Tempes Fugit 's Techdirt Comments

Latest Comments (686) comment rss

  • On the post: After the German Pirate Party's String Of Successes, Here Comes The Backlash

    Tempes Fugit ( profile ), 11 May, 2012 @ 01:08pm

    Cluephone for Frauke Scheunemann

    The Pirate Credo, that ideas can't belong to only one person, is good news for people who don't have any ideas of their own. (Frauke Scheunemann.)

    I'm sure with your busy schedule it's probably just escaped your notice, but over the last 40 years or so, a lot of pretty smart people have been busily engaged in building a system for creating, publishing, sharing, modifying, debating, testing, using, remixing, and refining ideas. It works quite well -- so amazingly well, in fact, that even the people who've built it sometimes have to tilt their chairs back, stare at the ceiling, and contemplate the breadth and depth of the impact that it's had on human civilization -- oh, and on ideas.

    We call it "the Internet". You should check it out sometime.

  • On the post: Game Of Thrones On Track To Be Most Pirated Show Of 2012; Pirates Still Asking HBO For Legitimate Options

    Tempes Fugit ( profile ), 11 May, 2012 @ 06:42am

    If HBO put it up for 99 cents an episode

    With no DRM, no nonsense warnings, none of that -- they'd make a fortune.

  • On the post: It's Amazing The Lengths 'Music Supporters' Will Go To In Trying To Trash Success Stories

    Tempes Fugit ( profile ), 10 May, 2012 @ 04:42pm

    Furthermore, this whole theory seems to be based on the idea that fans "don't get anything" out of supporting artists they love. He seems to be at a complete loss as to why anyone would pay for anything if they weren't getting money back.

    Apparently he's unfamiliar with the concept of "supporting the arts", which some people do because it pleases them to support the arts. What Kickstarter and similar do is to make it possible for the overwhelming majority of us who can't write $50,000 checks to each kick in $5 and thus collectively support artists merely because we want to. Not because we're getting something, not because we think it's an investment that will yield a profit, not because we want control of the artist, but because we think they (like Amanda Fucking Palmer) are cool people doing cool things and we'd like them to be able to do more without having to sell out to parasites, I mean, record company executives. (My apologies to any actual parasites reading this for the negative comparison.)

  • On the post: CISPA Sponsor Warns Bill Is Needed Because China's Chinese Hackers From China Are Stealing All-American Secrets (China!)

    Tempes Fugit ( profile ), 07 May, 2012 @ 03:08pm

    One of the best ways to copy information...

    ...is not to copy it.

    It's to get someone else to copy it, and then copy it from them.

    This becomes even better if they don't need to be convinced, but willingly do so of their own volition. And better still if they pay for it.

    More directly: if I were working for foreign government X or foreign corporation Y, and my job was to acquire the secrets of American government and business, I would be all over this bill, doing everything I possibly could to get it passed. I'd probably leak some worthless "secrets" just to fan the flames of hysteria higher. I'd throw some money into fake grassroots efforts to support it. And so on.

    Because this (along the FBI push for backdoors, which I'd also whole-heartedly support) will help make my life much easier because it means more copies, and more copies means more opportunities. It also means more people with access, which increases the target surface for compromises, bribes, blackmail, etc.

    Perhaps this has already happened.

  • On the post: UK Gov't Considering Requiring A 'Porn License' If You Want To Look At Porn Online

    Tempes Fugit ( profile ), 07 May, 2012 @ 01:05pm

    New rule

    Whenever a politician says "we must do this for the children!", they really mean "we must do this...for me."

  • On the post: Here We Go Again: FBI Wants Backdoors To Snoop On Nearly All Internet Communications

    Tempes Fugit ( profile ), 07 May, 2012 @ 09:30am

    Which one of these will happen first?

    A. The FBI will lose the data, as in: FBI lost 160 laptops in the last 44 months. (Rhetorical questions; do you think that's the full extent of all of the laptops, pads, phones, USB sticks, external hard drives, CDs, DVDs, etc. lost by the FBI? Do you think that they've somehow magically stopped losing them? What percentage of these devices had unencrypted or poorly-encrypted data on them at the time they were lost?)

    B. FBI personnel will be caught browsing or trading or selling the data for purposes most definitely not related to investigations, as in: Cops Trolled Driver's License Database for Pic of Hot Colleague or TSA Worker Caught Downloading Child Pornography or Jose Salgado, TSA Agent, Arrested In Child Porn Crackdown.

    C. The FBI will outsource analysis to one of the many, MANY contractors who are eager to exploit the OMG!OMG!CYBERWAR hysteria by using "grep" to search for keywords and charging hundreds of millions of dollars for their services. These contractors will be quite thoroughly hacked by the first bored seventeen-year-old with an attitude, as in Stratfor Hacked, the data will be exfiltrated, and then put up for sale on the open market.

    D. The backdoors will be discovered after they've been inserted but well before the FBI gets around to using them. Their new owners, pleased with their acquisitions, will need to decide whether to use them to fully exploit the services where they're installed, whether to start feeding entirely bogus (fabricated) data to the FBI, or whether to just siphon off the data and, once again, put it up for sale on the open market. (Alternatively, they could just trawl through the data and look for blackmail material, then offer to keep the FBI from seeing it...for a price. Note that it's not necessary that such blackmail material actually exist: after all, it's easy enough to just make it up.) Perhaps a really clever intruder will work out how to use the backdoors to funnel malware to the FBI, which doesn't exactly have a history of executing IT projects well, see for example: FBI's Beleaguered Sentinel Project Delayed Again.

  • On the post: B&N Removes Magazine From Nook Store Due To Feature Article On 'Hacking'

    Tempes Fugit ( profile ), 04 May, 2012 @ 09:02am

    This leaves unanswered a number of questions. B&N claims that they did this in response to a "complaint": okay, who complained? What did they say? What was so significant about a SINGLE complaint that it triggered this action? Who (at B&N) made this decision? Has that person been fired?

  • On the post: Misguided Senators Propose Plan To Make It Harder For Law Enforcement To Track Down Human Trafficking Online

    Tempes Fugit ( profile ), 03 May, 2012 @ 04:13pm

    Re: Re: I agree...but also disgree- but what about victims of rape and domestic violence?

    Abso-fragging-lutely.

    We also need to engage in a massive amount of education, because there are still, despite decades of efforts, imbeciles walking around out there who spout nonsense like "...she shouldn't have dressed like that" and "...she shouldn't have gone there" and "...she has sex all the time" and "...she shouldn't have been alone with X" and so on -- all of which blame the victim, along with a side order of sexist shaming for (GASP!) actually being a woman.

    And that's not all. "Prison rape" is a punchline to many, but it's not a joke: it's an epidemic. But our society -- which imprisons far more people per capita than any other -- apparently figures that whatever happens to someone in prison is just fine: rape, beatings, doesn't matter. And then we wonder why people don't come out all magically reformed and better, and you know, just pick up where they left off.

    These (and more) would be useful places to apply our resources, financial and personnel and otherwise. But it won't happen. See comment in another thread earlier today for why. No, instead, women and men will continue to be raped in large numbers, perpetrators will pretty much get away with it, and the FBI will keep creating its very own terror plots in an expensive circle jerk...instead of actually solving actual crimes.

  • On the post: Misguided Senators Propose Plan To Make It Harder For Law Enforcement To Track Down Human Trafficking Online

    Tempes Fugit ( profile ), 03 May, 2012 @ 12:19pm

    Re: I agree...but also disgree

    Nobody's proposing doing "nothing". Clearly, investigation, followed by arrest/prosecution/trial/etc. should happen if the facts support that. But that's not what this resolution does.

    There is a frequent "we must do something!" pattern in many areas (including security, which is usually where I see it). It's damned hard to convince people that sometimes the most rational course of action is to do nothing. Marcus Ranum lists this as #6 on his list of The Six Dumbest Ideas in Security (brilliant rant, required reading for EVERYONE who works in the field) and neatly encapsulates the failure to stop making this mistake in An Utter Flop when he says:

    Information security's response to bitter failure, in any area of endeavour, is to try the same thing that didn't work - only harder.

    For example, there are still miserably stupid people on this planet who think that anti-virus software works (for a useful value of "works") despite decades of overwhelmingly convincing proof that it doesn't. (Of course, they're assisted in this belief by companies who want to sell them worthless, expensive snake-oil.)

    The same principle applies in politics, economics, and other fields as well. In this case: clearly, going into a moral panic and targeting Craigslist has had precisely zero effect on the problem. Now politicians are going to try the same thing that didn't work -- only harder. How do you think that'll work out?

    (Another contemporary example: enforced austerity measures in Spain are driving the country's economy into the ground. Quickly. The response? More austerity. Brilliant.)

  • On the post: Do We Really Want Intellectual Ventures And Disney 'Governing' The Internet?

    Tempes Fugit ( profile ), 02 May, 2012 @ 01:18pm

    They've got to be kidding

    I just read the list, and recognized one name -- Wendy Seltzer (whose blog is worth following, by the way). She's a lawyer and has done outstanding work on behalf of netizens.

    But I don't see any network engineers, system administrators, security researchers, software developers, RFC authors, academic researchers -- you know, the people who actually built and run and study the Internet. I do see quite a few bureaucrats, politicians, and industry insiders.

    So, ummm, no. In fact: hell no.

  • On the post: Fearmongering Around 'Cyber' Threats Puts Internet Openness At Risk

    Tempes Fugit ( profile ), 01 May, 2012 @ 12:37pm

    Re: Re: Re: Define Open:

    Agreed on all points, and let me add that one of the factors (for some companies/organizations) will be their need to comply with their country's data protection laws. I am not an attorney and this is not legal advice, but if I were, let's say, a university medical researcher based in Austria, it's not clear to me that I could comply with my country's laws while storing/processing data on a cloud system hosted in the US and subject to CISPA (or a CISPA-equivalent).

    Another factor will be the propensity of the US government to farm out data analysis to the pigs at the trough: defense contractors. And as we've seen (e.g., StratFor) some of these have no idea how to securely manage data entrusted to their care. So not only do we have to worry about what the US government and/or its employees will do with data, we have to worry about what corporations and their employees will do.

    This will provide yet another opportunity for the two favorite phrases in the lexicon of people who were repeatedly warned of dire consequences but forged ahead anyway: "nobody could have foreseen" and "we take this matter seriously".

  • On the post: Fearmongering Around 'Cyber' Threats Puts Internet Openness At Risk

    Tempes Fugit ( profile ), 01 May, 2012 @ 11:43am

    Re: Define Open:

    Speaking of cloud computing: if people are actually paying attention (which of course some aren't) CISPA, if passed, should do a pretty good job of killing it in the US.

    (Why? Because cloud computing providers are target #1 for the kind of massively intrusive data harvesting that CISPA enables. Amazon's cloud, for example, is responsible for about 1% of all Internet traffic -- which is an amazingly high number -- and therefore it's got to be at or near the top of the wishlist.)

  • On the post: Hulu Puts Gun To Own Head: May Require Users To Show Proof Of Pay TV Subscription

    Tempes Fugit ( profile ), 30 Apr, 2012 @ 03:39pm

    This announcement is Hulu's suicide note

    But there's a possible upside: here's a chance for Netflix to undo a good chunk of the damage it inflicted on itself last year. (Step 1: look at what Hulu did. Step 2: do the opposite. Step 3: Profit?)

  • On the post: Did CISPA Actually Get Better Before Passing? Not Really

    Tempes Fugit ( profile ), 28 Apr, 2012 @ 05:26am

    Re: Re:

    Many thanks, this is terrific and precisely what I was looking for! I owe you one. Maybe two.

  • On the post: Did CISPA Actually Get Better Before Passing? Not Really

    Tempes Fugit ( profile ), 27 Apr, 2012 @ 02:50pm

    [...] and Ruppersberger himself insisted that CISPA's sole purpose was allowing companies and the government to share "formulas, Xs and Os, the virus code". (I'm pretty sure he meant "1s and 0s", but what do you expect from someone who doesn't understand the thing he's trying to legislate?)

    Do you have a source for this quote from Ruppersberger?

  • On the post: Did CISPA Actually Get Better Before Passing? Not Really

    Tempes Fugit ( profile ), 27 Apr, 2012 @ 12:37pm

    There's a political angle to this as well

    Consider:

    House passes bill.
    Senate passes bill.
    President vetos bill.
    Something bad happens.
    GOP seizes opportunity for gotcha! moment in election year.

    Of course, "something bad" happens just about every day -- read the "Dataloss" mailing list. So it's not like anything particularly bad would need to turn up, and it's not like it would even have to be something covered by the bill. "Credit card company loses hard drive with 28 million customer accounts" would do just fine, because the computer-illiterate public will have no clue whether this had anything to do with CISPA.

    Here's the thing: the worse the bill is, the better it works for this, because the more pressure the President will be under not to sign it. So there is substantial motivation to load the bill up with as many due process violations, as many civil rights issues, and as much wildly unconstitutional language as possible: the idea isn't to get it signed, the idea is to get it vetoed, because then it can serve its purpose.

    Oh. One more thing. This is also why the House has studiously avoided asking anyone who has even half a clue about security to testify, and has instead focused on the OMG!OMG!CYBERWAR cheerleaders. There is no way that sanity and expertise can be allowed anywhere near this process because that might accidentally result in a better bill.

  • On the post: 'Almost Anybody Can Have An Idea' — Linus Torvalds

    Tempes Fugit ( profile ), 27 Apr, 2012 @ 07:58am

    Re: Re:

    Merely having a POSIX interface (as in API) doesn't make it a clone. That simply means that it complies with an interface specification, in the same way that (most) cars have a steering wheel, an accelerator on the right, a brake on the left, a speedometer in front, etc.

    There are rather a lot of things inside Linux that are substantially architecturally different than Unix. This isn't surprising: Linus & Company thought that they could do some things better/differently, and sometimes they were right. You're not going to see that on the surface, because, after all, the end-user environment (at the command line) looks pretty much the same whether you're on OpenBSD or Ubuntu or Solaris. But if you start reading the kernel code, or reading about the kernel code, then the differences become more visible. See, for example: Major Linux Vs UNIX Kernel Differences which talks about some of these.

  • On the post: 'Almost Anybody Can Have An Idea' — Linus Torvalds

    Tempes Fugit ( profile ), 27 Apr, 2012 @ 06:27am

    Re: Obligatory GNU/Linux comment

    I never call it GNU/Linux because it doesn't deserve to be. That's just Stallman's attempt to take credit for an idea that he announced in September 1983 (and yes, I have a copy of the original post to Usenet's net.unix-wizards and net.usoft) but which didn't get executed. (Well, not until recently.)

    Calling it that is like calling my car a Goodyear/Subaru, as if the tire vendor -- while certainly supplying a useful component of the vehicle -- was responsible for the overall design and engineering of the car. Linux would still be Linux even if all the GNU tools were discarded and replaced with any of the alternatives out there, just as my car would still be a Subaru if I switched to Michelin tires.

    The sad part is that Stallman has done so many other things, many of which I think are underappreciated, that I don't think there's any need to try to latch onto Linux. (In particular, his ardent support for free software has really opened a lot of minds and shifted the debate. I can't think of anyone else who's done more, and I also think that when this era is viewed in retrospect, it will become clear that he was way ahead of his time.)

  • On the post: 'Almost Anybody Can Have An Idea' — Linus Torvalds

    Tempes Fugit ( profile ), 27 Apr, 2012 @ 06:03am

    Re:

    I do not believe it is a correct statement to say Linux was/is a Unix clone. The term "clone" implies identical, which Linux is not. I have read from reliable sources that Linux was written from scratch, to claim it is a clone is simply wrong.

    It is...and it isn't.

    Linux uses many Unix concepts. Then again, so does Hurd. So does Plan 9. So does Solaris, AIX, HP-UX. So OpenBSD, FreeBSD, NetBSD, DragonflyBSD. So do...a lot of operating systems.

    Unix uses many Multics concepts. Then again, so do...

    Alright, you get the idea. The point is that many years of operating system research and implementation have resulted in a set of concepts that lots of people think are good ideas, for instance, the paradigm that "everything is a file". Linus, being a smart and clueful guy, built on top of all that and designed/built Linux to use the subset that he deemed suitable for his project. As it turns out, it's a fairly big subset, and that has proven to be a wise choice.

    Many of these operating systems also share naming conventions, commands, APIs, libraries, etc. Again, this is a wise choice.

    So Linux is and isn't a clone. On the surface, it's a Unix work-alike with shells and filesystems and an API and all that. Internally, it's got completely different code. You can, if you want, think of all of the Unix/Linux variants as different kinds of race cars: this one is a F1, that one is an Indy car, etc. They all have four wheels, an engine, exhaust, fuel tank, etc., they all do roughly similar things, and they share many technological features, but there are also many nuances that distinguish them.

    (Oh, Windows? 1974 Ford Pinto.)

    All this similarity is neither good nor bad: it just is. And it's worth noting that this was a project (like many) done out of necessity: recall that at the time, there was quite a bit of ruckus over who owned Unix, and it wasn't at all clear how that was going to be settled. Linus has remarked that if that situation hadn't existed, he probably wouldn't have written Linux: he would have just used Unix. So one of ironies of Linux is that it exists, in part, because of an IP dispute.

  • On the post: Can CISPA Be Fixed?

    Tempes Fugit ( profile ), 26 Apr, 2012 @ 12:55pm

    Re: Re:

    [...] but are people really looking at this from the point of view of a group of people (federal government leadership of the US) who feel personally vulnerable to death plots on a daily basis and who since 911 no longer feel this threat is theoretical?

    Anyone who feels that way is (a) an idiot and (b) a coward. They should be removed from public service immediately and permanently: they're simply not good enough to serve the citizens of the United States.

Next >>