Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror
×
Open Source Security News

Dropbox Attempts To Kill Open Source Project 250

Meskarune writes "Dropbox is trying to kill the Dropship project, a useful program that allows users to import files into their accounts using hashes and bypassing the need to make files public. Dropbox sent out fake DMCA requests to all parties involved, and is banning and censoring the program."
This discussion has been archived. No new comments can be posted.

Dropbox Attempts To Kill Open Source Project

Comments Filter:
  • Is that fraud? (Score:5, Interesting)

    by Sprouticus ( 1503545 ) on Tuesday April 26, 2011 @12:17PM (#35943946)

    Wouldn't an attempt to intentionally mislead someone with regard to DMCA be regarded as fraud?

    • Re:Is that fraud? (Score:5, Informative)

      by drosboro ( 1046516 ) on Tuesday April 26, 2011 @12:22PM (#35944018)

      Well, intentionality would seem to be missing. As I quoted in a comment below, the update at the bottom of the article now reads as follows:

      Update: I want clear up a few things. As far as I’m aware all of the Dropship repositories and archives that were taken down was done so voluntarily. Dropbox never made threats, legal or otherwise. It appears the DMCA notice was automatically sent to me when the file was banned from public sharing. There was no real DMCA takedown issued. It was an edge case bug in their file removal system.

      • Re: (Score:3, Interesting)

        by mcmonkey ( 96054 )

        None of which makes me feel any better.

        The statement that no threats, legal or otherwise, were made is false. Even if the threats were made accidentally, threats were made. Saying an automated email was kicked off inadvertently does not mean the email was never sent.

        Then there's the issue of the mistakenly activated automated email. Why do they have a process that automatically sends out DCMA notices?

        Then there's the action of removing the files at issue. I'm not sure how I feel about the selective acti

      • Re: (Score:3, Insightful)

        by Hatta ( 162192 )

        It appears the DMCA notice was automatically sent to me when the file was banned from public sharing. There was no real DMCA takedown issued. It was an edge case bug in their file removal system.

        There are no edge cases in the DMCA. Either it was a valid DMCA request or it was perjury.

        • Re:Is that fraud? (Score:5, Insightful)

          by _0xd0ad ( 1974778 ) on Tuesday April 26, 2011 @01:11PM (#35944584) Journal

          There was never a DMCA takedown notice.

          The DMCA takedown notice is what a copyright holder sends to a content host.

          The e-mail from the content host to the user saying "we deleted your file because ______" is not a DMCA takedown notice, regardless of what the reason they give.

          Content hosts are supposed to notify users whose content has been removed due to DMCA takedown notices so that the users have the opportunity to file counter-notices under the DMCA, but that correspondence is not itself a DMCA takedown notice.

        • Re:Is that fraud? (Score:5, Interesting)

          by LordLimecat ( 1103839 ) on Tuesday April 26, 2011 @01:16PM (#35944654)

          It was not a DMCA "request". It was a notification that they were removing the file in order to comply with DMCA Section 512 C-1-c, which indicates "No liability if ... upon obtaining knowledge or awareness, OSP expeditiously removes Work" [benedict.com]

          In other words, they believed the material to infringe on DMCA, and as the file host, they have the right and duty to remove such a file when they believe it to be infringing. See, Dropbox isnt just the potentially "injured party", they are also the service provider-- and that is the capacity they were issuing the notice in. (NB- IANAL)

    • Re:Is that fraud? (Score:5, Informative)

      by DrgnDancer ( 137700 ) on Tuesday April 26, 2011 @12:25PM (#35944068) Homepage

      Except if you read the article, only one "fake" DCMA notice was sent out, and it appears to have been a legitimate accident. While the author of the article is not exactly happy with Dropbox's response to this matter he is not nearly as down on it as the summary suggests, and Dropbox's behavior was no near as flagrant as the summary suggests. This is not "nothing", but it's not anywhere near the level of "awful" suggested in the summary. Whole situation is somewhere between "tempest in teapot" and "very mildly concerning".

      • Re: (Score:2, Informative)

        by Anonymous Coward

        Except if you read the article, only one "fake" DCMA notice was sent out

        It wasn't even a DMCA notice. It was an erroneous letter from provider to customer informing customer that the provider received a DMCA notice, when the provider had not (the provider was exercising their privilege of removing the file).

      • Re: (Score:2, Funny)

        by Anonymous Coward

        So this really should read,

            "Blogging Blogger Libels DropBox"

        Correct?

        • Libel must be:
          1. Written: check
          2. Damaging to the reputation of the defendant: check
          3. False: check
          4. Reasonably known to be false at the time of publishing: FAIL

          The further correction makes it even MORE not libel.

    • by thsths ( 31372 )

      Fraud on who's side? I am pretty sure you are not allowed to (illegally) distribute copyrighted material on Dropbox, using dropship or otherwise.

      While I think that dropship is a neat hack, the main use for it seems to be a fast and "free" warez server. And obviously Dropbox cannot support that, for so many reasons. Dropbox offers a great service, for free, and I would like it to stay that way. You use their servers, you play by their rules... simple.

  • Or is that merely filing a takedown on false pretenses?

    • According to an anonymous comment on the blog:

      The perjury provision (17 U.S.C. 512(c)(3)(A)(vi)) applies to persons who submit formal complaints to service providers. It does not apply to informational messages that service providers may send to their users. So even if DropBox had intentionally lied about receiving a DMCA takedown notice (which it didnâ(TM)t; see Arashâ(TM)s comment noting that the DMCA message was mistakenly autogenerated in response to banning the file), it would still not impli

  • by drosboro ( 1046516 ) on Tuesday April 26, 2011 @12:20PM (#35944000)

    Okay, according to the update at the bottom of the link (I know, I RTFA, weird, eh?),

    Update: I want clear up a few things. As far as I’m aware all of the Dropship repositories and archives that were taken down was done so voluntarily. Dropbox never made threats, legal or otherwise. It appears the DMCA notice was automatically sent to me when the file was banned from public sharing. There was no real DMCA takedown issued. It was an edge case bug in their file removal system.

    Apparently, Dropbox is asking nicely, but when they flagged the file it triggered an accidental DMCA notice, for which they seem to be apologizing.

    • by xMrFishx ( 1956084 ) on Tuesday April 26, 2011 @12:24PM (#35944048)
      Why is there even a default DMCA notice in the system in the first place? Surely these things should be manually handled, rather than essentially "spammed" out. This is the sort of realm of Auto-Lawsuits where everyone got a letter through their mail box. This sort of thing should not be automatic in any sense of the word.
      • by 0100010001010011 ( 652467 ) on Tuesday April 26, 2011 @12:30PM (#35944130)

        VIA post at slashdot.org

        Re: Copyright Claim

        The Slashdot Hosting Company:

        I am the copyright owner of the post being infringed at:

        http://news.slashdot.org/comments.pl?sid=2105778&cid=35944048 [slashdot.org]

        Copies of the post being infringed are included to assist with their removal from the infringing Web sites.

        This letter is official notification under the provisions of Section 512(c) of the Digital Millennium Copyright Act (“DMCA”) to effect removal of the above-reported infringements. I request that you immediately issue a cancellation message as specified in RFC 1036 for the specified postings and prevent the infringer, who is identified by its Web address, from posting the infringing photographs to your servers in the future. Please be advised that law requires you, as a service provider, to “expeditiously remove or disable access to” the infringing photographs upon receiving this notice. Noncompliance may result in a loss of immunity for liability under the DMCA.

        I have a good faith belief that use of the material in the manner complained of here is not authorized by me, the copyright holder, or the law. The information provided here is accurate to the best of my knowledge. I swear under penalty of perjury that I am the copyright holder.

        Please send me at the address noted below a prompt response indicating the actions you have taken to resolve this matter.

        Sincerely,

        0100010001010011

      • Presumably because the requirements of the DMCA legislation in the US is so onerous on services like Dropbox that an automated system is the only reasonable way to go. I'm not sure, being a Canadian (and waiting with great anticipation for our new government to slap our own version of the DMCA down on us)...

        Seems to me that if I were the coder in question, I might be tempted to say "okay, the only reason we're ever going to block anything from public sharing is because someone filed a DMCA complaint... so

      • Given the rate at which Dropbox must handle takedowns on a "host whatever you want on the innerwebs, easily" service... I'm not at all surprised that their ban button sends takedown notices automatically. Until now, they've likely only had to ban files for precisely that scenario, with minor exceptions.

        Or from a programmers point of view: If 99.9% of the time B follows A, automate B. Handle the .1% manually as edge cases.
        • Whilst I see your point, I'd figure the system should have multiple messages depending on severity/reason rather than one $law that may or may not apply message, especially with implications of said law.
          • Maybe it did and the admin forgot to tick the non-default reason. Who knows... all that really matters is that it does appear to have been an honest mistake.

      • by starwed ( 735423 )

        For some reason this topic has built up an epic level of FUD.

        Their system was designed to be used in response to DMCA notices. Dropbox would get a takedown notice, they'd flag the file to be removed, and an e-mail would be sent to the uploader of the file informing them of the DMCA notice.

        In this case, a dropbox guy used the tool without realising that the last step was automated. There was never any DMCA notice generated, just a DMCA notice notice.

    • Apparently, Dropbox is asking nicely, but when they flagged the file it triggered an accidental DMCA notice, for which they seem to be apologizing.

      Alright, but why was the file even flagged for take down at all. It didn't violate any copyright, or any other law. It's just because Dropbox didn't like it. They shouldn't be removing or flagging files and users for things they just don't like (DMCA take down notice or not).

  • I mean, from the FA, it talks about how Dropship is exploiting the Dropbox hashing algorithm, which might be copyrighted along with the rest of Dropbox (I don't know). If it was, then I could see why there would be grounds for copyright infringement, unless the OSS project could demonstrate that it arrived at that dropbox hashing algorithm through blackbox testing.
    • by Jonner ( 189691 )

      I mean, from the FA, it talks about how Dropship is exploiting the Dropbox hashing algorithm, which might be copyrighted along with the rest of Dropbox (I don't know). If it was, then I could see why there would be grounds for copyright infringement, unless the OSS project could demonstrate that it arrived at that dropbox hashing algorithm through blackbox testing.

      Thankfully, copyright does not apply to algorithms and the US has a legal system based on the idea that people are innocent until proven guilty.

      • Thankfully, copyright does not apply to algorithms

        And, the DMCA has an explicit exception for interoperability and such, which I think this would be covered under.

        the US has a legal system based on the idea that people are innocent until proven guilty.

        Unless one is suspected of copyright infringement, kiddie porn or terrorism, then it's straight on to the presumption of guilt and you needing to prove you didn't do it.

        Sadly, it seems like those three can pretty much bypass any court oversight.

        • by Jonner ( 189691 )

          Thankfully, copyright does not apply to algorithms

          And, the DMCA has an explicit exception for interoperability and such, which I think this would be covered under.

          I think you're confused. Perhaps you're thinking of the anti-circumvention clause [wikipedia.org] which clearly doesn't apply in this case. Dropbox is not claiming copyright infringement and seems to have admitted that the DMCA takedown notice was a mistake. They are claiming that using Dropship violates their terms of service, which it probably does. However, the DMCA has nothing to say about that since it is not at all related to copyright.

          Even if the DMCA's anti-circumvention clause applied, it still doesn't change the

          • I think you're confused. Perhaps you're thinking of the anti-circumvention clause which clearly doesn't apply in this case.

            Not confused, maybe interpreting it differently ...

            He outlined his objections, that Dropship reveals their proprietary client-server protocol and that it could be used for piracy.

            Revealing their "proprietary client-server protocol" is part of the issue here, and we have explicit rights to reverse engineer a protocol. I'm not sure on what basis Dropbox can really keep their protocol sec

      • The implementation of an algorithm, however, CAN be copyrighted, which Dropbox IS.

        As for that "innocent til proven guilty", where does it say that the blogger was convicted of anything? This hasnt even gone to court; "innocent till proven guilty" has absolutely nothing to do with it. Dropbox is the service provider, and thus has the explicit right under DMCA to remove all material it believes to be infringing (as does, for example, Youtube).

      • by muffen ( 321442 )

        and the US has a legal system based on the idea that people are innocent until proven guilty.

        Funny, before coming to slashdot I was reading NYTimes, about an afghan farmer being imprisoned for a few years because he had a pair of binocular on him.

  • "Useful" (Score:5, Insightful)

    by AdmiralXyz ( 1378985 ) on Tuesday April 26, 2011 @12:24PM (#35944050)
    Useful though it may be, it's very clearly against Dropbox's Terms of Service. That doesn't give them the right to issue takedown notices to other sites on copyright grounds, but let's separate, "evil for issuing fake takedown notices" (which they are), from "evil for wanting to prevent this kind of activity" (which is perfectly reasonable).

    They're not running a filesharing service, that's not their business model, and they don't want to end up like Rapidshare or any of the N other filesharing services in legal hot water. I love Dropbox, and I would hate to see one of it's most useful features- public collaboration folders- shut down because some asshats can't obey the TOS and just use torrents instead. Dropbox should be trying to find a technical solution to block something like this, but if that's not possible, what can they do?
    • It also appears that the take down notices are a mistake, and Dropbox is apologizing for them.

    • That doesn't give them the right to issue takedown notices to other sites on copyright grounds...

      I don't believe that's what happened.

      • Who cares, its not like anyone is going to read the article anyhow. This is too juicy of a chance to rail about copyright, the government, and corporations.

        • The irony is that there's enough going on with those subjects to not (mistakenly or otherwise) make up additional events.
    • by am 2k ( 217885 )

      I love Dropbox, and I would hate to see one of it's most useful features- public collaboration folders- shut down because some asshats can't obey the TOS and just use torrents instead.

      The shared folder feature is not the problem. The problem is that the client only sends a hash of the file to the server to check whether the server already has that file in its global database. If this is the case, it doesn't have to be uploaded. I experienced that when I put a ~2GB file into my Dropbox, and it synced within a second (and no, I don't have a fast Internet connection). Somebody else has the same file in a Dropbox, and so the server already knows about that hash.

      What the hack does is pretend

  • where's the firehose (Score:5, Informative)

    by penguinchris ( 1020961 ) <`moc.liamg' `ta' `sirhcniugnep'> on Tuesday April 26, 2011 @12:29PM (#35944108) Homepage

    Vote this article down - it's misleading flamebait in the extreme. In particular, it fails to mention that the software was designed to facilitate anonymous filesharing, which would most certainly be used for copyright infringement and illegal purposes. And, the whole thing goes against Dropbox's TOS, even if it isn't used for dubious file sharing purposes.

    • Comment removed (Score:5, Informative)

      by account_deleted ( 4530225 ) on Tuesday April 26, 2011 @12:38PM (#35944210)
      Comment removed based on user account deletion
    • by h4rr4r ( 612664 )

      Or maybe people just want to share files privately. Not everyone wants to make their files public to share them.

      Everything these days is "Oh noes, teh illegal stuffs", get fucking over it. Baseball bats have lots of illegal uses, no one fights the sales of those.

      The TOS violation is the only thing that matters here. It is also why I never used dropbox and never will. I will keep my own files on my own server thank you.

      • by blueg3 ( 192743 )

        Dropbox already lets you share files privately. Just not in this particular manner.

        I have Dropbox on this machine with a handful of shared folders from other Dropbox users.

    • by Jonner ( 189691 )

      Vote this article down - it's misleading flamebait in the extreme. In particular, it fails to mention that the software was designed to facilitate anonymous filesharing, which would most certainly be used for copyright infringement and illegal purposes.

      Yeah, anonymous file sharing has no legitimate [linuxtracker.org] purposes [tuxdistro.com] whatsoever [libreoffice.org].

    • by mini me ( 132455 )

      which would most certainly be used for copyright infringement and illegal purposes.

      So much for innocent until proven guilty.

      • Er, "innocent until proven guilty" refers to court cases. This hasnt gone to court. How is that statement even remotely relevant?

  • Gotta love how the guy is still hosting Dropship, just not on Dropbox itself.

    Don't be surprised if his Dropbox account gets yanked for real this time, and some sort of lawsuit follows.

  • Meh (Score:5, Insightful)

    by Haedrian ( 1676506 ) on Tuesday April 26, 2011 @12:31PM (#35944140)

    I'm with dropbox on this one. The idea of converting dropbox into some sort of filesharing/torrent service, for passing potentially illegal files around is not good.

    I can see why Dropbox doesn't want to be linked to such a thing, when the big media people come a knocking, who do you think is going to end up getting sued?

    And just because its open source doesn't make it right, or wrong, or change anything.

    • I can see why Dropbox doesn't want to be linked to such a thing, when the big media people come a knocking, who do you think is going to end up getting sued?

      The end user, as Dropbox will duck behind the DMCA.

  • Dropbox states that all files on their servers are encrypted. I had assumed this meant the key was encrypted with your own password, but this exploit suggests that the files either are not encrypted, or encrypted with a freely accessible key.

    From: https://www.dropbox.com/help/27 [dropbox.com]
    "All files stored on Dropbox servers are encrypted (AES-256)"

    • Re:Encryption? (Score:5, Informative)

      by h4rr4r ( 612664 ) on Tuesday April 26, 2011 @12:42PM (#35944242)

      If they used real encryption they would have to host files over and over again. Encryption breaks file deduping. No way is dropbox going to do something like that, there is no advantage in it for them.

      • by pmontra ( 738736 )
        I agree that they don't encrypt data in any safe way. They're exposing the weakness of their security algorithms. This is the third /. post about different problems with Dropbox in a month. Here are the first one [slashdot.org] and the second one [slashdot.org]. Definitely not a server one should upload anything to before having encrypted it.
    • The files are encrypted, but Dropbox holds the key. This is how you can access the files through the website and share folders directly with other Dropbox users. It means that your files are susceptible to intrusion, so encrypt anything secret yourself before sending to Dropbox. Truecrypt volumes do work in Dropbox because it uses a block cipher(only changed blocks are synced, not the whole volume), but you do need to disable the option to not update modification timestamp in order for syncing to work. KeeP

    • Re:Encryption? (Score:5, Informative)

      by Jonner ( 189691 ) on Tuesday April 26, 2011 @12:55PM (#35944380)

      It's already been shown [tirania.org] that Dropbox's claims about security are mostly bogus. If Dropbox can Hand Over Your Files to the Feds If Asked [pcworld.com] then the encryption method they use to store files on their servers is meaningless since they have the private keys anyway.

      • Of course they have the private keys. How else would they be able to do password recovery?

    • It is likely that your password grants you access to the encryption key-- that way if you lose your password, you can reset it without losing access to all of your files.

  • >import files into their accounts using hashes and bypassing the need to make files public.

    ???

    It bypasses the need to make files public?

    So, when you use Dropbox, you have to make files public? Isn't DropBox a way to share email attachments without attaching it to an email?

    Why would you want to make it public?

    • >import files into their accounts using hashes and bypassing the need to make files public.

      ???

      It bypasses the need to make files public?

      So, when you use Dropbox, you have to make files public? Isn't DropBox a way to share email attachments without attaching it to an email?

      Why would you want to make it public?

      My understanding is that you normally have to invite people one by one to see your non-public files.

      However, it's apparently possible for people to just have the hash and add it to their own dropbox account using Dropship to gain access to it.

      • To put it in DMCA terms (since this is eventually where it will end up), Dropship

        is primarily designed or produced for the purpose of circumventing a technological measure that effectively controls access to a work protected under this title

        -- U.S. Code, Title 17, Chapter 12, Section 1201 [cornell.edu](a)(2)(A)

        ...although I am not a lawyer.

        • Well, I'm not a lawyer, either, but, it's OK: see sig.

          Anyway, isn't the copyrighted work the file that Dropbox users are sharing (or doing whatever with)?

          How can Dropbox file a DMCA notice regarding a work that's not even their's?

      • by HTH NE1 ( 675604 )

        Or generate random hashes and see what they get?

        • That's like playing a DropBox one-armed-bandit

          [ding][ding][ding] ... Porn
          [ding][ding][ding] ... Porn
          [ding][ding][ding] ... Movie
          [ding][ding][ding] ... Porn
          [ding][ding][ding] ... Illegal Porn
          [ding][ding][ding] ... MegaCorp Design Files
          [ding][ding][ding] ... Porn

          Actually yeah someone make a script to poll the server, lets see what the casino of files gives us.
        • by blueg3 ( 192743 )

          Fortunately, it's much, much harder to have accidental hash collisions, even with the weakest commonly-used hash algorithm, than anyone appreciates.

          If a billion Dropbox users filled their 2 GB of free space with 1 kB files, these were all hashed with MD5, and you guessed a million hashes a second, it would take on the order of a trillion years to have a reasonable chance of guessing the hash of an existing file.

      • by pmontra ( 738736 ) on Tuesday April 26, 2011 @01:11PM (#35944580) Homepage
        Basically that means that the secrecy of that hash is the only thing that protects our files on Dropbox. They probably encrypt the files but if anybody has the right hashes s/he can decrypt them. The hash is the key and invites and sharing are not even checked.
        • by thsths ( 31372 )

          > The hash is the key and invites and sharing are not even checked.

          Yes, so? Encryption works the same way, except that the key is the key. Once you give someone the key or the hash, you may leak your data.

  • I doubt I would have heard of this any time soon were it not for this advertising.

    • Well, you might have heard about it if you read Hacker News or Reddit. :-)

      I realize what you are saying, and yes, this is a perfect example of the Streisand effect. I am commenting more on how lagged Slashdot has gotten on current news. I read about this (and almost every other Slashdot front page story) on other sources many hours or days ago.

  • If someone wants to turn a apache webserver into a "ftp site" using the http protocol, what is the best drop-in solution. One that does not involve programming. I found one that has progress bar and stuff, but I am sure there are others out there.
    What is the state of the art?

  • Slashdot has become increasingly misleading and sensationalist in recent years. So much so that I'm moving Slashdot's RSS feed to bottom of my pile; to be seen only in moments of extreme boredom. I have far better things to do with my time that wade through the constant stream of FUD that this site is generating these days.
  • by ScentCone ( 795499 ) on Tuesday April 26, 2011 @01:10PM (#35944572)
    This isn't censoring. This isn't the government. That word is going to stop meaning something if people can't use it in some sort of rational context. Never mind that Dropbox is just trying to prevent their system from being turned into a big anonymous piracy farm - a very real concern, and one that they have every reason (and latitude within their TOS) to fight. But ... "censoring?" Why not just call them fascists, while we're at it? Idiots. This article it inaccurate, alarmist trolling.
    • This isn't censoring. This isn't the government. That word is going to stop meaning something if people can't use it in some sort of rational context.

      Do you know what the word means? Because I don't think you do.

      Censorship, noun: the practice of examining for and suppressing unacceptable parts.

      "Government" does not show up in the definition of the word. There is such a thing as "government censorship" in which case you must actually qualify "censorship" by preceding it with the word "government." You can even qualify it with the word self, as in "self-censorship," the practice of examining and suppressing your own unacceptable behavior.

      Never mind that Dropbox is just trying to prevent their system from being turned into a big anonymous piracy farm - a very real concern, and one that they have every reason (and latitude within their TOS) to fight.

      That's a fai

      • dropbox examined content and deemed it inappropriate

        ... but has no central authority, as a censor must in order actually censor things. The author didn't censor, he retracted, removed, etc., on his own volition. Censorship requires authority, and doesn't include choice.

  • Dropship that allows users to exploit Dropboxâ(TM)s file hashing scheme to copy files into their account without actually having them."

    I can see why they would be a bit ruffled over this. Seems like this could be in the same realm as an SQL injection attempt. It's just using JSON instead.

    "First of all, attempting to protect a proprietary protocol is going to get them nowhere. "

    Ok, that's a problem. The reason the protocol is proprietary is because the company has put a lot of time, money and effort into developing their product. They want to recoup some of the development costs through the implementation of their protocol.

    The DMCA thing well ...that's what the DMCA is. It's basically a catch-all b1tchstick that can be bent i

    • Seems like this could be in the same realm as an SQL injection attempt. It's just using JSON instead.

      The hack only allows people to share their own files with others more easily. It's not like it would allow them to take over the web server or access other people's files without permission.

      I don't see how this could compete with BitTorrent - everything a pirate uploads onto Dropbox is logged and can easily be used against them in a trial.

  • Bullshit (Score:5, Informative)

    by wlad ( 1171323 ) on Tuesday April 26, 2011 @01:51PM (#35945204)
    Hi, I'm the person why wrote dropship. This thread is completely bogus, as there were no DMCA requests issued at all. They mailed me and asked me nicely to take the code down from github, which I did.

    The DMCA confusion is because they stopped a file from being shared on their own service, which generated a silly mail that a DMCA request had been received from themselves and hence a file was taken down. The blogger confused this with a DMCA request (and corrected it afterwards, but it seems slashdot missed this).

    So can we cut it with the flamebait title?

Beware of all enterprises that require new clothes, and not rather a new wearer of clothes. -- Henry David Thoreau

Working...