Instead, we get complaints that the new gear is ugly and that telcos don't want to negotiate a different standard with every little town. I hope we can at least agree that it's logical for the telcos to want one standard per state, at least for the sanity of their installer techs. I'm not objecting to making that standard rigorous, just so long as there's only one of them.
Sorry, but why exactly should the citizens of various local governments give up their right to determine standards for their community? To make it easier for a telephone company to turn a profit?
Boo hoo, I say. Large businesses consistently complain that following local rules is too complicated. I call bullshit.
There are some issues where it makes sense to have a statewide consensus - medical licenses, law licenses, etc. What is visually acceptable in a given community is not one of those issues. Maybe the folks in town X are fine with boxes on the street, but if the folks in town Y aren't, the telco has a choice: abide by their rules, attempt to convince them to change their rules, or don't run service there. Trying to go over local governments' heads at the state level is just lazy.
Besides, you can bet the lobbyists will be out in force to make sure those state regulations are awfully lax. It'll be much harder to do that on a local level.
And then what? The telco will eventually end up complaining that managing different standards over a dozen or 48 states is too complicated, and there should be a national standard (think car manufacturers). We already see this sort of consolidation happening with IP law - attempts to unify disparate national laws into a consistent worldwide whole that fails to take into account local differences. You can kiss federalism goodbye.
One thing is for sure - I'll never download music without paying for it again.
Notice that it's not "I'll never illegally download music again," or something similar. Instead, the comic attempts to create a firm association between downloading music and paying money, despite the loads of music that is legally available for free.
Sounds like an attempt to make readers feel like any downloading without paying is wrong.
I'm not sure, but I don't think cable TV franchise agreements cover the ISP business, or that local cable TV councils have any authority over the ISP.
Also, local cable TV councils are severely limited in what they can do by federal regulations. And even though they could theoretically take away a cable franchise (and thus the ISP business), I can't imagine a better way to piss off the public than to take away their TV!
What two wars are we fighting? I don't see any declared hostility with any nation.
Oh please. We never officially declared war against Vietnam. Does that mean we weren't at war?
And whenever a single Judge decides that there is a new "Right", not enumerated in the Constitution, whereby taxes are leveled to provide said right to everyone (I'm talking HEALTHCARE), then you ignore the Constitution.
Oh, because if it's not enumerated in the Constitution, it's not a right? Your thinking is exactly the kind that Alexander Hamilton worried the Bill of Rights might foster.
Was I the only one who was confused by the summary? When I read "mechanical mathematicians", I was thinking along the lines of the Bomba and Curta, not computer programs.
It was refreshing to read certain portions of the ruling. I suggest everyone take a look at it. Here's what stuck out at me:
Traditionally, copyright owners sold their copyrighted material in exchange for
money. The lack of money changing hands in open source licensing should not be
presumed to mean that there is no economic consideration, however. There are
substantial benefits, including economic benefits, to the creation and distribution of
copyrighted works under public licenses that range far beyond traditional license royalties.
This too:
The copyright holder here
expressly stated the terms upon which the right to modify and distribute the material
depended and invited direct contact if a downloader wished to negotiate other terms.
These restrictions were both clear and necessary to accomplish the objectives of the open
source licensing collaboration, including economic benefit...
Copyright holders who engage in open source licensing have the right to control the
modification and distribution of copyrighted material.
Sue the ignorant bitch (Pamela Wilderman) her employers, the state, any judge issuing a warrant without cause etc.
Ugh. Firefighters don't need a warrant to enter your home, people:
"Firefighters found more than 1,500 vials, jars, cans, bottles and boxes in the basement Tuesday afternoon, after they responded to an unrelated fire in an air conditioner on the second floor of the home."
I find it troubling that hobbyists are less trusted than corporations (assuming that these same experiments, performed by a corporation, would pose no problem - which I think the above quote pretty clearly implies).
Running a company is going to require a number of licenses and inspections, depending on the type of work you do. Health or safety inspectors may come to examine your shop. You may be required to file compliance reports. None of that's true for a hobbyist's basement.
Now, there's a good reason for that - "hobbyist" implies small-scale work that doesn't require inspections or regulation, because it's not the sort of thing that poses a safety hazard to anyone except perhaps the hobbyist. But when you're dealing with someone who has what sounds like a full scale lab and lots of stored chemicals, you've moved out of the category of "hobbyist."
According to the screenshot, the video was titled "Beijing Olympics Opening Ceremony." It's not about censorship, it's about copyright, and was probably automatically removed based just on the title.
What, does the IOC have copyright on the word "Olympics"?
I imagine they're objecting to the image of the five colored rings that's shown in the video for a second or two. And if that's the case, this is a total abuse of a copyright infringement claim.
First, you'd think that showing the rings for a time that's probably less than 2% of the entire clip would qualify as fair use. Secondly, there's an issue of free speech. Are we no longer allowed to identify organizations by their logos?
In the Baltimore area, there's the Greater Baltimore Hamboree and ComputerFest every spring. My uncle, an electrical engineer, took me once when I was in high school, and I've been back several times since.
It's a blast! Make sure you browse the outdoor tables, too. This place really exemplifies the adage "One person's trash is another person's treasure."
Exhibit A will, I suspect, lead to many, MANY more compromises now then would have happened had they given their presentation.
You really think so? (Also, I assume you're talking about "Exhibit 1", not "A"). But really, there's nothing that exciting in those few pages. They say they know the algorithm for calculating the checksum on the Charlie Tickets, but they don't disclose it. Then, they discuss a previously known flaw in MiFare Classic.
I'd say anyone intelligent enough to use the information in that document would have been intelligent enough to find it elsewhere.
If true, one would think the MBTA would have little to back up an injunction.
I'd tend to agree. Though MBTA's argument is that the undergrads aren't disclosing everything, so MBTA can't assess the true threat to their systems, thus why they sought the injunction.
I'm kind of surprised the undergrads have not disclosed everything to the MBTA. Why wouldn't they? If they are truly interested in improving MBTA's security, they ought to.
On the other hand, they might be reluctant to do so because of the risk of legal action. I don't have a Charlie Card on me (haven't been in Boston recently), but a lot of similar cards have statements saying they are the property of whoever issues them, and that tampering with them is illegal.
At least from what's in the linked PDF, the undergrads' work is not all that impressive. They look at both the CharlieTicket (magstripe) and the CharlieCard (RFID).
Hacking the CharlieTicket sounds fairly trivial. Magstripe cards are extremely easy to read and write to, and documentation on how to do this with homemade equipment is all over the Internet. The undergrads' work essentially consists of figuring out how the 6-bit checksum is being calculated (though it's not disclosed in the linked documents). This is probably the most difficult thing that they did.
Hacking the CharlieCard, which is a MiFare Classic, is more involved, but the undergrads used a previously known attack, simply duplicating it. (Some might call that the behavior of a "script kiddie"?) There's hardly anything novel about this.
I am continually amazed by the fact that so many people fail to see a significant difference between any individual (you, me, a cop) taking photos or video in a public place, and a company like Google taking photos across cities and permanently posting those photos on a publicly available website.
There is a reasonable expectation that individuals, even police, are not going to be driving around entire cities continually taking photos and posting them permanently online. Our current laws and behavior are based on that expectation.
The fact is, Google's Street View is doing something very different than what you are talking about, and on a much larger scale. While it may not be illegal (and who knows, state laws probably vary as to whether it is or not), it's certainly novel and unexpected, and it's not at all unreasonable for people to wonder if it's appropriate.
What if a cop drives by while buying your supply, or your wife comes outside and sees you chatting with a hottie?
No difference.
No difference? You've got to be kidding me. The difference is that a photo is taken, and made publicly accessible online for who knows how long. Cops and your wife aren't doing that.
The problem with automatically removing the movable objects is it takes quite a lot of frames with them in different positions.
While the pics before and after a particular picture can help you'd still need about 30 seconds worth of photos to let the objects move.
I don't buy it that Google can't purchase or develop image recognition software that could eliminate or at least blur people and cars. I've heard of software that blurs windows to outdoor security cameras, and that seems like a harder task to accomplish.
It's just as well that people typically only get on and off buses which are stopped:) With trains there are often ticket operated barriers which never move.
Funny as it sounds, I used a smart-card system for the buses in French city where it was quite common to be validating your card after the bus had left the station. It was crowded, so it took some time to reach the scanner! There were usually two, one at the front of the bus, and one a little further in (and sometimes one was broken).
That's a pretty weak argument. All you need is a laptop with a cellular data connection. If you really have places where you can't get a cell signal, get the cell company to add a picocell at the bus stops or add a Wi-Fi hot spot. Odds are you won't have to add too many of them in any major metro area.
Well, I'm not the one making the argument, I'm just going by what I see being implemented in transit systems. Storing the value on the card means fast retrieval and processing, and no reliance on a network. What if the data links drops for some reason? What if it takes longer than usual to connect? Transit systems have schedules to keep (ideally!).
Furthermore, it's easy to say "get the cell company to add a picocell at the bus stops", but it's not as if a transit system can simply mandate that it be done. Who's going to pay for it? And at what point does the expense of ensuring reliable network connectivity become greater than simply expecting a certain percentage of fraud? After all, this is a transit system we're talking about, not a bank.
If you have access to somebody else's card, yes. Otherwise, if you are able to steal access, your number space is too small. Use a 256-bit number (or 1024-bit if you're really paranoid) and ensure that new numbers are assigned randomly within that space so that your odds of picking a valid number are remarkably close to zero.
I know. That's why I talked about copying. Plus, given that with things like gift cards, the identifier is often written on the card itself, sometimes you don't even need to have a card reader to get the information. Or, you have security leaks. When I was an undergrad, the University of Maryland inadvertently exposed the ID numbers of the entire university population through its LDAP entries. Those same IDs were used as identifiers on the magstripe cards that gave building access, and dining hall access.
What does free speech have to do with releasing software that will help people steal from the transit system?. It sound criminal to me, assisting people to steal.
Right... because clearly that's what the MIT students are trying to do. Help people steal. That was their plan all along...
It couldn't have anything to do with revealing flaws in RFID-based transit card systems that are being increasingly adopted by state and local governments all across the nation, and for that matter, the world. It couldn't have anything to do with shaming a government agency into actually getting on the ball and working with its contractor to improve security of its system. It couldn't have anything to do with plain and simply academic curiosity.
What's it got to do with free speech? Maybe that we think they ought to have the freedom to not only do the work they've done, but talk about it as well?
Maybe put the amount on the card, so the bus doesn't have to call home every time someone steps on a bus, but at least keep all transactions in a database so they can check for fraud after the fact.
I think you hit the nail on the head with this. I don't know about the Charlie card system, but the issue with many transit cards is that it's difficult or impossible for moving vehicles to always be able to check in with the network database to determine the value of an account. So the account value has to be stored on the card.
This is exactly like storing the value of your ATM or gift card on the card itself. But with ATMs and gift cards, the terminal where you use them is always going to have network access (or if it doesn't you probably won't be able to use the card).
Of course, even just storing an account number or identifier on a card doesn't make it fraud-proof. Magstripe cards are trivially easy to re-encode with only a few dollars worth of equipment. Copying these can mean defeating physical access systems, being able to use someone else's gift card balance, or worse.
Is MBTA actually going to get the card system provider to fix the problem? Because from what I've seen, you'll have a hard time even getting the department and the contractor to admit that the problem exists. And even if they do admit it, is the solution going to be any more than "it's unlikely people will exploit this"?
That sort of attitude seems to be how Maryland feels about its AccuVote TS voting machines. Three independent reviews have all revealed flaws with them, but we're still using them, despite the fact that those flaws essentially mean that the contractor has violated its agreement with the State.
Furthermore, I doubt much criminal activity is going to result from releasing the information. Only a few people are going to have the time and patience to actually follow the exploit through, and if the system is well-designed (though apparently it may not be), modifying card data shouldn't be able to damage or disrupt the system.
I'm betting moral rights didn't enter the equation because normal people wouldn't be thinking that far ahead in how to fuck someone over.
Wow, someone's a little bitter. Unfortunately, in 1834, the Supreme Court disagreed with you. In Wheaton v. Peters, the court ruled against the notion of a common law copyright (the idea that copyright is a natural or moral right which statues simply recognize). And if you for some reason don't like Wikipedia, you can read about it here, as well, in the analysis of Article I, Section 8 of the U.S. Constitution (see page 262):
A divided Court held in favor of Peters on the legal question.
It denied, in the first place, that there was any principle of
the common law that protected an author in the sole right to continue
to publish a work once published... The exclusive right which
Congress is authorized to secure to authors and inventors owes its
existence solely to the acts of Congress securing it...
You're missing my point. Sure, expressing pretty much any sort of preference for a society can be called a moral issue. My point is that copyright was not originally an issue of an author's moral or natural rights, or an issue of "fairness."
Does it even occur to you before you spout the kind of knee-jerk crap quoted above that that overwhelming majority of copyright infringement going on on-line today is ripping off material released so recently that even the original copyright terms would easily have covered it (assuming it has even been released to the public yet at all)?
Here's a question - as technology has improved, why on earth are we witnessing increased terms? If anything, the term ought to have been reduced. It's orders of magnitude easier in this day and age to distribute and profit from copyrighted material than it was when they copyright term was originally established as 14 years. Creators need much less time to bring in profits, in great part thanks to the Internet that also enables this infringement. All that popular media you're thinking of only has a shelf-life of a few years at best, anyway. 14 years is way too long for today's movies and music, if you ask me.
Mr. Beckerman, I don't know if you'll have a chance to respond to this, but I'm kind of itching to ask after reading something.
It seems to me that the whole copyright debate has shifted from what was originally an issue of economic incentive to an issue of natural and moral rights. The starving artist is invoked not only to inspire our sympathy, but because we're told to think that it's only fair for someone to be able to control their ideas.
Now, according to the analysis of the copyright clause of the Constitution available here, there is no natural, moral, initial, or other right of exclusive use. I.e., the only reason the rights exist are because of the copyright clause - it's not that the copyright clause was expressing a natural right that pre-existed:
Wheaton, while denying this assertion of fact, further contended
that the statute was only intended to secure him in his pre-existent
rights at common law. These at least, he claimed, the Court should
protect. A divided Court held in favor of Peters on the legal question.
It denied, in the first place, that there was any principle of
the common law that protected an author in the sole right to continue
to publish a work once published. It denied, in the second
place, that there is any principle of law, common or otherwise,
which pervades the Union except such as are embodied in the Constitution
and the acts of Congress. Nor, in the third place, it held,
did the word "securing" in the Constitution recognize the alleged
common law principle Wheaton invoked. The exclusive right which
Congress is authorized to secure to authors and inventors owes its
existence solely to the acts of Congress securing it, 1446 from which
it follows that the rights granted by a patent or copyright are subject
to such qualifications and limitations as Congress, in its unhampered
consultation of the public interest, sees fit to impose.
So my question is, is this Wheaton v. Peters idea still in force? Or has the law evolved since then to find some sort of natural right? If not, doesn't that make so much of the copyright debate ultimately misguided?
Slashdot Mirror
Instead, we get complaints that the new gear is ugly and that telcos don't want to negotiate a different standard with every little town. I hope we can at least agree that it's logical for the telcos to want one standard per state, at least for the sanity of their installer techs. I'm not objecting to making that standard rigorous, just so long as there's only one of them.
Sorry, but why exactly should the citizens of various local governments give up their right to determine standards for their community? To make it easier for a telephone company to turn a profit?
Boo hoo, I say. Large businesses consistently complain that following local rules is too complicated. I call bullshit.
There are some issues where it makes sense to have a statewide consensus - medical licenses, law licenses, etc. What is visually acceptable in a given community is not one of those issues. Maybe the folks in town X are fine with boxes on the street, but if the folks in town Y aren't, the telco has a choice: abide by their rules, attempt to convince them to change their rules, or don't run service there. Trying to go over local governments' heads at the state level is just lazy.
Besides, you can bet the lobbyists will be out in force to make sure those state regulations are awfully lax. It'll be much harder to do that on a local level.
And then what? The telco will eventually end up complaining that managing different standards over a dozen or 48 states is too complicated, and there should be a national standard (think car manufacturers). We already see this sort of consolidation happening with IP law - attempts to unify disparate national laws into a consistent worldwide whole that fails to take into account local differences. You can kiss federalism goodbye.
Did anyone else notice the moral of the story?
One thing is for sure - I'll never download music without paying for it again.
Notice that it's not "I'll never illegally download music again," or something similar. Instead, the comic attempts to create a firm association between downloading music and paying money, despite the loads of music that is legally available for free.
Sounds like an attempt to make readers feel like any downloading without paying is wrong.
I'm not sure, but I don't think cable TV franchise agreements cover the ISP business, or that local cable TV councils have any authority over the ISP.
Also, local cable TV councils are severely limited in what they can do by federal regulations. And even though they could theoretically take away a cable franchise (and thus the ISP business), I can't imagine a better way to piss off the public than to take away their TV!
What two wars are we fighting? I don't see any declared hostility with any nation.
Oh please. We never officially declared war against Vietnam. Does that mean we weren't at war?
And whenever a single Judge decides that there is a new "Right", not enumerated in the Constitution, whereby taxes are leveled to provide said right to everyone (I'm talking HEALTHCARE), then you ignore the Constitution.
Oh, because if it's not enumerated in the Constitution, it's not a right? Your thinking is exactly the kind that Alexander Hamilton worried the Bill of Rights might foster.
Was I the only one who was confused by the summary? When I read "mechanical mathematicians", I was thinking along the lines of the Bomba and Curta, not computer programs.
Traditionally, copyright owners sold their copyrighted material in exchange for money. The lack of money changing hands in open source licensing should not be presumed to mean that there is no economic consideration, however. There are substantial benefits, including economic benefits, to the creation and distribution of copyrighted works under public licenses that range far beyond traditional license royalties.
This too:
The copyright holder here expressly stated the terms upon which the right to modify and distribute the material depended and invited direct contact if a downloader wished to negotiate other terms. These restrictions were both clear and necessary to accomplish the objectives of the open source licensing collaboration, including economic benefit... Copyright holders who engage in open source licensing have the right to control the modification and distribution of copyrighted material.
Good to know the court system can still work!
Sue the ignorant bitch (Pamela Wilderman) her employers, the state, any judge issuing a warrant without cause etc.
Ugh. Firefighters don't need a warrant to enter your home, people:
"Firefighters found more than 1,500 vials, jars, cans, bottles and boxes in the basement Tuesday afternoon, after they responded to an unrelated fire in an air conditioner on the second floor of the home."
I didn't RTFA in detail
Well, you probably should have. And I mean the actual newspaper article, not the sensationalistic blog post. Here's a quote from the article:
Mr. Deeb's home lab likely violated the regulations of many state and local departments, although officials have not yet announced any penalties.
"He's been very cooperative," Ms. Wilderman said. "I won't be citing him for anything right at this moment."
I find it troubling that hobbyists are less trusted than corporations (assuming that these same experiments, performed by a corporation, would pose no problem - which I think the above quote pretty clearly implies).
Running a company is going to require a number of licenses and inspections, depending on the type of work you do. Health or safety inspectors may come to examine your shop. You may be required to file compliance reports. None of that's true for a hobbyist's basement.
Now, there's a good reason for that - "hobbyist" implies small-scale work that doesn't require inspections or regulation, because it's not the sort of thing that poses a safety hazard to anyone except perhaps the hobbyist. But when you're dealing with someone who has what sounds like a full scale lab and lots of stored chemicals, you've moved out of the category of "hobbyist."
According to the screenshot, the video was titled "Beijing Olympics Opening Ceremony." It's not about censorship, it's about copyright, and was probably automatically removed based just on the title.
What, does the IOC have copyright on the word "Olympics"?
I imagine they're objecting to the image of the five colored rings that's shown in the video for a second or two. And if that's the case, this is a total abuse of a copyright infringement claim.
First, you'd think that showing the rings for a time that's probably less than 2% of the entire clip would qualify as fair use. Secondly, there's an issue of free speech. Are we no longer allowed to identify organizations by their logos?
In the Baltimore area, there's the Greater Baltimore Hamboree and ComputerFest every spring. My uncle, an electrical engineer, took me once when I was in high school, and I've been back several times since.
It's a blast! Make sure you browse the outdoor tables, too. This place really exemplifies the adage "One person's trash is another person's treasure."
Exhibit A will, I suspect, lead to many, MANY more compromises now then would have happened had they given their presentation.
You really think so? (Also, I assume you're talking about "Exhibit 1", not "A"). But really, there's nothing that exciting in those few pages. They say they know the algorithm for calculating the checksum on the Charlie Tickets, but they don't disclose it. Then, they discuss a previously known flaw in MiFare Classic.
I'd say anyone intelligent enough to use the information in that document would have been intelligent enough to find it elsewhere.
If true, one would think the MBTA would have little to back up an injunction.
I'd tend to agree. Though MBTA's argument is that the undergrads aren't disclosing everything, so MBTA can't assess the true threat to their systems, thus why they sought the injunction.
I'm kind of surprised the undergrads have not disclosed everything to the MBTA. Why wouldn't they? If they are truly interested in improving MBTA's security, they ought to.
On the other hand, they might be reluctant to do so because of the risk of legal action. I don't have a Charlie Card on me (haven't been in Boston recently), but a lot of similar cards have statements saying they are the property of whoever issues them, and that tampering with them is illegal.
At least from what's in the linked PDF, the undergrads' work is not all that impressive. They look at both the CharlieTicket (magstripe) and the CharlieCard (RFID).
Hacking the CharlieTicket sounds fairly trivial. Magstripe cards are extremely easy to read and write to, and documentation on how to do this with homemade equipment is all over the Internet. The undergrads' work essentially consists of figuring out how the 6-bit checksum is being calculated (though it's not disclosed in the linked documents). This is probably the most difficult thing that they did.
Hacking the CharlieCard, which is a MiFare Classic, is more involved, but the undergrads used a previously known attack, simply duplicating it. (Some might call that the behavior of a "script kiddie"?) There's hardly anything novel about this.
I am continually amazed by the fact that so many people fail to see a significant difference between any individual (you, me, a cop) taking photos or video in a public place, and a company like Google taking photos across cities and permanently posting those photos on a publicly available website.
There is a reasonable expectation that individuals, even police, are not going to be driving around entire cities continually taking photos and posting them permanently online. Our current laws and behavior are based on that expectation.
The fact is, Google's Street View is doing something very different than what you are talking about, and on a much larger scale. While it may not be illegal (and who knows, state laws probably vary as to whether it is or not), it's certainly novel and unexpected, and it's not at all unreasonable for people to wonder if it's appropriate.
What if a cop drives by while buying your supply, or your wife comes outside and sees you chatting with a hottie? No difference.
No difference? You've got to be kidding me. The difference is that a photo is taken, and made publicly accessible online for who knows how long. Cops and your wife aren't doing that.
The problem with automatically removing the movable objects is it takes quite a lot of frames with them in different positions. While the pics before and after a particular picture can help you'd still need about 30 seconds worth of photos to let the objects move.
I don't buy it that Google can't purchase or develop image recognition software that could eliminate or at least blur people and cars. I've heard of software that blurs windows to outdoor security cameras, and that seems like a harder task to accomplish.
It's just as well that people typically only get on and off buses which are stopped :) With trains there are often ticket operated barriers which never move.
Funny as it sounds, I used a smart-card system for the buses in French city where it was quite common to be validating your card after the bus had left the station. It was crowded, so it took some time to reach the scanner! There were usually two, one at the front of the bus, and one a little further in (and sometimes one was broken).
That's a pretty weak argument. All you need is a laptop with a cellular data connection. If you really have places where you can't get a cell signal, get the cell company to add a picocell at the bus stops or add a Wi-Fi hot spot. Odds are you won't have to add too many of them in any major metro area.
Well, I'm not the one making the argument, I'm just going by what I see being implemented in transit systems. Storing the value on the card means fast retrieval and processing, and no reliance on a network. What if the data links drops for some reason? What if it takes longer than usual to connect? Transit systems have schedules to keep (ideally!).
Furthermore, it's easy to say "get the cell company to add a picocell at the bus stops", but it's not as if a transit system can simply mandate that it be done. Who's going to pay for it? And at what point does the expense of ensuring reliable network connectivity become greater than simply expecting a certain percentage of fraud? After all, this is a transit system we're talking about, not a bank.
If you have access to somebody else's card, yes. Otherwise, if you are able to steal access, your number space is too small. Use a 256-bit number (or 1024-bit if you're really paranoid) and ensure that new numbers are assigned randomly within that space so that your odds of picking a valid number are remarkably close to zero.
I know. That's why I talked about copying. Plus, given that with things like gift cards, the identifier is often written on the card itself, sometimes you don't even need to have a card reader to get the information. Or, you have security leaks. When I was an undergrad, the University of Maryland inadvertently exposed the ID numbers of the entire university population through its LDAP entries. Those same IDs were used as identifiers on the magstripe cards that gave building access, and dining hall access.
What does free speech have to do with releasing software that will help people steal from the transit system?. It sound criminal to me, assisting people to steal.
Right... because clearly that's what the MIT students are trying to do. Help people steal. That was their plan all along...
It couldn't have anything to do with revealing flaws in RFID-based transit card systems that are being increasingly adopted by state and local governments all across the nation, and for that matter, the world. It couldn't have anything to do with shaming a government agency into actually getting on the ball and working with its contractor to improve security of its system. It couldn't have anything to do with plain and simply academic curiosity.
What's it got to do with free speech? Maybe that we think they ought to have the freedom to not only do the work they've done, but talk about it as well?
Maybe put the amount on the card, so the bus doesn't have to call home every time someone steps on a bus, but at least keep all transactions in a database so they can check for fraud after the fact.
I think you hit the nail on the head with this. I don't know about the Charlie card system, but the issue with many transit cards is that it's difficult or impossible for moving vehicles to always be able to check in with the network database to determine the value of an account. So the account value has to be stored on the card.
This is exactly like storing the value of your ATM or gift card on the card itself. But with ATMs and gift cards, the terminal where you use them is always going to have network access (or if it doesn't you probably won't be able to use the card).
Of course, even just storing an account number or identifier on a card doesn't make it fraud-proof. Magstripe cards are trivially easy to re-encode with only a few dollars worth of equipment. Copying these can mean defeating physical access systems, being able to use someone else's gift card balance, or worse.
Is MBTA actually going to get the card system provider to fix the problem? Because from what I've seen, you'll have a hard time even getting the department and the contractor to admit that the problem exists. And even if they do admit it, is the solution going to be any more than "it's unlikely people will exploit this"?
That sort of attitude seems to be how Maryland feels about its AccuVote TS voting machines. Three independent reviews have all revealed flaws with them, but we're still using them, despite the fact that those flaws essentially mean that the contractor has violated its agreement with the State.
Furthermore, I doubt much criminal activity is going to result from releasing the information. Only a few people are going to have the time and patience to actually follow the exploit through, and if the system is well-designed (though apparently it may not be), modifying card data shouldn't be able to damage or disrupt the system.
I'm betting moral rights didn't enter the equation because normal people wouldn't be thinking that far ahead in how to fuck someone over.
Wow, someone's a little bitter. Unfortunately, in 1834, the Supreme Court disagreed with you. In Wheaton v. Peters, the court ruled against the notion of a common law copyright (the idea that copyright is a natural or moral right which statues simply recognize). And if you for some reason don't like Wikipedia, you can read about it here, as well, in the analysis of Article I, Section 8 of the U.S. Constitution (see page 262):
A divided Court held in favor of Peters on the legal question. It denied, in the first place, that there was any principle of the common law that protected an author in the sole right to continue to publish a work once published... The exclusive right which Congress is authorized to secure to authors and inventors owes its existence solely to the acts of Congress securing it...
You're missing my point. Sure, expressing pretty much any sort of preference for a society can be called a moral issue. My point is that copyright was not originally an issue of an author's moral or natural rights, or an issue of "fairness."
Does it even occur to you before you spout the kind of knee-jerk crap quoted above that that overwhelming majority of copyright infringement going on on-line today is ripping off material released so recently that even the original copyright terms would easily have covered it (assuming it has even been released to the public yet at all)?
Here's a question - as technology has improved, why on earth are we witnessing increased terms? If anything, the term ought to have been reduced. It's orders of magnitude easier in this day and age to distribute and profit from copyrighted material than it was when they copyright term was originally established as 14 years. Creators need much less time to bring in profits, in great part thanks to the Internet that also enables this infringement. All that popular media you're thinking of only has a shelf-life of a few years at best, anyway. 14 years is way too long for today's movies and music, if you ask me.
Mr. Beckerman, I don't know if you'll have a chance to respond to this, but I'm kind of itching to ask after reading something.
It seems to me that the whole copyright debate has shifted from what was originally an issue of economic incentive to an issue of natural and moral rights. The starving artist is invoked not only to inspire our sympathy, but because we're told to think that it's only fair for someone to be able to control their ideas.
Now, according to the analysis of the copyright clause of the Constitution available here, there is no natural, moral, initial, or other right of exclusive use. I.e., the only reason the rights exist are because of the copyright clause - it's not that the copyright clause was expressing a natural right that pre-existed:
Wheaton, while denying this assertion of fact, further contended that the statute was only intended to secure him in his pre-existent rights at common law. These at least, he claimed, the Court should protect. A divided Court held in favor of Peters on the legal question. It denied, in the first place, that there was any principle of the common law that protected an author in the sole right to continue to publish a work once published. It denied, in the second place, that there is any principle of law, common or otherwise, which pervades the Union except such as are embodied in the Constitution and the acts of Congress. Nor, in the third place, it held, did the word "securing" in the Constitution recognize the alleged common law principle Wheaton invoked. The exclusive right which Congress is authorized to secure to authors and inventors owes its existence solely to the acts of Congress securing it, 1446 from which it follows that the rights granted by a patent or copyright are subject to such qualifications and limitations as Congress, in its unhampered consultation of the public interest, sees fit to impose.
So my question is, is this Wheaton v. Peters idea still in force? Or has the law evolved since then to find some sort of natural right? If not, doesn't that make so much of the copyright debate ultimately misguided?