Parent post points out what I thought was the most interesting part of the article, that a cryptographic collision attack was used to generate the fake certificate. We've seen multiplearticles here about researchers using cryptographic collision attacks against certain ciphers, but, aside from the story about GnuPG short IDs that were only 32 bit hashes, this is the first time I can recall hearing that one was used in the wild against a real security system. Now maybe people will pay attention to what those researchers were saying...
Yet another variation of the popular patent "do something we already know how to do, but on a computer". Now it's "do something we already know how to do on a traditional computer with mouse, but on a touchscreen". It's not like there weren't touchscreens before Apple's products of the last few years. There are even older Apple touchscreens, so old in fact that their patents have expired or are about to do so. The previous generation's touchscreens didn't catch on because the devices were too limited. They've overcome that now.
Somewhere along the line, Slashdot broke nicknames with punctuation. Since my cookie expired, I have been unable to log in. The only work around is for an admin to change the nickname. How about we just fix the bug, please?
Ditto, though I was able to log in using openID. This may not work if you can't verify your Slashdot account's email through some openID provider, though.
Not entirely, because the invention of the processes used to create the previously unavailable material may be patentable. And since the exact nature of the material was not known at the time of the original patent, there will probably be modifications to that design needed to make it work with the newly invented substance, again potentially patentable. You're right that it severely reduces the patentability of the antigrav copter, but I think that's how the patent system is supposed to work - the ideas people thought of 25 years ago SHOULDN'T be able to be patented, and in this case, there would be significant portions of this invention which are not covered by patents.
GNOME 3 started on my main system in fallback mode. I eventually found that was because virtual resolutions more than 2048 pixels wide were not supported on my video chip, and my dual-head system naturally is wider than that; otherwise I was set, hardware-wise. But by the time I did this, I knew I was going to switch it over to XFCE anyway as soon as I got everything set up. I had been running GNOME 3 on my second system for a month, and all the extra clicks and whatnot described in the article even to do simple tasks was just too much for me.
The second month we discovered shell extensions.
This is on the last page of the article. At the end of my first month, after having given GNOME 3 a fair shot, it wasn't cutting it and I switched to XFCE (switched back, really, since I had used the much simpler XFCE years ago back before GNOME 2 got up to speed). So I didn't get the chance to discover these extensions in my second month. Had I read this first, I might have gone down the tweak road described here instead.
From the commentary on the KC fiber project (emphasis mine):
Here was Google’s pitch:
We're planning to build and test ultra high-speed broadband networks in a small number of trial locations across the United States. We'll deliver Internet speeds more than 100 times faster than what most Americans have access to today with 1 gigabit per second, fiber-to-the-home connections.
And then at the end:
Google could spend an average of $5,500 per home (yes, in another twist, the project seems to be fiber to the home) to hook up its fiber network...
Yeah, they did say back at the beginning of the project that they were going to provide fiber to the home. Why is it a twist this the project ended up being about fiber to the home?
Actually, I think there is a financial model here. After proving the technology, they put a number of these satellites in orbit with a number of these "space junk vacuums" on board each one (since they are small), and launch them to take out space junk targets which threaten satellites - for a fee per vacuum. Since they are 30 cm x 10 cm x 10 cm per the article, you could load up a satellite with many of these, and perform this service for far less than the cost of launching a single satellite.
Subject to sections 107 through 122, the owner of copyright under this title has the exclusive rights to do and to authorize any of the following:...(3) to distribute copies or phonorecords of the copyrighted work to the public by sale or other transfer of ownership, or by rental, lease, or lending;
Now, Google could say that "copies" implies a material object, but it's certainly not there in the plain language. In fact, 17 USC 106(6) goes on to discuss digital audio transmissions, and doesn't distinguish them as being non-material.
Actually it is there, but you have to go up to 17 USC 101, Definitions to see that they are defined as material objects. But more importantly, the same "copies and phonorecords" wording is used in both 17 USC 106 and 17 USC 109, so regardless of how they are defined, the same objects subject to copyright restrictions, once legally obtained, are also resellable.
17 USC 106(6) is interesting. It specifically restricts public performance by digital transmission, which might be seen as drawing a distinction between digitally transmitting them to specific people you know and digitally transmitting them to the general public, as might happen on YouTube or p2p networks.
IANAL, but in a recent story, we heard that Capital Records was suing ReDigi, a service that allows people to re-sell used MP3s, claiming that they such resale is not permitted by law. Google wants to put forth an argument that it is.
The exclusive rights a copyright holder has (which are enumerated in 17 USC 106) include the exclusive right to make and distribute "copies" and "phonorecords". There are some other exclusive rights such as making derivative works and public performance, but they are not relevant here. But under 17 USC 109, the owner of a lawfully made "copy" or "phonorecord" is permitted to sell that copy or phonorecord, without any authority from the copyright owner. Google argues that either owners of MP3s have this resale right, or else MP3s are considered neither of these things and their creation and distribution is not restricted by law at all, because the same terms are used in both sections of the law.
In 17 USC 101 both of these words are defined as "material objects" of some sort. Capitol apparently argued that MP3s are not material objects and thus not subject to the right of resale, but Google pointed out that this same argument would make the actions of copying and distributing MP3s not fall under the restrictions of copyright at all.
This anon has it right. If you have two synchronized 2D films of the same thing from slightly different angles, then you can try to match objects in the two frames, and use that to determine the depth. You could just apply the red filter to one film, blue to the other, superimpose, and boom, it's like you're watching the two different films with your two different eyes, and if they were filmed with cameras set properly, it will actually look right.
But it sounds like you only have one 2D film. Here, the best you can hope for is to identify different objects in the film and apply a depth to each one, try to match and track those objects across different frames and keep the depths consistent. If the objects are sitting on a flat floor and you can see their bases, or if you can see shadows of the objects, you may be able to use that info to determine depth. Otherwise, you have to guess, and the result will probably look poor.
It will only stop when somebody attempts to apply the same strategy to the legal profession. Then, with any luck, one of two things will happen:
1. The lawyers, judges, and Congress will realize that the entire government will grind to a halt if that strategy is allowed, so they will reject the strategy, and finally come to realize why this is such a problem in other areas, and finally fix it.
2. It succeeds, and everything does grind to a halt until Congress passes a massive overhaul to change it all (making it just retroactive enough to negate all patent lawsuits against their own overhaul.)
there was the disclosure of a malware attack by Mikko Hypponen (FSecure) using a government issued certificate signed by the same Certificate Authority.
No, there was the disclosure by Mikko Hypponen of a malware attack using a government issued certificate. Mikko did not perform the attack.
Agreed. The study uses a flawed definition of success, in that the searches that are so successful you find the information you need right in the summary without ever visiting the web site are counted as failures. This happens often enough in my experience to be a significant influence on results. Conversely, searches where you visit a web site in the results are treated as success, even if the web site turns out not to have what you wanted. The combination of these two issues makes the whole set of results pretty meaningless.
An episode of Star Trek (I think it was on Voyager) has them end up on then-present-day Earth and when they need it, they steal a car this way. Anybody remember which one?
Just to clarify...
He is taking the steps to investigate the vulnerabilities, and take precautions against further intrusion.
This is not to be confused with "let's go catch these boogeymen."
This just seems like a reasonable reaction (for once), unless I am mis-reading here. I did not RTFA.
Well, the article is not really much more informative than the summary on this matter, but both of them suggest that at least part of the focus is on improving security at these sensitive sites rather than going after whichever baddies this week hacked into a government contractor's network and divulged sensitive info they found there. And that is indeed the right focus; it is obvious that the knowledge necessary to break into these sites is in the wild and capturing one group of attackers is going to do little to secure the information stored on other, as-yet-unhacked networks. The problem is that inadequate methods have been used to secure the information in the first place. So I have to agree with you.
Furthermore, what is pointed out in the article is that there are multiple Congressional committees claiming at least partial jurisdiction over the issue and suggesting cybersecurity legislation. McCain proposes a single committee to clearly govern this area and thus to consolidate this legislation in one place to avoid conflicting bills coming from different groups. I can't say whether this will actually succeed in doing something useful -- it really depends on whether they get knowledgeable people on the committee -- but it has a better chance than the current approach. In theory, the knowledgeable people, even if they aren't on the committee or even in Congress, should know to address this group; hopefully the committee gets populated with Congressmen who are able to distinguish the ideas of value from those of everybody else who wants to restrict computers or the Internet in whatsoever way.
The main point of the article is about Adobe's development tools for Adobe Air. Is anybody actually using Adobe Air? The only thing I can recall having seen done using Adobe Air is help for recent versions of Adobe products, and this makes it so slow compared with any other help system that it makes a hugely negative ad for Air.
The inane Skype message I keep getting from various accounts I keep blocking is one trying to tell me they've detected a security problem on my Windows system - even though I am logged in from Linux. Maybe once a month I get this, almost always in the middle of the night while I am sleeping.
The point is to develop the ability for users of Jitsi, Asterisk, Ekiga, Empathy, etc., etc. to talk with Skype users, while still also being able to talk with all the users of SIP programs, much in the way that we have IM programs that can communicate with IM users over various different protocols. Then Alice doesn't need to run two different programs to talk with both Skype and SIP users.
His estate? He's not dead. He's still in prison. If you'd been watching the news recently you would have seen that they are now investigating him for the still unsolved 1982 Tylenol murders, and they asked him to submit a DNA sample for this investigation but he refused. (They may seek a court order to compel him to provide the DNA sample.)
The auction is occurring because he's been ordered by the court to pay restitution to the families of the victims. The court judgement occurred in 2006. Ever since then he's been fighting against the auction of his possessions, but apparently it is actually going to go through now.
Something like that. I think that the idea behind creating Righthaven was meant to avoid having the newspapers themselves be the plaintiffs in these lawsuits, to put a (poorly thought out) shell between the papers and the suits (to try to dodge exactly the countersuit that has now been filed - Righthaven may go bankrupt if they lose, but the newspapers will, they hope, come out unscathed and set up another shell). But since the current suits are having trouble due to Righthaven not actually owning the copyrights, they may just reorganize in a different way, where the newspapers sign over all their copyrights to Righthaven with the newspapers retaining a license to use the material, and proceed exactly as they have been doing.
And when that happens these suits will be on much better footing (since, as far as I know, these defendants have actually been using material copied from the newspapers). They may still fail on fair use or other grounds, but it is then much less likely that some defense will come out that will invalidate the entire group of them. Assuming, of course, that the countersuit does not find the newspapers themselves liable for the suits in the shell company they set up, and bankrupt them all.
Disclaimers: IANAL. I have not been sued by Righthaven, and I don't believe I have ever copied anything from those newspapers (or even read anything from them except for occasional Slashdot stories linking to them).
Slashdot Mirror
Confidante, not cosmonaut.
Parent post points out what I thought was the most interesting part of the article, that a cryptographic collision attack was used to generate the fake certificate. We've seen multiple articles here about researchers using cryptographic collision attacks against certain ciphers, but, aside from the story about GnuPG short IDs that were only 32 bit hashes, this is the first time I can recall hearing that one was used in the wild against a real security system. Now maybe people will pay attention to what those researchers were saying...
Yet another variation of the popular patent "do something we already know how to do, but on a computer". Now it's "do something we already know how to do on a traditional computer with mouse, but on a touchscreen". It's not like there weren't touchscreens before Apple's products of the last few years. There are even older Apple touchscreens, so old in fact that their patents have expired or are about to do so. The previous generation's touchscreens didn't catch on because the devices were too limited. They've overcome that now.
Somewhere along the line, Slashdot broke nicknames with punctuation. Since my cookie expired, I have been unable to log in. The only work around is for an admin to change the nickname. How about we just fix the bug, please?
Ditto, though I was able to log in using openID. This may not work if you can't verify your Slashdot account's email through some openID provider, though.
Not entirely, because the invention of the processes used to create the previously unavailable material may be patentable. And since the exact nature of the material was not known at the time of the original patent, there will probably be modifications to that design needed to make it work with the newly invented substance, again potentially patentable. You're right that it severely reduces the patentability of the antigrav copter, but I think that's how the patent system is supposed to work - the ideas people thought of 25 years ago SHOULDN'T be able to be patented, and in this case, there would be significant portions of this invention which are not covered by patents.
This is on the last page of the article. At the end of my first month, after having given GNOME 3 a fair shot, it wasn't cutting it and I switched to XFCE (switched back, really, since I had used the much simpler XFCE years ago back before GNOME 2 got up to speed). So I didn't get the chance to discover these extensions in my second month. Had I read this first, I might have gone down the tweak road described here instead.
I associate the name mdash with HTML authoring, not the world of gaming, so I would not have guessed that. :-)
And then at the end:
Yeah, they did say back at the beginning of the project that they were going to provide fiber to the home. Why is it a twist this the project ended up being about fiber to the home?
Actually, I think there is a financial model here. After proving the technology, they put a number of these satellites in orbit with a number of these "space junk vacuums" on board each one (since they are small), and launch them to take out space junk targets which threaten satellites - for a fee per vacuum. Since they are 30 cm x 10 cm x 10 cm per the article, you could load up a satellite with many of these, and perform this service for far less than the cost of launching a single satellite.
But 17 USC 106(3) just says:
Subject to sections 107 through 122, the owner of copyright under this title has the exclusive rights to do and to authorize any of the following: ...(3) to distribute copies or phonorecords of the copyrighted work to the public by sale or other transfer of ownership, or by rental, lease, or lending;
Now, Google could say that "copies" implies a material object, but it's certainly not there in the plain language. In fact, 17 USC 106(6) goes on to discuss digital audio transmissions, and doesn't distinguish them as being non-material.
Actually it is there, but you have to go up to 17 USC 101, Definitions to see that they are defined as material objects. But more importantly, the same "copies and phonorecords" wording is used in both 17 USC 106 and 17 USC 109, so regardless of how they are defined, the same objects subject to copyright restrictions, once legally obtained, are also resellable.
17 USC 106(6) is interesting. It specifically restricts public performance by digital transmission, which might be seen as drawing a distinction between digitally transmitting them to specific people you know and digitally transmitting them to the general public, as might happen on YouTube or p2p networks.
IANAL, but in a recent story, we heard that Capital Records was suing ReDigi, a service that allows people to re-sell used MP3s, claiming that they such resale is not permitted by law. Google wants to put forth an argument that it is.
The exclusive rights a copyright holder has (which are enumerated in 17 USC 106) include the exclusive right to make and distribute "copies" and "phonorecords". There are some other exclusive rights such as making derivative works and public performance, but they are not relevant here. But under 17 USC 109, the owner of a lawfully made "copy" or "phonorecord" is permitted to sell that copy or phonorecord, without any authority from the copyright owner. Google argues that either owners of MP3s have this resale right, or else MP3s are considered neither of these things and their creation and distribution is not restricted by law at all, because the same terms are used in both sections of the law.
In 17 USC 101 both of these words are defined as "material objects" of some sort. Capitol apparently argued that MP3s are not material objects and thus not subject to the right of resale, but Google pointed out that this same argument would make the actions of copying and distributing MP3s not fall under the restrictions of copyright at all.
This anon has it right. If you have two synchronized 2D films of the same thing from slightly different angles, then you can try to match objects in the two frames, and use that to determine the depth. You could just apply the red filter to one film, blue to the other, superimpose, and boom, it's like you're watching the two different films with your two different eyes, and if they were filmed with cameras set properly, it will actually look right. But it sounds like you only have one 2D film. Here, the best you can hope for is to identify different objects in the film and apply a depth to each one, try to match and track those objects across different frames and keep the depths consistent. If the objects are sitting on a flat floor and you can see their bases, or if you can see shadows of the objects, you may be able to use that info to determine depth. Otherwise, you have to guess, and the result will probably look poor.
there was the disclosure of a malware attack by Mikko Hypponen (FSecure) using a government issued certificate signed by the same Certificate Authority.
No, there was the disclosure by Mikko Hypponen of a malware attack using a government issued certificate. Mikko did not perform the attack.
Wait, Microsoft named a phone OS "Mango"? Is it going to come with "Like the deserts miss the rain" as a ringtone?
Agreed. The study uses a flawed definition of success, in that the searches that are so successful you find the information you need right in the summary without ever visiting the web site are counted as failures. This happens often enough in my experience to be a significant influence on results. Conversely, searches where you visit a web site in the results are treated as success, even if the web site turns out not to have what you wanted. The combination of these two issues makes the whole set of results pretty meaningless.
An episode of Star Trek (I think it was on Voyager) has them end up on then-present-day Earth and when they need it, they steal a car this way. Anybody remember which one?
Just to clarify... He is taking the steps to investigate the vulnerabilities, and take precautions against further intrusion. This is not to be confused with "let's go catch these boogeymen."
This just seems like a reasonable reaction (for once), unless I am mis-reading here. I did not RTFA.
Well, the article is not really much more informative than the summary on this matter, but both of them suggest that at least part of the focus is on improving security at these sensitive sites rather than going after whichever baddies this week hacked into a government contractor's network and divulged sensitive info they found there. And that is indeed the right focus; it is obvious that the knowledge necessary to break into these sites is in the wild and capturing one group of attackers is going to do little to secure the information stored on other, as-yet-unhacked networks. The problem is that inadequate methods have been used to secure the information in the first place. So I have to agree with you.
Furthermore, what is pointed out in the article is that there are multiple Congressional committees claiming at least partial jurisdiction over the issue and suggesting cybersecurity legislation. McCain proposes a single committee to clearly govern this area and thus to consolidate this legislation in one place to avoid conflicting bills coming from different groups. I can't say whether this will actually succeed in doing something useful -- it really depends on whether they get knowledgeable people on the committee -- but it has a better chance than the current approach. In theory, the knowledgeable people, even if they aren't on the committee or even in Congress, should know to address this group; hopefully the committee gets populated with Congressmen who are able to distinguish the ideas of value from those of everybody else who wants to restrict computers or the Internet in whatsoever way.
The main point of the article is about Adobe's development tools for Adobe Air. Is anybody actually using Adobe Air? The only thing I can recall having seen done using Adobe Air is help for recent versions of Adobe products, and this makes it so slow compared with any other help system that it makes a hugely negative ad for Air.
The similarity is intentional. The name of the film was based on one possible pronunciation of the name of the star.
Duke Nukem & Robin?
The inane Skype message I keep getting from various accounts I keep blocking is one trying to tell me they've detected a security problem on my Windows system - even though I am logged in from Linux. Maybe once a month I get this, almost always in the middle of the night while I am sleeping.
The point is to develop the ability for users of Jitsi, Asterisk, Ekiga, Empathy, etc., etc. to talk with Skype users, while still also being able to talk with all the users of SIP programs, much in the way that we have IM programs that can communicate with IM users over various different protocols. Then Alice doesn't need to run two different programs to talk with both Skype and SIP users.
His estate? He's not dead. He's still in prison. If you'd been watching the news recently you would have seen that they are now investigating him for the still unsolved 1982 Tylenol murders, and they asked him to submit a DNA sample for this investigation but he refused. (They may seek a court order to compel him to provide the DNA sample.) The auction is occurring because he's been ordered by the court to pay restitution to the families of the victims. The court judgement occurred in 2006. Ever since then he's been fighting against the auction of his possessions, but apparently it is actually going to go through now.
Something like that. I think that the idea behind creating Righthaven was meant to avoid having the newspapers themselves be the plaintiffs in these lawsuits, to put a (poorly thought out) shell between the papers and the suits (to try to dodge exactly the countersuit that has now been filed - Righthaven may go bankrupt if they lose, but the newspapers will, they hope, come out unscathed and set up another shell). But since the current suits are having trouble due to Righthaven not actually owning the copyrights, they may just reorganize in a different way, where the newspapers sign over all their copyrights to Righthaven with the newspapers retaining a license to use the material, and proceed exactly as they have been doing.
And when that happens these suits will be on much better footing (since, as far as I know, these defendants have actually been using material copied from the newspapers). They may still fail on fair use or other grounds, but it is then much less likely that some defense will come out that will invalidate the entire group of them. Assuming, of course, that the countersuit does not find the newspapers themselves liable for the suits in the shell company they set up, and bankrupt them all.
Disclaimers: IANAL. I have not been sued by Righthaven, and I don't believe I have ever copied anything from those newspapers (or even read anything from them except for occasional Slashdot stories linking to them).