"Just what in hell's name do they (or their deranged lawyers) expect to profitably gain by this?"
They expect lots of users to sign up without reading the ToS. And they're probably right.
16427 posts • joined 16 Jun 2014
"They are open source packages, once you release code open source you can't claim ownership over its use. That's the whole point of open source."
Maybe. It depends what, if any, licence is attached. A licence is permission to do something. Just because the source is published it doesn't mean a licence was granted.
Unless the ToCs of the site require the author to grant a licence or the author explicitly granted a licence then there isn't one which means there's actually no permission. Continued use then depends on the author's goodwill in not enforcing copyright and the author is entirely within his rights in withdrawing if he feels that's appropriate. So the relevant questions are was a licence granted by publication on the site and if so what were its terms?
"For more than two centuries there has been a balance in the US between the government and citizens as to how far the government may intrude into citizens' personal and private matters, and on what basis....The basic arrangement, in which a government official must petition a judge for a search warrant, citing facts to support a claim of probable cause to believe a crime has been committed or is about to be, and describing the search target with reasonable precision, has not changed and is not likely to."
The first statement applies pretty widely to any legal system that inherits from the English. It was the second that was in danger here as success for the FBI would undoubtedly have been the first step in attempting to gain a chain of precedents that would end by compelling vendors to supply skeleton keys on demand.
If such a change were made it would require a wide consideration of public policy which includes considerations such as does the US (or any other specific country debating this) want a tech industry.
Of course it isn't a magic bullet. Existing security in both the Windows and Unix-derived worlds is too close to being perimeter-only for safety. We need at least three things to make life difficult for malware and for ransomware in particular.
First, instead of accessing storage on their own user processes should go through a back-end with specific permissions. My particular experience of this is with Informix where normal usage is to assign one or more allocations of raw disk, chown informix:informix, chmod 660 but this idea isn't specific to a particular product.
Secondly, introduce a concept of application permissions that sits alongside user permissions. The backend might, for instance be run by user and group odf-storage and only accept read/write requests from odf-user which would own the likes of LibreOffice and OpenOffice applications and even then only honour requests that matched the user's permissions.
Thirdly, and this is where something like Apple's idea comes in, the kernel would lock root out from changing such storage on its own account; it would need to be authorised by a specific user, such as odf-admin for instance, to de-allocate odf storage.
There are a good many practical difficulties is this, primarily in maintaining the chain of authenticity through updates. But Unix security has been watered down over the years in the name of convenience and Windows, starting as a single user system, has found it difficult to build security in and their problems won't be addressed by simply wringing our hands when things get hard.
It would also help if email had signing built in as part of the core protocol, web-advertising would just die and web 2.0 designers didn't rely on hauling in bits of code from sites over which they have no control.
"Just another round of flogging off the nation's assets to cover the incompetence of the Chancellor."
Yes, but which chancellor? The current one, the previous one or the one before that who thought that the best way to manage interest rates was to exclude a housing bubble from his inflation measurements?
"The bottom line is the FBI are now in a position to assert that Apple's unwillingness to help law enforcement endangered America and Americans."
They can & maybe will assert it. You can assert anything you want. Proving it is tricky. To prove it they'd have to arrest some previously unknown co-conspirator and introduce evidence from the phone, together with an account of how that evidence was obtained.
But you're right, they can assert it. That's easy.
"Did the FBI actually get what they wanted or is this a face saving smokescreen."
Let's see what happens to all those other phones that are supposed to be in the queue. That might drop us a hint.
Another factor about this one - even if there was information in here it wouldn't be likely to end up as evidence in court so they can keep quiet about what, if anything, they did. If there is a technique that works and that actually produces evidence in the other cases they'll have to tell something about it in court.
As I said, let's see.
"What was being resisted was (a) a tool that could be routinely used (e.g. during police stop & search or temporary unauthorized access to a phone)...
That's not something that was ever being asked for, nor is it something that it would have been reasonable to believe was possible."
You don't think so? Not necessarily in the first place. But having got a precedent in the bast case they could come up with the next step would be to widen it a little. And then a little more. And so on.
The other issue could have been that there's a precedent which only applies if the suspect is dead. Well, that's a circumstance that could be arranged...
"And 256 bit encryption CANNOT be brute forced. "
How many times do we have to have somebody trying to show us how smart they are by grasping the wrong end of the stick.
The FBI weren't trying to break 256 bit encryption by brute force.
They were trying to break a pass code.
A four digit pass code AIUI.
Now go away and work out how many bits that is. Big clue: it's a lot less than 256 bits.
"Wellcome does publish an Open Access journal. It is called eLife."
Wellcome is one of three supporters, whatever that might mean. The registered address is in Delaware & the UK address is in Cambridge. Without the Wellcome name it the title it'll have to make its own reputation - which I hope it does. What I had in mind would be something like The Wellcome Journal of $subject or Proceedings of the Wellcome Institute which would make direct use of the Wellcome's reputation along the lines of Proc.Roy.Soc.
Perhaps the Trust should lead by example and publish its own open access journals. A journal with the Wellcome name behind it would to a great deal to raise the status of OA publication.
There'd possibly be a challenge on conflict of interest. At least in the first instance it might restrict papers to those reporting work it hadn't funded, possibly in areas that it doesn't fund at all.
"just another bit of pointless electronics to go wrong."
I looked into this some time ago when the latest version of what I then drove had this monstrosity. It turned out that if the control failed & left the handbrake on you had to unseal the mechanism & release it by about 100 turns using some implement. Because you'd now unsealed the mechanism it would be susceptible to damage and needed to be replaced by a new, sealed unit at quite horrendous cost. Not explained was how, while you were doing this, you stopped the car rolling away if you'd trustingly used the "hand"brake to park on a hill nor did it explain how you were expected to deal with a failure to apply the brake if your only option was to park on a hill.
So that was a lost sale.
All this because nobody on the design team thought to wonder "what if?".
"It’s like a car designer creating a feature that ejects all the wheels for maintenance, and then installing the button directly next to the on-off switch for the radio."
Or like installing a button which reduces the window to zero size (i.e. closes the program) right next to the one which maximises it. Generally W95 hit a sweet spot for user interface but this is one that was wrong. What made it particularly bad was that all the applications around at the time assumed you couldn't possibly hit "close" by mistake and didn't have a "did you really mean that" dialog.
"Software is a means to an end, and that end is making the user's life easier, not harder."
Of course. Hence the preference for software that does just that and doesn't get in the way by, for instance, trying to force updates and even complete OS replacements on users irrespective of whether they want it or not. Software, that, in a dual boot system, lives nicely side by side with other OSs. Software that doesn't come with an agreement to let it harvest far more information than is needed to maintain a normal commercial relationship with the vendor. Software that doesn't push advertising at the user.
Which software do you think meets those requirements?
"Doesnt this have more to say about your software and your testing practices as opposed to the OS?"
ISTM it says a good deal about both. It says that the test, albeit accidentally, duplicated the environment in which his product would have had to run when shipped. It may have been an accidental test but it was a test whose outcome has probably saved his business a lot of grief and maybe more.
The only thing wrong with his test procedure is that it was an accidental test and not a deliberate one.
"People don't like change, but no change is no progress."
No change is also not breakage. Sorry to take the Bombastic Bob route but IF IT AIN'T BROKE, DON'T FIX IT.
Apart from that the real problem isn't in the interface, it's in what you don't see unless you go and read the privacy statement and try to find the limits MS impose on themselves.
"They don't advertise or demonstrate how recent PCs are thousand times better than old ones."
It depends how old. The industry's real problem is that for most people their old PCs are good enough. There's nothing on the H/W side to require an update and, short of failure, they don't, therefore see any good reason to replace it.
Much the same thing applies on the S/W side as well. If MS had been able to come up with a must-have feature on W8 or W10 and made it a paid-for OS that might well not run on old hardware they might have sold a few extra boxes because of it. But they didn't. They came up with a couple of new versions which gained toxic reputations.
So, if the old box with its old OS is still doing what it was bought to do, why waste money.
And BTW, could you provide some quantified evidence for your "thousand times better".
"The hole they have dug is now much too deep to climb out of. Short of putting together a SMALL decision making team and designing a brand new, coherent OS from the ground up......."
I think it was a small decision making team that put together Gnome 3 which promptly gave rise to two new projects, one to fix all its deficiencies by making it look like Gnome 2 & one to continue Gnome 2. Mate and Cinnamon are popular, Gnome 3 not so much. Fortunately this response is possible with OSS.
"even though the word classic was patronising as 'old, keep up'"
I'm not sure about that. "Classic" often means "what we should have done in the first place". A "Classic Windows" 11 might save them providing they do enough back-pedalling on what they got wrong. That, however, means an accurate diagnosis of just what it was that they got wrong. The aggressiveness of the W10 project suggests a management completely and utterly determined that this is what they're going to do.
"May or may not be an urban myth, but those AS400 were certainly heavily engineered."
Back in the day there was a story about DEC being asked for a copy of VMS. Given that the enquirer wasn't a customer they asked why. He said he'd found a MicroVAX in a skip.
Biting the hand that feeds IT © 1998–2019