Slashdot Mirror

I am assuming that you think IDS (intrusion detection systems) are "physical" intrusion detection systems (meaning that they detect someone physically trespassing on the premise) instead of "network" intrusion detection systems (that they detect crackers "trepassing" on the premise's network). So, just to clarify, we are talking about "electronic" intrusions here, okay?

Just to toss out a couple half decent links on intrusion detection systems, for those who are interested:

This is a good link that compares a few commerical network IDSs
This is a shitty test suite for network IDSs

Damn, I thought I had more. Oh well, enjoy!

On the issue of "fair-use" don't forget the ugly looming spectre of UCITA which governs not only software but most digitally delivered content. DVDs would undoubtedly have a (UCITA legal) shrink-wrap license which would also disallow (legal if UCITA is adopted) resale after use and, most likely, archival copying. Just a few more reasons to dislike UCITA. For more, check out Infoworld's UCITA page.

one by cnet, pretty thorough, and
one by techweb with more details than the other articles, and
one from Infoworld

--LP

such as this - if a company knows of a material defect in their product and conceals such to the consumer, resulting in losses to the consumer - said greedheads are liable under the higher standards of gross-negligence, recklessness, or even intentional tort, resulting in statutory treble damages or unlimited punitive damages in some cicumstances.

The greedheads are already well on their way to taking care of that little problem. Go read up on UCITA.

http://www.troubleshooters.com/ucita/

http://www.2bguide.com/nccusl.html

Here's a list of Infoworld articles on UCITA

You can find a whole lot more besides these by doing a Google search.

Infoworld has an article in the most recent issue related to this topic. You can find it online at: Should you leave your job for one at a startup?

I have followed the development of the UCITA for several years with interest, prompted by the continuing coverage in InfoWorld . This article repeats many of the criticisms of the UCITA that have been aired elsewhere:

• The new law allows software sellers to include various security measures (such as back doors) in their license agreements.
• The new law allows sellers to incorporate all kinds of use restrictions in EULAs, and to make those EULAs binding based on something as simple as opening a disk envelope.
• The new law does not require disclosure of known bugs, or provide any remedies (other than those provided by other consumer protection laws) when the end user discovers those bugs while using the software.

The conclusion seems obvious: This is a BAD THING. But before we just snort in derision and click to the next SlashDot topic, let's look a little more closely.

The UCITA addresses two markets:

The first thing to recognize is that the UCITA is written to define rules for two different markets: the consumer (or mass) market, and the custom software market. The UCITA would apply if you went into Circuit City this afternoon and bought a copy of Leisure Suit Larry for Linux. It would also apply if your corporation hired a small boutique firm (like, say, mine) to create a distributed e-commerce logistics project linking raw material vendors, transportation partners, and corporate customers. One is a $29 transaction paid with a Visa card. The other is $200,000 or more of development work. As the UCITA has been discussed, all too often enthusiasts (both pro- and con-) have tended to blur the distinction--citing provisions meant for one circumstance as the kind of Really Bad Thing (TM) that could happen in the other.

The Insidious Trap Door

No better example exists than the Insidious Trap Door(tm) argument. Buy a copy of Leisure Suit Larry for Linux, goes the argument, and someday the developer can send electronic minions scurrying through your modem to disable the software (and copy the contents of your hard drive).

Um, no. The UCITA gives a vendor the legal ability to include a provision permitting that in a contract that both buyer and seller sign. That means that a seller can try to include such a provision, but the buyer doesn't have to accept it. The provision is not for consumer software--if Leisure Suit Larry for Linux included a back door the entire world would hear about it in every review of the game. We'd all fuss and fume, and CmdrTaco would create a bitmap graphic for TrojanWare and tell us all about it.

What that back door provision does is overturn a common way for custom software developers to make sure that they get paid. In the custom software business it is common for small projects to be billed in thirds: one-third at the time the contract is signed, one-third at the time the software is delivered, and one-third 30 days after delivery. However--it is all-too-common for customers to make the first payment, make the second payment, but stiff the developer for the third payment. If the developer is in a different state, the developer's only recourse is to sue in federal court. And you can't bring a civil action in federal court unless the actual damages you are claiming (not potential damages, or damage to your reputation, etc.) is greater than $50,000. If the total job was $45,000, an out-of-state customer can stiff you for the last $15,000 and there is precious little you can do about it. (Lawyers will suggest that there are other remedies--such as suing in the buyer's home state, etc.--but the long and short of it is that the client can stiff you, and you have no options.) The UCITA provides a legal form of defense for the developer for this circumstance: a Trojan.

EGAD! A Trojan!
Oh, relax. Years ago I worked for a small company that dominates the market for accounting and marketing software for book publishers. They sell on the thirds principle, and have on occasion had trouble getting that last third. Their software now checks the system date: if the last payment has not been made, at 75 days each operator is warned that "a system issue needs to be addressed. Have your supervisor contact us." At 90 days the operators are warned that "a serious software issue exists. Have your supervisor contact us." At 120 days the operators are prompted "your employer has not paid an outstanding invoice for more than 120 days. The system will not function until the outstanding invoices are paid."

That was extremely effective--until Virginia banned the practice. All of a sudden it is a lot tougher to get paid by a client in Virginia--they know your only option is through the courts, which effectively means you're screwed. The UCITA lets my old employer put that Trojan back in, to make sure they get paid. (Truth in messaging: my company does not do that. We typically provide the source code to the client, and often have one or more of the client's programmers working with us.)

The Good Side of the UCITA

A couple of the elements of the UCITA that have not been highlighted enough are the "warranty of merchantibility" clause, and the "accidental click" clause. These are Good Things. The Warranty of Merchantibility is a hifalutin way of saying "lemon laws." If you buy a car in most states and it turns out to have all sorts of defects you can generally bring it back to the dealer and get your money back. The car you bought fundamentally does not function as an automobile--it is not suitable for the purpose for which it was sold. Back it goes. The UCITA gives you the same protection: buy a copy of Leisure Suit Larry for Linux and take it home. Open it up, install it, and discover that it only works on, say, LinuxOne. (Because of all the supersecret custom LinuxOne development, of course.) Well, if it only works on LinuxOne (or only works on KDE) then it isn't suitable for use on other Linux computers. Under the warranty of merchantibility you can take it back and get a refund.

The "accidental click" clause lets you install an app, click on the "I Agree" button, and complete the install. And then say, "oh--I don't want this." and send it back. You'll have to read the fine print to see the time limit (you could not say, "oh--I don't want this" 90 days after you installed) but at least you can look at the software, and see if it installs, without losing all your rights.

All in all, this is probably a good thing:

All things considered, this is a good thing. Yes--in theory consumer software can now include stupid rules in the EULA. In practice software companies will discover that pissing off your customers is not a good business strategy. This will have a much bigger impact on the custom software marketplace, where small vendors will be able to negotiate reasonable contract provisions.
The big losers in this are the lawyers--the UCITA spells out the rules of the game, so you don't need as much legal help to make up the rules as you go along.

PS: For those who would object that Leisure Suit Larry for Linux should be Open Source or GPL'd, let me refer you to http://www.theresnosuchproduct.org. JM

InfoWorld scribe Bob Metcalfe has been predicting for some time that Internet packet metering would happen sooner or later. In fact he has even suggested 'ePostage' for email to deal with the cost of Spam. In other words the Spammers pay to send rather than you paying to receive, putting many of them out of business. Of course you and I would have to pay to send our personal and business email as well...

But then Metcalfe is also known for repeatedly prophecying the collapse of the Internet from an overload of data, and then changing the date he predicts it will happen as each past date rolls by. Not to mention some other rather bizarre musings about the possible impact of the real world on the Internet.

Still, if we assume a metered Internet of any kind, it only seems fair that the person originating the packet (requesting it if viewing a web page or sending it if email) should pay the freight.

Jack

InfoWorld scribe Bob Metcalfe has been predicting for some time that Internet packet metering would happen sooner or later. In fact he has even suggested 'ePostage' for email to deal with the cost of Spam. In other words the Spammers pay to send rather than you paying to receive, putting many of them out of business. Of course you and I would have to pay to send our personal and business email as well...

But then Metcalfe is also known for repeatedly prophecying the collapse of the Internet from an overload of data, and then changing the date he predicts it will happen as each past date rolls by. Not to mention some other rather bizarre musings about the possible impact of the real world on the Internet.

Still, if we assume a metered Internet of any kind, it only seems fair that the person originating the packet (requesting it if viewing a web page or sending it if email) should pay the freight.

Jack

InfoWorld scribe Bob Metcalfe has been predicting for some time that Internet packet metering would happen sooner or later. In fact he has even suggested 'ePostage' for email to deal with the cost of Spam. In other words the Spammers pay to send rather than you paying to receive, putting many of them out of business. Of course you and I would have to pay to send our personal and business email as well...

But then Metcalfe is also known for repeatedly prophecying the collapse of the Internet from an overload of data, and then changing the date he predicts it will happen as each past date rolls by. Not to mention some other rather bizarre musings about the possible impact of the real world on the Internet.

Still, if we assume a metered Internet of any kind, it only seems fair that the person originating the packet (requesting it if viewing a web page or sending it if email) should pay the freight.

Jack

InfoWorld scribe Bob Metcalfe has been predicting for some time that Internet packet metering would happen sooner or later. In fact he has even suggested 'ePostage' for email to deal with the cost of Spam. In other words the Spammers pay to send rather than you paying to receive, putting many of them out of business. Of course you and I would have to pay to send our personal and business email as well...

But then Metcalfe is also known for repeatedly prophecying the collapse of the Internet from an overload of data, and then changing the date he predicts it will happen as each past date rolls by. Not to mention some other rather bizarre musings about the possible impact of the real world on the Internet.

Still, if we assume a metered Internet of any kind, it only seems fair that the person originating the packet (requesting it if viewing a web page or sending it if email) should pay the freight.

Jack

It gets going here. Worth skimming. (OK, so I am biased, but I don't feel like retyping all of those points I made..:-)

Cheers,
Ben

It's nothing new. Even a reputable comany like Gateway can have a little ethical lapse. Remember their 10th Anniversary Special computer?

You can find a quick summary of the case on Infoworld.

They didn't actually touch the CPU, but they replaced almost all of the other components with cheaper models. (My favorites were the Surround Sound (tm) speakers. They didn't produce surround sound; that was just the brand name.) Since these computers were marketed to home users, many of whom didn't open the boxes, this perfidy went unnoticed for several months.

I'm told that Gateway has cleaned up their act. However, I would not automatically assume that the computers are good - just because Gateway is a nationally-known company.

But you're right, we don't need a BSD vs GPL tussle. We just didn't need Brett's bias to show, either.

Wade

I think Petreley has an interesting suggestion in his Nov 15th InfoWorld column.

He argues that just taking away the API isn't enough and concludes that the "only workable solution he can think of" would be to make it illegal for Microsoft to produce Windows at all and give it to a non-profit standards committee which would maintain it.

While he doesn't specifically mention releasing the source to the general public, I think that unless you're going to GPL it or force them to re-release it with each GA release of Windows, Microsoft (already having a development staff familiar with the umpteen million lines of Windows code (95/98/NT/CE/2K)) would probably find some way to gain the upper hand again or at least change the code often enough to keep people one step behind. It would take at least a couple of months or longer for people to be able to figure out all of the Windows source code and Microsoft could use that time to its advantage.

Some things they might do:

Release the source after running it through an obfuscator, with no make/project files, all the files renamed so you can't tell what type it is by the name, and all files in one directory (technically, they did release it, but it is less than usable).

If they only have to release the current code and not updates, they'd put a ton of people on doing updates and after a couple of years, the released code wouldn't have all of the new features and most people (and OEMs) might migrate to the newer proprietary platform, because they'd code all their apps and development tools to take advantage of the new features. Initially the playing field would be leveled, but with MS's massive resources, they'd be hard to keep up with (when properly motivated they can move relatively quickly (eg. IE)).

Similarly, they could code a new OS that is "Windows compatible" but call it "Screen Door" and then roll all new development onto "Screen Door" until Windows is obsolete. They'd have to release updates to the Windows code (or not), but not to the new code.

Whatever they do, it's going to have to be very carefully worded so that MS's lawyer squad doesn't find a loophole.

It seems clear to me that most legal scholars fail to understand the fundemental drivers of the software industry. I guess being a 'legal scholar' tends to focus one on the legal issues (Duh). Unfortunately the practical issues of either a breakup or of licensing Windows are very scary. The 'experts' answering here in /. do seem to understand that. Still many others in the legal world seem to miss the point entirely.

For example, in an Infoworld article published on the nineth, one such expert by the name of Horvath was quoted as wanting to force the licensing of Windows so that different companys could create competing versions. He claims the following result:

"...there might be an IBM or a Compaq Computer version (or both) of Windows. Those versions would then be licensed to OEMs or sold on the retail market, somewhat like software for preparing U.S. federal income tax returns, Hovenkamp said. In other words, the software might be different, but it all helps users file tax returns based on the same income tax regulations. The versions of Windows, therefore, would all be basically compatible with one another.

"In fact, such a remedy would force compatibility because companies, even while technically competing in the Windows marketplace, would have an incentive to make their products work together. If they did not, consumers would have the option to simply buy a different version of Windows."

When I read something like the above I immediately realize the person making these statements doesn't understand how things really work at all. The actual result would be a fracturing of the API's (Application Programmer Interfaces) where non-compatible versions of Windows would proliferate accross the landscape. This would be followed by a shakeout as one version becomes dominant and gains the largest amount of marketshare.

This would happen because the software industry tends towards standards, and the company that owns the standards (or seems to) owns the marketplace. So, if you are a windows licensee that wants to own the market, the first thing you do is something Microsoft calls 'Embrace and Extend'. This is where you create a version of the operating system that is compatible with the standard, but which has unique enhancements only your version supplies. You do this because you know your competitors are also doing it. This has always happened, it will always happen...

Usually the winner at this game is the one most willing to court the software developers (people like me). Because it is our work (applications) that makes an operating system something people want. Because we are the ones who recommend the Client and Server platforms our companies use. Because without us there would be no software industry. And, most importantly, because we tend to move as a herd towards the one platform that guarentees us the most potential users.

I remember the bad old days of the early 1980's very well. At least 15 competing PC platforms (some little more than toys) and no standards at all. The reason the IBM PC platform running DOS and then Windows became the primary developement platforms is not because they were the best. It was because they were good enough, because they were correctly marketed to programmers and because there was a network effect that brought in more developers as the number of users grew.

My point is this: The software industry will always tend towards a single OS with the vendor of that OS owning an effective monopoly. However this doesn't mean the vendor of that OS can rest on their laurels, as the other constant of the software industry is change. The reason Microsoft was dominant for so long is simple; they understood these facts.

I do not think you can 'end' the Microsoft monopoly by breaking up the company or doing anything that allows the API's to remain closed. However, as was pointed out by several of the /. legal experts above, opening the source is an unlikly remedy because of the licensing issues it raises and the fact it would represent a 'taking' by the government.

So, how about something completly different? How about finding a way to get Microsoft to fund the development of competing Open Source operating systems? I am not certain what form this would take, but I do think it is the only real answer here other than goverment oversight of all Microsoft contracts. Everything else we might do will, because of the natural forces of the software market, tend to the same situation we have now. Personally I would rather the natural monopoly was in the hands of an Open Source group of one kind or another...

Jack

Nick Petreley plugged this at IWE a ways back. I posted some screenshots of a few favorite sites: IWE, Slashdot, and The Register.

As previously stated: Karsten M. Self seal of approval with five stinky herrings.

Nick Petreley plugged this at IWE a ways back. I posted some screenshots of a few favorite sites: IWE, Slashdot, and The Register.

As previously stated: Karsten M. Self seal of approval with five stinky herrings.

Nick Petreley plugged this at IWE a ways back. I posted some screenshots of a few favorite sites: IWE, Slashdot, and The Register.

As previously stated: Karsten M. Self seal of approval with five stinky herrings.

Bottom line is they'll probably wriggle out of any serious consequences unless they do something really boneheaded, like falsify evidence at the trial. :)

• Cost of Living comparsions. (US only) This is huge. Very good reference.
  
• Salary Survey (US only) Nice, because they've been doing the survey for nearly 10 years, so there's data not only on the current situation, but also overall trends. (Good when negiotating your annual pay raise in a non-software company that doesn't realize that we geeks really should get more money. :-) )
  
• Salary Comparsions (US/Canada) (Credit to matman)
  
• Salary comparsions (US/Canada, mainly. Some entries for overseas.) (credit to smalltalker)
  
• Salary comparsions (UK only) (credit to GC)
  
• Salary comparsions (Netherlands only) Not in English, so good luck. :-) (credit to Riddles)
  
• Salary Survey (Ireland only) (credit to bigdaisy)
  
• InfoWorld Salary Survey (location unclear) (credit to The Evil Dwarf)
  
• USENIX/SAGE salary survey (location unclear) Requires registration.
  

InforWorld does an annual salary survey. The 1999 survey is here. They do a decent job of surveys in various IT areas. They survey a wide variety of occupationas and locations from their readership so they survey isn't exactly perfect.
You might find info for the US at the the Census Bureau.

InforWorld does an annual salary survey. The 1999 survey is here. They do a decent job of surveys in various IT areas. They survey a wide variety of occupationas and locations from their readership so they survey isn't exactly perfect.
You might find info for the US at the the Census Bureau.

First I must warn all that I have long since dropped out of my business analysis train of thought as I steadily receded back into loving electronics and OS's - *NIX being my favorite.

Businesses and managers are very impressionable folks. In that I mean they truly believe in commercialism. I have worked with government and commercial sector and I have seen the way salesmen can appeal to these goons. With the government it is - well kinda perverse in a way but it works, with business it's easy -- we offer you this and get that.

So let's break off and follow that last statement for a second, we offer this and we are saying you get that.

Now let's apply the late 80's early 90's MS edition of that very same statement:

If you want that you must buy this in order to survive and have that, oh yeah we forgot to mention you have to also buy this other pile of sh*t as well but we can get inot that later . . .

Now come back to the present.

Joe Blow IT Manager, the very same schmuck whose light up when the dancing paperclip "finally does voice recognition" (f*n idiot) sees this. He now says - sh*t, maybe sinking all of that $$$$ into M$ could kick back - - QUICK, what do the other InfoWorld Ad say? Who should I turn to?

Yes this will happen. Even some delusional idiots will actually turn to Apple to solve their "hi end needs". This will be the first fallout.

But hey, all society advancement comes at great pains and cost, this will be one of them. By the same token just as many smart IT Managers will sit back and "see where things are going" and probably apt for a conservative UNIX Company or quite possibly FreeBSD or Slakware (despite it's "freeness" Slakware still boasts the best uptime and stability in distro - not neccessarily kernel).

IT Managers, believe it or not, think very short term as within 2-3 years or so. They are not forward thinkers (well not most of them I am sure the gang at Red Hat might take me up on that) so many saw NT as a good thing for the next year or maybe 2 years. This makes sense when the byline of your job is "keep from gettin' fired".

So, first, businesses will begin to lose confidence in MS, some will stick with them but many (as is already happening) will turn to companies like VALINUX and Sun.

The home computing market gradually lags anyway due to out of pocket expense limits so breaching the MS infiltration will take several years, but I believe as more becomes available and usable, more home users will seek alternatives. They may or may not turn to Linux, that is hard to tell (but I can say, the time is ripe for FreeBSD to make it's move).

Ultimately home users will not change their hbits for a long long time, I think everyone already sees this. I expect a shift to take place in 2-3 years (given the current buying trends).

I mention them in the same context here because I mean the same thing - both GNU / Linux and OSI now will see something that has been slowly and quietly happening for a long time.

Converts

Developers and geeks alike will also lose confidence in the almighty M$. We now will be given an opportunity to bring in and cultivate untapped talent that simply "didn't know any better" but have now awoken. This will most likely happen (in large numbers) after a ruling which is pretty sure to go against M$. It is already happening, as a matter of fact, I wouldn't be surprised if Linuxnewbie.org's mailing list jumps a little next week.

This isn't much different from other breakups as far as business is concerned. Geeks, however, will reap great reward which as all /. readers know is what matters.

People need to know that there are alternatives, instead of just bitching.

Maybe you should have read the entire article before mouthing off and you would have seen the following:

Nicholas Petreley is editorial director of Linux World

Oooops! Better put brain in gear before exercising tonsils next time.

JMC

In related news, VINES finally died just last week!
--

I've asked Rob for a general discussion page, and/or a moderators issues page, several times, he's always nixed it. His argument is that he'd rather get mail on a topic because he reads his mail (funny -- I got an automated rejection to a story item I'd posted but wanted to give him an additional update on). To me this says he doesn't trust Slashdot to do what it should do: let the community bring up issues and moderate up the ones it thinks are important.

I end up posting "about Slashdot" issues to other fora, notably InfoWorld under the "Readers Roam" or "Readers Choice" columns, where a few intelligent minds are known to wander.

Slashdot is an interesting mix -- it's community voice, but only on those topics Slashdot has deemed we should talk about. I'm starting to find this limiting, and view the site a bit more as a news portal than as a discussion. Some things are excellent though -- last week's Bruce Schneier interview was one of the best online-interview format discussions I've ever seen.

Anyway, according to this InfoWorld article, "Sun will release" a Java 1.2 port for Linux in "early 2000" with the Blackdown porting group. Not big on details, and Sun haven't done a press release. It's not clear if Sun will be making it available to download from it's site, but that's the implication. However, the article also states that this release will include Sun's nice HotSpot compiler.

It is nice to see that Micro$oft is able to povide ample evidence as to how much better Windows NT is. They have the first myth covered with three reputable sources. I have problems with the magazine's bias, but before you guys decide to shoot me down, I would like to know where the results are for another magazine such as Infoworld, or Byte Online where they focus on the business aspect of computing. Other then that Microsoft used reliable sources to explain their results, but my question is where are these sources? The few links that are provided are from customers of Microsoft and Microsoft's own web sites. Besides, it is always nice to see that in Microsoft's rants and raves, they neglected to mention the numerous bugs in Win NT in fact, there is a feature article in last week's Infoworld about the security flaws in NT. Another item of interest is an old Slashdot article about the Army swithching over to Macs because of NT's security. Oops. I guess in the end, this was just yet another PR stunt to justify NT's existance.

It is nice to see that Micro$oft is able to povide ample evidence as to how much better Windows NT is. They have the first myth covered with three reputable sources. I have problems with the magazine's bias, but before you guys decide to shoot me down, I would like to know where the results are for another magazine such as Infoworld, or Byte Online where they focus on the business aspect of computing. Other then that Microsoft used reliable sources to explain their results, but my question is where are these sources? The few links that are provided are from customers of Microsoft and Microsoft's own web sites. Besides, it is always nice to see that in Microsoft's rants and raves, they neglected to mention the numerous bugs in Win NT in fact, there is a feature article in last week's Infoworld about the security flaws in NT. Another item of interest is an old Slashdot article about the Army swithching over to Macs because of NT's security. Oops. I guess in the end, this was just yet another PR stunt to justify NT's existance.

http://www.info world.com/cgi-bin/displayNew.pl?/petrel/980713np.h tm
"The National Security Agency (NSA) lists the following configurations as having been evaluated for U.S. C2 certification: Windows NT 3.5 with Service Pack 3 on the Compaq ProLiant 2000 and ProLiant 4000 Pentium systems, and on a DECpc AXP/150. The LSEL diagnostics software was used as part of the configuration. The systems were certified only in a stand-alone configuration (no network). No other version of Windows NT has received C2 certification on any hardware platform (Windows NT 3.51 was C2-certified in October 1996, but only in the United Kingdom)."
http://www.zdnet.com.au /zdnn/content/zdnn/0923/2140612.html
"To date, Microsoft has not obtained C2 certification for any release of NT beyond version 3.5, the company acknowledges."

Does this mean that all of SAS is to be ported to linux?

Don't hold your breath. I know a thing or two on the topic [1].

The news that I've heard is that a code port has been done. Some problems were encountered, but they were resolved with the help of RedHat. The question is whether or not Linux fits with SAS Institute's (SI) traditional customer base and business model. SAS is a mature product, with about 30,000 installed sites, roughly 2% base growth per year, and 16% revenue growth in 1998. 52% of revenues are still related to mainframe platforms (with 27% PC and 17% Unix). In short: a market that's not exactly bleeding edge, with more blood being squeezed from the same old turnips.

SAS programmers have been known to rant about several other shortcomings....

My feeling is that SAS will come around to supporting Linux eventually. They might even surprise me and make an announcement in the next few weeks -- it's regional user group conference time, a favorite time of year to announce new products (their latest release, v7, has been featured for the last four years running <g>....). But I'd put the probability at about 25%. A leaked internal discussion indicates that there are serious internal conflicts over marketing, and until Jim Goodnight says "SAS will run on Linux", it's not going to happen. I tend to get good information both directly and through the mailing list I maintain, and I've heard nothing. Might try shaking the bushes a bit....

However the open source movement has gathered momentum to the point that SAS is simply going to miss out. Flexible tools, source, server-based and distributed applications, are the new wave. SAS has got itself a neat little niche, but it's got an uphill grade -- getting steeper -- if it wants to catch up with the new wave.

[1] Yeah, I know the site's stale. The sad news is that it's current -- there's simply nothing to report. The mailing list carries more current information, but it's also tooooo quite....

I'd like to make some points:
*) Sun's SCSL license is not open source, nor trying to be.

*) Not all the source code will be made available straight away. Like with their other stuff released under the SCSL, you'll only have to pay Sun money if you plan to make a profit on it yourself. Sun also require you to fully publish the specs for any new APIs you add, and are very hard on compatability - ie they don't want it corrupted/code forked. btw, you will need Sun's compilers to compile it, and they haven't (yet) made the compilers SCSL.

*) I don't think this is really aimed at the general public (of coders) - it's mostly aimed at commercial compains who currently want to liscence Solaris to make their own products, and there are a few, and also at developers who already use Solaris.

*) I think the two main advantages they hope to gain from this is more developer interest, and better quality software - by getting better feedback. The reliability of Solaris is very important to Sun - there are managers whose salary and bonus are tied to it's reliability.

*) This is part of Sun's relatively new, general attitude towards development - first with Java last year, some of their microprocessor designs, some high end software (Sun Cluster Tools 3), Star Office, new software (Jini and Jiro) and now Solaris. I've heard it said that Sun plan to make all their software available under the community source unless there is a good reason not to.

*) Sun have very good reasons to worry about protecting their software - Microsoft would love to damage Sun, like it did Netscape.

*) The descision to go with their "community source" lisence would not be new. Sun have very long lead times on development for Solaris, and because Solaris contains quite a lot of other people's IP (which they'd have to get a new lisence for, or do their own version) as well as tidy up the source for public release, they would have to make the descision very early in the product cycle. Solaris 8 (which will be the first to have some source code freed) went into alpha about 1 year ago, and has probably been in code freeze for about 3-6 months, and it'll be released in about 4-6 months. And Sun aren't even adding that many new features with Solaris 8. Co-incidentally (probably not), when Solaris first went into alpha, was about the time I first head Sun execs talking about making Solaris open source.

*) Some people have said that Sun might be worried about Linux, or Project Montetery wiping them out or something. Currently, as with the past few years, Sun has been having very stable and reliable growth (20-25% per year) and I haven't seen the slightest indication that they're "hurting" from Linux (the opposite in fact) and Monterey isn't even finished yet, and even at best won't take off for another 2 years.

Btw, what's new in Solaris 8 you might ask? Well, they're putting in their cluster tools software as standard (currently a seperate product), doing IPv6, including perl (perl 5.0005_03 to be precise) as well as some modules to access parts of Solaris, some bits for Java, new diagnostics tools and such. btw, Sun will support everything that comes with Solaris for 5 years after they stop selling it.

An Anti-Patent Patent League -- usually conceived as a patent pool, has been suggested by John Walker of Autodesk, L. Peter Deutsch of Alladin Software, Richard M. Stallman of FSF and LPF, and is now part of a proposal floated by Eric S. Raymond.

While theoretically workable, the obvious problem with the idea is that it hasn't been made to work yet -- though circumstances are changing. Patent pools have some serious organizational and logistical problems. Essentially it puts free software in the position of relying on the kindness of strangers, and patents are still expensive to aquire, maintain, use, and defend.

An alternative I proposed in several areas a few weeks ago is to try to extend the already significant power of copyright as used in free software licenses such as the GNU GPL, NPL, and IBM Public License. Copyright is easily aquired, already held by free software developers and interests, fairly easily defended and asserted, and lasts for fscking ever (life plus 70 years).

The mechanism is to add a termination clause to a software license which says words to the effect "this license terminates, and the rights granted, but not the obligations required, if you initiate patent infringement actions on any licensee of a class of software". The definition of the class is key -- it could be a list of important programs (say gcc, glibc, Linux, bind), a list of projects (say, any GNU project), or all programs covered under a particular license or set of licenses. This is similar in almost all respects to existing software licenses except that terminating actions are extended to a class of software rather than the immediately covered work.

I've outlined the idea a bit more fully at Infoworld Electric's Forums.

There are a number of problems identified -- businesses may be deterred from using software with such a poison pill, a company which seperates its patent holdings from its main operations may thwart the intent, penalizing beneficiaries of abusers of the license may be necessary but difficult, the clause might be considered a "patent grab" (I think it is, but there's a strong quid pro quo).

Still, if I may say so, it's an interesting and novel approach.

See also Bob Metcalfe's column ("Digital Subscriber Lies") in Infoworld this week.

BTW, I have ADSL myself and several of my friends have cable.

From here


Few = 7


Countries = Iran, Iraq, Libya, Syria,Sudan, North Korea and Cuba.

There's a review of this sucker up on Infoworld already. Apparently IBM shipped one to their test center. The lucky dogs.

If you work in government, please let your PHBs know about this study --and about Linux and StarOffice.

Delve into the lurid, gory details at Infoworld.com

But the intelligent threads aren't direct followups to trolls. The first poster gets penalized (maybe the penalty only applies if the post itself is a counter-troll), the rest of the thread is not a direct response to the troll, they are responding to (presumably) slightly more informed discussion. No penalty. Incentive: don't feed trolls, if you must, provide an informed response.

Yes, I've seen a number of trolls generate interesting discussions, but it's usually at a very high S/N cost. See for instance Lewis A. Mettler on open source and security, at Infoworld Electric.

Yes, it ended up producing some intelligent comment, but only at the cost of much, much noise (hundreds of direct posts and thousands of followups). Note Mettler's own followups to my summary and Bob Brewer's (tseliot, mentioned near the top of the link provided). Talk about a one-tune whistle!

(In case you don't know, a munchkin is someone who works for a particular company and posts FUD etc. under an alias. This is a known Microsoft tactic, already practiced in the war against OS/2 years ago).

And if this Reuters report posted on Usenet is true, Microsoft actually confirms that it was a munchkin of theirs, but they "didn't authorise his smear attempt".

What's ironic that that guy at Microsoft decided to contact Richard Smith of all people, since he is well known for revealing secrets in Microsoft(!) software, such as the Registration Wizard and IDs stamped on Office documents. Bad luck for the Microsoft munchkin because... Richard Smith then discovered that the sender used the Yahoo mail system and had set up the account that day. Apparently, the sender was not aware that Yahoo includes IP addresses, which Smith used to trace the message back to Microsoft.

What does all this show?

1. Another example of a Microsoft employee who would do anything to help their cause. This has already been pointed out in commentaries on the MS vs DoJ trial: Bill Gates may not have said literally to destroy their competition but certainly his employees understood it as such in their zealotry.
2. AOL was very desperate in finding a way to detect non-approved clients. With an open protocol this can indeed be very difficult.
3. If you care about security for you or your users, don't use AIM, ICQ or MSN Messenger. Resist user demand and block 'em at your firewall. They gobble up loads of attention and productivity anyway.

Here led by Ed Foster, who first brought this to public attention.

There are some more details on the "wonderful" proposals. They are for our own good, right? HA HA!
http://www.infoworld.com/cgi-bin/displayStory.pl ?/features/990531ucita.htm
Or click here

Well, Bob Metcalfe predicted the total collapse of the Internet in 1995. True to form, he literally ate his own words in 1997 when he admitted his earlier mistake.
----------

Well, Bob Metcalfe predicted the total collapse of the Internet in 1995. True to form, he literally ate his own words in 1997 when he admitted his earlier mistake.
----------

People, relax. What you have to realize is that *this guy is not really all that serious* He's just playing the devils advocate, the sort of grouchy old man, stirring up controversy for the pure hell of it. In the article he *admitted* that he was flaming linux to begin with, and he didn't say that there was anything inherently wrong with people speaking out against him. He seemed to think that OSnic patriotism wasn't really all that uncommon. Besides this guy is so out of touch that he predicted that Internet would collapse in 1996, partly because it would be impossible to find any porn....
_
"Subtle mind control? Why do all these HTML buttons say 'Submit' ?"

He's deafinitely out of touch with the current reality!

per Bob 'Ethernet' Metcalfe.

I didn't know we were all squeezing in thru a single B channel...

For Internet stocks, there's bound to be profits in promoting Software that Doesn't Suck®

Chuck

Read Slashdot comments here.

Any other smart-assed comments you want to make? Maybe you should check your sources before posting.

COURT LIMITS STATE JURISDICTION ON WEB
In a decision with global implications, a three-judge appellate
panel from the California Court of Appeal for the Second District
has ruled that the state of California has no jurisdiction over a
Web site whose hosting servers are located in the state. The
ruling clarifies the issue of jurisdiction in lawsuits involving
Web sites and out-of-state companies. The court's decision
addresses a defamation suit filed by plaintiff Steven Rambam
against the Jewish Defense Organization (JDO). The JDO had
posted information on its Web site claiming that Rambam was a
racist Nazi sympathizer and a potential murderer. In his
lawsuit, Rambam claimed that the JDO's contracts with
California-based Web hosts GeoCities and Xoom.com provided the
state with jurisdiction in the case. The judges disagreed.
"Defendants' conduct of contracting, via computer, with Internet
service providers, which may be California corporations or which
may maintain offices or databases in California, is insufficient
to constitute 'purposeful availment,'" wrote judge Mildred
Lillie. (C|Net 06/09/99)

The C|net article is here. Seems to me that the case law is very unsettled. (Not that I have a clue about law!) Which makes the pending battles over UCI TA legislation all the more important and dangerous.http://www.infoworld.com/cgi-bin/display Story.pl?/features/990531ucita_home.htm

From inf oworld:

One simple thing you can is to sign our e-mail petition, which reads as follows:

"In light of the concerns previously expressed over proposed UCC Article 2B by a variety of interest groups, and the lack of time such groups have had to study and respond to its new reincarnation as a uniform act, the undersigned urge the National Conference of Commissioners on Uniform State Laws to not approve the Uniform Computer Information Transactions Act at this time."

If you agree, "sign" the petition by sending an e-mail to us at ucita@infoworld.com with any
additional comments you'd like to make and your name, title, company, city, and state. The results will be presented to the NCCUSL commissioners in Denver to help demonstrate to them
that the concern about UCITA is widespread.