Laptop recommendations
I want to get a laptop, but I'd like to refrain from paying for a proprietary operating system. Can anyone recommend a laptop that's available in some configuration without a proprietary OS?
I want to get a laptop, but I'd like to refrain from paying for a proprietary operating system. Can anyone recommend a laptop that's available in some configuration without a proprietary OS?
In talking recently about inclusive and exclusive or, I realized that the ambiguity about which kind of or is meant is often resolved in English through intonation.
For example, in Latin we could say
Ad cauponam imus; visne aliquid edere aut bibere?
(We are going to a restaurant; would you like to eat or drink something?) or
Ad cauponam imus; visne aliquid edere vel bibere?
(We are going to a restaurant; would you like to eat or drink something?). The distinction is that the first version assumes that eating and drinking something are exclusive and is asking which the listener would like to do -- would you like to eat something, or would you rather drink something instead? The second version allows for the possibility that both are true -- would you like to eat something, drink something, or both?
English has only one conjunction "or", but it has intonations that seem to convey pretty reliably whether it is used in an inclusive or exclusive sense. I'm not sure how to transcribe them here, but when I said them one after another, people understood which was which.
That means that English is less ambiguous than I'd thought. In general perhaps programmers' concerns about English being unlike formal logic are often dealt with -- at least in spoken English -- through intonations. For example, Latin also has "num" and "nonne" (or just -ne, kind of like the Portuguese né? or the Canadian English eh?, except that you can attach it to more places in the sentence), which indicate which answer to a yes-or-not question is expected.
Num soles carnem edere?
(You don't eat meat, do you?)
Solesne carnem edere? Nonne soles carnem edere?
(You eat meat, don't you?)
Although English does have ways of expressing this distinction, a lot of English questions don't seem to use a word that makes it explicit -- but intonations are available that can serve that role. And in speech, at least, those intonations can also serve to address the programmer's concern about double negation (which leads to the intution that "do you live here?" and "don't you live here?" ought to have opposite answers).
I've been very busy since the end of December and haven't had much time to write about all of it. The highlights were that I went to Petaluma, went to a wedding, went to Las Vegas, had visits from my sister and my friend Josh, went to Los Angeles, and then went to Boston. At the end of this week I'm going to Geneva. All of this will have happened in under a month's time, and will have involved ten flight segments and eight airports. (I still haven't written here, I think, about my previous trip to Los Angeles and my personal record for diversity of intermodal transportation in a single day -- or maybe I have, and I've forgotten about it.)
At the end of December I went to a special Cena Latina in Petaluma to meet Cletus Pavanetto, sometime head of Latin at the Vatican and now head of the Vatican's Latinitas Foundation. It was his first time in the United States and was a very special event for everyone concerned. (Cletus was also the teacher of Nancy "Annula" Llewelynn, ringleader of much spoken Latin activity, including SALVI and the Rusticationes Californianae.)
One remarkable thing was that it was the first time I had ever used Latin to communicate with someone who is not also a fluent English speaker. (Cletus's native language is Italian, and he's worked at the Vatican for decades, mainly visiting other European countries.) I've used Latin to communicate with dozens of people, but every one of them previously was more comfortable in English than in Latin. It was a rare and remarkable thing to find a situation in which Latin was actually the most useful and practical means of communication available. Primo Levi had this experience as a displaced person seeking help from a priest, but it seems rare enough to be notable. (In fact, Primo Levi's experience is the only other case I can think of at the moment, and it happened to him half a century ago.) Perhaps it will happen to me again in my lifetime.
During the two-day extended Cena, we had a lot of festivity and visited a winery with a magnificent library, and celebrated Cletus Pavanetto's birthday as well as his first visit to the U.S. He was very funny and certainly gave me and others a hard time with puns and riddles. I remember getting into a long discussion about a fake apple and the question about the existence of a good apple, bad apple, good real apple, good fake apple, bad real apple, and bad fake apple (bonum malum, malum malum, bonum malum falsum, bonum malum verum, malum malum verum, and malum malum falsum). Cletus also asked me what was meant to be a riddle:
Estne peccatum, patrem suum occidere?
(Is it a sin to kill your father?)
I answered "est" (it is) or perhaps "videtur" (apparently).
Cletus laughed and said I was wrong and asked me why. I told him I couldn't think of any reason why it wouldn't be a sin to kill your father. He said: "non est pater tuus, est pater porcorum -- sus, suis". (It isn't your father, it's some pigs' father.) Using a slightly strained theory of the word "sus" (pig), the sentence has a lexical ambiguity and can be read
Estne peccatum, patrem suum occidere?
(Is it a sin to kill the father of some pigs?)
So I answered "etiam" (that too; even so). Which perhaps spoils the punchline.
"Quid! num holerarius es!" (Don't tell me you're a vegetarian!)
And then I had to try to discourse in Latin on the distinction between Genesis 1:29 and Genesis 9:2-3, which I think I might find shaky ground for vegetarian advocacy even in English, so I didn't get far.
When after several hours of Latin dining I told Cletus that I was a little sleepy because I had been up late the night before writing some letters, he asked me why I hadn't written him one. I told him that I hadn't written him a letter because I hadn't known his address.
So he told me he would give me his address and expect a letter. I started to look for a pen and paper to write it down, and he stopped me and said: "Brevissima est. Audi. Cletus, Città del Vaticano."
Now I have the pleasure of knowing Ian Goldberg, who has the valid e-mail address <n@ai>, and Cletus Pavanetto, who has the valid postal address "Cletus, Vatican City". Now that's what I call a short address.
In addition to his distinguished career in Latin for the Catholic Church, Cletus is the author of a thorough modern Latin grammar in Latin (Elementa linguae et grammaticae latinae), which means he has the further right to be called grammaticus, in my experience a uniquely respected title in Latinity to this day.
In Las Vegas just after the new year for the HDTV Business Conference, I found once again that I always enjoy visiting Las Vegas even though I might not have been able to predict this if I had just heard of it for the first time.
I stayed at the MGM Grand hotel, which, in keeping with the theme of hotels on the strip trying to do bizarre and impressive things to outdo each other, has actual lions right in the middle of its casino floor, inside a "lion habitat" walled in with plexiglass. The MGM Grand was very grand indeed, and I managed to play DDR in its basement arcade (and later in another arcade on the strip, in both cases impressing people with some very poor performances because they had just never seen anybody play DDR before and because I could actually complete songs on Heavy difficulty).
Las Vegas is said to be very difficult for vegans. It is true that many of the restaurants I found there had zero vegan things on the menu instead of the one that is customary in San Francisco. At a sandwich restaurant called 'wichcraft, a nice woman decided that the way to game the system was to make me a "peanut butter and jelly with extra avocado, tomato, lettuce, and pepper, hold the peanut butter, hold the jelly" and it was actually very good and very cheap. I did manage to find this web page (there are some others I missed), which recommended an Ethiopian place and an Indian place, each of which I tracked down on successive evenings with great success.
I didn't get to see Cirque du Soleil's permanent shows, which was a big disappointment for me; I'd especially like to see O after hearing about it from people who've seen it before.
When I was walking around on the casino floor -- which of course you have to do to get from one part of the MGM Grand to another -- I thought of the lines
Sed in ludo qui morantur
ex his quidam denudantur,
quidam ibi vestiuntur,
quidam saccis induuntur.
I tried to put a dollar coin in a slot machine, but it wouldn't recognize it as money and just returned it to me. I accepted the omen and decided that if the casinos didn't even want my money, I wasn't going to give it to them.
The hospitality-oriented parts of Las Vegas are amazing because they follow the principle that any random expensive and impressive thing will eventually be tried and available somewhere. A case in point is indoor skydiving, and of course there are so many other instances. Las Vegas in general is experiencing a construction boom that reminds me, at least visually, of the South of Market Area during the Internet boom in 1999. I don't know whether the economic expansion will be longer-lasting than the Bay Area's during the Internet boom, but it certainly felt familiar to see the buildings going up and hear about the seller's job market and the influx of optimistic people.
I remain sad that the extremely spontaneous September 11 shrine at the Statue of Liberty replica at New York, New York has been taken away and replaced with a somewhat tacky semi-official September 11 memorial, which includes somewhat mismatched inspirational quotations and a musical soundtrack. I myself contributed to the shrine, as I'm sure I've mentioned here, when I visited Las Vegas after the September 11 attacks, by leaving an LNX-BBC disc dedicated to Christoffer. I was amazed to find myself confident that, in a city with a reputation for making fake things, the shrine that appeared at the fake Statue of Liberty near the fake Brooklyn Bridge was every bit as authentic as the street shrines that appear here in the Mission to commemorate the dead with candles and offerings. Now it has been replaced with something suitably artificial and hotel-made.
I did miss CES by the narrowest possible margin, but in my experience I like conferences better than expos anyway.
(Note: this post contains spoilers for some puzzles I enjoyed.)
I happened to be in Cambridge in time to join the annual MIT Mystery Hunt this past weekend. (Well, at least the last 12 or so out of 36 hours.) The Mystery Hunt is sometimes said to be the hardest puzzle hunt or treasure hunt in the world, and parts of it were indeed staggeringly difficult. Most of the teams are distributed around the world, with a large contingent in person at MIT and others participating remotely over the Internet, usually co-ordinating their efforts via wikis, mailing lists, chats, etc. Sometimes teams will try to co-ordinate their sleep schedules so that they have team members somewhere in the world working on puzzles 24 hours a day until the hunt is over. A modern Mystery Hunt team may have 50 members, who may well be literal nuclear physicists, rocket scientists, etc. They are in general astonishingly smart and well-educated people with an amazingly eclectic ability to solve all kinds of things.
I joined a team called Codex Dresden (cf. Maya codices). We came in third overall and were the last team to (be allowed to) finish the entire hunt.
A typical puzzle might have no instructions at all; instead, it might simply provide a number of pictures, words, numbers, or dots, which the solver has to interpret somehow (perhaps working through multiple layers). A typical puzzle I worked on was simply a list of nine large numbers; represented in suitable bases and then written in appropriately-shaped rectangular grids, these numbers were actually pictures of glyphs that represented particular numbers in nine different writing systems (including D'ni from the game Myst), and those numbers represented letters of the alphabet that spelled a word. Another puzzle involved interpreting the diacritical marks on the names of pictured items from the Ikea catalogue as Morse code. Another had three sound files whose spectrograms turned out to form a multicolored map of South America. (I was busy trying to interpret the sound files themselves directly as the channels of a bitmap image, but that turned out to be a wrong turn.) Another puzzle required figuring out the symbols used to depict various monsters in the game Angband, given descriptions of the monsters' appearances rather than their names. Each monster is represented by a particular letter, and the letters -- taken in a row -- spell out a clue. (If only they had been NetHack monsters, I would have known them instantly -- but I'm almost completely ignorant of Angband.)
Perhaps inspired by the printer tracking codes project, I spent hours transcribing anomalies in the pixel-level alignment of characters in the titles of puzzles from one round. The letters were slightly and apparently deliberately off-axis, and Mika and I managed to produce a complete database of exactly how many pixels off-axis each character in each title was. This information was never used in the solution of any puzzle and seems to have been a red herring.
I was also impressed by a puzzle involving the double dactyl poetic form (Riana take note!); unscrambling and reasoning about several double dactyls led to an instruction to compose a new double dactyl and submit it to the organizers. (There was even a reference to the idea that epics ought to be written in dactylic hexameters -- and to linguistics, Iphigenia, and Wrigley's Doublemint gum advertisements.) Several teams did solve this puzzle and dutifully sent in their own espionage-themed double dactyl handiwork.
In the final "runaround", we had tense moments in a room with a literally (mocked-up) ticking time-bomb, complete with a scary red LED display, lots of colored wires, a suitcase, and what looked a lot like plastic explosive. It looked just like something out of a movie, and my teammates had ten minutes to defuse it (based on a schematic and a simulation they'd prepared) without setting it off. Fortunately, unlike the movies, they got to try again when it didn't quite work out.
Later on I got my wish for a NetHack puzzle. As the only expert NetHack player present in person from Codex Dresden, I was placed in front of a laptop deep within Moriarty's lair on which a mysterious NetHack game was running. Unlike regular NetHack, the game restarted from a given point every two dozen moves or so -- apparently no matter what you did. You would be exploring and then you would just find yourself right back where you started from.
The intended solution was to type in an English sentence, which, interpreted as a series of NetHack commands, would perform actions that would allow you to get into a particular room. As it happened my teammates had not remembered the fact that the sentence in question was case-sensitive and had transcribed it case-insensitively, which, of course, caused it not to work right. (I kept wondering why the sentence wanted me to zap a wand when I didn't have any wands. Of course, it was really trying to get me to cast a spell.)
As I tried my own ideas and various versions of the mysterious sentence, I started to wonder whether there were any way out. No matter what I did, I found myself back in the same position, as though nothing had happened. Missing the password and stuck in an infinite loop from which there appeared to be no escape, I, like the main character in Groundhog Day, decided to try an experiment: seeing a lava pool, I intentionally dove into it to kill myself. Remarkably, it turned out that the programmer of the NetHack puzzle had not anticipated this eventuality (perhaps because players don't normally intentionally jump into the lava?) and it bypassed the restart code path, causing the NetHack program to exit and the computer to declare that I had solved the puzzle. So I'm happy to say that I outsmarted Professor Moriarty -- at NetHack.
The very, very last puzzle was a sad story for us on account of the freezing rain and the late hour, but we got through it with the help of a lot of use of the text of I Kings, something I hadn't really looked at quite that much since my bar mitzvah (parshat Chayye Sarah).
You can read about the hunt and try the puzzles for yourself at the 2006 Mystery Hunt home page.
In the puzzle hunt I saw Aaron, who joined Codex Dresden for quite some time, and got to meet SJ for the first time.
On Tuesday I got to testify in court for the first time, as a defense expert in a criminal case in Contra Costa County Superior Court. This is also the first time I've been cross-examined, although not the first time I've submitted testimony to a court (nor the first time I've testified in person at a governmental hearing). My testimony was given at an evidentiary hearing with the jury excluded.
I testified about RFC 2822 message headers and, in particular, how to interpret the times in Received headers. The judge stated that he accepted my testimony, but he granted the People's motion on other grounds.
While I was waiting outside the courtroom, I saw a prosecution witness in another case get upset and threaten to leave without testifying. The prosecutor in that case overheard him and threatened to have the witness arrested and held in contempt of court if he left. The witness ended up leaving anyway and apparently was arrested outside the courthouse and brought back inside by force. Having witnesses arrested for noncompliance with subpoenas is the kind of drama that I just haven't seen in civil cases...
I was amused to learn that German and Dutch-speaking programmers are using the word "geXORt" where we would use "XORed" in English -- as a past participle to show that an exclusive OR operation has been performed.
I don't know what the Portuguese equivalent is; I did find a tiny number of Google references to the plural "XORados" (and one reference to that form in Spanish), but none at all to the singular "XORado".
Philip Zimbardo on prisons, situationalism, abuse, anonymity, and transparency. Even though institutional review boards wouldn't let Zimbardo repeat his prison experiment today, he says, in effect, that it's being repeated constantly in actual prisons around the world -- with the same results.
I wish I could remember where I heard about the Xgl demo video that impressed me so much. Many of the graphics effects there were just startling to me. I hope this can be done with underlying free software drivers and that it's not relying on the proprietary accelerated drivers.
Many people know that Richard Stallman is frustrated with the multiple meanings of "free" in English, which continue to confuse people about what's meant by Richard's term "free software".
Richard started using the example of "free as in speech, not as in beer", or, sometimes, "free as in freedom".
I was just reminded of another meaning of "free": unoccupied, vacant, or available. So I want to say "the apartment downstairs is free as in malloc, not as in beer".
I'm pretty stressed out nowadays, but I did well to take a bike ride this afternoon over to Golden Gate Park during a respite from our recent string of hailstorms and thunderstorms. That was seven miles round trip, which is child's play for an experienced cyclist -- but I've never used a bicycle as an adult for anything other than commuting to work or shopping. I think it was the longest bike trip I've taken so far.
Thanks to Dan and the San Francisco Bike Map & Walking Guide, I found a route that was amazingly flat from the Mission all the way to the park -- mostly along Valencia and then Page. I only had to walk my bike for two blocks out of the whole seven miles, which is not bad for a San Francisco bike route that leaves the Mission or South of Market.
I spent a long time as a lacto-ovo vegetarian aspiring to go vegan but intimidated by the perception that there wasn't much to eat as a vegan (perhaps the same perception that omnivores have about lacto-ovo vegetarianism). One thing that comforted me in becoming vegan was the observation that my lacto-ovo vegetarian diet was already about 80% vegan (with the main exceptions being dessert foods, nachos, and pizza).
I'm sure there are a lot of other people who think veganism and lacto-ovo vegetarianism are good ideas but who are deterred from actually adopting them by the "nothing to eat" idea. For a while, I've been thinking about putting up a website with examples of things that I eat as a vegan to try to reassure people that there's a great diversity of good food available without animal ingredients. This is especially true in a wealthy modern multicultural society where we have a number of raw ingredients and news of cuisines that would probably have been impossible to imagine just 20 or 30 years ago, and is probably still unimaginable to many people around the world.
Nicol pointed out to me over the weekend that PETA has put up a web site with a superficially similar plan -- to convey the idea that lots of familiar foods are actually vegan. Their site is called I Can't Believe It's Vegan! and shows pictures of some foods that happen to be vegan.
The bizarre thing about the I Can't Believe It's Vegan site (hereinafter "ICBIV") is that pretty much all the foods shown are highly processed packaged junk foods from major companies like Kraft, Nabisco, Post, and so on. The message of the site seems to be that you don't have to give up these familiar packaged foods when you go vegan (and that, if you eat a lot of junk food, much of your diet is already vegan).
Now this is perfectly true, and nobody should know this better than I, since I eat a fair amount of junk food, and since I've long been impressed with just how much junk food turns out to be vegan. Junk food as a category is just not something that vegans have to give up. On the other hand, the main reason that junk food is vegan is often because so many of the ingredients are artificial and are not from any biological source whatsoever, at least not in the form in which it would be found in nature. There are lots of jokes about this even among non-vegans. There are examples of processed foods that are sold based on the idea that they are meat-flavored and turn out not to contain any meat, because the meat flavors are derived from artificial flavorings. Praveen suggests that some of the meat flavors of Top Ramen, for example, actually contain no meat at all. One can imagine a future vegan version of Cheetos or Cheez-wiz, because what, after all, do these products gain from actually including real dairy cheese? It sure doesn't taste like cheese anymore...
But I don't think the idea that Top Ramen is maybe secretly vegan is going to turn out to be a very exciting selling point for veganism -- and neither do I think ICBIV is a helpful contribution on this score. It's not that I think people shouldn't eat artificial flavors or processed foods. It's just that the foods pictured on the ICBIV site are almost without exception (1) not nutritious and (2) not foods that readers are likely to hold in high esteem as "good food". If you were to construct a vegan diet out of the things that the woman on the front page of ICBIV seems about to hug, you might actually get scurvy or some other nutritional disorder -- because you would be eating cookies, crackers, and chips all day long. Who considers these foods the mainstays of an appealing or interesting diet?
I keep reading about people in the inner city, lacking sources of fresh produce, becoming malnourished by subsisting on food from convenience stores and liquor stores. But now we know that some of them are probably accidentally eating vegan without even knowing it.
ICBIV feels like a weird love letter to the big processed food companies: See, we knew you guys could come up with something vegan in your product lines! Yay!
To repeat: I eat junk food, artificial flavors, and processed foods. I eat a lot of carbohydrates. I like eating these things. I'm glad that many of them are made without animal products. But I can't understand why anyone would use that fact as the centerpiece of any kind of vegan advocacy. As the sum total of a diet, these things are not glamorous or interesting or healthy.
Today I ate Thai food and Mediterranean food; Friday I made sandwiches with 15 ingredients. In addition to Thai and Mediterranean, I regularly eat at Ethiopian, Indian, Chinese, Japanese, Italian, Vietnamese, and Mexican restaurants, as well as soup/salad/sandwich and vegetarian restaurants. (As a lacto-ovo vegetarian, I also ate other Central American and South American food and had an easier time with Mexican food than I do now.) Although my diet is habit-influenced and could be quite a bit better balanced than it is, it isn't in the least boring or impoverished. I'd like to make a web site that shows off things like these; it feels like almost the opposite project of ICBIV. It would also be a great excuse to try new foods.
Chris Palmer and I went to the talk at Stanford that Matt Blaze gave on his work with Micah Sherr, Eric Cronin, and Sandy Clark on wiretapping vulnerabilities.
Here are my notes on what he said.
Wiretapping has become exciting because of reports on the NSA Program, but it's also interesting technically. We can examine how people (with or without legal authority) actually tap telephones in the real world.
"Once we know how it works, our next question as security people is always: how does it fail?"
This also leads to the question of the level of trustworthiness of wiretap evidence.
We are working on studying eavesdropping through a research program: what is required to build an eavesdropping-friendly or eavesdropping-resistant network? How does eavesdropping work and what kinds of noncryptographic countermeasures to it may exist? What are the limitations of wiretapping devices?
Law enforcement telephone wiretapping is an old technology and supposedly well-understood. It could be studied as an example of a mature, reliable wiretapping system.
Traditional wiretap threat model: the risks are detection of the tap, and obfuscation of content of communication. (The content could potentially be encrypted, but it isn't conceptually possible to encrypt the routing information end-to-end. The routing intermediaries need to be able to access it. So you can get transactional or routing information even in the presence of end-to-end cryptography.) [Note: you could in theory encrypt phone numbers en route to the phone company; the phone company would know whom you're calling, but an eavesdropper in between you and the phone company wouldn't know without the phone company's co-operation.]
There is an industry called the TSCM industry that purports to be able to detect wiretaps in some ways, for example via time-domain reflectometry. Blaze doesn't have a high regard for the TSCM industry. It's expensive and inconclusive. In his view, the best that a wiretap detection consultant can say is that no wiretap has been found and that the customer is invited to spend more money to pay for more sophisticated tests. [It's possible to imagine tapping equipment in a modern digital network that has absolutely no effect on the signal or on the electrical properties of the local loop. So even if there were perhaps good tests for wiretapping in the past, those might be getting less useful over time.]
However, there is a question of whether wiretapping evidence is reliable.
POTS is basically the same as it was 100 years ago -- with central offices and circuit-switching. A phone from 100 years ago will pretty much still work today. "Telephones are a remarkable example of engineering optimization" because they were built to work with very minimal requirements: just two wires between CO and the end subscriber, don't assume that the subscriber has power, don't assume that the subscriber has anything else. There is a DC current loop that provides 48 V DC power. The current loop determines the hook switch state. There's also audio signalling for in-band signalling from phone to CO -- or from CO to phone -- or for voice. It all depends on context and yet all these things are multiplexed over two wires, including the hook state and the audio signalling and the voice traffic.
If you wanted to tap this: you could do it in three different ways.
How do LEAs do it? Almost always at local loop or CO. (By contrast, intelligence agencies are more likely to try to tap trunks.)
Under U.S. law, wiretapping in general is illegal, with particular exceptions. These include pen registers (traffic analysis data) and full-content wiretaps (Title III and FISA). About ten times as many pen registers as full content wiretaps occur. It's harder legally, and also more expensive and labor-intensive, to do full-content wiretaps.
Wiretap technologies:
Q. What about cell phone location tracking?
A. There is an interface in CALEA for cell phone wireline interfaces.
Q. But does that include location?
A. No, not yet as a matter of the standards.
[Cf. EFF's page on cell phone location tracking which makes clear that law enforcement agencies have been routinely tracking cell phone users' movements. I'm not sure whether Blaze understood the question from the audience as related to this phenomenon.]
Loop extenders connect target line to a designated "friendly" line. The part at the telco is the loop extender, and the part attached to the friendly line back at the LEA is called a dialed number recorder (DNR) or collection device. The loop extender must perform some kind of electrical isolation to prevent detection. Interestingly, all of the audio is always sent over the friendly line; the only difference between a pen register and a full-audio collection is the configuration of the collection device equipment at the LEA's premises. The phone company can't directly control what LEAs see.
It's inconvenient to get this equipment in order to study it because normally only authorized agencies are allowed to possess it. 18 USC 2512 may make it a felony to own the equipment. Vendors also won't necessarily sell it to just anyone.
"So, we had to shop on eBay."
LEAs, like everyone else, sell their used equipment on eBay. Within about a month, you'll get a lab full of wiretap equipment sold at bargain-basement prices. (Also, they often accidentally sent you recordings of old taps!) And it even looks like wiretapping equipment.
We were legal because we had an NSF grant which is a contract with the Federal government. There is an exception that allowed government contractors to acquire wiretap equipment. [18 USC 1252(2)(b)]
Loop extenders are owned by LEAs but are made to look like regular telco equipment -- it doesn't look particularly suspicious. No overt markings are preprinted. If you saw one on a utility pole or in a telco rack, you would probably consider it totally unremarkable; it's a small plastic piece of telecommunications equipment with a pair going in and two pairs coming out. A loop extender costs about $200 new from the manufacturer. Blaze "never spent more than about $10 for a slightly used one".
At the LEA you have a DNR ("dialed number recorder") which has an RJ11 input and then has an audio output and a tape recorder controller. It also has a "minimize" or mute button. The LEA is supposed to have a human being involved who will attempt to prevent recordings of people or conversations that are outside the scope of the warrant. It's very dull to sit there and have to keep pressing the minimize button when the wrong thing comes on the phone.
Q. Do LEAs actually use the minimize button?
A. Yes. These systems are designed for legal wiretaps to create evidence that you can use in court. If you want to play by the rules, then you use this. If you wanted to do an illegal or rogue wiretap, there are simpler, cheaper ways with other equipment.
We found three countermeasures that let subjects manipulate the recording process.
Countermeasure #1: manipulating captured digits. The dialed digits are sent via in-band audio signalling as DTMF tones. There is a tone decoder at the telco, and also a separate tone decoder in the DNR at the LEA. The DNR tone decoder tries to mimic the actions of the telco's tone decoder.
The DTMF standards standardize a lot of different aspects of DTMF, including the frequencies for the rows and columns. They specify the amplitudes and other things. In general, the standards for encoders are tighter than the standards for decoders. [Like Jon Postel's rule.]
But what this means is that these standards are not single tones or amplitude levels, but ranges. The sender is conservative and the receiver is liberal. DTMF encoding has the same basic idea.
The analog eavesdropper's dilemma: "Whether a tone is accepted as a valid DTMF digit depends on several parameters"; and there is no right answer to what happens when you're on the edge between accepting and rejecting a tone. The eavesdropper has a harder job because the eavesdropper has not to "comply with the standard" but rather to mimic the precise behavior of the equipment that was at the telco CO. And this is true for each and every parameter specified in the standard. Every analog decoder is necessarily going to be a little bit wrong -- too conservative or too liberal in some way.
You can use your phone switch as an oracle to figure out where its accept/reject edges are -- based on whether call completion occurs. It will be pretty consistent and accurate. You can do this for each of the tone and amplitude and duration parameters. It takes about 30-120 minutes to do an exhaustive test with respect to all parameters. Based on this information, you can produce "marginal" DTMF encodings. Some of these are just outside or just inside what your local phone switch will accept. We can call these "confusion" and "evasion" digits. The former will be ignored by the switch but may be accepted by the eavesdropper and the latter will be accepted by the switch and may be ignored by the eavesdropper.
You can then practice confusion/evasion dialing. You can dial a large number of digits and the eavesdropper will get, in practice, totally wrong information. "You would just never get the same answer on two different devices, but you could cause the calls to still go through to the desired number." You'd have to recalibrate every few days.
Countermeasure #2: false call records. Line status (on-hook, off-hook) can't be communicated in-band because if it tried to hang up the friendly line would hang up too. So line extenders use in-band audio signalling. And the standard for loop extenders is to transmit the DTMF C tone all the time to indicate that the line is idle (on-hook).
Therefore, the DNR will deactivate itself when it hears a C tone and activate itself when it no longer hears a C tone.
Q. Why does the friendly line hang up when you hang up?
A. It's hard to get the phone company to provision a "dry" circuit (which is unaffected by DC on-hook/off-hook signals).
This is actually a lot like the blue box problem with regard to 2600 Hz tones. The telephone system used to use in-band signalling where tones played within the communication channel itself would control the communication equipment; this allowed phone phreaks to make free phone calls by playing the right tone. (If someone you don't trust is using your equipment, letting tones they play control how your equipment behave can be a bit of a security risk.) But wiretappers apparently didn't learn this lesson: "If in-band signalling was good enough for AT&T, it should be good enough for the FBI." There is a close analogy between the blue box vulnerability and the wiretap equipment's vulnerability. Sure enough, sending a C tone down your target line doesn't cause your call to hang up but it does call the DNR at the LEA to ignore the communications coming in over the friendly line. It indicates that the call has ended and turns off the recording equipment.
You can therefore fake a lot of different events and cause the evidence collected by the LEA to be wrong.
Countermeasure #3: disabling audio recording. You don't have to send a full-volume C tone. You can send a very quiet C tone in the background to suppress recording. This is sufficient. Either the wiretap subject or the other party can do this. The automatic gain control in the DNR will cause the DNR to detect the quiet C tone.
Demo (same as on Blaze's web site) -- cheaper recorder (that wasn't vulnerable to the C tone) could record the call but the professional loop extender equipment couldn't.
Now, what about CALEA? Loop extenders are largely being replaced by CALEA-compliant systems. Theoretically, these signals are decoded at the switch and therefore most of these countermeasures could be neutralized. "In principle, this should mean that this is the end of the talk." The CALEA design has the potential to be immune because of the way it separates content from signal.
However, law enforce asked for backwards compatibility in CALEA equipment. FCC refused to make this mandatory (and they were correct from the point of view of making wiretapping more reliable and effective). But it turned out that many vendors implemented it anyway in response to LEA requests. Therefore by default a large amount of CALEA-compliant equipment actually causes the C tone to be usable even here.
Consequently in many systems it's possible to disrupt interception and also to confuse the eavesdropper by introducing inaccurate call records. Someone who's being wiretapped can falsely incriminate other parties. To make this more accurate, they should actually get the call detail records and then compare them with the wiretap evidence.
Q. Can you play a C tone into your own phone line?
A. Sure, there's no law against it. It's easy to generate a C tone on a computer. The law disfavors wiretapping by default and therefore there is nothing illegal about a wiretap subject trying to prevent wiretapping.
Q. Has this problem come up in court?
A. We looked at trial transcripts to try to find out. Trial transcripts actually show many strange malfunctions of wiretap equipment -- but defense attorneys have never tried to challenge wiretap evidence. It would be a fool's errand.
Q. Or has it just not come up?
A. Wiretap evidence is often just one piece of evidence that's corroborated by other evidence. Therefore, even if the wiretap equipment malfunctioned or were untrustworthy, it would be rare that proving this would, by itself, lead to an acquittal.
Q. What percentage of switches implement the J-standard?
A. Almost all, but we don't know for sure.
Q. Couldn't you disable the equipment's response to the C tone?
A. Some vendors are able to do this in response to our research and others are not.
Q. Are the backwards compatibility features turned on by default?
A. Yes, usually, and many of them can't even be turned off by the end user.
Q. What about the other industry of outsourced wiretapping, e.g. via VeriSign? They will act as the LEA on the LEA's behalf so the LEA doesn't have to buy the equipment.
A. If the C tone processing is present on any one of those interfaces then it will be vulnerable, but we don't know for sure.
Q. Could your answering machine play the C tone as part of your outgoing message, e.g. as your answering machine beep?
A. Yes.
We were curious how the wiretapper finds out the phone numbers of incoming callers. The answer is that they use traditional caller ID. If the target doesn't subscribe to caller ID, their standard practice has been to call the phone company, impersonate the wiretap subject, and order it for them. "So if caller ID appears on your phone, don't necessarily regard it as a nice gift!"
Dan and I were thinking about some of the toys we had when we were little. Since we're about the same age and apparently come from a similar enough background, we both easily remembered enjoying the same things: BRIO, Darda, Construx, and Capsela. All of these have in common that they are modular toys which allow the user to put the pieces together in various configurations which will work slightly differently; they let you build something according to your own designs. We could also compare Lego, although for some reason I was never as enthusiastic about Lego as about the four I've just mentioned. To this day I feel extremely nostalgic about each of them (although I spent the most time with BRIO and Construx and feel most nostalgic about those two).
Another modular construction-oriented toy of which I was aware was the Erector Set, although I never really got involved with that. I hear that it's led some people into mechanical or civil engineering careers.
In my childhood we also had Lego/Logo (which was a great privilege reserved for the exclusive use of the sixth graders*) but nowadays they have the reportedly much more exciting Lego Mindstorms, which is so geeky that there are two No Starch books and at least one O'Reilly book published about it.
It's nice to remember how much creativity these modular toys seemed to allow kids -- and to hear anecdotes about how even adults find them fun to play with.
* This is true. At my elementary school there were computer classes for fourth, fifth, and sixth graders, which were all taught in Logo at the time (using LogoWriter, a now abandonware Logo implementation, on PC-DOS). Sixth graders got to use Lego/Logo to build vehicles in conjunction with regular academic coursework on "simple machines" (in which we learned about mechanical advantage, pulleys, and the three classes of lever). This made some fourth and fifth graders extremely jealous. I remember having a dream in fifth grade that I was already in sixth grade and got to build Lego robots with our computer teacher Peggy. Vivant toys that you can build things out of!
Why would I buy a player that's so broken it listens to a "output worse image quality lol kthx bi" bit? I already won't buy a player that listens to a "don't play me because I'm only for germany lol kthx bi" bit or a "don't skip me because I'm really important lol kthx bi" bit.
slashdot comment by Lord Bitman
"My pie-eating is delayed by the lack of a fork, but it's imminent -- and, I'm sure, transcendent."
Don Marti has a fun idea in FreedomHEC.
Speaking of Don Marti, won't someone make me a t-shirt of Steve Jobs's attack on noninteroperable media technology?
I was just thinking that "caveat" as a noun makes more sense when it refers to an impersonal warning (since "caveat" means "he should look out" in the phrase "caveat emptor"). If one person is directly warning another person about a pitfall, it might make more sense to speak of a "caveas" ("you should look out").
For example: "I wanted to tell you about a caveat with this service." In this case the person being warned is "you" (the listener) and not the impersonal unspecified "buyer". Therefore, it would seem that the jussive subjunctive should have a second-person subject, not a third-person subject. Why not "I wanted to tell you about a caveas with this service"? If Consumer Reports is writing about a product, they might identify something that "the buyer" should watch out for (aliquid quod caveat emptor) but if my friend writes to me about the same product, perhaps the warning is something that I should watch out for (aliquid quod caveas tu).
English speakers might be most familiar with the second-person singular subjunctive of second conjugation Latin verbs by way of the writ of "habeas corpus" ("you [the jailer] should have the body [of the prisoner here in court for the court to examine]").
I just signed up for a German class over at the Goethe-Institut, starting next week. I'm excited to learn German in a formal class. So far, I can often read German but usually not speak it without resorting to reference books.
Like Peter Biddle, I like Boggle a lot. Since I've been studying a lot of languages lately, I often notice non-English words when I play, but I'm not allowed to count them. I was thinking that it would be fun at a language class or at an event for foreign-language students to try to actually play Boggle in another language. (The letter distributions are a bit of a problem. Other languages don't have the same letter frequencies as English, and the mere appearance of a "K" or "W" in Latin, for example, would be bad news.)
I tried three minutes or so on a random English Boggle board to see how I would do in Latin, and here's what I came up with.
IBEG FGSN VAAM DSTA
das, dat, data, fas, fata, mane, manes, nata, natas, nega, negas, sane, sat, vas, vasa
It turns out that "saga" is a word, but I didn't know it at the time. Also, I missed "ens", "figas", "figat", "gens", "maga", "magas", "mage", "magi", "negat", "negata", "sata", "sta", "stans", "tange", "tanges", "vaga", "vagas", "vasta", and "vastas". That's all I've been able to find so far.
CNet says that
[t]he Chinese government issued a decree two weeks ago that all PCs will need to have a licensed operating system software installed before leaving the factory gates in an effort to crack down on piracy.
The earlier article reports that
Chinese Vice Premier Wu Yi said her government has already issued rules requiring all manufacturers to preload legal operating systems on all computers sold in China--a change from sales of what the software industry decries as "naked" PCs, lacking legitimate operating systems or applications. [...] Wu said only that "legal operating systems must be preloaded on all machines." [...]
Operating system preloads have been terrible for competition. Historically, almost all operating system preloads have been Microsoft Windows. In many cases, getting a naked machine was either impossible or not any cheaper (sometimes more expensive), a fact which has repeatedly inspired antitrust scrutiny. Microsoft has provided incentives that deterred manufacturers from making computers without Windows easily available at prices below those of computers with Windows. That results in users not perceiving a financial incentive to run a non-Windows operating system -- so, unless they have another kind of incentive, they usually don't.
Windows is expensive, but it takes certain ways of selling computers for end-users to notice this and to consider alternatives to Windows. In other markets -- including the markets for the other components of a working computer system -- end-users have some kind of price feedback to help them make decisions. The car market gives people a variety of options, including aftermarket choices for things like sound and navigation systems (and tires, and most kinds of repair services and replacement parts). If a car dealership does its job in the customer's interest, the customer can consider the relative expense of getting various bundled things and the costs and benefits of alternatives. Microsoft has expanded its dominant market share in part because so few users have seen a line item for the cost of using Microsoft operating systems and applications as opposed to others.
I spent a long time recently unsuccessfully trying to get a modern "naked" laptop. I was astounded that companies that are in current antitrust litigation with Microsoft not only "recommend" Microsoft operating systems but refuse to unbundle them from their laptops. But a national legal mandate prohibiting anyone in China (where most laptops are now made) from selling naked systems is an enormous windfall for Microsoft at the expense of competition. It increases the trend of people who don't use Windows having to pay for it.
I can't help thinking that USTR has just made it even harder for me to get a Windows-free laptop in the future. In its letter to Windows Refund Day participants, Microsoft pointed out that "You can purchase a PC with a non-Microsoft operating system or a PC with no operating system preinstalled at all"; we might have been forgiven for thinking that this meant that Microsoft thought that this state of affairs was legitimate. Perhaps the letter should have added "although the latter option may become unavailable due to our concern that software pirates frequently take advantage of it".
The natural inclination of USTR (and maybe some people at Microsoft, and maybe some people in the PRC government) is to say "Well, software copyright infringement is a trend where people who use Windows don't pay for it. And unbundling or naked machines tends to promote that trend." It's odd to think that a remedy for people using Windows without paying for it is to make people who don't use Windows pay for it. More to the point, the "no naked PCs" requirement -- if manufacturers don't see fit, whether because of their contracts with Microsoft or for other reasons, to bundle operating systems with no royalty, and the CNet article suggests that the major manufacturers are unlikely to do so -- means that non-Microsoft OS users are ending up subsidizing copyright infringers. People who don't use Windows will pay royalties under this scheme to Microsoft for the benefit of future Windows development for people who use Windows without paying.
One way of avoiding that subsidy would be to increase direct copyright enforcement in China and encouraging all retails to pass the full cost of using Microsoft software through to all users of such software, while giving them a straightforward means of deciding to use something else. But it continues to be more appealing for copyright holders and USTR to pursue intermediaries and get intermediaries to stop doing things that "facilitate" infringements -- a strategy which brought us the DMCA, and which always means collateral costs and opportunity costs for people who are not engaging in copyright infringement.
Does anybody have more details about this policy and the OEMs' response to it?
There are two approaches to promoting open source software: 1) avoid any use of existing non-free software, or 2) use some non-free software while free alternatives are being developed. The danger in the first approach is that people will not adopt the solution. The danger in the second approach is that free alternatives will not be developed fast enough because the proprietary alternatives are too compelling. Freespire takes the second approach for the most part. The first approach (an operating system that uses 100% open source offerings), is already well represented in the Linux marketplace, and Freespire salutes those who are representing that approach. Hopefully between their good work and the approach offered by Freespire, Linux will find its way to a much wider audience of mainstream users. (Freespire also supports the first approach with their 100% open source version.)
I think the Freespire FAQ author was very straightforward about this, but I thought of six other problems with the second approach.
Richard Stallman has famously suggested that it's only legitimate to use proprietary software for the specific purpose of creating a replacement for that software. For example:
To develop GNU, I used Unix. But first, I thought about whether it would be ethical to do that.
I concluded it was legitimate to use Unix to develop GNU, because GNU's purpose was to help everyone else stop using Unix sooner. We weren't merely using Unix to do some worthwhile job, we were using it to end the specific evil that we were participating in.
This seems weird even to many free software advocates because it is so radically prescriptive not only of how software ought to be distributed but even of end users' apparently isolated choices. (Richard doesn't seem to be saying merely that it's wrong to publish, enforce licenses of, promote, or pay for proprietary software, but even that it's wrong to use it!) But you don't have to reach that question in order to see a problem with Freespire's approach -- you only need to consider the existence of network externalities. Among other things, network externalities mean that the installed base of people who can receive something affects the decision facing someone who wants to communicate with them.
Oh all of you who pass along the way:
Your urban life is built from every day
From which Jane Jacobs made her poetry.
Timor mortis conturbat me.
What's wrong with Microsoft's firewall having a default-allow outbound policy (because customers asked for it!) that causes ZDNet and Slashdot to call the firewall "shackled", "crippled", "half its protection turned off", and other like sneering?
My Linux firewall has default allow inbound and outbound. It can enforce other policies that I set, if I tell it to. Does that mean my firewall is "shackled" or "crippled"?
If Microsoft set default deny outbound rules that blocked FTP, Skype, SIP, and BitTorrent, would ZDNet and Slashdot be happy? Or would the article be "Microsoft firewall blocks Skype and BitTorrent by default!"?
It's a tricky point because, as Meng Wong reminded me, empirically, most people accept the defaults they're presented with in many situations. If that's so, however, wouldn't we be happier if Microsoft's market power is used to permit Internet applications to communicate, instead of making a pervasive decision about which applications are OK and which are not? Again, imagine if Microsoft said that Microsoft services were permitted but non-Microsoft services required a firewall configuration change. Youch!
Current U.S. gas prices are cheaper than the price of gas has been in Belgium, France, Germany, Italy, the Netherlands, and the U.K at any time in the past decade. According to the DOE chart, gas in those countries has cost between $3.00/gallon and $7.24/gallon this past decade.
Those countries still have large and growing economies and a high material standard of living. But they don't have cheap gas the way the U.S. does.
I was telling Michelle about how "Gesundheit" is formed from "gesund" and the suffix "-heit".
"It's a noun-forming suffix -- it means '-ness'. Like Sicherheit from sicher and Freiheit from frei."
Unfortunately for me, neither of my other examples ends in "-ness" in English; they mean security and freedom, respectively. So much for "-ness"!
Then there's "-keit", which I think is just a phonological process acting on "-heit" (for example "aber des Herrn Wort bleibet in Ewigkeit"; also the observation of Wittgenstein that I will someday use in the dedication of my book: "Wenn man unter Ewigkeit nicht unendliche Zeitdauer, sondern Unzeitlichkeit versteht, dann lebt der ewig, der in der Gegenwart lebt"). But Michelle suggested that it means "kiteness; the quality of being a kite".
I went to the hearing in our case against AT&T this morning. You can see Quinn's pictures on Flickr; my tie is visible in one of them, but that's about it for me.
The courtroom artist in Quinn's first picture, in case you're curious, identified herself as Vicki Ellen Behringer. You may have seen her work in the media before.
Apparently Riana is hoping to watch the demolition of the cooling tower of a decommissioned nuclear power plant in Washington state Oregon tomorrow morning.
When I read that traffic will be prohibited on the nearby freeway during the demolition, my first thought was: "What, are they afraid that terrorists will try to stop them from blowing up the nuclear power plant?"
My first time making the front page of a newspaper: my testimony at the Local Agency Formation Commission on Friday was the subject of a story featured on the front page of the San Francisco Examiner (where it bore the headline "S.F. Wi-Fi could violate users' privacy, foes say").
The article mentions that I discussed how laptops can be tracked using their MAC addresses; therefore, a citywide wi-fi network would allow its operator to track individuals' physical movements around the city. (This is a larger concern than a patchwork of independently-operated wi-fi networks, whose operators don't co-operate to share data with one another.) However, the most recent version of the Google-Earthlink city-wide wi-fi proposal seems to require users to log in, which has the same problem even if the network didn't keep track of MAC addresses (and conversely, MAC addresses allow tracking of individual users even if they don't have to log in -- which is why in either case, privacy would be protected better if the network had limitations on the retention of data about its users).
ACLU, EPIC, and EFF's letter to the city in April has more detail about these concerns.
Mako mentions that the Free Software Foundation will hold a "defective by design" protest at WinHEC tomorrow (May 23). That's a nice slogan, and I hope that this effort attracts some interest beyond the free software movement.
I arrived in Brazil yesterday and felt very happy that, of the twelve or so people I asked for various kinds of help in Guarulhos airport, only one refused to speak Portuguese with me and broke into English. Progress.
I saw a pun that would work in English too, so I thought I should let the Anglophone world know about it. Rio de Janeiro has a place called UniverCidade. That is to say "UniverCity".
I keep thinking that the Real coins look strikingly similar to the Euro coins. Don't you agree? Is this just coincidental?
Sumana laments the loss of Cody's Books on Telegraph Avenue in Berkeley.
Apart from my memories of coming back to Berkeley to shop there during the dot-com boom, I remember when Wolfgang saw the façade of the Fred Cody building for the first time and misread it as "Fried Cody Building". She drew a cartoon about her interpretation: THE FRIED CODY BUILDING IS NOT GOOD FOR YOU.
Fred Cody, I understand, started his bookstore instead of pursuing an academic career because of the loyalty oath controversy. That bookstore has been one of the most wonderful things about Berkeley.
Anirvan has his own set of recollections of Cody's. For my part, I remember taking people to Berkeley for bookstore tours -- and Cody's was always the centerpiece.
"Wow!" I gasp; I think Mika+Mako an artful group, for those newlywed Bostonian friends succeeded: bit by bit spelling math, making, in poetic vows, two apt promises.
("prima fugit?")
I had a fantastic day on Saturday. In the morning, I joined the Defective By Design anti-DRM protest at the Apple Store in downtown San Francisco. You can see me in several of Quinn's photographs -- I'm wearing a blue shirt and holding up a somewhat wind-battered sign that quotes Steve Jobs on our right to use music "on all other devices that [we] own". (Thanks for reminding me that Steve Jobs said that, Don.) I am also one of the few people not wearing a hazmat suit.
That protest was attended by Jon Johansen (who has just moved to San Francisco) and his friend Monique, and I ended up having a delicious lunch with them, Praveen, John Gilmore, and someone named Serge over at Tu Lan.
The protest was remarkably mellow; Apple had one security guard who was polite and respectful to us, a fair number of employees reading our signs and gossiping about us, and customers going in and out and frequently taking flyers. Nobody harassed us or called the police. This is a nice contrast with another anti-DRM protest I participated in in the Fourth and Market area a few years ago -- at the Sony Metreon when the first lawsuits were filed over DeCSS. I think the San Francisco Apple protest was mellow on all sides; we neglected to chant anything.
After lunch, I got to see my friend Michelle for a little while; we visited Josh's cat, and then we took BART to the East Bay together.
In Oakland I met my friends from the Cena Latina and went off to the North Bay for an excellent Cena at the home of a Latin teacher friend who is using the modus vivus (immersion teaching) and teaching out of Ørberg's Lingua Latina Per Se Explicata. We met one of his students, a high school sophomore who speaks fantastic Latin and who has the good fortune to be headed to Rome this summer to study Latin there. After dinner, we played a game called Rapio, the Latin version of Grabble. I finally had an opportunity to use my Latin anagramming and word visualization skill -- heretofore always useless in English-language Boggle games -- and I won by a pretty decent margin. But my opponents were extremely worthy and made some brilliant plays.
John Piazza talked about creating a Latin-speaking bicycle club in Oakland called SBQR (Societas Bi Quercopolis Rotarum), a hilarious example of tmesis (from "Societas Quercopolis Birotarum", lit. "Oakland Bicycle Society"). If you don't get the joke, see also SPQR. I would totally join.
On BART on my way to and from Oakland, I read about historical linguistics.
My friend Michelle is planning to compete in the AIDS Marathon in Florence, Italy, in November. I'm proud of her, and I wanted to let my readers know that you can help by donating to her fundraising campaign.
What is the world coming to when even social conservatives (and their editors) don't know how to decline in Latin?
Mr. Bauer, it should be "e pluribus plures".
Cool, I got the Steve Jobs comment into BusinessWeek!
Responses to commenters:
FSF should protest against Microsoft too: They did (as the BusinessWeek article notes), at WinHEC, because of (among other things) Microsoft's "PlaysForSure" program, which is seen as a competitor to the iTunes platform. The Defective By Design campaign sees both Apple's and Microsoft's DRM as wrongful attempts to protect each company's market share at the expense not only of the other company but of end users' rights.
Record labels, not Apple, are to blame: There's a lot of blame to go around, but an Apple lawyer said publicly that Apple would not abandon FairPlay restrictions if the record labels gave it permission to do so. A music industry trade association in the U.K. has stated that Apple's use of FairPlay is a competitive problem (although it does not necessarily agree with Defective By Design that the use of DRM in general is a problem). And Apple is now actively supporting legislation that prevents people from working around these restrictions. Did the record labels require Apple to do that?
Apple competitors are hypocritical because they also create (or want to create) proprietary products that prevent interoperability: That's often the case, so we need to get in the habit of criticizing everyone for doing this and try to help the press understand (as BusinessWeek understood) that there are people whose objections run deeper than any one company's business strategy.
Users can choose other products: That's the main thing that the Defective By Design protest was encouraging people to do. The most common position among protestors is not necessarily that there should be an antitrust investigation of Apple, but that users should stop feeling sympathetic to Apple's business strategy and that the law should stop protecting it by threatening technologies that create interoperability.
Apple was legally required to use DRM: The use of DRM is mostly an industry habit and a cultural problem, not a law; DRM-less devices are mostly protected (and we need help to keep them that way). There are on-line music stores that don't use any DRM at all. It will be progress when users value the freedom (and platform competition) that these stores provide.
FairPlay is necessary or useful to stop iTunes content from appearing on file-sharing networks: According to Eric Garland, who monitors file-sharing networks for a living, every song in the iTunes music store -- including iTunes exclusive releases -- is immediately available in file-sharing networks. FairPlay is a complete failure in preventing iTunes Music Store songs from being shared in file-sharing networks -- and the "burn to CD" feature guarantees that it will continue to be. If the music industry wanted Apple to try to prevent people from sharing songs in P2P networks, it would need to start by objecting to "burn to CD". FairPlay has a much greater effect on paying music customers' decisions about what portable music player and operating system to use than it does on the availability of infringing copies of songs in file-sharing networks. And since Apple said it wouldn't drop FairPlay even if the labels agreed, it looks like FairPlay was designed that way; Apple is laughing all the way to the bank when someone repeats the theory that FairPlay is "necessary for content protection". More like platform protection.
The Microsoft alternative is worse: The Free Software Foundation -- which organized the Defective By Design campaign -- is certainly not promoting Microsoft or any of Microsoft's products as an alternative to Apple's. And they're certainly not being paid by Microsoft to criticize DRM! Although this campaign is focused on the problem of DRM in general, anyone who assumes that criticism of Microsoft means "use Apple" or criticism of Apple means "use Microsoft" has gone astray. Indeed, the assumption that Microsoft's DRM is the same kind of problem as Apple's is what led Defective By Design to launch its first protest at Microsoft's WinHEC conference.
In a sense, the fame of the "Mac/PC" platform rivalry -- just like the "Democrat/Republican" rivalry -- is an obstacle to learning about new issues. If anyone criticizes Apple for labor issues (as a recent article did) or Microsoft for using digital rights management, the prominence of "Mac vs. PC" makes the general public assume that the critic wants everyone to switch to "the other platform". This also makes it easier to dismiss a critic of anything as an opportunistic proponent of "the other side" (even in cases where the critic supports a third alternative or no particular alternative at all). Thus any critic of a Democrat can be dismissed by Democrats as a "Republican" and any critic of a Republican can be dismissed by Republicans as a "Democrat". This particular protest campaign was organized by advocates of free software (if you like, of "Linux"), but Robert Green Ingersoll properly said that "[t]he destroyer of weeds, thistles, and thorns is a benefactor whether he soweth grain or not." In my office at EFF we have a lot of Mac users who are quite attached to what Apple has accomplished, but who think that Steve Jobs is doing wrong by users with FairPlay.
Perhaps our culture would do well to give more respect to would-be "destroyer[s] of weeds, thistles, and thorns" without presuming that they are selling something, or even that they have an alternative in mind at all. Certainly all kinds of advocates want to be able to point out problems with existing business practices, even if they don't know an alternative that they would rather you buy.
No, I'm not leaving EFF. But my colleague, Chris Palmer, is -- he's going to work with iSEC. Therefore, EFF is advertising for a new staff technologist job opening.
Take a look at Wendy Seltzer's debate with Fritz Attaway (you have to follow another link from Wendy's blog post to read the text at the Wall Street Journal, and, in my browser, the text is squashed in a column at the very right hand edge of the page).
Both of them are quite eloquent. I think the most remarkable and important thing about the debate is Fritz Attaway's repeated statement to the effect that price discrimination (1) is good for customers, and (2) is the most important reason for DRM. (He observes that, without DRM, every retail media transaction would be a sale, or at least users would have the ability to treat it as a sale. And then he says that users who prefer to pay less for fewer rights would regret being denied the opportunity to disable themselves from making uses that they didn't pay for.)
I think it's useful to have an MPAA representative say that DRM is about price discrimination rather than "copyright". Almost every DRM proponent's argument about "new business models" seems to be an argument about price discrimination. Price discrimination is, I think, the fire that produces the smoke in the DRM wars.
I decided to run Microsoft's new Creative Commons Add-in for Microsoft Office under Wine to see whether it displayed any kind of EULA. The result:
MICROSOFT SOFTWARE LICENSE TERMS CREATIVE COMMONS ADD-IN FOR MICROSOFT OFFICE
These license terms are an agreement between Microsoft Corporation (or based on where you live, one of its affiliates) and you. Please read them. They apply to the software named above, which includes the media on which you received it, if any. The terms also apply to any Microsoft
for this software, unless other terms accompany those items. If so, those terms apply.
BY USING THE SOFTWARE, YOU ACCEPT THESE TERMS. IF YOU DO NOT ACCEPT THEM, DO NOT USE THE SOFTWARE. IF YOU COMPLY WITH THESE LICENSE TERMS, YOU HAVE THE RIGHTS BELOW.
1. INSTALLATION AND USE RIGHTS. You may install and use the software on any of your devices.
2. DISTRIBUTION. You may copy and distribute the software; provided, however:
a. You may not:
b. For any software you distribute, you must:
c. Separation of Components. The components of the software are licensed as a single unit. You may not separate the components and install them on different devices.
3. SCOPE OF LICENSE. The software is licensed, not sold. This agreement only gives you some rights to use the software. Microsoft reserves all other rights.
Unless applicable law gives you more rights despite this limitation, you may use the software only as expressly permitted in this agreement. In doing so, you must comply with any technical limitations in the software that only allow you to use it in certain ways. For more information, see www.microsoft.com/licensing/userights. You may not:
4. EXPORT RESTRICTIONS. The software is subject to United States export laws and regulations. You must comply with all domestic and international export laws and regulations that apply to the software. These laws include restrictions on destinations, end users and end use. For additional information, see www.microsoft.com/exporting.
5. LIMITATION ON AND EXCLUSION OF REMEDIES AND DAMAGES. YOU CAN RECOVER FROM MICROSOFT AND ITS SUPPLIERS ONLY DIRECT DAMAGES UP TO $5.00. YOU CANNOT RECOVER ANY OTHER DAMAGES, INCLUDING CONSEQUENTIAL, LOST PROFITS, SPECIAL, INDIRECT OR INCIDENTAL DAMAGES. This limitation applies to:
It also applies even if Microsoft knew or should have known about the possibility of the damages. The above limitation or exclusion may not apply to you because your country may not allow the exclusion or limitation of incidental, consequential or other damages.
6. DISCLAIMER OF WARRANTY. The software is licensed "as-is." You bear the risk of using it. Microsoft gives no express warranties, guarantees or conditions. You may have additional consumer rights under your local laws which this agreement cannot change. To the extent permitted under your local laws, Microsoft excludes the implied warranties of merchantability, fitness for a particular purpose and non-infringement.
7. ENTIRE AGREEMENT. This agreement (including the warranty below), and the terms for supplements, updates, Internet-based services and support services that you use, are the entire agreement for the software and support services.
8. APPLICABLE LAW.
a. United States. If you acquired the software in the United States, Washington state law governs the interpretation of this agreement and applies to claims for breach of it, regardless of conflict of laws principles. The laws of the state where you live govern all other claims, including claims under state consumer protection laws, unfair competition laws, and in tort.
b. Outside the United States. If you acquired the software in any other country, the laws of that country apply.
9. LEGAL EFFECT. This agreement describes certain legal rights. You may have other rights under the laws of your state or country. You may also have rights with respect to the party from whom you acquired the software. This agreement does not change your rights under the laws of your state or country if the laws of your state or country do not permit it to do so.
Me interesse que a palavra "você", que vem da frase "vossa mercê" (claramente feminina), possa ser feminina ou masculina (sempre de acordo com o sujeito). Isso não faz muito sentido. Pode dizer "o sujeito do pronome 'você' pode ser feminino ou masculino, então o pronome também pode ser um ou o outro" -- mas o sujeito do pronome é sempre na pessoa segunda, não na pessoa terceira. Entretanto, o pronome "você" precisa da forma da pes