If the school district were to claim copyright on all content created by the students as part of their curriculum, and the student had ANY classes that had to do with computers, the Internet, video production, acting, etc, would the district also be able to file DMCA takedowns on YouTube videos, Facebook content, or anything else that they disagreed with?
If this goes through I'm sure the above will be tested VERY quickly.
Don't get me wrong.. I am NOT in favor of the Cybersecurity Act for a variety of reasons, most of which you already mentioned. I don't want to see the thing passed either.
My concern was more the approach to many of the cyber security articles that show up here. Many of them DO seem to question if these attacks are real, or just fabricated to justify poorly written laws. At least that's how I've been reading many of them.
When I read articles like this that basically say the work I perform day in and day out is nothing more than a political conspiracy, it tends to irk me a bit.
I love TechDirt and really enjoy the articles that you write with ONE exception: Cybersecurity. This is what I do for a living, and I do happen to work for an unnamed government that you focus on quite a lot in regards to these things....
With that being said; Let me just say that the level of cyber attacks on national infrastructure is *NOT* being oversold. Most people simply couldn't comprehend the amount of attacks that are happening on a CONSTANT basis nor do most people understand the mitigation process and how it works within certain government organizations. In addition to that; there seems to be some serious misunderstanding in how data classification is approached at this level and why some controls (such as restricting government workers from accessing sites that are leaking classified data) exist.
Let's assume that YOU are responsible for a team of people that tries to protect a network. Those networks contain different classifications of data and you need to make sure that people are NOT accidentally moving classified data to unclassified systems. How would you deal with vetting every piece of classified data on an unclassified system and determining if it's actually been leaked? That process would be a nightmare.
Within government systems, the rule is that classified data is not allowed on unclassified networks. Period. That allows us to leverage data classification tools to help ensure that this data stays where it belongs. Having to make ad-hoc exceptions when something is "believed" to be leaked simply isn't practical.
These rules are not about CONTROLLING users from accessing this data on the net that's been leaked, they are in place to prevent this data from ending up on unclassified systems no matter what it's source.
There's a lot more to know about this process than simply what shows up in a news article somewhere....
Similarly, he notes that merely broadcasting a TV show wasn't considered "publishing." So TV shows like the first episode of Star Trek don't have their copyright clock start until nearly a dozen years after it was first broadcast, because that's the first time it was "offered for sale" rather than just broadcast.
Does this mean that there is no effective copyright on a TV show UNLESS it's offered for sale to the public? IE: If a show airs on TV tonight but is not offered for sale, can it be copied because the copyright clock hasn't started yet?
I think the biggest flaw in Anderson's logic is he is assuming the IT costs for the ENTIRE process vs. just the necessary IT costs for the Entertainment industry.
Here's an example; Hollywood doesn't need to create huge datacenters for each movie they make to distribute it electronically, just as they don't need to directly procure and manage a fleet of trucks to deliver DVDs to customers.
Existing datacenters are there with more than enough capacity and he should only consider costs related to the production of content and server hosting/co-location costs. He doesn't need to worry about what it cost to build the facility, cool it, or anything else that's not in his own segment.
...Unless he's just trying to make a point that "It costs money to build datacenters with lots of disk drives that send and receive lots of data". That's kind of a no-brainer. But for people who produce content and need to leverage that infrastructure for distribution; it's painfully cheap.
The problem really isn't with certificates. If anything, it's the manner in which the various organizations protect their CA's and intermediates. The process is too forgiving.
Exploiting these weaknesses is a problem that should have the blame placed on the CA, not the technology.
My thoughts exactly.. Next time I'm in DC I need to make sure I eat there and "complete" my digestion cycle in the restaurant to make sure I'm not infringing on any of their IP.
Everyone should already know that you're not BUYING that meal at a restaurant, you're just licensing a single use of the meal. You have no first sale rights either, so don't even THINK about taking home a doggie bag!
Sharing? Forget it.. That's a violation of the license right there. If you order a plate of fries you can NOT share with a friend, that's outright theft!
These restaurants hire workers of all sorts. Think of the dishwashers?! If you share a plate of fries with a friend you are depriving the dishwasher of an extra dish to clean and thereby hurting the industry and their ability to employ workers....
The whole sale/licensing/purchase/rental thing is just such a horrible mess, I feel like I should be consulting with my attorney before I make my next $0.99 music purchase. :)
There's a lot of "they" in these scenarios. Who is they?
I don't buy my music from the major labels. I buy it from Google Music. Can it be a "sale" from the label to Google and then a license from Google to me with some of the license terms being dictated via contract between Google and the label?
You still have a choice to use Google and Facebook or seek other alternatives. You're not forced to use Chrome, Gmail, Google Search, or any of their other products if you don't like the "cost" of using them.
For many of us un-biased consumers; we LIKE their products and accept the cost of using them. It's certainly better AGREEING to use a product knowing that they are going to try and build a demographic profile of their users than not having a choice at all.
With some of the MPAA/RIAA legislation that has been proposed; I think you would have a greater concern that your ISP could be inclined to do the same sort of thing with ALL of your traffic, opt in or not, for the benefit of big content.
"Editorial note: We have not included pieces below from the bills’ supporters (if you want those see here, here and here). This, rather, is a compilation of voices other than our own, that we think raise an important point."
So they provide quotes that raise important points.. One of these "important points" that interested me was a quote from NY Times columnist David Pogue:
"But it was a sloppy success; the scare language used by some of the Web sites was just as flawed as the Congressional language that they opposed."
Since the RIAA sees this as an important point, and the quote states that the "scare language" was just as flawed as the Congressional language that they opposed, can this be interpreted as the RIAA admitting that their own language proposed in SOPA/PIPA was flawed?
DoS attacks and DDoS attacks are not the same. If this truly was a DISTRIBUTED DoS attack, the perp would likely have needed to gain control of a group of machines to collectively perform the attack. Did he have permission from all the machine owners to use their computers in such a way?
Copyright used to stifle student criticism?
If the school district were to claim copyright on all content created by the students as part of their curriculum, and the student had ANY classes that had to do with computers, the Internet, video production, acting, etc, would the district also be able to file DMCA takedowns on YouTube videos, Facebook content, or anything else that they disagreed with?
If this goes through I'm sure the above will be tested VERY quickly.
Re: Re:
I agree with you 100% with your comments.
Don't get me wrong.. I am NOT in favor of the Cybersecurity Act for a variety of reasons, most of which you already mentioned. I don't want to see the thing passed either.
My concern was more the approach to many of the cyber security articles that show up here. Many of them DO seem to question if these attacks are real, or just fabricated to justify poorly written laws. At least that's how I've been reading many of them.
Re: Re: Re:
Agreed....
When I read articles like this that basically say the work I perform day in and day out is nothing more than a political conspiracy, it tends to irk me a bit.
(untitled comment)
@Mike;
I love TechDirt and really enjoy the articles that you write with ONE exception: Cybersecurity. This is what I do for a living, and I do happen to work for an unnamed government that you focus on quite a lot in regards to these things....
With that being said; Let me just say that the level of cyber attacks on national infrastructure is *NOT* being oversold. Most people simply couldn't comprehend the amount of attacks that are happening on a CONSTANT basis nor do most people understand the mitigation process and how it works within certain government organizations. In addition to that; there seems to be some serious misunderstanding in how data classification is approached at this level and why some controls (such as restricting government workers from accessing sites that are leaking classified data) exist.
Let's assume that YOU are responsible for a team of people that tries to protect a network. Those networks contain different classifications of data and you need to make sure that people are NOT accidentally moving classified data to unclassified systems. How would you deal with vetting every piece of classified data on an unclassified system and determining if it's actually been leaked? That process would be a nightmare.
Within government systems, the rule is that classified data is not allowed on unclassified networks. Period. That allows us to leverage data classification tools to help ensure that this data stays where it belongs. Having to make ad-hoc exceptions when something is "believed" to be leaked simply isn't practical.
These rules are not about CONTROLLING users from accessing this data on the net that's been leaked, they are in place to prevent this data from ending up on unclassified systems no matter what it's source.
There's a lot more to know about this process than simply what shows up in a news article somewhere....
Serious Question
Regarding this part of the article:
Does this mean that there is no effective copyright on a TV show UNLESS it's offered for sale to the public? IE: If a show airs on TV tonight but is not offered for sale, can it be copied because the copyright clock hasn't started yet?Re:
T3 (DS3) is only 45Mbit. Not terribly fast in the grand scheme of things.
Mixed Vertical Markets
I think the biggest flaw in Anderson's logic is he is assuming the IT costs for the ENTIRE process vs. just the necessary IT costs for the Entertainment industry.
Here's an example; Hollywood doesn't need to create huge datacenters for each movie they make to distribute it electronically, just as they don't need to directly procure and manage a fleet of trucks to deliver DVDs to customers.
Existing datacenters are there with more than enough capacity and he should only consider costs related to the production of content and server hosting/co-location costs. He doesn't need to worry about what it cost to build the facility, cool it, or anything else that's not in his own segment.
...Unless he's just trying to make a point that "It costs money to build datacenters with lots of disk drives that send and receive lots of data". That's kind of a no-brainer. But for people who produce content and need to leverage that infrastructure for distribution; it's painfully cheap.
Re: Re:
The problem really isn't with certificates. If anything, it's the manner in which the various organizations protect their CA's and intermediates. The process is too forgiving.
Exploiting these weaknesses is a problem that should have the blame placed on the CA, not the technology.
Re: Re:
My thoughts exactly.. Next time I'm in DC I need to make sure I eat there and "complete" my digestion cycle in the restaurant to make sure I'm not infringing on any of their IP.
(untitled comment)
I'm not sure what the problem is here.
Everyone should already know that you're not BUYING that meal at a restaurant, you're just licensing a single use of the meal. You have no first sale rights either, so don't even THINK about taking home a doggie bag!
Sharing? Forget it.. That's a violation of the license right there. If you order a plate of fries you can NOT share with a friend, that's outright theft!
These restaurants hire workers of all sorts. Think of the dishwashers?! If you share a plate of fries with a friend you are depriving the dishwasher of an extra dish to clean and thereby hurting the industry and their ability to employ workers....
Silly people.. When will you learn..
Re: Re: Re:
Thanks for the sanity check.
The whole sale/licensing/purchase/rental thing is just such a horrible mess, I feel like I should be consulting with my attorney before I make my next $0.99 music purchase. :)
(untitled comment)
I hate myself for saying this...
There's a lot of "they" in these scenarios. Who is they?
I don't buy my music from the major labels. I buy it from Google Music. Can it be a "sale" from the label to Google and then a license from Google to me with some of the license terms being dictated via contract between Google and the label?
Re: Re:
If big content could track their viewers and collect data in the same way to provide targeted advertising on TV, they would jump on it in a heartbeat.
Re:
You still have a choice to use Google and Facebook or seek other alternatives. You're not forced to use Chrome, Gmail, Google Search, or any of their other products if you don't like the "cost" of using them.
For many of us un-biased consumers; we LIKE their products and accept the cost of using them. It's certainly better AGREEING to use a product knowing that they are going to try and build a demographic profile of their users than not having a choice at all.
With some of the MPAA/RIAA legislation that has been proposed; I think you would have a greater concern that your ISP could be inclined to do the same sort of thing with ALL of your traffic, opt in or not, for the benefit of big content.
Interesting comments from the RIAA
I found this amusing on the RIAA site:
So they provide quotes that raise important points.. One of these "important points" that interested me was a quote from NY Times columnist David Pogue:Since the RIAA sees this as an important point, and the quote states that the "scare language" was just as flawed as the Congressional language that they opposed, can this be interpreted as the RIAA admitting that their own language proposed in SOPA/PIPA was flawed?Re:
Impossible! Those folks at Sandia National Laboratories must all be a bunch of thieving pirates!
(untitled comment)
It was an important day and I, for one, appreciated the coverage!
Re: Re: Re:
"Basically, if you misrepresent things, you can get more people on your side."
This strategy works great for the MPAA/RIAA. It is the cornerstone of everything they do in regards to new technology.
It explains the industry associations' scare mongering completely.
Re: Department of Redundancy Department
Was the ATM machine configured to run over an IP protocol network? That might have been the problem.
:)
I'm not sure how many people actually caught on to what you were doing. I got a good laugh though!
Re:
There's another point in all this as well;
DoS attacks and DDoS attacks are not the same. If this truly was a DISTRIBUTED DoS attack, the perp would likely have needed to gain control of a group of machines to collectively perform the attack. Did he have permission from all the machine owners to use their computers in such a way?