Kal Zekdor’s Techdirt Profile


About Kal Zekdor

Kal Zekdor’s Comments comment rss

  • Sep 2nd, 2015 @ 6:59am


    *GASP* *SHOCK*
    Windows no longer has built-in solitaire? THE HORROR! The world as we know it will surely come grinding to a halt without this critical OS feature.

  • Aug 19th, 2015 @ 11:35am

    Re: Re: Re: Re: Re: Re: Re: Re: Re:

    The registries/registrars would not be enjoined, but they would be bound by the injunction against Movietube (assuming they have actual notice and are aiding Movietube). The court can order Movietube or those bound by the injunction to take action concerning Movietube's property, such as its domain names. But just because these third parties can be bound by the injunction, that doesn't mean they were enjoined.

    If that's the case, why did the MPAA back off from the injunction?

  • Aug 19th, 2015 @ 11:31am

    Re: Re: Re: Re: Re: @ "killing off the service"

    That is very much a valid concern. Especially if injunctions are used punitively (which is not what their purpose is), or abused. I just don't think it's as black and white as preliminary injunctions being inherently wrong.

    Using a court to destroy a company you don't like without a finding of guilt is undoubtedly something that needs to be prevented, but, as usual, things are never that simple.

  • Aug 18th, 2015 @ 4:20pm

    Re: Re: Re: Re: Re: Re: Re:

    That the Registries and/or Registrars be required to transfer the domain names associated with Defendants’ MovieTube Websites, or any subset of these domain names specified by Plaintiffs, to a registrar to be appointed by Plaintiffs to re-register the domain names in respective Plaintiffs’ names and under Plaintiffs’ respective ownership.

    How is that an injunction against MovieTube? That is neither ordering MovieTube to transfer the registration (which would be fine), nor is it a notice to a third-party to cease assistance to an enjoined act. It is very clearly an (attempted) injunction against a third party.

    Don't the DMCA safe harbor provisions declare that providing said services to an entity who uses them for illegal purposes is not considered criminal facilitation? If they would be allowed to continue to provide service if named as defendants, why is the bar suddenly lowered when they are third parties?

  • Aug 18th, 2015 @ 2:36pm

    Re: Re: Re: Re: @ "killing off the service"

    Thanks to Karl for pointing out that, even if the MPAA were so inclined to name Google et al as defendants in the suit, they would be protected by DMCA safe harbor provisions. That slipped by me, (IANAL, remember?).

    My above post still stands, though. There's nothing wrong with a judge declaring a preliminary injunction against MovieTube itself.

  • Aug 18th, 2015 @ 9:16am

    Re: Re: Re: @ "killing off the service"

    I'm not sure that I agree with this. In cases of clear or egregious wrongdoing, a judge is perfectly within their rights, (though, IANAL), to grant preliminary injunctive relief while the case proceeds. A few caveats, though:

    First, a preliminary injunction is not an assumption of guilt, and should not be treated as such. It merely means that, if granted, in the court's opinion, ongoing operations by the defendant will result in significant further damages to the plaintiff. Whether defendant is liable for said damages, or was criminal in causing them, is neither implied nor contraindicated.

    Second, such preliminary injunctions must not be rubber stamped. They must be assessed on a case-by-case basis, and, if granted, only after significant deliberation.

    Further, should the court rule for the defendant, they are entitled to remuneration for any lost profits stemming from the injunction. (Though, again, IANAL. They may need to counter-sue. If so, the law should be changed.)

    Finally, under NO circumstances should an injunctive action be levied against any entity which is not a named defendant, as the MPAA tried here. Not only are such things prima facie foolishness, but the deeper concerns at play are very unsettling. If you seek preliminary injunctive relief against an entity, then name them as a defendant in your suit. Importantly, this provides said entity opportunity to present arguments against the injunction beforehand, rather than the court taking unilateral action.

    Of course, the MPAA did not name Google et al as defendants, because accusing them of wrongdoing in this matter is an indefensible position. If they had the slightest case against "Goliath", can anyone honestly tell themselves that they wouldn't have pursued it with abandon?

    They do, however, have a case against MovieTube. They have a reasonable argument for a judge to grant a preliminary injunction against MovieTube, ordering cessation of operations pending the result of the case. They do not have anything approaching a reasonable argument for seeking injunctive action against entities who are not accused of wrongdoing.

  • Aug 15th, 2015 @ 10:37pm

    Why is the CEO of a major corporation throwing a tantrum?

    If he really wanted people to take him and his company seriously, maybe he shouldn't be acting like a spoiled 5-year old after losing a game. Google and Facebook, regardless of what you may personally think of their products and policies, are hugely successful companies. So, seeing these new upstarts muscling on on big media's historic territory, what does Thomson do? Does he attempt to figure out how to make a better service to out-compete? No, he whines and rants and curses, then wonders why people stop listening to him, and more and more of his customers turn to other options. He is a joke.

    Side note: What's with his obsession with LinkedIn? Is he cyber-stalking more successful CEOs or something, wallowing in envy?

  • Aug 3rd, 2015 @ 5:29pm

    I still have that data...

    The lawsuit Netflix settled featured one key difference: in that case, rental information -- in the form of "anonymized data" -- was released to third parties working on better suggestion algorithms in hopes of winning $1 million.

    Huh. I actually participated in that contest. Did fairly well, I had ~82% accuracy on the test set. Not bad for a college kid at the time, though of course the winner was some big lab. My biggest problem was a lack of compute power. Had to rewrite my algorithm to use aggressive disk caching, 'cause the 6gb of RAM on my server wasn't nearly enough. Slowed the whole thing to a crawl, so that even the smaller training set took like 12 hours to process. This was, of course, before SSDs were economically feasible.

    I'm pretty sure that I still have a copy of that data lying around.

  • Jul 22nd, 2015 @ 7:30pm

    Re: aND IN 1980

    Smart phones and PADS are 10-100 orders of magnitude as much power, in your hand.


  • May 31st, 2015 @ 4:37am

    Re: Re:

    Ehhh, I guess I half agree with you. While that specific piece was certainly a low-point for Ars (though it was an Op-Ed by a single author, if that makes a difference), it was also fairly thoroughly and uniformly blasted by the readers. None of which were banned for doing so.

    [Side note: Do I want to know what a bronie (brony?) is?]

  • May 31st, 2015 @ 4:15am


    I can't say that I hate chocolate, but I certainly dislike it, as well as anything sweet. Chocolate isn't sweet enough to make me hate it, and dark chocolate's not bad in small quantities (the more bitter, the better). Though, I saw a friend eat a Cadbury Creme Egg a few months ago, and nearly vomited as a result... How can people stand that? Yet, somehow, I'm the odd one...

  • May 29th, 2015 @ 5:40pm

    Re: Re: Re:

    A couple of things... Minor errors? Really? A complete misunderstanding of the material at hand, and publishing an article that is effectively disinformation is a minor error?

    Techdirt has made mistakes of this magnitude in the past. (They usually post corrections, but you're correct, that's neither here nor there.) This does not invalidate the claim that faulty reporting will lead to a loss in readership. There were a few instances in which techdirt nearly lost me as a reader due to blatant errors that invalidated the entire article.

    This article isn't about bashing the other news sites for getting it wrong (at least, not primarily, it does feel like Techdirt is gloating a bit, which is not cool given that they have made similar mistakes), but informing the readers, whp may also be readers of one of the other sites, that the information reported therein was not accurate, and to stop the spread of disinformation.

  • May 28th, 2015 @ 2:55am

    Re: Re: Re: Re: Real vs Virtual

    Virtual objects are not objects, they are virtual.

    Sigh... Nine years later and people are still spouting this nonsense.

    If I flipped a couple of virtual ones and zeroes around and emptied your bank account, would you still claim that nothing was stolen from you? Or do you really believe that your money is just sitting in big vault somewhere? Ownership is a far more complicated concept than whatever physical items you can lay your hands on. Many aspects of ownership are "virtual", beyond just the obvious. Ownership of copyright, of land, of debt. These are all virtual concepts, yet they govern most aspects of our lives. This is not something new, the frameworks of virtual ownership have been around, in one form or another, for centuries.

    Shrugging all of this off as "virtual, and hence meaningless", is... short-sighted.

  • May 22nd, 2015 @ 10:15am

    Re: Re: Re: Re:

    I don't think you know what a CA does...

    The CA does not create or provide Certificates, they merely sign them so they are "trusted".

    This has little to do with the actual encryption between a TLS enabled client and server. There are at least three legs here (more if you have a web of trust instead of a single trust authority): the client, the server, and the CA. Each of these points have their own private/public key pairs. Data to the client is encrypted using the server's private key, which the CA most certainly does not have.

    If the CA were compromised by an attacker, they still couldn't decrypt communication between client and server. However, if the attacker was able to intercept traffic as a MitM, what they could do would be impersonate the server using the compromised CA. That way they wouldn't need to break the encryption, since the client is encrypting the traffic so that the MitM can decrypt it, thinking that they're talking to the server.

    Blaming third-parties for not disobeying government orders is a red herring, anyway. The government should not be allowed to issue such orders. Period.

  • May 20th, 2015 @ 4:22pm

    Theft of IP

    Just wanted to point out that it is possible to steal IP, and in context it's what Kerry was talking about. When you break or hack in to obtain confidential information that you aren't allowed access to (and possibly destroying or corrupting the original), that is most certainly theft.

    When you distribute information that you obtained legally without permission and against Copyright laws, such as sharing a movie online, that is infringement, not theft. Corporate espionage falls under a different label than infringing.

    The concepts, of course, are not mutually exclusive. The use of the stolen IP, such as by putting out a competing product based on the IP, is, once again, infringement.

    That bit of pedantism aside, this was a great article.

    TL;DR: Illegally obtaining confidential IP is theft; illegally using IP (secret or not) is infringement.

  • May 19th, 2015 @ 7:48pm

    Ion Thrusters

    Ion Thrusters are interesting, but they're not a purely electric propulsion medium. They still rely on a propellant, xenon usually, which is expelled at high speeds. They're much more fuel efficient than chemical propellants, but they still need to carry fuel, which limits the usefulness for deep space exploration. They also tend to generate very low thrust, but by the time that we really need better thrusters that might no longer be true.

    That EM drive, though.... I really hope that it's not just a mistake, and it does operate the way people think.

  • May 17th, 2015 @ 11:47am

    Re: Re: Running a CA

    Interesting, I had no idea that someone had considered the idea enough to put together an RFC on it. Thanks for the information.

    I'm not surprised that there hasn't been much interest in it, though.

  • May 16th, 2015 @ 8:45pm

    Re: Re: Re: Re: Troublesome certificates...

    They could do that; as an ISP they could intercept any https requests, and act as a MitM proxy, decrypting and re-encrypting traffic in both directions. That would be troublesome if https was only about encryption. What they would not be able to do would be perfectly disguise the traffic as coming from the original source. They would need to automatically create certs for each site that a user requests. They could make these certs appear to be from the site in question, maybe even well enough to fool the browser, but they would not be identical to the certs provided by the site, and they would all be able to traced back to a single CA. When every https site in the world is suddenly using the same CA... Well, let's just say people will notice, and there will be an uproar. See the Lenovo/Superfish fiasco.

    This type of MitM attack is untenable on a wide scale, particularly if you need to keep it quiet. Targeted attacks on less savvy individuals, however...

  • May 16th, 2015 @ 4:42am

    Running a CA

    For anyone who is worried that using https will require trusting a third-party, there is a way around that. It's not all that difficult to run a CA yourself, many Enterprises do so for encrypting internal web applications. Certs usually cost money not because of some technical cost of encryption, but because of the man-hours that are required for the CA to verify that you are who you claim to be. You can cut out the middle man by running your own CA (you implicitly trust you, right?). The downside is that the certs you create won't be trusted by default (and the hoops you would have to jump through to do so are... untenable). Clients would need to install your root cert onto their machine, which is easy to do, and then any certs you create are trusted.

    If that's too much to worry about, you can always forgo a CA entirely and use self-signed certs. No one will be able to trust them, but it's the easiest way to get encryption running. The problem with https/ssl is it's playing double duty as data encryption and identity verification. Providing encryption is cheap and easy, and solves most (though not all) of the concerns about modern web browsing. Unfortunately, encryption is caught up in identity verification/trust authority, which is difficult and expensive (though progress is being made on that front by EFF/Cloudflare/others). I'd love to see a protocol somewhere between http and https, that negotiates and encrypts traffic, but doesn't rely on a trust framework. It obviously wouldn't be as secure as https (MitM attacks would be much easier), so https would still need to be used for things like ecommerce, but it would be much better than http, and without the costs/difficulties of https.

  • Apr 30th, 2015 @ 1:18pm


    Not the only one, no. Plenty of folks are mildly disinterested in the game even though they completely understand it. Myself, beyond interest in the world building algorithms and the possibilities of the in-game logic circuits (though the former is less about playing the game than it is interest in the mechanics, and there are better examples than Minecraft of the latter, e.g., Little Big Planet, Space Engineers), I find it rather dull.

    That said, I completely understand why so many people enjoy it. The best analogy really is an endless set of legos; Minecraft allows for an enormous amount of creative expression. But, then, I never did enjoy legos as a kid. They always felt... pointless. Instead, I spent weekends and holidays building complex engineering feats (for a kid, anyway) out of K'nex. Less about making pretty structures than seeing what you could build, struggling against gravity, structural stability, load distribution (I think I figured out the awesomeness of the lowly triangle at about 6 or 7), etc. Throw some motors in the mix, and things start to get really fun. I remember spending a lot of time messing with a remote control motor, building various vehicles.

    I guess I'm trying to explain that I'm creative, but not artistic, and that I that I think Minecraft appeals to those with an artistic tendency. Since allowing kids to explore their artistic side is laudable, I have a hard time understanding why anyone with a touch of sense would think Minecraft is bad for kids.

More comments from Kal Zekdor >>