> He was of the idea that there is no way to prove the non-existence of god, and therefore it's reasonable to believe in a god.
I've never read his annotated version of Alice in Wonderland, but I wouldn't be at all surprised if Gardener would have claimed that he both believed and disbelieved in the existence of God, in a weird sort of spiritual quantum superposition.
>... hurt the Atheist cause more than anything.
Really? I would have thought that your insensitive post might possibly have done more damage. It certainly raised my bile. You're lucky I know so many atheists who I actually respect.
And how is he supposed to prevent someone from setting up "http://isohunt.mydomain.notus" to just proxy Isohunt so he can anyway get hits on his adverts? If the proxy would siphon off some of the ads for their own income stream, this might be an interesting business model.
I know it's bad form to reply to one's own post, but I just now understood that this idea is an interesting example where copyright infringement is directly beneficial to the party whose content is being infringed upon.
I can just imagine Fung half-heartedly suing the proxy site(s) for infringement, just so he can CYA with respect to the injunction.
I hope your celebration won't entail overeating or drinking to excess, because if you're going to do that everytime Big Media hits the Wack-A-Mole, you're going to ruin your health.
I wonder how much of his traffic is actually from the US.
And how is he supposed to prevent someone from setting up "http://isohunt.mydomain.notus" to just proxy Isohunt so he can anyway get hits on his adverts? If the proxy would siphon off some of the ads for their own income stream, this might be an interesting business model.
> This protects your privacy from everyone but google.
Wrong. This only protects your privacy from adversaries who cannot afford to subvert CA's. That doesn't include most governments or even most large corporations, and probably doesn't even include organized crime.
There's no reason for a browser to throw up nasty error dialogs when it encounters a self-signed certificate. Instead, browsers should silently accept such certificates and record the public key fingerprint. Browsers shouldn't turn on the lock icon when using a self-signed cert, or do anything else to make the user think they're browsing on a secure connection, because they're really not, but they should go ahead and encrypt the traffic.
Security, like everything else, isn't binary, so browsers classifying connections into two classes, "secure" and "insecure" is itself, in some ways, idiocy. We saw this in action recently, when Chinese dissidents were lobbying Mozilla to not trust a certain CA they believe is controlled by the Chinese government.
Your new definition of "secure connection" is still not secure from any adversary who controls or has otherwise subverted an organization trusted to issue certificates. For example, Google itself (I recently noticed, because I've started using Certificate Patrol, that Google juggled some of the certificates it uses for GMail and Google Docs --- perhaps it was because of this new feature --- but all the certificates in question were issued by a CA that Google has set up).
I do understand that Ordinary Joe isn't able to understand all this, and in that context, your suggestion isn't all that bad. I wonder if corporations will start to become so competitive that they will be tempted to abuse their cert-issuing powers to MITM. A possible scenario with less risk to such a corporation would be to use a criminal third party which they have allowed to subvert their CA's security. OTOH, the minute that a corporation would do such a thing, the criminals would have power to MITM any secure browser connection --- one wonders if this would deter such tomfoolery. Actually, one has to wonder whether organized crime hasn't already subverted some CA somewhere, no?
In other contexts, similar actions would definitely be illegal. For example, one person walks up to another person and says "Hey, I want to murder Bob Jones, but I don't know where he lives, can you help me?" and the second person says "Yeah, he lives at 123 Fake Street, here's copy of his house key. By the way, here's where you can get a really nice shotgun which would be a really effective murder instrument to use."
Aren't you tired of idiotic comparisons which compare copyright infringement to murder? After reading Slashdot for as long as I have, I am. Let me give you a hint. Making this comparison doesn't help people relate to your arguments seriously on their own merits.
And as for your argument here, it is not at all a good analogy, even disregarding the extreme crime you've chosen. The truth is that it is impossible for the operators of OBT (by themselves) to know whether content is infringing or not, unless, of course, the torrent itself claims to be infringing (and even then, one cannot be sure --- look at what we've discovered about Viacom's marketing tactics thanks to their suing YouTube/Google). This is not at all close to your example, where someone explicitly declares "I want to commit a crime".
They don't condone piracy; in fact, their website asks that users not illegally distribute copyrighted material with the tracker.
That's pretty unconvincing. They all say that. Words are cheap, actions matter more. If they were actively removing infringing torrents, that would be another matter.
We do not have information whether OBT is ignoring takedown requests. In fact the article claims:
OpenBitTorrent has never portrayed the ‘jolly roger’ style of The Pirate Bay and even has a DMCA-style notice and takedown procedure to stop the tracking of torrents. Even so, it would be surprising if they hadn’t anticipated the possibility of a court ruling like this and taken the necessary steps to hide their identities from Portlane.
BTW, I also agree with the article. The **AAs will, at the most, find some really nebulous connections with the "Pirate Bay Four" (or was it five? I don't remember).
You've forgotten at least two other possibilities: they produced it themselves after entry, or they obtained it from someone else who produced it within Australia.
Your post makes me wonder about a future where I have a home computer powerful enough to run an algorithm which downloads as many tracks off of iTunes as it needs and then can compute by extrapolation the future hits of RIAA, before they are released.
One wonders whether the courts would find that such a program is a circumvention of DRM for the purposes of the DMCA. Unfortunately, the computer, which can answer that question, will be destroyed by the construction of a.....
> Teaching assembly (which CPU?) wouldn't be practical
It's trivial to set up a VM which can run a synthetic assembly language which is rich enough to teach about introductory CPU architecture concepts like number representation, registers, addressing, and branching. Never heard that Knuth gave examples in his Art of Computer Programming series in such a language (called MIX)?
When I took the introductory course to computer programming in college, we actually were exposed to other programming paradigms than the standard industry ones. It included Prolog and SNOBOL, for example. Even though I would agree that neither of those languages has any practical application in industry today, I still think that it was an important part of my education to see these kinds of extremes (no, that doesn't mean I think that the brainfuck language should be taught to high school students --- anyway, because of its name, that would be impossible in the US).
Sure that drives the illegal activity onto hobbyist networks. But if your goal is to make it progressively harder and less effective to infringe copyright, that is a step in the right direction.
I actually disagree, here. Because I think that the more the infringement becomes "grassroots", the deeper it will become embedded in the culture of society that such casual infringement is OK. And that really, really scares the **IAs.
In addition, it also makes for a much stronger (as in, no easy weak link) alternative distribution platform, another thing which frightens Big Media.
Hey phantomfive, that last web page you loaded? That image on the left? It's mine! The webmaster there stole it from me! You downloaded illegal material under copyright!
Why don't you go turn yourself in?
Seriously, how on earth could you believe that an ordinary person could not occasionally infringe copyright? There is no magic way to know the copyright status of anything, anymore, now that Berne has made registration a thing of the past. See Infringement Nation, by John Tehranian.
Visa versa, sometimes when people try to pirate illegally, they are actually downloading material which the copyright owner himself is providing: see the Viacom debacle vs. Google, where it turns out that Viacom itself was uploading "lets make this look pirated" videos to YouTube.
If I seed a torrent which says "The first 1/2 of New Blockbuster Movie, provided free of charge as a teaser", is it unreasonable for Ordinary Joe not to believe it is legal? What if it were an old movie, claiming to be a low quality teaser?
And even in the case where it's obvious that some of the material is under copyright, Ordinary Joe cannot be sure if, perhaps, fair use is appropriate here. Only the courts can decide that. (Would you blast a relative for posting a short video of his infant dancing to copyrighted music?)
Isn't the user generated notes are written by the customers? The customers still owns the copyrights and they can and should all file DMCA take down notices.
In theory, you are probably correct. However, you can be relatively sure that somewhere in the terms of use, Yahoo's lawyers have tried to reduce liability, and you may have agreed to assign your copyright on your annotations to Yahoo (or otherwise limited your ability to use the DMCA or sue for infringement).
Not to mention you would be suing a large corporation with many more $s than you. Not easy.
One more thing to file under Yet Another Reason I Will Never Use A Kindle.
Ya, but I wrote a virus that will overwrite a Windows install with Linux, while maintaining the desktop appearance. It watches for user inactivity and when it knows they should be sleeping, and does the migration for them.
My virus trumps his basic interpreter.:)
(Just kidding on the virus. It'd be a fun idea, but I don't like the idea of jail time.)
Your post makes me wonder a bit: what is the copyright status of computer viruses? If someone would manage to write your hypothetical virus from scratch without using MS source code, could we take his work under the assumption that releasing a computer virus is effectively licensing your work for any reuse whatsoever, and presto, a new super-compatible Wine is suddenly born? (Hmm. There's still the patent threat. But let's forget that for now.)
OOXML (not to say that I'm claiming that.docx is exactly OOXML, it isn't) can contain proprietary binary blobs. Or has Microsoft gotten around to providing a "make sure that this document will be easy to transfer to other formats" button/preference. No? How surprising....
> Now how hard it is to do this, really depends.
Duh. So prove to us that it's easy and release, in the near future, an open-source renderer for.docx which is 100% compatible with the behavior of any given version of MS Office (my guess is that they don't all render it exactly the same, themselves).
It's been a very long while since I read the first Harry Potter book, but I had the distinct impression that Rowling thought of Hermione as very ordinary-looking, perhaps even a bit ugly, at least here-and-there.
Ouch. That doesn't sound all that good... or did I misunderstand?
> I'd like to suggest that the MAFIAA grows more cunning by the day, > and that available CPU work is still increasing at Moore's Law rates
This won't really help them that much (well, maybe the cunning part) if they convince enough people that it is too dangerous to continue to use P2P in its present, well-known forms. OK, a certain small number of those people will just quit totally, but most will search for new ways to get what they want. Since some of this also includes things like sneakernets, against which the only defense is paying real investigators to infiltrate things like sharing parties in real life, Moore's law isn't going to really make a difference.
I've heard stories from people who know people who work at a company who make some of the hardware used by the Chinese in their firewall, and from what they tell me, new protocols to bypass the filtration are invented on a weekly basis. So I'm not totally convinced by your idea that
> P2P standards have a huge amount of inertia, and it takes -years- > before folks move onto something "better."
If you give people enough incentive (their level of fear is high enough) then I think you will be able to see relatively large-scale change in a relatively short time.
> So, whatever you do, you want "better" to be as strong as possible, > not "just enough for today."
No, I think what you want is that this "better" protocol has a built-in parameter/s which can trade off efficiency for strength. In fact, you've inspired me. I think I'll try to invent a good steganography algorithm with this property and if I find a good enough one, I'll post it on my journal here.
Your post insightfully points out that it's not trivial (at all!) to distinguish between compressed and encrypted data, but ignores the well-known fact that even totally encrypted channels can leak protocol-identifying information via traffic analysis.
But, of course, as usual, this is cat-and-mouse. Once some kind of disguise for encrypted traffic is discovered and blocked, another one will pop up. In the long term, the advance of bandwidth will make even inefficient cloaking a viable proposition for some applications.
> To perform steganography effectively (read: "undetectably")
He's not talking about standard steganography where one is interested in having a very small probability that an opponent with practically unlimited computing resources will be able to detect the presence of a message. He's talking about steganography against an opponent with very limited computing resources (on a per-message-byte basis).
It's similar to someone "encrypting" some of their Google Calendar events with a substitution cipher. The point isn't that Google couldn't break the ridiculously weak encryption, it's that Google has no economic incentive to do so, and even if it had, it couldn't invest the computing time to try to break thousands of such calendar entries (if this would happen on on a massive scale).
Slashdot Mirror
> He was of the idea that there is no way to prove the non-existence of god, and therefore it's reasonable to believe in a god.
I've never read his annotated version of Alice in Wonderland, but I wouldn't be at all surprised if Gardener would have claimed that he both believed and disbelieved in the existence of God, in a weird sort of spiritual quantum superposition.
> ... hurt the Atheist cause more than anything.
Really? I would have thought that your insensitive post might possibly have done more damage. It certainly raised my bile. You're lucky I know so many atheists who I actually respect.
And how is he supposed to prevent someone from setting up "http://isohunt.mydomain.notus" to just proxy Isohunt so he can anyway get hits on his adverts? If the proxy would siphon off some of the ads for their own income stream, this might be an interesting business model.
I know it's bad form to reply to one's own post, but I just now understood that this idea is an interesting example where copyright infringement is directly beneficial to the party whose content is being infringed upon.
I can just imagine Fung half-heartedly suing the proxy site(s) for infringement, just so he can CYA with respect to the injunction.
Why do you expect them to be less clueless than the vast majority of the people they serve and represent?
Especially considering that their expertise is in non-technological fields?
I'm going to celebrate tonight.
I hope your celebration won't entail overeating or drinking to excess, because if you're going to do that everytime Big Media hits the Wack-A-Mole, you're going to ruin your health.
I wonder how much of his traffic is actually from the US.
And how is he supposed to prevent someone from setting up "http://isohunt.mydomain.notus" to just proxy Isohunt so he can anyway get hits on his adverts? If the proxy would siphon off some of the ads for their own income stream, this might be an interesting business model.
> This protects your privacy from everyone but google.
Wrong. This only protects your privacy from adversaries who cannot afford to subvert CA's. That doesn't include most governments or even most large corporations, and probably doesn't even include organized crime.
There's no reason for a browser to throw up nasty error dialogs when it encounters a self-signed certificate. Instead, browsers should silently accept such certificates and record the public key fingerprint. Browsers shouldn't turn on the lock icon when using a self-signed cert, or do anything else to make the user think they're browsing on a secure connection, because they're really not, but they should go ahead and encrypt the traffic.
Security, like everything else, isn't binary, so browsers classifying connections into two classes, "secure" and "insecure" is itself, in some ways, idiocy. We saw this in action recently, when Chinese dissidents were lobbying Mozilla to not trust a certain CA they believe is controlled by the Chinese government.
Your new definition of "secure connection" is still not secure from any adversary who controls or has otherwise subverted an organization trusted to issue certificates. For example, Google itself (I recently noticed, because I've started using Certificate Patrol, that Google juggled some of the certificates it uses for GMail and Google Docs --- perhaps it was because of this new feature --- but all the certificates in question were issued by a CA that Google has set up).
I do understand that Ordinary Joe isn't able to understand all this, and in that context, your suggestion isn't all that bad. I wonder if corporations will start to become so competitive that they will be tempted to abuse their cert-issuing powers to MITM. A possible scenario with less risk to such a corporation would be to use a criminal third party which they have allowed to subvert their CA's security. OTOH, the minute that a corporation would do such a thing, the criminals would have power to MITM any secure browser connection --- one wonders if this would deter such tomfoolery. Actually, one has to wonder whether organized crime hasn't already subverted some CA somewhere, no?
In other contexts, similar actions would definitely be illegal. For example, one person walks up to another person and says "Hey, I want to murder Bob Jones, but I don't know where he lives, can you help me?" and the second person says "Yeah, he lives at 123 Fake Street, here's copy of his house key. By the way, here's where you can get a really nice shotgun which would be a really effective murder instrument to use."
Aren't you tired of idiotic comparisons which compare copyright infringement to murder? After reading Slashdot for as long as I have, I am. Let me give you a hint. Making this comparison doesn't help people relate to your arguments seriously on their own merits.
And as for your argument here, it is not at all a good analogy, even disregarding the extreme crime you've chosen. The truth is that it is impossible for the operators of OBT (by themselves) to know whether content is infringing or not, unless, of course, the torrent itself claims to be infringing (and even then, one cannot be sure --- look at what we've discovered about Viacom's marketing tactics thanks to their suing YouTube/Google). This is not at all close to your example, where someone explicitly declares "I want to commit a crime".
They don't condone piracy; in fact, their website asks that users not illegally distribute copyrighted material with the tracker.
That's pretty unconvincing. They all say that. Words are cheap, actions matter more. If they were actively removing infringing torrents, that would be another matter.
We do not have information whether OBT is ignoring takedown requests. In fact the article claims:
OpenBitTorrent has never portrayed the ‘jolly roger’ style of The Pirate Bay and even has a DMCA-style notice and takedown procedure to stop the tracking of torrents. Even so, it would be surprising if they hadn’t anticipated the possibility of a court ruling like this and taken the necessary steps to hide their identities from Portlane.
BTW, I also agree with the article. The **AAs will, at the most, find some really nebulous connections with the "Pirate Bay Four" (or was it five? I don't remember).
You've forgotten at least two other possibilities: they produced it themselves after entry, or they obtained it from someone else who produced it within Australia.
As other posters have noted, the fact that packets would be sniffed was announced to everyone; one wonders exactly how that biased the results.
Unfortunately, as the blog post notes, it's impossible to find out without breaking one (or maybe several) laws.
Your post makes me wonder about a future where I have a home computer powerful enough to run an algorithm which downloads as many tracks off of iTunes as it needs and then can compute by extrapolation the future hits of RIAA, before they are released.
One wonders whether the courts would find that such a program is a circumvention of DRM for the purposes of the DMCA. Unfortunately, the computer, which can answer that question, will be destroyed by the construction of a .....
(Ouch. I should go get some sleep....)
> It tries to take away your rights , but fails ....
Right. It fails to take away my right to sue a multi-billion dollar corporation.
I'm soooooo thrilled.
Wikipedia is your friend.
> Teaching assembly (which CPU?) wouldn't be practical
It's trivial to set up a VM which can run a synthetic assembly language which is rich enough to teach about introductory CPU architecture concepts like number representation, registers, addressing, and branching. Never heard that Knuth gave examples in his Art of Computer Programming series in such a language (called MIX)?
When I took the introductory course to computer programming in college, we actually were exposed to other programming paradigms than the standard industry ones. It included Prolog and SNOBOL, for example. Even though I would agree that neither of those languages has any practical application in industry today, I still think that it was an important part of my education to see these kinds of extremes (no, that doesn't mean I think that the brainfuck language should be taught to high school students --- anyway, because of its name, that would be impossible in the US).
... MS ... contract ... accountability on both sides.
Congrats. You've made my day. That has to be one of the funniest sentences I've read here on Slashdot.
Tell me, when was the last time you read a EULA for a Microsoft product?
Sure that drives the illegal activity onto hobbyist networks. But if your goal is to make it progressively harder and less effective to infringe copyright, that is a step in the right direction.
I actually disagree, here. Because I think that the more the infringement becomes "grassroots", the deeper it will become embedded in the culture of society that such casual infringement is OK. And that really, really scares the **IAs.
In addition, it also makes for a much stronger (as in, no easy weak link) alternative distribution platform, another thing which frightens Big Media.
Hey phantomfive, that last web page you loaded? That image on the left? It's mine! The webmaster there stole it from me! You downloaded illegal material under copyright!
Why don't you go turn yourself in?
Seriously, how on earth could you believe that an ordinary person could not occasionally infringe copyright? There is no magic way to know the copyright status of anything, anymore, now that Berne has made registration a thing of the past. See Infringement Nation, by John Tehranian.
Visa versa, sometimes when people try to pirate illegally, they are actually downloading material which the copyright owner himself is providing: see the Viacom debacle vs. Google, where it turns out that Viacom itself was uploading "lets make this look pirated" videos to YouTube.
If I seed a torrent which says "The first 1/2 of New Blockbuster Movie, provided free of charge as a teaser", is it unreasonable for Ordinary Joe not to believe it is legal? What if it were an old movie, claiming to be a low quality teaser?
And even in the case where it's obvious that some of the material is under copyright, Ordinary Joe cannot be sure if, perhaps, fair use is appropriate here. Only the courts can decide that. (Would you blast a relative for posting a short video of his infant dancing to copyrighted music?)
Isn't the user generated notes are written by the customers? The customers still owns the copyrights and they can and should all file DMCA take down notices.
In theory, you are probably correct. However, you can be relatively sure that somewhere in the terms of use, Yahoo's lawyers have tried to reduce liability, and you may have agreed to assign your copyright on your annotations to Yahoo (or otherwise limited your ability to use the DMCA or sue for infringement).
Not to mention you would be suing a large corporation with many more $s than you. Not easy.
One more thing to file under Yet Another Reason I Will Never Use A Kindle.
Ya, but I wrote a virus that will overwrite a Windows install with Linux, while maintaining the desktop appearance. It watches for user inactivity and when it knows they should be sleeping, and does the migration for them.
My virus trumps his basic interpreter. :)
(Just kidding on the virus. It'd be a fun idea, but I don't like the idea of jail time.)
Your post makes me wonder a bit: what is the copyright status of computer viruses? If someone would manage to write your hypothetical virus from scratch without using MS source code, could we take his work under the assumption that releasing a computer virus is effectively licensing your work for any reuse whatsoever, and presto, a new super-compatible Wine is suddenly born? (Hmm. There's still the patent threat. But let's forget that for now.)
OOXML (not to say that I'm claiming that .docx is exactly OOXML, it isn't) can contain proprietary binary blobs. Or has Microsoft gotten around to providing a "make sure that this document will be easy to transfer to other formats" button/preference. No? How surprising....
> Now how hard it is to do this, really depends.
Duh. So prove to us that it's easy and release, in the near future, an open-source renderer for .docx which is 100% compatible with the behavior of any given version of MS Office (my guess is that they don't all render it exactly the same, themselves).
For example, how many of you see a movie adaptation of a book only to have them cast an actor that looks nothing like you imagined it?
Like I imagined it? Never mind that. Let's complain about casting someone who is nothing like the author imagined. E.g.:
Hermione_Granger vs. Emma Watson.
It's been a very long while since I read the first Harry Potter book, but I had the distinct impression that Rowling thought of Hermione as very ordinary-looking, perhaps even a bit ugly, at least here-and-there.
> if fighting the War On Spam from both sides
Ouch. That doesn't sound all that good... or did I misunderstand?
> I'd like to suggest that the MAFIAA grows more cunning by the day,
> and that available CPU work is still increasing at Moore's Law rates
This won't really help them that much (well, maybe the cunning part) if they convince enough people that it is too dangerous to continue to use P2P in its present, well-known forms. OK, a certain small number of those people will just quit totally, but most will search for new ways to get what they want. Since some of this also includes things like sneakernets, against which the only defense is paying real investigators to infiltrate things like sharing parties in real life, Moore's law isn't going to really make a difference.
I've heard stories from people who know people who work at a company who make some of the hardware used by the Chinese in their firewall, and from what they tell me, new protocols to bypass the filtration are invented on a weekly basis. So I'm not totally convinced by your idea that
> P2P standards have a huge amount of inertia, and it takes -years-
> before folks move onto something "better."
If you give people enough incentive (their level of fear is high enough) then I think you will be able to see relatively large-scale change in a relatively short time.
> So, whatever you do, you want "better" to be as strong as possible,
> not "just enough for today."
No, I think what you want is that this "better" protocol has a built-in parameter/s which can trade off efficiency for strength. In fact, you've inspired me. I think I'll try to invent a good steganography algorithm with this property and if I find a good enough one, I'll post it on my journal here.
Your post insightfully points out that it's not trivial (at all!) to distinguish between compressed and encrypted data, but ignores the well-known fact that even totally encrypted channels can leak protocol-identifying information via traffic analysis.
See: http://www.cs.jhu.edu/~cwright/ and http://it.slashdot.org/article.pl?sid=08/06/13/1449232
But, of course, as usual, this is cat-and-mouse. Once some kind of disguise for encrypted traffic is discovered and blocked, another one will pop up. In the long term, the advance of bandwidth will make even inefficient cloaking a viable proposition for some applications.
> To perform steganography effectively (read: "undetectably")
He's not talking about standard steganography where one is interested in having a very small probability that an opponent with practically unlimited computing resources will be able to detect the presence of a message. He's talking about steganography against an opponent with very limited computing resources (on a per-message-byte basis).
It's similar to someone "encrypting" some of their Google Calendar events with a substitution cipher. The point isn't that Google couldn't break the ridiculously weak encryption, it's that Google has no economic incentive to do so, and even if it had, it couldn't invest the computing time to try to break thousands of such calendar entries (if this would happen on on a massive scale).