They ain't gonna change because none of the pirates posting on Slashdot have ever elaborated a credible alternative for them. Kodak was killed by superior technology - digital was clearly a better way of taking photos and Kodak just failed to make the leap. But what, exactly, is the superior alternative for Hollywood? Give everything away for free? The financial physics of that don't work. Maybe they should pay for movies entirely out of popcorn sales.

Please. This kind of 24/7 "piracy is freedom fighting" crap tires me. The linked article is worthless and adds nothing to what precious little debate there is. He claims the problem is "massively overpriced" works. He then ignores the fact that the easy and cheap rental services he asks for already exist (eg, iTunes, Netflix, Apple TV), and oddly enough, if both are as easy as he claims the free alternative will still always win. The guy practically admits he breaks the law constantly and doesn't care, which isn't surprising because he has demonstrated the kind of reasoning skills I'd expect of a small child.

How about the police check his computer then throw him in jail for a bit? That won't stop piracy but it might stop stupid articles about it from clogging up the internet.

Sign your emails. The tech has been out there for two decades. Decades, and that's real world time, not "internet time."

You're way behind the times. Go read up on email authentication and DKIM. You will find that a significant fraction of all email on the internet is being signed automatically - that is how DKIM works. The difference is, it's signed with the email providers keys instead of the users keys. But this is good enough to stop phishing because if an email claims to be from info@paypal.com or sloppy@gmail.com, the signature proves it came from PayPal or Gmail and you can then trust that they won't sign such mail unless it really did come from that address.

DMARC solves a problem that real world DKIM deployments have - merely signing your mail is not enough. You need to tell people what to do if signature checks fail. And you need a way to learn about failing signature checks, because large organizations often have incredibly complex mail streams, including mail they know nothing about because some random guerilla marketing team contracted a third party provider and told them to send as "campaign@foo.com", even though it's not being sent via foo.coms servers. This has made real deployments of DKIM quite tricky and ad-hoc affairs. DMARC will standardize this and make deployment feasible even for smaller organizations.

DKIM has other problems, like the number of mail relays that think it's OK to modify mail in transit whilst claiming it comes from the original sender, but those are all issues you get with retrofitting digital signatures onto an existing infrastructure./p

The TPM is just an inert chip. It's off by default on many machines, controlled by the BIOS. So, lose the paranoia.

It'd be better to have no encryption at all and save the battery power.

That's a huge document. I'll read it fully some other time.

Suffice it to say, I find the premise (from the introduction) to be flawed, or at least, not balanced. It argues that the DMCA is "anti competitive" because it seeks to protect DRM systems, which are typically not open.

I have a few problems with this argument. Firstly, it assumes that DRM systems are by definition "closed systems" without interoperability. This is an intellectually vague argument that can be sliced any way without reaching resolution, due to imprecision about what "open" is. Take the BluRay protection system. You can't just download a few PDFs and make a working BluRay player. That isn't possible. So from that perspective BluRay is a closed system. But if you sign some contracts and pay some licensing fees you certainly can, and there is a highly competitive market of both player manufacturers and content creators. Typically we'd say an infrastructure in which there is a free and competitive market, is an open infrastructure.

The paper argues that the "interoperability" provision of the DMCA is self contradictory because the purpose of DRM is to prevent unauthorized devices interoperating with it. That's a good argument and one the framers of the DMCA should have addressed. But I think the question of open vs closed in DRM systems is something that'll become clearer with time. Technological progress is solving some of these issues, it's letting us have our cake and eat it to some extent. Trusted computing systems mean you can have hardware that runs anything (is open), but can cryptographically prove what it's running to third parties and seal encryption keys under those verified states. So it sets up a framework where two parties can trade without having to fall back on slow, expensive and overworked law courts to ensure both sides follow the agreed contract.

The PS3 was, for a long time, a good example of this. It ran copy-controlled games, but also Linux (just not both at the same time). Sonys big mistake was to take that away and thus incentivize people who want to run Linux on all their hardware. Also, their hypervisor was weak and their code signing contained serious mathematical flaws - but I guess in their next generation (assuming there is one) they'll fix those issues.

With TC in a regular PC, in theory, you can use Linux or FreeBSD or an OS you wrote entirely yourself, AND you can gain access to highly DRMd content, IF the other side is willing to trust your software. The platform itself is both open and entirely neutral. For that reason it even has non-DRM applications in areas like intelligent agents, virtual currencies, etc. The big remaining question is how to make certification of custom platforms really really cheap, so you can prove that your Linux/BSD/whatever will follow the rules required by the content creators (if you're willing to do that). Intels LaGrande technology had some interesting approaches to this, by avoiding the need for the host OS to be trusted at all, but it was unfortunately never finished. So I suspect we'll see either/or approaches dominate in the coming years.

For all the nerd-rage it caused at the time, the DMCA was a remarkably balanced and far-sighted law. Some other nations have copied it, and others haven't, I don't know if NZ has such a law or not, but it doesn't matter much - the MegaUpload guys are also accused of plain old copyright infringement, which is certainly illegal under laws and treaties NZ has signed.

Oh, and they're also accused of money laundering, which again would be considered an extraditable crime. I don't personally pay much attention to accusations of money laundering because those laws are extremely vague, poorly thought out and there's no distinction between actually hiding the sources of illegally gained funds and simply failing to follow the byzantine regulations intended to make value flows trackable - they are both considered "money laundering", although plenty of innocent people with no criminal intentions can fall foul of the latter. As a result convictions purely for ML and nothing else are very rare and have often been overturned by courts. That's one reason it usually comes attached to accusations of other crimes.

Re: the DMCA. Like I said, in hindsight I think it's actually worked out very well for the net. The lightweight framework of copyright enforcement it created kept huge workloads away from the courts without creating unworkable levels of abuse (there is some, but there's abuse of the regular legal system too). It has made copyright enforcement available to the little guy, again without huge legal fees. It has protected sites like YouTube and search engines. And whilst measures like making circumvention systems illegal caused a lot of fuss, their impact was trivial - last time I checked this part of the law has neither prevented circumvention software being readily available nor wiped out Linux. In fact its impact on both sides of the copyright fights have been negligible.

Oh, never mind. It seems that the Scribd search box doesn't work.

I couldn't actually find any mention of Google in the document that was released. Much was blacked out, but can anyone see the evidence that Google took part in this?

ActiveX was an "open" standard in the sense that Netscape could have implemented it if they wanted to ..... on Windows only. That's because the bulk of the APIs you needed to use to write an ActiveX control were just the regular Win32 APIs. Netscape had a policy of supporting not just Windows but all operating systems. That's why Microsoft made ActiveX - they saw weakness (other platforms gui frameworks kind of sucked at the time, so pandering to them restricted developers a lot), and they attempted to exploit it (by allowing developers to build better apps that were Windows only).

Was ActiveX "evil"? Well, it was certainly platform specific. Making things like this NOT platform specific is a ton of work, NaCL uses techniques and technologies that didn't exist back then, and they had no incentives to do it. Whether it was wrong to do depends on your views on the importance of features vs platform independence.

NaCL is different to ActiveX in some really important, fundamental ways. Firstly, the APIs it exposes to native code are really small: just Pepper, which provides you with the real basics along with some well accepted cross-platform APIs like OpenGL. Importantly there's no GUI toolkit. If you want buttons and sliders, you need to use HTML, not Win32/GTK/Cocoa. In fact NaCL will prevent you from accessing these APIs entirely!

Secondly, it's got a strong focus on security. NaCL code has security properties that are provable using static analysis. It also runs in a sandbox for a second level of defence. This is very different to ActiveX, which relied entirely on Authenticode, and suffered some serious UI problems that made it vulnerable (modal dialog boxes).

Thirdly, everything you need to implement NaCL is open source, so other browser makers can (and maybe will) adopt it. The core runtime and execution technologies are all open source, with the bulk of the integration work being joining Pepper to your browser. Mozilla already supports Pepper and I guess other browsers will too soon (maybe not IE). It really wasn't possible for Netscape to support ActiveX for all their users in the 90s, but it's quite feasible for Apple, Microsoft, MozCorp and Opera to support all their users with NaCL, especially now the dependency on x86 has been broken.

The Swiss have very little in the way of content industry. They have a large drugs industry though, and unsurprisingly, they still believe in patent enforcement.