Domain: sourceforge.net
Stories and comments across the archive that link to sourceforge.net.
Comments · 31,462
-
Re:In case anyone was wondering...
Sopwith Camel is actually an old biplane.
http://en.wikipedia.org/wiki/Sopwith_Camel
And for the linux game, some screenshots:
http://sdl-sopwith.sourceforge.net/sshot.shtml -
Re:That Extra Mile
Have you gave xsupplicant a try? It's a command-line based tool, at present, with a GUI forthcoming. I use it on my Nokia tablet to get LEAP and PEAP support for use at my university. Check it out: http://open1x.sourceforge.net/
If you need some help getting it set up, feel free to drop me an email. -
Re:Macs
As such, one way I got around the problem was to downgrade to ComboUpdate 10.4.10 and install the rEFIt bootloader. It makes your Mac totally legit and it even allows you to, easily, triple boot you box with Mac, Winblows and Linux side by side. See rEFIT at http://refit.sourceforge.net/ for details.
-
Re:What is it?
Star Control 2's code has been released under the GPL, and now continues to be developed as The Ur-Quan Masters. http://sc2.sourceforge.net/ Damn fun game!
-
It's a *DIFFERENT* libARC -- ICO's *IS* GPL.TFA points to a different libarc : http://www.onicos.com/staff/iz/release/libarc-2.0.2.tar.gz, not the sourceforge one.
According to the few info available in english on the page, this libarc is used to open quite a lot of different archive format (could some Japanese-speaking /.er help here ?).
Whereas, the sourceforge one, is mainly designed for a GZIPed ARC file used on the internet archive.
And whereas the libarc you point out is licensed under some sort of permissive license,
the Japanese libarc used by ICO is licensed under GPL. The file "inflate.c" is mentioned in TFA, and the following license/comments are cited : /*
Copyright (C) 2000 Masanao Izumo
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
*/ /* inflate.c -- Not copyrighted 1992 by Mark Adler
version c10p1, 10 January 1993 */ /* You can do whatever you like with this source file, though I would
prefer that if you modify it and redistribute it that you include
comments to that effect with your name and the date. Thank you.
[The history has been moved to the file ChangeLog.]
*/TFA's author then point out a couple of subtle difference all showing that it's this libarc's specific file which is used. (You can find similar "inflate.c" in a lot of decompression libraries. But libarc's has some specific memory subroutines, which can be traced in the disassembled code flow of the US version, or in the list of symbol names in the debug info included with the EU version).
---
Now to go back to the possible outcomes :
- The most easy is to stop distributing the infringing piece of work.
Which as pointed out by the /. has already been done. This game isn't produced anymore.
- An alternative is to publish the code, *NOT* of the whole game, as said by some /. er, only to the specific executable which contains the GPL code ("SCUS_971.13" according to TFA. The other few GB of data that are on the DVD are safe).
- The third solution, which wasn't mentioned yet by /.ers (and which would require a little bit more work) would be to separate the functionality into a -
Re:Confused: libarc doesn't seem to be GPL
Yeah, it's always good to remember that project license != individual file license. Luckily there's an open source tool, which aims to help doing that inspection: http://sourceforge.net/projects/oslc
-
Re:Confused: libarc doesn't seem to be GPL
Here http://sourceforge.net/projects/libarc/
... it specifies BSD license. -
Huh?? What violation??
The libarc project page says that the library is licensed under the BSD license.
What "GPL" violation are these guys talking about?
http://sourceforge.net/projects/libarc/ -
Re:You're confusing General license with Lesser
No. As the GP pointed out, there are two licenses, the LGPL and the GPL. GLIBC is licensed under the LGPL, therefore you don't have to release the source to your own C program, just any modifications you might have made to GLIBC. As for the library of libarc, erm, I'm not sure what's going on here but I can't see any evidence it's licensed under either the GPL or LGPL. From http://libarc.sourceforge.net/:
License
Copyright © 2004 Basis Technology Corp.
All Rights Reserved.
Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met:
* Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer.
* Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution.
* Neither the name of Basis Technology Corporation nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission.
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.Looks like a permissive free software license (*BSD, MIT) to me, not copyleft at all.
-
Not GPLFrom the site
License
Copyright © 2004 Basis Technology Corp.
All Rights Reserved.
Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met:
* Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer.
* Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution.
* Neither the name of Basis Technology Corporation nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission.
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
No mention to the GPL -
Re:Confused: libarc doesn't seem to be GPLLooking at libarc website http://libarc.sourceforge.net/: the license indicated here isn't the GPL..
So either it's not the same libarc or its license has changed or the website is incorrect or the issue happen in some other file but not in libarc..Yeah I found that libarc too. But the article appears to be talking about another libarc from Link to articles libarc It is written in C the libarc you found is written in C++. Not the same program, confusing names, how many libarcs are there?
-
Confused: libarc doesn't seem to be GPL
Looking at libarc website http://libarc.sourceforge.net/: the license indicated here isn't the GPL..
So either it's not the same libarc or its license has changed or the website is incorrect or the issue happen in some other file but not in libarc.. -
Re:Cube Islands
-
Re:I've had one for a couple months now.
If you do, make sure you can boot from the dvd first - worked flawlessly for me but other people on forums have warned about it.
Also, you may have a hard time actually deleting the partition. I downloaded a GParted livecd iso, burned it to cdr, then booted from that to safely edit the partition table. Then you will have fix the MBR on your main drive (GParted didn't get that part right for some reason), so boot from the sony recovery dvd, select the repair option which will automatically fix it for you. -
Re:Filesystem over IMAP.
-
Re:Stay out of trouble by downloading legal music
I just found iRATE on one of the pages you linked. It's a nifty idea. Downloads a bunch of random stuff for you directly from the publisher, and you rate it. Then it downloads more stuff based on what you like, and what other users who liked that like. Fun
:) -
Re:Great news
Many of the major free GPL licensed programs are now available in both Windows and Linux versions. In the past they were only available for Linux/Unix users. If a small business wanted to they could replace Microsoft Office and most of their other commercial applications with free GPL licensed alternatives and still keep Windows. Here are a few examples:
-
use rEFit
If you read the original agreement when install Bootcamp without Leopard (ie the pre-Leopard versions of Bootcamp), it tells you it is Beta software only and that it will expire in October 2007. And that's what it did.
Yep. Use this instead.
http://refit.sourceforge.net/ -
Re:Great news
At home, I use Gimp on both my Windows computer and my Linux computer. I have a few other free open source GPL licensed programs on both computers too such as Open Office, Firefox, Abiword. Those programs are all available in both Windows and Linux versions. The Windows computer has mostly free GPL licensed software on it and does not have much of the usual commercial software such as Microsoft Office.
-
Multiple desktops on Vista too
Windows NT has always supported multiple desktops under the hood, and MS has had a powertoy that exposes this for ages.
There's many other third-party virtual desktop managers around, if you look, even for Vista.
-
Multiple desktops on Vista too
Windows NT has always supported multiple desktops under the hood, and MS has had a powertoy that exposes this for ages.
There's many other third-party virtual desktop managers around, if you look, even for Vista.
-
Re:Pidgin w/encryption
I use pidgin-encryption with Jabber every day. The Jabber connection is secure to the server (SSL/TLS I think? maybe just for login?), but this provides end-to-end privacy on top of that. I have convinced three friends (three different operating systems total), including my fiancee, to use it. It works very well and transparently once you have the keys set up. Initially, we checked the key fingerprints over the phone.
However, nobody I communicate with by e-mail uses PGP.
:-( -
Re:Yes, and then, magically, people start buying.
That's exactly what happens in the real world.
Only if the demand for music exceeds the supply at the price of producing that music and marketing it. Do you really think that is the case?
What? Today demand can't exceed supply technically, only people's taste can. The major cost of creating music is creating the master record, analogue is a bit high but with digital tech the equipment needed can be afforded by many. Then audio software is free, Macs come with Garage Band and Audiocity is Open Source audio software that's a cross platform, running on Linux, OX S, and Windows as well as other OSes. Once the equipment is paid for duplication is practically nil digitally, that's part of the fuss with P2P, copies are easy to make and distribute. The only other barrier, other than talent, is having someplace sound proof to record in. But with what many listen to that's not a big deal.
The market for music quickly becomes something quite similar (though not identical) to the market for lemons, where the price commanded by good quality work is brought down by the fact that it's not any more noticeable than bad work for the buyers.
Ah, the net allows a person to try before they buy, as do some brick and mortar stores. It's their own fault if someone buys music they don't like. The only problem I see is when a person has to buy a whole album just for one song but again the net allows them to download just that one song. Well I see another problem, but it's not related or is only obliquely related. As for fliters, friends can serve as filters quite well. Music store employees can even be filters. The last tyme I bought an album I went into the store looking for a specific artist but the only album I could find I already had. Asking an employee there he said they didn't have anything else in stock but if I liked that type of music I should try another artist. So I listened to clips of the songs on one album, liked what I heard and bought it. Before listening to the clips I had never heard of the person.
Falcon -
Re:Anyone know of a Vonage-compatible implementati
Sometime I'll also have to write a script to parse the tapelist.log file orkaudio generates, and make a nice little index associating the audio files to the phone number called, and then I'll have a nice history of all my phone conversations.
Just grab and install OrkWeb/OrkTrack. It's part of the same software suite and handles all of that for you. -
Not the first law there.
rememeber davsi that propsed to make it illegal to develop p2p applications? That proposal did have effect on the frech ability to develop software.
To implement this law one would need to have monitoring on the internet users. Since the rule is "not paid for", this monitoring needs to be connected to monitoring payments. you see trouble here? I do. -
WKNC
Speaking of college radio... NCSU's radio station, WKNC is pretty awesome. Lots of variety, playlists are listed online. They also broadcast on the internet as well. Once you hear it, you can make sure the tune is RIAA free at the RIAA Radar. Another good source is CD Baby. Pretty much everything there is RIAA free. I used to use iRate quite a bit, but last I checked it was no longer being updated regularly and suffering from severe bitrot. I also use iTunes music store recommendations. A lot of those can be RIAA free, you just have to check them with the RIAA Radar before you buy.
-
irate
I haven't used it for a while, but there's irate. Basically you connect to a server. The server feeds you music right from the artist's website. You rate it. It starts to figure out the types of music you like, and will feed you more of it. Everything is mp3.
-
Re:Linux is actually cheaper here.
Ubuntu does not come with client software for windows machines to automatically back up the windows box nightly onto the Ubuntu server. WHS does.
apt-get install backuppc
Ubuntu requires you to install Samba. WHS uses windows shares / web server interface.
apt-get install lighttpd
Or are you implying that Samba is somehow worse than a native Windows share?
Ubuntu requires raid hardware or software. WHS uses a 'storage pool' methodology and allows disk redundancy without raid, and automatic growth of the 'storage pool' by plugging in a USB drive or ESATA device(s).
How automatic? I wouldn't want it to automatically format my flash drive because I plugged it in temporarily.
Or if you mean "automatic" by "prompting the user to do something", well, we can do RAID 5 restriping easily enough.
Ubuntu would not give you Remote Desktop access to your windows machines without configuring Wine, I think.
apt-get install rdesktop
And you imply that Wine is hard to configure. It's not, not anymore.
Ubuntu requires you to install CVS to get versioning of files, which requires you to actively commit files. WHS automatically saves changes between versions and allows you to step back, all through the nightly automatic backup.
Did you completely fucking miss the part about "backuppc", which I mentioned before? Here, go read.
You'd have to write your own web service to access the machines from outside the network.
apt-get install openvpn
You'd also have to configure the router yourself.
Want to be the router? apt-get install firehol dnsmasq.
I thought this through, I run a small business (20 hours a week of development) and did my homework before making the decision to buy WHS.
Apparently not enough to even know about the existence of rdesktop.
Now, I never claimed that Ubuntu would support everything you need out of the box. I am, however, claiming that to install and configure what you need, including Ubuntu and these additional packages, will take far less time than $169 worth -- and you get free upgrades for life.
apt-get install backuppc samba lighttpd openvpn rdesktop mdadm firehol dnsmasq
Here's what you've said so far that I can't do with Ubuntu, under that configuration:
- Disk redundancy without RAID. You haven't convinced me this is a good thing.
- Automatically configure a router, assuming it supports uPnP But for 99% of home users, everything you need is right here, in fact, probably here.
If these are really that needed, redundancy without RAID can be done with ChironFS, and uPnP is actually kind of dangerous, from a security standpoint. But I bet I could add these features in very little time -- small enough that, hell, I could sell it for less than $100 as an instant NAT OS.
-
Re:Memory still an issue for me...
My Firefox will spike from around 66 MB of RAM usage to 700 then 800 then 900 and will just sit there chewing up more RAM until I kill it.
Yeah, I notice that too when I do *cough* research */cough* that includes pages with a couple hundred high res images. I'd suggest limiting the scope of your research, or you may want to invest in a program to download all of those images instead of trying to view them all at once in a browser. Try something like wget. -
My Recipe for a home NASI've been working on this for years, literally. I'm still not satisfied, but at least it's gotten to the point where the urgency to improve it has gone down a bit. Here is my recipe:
1. M2N-E Asus Motherboard + 1 Gbyte DDR2 + AMD X2 5000+ CPU with unlocked clock multiplier. No Graphics card.
2. Antec Nine Hundred case with 450 watt energy efficient PS. 6 Seagate Sata2 500 GB disk drives.
3. APC backup unit with 1000+VA, like the XS1200. APC is the preferred brand, since driver install is easy.Assemble hardware, and temporarily install a DVD-ROM, keyboard, and graphics card for installation of Ubuntu server. I've used 6.10, 7.04, and 7.10 successfully. Boot your favorite version of alternate install CD of Ubuntu AMD64 server and install it, after partitioning all the disks with small partitions of 1024 cylinders as partition 1, and the rest of the disk as partition 2. Then create RAID1 arrays on partition 1 (partition type FD) of disks A & B, and another RAID1 array on disks C & D. Partition 1 of disk E is a swap partition, and partition 1 of disk F is spare. After creation of the RAID1 array on A & B as
/dev/md0, then use this for the root mount point. /dev/md1 on C & D can be used in the future for upgrading to newer releases without having to trash the original on /dev/md0. I don't bother with a LAMP installation, since I want pure file services. I do add DHCP, TFTP, SSH, NFS, and Samba services either during the installation, or after. After a successful install and reboot, then modify the grub menu to set up a serial console. http://www.howtoforge.com/setting_up_a_serial_consoleYank out the DVD, graphics card and keyboard, hook up a serial cable, and verify that it reboots with output directed to the serial port. The whole point of making the server headless is to remove all temptation to run an X-Server on the machine. This way lies madness and disk corruption. Preservation of the data takes precedence over convenience. You can do everything you need via SSH, or in a pinch, with the serial port. After beheading the machine, I usually continue configuration via SSH from another box on the network. Next, create a RAID6 array on the 6 disks using the 2nd partitions, which will give you a little under 2TB of usable storage. RAID6 may seem a bit of overkill, but RAID5 arrays usually have their moment of truth during a rebuild after a drive failure, and this is when unreadable sectors usually rise up and bite you very hard. With Raid6, you still have a margin of error after a disk failure, and we all know it's not a matter of if, but when.
Now install loop-AES. This always requires a build from source code, and instructions can be found on the ubuntu forums . Loop-AES is more complex to install than LUKS, or other linux disk encryption schemes, but the performance and security are the best available. This is why the OS should be in 64 bit mode, since this gives a little faster speed to the AES256 encryption. Creation of a suitable encryption key is covered elsewhere, but I strongly recommend 65 keys, a good random salt value, and a high iteration count on "losetup". I use an iteration count of 2,000,000, which takes about 2 minutes for the CPU to perform. The keyfile & salt value should be stored on an separate USB key, stored in an encrypted filesystem with a different salt value, a high iteration count, and a 20 character strong password. This combination is military grade, and places the weak link of the security chain squarely in your head. In other words, your password and the USB key become the only possible method for recovering your data, so making copies of the USB key is strongly recommended. I keep a copy at the bank, in a deposit box, as well as
-
Re:Screenshots and previews of slightly olderrelea
It's a shame Dolphin sucks so much. If they were going to switch file managers they should have picked something good like Krusader. Krusader is _THE_ reason I'm no longer a fluxbox user.
-
Linux is actually cheaper here.
Maybe there is more of a learning curve than I'm allowing for here, but it costs me far, far less than $169 of my time to setup a Linux server with Samba and BackupPC on a RAID. RAID implies that everything is on more than one disk, whether you remember to flag it or not; Samba gives you filesharing and media streaming (or lighttpd if your media clients only support web); BackupPC supports as many PCs as you want, with incremental and full versions, allowing you to restore a file, folder, or an entire backup (or browse without restoring).
Presumably, then, your Windows Home Server does something for you that my Ubuntu Server doesn't. Whatever it is, is it worth $169? Specifically, if it's ease of use, are you paid enough that $169 is cheaper for you than 2 hours or so (at most) following some Linux tutorials? I imagine most people would come away with money to spare on an extra drive or two.
I realize, for many people, Linux is not going to work on the desktop, much as I wish it would. But Linux excels on the server, and with neither of them preinstalled, the cash cost of Windows is suddenly very obvious. The only better OS for this might be Solaris or BSD, and they're both free, too. -
Re:Salt
So lets say you go to South America on a weekend trip and you want to post some pictures on Flickr.. Howto access those password?
You can store Password Safe on a USB flash drive and take it with you to South America, plug it in, run Password Safe from the USB drive and access your passwords.
This would also protect you against keyloggers on a public machine as Password Safe will fill passwords in for you meaning you don't need to actually type it.
-
Re:I've been using Camino...
Pity there's not a similar lightweight native Firefox derivative for Windows.
There is one: kmeleon. It's based on gecko and it has a native windows interface.
Disclaimer: I have never used it. -
Re:Salt
Better solution:
http://passwordmaker.sourceforge.net/passwordmaker.html
One password for all sites, but a unqiue, "fscking crazy" password for all of them. You're welcome. -
Re:I've been using Camino...
Pity there's not a similar lightweight native Firefox derivative for Windows.
Go go K-Meleon!
By the way, neither Camino or K-Meleon are derivatives of Firefox. They're just native browsers using Gecko and everything that comes with it.
-
Re:I've been using Camino...
I just want to point out, as others have, that K-Meleon is a really nice, full featured Gecko-browser for low-end machines. Its basically Firefox without the XUL layer, and is even more customizable than FF out of the box. It really a life-saver on old machines. I run it on a old Pentium II, 300MHz, 64MB RAM laptop, and it's quite snappy and very usable!
-
Re:I've been using Camino...
> Pity there's not a similar lightweight native Firefox derivative for Windows.
K-Meleon (despite the name, it's got nothing to do with KDE). -
Re:I've been using Camino...
http://kmeleon.sourceforge.net/ might be what you are looking for.
-
Re:I've been using Camino...
They have a lightweight version,it is called Kmeleon. That said,I do hope they fix the memory problem in FF. While I like Kmeleon,I do miss my extensions(although they have added adblock support,which was my main extension)
-
Re:FOSSThat reminds me of a quote I saw on slashdot once. I Googled for it and was lucky enough to find it elsewhere http://www.armoredpenguin.com/quotes/Larry_Wall_Perl.html: Q. Why is this so clumsy?
A. The trick is to use Perl's strengths rather than its weaknesses.
--- Larry Wall in 8225@jpl-devvax.JPL.NASA.GOV The same can be said of OSS or anything for that matter. For SourceForge you may want to use the advanced search http://sourceforge.net/search/, and specifically use the "activity" fields to narrow down your search.
If you have javascript enabled then the easiest thing to do would be to press the filter button on the search results page and make sure projects without files are not listed. Remember to press the "Apply" buttom. -
Re:Bigger list
Here is a more comprehensive listing (than the cnet list) of open source software and their proprietary counterparts:
Open Source Alternative http://www.osalt.com/
Pricelessware is a fairly good resource for finding free software in general (lot's of propriatary freeware) http://www.pricelesswarehome.org/
freshmeat gets updated daily with lots of OSS. Though it has a Linux bias, there is a LOT of cross platform software available http://freshmeat.net/
SourceForge seems to be updating its list daily now as well. The front page listings are much smaller than freshmeat however http://sourceforge.net/
When deciding on what OSS to use, I often check the start date of the project and see if it is still actively being developed. The age of a project and developer involvement is a fairly good indicator of the quality of the software (i.e. you know bugs are constantly being fixed, and improvements made). There is no real reason for me to even think of buying most proprietary software much less downloading warez. There is still a lack of quality OSS games compared to the commercial market, but even this is changing (slowly). I'm still waiting for some of the more advanced and interesting looking games to get out of Alfa or beta stage. -
Re:I've been using Camino...
There is a lightweight native Moz derivative for Windows. It's called K-Meleon.
-
Re:About damned time
I guess that K-Meleon should be of interest to you.
It's Gecko and it's lightweight. -
Re:really?
SmallNonprofitOrganization discovers bandwidth costs have soared due to extra bandwidth required to support downloading of modified code.
Then SmallNonprofitOrganization uses any of the hundreds of services out there to help them, like:
...and so on. Barring that, they just ask a member of the FLOSS community to host it for them, gratis, in exchange for some mention on their website or other non-financial gratification.
-
Re:losslessly compressedIf you rip a Audio CD to MP3,AAC,WMA or OGG that is lossy compression. There is no way of getting the original data back. If you compress it with FLAC, you can get the exact bits present on the original Audio CD. I think it's also helpful to compare the size of FLAC files compared to typical MP3/AAC/WMA/OGG files (in kbps since that's the way many users think nowadays). According to FLAC's site, FLAC typically compresses CD audio to about 54% of its original size.
- Uncompressed CD Audio: 1411.2 kbps
- FLAC at 54% compression: 762 kbps
- "Very high quality" lossy compression: 256 kbps
- "High quality" lossy compression: 192 kbps
-
Re:A lot of these are app flaws, not flac flaws ..
God, is this like the retard thread on Slashdot now?
The code has been fixed. Yes, there really were security bugs in the libFLAC library. Shocking isn't it? Software had bugs in it! People found those bugs! People fixed those bugs! -
Blacklist timeoutsI keep IP blacklists and domain blacklists. IPs are blacklisted for 7 days. I experimented with various settings, measuring the diminishing returns (in saved bandwidth) from keeping them blacklisted longer and longer. 7 days is pretty optimal with about 500000 IPs blacklisted at any one time. This keeps spam bandwidth down to a continuous 100Kbps (400000 messages / day - for a one user domain!). Domains are auto-blacklisted based on reputation: total spams/total hams over the last 1024 messages. Reputation decays with time, so that a domain that finally purges their 'bot can send mail again in a week or so. Manually blacklisted domains are permanent, but are manually reviewed every year. There are some domain names that only people I don't want to hear from would buy.
The software is pymilter.
-
Re:But I thought that this didn't happen with FOSS
Now, how did this ship? Who tested it? Who did the code reviews? Who did the security reviews? Who did all the threat modeling?
I'm sure you'll find the answers to these questions, as well as the make-up of the team, the changelog, access to CVS, and links to the development mailing list on the FLAC Project page. If you weren't being facetious, that is.
The point behind FOSS - which you seem to have deliberately misconstrued - is openness, not perfection. While it can be argued that FOSS development processes can bring software closer to perfection, only a fool (or Daniel Bernstein, but he's in a class by himself) labours under the illusion that bug-free software is attainable.
How software bugs get addressed, and how we make informed decisions about our exposure to security risks is what allows FOSS projects to really shine. FOSS doesn't make you safer necessarily, but it gives you the opportunity to evaluate how safe you are. In the hands of a healthy development community, this transparency does result in more secure software.
eEye has been able to do a thorough analysis of the FLAC format, and has found 14 vulnerabilities. To my knowledge, none of these vulnerabilities have yet been exploited on any scale. If - and I'll grant you that this is a big if - the FLAC team responds well and quickly to the security review, then we can expect to sleep better at night than we might using J. Random Company's binary blobs.
While we're on the subject, perhaps you could provide similar information about Microsoft's development projects? Mind if I take a peek at your CVS? Or would you rather I just take your word that your code is problem-free?
-
Re:yay free marketAh... slashdot. Good, well informed technical opinions are here to be read, if you can stand wading through the crud.
What is really needed here, however, is a wider adoption of multicast and local cache technology. That is going to be very costly to do.
I couldn't agree more, except for the cost part. Good local caching will come, and it will be free. It's my project, and likely therefore total crud, but what the heck... somebody's got to change the world :-)