Digital Rights Management should be considered actively harmful


As I'm writing this, Guardians of the Galaxy is pre-ordered on Amazon. When it comes out, I'll get the full movie on a physical Blu-Ray disc. When I stick that disc in my computer's Blu-Ray drive, open up my Blu-Ray player program, and hit play... I'm going to get nothing. The app is going to pop up a message saying that I need to pay more money to upgrade the app so it can get past the DRM on my movie.

That's right, a legitimate customer cannot watch the Blu-Ray he legitimately purchased.

DRM advocates say it exists in order to combat piracy. That's a complete lie.

Right now, before the Blu-Ray edition is even out, I can go and get full HD download of Guardians of the Galaxy. For free. When I double-click the downloaded file, it'll open right up and give me the full experience I would get with my Blu-Ray disc. Heck, it would be a better experience because it would skip all the annoying menus and logos that you usually have to sit through.

DRM does exactly nothing to prevent anyone with half a brain from pirating.

The only thing Blu-Ray DRM does is enrich the DRM technology license holders. The reason I have to pay to upgrade my Blu-Ray player app is because the creators of the app have to keep paying license fees. And the makers of my Blu-Ray drive were unable, or unwilling, to license the DRM technology and build it into the drive itself.

In other words, Blu-Ray DRM does nothing but fill the pockets of those who own the technology.

Now, you may think, just go buy a real Blu-Ray player for your tv. Problem solved.


First, when I bought my Blu-Ray drive, it was because I couldn't afford a Blu-Ray player and hdtv. All I had was my computer. And, frankly, that's all I should need.

Second, Blu-Ray players have to be updated as well. In other words, if I couldn't afford an internet connection, I'd have to figure out how to manually update my player before I could play movies using a DRM format my player couldn't decode, or buy a new player.

And that's just Blu-Ray DRM. If Amazon ever gets mad at me for some reason, they can remove my access to every video I've purchased via instant video. They could also stop me from reading any books I've purchased via Kindle. Heck, they've done this to others before. A few years back they pulled copies of 1984 off of the Kindle's of everyone who bought it.

Steam is similar. If they decide to block my account, or go under, I'll loose access to every single game I've purchased from them.

It's not an unknown story. Remember Google Video, from before the days of YouTube? Or there was Reflexive Arcade. They got bought and eventually shut down by Amazon. A bunch of people lost hundreds of dollars worth of games. I found out about that when I was about to finally buy a game from them...

I bought DRM'd books long time ago, a few years later I wanted to read them again and couldn't because they were not longer authenticated. I lost about $100 from that.

All of this combined means that I actively avoid paying full price for anything. I never buy any video games for full price. $60 is insane for a game I don't actually own. The only time I'll buy a video from an digital distributor is when I know that I can pirate what I purchase if they take it away from me. And I seldom actually do buy from anyone, it's simply not worth it. I try to purchase physical discs most of the time, and usually wait until they're under ten dollars.

Basically, DRM is causing the digital content industry to lose money from me. And it encourages me to consider pirating. It also has cost many legitimate customers thousands of dollars when their purchases stopped working.

And this is just my personal experience. Do some research. You'll find hundreds of similar stories and ways that DRM is harmful.

So, all that said, content owners/creators/publishers/sellers/etc have every right in the world to put DRM on their content if they desire. But they don't have the right to lie to us about it.

We should demand two things:

DRM'd content should always be considered rented. When I purchase a video on Amazon Instant Video, the button cannot say "buy". It should say something like "Lease" or "Indefinently Rented", and Amazon should be required to frequently remind us that the content we are purchasing is not actually ours, and can be taken from us for reasons buried in the Terms and Conditions we signed.

If they want to let us really buy content, then we must also have the right to sell that content. If I click a button that says "Buy", then I can sell whatever I bought to whomever I want. Whether it is digital content or not.

Those two actions would end the false advertising that is currently normal. Customers would know what they are really paying for, and sellers would no longer be lieing.

Net Neutrality

Net Neutrality has been something of a major topic in some of the areas of the internet I visit. Unfortunately, I have yet to see anyone truly address the actual cause of the issue.

So, first, what is the issue?

Big internet service providers, currently, can limit the traffic of various companies. So Comcast could force Netflix's traffic to be slow. The ISP's want to take advantage of this, and charge companies like Netflix lots of money to keep their traffic fast.

The FCC tried to stop this from happening in a manner that overstepped their authority. They were sued, and rightly lost their case.

Net Neutrality advocates started yelling about the end of the world because of that. And I've seen lots of calls for the FCC to make new regulations enforcing it.

So, what is Net Neutrality? It's the concept that all traffic is treated the same way. The traffic from Joe Schmoe Inc., is treated the same as the traffic from Google. 

Sounds like a decent plan, right? Well, don't get caught up in the hype quite yet.

See, internet traffic is really really complicated. Ultimately, ISP's need the ability to manage their traffic in a manner that gives their customers the best experience. 

If Net Neutrality is enforced in the manner it looks like advocates want, then innovation in how traffic is managed will get slowed down or stopped. Your desired for ever faster speeds might never be fulfilled. 

That said, if ISP's get their greedy way, you also might not get your wish.

Then, I have ask, does the Government have the Constitutional authority to enforce Net Neutrality? After all, ISP's are private companies. They are managing private property. Is Net Neutrality worth increasing the Governments power?

Does the Government even have the technical know how to create regulations that don't stifle innovation? 

Frankly, I don't think so. Just look at the mess they made of Do you really think they can figure out something many, many times more complicated?

Ultimately, though, these arguments all miss the main cause. And that cause is the way that the ISP's have monopolies on various areas of service. If I want real high speed internet, I have to buy from Comcast. Every other option is 10+ times slower. If I lived in another area, I wouldn't be able to choose Comcast, I'd have to choose Charter Cable, or maybe Verizon. But I'd almost always only have one real choice.

That means that if they implement policies like forcing Netflix to bribe them for fast speeds, I have no place else to take my business in order get better service when Netflix rightly refuses to pay.

And that is where the Government could do some good. Not necessarily on the Federal level, but on local and State levels. They could figure out if it's legal and ethical to force Comcast to share the "Last Mile" of cable so that new ISP's could start up and provide competition. They could build their own ISP's. They could increase fees for stringing/burying cable on public land unless the companies shared. And so on.

Basically, they could work at getting rid of the obstacles that stand in the way of strong competition between ISP's. With strong competition, not only would the evil specter of traffic speed bribes be banished, but the ISP's would have to provide better service and prices.

TL;DR: Big ISP's want to be greedy in a very detrimental way, but Net Neutrality as a Government Law/Regulation has too many downsides for it to be a power we should grant the Government. The solution is increased competition between ISP's. That would solve the problems that Net Neutrality advocates are concerned about. 

Review: Microsoft Sculpt Keyboard

A few months ago I bought the Microsoft Sculpt keyboard and mouse. This review is about the keyboard only. I picked up the mouse and immediately knew it wasn't something I wanted to use.
I don't know a lot about keyboards, so this is entirely subjective.
To summarize, if you like split keyboards, and like short action on your keypresses, then you will like this keyboard. 
  • It's nice looking. Seriously. It just has a cool factor to it.
  • The piece that raises the keyboard posistions it perfectly.
  • The cushioned wrist rest is comfy.
  • The seperate keypad means you can place your mouse closer to the keyboard an avoid having to move your right arm those extra few inches. This has helped me out immensely.
  • The F keys are a bit small. 
  • The Home, End, PgUp, PgDn keys are somewhat awkwardly placed, though it might just be because I'm used to other keyboard layouts.
  • The wireless receiver needs to be closer to the keyboard than I like. I tried putting it on the back of my tower, but the signal was weak and the keyboard didn't perform very well.
Anyway, all in all, I really like this keyboard. I even got my employer to buy me one for work after carting mine from home for a week. 
You can buy it from Amazon in two versions: With the mouse and without the mouse

Updating LDAP Boolean Attributes with PHP

Changing the value of an attribute in an LDAP directory via php generally uses the ldap_mod_replace function. Something like:

$newvals = array('attribute' => 'value);
ldap_mod_replace($ldap_connection, $dn, $newvals);

The problem I ran into was when the attribute was a boolean type. I kept getting:

 ldap_mod_replace(): Modify: Invalid syntax

The problem was that I was trying to set it to 'true', 'false', 1, or 0, or the php constants 'true' and 'false' that get read as 1 and 0. None of those is an acceptable boolean value to my OpenLDAP server. I had to set it to 'TRUE' or 'FALSE'. Note the capitalization.

So, something like this:

$newvals = array('attribute' => 'TRUE', 'attribute2' => 'FALSE');
ldap_mod_replace($ldap_connection, $dn, $newvals);

Works. But something like:


$newvals = array('attribute' => 'true', 'attribute2' => FALSE, 'attribute3' => 1);
ldap_mod_replace($ldap_connection, $dn, $newvals);


Would not work.

Note, I tested this against OpenLDAP on Ubuntu 12.04. If you use a different LDAP directory, you might have different results. I haven't tried. 

Quick alpha version of filtering a table

I've found it incredibly useful to be able to just start typing in an input box, and have a long table get pared down to only what I'm looking for. See Drupal's Module Filter for an example. Since I have an app I'm working on that will eventually need similar functionality, I wrote a quick proof of concept. It's rough, and I have no idea how well it will perform on large tables. But it might come in handy. Visit it on GitHub:

Terminator Terminal Emulator is nice!

Right, so a blog post I read the other day mentioned the Terminator Terminal Emulator. It sounded nice, so I thought I'd try it.

I'm pretty much converted. Below is a shot of the tab I'm using to watch the various logs. I use that tab to figure out what's going on in my current Codeigniter project. I keep it on one screen, and my text editor on the other. Much better than opening 6 different Gnome Terminals and having to resize them all until they fit.

There are also a lot of keyboard shortcuts, so once you learn those, you won't have to touch a mouse when you're working the terminal if you don't want to.  

Checking a LDAP Password in PHP

One of my current projects requires authenticating against an LDAP directory. I initially assumed that you would get the password from the directory, then compare it with the user supplied password. That's the wrong way.

The correct way is simpler. Just try to bind the user to the LDAP directory. If it works, you have the correct password, if it doesn't, the password or username is wrong. 

If your directory allows anonymous binds, then you will want to make sure that a password is actually sent with the bind.. Otherwise your user could log in without a password at all... 'Course, I'd reccomend against anonymous binds in the first place.

My project is in PHP, but I would assume the same methodolgy would work for any language.

How To Migrate Content from a Wordpress Blog to Drupal 7

As you can see, I have migrated my personal blog to this site. It's now here: Personal Blog. I tried a couple methods, I used Feeds and was able to easily import posts, but I couldn't figure out how to get the comments as well. After a bit of searching, I found the Wordpress Migrate module. And it worked quite well. The only thing I don't like is that it requires Drush to be installed on your server. Not a problem for many people, but it could be an issue for those on shared hosting. Anyway, the following directions assume you can use Drush. Be sure to read the entire post before doing anything. I've started following steps before reading the entire thing many times, and I've usually screwed up something because of that. 

First get the following modules:

If you use Pathauto:

Download them with drush:

drush dl wordpress_migrate migrate migrate_extras features

Enable them with drush:

drush en wordpress_migrate migrate_extras_pathauto migrate migrate_extras features

Next, create a taxonomy vocabulary for your Wordpress categories, or use an existing one. You'll need this before you create a content type for your import.

Then create a basic content type with title, body, and term reference fields. Set the term reference field to whatever taxonmy vocabulary you want to use for the Wordpress categories.

Creating a taxonomy vocabulary and a content type could be skipped if you wish to import into an existing content type or vocabulary. Totally up to you, this is just what I did.

Configure Wordpress Migrate at admin/content/wordpress/configure. Make sure to configure the drush path. Wordpress Migrate doesn't seem to import large Wordpress sites very well without it. This is where you tell Wordpress Migrate what Content Type and Taxonomy Vocabulary to import into. You also can set what text format to use. I had to set mine to Full HTML, my first couple tries had html tags being displayed in my imported posts. 

Go to your Wordpress site and export it into a WXR file. Alternatively, you can give Wordpress Migrate your site's url, username, and password. But I didn't test that feature.

Go to admin/content/wordpress. You can find it via the main Content view as well as using the url.

Use the upload file field to upload and import your WXR file. This can take a while, and if you have a large site to import, it will likely say that you will get an email telling you when it's done. Aparently it uses Drush in the background to finish the import process.

The final step I took was using Views to create a new view for my Personal Blog content type. You may or may not need to do this, depending on how you set your content types up.


Enabling LDAP Authentication on Ubuntu 11.10

NOTE: Before you try this, go here. I haven't tested the answer, but you likely have to compile some stuff to get LDAP auth working bug free. So, don't use the instructions below they are old and unlikely to work.

Just a quick note about enabling LDAP Authentication on Ubuntu 11.10.

  • Just sudo apt-get install libpam-ldap.
  • Fill out the configuration settings with the information you have from your LDAP directory.
  • For some reason, my LDAP directory has my home directory set to be in /Users rather than /home. So I just symlinked /Users to /home.

Watch the /var/auth.log for errors, I had one where it wouldn't let a user sign in because their LDAP entry said they used the wrong shell. So I had to fix that in the LDAP entry.

That's pretty much it. If something doesn't work right, you can always apt-get purge libpam-ldap and the reinstall. 


Note that most of the documentation I found by Googleing had me editing a bunch of files. None of that actually worked for me. It wasn't until I purged libpam-ldap and reinstalled with just the few steps above that it worked. So, don't go editing any conf files until you've tried just using the configuration utility that shows up when you install.


Edit 3/5/2012: Due to this error and the lack of a decent solution, I have decided to remove LDAP authentication from my servers. Since we have a small team here at work, just creating accounts as needed will work fine. If we ever get to the point that LDAP authentication is needed, I'll revisit the issue.

Short Update

So, this is just a quick note to inform any readers that I am still alive. Unfortunately, or maybe not, I have been quite busy working at Lane Community College. Thus, this site has taken the back burner. 


So, we'll see if I find time to do anything here. Until then, thanks for visiting!