Blackmoor Vituperative

In the context of a restitution motion, in United States of America v. Dove, the RIAA’s “download equals lost sale” theory has been flatly rejected.

In a 16-page opinion, District Judge James P. Jones, sitting in the Western Disrict of Virginia, denied the RIAA’s request for restitution, holding the RIAA’s reasoning to be unsound:

It is a basic principle of economics that as price increases, demand decreases. Customers who download music and movies for free would not necessarily spend money to acquire the same product. Like the court in Hudson, I am skeptical that customers would pay $7.22 or $19 for something they got for free. Certainly 100% of the illegal downloads through Elite Torrents did not result in the loss of a sale, but both Lionsgate and RIAA estimate their losses based on this faulty assumption.

(from RIAA’s “download equals lost sale” theory rejected by federal court in Virginia; restitution motion denied in USA v. Dove, Recording Industry vs The People)

“This is very significant. It shows you how bad things are for the retail industry,” said George Whalin, president and CEO of Retail Management Consultants.

Whalin said management mistakes over the past few years combined with the recession brought down Circuit City.

“This company made massive mistakes,” he said, citing a decision to get rid of sales people and other mismanagement.

(from Circuit City seeking to liquidate, CNN Money)

This is a shame. Circuit City is been one of a handful of larger companies with their headquarters here in Richmond, VA, and has been here for years. But what Whalin says is true: they have been making huge mistakes for years: mistakes that were obvious to everyone who worked there (I used to work there, as did a good friend of mine until they outsourced his job to IBM). Mistakes that were obvious to everyone, I guess, except the upper management.

Such a shame.

In The Know: Should The Government Stop Dumping Money Into A Giant Hole?

I swear, it’s like The Onion is reading my mind. You know, I remember when it was just a hilarious little one-page web site. How time flies.

Apple Introduces Revolutionary New Laptop With No Keyboard

Bush Tours America To Survey Damage Caused By His Disastrous Presidency

An old friend asked me if there is something he can use with his iPod instead of iTunes. Check these links out:

MediaMonkey (Standard — the Gold version costs $20)

RockBox

If you use Rockbox, be sure you get the fonts and a couple of themes.

Well, it’s lobbying time in Richmond again, and once again the folks who want to disarm other people are at it, trying get laws passed to “close the gun show loophole”.

News flash: there is no “gun show loophole”. The same laws apply at gun shows as apply anywhere else firearms are bought or sold. Period. The “gun show loophole” is a fantasy concocted by anti-civil-rights groups like the Brady Campaign, which cynically use the tragedy of a handful of crime victims to further their despicable agenda.

CATO Institute had a short but persuasive article on this back in 2000: The facts about gun shows.

It is interesting to note that firearms are the single most heavily regulated consumer item in the USA, and are subject to far more restrictions than a host of other items which are directly involved in a hell of a lot more deaths (e.g., automobiles, red meat, etc.).

My niece Makayla being interviewed on television.

She earned third place in a school-wide spelling bee. 🙂

A quick list of what books I am reading right now, or intend to read in the near future:

• Characters & Viewpoint
• Description & Setting
• Dialogue
• How to Write Science Fiction & Fantasy
• Learning Nagios 3.0
• Manuscript Makeover: Revision Techniques No Fiction Writer Can Afford to Ignore
• Plot & Structure
• Practical Subversion
• Warriors & Warlocks: A Mutants & Masterminds Sourcebook

I need to read more fiction. I will start looking at novels or short story compilations after I finish with this stack.

TechRepublic has an interesting article that gives a brief explanation of the MD5/SSL exploit that was the cause of such panic last month.

On the surface, this “event” proves that it’s possible for an attacker to insert himself into the certificate acquisition process, resulting in wrongful authentication of visited sites. However, SSL might not be in as much danger as originally reported.

Yes, there are many CAs still using MD5 for at least some certificate signing. In fact, the rogue certificate used in this exploit emulated a VeriSign RapidSSL cert. TC TrustCenter AG, RSA, and Thawte Inc. also still use the vulnerable hash function. But there are four significant mitigating factors.

1. Most enterprise-class certificates, such as VeriSign’s Extended Validation SSL Certificates use the still secure SHA-1 hash function.
2. Certificates already issued with MD5 signatures are not at risk. The exploit only affects new certificate acquisitions.
3. CAs are quickly moving to replace MD5 with SHA-1. For example, VeriSign was planning to phase out MD5 by the end of January 2009. The date was pushed up due to the December proof of concept. On December 31, 2008, RapidSSL certificates shipped with SHA-1 digital signatures.
4. The researchers did not release the under-the-hood specifics of how the exploit was executed.

Again, these are mitigating factors. It isn’t impossible for cybercriminals to come up with an attack on their own now that conceptual understanding of approach is public knowledge. But SSL is not broken. The only thing broken is a portion of the public key infrastructure (PKI) which underlies it, and the risk is manageable.

(from The new MD5/SSL exploit is NOT the end of civilization as we know it, TechRepublic)

I do not pretend to understand the mathematics behind much of this, but I find it all very interesting, nonetheless.