Assuming there isn't something that prevents the boot image from being replaced. See my other, more extensive, comment in this thread.

Don't be condescending. I'm not saying rebooting is a magic anything.

Whether or not this matters depends on the threat model and why the attacker is interested in patching the kernel. For example, one purpose would be to disable other kernel security features, such as SELinux, or dm-verity. Most SELinux rules are configured and the configuration can be altered by root, but some are compiled into the kernel and can only be modified by modifying the kernel. Altering the persistent kernel image may not be possible for a variety of reasons (read-only media, SecureBoot, etc.). In addition, in security-sensitive and mission-critical contexts an unexpected reboot may well be noticed.

I don't understand your assertion about SecureBoot. Are you referring to some known vulnerability of some particular secure boot system? Given a decent implementation of secure/verified boot, an attacker should not be able to convince the system to boot a modified kernel image, which means that run-time modification of the kernel is the only option if the attacker needs to bypass some kernel security enforcement.

In general, the security model of a high-security Linux system assumes that the kernel is more trustworthy than root. The ability for root to modify the running kernel invalidates this assumption, which most definitely is a security issue.

In the context of a system without mandatory access controls there may not be any reason to care, since once an attacker has obtained root there probably isn't any limit to what he can do.

Sure, if your concern is error, rather than malice. An attacker who gains root could use this to dynamically patch a backdoor into the running kernel. Rebooting the machine would potentially enable someone to notice.

As another poster noted, though, you can already dynamically patch the kernel for malicious purposes by loading a malicious module, assuming that hasn't been disabled. In contexts where security is crucial, I would disable both dynamic module loading and run-time patching.

The GP wasn't suggesting that excessive data was handed over, he said that an NSL could be used to demand installation of a backdoor. If I were a vendor, even one who really wanted to be cooperative, I'd balk at that, because the chances of something like a backdoor being discovered are too high. It would be actively sabotaging my customers, and not just to the NSA... a backdoor can't distinguish between users, it lets in anyone who figures it out. And, of course, if the existence of the backdoor were published it would do serious damage to my business.

Even companies who want to cooperate are going to be reluctant to do potentially business-destroying favors for the government. There would be a great deal of incentive to fall back on the law and refuse on the grounds that the law doesn't authorize such requests.

I'm skeptical that an Android device would survive running flat out for two years to crack a PIN. The heat and battery life issues I experienced when I tested it demonstrate clearly that mobile devices simply aren't designed to run full-speed 24x7.

Also, it should be pointed out that the attack I described is far from easy to carry out. Among other things, it requires dumping the contents of flash, which basically requires removing the flash chips from the mainboard without damaging it, then either putting the flash chips back or installing new flash, then the device must be unlocked, a custom, hostile OS flashed, and finally the attacker can start the multi-year process.

Note that the 630-day figure I cited is on average. It would take twice that long for a guaranteed break.

Finally, if you add one more character to your passcode (7-character alphanumeric), the crack time jumps from 630 days on average to 124 years.

I agree that Lollipop FDE still needs some improvement, but it's already quite good.

Spock in Amok Time is good Spock, just rageful and murderous. Evil Spock (with a goatee -- that's how you can tell he's evil) was from episode 33, "Mirror, Mirror."

Time shifting is typically something that the end-user does. Tivo, like Sony before it (The original time shifting lawsuit was against Sony for their Betamax), merely makes the machine. So long as there is at least a potential lawful use for the recording function of the machine, they can go on making them. The Supreme Court found that at least some time shifting would be fair, and that was enough.

Space shifting is another example, the original case was against Diamond for their Rio MP3 players, but Apple's iPod relied on it, as did basically everyone else.

No, the purpose of the use for time shifting, while not precisely commercial, is to simply use the work in the way that an ordinary user, who did not time shift, would use it. It's not strongly against fair use, but it certainly doesn't weigh for it in the way that an educational or transformative use would. At best it is a wash.

It does.

(Though the question of parodying a mark directly is different from parodying a work which happens to contain a mark. Parodying Star Wars, which includes X-Wings, and the Millennium Falcon, and Lightsabers, and so on is different from parodying the Star Wars logo all by itself)

Also, remember that trademarks are inferior to, and cannot be used as a substitute for, copyrights. And that trademarks themselves are subject to various limitations to allow for certain types of unauthorized use.

Peter Pan is in the public domain in the US. You can absolutely have Peter Pan promoting drug use ('fairy dust' can be the street name; a side effect might be paranoid hallucinations of ticking crocodiles, etc.), and publish it widely enough to detract from Disney's ability to keep Peter Pan a wholesome character that they can make tons of money off.

Go nuts.

But because people can ignore that -- In fact, I'm confident that there are bad porn versions of Peter Pan floating around -- it doesn't really detract from the original, or from the Disney movies, unless you allow it to. It's up to you, the audience member.

That's not quite right.

There's no special status for works which are parodies. Some parodies can be fair uses, but not all parodies are. And not all fair uses are parodies, though some fair uses are.

In any case, one factor in determining whether a use is fair or not is how much, and of that how substantial a part, of the original work is used. It's possible to have a fair use that uses all of a work, but also possible to have a use which uses very little of a work, but which is not fair.

While it all depends on the circumstances at hand, a good rule of thumb is to take only so much as you need. If you wanted to make a parody of Star Wars about how Luke waving the lightsaber around in Obi-Wan's house is dangerous, because Luke is a klutz, you could probably use some footage of that scene from the movie. You would have a harder time justifying using the entire movie, but only changing that one scene for the purposes of parody.

This is the oft-cited parody/satire dichotomy.

No seriously, some people really get into this stuff.

Anyway, it's not a bright line rule or anything, though some people like to pretend that it is. Satire is just as able to be a fair use as a parody can be, and a loss on the third fair use factor does not by itself prevent a use from being a fair use. There are no bright lines in fair use; it's all case-by-case analyses, utterly dependent on the specific facts at issue.

That's not really true. There is no hard and fast rule to this effect. Certainly fair use allows for both some parodies (but not all parodies) and some satires (but not all satires).

Courts generally are more likely to find fair use where the use was limited to what was needed, and generally find that satires don't need to use particular works so much as parodies do (because a parody is aimed at the work itself, whereas satires merely employ a work to aim at a different target altogether). But there's nothing in the law that prevents a satire from being a fair use depending on the overall circumstances. It's just a little harder to show.

No, he was right. It's not the character that's copyrighted per se -- though it can be a useful shorthand to talk as if it is -- it's the works containing the character that are copyrighted.

Using the character is no different from using any other part of the work that the character appears in.

Also trademarks are inferior to, and no substitute for, copyrights. When the copyright for Steamboat Willy ends, a significant amount of the trademark protection for Mickey Mouse will end with it. This is because the use of a trademark indicates that all such marked goods originate ultimately from a common source. If anyone is allowed to make new works which are derivative of public domain Steamboat Willy, as copyright permits, the MICKEY MOUSE trademark for such works cannot serve to indicate a single source. Therefore the trademark suffers genericide.

The mark can still survive in other contexts -- Peter Pan is both a public domain character in the US and also a trademarked brand of peanut butter and intercity bus services -- but the copyright does some serious damage to it.

Look into the Shredded Wheat case for a similar situation involving the expiration of a patent dragging down a trademark, and the Dastar case for trademarks not being permitted to serve as a substitute for copyrights.

It's a derivative work. Copyright includes an exclusive right to prepare derivative works. Good luck with your argument about it being unconstitutional.

Well, while I would say it's a classic, I would advise you not to watch Star Trek episode 30, "Amok Time," which features a rageful, murderous Spock.

Also skip Superman III and Superman IV.