In the name of improved security, I block third-party Javascript using NoScript. I cannot fib, however, and claim that I am unhappy that this removes a lot of annoying advertising.
P.S. I agree that text ads have never bothered me. Well, maybe once or twice in total over a humongous amount of browsing time.
I agree that some artists will make less money under this system. I'm not convinced that in total there will be a lot of change (especially if the middleman is cut out).
A robot can't enter into a contract though, I would imagine.
If I cannot be liable for my robot breaking a contract, why couldn't I just make a robot which spiders the net and copies everything, violating copyright? Somehow I think your logic is flawed.
> It's far easier, quicker and more accurate to just crash a car into a wall at 60mph
Yes, but it's also much more expensive to get good statistics. Well, to be more precise, there exists a level of statistical accuracy above which simulation is cheaper (no matter how much more expensive the development of the simulation is than the value of a car). I agree that this level may be much more accurate than any which is required by certification processes. Actually, since I'm not even sure that vehicle certification standards actually deal with statistics, I'm fairly sure that that level is much more accurate (than any required level).
And here we see the big difference between software and mechanics. The mechanical system of the car has almost no "state" other than a global velocity vector and some internal mechanical parameters like the RPM of the engine and some temperatures and pressures at various locations, and the response of the mechanical system isn't very sensitive to small changes in this state. That's why they can crash a few cars and be done with it. The software, on the other hand, can be infinitely more sensitive to small changes in its state (which can be very complex if it depends on data from a long time period), and so it is much more likely for software to exhibit the bad behavior we see here: that some kind of low-probability event/state is reached which triggers unintentional (and dangerous) behavior.
And that is why there needs to be different standards for mechanical disclosure versus software disclosure (but, as I said, not necessarily a requirement for revealing the source to just anyone).
In many countries there are regulations which make it illegal to import vehicles which do not live up to various standards, and to pass these standards the car company has to prove to the appropriate government office that the car passes muster. In order to do that the company may be forced to disclose details as to how the car works. I see no reason why this shouldn't extend to software also.
Do you have any idea what kind of regulation there is for software which runs in medical devices? In most countries, in order to get approval, the software needs to pass some kind of independent review.
I do agree that that all of this is less than having to release the source code to anyone who wants to review it, a standard which I threw out for discussion here, but feel is only appropriate for voting machine software. I have a feeling that there probably isn't enough regulation of car software, however, be it from public release, independent review, or government review.
When Terry's immediate supervisors -- in the IT department -- asked for the passwords, he refused, which is flat out insubordination. The senior IT managers should have access to the network passwords. That is a part of their job description. It's the responsibility of administrators to make sure that the passwords are disseminated to the appropriate people, and stored securely. (e.g.: in a lockbox, safe, or whatever...)
Terry didn't do his job. He made sure that he was the only person with the passwords, for years! What happens if he gets run over by a bus? Or dies of a heart attack?
So you're saying, in effect, that the senior IT managers were not doing their jobs? Yes, that's clear to all of us here. What isn't clear, is whether we attribute this failure on the part of the managers on their own incompetence, or on some kind of Catch-22 where the managers were never given the proper funding which would be necessary to replace Childs properly with a more cooperative "widget" (making leaving the status quo the best possible thing to do). Since Childs did agree to give the passwords to the mayor (albeit under duress), one would think that it was likely that he could have been convinced to do this previous to the "crisis" situation. It is my opinion that it was the failure of his managers that they didn't require him to do it.
This is a guy who thought he somehow 'owned' a network paid for by the taxpayers, just because he was the lead designer! Nobody that crazy should be allowed sole control of anything even remotely important, let alone the core government WAN of a major US city!
Again, you're merely stating that Childs' managers were idiots. Why should he be in jail for that?
Ah, the pleasure of never being able to be up-to-date vis-à-vis the whirlwind advance of technology and commerce. Sorry to have burdened you with old information.
Yes, one wonders what damages Activision envisioned would accrue if they let the project continue.
As for the damages to the project, that's rather obvious, what isn't obvious is how the court might assign value for the work lost or if the court would merely reinstate the original license (in which case a lawyer on contingency would not get paid unless the court ruled that Activision needed to pay him).
Super*Talent, a manufacturer of computer memory, has created the "Super Digital" card. They are the same in appearance and function as regular Secure Digital cards, but they lack the CPRM code commonly found in Secure Digital cards.
The cited reference is here. I'm not sure you'll be able to view it, however, because it seems to require Javascript.
Somehow I have the suspicion that you're talking about some judgment which garnished a (relatively) insignificant amount like $5/wk. and was possibly conditioned on weekly wages of much higher than that.
I had been erroneously thinking that the sliding switch on the side of an SD card was disconnecting something electronically, but you seem to be correct: the write-protect function is actuated by the software querying the state of a mechanical sensor.
On the other hand, this doesn't seem to be any different than the write protect tabs of floppy disks (which is what he's relying upon instead).
The WP article on SD cards has information on a manufacturer of "Super Digital" cards which are SD cards without the overhead of DRM. Enjoy.
I still can't figure out why you think that would make the card more trustworthy, though. The last batch of Trojaned hardware I heard about were network routers which, as far as I know, didn't have DRM.
> USB keys don't have write-protect tabs, so you have to be careful plugging into a compromised box.
Many microSD (or microSDHC) cards come with an SD card adapter and some of the adapters still have a write-protect switch. You can then plug that adapter into a small USB card reader, and voilà! Possible to still have "USB key" with write-protect.
You also should still be able to find 2GiB SD cards which have write-protect switches which can be used directly in the same card readers (and last time I checked, the 2.6 kernel wasn't that bloated <wink>).
> Spread it randomly around the game and it becomes almost impossible to build a working crack.
No, your comment immediately made me think of a crack which automatically mirrors all communication to/from the game server to a "crack DB" server. In this way, the community of people using your crack all help you assemble more information how to continue the cracking process.
The only thing which might make this hard is when CPUs will include public keys and ISAs which include decryption of machine code on-the-fly. Actually, it seems it might not be too far off (CPUs are already starting to include encryption/decryption instructions in their ISAs, but so far the instructions are only for data, not program).
> It's not exactly commonplace for people to steal such things.
Oh, some of us are fairly sure that the past behavior of the record labels, when they controlled music publicity almost exclusively (and quite probably illegally) so that artists didn't feel they had much choice other than to sign their copyrights away, could very easily be called "copyright theft".
In the US, at least, the artist in some cases is able to take hiscopyrightback.
the bigger issue is that the sysadmins didn't know about or how to use the standard, built-in tools the rest of the industry
Unless your industry is working for the NSA, in which case you've just made a big no-no leak (which I doubt), I, for one, have no idea what tools you are talking about. Windows comes with a version of remote desktop which doesn't notify the person physically at the computer? It comes with a tool which enables you to use the camera without turning on the "camera activated" LED?
> but the point remains that Linux is a very chaotic environment and nobody wants to stand up to be liable if something goes wrong.
And this is different from? I dare say that Microsoft has very little to do (directly) with the reasons for most technical problems with computers running Windows. Which, in my rather limited experience, are malware/viruses, bad third-party drivers, and third-party software interactions (mainly from game DRM and anti-virus/anti-malware).
I remember that at one point Katzen had managed to turn the intent of California's anti-SLAPP laws on their head and gotten a decision that Jacobsen had to pay him a hefty sum in legal fees. Anyone have any idea what happened with this and how the final settlement deals with it, if at all?
Slashdot Mirror
In the name of improved security, I block third-party Javascript using NoScript. I cannot fib, however, and claim that I am unhappy that this removes a lot of annoying advertising.
P.S. I agree that text ads have never bothered me. Well, maybe once or twice in total over a humongous amount of browsing time.
You can see non-editable versions of deleted pages at Deletionpedia.
> How is an author, ...
Perhaps via the http://en.wikipedia.org/wiki/Threshold_pledge_system? Or people will just pay for his works even if they aren't forced to?
I agree that some artists will make less money under this system. I'm not convinced that in total there will be a lot of change (especially if the middleman is cut out).
A robot can't enter into a contract though, I would imagine.
If I cannot be liable for my robot breaking a contract, why couldn't I just make a robot which spiders the net and copies everything, violating copyright? Somehow I think your logic is flawed.
> It's far easier, quicker and more accurate to just crash a car into a wall at 60mph
Yes, but it's also much more expensive to get good statistics. Well, to be more precise, there exists a level of statistical accuracy above which simulation is cheaper (no matter how much more expensive the development of the simulation is than the value of a car). I agree that this level may be much more accurate than any which is required by certification processes. Actually, since I'm not even sure that vehicle certification standards actually deal with statistics, I'm fairly sure that that level is much more accurate (than any required level).
And here we see the big difference between software and mechanics. The mechanical system of the car has almost no "state" other than a global velocity vector and some internal mechanical parameters like the RPM of the engine and some temperatures and pressures at various locations, and the response of the mechanical system isn't very sensitive to small changes in this state. That's why they can crash a few cars and be done with it. The software, on the other hand, can be infinitely more sensitive to small changes in its state (which can be very complex if it depends on data from a long time period), and so it is much more likely for software to exhibit the bad behavior we see here: that some kind of low-probability event/state is reached which triggers unintentional (and dangerous) behavior.
And that is why there needs to be different standards for mechanical disclosure versus software disclosure (but, as I said, not necessarily a requirement for revealing the source to just anyone).
In many countries there are regulations which make it illegal to import vehicles which do not live up to various standards, and to pass these standards the car company has to prove to the appropriate government office that the car passes muster. In order to do that the company may be forced to disclose details as to how the car works. I see no reason why this shouldn't extend to software also.
Do you have any idea what kind of regulation there is for software which runs in medical devices? In most countries, in order to get approval, the software needs to pass some kind of independent review.
I do agree that that all of this is less than having to release the source code to anyone who wants to review it, a standard which I threw out for discussion here, but feel is only appropriate for voting machine software. I have a feeling that there probably isn't enough regulation of car software, however, be it from public release, independent review, or government review.
> What I struggle to understand is why this isn't a legal requirement on all new drive-by-wire cars?
You would think that there would also be a requirement that the source code be released for review to anyone who cares.
...
When Terry's immediate supervisors -- in the IT department -- asked for the passwords, he refused, which is flat out insubordination. The senior IT managers should have access to the network passwords. That is a part of their job description. It's the responsibility of administrators to make sure that the passwords are disseminated to the appropriate people, and stored securely. (e.g.: in a lockbox, safe, or whatever...)
Terry didn't do his job. He made sure that he was the only person with the passwords, for years! What happens if he gets run over by a bus? Or dies of a heart attack?
So you're saying, in effect, that the senior IT managers were not doing their jobs? Yes, that's clear to all of us here. What isn't clear, is whether we attribute this failure on the part of the managers on their own incompetence, or on some kind of Catch-22 where the managers were never given the proper funding which would be necessary to replace Childs properly with a more cooperative "widget" (making leaving the status quo the best possible thing to do). Since Childs did agree to give the passwords to the mayor (albeit under duress), one would think that it was likely that he could have been convinced to do this previous to the "crisis" situation. It is my opinion that it was the failure of his managers that they didn't require him to do it.
This is a guy who thought he somehow 'owned' a network paid for by the taxpayers, just because he was the lead designer! Nobody that crazy should be allowed sole control of anything even remotely important, let alone the core government WAN of a major US city!
Again, you're merely stating that Childs' managers were idiots. Why should he be in jail for that?
Ah, the pleasure of never being able to be up-to-date vis-à-vis the whirlwind advance of technology and commerce. Sorry to have burdened you with old information.
> What damages are here?
Yes, one wonders what damages Activision envisioned would accrue if they let the project continue.
As for the damages to the project, that's rather obvious, what isn't obvious is how the court might assign value for the work lost or if the court would merely reinstate the original license (in which case a lawyer on contingency would not get paid unless the court ruled that Activision needed to pay him).
From: http://en.wikipedia.org/wiki/SD_card#DRM_features :
Super*Talent, a manufacturer of computer memory, has created the "Super Digital" card. They are the same in appearance and function as regular Secure Digital cards, but they lack the CPRM code commonly found in Secure Digital cards.
The cited reference is here. I'm not sure you'll be able to view it, however, because it seems to require Javascript.
> Activision will get their asses handed to them if this fan site can find a good lawyer.
You meant: "Activision may get their asses handed to them if this fan site can find a good lawyer who will agree to work for a contingency fee."
> ... you're in a pretty favorable legal position.
Except when the other party has lots of money and you don't. Welcome to the realities of our legal system.
> And yes, it happens.
Please give us the reference(s).
Somehow I have the suspicion that you're talking about some judgment which garnished a (relatively) insignificant amount like $5/wk. and was possibly conditioned on weekly wages of much higher than that.
I had been erroneously thinking that the sliding switch on the side of an SD card was disconnecting something electronically, but you seem to be correct: the write-protect function is actuated by the software querying the state of a mechanical sensor.
On the other hand, this doesn't seem to be any different than the write protect tabs of floppy disks (which is what he's relying upon instead).
The WP article on SD cards has information on a manufacturer of "Super Digital" cards which are SD cards without the overhead of DRM. Enjoy.
I still can't figure out why you think that would make the card more trustworthy, though. The last batch of Trojaned hardware I heard about were network routers which, as far as I know, didn't have DRM.
The US government trying to "fix" the Internet is going to make me healthier?
> If you believe that the government not getting involved is going to lead to an optimal outcome for the public, I'd love to hear why.
If it ain't broke, don't fix it.
BTW, do you also believe that the TSA increases our air travel security?
> USB keys don't have write-protect tabs, so you have to be careful plugging into a compromised box.
Many microSD (or microSDHC) cards come with an SD card adapter and some of the adapters still have a write-protect switch. You can then plug that adapter into a small USB card reader, and voilà! Possible to still have "USB key" with write-protect.
You also should still be able to find 2GiB SD cards which have write-protect switches which can be used directly in the same card readers (and last time I checked, the 2.6 kernel wasn't that bloated <wink>).
> Spread it randomly around the game and it becomes almost impossible to build a working crack.
No, your comment immediately made me think of a crack which automatically mirrors all communication to/from the game server to a "crack DB" server. In this way, the community of people using your crack all help you assemble more information how to continue the cracking process.
The only thing which might make this hard is when CPUs will include public keys and ISAs which include decryption of machine code on-the-fly. Actually, it seems it might not be too far off (CPUs are already starting to include encryption/decryption instructions in their ISAs, but so far the instructions are only for data, not program).
> It's not exactly commonplace for people to steal such things.
Oh, some of us are fairly sure that the past behavior of the record labels, when they controlled music publicity almost exclusively (and quite probably illegally) so that artists didn't feel they had much choice other than to sign their copyrights away, could very easily be called "copyright theft".
In the US, at least, the artist in some cases is able to take his copyright back.
the bigger issue is that the sysadmins didn't know about or how to use the standard, built-in tools the rest of the industry
Unless your industry is working for the NSA, in which case you've just made a big no-no leak (which I doubt), I, for one, have no idea what tools you are talking about. Windows comes with a version of remote desktop which doesn't notify the person physically at the computer? It comes with a tool which enables you to use the camera without turning on the "camera activated" LED?
OK, I've actually never faked a fingerprint myself. But I've read about research on it in Bruce Schneier's blog:
http://www.schneier.com/crypto-gram-0205.html#5
Care to guess what the batting average of most fingerprint readers was against someone trying to fool them?
(Answer: the eleven commercial fingerprint ID systems, together, wouldn't defeat my son's blindfolded Little League team.)
> but the point remains that Linux is a very chaotic environment and nobody wants to stand up to be liable if something goes wrong.
And this is different from? I dare say that Microsoft has very little to do (directly) with the reasons for most technical problems with computers running Windows. Which, in my rather limited experience, are malware/viruses, bad third-party drivers, and third-party software interactions (mainly from game DRM and anti-virus/anti-malware).
I remember that at one point Katzen had managed to turn the intent of California's anti-SLAPP laws on their head and gotten a decision that Jacobsen had to pay him a hefty sum in legal fees. Anyone have any idea what happened with this and how the final settlement deals with it, if at all?