Slashdot Mirror
Slashback: Picnic, Neonapster, Microsoft
Look at the nice horse they left. babbage writes "As part of ongoing antitrust settlement arrangements, Microsoft has 'opened' the source code to some of their protocol implementation source code. Go ahead and read the license -- but do keep an eye on the NDA you have to agree to first. If you find an NDA to be an objectionable first step -- and I'll admit, I haven't read the license because I don't agree to the NDA terms -- then speak up about it. The Department of Justice is accepting public comments from industry professionals about the new licensing terms. There is a real concern that such pseudo-open licensing could effectively scuttle development efforts on projects like Samba & Mono, but we need to get open access to the license in order to figure out what the risks are. If you have anything to contribute, now is the time to speak up to the DOJ."
Bring your own herring. Bill Kendrick writes: "From the folks who brought you the immensely popular "Linux10" event, comes Picn*x11, a picnic/barbecue celebrating 11 years of the Linux operating system. It's going to be held in Sunnyvale again, the Saturday after LinuxWorld Expo. So go RSVP now, and get your Picn*x11 t-shirt! (Proceeds go to EFF)"
With enough eyeballs many programs seem shallow, too. TheMMaster writes "Neonapster seems to have GPL'd their software, you can download the source here, not that I am terribly happy with what happened, but at least this seems to have been settled out of court ;) of course... it is still a cheap cdex rip off ;)"
LWN is good reading.
Keck writes "We all shed a tear for Linux Weekly News a little too soon maybe?
Yes, we know we said there would be no LWN.net Weekly Edition this time around, but, in the end, it was worth the trouble to put together a mini version. So here it is; with luck, the full Weekly will be back on August 15. "
Well, I started to read the license, but then I got caught at part one of step one:
Well, I guess I'm out...
Neonapster is not a rippoff of cdex...its a gnutellla filesharing app....its NeoAudio thats the Cdex ripoff...i recommend cdex to anyone ripping cds, ive used it for year and its great
The source code [for NeoNapster's softwares] has been at that exact same link since the story first hit slashdot front page. It's just some people are too quick to yell about violations, and not check what's actually going on. So yeah, it's good a "front page" story cleared up the issue, but it shouldn't make it sound like they just changed it, since it's been there the entire time.
Those of you who registered your disgust with NeoAudio at download.com might want to take a look at the comments page--every commment prior to 7 August has been deleted. Magically their rating seems to have jumped. go figure http://download.com.com/3302-2140-10137006.html
--
It is the last resort of the fading intellectual: to accuse your public of stupidity.--Sullivan
Glad to see Slashdot countered their praise of Microsoft with criticism... I was beginning to think someone had grown up... :P
Well, I looked at their protocols that they're "opening" - nothing earth shuttering.. USB, FireWire, IPv6 and stuff like that are already available and running well under Linux and other open source OS's...
I don't see anywhere that MS gives the Exchange protocol for example, so whats the point?
Also- regarding LWN, most of the donations have been bounced back due to some stupid company thinking, so PLEASE re-send them your donations by other ways (PayPal etc..)
The article mentioned microsoft and I saw 7 of 9 comments. Coincidence?
Knowing MS I think not.
That pisses me off. How can they do that??? What's the point of a rating system if the ratings can get reset when they're not doing too good?
Yay download.com! You've turned into 100% pure corporation!
=-Jippy
Isn't the requirement for a MS Passport a furthering of their anti-competitive practices, I mean really what does a MS passport do more then just leaving a form for you to submit your address to. Also, I dont agree that whatever is in my passport is the property of Microsoft, why should I submit my information to an insecure service, if it wasnt blantantly insecure they wouldn't be agreeing to make it secure according to the FTC. The first steps of getting to the NDA further their monopoly, and are anti-competitive. Why should furthering their monopoly be part of their settlement? It makes no sense
I really don't get this. The exact same thing happened when Morpheus used Gnucleus as the basis for their new product. Much like MusicCity, NeoNapster isn't in violation of the GPL and offer source for their application as shown. Isn't "ripping off" (derivative works) what the GPL encourages? There shouldn't be a problem here, if the project doesn't like someone else using their code, then they SHOULDN'T HAVE USED THE GPL.
Is your browser retarded?
Using fair use rights to quote and snip sections of the Microsoft faq...
"...Microsoft will make available, on reasonable and non-discriminatory terms, any communications protocol implemented in a Windows 2000 Professional, Windows XP or successor desktop operating system that is used to interoperate or communicate natively with a Microsoft server operating system..."
"...Microsoft's Communications Protocol Program will make available for license by others, on a royalty basis, more than 100 proprietary protocols that were not previously available. These protocols can be used, in accordance with the license and payment agreement terms, to develop a broad range of server software products that use the protocols solely to interoperate or communicate with the covered Windows client operating systems..."
"... Consistent with industry practice, licensees of these protocols are required to protect Microsoft's intellectual property appropriately and are further obligated to pay specified royalties for the use of the licensed communications protocols and associated intellectual property..."
"...Third parties that want to license protocol information related to authentication and digital rights management must also pass an entry requirement related to their ability to reliably and responsibly maintain the security of this information and integrity of such systems..."
and finally...
"...Five years, but a licensee may also sign up to a new license at any point up until the end of the consent decree - which has a five year term. Throughout the term of the consent decree we will continue to make the covered protocols available on reasonable and non-discriminatory terms..."
I'm not surprised... in fact, it's as I predicted.
The backlash from the HardOCP incident was quite loud, and painful for the offending parties.
I went to my first Philly LUG yesterday, and look forward to celebrating the 11 anniversary of Linux at a the FDR park in south Philly near the stadium. Check out the PLUG's webpage. For those of you who weren't there. There is also going to be a hardware swap on the Saturday before the picnic. Unupdated information is available here
We had to destroy the sig to save the sig.
As mentioned elsewhere, the source code has been available for download this whole time. The GPL violation was they ripped out the copyright from the original authors and replaced it with their company's copyright, still claiming to be releasing it under the GPL license.
Don
Are they still including spyware and profiting from that and just changing a few strings? Why have the secrecy with where they got the original code from? The small font on the bottom of the main page and the download page makes it seem that they want to hide something. They would miss out on their spyware being installed if the people who were going to download or have download their program to found out.
As for the current download.com's removal of ratings and comments only decreases my already low trust of reviews on download sites. Now it seems more evident that if you are the author/spyware writer/company and do not agree with the review/accusations/etc, or you get too many bad reviews, the site runners will "fix" things in your favor. Does anyone know if Download.com responded to those of you that contacted them about the GPL violation?
In addition there is a small but worthwhile discussion over at Freedb. Some Slashdotters have missed the fact that Mr. Faber does not claim NeoAudio violates the license, he is merely suggesting potential users make informed decisions on whether to use CDex or NeoAudio. Logically, there is no reason to use NeoAudio -- it offers no improvements over CDex.
Of course, there's always Exact Audio Copy, which has proved itself in the mp3 scene as the de-facto standard for ripping.
"The lesson to be learned is not to take the comments on slashdot too literally." --Vinnie Falco, BearShare
There really are some gems on the download.com pagethat guy points to for neonapsters ripping player, these are from the "only positive" remarks option for their CD ripper (old?), i didnt dare read the "only negative"
"Superb! Just like CDex, but with spyware"
I love this program. I used to use CDex, but I was annoyed at the lack of useless spyware included in the download. Since I switched to NeoAudio, all those troubles have gone away. I now have way more spyware and adware than I know what to do with. Thanks, NeoNapster! "
and
"Best spyware I've seen in years!!!"
I've been using NeoAudio anally since it was first released. Forget CDex!!! CDex doesn't invade your privacy and solicit like NeoAudio does... NeoAudio is the BEST spyware out there, BAR NONE!!!
even cmdrTaco gets in on the action with...
"Wow! The best of its kind I have seen!"
This is an incredibly well made piece of software. It completely outperforms CDEX and the SpyWare is only enabled if you request it, and in return, you get 100+ free songs. This completely rocks. Don't use anything but this!
Thing is props for giving out the source code as GPL but is this just another morpheus type company who get GPL code change a few words and brand it their own, and give it away with spyware contributing nothing to open source ,
or
are they a honest company only wanting to advance the concept of filesharing further by contributing something worthy to P2P other than "free spyware" and a fancy GUI ?
__ _ _ _ _ _ _ _ _ _ _ __ _ __ _
If I read the register article right, the protocol source code is payware. Charging for source code which is already part of Windows functionality (you don't get anything extra)? Seems sleazy to me.
There's 10 types of people in this world, those who understand binary and those who don't.
mod me as troll if you want, but this is what I honestly think.
Do you really think they were going away? When places run out of money/go bankrupt, they just disappear, they don't ask for money and put 'just one more edition' out This whole begging for money is starting to sound like those commericals in the 80's "Going out of business, get a good deal now!" But they never did go out of business.
The "opening" of the protocols actually extends the power of Microsoft over third parties. Previously one can implement the protocols in a clean room manner and does not need to deal with Microsoft. Samba, for example, implemented CIFS on their own without depending on any help from Microsoft. Now if you sign on to this Microsoft program you essentially recognize Microsoft's claim of ownership over many protocols. You have to sign an NDA first, and then who knows what will be in the actual license agreement. The anti-GPL CIFS protocol license is a clear example of the kind of restrict licenses Microsoft can put out.
Standard protocols should not be owned. Now Microsoft is trying to use the settlement with the DOJ to actually extend its IP ownership to common protocols, beyond actual source code/implementations. Microsoft's power over third parties and the market actually increases, contrary to the original motivation beyond the anti-trust suit.
Free Software: the software by the people, of the people and for the people. Develop! Share! Enhance! Enjoy!
...but me noticed that the DOJ web page does NOT give an e-mail address to send letters to? They used e-mail to allow people to send letters the last time - they should do it this time.
Try going to a restaurant, ordering a meal, and then asking the chef for the recipe...chances are, he's either gonna tell you to go to hell, or charge you some ubsurd price for it.
Never never never smoke crack before geometry class!
Technically, the product was 'updated'.
b =0&pn=1&fb=2 (378 comments strong)
b =0&pn=1&fb=0
(at 32 comments and increasing)
You can still access the old comments thru this url. http://download.com.com/3302-2140-10132447.html?o
And if you click on the 'NeoAudio' link in the bar labelled "CNET > Downloads > Windows > Audio > Rippers & Encoders > NeoAudio > User Opinions" you will see this 'update' message.
Once you do this, you will be brought to the new comments section for the updated neoaudio. Which resides on http://download.com.com/3302-2140-10137006.html?o
This makes me curious. Can an author of a product on download.com simply erase a ton of bad publicity on it's own by simply releasing minor point releases every couple of days ?
to clarify.
NeoAudio was the problem (though NeoNapster might also be in violation too).
The problem was not that it was a rip-off of CDex, or that the source code was not available - AFAIK it was.
The problem is that the copyright strings were removed and replaced with new strings attributing only NeoAudio/NeoNapster, not the original authors of CDex.
I can't, as a nice person looking to learn about whatever protocol, go and get a copy of the source. Why the hell not? Probably never occured to the bastards that a student or hobby programmer would be interested.
How am I going to become a good coder if I don't have any good code to learn from!
A RIPOFF OF GNUCLEUS!!!
:oP...
i really hate texts like: similar interface like morpheus... why?
MORPHEUS IS A RIPOFF OF GNUCLEUS...
conclusion:
NEONAPSTER = MORPHEUS == Gnucleus...
Gnucleus is a rather good gnutella client... not that stable, but it works... if you use windows, visit their website. and all linux/unix users, use mutella
i guess NEO stands for NEON@ZI!...
and yes, i also noticed it... NEOAUDIO is a ripoff of CDex... never ever heard of before...
F/OSS & IT Consultant
Let's all create passports
Here's problem number 2: you seem to need IE to create a .NET Passport. It doesn't let me, a user of Mozilla, access the page for creating or updating a .NET Passport.
Will I retire or break 10K?
The LimeWire Basic has some adware.
http://www.limewire.com/
But there's also GPLed source code now (not very easy to compile though).
http://www.limewire.org/
As I read the microsoft page there, it looks like you have to sign the non-disclosure agreement before you can even see the license - does this mean you cant disclose the licensing terms?
I see two problems. First, for people who wish to clone a MS program that uses a feature revealed under this program, it makes it easier for Microsoft to prevail in a copyright suit because you'll never be able to establish that you didn't have access to MS code. The second problem is that it weakens your case if you reverse engineer MS code. Courts allow reverse engineering to make competing products when proper documentation is not available. It's possible that even a restrictive and unfair NDA requiring some ridiculous fee arrangement still counts as being available such that you cannot refuse to reverse engineer. I plan to submit a comment to the DOJ about this and I hope others will too.
And as you said...the functionality is already in Windows, and exposed through interfaces. If you are on Windows and just want to use the interfaces without knowing about the plumbing, you still can...just like you can use your front door without a schematic of the lock.
RomSteady - I came, I saw, I tested. GamerTag: RomSteady / http://www.romsteady.net
Its rather interesting that the comments about the NeoNapster software were removed but CNET services reserve the right to do so. This is the list of their guidelines - so I imagine they figured we were just upset and decided to delete everything.
Guidelines
When sharing your opinion of a product, please observe the following do's and don'ts.
Do's
Do be succinct, accurate, constructive and objective.
Do compare the product to other competing products (or to previous versions of this product) that you've used.
Do provide examples of how the product or its manufacturer did or did not meet your expectations.
Dont's
Don't use offensive language.
Don't submit an opinion of the product if you don't own or have first-hand experience with it.
Don't submit more than one opinion of the product.
Don't submit an opinion of the product if your company makes or resells it, or makes or resells a product that competes with it. (CNET intends to create vendor-response opportunities in the future.)
Don't submit any self-serving, commercial links or comments.
You must be 13 years of age or older to submit personal information to CNET. In compliance with the Children's Online Privacy Protection Act of 1998, CNET is no longer accepting name and e-mail address information from users who are under 13 years of age.
All submitted ratings and written comments become the sole property of CNET, Inc. (CNET) and may be used at CNET's sole discretion. Ratings and written comments are generally posted within two to four business days. However, CNET reserves the right to remove or refuse to post any submission for any reason. You acknowledge that you, not CNET, are responsible for the contents of your submission. [http://download.com.com/1200-20-861626.html]
Mathematician, n.:
Someone who believes imaginary things appear right before your i's.
Even better is EAC, or Exact Audio Copy. Alongside LAME, OGG Vorbis, or, for you lossless zealots, Monkey's Audio, you've got the most accurate copy of the CD that you can get.
Of course, if it's N'Sync, it won't really make a difference -- it's crap no matter which CD ripper you use.
[insert witty comment here]
Perhaps it's time to make a new version of the GPL that includes some clause(s) prohibiting derivative works from incorporating spyware/adware? I realize that since the derivative work must release source code you can always compile it without the spy/adware, but what about Joe Blow who just downloads the binary version? Seems reasonable, and I don't think anyone who is currently GPLing their code (but not also adding spy/adware) would object...
Tastes like burning! - Ralph Wiggum
Weird that they have removed older comments, but at least download.com are warning potential users on the NeoAudio download page. This is from download.com:
/Hans
Editor's note: This download includes additional applications that are bundled within the software's installer file, some of which may be provided by parties other than the developer of this download. These applications may deliver advertisements, collect information, overlay content or graphics on the Web site you are viewing, or modify your system settings. As with all downloads, CNET recommends that you pay close attention to the options presented to you during the installation process. Known third-party applications bundled with this download include SaveNow and TopText. For more information, please read CNET News.com's report on bundled software.
I don't have one
Anonymous Coward's fear that this could be interpreted as "available" by US Courts is well-founded. We should *HAMMER* the Court with comments that (1) this program must not be used to place *any* restriction upon the rights of any person or group of persons to reverse-engineer Microsoft System Behavior; and perhaps (2) that to assist in re-establishing a competitive marketplace, Microsoft should be required to release all of this information to the general public, on a website, without registration or even cookies of any kind. (After all, they were found GUILTY. Why is the DOJ acting like the plaintiffs lost the case?)
I previously submitted comments regarding discrimination against Open Software developers in this section of the RPFJ, and they didn't change the wording of the relevant section by a single word. Perhaps the unnaceptable wording in this section was inspired by a large campaign contribution from Micrsoft to the failed Senate campaign of Mr. Ashcroft. In any case, it remains a BIG PROBLEM and the plaintiff attorneys need to hear from us now, in large numbers, with careful arguments. After all, they're supposed to be working for us.
You can't prove a negative. It does answer the question a defendent might pose, something like "how did the defendent get access to M$ well guarded secrets?" but it doesn't prove anything by itself.
Perhaps unlikely, but well worth considering anyway.
And for those who read at +1 or better only, now you have the entire comment.
A new kind of meat designed to appeal to vegetarians.
Let me see if I understand this correctly ...
... I have to agree to an NDA that I can't read until I receive it, and which PROBABLY, having read Microsoft's various legal docs before, prohibits disclosure not only of the code, but also the terms of the license agreement, before I even get to decide whether I agree to the terms of the license or not.
I have to agree to the license terms and pay a fee to get the source.
I also have to provide MS with a Dunn & Bradstreet ID number to prove that I'm really a company.
I have to authenticate all my requests via Passport, thus I am required to provide Microsoft all kinds of personal information AND give them permission to use it in any way they see fit.
Finally
Thanks Microsoft. You've just done the non-settling states job for them. You have conclusively proven the need for more stringent antitrust penalties against yourself.
I WILL be filing my comments with the DOJ later this morning.
utter rubbish
It appears their cancer is better than ours. Tis a shame, GPL software had a good thing going for a while ;)
Has anyone else noticed that you cannot authenticate with Passport if you are using Mozilla!
.NET Passport no longer supports the Web browser version you are using. Please upgrade to a current Web browser, such as Microsoft Internet Explorer version 4.0 or later, or Netscape Navigator version 4.08 or later.
I get the following error with Mozilla 1.0
Browser Not Supported
Microsoft®
It used to work just fine, oh well... guess they don't think that Mozilla is worth supporting.
09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0
vis. what happens next, if you actually do try to sign up. (yes, I feel like I'm selling my soul - but I really want that source code.)
I'm using Opera 6.0. Any http/user-agent strings other than MSIE 5.0 will generate this error.
well this is BS, we can't pay with a credit card but we can happily finance F'n paypal. Sorry LWN guess you aren't getting a donation.I refuse to use paypal, after thye locked my account for 5 weeks because of a paperwork error and their side.
It is stories like yours (of which there are a vast number it seems) which is why I have never, and will never, use paypal.
Even when not doing so is damn inconvinient, or expensive.
When I made my $100.00 donation to the Free Blender Fund, I paid $20.00 to Western Union to wire the money to Holland rather an open a paypal account. At least I know Western Union won't "freeze" my account indefinitely the way Pay Pal is wont to do, and while I'm sure there are more effecient ways to wire money overseas, paypal will never be an option.
The Future of Human Evolution: Autonomy
Just a little update. After starting (but aborting) the registration-process-to-request-the NDA-to-request-the-protocols, I got the following delivered to my inbox. Not a big deal, probably just a confirmation message, but the "newsletters" subdomain on the e-mail address kinda scares me... I hope the Hotmail filters work against MS spam.
...@hotmail.com ...@hotmail.com
From: "Microsoft Registration System" no-reply@newsletters.microsoft.com
Reply-To: regsys-ndr@newsletters.microsoft.com
Subject: Microsoft.com Registration System Message
The next time you visit Microsoft.com, please remember your important login information.
Your Passport e-mail address is:
Your Microsoft.com e-mail address is:
Actually, I don't think there's anything at the other end worth jumping through so many hoops to sign any NDA (let alone theirs). Other posters have suggested that they are only "releasing" a bunch of already available and open third party protocols anyway. Perhaps the real intention is a combination of the following:
1. Appease the DOJ by suggesting that "We're opening up cough*our*cough source code. Yeah, that's the ticket."
2. Encourage curious developers to sign up for Passport and sign over all their personal info for tracking^H^H^H^H^H^H^H^Hconvenience purposes.
3. Goad some weblog user into posting their NDA and/or other documents verbatim on Slashdot for copyright entrapment...
My next sig will be ready soon, but friends can beat the rush!
1) this program must not be used to place *any* restriction upon the rights of any person or group of persons to reverse-engineer Microsoft System Behavior; and perhaps (2) that to assist in re-establishing a competitive marketplace, Microsoft should be required to release all of this information to the general public I agree. Let's also do (3) For any RFC that Microsoft contributed too, make the WindowsAPI call to that RFC protocol become Open in the best sense, to release all of it back into the public domain or GPL, including any RPC calls going on in the background. At least that may help us patch the holes (in WM_ Shatter) that were brought up by Jim Allchillin's remark's. Geeez. Those guys. . .
I may be bad with names, but I'll never forget your IP address
You're correct that you cannot prove a negative, but in copyright litigation, copying is not usually proven by direct evidence that someone saw you copying because generally the plaintiff can't get that kind of evidence. The plaintiff instead shows similarity between your stuff and his and then offers proof that you had access to his stuff. Unexplained similarity plus access equals copying.
If the plaintiff can't establish that you had access to his stuff, then the court can reasonably infer that similar features in the code are either required to implement the functionality or were independently created. Either possibility is a win for the defendant.
If the source code was locked up in a vault at MS with only trusted people having access, then MS won't be able to prove access. You can then use clean room reverse engineering methods to prevent contaminating the programmers.
But if the code is available by having someone fill out an NDA in favor of a bogus company, you'll never be able to establish (by a preponderance of the evidence) that your programmers were not contaminated by seeing MS code.
So what happens when these API docs are "accidentally" leaked to somebody that never signed any NDA. It would be nearly impossible to find out who leaked them after 100's of companies go through with the official procedure. What are they going to do even if they find someone with an unauthorized copy? Sue for copyright violation of $5 material? And suppose somebody writes their own API docs in their own words using the leaked M$ docs as reference, then destroys the originals.