equipment manufacturers, and how it would deprecate any previous equipment purchased by consumers.
"The digital signature is added to the Glass mastering using a Laser Beam Recorder (LBR)." This smacks of the old-fashioned burn-a-laser-hole-in-the-floppy-disk routine of the 1980s...
Finally, on October 2, 2000, NIST released their final decision, that R
ijndael was to be the AES selection. Simultaneously, NIST released a paper
detailing their rationale for the selection. In sum, this paper says that any of the finalists could have been selected (an opinion echoed by man y in
the industry), but that Rijndael proved to have the proper balance necessary between speed in hardware, speed in software, and security. To quote from
NIST's statement:
At this point, it's all over but the shouting. At some point later this year, the Secretary of Commerce will officially designate Rijndael the
Advanced Encryption Standard, and a new era will have begun. AES was specified (and is expected) to remain a standard for at least as long as DES, and
to protect data for even longer, and barring a major development (such as faster-than-forseen developments in quantum computing), this standard will
likely be met. No one expects research
into new algorithms to die, however. There will continue to be parallel algorithms developed and used, just as there are today. Thanks to be combined
efforts of NIST and the community, however, there will always be the bedrock of AES available.
In conclusion, I'd like to point out the positive role that the U.S. Government, as represented by NIST, has played in this process. The Free
Software/Open Source community has taken its share of shots at the government over patents, copyright and crypto export over the past several years,
and deservedly so. The AES process, however, was lauded throughout the encryption community as a fair and open process that brought together the best
minds available to select the algorithm for the next century (as NIST likes to say). Making an algorithm a FIPS standard gives it a legitimacy that
cannot be obtained in any other way, especially given the way that this standard was arrived at. The algorithm is completely free of any IP hurdles,
as was specified at the beginning of the process, and since the code is open, it can be downloaded by anyone in the world (and since it was designed
outside of the U.S., any attempt to regulate its export from the U.S. would be silly). It is reasonable to criticize when a situation is bad, but
it is only fair to praise when something is good.
Bibliography
I used a great number of sources from print and the web, so
it's only fair to list them here. I also put many links in the body itself,
most of which go into much more detail than I did.
Let's not forget that manufacturers should have the right to manufacture whatever they want, in whatever way. If they want to manufacture equipment that only operates under certain conditions, that should be their right. If they want to manufacture goods that only work when the moon is full, that is their prerogative.
If consumers want to be suckers and purchase their products with knowledge of such restrictions, they should do so at their own peril. Of course, they should be fully informed of what they are purchasing. The shouldn't be driving across the border only to discover then that their GPS-enabled pacemaker isn't authorized for use in the country they're entering.
The flip side of this argument is that anyone should have the right to do whatever they want to a product they purchased. If I want to figure out a way to interface my DVD player into my toaster, as long as the DVD player and the toaster are my property, I should have this right.
This goes for resellers as well. Resellers purchase products from a manufacturer in quantity. If they want to modify this equipment en masse prior to resale, they should be free to do so unless encumbered by contractual obligations. Again, they need to disclose what they are selling to consumers - something different than what was originally manufactured.
Finally, there is the most important issue: the law. The law must not keep us from modifying what is our own property. More and more, individuals and corporations are learning how to manipulate the law and lawmakers to their own advantage. This is having an enourmously detremental effect on individual liberty.
To sum up:
To look under the hood of your car should not be a crime. To tell others how to modify their own property (e.g. deCSS) should not be a crime. To modify your own property should not be a crime.
Everything else is fair game.
I disagree; you can have trade which is purely a swap of services. A lot of business-to-business trade is essentially of this form. You only need a concept of property to deal in physical goods which have scarcity (i.e. cannot be duplicated for nothing), like food or computer hardware.
When trading purely services, you are in fact, using your own property, namely your own body, mind, intellect. These belong to you and any services you provide would be based on the use of your property.
If someone wants you to mow the lawn, you would be providing a service. You might use some property to do it more efficiently than otherwise. You might use a lawnmower you own. You use property all the time in the commission of providing a service.
A patent allows you to stop me using an idea which you thought of.
You rightly point out that a patent can even stop me from using an idea I thought about. That fundamental flaw strongly shows why laws to protect intangible "intellectual" property have no place in the information age.
For example...
The so-called "frowny" has been trademarked by Despair, inc. Admittedly, it appears that it was registered to make a mockery of the PTO. Though, my use of this trademark in conjunction with a negative comment would "dilute the value" of the frowny trademark, and would be cause for some lawsuit. :P (has the tongue sticking out emoticon been trademarked yet?)t ml
http://www.despair.com/demotivators/frownonthis.h
Someone patented the use of a laser to provide exercise for cats. I have, on a number of occasions inadvertently violated this patent in amusing cats, and if it could be proven, I would likely be required to pay royalties for the use of this idea that was independently arrived at.
http://www.delphion.com/details?pn=US05443036__
Some might argue that it's just a system that needs to be tweaked - fixed through some kind of reform to allow "legitimate" owners of "intellectual property" to be rewarded for their labor.
I propose that all "intellectual property" law does is prop-up old business models and keep new ones from emerging. If we lived in a world without copyright, patent and trademark, it would be different. The presence of such laws has slowed progress where progress would have naturally occurred. Who's to say that the progress such laws protects is more important than the progress that it discourages?
Some argue that without such protections, less innovation and creation would be performed. Kinsella and Mercer argue that there would be as much creation and innovation that the world requires - no more, no less.
In my view, the world would be transformed to the open-source model. That you give away the recipe and sell the chicken. That you can download music free but pay for the live performance. You'd pay to see movies on the big screen with great sound.
In the year 2080, when we get our first replicator at home, if we decide to replicate something, will someone claim ownership to that idea and only allow us to create an instance of it if we pay? Will someone own the concept of a chair and receive royalties everytime someone replicates one?
Laws should never be created to protect the way of doing business. The industrial age transformed the way things were made. If the Luddites had their way, chairs would still be made by hand, or at least those who use machines would subsidize those who make by hand. Laws should only protect our rights to hold real, tangible property.
How in the world did this get modded up??
Anyone remember the Secure Electronic Transaction initiative? This was Visa's and MasterCard's magic technology to allow secure transactions on the insecure Internet. They warned those doing electronic commerce with plain ol' SSL that SSL was just a short-term kludge until SET was finalized and implemented.
It turned out that those who were going to have to actually implement SET revolted against this initiative as they realized the implications of the full implemnetation. Furthermore, SET wound up being bogged-down in bureaucratic procedure, much as SDMI is now.
What continues to surprise me about SDMI is the continued insistance that the Emperor has clothes. Just as CSS was subverted, so shall SDMI. This is not a matter of opinion, it is a matter of mathematical fact.
Bottom line: if the watermark is audible, then it degrades the quality of the audio; if the watermark is inaudible, then it can be compressed out. So the choice will be "protect" the music with an audible watermark, or have the "protection" subverted.
I can't blame eBay for doing this. I have been contemplating applying for patents on yet unpatented trivial technologies so that I can ensure that another bozo won't come along later and sue me for using their "technology". Various Slashdot articles have been posted on various attempts at organizing a "defensive patent" initiative.
I blame the PTO for allowing these stupid patent tricks. When one company can successfully patent hyperlinks, another can patent "pushing a button to place an order" on the Web, and others can patent genetic sequences without even knowing what they do, you've gotta expect that more crazy patents will be coming next.
Companies, who are just trying to do honest business using new technology, now have to continuously look over their shoulders to make sure nobody's going to pull the rug from under their feet, or pay "protection" to the companies who have already secured patents and are willing to negotiate a "licensing deal".
Usually, the reason cited for an anonymous vote is to protect someone from retribution for voting his or her conscience instead of bowing to pressure from others. I can't say I've heard the reason you cite for voting anonymously.
Your assertion that the "anonymity of the vote is compromised" is difficult for me to accept. In the end, you're going to know how Newfoundland voted, in aggregate form, and in some broad sense they will not be protected by anonymity.
I agree that if the polls close in one province before another, and the results from the first province are released to the second, that the people voting in the second province might have some advantage during the vote.
But how is this different than hearing relevant news about a party during this time between poll closures? Someone in Newfoundland might have been stuck with a party or candidate he or she no longer wants, while someone in British Columbia can use such new information to assess for whom he or she will vote?
Your point about intermediate results does make some sense -- ultimately the final results are the ones that matter. But, news is news. Should intermediate results be suppressed until someone deems the "final" results are in?
In the case of a plane crash, should results of whether any passengers are alright be suppressed until the "final results are in", or would you rather hear news as it develops and as it is discovered?
The authorities often suppress the names of those who didn't survive in plane crashes until their next of kin have been contacted. However, this is not a suppression of press or speech because the information hasn't been released. The media aren't kept from interviewing survivors or taking pictures of the crash.
In the case of an election, results in Canada aren't final until they are "validated", which was scheduled for December 11th. Should the results be suppressed until they are "validated" and official, or should the media give us some glimpse into the situation as it develops?
Finally, if I may address your question about what the relevance is of intermediate results to the public: the public uses information in ways we cannot predict.
When the monetary markets realized the Liberals were going to have a majority, the Canadian Dollar started driving above the 65 cent American mark. People in the East knew why because they had the results, while people in the West were left in the dark to guess why the market was behaving in this way.
Finally, I strongly agree that the only correct vote is the one of your conscience. Your reason you choose to vote a particular way, is yours and yours alone. It is nobody's business but your own.
I believe in the European Parliament, results are not even counted until all of the polls have closed throughout the union. This seems like a fine system, and does not infringe on any rights to a free press or speech.
This is far different than the scenario in Canada where results are released to the public, then the public are ordered, through Section 329, to keep their mouths shut. Canada can "protect democracy" and retain our rights by simply deferring the release of results until all the polls have closed.
I don't know what rights are written into law in the European Union, or the United Kingdom, for that matter. However, in Canada, the Canadian Charter of Rights and Freedoms is designed to protect our rights, including our rights to a free press and freedom of speech.
Under the Charter, rights can only be limited if such limitations can be demonstrably justified in a free and democratic society. I assert that such restrictions cannot be justified when other alternatives solve this perceived problem without infringing on any of our rights. That is why this law is being challenged.
In this day and age, when an individual can communicate his message to thousands, even millions of people with the click of a mouse or the tap of a stylus, our countries must craft laws that acknowledge what technology its citizens have access to.
Furthermore, a country must acknowledge, through its laws, over what it can legitimately assert its jurisdiction. ElectionResultsCanada.com was hosted on a server by Rackspace, in Texas. Does the Canadian government have jurisdiction over this server and what it publishes?
Anyone in the world can publish a web site. Perhaps Canadians will be forced into submission by the government on this issue - it still remains to be seen. However, anyone outside of Canada will be free to post results (or purported results) of the Canadian Election without fear of any legal repercussion. This only places Canadians at a severe disadvantage.
Finally, as a point of note, when the monetary markets (a 24x7 operation now) received word that the Liberals were going to hold a majority government, the Canadian dollar jumped above 65 cents U.S. People in the Eastern provinces knew why, and could react accordingly. People in the West were kept in the dark, under this publication ban, only to guess why the dollar fluctuated, and try their best to make decisions based on little or no information.
There's no way to predict in this day and age how information will be used. Releasing public, facutal information to some Canadians and barring access to others is simply unacceptable in this day and age.
In kindergarten, I learned that if I wanted to keep a secret, I shouldn't tell anyone. Our government appears to need to learn the same lesson. If it wants to protect the democratic process, then it shouldn't release information to the public until all polls across Canada have closed.
Yes, Fox is still at it! If you visit Mayor Quimby's official campaign site using Netscape under Linux, you get a nice message indicating that you're a second class citizen. Idn't that special?
This is yet another example of where the notion of intellectual property rights in the information age show their limitations and age. According to the story, copyrights are still valid even when there is no longer a person or company legitimately claiming ownership.
Furthermore, it is a ludicrous argument that copyrights must be upheld and protected to ensure these illegal copies do not compete with today's videogame systems, like the Sony Playstation. If a copyright is infringed upon, it is only the copyright holder who is the "victim", not the their potential competitors who might lose revenue due to an alternative.
I'm not a big fan of "intellectual property rights" as they stand today, but if we're going to keep such a system in place, copyrights should at least be held to the same high standards as patents and trademarks: you don't use them, you lose them.
If a patent is granted to you, you have an obligation to make the technology available at a reasonable cost. If you don't the patent is revoked.
If a trademark is granted, you must actually use the trademark, otherwise you will have no rights to it if it is "infringed" upon. Your trademark would be null and void.
I don't know what you mean by corporate influences on ICANN's the voting system.
This voting system is, by far, superior to the standard popular vote. It is used in democratic countries such as Australia, and once you understand the fairly simple process, is easy appreciate just how good a system it is.
It allows you to vote your conscience (the best candidate, in your opinion), without fear that your vote will be "wasted" on a candidate who has no chance of winning.
If your first choice places last in the first round of tallying, that person is eliminated from the next round, and everyones' votes are moved up to replace him/her on their ballots.
This continues until it gets down to the final two, and the one with the majority of votes wins.
So, it's a recursive process, but it yields a far better result in my opinion compared to the kindergarden voting system in the United States and Canada.
"Of course, that's just my opinion. I could be wrong."
Among the anomolies:
- Skips samples during the first second of file, resulting in audible click.
- Audible low frequency glitches in many files.
- Faults in the decoding engine itself include audible mistakes below 15 kHz and a few mistakes above too.
- The right channel is decoded correctly (only
occasional 1-bit difference from l3dec), but the left channel is destroyed...
- Sonique HQ decode mode also inverts the signal.
It's overall recommendation:"Until the mp3 decoding is fixed, Sonique is a player to avoid. If you're using it to decode mp3s, stop!"
A "security" war is an ongoing war -- an arms race. It is continuous race between those who want to exploit systems and those who want to protect them. This concept seems foreign to many, but especially government.
In the case of CSS and DeCSS, the same concept holds true: your security system, if it remains static will be cracked. Do you choose to: a) give up, b) escalate the arms race, or c) go running to congress to create all kinds of crazy laws?
Crackers and script kiddies will love for you to give up and surrender. They want systems they can easily exploit for their own selfish purposes. They don't want those pesky system administrators to close holes.
Crackers don't take prisoners when you surrender. They won't be merciful. They'll exploit every system you leave exposed, it's just a matter of time. The only protection you have is the constant, unending treadmill of system security auditing, monitoring bugtraqs, patching exploits, and praying you've covered all your bases.
This could be offtopic, but seeing this kind of progress in Mandrake makes me wonder what Debian isn't doing right?
While I don't particularly like the high level of tweaking performed by Mandrake, I have to give them one thing: they're right on the bleeding edge of technology, plowing through new barriers and actually *releasing* their distro.
This would be a huge challenge for the Debian swarm to pull off, even with their new proposed release scheme. It seems to me Debian gets too bogged down in bureaucracy, hindering their ability to actually get things released.
Perhaps some form of competition within the Debian group could be in order. If a package is being too slowly maintained, someone else could get the chance to pick up the pace?
Meanwhile, (ho hum) I guess we virtual community freaks will just keep on manually installing our own XFree86 4.01 until Debian gets into this millenium -- or ultimately break down and start using Mandrake.
> This is the stupidest idea continually propagated by us geeks. I'm not flaming here!
:)
:)
I have the sneaking suspicion that I am walking right into your flamebait trap...
> Why should I have to continously check every new phrickin' software product I install for security problems?
You are responsible for the security and stability of your own systems. Debian isn't a public service that you have some right to expect anything from.
> This is analagous to everytime I buy a car, I've got to get under my car and inspect it's braking system, it's steering system, it's fuel system, etc. so the damned car doesn't send me and my family careening over a cliff or exploding on us..
The United States does have laws that protect consumers from vehicle defects, but your braking system, steering system, and so on can fail if not properly maintained. Certainly performing custom hacks on your car is at your own risk.
If you want to ensure your family is safe, you'd better take some responsibility and do research before buying a car, and perform regular maintenance once you own it.
This goes the same with your computer system. New exploits are found all the time in software packages. The duty falls onto you to ensure your system remains secure and stable.
BTW, I seem to recall there was some comparison done between Windows and a car crashing every 50 miles?
void css_descramble(byte *sec,byte *key) { #define SALTED(i) (key[i] ^ sec[0x54 + (i)]) unsigned char *end = sec + 0x800; int val; unsigned int lfsr0, lfsr1; byte o_lfsr0, o_lfsr1; lfsr0 = ((SALTED(4) << 17) | (SALTED(3) << 9) | (SALTED(2) << 1)) + 8 - (SALTED(2)&7); lfsr0 = (reverse[lfsr0&0xff]<<17) | (reverse[(lfsr0>>8)&0xff] << 9) | (reverse[(lfsr0>>16)&0xff]<<1) |(lfsr0>>24); lfsr1 = (reverse[SALTED(0)] << 9) | 0x100 | (reverse[SALTED(1)]); sec+=0x80; val = 0; while (sec != end) { o_lfsr0 = (lfsr0 >> 12) ^ (lfsr0 >> 4) ^ (lfsr0 >> 3) ^ lfsr0; o_lfsr1 = ((lfsr1 >> 14) & 7) ^ lfsr1; o_lfsr1 ^= (o_lfsr1 << 3) ^ (o_lfsr1 << 6); lfsr1 = (lfsr1 >> 8) ^ (o_lfsr1 << 9); lfsr0 = (lfsr0 >> 8) ^ (o_lfsr0 << 17); val += o_lfsr0 + (byte)~o_lfsr1; *sec++ = csstab1[*sec] ^ (val & 0xff); val >>= 8; } }
Well, that takes care of 864 characters. What shall I do with the remaining 5136? Perhaps exerpts from Judge Kaplan's ruling? Do you think it could be interpreted as ancient human humor?
Perhaps a good way to hit the message home that code is speech is to enter this song into evidence, and insist that the judge sit through it and listen to every word.
I wonder what other creative methods could be employed to express source code that highlights its dynamic nature as the expression of ideas, not functionality.
This is definitely the funniest thing I've heard in a long time. The guy's singing was actually pretty good. Plus, the chorus was a nice touch.
I am both a member of the ACM and the IEEE. I find they bring different perspectives to the practice of engineering computer-based solutions, whether solely software or a combination of software and hardware.
:)
The IEEE has its own Computer Society, which has its own periodical publication, but I found it to be somewhat redundant when compared to the ACM. I finally ended my membership in the Computer Society.
IEEE has a number of member benefit programs that the ACM doesn't have: group insurance plans, financial programs, credit cards, regional user groups. These can be useful for independent software whor.. I mean consultants.
I'm not sure what kind of cryptographic technology is being employed natively, but they appear to support S/MIME, PGP and their own (proprietary?) cryptographic protocols.
:)
The danger of using mail service providers like Yahoo! is that you must trust that your mail is being stored securely, and that their staff is honest and trustworthy. I'm afraid that's just too much for me.
Now, third-party service providers are going to be trusted with secure communication? I'm going to entrust my S/MIME or PGP private key to some company - a company that can be easily armtwisted by government or corporate interests?
It seems to me putting all of the eggs (in this case, messages and private keys) in one basket is far from prudent. Depending on how popular this service becomes, it has the potential to be the target of numerous cracker attacks.
Also, there's not much point in using encryption any stronger than what your browser is using to communicate with the service provider. Because, after all, the chain is only as strong as its weakest link. So, if you're using 40-bit RSA, why have stronger encryption used in encrypting the message for delivery?
While this service may be useful to help those who want to keep local packet sniffers at bay, I wouldn't seriously trust my private keys to anyone but myself, using software that has undergone countless peer reviews and gives me the option to compile it - not depend on someone's binary distribution.
I'm not paranoid, everyone is just out to get me!
The one thing they might have going for them is ease of use. Today, the most significant obstacle to the wide use of cryptographic technology seems to be its difficulty of use. If they solved this problem, they might incur some mindshare...
Actually, I think you don't get it.
The act of breaking into a bank is illegal, and it should be rightfully so. The point Emmanuel is making is that the law against distributing information is unconstitutional.
The act of distributing information about how to break into a bank in general, or a branch in particular must be protected under the First Amendment, just as instructions on how to build a bomb are currently protected.
The act of distributing information about how to decode a DVD, protected by cryptography, must also be protected, for source code is speech. The distribution of the source code does not constitute an act of theft, just as publishing instructions on how to build a bomb does not constitute an act of terrorism.
Both instructions can be used for legal and illegal purposes. The act of using such instructions to perform an illegal act is, and must continue to remail illegal.
If computer source code does not qualify for First Amendment protection due to its inherent "functional" qualities, how can computer source and object code justifiably be protected by copyright?
The DMCA anti-trafficking provision may be upheld in the United States, but how do you think it will affect those who actively mirror and "traffic" in DeCSS in other countries? Will this not just hurt organizations in the U.S. as does ITAR if-you-publish-crypto-you're-an-arms-dealer regulations?
Good thing I'm using my trusty rusty ipchains firewalling gateway to prevent direct access to my browsing system. Vern, Vern, Vern, when will you learn, Netscape has more holes than swiss cheese?
As long as you are not looking for neato features like direct seek and realtime "live audio" streaming, http is a fine protocol for streaming mp3. Most decent mp3 players (xmms, mpg123 -b, sonique, winamp) buffer the input stream to handle bumps in the stream. Icecast streams through the http protocol -- it's designed to provide content using the broadcast model instead of pointcast. Apache is a good platform for individual streams.