Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?

Comment: Re:Monopoly Control (Score 1) 106

by ista (#49191341) Attached to: Deutsche Telecom Calls For Google and Facebook To Be Regulated Like Telcos
This literally happened about a year ago.

The press publishers complained about Google "ripping off" their "high-value" work (copy&paste from press agencies) by showing teaser texts of news articles as a result of ews searches. They lobbied for a german law that any website has to arrange contracts with the press publishers if they wanted to show some of their content. Google did offer them a contract like this: we may use your services for free, otherwise we won't show your content at all. It's perfectly in line with the law, but (in the eyes of the press publishers) more about being blackmailed.

Of course, anything else would be ridiculous: a law requiring Google to pay a minimum fee if Google would use snippets of articles.
Oh, wait. Spain just recently did exactly that. As a consequence, Google did remove spanish publishers from their news site.

Comment: Re:Yes? (Score 1) 106

by ista (#49191243) Attached to: Deutsche Telecom Calls For Google and Facebook To Be Regulated Like Telcos
Emergency calls are a tricky topic. Most VoIP providers to try their very best to offer some kind of emergency call services, but they won't fix any infrastructure. Telcos are required to run exactly that infrastructure.

Depending on the country you're living in, laws do require emergency calls to work when there's a complete power outage in your area. As a consequence, telcos do operate UPS systems within their whole network and do supply your landline with enough power to operate at leaste a corded phone. Though it were nice, I certainly don't expect a VoIP provider to power my cable line, router and any other equipment to "be online". Enforcing those laws for VoIP providers would literally require them to do so.

Emergency calls are often still required to work when the bill hasn't been paid and any other kind of communications have been cut off: your line is dead - except for emergency calls. As a result, ISPs with VoIP services can't literally cut power, but do deploy special filters to enable VoIP services and filter anything except VoIP services. If your internet access is not provided by your VoIP provider: your line will must likely be cut off and you can't access any IP services - but how do you expect your VoIP provider to offer emergency calls in that situation?

The same laws usually do require your telco to route your emergency call to a physically close emergency call center - as long as there's no reliable geolocation services for IP, it can become very hard to actually fulfill such requirements. And when you're used to use your home router's VPN capabilities to access your home network from on the road, you may also be tempted to use this for VoIP. However, an emergency call won't be routed to an emergency call center close to your actual location.

Comment: Re:And in Germany? (Score 1) 732

by ista (#44741097) Attached to: EU Proposes To Fit Cars With Speed Limiters

Around 40% of Germany's Autobahn already does have speed limits. Other than this, most parts of Germany's Autobahn has been built more than 50 years ago, using material estimated to last 40 years - which means: road works.

According to "Baustelleninformation" at http://www.bast.de/, Germany's 12845 km of Autobahn right now do feature 673 road works (with common speed limits of 60 kmh = 37 mph) and 105 full road closures (requiring to leave the Autobahn and continue part of your journey on some crowded federal highway with a usual speed limit of 100 kmh=60 mph). Just some statistics: that's one road work or closure in about every 16 km. Some of those road works are just a kilometer, others are as long as 40 km. And those road works tend to last years, so if you're regularly driving the same route, you always know where to expect your daily traffic jam (next to road works, during beginning or end of holiday seasons, traffic jams on Autobahn are quite common).

So in short: you can't average faster than the advisory speed of 130 kmh on long-distance anyway, at least if you're not ignoring any speed limits.
However, there's the German car industry imposing political pressure on any governing parties ("speed limits do put jobs at risk"), so there won't be an official speed limit for Autobahn that soon.

Compared to other european countries, speeding is quite cheap in Germany. To compensate any measurement tolerances to your favor, your measured speed is reduced by another 3kmh or 3% - whatever is higher and so in your favor. You don't risk temporarily having your driving license suspended as long as you're less than about 30 kmh above any speed limits (see http://www.howtogermany.com/pages/traffic-violations.html). Unless being chased by a horde of police cars, license suspension usually also includes a court appeal, and often the driver may even choose WHEN during the next year or so they'd like to have their driving license suspended.

According to my own experience, such regulations also do result in a very aggressive driving style on Autobahn, at least on the left-most (overtaking) lane, where drivers "only" exceeding existing speed limits by 20 kmh are constantly being tailgated at extremely low distances by other drivers. The middle lane is crowded by drivers who don't want to be tailgated, but still want to drive faster than those 80 kmh all trucks are limited to (who so do occupy the right-most lane). If you're trying to make use of some free track between trucks on the right lane: getting back into the crowded middle lane may take some time.

Comment: Re:No need for cameras. (Score 1) 732

by ista (#44740669) Attached to: EU Proposes To Fit Cars With Speed Limiters

Yes, there are way too many people ignoring traffic laws: pedestrians are crossing streets at red lights, cyclists ride their bikes like there's no tomorrow and car drivers are ignoring speed limits unless a police car is in sight. It's all of them. However, the risks being taken by protected people (car and truck drivers) do have a much more severe impact on unprotected people (pedestrians, cyclists). By speeding "just a few mph", you're also accepting your car will need a few more hundred feet to stop, and those "few more feet" are the only kind of protection pedestrians and cyclists do have. You consider adding a helmet does help?

Typical cycling helmets don't really provide that much protection for cyclists: the helmet needs to hit the obstacle at some weird angle to be effective, and then it's only effective for minor bumps, not really for hitting the ground or being hit by a car. Much more effective against those head injuries are motorcycling full-face helmets, but it's unrealistic for cyclists to wear them.

And just by the figures, head injuries are much more common among pedestrians or car occupants involved in accidents. Today's cars don't have enough headroom for you to wear a helmet? Come on, that kind of problem should be solvable. Safety first, statistics and figures recommend wearing a helmet rather in your car than on your bike! :->

Actually, heavy injuries or fatal accidents with cyclists usually do involve cars or trucks turning right or trying to overtake a cyclist at a smallish distance. And just by physics, those kinds of accidents usually do involve a whole range of other, severe injuries and your has well other than head injuries. I guess that's why France a few years ago did decide to mandate cyclists not to wear a helmet but wear reflective jackets: to be more visible. Another strategy, applied in Denmark or the Netherlands: encourage people to ride their bike. This not only reduces the amount of "dangerous" vehicles, but also keeps more cyclists on the road - and so cyclists are considered to be "normal" road users to watch out for, not some rarely seen low-speed novelty like Segways or Solowheels. Setting up bike lanes (NOT next to, but ON the street) and indicate visible cyclist-reserved halting areas at crossings and the like does assist enhancing the overall cyclist visibility and so reduces "typical" cycling accidents as well.

Comment: Mis-Interpretation of sales (Score 2) 865

by ista (#38536736) Attached to: Ebert: I'll Tell You Why Movie Revenue Is Dropping

At least for myself, the situation actually became worse over the past few years, and the symptom is actually quite clear.

Half a century ago, movie theaters were the only place to see a movie. A few decades ago, video set people free to view a movie when they'd like to see it. At first, it took about a year for any recent movie to arrive on video, but during the 1980s and 1990s, this timeframe did drop to just a few weeks.

A little more than a decade ago, DVD started its rise and the movie industry at first did offer mostly old movie titles on DVD. Movies were still being screened for usually 2-4 months in theaters, and released on DVD after at least half a year (for poor movies) and up to 2 years for certain blockbuster movies.

A few years ago, BluRay (BD) started. However, upscaling on recent TVs or BD players does make DVDs look quite good. Not exactly that crisp like a "real" BD, but e.g. for CGI animation, there's no way for casual viewers to tell the difference between DVD and BD without a magnifying glass. Some "softer" upscaling edges are sometimes more pleasant to the eye. So the video- or dvd-like "let's resell the same stuff on different media" business didn't work out that well.

Today, almost no movie does run for more than a month, and DVD/BD sales do start from as low as 6 weeks after the initial theater screening, DVD/BD rental even do start 4 weeks after the initial theater screening. Only major movies do experience the grace of having their DVD/BD released 4 months after initial theater screening. However, just during the initial theater screening, you can find the DVD/BD date by searching for the DVD at Amazon. Am I the only one to see a plot here?

Of course, "recent" DVDs are being sold for about two movie tickets (and after 2-3 years, you'll find some of them being a giveaway in some magazine). Some movies even do debut on DVD/BD first and aren't being offered to movie theaters at all.

Of course, there are three ideas about this symptom:
First idea: the movie industry is likely to say earnings from theater screenings are so poor they're forced to enter the post-screening market that early. And there's also a lot of movie piracy on the internet, where people start downloading screeners very soon, just in order to hold a copy of this movie - so they're offering DVD/BD very soon at low prices to discourage people from doing so. However, this doesn't explain why retail stores do publish DVD release dates that early.

Second idea: the casual viewer does have multiple options for entertainment: movie theaters are just one of them, there are also DVD/BD, video streaming services - and computer games. During the past two decades, computer games went from "written by half a dozen guys" to "multi-million dollar project with more than 60 developers, 100 screen artists and a dozen of sound developers". Games like Batman Arkham City do give such a movie-like impression that people can't decide at first wether they're viewing some split scene or some in-game action - so these games also do offer quite an astonishing level of entertainment as well.
However, everybody's daily time is still limited to 24h and in the end, the "entertainment market" is being sliced into much more pieces than half a century ago.
Those who probably kept a 90% market share "back then" just aren't able to accept they're now only receiving a fraction of what they were used to.

The third idea is simple as well, but needs some explanation: there are multiple branches within the movie industry. One does the theater screening sales, the other cares about the post-screening sales (DVD/BD). Of course, the second one has to follow the first one - otherwise, the second team would kill any potential success of the first team.The theater team is limited by a certain timeframe, while the DVD/BD team literally has a nearly endless amount of time and still benefits from the initial hype and marketing done by the first team.
By some top management view, the post-screen sales are much more interesting, as they're not limited by a certain sales timeframe and there are many ways to further enhance sales by offering some "extended edition", "collectors edition", "plus some plastic miniature edition", "movie and its sequel in one box" or even ""movie and some other related movie one box". Try doing the later with a theater movie - people will see you're nuts. Literally all marketing in order to hype the movie is also being paid by the first team, so the raw figures also point the post-screening team is more valuable.
In order to push their sales, the second team nags and shortens the timeframes of the first team.

At some point, movie viewers don't really care anymore wether they do see the currently hyped movie "now" (e.g. after two weeks of theater screening) or just a couple of weeks later. Hey, DVD/BD is some media being completely unusable for a "must see it now" hype, so once you're shifting from the "must see it now" audience to "I'd just like to watch a movie" audience, you're lost for the hype-based theater screening market.

There are also other issues as well. Theaters force you to see a movie at some awkward time ("movie starts at 2pm, 5pm and 8pm"), but probably most of those times are completely useless to you. Your're working in the office till 5pm, so the "2pm" and "5pm" starting times are useless to you. At 8pm, at least another dozen of different movies do start, so the ticket counters are completely crowded and you do spend half an hour in some waiting line. So either you do take the extra turn of getting your 8pm-tickets during the lunch break, or you spend some weeks waiting for the hype to settle, so the theater will shift the movie to a different screening room, where screenings do start at 7pm. In both cases, "watching a theater movie" is no longer a pleasure, but also has some annoyance.
At this point, you're also no longer accessible to the hype theme: movies became some kind of commodity to you.
However, those smaller screening rooms often do lack the digital projector with the crisp picture, and your actual viewing angle is quite poor in comparison to that 46"-60" screen in your living room. The other idea: wait yet another few weeks for the movie to arrive on DVD/BD. And while you're already waiting - why not wait just a little longer, so the price for the BD drops to the price of todays DVD?

In the end, probably all of those three ideas may apply, and it's just a matter of arguing which is more the case.

Comment: Eat your own dog food (Score 1) 260

by ista (#38352906) Attached to: Google Deploys IPv6 For Internal Network

Actually, I'm pretty scared of this announcement.

It basically says Google started offering public IPv6 services without the experience by running IPv6 on their own corporate network.

You need to be running IPv6 on your corporate network first (maybe not "everywhere", but at least "in most places"), so your own developers don't stick to IPv4-only code and learn what actually happens with IPv6 and your networking dept makes IPv6 an important requirement with your upstream or peering ISPs.

Your internal IT helpdesk needs to learn about IPv6 and promptly address it in a user-friendly way ("I do have trouble printing." - "Do you print via IPv4 or IPv6?" is NOT a good example), and so you do need to do this in order to educate any other customer-facing employee who may ever need to talk about IPv4/IPv6 (if you're an ISP, this also includes your customer helpdesk, your sales staff, product developers, marketing and public relations).

Another one is the often-retold stories about IPv6 being broken and being unreliable, and Google is exactly one of those companies doing a lot of publicity and buzz about it.

Probably one of the easier ways to solve this myth is by simply offering router advertisements on a workstation network and make your users actually use IPv4 and IPv6 in parallel (my employer did this a few years ago, with full management backing). So when they do come up with something like "I've heard that 30% of IPv6 connections are completely broken and IPv6 is hard to configure", prepare for seeing stunned faces when you tell them that their workstations have been running IPv4 and IPv6 for five years now.

Comment: Re: Digital destruction is fine, but... (Score 1) 209

by ista (#38156246) Attached to: Ask Slashdot: Data Remanence Solutions?

Actually, any (S)ATA Security Command requires prior unlocking. As all drives are unlocked per default, malicious software may simply set a password on your harddisk to access it. If you're rebooting your box in such a situation, your BIOS prompts for the password, so effectively, your hard disk's data is held as a hostage by the malicious software.

To prevent similar issues, any likely current BIOS during the booting process sends a "security freeze" command to lock all (S)ATA drives until that drive is being reset. The obvious workaround: boot your software, remove power from the drive, re-attach power cables, set a "security password" on the drive ("secure erase" requires this) and then issue the "secure erase" command. There is also special hardware to do so (a simple hard disk interface with a single button, which results in sending "set password" and "secure erase").

Comment: Re:And that is the problem with nuclear (Score 1) 493

by ista (#38107408) Attached to: All French Nuclear Reactors Deemed Unsafe

The japanese government initially only declared a radius of 3km, then enlarged this to 10km, later to 20km around Fukoshima. A few days of measurements later, fukoshima-originated plutonium has been found up to 40km away from Fukoshima and mearurements by the US DoE and NNSA do indicate that a radius of 80km is much more appropriate. However, japan is a pretty crowded country and there just isn't that much space to evacuate that many people; so in the end, the japanese government continues lying to the public.

Probably the most important issue is not to take into account the directly affected people today, but also the implications on the future. For example nuclear waste needs to be store at least tens of thousands of years, in some cases also hundreds of thousands of years.

Today, libraries are also scanning books and applying a lot of chemical processes to remove the dissolving acids from paper in books printed over the last hundred years and to keep the knowledge from those books. But if you'd like to read the contents of a 5,25"-floppy from a C64's VC1541 floppy drive written 30 years ago, you're not only in the jeopardy wether the floppy is still readable, the floppy drive also used an obscure encoding. So "the digital age" also faces a lot of other issues, how to persist knowledge.

Nuclear wasted areas, including those created by nuclear accidents, need to recognized as such, preventing people to settle there. The Cernobyl accident did happen 25 years ago, but poor or homeless people did start settling the surrounding area merely 15 years ago. Today, a few thousand people do live in the "closed" area. Officially, they're not permitted to live there, but the officials don't care about it that much.

It also did take a few hundred years for scientists to decode what the Maya wrote a few thousand years ago. I suppose nobody will wait settling that long for some scientist to decode the warnings around the area of Fukoshima.

You're also missing a different point: one option to use solar is to install large panels into deserts, another one is to concentrate solar power to heat oil and power generators using this heat; the electric power then is transferred to existing power grids using long-distance electric lines. This does require quite a large upfront investment, but there are various companies around the world doing so and aren't that uncomfortable to do so - so in the end, the investments do pay off.

Yet a third one is to install photovoltaic panels onto existing roofs and buildings. There are also recent (yet pricey) options to install glass windows with some special foil, which enables those windows to act as transparent pholtovoltaic panel. So in the end, you don't need to cover the earth by much more solar panels more than it already is by buildings. And don't forget that photovoltaic is probably the least efficient way of renewable energy, so there are many other options, too. For example, Germany's renewable energy act made people install a lot of photovoltaic cells onto their roofs, yet only around 2% of germany's electric power is supplied by photovoltaic cells. Another 13% or so are supplied by other renewable energies.

Comment: Re:gema, a slave camp? (Score 1) 349

by ista (#38077994) Attached to: German Copyright Group To Collect From Creative Commons Event

You as an artist also do have to pay fees for playing your own music; if you're playing roughly more than 80% of self-written titles, you can expect to receive "most" of your money back (minus a collection fee), provided you do submit a full list of all songs and their writers of that specific event. If you make an appearance at some festival or do have supporting act: sorry, you've already lost that game. According to GEMA, the whole festival or evening is the "event".

An artist as a GEMA member also has to report any of their songs which may be played in public, on the radio or wherever else and they transfer basically all rights for collecting any fees to GEMA. This does have at least two downsides: songs reported that way are still within the fee-collecting contract even after your contract with GEMA expires, and you're usually legally bound 30 years to adhere to this contract. So even after 20 years of leaving your GEMA contract, you as an artist may not sell your own music written 22 years ago without paying some fee to GEMA. However, as your contract did expire, you usually don't receive any money back from GEMA. So in the end, at least the nasty aspects of GEMA contracts do last "for life". Legally, they're required to renew every few years, but in the end, this also increases both the amount of "represented artists" as well as "re-signing artists" quite a lot and does increase GEMA's standing in the german music industry.

GEMA's collected fees are also distributed according to some non-understandable scheme; however, this scheme seems to favor popular artists much more than smaller artists.

As an artist, basically any record company, label, publisher or distributor pushes you to sign a GEMA contract, as the GEMA system is much easier for them than individually collecting and distributing fees to artists. So in the end, about every artist who did publish a CD in Germany actually at some point did sign GEMA contracts (or GEMA does have bi-literal contracts with fee-collecting counterparts in their respective countries).

On the other side, GEMA also forces about anyone who at some point may play some kind of music to report played songs. For example, the barber shop around the corner has to report their opening hours to GEMA, as they're using a radio to provide a little bit of background music. And you can't even produce a DVD in germany without submitting a written note to GEMA listing all titles, writers and artists.

There are also other issues with GEMA's counter-fee-collecting and their standing within the german music industry. For example, the german podcasting guys at bitsundso.de made a christmas DVD back in 2008 and bought a fluffy jingly-christmas-background soundtrack directly from an english artist, who wrote, performed and distributed his work on his own. In order to produce the DVD, they did have to submit a list of included music titles, artists and writers to GEMA. They also accompanied that listing (of one single track, used in 24 DVD tracks as background music) with the bill of the UK-based artist.

About half a year after the DVD had been made public, GEMA wanted to collect 22 Euros as a fee "for the artist". The artists didn't have a contract with GEMA, but GEMA does have an agreement with its UK counterpart to collect any fees for artists within each others region and under each others contract, and that specific artist also had a contract with that UK-counterpart, but he kept the permission to individually sell his music on his own (something which isn't really possible for GEMA-signed artists). GEMA strictly rejected any claims from bitsundso-team, the UK-based artist and even the UK-counterpart to GEMA. I'm not sure on the exact outcome, but the GEMA-struggles "GEMA collecting money for GEMA-free music" in the end did take about half a year or so.

Comment: Re:It works if you are dealing only in commodity H (Score 1) 41

by ista (#37900056) Attached to: Can Open Hardware Transform the Data Center?

Understand that if a company is supplying nothing but commodity hardware (think the low end of Dell), they can be immediately replaced with any other commodity supplyer. Which is why Dell is getting out of the commodity PC business - there is no value proposition in it. On the other hand, Dell supplying servers which are not commodity hardware but using lots of custom parts and firmware means (a) they can supply much higher value to the data center and (b) they are not easily replaced by competitors that do not have matching parts and firmware. Making that level of hardware "open" is suicide because then you have turned your high value hardware into a commodity with no value at all.

Out of many server suppliers, exactly Dell actually is supplying commodity server hardware and their boxes can easily be replaced by about any kind of vendor.
Dell is taking a few things of what's being sold on the market, do "customize" (brand) its firmware and that's it. And what they're actually replacing usually sucks (e.g. their BIOS) or is somehow outdated and just a little buggy. For example, a colleague of mine did fix a couple of DELL raid controller issues just by downloading official LSI firmware onto those controllers using LSI's linux tools. Of course, we're loosing Dell's support, but in the end - do you prefer "full vendor support" or not loosing your data?

The only thing which isn't completely "commodity" are some spare parts, like power supplies, fans or hard drive trays.
However, Dell's controllers usually don't mind if you replace the dell-branded hard disk by a non-dell-branded hard disk.

Even DELL's kind of out-of-band-management called DRAC isn't that special. If you're not the serial console type of guy and don't like whatever level of IPMI is implemented on e.g. some Supermicro board, you may take a look at AMI's MegaRAC line of products, which coincidentally does have a lot of similarities to DRAC. If I remember correctly, that DELL 2950 I've been evaluating back in 2000 did have a full-length MegaRAC PCI card.
However, even today's DRAC is based upon IPMI, so even in this case it's not that an issue to replace some Dell box by any kind of decent server hardware.

Comment: Re:Explains a lot about the economy (Score 1) 171

by ista (#37899148) Attached to: World's Biggest Gold Coin Minted In Australia

So it has a picture of your head of state on it ...who is about as British as Angela Merkel

Angela Merkel was born in Hamburg back in 1954, though their parents did move to East Germany a few weeks later.
From 1945 on, Hamburg was part of the British Occupation Zone. East and West Germany were founded in 1949 and most people believe occupation zones ceased to exist in 1949 as well, but the occupation officially ended in 1955 with enforcement of the General Treaty.

So even Angela Merkel wasn't born in the UK and neither lived there, but there are at least some British things in her life.
Maybe her birth certificate has been issued by some british agency ...

Comment: Re:German Surveillance: "No Linux support plans" (Score 1) 69

by ista (#37875352) Attached to: German Surveillance Trojan Spies On Fifteen Apps

No offense taken - I do see the whole trojan surveillance issue as being a very important issue for multiple reasons.

For example, many people are having their laughs on the low level of technical expertise being used in this trojan. A few ones are also laughing about how these trojans have been installed (e.g. in one case, a customs officer at an airport wanted to do some extensive checks on one suspect's notebook; the suspect handed them the notebook, the officer left for a few minutes into another room and returned the notebook).

A different, but very worrying view are the legal issues and the tendencies of politicians. A few politicians do want this kind of spyware for years. A few years ago, the constitutional court did decide on exactly what kinds of actions may be exercised by such a surveillance software and what actions are clearly forbidden. However, exactly the same government who triggered this court decision did ignore those decisions. The Chaos Computer Club has been checking multiple versions of the same spyware, and all of them do completely ignore any court decisions.

Merely a little more than just a year ago, Germany's federal president resigned after an unlucky notion in a radio interview, which doesn't exactly match the ideas of the constitution and the rule of the german defence-only army. A few weeks later, the minister of defence Guttenberg states an even bolder statement of the same issue and is being applauded for this. However, plagiarism in his doctorate thesis effectively makes him resign a few months later: at first, the minister strictly denies everything, later choses to "temporarily" no longer use his doctorate title, then asks the university to withdraw the title. In the end, he's asking the chancellor to accept his resignment.

With the trojan spyware issue, about every state and federal politician did deny usage of this software, then denied the results of the analysis, later somehow acknowledged the results and even later acknowledged that this software has actively been used by more government agencies than estimated. The scheme of answers is the very same like with Guttenberg's doctorate plagiarism, but the actual crime strictly is a violation of a constitutional court's decision. Nobody resigned.

Back in 2008, the constitutional court also decided federal election laws to be flawed and gave politicians three years to resolve those issues. The deadline for this expired this summer. So the very next federal elections may easily be revoked. What does it tell you when a government does ignore multiple decisions of its highest courts and as such, ignoring certain ideas and aspects of their own constitution?

During the past 30 years or so, the Chaos Computer Club also became a very valuable, non-biased and honored source in expertise on IT security for media, politics, regular and highest courts, but exactly once their analysis on "governmental spyware" appeared, quite a few politicians cried that you can't trust those ideas and fantasys of some weird kind of club who do claim chaos in their title. So actually, those politicians are actually trying to defame the Chaos Computer Club.

I am not a security expert, but highly doubt this Trojan could be created for Linux. Which distribution would it target? How would it gain access to root to install the Trojan? I am sure there are loopholes, and suppose they exploited one; the very moment someone finds it, that loophole is getting patched. What does MS do? They send law enforcement to arrest yet another "malware crime ring". See the problem here?

One of the samples of the current surveillance software has been retrieved from a notebook; the software has been installed by customs officers at an airport, who did some "extensive checks" in another room. To me, this reads like the owner handed his notebook to those customs officers and they've been using some kind of bootable USB stick or the like to install into the Trojan into the likely non-encrypted filesystem.

A similar linux version wouldn't have to target a specific distro, a security issue or a loophole. So when someone gets physical access to your notebook, he could easily boot the box off a CD to replace /sbin/init by some kind of statically linked rootkit - there's no need for a root password, exploit or loophole once you already do have physical access and may simply mount the filesystem. And while they're at it, they may mess around with the rpm or dpkg database in order to correct any MD5 checksums and tagging /sbin/init as being a part of sysvinit or upstart release 66.6, so you likely won't receive any distro-updates to those packages for ages. I guess average linux users wouldn't notice a trojan installed that way and "only" during some major distro upgrade, things may break.

Another way were to replace the kernel binary on hard disk with a specific rootkit-kernel. This way, one might also access encrypted blockdevices or filesystems.

So probably about the only ways to protect from such threats were to strictly use encrypted blockdevices on hard disk and load the system kernel from a USB stick. The USB stick is only required for booting and may be removed after boot. So if some customs officer wants to take a closer look at your notebook, you may hand them the notebook - it isn't able to boot and its encrypted drive won't enable them to install a rootkit.

On a sidenote, for at least 30 years or so german students in school classes after elementary school do attend 4-6 years of english language courses, usually a couple of hours per week.

East or West Germany? Something tells me that East Germany had a different education system. Again, the joke is not about them. I myself have an accent when speaking Americano.

Until 20 years ago, students in West Germany have been learning English, while students in East Germany have been learning Russian. After Germany has been united, schools in East Germany pretty soon started offering English courses. However, I've been in West-German schools and back in 1989, my school also started offering russian language courses. I guess this is linked to Russia's era of Perestroika/Glasnost.

A co-worker of mine came from East Germany and did only attend two years or so of english lessons at school. He also attended the "business english" courses being offered in the office, but still was somehow uncomfortable actually speaking English. Nevertheless, he didn't have much trouble resolving technical and work-related issues with colleagues from the U.S. via email or ticketing systems.
On the other hand, he was fluently speaking in russian with another co-worker who came to Germany from the country of Ukraine and who has been about the same level of being uncomfortable in speaking german than he was with speaking English. In terms of business and economy, former russian countries also do come closer to Europe, so in the end, both English and Russian have been proven to be important languages in business (at least to those Europeans who live between "western" and "eastern" Europe).

Committees have become so important nowadays that subcommittees have to be appointed to do the work.