Funny, my portable MP3 player doesn't have any such restrictions on it.
Right, but if the major manufacturers of portable playback devices stop making non-RIAA-compliant devices, MP3 players will fade away, or at least never really make mainstream. If the audio format is not MP3, and MP3 players are no longer produced, the RIAA couldn't care less if there are a handfull of people who can still re-encode music and play it back on their aging MP3 players.
The only way the watermarking can stay secret is if only the copyright owners have the means of reading it.
(* - note: the watermark ALGORITHIM can be made public, if it has cryptographic properties such that you need a secret key to recognize a valid watermark, etc...)
As you say, the watermark algorithm need not be "secret". If your device has your private key in it, it can therefore determine where (frequency and time (location and duration)) the watermark is hiding. If it doesn't find on there, then your player doesn't have the right to listen to the music. If, further, the location is found using the RIAA's public key, nobody could create a "valid" music clip without the RIAA's private key, so you can't just watermark stuff pointing to a random individual.
Well, they will if all (or most of) the major players in the portable music playback world get on board. Besides, DIVX also suffered from marketing problems, the fact that you needed a phone line handy, etc. These devices wouldn't need more than periodic connections to the providers to update the "black list".
Now, if they actually get a law passed saying that all non-RIAA approved player devices are illegal, time to bring some torches to Washington...
Ok, that'd be scary.:) There'll probably be fringe players, and if they achieve sufficient quality/market penetration, the RIAA will have failed this round. However, the major point of all these schemes is to provide a barrier to mass piracy, not to stop it entirely, something which could only happen if piracy became impossible because copyrights were to be abolished or something. If piracy becomes clumsy enough that most people don't pirate, I think the RIAA will be happy. Consider that according to the article, the currently level of piracy is not a true concern to the RIAA. They're just worried that if they don't nip it in the bud, it will become a major problem, and it'll be too late to do anything about it.
As I read stuff like this (and hear things like it in many slashdot quotes), I am reminded of a quote from the Princess Bride:
"Who ever said life is fair? Where is that written? Life isn't always fair."
I mean, what the heck is all this talk about "fair use"? People seem to thing they are born with all these rights which include, among other things, the right to do whatever they want with someone else's IP simply because, to them, they think it's an obvious right. It may seen intuitive to some that when you buy a recording of music, that you're purchasing the right to the underlying sound to use however, wherever and whenever they please. What sense does this make? Where is that written?
This doesn't mean I think that it's any more intuitive that purchasing a recording means purchasing the rights to listen to a recording, say, a given number of times, or only on a given device, or only at a given time, or whatever, but I don't particularly find it any less intuitive either. I may like it less, but that doesn't make it "The Way Things Should Be"(tm).
What's stopping you from converting your cd's to mp3 and making mp3 cds?
Nothing, but portable devices, etc can't play them (in general), and you're a lot more likely to be able to play a music CD at a friend's house/party/poolside/car/wherever than an mp3 cd.
Besides, I'm sure higher density media will take over at some point anyway.
Maybe, but consider than most music CDs are only half full anyway, so it's not like most forms of distributed music are hurting for disc space... and would you really want to pay 10x the money for 10x the content, given that the media will probably contain content from only one artist? I'd much rather have 10 different bands' CDs than 1 really long CD from one band (most groups don't even have enough music to fill, say, a DVD).
But, you missed Fact #5: Fact #5: If the watermark data encodes the identity of a particular user, there is nothing to stop someone from breaking into that guy's house, stealing his computer, and then distributing all his SDMI files, with watermarks identifying that person. Or, more likely, there is nothing to stop someone from using a fake credit card to open a SDMI account, and then distributing the resulting files widely...
Sure there is. Require that a digital device communicate directly and securely with the music vendor when downloading music. Then the music is watermarked both with the vendor (or copyright owner) id and the purchaser's id. Then the decoder uses its private key to verify the watermark and, if it fails, refuses to play. Thus, if you stole a copy of the file, fine, it still won't play on any hardware playback devices, since they'll detect that they weren't the purchaser of the music.
While the watermark is still there, what's going to stop me from using this now highly ordinary WAV file?
Nothing, as long as the final format (MP3, etc) is acceptable. Assuming quality is sufficiently high, there's still the issue of where you can use this music. If you create a new compression format that nobody can listen to, who cares if you've ripped a song into it? (more on this below)
if audio delivery systems of the future have watermark detection that doesn't allow you to play a file if the watermark is present...
Ahh..... but, what if the reverse is true? That is, you can't play the music unless a valid watermark is detected? What if all portable devices (Diamond RIO/Memory Stick walkman/etc) require a valid watermark? If "valid" is defined as, say, signed by the RIAA or BMI, or something, you're toast. Now your "highly ordinary WAV file" isn't worth anything, since the hardware "everyone" is using can't play non-signed music. Sure, you can still play the music on your computer, but you can't burn a CD and play it in your car, or on a trip, or whatever because CD's died out in ~2005 and everyone uses solid-state players which check for the watermark?
They could still allow independants to publish music for these devices, by issuing a signature key to an indie band which the RIAA has signed. Then, if the key is used to sign pirated material, the indie band might be liable for the misuse of the key, or perhaps we all have to update our devices monthly to get an updated "revoked" list or something.
I'm not saying this would work, but there's more to this than simply saying "well, duh, I can stick a microphone next to the speaker..." -User
Yes, but... how 'bout making sed work correctly across lines... eeew...
I love using sed when I can, but it has quite a number of limitations. Besides, did we mention that if you sed'ed your Excel or Access file you'd have a pretty broken file left over.:)
One of the other issues with cool little comand line utils such as these is that while they might be more efficient, for the majority of computer users they represent an insurmoutable (due most often to lack of time/interest rather than ability to learn) obstacle to actually accomplishing anything. That is, moving the mouse to Edit, then Search and Replace or whatever is faster than learning to use sed for the first time. You and I know that in the long run, it might make more sense to learn the more powerful tool, but that's not how the vast majority of users think.
To drift even more off topic, I'd say that this attitude is probably the single most important reason why Linux has a long way to before it stands a prayer of having wide use on the desktop.
Correct me if I'm wrong, but I believe that a gamut is simply a range, or region (since they're usually represented in more than 1 dimension) of colors. In this specific case, various devices are capable of representing different gamuts. There are some colors which are representable in CMYK which simply cannot be described in RGB (negative values for R, G or B channels, for instance), and vice-versa. Thus, if you make an image in RGB mode, and wish to print it on a CMYK device, it may be the case that it contains colors which cannot be represented on the target device. This is when a good imaging package gives you a gamut warning, along the lines of "Warning, the image contains colors which cannot be represented within the gamut of the target device".
I see where you're coming from, and certainly things which have similar user interfaces, etc, are probably not "cross-vulnerable". However, while I agree the similar programs will most likely have different security holes, I'm not sure that applies in this case, since it's arguable that the spread of Melissa and ILOVEYOU had nothing to do with security exploits. That is, if there are two major email clients, both of which wish to provide access to their functionality, including SendMail() and GetAddresses(), etc, they are likely to do so in a similar manner. Thus, the exploitation of these interfaces would be quite similar, if not identical. So, addressing the original poster's comments, just because they've got 4 mail programs on their system doesn't mean they're "safe", if they all have essentially the same API's or similar address book files (perhaps XML), etc.
One thing to think about is that we can have a similar enough look and feel and 'interface' to allow users to use different software without necessarily being forced to all use the exact same products. For instance, if I can drive a Ford or a Toyota, I can adjust to driving a Chevy or a Honda or whatever pretty easily. They aren't exactly the same, the controls may look a little different or be placed slightly different, but it isn't going to keep me from driving. By the same token, if I know how to run one GUI, it doesn't take me long to figure out how to use another.
My point is simply that if we make things "close enough", or if we use
a specification that allows interoperability between products from different vendors.
then we're still vulnerable to a virus. If it's a close enough interface, then I can probably code something to work with multiple variations. I'm not advocating homogenaity of implementation (heck, not even MS purports to do that - multiple system elements may expose the same functionality, even though they are implemented in many different ways (e.g. drivers, etc)), but that if we have near identical interfaces, we're still stuck with the problem.
I think my biggest issue, and I certainly don't have an answer to it, is that there seem to be irreconcilable problems with protecting our data, (and, more difficult, protecting the data of the less techno-savy) and allowing access to the quite legitimate ease of use and powerful features we *could* offer. That is, there are quite a few reasons why a program should allow silent, complete access to a user's address books - perhaps to simplify administration, etc, and yet such functionality means that a malicious email has the same access.
How the heck do we prevent this?
We could, say, ignore unsigned email... but what about anonymity? Ok, so, we *warn* about anonymous emails, but then all it takes is one person to open such an email, and, poof, everyone in their address has a legitimate, signed, from a friend, copy of the offending email...
This sounds like security through obscurity, doesn't it?
If the virus writers have no idea what the system their virus will run on will look like, they can't take advantage of it nearly as well.
While this is true, and indeed a heterogeneous population is indeed more resistant to infection (biologically and otherwise), at what cost? Like it or not, the current push, fueled in no small part by Microsoft, is to have the same look, feel, and, yes, interface, everywhere. Look at Netscape - they want the same user experience everywhere. This thought process occurs in progamming as well (look at Java - hey, and C!), where if the same interfaces exist in multiple places, it'll be easier to interoperate.
Finally, consider the push that everything be standards based (never mind the fact that defacto standards are often better for the world in the long run) - if everything becomes standards based, poof, the heterogenaity is gone.
Finally, I see quite a few posts saying that a good solution is simply to make it harder to use the software. HUH? Well, yeah, it's harder to execute an attachment if you have to save is, chmod it *then* execute it, but what kind of logic is that?
"Hey! Guess what! Now, to open an attachment, you have to answer three Mensa-style logic problems and take the sacred sword to the 3rd level elf in the next village".
I mean, yes, that would reduce infection, but only because it would discourage the access of attachments, and sounds quite like simply denying access to the attachments in general is the logical conclusion to this anyway - if users *really* want access, they'll uuencode the file or something, but Joe user is now stuck with a box that is resistant to infection, but also resists ease of use and functionality.
Finally (and this isn't mentioned in the previous post), people are saying "I never open attachments from strangers". But the whole point is that if you're receiving the mail, you are in the sender's address book, and therefore most likely either know them personally or professionally, so that check isn't sufficient.
On the one hand, Microsoft claims copyright on the text. On the other hand, Microsoft allowed everyone in the world to download it
Huh? There are all sorts of valid, copyrighted materials which are accessible to everyone for free - this doesn't negate the copyright. Examples include nearly any image on any corporate website (among others), indie music on mp3.com, last week's episode of Dawson's creek, etc. While the validity of click-through licenses is yet to be proven, the copyright is most likely still in full effect. By comparison, for example, RedHat's online support database is copyright RedHat... and "All rights [are] rreserved". Whether or not they'd care much if someone posted the contents to/. or a similar forum is a different question.
I must say though that Microsoft seems a bit childish about it. These documents are quite easy to find elsewhere. And I don't see how they would seriously be harmed by this. Though they are probably in their right to ask this.
The problem here is, I think, that unlike patents, copyrights are not selectively enforceable. That is, I seem to recall that if a copyright holder does not notify violators of the copyright that they have, in fact, violated the copyright, then the copyright is no longer held.
So... you must ensure (X >= A) && (X >= B). Note, then, that if (B < A), you *still* have to take resonable security precautions, that is, ensure (X >= A).
I call your attention to a quote from Entrope's post which you ignored:
If you agree to treat certain information as someone else's trade secret and keep it confidential, there are minimal things you must do (regardless of how little you take care of your own confidential information, which you have the a priori right to disseminate). If you knowingly do less, you're still legally liable for violating that confidentiality.
MS says you must take precautions which cannot be less that those with which you protect your own data - it does *not* say, nor does it imply, that such protection (i.e. equal to that with which you protect your documents) is sufficient, merely that less that that is *certainly* insufficient.
Let's let A = "resonable security precautions", B = "the precautions you take with your data", and X = "the precautions you take with *this* data".
the license says: you must take reasonable security precautions, at least as great as the precautions you take to protect your own confidential information
So... you must ensure (X >= A) && (X >= B). Note, then, that if (B = A).
Erm... we need a new/. moderator category: "illegal"
INAL, but I believe that things of the nature of this "trade secret" fall under the same logic as copyrights - that is, as long as the provider, Microsoft, has made a good faith attempt to inform the recipients that the material has certain restrictions - which they have done - the material, and the recipient(s) are indeed bound by the restrictions (unless the restrictions themselves are found to be illegal). You can't download the information directly from MS without being informed of the existence of the license, and thus (assuming the license itself is legal), you are bound by it even if you creatively bypass the license itself.
While individuals who may happen to receive the information through non-MS distribution channels are probably not breaking the license (if they can plausibly be unaware of its existence and circumvention), this is not to say that they are not bound by the "thou shalt not implement" clause, as this right was never bestowed by MS upon the original recipient.
This would be analagous to me stealing something from CmdrTaco and giving it to you, not telling you where I got it from. You don't suddenly own the object, even though you didn't know it was stolen, and would be required to return it to CmdrTaco - and most likely any economic loss you suffered would be owed to you by me, the person who broke the law in the first place.
Right, because, as we all know, on-line auctions encompass all consumers in existence...:)
Another thought is that if someone was selling this at $65 or less (assuming they had a reserve lower than that price), then, somehow, Microsoft allowed them to get a copy for *less* than the price you claim is a fair market price.
(Erm... depite a happy preview, my formatting disappeared when posted... trying again)
Given the fact that a monopolies goods are priced higher than they otherwise would be, MS has hurt anyone who has bought a computer since MS became a monopoly.
...um... the point is that a monopoly could charge more for their products, or that they might stagnate development, not that they automatically do so.
Also, from the FoF:
It is not possible with the available data to determine with any level of confidence whether the price that a profit-maximizing firm with monopoly power would charge for Windows 98 comports with the price that Microsoft actually charges. Even if it could be determined that Microsoft charges less than the profit-maximizing monopoly price, though, that would not be probative of a lack of monopoly power, for Microsoft could be charging what seems like a low short-term price in order to maximize its profits in the future for reasons unrelated to underselling any incipient competitors.
So... the FoF isn't an automatic gimme on determining whether damages are due, nor what the extent would be. I also find the second half... interesting. It reads, to me, like this:
Well... they could have raised the prices, and if we see that this occurred, why, look, they are a monopoly. Just in case we find that this isn't the case, well... there could be some mystical magical other reason why Mr. Evil MS is doing this, we just don't know what it is yet.
...this is not, of course, to say that there wasn't an alterior motive, just that I found that bit to be a little slanted...
Given the fact that a monopolies goods are priced higher than they otherwise would be, MS has hurt anyone who has bought a computer since MS became a monopoly....um... the point is that a monopoly could charge more for their products, or that they might stagnate development, not that they automatically do so. Also, from the FoF: It is not possible with the available data to determine with any level of confidence whether the price that a profit-maximizing firm with monopoly power would charge for Windows 98 comports with the price that Microsoft actually charges. Even if it could be determined that Microsoft charges less than the profit-maximizing monopoly price, though, that would not be probative of a lack of monopoly power, for Microsoft could be charging what seems like a low short-term price in order to maximize its profits in the future for reasons unrelated to underselling any incipient competitors. So... the FoF isn't an automatic gimme on determining whether damages are due, nor what the extent would be. I also find the second half... interesting. It reads, to me, like this: Well... they could have raised the prices, and if we see that this occurred, why, look, they are a monopoly. Just in case we find that this isn't the case, well... there could be some mystical magical other reason why Mr. Evil MS is doing this, we just don't know what it is yet....this is not, of course, to say that there wasn't an alterior motive, just that I found that bit to be a little slanted... -User
You seem to have misunderstood a crucial element: Microsoft is ultimately responsible for these so-called viruses because of their negligence in systems design.
Ignoring for the moment opinions on the quality of MS software, this touches on a question I've often had about Open Source. If there's a gaping hole in, for example, Outlook, and a company loses all its email for the year, they have someone to blame, and potentially hold legally liable. (Assuming that they company wasn't negligent in applying patches, etc). If, however, the same company were to use, oh, for example, Linux, and have the same thing happen, then what? If they downloaded the source from RH's servers and installed it... er... where would they look for legal redress? The multitude of unidentifiable coders who generously gave their time and expertise to write what is, on the whole, an amazing product? Do they *have* anyone to turn to? If, on the otherhand, they bought a copy of the RH distro, and used that, *then* can they sue RH? How about the OEM who sold them the server with Linux pre-loaded? I guess it just seems to me that, along with the product, when you buy an MS product (or most other pieces of software) you're also purchasing the right to blame...
I know I've drifted some from the original topic, but this is one of the aspects of group developed open-source projects which I don't really understand....
The latest Red Hat Linux 6.1 Professional distribution costs $149.95. Note: unlimited clients. While Microsoft® Windows NT® Server 10 Clt Comp Upg w/ WinNT® Option & Svc Pack costs $439.00. Note 10 client license and complete upgrade.
Sure, fine, but this isn't the definition of "Total Cost of Ownership". Yes, the above prices include a mere 10 licenses for NT. However, let's look at the case where we have 100 clients. This means purchasing another 90 licenses (at, I believe ~$30 each) for a total of $2700, or, with the full retail version of NT4 (@ $1130), less than $4000. Compared with $150, that sounds like a lot, and would be a lot for a home user. However - if we assume we've got two sysadmins making $50,000/year, this difference is less that 4% after the first year, 2% after 2, etc. So, if the server requires 3.8%ish percent less work to admin, which of course MS says is the case, you've made the money back right there... I'm not saying that I know for a fact that NT is cheaper to own and run the Linux (or for that matter, that the reverse is true), but the sunk cost of the OS are not as important as it may appear.
Slashdot Mirror
As you say, the watermark algorithm need not be "secret". If your device has your private key in it, it can therefore determine where (frequency and time (location and duration)) the watermark is hiding. If it doesn't find on there, then your player doesn't have the right to listen to the music. If, further, the location is found using the RIAA's public key, nobody could create a "valid" music clip without the RIAA's private key, so you can't just watermark stuff pointing to a random individual.
-User
Ok, that'd be scary.
-User
I mean, what the heck is all this talk about "fair use"? People seem to thing they are born with all these rights which include, among other things, the right to do whatever they want with someone else's IP simply because, to them, they think it's an obvious right. It may seen intuitive to some that when you buy a recording of music, that you're purchasing the right to the underlying sound to use however, wherever and whenever they please. What sense does this make? Where is that written?
This doesn't mean I think that it's any more intuitive that purchasing a recording means purchasing the rights to listen to a recording, say, a given number of times, or only on a given device, or only at a given time, or whatever, but I don't particularly find it any less intuitive either. I may like it less, but that doesn't make it "The Way Things Should Be"(tm).
-User
Maybe, but consider than most music CDs are only half full anyway, so it's not like most forms of distributed music are hurting for disc space... and would you really want to pay 10x the money for 10x the content, given that the media will probably contain content from only one artist? I'd much rather have 10 different bands' CDs than 1 really long CD from one band (most groups don't even have enough music to fill, say, a DVD).
-User
-User
Ahh..... but, what if the reverse is true? That is, you can't play the music unless a valid watermark is detected? What if all portable devices (Diamond RIO/Memory Stick walkman/etc) require a valid watermark? If "valid" is defined as, say, signed by the RIAA or BMI, or something, you're toast. Now your "highly ordinary WAV file" isn't worth anything, since the hardware "everyone" is using can't play non-signed music. Sure, you can still play the music on your computer, but you can't burn a CD and play it in your car, or on a trip, or whatever because CD's died out in ~2005 and everyone uses solid-state players which check for the watermark?
They could still allow independants to publish music for these devices, by issuing a signature key to an indie band which the RIAA has signed. Then, if the key is used to sign pirated material, the indie band might be liable for the misuse of the key, or perhaps we all have to update our devices monthly to get an updated "revoked" list or something.
I'm not saying this would work, but there's more to this than simply saying "well, duh, I can stick a microphone next to the speaker..." -User
Yes, but... how 'bout making sed work correctly across lines... eeew...
:)
I love using sed when I can, but it has quite a number of limitations. Besides, did we mention that if you sed'ed your Excel or Access file you'd have a pretty broken file left over.
One of the other issues with cool little comand line utils such as these is that while they might be more efficient, for the majority of computer users they represent an insurmoutable (due most often to lack of time/interest rather than ability to learn) obstacle to actually accomplishing anything. That is, moving the mouse to Edit, then Search and Replace or whatever is faster than learning to use sed for the first time. You and I know that in the long run, it might make more sense to learn the more powerful tool, but that's not how the vast majority of users think.
To drift even more off topic, I'd say that this attitude is probably the single most important reason why Linux has a long way to before it stands a prayer of having wide use on the desktop.
Correct me if I'm wrong, but I believe that a gamut is simply a range, or region (since they're usually represented in more than 1 dimension) of colors. In this specific case, various devices are capable of representing different gamuts. There are some colors which are representable in CMYK which simply cannot be described in RGB (negative values for R, G or B channels, for instance), and vice-versa. Thus, if you make an image in RGB mode, and wish to print it on a CMYK device, it may be the case that it contains colors which cannot be represented on the target device. This is when a good imaging package gives you a gamut warning, along the lines of "Warning, the image contains colors which cannot be represented within the gamut of the target device".
:)
Also, gamut is fun to say. gamut gamut gamut.
-Adam
Bill Door
But... Death is cool... death may not be, but Death is. He tries so hard too...
I see where you're coming from, and certainly things which have similar user interfaces, etc, are probably not "cross-vulnerable".
However, while I agree the similar programs will most likely have different security holes, I'm not sure that applies in this case, since it's arguable that the spread of Melissa and ILOVEYOU had nothing to do with security exploits. That is, if there are two major email clients, both of which wish to provide access to their functionality, including SendMail() and GetAddresses(), etc, they are likely to do so in a similar manner. Thus, the exploitation of these interfaces would be quite similar, if not identical.
So, addressing the original poster's comments, just because they've got 4 mail programs on their system doesn't mean they're "safe", if they all have essentially the same API's or similar address book files (perhaps XML), etc.
-User
One thing to think about is that we can have a similar enough look and feel and 'interface' to allow users to use different software without necessarily being forced to all use the exact same products. For instance, if I can drive a Ford or a Toyota, I can adjust to driving a Chevy or a Honda or whatever pretty easily. They aren't exactly the same, the controls may look a little different or be placed slightly different, but it isn't going to keep me from driving. By the same token, if I know how to run one GUI, it doesn't take me long to figure out how to use another.
My point is simply that if we make things "close enough", or if we use
a specification that allows interoperability between products from different vendors.
then we're still vulnerable to a virus. If it's a close enough interface, then I can probably code something to work with multiple variations. I'm not advocating homogenaity of implementation (heck, not even MS purports to do that - multiple system elements may expose the same functionality, even though they are implemented in many different ways (e.g. drivers, etc)), but that if we have near identical interfaces, we're still stuck with the problem.
I think my biggest issue, and I certainly don't have an answer to it, is that there seem to be irreconcilable problems with protecting our data, (and, more difficult, protecting the data of the less techno-savy) and allowing access to the quite legitimate ease of use and powerful features we *could* offer. That is, there are quite a few reasons why a program should allow silent, complete access to a user's address books - perhaps to simplify administration, etc, and yet such functionality means that a malicious email has the same access.
How the heck do we prevent this?
We could, say, ignore unsigned email... but what about anonymity? Ok, so, we *warn* about anonymous emails, but then all it takes is one person to open such an email, and, poof, everyone in their address has a legitimate, signed, from a friend, copy of the offending email...
-User
This sounds like security through obscurity, doesn't it?
If the virus writers have no idea what the system their virus will run on will look like, they can't take advantage of it nearly as well.
While this is true, and indeed a heterogeneous population is indeed more resistant to infection (biologically and otherwise), at what cost? Like it or not, the current push, fueled in no small part by Microsoft, is to have the same look, feel, and, yes, interface, everywhere. Look at Netscape - they want the same user experience everywhere. This thought process occurs in progamming as well (look at Java - hey, and C!), where if the same interfaces exist in multiple places, it'll be easier to interoperate.
Finally, consider the push that everything be standards based (never mind the fact that defacto standards are often better for the world in the long run) - if everything becomes standards based, poof, the heterogenaity is gone.
Finally, I see quite a few posts saying that a good solution is simply to make it harder to use the software. HUH? Well, yeah, it's harder to execute an attachment if you have to save is, chmod it *then* execute it, but what kind of logic is that?
"Hey! Guess what! Now, to open an attachment, you have to answer three Mensa-style logic problems and take the sacred sword to the 3rd level elf in the next village".
I mean, yes, that would reduce infection, but only because it would discourage the access of attachments, and sounds quite like simply denying access to the attachments in general is the logical conclusion to this anyway - if users *really* want access, they'll uuencode the file or something, but Joe user is now stuck with a box that is resistant to infection, but also resists ease of use and functionality.
Finally (and this isn't mentioned in the previous post), people are saying "I never open attachments from strangers". But the whole point is that if you're receiving the mail, you are in the sender's address book, and therefore most likely either know them personally or professionally, so that check isn't sufficient.
Sorry for the rant,
User
On the one hand, Microsoft claims copyright on the text. On the other hand, Microsoft allowed everyone in the world to download it
/. or a similar forum is a different question.
Huh? There are all sorts of valid, copyrighted materials which are accessible to everyone for free - this doesn't negate the copyright. Examples include nearly any image on any corporate website (among others), indie music on mp3.com, last week's episode of Dawson's creek, etc. While the validity of click-through licenses is yet to be proven, the copyright is most likely still in full effect. By comparison, for example, RedHat's online support database is copyright RedHat... and "All rights [are] rreserved". Whether or not they'd care much if someone posted the contents to
-User
I must say though that Microsoft seems a bit childish about it. These documents are quite easy to find elsewhere. And I don't see how they would seriously be harmed by this. Though they are probably in their right to ask this.
The problem here is, I think, that unlike patents, copyrights are not selectively enforceable. That is, I seem to recall that if a copyright holder does not notify violators of the copyright that they have, in fact, violated the copyright, then the copyright is no longer held.
-User
(Sorry... cut off (user error))
So... you must ensure (X >= A) && (X >= B). Note, then, that if (B < A), you *still* have to take resonable security precautions, that is, ensure (X >= A).
-User
I call your attention to a quote from Entrope's post which you ignored:
If you agree to treat certain information as someone else's trade secret and keep it confidential, there are minimal things you must do (regardless of how little you take care of your own confidential information, which you have the a priori right to disseminate). If you knowingly do less, you're still legally liable for violating that confidentiality.
MS says you must take precautions which cannot be less that those with which you protect your own data - it does *not* say, nor does it imply, that such protection (i.e. equal to that with which you protect your documents) is sufficient, merely that less that that is *certainly* insufficient.
Let's let A = "resonable security precautions", B = "the precautions you take with your data", and X = "the precautions you take with *this* data".
the license says:
you must take reasonable security precautions, at least as great as the precautions you take to protect your own confidential information
So... you must ensure (X >= A) && (X >= B). Note, then, that if (B = A).
-User
Erm... we need a new /. moderator category: "illegal"
INAL, but I believe that things of the nature of this "trade secret" fall under the same logic as copyrights - that is, as long as the provider, Microsoft, has made a good faith attempt to inform the recipients that the material has certain restrictions - which they have done - the material, and the recipient(s) are indeed bound by the restrictions (unless the restrictions themselves are found to be illegal). You can't download the information directly from MS without being informed of the existence of the license, and thus (assuming the license itself is legal), you are bound by it even if you creatively bypass the license itself.
While individuals who may happen to receive the information through non-MS distribution channels are probably not breaking the license (if they can plausibly be unaware of its existence and circumvention), this is not to say that they are not bound by the "thou shalt not implement" clause, as this right was never bestowed by MS upon the original recipient.
This would be analagous to me stealing something from CmdrTaco and giving it to you, not telling you where I got it from. You don't suddenly own the object, even though you didn't know it was stolen, and would be required to return it to CmdrTaco - and most likely any economic loss you suffered would be owed to you by me, the person who broke the law in the first place.
-User
Yep, just like the price of games, a venue where MS doesn't have any particular market share, has greatly reduced too... or... wait... -User
Right, because, as we all know, on-line auctions encompass all consumers in existence... :)
Another thought is that if someone was selling this at $65 or less (assuming they had a reserve lower than that price), then, somehow, Microsoft allowed them to get a copy for *less* than the price you claim is a fair market price.
-User
Given the fact that a monopolies goods are priced higher than they otherwise would be, MS has hurt anyone who has bought a computer since MS became a monopoly.
Also, from the FoF:
So... the FoF isn't an automatic gimme on determining whether damages are due, nor what the extent would be. I also find the second half... interesting. It reads, to me, like this:
Well... they could have raised the prices, and if we see that this occurred, why, look, they are a monopoly. Just in case we find that this isn't the case, well... there could be some mystical magical other reason why Mr. Evil MS is doing this, we just don't know what it is yet.
-User
Given the fact that a monopolies goods are priced higher than they otherwise would be, MS has hurt anyone who has bought a computer since MS became a monopoly. ...um... the point is that a monopoly could charge more for their products, or that they might stagnate development, not that they automatically do so. Also, from the FoF: It is not possible with the available data to determine with any level of confidence whether the price that a profit-maximizing firm with monopoly power would charge for Windows 98 comports with the price that Microsoft actually charges. Even if it could be determined that Microsoft charges less than the profit-maximizing monopoly price, though, that would not be probative of a lack of monopoly power, for Microsoft could be charging what seems like a low short-term price in order to maximize its profits in the future for reasons unrelated to underselling any incipient competitors. So... the FoF isn't an automatic gimme on determining whether damages are due, nor what the extent would be. I also find the second half... interesting. It reads, to me, like this: Well... they could have raised the prices, and if we see that this occurred, why, look, they are a monopoly. Just in case we find that this isn't the case, well... there could be some mystical magical other reason why Mr. Evil MS is doing this, we just don't know what it is yet. ...this is not, of course, to say that there wasn't an alterior motive, just that I found that bit to be a little slanted... -User
Ignoring for the moment opinions on the quality of MS software, this touches on a question I've often had about Open Source. If there's a gaping hole in, for example, Outlook, and a company loses all its email for the year, they have someone to blame, and potentially hold legally liable. (Assuming that they company wasn't negligent in applying patches, etc). If, however, the same company were to use, oh, for example, Linux, and have the same thing happen, then what? If they downloaded the source from RH's servers and installed it... er... where would they look for legal redress? The multitude of unidentifiable coders who generously gave their time and expertise to write what is, on the whole, an amazing product? Do they *have* anyone to turn to? If, on the otherhand, they bought a copy of the RH distro, and used that, *then* can they sue RH? How about the OEM who sold them the server with Linux pre-loaded? I guess it just seems to me that, along with the product, when you buy an MS product (or most other pieces of software) you're also purchasing the right to blame...
I know I've drifted some from the original topic, but this is one of the aspects of group developed open-source projects which I don't really understand....
-User
Sure, fine, but this isn't the definition of "Total Cost of Ownership". Yes, the above prices include a mere 10 licenses for NT. However, let's look at the case where we have 100 clients. This means purchasing another 90 licenses (at, I believe ~$30 each) for a total of $2700, or, with the full retail version of NT4 (@ $1130), less than $4000. Compared with $150, that sounds like a lot, and would be a lot for a home user. However - if we assume we've got two sysadmins making $50,000/year, this difference is less that 4% after the first year, 2% after 2, etc. So, if the server requires 3.8%ish percent less work to admin, which of course MS says is the case, you've made the money back right there... I'm not saying that I know for a fact that NT is cheaper to own and run the Linux (or for that matter, that the reverse is true), but the sunk cost of the OS are not as important as it may appear.