Only in win32 applications. When UWP and its successors arrived, the OS stopped providing that functionality. Some applications may still support it, but the automatic equivalence of double clicking the application icon to the close button was removed, because the application is mostly tasked with drawing these UI controls now.
Well, the standard window title bar still does. But with so many apps implementing their own borders, it's a bit of a crapshoot if it (or the window menu itself) will work with many apps. Even Microsoft apps sometimes forget, like Teams (of course...).
It's not clear what freedom you are sacrificing. Nobody is forcing you to play those games. If you don't want to let them run their anti cheat system, don't do it. This is not some unavoidable measure.
This has nothing at all to do with whether you are "forced" to do anything. Anyone who wants to play games should be able to do so without some abusive anticheat taking over their machine.
It doesn't matter what's written in their silly EULAs which nobody reads. I couldn't care less if it ruins the games or costs them billions in profits. You are morally justified in defeating their silly anticheat nonsense in order to enjoy games on your terms without them pwning your computer. You are only morally wrong if you actually cheat.
And it's not at all some "strange hill to die on". This is a fundamental computing freedom issue. It's about who owns the keys to the machine. It's the exact same issue Android users face when they install GrapheneOS only to discover their bank doesn't support it just because it's not owned by Google. In my opinion this should be literally illegal.
"abusive", "silly", "couldn't care less", "nonsense", "literally illegal". I don't think you'll find many people want to join your cause if you are this aggressive.
More on topic, I agree that you should be allowed to do with your computer what you want. That includes defeating their anti-cheat measures. Your computer, your rules. In return, they can refuse to support you or ban them from their servers. Their stuff, their rules.
But this idea that you are entitled to tell them they have to provide you with a version that does not have their anti-cheat measures, that is pretty far out there. That is where most people will stop following your reasoning.
> I don't think you'll find many people want to join your cause if you are this aggressive.
If I come off as aggressive, it's only because of my exasperation due to people sacrificing freedom for video games of all things. Online games that will be dead after a couple years. What a colossal waste.
Anyway, I'm no politician. I'm actually very close to giving up on these so called "causes", precisely because people refuse to listen. There's no point. Being polite doesn't make them listen. Nobody listened to Stallman. Threaten their convenience, their fun and games, and they're gone.
If they won't listen, then they deserve the consequences. One day all the corporations and authorities will start turning the screws on them. Only then will they start caring about this stuff. Nobody will listen to them either.
> But this idea that you are entitled to tell them they have to provide you with a version that does not have their anti-cheat measures, that is pretty far out there.
The optimal amount of fraud is non-zero. You could have zero fraud by ramping up the requirements before you trust someone enough to transact with them. That will result in very few purchases though. Decreases profits. So what they do is they let it happen and eat the costs. Fraud isn't a crime, it's an expense. Accounted for.
The optimal amount of crime is non-zero. You could virtually eliminate crime by implementing an orwellian dystopia where everybody is surveilled at all times. Nobody actually wants to endure such a subhuman existence though, so we're forced to accept the risk of crime. Tolerating some amount of crime is the price of our basic human dignity.
Same logic generalizes to online games. The optimal amount of cheating is non-zero. They could eliminate it by taking the computer away from us. That's an affront to our dignity as the owners of the machines. So we have to tolerate some cheating in order to keep our dignity.
These considerations are accounted for in society as a whole. It's no different here.
Theoretically possible doesn't mean we're capable of doing it. Like, it's easy to say "I'm gonna boil the ocean" and another thing for you personally to succeed at it while on a specific beach with the contents of several Home Depots.
Humans tend to vastly underestimate scale and complexity.
Because human brains are giant three-dimensional processors containing billions of neurons (each with computationally complex behaviors), each one performing computations >3 orders of magnitude more efficiently than transistors do, to train an intelligence with trillions of connections in real time, while being attached to incredibly sophisticated sensors and manipulators.
And despite all that, humans are still just made of dirt.
Even if we can get silicon to do some of these tricks, that'd require multiple breakthroughs, and it wouldn't be cost-competitive with humans for quite a while.
I would even think it's possible that building brain-equivalent structures that consume the same power, and can do all the stuff for the same amount of resources, is a so far out science fiction proposition, that we can't even give a prediction as to when it will happen, and for practical purposes, biological intelligences will have an insurmountable advantage for even the furthest foreseeable future once you consider the economics of humans vs machines.
That’s rather presupposing materialism (in the philosophy of mind sense) is correct. That seems to be the consensus theory, but it’s not be shown ‘definitely’ true.
a) Nothing about letting AI do grunt work for you is "not being a craftsman".
b) Things are subcontracted all the time. We don't usually disrespect people for that.
.NET wasn't the first either. Lisps were doing continuations in the 70's.
But "invented" and "revealed" are different verbs for a reason. The release of node.js and it's pervasively async architecture changed the way a lot of people thought about how to write code. For the better in a few ways. But the resulting attempt to shoe-horn the paradigm into legacy and emerging environments that demanded it live in a shared ecosystem with traditional "blocking" primitives and imperative paradigms has been a mess.
I think you're underestimating the role of .NET in this. It was .NET that popularized this concept for the masses, and from there it spread to other languages including JavaScript, which also borrowed the exact same async/await keywords from C#.
But CFAA charges should, and this is the issue a lot of people have with them afaict, have a sliding scale for premeditation though.
If I knock on a door, it swings open, and I walk inside and steal something, then imho there should be a lesser maximum charge for possessing burglary tools than if I show up with a lock gun, crowbar, and concrete saw.
A lot of the CFAA excesses are maximum penalties from the CFAA being thrown at people using minimally sophisticated / premeditated methods, in addition to charges about the underlying crime.
That doesn't seem just or fair.
In practice it's turned into an if(computer){increase maximum penalty} clause, solely at the government's discretion.
>If I knock on a door, it swings open, and I walk inside and steal something, then imho there should be a lesser maximum charge for possessing burglary tools than if I show up with a lock gun, crowbar, and concrete saw.
Why? (I'm not a lawyer...) - shouldn't intent and harm (i.e. the value of the stolen item) be the only relevant details? Now of course its much easier to demonstrate intent if there's a crowbar involved, but once that's already established, it seems irrelevant.
Because that's the way most method-specific laws work, at least in the US.
There's an underlying result crime (eg causing business harm by destroying a database), then the method by which one chose to do it (eg exceeding authorized access to a computer with the intent to cause harm).
The CFAA was originally passed under the erroneous worry that existing laws wouldn't be enforceable against cybercrime, which turned out to generally be false.
When you cause damage, there's almost always a law by which someone can sue you for those damages.
What there wasn't, and what the CFAA created, were extra penalties for computer crimes and an ability to charge people with computer crimes where there were no damages (eg Aaron Swartz).
And why should those things need to exist? Theft is theft. Destruction is destruction.
It fit with 'premeditated intent' intensifiers (where penalties escalate if premeditated intent can be proven)... but that wasn't actually how it was written or how it is used. Instead, it's a method-based checkbox that allows prosecutors to tack on additional charges / penalties. If a computer was used to destroy this thing, add X years the sentence.
Am a lawyer - You're correct. Intent is key and almost all laws are based around intent or, in legal parlance, "Mens rea" or the guilty mind. That is what separates a legal act from an illegal act: the intention behind it.
Suppose you are leaving a store and heading to your car. For whatever reason, the button on your keys unlocks someone else's car that is the exact same make and model as yours. You hop into the car, your key starts the ignition, and you drive off (Yes, this has really happened). That isn't legally theft because you legitimately believed that was your car - aka you didn't intend to take something that wasn't yours.
For 98% of laws, in order to be convicted, the government needs to prove you intended to commit the crime. Obviously, I'm oversimplifying what is a very complicated topic you spent two years learning, but that's the gist
It does sound like a crime to me too. But was it a password or other credential that was guessed, or was it just some sequential primary key? The latter is not an authorization system, and I do not believe it a crime to do that unless you have specific knowledge that it is likely to cause damage and/or the intent to cause that damage.
As far as I am concerned, I am allowed to send any traffic I wish to public-facing hosts, and if they respond with content that the owners would not wish me to see, I have no responsibility to refrain. The only traffic I am not permitted to send are credentials I am not authorized to use (this would include password guessing, because if I manage to guess correctly, I was still not permitted to use it).
You are not allowed unauthorized access regardless of how the key works.
> I am allowed to send any traffic I wish to public-facing hosts
No you're not. Denial of service is a federal crime.
> I have no responsibility to refrain
Yes you do, and this is just beyond silly. The nuance of how you obtained it will be decided in a court. Stop making everything so reductionist and lazy.
> The only traffic I am not permitted to send are credentials I am not authorized to use
Absolutely not. Use of a vulnerability to cause a data breach is OBVIOUSLY a federal crime.
> You are not allowed unauthorized access regardless of how the key works.
You and I seem to both speak/write English, but there is a language barrier. For me, "authorization" means that they have given me credentials, and any content locked down under those credentials is off-limits.
For you, "authorization" is a magical term that has no real meaning. It means that they want me to have the content. But I am no telepath, and I do not know what they want me to have or do not want me to have. The only way, from my point of view, to know what they want me to have or not is to try to retrieve the content without credentials, and if it succeeds, it's legal.
Of course, there are a few corner cases. What if I discover some software defect that very clearly shows they intended to require credentials, and a test without credentials shows that it is indeed off-limits, but exploiting the defect produces that content? I wouldn't do that, that'd be illegal.
But your way of (non-)thinking is alien to me, and no reasonable judge or legislator could possibly mean what you claim that law states. Or at least what you seem to claim.
>No you're not. Denial of service is a federal crime.
Only with intent. If I send reasonable content that shouldn't be DoS, how was I to know? I intend no crime.
>Yes you do, and this is just beyond silly.
You're the one being silly. You can't even decide what you mean by "authorized".
>The nuance of how you obtained it will be decided in a court.
I'm never going to trial, I'm not even going to be noticed.
>Use of a vulnerability to cause
Use of a clear defect. The biggest and most dangerous vulnerabilities are the apathy and stupidity of their employees, their lack of a sane business model and attainable vision, and so on. Using those is just common sense. There is a popular magazine that is subscription only. But they have the pdf download links hidden with display: none CSS. These links require no authorization. Just knowledge. I retrieve those quite punctually.
You're both veering out of CFAA jurisprudence in different ways. But you know you're in trouble when you start saying things like "I am no telepath", because in fact a big part of an ambiguous CFAA case will be determining what a reasonable person (ie: the jury) would think confronted with the computer system under discussion. There will in fact be mind reading involved; your intent would in fact be tried.
There's nothing at all CFAA-specific about this; this is really basic US criminal law and it comes up in all sorts of different criminal justice contexts. The terms you're both dancing around are mens rea and actus reus.
>But you know you're in trouble when you start saying things like "I am no telepath",
I'm not in trouble. There is virtually zero chance of this ever being noticed by law enforcement, and even less chance than that of them giving a shit.
Also note, I am not arguing what the worst possible interpretation might falsely convict someone of, but how the law should be viewed, or, if someone can demonstrate to my satisfaction that the law disagreed with, then how it should be altered.
If I have to guess what retards (read: juries) might think is reasonable, then there can be no public internet. We're just a few years after journalists were arrested for looking at html source with "view source", aren't we?
>The terms you're both dancing around are mens rea
I'm only mildly ignorant. Has CFAA ever been considered to describe strict liability crimes?
Well, I guess it's a good thing for me that they're unable to notice or care and in general incompetent.
I am still permitted to do this. None of the details of this case give me the impression that they're using CFAA in such a way as to offend my sensibilities. Sounds like he sabotaged a former employer and caused hundreds of thousands in (tort not physical) damages. I guessed the urls for some issuu.com links that aren't available in search, and downloaded the page images to make a pdf. I was never prompted for a password. Arrest me, I'm a notorious hacker.
You and simonask are speaking at different levels of literality.
Yes, literally, "let's" expands to "let us". But idiomatically, "let's/let us <do this thing>" does not mean "allow us to <do this thing>"; it means "I am requesting that we now <do this thing> together".
Now, I'm not entirely sure why simonask felt this level of literality was a useful one to bring up here, but it is true.
True, but the point was not that they were asking permission, it's the "let us do this together" meaning to which the OP takes offense. He feels like it implies he cannot do it on his own.
Let literally means "allow." In many cases where this is said, the person saying it isn't blocking/preventing/gatewaying anyone from going. So the literal meaning of "allow" is not intended.
Let also means "to cause to" as in "let me know", or can be "used in the imperative to introduce a request or proposal", as in "let us pray". (Or "let there be light.")
The definition you're referring to matches definition 2a, "to give opportunity to or fail to prevent", or definition 4: "to permit to enter, pass, or leave".
"Let's go" absolutely means "let us go". There's no way around it. It's just not the version of "let" that you may be used to, but that doesn't change anything.
"Let us go" does not only mean "you should let us go" but it is also the first person plural imperative implying that we go. Whether you shorten it to "let's go" or not does not change this.
Same as how "let us pray" is frequently used as well.
Abbreviation does change it; it narrows the meaning. "Let's go" never means "you should let us go" and "let's pray" never means "you should let us pray".
Nowhere does anyone claim that "let's go" means "you should let us go". The discussion was whether "let us go" automatically means "you should let us go", which it does not.
I don't know if I'm being clear. Say you and your family were imprisoned. You would never demand to be released by saying "let's go!". Your bemused family might well ask "Where, to the other corner of the cell?"
English contractions are weird in general in that it doesn't always "work" to contract two words. Tom Scott does a good video about this: https://www.youtube.com/watch?v=CkZyZFa5qO0
(Example, "Is this a good idea? Yes, it's!" sounds wrong. But "it's" still means "it is". It would just sound weird to use a contraction in that context.)
Somebody else brought up the example of “let’s go!” versus “let us go” - not the same thing by a long shot.
“Let’s” in English has a distinct meaning from “let us”, and that is to politely and casually (but firmly) suggest a course of action.
I remember touring a Polish salt mine a couple of years ago. The guide was very good, but her English had a few quirks, among them that she seemed to like the phrase “let’s let me to show you …”. It’s wrong, but you can immediately understand that she meant “please let me show you”.
reply