That's only half the solution though. Everyone seems to conveniently forget the gaping security hole introduced by arguably the most popular FOSS encryption library, OpenSSL.
The other half is to take at least some of that money your company would have spent on the proprietary software and donate it to the FOSS tools you are using.
It doesn't have to be a cash donation (in case the project doesn't really have a project manager in charge of financials, like, say, OpenSSL); offer to pay a developer's salary. Offer to pay for infrastructure and set it up.
For some projects, a year of salary or infrastructure might still be cheaper than licenses. For others you could band together with a few other companies and form a joint subsidiary (or whatever) and pool your money.
Not so fast. It's like this. You have the right to blow the whistle to the public on crimes committed by the government, and you should take responsibility for the repercussions of that by spending 9 months in solitary confinement before being placed in prison for 35 years.
at least I *think* that's what aglynn is trying to say....
Hello Cory Doctorow. Once again we have an excellent example of how people really don't understand modern technology. I don't have a phone in my pocket, I have a general purpose computer that happens to have a phone application running on it. Does this mean that encrypted-by-default laptops would be illegal? how about desktops? What if your company issues you one? What if you take a pocket sized super-computer and plug it into a full size keyboard and screen? Car GPS computers? Car radios? Your home cable modem?
We are increasingly surrounded by more and more of these "other such devices", pretty soon that's all we will have. Arguing that law enforcement has a right to snoop in every piece of technology I own without a warrant is abhorrent.
Re: Re: This is why we should Encrypt All The Things
this fight is arguably easier tho. it is harder for many people to justify sharing copies of movies that they didn't pay for; it is not nearly as hard as saying "i encrypt all my emails just because". sure, it might be weird, but it's not immoral by almost anyone's definition. one has a moral stigma whether or not everyone does it, like masturbation; the other doesn't.
I smell another word play buried in this line of thought. On the one hand we have "expect" as the assumed state of affairs (e.g.: I expect that it will be cold this winter - I consider it likely). On the other we have the definition that the government is using for "expect" as in what is demanded or required (e.g.: I expect this to be taken seriously - I demand no less).
So we can both be right at the same time. I can expect privacy, and I cannot expect privacy.
I reject your connotations, and substitute my own. I demand my privacy; unfortunately I assume that my government is violating it.
> Instead of making the content available via multiple platforms to inspire competition and better services they chose to block the content from people who are doing it right....
It comes down to a fear that the new tech will cannibalize the existing revenue stream because it provides an alternate. Which is true, it would, in the short term. Even if it would generate massively more revenue in the long run, that doesn't do anything to pad this quarter's earnings statement. I'm pretty sure NetFlix wasn't profitable on day 1. So to satisfy the need to always grow profits in the short term, they will only look at things that immediately add more money to their pockets without shrinking revenue any where else (similar short term thinking was demonstrated by the Verizon FiOS buildout and stall circa 2008).
a rep from the MPAA.... said [to me]: "When you buy a movie to watch in your living room, we're only selling you the right to see it in your living room. Sending the same show upstairs to watch in your bedroom has value, and if it has value, we should be able to charge money for it."
... to say we have no expectation of privacy in the business records created by our phone usage is to say we have no expectation of privacy in the billing records created by our family doctor visits, or the administrative records from our library patronage.
I've pointed this out before; we can do better with the encryption. We can use Shamir's Secret Sharing Scheme to split the encryption key into 3 parts and require any 2 to decrypt. Distribute them to a judge, the police department head, and a third party (ALCU or something similar), encrypt it with the recipient's public key (so the recipient has to use a personally assigned private key to decrypt it), and require any 2 to obtain the video encryption key. Now illegal or unethical review of the video requires the collusion of two people, not just one loose cannon.
The only technological weak spot now is preventing the video encryption service from leaking the key before it is wiped (unique key per video). One solution to that is to use public key cryptography so the video encryption service only ever has half the key - the other half is distributed beforehand. The only problem with that is you cannot use a separate key for each video, so one order to unlock one video exposes the key and can be used on any other video.
But either solution is better than nothing, and definitely much better than entrusting the key(s) to any one entity.
You do raise a good point about giving the police a tool to review and correct mistakes, but they already have other ways to do this, and I'm not sure how serious they are about using videos to train.