Slashdot Mirror


User: gnasher719

gnasher719's activity in the archive.

Stories
0
Comments
5,926
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 5,926

  1. Re:Read beyond the summary. on HDCP Master Key Revealed · · Score: 1

    Important point: it's not like some random tech at Sony got fired and decided to blow the whole thing wide open. If it's a leak, it's a leak from just one or two specific keyholders at Intel, who developed the system. But it doesn't have to be: any random person with 40 different Blu-Ray players and a whole lot of cleverness could potentially figure this out.

    Back when I cared about HDCP, the number I heard was that you actually needed 77 device keys to crack the master key. Could be that 40 keys give you enough information if you are lucky enough and there is no redundancy in the data, and 77 are needed to guarantee a crack. Back then I thought HDCP is nonsense, because it protects from copying by recording the output of a video card before it goes to the monitor - and the amount of data is just so enormous that nobody would copy that way.

    In the end, the same argument says that this is not any kind of victory against evil DRM. It doesn't affect future readability of video data - any graphics device driver could just not turn on HDCP (except there would be large contractual fines), so if the government needed to read a Blu-Ray DVD that is protected with HDCP, they could just ask NVidia to build them a graphics driver to play it without DVD, and ask Microsoft to sign that driver. It doesn't affect anybody in real use - unless your intention was to grab the output of your video card. It used to be a bloody inconvenience because many TVs and monitors didn't support HDCP, but now everybody does, so the user is not inconvenienced anymore.

  2. Re:So that's why the UW mail system went down on New Email Worm Squirming Through Windows Users' Inboxes · · Score: 1

    But as you point out seat belts only work if people use them, and if you remember, there was a lot of resistance to the idea despite the evidence that seat belts save lives. My grandmother refuses to wear one to this day because it's "uncomfortable."

    My grandchildren were told that my car cannot drive unless everyone is using their seatbelts. Eventually they figured out it was actually _me_ who doesn't drive :-) Didn't change the fact that the car wouldn't move without them wearing seatbelts. Maybe you should use that approach with your grandmother.

    The other argument is of course that I most definitely won't have anyone sitting _behind me_ without seatbelt. I don't want to die because someone else doesn't want to wear a seatbelt.

  3. Re:Not Quite on Court Says First Sale Doctrine Doesn't Apply To Licensed Software · · Score: 2, Informative

    In the case of consumer software, people often don't have much choice. The EULA is presented to them after the purchase and after they've already opened the package to install the software. Naturally, vendors and resellers won't accept opened software packages or refund them, so that customer can either accept the EULA or be the proud owner of a new shiny frisbee.

    Please look at this more carefully. So you handed over money for a box with a DVD, you stick the DVD into your computer to install the software, and the EULA shows. Here are your choices:

    1. Agree to the EULA, install and use the software. You have no first sale right anymore if the EULA says so.
    2. Don't agree to the EULA, install and use the software. You had no right to install the software and therefore committed copyright infringement.
    3. Don't agree to the EULA, return the software to the store. They won't like it at all, but they have to return your money.
    4. Don't agree to the EULA, don't install it, sell it to someone else. Perfectly legal.

    Note that in the case discussed the software was installed, sold to Vernor quite clearly in breach of the license, and the question was whether Autodesk could stop Vernor, or if they could only successfully sue the party who sold the software to Vernor. It was always quite clear that Autodesk could sue _someone_ successfully.

  4. Re:Yay! on Court Says First Sale Doctrine Doesn't Apply To Licensed Software · · Score: 1

    BTW, buying the software is agreeing to the EULA.

    Not quite. Agreeing to the EULA is finalising the contract. Taking the software off the shelf, handing over money to the salesperson, and leaving with the software is _not_ buying, and it is not entering into a contract. Until you agree to the EULA there is no valid contract yet. That means you are not bound by the EULA, but you also have no right to use the software. And the seller has to take the software back and return your money if you decide not to agree to the EULA.

  5. Re:I used iTunes many years ago and it was horribl on Flawed iTunes Stands Out Among Apple's Products · · Score: 4, Insightful

    Apple just HAD to be different. It was using just file names and id3 tags to sort songs in playlists, so "Unknown Artist", "Doors" and "The Doors" were all different, even though on my PC they were all under the same folder. This was annoying beyond belief, but I wanted to fix the id3 tags anyway at some point.

    There is the principle here that a song is a self-contained unit, it knows where it belongs all on its own. If you took hundred songs from my iTunes Library, copied them all into one single directory, and imported them into your iTunes Library, everything would end up exactly where it belongs.

  6. Re:Experience is a Gift... on Tech's Dark Secret, It's All About Age · · Score: 4, Insightful

    I have yet to see a developer fresh out of school even know what a SQL injection is, let alone code to prevent it.

    I am not an SQL developer. So when I heard about this SQL injection business, curious as I was I had to figure out what it was and how it was done. When I finally found a web page explaining it, all I could think was: What the fuck. Only an absolute complete idiot would ever, ever take the contents of a user entered text field and plug it as it is into a string that is constructed to form a query. Not even in dBase would you do that. What a fuckup.

    Seriously, I wouldn't have know what an SQL injection is because, well, it is like I have never thought about how dangerous and life threatening it would be to stop breathing, or to take a bath with the face _in_ the water instead out of _out_ the water. When I first about "SQL injection" I thought it had to be some really clever hack that you had to be really careful about, but no, you only get SQL injections through code created by a total and utter imbecile.

  7. Re:Experience is a Gift... on Tech's Dark Secret, It's All About Age · · Score: 1

    The legal game is seriously rigged against the white, middle class male at this point in our society. They've become easy fodder: it used to be blacks or women would be quickly let go for this or that, but now it's white men. In many cases, it seems worse than how it "used to be", because the provocation is so freaking negligible so as to not matter.

    There was a case in England quite recently where a white male successfully sued his ex-employer, a major lawfirm, for sexual + racial discrimination. Apparently the slimeboys had to let someone go, the candidates in question were this white male and a black woman, and they decided that sacking the black woman would get them into trouble. So they conducted an objective review which one was better for the job - and rigged it so that he would lose.

  8. Re:True patriots on Just Where Is The Lincoln Memorial, Anyhow? · · Score: 1

    and more than half don't believe in evolution. That makes me a sad panda. :(

    So how many Europeans think there is no evolution in the USA?

  9. Re:His commanding officer... on PowerPoint Rant Costs Colonel His Job · · Score: 2, Interesting

    In another article I read there are some 1800 LT colonels, and 700 actual troop commanding jobs for them in the british army. that is just asking for trouble.

    You got your numbers wrong. One of these lieutenant colonels is supposed to command 700 troops. The number was that there are about 100 times that many in the British army, so 100 LT colonels would be needed. Out of 1800. Not 700, but 100.

  10. Re:iTunes and Palm Pre on Sony Halts Sales of PS3 Jailbreak Dongle · · Score: 1

    As for the rest of your post.. yes - that's why Company X is quite right to only accept Company X keyboards, mice and webcams, and Microsoft-approved external drives, printers, scanners, etc. to connect to their computers and/or interface with their software. You know.. for security reasons.

    That's not what Apple did. They only accepted devices that claimed to be Apple iPods when they were indeed Apple iPods. You would have a point if the Palm Pre claimed it was a Palm Pre and was rejected; it would be absolutely fine if Apple rejected any device that identifies itself as an Epson scanner, for example, but wasn't actually an Epson scanner. In the case of the iPod, Apple isn't selling music with DRM anymore, but I'm sure their old contracts are still intact that don't allow them to download DRM'd music onto any players other than Apple iPods. Not on devices that claim to be Apple iPods, but devices that actually _are_ Apple iPods.

  11. iTunes and Palm Pre on Sony Halts Sales of PS3 Jailbreak Dongle · · Score: 3, Interesting

    This reminds me of the situation with iTunes and the Palm Pre. Basically, the Palm Pre had a USB interface that claimed there was an Apple iPod, so that iTunes would transfer music to the device. Then Apple added code to iTunes to detect devices that _claimed_ to be Apple iPods, but were not actually Apple iPods, so this Palm Pre feature broke, and after another round of changing the Palm Pre interface and Apple again detecting it, Palm gave up.

    Now this article proves that a USB device under control of an attacker is a possible attack vector. Which means that Apple was quite right, for security reasons, to refuse connection to dodgy devices. Of course this attack is slightly different; seems they first attacked the USB system software itself by plugging in intentionally broken USB devices, but it is quite conceivable that iTunes could be attacked by a USB device pretending to be an iPod (presumably anything that doesn't pretend to be an iPod, like the broken USB devices in this attack, would never make it to the iTunes software).

  12. Re:They released it under the BSD license? on Glibc Is Finally Free Software · · Score: 1

    Serious question: can I take a PD work verbatim and claim authorship? Or more precisely, in which countries can I do this?

    One country where you can _not_ do it is Germany. They have distinct rights; one is similar to copyright, which allows you to control copying and make money from the works, and one is the right to claim authorship. And only the author can ever, ever have the right to claim authorship. It is a right that cannot be sold, that cannot be lost. If you wrote it, then nobody else can ever gain the legal right to claim they wrote it.

  13. Re:Wait what...Oracle isn't being evil...? on Glibc Is Finally Free Software · · Score: 1

    Seriously, based on the article Oracle probably could have chosen to go all copyright infringement lawsuit-happy on every Linux vendor known to man. But instead they relicensed the old code under a free license...*checks the temperature in Hell*

    No, they couldn't. They could only claim copyright infringement if you distributed their code against their own license, and that license said you are free to distribute their code, except you cannot sell Sun's, now Oracle's code, unmodified on its own. I doubt that anyone did that.

  14. Re:Slow Day for Negative Apple News? on Apple Exec Stashed $150,000 In Shoe Boxes · · Score: 1

    More so, this is kind of a big deal in the geek and tech industry. If this doesn't qualify as news than I have absolutely no understanding of the word. I would say that the employee of one of the top tech companies being caught in a scam where he made off with over $1 million dollars is quite certainly news for nerds and stuff that matters.

    I think Microsoft caught an employee a few years ago who bought software from their employee's store really cheap (and not things like Windows, but the more expensive server software with tons of licenses) and then sold it. That ran into multiple millions of damages. I could imagine his "customers" believed that they were buying from Microsoft.

  15. Re:How about on Look-Alike Tubes Lead To Hospital Deaths · · Score: 1

    I love how the summary and focus here is on making the nurses and the industry happy ("nurses shouldn't have to work in an environment where this kind of mistake can be made"), yet no-one mentions the slightly disconcerting possibility for a patient of having a blood-pressure air-pump tube hooked into a blood vein.

    How is this about making the nurses and industry happy? If "nurses shouldn't have to work in an environment where this kind of mistake can be made" then it means patients are not in an environment where nurses can make this kind of mistake. Believe me, you and your relatives are much more unhappy when things go wrong than the nurse.

  16. Re:Ummm Personal responsibility? on Look-Alike Tubes Lead To Hospital Deaths · · Score: 4, Insightful

    Whatever has happened to personal responsibility? Why is this such a problem? If a nurse is doing their job, then they will follow the tubing back to the source to ensure that they are connecting the right ones. Why is this so hard? If you're a nurse at a station and you want to ensure that you have the correct tubes. Take a moment and label them yourselves if you are that busy.

    I would like to reply to this instead of marking it down as "-10 clueless" because people should read why it is clueless.

    The goal here is not to find someone to blame when a patient dies, the goal is to reduce the likelihood of a patient dying in the first place. The goal here is not to find ways how to make a nurse take more time looking after a patient in order to do a proper job, because that only allows them to be pressured into rushing things when they have to meet goals like looking after so many people per hour.

    You are going on about the personal responsibility of the nurse, what about the personal responsibility of their f***ing manager? One of the things a manager does is goal setting, and a very important aspect is not to set conflicting goals and arrange things so that a nurse trying to meet one goal will be on their way to meet the others. You are trying to make speed + safety contradictory goals, a sure recipe for disaster. Safety is best handled in such a way that it is unavoidable, not in such a way that it can be done away with to meet other goals.

    Another principle that has served me very well while driving a car: People make mistakes. Accept that as a fact, no matter how careful they are, people make mistakes. In road traffic, mistakes only lead to accidents of other drivers don't manage to react to mistakes. So you do two things: Drive so that others can react to your mistakes and avoid accidents for you, and drive expecting others to make mistakes and fix them for them. (This also makes it a lot less stressful, when you take all the stupid things people do as just normal things and don't get excited about them).

  17. Re:app store lock in will kill macs and the law ma on Apple Patent Points To iMac Touch Running OS X and iOS · · Score: 1

    or makeing windows software where it's free for free apps with no Nazi like censorship and if you want to sell stuff you don't have to pay M$ 30% of the sale.

    Nazi like censorship? So who did Apple murder recently? Any names? If they survive, it's not "Nazi-like".

    And you are welcome to sell your software on a market stall, but you will have to pay significant money for the stall. Maybe a door-to-door sale then. Knock on everyone's door, up and down the street. That is about the only way you can keep 100% of your sales, and you will likely have more cost in replacing worn out shoes than you make from your software.

  18. Re:iMac running iOS on Apple Patent Points To iMac Touch Running OS X and iOS · · Score: 1

    I don't think this is flamebait. And you may have a point, though you are obviously exaggerating. One of the big features that was supposed to come out with 10.6 and still might be with 10.7 was trusted applications. Either all desktop apps come from a trusted source (a key at apple) or you have to use a command line override to get them to install. The idea being that viruses, etc... become virtually impossible to spread.

    It happens, it is just not visible to the user. And it's not "trusted", it is "signed". The only thing that you notice if you know what you are looking for is that certain alerts won't come up. For example, if you have application xyz from company abc installed, you can download an update, and because the OS knows through the signature that it is the same app (just a newer version) it can perform the update without extra permission from you, and the updated app can access for example the keychain in exactly the same way as the original. Without signing, that would cause some alert to come up because the OS cannot trust that the new application xyz is the same as the old one.

  19. Re:i guess apple hasn't learned from MS and IBM on Apple Patent Points To iMac Touch Running OS X and iOS · · Score: 1

    Put it this way, when Ballmer said "Vista is just fine - you're using it wrong", a preponderance of Windows users said "Noooo, no, I don't think so. I'll stick with XP or wait for 7". But when Steve said "You're holding it wrong", the preponderance of iPhone 4 owners said "Yes! YES! I am holding it wrong! It's my fault! Thank you sir, may I have another?"

    No, the majority said "what the f*** are you on about with reception problems? My iPhone works just fine". People who complained loudest about iPhone reception problems were all Android users.

  20. Re:Their equipment, their choice. on Germany To Grant Privacy At the Workplace · · Score: 1

    In several countries, the company is legally liable for anything illegal the employee does using company resources.

    In Germany, the company is legally liable for anything that an employee does that can be viewed as doing their work, including doing it badly, including doing it criminally badly. So if I send a death threat to a customer who complained too often, the company is liable (clearly my job is too keep customers from complaining, we just usually use different methods :-), but the fact that I use company equipment does not by itself make them liable.

  21. Re:Their equipment, their choice. on Germany To Grant Privacy At the Workplace · · Score: 1

    Nope. I INFORM them BEFORE they get hired. If they are not fine with it, they can simply refuse working for me.

    That's a nice thing in Germany; if the employer asks you to agree to something to get a job that by law they are not allowed to ask you to agree to (like giving up your right to privacy), you can freely agree to it, get the job, and if the employer wants to hold you to it, you tell them ..., sorry you politely tell them that these terms were illegal and therefore cannot be enforced.

  22. Re:Their equipment, their choice. on Germany To Grant Privacy At the Workplace · · Score: 2, Insightful

    What a law like this is, more than anything, is a recognition of the inherently unequal balance of power in a (potential) employer-employee relationship. Here in the US we tend to pretend that it's a mostly equal relationship and that all of this sort of thing is properly evaluated as part of the proffered salary. Some people really are studly enough that they can demand and receive anything they want from any employer they want, but the vast majority of the world isn't. In fact I'd be willing to bet the majority of workers simply feel lucky to have a job at all.

    I'd say the principal political mistake is to believe that the state owes companies anything at all. The only thing that should ever count are _people_. Companies obviously need enough protection so that they can work properly to produce jobs, income to employees, goods or services to customers, profit to stakeholders. But the state doesn't owe anything to the company _per se_. Only as far as protecting companies benefits the people.

    Someone was going on here how the fact that he pays people a salary gives him all kinds of right. If that is true, then obviously the employees by giving him their work must also have all kinds of rights. Like having the right to check and intervene when the boss extracts too many profits from the company for his lifestyle, endangering the wellbeing of the company and the jobs of his employees.

  23. Re:Their equipment, their choice. on Germany To Grant Privacy At the Workplace · · Score: 1

    Nowadays, certainly in the UK, performance is usually measured using easy to measure absolute things like how long do you sit in your chair every day, not by measuring actual results.

    In software development, any decent programmer can easily double his productivity according to any possible measurement without any actual change in productivity. The worst is companies taking lines of code to be an asset. It is not. Every line of code is a debt that you will be paying for in future maintenance cost.

  24. Re:Their equipment, their choice. on Germany To Grant Privacy At the Workplace · · Score: 1

    Your employer has the right to expect you to fulfill the terms of your contract. Typically, this means completing your assigned tasks and staying at work for a specific period of time. If Facebook helps my employees to be more productive, then more power to them.

    If employee A does all the work in six hours with two hours on facebook, and employee B does the same work in eight hours, working slower but without facebook breaks, there should be no difference to the employer. Obviously it's a shame that A wastes his time when they could get a bonus or promotion or whatever by working seven or eight hours a day and achieving more, but still the employer gets what they pay for.

  25. Re:Their equipment, their choice. on Germany To Grant Privacy At the Workplace · · Score: 1

    Well, in Germany there are roads where you cannot go over the limit. For the simple reason that there is none. :-)

    There is always the implicit limit that you are not allowed to drive faster than is safe according to the road, weather and traffic conditions. Even if there is no explicit speed limit. If you drive past a police car at 100mph in pouring rain you will be in trouble. There are also some interesting rules about whose fault an accident is. When driving fast you must take into consideration that others will make mistakes; if you don't then an accident is likely your fault. Like you have to expect that someone pulls out to overtake a lorry when you whizzing past them at 120 mph, right in your way. Accident is your fault.