Yes, we're in agreement that the number of 65,000 is a flat-out deception, and that the actual number of
H1-B's working in this country is vastly greater. At least 6-times greater, and more like 10 times the
so-called limit of 65,000.
According to Business Week, there were "an estimated 700,000 holders of H1B
and L1 visas in the U.S., and critics say the number may be closer to 1
million." (http://www.businessweek.com/magazine/content/03_3 4/b3846032.htm)
This was in 2003 alone, at the very worst part of the dot-com bust. So yes, the visa limit number is a
pure deception of the total number working in this country. A more honest statement would be to portay
the number as 390,000. But this absurdly low number would be too shocking for the American public.
And contrary to your attempt to gloss over it, it's not that simple. Here's a quote from Wikipedia:
"The actual size of the H-1B program is difficult to gauge due to exemptions from the 85,000-person
quota limit. 130,497 new H-1B visas were approved in FY 2004 and 116,927 in FY 2005."
(http://en.wikipedia.org/wiki/H-1B_visa).
The exemptions aren't nearly so clear cut as you portray them in your attempt to downplay the numbers.
Read the article for some more of the exemptions. And that's not even counting the ones who overstay
their Visa and remain here illegally, considering that this whole program is not policed effectively.
And again, contrary to your attempts to downplay this issue, the L1-B's are extremely relevant to this
discussion. They provide yet another direct loophole to the H1-B program. It allows companies to bypass
the H1-B program completely. Unless you're arguing that we should eliminate the L1-B program completely?
Hmmm. Somehow I don't expect to hear you say that.
The point remains that people are being mislead by the common suggestion that there's a limit of 65,000 H1-B's in the U.S.. Indeed, you mentioned some of the loopholes used to by-pass it. And there are many other loopholes, such as the L1-B's, which adds even more.
These numbers are staggering; and it's no wonder why new C.S. students find it discouraging to enter the field in the U.S..
It's also interesting that the last number available in the DHS publication is also strikingly close to the number of 400,000 that Bill Gates was pushing for recently (after his original proposal of limiting the restrictions).
This H1-B Visa issue limit is pretty much of a scam. Cisco for one uses tons
of L1-B's from Wipro to by-pass this restriction regularly. I imagine that
others do too.
Add to this the fact that there's really no effective enforcement going on,
this "limit filled in one day" just reeks of political fodder to push for
more Visas.
Surprisingly, there are indeed some actual real numbers published on the number of H1-B
admissions into the U.S., from the Department of Homeland Security. These
numbers appear to confirm that there are a lot more H1-B's entering the
country than the Visa limit would suggest.
Wow - the Geek squad must have mod points. Anything critical of Speakeasy is getting mod'd offtopic or redundant.
I agree this really sucks. Though I don't have Speakeasy, I've heard nothing but glowing praise from people who do have them, and I'm sad to see a good competitor go down the toilet.
This raises the question as to whether there are any reasonable alternatives to Speakeasy left? Some ISP which will allow one to run servers, is reasonably honest (no false bandwidth throttling claims) and a cluefull tech support based in the U.S.. Or reasonably close on these.
Please spare me from suggesting either the Phone Companies or the Cable Companies.
"This will change, it has before and it will again. Dictatorship just don't work, it ain't the natural state of affairs."
That's basically what was said back when the Roman Republic fell. The Roman Imperial rule lasted for about 400-500 years. Though there were brief thoughts and talk of returning to the Republic, it never happed.
Those who forget History are doomed to repeat it.
While you might argue that "We're different now", I would also point out that we're really not. We've been passing laws to strip away rights for decades, and the Supreme Court has been upholding them. Take, for example, the Japanese internment during WWII. Although there was lip service paid to how wrong it was much later, the Supreme Court upheld the decision. More importantly, Congress has never put in place new laws to prevent it from happening again.
You can expect this to take place in the future when we've had yet another panic attack. The laws are all set up for this. Only now it can be done in secret. Indeed, there are Prisons being built in the mid-west right now which have this as their optional charter.
I'd like to share your optimism. But I see nothing which supports it except some political lipservice.
While I thought this was clear, apparently it wasn't. If you read the reference, it was to an article published by PC World about PC sales in general. The thought of Dell being such a large supplier of Linux PC's just isn't possible.
The article is titled "HP Beats Dell in PC Sales. Fourth-quarter tallies show Dell's global PC sales declined."
It's also limited to the top 5 vendors. If you dispute the numbers, you might want to contact the author at PC World.
I agree that the comment is stupid, but not for the same reasons. First, there are already companies which are dedicated to putting Linux on PCs and Laptops.
More importantly, Dell is fading fast in the marketplace (as everyone who's read the press on them knows). So if they don't want to support Linux, then fine. HP will.
"It looks to me like HP is responding to what customers are asking for, while Dell is clinging to Microsoft's subsidies. The top 5 vendors look like this:
1. HP - 17.4%
2. Dell - 14.5%
3. Lenovo - 7.1%
4. Acer - 6.6%
5. Toshiba - 3.7%"
If Dell doesn't want to listen to customers and support Linux, that's quite fine by me. I'll vote by taking my dollars elsewhere. Sending business to Dells competition is the single best way to send Dell a message.
And if Dell doesn't listen, they'll continue to go under. That's quite fine by me too. It will allow the other Linux vendors to prosper.
"Not only that, but JTAG can't get everything; not every register is in the scan chain, and not every register contains something that you can figure out without the source."
I completely disagree. What JTAG can, or can't, get is explicitly up to the CPU manufacturer. It's a fairly flexible architecture. I think you've forgotten the original purpose of JTAG.
And your suggestions still don't cover the issue of discrepancy between what's in the caches and what's in RAM. You'd have to come up with some new mechanism (and circuitry) to get that, whereas current JTAG implementations are usually all set to do this.
"Having attached hardware scan bits through JTAG could also be considered too risky for that 'legal' reason the researcher's presentation talks about."
Any approach can be considered too risky when it involves attached hardware. Honestly, if an attacker has physical access to your box, all bets are off.
Personally, I'd like to see the entire PCI architecture redesigned. This time, with what has been learned kept in mind (and which should've been obvious from the start).
That's an interesting thought. A collaborative effort in purchasing an x86 JTAG ICE might fly. I suppose if one got enough people together to distribute the costs, in exchange for a guaranteed minimum amount of time with the box, it might work.
But it's far more likely that someone will just offer more detailed services for a higher price. Or you can rent one probably for about $1,500 per month.
The other alternative, building one's own, requires getting under NDA with Intel. But even that's no guarantee. What I understand from talking to the people who make this box is that they have to do quite a bit of reverse engineering in order for it to fully work - and that's after being under a tight NDA and having access to Intel's internal docs.
Intel is one of the worst (if not THE worst) chip company to do business with. They just don't care about you unless you are buying lots and lots of CPUs. It's truly horrible trying to get any information out of them even when you're on good terms with them. So much so, that they drive people into using their competitors products.
If Intel would open up a little, and actually allow easier access to the JTAG command chain, yes, I'd love to do this. So would all of the companies which make JTAG ICEs. But I don't expect this to happen in this millinium.
"I'm thinking about motherboard manufacturers adding a special port which would allow for *direct* (this time really "direct") access to RAM and potentially some other critical resources like e.g. CPU system registers and maybe even caches," she said.
You can already do this, with many common CPUs. It's called JTAG. In short, it allows you to control the CPU directly, so that you can do exactly what Ms. Rutkowska proposes. That includes by-passing the caches and getting direct access to memory.
JTAG is what embedded people use to port an O.S. to a new hardware platform. And to debug really tough kernel problems. It beats the snot out of printks anyday. And there are certain sections of boot-code and kernel code where it is extremely difficult and annoying to develop without JTAG.
There are two immediate problems with JTAG however. The first is that not all CPUs support it. Believe it or not, I've met CPU designers who have never heard of JTAG (and this is usually a clue that they don't know what the heck they are doing).
The second problem is that some CPU manufacturers consider the JTAG interface proprietary. Intel is one (there's only one JTAG debugger available for x86, and it will cost you between $5,000 - 15,000 depending on what you get). That is absolutely silly, as these can be built for well under $500.
Why they keep the JTAG API interface proprietary is beyond me. I have yet to hear a non-lame excuse yet.
But in any case, the point is that this problem has already been solved. It's surprising to me that anyone seriously doing forensics wouldn't be using JTAG already, for the reasons that Ms. Rutkowska suggests.
While it's more general than for just the college-student lawsuits, it's still an eyeopener for the layperson on how this scam works. What's especially interesting is how to fight this in the earliest stage. But you need a lawyer quickly.
I'm posting this in the hopes that, if more people know how to fight this extortion, the harder it will become for the RIAA to continue
"Please elaborate on this. I don't think it is possible for them to do this undetected, and if it isn't undetected by the banks then it is also reversible (transactions can be cancelled/declared fraudulent..etc)."
Forgive me, but I really would rather decline than elaborate on a public board. It's that lack of Safe Harbor procedures and provisions which I mentioned. Let alone the potential negative impact.
If you wish to understand more, I suggest that you speak with some top seasoned IT people (non-managers) in the banking industry to get an idea of what things are really like. And yes, I do know about the standards and approaches that are used for deployment in the banking industry. My original assertion, that technology is developed without understanding the security weaknesses stands, and this is an example which underscores the point.
The best public parallel examples are with the Phone company and Kevin Mitnick; even as recently as a few years ago with his testimoy at that trial in Las Vegas.
Honestly, if this were an attempt to bring us down for good, it would simply be far, far easier to just use the backend offices of the banks which have been offshored, and take out our economic system.
The amount of confusion and damage that this could do would be enormous. And it would have the added benefit (to the attacker) of leaving the hard assets (buildings, people) in place, unlike an actual war. These could be simply bought up later, rather cheaply.
There are different ways to root a country. Actual destruction is the most expensive and inefficent approach there is.
The real cause of these cyberspace attacks is that the U.S. government has actively encouraged them. First, the Feds have actually punished Government employees who have tried to stop these attacks.
Read The Invasion of the Chinese Cyberspies (And the Man Who Tried to Stop Them) This is a variation on a common theme of the attitude of the U.S. government, unfortunately. Protecting the U.S. appears not to be a priority.
The second biggest problem is that the Federal Government has set up a hostile enviroment to discourage Security Research. Security researches are threatened with prosecution, jail time and civil lawsuits that can bankrupt them. The common occurance is when a Researcher reports a problem with a flaw in a product. There are no Safe Harbor procedures or provisions in any Federal law which allow this to happen so that society in general can benefit.
This has had a rather chilling effort on the IT industry as a whole. There is no safe way to study real cracking, so our students (and industry workers) really don't understand how the bad guys work. This also has the added downside that new technologies are developed without any real understanding (or even concern) of what the attack vectors are. MS Windows is the best known example. Javascript is the second best.
Had the U.S. implemented Safe Harbor provisions, we'd be in far better shape to deal with hostile attacks, throughout the entire industry.
While the offshoring of jobs has had an effect, without the above two points we'd still have this problem. Furthermore, if we had shored up and expanded our efforts in Security Research, we would be a lot more resistant to backoffice exploits.
It is also obvious that security can't be offshored. So if the Federal government had made security a priority, your original point would be moot.
Well, honestly, every year (over the past couple of years at least) has seen several companies or groups claiming to be the first Open Source cell phone effort.
The GPE project is no exception. They are predated by about a couple of years by
OpenEZX . It appears to have been around since 2005.
GPE might be bringing more applications to the party. And more P.R.. But they just aren't the first.
Last year, it was Trolltech. And as you note, it isn't fully open. Furthermore, it's closed in arguably the most critical fashion. Namely, the device driver. Unfortunately, Trolltech selected a Broadcom chip. And if you've ever worked with Broadcom, this is a very bad sign. Their software quality sucks big time. So there are probably buffer overflows and other problems in the driver which just won't ever get fixed.
Then there have been the Java phones that have been touting BS about being an "Open Source" phone (one of them actually won an award a year ago as an "Open Source" phone at JavaOne). The only thing Open Source is the application layer, not the OS or the low level hardware. But again, each of them issues a Press Release proclaiming to be the first Open Source phone, and the media gobbles it up.
I've forgotten the other claims. But every 6-12 months, there's yet another group and another announcement.
So, yes, this is a lot of hoopla. And IMHO, it's a discredit to the GPE group to be making this noise. They should be honest if they want credibility.
But IMHO, this is all yesterday's news. The most interesting thing currently going on is the Open Source Software and HARDWARE effort being done by The Homebrew Mobile Phone Club . The effort here is to release everything, including schematics, so that anyone can use COTS parts to build their own cellphone, from scratch.
But regardless of who was first, it is very nice to see all of these efforts going into finally opening up the cell phone market. This is a far cry from where things were 5 years ago.
If Apple wins the actual rights to Cisco's trademark, then computer-based accessories won't be allowed to use the name. Here's what the trademark covers:
"Goods and Services IC 009. US 021 023 026 036 038. G & S: computer hardware and software for providing integrated telephone communication with computerized global information networks. FIRST USE: 19970606. FIRST USE IN COMMERCE: 19970606"
Browsing the TESS database there is always amusing. For example, I see 10 live claims pending for the "iPhone" trademark, and one dead claim. It will be really amusing if the USPTO grants those other claims, as at least some look like they would infringe.
The real question is whether Cisco's claim is still valid though. IMHO (IANAL), this claim has been lost. In which case Apple would have yet another battle to fight, if any of those claims are granted.
Finally (hey, I said I found this stuff amusing), you can look up the registrations for "GNU". It's 2861936.
And for "Linux", it's 1916230. Yes, GNU was registered after Linux.
I agree that competition is good for the consumer, but I have to wonder what the effect will really be on their AMD servers. In the server biz, there's a LOT more to it than today's CPU-intensive benchmarks. The other big thing is IO bandwidth, and this is where AMD has been far more competitive than Intel is. AMD appears to be able to continue this lead, based on both companies claimed roadmaps, the last time I looked.
One can only shove so much data across a single bus, and AMD seems to have realized this, while I don't see this as easily done from Intel.
One of the cool things about AMD is the Hypertransport bus. This allows one to offload various peripherals easily onto separate busses, while still allowing them to be shared across CPU's. Offloading PCI peripherals (for example) onto different busses allows one to achieve higher IO bandwidth. In contrast, Intel's current approach seems to be to shove more and more CPU's onto the same bus.
It's as if Intel has completely forgotten about how to keep the CPU busy - that's the main name of the game, and has been for years (to say the least). Idle CPUs are useless, and the more idle CPUs there are, the sillier it is, IMHO.
And AMD appears to be capable of outdoing Intel in the bandwidth area, for both memory and bus bandwidth.
So it looks to me like AMD will continue to be ahead of Intel as far as top-end server solutions go.
In short, I find this particular move puzzling. Sun has traditionally backed the best performance design, and I see Intel still lagging here overall. This strikes me as more of a marketing move, not a real engineering one. It will be interesting to see how popular these Intel-based servers remain.
Google is your friend here; it's amazing what kind of information you can
find if you know how to look. Also, there's been discussion on various mailing lists.
Regarding Linux, just call Platform Solutions up and ask. One can't keep this sort of
thing a secret; certainly not from their customers.
The impact on Linux is up to a Judge to decide. Given IBM's vast number of Patents, the point is that IBM can shut anything down on Linux that they so choose. And that they are starting to exercise this power now.
This is not what a good member of the Open Source community does.
I'm sorry, but Linus is absolutely dead wrong when he says:
"both DRM technology and GPLv3 will cause "lots of arguments" but in the bigger scheme of things, neither will stop good technology from prevailing."
He doesn't seem to be aware of the current actions to limit his options here.
The problem is that IBM appears to be trying to take control
of Linux via software patents. Specifically, censoring it when a Linux
solution gives them competition that they don't like.
And they are doing this in the fashion of a Patent Troll, with some
rather questionable software patents.
What is especially disconcerting is that if IBM wins this lawsuit,
it means they will have extreme influence (if not effective control) over
most (if not all) Linux products out there, given IBM's vast Patent trove.
Note very well that this is what people were worried about with Microsoft
and Novell. The sad news here is that this may have
already arrived, via IBM. Which is probably why IBM wants to keep this quiet.
Hello - where's the Linux community on this one? People (myself included)
were up in arms when Microsoft and Novell tried to skirt the GPL. IBM's
approach strikes me as much worse. It's here. Now.
While Linus would like to keep adding good technology to the kernel, if
IBM's lawsuit is allowed to stand, Linus doesn't seem to recognize that
his options may be taken away from him. He will no longer be able to
publish software without IBM's blessing.
What's next? Is he going to need Microsoft/Novell approval after that?
The only option that I can see is the GPL v3 license approach. One wonders
how long Linus can keep ignoring this issue. It would be much better if he
were taking a proactive approach here, because simply ignoring the issue doesn't seem to be working.
Perhaps. But that doesn't detract from the main point that IBM is using Software Patents to quash a Linux-based technologoy that they don't like.
Or, in otherwords, IBM has decided to try and censore a Linux solution. Given how much they've contributed to the kernel, and how many patents they have, I personally find this frightening.
If this is allowed to continue, I can't think of anything that they can't shut down which uses Linux. This is exactly what has been one of the key fears with the Novell/Microsoft deal. Only here, we've gotten it from what used to be a trustworth source.
Now, you might argue that taking control of the Linux market is in their best interests. That may well be true. But people haven't discovered yet what the real potential for harm is (heck, I've only discovered it myself recently). And people need to wake up here.
Oh, with all due respect, I think you are seriously understating the problem.
IBM explicitly demonstrated this only too well last month.
What isn't getting reported (at least not on Slashdot, for whatever reason)
is that IBM's current actions are schizophrenic, if you view them in the
best possible light. In the worst possible light, these actions can be viewed
as an attempt to by-pass the Patent Office. To make absolutely certain that
the big guys retain control over the process, and aren't pestered again
by the little guys.
A superb example of this is the fact that IBM is ACTIVELY fully supportive of
Software Patents, and has even used what appear to be rather bogus ones
(against a company which is using Linux, no less), in order to stifle the
competition.
I'm speaking about IBM's lawsuit last month against Platform Solutions.
Here's one quote and link from a press article:
There are other links if you do a Google search; but it's pretty clear that
IBM wants to keep this as quiet as possible.
The point remains though, that IBM is being extremely agressive with Software
Patents, against what appear to be Linux-based products. And anything IBM says
about "improving the quality" is utter BS. Their priority is to improve the
bottom line.
Sorry if that pops some people's bubbles about IBM. There is no question that
IBM has been helpful to the Open Source community. But it's quite clear that
this only goes so far. And as long as they are actively working as a Patent
Troll to stifle competition, IBM cannot be trusted.
Let us hope that it doesn't go so far as submarine patents. But honestly,
I've never seen a big company play nice out of the goodness of their heart yet,
when it comes to their competition.
IBM might have struck me as leaning that way before last month. But not any more.
"Curious that he left out 'make good software' and 'support'... "
You've hit it right on the head. There are quite a few things Balmer is leaving out; and what he's not saying speaks volumes. He's also deliberately not saying that Microsoft wishes to become a good citizen of the Linux community.
Or, in short, what he's telling us is that Microsoft is up to its old tricks again. One needs to ignore the smoke and mirrors, and instead read between the lines.
That's why I object to Novell's deal. What they have done is to deliberately attempt to go around the rules that everyone must play by. That's not being a good member of the community; that's telling everyone else to f*** off, they don't have to play by the normal rules. Pure sleeze, which is the unfortunate norm of the closed source world. I had expected better from Novell.
If Microsoft and Novell wish to foster respect and trust, they need to play by the GPL and not try to figure out ways to go around it.
It's a bit more than just a modem, as it allows for voice transmissions, not just data. Classical modems didn't.
If, by "the GSM network" you're referring to the radio-wave transmissions, yes, you are correct. I thought it was clear from the context that I am referring to the user-level interface to the transceiver module.
Or, to make it more clear, I'm referring to the proprietary drivers that are on this phone. My point is that it doesn't have to be this way, and this company missed an opportunity to provide a more Open Source phone than what is currently out there. As it stands right now, there are several other phones in this category.
Absolutely so! Here's the state of the art
on
A Truly Open Linux Phone
·
· Score: 4, Interesting
Well, you're just not familiar with what's going on in the Open Source
Phone world.
First of all, the Carriers have little choice here. Fully functional
Reference kits are available in the under $1000 range. For GSM, you can
get them for about $200-300. These are the kits that companies who build
cell-phones use to jumpstart their designs. So what's a Carrier going to do?
Outlaw these? And kill development for cell-phones? I don't think so.
The most they might do is to tighten down on the registration. But that
involves overhead and hassle. Unless these kits prove to be an issue, it's
not going to happen; at least not with the GSM market. And not worldwide.
You are also wrong about the "time wasters" who supply low volume and low
profit phones. What the Carriers want (at least some of them) is to
sell the airtime. Some of these Carriers really don't care where it goes,
as long as they get paid for it.
There's a whole resale market here which underscores the point. You want to
to become your own cell-phone company? You can, if you have the money. And if
you don't think *those* resellers are hungry, you're kidding yourself.
I admit that as far as the standard view about "time wasters" goes (for
the big companies) you are correct. And it's explicitly been this attitude
which has severely hindered innovation in the cell-phone market. There are
a plethora of uses for small markets. Some of the hungrier carriers
fully realize this, and are supportive of anything which will make them money.
Finally, the lockdown on GSM transceivers is a bit silly. The interface
is extremely simple; it's a variation of the old Hayes Modem interface.
I kid you not. "ATDT....". There's even an Open Source Project for this.
Here's the link:
Finally, there's even a group dedicated to a fully Open Source phone.
Namely, the Silicon Valley Homebrew Mobile Phone Club. They are having
a meeting tomorrow night in San Francisco. Here's a link to their mailing
list archives:
Check out the list, and the information on various associated websites. There's really a groundswell building in this area. And those Carriers which close things off are going to miss an opportunity that their competitors are actively interested in.
Slashdot Mirror
According to Business Week, there were "an estimated 700,000 holders of H1B and L1 visas in the U.S., and critics say the number may be closer to 1 million." (http://www.businessweek.com/magazine/content/03_3 4/b3846032.htm)
This was in 2003 alone, at the very worst part of the dot-com bust. So yes, the visa limit number is a pure deception of the total number working in this country. A more honest statement would be to portay the number as 390,000. But this absurdly low number would be too shocking for the American public.
And contrary to your attempt to gloss over it, it's not that simple. Here's a quote from Wikipedia: "The actual size of the H-1B program is difficult to gauge due to exemptions from the 85,000-person quota limit. 130,497 new H-1B visas were approved in FY 2004 and 116,927 in FY 2005." (http://en.wikipedia.org/wiki/H-1B_visa).
The exemptions aren't nearly so clear cut as you portray them in your attempt to downplay the numbers. Read the article for some more of the exemptions. And that's not even counting the ones who overstay their Visa and remain here illegally, considering that this whole program is not policed effectively.
And again, contrary to your attempts to downplay this issue, the L1-B's are extremely relevant to this discussion. They provide yet another direct loophole to the H1-B program. It allows companies to bypass the H1-B program completely. Unless you're arguing that we should eliminate the L1-B program completely? Hmmm. Somehow I don't expect to hear you say that.
These numbers are staggering; and it's no wonder why new C.S. students find it discouraging to enter the field in the U.S..
It's also interesting that the last number available in the DHS publication is also strikingly close to the number of 400,000 that Bill Gates was pushing for recently (after his original proposal of limiting the restrictions).
Add to this the fact that there's really no effective enforcement going on, this "limit filled in one day" just reeks of political fodder to push for more Visas.
Surprisingly, there are indeed some actual real numbers published on the number of H1-B admissions into the U.S., from the Department of Homeland Security. These numbers appear to confirm that there are a lot more H1-B's entering the country than the Visa limit would suggest.
The DHS document (The 2005 Yearbook of Immigration Statistics) is at: http://www.dhs.gov/xlibrary/assets/statistics/year book/2005/OIS_2005_Yearbook.pdf
I'm quoting the following from a discussion on dice.com at: http://seeker.dice.com/olc/thread.jspa?threadID=49 2&tstart=15
"Temporary workers and Trainees:" Specialty Occupations(H-1B):
YEAR - H-1B visas Admitted
1996 - 144,458
1997 - 240,947
1998 - 302,421
1999 - 355,065
2001 - 384,191
2002 - 370,490
2003 - 360,498
2004 - 386,821
There are a number of other excellent quotes on the above thread on Dice. It's well worth reading.
I agree this really sucks. Though I don't have Speakeasy, I've heard nothing but glowing praise from people who do have them, and I'm sad to see a good competitor go down the toilet.
This raises the question as to whether there are any reasonable alternatives to Speakeasy left? Some ISP which will allow one to run servers, is reasonably honest (no false bandwidth throttling claims) and a cluefull tech support based in the U.S.. Or reasonably close on these.
Please spare me from suggesting either the Phone Companies or the Cable Companies.
That's basically what was said back when the Roman Republic fell. The Roman Imperial rule lasted for about 400-500 years. Though there were brief thoughts and talk of returning to the Republic, it never happed.
Those who forget History are doomed to repeat it.
While you might argue that "We're different now", I would also point out that we're really not. We've been passing laws to strip away rights for decades, and the Supreme Court has been upholding them. Take, for example, the Japanese internment during WWII. Although there was lip service paid to how wrong it was much later, the Supreme Court upheld the decision. More importantly, Congress has never put in place new laws to prevent it from happening again.
You can expect this to take place in the future when we've had yet another panic attack. The laws are all set up for this. Only now it can be done in secret. Indeed, there are Prisons being built in the mid-west right now which have this as their optional charter.
I'd like to share your optimism. But I see nothing which supports it except some political lipservice.
While I thought this was clear, apparently it wasn't. If you read the reference, it was to an article published by PC World about PC sales in general. The thought of Dell being such a large supplier of Linux PC's just isn't possible.
The article is titled "HP Beats Dell in PC Sales. Fourth-quarter tallies show Dell's global PC sales declined."
It's also limited to the top 5 vendors. If you dispute the numbers, you might want to contact the author at PC World.
More importantly, Dell is fading fast in the marketplace (as everyone who's read the press on them knows). So if they don't want to support Linux, then fine. HP will.
From last week's article on "Huge Linux Desktop deals get HP thinking" , there was this excellent quote by Scott7477:
"It looks to me like HP is responding to what customers are asking for, while Dell is clinging to Microsoft's subsidies. The top 5 vendors look like this:
1. HP - 17.4%
2. Dell - 14.5%
3. Lenovo - 7.1%
4. Acer - 6.6%
5. Toshiba - 3.7%"
If Dell doesn't want to listen to customers and support Linux, that's quite fine by me. I'll vote by taking my dollars elsewhere. Sending business to Dells competition is the single best way to send Dell a message.
And if Dell doesn't listen, they'll continue to go under. That's quite fine by me too. It will allow the other Linux vendors to prosper.
I completely disagree. What JTAG can, or can't, get is explicitly up to the CPU manufacturer. It's a fairly flexible architecture. I think you've forgotten the original purpose of JTAG.
And your suggestions still don't cover the issue of discrepancy between what's in the caches and what's in RAM. You'd have to come up with some new mechanism (and circuitry) to get that, whereas current JTAG implementations are usually all set to do this.
"Having attached hardware scan bits through JTAG could also be considered too risky for that 'legal' reason the researcher's presentation talks about."
Any approach can be considered too risky when it involves attached hardware. Honestly, if an attacker has physical access to your box, all bets are off.
Personally, I'd like to see the entire PCI architecture redesigned. This time, with what has been learned kept in mind (and which should've been obvious from the start).
But it's far more likely that someone will just offer more detailed services for a higher price. Or you can rent one probably for about $1,500 per month.
The other alternative, building one's own, requires getting under NDA with Intel. But even that's no guarantee. What I understand from talking to the people who make this box is that they have to do quite a bit of reverse engineering in order for it to fully work - and that's after being under a tight NDA and having access to Intel's internal docs.
Intel is one of the worst (if not THE worst) chip company to do business with. They just don't care about you unless you are buying lots and lots of CPUs. It's truly horrible trying to get any information out of them even when you're on good terms with them. So much so, that they drive people into using their competitors products.
If Intel would open up a little, and actually allow easier access to the JTAG command chain, yes, I'd love to do this. So would all of the companies which make JTAG ICEs. But I don't expect this to happen in this millinium.
You can already do this, with many common CPUs. It's called JTAG. In short, it allows you to control the CPU directly, so that you can do exactly what Ms. Rutkowska proposes. That includes by-passing the caches and getting direct access to memory.
JTAG is what embedded people use to port an O.S. to a new hardware platform. And to debug really tough kernel problems. It beats the snot out of printks anyday. And there are certain sections of boot-code and kernel code where it is extremely difficult and annoying to develop without JTAG.
There are two immediate problems with JTAG however. The first is that not all CPUs support it. Believe it or not, I've met CPU designers who have never heard of JTAG (and this is usually a clue that they don't know what the heck they are doing).
The second problem is that some CPU manufacturers consider the JTAG interface proprietary. Intel is one (there's only one JTAG debugger available for x86, and it will cost you between $5,000 - 15,000 depending on what you get). That is absolutely silly, as these can be built for well under $500.
Why they keep the JTAG API interface proprietary is beyond me. I have yet to hear a non-lame excuse yet.
But in any case, the point is that this problem has already been solved. It's surprising to me that anyone seriously doing forensics wouldn't be using JTAG already, for the reasons that Ms. Rutkowska suggests.
The RIAA vs. John Doe, a layperson's guide to filesharing lawsuits
While it's more general than for just the college-student lawsuits, it's still an eyeopener for the layperson on how this scam works. What's especially interesting is how to fight this in the earliest stage. But you need a lawyer quickly.
I'm posting this in the hopes that, if more people know how to fight this extortion, the harder it will become for the RIAA to continue
Forgive me, but I really would rather decline than elaborate on a public board. It's that lack of Safe Harbor procedures and provisions which I mentioned. Let alone the potential negative impact.
If you wish to understand more, I suggest that you speak with some top seasoned IT people (non-managers) in the banking industry to get an idea of what things are really like. And yes, I do know about the standards and approaches that are used for deployment in the banking industry. My original assertion, that technology is developed without understanding the security weaknesses stands, and this is an example which underscores the point.
The best public parallel examples are with the Phone company and Kevin Mitnick; even as recently as a few years ago with his testimoy at that trial in Las Vegas.
The amount of confusion and damage that this could do would be enormous. And it would have the added benefit (to the attacker) of leaving the hard assets (buildings, people) in place, unlike an actual war. These could be simply bought up later, rather cheaply.
There are different ways to root a country. Actual destruction is the most expensive and inefficent approach there is.
The real cause of these cyberspace attacks is that the U.S. government has actively encouraged them. First, the Feds have actually punished Government employees who have tried to stop these attacks. Read The Invasion of the Chinese Cyberspies (And the Man Who Tried to Stop Them) This is a variation on a common theme of the attitude of the U.S. government, unfortunately. Protecting the U.S. appears not to be a priority.
The second biggest problem is that the Federal Government has set up a hostile enviroment to discourage Security Research. Security researches are threatened with prosecution, jail time and civil lawsuits that can bankrupt them. The common occurance is when a Researcher reports a problem with a flaw in a product. There are no Safe Harbor procedures or provisions in any Federal law which allow this to happen so that society in general can benefit.
This has had a rather chilling effort on the IT industry as a whole. There is no safe way to study real cracking, so our students (and industry workers) really don't understand how the bad guys work. This also has the added downside that new technologies are developed without any real understanding (or even concern) of what the attack vectors are. MS Windows is the best known example. Javascript is the second best.
Had the U.S. implemented Safe Harbor provisions, we'd be in far better shape to deal with hostile attacks, throughout the entire industry.
While the offshoring of jobs has had an effect, without the above two points we'd still have this problem. Furthermore, if we had shored up and expanded our efforts in Security Research, we would be a lot more resistant to backoffice exploits.
It is also obvious that security can't be offshored. So if the Federal government had made security a priority, your original point would be moot.
Yes, hbmobile.org is the correct link. Thank you for correcting my bad cut-n-paste.
The GPE project is no exception. They are predated by about a couple of years by OpenEZX . It appears to have been around since 2005.
GPE might be bringing more applications to the party. And more P.R.. But they just aren't the first.
Oh, and this article is basically a dup of the previous announcement: http://linux.slashdot.org/article.pl?sid=07/02/05/ 130208.
Granted, this is a reposting from Dr. Dobbs. But it's basically the same info.
Last year, it was Trolltech. And as you note, it isn't fully open. Furthermore, it's closed in arguably the most critical fashion. Namely, the device driver. Unfortunately, Trolltech selected a Broadcom chip. And if you've ever worked with Broadcom, this is a very bad sign. Their software quality sucks big time. So there are probably buffer overflows and other problems in the driver which just won't ever get fixed.
Then there have been the Java phones that have been touting BS about being an "Open Source" phone (one of them actually won an award a year ago as an "Open Source" phone at JavaOne). The only thing Open Source is the application layer, not the OS or the low level hardware. But again, each of them issues a Press Release proclaiming to be the first Open Source phone, and the media gobbles it up.
I've forgotten the other claims. But every 6-12 months, there's yet another group and another announcement.
So, yes, this is a lot of hoopla. And IMHO, it's a discredit to the GPE group to be making this noise. They should be honest if they want credibility.
But IMHO, this is all yesterday's news. The most interesting thing currently going on is the Open Source Software and HARDWARE effort being done by The Homebrew Mobile Phone Club . The effort here is to release everything, including schematics, so that anyone can use COTS parts to build their own cellphone, from scratch.
But regardless of who was first, it is very nice to see all of these efforts going into finally opening up the cell phone market. This is a far cry from where things were 5 years ago.
"Goods and Services IC 009. US 021 023 026 036 038. G & S: computer hardware and software for providing integrated telephone communication with computerized global information networks. FIRST USE: 19970606. FIRST USE IN COMMERCE: 19970606"
This is from USPTO Trademark Registration #2293011
Browsing the TESS database there is always amusing. For example, I see 10 live claims pending for the "iPhone" trademark, and one dead claim. It will be really amusing if the USPTO grants those other claims, as at least some look like they would infringe.
The real question is whether Cisco's claim is still valid though. IMHO (IANAL), this claim has been lost. In which case Apple would have yet another battle to fight, if any of those claims are granted.
Finally (hey, I said I found this stuff amusing), you can look up the registrations for "GNU". It's 2861936. And for "Linux", it's 1916230. Yes, GNU was registered after Linux.
One can only shove so much data across a single bus, and AMD seems to have realized this, while I don't see this as easily done from Intel.
One of the cool things about AMD is the Hypertransport bus. This allows one to offload various peripherals easily onto separate busses, while still allowing them to be shared across CPU's. Offloading PCI peripherals (for example) onto different busses allows one to achieve higher IO bandwidth. In contrast, Intel's current approach seems to be to shove more and more CPU's onto the same bus.
It's as if Intel has completely forgotten about how to keep the CPU busy - that's the main name of the game, and has been for years (to say the least). Idle CPUs are useless, and the more idle CPUs there are, the sillier it is, IMHO.
And AMD appears to be capable of outdoing Intel in the bandwidth area, for both memory and bus bandwidth.
So it looks to me like AMD will continue to be ahead of Intel as far as top-end server solutions go.
In short, I find this particular move puzzling. Sun has traditionally backed the best performance design, and I see Intel still lagging here overall. This strikes me as more of a marketing move, not a real engineering one. It will be interesting to see how popular these Intel-based servers remain.
Here's a link with the patent numbers: http://www.itjungle.com/big/big121206-story01.html
Regarding Linux, just call Platform Solutions up and ask. One can't keep this sort of thing a secret; certainly not from their customers.
The impact on Linux is up to a Judge to decide. Given IBM's vast number of Patents, the point is that IBM can shut anything down on Linux that they so choose. And that they are starting to exercise this power now. This is not what a good member of the Open Source community does.
"both DRM technology and GPLv3 will cause "lots of arguments" but in the bigger scheme of things, neither will stop good technology from prevailing."
He doesn't seem to be aware of the current actions to limit his options here.
The problem is that IBM appears to be trying to take control of Linux via software patents. Specifically, censoring it when a Linux solution gives them competition that they don't like.
And they are doing this in the fashion of a Patent Troll, with some rather questionable software patents.
I've mentioned this before; here's the link again. "IBM's decision to sue Platform Solutions is another indication that the company is becoming more aggressive about defending its intellectual property in an effort to extract more revenue from its extensive patent trove."
What is especially disconcerting is that if IBM wins this lawsuit, it means they will have extreme influence (if not effective control) over most (if not all) Linux products out there, given IBM's vast Patent trove.
Note very well that this is what people were worried about with Microsoft and Novell. The sad news here is that this may have already arrived, via IBM. Which is probably why IBM wants to keep this quiet.
Hello - where's the Linux community on this one? People (myself included) were up in arms when Microsoft and Novell tried to skirt the GPL. IBM's approach strikes me as much worse. It's here. Now.
While Linus would like to keep adding good technology to the kernel, if IBM's lawsuit is allowed to stand, Linus doesn't seem to recognize that his options may be taken away from him. He will no longer be able to publish software without IBM's blessing.
What's next? Is he going to need Microsoft/Novell approval after that?
The only option that I can see is the GPL v3 license approach. One wonders how long Linus can keep ignoring this issue. It would be much better if he were taking a proactive approach here, because simply ignoring the issue doesn't seem to be working.
Perhaps. But that doesn't detract from the main point that IBM is using Software Patents to quash a Linux-based technologoy that they don't like.
Or, in otherwords, IBM has decided to try and censore a Linux solution. Given how much they've contributed to the kernel, and how many patents they have, I personally find this frightening.
If this is allowed to continue, I can't think of anything that they can't shut down which uses Linux. This is exactly what has been one of the key fears with the Novell/Microsoft deal. Only here, we've gotten it from what used to be a trustworth source.
Now, you might argue that taking control of the Linux market is in their best interests. That may well be true. But people haven't discovered yet what the real potential for harm is (heck, I've only discovered it myself recently). And people need to wake up here.
What isn't getting reported (at least not on Slashdot, for whatever reason) is that IBM's current actions are schizophrenic, if you view them in the best possible light. In the worst possible light, these actions can be viewed as an attempt to by-pass the Patent Office. To make absolutely certain that the big guys retain control over the process, and aren't pestered again by the little guys.
A superb example of this is the fact that IBM is ACTIVELY fully supportive of Software Patents, and has even used what appear to be rather bogus ones (against a company which is using Linux, no less), in order to stifle the competition.
I'm speaking about IBM's lawsuit last month against Platform Solutions. Here's one quote and link from a press article:
"IBM's decision to sue Platform Solutions is another indication that the company is becoming more aggressive about defending its intellectual property in an effort to extract more revenue from its extensive patent trove."
There are other links if you do a Google search; but it's pretty clear that IBM wants to keep this as quiet as possible.
The point remains though, that IBM is being extremely agressive with Software Patents, against what appear to be Linux-based products. And anything IBM says about "improving the quality" is utter BS. Their priority is to improve the bottom line.
Sorry if that pops some people's bubbles about IBM. There is no question that IBM has been helpful to the Open Source community. But it's quite clear that this only goes so far. And as long as they are actively working as a Patent Troll to stifle competition, IBM cannot be trusted.
Let us hope that it doesn't go so far as submarine patents. But honestly, I've never seen a big company play nice out of the goodness of their heart yet, when it comes to their competition.
IBM might have struck me as leaning that way before last month. But not any more.
Exactly. The moon has potential resources which can be used to maintain a colony. ISS-type orbitals don't.
The author of this article seems to have forgotten that the Moon is an orbital body of the Earth, too.
You've hit it right on the head. There are quite a few things Balmer is leaving out; and what he's not saying speaks volumes. He's also deliberately not saying that Microsoft wishes to become a good citizen of the Linux community.
Or, in short, what he's telling us is that Microsoft is up to its old tricks again. One needs to ignore the smoke and mirrors, and instead read between the lines.
That's why I object to Novell's deal. What they have done is to deliberately attempt to go around the rules that everyone must play by. That's not being a good member of the community; that's telling everyone else to f*** off, they don't have to play by the normal rules. Pure sleeze, which is the unfortunate norm of the closed source world. I had expected better from Novell.
If Microsoft and Novell wish to foster respect and trust, they need to play by the GPL and not try to figure out ways to go around it.
If, by "the GSM network" you're referring to the radio-wave transmissions, yes, you are correct. I thought it was clear from the context that I am referring to the user-level interface to the transceiver module.
Or, to make it more clear, I'm referring to the proprietary drivers that are on this phone. My point is that it doesn't have to be this way, and this company missed an opportunity to provide a more Open Source phone than what is currently out there. As it stands right now, there are several other phones in this category.
First of all, the Carriers have little choice here. Fully functional Reference kits are available in the under $1000 range. For GSM, you can get them for about $200-300. These are the kits that companies who build cell-phones use to jumpstart their designs. So what's a Carrier going to do? Outlaw these? And kill development for cell-phones? I don't think so.
The most they might do is to tighten down on the registration. But that involves overhead and hassle. Unless these kits prove to be an issue, it's not going to happen; at least not with the GSM market. And not worldwide.
You are also wrong about the "time wasters" who supply low volume and low profit phones. What the Carriers want (at least some of them) is to sell the airtime. Some of these Carriers really don't care where it goes, as long as they get paid for it.
There's a whole resale market here which underscores the point. You want to to become your own cell-phone company? You can, if you have the money. And if you don't think *those* resellers are hungry, you're kidding yourself.
I admit that as far as the standard view about "time wasters" goes (for the big companies) you are correct. And it's explicitly been this attitude which has severely hindered innovation in the cell-phone market. There are a plethora of uses for small markets. Some of the hungrier carriers fully realize this, and are supportive of anything which will make them money.
Finally, the lockdown on GSM transceivers is a bit silly. The interface is extremely simple; it's a variation of the old Hayes Modem interface. I kid you not. "ATDT....". There's even an Open Source Project for this. Here's the link:
http://sourceforge.net/projects/libgsmc
Finally, there's even a group dedicated to a fully Open Source phone. Namely, the Silicon Valley Homebrew Mobile Phone Club. They are having a meeting tomorrow night in San Francisco. Here's a link to their mailing list archives:
http://telefono.revejo.org/pipermail/svhmpc_telefo no.revejo.org/
Check out the list, and the information on various associated websites. There's really a groundswell building in this area. And those Carriers which close things off are going to miss an opportunity that their competitors are actively interested in.