The paper: http://discovery.csc.ncsu.edu/pubs/ccs09-HookSafe.pdf

And the required Schneier blog post: http://www.schneier.com/blog/archives/2009/11/protecting_oss.html

I'm pretty confident in saying that economies of scale have made actual sales of 360's profitably by this point. At least, that's usually the way things work with consoles.

I realize you are not taking this view, but responding to it anyway :)

The only problem is, he could afford it. He spent 75 pounds to get it "chipped." That's the 12% of the price of the 30-40 games he later said he copied, so he could have at least bought 10% of those games (3-4).

My take is that people have decided they want what they want now and if there is an easy and relatively safe way to illegally obtain it - instead of paying for it or saving up and paying for it - they will do it the illegal way. Modding wasn't illegal, AFAIK, but downloading was. And yes, Microsoft lost sales; presumably this guy would have bought games if he wasn't getting them for free, as he did have money to spend on it.

The "no lost sale" argument still implies that it's okay to do something as long as you can't afford to do it. That's the part of the argument that's wrong, IMO. That and there does definitely seem to be a pervading can't-wait feeling. You (and I) wait for the game prices to go down. These kids tell us they "can't" wait and that they don't have anything else to do if they can't play the newest games. Something is wrong there...

so really it's all about the boink applications, I guess...

Agreed it has to be documented but a decent sysadmin or infrastructure architect is not a cheap resource - You dont want your most skilled and expensive staff doing stuff that is simply i-dotting and t-crossing and more importantly not in their core competencies. I never argued against change control itself, I wouldnt want to have responsibility for anything critical in an environment without it. It does have to be practical though.

For example, the best guy I ever worked for realized this and while we still had the monolithic and byzantine change management system, the word from the boss was "for non-emergency changes, email my secretary who will handle the forms and stuff. If questions come back you still need to answer them but I dont want you wasting your time over some auditors quibble over whether something is correctly coded for the type of service request or not" - effectively dividing up the work on the process so that the staff who were best trained to handle a particular part of it did so. Perhaps unsurprisingly, the teams under this guy had the best record for change management compliance in the entire company.

It's very much like security - if it's easy to comply with a policy, everybody will. If it's hard then you're giving folks an incentive to look for loopholes and work around it. Like security change control is an essential component of managing systems and networks but you cant afford to change manage yourself into total paralysis any more than you want to secure a server by shutting it down and unplugging it.

Right AND wrong in one post :)

Excessive paperwork like 30 min to fill out a change request form to do something like make a 30 second edit to a config file and sighup a daemon is stupid and you'll hear no argument from me on that. Change control per se however, is essential, particularly in a large enterprise. Running part of that kind of infrastructure without change control would be like trying to manage the kernel source tree without cvs (or svn or $REPOS_OF_CHOICE, analogy holds either way.)

The problem is not change control, its the way it is implemented. Change control methodology is designed by PHBs who haven't actually done the tech work in years, if they ever did. It's then scribbled all over by a "business analyst" who thinks a sigpipe is a plumbing problem and by the time guys actually doing the work get hold of it it has become a nightmare of procedural BS when all you really needed was a way to make sure everything you do to a live production system is documented and that anything other than emergency break-fix at least got basic testing and a second pair of eyes looking at it before rolling it out.

According to her online profile, unphotoshopped that model is 5'8" and wears a size 6, measuring 33-24-35. No need to alter those proportions at all.

Patent the antibiotic, sure.. but the ribosome structure never. Discoveries and natural properties, as opposed to inventions, are explicitly excluded from patentability in the law so pretty much all those "patents on genes" and "patents on naturally occurring proteins" are ripe for challenge. Now if you use the knowledge thus discovered to create novel compounds that interact with it in specific ways, like the antibiotics mentioned then sure, go ahead and file the patent on what you made. If you take a naturally occurring protein and find a novel therapeutic use for it go ahead and patent that.. Where I have a problem with it is that the patent is being used as a blunt instrument to prevent anyone else working on other applications of what you discovered. NOT the way its supposed to work.

Am I the only one here thinking of the slight parallel with the coulter counter and the way it made such a huge difference to blood counts once a tech no longer had to sit behind a microscope staring at a haemocytometer? Only real diff is that one does whole cells and the other is planned to read sections of individual macromolecules. Only a matter of scale really. Definitely a "darn, why didnt anyone think of that before?" moment. Hope they make it work.

Get a class subscription to "Analog" and relate both the editorials and the shorter stories (ie not the big serialized ones) to world events occurring in the previous year. Obviously the editorial in each issue will be relating to more recent events than the stories...