Yeah, no. This was specifically mentioned in the Lexmark v Static Control Components case. That was already dealt with in the 6th circuit and supported 9-0 by the SCOTUS. Copy of the decision.

Automobile manufacturers, for example, could control the entire market of replacement parts for their vehicles by including lock-out chips. Congress did not intend to allow the DMCA to be used offensively in this manner, but rather only sought to reach those who circumvented protective measures “for the purpose” of pirating works protected by the copyright statute. Unless a plaintiff can show that a defendant circumvented protective measures for such a purpose, its claim should not be allowed to go forward. If Lexmark wishes to utilize DMCA protections for (allegedly) copyrightable works, it should not use such works to prevent competing cartridges from working with its printer.

... By contrast, Lexmark would have us read this statute in such a way that any time a manufacturer intentionally circumvents any technological measure and accesses a protected work it necessarily violates the statute regardless of its “purpose.” Such a reading would ignore the precise language – “for the purpose of” – as well as the main point of the DMCA – to prohibit the pirating of copyright-protected works such as movies, music, and computer programs. If we were to adopt Lexmark’s reading of the statute, manufacturers could potentially create monopolies for replacement parts simply by using similar, but more creative, lock-out codes. Automobile manufacturers, for example, could control the entire market of replacement parts for their vehicles by including lock-out chips. Congress did not intend to allow the DMCA to be used offensively in this manner, but rather only sought to reach those who circumvented protective measures “for the purpose” of pirating works protected by the copyright statute. Unless a plaintiff can show that a defendant circumvented protective measures for such a purpose, its claim should not be allowed to go forward.

Yes it is a short line, but it seems rather bright-line to cite in this case.

Agreed.

The three causes are clear enough in the news report: Two drunken roommates around 1:00 AM were in a fight. That's it. What they were arguing about is irrelevant.

Having heard drunks argue, I can assure you it was not an articulate and well-reasoned discussion. The argument could have been about anything from a favorite phone operating system to a favorite sports team or a favorite color. The fact that they reached for the nearest beer bottle as a weapon is unsurprising.

Those with the recordings and with the ability to use them, have the power.

That can be a government with cctv, or a business with cameras on the doors, windows, tellers, and product aisles. Or it can be a cell phone camera capturing a police shooting, or even google glass capturing a crime on the street or an abusive patron.

When the 'little people' have and use recordings it can be leveraged for many things, including social changes for better or worse, such as social pressure after injustice is found, or social pressure to keep your head down and mouth shut.

Ubiquitous cameras can mean a police state, they can also mean when an individual has been abused by government or officers there are plenty of cameras to tell the story from many viewpoints. It can be used to identify triggers, and assign blame, and ensure justice, and to correct policies.

The tricky thing is those same two details: Who has the recordings? What are they able to do with them?

Funny!

What other developed countries?

UK? Campaigners get government funds, political party funds, and unlimited contributions. There have been quite a few scandals in recent years where individuals receive over a quarter million pounds in a single donation, and it is all legal.

Germany? Again, government funds, plus government-mandated airtime distributed to the candidates. On top of that, individuals get whatever you can buy. No campaign contribution limits to corporations and the first roughly 3000 euro are tax deductible to encourage businesses to buy their local leaders.

France? Well, there are a huge number of tiny political factions, each well funded and owned by the local businesses. The small parties ensure the elections run favorably by making deals with other political parties (businesses).

Australia? Three decades ago they changed the law to move toward public funding in an attempt to remove private interests. The law was quickly and quietly revised to continue to allow both. Yet wikipedia claims over the last two decades, corporate donations have gone up 5x, from just under $30M to well over $130M publicly reported and millions more through other sources.

Italy? In most of the country, including the southern regions, the old families run everything. What most of the world terms "protection money" is considered basically a local tax. Corruption is rampant.

India? Greece? Just kidding, we all know these are above any form of political corruption.

That is logical from several standpoints, but people's emotions prevent it.

People from a region want certain jobs, and they demand results from government leaders, not logic.

How can you get jobs? Entice businesses to move in or to form. How do you encourage business? Tax breaks and other government money. Money to entrepreneurs. Money to small businesses. Money to relocated or new offices.

In the short term that means results to the politicians, meaning re-election. In the short term it means more jobs. In the short term it means growth. In the short term it means an improvement in local life. In the short term it means getting re-elected. Most of society does not think about the long term handcuffs, but in the short term, it means the results most people want, so longer term consequences are ignored.

That's why the uniform taxes won't work. Not because it isn't logical in itself, but because it deprives governments of one of the most powerful incentives (rather than punishments) in their toolbox.

When I go to a restaurant I know sends out coupons, I will ask if they have any behind the counter, and they often do.

When I go to stores that are known for discounts, I ask for them.

Yesterday I needed new tires on my vehicle. At checkout I asked if they had any discounts available. He gave me 10% off.

About a month ago I went to a rock chip repair shop I asked if they had any deals running. The clerk said there was a radio special running and I needed to say their station name for a huge discount... Then he told me the name of the station and smiled, waiting for me to repeat it.

There are opportunities to negotiate everywhere.

No, it will continue.

Instead of negotiating for salary, it becomes a negotiation for pay grade.

"You are offering a job on pay grade #37, but I assure you, my background and history mean I should be on #43."

Same negotiation rules apply, just a different name for the salary.

Even in suburbia it can work out.

My DSL (vdsl2 modem) is 48 Mbps down 16 up. All the time, not a shared cable loop. My comcast friends pay a similar amount and have similar speeds --- but only during non-peak times. We found the cable loop is shared in the neighborhood, and peak evening hours most cable-using homes in my neighborhood struggle to get a steady 10 down.

While VDSL2 doesn't compare well against fiber to the home, it can compete well with most cable offerings.

Yes, for both.

Many people in various government and private organizations noticed. People were fired for playing games at work even though the game was inside excel, especially people at strict grunt-level jobs like calling centers where getting caught playing games on the clock was a terminal offense.

The question that many businesses and agencies immediately put to Microsoft were along the lines of "If there is the very large undocumented video game embedded in there without telling us, what else is secretly in your product?", and also "We needed to buy so many thousand machines up to this higher spec to make room for Office 97, how many of those megabytes are spent in the games rather than necessary components?"

I'm sure it was not a comfortable time for those product managers.

For that type of thing I would document it internally as a utility or debugging aid. Then it is no longer an undocumented feature, instead an obscure but documented testing aid.

Undocumented, unapproved, untested functionality is generally a bad thing. But fix it through a tiny bit of documentation, get approval to add a command sequence to get the debug information, and let the test team know the debug command exists, and you're good to go.

It all depends on who they happen to be, and how you define an Easter Egg.

I worked in games for many years and we included quite a few Easter Eggs. But they were not hidden from the studio. They were approved by management, tested by QA, and documented internally. We tried to keep them quiet to see how long it took for them to be found.

The article is right -- large corporations that are risk averse tend to crack down hard on undocumented Easter Eggs. I think that is correct for a business, to crack down hard on undocumented, unapproved, untested features.

The key detail is who knows about it, and how appropriate it is for the product.

Critically: Did it get approved and tested, and is it okay for the user? An Easter Egg that has been approved by designers and product managers, tested by QA, and is a happy surprise to the user is a good thing. If it was not approved, but the programmer intentionally threw in the feature without testing and without documentation, yes, the business should crack down.

The trickier ones are the ones that are approved and tested, but not quite what the customer expects. Microsoft's bouncing text screensaver used to have an Easter Egg that typing "volcano" for the text caused a cycle of volcano names. Fun, for sure, but if your screen savers were used for the machine name, and the machine name happened to be "volcano", then it is an unexpected negative behavior.

Someone working on Excel, a product used inside government agencies and nearly every major business, including secret unapproved features? Yeah, that's absolutely a fire-able offense.

Someone working in a smaller company, with management approval, adding in a small feature to change the color scheme to red and green on Christmas day? Potentially a fun little Easter egg... unless the user is making a major presentation on that day to group that doesn't respect the Christmas holiday, then better make sure there is a way to turn it off.

In strangely relevant news this week: Nevada brothel seeking paid testers; men, women, and couples for quality assurance. Fucking professionals, indeed!

When I interview after seasonal layoffs, one of the questions I ask of my potential employers is: "What is your company culture? What do you do around here?"

Some companies the people look confused for a moment, then say things like "we have standup meetings every morning, that is part of our culture. If you are asking about parties and such, we have a summer party and a christmas party. Is that what you mean?"

Other companies the workers get excited and start talking. "We have a monthly birthday bash with cake and icecream in the lunch room, in the summer months those are barbeque parties out on the grounds. Two or three times a year we go to the movies on a pre-release. Most of the cubicles have nerf guns and the secretary buys bulk packs of nerf darts when too many vanish behind cubicle walls. We have email distribution groups for people who visit the gym for lunch hour, people who play games and Magic the Gathering over lunch, a group for soccer players that usually play on Tuesdays, a group who play Ultimate on Wednesdays, a group who play golf every other Thursday, ...."

I am much more interested in working at the latter.

The frustrating thing is that the EFF knows, or should know, that this was already decided in a previous case. They submitted applications that included both automobile parts and video games. I've contacted their legal team as a reminder, but here it is for the masses:

This was all dealt with in the Lexmark v Static Control Components case. Lexmark accused them of several things, but the most notable were the DMCA 1201 and the Lanham Act. The 6th circuit wrote an opinion on the matter, and the SCTOUTS ultimately held with the opinion 9-0. In the earlier opinion:

Generally speaking, “lock-out” codes fall on the functional-idea rather than the original-expression side of the copyright line. Manufacturers of interoperable devices such as computers and software, game consoles and video games, printers and toner cartridges, or automobiles and replacement parts may employ a security system to bar the use of unauthorized components. To “unlock” and permit operation of the primary device (i.e., the computer, the game console, the printer, the car), the component must contain either a certain code sequence or be able to respond appropriately to an authentication process. To the extent compatibility requires that a particular code sequence be included in the component device to permit its use, the merger and scènes à faire doctrines generally preclude the code sequence from obtaining copyright protection ...

If we were to adopt Lexmark’s reading of the statute, manufacturers could potentially create monopolies for replacement parts simply by using similar, but more creative, lock-out codes. Automobile manufacturers, for example, could control the entire market of replacement parts for their vehicles by including lock-out chips. Congress did not intend to allow the DMCA to be used offensively in this manner, but rather only sought to reach those who circumvented protective measures “for the purpose” of pirating works protected by the copyright statute. Unless a plaintiff can show that a defendant circumvented protective measures for such a purpose, its claim should not be allowed to go forward.

Both the 6th Circuit and SCOTUS were clear in the matter that the DMCA provision referred to copyright protections on creative content like books and movies, and not codes for operations of devices, explicitly mentioning automobile and replacement parts as exempt.

Actually it does work. Just not so well for web sites and servers.

For all their other issues, a CA network works reasonably well for hardware-level communications trust. I can look at the algorithm type selected and trust that math ensures that eavesdropping is hard. I can also have some degree of confidence that the site really is who they say they are... but I also know there is a high risk they may have been hacked or compromised by anyone from government agencies to skript kiddies. There is no need for a fake cert when it is easy for them to infiltrate their networks through legal or illegal means. A CA doesn't mean I can trust the server or their services, only that the connection is slightly more safe from eavesdropping.

A web of trust solves a different problem. It is focused mostly on authentication and social trust, not eavesdropping. I can give corporate secrets to my co-workers because people I already trust connected us, but I don't trust strangers on the street who claim to be co-workers because I cannot authenticate them as being part of the company.

When it comes to authenticating people under a WOT model, I have high trust in those I have personally verified, and progressively lower trust in those I have not personally verified. Those in HR or IT can use their own key to sign all their employee keys and I can set a level of trust on those because I have personally met the HR or IT person. It works much like real life social rules, my direct friends I can trust, the friends-of-friends less so, the friends-of-friends-of-friends I will be skeptical of. Key servers can (and do) provide easy access to see who else trusts an individual, letting me quickly build a web of trust, where just like in the physical world I can decide how much trust I give anybody I personally know, and I can decide to trust no one, to trust only those few people I know well, or to trust anybody who comes along.

The parallel with real life social trust is exactly why they work so well for email and similar social uses. That is how people have been doing it for ages.

The reason it doesn't work too well on random web sites is that the web of trust model cannot be automated, or used to verify servers rather than people.

What does it mean to trust a bank's signature? I may be able to verify my bank's digital certificate matches the card I got in their lobby. I probably have a WOT with a few friends and friends-of-friends that get me connected to individual workers at the bank. But that breaks down on a bigger scale when you are trusting servers rather than trusting people. I may know a teller at the bank as a human, but how does that give me any trust of the servers? Sure I probably know people who work at Discover Card's call centers, but just because I know some people why should I fully trust that DiscoverCard's servers have not been compromised? I may know some people working at Google, but does that mean I can trust that their million servers to not give up information to the NSA? No way, because the WOT method focuses on individuals and people rather than hardware.

WOT works well for social connections and personal identities. It doesn't work so well in other contexts. The need for a 'volunteer CA' is not the reason it breaks down. It breaks down because social trust models do not map well to hardware trust models. And for the interwebs that is okay because my trust level to any web site is incredibly low, I can assume they are likely hacked and NSA-backdoored, all I'm looking for is protection from casual eavesdropping.