It depends. Here, and apparently in Denmark too, someone who sells a consumer a piece of equipment remains responsible for its correct functioning for the expected lifetime for the type of equipment. So, if one can expect a DVD player to last for 2 years (don't know what is found typical in this case, probably more like 3-5 years), and it becomes unusable due to a fault in the design within that period, the device has to be repaired or replaced. Only some "new for old" deduction can take place.
This is not depending on warranty. Indeed, warranty is a useless statement here.
Of course you can return your Model 99 HDDVD player to Sony for upgrade or refund, because they broke their part of the agreement by not protecting the device keys good enough to prevent pirates from extracting them.
This is the manufacturer's fault. He provided you with faulty equipment and should repair it at his expense or refund your money. (under most consumer laws)
The media industry wouldn't know anything backfired on them. They would just going on moaning about reduced sales and blaming it all on someone else.
That is what they have done for years now. It is the fault of the pirates, the fault of the Internet, the fault of anyone but themselves that revenues are dropping.
The fact that they are over-spending and over-paying of course is not the reason, in their vision.
What stops me from plugging the video output of a dvd player into my video capture card and recording off of it?
HDCP. A HD-DVD player will be mandated to only output full HD content over a HDCP protected digital link. Unprotected outputs must be of reduced quality.
To get the keys revoked you first need to extract them from the players and make that fact wellknown.
This happened with a software player on the PC. But is it as easy to do on a DVD player? Not when the manufacturers abide to the specs for keeping it safe.
So, maybe you get some keys from cheap chinese players, but no way you will get a significant percentage of keys revoked.
This is the kind of service you need to look for. But this one is in the US, so that is not very useful. You would need one in a country that will not immediately take legal action and subpoena when "suspect activity" (in their view) has been observed.
As long as you have a server system that will allow you to tunnel things.
It is the same with the "ISPs have to keep 3 year records of everything" uproar. When you can setup an SSH or IPsec tunnel to a system in a country without this rule, you can do anything and the logs they can keep do not reveal who you communicate with (except that single system).
I agree with that. Each and every incoming Nigerian 419 Spam message gets a semi-automatic complaint sent to all involved parties here (only requires a manual confirm to make sure it is really a 419 message and not some misdetection by SpamAssassin). The idea is that when their replybox gets closed, they won't be able to collect. However, the enthousiastic "we have removed this user's account" message that I seldomly receive is rarely within a week of the complaint, making the entire process useless.
For viruses it is ofen worse. ISPs require "proof" to be sent but when you forward the entire mail it is often "blocked because it contains a virus" or "blocked because it has an attachment - please send only text". When sending only headers you get "this is not one of our users, look our domain name is never mentioned" or some other "request more information". Sometimes it feels like they are trying to discourage reporting by tightening the screws ever more, and always having some reply ready that means they won't do anything until YOU do more work for THEM.
That is bad, because those trojans normally use ports they have not reserved with IANA and that are used by other services. Putting up random port blocks for everyone is going to cause random problems to legitimate users.
They only put up this block after it has been shown that your system is virus or trojan infected and you have not responded to requests to do something about that. Normally there is no filtering whatsoever.
The change is not to take out the current model, the change is to make the typical program actually work under a restricted account.
You are right that the Window model is much better than the Unix model. However, as it appeared late in the Windows revision series, there are still programs around that do not work when a nonprivileged user starts them, because they attempt things that are not allowed in a wellsecured system. This is what they want to change, mostly through recommendations to application developers and certification it seems.
(Windows 2000 is already completely tooled up for this, the problem is in the applications not in Windows)
W.O.L. doesn't power-up the system when it's been shut-off, so it's really not of any use in this situation.
It doesn't sound like you've tried this. When configured correctly, it works. We do weekly maintenance and nightly installations of software that way. In some scheduled job, all systems get a wake-on-lan packet and they start, and run some install. The users are never bothered with it, unless their systems are offline at that time (e.g. laptops).
Because of the widened timezone in Europe we are in the GMT+1 zone while geographically we are in the GMT zone. So, during wintertime we have DST and during summer there is even one hour more.
Everyone doing IT in a company where there are more than 10 PCs should sit down and study the possibilities of network-wide administration. Instead of walking around to change PC configurations you setup things once and don't have to worry about scale.
Microsoft are hosting domain and mailservices for the wellknown LOTTERY scamming. Those scammers, often claiming to be from the UK, register names at MSN personal domain service, and have the mail for those domains handled by MSN Hotmail. They send spam messages around claiming you have won a price in some lottery, sometimes even "the Microsoft Word Lottery" or similar. Of course, it is a Negerian 419 scam. When you would go about claiming your price, you would have to pay some notary fee, or another advance fee.
Microsoft are fully aware of this situation, but they keep it covered. Heck, they don't even do something about it: you can send as many abuse messages as you like to Microsoft, MSN, MS Personal domains, Hotmail or whatever. They are either silently ignored, or replied with a standard message that says you should go somewhere else, or replied with a message saying that because the original spam was not sent via their system they are not going to do anything about it.
When they really are so concerned about fraudulous activity, they should first look at the fraudsters they are hosting themselves on their own systems and under their own administrative control. Block those domains, stop hosting their mail, take action against the abuse of their trademarks, etc.
Ah... so that is part of the ploy? It is not so common here. Recently I bought a cable box and I would get half of my money back. I sent in the forms, and indeed: they were lost. I did not know that would be standard procedure...
It must be inconvenient for the company as well. They have to keep records of which forms are received for the first time so they will be discarded, then advise those complaining customers that they need to send them a second time, this time handle them correctly, and make sure they do not get the rebate again by sending one or two extra forms...
And even then, the first-time failure of the handling of course stamps a negative image on the company. They must have had a difficult time deciding if this is all worth it...
Again, it depends. My system has 1GB. I have had this system (with this amount of memory) for 1.5 years and when it was new I of course believed that 1GB would be more than I would ever need.
However, there currently is about 450MB out on the swapspace (and 280 MB is used as diskcache).
Not having swap would mean a shortage of 170MB and not having diskcache. Of course that would not mean the system would not run, but it would run slower. Not all data that is not in RAM needs to be swapped out (e.g. pages from executable files are just reloaded when they are needed, not swapped out), so the system will look there to gain some space instead of swapping out data.
To run without swap I would need more RAM. I know the effect of the system being slow while loading things from disk, and of course it can be cured when you throw infinite amounts of RAM at it, but there is an optimum of performance relative to price, and it is not at the point where you use no swap at all.
In Linux, where developers and users can discuss the matter in the open and there is no secrecy around how it really works and why it is done that way, there is always ongoing debate about how the virtual memory/demand paging system should work to perform optimally. Allmost all the time, the outcome is that what works fine for one application, is sub-optimal for another.
Therefore there are some parameters that can be tuned (like the "swapiness", which controls the issue you mention).
If you think about it, swapping is a really lousy solution unless you expect to run out of memory. Disk is many times slower than ram. The reason that you open programs is that you want them ready for action. Swapping them to disk is therefore undesirable.
This is your situation, your opinion, and the base of your success. Other may have different situations and swapping may be better for them. On my Linux box I typically have 160-200 processes running, and I don't need them to be all ready for action. There is only a subset that needs to be ready for action, and I want those to be in RAM, together with the cached disk data that they access. Other programs, that are waiting for something that is unlikely to happen or are sleeping for some time (e.g. to check for OS updates once a day) I don't need to have in RAM.
It has been shown many times that having some swapspace is better for performance in typical systems. Maybe not in your system.
Dutch companies. Apparently the tax department was told that it would be released Jan 1st, 2005 and based their electronic tax forms for companies on it. It also mandated use of those, I think starting Feb 1st.
There was an uproar, because "you were forced to buy Windows to be able to run a business in Holland" and then the tax department replied that an Acrobat Reader 7 would be available for Linux as well.
And indeed, it has appeared.
For "Dutch people to do their taxes" (income tax), Windows is still required. Those are not done using an electronic form, but with a dedicated program that runs only under Windows. (of course VMware is no problem and I think Wine is working as well) However, the use of this program is not mandatory. You can use a classic paper form.
I think the network is more vulnerable due to the existance of a million hacked PCs that can be turned into attackers at the click of a mouse, than due to some datalink that is critical to the connection of two points. A "cyberterrorist" can melt down the Internet without even leaving home.
There are many steps you can take to minimize your systems' exposure to harmful content, such as an updated antivirus, spam filtering (on the server and the client), and a correctly configured firewall. I agree that these steps shouldn't be necessary, the problem should be prevented before it's created, but that's like saying you shouldn't have to carry an umbrella because it shouldn't rain.
Of course I have taken all measures to be sure I do not get the bad guys on my system. I use Linux, filter for dangerous content, run a firewall, etc. But this does not prevent me from receiving one hundred spam mails per day via compromised systems (which are rejected but still cause lots of logging and traffic), plus many more attempts to connect and portscan.
Also I have had to abandon a domain name because spammers have chosen to use it as a From address in their spams. I have had to set the MX record to localhost. When I try to set my own system as MX host, I get bombarded by bounces (thousands a day). This is also caused by careless ISPs. A reasonably managed mailserver would not accept mail from a source address that has its MX set to localhost, but they do.
Finally, some of those virus infected systems are spreading their virusmail with my valid mail address as a sender address (because it appears somewhere on those systems). Others may think I am spreading that. I want to stop them from doing it but the ISP does not give me contact information and I have no way to force them to stop misusing my name (mail address).
I agree that a law is not the first choice to rectify such situations, but it may be the only way to make the ISPs do something. It does not matter so much that the government is incompetent, what matters is that I can send a letter or mail stating "you are required by law to take action so please do so within an X amount of time or I will take legal action".
I think the problem is not that customers are or should be unsatisfied with their own ISP and thus should move to another. The problem is that other ISPs exist that do not care, and that we are all connected to one single Internet. So even when you are at a ISP that cares about these things (I am), you still suffer from the million PCs of users at ISPs that don't care, and there is nothing you can do about that.
So an ISP should be required by law to care about this. Just as there exists a mandatory facilitation of lawful intercept (at least here), it could be mandated that ISPs provide a contact method to report compromised systems, and be mandated to actually do something with the reports. For example, an e-mail address or form on their website where you enter date/time, IP address and observed activity (spamrelay, attempted virus delivery, portscanning or other hacking) usually related with compromised systems. The ISP would then have to handle these reports, for example in order of decreasing number of reports per address. The customer would have to be contacted, warned about the situation, maybe get moved to a closed network where they can download only tools, or disconnected completely until the situation is remedied.
Don't say it can't be done, my ISP does it and others do. But as it is not mandatory there remain countless other ISPs that don't, and millions of PCs that you can see attacking you and the rest of the world but you (and others) can do nothing about because you have no way of contacting their owner.
ISPs should be held responsible for what theur client do when they have been notified of their wrongdoings and have decided not to pay attention to those notifications.
Right now there is the problem of many hijacked and virus-infected PCs on broadband networks, and the victims of those have the problem that they can identify the problem spot only by IP address, The ISP acts as a shield between you and the troublemaker, by systematically ignoring requests to take them offline or to give you contact information so you can call them yourself.
This is not like the position of P2P companies or weapon manufacturers. It is like the ISPs position in copyright violation cases. The ISP is held responsible until they provide the name of the offender.
Slashdot Mirror
It depends. Here, and apparently in Denmark too, someone who sells a consumer a piece of equipment remains responsible for its correct functioning for the expected lifetime for the type of equipment.
So, if one can expect a DVD player to last for 2 years (don't know what is found typical in this case, probably more like 3-5 years), and it becomes unusable due to a fault in the design within that period, the device has to be repaired or replaced.
Only some "new for old" deduction can take place.
This is not depending on warranty. Indeed, warranty is a useless statement here.
Of course you can return your Model 99 HDDVD player to Sony for upgrade or refund, because they broke their part of the agreement by not protecting the device keys good enough to prevent pirates from extracting them.
This is the manufacturer's fault. He provided you with faulty equipment and should repair it at his expense or refund your money.
(under most consumer laws)
The media industry wouldn't know anything backfired on them. They would just going on moaning about reduced sales and blaming it all on someone else.
That is what they have done for years now. It is the fault of the pirates, the fault of the Internet, the fault of anyone but themselves that revenues are dropping.
The fact that they are over-spending and over-paying of course is not the reason, in their vision.
What stops me from plugging the video output of a dvd player into my video capture card and recording off of it?
HDCP. A HD-DVD player will be mandated to only output full HD content over a HDCP protected digital link. Unprotected outputs must be of reduced quality.
To get the keys revoked you first need to extract them from the players and make that fact wellknown.
This happened with a software player on the PC. But is it as easy to do on a DVD player? Not when the manufacturers abide to the specs for keeping it safe.
So, maybe you get some keys from cheap chinese players, but no way you will get a significant percentage of keys revoked.
This is the kind of service you need to look for.
But this one is in the US, so that is not very useful. You would need one in a country that will not immediately take legal action and subpoena when "suspect activity" (in their view) has been observed.
As long as you have a server system that will allow you to tunnel things.
It is the same with the "ISPs have to keep 3 year records of everything" uproar. When you can setup an SSH or IPsec tunnel to a system in a country without this rule, you can do anything and the logs they can keep do not reveal who you communicate with (except that single system).
But how do you find such a service?
I agree with that. Each and every incoming Nigerian 419 Spam message gets a semi-automatic complaint sent to all involved parties here (only requires a manual confirm to make sure it is really a 419 message and not some misdetection by SpamAssassin).
The idea is that when their replybox gets closed, they won't be able to collect. However, the enthousiastic "we have removed this user's account" message that I seldomly receive is rarely within a week of the complaint, making the entire process useless.
For viruses it is ofen worse. ISPs require "proof" to be sent but when you forward the entire mail it is often "blocked because it contains a virus" or "blocked because it has an attachment - please send only text".
When sending only headers you get "this is not one of our users, look our domain name is never mentioned" or some other "request more information".
Sometimes it feels like they are trying to discourage reporting by tightening the screws ever more, and always having some reply ready that means they won't do anything until YOU do more work for THEM.
That is bad, because those trojans normally use ports they have not reserved with IANA and that are used by other services.
Putting up random port blocks for everyone is going to cause random problems to legitimate users.
They only put up this block after it has been shown that your system is virus or trojan infected and you have not responded to requests to do something about that.
Normally there is no filtering whatsoever.
The change is not to take out the current model, the change is to make the typical program actually work under a restricted account.
You are right that the Window model is much better than the Unix model. However, as it appeared late in the Windows revision series, there are still programs around that do not work when a nonprivileged user starts them, because they attempt things that are not allowed in a wellsecured system.
This is what they want to change, mostly through recommendations to application developers and certification it seems.
(Windows 2000 is already completely tooled up for this, the problem is in the applications not in Windows)
W.O.L. doesn't power-up the system when it's been shut-off, so it's really not of any use in this situation.
It doesn't sound like you've tried this.
When configured correctly, it works. We do weekly maintenance and nightly installations of software that way. In some scheduled job, all systems get a wake-on-lan packet and they start, and run some install. The users are never bothered with it, unless their systems are offline at that time (e.g. laptops).
Because of the widened timezone in Europe we are in the GMT+1 zone while geographically we are in the GMT zone.
So, during wintertime we have DST and during summer there is even one hour more.
This does not cause the problems you mention.
Everyone doing IT in a company where there are more than 10 PCs should sit down and study the possibilities of network-wide administration.
Instead of walking around to change PC configurations you setup things once and don't have to worry about scale.
He wanted to go for the "useless use of cat award"
Microsoft are hosting domain and mailservices for the wellknown LOTTERY scamming. Those scammers, often claiming to be from the UK, register names at MSN personal domain service, and have the mail for those domains handled by MSN Hotmail.
They send spam messages around claiming you have won a price in some lottery, sometimes even "the Microsoft Word Lottery" or similar.
Of course, it is a Negerian 419 scam. When you would go about claiming your price, you would have to pay some notary fee, or another advance fee.
Microsoft are fully aware of this situation, but they keep it covered. Heck, they don't even do something about it: you can send as many abuse messages as you like to Microsoft, MSN, MS Personal domains, Hotmail or whatever. They are either silently ignored, or replied with a standard message that says you should go somewhere else, or replied with a message saying that because the original spam was not sent via their system they are not going to do anything about it.
When they really are so concerned about fraudulous activity, they should first look at the fraudsters they are hosting themselves on their own systems and under their own administrative control.
Block those domains, stop hosting their mail, take action against the abuse of their trademarks, etc.
Ah... so that is part of the ploy?
It is not so common here. Recently I bought a cable box and I would get half of my money back. I sent in the forms, and indeed: they were lost.
I did not know that would be standard procedure...
It must be inconvenient for the company as well. They have to keep records of which forms are received for the first time so they will be discarded, then advise those complaining customers that they need to send them a second time, this time handle them correctly, and make sure they do not get the rebate again by sending one or two extra forms...
And even then, the first-time failure of the handling of course stamps a negative image on the company.
They must have had a difficult time deciding if this is all worth it...
Again, it depends. My system has 1GB. I have had this system (with this amount of memory) for 1.5 years and when it was new I of course believed that 1GB would be more than I would ever need.
However, there currently is about 450MB out on the swapspace (and 280 MB is used as diskcache).
Not having swap would mean a shortage of 170MB and not having diskcache. Of course that would not mean the system would not run, but it would run slower. Not all data that is not in RAM needs to be swapped out (e.g. pages from executable files are just reloaded when they are needed, not swapped out), so the system will look there to gain some space instead of swapping out data.
To run without swap I would need more RAM.
I know the effect of the system being slow while loading things from disk, and of course it can be cured when you throw infinite amounts of RAM at it, but there is an optimum of performance relative to price, and it is not at the point where you use no swap at all.
In Linux, where developers and users can discuss the matter in the open and there is no secrecy around how it really works and why it is done that way, there is always ongoing debate about how the virtual memory/demand paging system should work to perform optimally.
Allmost all the time, the outcome is that what works fine for one application, is sub-optimal for another.
Therefore there are some parameters that can be tuned (like the "swapiness", which controls the issue you mention).
If you think about it, swapping is a really lousy solution unless you expect to run out of memory. Disk is many times slower than ram. The reason that you open programs is that you want them ready for action. Swapping them to disk is therefore undesirable.
This is your situation, your opinion, and the base of your success.
Other may have different situations and swapping may be better for them. On my Linux box I typically have 160-200 processes running, and I don't need them to be all ready for action. There is only a subset that needs to be ready for action, and I want those to be in RAM, together with the cached disk data that they access.
Other programs, that are waiting for something that is unlikely to happen or are sleeping for some time (e.g. to check for OS updates once a day) I don't need to have in RAM.
It has been shown many times that having some swapspace is better for performance in typical systems. Maybe not in your system.
Version 7 does not have that slow plugin loader anymore! Try it, it starts very quickly.
Dutch companies. Apparently the tax department was told that it would be released Jan 1st, 2005 and based their electronic tax forms for companies on it. It also mandated use of those, I think starting Feb 1st.
There was an uproar, because "you were forced to buy Windows to be able to run a business in Holland" and then the tax department replied that an Acrobat Reader 7 would be available for Linux as well.
And indeed, it has appeared.
For "Dutch people to do their taxes" (income tax), Windows is still required. Those are not done using an electronic form, but with a dedicated program that runs only under Windows.
(of course VMware is no problem and I think Wine is working as well)
However, the use of this program is not mandatory. You can use a classic paper form.
I think the network is more vulnerable due to the existance of a million hacked PCs that can be turned into attackers at the click of a mouse, than due to some datalink that is critical to the connection of two points.
A "cyberterrorist" can melt down the Internet without even leaving home.
There are many steps you can take to minimize your systems' exposure to harmful content, such as an updated antivirus, spam filtering (on the server and the client), and a correctly configured firewall. I agree that these steps shouldn't be necessary, the problem should be prevented before it's created, but that's like saying you shouldn't have to carry an umbrella because it shouldn't rain.
Of course I have taken all measures to be sure I do not get the bad guys on my system. I use Linux, filter for dangerous content, run a firewall, etc.
But this does not prevent me from receiving one hundred spam mails per day via compromised systems (which are rejected but still cause lots of logging and traffic), plus many more attempts to connect and portscan.
Also I have had to abandon a domain name because spammers have chosen to use it as a From address in their spams. I have had to set the MX record to localhost. When I try to set my own system as MX host, I get bombarded by bounces (thousands a day).
This is also caused by careless ISPs. A reasonably managed mailserver would not accept mail from a source address that has its MX set to localhost, but they do.
Finally, some of those virus infected systems are spreading their virusmail with my valid mail address as a sender address (because it appears somewhere on those systems). Others may think I am spreading that. I want to stop them from doing it but the ISP does not give me contact information and I have no way to force them to stop misusing my name (mail address).
I agree that a law is not the first choice to rectify such situations, but it may be the only way to make the ISPs do something. It does not matter so much that the government is incompetent, what matters is that I can send a letter or mail stating "you are required by law to take action so please do so within an X amount of time or I will take legal action".
I think the problem is not that customers are or should be unsatisfied with their own ISP and thus should move to another.
The problem is that other ISPs exist that do not care, and that we are all connected to one single Internet.
So even when you are at a ISP that cares about these things (I am), you still suffer from the million PCs of users at ISPs that don't care, and there is nothing you can do about that.
So an ISP should be required by law to care about this. Just as there exists a mandatory facilitation of lawful intercept (at least here), it could be mandated that ISPs provide a contact method to report compromised systems, and be mandated to actually do something with the reports.
For example, an e-mail address or form on their website where you enter date/time, IP address and observed activity (spamrelay, attempted virus delivery, portscanning or other hacking) usually related with compromised systems. The ISP would then have to handle these reports, for example in order of decreasing number of reports per address. The customer would have to be contacted, warned about the situation, maybe get moved to a closed network where they can download only tools, or disconnected completely until the situation is remedied.
Don't say it can't be done, my ISP does it and others do. But as it is not mandatory there remain countless other ISPs that don't, and millions of PCs that you can see attacking you and the rest of the world but you (and others) can do nothing about because you have no way of contacting their owner.
ISPs should be held responsible for what theur client do when they have been notified of their wrongdoings and have decided not to pay attention to those notifications.
Right now there is the problem of many hijacked and virus-infected PCs on broadband networks, and the victims of those have the problem that they can identify the problem spot only by IP address,
The ISP acts as a shield between you and the troublemaker, by systematically ignoring requests to take them offline or to give you contact information so you can call them yourself.
This is not like the position of P2P companies or weapon manufacturers. It is like the ISPs position in copyright violation cases. The ISP is held responsible until they provide the name of the offender.