Please try the URL privacy information feature enabled by clicking the flashlight icon above. This will reveal two icons after each link the body of the digest. The shield takes you to a breakdown of Terms of Service for the site - however only a small number of sites are covered at the moment. The flashlight take you to an analysis of the various trackers etc. that the linked site delivers. Please let the website maintainer know if you find this useful or not. As a RISKS reader, you will probably not be surprised by what is revealed…
Jessica Mintz, AP, 17 Jul 2007 Microsoft Copy Protection Cracked Again http://www.breitbart.com/article.php?id=2007-07-17_D8QEFI3O1 <http://www.breitbart.com/article.php?id=2007-07-17_D8QEFI3O1&show_article=1&cat=breaking> &show_article=1&cat=breaking Microsoft Corp. is once again on the defensive against hackers after the launch of a new program that gives average PC users tools to unlock copy-protected digital music and movies. The latest version of the FairUse4M program, which can crack Microsoft's digital rights management system for Windows Media audio and video files, was published online late Friday. In the past year, Microsoft plugged holes exploited by two earlier versions of the program and filed a federal lawsuit against its anonymous authors. Microsoft dropped the lawsuit after failing to identify them. The third version of FairUse4M has a simple drag-and-drop interface. PC users can turn the protected music files they bought online-either a la carte or as part of a subscription service like Napster-and turn them into DRM-free tunes that can be copied and shared at will, or turned into MP3 files that can play on any type of digital music player. Like an arms race, the DRM folks are spending a lot of cycles on a failing paradigm. Like putting lipstick on the proverbial pig, it annoys their paying customers and is pretty ugly! Some of my biggest irritations, in my computing career, have been at the hands of "copy protection". Couple that with bad, or non-existent, support and you have the seeds of a revolt. I now don't buy content online — music or other kinds — if it has copy protection. I have a lot of expensive 8 tracks, cassettes, and cds of "content" that are unusable. Add to that "software", which has stopped working, stopped being supported, or otherwise orphaned. My most recent experience was with MusicMatch JukeBox being acquired by Yahoo and forced to "upgrade". This was one of my last purchases, excuse me "licensing" — what "barbara streisand"!! — before my new policy of "no more". "No more" locked content. "No more" buying software, excuse me licensing it, from vendors who are one step below used car salesmen. "No more" operating systems that require "activation" and have "self-help" provisions. I look to the open source software makers and happily "donate" to their projects. I'm calling out the content makers, "software" licensors, and the entire Microsoft empire as the hucksters they are. At least the snake oil sales men of yesteryear didn't try and make you "license" the bottle! A plague on all their houses. Imagine how I'll be when I get old and crotchety! Ferdinand J. Reinke, Kendall Park, NJ 08824 http://www.reinke.cc/ blog http://www.reinkefaceslife.com/ http://www.reinkefaceslife.com/
On 17 Jan 2007 I suffered a very similar incident. I had accepted Microsoft's regular automatic updates to Windows XP without problem for some time. On this occasion, it did a massive update taking over an hour, and I saw that my system had been upgraded from Service Pack 1 (SP1) to SP2. When I rebooted as instructed so that the upgrade could take effect, the reboot failed. To overcome this I had to re-install Windows XP at SP1 level from the issue disk, and then recover various other facilities such as my broadband wireless connection. It took me until the end of January before I had a satisfactorily working system again (at SP1). I have disabled automatic updating. I kept detailed notes of the problem and how I overcame it, in case anyone is interested in a blow-by-blow account. Peter Mellor; Mobile: 07914 045072; email: MellorPeter@aol.com Telephone and Fax: +44 (0)20 8459 7669
> PGN: As I understand it, the following is true: the FIFTH computer is not > fully functional — it is intended to have just enough programming to land > the shuttle in the event that the four main computers all fail. Testing > it safely under live conditions where the first four computers are > inoperable is essentially undesirable, if not practically impossible. The > fifth system has never been invoked. Mostly true, but it has been tested extensively in simulation. (It actually has both Ascent & entry functions - just no orbital functions. It can get you to orbit, just not do anything there but bring you home.) > PGN: "Worse yet, it has most likely not been maintained for compatibility > with the other four. " This is Flat Wrong. EVERY change to Shuttle software is evaluated for both PASS (primary Software) and BFS (Backup) impacts. It is maintained to EXACTLY the same standards as the PASS. (Though now, by just a different workgroup, not a whole different company.) Marc Passy, Former NASA Flight Controller [Marc, TNX for that. I appreciate your expert view. However, "tested extensively in simulation" strikes my formal-methods funny-bone rather oddly, given all the risks of what might be called `proof by simulation'. But I am glad to hear that PASS/BFS incompatibilities are not a problem. PGN]
I've seen too many people dismiss errors that occur only once in 10^9 or even in 10^12 events. These seem like very small probabilities, which most people would suggest are acceptable error rates. However, with today's video files growing to 100 or 1000 gigabytes (hidef 10 MByte/sec for 10,000 secs = 100 GBytes), we now are facing even chances of errors *on every single video file*. If such an error occurs in the portion of the file which indicates its structure, one can easily lose substantial fractions of the entire file. Another way to think about this problem is the following thought experiment, which was prompted by the "branch prediction" capability of today's microprocessors. Program a loop to execute 10^12 times, which is feasible on today's processors. Since the probability of exiting the loop is 10^-12, and therefore negligible, we can dispense with the exit test entirely and replace the loop with an infinite loop. QED
> The National Oceanic and Atmospheric Administration chief has said written
> that the anticipated failure of QuikScat ("an aging weather satellite
> crucial to accurate predictions on the intensity and path of hurricanes",
> launched in 1999 and designed to last only a few years) could add
> uncertainty to forecasts and broaden the areas over which hurricane
> warnings and watches would have to be invoked.
For the record, Bill Proenza, the "chief" referred to above, has now been
replaced, in no small part because of his public statements about the
QuickScat risk.
Much of the staff at the NOAA's hurricane center disagreed with Proenza
about the risk, and they were concerned that his the-sky-is-falling message
might prompt Congress not to budget more money to replace QuickScat, but
rather to take money from other parts of the NOAA budget which the staff
felt were more important.
They first attempted to air their concerns privately. When that failed to
have any effect, they published a letter, signed by 23 of the center's 50
employees, demanding his ouster. A quote from the letter: "The center needs
a new director, and, with the heart of the hurricane season fast
approaching, urges the Department of Commerce to make this happen as quickly
as possible. The effective functioning of the National Hurricane Center is
at stake."
Jonathan Kamens, IT Manager / Principal Engineer, Tamale Software
320 Congress Street, Boston, MA 02210 1-617-261-0264 ext. 133
> "Perhaps someone familiar with the Eurofighter could supply some > authoritative information" Eurofighter Typhoon has no automatic initiation of the Escape System other than linking the front and rear cockpits in the two seat variant, but even in this case the escape system has to be initiated by the aircrew. Regarding the initiation of the escape system in Gripen allegedly by the anti-g suit, I find this highly unlikely. The Gripen uses the Martin-Baker Mk10 ejection seat, you can see some details here: http://www.martin-baker.com/Products/Ejection-Seats/Mk--10.aspx The picture clearly shows the firing handle. In order to initiate the ejection the handle must be pulled to release it from its retaining bracket; on the Mk10 seat this will require a force of at least 15 pounds and then the handle must be pulled further (probably around one inch) whilst maintaining a force of at least 15 pounds. You can see that the seat firing handle sits very close to what Monty Python referred to as "the naughty bits". Inflation of the anti-g trousers, if they contact the firing handle, is likely to impart force on either side of the handle in a sideways direction but none (or very little) in the upwards direction that is necessary to fire the system. The handle itself is flexible and can be deformed; it's like stiff wire, so if the anti-g suit is responsible then it must impart at least 15 pounds of force upwards after deforming the handle and move the handle at least one inch. Something which I really can't see happening. Typhoon uses the Martin-Baker Mk16A seat which, in terms of how the aircrew operate the escape system, is very similar to the Mk10 except that at least 30 pounds of force is needed to lift the handle. To date there have been no un-commanded ejections from Typhoon. Interestingly enough, looking at the Martin-Baker web-site the F35 Lightning II (JSF) uses a Mk16E seat which does have an auto initiate capability though I have no idea what conditions would activate this.
Jurik apparently misunderstood a key premise in my public thinking on this subject, e.g.: http://lauren.vortex.com/archive/000253.html http://lauren.vortex.com/archive/000254.html In particular, I have *not* suggested an "on-demand" system for search engine results dispute notifications. Rather: a) First line application would always be the legal system. b) A third-party "independent entity" — whether a formal organization or a distributed, virtual construct, would evaluate disputes that could not be directed to the legal system. c) Only *very serious* attacks — mainly against individuals (at the level of defamation, for example) — would be considered for dispute link resolution. d) Displayed dispute links would be ignored for the purposes of search engine page ranking calculations. e) Dispute links would simply point to a location for more information about the particular situation — they would not themselves provide detailed information about the dispute. In other words, this would definitely not be an "on demand" system. Fundamentally, I want to make sure that there is recourse for people like a woman featured on CNN recently. She has been mercilessly harassed by a fellow with vicious false Web pages. She obtained a court judgment against him, but he fled the country and his sites are now beyond the reach of a U.S. takedown order. Naturally, search engines continue to steer traffic to his defaming sites, without any indication that something could be "wrong" about those pages, or that a U.S. court has ruled against them. The damage to the targeted woman continues. I am unwilling to accept the concept that there must be no mechanism to warn of very serious disputes, simply because there are many disputes that do not rise to the level appropriate for such dispute link notifications. Lauren Weinstein lauren@vortex.com or lauren@pfir.org +1 (818) 225-2800 http://www.pfir.org/lauren http://www.pfir.org http://lauren.vortex.com
> I offer this more in the spirit of a 'straw man' since there must be an > obvious rejoinder which unfortunately this morning I just can't see. Allow me to try :-) > This is not a route available to the bogus site owner [B] who does not > have the same peer network as I do. I suspect that, since she is prepared to spoof your site, she is probably also prepared to contact C and D - or rather, the interns or minimum-wager McJobbers who maintain C and D's links pages - probably even before you notice that B is spoofing you. (By getting her retaliation in first, she will have established a useful bit of psychological legitimacy too. A few years ago, some friends of mine had problems with noisy, antisocial neighbours. The first thing the neighbours did when they moved into their house - before turning up the volume on the hi-fi, banging on the walls, etc - was to call the police and complain that their neighbours (my friends) were harassing them from day one. As a result, it took months and several independent depositions (fortunately, there were other neighbours) before it was realised who were the real troublemakers.) > It will be in the best interests of [C], [D]... to assist me in this as > they themselves may one day come under attack in this way. In addition to the "intern" consideration above, this also assumes that the people who make policy at C and D have the time and the inclination to make the world a better place by signing up to a social movement which promises them some potential future benefit, without any guarantees. I suspect that this will not find much space in their timetable between the modern Holy Trinity (budget, deadline, and quality plan). Nick Brown, Strasbourg, France.
> ... individuals who feel defamed by slanderous web sites just need to > copyright or otherwise classify that information about themselves as > intellectual property, and then issue a DMCA take-down order. :-) I know this was intended as a joke, but Crispin get the details wrong, make it slightly less funny and muddying an already confusing issue. * You can't copyright "information about themselves" Facts are not copyrightable. You can only copyright something fixed in material form. If you had written something and they had copied it verbatim, that *might* be infringing. * "or otherwise classify...as intellectual property" The DMCA only applies to copyrighted works, not to trademarked or patented items. As for the real world, well, you could probably get away with it, because experience shows DMCA take-down notices are rarely verified.
Please report problems with the web pages to the maintainer