Again, I have not researched this exhaustively. If someone else has more detail, I would like to hear it.
Guaifenesin is one of the drugs that has been around awhile. The FDA is banning all time-release formulations of Guaifensin. The rationale is that these drugs are competing against an approved drug. The issue is really about formulations. The newly approved drug is extended-release which has shown to be more effective and safer than the time-release formulations and there is a patent on the formulation, not the drug itself. I don't think that the FDA is banning all the non extended-release Guaifenesin products here.
My point is you have to dig down deeper than the article does to understand what is going on. The FDA is giving priority to enforcing the ban on unapproved drugs for 7 different reasons. This ends up being 7 different categories for which a single unapproved drug would only fall into one if it qualifies at all. There are a lot of different issues here covering a lot of different drugs and the article mistakenly tries use a broad stroke in painting the whole situation as just a grab for profits.
The article brings up good questions but it glosses over many issues that need to be looked at in more detail. I will just deal with Lovastatin.
I see the FDA as serving a useful function in the case when it bans the sale of red yeast rice for use as a medicine when a drug (lovastatin) is made and tested that is also found in the red yeast rice. The most important aspect of this is that the dosage is known and controlled in the manufactured drug. This makes it more effective and safer to use. One caveat, there might be multiple compounds in the red yeast rice that would make it more effective than Lovastatin alone. This may not be true with Lovastatin but can be true with other naturally occurring medicines.
My understanding is that if a drug is derived from a plant (i.e. naturally occurring) it cannot be patented. I have not researched this thoroughly so the next discussion is part guesswork. However, it is something that should have been brought up in the article.
The first question is, how did Merck get a patent on something that occurred naturally? It looks like the FDA's attempt to ban the medicinal use of red yeast rice in 1997 was overturned by the courts because you cannot patent something that is naturally occurring. The patent expired in 2001. So, Lovastatin can now be manufactured generically. Any attempts now by the FDA to ban the medicinal use of red yeast rice can be based simply on the Lovastatin being more effective and safer. I think it's a good idea to let the FDA ban medicinal use of supplements that contain approved drugs. However, since supplements are usually derived from naturally occurring substances, a company should not have exclusive rights to make that drug.
If I sold my house the buyers should trust that they don't have to change the locks. Here is why. I was paranoid enough to get Medeco locks, which you have to register for and show ID to get a key copy made(only at Medeco distributors). They also keep a count of the number of key copies made for that lock. So, the buyers don't have to trust me unless I have lost a key.
As for changing password, I think people have a perceptual problem seeing a threat that doesn't have a concrete presence. It's like being afraid of sharks when you swim in the ocean but having no concern that the bacteria count in the water is very high.
Mike, my reading of the appeal judgment is slightly different from the summary that Loek Essers gives in the link you provided. I am paraphrasing here from the awful Google translation with some help from the original Dutch (I am not fluent).
The court decides that a router is not a computer because it is primarily a data transfer device. A router does not store any sensitive information, itself, that is intended to be protected from prying eyes and the defendant did not have access to such data on the owner's computer. Therefore, there was no computer trespass or intrusion. The defendant's use of bandwidth is not a crime because that bandwidth is not an asset and cannot be stolen. It has not been otherwise criminalized by the legislature.
Essers wrote "Hacking a device that is no computer by law is not illegal, and can not be prosecuted, the court concluded". This is not strictly correct. The court viewed the defendants access of the router only as a way to gain free use of the internet. Hacking can be much more than just bypassing security to gain access. The defendant, with administrative access, could have bricked the router or done quite a number of imaginative things. One example, is to poison the DNS cache so that their banking site pointed to your own website in a devious phishing attack. These things would be criminal acts on their own but, apparently, there could not be an additional count of computer intrusion on the router itself.
The judgment did not address open versus protected WIFI connections. I think that Essers was referring to a separate case.
The defendant was still guilty on the first charge because of the threats, to kill people at his old Dutch University, he made on 4chan. I was amused by the defense position that the threats could not be serious because everything on 4chan is fictional bullshit. He was sentenced to 120 days community service or 60 days in jail.
The company making the router allows for the password to be changed and probably recommends that it be changed. What they try to do is set up a default configuration that works in most cases. They have to consider that a lot of users who, despite being told they should change their password, don't bother. It used to be that a default password was a single value used for every device sold. One can find websites on the internet that list the default password for any consumer or office computing device that you can imagine. A much improved procedure is to generate a default password that is specific to each instance of a device. This makes the default more secure but they will always allow you to change it.
I think I should emphasize that the WIFI router in this case had a default password but that password is not a single password, like "admin", given to all the devices when they are manufactured. It is a generated password, specific to a particular device that the user should not necessarily have to change. I don't know the details yet as to how the generation takes place.
ISPs in the Netherlands are still distributing these routers and allowing the customers to use the default password. The defendant was found to have both the SSID and the password written down. If the defendant had used MAC address spoofing on his computer he would not have been caught.
I am glad that the Dutch court attempts to make a distinction in the level of intrusion of a computing device. They saw that the defendant was just stealing bandwidth. I think the appropriate analogy is attaching a splitter and cable to your neighbors cable TV connection so you can watch for free. However, the rationale they used, that a router is not a computer, is completely ridiculous. Routers, and switches from the very beginning have always had some kind of storage even if that was just PROM. For most of their existence they have also used storage that was writable out in the field (e.g. EEPROM or flash devices). This storage is used to remember configuration information various sorts of logging. As current flash devices have increased in capacity the amount of configuration and, in particular, logs have also increased.
The courts must also recognize that infiltration of a WIFI router can be used as a stepping stone for real criminal activity. At the outset, you have access to all the logs which often includes source and destination IP addresses and the associated URls if your router does DNS caching. Once gaining administrative access you can reprogram the flash to create a way to sniff all your victims packets and even become a man in the middle for some real fun.
The transfer of data doesn't have to be packets transmitted over a LAN or the internet. The data transfer could be to a USB flash device, a writable CD or DVD, or even a floppy. Also, for the definition, the computer just has to be capable of data transfer.
When you visit NYTimes.com by clicking links in search results, you'll have a daily limit of 5 free articles. This limit applies to the majority of search engines.
If you have an unlimited access via search engine links, why would they say this? We'll just have to test it when it rolls out to really understand. Maybe one of you Canucks knows if you can get off that snowmobile.
It looks like the Times has removed the test paywall I was seeing so I cannot test further, but they are using cookies to implement their paywall. They might be using Javascript to write the cookies but I am guessing they are not. If not, neither adblock nor noscript addons (with Firefox for example) will bypass the firewall.
oops, premature postalation.
I think I was reading too quickly. So, Yeah, it looks like a very generous policy for free reads. I think despite all the gloom and doom about how this will fail it looks the Times is bending over backwards to not drive away any readers that don't want to pay or pay as much as they are currently asking. The generous free reading policy is complemented by the ability to just delete cookies to zero out your monthly article count.
Visit ors can enjoy 20 free articles (including blog posts, slide shows, video and other multimedia features) each calendar month on NYTimes.com, as well as unrestricted access to browse the home page, section fronts, blog fronts and classifieds.
Yes. We encourage links from Facebook, Twitter, search engines, blogs and social media. When you visit NYTimes.com through a link from one of these channels, that article (or video, slide show, etc.) will count toward your monthly limit of 20 free articles, but you will still be able to view it even if you've already read your 20 free articles.
I think Paul Krugman wasn't completely correct. My understanding, from the Times faq about the paywall is that the 20 item limit per month applies to all side doors as well, including links via his twitter feed and via other blogs. In addition to the 20 item/month limit there is a 5 item/day limit for links via search engines. That is, even if you have used up your free 20 items you have an additional 5/day via search engines at least. There is unlimited access to blog fronts which is probably what Mr. krugman was thinking of. If he keeps his blog entries short (about 3 paragraphs) that would mean unlimited access to the full blog.
I have seen a post from a Canadian that confirms that the paywall implementation is no different then what I am seeing now. This means the paywall is easily bypassed and they are depending on most people not bypassing it via ignorance, laziness, guilt, or goodwill. I think they intend it to work like shareware.
Whatever the case, the thing that flabbergasts me the most is the $40 million cost. I just can't believe it would take that much to implement a paywall.
In December and January the NY Times said their paywall would be going up in January or early February. A sort of paywall was implemented, at least in my geographical region, at the end of January. I am not sure if this was a regional test or just a simple version in relation to the March 28th rollout. I would like to see the Times find a workable business model to sustain themselves. This is an interesting experiment but being complicated is just one of the drawbacks. The current paywall is easily by-passed and it doesn't matter whether I am going through the front door or a side door. I know how they can make it stronger and that may be how the version coming out on the 28th has been done. I do not see a way that the Times can allow some free access and at the same time limit that access in a full-proof manner.
Actually, you can thank Joe Simitian for that. The state Senator introduced that law because he, himself, had been victimized by someone who spoofed his email address and sent messages to government and business associates filled with profanities. The law is restricted to impersonating an actual person not just any fake identity. The Huffpo aggregation is of an Ars Technica story that is not very accurate. A much better analysis is here:
It's hard to tell on the internet when someone is being tongue-in-cheek. I ran across someone recently who wrote that people should look up the word "treason" in the dictionary because that is what Julian Assange should be convicted of in the US. That person was serious!
Actually, Barret Brown, a non-anonymous member of Anonymous, who is actually named in Aaron Barr's investigation document, had a link to the Pirate Bay torrent on his Daily Kos blog. After Penny Leavy, the president of HBGary and husband of Greg Hoglund, talked with him he agreed to take down that link. Of course, he could not remove the emails from being publicly available on the internet.
HBGary seems to be trying very hard to separate itself from Aaron Barr's actions despite having an investment in HBGary Federal. As more email messages are pointed out it looks like the leadership of HBGary was well aware, and supportive, of what Aaron and HBGary Federal were doing.
It's a violation of Facebook's TOS. The only thing that will happen is Facebook will delete your account. Hmmm... maybe that's how to get your account deleted convince them you are fake. A federal prosecutor tried to make a violation of the Myspace TOS a felony in the Lori Drew (cyber-bullying) case but an appeals judge overturned the conviction because it would have made the law, making it illegal to access a computer without authority or exceed authority, too vague and allow every web-site with a TOS to effectively write it's own law.
From my point of view, I did not see the release of email discussions between scientists as harmful. The process of discussion and argument was interesting to see. It's always difficult to explain science to the public, simplifying things in a way that does not give a misleading overview. This gets much harder if that science is the basis for important and controversial polices and laws. The harmful thing about climategate was the twisting of the language scientists used while they weren't addressing their comments to the public. Ultimately, rational people recognized that there was not some conspiracy by the scientists to support the concept of AGW.
"Have we forgotten that McCarthy already? That was within the lifetimes of many people in this country."
I am a bit young to remember the McCarthy era except for one thing. My grandparents let John W.(Bill) Powell to hide in their house at Muir Beach north of S.F. for a couple of weeks when he was trying to avoid being subpoenaed by HUAC. Bill, and his wife Sylvia, had been accused of and acquitted of treason in the 1950's. I went to his memorial a couple of years ago. A bit strange, as I hadn't seen anyone from his family since I was a child. Alltogether, a rather moving experience and struck me as to how really conscientious and well intended people can be so vilified and persecuted.
I think that revelations from the disclosure of COINTELPRO are a little more contemporary and apt in this case.
On the post: FDA Suddenly Bans Drugs That Have Been On The Market For Decades
Guaifenesin, another example
Guaifenesin is one of the drugs that has been around awhile. The FDA is banning all time-release formulations of Guaifensin. The rationale is that these drugs are competing against an approved drug. The issue is really about formulations. The newly approved drug is extended-release which has shown to be more effective and safer than the time-release formulations and there is a patent on the formulation, not the drug itself. I don't think that the FDA is banning all the non extended-release Guaifenesin products here.
My point is you have to dig down deeper than the article does to understand what is going on. The FDA is giving priority to enforcing the ban on unapproved drugs for 7 different reasons. This ends up being 7 different categories for which a single unapproved drug would only fall into one if it qualifies at all. There are a lot of different issues here covering a lot of different drugs and the article mistakenly tries use a broad stroke in painting the whole situation as just a grab for profits.
On the post: FDA Suddenly Bans Drugs That Have Been On The Market For Decades
needs clarification
I see the FDA as serving a useful function in the case when it bans the sale of red yeast rice for use as a medicine when a drug (lovastatin) is made and tested that is also found in the red yeast rice. The most important aspect of this is that the dosage is known and controlled in the manufactured drug. This makes it more effective and safer to use. One caveat, there might be multiple compounds in the red yeast rice that would make it more effective than Lovastatin alone. This may not be true with Lovastatin but can be true with other naturally occurring medicines.
My understanding is that if a drug is derived from a plant (i.e. naturally occurring) it cannot be patented. I have not researched this thoroughly so the next discussion is part guesswork. However, it is something that should have been brought up in the article.
The first question is, how did Merck get a patent on something that occurred naturally? It looks like the FDA's attempt to ban the medicinal use of red yeast rice in 1997 was overturned by the courts because you cannot patent something that is naturally occurring. The patent expired in 2001. So, Lovastatin can now be manufactured generically. Any attempts now by the FDA to ban the medicinal use of red yeast rice can be based simply on the Lovastatin being more effective and safer. I think it's a good idea to let the FDA ban medicinal use of supplements that contain approved drugs. However, since supplements are usually derived from naturally occurring substances, a company should not have exclusive rights to make that drug.
On the post: Dutch Court Says Breaking Into An Encrypted WiFi Router To Use The Connection Is Legal
Re: Re: Re: Re: Re: additional details
As for changing password, I think people have a perceptual problem seeing a threat that doesn't have a concrete presence. It's like being afraid of sharks when you swim in the ocean but having no concern that the bacteria count in the water is very high.
On the post: Dutch Court Says Breaking Into An Encrypted WiFi Router To Use The Connection Is Legal
The court decides that a router is not a computer because it is primarily a data transfer device. A router does not store any sensitive information, itself, that is intended to be protected from prying eyes and the defendant did not have access to such data on the owner's computer. Therefore, there was no computer trespass or intrusion. The defendant's use of bandwidth is not a crime because that bandwidth is not an asset and cannot be stolen. It has not been otherwise criminalized by the legislature.
Essers wrote "Hacking a device that is no computer by law is not illegal, and can not be prosecuted, the court concluded". This is not strictly correct. The court viewed the defendants access of the router only as a way to gain free use of the internet. Hacking can be much more than just bypassing security to gain access. The defendant, with administrative access, could have bricked the router or done quite a number of imaginative things. One example, is to poison the DNS cache so that their banking site pointed to your own website in a devious phishing attack. These things would be criminal acts on their own but, apparently, there could not be an additional count of computer intrusion on the router itself.
The judgment did not address open versus protected WIFI connections. I think that Essers was referring to a separate case.
The defendant was still guilty on the first charge because of the threats, to kill people at his old Dutch University, he made on 4chan. I was amused by the defense position that the threats could not be serious because everything on 4chan is fictional bullshit. He was sentenced to 120 days community service or 60 days in jail.
On the post: Dutch Court Says Breaking Into An Encrypted WiFi Router To Use The Connection Is Legal
Re: Re: Re: additional details
On the post: Dutch Court Says Breaking Into An Encrypted WiFi Router To Use The Connection Is Legal
Re: additional details
On the post: Dutch Court Says Breaking Into An Encrypted WiFi Router To Use The Connection Is Legal
additional details
-The defendant, described as a kid by one commenter here, is actually 25
-The court said that using the WIFI connection was a civil matter, not criminal. This is not quite the same as saying it is legal.
-The router in question is an Alcatel (now Thomson) device, Speedtouch 51EBO2. There is a known problem with the speedtouch wireless routers in that the algorithm to generate a default password is flawed and the password can be easily determined. A description is given here:
http://www.mentalpitstop.com/touchspeedcalc/calculate_speedtouch_default_wep_wpa_wpa2_passwor d_by_ssid.html
ISPs in the Netherlands are still distributing these routers and allowing the customers to use the default password. The defendant was found to have both the SSID and the password written down. If the defendant had used MAC address spoofing on his computer he would not have been caught.
I am glad that the Dutch court attempts to make a distinction in the level of intrusion of a computing device. They saw that the defendant was just stealing bandwidth. I think the appropriate analogy is attaching a splitter and cable to your neighbors cable TV connection so you can watch for free. However, the rationale they used, that a router is not a computer, is completely ridiculous. Routers, and switches from the very beginning have always had some kind of storage even if that was just PROM. For most of their existence they have also used storage that was writable out in the field (e.g. EEPROM or flash devices). This storage is used to remember configuration information various sorts of logging. As current flash devices have increased in capacity the amount of configuration and, in particular, logs have also increased.
The courts must also recognize that infiltration of a WIFI router can be used as a stepping stone for real criminal activity. At the outset, you have access to all the logs which often includes source and destination IP addresses and the associated URls if your router does DNS caching. Once gaining administrative access you can reprogram the flash to create a way to sniff all your victims packets and even become a man in the middle for some real fun.
On the post: Dutch Court Says Breaking Into An Encrypted WiFi Router To Use The Connection Is Legal
Re:
On the post: NYTimes Columnists Telling Readers How To Get Around The Paywall
Re: Re: Clarification on paywall
When you visit NYTimes.com by clicking links in search results, you'll have a daily limit of 5 free articles. This limit applies to the majority of search engines.
If you have an unlimited access via search engine links, why would they say this? We'll just have to test it when it rolls out to really understand. Maybe one of you Canucks knows if you can get off that snowmobile.
On the post: NYTimes Columnists Telling Readers How To Get Around The Paywall
Re:
On the post: NYTimes Columnists Telling Readers How To Get Around The Paywall
Re: Re: Re: Clarification on paywall
I think I was reading too quickly. So, Yeah, it looks like a very generous policy for free reads. I think despite all the gloom and doom about how this will fail it looks the Times is bending over backwards to not drive away any readers that don't want to pay or pay as much as they are currently asking. The generous free reading policy is complemented by the ability to just delete cookies to zero out your monthly article count.
On the post: NYTimes Columnists Telling Readers How To Get Around The Paywall
Re: Re: Clarification on paywall
http://www.nytimes.com/content/help/account/purchases/subscriptions-and-purchases.html
Visit ors can enjoy 20 free articles (including blog posts, slide shows, video and other multimedia features) each calendar month on NYTimes.com, as well as unrestricted access to browse the home page, section fronts, blog fronts and classifieds.
Yes. We encourage links from Facebook, Twitter, search engines, blogs and social media. When you visit NYTimes.com through a link from one of these channels, that article (or video, slide show, etc.) will count toward your monthly limit of 20 free articles, but you will still be able to view it even if you've already read your 20 free articles.
On the post: NYTimes Columnists Telling Readers How To Get Around The Paywall
Clarification on paywall
I have seen a post from a Canadian that confirms that the paywall implementation is no different then what I am seeing now. This means the paywall is easily bypassed and they are depending on most people not bypassing it via ignorance, laziness, guilt, or goodwill. I think they intend it to work like shareware.
Whatever the case, the thing that flabbergasts me the most is the $40 million cost. I just can't believe it would take that much to implement a paywall.
On the post: NYTimes Columnists Telling Readers How To Get Around The Paywall
existing wall vs coming paywall
On the post: Play By Play Of How HBGary Federal Tried To Expose Anonymous... And Got Hacked Instead
Re: Re: Re: Re: Jailtime.
http://www.zdnet.com/blog/perlow/analysis-californias-online-impersonation-law-effective-ja nuary-1/15322
by the noted sex columnist Violet Blue. (yeah, I was surprised too, but it is a good analysis).
On the post: Play By Play Of How HBGary Federal Tried To Expose Anonymous... And Got Hacked Instead
Re: Re: Re: Jailtime.
On the post: Play By Play Of How HBGary Federal Tried To Expose Anonymous... And Got Hacked Instead
Re: Re:
HBGary seems to be trying very hard to separate itself from Aaron Barr's actions despite having an investment in HBGary Federal. As more email messages are pointed out it looks like the leadership of HBGary was well aware, and supportive, of what Aaron and HBGary Federal were doing.
On the post: Play By Play Of How HBGary Federal Tried To Expose Anonymous... And Got Hacked Instead
Re: Jailtime.
On the post: Wikileaks Wasn't The Only Operation HBGary Federal, Palantir And Berico Planned To Defraud
Re: Re: Re: Re: Er...
On the post: Wikileaks Wasn't The Only Operation HBGary Federal, Palantir And Berico Planned To Defraud
Re: Re: Er...
I am a bit young to remember the McCarthy era except for one thing. My grandparents let John W.(Bill) Powell to hide in their house at Muir Beach north of S.F. for a couple of weeks when he was trying to avoid being subpoenaed by HUAC. Bill, and his wife Sylvia, had been accused of and acquitted of treason in the 1950's. I went to his memorial a couple of years ago. A bit strange, as I hadn't seen anyone from his family since I was a child. Alltogether, a rather moving experience and struck me as to how really conscientious and well intended people can be so vilified and persecuted.
I think that revelations from the disclosure of COINTELPRO are a little more contemporary and apt in this case.
Next >>