Become a fan of Slashdot on Facebook

 



Forgot your password?
typodupeerror
Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×
Slashback

Slashback: DRM, Eldred, Aridity 212

Slashback's updates and corrections tonight include Declan McCullagh's photos from the Eldred / Lessig Supreme Court appearance, a denial from Microsoft that the company is planning to charge customers extra for security features, a reminder about your chance (well, if you're an American) to tell your elected representatives what you think about mandated DRM technology, and more. Read on.

Looking sharp in their suits. Declan McCullagh writes: "Here are some photos from after the arguments, including activists who slept on the courthouse steps, an exhausted but optimistic Larry Lessig, and the Internet Archive bookmobile, which visited Washington DC for the event."

A new meaning for 'decimation.' Martin writes "Here is a good write-up on what happened with the whole sendmail hack a week or so back. Apparently every 10th copy of the source that was downloaded from sendmail.org received the trojan'd version. Nice to see a linux hack getting some attention for a change, instead of the usual MS bashing. Here is the write-up."

I won't be charging entrance fees to Shangri La, either. After a report posted the other day indicating that Microsoft was considering charging customers more for certain security features, Software writes "According to a little snippet from Yahoo News (look towards the bottom), Microsoft won't be charging for security updates after all. As Yahoo puts it, 'Microsoft, however, said Mundie was referring to an internal proposal to begin offering stand-alone security software in the future.' No confirmation of this on Microsoft's site for the press"

As denials go, that seems like a weak one.

Where is Deep Fritz's deep game? screenbert writes "In an exciting best-of-eight chess match-up, the human is leading the computer 2 1/2 to 1/2. I find the fractions of winning amusing, almost as amusing as seeing that the best-of-eight series will take at least nine games since one of those games was a draw. For a general overview there is a good review here(1) or here(2) or here(3). And to save the 38 mandatory karma whoring comments I'll say it: Imagine if Deep Fritz ran on a beowolf cluster."

So it's back to BYOB. gnarly writes "An earlier report of detection of water masers on extrasolar planets has been debunked."

Workaround: Get your congresspuppet hooked on Free software. Several readers wondered why (complained that) the post offering a link to the place where you can submit your comments on DRM technology to the Senate Judiciary Committee was posted section-only. So here's a reminder; if you live near D.C. (or get a chance to stop by a local office), perhaps you'll be able to stop to chat a bit about how you determine who gets your vote. (Maybe you should check out the sections, too.)

This discussion has been archived. No new comments can be posted.

Slashback: DRM, Eldred, Aridity

Comments Filter:
  • by Savatte ( 111615 ) on Thursday October 10, 2002 @08:02PM (#4428685) Homepage Journal
    I like those odds!
  • by powerbarr ( 466387 ) on Thursday October 10, 2002 @08:08PM (#4428710) Homepage
    From what I've read about the hearing, it seems that Lessig's approach to go back to the copyright clause and not focus on the first amendment issues was not the right approach. However, IANAL, especially a scholarly constitutional one, so my opinion means squat.

    This [freedomforum.org] was an interesting analysis that summed this up.
    • by Loki_1929 ( 550940 ) on Thursday October 10, 2002 @09:00PM (#4428953) Journal
      "Lessig's approach to go back to the copyright clause and not focus on the first amendment issues was not the right approach."

      Considering the fact that the supremes basically dismissed the First Amendment approach immediately, I'd say focusing on it now would be a bit of a mistake. That being said, I think a well-developed argument against the insanely long extended copyrights based exclusively on the idea that they are detrimental to the free and open exchange of ideas (read: free speech), and that the costs outweigh whatever benefits are derived from the latest extension to copyrights would have at least as much of a chance in court as does the current arguement. I also think that someone needs to point out, in response to the justices' repeated questions about the ensuing copyright chaos that would follow a decision against the mouse act, that chaos already reigns supreme in the world of copyrights. Patents and trademarks are fairly well tracked, but copyrights are most certainly not. If they want to keep copyrights more simple, strike down every single extension and go back to the original 14 years. (I think it was 14, could be wrong - too lazy to double check) If the whole of Disney's entertainment empire rests squarely on its control over an imaginary rodent, then perhaps the investors should re-evaluate their portfolios.

      Put simply, if your business sucks, no amount of legislation can keep you afloat forever, and shame on those elected officials who would help you at the expensive of those they (supposedly) represent.

      • No way (Score:5, Interesting)

        by Aapje ( 237149 ) on Friday October 11, 2002 @06:37AM (#4430891) Journal
        That being said, I think a well-developed argument against the insanely long extended copyrights based exclusively on the idea that they are detrimental to the free and open exchange of ideas (read: free speech), and that the costs outweigh whatever benefits are derived from the latest extension to copyrights would have at least as much of a chance in court as does the current arguement.

        The problem with that kind of argument is that it's not very objective. It's about weighing the available evidence/research/etc and deciding what the rights of various groups (with different interests) should be. That seems to be about identical to the job description of congress members. I don't see how the supreme court could make such a decision instead.

        Lessig's argument makes a lot more sense IMHO. First of all, it's much more difficult to argue that retrospectively extended copyright will have even a mildly reasonable influence on promoting arts. In fact, if one sees the public domain as promoting arts, it's highly questionable whether congress should be allowed to destroy all kinds of interests and business models that are based on the public domain (see the publisher that wanted to publish an out of print, about to expire book). Those people had reasonable expectations that the works they were after wouldn't suddenly be locked up for another x years. An artist/publisher sh/wouldn't expect the copyright term to be extended for works that were created in the past (especially since the constitution uses the words 'limited term' which conflicts (in theory) with a gratuitous extension).

        Furthermore, a copyrighted work is never guaranteed to be added to the public domain if its copyright term can be extended again and again. I don't think it's far-fetched to say that this breaks the 'limited duration' as specified by the constitution. If only prospective extensions are allowed, you will at least have a guarantee that the copyrighted work will expire into the public domain at a known date. It might take 1 billion years, but I'm afraid that the only way Americans can prevent that is by voting differently (in theory*).

        *See [Two party system] & [bribes]
        • While I agree that the free speech argument seemed to have less resonance with the supreme court and is probably the weaker argument in general, note well the broad wording of the second question under consideration:

          "2. Is a law that extends the term of existing and future copyrights "categorically immune from challenge[] under the First Amendment"?"
          Even just one example of a possible exception to categorical immunity (no matter how contrived, farfetched, or unlikely) would have made the answer to this question "No" and could have opened further challenges to copyright, although probably on a case by case basis. From what I've read, no such example was offered during court. Even if it made sense to focus on the first question, was this a missed opportunity?
          • The most far-fetched example is of course a copyright term of infinity minus one. Suppose that such an extension would have been in effect when Keynes wrote his books and that the publishing rights would have been sold by his heirs to Marx Publishing Inc. Marx Publishing has a competing set of books and so they lock up Keynes' works forever (minus one year). This extremely important part of our culture is thus (in essence) destroyed.

            I'm not very knowledgable on the subject of the first amendment, but this at the very least sounds extremely scary.
  • by Anonymous Coward on Thursday October 10, 2002 @08:08PM (#4428714)
    Official 4th game result annoucement [62.73.175.4] (However the final position graphic is currently wrong).

    P.S. To our troll wannabe: Beowulf is spelled BeowUlf.
  • You think they would at least play another game and the score would be different before the chess match got mentioned again [slashdot.org] in another slashback.
  • security (Score:2, Interesting)

    by orangeaaron ( 614222 )
    so you're saying microsoft is going to start paying attention to security now? seriously though, there may be some good in paying for something you *know* is secure. after all, you pay more for a good safe to put your money in than under the mattress... of course, do you trust microsoft when it proclaims something as "secure"?
    • Re:security (Score:4, Insightful)

      by dirvish ( 574948 ) <<moc.swendnuof> <ta> <hsivrid>> on Thursday October 10, 2002 @08:39PM (#4428864) Homepage Journal
      It seems like a paid microsoft security program would be a huge target. I am sure there is nothing more some people would like than to throw mud in M$ face by hacking there extra secure pay thingy. I would find it humorous if a bunch of people paid microsoft money for extra secure software just to have it get hosed worse than anything else.
      • And don't forget the standard EULA clause, "If this software doesn't work, it isn't our fault!"

        Sometimes I really don't know why people even buy software anymore. Say you buy a car, and after 15 miles, the wheels fall off. If you knew that you would have no recourse, would you still invest thousands of dollars in a car?
    • Spurious comment I know but do you trust a company that claims the safe they're selling is 'secure'?
      Computers get hacked and bank vaults get cracked but we still buy them...
      In the end I like to think I maintain a general distrust of any company that claims benefits (security being just one) that I cannot objectively prove, at least to my own satisfaction. Microsoft is only one of those...
      • Spurious comment I know but do you trust a company that claims the safe they're selling is 'secure'

        Since you ask, the security of a safe is assured by its UL label. Construction labels, typically B and C, simply specify certain thickness of steel. Performance labels, such as TL15, TL30 specify resistance to expert attack for a certain time period. A safe rated TXTL-60 will:
        Successfully resist entry for a net assault time of 60 minutes when attacked with common hand tools, picking tools, mechanical or portable electric tools, grinders, drills, pressure devices, explosives and oxy-fuel gas cutting or welding torches.
        (more here [brownsafe.com]).
  • by Anonymous Coward
    "Nice to see a linux hack getting some attention for a change, instead of the usual MS bashing."

    Is it not true that whenever there's a *nix vulnerability it gets posted on CERT? Is this really a "change?" Recall that there was a trojaned version of SSH going around that got plenty of attention. Maybe these "hacks" don't get as much press because there aren't so many of them. Just remember that many of the high-profile vulnerabilities have affected M$ products. If one affected a *nix product, I'm sure it'd get just as much attention, as such vulnerabilities cannot be ignored, especially by administrators.
    • by NanoGator ( 522640 ) on Thursday October 10, 2002 @09:01PM (#4428956) Homepage Journal
      "Recall that there was a trojaned version of SSH going around that got plenty of attention. Maybe these "hacks" don't get as much press because there aren't so many of them. "

      Um, no. I can recall one week (3-4 weeks ago?) where the front page of Slashdot had a couple of anti-MS rantings. Go a level or two deep in Slashdot (not the main page), and there was a pretty nasty Linux worm or something floating around. Wish I had the details on me. I just remember somebody's post with a +5 moderation asking why it didn't make the front page like the similar MS stuff.

      The fact is that /. finds MS stories juicy. The more the details are twisted and bent, the more contraversial the story is. This means more people commenting, and co-incidentally, more banner ads getting exposed.

      It's gotten to the point that one cannot rely on the article summaries. Anybody remember the 'Microsoft kicks Sony out of Ce-Bit' article last... March or April I think? Microsoft didn't throw Sony out of a Tradeshow. Sony was breaking tradeshow rules and MS reported them. Compromises were offered, but instead Sony packed up all their PS2s and stormed out like a little kid throwing a tantrum. Despite that Sony broke the rules and refused to play because they weren't allowed to do things other trade show attendees couldn't do, MS is the one that got the bad press for it on Slashdot. Sony cheats, MS gets bad press out of it. Yeah, that's fair.

      Sorry, but the Linux Community here on Slashdot has no right to complain about that comment. Stop dishing the shit out if you can't handle some of it getting thrown back.

      • by Anonymous Coward
        First off, it should be pointed out that the original message was not about the /. community. It was about publicity in general. Perhaps what you are saying about /. is true, that anecdote is certainly not unbelievable, but that is all irrelevant. /. may have an anti-MS bias, best illustrated by the icon showing Bill Gates as a borg, but publicity about vulnerabilities in other OS' can appear elsewhere. /. is under no obligation to be perfectly unbiased. If you don't like that, start visiting sites that ARE under such an obligation.

        Oh, and BTW, regarding that last remark about the Linux community here having no right to complain: That's assuming that every single member of the Linux community here has those attitudes. Not exactly a safe assumption to make. Second of all, it was a vulnerability in sendmail, not Linux, so I'd say Linux users have every right to complain about it.
      • The fact is that /. finds MS stories juicy. The more the details are twisted and bent, the more contraversial the story is. This means more people commenting, and co-incidentally, more banner ads getting exposed.

        Meanwhile, in the Slashdot Inc. CEO's office, Taco rolls arround on a huge pile of ad-revenue, smoking a cigar and laughing maniacally!

        Gotta love this kind of "objective" bashing. Do you expect to find a microsoft-friendly atmosphere here? Of course they don't get the benefit of the doubt, after all the shit they've pulled do they honestly deserve it? As long as we're giving credit where credit is due, Slashdot is much fairer to MS than their PR zombies are to linux.
        • "Of course they don't get the benefit of the doubt, after all the shit they've pulled do they honestly deserve it? "

          Who's to judge that? Dude pointed out that the articles are biased to begin with. If they're biased, how could they fairly 'punish' MS?

          No dice.
      • by qortra ( 591818 ) on Thursday October 10, 2002 @09:57PM (#4429183)
        Sorry, but the Linux Community here on Slashdot has no right to complain about that comment.

        Much of community here on Slashdot that engages in what Martin would call "MS Bashing" are actually MS OS users, so I would probably not use the term "Linux Community" to generalize them. In fact, these are often people who have been victimized by MS related viruses/worms, and so they actually do have the right to complain.

        I'm sure that I can find for you plenty of trojaned win32 software that never made it to Slashdot. So your argument that one particular worm ("or something" as you so specifically point out) not being mentioned indicates the single-mindedness Slashdot is void.

        Finally note that although sendmail is a program that was often used in GNU/Linux systems, this was not a "Linux hack" per say. In fact, I believe the ftp server that was compromised was actually running freeBSD.

        More than that, MS flaws usually come about as a result of careless programming, whereas this problem was probably the fault of the web admin at Sendmail (a company with decidedly few resources). As long as MS has $40 billion sitting in the bank and their products are still insecure, I believe the computing community at large as the right to bash them just as much as they please.

      • This is the link [slashdot.org] I think you are referring to.
  • Irony? (Score:5, Insightful)

    by SubtleNuance ( 184325 ) on Thursday October 10, 2002 @08:14PM (#4428732) Journal
    Nice to see a linux hack getting some attention for a change, instead of the usual MS bashing.

    sendmail != GNU/Linux.

    ...and i hope the GNU/Linux bash -- subtle as it wanted to be -- wasnt missed by the slashdotters... Isnt a little strange do some bashing while complaining about the "usual bashing"?

    Pot this is kettle; Kettle, Pot.
    • And, to be fair, IIS != Windows.
      • But, IIS = Microsoft. ;)

      • Re:Irony? (Score:4, Interesting)

        by pnatural ( 59329 ) on Thursday October 10, 2002 @08:37PM (#4428852)
        Really? IIS now runs on a platform other than windows?

        I counter that "windows != IIS" and yet "IIS == windows". Windows can exist without IIS (even if it's installed and you don't know it), but IIS cannot exist without Windows.

        To be sure, the majority of the flaws in IIS have done little more than reveal flaws in the OS upon which it runs.

        • "I counter that "windows != IIS" and yet "IIS == windows". Windows can exist without IIS (even if it's installed and you don't know it), but IIS cannot exist without Windows."

          Heh nice bending of word definitions to sugar- coat a point there.
          IIS is a service. IIS is not Windows, it's not a feature of Windows, it's a service that runs on top of Windows in much the same way that Apache runs on top of whatever OS it's running on. MS could port it to other OS's if they wanted to. We all know they won't. And no, just because it's on the install CD doesn't mean that it's Windows.

          Let's apply your logic (or lack of) to some other examples:

          Gnome == Linux because it's installed with it.
          KDE == Linux because it's installed with it.
          Apache != Linux because it can be installed on Windows
          Emacs == Linux because it's installed with it.

          And so on...

          Sorry, but your argument does little for me but show ya hate MS, but don't really know what you're talking about.

          • KDE, emacs, and parts of GNOME can also be installed on Windows, so by that logic, they'd all be != Linux.
            • KDE, emacs, and parts of GNOME can also be installed on Windows, so by that logic, they'd all be != Linux.

              Exactly! None of those are Linux. Emacs, in particular, predates Linux by years. (In a loose sense, it predates Unix.) And GNOME is supported by Sun because they're making it part of Solaris.

              As far as Sendmail goes, it's not even the default MTA on the (very popular) distro I use. However, it's been the default MTA on every commercial Unix I've used since long before Linux appeared. So, given that Sendmail is not (necessarily) the default MTA on Linux, but is on Sun, it would make more sense to call Sendmail bashing "Sun bashing" than "Linux bashing". (Although it's still just Sendmail bashing.)
          • IIS is a service. IIS is not Windows,

            Yes and yes.

            it's not a feature of Windows,

            I agree. It's not a feature. It's a liability.

            it's a service that runs on top of Windows in much the same way that Apache runs on top of whatever OS it's running on.

            Wrong. Apache is cleanly separated from the OS upon which it runs. IIS is not, nor can it be, separate from windows.

            MS could port it to other OS's if they wanted to.

            You can't prove this without the source. Do you have it? Uh-huh. I counter that it cannot be ported, and in the same vein, you can't prove that statement to be false.

            Gnome == Linux because it's installed with it.

            Not on my disto.

            KDE == Linux because it's installed with it.

            Ditto there.

            Apache != Linux because it can be installed on Windows

            Well, duh.

            Emacs == Linux because it's installed with it

            Again, not in my distro.

            Sorry, but your argument does little for me but show ya hate MS, but don't really know what you're talking about.

            I'd bet my house that I know more about windows (the NT-2k-XP strain) than you do. But for the record, yes, I hate MS as of late.
            • "You can't prove this without the source. Do you have it? Uh-huh. I counter that it cannot be ported, and in the same vein, you can't prove that statement to be false."

              So, you negated your own rebuttal? Brilliant debate technique. Heh.
          • Re:Irony? (Score:2, Funny)

            by Sn4xx0r ( 613157 )
            Gnome == Linux because it's installed with it.

            Gnome is in the kernel tar-ball now?

      • True that ... BUT IE == Windows. Just ask Microsoft.
    • Re:Irony? (Score:3, Insightful)

      by NanoGator ( 522640 )
      "Isnt a little strange do some bashing while complaining about the "usual bashing"?"

      No it's not unusual. If somebody takes a poke at MS, you're not going to care. But when somebody takes a painful poke at Linux, suddenly you understand what your pokes at MS feel like.

      It's not hypocracy, it's illustration. A very effective one at that since it got a reaction out of you. A lot of the anti-MS shit that flies around Slashdot (and usually ends up as +1 Funny) is every bit as ill-founded as the Sendmail/Linux relationship. Yet, it still flies around and people pat themselves on the back. What reason would they have to tone it down if they don't know what it feels like?

      You can dismiss his comment as hypocracy if you like. I wouldn't, though. You should see it as a reflection of what the GNU/Linux community puts out. If that kind of comment bothers you, you lose your right to complain once you start making Windows insecurity jokes.
      • Re:Irony? (Score:2, Insightful)

        Yeah, but hasn't it been pretty well established here that all the silly dollar-sign-for-esses posts and virulent Anti-MS vitriol here is coming from the high school kids/L33t HAXX0rs? You're not gonna get that crowd to change merely by talking sense. For them, MS is like some comic-book super-villain.

        As far as the whole quid-pro-pro thing goes, you gotta figure that there is probably very little you could do to some teen who gets so worked up over a computer operating system that their better-adjusted classmates haven't already done to them, in spades.
      • I think you've been drinking the MS kool-aid, or at least somebody's kool-aid. I mean, what the heck is a hypocracy? Rule by under-acheivers? Government by the extremely mellow?

        Would Spicoli be president if the US were a hypocracy? Would we be sending dubies to Iraq instead of bombs? Or, dude!, how about some of the poppies we got when we took over Afghanistan?
  • by parliboy ( 233658 ) <parliboyNO@SPAMgmail.com> on Thursday October 10, 2002 @08:19PM (#4428760) Homepage
    Since they published his comment as is, I'll assume that this isn't as commonly understood as it should be. The match will end after eight games, period. If the remaining 5 games are drawn (which they won't) then the human wins, 5-3. There are no additional games to make up for draws. If it were to be 4-4 after eight games, the match would just end in a draw.
    • It also seems that many folks don't understand why such matches have an even number of games -- in order to equalize the number of times each player plays as white or black. Also, it's theoretically possible for all games to be drawn, so there's never really a guarantee that any match will be decisive.
  • Elastic Clause (Score:5, Interesting)

    by rc27 ( 601744 ) on Thursday October 10, 2002 @08:20PM (#4428767)
    According to Law.com:

    Olson gained ground when he invoked another clause of the Constitution, the "necessary and proper" clause, as a justification for the legislation as a matter of equity.

    I am appalled that this guy invoked the necessary and proper clause on an issue that the Constitution already addresses. That is NOT what the clause was intended to do. I don't know why we even bother paying lip service to the Constitution anymore.
    • Re:Elastic Clause (Score:5, Insightful)

      by Anonymous Coward on Thursday October 10, 2002 @08:59PM (#4428950)
      That is NOT what the clause was intended to do.

      I disagree. That IS exactly what it was intended to do. Quoth the Constitution (Art I, Sec 8):

      "To make all laws which shall be necessary and proper for carrying into execution the foregoing powers, and all other powers vested by this Constitution in the government of the United States, or in any department or officer thereof."

      The "foregoing powers" are the enumerated powers of Congress, one of which happens to be:

      "To promote the progress of science and useful arts, by securing for limited times to authors and inventors the exclusive right to their respective writings and discoveries;"

      So calling in the necessary and proper clause is perfectly acceptable. His claim is that the CTEA is necessary and proper to carry out the promotion of science and useful arts. I stress again that this is an acceptable argument.

      HOWEVER, this is Eldred's point; the CTEA is NOT necessary, nor is it proper, in promoting science and art. Retroactive extensions do not promote.

      This case is about whether the CTEA is necessary and proper, so I find his reference to the nec. and proper clause to be a bit daft. Yes, thank you for telling us that Congress is allowed to make good laws. If this wasn't a enumerated power then maybe there would be a purpose for calling attention to the clause. But in this case all he's done is say Congress can make laws about copyrights and patents. Duh. Nobody is challenging that Mr. Olson.
  • Chess scores (Score:5, Informative)

    by emarkp ( 67813 ) <slashdot@NOsPAM.roadq.com> on Thursday October 10, 2002 @08:20PM (#4428768) Journal
    Come on, the fractional scores make sense. You have to count the draws or the matches would never end.

    It's 1 point for a win
    0.5 points for a draw
    0 points for a loss.

    Some people think that a stalemate should count for something other than 0.5-0.5 (say, 0.75-0.25 favoring the player with the advantage when the stalemate happens), but I won't go into that.

    • Re:Chess scores (Score:2, Interesting)

      by WetCat ( 558132 )
      Imho it's much better to count stalemate for 0.25-0.75 to mark that player who trick other monster with all figures that easily could have make a mate to stalemate
      • Imho it's much better to count stalemate for 0.25-0.75 to mark that player who trick other monster with all figures that easily could have make a mate to stalemate

        Well, yes that's what the other camp argues. Of course, their arguments average out to 0.5-0.5 so...

  • by nounderscores ( 246517 ) on Thursday October 10, 2002 @08:22PM (#4428772)
    IIRC, jupiter and saturn both have trace water in their atmosphere. If these extrasolar planets (with masses similar to our gas giants) have no water, they must have something different going on. Is their star too young? not enough impacts from the right comets? Or is it just that if we were that far from jupiter the water content would be too small to detect?
  • Fritz to 8? (Score:1, Redundant)

    by afidel ( 530433 )
    In an exciting best-of-eight chess match-up, the human is leading the computer 2 1/2 to 1/2. I find the fractions of winning amusing, almost as amusing as seeing that the best-of-eight series will take at least nine games since one of those games was a draw.

    Deep blue was much more powerfull then the computer running Fritz, and it was not just deep blue facing Kasperov, but some great chess players aided by a computer playing against Kasperovs style. Plus unless the rules are different then any way of playing best of 8 I can think of the match could end after 2 more games (4.5 to .5) or 5 more for a total of 8 games.
  • And to save the 38 mandatory karma whoring comments I'll say it: Imagine if Deep Fritz ran on a beowolf cluster."

    What will the karma whores do now that the submitter beat them to it?

  • by 0xdeadbeef ( 28836 ) on Thursday October 10, 2002 @08:24PM (#4428782) Homepage Journal
    Nice to see a linux hack getting some attention for a change, instead of the usual MS bashing.

    It's nice to see that now, since Linux has gone mainstream, all the cool kids have turned from criticising the straw man of mindless Linux promotion to the straw man of mindless Microsoft bashing in order to be the outsider rebels.

    Say what you will about the Microsoft anathema, no Linux vendor has promoted the forced inclusion of DRM technology, or, before finding that religion, poo-pooed the importance of security. Through its entire history, Microsoft has given us plenty of justification for criticism. If you don't understand that, then you're as dim as the 'slashbots' to which you feel superior.
  • by carlmenezes ( 204187 ) on Thursday October 10, 2002 @08:47PM (#4428897) Homepage
    DRM is wrong. Given the fact that it's a law that the person who buys the software has the right to make a backup copy, it's a perfect example of corporate America pushing the envelope on what they can get away with - as in, keep making it more difficult to make a backup. What DRM SHOULD be is a technology that allows the purchaser to make a backup, but not distribute that backup - something along the lines of authentication that the person installing the software from backup is who he says he is (using smart cards comes to mind here). In it's current form, we need to fight DRM as it is nothing but another monopoly tool.

    On a different note, Fritz is going to get a thorough beating. Why? Because Kramnik is known for his defensive play and he even bested Karparov using the Berlin Defense. Now, what is needed is either a LOT more processing power to search for the right moves, or a little unpredictability (which I think would be better). GMs and IMs use programs like Fritz everyday for practice and hence know it's playing style. Though you can train Fritz depending on what game databases you feed it, it still plays like a computer. Contrast this with the fact that a program called Arasan beat Vishwanathan Anand (currently no. 2) in a best of three Blitz tournament, because it had trained on Anand's games, AND, the programming team drastically changed it's playing style before the match. It is easy for a computer to change it's playing style and still play well - not so for a human. I feel this is what they should be concentrating on - unpredictability.
  • by MavEtJu ( 241979 ) <.gro.ujtevam. .ta. .todhsals.> on Thursday October 10, 2002 @08:54PM (#4428924) Homepage
    If the evidence confirms the theory, the hack would definitely be a strange way to compromise a downloadable file, said Marc Maiffret, chief hacking officer for security software firm eEye Digital Security.

    "I'm not sure why they would want to do that," he said.


    Come on guys, it's not rocket-science. It's all just to prevent alarms going off.

    Scenario 1: I just downloaded an infected version of sendmail and verify the checksum: failed. Hmm... let's try again. Aha, it's okay this time.

    Scenario 2: I just downloaded an infected version of sendmail, verified the checksum and informed the people at sendmail.org about it. They say: nothing wrong here, try again. I try again and it's okay this time.

    Scenario 3: As 2, but the people at sendmail.org get too many complaints and start to get suspicious.

    Scenario 4: I just downloaded an infected version of sendmail, verified the checksum and informed the people at sendmail.org about it. They say: nothing wrong here, try again. I try again and it's okay this time. I kept the broken version and find out what the difference is.

    How often do the scenarios happen?

    Scenario 1: 99% of the time.
    Scenario 2: 0% of the time.
    Scenario 3: 0% of the time (less than 2).
    Scenario 4: 0% of the time (less than 2).

    With the OpenSSH hack I tried to re-download the broken version twice too before I started to get suspicious. I wouldn't have been suspicious at all if it worked fine the second time.

    Edwin.
    • "I just downloaded an infected version of sendmail and verify the checksum: failed. Hmm... let's try again. Aha, it's okay this time."

      I believe your analysis is mostly dead-on. However, I do think there's one additional fact that would trigger a bit more suspicion (although probably not nearly enough): There are actually two checksums in play; the published one that you're verifying against, and the one used by the compression system (most likely gzip in this case).

      So the official checksum would fail, indicating it's not the official release. However, the compression system's checksum would pass, indicating that what you downloaded is what someone delibrately placed on the server. While someone still might write it off as a race condition where they grabbed the new official checksum yet the previous version of sendmail, it might still raise a few more eyebrows. Probably not many more, but it's a start.

  • by Anonymous Coward
    ...because then they'd actually have to warrant that their systems are at least slightly more secure!
  • by Guppy06 ( 410832 ) on Thursday October 10, 2002 @09:24PM (#4429044)
    "... a reminder about your chance (well, if you're an American) to tell your elected representatives what you think about mandated DRM technology"

    Yes, it's coming up this November 5th. Here's how to get involved. [fec.gov]

    If you're going to write your Congresscritter about DRM, be sure to also write his/her/its opponents in the upcoming election.
  • My Linux system is open to the world! What ever will I do???
    Oh, wait, I'm running Qmail. I guess it's not something I need to worry about, huh?
  • Charge for updates? (Score:5, Interesting)

    by MoTec ( 23112 ) on Thursday October 10, 2002 @09:33PM (#4429074)
    Microsoft won't charge for security updates or patches, that just seems a bit too audacious even for Mr. Gates.

    However, there is a new niche for Microsoft.

    Earlier today I was helping a buddy update and clean his Win2k box - And no, he wouldn't let me clean it with Gentoo... He thought he was infected by a virus (he wasn't) so he bought a 'subscription' to McAfee virus scanner. After we ran that, I downloaded AdAlert (free), to remove the spyware... Found lots of that. Then I downloaded ZoneAlarm (free) and set him up a personal firewall.

    We've seen MS, in the past, include options like then in the OS... WinXP already includes a personal firewall but there are lots of 'extra' services that MS could add... And why bother including them for free in the OS - expecially when they get sued for it?

    I'll bet we see a MS virus scanner/privacy guard/whatever utility sometime soon. With MS's advantage of having OS and Apps in house it could, at least in theory, be faster and better integrated than the competition... And the MS name would go a long way to having the masses buy it over Norton or McAfee... A product like that has to be what Mundie was referring to.
  • Political Reality (Score:5, Insightful)

    by sterno ( 16320 ) on Thursday October 10, 2002 @09:54PM (#4429167) Homepage
    Let me ask you this: are you more likely to vote a politician into office because of his position on DRM or his position on military action in Iraq?

    The problem is that, in a time when there are really serious concerns, something relatively obscure like DRM is going to get pushed to the bottom of the priority list. The state of the economy is a whole lot more important than the state of DRM. Both issues concern me, but one has to weigh them very differently. Hard to seriously vote against somebody who's in the RIAA's pocket but is willing to make a stand against military action in Iraq (if you tend to lean that political direction).
  • Used CD's (Score:2, Interesting)

    I don't know if this is entirely related to DRM. But I was wondering if anyone had info on the legalities of buying used CD's, records, books, etc... (I'm interested in Canadian law in specific, but I would assume that it is the same as the States law)
    I recall a few years back that some artists and the big record companies were upset at the idea of reselling their music without recieving the royalties (I remember that the dude with the Kentucky Waterfall that did 'Aceky Breaky Heart' was whining about royalties). I was wondering if there is still a push for this, or if it has been implimented. If it has then the companies and artists that fall under the Mickey Mouse law would still be able to recieve payments on used items sold until the products fall apart...
  • by Anonymous Coward on Thursday October 10, 2002 @10:12PM (#4429263)
    According to the paper,
    The court, [Olsen] said, should not say that 99 years is too long for a copyright to exist, noting that the works of Herman Melville and Franz Schubert ''weren't valued until many years after their deaths.''
    Someone please explain to this taxpayer employee that the purpose of copyright is to encourage writers to contribute more work to the public. No amount of copyright extension, illegal or otherwise, would be sufficient to get Melville and Schubert to rise from their graves and start creating again.
  • MS/Linux Bashing (Score:5, Insightful)

    by KagatoLNX ( 141673 ) <[ten.ajuos] [ta] [otagak]> on Thursday October 10, 2002 @10:44PM (#4429397) Homepage
    Why does this crap bother everyone so much? For anyone who cares, try the following science experiment:

    Hypothesis: Microsoft software is buggier and less secure than Linux software.

    Experiment: Debian 3.0 and Internet Explorer 6 SP1 are recent releases (i.e. good examples of respective software packages). Test each one's security needs by updating each from their respective security archives. The one with the most fixes is the most buggy (this assumes bugs are the norm and fixes indicate their prevalence in the code, history bears this out).

    Results: Debian has about 8 updates. IE6 SP1 has about 15 critical updates. The IE updates are five times the size of the Debian ones.

    Analysis: IE should have the advantage here. It is only a web browser against an entire distribution. It also was released noticibly later, giving less time to discover bugs.

    Conclusion: Hypothesis is supported.

    Any other experiments?
    How about a histogram of bugtraq notices? How about one weighted by severity?

    Software is software. It all has bugs. The only way to combat it is good development practices--things like rigor, testing, attention to detail, lots of review, and careful design.

    MS has shown (and still shows) that it puts these goals second to political maneuvering, time to market, and (sometimes underhanded) competition.

    I damn well will bash a business that is only after my pocketbook (MS) every time they screw up. I also will vehemently defend people developing code for all to use (OSS). Even if they were equally buggy, I'll pick goodwill over greedy corporation any day.

    Sorry, but Open Source and Microsoft (a.k.a. good versus evil :) is not Tommy Hilfigger versus Ralph Lauren. If you want to argue fashion go read Cosmo or Vogue. I care about nothing less or more than solving problems with computers in an open, useful, honest, secure way that doesn't make me a corporate whore.

    I just wish that "Visual Basic" and the like hadn't convinced a bunch of second rate graphic artists that they were "programmers". There's nothing more disheartening than being surrounded and outnumbered by loud idiots desparate to cling to the greedy corporate teat that enabled them do something other than flip burgers.

  • There wasn't ANYTHING to deny. If you read the original story off ZDNet, it seems pretty clear to me, that MS was talking about selling additional products/services. It was never suggested that they were going to start selling security patches.

    Basically MS wants to enter a new market segment, that's all. The only reason it's been particularly newsworthy, is that mass hysteria, and misinterpretation of statements caused anyone with an axe to grind, to assume the worst of MS. Yes, they are a large, unfriendly corporation, but they aren't complete idiots, and they aren't evil incarnate.
  • Remember (Score:2, Interesting)

    by PaddyM ( 45763 )
    Any rebroadcasts of the pro-DRM statements of the establishment are prohibited without the express written consent of the establishment.
  • ...is still better than Micro$oft odds.

    Especially if all you have to do is verify a checksum. Shrink-wrapped, over-priced software comes out of the box "as is."

    What's the checksum for IE + all 15 updates?
  • by gregm ( 61553 ) on Friday October 11, 2002 @02:33AM (#4430192)
    I've been waiting on this one for awhile. It has to drive them nuts to have a firewall like the zone alarm reporting all the behind the scenes discussions the print spooler subsystem etc are. having with someone on the net. They'll probably include some lite version of their zone alarm for free and a pro version for money... think defrag... Of course neither version will tell us anything about any of their covert communications with our computers.

    And think of all the money they're losing out on to McAfee and Norton for antivirus software. If I were a conspiracy theorist...oh wait... I am, I might think they've purposely not cleaned up outlook just to create a market that they can swoop in and take over like they're known to do. bastards
    • I think the way to go here is to set up your computer without TCP/IP (use IPX/SPX or Netbeui for your internal network), then do all the internet interaction inside a VMware VM. Thus, the core operating system, where you do your personal and private stuff (e.g. Quicken), doesn't get to call home. Inconvenient, yes, but a little more secure.

All life evolves by the differential survival of replicating entities. -- Dawkins

Working...